search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
kvm: external module: define NMI_VECTOR
[qemu-kvm/fedora.git] / hw / ide.c
blob816d04ba9d967020c735eee02aabf627293e6c31
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include "hw.h"
26 #include "pc.h"
27 #include "pci.h"
28 #include "scsi-disk.h"
29 #include "pcmcia.h"
30 #include "block.h"
31 #include "block_int.h"
32 #include "qemu-timer.h"
33 #include "sysemu.h"
34 #include "ppc_mac.h"
35
36 /* debug IDE devices */
37 //#define DEBUG_IDE
38 //#define DEBUG_IDE_ATAPI
39 //#define DEBUG_AIO
40 #define USE_DMA_CDROM
41
42 /* Bits of HD_STATUS */
43 #define ERR_STAT 0x01
44 #define INDEX_STAT 0x02
45 #define ECC_STAT 0x04 /* Corrected error */
46 #define DRQ_STAT 0x08
47 #define SEEK_STAT 0x10
48 #define SRV_STAT 0x10
49 #define WRERR_STAT 0x20
50 #define READY_STAT 0x40
51 #define BUSY_STAT 0x80
52
53 /* Bits for HD_ERROR */
54 #define MARK_ERR 0x01 /* Bad address mark */
55 #define TRK0_ERR 0x02 /* couldn't find track 0 */
56 #define ABRT_ERR 0x04 /* Command aborted */
57 #define MCR_ERR 0x08 /* media change request */
58 #define ID_ERR 0x10 /* ID field not found */
59 #define MC_ERR 0x20 /* media changed */
60 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
61 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
62 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
63
64 /* Bits of HD_NSECTOR */
65 #define CD 0x01
66 #define IO 0x02
67 #define REL 0x04
68 #define TAG_MASK 0xf8
69
70 #define IDE_CMD_RESET 0x04
71 #define IDE_CMD_DISABLE_IRQ 0x02
72
73 /* ATA/ATAPI Commands pre T13 Spec */
74 #define WIN_NOP 0x00
75 /*
76 * 0x01->0x02 Reserved
77 */
78 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
79 /*
80 * 0x04->0x07 Reserved
81 */
82 #define WIN_SRST 0x08 /* ATAPI soft reset command */
83 #define WIN_DEVICE_RESET 0x08
84 /*
85 * 0x09->0x0F Reserved
86 */
87 #define WIN_RECAL 0x10
88 #define WIN_RESTORE WIN_RECAL
89 /*
90 * 0x10->0x1F Reserved
91 */
92 #define WIN_READ 0x20 /* 28-Bit */
93 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
94 #define WIN_READ_LONG 0x22 /* 28-Bit */
95 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
96 #define WIN_READ_EXT 0x24 /* 48-Bit */
97 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
98 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
99 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
100 /*
101 * 0x28
102 */
103 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
104 /*
105 * 0x2A->0x2F Reserved
106 */
107 #define WIN_WRITE 0x30 /* 28-Bit */
108 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
109 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
110 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
111 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
112 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
113 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
114 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
115 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
116 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
117 /*
118 * 0x3A->0x3B Reserved
119 */
120 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
121 /*
122 * 0x3D->0x3F Reserved
123 */
124 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
125 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
126 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
127 /*
128 * 0x43->0x4F Reserved
129 */
130 #define WIN_FORMAT 0x50
131 /*
132 * 0x51->0x5F Reserved
133 */
134 #define WIN_INIT 0x60
135 /*
136 * 0x61->0x5F Reserved
137 */
138 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
139 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
140 #define WIN_DIAGNOSE 0x90
141 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
142 #define WIN_DOWNLOAD_MICROCODE 0x92
143 #define WIN_STANDBYNOW2 0x94
144 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
145 #define WIN_STANDBY2 0x96
146 #define WIN_SETIDLE2 0x97
147 #define WIN_CHECKPOWERMODE2 0x98
148 #define WIN_SLEEPNOW2 0x99
149 /*
150 * 0x9A VENDOR
151 */
152 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
153 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
154 #define WIN_QUEUED_SERVICE 0xA2
155 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
156 #define CFA_ACCESS_METADATA_STORAGE 0xB8
157 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
158 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
159 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
160 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
161 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
162 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
163 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
164 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
165 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
166 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
167 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
168 #define WIN_GETMEDIASTATUS 0xDA
169 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
170 #define WIN_POSTBOOT 0xDC
171 #define WIN_PREBOOT 0xDD
172 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
173 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
174 #define WIN_STANDBYNOW1 0xE0
175 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
176 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
177 #define WIN_SETIDLE1 0xE3
178 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
179 #define WIN_CHECKPOWERMODE1 0xE5
180 #define WIN_SLEEPNOW1 0xE6
181 #define WIN_FLUSH_CACHE 0xE7
182 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
183 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
184 /* SET_FEATURES 0x22 or 0xDD */
185 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
186 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
187 #define WIN_MEDIAEJECT 0xED
188 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
189 #define WIN_SETFEATURES 0xEF /* set special drive features */
190 #define EXABYTE_ENABLE_NEST 0xF0
191 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
192 #define WIN_SECURITY_SET_PASS 0xF1
193 #define WIN_SECURITY_UNLOCK 0xF2
194 #define WIN_SECURITY_ERASE_PREPARE 0xF3
195 #define WIN_SECURITY_ERASE_UNIT 0xF4
196 #define WIN_SECURITY_FREEZE_LOCK 0xF5
197 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
198 #define WIN_SECURITY_DISABLE 0xF6
199 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
200 #define WIN_SET_MAX 0xF9
201 #define DISABLE_SEAGATE 0xFB
202
203 /* set to 1 set disable mult support */
204 #define MAX_MULT_SECTORS 16
205
206 #define IDE_DMA_BUF_SECTORS 256
207
208 #if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
209 #error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
210 #endif
211
212 /* ATAPI defines */
213
214 #define ATAPI_PACKET_SIZE 12
215
216 /* The generic packet command opcodes for CD/DVD Logical Units,
217 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
218 #define GPCMD_BLANK 0xa1
219 #define GPCMD_CLOSE_TRACK 0x5b
220 #define GPCMD_FLUSH_CACHE 0x35
221 #define GPCMD_FORMAT_UNIT 0x04
222 #define GPCMD_GET_CONFIGURATION 0x46
223 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
224 #define GPCMD_GET_PERFORMANCE 0xac
225 #define GPCMD_INQUIRY 0x12
226 #define GPCMD_LOAD_UNLOAD 0xa6
227 #define GPCMD_MECHANISM_STATUS 0xbd
228 #define GPCMD_MODE_SELECT_10 0x55
229 #define GPCMD_MODE_SENSE_10 0x5a
230 #define GPCMD_PAUSE_RESUME 0x4b
231 #define GPCMD_PLAY_AUDIO_10 0x45
232 #define GPCMD_PLAY_AUDIO_MSF 0x47
233 #define GPCMD_PLAY_AUDIO_TI 0x48
234 #define GPCMD_PLAY_CD 0xbc
235 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
236 #define GPCMD_READ_10 0x28
237 #define GPCMD_READ_12 0xa8
238 #define GPCMD_READ_CDVD_CAPACITY 0x25
239 #define GPCMD_READ_CD 0xbe
240 #define GPCMD_READ_CD_MSF 0xb9
241 #define GPCMD_READ_DISC_INFO 0x51
242 #define GPCMD_READ_DVD_STRUCTURE 0xad
243 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
244 #define GPCMD_READ_HEADER 0x44
245 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
246 #define GPCMD_READ_SUBCHANNEL 0x42
247 #define GPCMD_READ_TOC_PMA_ATIP 0x43
248 #define GPCMD_REPAIR_RZONE_TRACK 0x58
249 #define GPCMD_REPORT_KEY 0xa4
250 #define GPCMD_REQUEST_SENSE 0x03
251 #define GPCMD_RESERVE_RZONE_TRACK 0x53
252 #define GPCMD_SCAN 0xba
253 #define GPCMD_SEEK 0x2b
254 #define GPCMD_SEND_DVD_STRUCTURE 0xad
255 #define GPCMD_SEND_EVENT 0xa2
256 #define GPCMD_SEND_KEY 0xa3
257 #define GPCMD_SEND_OPC 0x54
258 #define GPCMD_SET_READ_AHEAD 0xa7
259 #define GPCMD_SET_STREAMING 0xb6
260 #define GPCMD_START_STOP_UNIT 0x1b
261 #define GPCMD_STOP_PLAY_SCAN 0x4e
262 #define GPCMD_TEST_UNIT_READY 0x00
263 #define GPCMD_VERIFY_10 0x2f
264 #define GPCMD_WRITE_10 0x2a
265 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
266 /* This is listed as optional in ATAPI 2.6, but is (curiously)
267 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
268 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
269 * drives support it. */
270 #define GPCMD_SET_SPEED 0xbb
271 /* This seems to be a SCSI specific CD-ROM opcode
272 * to play data at track/index */
273 #define GPCMD_PLAYAUDIO_TI 0x48
274 /*
275 * From MS Media Status Notification Support Specification. For
276 * older drives only.
277 */
278 #define GPCMD_GET_MEDIA_STATUS 0xda
279 #define GPCMD_MODE_SENSE_6 0x1a
280
281 /* Mode page codes for mode sense/set */
282 #define GPMODE_R_W_ERROR_PAGE 0x01
283 #define GPMODE_WRITE_PARMS_PAGE 0x05
284 #define GPMODE_AUDIO_CTL_PAGE 0x0e
285 #define GPMODE_POWER_PAGE 0x1a
286 #define GPMODE_FAULT_FAIL_PAGE 0x1c
287 #define GPMODE_TO_PROTECT_PAGE 0x1d
288 #define GPMODE_CAPABILITIES_PAGE 0x2a
289 #define GPMODE_ALL_PAGES 0x3f
290 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
291 * of MODE_SENSE_POWER_PAGE */
292 #define GPMODE_CDROM_PAGE 0x0d
293
294 /*
295 * Based on values from <linux/cdrom.h> but extending CD_MINS
296 * to the maximum common size allowed by the Orange's Book ATIP
297 *
298 * 90 and 99 min CDs are also available but using them as the
299 * upper limit reduces the effectiveness of the heuristic to
300 * detect DVDs burned to less than 25% of their maximum capacity
301 */
302
303 /* Some generally useful CD-ROM information */
304 #define CD_MINS 80 /* max. minutes per CD */
305 #define CD_SECS 60 /* seconds per minute */
306 #define CD_FRAMES 75 /* frames per second */
307 #define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
308 #define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
309 #define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
310
311 /*
312 * The MMC values are not IDE specific and might need to be moved
313 * to a common header if they are also needed for the SCSI emulation
314 */
315
316 /* Profile list from MMC-6 revision 1 table 91 */
317 #define MMC_PROFILE_NONE 0x0000
318 #define MMC_PROFILE_CD_ROM 0x0008
319 #define MMC_PROFILE_CD_R 0x0009
320 #define MMC_PROFILE_CD_RW 0x000A
321 #define MMC_PROFILE_DVD_ROM 0x0010
322 #define MMC_PROFILE_DVD_R_SR 0x0011
323 #define MMC_PROFILE_DVD_RAM 0x0012
324 #define MMC_PROFILE_DVD_RW_RO 0x0013
325 #define MMC_PROFILE_DVD_RW_SR 0x0014
326 #define MMC_PROFILE_DVD_R_DL_SR 0x0015
327 #define MMC_PROFILE_DVD_R_DL_JR 0x0016
328 #define MMC_PROFILE_DVD_RW_DL 0x0017
329 #define MMC_PROFILE_DVD_DDR 0x0018
330 #define MMC_PROFILE_DVD_PLUS_RW 0x001A
331 #define MMC_PROFILE_DVD_PLUS_R 0x001B
332 #define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
333 #define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
334 #define MMC_PROFILE_BD_ROM 0x0040
335 #define MMC_PROFILE_BD_R_SRM 0x0041
336 #define MMC_PROFILE_BD_R_RRM 0x0042
337 #define MMC_PROFILE_BD_RE 0x0043
338 #define MMC_PROFILE_HDDVD_ROM 0x0050
339 #define MMC_PROFILE_HDDVD_R 0x0051
340 #define MMC_PROFILE_HDDVD_RAM 0x0052
341 #define MMC_PROFILE_HDDVD_RW 0x0053
342 #define MMC_PROFILE_HDDVD_R_DL 0x0058
343 #define MMC_PROFILE_HDDVD_RW_DL 0x005A
344 #define MMC_PROFILE_INVALID 0xFFFF
345
346 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
347 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
348 #define ATAPI_INT_REASON_REL 0x04
349 #define ATAPI_INT_REASON_TAG 0xf8
350
351 /* same constants as bochs */
352 #define ASC_ILLEGAL_OPCODE 0x20
353 #define ASC_LOGICAL_BLOCK_OOR 0x21
354 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
355 #define ASC_MEDIUM_NOT_PRESENT 0x3a
356 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
357
358 #define CFA_NO_ERROR 0x00
359 #define CFA_MISC_ERROR 0x09
360 #define CFA_INVALID_COMMAND 0x20
361 #define CFA_INVALID_ADDRESS 0x21
362 #define CFA_ADDRESS_OVERFLOW 0x2f
363
364 #define SENSE_NONE 0
365 #define SENSE_NOT_READY 2
366 #define SENSE_ILLEGAL_REQUEST 5
367 #define SENSE_UNIT_ATTENTION 6
368
369 struct IDEState;
370
371 typedef void EndTransferFunc(struct IDEState *);
372
373 /* NOTE: IDEState represents in fact one drive */
374 typedef struct IDEState {
375 /* ide config */
376 int is_cdrom;
377 int is_cf;
378 int cylinders, heads, sectors;
379 int64_t nb_sectors;
380 int mult_sectors;
381 int identify_set;
382 uint16_t identify_data[256];
383 qemu_irq irq;
384 PCIDevice *pci_dev;
385 struct BMDMAState *bmdma;
386 int drive_serial;
387 /* ide regs */
388 uint8_t feature;
389 uint8_t error;
390 uint32_t nsector;
391 uint8_t sector;
392 uint8_t lcyl;
393 uint8_t hcyl;
394 /* other part of tf for lba48 support */
395 uint8_t hob_feature;
396 uint8_t hob_nsector;
397 uint8_t hob_sector;
398 uint8_t hob_lcyl;
399 uint8_t hob_hcyl;
400
401 uint8_t select;
402 uint8_t status;
403
404 /* 0x3f6 command, only meaningful for drive 0 */
405 uint8_t cmd;
406 /* set for lba48 access */
407 uint8_t lba48;
408 /* depends on bit 4 in select, only meaningful for drive 0 */
409 struct IDEState *cur_drive;
410 BlockDriverState *bs;
411 /* ATAPI specific */
412 uint8_t sense_key;
413 uint8_t asc;
414 int packet_transfer_size;
415 int elementary_transfer_size;
416 int io_buffer_index;
417 int lba;
418 int cd_sector_size;
419 int atapi_dma; /* true if dma is requested for the packet cmd */
420 /* ATA DMA state */
421 int io_buffer_size;
422 /* PIO transfer handling */
423 int req_nb_sectors; /* number of sectors per interrupt */
424 EndTransferFunc *end_transfer_func;
425 uint8_t *data_ptr;
426 uint8_t *data_end;
427 uint8_t *io_buffer;
428 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
429 uint32_t irq_count; /* counts IRQs when using win2k install hack */
430 /* CF-ATA extended error */
431 uint8_t ext_error;
432 /* CF-ATA metadata storage */
433 uint32_t mdata_size;
434 uint8_t *mdata_storage;
435 int media_changed;
436 } IDEState;
437
438 #define BM_STATUS_DMAING 0x01
439 #define BM_STATUS_ERROR 0x02
440 #define BM_STATUS_INT 0x04
441
442 #define BM_CMD_START 0x01
443 #define BM_CMD_READ 0x08
444
445 #define IDE_TYPE_PIIX3 0
446 #define IDE_TYPE_CMD646 1
447 #define IDE_TYPE_PIIX4 2
448
449 /* CMD646 specific */
450 #define MRDMODE 0x71
451 #define MRDMODE_INTR_CH0 0x04
452 #define MRDMODE_INTR_CH1 0x08
453 #define MRDMODE_BLK_CH0 0x10
454 #define MRDMODE_BLK_CH1 0x20
455 #define UDIDETCR0 0x73
456 #define UDIDETCR1 0x7B
457
458 typedef struct BMDMAState {
459 uint8_t cmd;
460 uint8_t status;
461 uint32_t addr;
462
463 struct PCIIDEState *pci_dev;
464 /* current transfer state */
465 uint32_t cur_addr;
466 uint32_t cur_prd_last;
467 uint32_t cur_prd_addr;
468 uint32_t cur_prd_len;
469 IDEState *ide_if;
470 BlockDriverCompletionFunc *dma_cb;
471 BlockDriverAIOCB *aiocb;
472 } BMDMAState;
473
474 typedef struct PCIIDEState {
475 PCIDevice dev;
476 IDEState ide_if[4];
477 BMDMAState bmdma[2];
478 int type; /* see IDE_TYPE_xxx */
479 } PCIIDEState;
480
481 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
482 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
483
484 static void padstr(char *str, const char *src, int len)
485 {
486 int i, v;
487 for(i = 0; i < len; i++) {
488 if (*src)
489 v = *src++;
490 else
491 v = ' ';
492 str[i^1] = v;
493 }
494 }
495
496 static void padstr8(uint8_t *buf, int buf_size, const char *src)
497 {
498 int i;
499 for(i = 0; i < buf_size; i++) {
500 if (*src)
501 buf[i] = *src++;
502 else
503 buf[i] = ' ';
504 }
505 }
506
507 static void put_le16(uint16_t *p, unsigned int v)
508 {
509 *p = cpu_to_le16(v);
510 }
511
512 static void ide_identify(IDEState *s)
513 {
514 uint16_t *p;
515 unsigned int oldsize;
516 char buf[20];
517
518 if (s->identify_set) {
519 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
520 return;
521 }
522
523 memset(s->io_buffer, 0, 512);
524 p = (uint16_t *)s->io_buffer;
525 put_le16(p + 0, 0x0040);
526 put_le16(p + 1, s->cylinders);
527 put_le16(p + 3, s->heads);
528 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
529 put_le16(p + 5, 512); /* XXX: retired, remove ? */
530 put_le16(p + 6, s->sectors);
531 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
532 padstr((char *)(p + 10), buf, 20); /* serial number */
533 put_le16(p + 20, 3); /* XXX: retired, remove ? */
534 put_le16(p + 21, 512); /* cache size in sectors */
535 put_le16(p + 22, 4); /* ecc bytes */
536 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
537 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
538 #if MAX_MULT_SECTORS > 1
539 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
540 #endif
541 put_le16(p + 48, 1); /* dword I/O */
542 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
543 put_le16(p + 51, 0x200); /* PIO transfer cycle */
544 put_le16(p + 52, 0x200); /* DMA transfer cycle */
545 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
546 put_le16(p + 54, s->cylinders);
547 put_le16(p + 55, s->heads);
548 put_le16(p + 56, s->sectors);
549 oldsize = s->cylinders * s->heads * s->sectors;
550 put_le16(p + 57, oldsize);
551 put_le16(p + 58, oldsize >> 16);
552 if (s->mult_sectors)
553 put_le16(p + 59, 0x100 | s->mult_sectors);
554 put_le16(p + 60, s->nb_sectors);
555 put_le16(p + 61, s->nb_sectors >> 16);
556 put_le16(p + 63, 0x07); /* mdma0-2 supported */
557 put_le16(p + 65, 120);
558 put_le16(p + 66, 120);
559 put_le16(p + 67, 120);
560 put_le16(p + 68, 120);
561 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
562 put_le16(p + 81, 0x16); /* conforms to ata5 */
563 put_le16(p + 82, (1 << 14));
564 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
565 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
566 put_le16(p + 84, (1 << 14));
567 put_le16(p + 85, (1 << 14));
568 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
569 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
570 put_le16(p + 87, (1 << 14));
571 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
572 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
573 put_le16(p + 100, s->nb_sectors);
574 put_le16(p + 101, s->nb_sectors >> 16);
575 put_le16(p + 102, s->nb_sectors >> 32);
576 put_le16(p + 103, s->nb_sectors >> 48);
577
578 memcpy(s->identify_data, p, sizeof(s->identify_data));
579 s->identify_set = 1;
580 }
581
582 static void ide_atapi_identify(IDEState *s)
583 {
584 uint16_t *p;
585 char buf[20];
586
587 if (s->identify_set) {
588 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
589 return;
590 }
591
592 memset(s->io_buffer, 0, 512);
593 p = (uint16_t *)s->io_buffer;
594 /* Removable CDROM, 50us response, 12 byte packets */
595 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
596 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
597 padstr((char *)(p + 10), buf, 20); /* serial number */
598 put_le16(p + 20, 3); /* buffer type */
599 put_le16(p + 21, 512); /* cache size in sectors */
600 put_le16(p + 22, 4); /* ecc bytes */
601 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
602 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
603 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
604 #ifdef USE_DMA_CDROM
605 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
606 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
607 put_le16(p + 63, 7); /* mdma0-2 supported */
608 put_le16(p + 64, 0x3f); /* PIO modes supported */
609 #else
610 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
611 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
612 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
613 put_le16(p + 64, 1); /* PIO modes */
614 #endif
615 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
616 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
617 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
618 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
619
620 put_le16(p + 71, 30); /* in ns */
621 put_le16(p + 72, 30); /* in ns */
622
623 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
624 #ifdef USE_DMA_CDROM
625 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
626 #endif
627 memcpy(s->identify_data, p, sizeof(s->identify_data));
628 s->identify_set = 1;
629 }
630
631 static void ide_cfata_identify(IDEState *s)
632 {
633 uint16_t *p;
634 uint32_t cur_sec;
635 char buf[20];
636
637 p = (uint16_t *) s->identify_data;
638 if (s->identify_set)
639 goto fill_buffer;
640
641 memset(p, 0, sizeof(s->identify_data));
642
643 cur_sec = s->cylinders * s->heads * s->sectors;
644
645 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
646 put_le16(p + 1, s->cylinders); /* Default cylinders */
647 put_le16(p + 3, s->heads); /* Default heads */
648 put_le16(p + 6, s->sectors); /* Default sectors per track */
649 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
650 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
651 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
652 padstr((char *)(p + 10), buf, 20); /* Serial number in ASCII */
653 put_le16(p + 22, 0x0004); /* ECC bytes */
654 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
655 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
656 #if MAX_MULT_SECTORS > 1
657 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
658 #else
659 put_le16(p + 47, 0x0000);
660 #endif
661 put_le16(p + 49, 0x0f00); /* Capabilities */
662 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
663 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
664 put_le16(p + 53, 0x0003); /* Translation params valid */
665 put_le16(p + 54, s->cylinders); /* Current cylinders */
666 put_le16(p + 55, s->heads); /* Current heads */
667 put_le16(p + 56, s->sectors); /* Current sectors */
668 put_le16(p + 57, cur_sec); /* Current capacity */
669 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
670 if (s->mult_sectors) /* Multiple sector setting */
671 put_le16(p + 59, 0x100 | s->mult_sectors);
672 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
673 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
674 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
675 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
676 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
677 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
678 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
679 put_le16(p + 82, 0x400c); /* Command Set supported */
680 put_le16(p + 83, 0x7068); /* Command Set supported */
681 put_le16(p + 84, 0x4000); /* Features supported */
682 put_le16(p + 85, 0x000c); /* Command Set enabled */
683 put_le16(p + 86, 0x7044); /* Command Set enabled */
684 put_le16(p + 87, 0x4000); /* Features enabled */
685 put_le16(p + 91, 0x4060); /* Current APM level */
686 put_le16(p + 129, 0x0002); /* Current features option */
687 put_le16(p + 130, 0x0005); /* Reassigned sectors */
688 put_le16(p + 131, 0x0001); /* Initial power mode */
689 put_le16(p + 132, 0x0000); /* User signature */
690 put_le16(p + 160, 0x8100); /* Power requirement */
691 put_le16(p + 161, 0x8001); /* CF command set */
692
693 s->identify_set = 1;
694
695 fill_buffer:
696 memcpy(s->io_buffer, p, sizeof(s->identify_data));
697 }
698
699 static void ide_set_signature(IDEState *s)
700 {
701 s->select &= 0xf0; /* clear head */
702 /* put signature */
703 s->nsector = 1;
704 s->sector = 1;
705 if (s->is_cdrom) {
706 s->lcyl = 0x14;
707 s->hcyl = 0xeb;
708 } else if (s->bs) {
709 s->lcyl = 0;
710 s->hcyl = 0;
711 } else {
712 s->lcyl = 0xff;
713 s->hcyl = 0xff;
714 }
715 }
716
717 static inline void ide_abort_command(IDEState *s)
718 {
719 s->status = READY_STAT | ERR_STAT;
720 s->error = ABRT_ERR;
721 }
722
723 static inline void ide_set_irq(IDEState *s)
724 {
725 BMDMAState *bm = s->bmdma;
726 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
727 if (bm) {
728 bm->status |= BM_STATUS_INT;
729 }
730 qemu_irq_raise(s->irq);
731 }
732 }
733
734 /* prepare data transfer and tell what to do after */
735 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
736 EndTransferFunc *end_transfer_func)
737 {
738 s->end_transfer_func = end_transfer_func;
739 s->data_ptr = buf;
740 s->data_end = buf + size;
741 if (!(s->status & ERR_STAT))
742 s->status |= DRQ_STAT;
743 }
744
745 static void ide_transfer_stop(IDEState *s)
746 {
747 s->end_transfer_func = ide_transfer_stop;
748 s->data_ptr = s->io_buffer;
749 s->data_end = s->io_buffer;
750 s->status &= ~DRQ_STAT;
751 }
752
753 static int64_t ide_get_sector(IDEState *s)
754 {
755 int64_t sector_num;
756 if (s->select & 0x40) {
757 /* lba */
758 if (!s->lba48) {
759 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
760 (s->lcyl << 8) | s->sector;
761 } else {
762 sector_num = ((int64_t)s->hob_hcyl << 40) |
763 ((int64_t) s->hob_lcyl << 32) |
764 ((int64_t) s->hob_sector << 24) |
765 ((int64_t) s->hcyl << 16) |
766 ((int64_t) s->lcyl << 8) | s->sector;
767 }
768 } else {
769 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
770 (s->select & 0x0f) * s->sectors + (s->sector - 1);
771 }
772 return sector_num;
773 }
774
775 static void ide_set_sector(IDEState *s, int64_t sector_num)
776 {
777 unsigned int cyl, r;
778 if (s->select & 0x40) {
779 if (!s->lba48) {
780 s->select = (s->select & 0xf0) | (sector_num >> 24);
781 s->hcyl = (sector_num >> 16);
782 s->lcyl = (sector_num >> 8);
783 s->sector = (sector_num);
784 } else {
785 s->sector = sector_num;
786 s->lcyl = sector_num >> 8;
787 s->hcyl = sector_num >> 16;
788 s->hob_sector = sector_num >> 24;
789 s->hob_lcyl = sector_num >> 32;
790 s->hob_hcyl = sector_num >> 40;
791 }
792 } else {
793 cyl = sector_num / (s->heads * s->sectors);
794 r = sector_num % (s->heads * s->sectors);
795 s->hcyl = cyl >> 8;
796 s->lcyl = cyl;
797 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
798 s->sector = (r % s->sectors) + 1;
799 }
800 }
801
802 static void ide_sector_read(IDEState *s)
803 {
804 int64_t sector_num;
805 int ret, n;
806
807 s->status = READY_STAT | SEEK_STAT;
808 s->error = 0; /* not needed by IDE spec, but needed by Windows */
809 sector_num = ide_get_sector(s);
810 n = s->nsector;
811 if (n == 0) {
812 /* no more sector to read from disk */
813 ide_transfer_stop(s);
814 } else {
815 #if defined(DEBUG_IDE)
816 printf("read sector=%Ld\n", sector_num);
817 #endif
818 if (n > s->req_nb_sectors)
819 n = s->req_nb_sectors;
820 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
821 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
822 ide_set_irq(s);
823 ide_set_sector(s, sector_num + n);
824 s->nsector -= n;
825 }
826 }
827
828 /* return 0 if buffer completed */
829 static int dma_buf_rw(BMDMAState *bm, int is_write)
830 {
831 IDEState *s = bm->ide_if;
832 struct {
833 uint32_t addr;
834 uint32_t size;
835 } prd;
836 int l, len;
837
838 for(;;) {
839 l = s->io_buffer_size - s->io_buffer_index;
840 if (l <= 0)
841 break;
842 if (bm->cur_prd_len == 0) {
843 /* end of table (with a fail safe of one page) */
844 if (bm->cur_prd_last ||
845 (bm->cur_addr - bm->addr) >= 4096)
846 return 0;
847 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
848 bm->cur_addr += 8;
849 prd.addr = le32_to_cpu(prd.addr);
850 prd.size = le32_to_cpu(prd.size);
851 len = prd.size & 0xfffe;
852 if (len == 0)
853 len = 0x10000;
854 bm->cur_prd_len = len;
855 bm->cur_prd_addr = prd.addr;
856 bm->cur_prd_last = (prd.size & 0x80000000);
857 }
858 if (l > bm->cur_prd_len)
859 l = bm->cur_prd_len;
860 if (l > 0) {
861 if (is_write) {
862 cpu_physical_memory_write(bm->cur_prd_addr,
863 s->io_buffer + s->io_buffer_index, l);
864 } else {
865 cpu_physical_memory_read(bm->cur_prd_addr,
866 s->io_buffer + s->io_buffer_index, l);
867 }
868 bm->cur_prd_addr += l;
869 bm->cur_prd_len -= l;
870 s->io_buffer_index += l;
871 }
872 }
873 return 1;
874 }
875
876 /* XXX: handle errors */
877 static void ide_read_dma_cb(void *opaque, int ret)
878 {
879 BMDMAState *bm = opaque;
880 IDEState *s = bm->ide_if;
881 int n;
882 int64_t sector_num;
883
884 n = s->io_buffer_size >> 9;
885 sector_num = ide_get_sector(s);
886 if (n > 0) {
887 sector_num += n;
888 ide_set_sector(s, sector_num);
889 s->nsector -= n;
890 if (dma_buf_rw(bm, 1) == 0)
891 goto eot;
892 }
893
894 /* end of transfer ? */
895 if (s->nsector == 0) {
896 s->status = READY_STAT | SEEK_STAT;
897 ide_set_irq(s);
898 eot:
899 bm->status &= ~BM_STATUS_DMAING;
900 bm->status |= BM_STATUS_INT;
901 bm->dma_cb = NULL;
902 bm->ide_if = NULL;
903 bm->aiocb = NULL;
904 return;
905 }
906
907 /* launch next transfer */
908 n = s->nsector;
909 if (n > IDE_DMA_BUF_SECTORS)
910 n = IDE_DMA_BUF_SECTORS;
911 s->io_buffer_index = 0;
912 s->io_buffer_size = n * 512;
913 #ifdef DEBUG_AIO
914 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
915 #endif
916 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
917 ide_read_dma_cb, bm);
918 }
919
920 static void ide_sector_read_dma(IDEState *s)
921 {
922 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
923 s->io_buffer_index = 0;
924 s->io_buffer_size = 0;
925 ide_dma_start(s, ide_read_dma_cb);
926 }
927
928 static void ide_sector_write_timer_cb(void *opaque)
929 {
930 IDEState *s = opaque;
931 ide_set_irq(s);
932 }
933
934 static void ide_sector_write(IDEState *s)
935 {
936 int64_t sector_num;
937 int ret, n, n1;
938
939 s->status = READY_STAT | SEEK_STAT;
940 sector_num = ide_get_sector(s);
941 #if defined(DEBUG_IDE)
942 printf("write sector=%Ld\n", sector_num);
943 #endif
944 n = s->nsector;
945 if (n > s->req_nb_sectors)
946 n = s->req_nb_sectors;
947 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
948 s->nsector -= n;
949 if (s->nsector == 0) {
950 /* no more sectors to write */
951 ide_transfer_stop(s);
952 } else {
953 n1 = s->nsector;
954 if (n1 > s->req_nb_sectors)
955 n1 = s->req_nb_sectors;
956 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
957 }
958 ide_set_sector(s, sector_num + n);
959
960 #ifdef TARGET_I386
961 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
962 /* It seems there is a bug in the Windows 2000 installer HDD
963 IDE driver which fills the disk with empty logs when the
964 IDE write IRQ comes too early. This hack tries to correct
965 that at the expense of slower write performances. Use this
966 option _only_ to install Windows 2000. You must disable it
967 for normal use. */
968 qemu_mod_timer(s->sector_write_timer,
969 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
970 } else
971 #endif
972 {
973 ide_set_irq(s);
974 }
975 }
976
977 /* XXX: handle errors */
978 static void ide_write_dma_cb(void *opaque, int ret)
979 {
980 BMDMAState *bm = opaque;
981 IDEState *s = bm->ide_if;
982 int n;
983 int64_t sector_num;
984
985 n = s->io_buffer_size >> 9;
986 sector_num = ide_get_sector(s);
987 if (n > 0) {
988 sector_num += n;
989 ide_set_sector(s, sector_num);
990 s->nsector -= n;
991 }
992
993 /* end of transfer ? */
994 if (s->nsector == 0) {
995 s->status = READY_STAT | SEEK_STAT;
996 ide_set_irq(s);
997 eot:
998 bm->status &= ~BM_STATUS_DMAING;
999 bm->status |= BM_STATUS_INT;
1000 bm->dma_cb = NULL;
1001 bm->ide_if = NULL;
1002 bm->aiocb = NULL;
1003 return;
1004 }
1005
1006 /* launch next transfer */
1007 n = s->nsector;
1008 if (n > IDE_DMA_BUF_SECTORS)
1009 n = IDE_DMA_BUF_SECTORS;
1010 s->io_buffer_index = 0;
1011 s->io_buffer_size = n * 512;
1012
1013 if (dma_buf_rw(bm, 0) == 0)
1014 goto eot;
1015 #ifdef DEBUG_AIO
1016 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
1017 #endif
1018 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
1019 ide_write_dma_cb, bm);
1020 }
1021
1022 static void ide_sector_write_dma(IDEState *s)
1023 {
1024 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1025 s->io_buffer_index = 0;
1026 s->io_buffer_size = 0;
1027 ide_dma_start(s, ide_write_dma_cb);
1028 }
1029
1030 static void ide_atapi_cmd_ok(IDEState *s)
1031 {
1032 s->error = 0;
1033 s->status = READY_STAT;
1034 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1035 ide_set_irq(s);
1036 }
1037
1038 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1039 {
1040 #ifdef DEBUG_IDE_ATAPI
1041 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1042 #endif
1043 s->error = sense_key << 4;
1044 s->status = READY_STAT | ERR_STAT;
1045 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1046 s->sense_key = sense_key;
1047 s->asc = asc;
1048 ide_set_irq(s);
1049 }
1050
1051 static inline void cpu_to_ube16(uint8_t *buf, int val)
1052 {
1053 buf[0] = val >> 8;
1054 buf[1] = val;
1055 }
1056
1057 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1058 {
1059 buf[0] = val >> 24;
1060 buf[1] = val >> 16;
1061 buf[2] = val >> 8;
1062 buf[3] = val;
1063 }
1064
1065 static inline int ube16_to_cpu(const uint8_t *buf)
1066 {
1067 return (buf[0] << 8) | buf[1];
1068 }
1069
1070 static inline int ube32_to_cpu(const uint8_t *buf)
1071 {
1072 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1073 }
1074
1075 static void lba_to_msf(uint8_t *buf, int lba)
1076 {
1077 lba += 150;
1078 buf[0] = (lba / 75) / 60;
1079 buf[1] = (lba / 75) % 60;
1080 buf[2] = lba % 75;
1081 }
1082
1083 static void cd_data_to_raw(uint8_t *buf, int lba)
1084 {
1085 /* sync bytes */
1086 buf[0] = 0x00;
1087 memset(buf + 1, 0xff, 10);
1088 buf[11] = 0x00;
1089 buf += 12;
1090 /* MSF */
1091 lba_to_msf(buf, lba);
1092 buf[3] = 0x01; /* mode 1 data */
1093 buf += 4;
1094 /* data */
1095 buf += 2048;
1096 /* XXX: ECC not computed */
1097 memset(buf, 0, 288);
1098 }
1099
1100 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
1101 int sector_size)
1102 {
1103 int ret;
1104
1105 switch(sector_size) {
1106 case 2048:
1107 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1108 break;
1109 case 2352:
1110 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1111 if (ret < 0)
1112 return ret;
1113 cd_data_to_raw(buf, lba);
1114 break;
1115 default:
1116 ret = -EIO;
1117 break;
1118 }
1119 return ret;
1120 }
1121
1122 static void ide_atapi_io_error(IDEState *s, int ret)
1123 {
1124 /* XXX: handle more errors */
1125 if (ret == -ENOMEDIUM) {
1126 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1127 ASC_MEDIUM_NOT_PRESENT);
1128 } else {
1129 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1130 ASC_LOGICAL_BLOCK_OOR);
1131 }
1132 }
1133
1134 /* The whole ATAPI transfer logic is handled in this function */
1135 static void ide_atapi_cmd_reply_end(IDEState *s)
1136 {
1137 int byte_count_limit, size, ret;
1138 #ifdef DEBUG_IDE_ATAPI
1139 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1140 s->packet_transfer_size,
1141 s->elementary_transfer_size,
1142 s->io_buffer_index);
1143 #endif
1144 if (s->packet_transfer_size <= 0) {
1145 /* end of transfer */
1146 ide_transfer_stop(s);
1147 s->status = READY_STAT;
1148 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1149 ide_set_irq(s);
1150 #ifdef DEBUG_IDE_ATAPI
1151 printf("status=0x%x\n", s->status);
1152 #endif
1153 } else {
1154 /* see if a new sector must be read */
1155 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1156 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1157 if (ret < 0) {
1158 ide_transfer_stop(s);
1159 ide_atapi_io_error(s, ret);
1160 return;
1161 }
1162 s->lba++;
1163 s->io_buffer_index = 0;
1164 }
1165 if (s->elementary_transfer_size > 0) {
1166 /* there are some data left to transmit in this elementary
1167 transfer */
1168 size = s->cd_sector_size - s->io_buffer_index;
1169 if (size > s->elementary_transfer_size)
1170 size = s->elementary_transfer_size;
1171 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1172 size, ide_atapi_cmd_reply_end);
1173 s->packet_transfer_size -= size;
1174 s->elementary_transfer_size -= size;
1175 s->io_buffer_index += size;
1176 } else {
1177 /* a new transfer is needed */
1178 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1179 byte_count_limit = s->lcyl | (s->hcyl << 8);
1180 #ifdef DEBUG_IDE_ATAPI
1181 printf("byte_count_limit=%d\n", byte_count_limit);
1182 #endif
1183 if (byte_count_limit == 0xffff)
1184 byte_count_limit--;
1185 size = s->packet_transfer_size;
1186 if (size > byte_count_limit) {
1187 /* byte count limit must be even if this case */
1188 if (byte_count_limit & 1)
1189 byte_count_limit--;
1190 size = byte_count_limit;
1191 }
1192 s->lcyl = size;
1193 s->hcyl = size >> 8;
1194 s->elementary_transfer_size = size;
1195 /* we cannot transmit more than one sector at a time */
1196 if (s->lba != -1) {
1197 if (size > (s->cd_sector_size - s->io_buffer_index))
1198 size = (s->cd_sector_size - s->io_buffer_index);
1199 }
1200 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1201 size, ide_atapi_cmd_reply_end);
1202 s->packet_transfer_size -= size;
1203 s->elementary_transfer_size -= size;
1204 s->io_buffer_index += size;
1205 ide_set_irq(s);
1206 #ifdef DEBUG_IDE_ATAPI
1207 printf("status=0x%x\n", s->status);
1208 #endif
1209 }
1210 }
1211 }
1212
1213 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1214 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1215 {
1216 if (size > max_size)
1217 size = max_size;
1218 s->lba = -1; /* no sector read */
1219 s->packet_transfer_size = size;
1220 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1221 s->elementary_transfer_size = 0;
1222 s->io_buffer_index = 0;
1223
1224 if (s->atapi_dma) {
1225 s->status = READY_STAT | DRQ_STAT;
1226 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1227 } else {
1228 s->status = READY_STAT;
1229 ide_atapi_cmd_reply_end(s);
1230 }
1231 }
1232
1233 /* start a CD-CDROM read command */
1234 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1235 int sector_size)
1236 {
1237 s->lba = lba;
1238 s->packet_transfer_size = nb_sectors * sector_size;
1239 s->elementary_transfer_size = 0;
1240 s->io_buffer_index = sector_size;
1241 s->cd_sector_size = sector_size;
1242
1243 s->status = READY_STAT;
1244 ide_atapi_cmd_reply_end(s);
1245 }
1246
1247 /* ATAPI DMA support */
1248
1249 /* XXX: handle read errors */
1250 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1251 {
1252 BMDMAState *bm = opaque;
1253 IDEState *s = bm->ide_if;
1254 int data_offset, n;
1255
1256 if (ret < 0) {
1257 ide_atapi_io_error(s, ret);
1258 goto eot;
1259 }
1260
1261 if (s->io_buffer_size > 0) {
1262 /*
1263 * For a cdrom read sector command (s->lba != -1),
1264 * adjust the lba for the next s->io_buffer_size chunk
1265 * and dma the current chunk.
1266 * For a command != read (s->lba == -1), just transfer
1267 * the reply data.
1268 */
1269 if (s->lba != -1) {
1270 if (s->cd_sector_size == 2352) {
1271 n = 1;
1272 cd_data_to_raw(s->io_buffer, s->lba);
1273 } else {
1274 n = s->io_buffer_size >> 11;
1275 }
1276 s->lba += n;
1277 }
1278 s->packet_transfer_size -= s->io_buffer_size;
1279 if (dma_buf_rw(bm, 1) == 0)
1280 goto eot;
1281 }
1282
1283 if (s->packet_transfer_size <= 0) {
1284 s->status = READY_STAT;
1285 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1286 ide_set_irq(s);
1287 eot:
1288 bm->status &= ~BM_STATUS_DMAING;
1289 bm->status |= BM_STATUS_INT;
1290 bm->dma_cb = NULL;
1291 bm->ide_if = NULL;
1292 bm->aiocb = NULL;
1293 return;
1294 }
1295
1296 s->io_buffer_index = 0;
1297 if (s->cd_sector_size == 2352) {
1298 n = 1;
1299 s->io_buffer_size = s->cd_sector_size;
1300 data_offset = 16;
1301 } else {
1302 n = s->packet_transfer_size >> 11;
1303 if (n > (IDE_DMA_BUF_SECTORS / 4))
1304 n = (IDE_DMA_BUF_SECTORS / 4);
1305 s->io_buffer_size = n * 2048;
1306 data_offset = 0;
1307 }
1308 #ifdef DEBUG_AIO
1309 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1310 #endif
1311 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1312 s->io_buffer + data_offset, n * 4,
1313 ide_atapi_cmd_read_dma_cb, bm);
1314 if (!bm->aiocb) {
1315 /* Note: media not present is the most likely case */
1316 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1317 ASC_MEDIUM_NOT_PRESENT);
1318 goto eot;
1319 }
1320 }
1321
1322 /* start a CD-CDROM read command with DMA */
1323 /* XXX: test if DMA is available */
1324 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1325 int sector_size)
1326 {
1327 s->lba = lba;
1328 s->packet_transfer_size = nb_sectors * sector_size;
1329 s->io_buffer_index = 0;
1330 s->io_buffer_size = 0;
1331 s->cd_sector_size = sector_size;
1332
1333 /* XXX: check if BUSY_STAT should be set */
1334 s->status = READY_STAT | DRQ_STAT | BUSY_STAT;
1335 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1336 }
1337
1338 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1339 int sector_size)
1340 {
1341 #ifdef DEBUG_IDE_ATAPI
1342 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1343 lba, nb_sectors);
1344 #endif
1345 if (s->atapi_dma) {
1346 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1347 } else {
1348 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1349 }
1350 }
1351
1352 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1353 uint16_t profile)
1354 {
1355 uint8_t *buf_profile = buf + 12; /* start of profiles */
1356
1357 buf_profile += ((*index) * 4); /* start of indexed profile */
1358 cpu_to_ube16 (buf_profile, profile);
1359 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1360
1361 /* each profile adds 4 bytes to the response */
1362 (*index)++;
1363 buf[11] += 4; /* Additional Length */
1364
1365 return 4;
1366 }
1367
1368 static void ide_atapi_cmd(IDEState *s)
1369 {
1370 const uint8_t *packet;
1371 uint8_t *buf;
1372 int max_len;
1373
1374 packet = s->io_buffer;
1375 buf = s->io_buffer;
1376 #ifdef DEBUG_IDE_ATAPI
1377 {
1378 int i;
1379 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1380 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1381 printf(" %02x", packet[i]);
1382 }
1383 printf("\n");
1384 }
1385 #endif
1386 switch(s->io_buffer[0]) {
1387 case GPCMD_TEST_UNIT_READY:
1388 if (bdrv_is_inserted(s->bs)) {
1389 ide_atapi_cmd_ok(s);
1390 } else {
1391 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1392 ASC_MEDIUM_NOT_PRESENT);
1393 }
1394 break;
1395 case GPCMD_MODE_SENSE_6:
1396 case GPCMD_MODE_SENSE_10:
1397 {
1398 int action, code;
1399 if (packet[0] == GPCMD_MODE_SENSE_10)
1400 max_len = ube16_to_cpu(packet + 7);
1401 else
1402 max_len = packet[4];
1403 action = packet[2] >> 6;
1404 code = packet[2] & 0x3f;
1405 switch(action) {
1406 case 0: /* current values */
1407 switch(code) {
1408 case 0x01: /* error recovery */
1409 cpu_to_ube16(&buf[0], 16 + 6);
1410 buf[2] = 0x70;
1411 buf[3] = 0;
1412 buf[4] = 0;
1413 buf[5] = 0;
1414 buf[6] = 0;
1415 buf[7] = 0;
1416
1417 buf[8] = 0x01;
1418 buf[9] = 0x06;
1419 buf[10] = 0x00;
1420 buf[11] = 0x05;
1421 buf[12] = 0x00;
1422 buf[13] = 0x00;
1423 buf[14] = 0x00;
1424 buf[15] = 0x00;
1425 ide_atapi_cmd_reply(s, 16, max_len);
1426 break;
1427 case 0x2a:
1428 cpu_to_ube16(&buf[0], 28 + 6);
1429 buf[2] = 0x70;
1430 buf[3] = 0;
1431 buf[4] = 0;
1432 buf[5] = 0;
1433 buf[6] = 0;
1434 buf[7] = 0;
1435
1436 buf[8] = 0x2a;
1437 buf[9] = 0x12;
1438 buf[10] = 0x00;
1439 buf[11] = 0x00;
1440
1441 buf[12] = 0x70;
1442 buf[13] = 3 << 5;
1443 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1444 if (bdrv_is_locked(s->bs))
1445 buf[6] |= 1 << 1;
1446 buf[15] = 0x00;
1447 cpu_to_ube16(&buf[16], 706);
1448 buf[18] = 0;
1449 buf[19] = 2;
1450 cpu_to_ube16(&buf[20], 512);
1451 cpu_to_ube16(&buf[22], 706);
1452 buf[24] = 0;
1453 buf[25] = 0;
1454 buf[26] = 0;
1455 buf[27] = 0;
1456 ide_atapi_cmd_reply(s, 28, max_len);
1457 break;
1458 default:
1459 goto error_cmd;
1460 }
1461 break;
1462 case 1: /* changeable values */
1463 goto error_cmd;
1464 case 2: /* default values */
1465 goto error_cmd;
1466 default:
1467 case 3: /* saved values */
1468 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1469 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1470 break;
1471 }
1472 }
1473 break;
1474 case GPCMD_REQUEST_SENSE:
1475 max_len = packet[4];
1476 memset(buf, 0, 18);
1477 buf[0] = 0x70 | (1 << 7);
1478 buf[2] = s->sense_key;
1479 buf[7] = 10;
1480 buf[12] = s->asc;
1481 ide_atapi_cmd_reply(s, 18, max_len);
1482 break;
1483 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1484 if (bdrv_is_inserted(s->bs)) {
1485 bdrv_set_locked(s->bs, packet[4] & 1);
1486 ide_atapi_cmd_ok(s);
1487 } else {
1488 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1489 ASC_MEDIUM_NOT_PRESENT);
1490 }
1491 break;
1492 case GPCMD_READ_10:
1493 case GPCMD_READ_12:
1494 {
1495 int nb_sectors, lba;
1496
1497 if (packet[0] == GPCMD_READ_10)
1498 nb_sectors = ube16_to_cpu(packet + 7);
1499 else
1500 nb_sectors = ube32_to_cpu(packet + 6);
1501 lba = ube32_to_cpu(packet + 2);
1502 if (nb_sectors == 0) {
1503 ide_atapi_cmd_ok(s);
1504 break;
1505 }
1506 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1507 }
1508 break;
1509 case GPCMD_READ_CD:
1510 {
1511 int nb_sectors, lba, transfer_request;
1512
1513 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1514 lba = ube32_to_cpu(packet + 2);
1515 if (nb_sectors == 0) {
1516 ide_atapi_cmd_ok(s);
1517 break;
1518 }
1519 transfer_request = packet[9];
1520 switch(transfer_request & 0xf8) {
1521 case 0x00:
1522 /* nothing */
1523 ide_atapi_cmd_ok(s);
1524 break;
1525 case 0x10:
1526 /* normal read */
1527 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1528 break;
1529 case 0xf8:
1530 /* read all data */
1531 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1532 break;
1533 default:
1534 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1535 ASC_INV_FIELD_IN_CMD_PACKET);
1536 break;
1537 }
1538 }
1539 break;
1540 case GPCMD_SEEK:
1541 {
1542 unsigned int lba;
1543 uint64_t total_sectors;
1544
1545 bdrv_get_geometry(s->bs, &total_sectors);
1546 total_sectors >>= 2;
1547 if (total_sectors == 0) {
1548 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1549 ASC_MEDIUM_NOT_PRESENT);
1550 break;
1551 }
1552 lba = ube32_to_cpu(packet + 2);
1553 if (lba >= total_sectors) {
1554 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1555 ASC_LOGICAL_BLOCK_OOR);
1556 break;
1557 }
1558 ide_atapi_cmd_ok(s);
1559 }
1560 break;
1561 case GPCMD_START_STOP_UNIT:
1562 {
1563 int start, eject;
1564 start = packet[4] & 1;
1565 eject = (packet[4] >> 1) & 1;
1566
1567 if (eject && !start) {
1568 /* eject the disk */
1569 bdrv_eject(s->bs, 1);
1570 } else if (eject && start) {
1571 /* close the tray */
1572 bdrv_eject(s->bs, 0);
1573 }
1574 ide_atapi_cmd_ok(s);
1575 }
1576 break;
1577 case GPCMD_MECHANISM_STATUS:
1578 {
1579 max_len = ube16_to_cpu(packet + 8);
1580 cpu_to_ube16(buf, 0);
1581 /* no current LBA */
1582 buf[2] = 0;
1583 buf[3] = 0;
1584 buf[4] = 0;
1585 buf[5] = 1;
1586 cpu_to_ube16(buf + 6, 0);
1587 ide_atapi_cmd_reply(s, 8, max_len);
1588 }
1589 break;
1590 case GPCMD_READ_TOC_PMA_ATIP:
1591 {
1592 int format, msf, start_track, len;
1593 uint64_t total_sectors;
1594
1595 bdrv_get_geometry(s->bs, &total_sectors);
1596 total_sectors >>= 2;
1597 if (total_sectors == 0) {
1598 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1599 ASC_MEDIUM_NOT_PRESENT);
1600 break;
1601 }
1602 max_len = ube16_to_cpu(packet + 7);
1603 format = packet[9] >> 6;
1604 msf = (packet[1] >> 1) & 1;
1605 start_track = packet[6];
1606 switch(format) {
1607 case 0:
1608 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1609 if (len < 0)
1610 goto error_cmd;
1611 ide_atapi_cmd_reply(s, len, max_len);
1612 break;
1613 case 1:
1614 /* multi session : only a single session defined */
1615 memset(buf, 0, 12);
1616 buf[1] = 0x0a;
1617 buf[2] = 0x01;
1618 buf[3] = 0x01;
1619 ide_atapi_cmd_reply(s, 12, max_len);
1620 break;
1621 case 2:
1622 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1623 if (len < 0)
1624 goto error_cmd;
1625 ide_atapi_cmd_reply(s, len, max_len);
1626 break;
1627 default:
1628 error_cmd:
1629 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1630 ASC_INV_FIELD_IN_CMD_PACKET);
1631 break;
1632 }
1633 }
1634 break;
1635 case GPCMD_READ_CDVD_CAPACITY:
1636 {
1637 uint64_t total_sectors;
1638
1639 bdrv_get_geometry(s->bs, &total_sectors);
1640 total_sectors >>= 2;
1641 if (total_sectors == 0) {
1642 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1643 ASC_MEDIUM_NOT_PRESENT);
1644 break;
1645 }
1646 /* NOTE: it is really the number of sectors minus 1 */
1647 cpu_to_ube32(buf, total_sectors - 1);
1648 cpu_to_ube32(buf + 4, 2048);
1649 ide_atapi_cmd_reply(s, 8, 8);
1650 }
1651 break;
1652 case GPCMD_READ_DVD_STRUCTURE:
1653 {
1654 int media = packet[1];
1655 int layer = packet[6];
1656 int format = packet[2];
1657 uint64_t total_sectors;
1658
1659 if (media != 0 || layer != 0)
1660 {
1661 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1662 ASC_INV_FIELD_IN_CMD_PACKET);
1663 }
1664
1665 switch (format) {
1666 case 0:
1667 bdrv_get_geometry(s->bs, &total_sectors);
1668 total_sectors >>= 2;
1669 if (total_sectors == 0) {
1670 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1671 ASC_MEDIUM_NOT_PRESENT);
1672 break;
1673 }
1674
1675 memset(buf, 0, 2052);
1676
1677 buf[4] = 1; // DVD-ROM, part version 1
1678 buf[5] = 0xf; // 120mm disc, maximum rate unspecified
1679 buf[6] = 0; // one layer, embossed data
1680 buf[7] = 0;
1681
1682 cpu_to_ube32(buf + 8, 0);
1683 cpu_to_ube32(buf + 12, total_sectors - 1);
1684 cpu_to_ube32(buf + 16, total_sectors - 1);
1685
1686 cpu_to_be16wu((uint16_t *)buf, 2048 + 4);
1687
1688 ide_atapi_cmd_reply(s, 2048 + 3, 2048 + 4);
1689 break;
1690
1691 default:
1692 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1693 ASC_INV_FIELD_IN_CMD_PACKET);
1694 break;
1695 }
1696 }
1697 break;
1698 case GPCMD_SET_SPEED:
1699 ide_atapi_cmd_ok(s);
1700 break;
1701 case GPCMD_INQUIRY:
1702 max_len = packet[4];
1703 buf[0] = 0x05; /* CD-ROM */
1704 buf[1] = 0x80; /* removable */
1705 buf[2] = 0x00; /* ISO */
1706 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1707 buf[4] = 31; /* additional length */
1708 buf[5] = 0; /* reserved */
1709 buf[6] = 0; /* reserved */
1710 buf[7] = 0; /* reserved */
1711 padstr8(buf + 8, 8, "QEMU");
1712 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1713 padstr8(buf + 32, 4, QEMU_VERSION);
1714 ide_atapi_cmd_reply(s, 36, max_len);
1715 break;
1716 case GPCMD_GET_CONFIGURATION:
1717 {
1718 uint32_t len;
1719 uint8_t index = 0;
1720
1721 /* only feature 0 is supported */
1722 if (packet[2] != 0 || packet[3] != 0) {
1723 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1724 ASC_INV_FIELD_IN_CMD_PACKET);
1725 break;
1726 }
1727
1728 /* XXX: could result in alignment problems in some architectures */
1729 max_len = ube16_to_cpu(packet + 7);
1730
1731 /*
1732 * XXX: avoid overflow for io_buffer if max_len is bigger than
1733 * the size of that buffer (dimensioned to max number of
1734 * sectors to transfer at once)
1735 *
1736 * Only a problem if the feature/profiles grow.
1737 */
1738 if (max_len > 512) /* XXX: assume 1 sector */
1739 max_len = 512;
1740
1741 memset(buf, 0, max_len);
1742 /*
1743 * the number of sectors from the media tells us which profile
1744 * to use as current. 0 means there is no media
1745 *
1746 * XXX: fails to detect correctly DVDs with less data burned
1747 * than what a CD can hold
1748 */
1749 if (s -> nb_sectors) {
1750 if (s -> nb_sectors > CD_MAX_SECTORS)
1751 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1752 else
1753 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1754 }
1755
1756 buf[10] = 0x02 | 0x01; /* persistent and current */
1757 len = 12; /* headers: 8 + 4 */
1758 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1759 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1760 cpu_to_ube32(buf, len - 4); /* data length */
1761
1762 ide_atapi_cmd_reply(s, len, max_len);
1763 break;
1764 }
1765 default:
1766 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1767 ASC_ILLEGAL_OPCODE);
1768 break;
1769 }
1770 }
1771
1772 static void ide_cfata_metadata_inquiry(IDEState *s)
1773 {
1774 uint16_t *p;
1775 uint32_t spd;
1776
1777 p = (uint16_t *) s->io_buffer;
1778 memset(p, 0, 0x200);
1779 spd = ((s->mdata_size - 1) >> 9) + 1;
1780
1781 put_le16(p + 0, 0x0001); /* Data format revision */
1782 put_le16(p + 1, 0x0000); /* Media property: silicon */
1783 put_le16(p + 2, s->media_changed); /* Media status */
1784 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1785 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1786 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1787 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1788 }
1789
1790 static void ide_cfata_metadata_read(IDEState *s)
1791 {
1792 uint16_t *p;
1793
1794 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1795 s->status = ERR_STAT;
1796 s->error = ABRT_ERR;
1797 return;
1798 }
1799
1800 p = (uint16_t *) s->io_buffer;
1801 memset(p, 0, 0x200);
1802
1803 put_le16(p + 0, s->media_changed); /* Media status */
1804 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1805 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1806 s->nsector << 9), 0x200 - 2));
1807 }
1808
1809 static void ide_cfata_metadata_write(IDEState *s)
1810 {
1811 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1812 s->status = ERR_STAT;
1813 s->error = ABRT_ERR;
1814 return;
1815 }
1816
1817 s->media_changed = 0;
1818
1819 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1820 s->io_buffer + 2,
1821 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1822 s->nsector << 9), 0x200 - 2));
1823 }
1824
1825 /* called when the inserted state of the media has changed */
1826 static void cdrom_change_cb(void *opaque)
1827 {
1828 IDEState *s = opaque;
1829 uint64_t nb_sectors;
1830
1831 /* XXX: send interrupt too */
1832 bdrv_get_geometry(s->bs, &nb_sectors);
1833 s->nb_sectors = nb_sectors;
1834 }
1835
1836 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1837 {
1838 s->lba48 = lba48;
1839
1840 /* handle the 'magic' 0 nsector count conversion here. to avoid
1841 * fiddling with the rest of the read logic, we just store the
1842 * full sector count in ->nsector and ignore ->hob_nsector from now
1843 */
1844 if (!s->lba48) {
1845 if (!s->nsector)
1846 s->nsector = 256;
1847 } else {
1848 if (!s->nsector && !s->hob_nsector)
1849 s->nsector = 65536;
1850 else {
1851 int lo = s->nsector;
1852 int hi = s->hob_nsector;
1853
1854 s->nsector = (hi << 8) | lo;
1855 }
1856 }
1857 }
1858
1859 static void ide_clear_hob(IDEState *ide_if)
1860 {
1861 /* any write clears HOB high bit of device control register */
1862 ide_if[0].select &= ~(1 << 7);
1863 ide_if[1].select &= ~(1 << 7);
1864 }
1865
1866 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1867 {
1868 IDEState *ide_if = opaque;
1869 IDEState *s;
1870 int unit, n;
1871 int lba48 = 0;
1872
1873 #ifdef DEBUG_IDE
1874 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1875 #endif
1876
1877 addr &= 7;
1878 switch(addr) {
1879 case 0:
1880 break;
1881 case 1:
1882 ide_clear_hob(ide_if);
1883 /* NOTE: data is written to the two drives */
1884 ide_if[0].hob_feature = ide_if[0].feature;
1885 ide_if[1].hob_feature = ide_if[1].feature;
1886 ide_if[0].feature = val;
1887 ide_if[1].feature = val;
1888 break;
1889 case 2:
1890 ide_clear_hob(ide_if);
1891 ide_if[0].hob_nsector = ide_if[0].nsector;
1892 ide_if[1].hob_nsector = ide_if[1].nsector;
1893 ide_if[0].nsector = val;
1894 ide_if[1].nsector = val;
1895 break;
1896 case 3:
1897 ide_clear_hob(ide_if);
1898 ide_if[0].hob_sector = ide_if[0].sector;
1899 ide_if[1].hob_sector = ide_if[1].sector;
1900 ide_if[0].sector = val;
1901 ide_if[1].sector = val;
1902 break;
1903 case 4:
1904 ide_clear_hob(ide_if);
1905 ide_if[0].hob_lcyl = ide_if[0].lcyl;
1906 ide_if[1].hob_lcyl = ide_if[1].lcyl;
1907 ide_if[0].lcyl = val;
1908 ide_if[1].lcyl = val;
1909 break;
1910 case 5:
1911 ide_clear_hob(ide_if);
1912 ide_if[0].hob_hcyl = ide_if[0].hcyl;
1913 ide_if[1].hob_hcyl = ide_if[1].hcyl;
1914 ide_if[0].hcyl = val;
1915 ide_if[1].hcyl = val;
1916 break;
1917 case 6:
1918 /* FIXME: HOB readback uses bit 7 */
1919 ide_if[0].select = (val & ~0x10) | 0xa0;
1920 ide_if[1].select = (val | 0x10) | 0xa0;
1921 /* select drive */
1922 unit = (val >> 4) & 1;
1923 s = ide_if + unit;
1924 ide_if->cur_drive = s;
1925 break;
1926 default:
1927 case 7:
1928 /* command */
1929 #if defined(DEBUG_IDE)
1930 printf("ide: CMD=%02x\n", val);
1931 #endif
1932 s = ide_if->cur_drive;
1933 /* ignore commands to non existant slave */
1934 if (s != ide_if && !s->bs)
1935 break;
1936
1937 switch(val) {
1938 case WIN_IDENTIFY:
1939 if (s->bs && !s->is_cdrom) {
1940 if (!s->is_cf)
1941 ide_identify(s);
1942 else
1943 ide_cfata_identify(s);
1944 s->status = READY_STAT | SEEK_STAT;
1945 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1946 } else {
1947 if (s->is_cdrom) {
1948 ide_set_signature(s);
1949 }
1950 ide_abort_command(s);
1951 }
1952 ide_set_irq(s);
1953 break;
1954 case WIN_SPECIFY:
1955 case WIN_RECAL:
1956 s->error = 0;
1957 s->status = READY_STAT | SEEK_STAT;
1958 ide_set_irq(s);
1959 break;
1960 case WIN_SETMULT:
1961 if (s->is_cf && s->nsector == 0) {
1962 /* Disable Read and Write Multiple */
1963 s->mult_sectors = 0;
1964 s->status = READY_STAT;
1965 } else if ((s->nsector & 0xff) != 0 &&
1966 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1967 (s->nsector & (s->nsector - 1)) != 0)) {
1968 ide_abort_command(s);
1969 } else {
1970 s->mult_sectors = s->nsector & 0xff;
1971 s->status = READY_STAT;
1972 }
1973 ide_set_irq(s);
1974 break;
1975 case WIN_VERIFY_EXT:
1976 lba48 = 1;
1977 case WIN_VERIFY:
1978 case WIN_VERIFY_ONCE:
1979 /* do sector number check ? */
1980 ide_cmd_lba48_transform(s, lba48);
1981 s->status = READY_STAT;
1982 ide_set_irq(s);
1983 break;
1984 case WIN_READ_EXT:
1985 lba48 = 1;
1986 case WIN_READ:
1987 case WIN_READ_ONCE:
1988 if (!s->bs)
1989 goto abort_cmd;
1990 ide_cmd_lba48_transform(s, lba48);
1991 s->req_nb_sectors = 1;
1992 ide_sector_read(s);
1993 break;
1994 case WIN_WRITE_EXT:
1995 lba48 = 1;
1996 case WIN_WRITE:
1997 case WIN_WRITE_ONCE:
1998 case CFA_WRITE_SECT_WO_ERASE:
1999 case WIN_WRITE_VERIFY:
2000 ide_cmd_lba48_transform(s, lba48);
2001 s->error = 0;
2002 s->status = SEEK_STAT | READY_STAT;
2003 s->req_nb_sectors = 1;
2004 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
2005 s->media_changed = 1;
2006 break;
2007 case WIN_MULTREAD_EXT:
2008 lba48 = 1;
2009 case WIN_MULTREAD:
2010 if (!s->mult_sectors)
2011 goto abort_cmd;
2012 ide_cmd_lba48_transform(s, lba48);
2013 s->req_nb_sectors = s->mult_sectors;
2014 ide_sector_read(s);
2015 break;
2016 case WIN_MULTWRITE_EXT:
2017 lba48 = 1;
2018 case WIN_MULTWRITE:
2019 case CFA_WRITE_MULTI_WO_ERASE:
2020 if (!s->mult_sectors)
2021 goto abort_cmd;
2022 ide_cmd_lba48_transform(s, lba48);
2023 s->error = 0;
2024 s->status = SEEK_STAT | READY_STAT;
2025 s->req_nb_sectors = s->mult_sectors;
2026 n = s->nsector;
2027 if (n > s->req_nb_sectors)
2028 n = s->req_nb_sectors;
2029 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
2030 s->media_changed = 1;
2031 break;
2032 case WIN_READDMA_EXT:
2033 lba48 = 1;
2034 case WIN_READDMA:
2035 case WIN_READDMA_ONCE:
2036 if (!s->bs)
2037 goto abort_cmd;
2038 ide_cmd_lba48_transform(s, lba48);
2039 ide_sector_read_dma(s);
2040 break;
2041 case WIN_WRITEDMA_EXT:
2042 lba48 = 1;
2043 case WIN_WRITEDMA:
2044 case WIN_WRITEDMA_ONCE:
2045 if (!s->bs)
2046 goto abort_cmd;
2047 ide_cmd_lba48_transform(s, lba48);
2048 ide_sector_write_dma(s);
2049 s->media_changed = 1;
2050 break;
2051 case WIN_READ_NATIVE_MAX_EXT:
2052 lba48 = 1;
2053 case WIN_READ_NATIVE_MAX:
2054 ide_cmd_lba48_transform(s, lba48);
2055 ide_set_sector(s, s->nb_sectors - 1);
2056 s->status = READY_STAT;
2057 ide_set_irq(s);
2058 break;
2059 case WIN_CHECKPOWERMODE1:
2060 case WIN_CHECKPOWERMODE2:
2061 s->nsector = 0xff; /* device active or idle */
2062 s->status = READY_STAT;
2063 ide_set_irq(s);
2064 break;
2065 case WIN_SETFEATURES:
2066 if (!s->bs)
2067 goto abort_cmd;
2068 /* XXX: valid for CDROM ? */
2069 switch(s->feature) {
2070 case 0xcc: /* reverting to power-on defaults enable */
2071 case 0x66: /* reverting to power-on defaults disable */
2072 case 0x02: /* write cache enable */
2073 case 0x82: /* write cache disable */
2074 case 0xaa: /* read look-ahead enable */
2075 case 0x55: /* read look-ahead disable */
2076 case 0x05: /* set advanced power management mode */
2077 case 0x85: /* disable advanced power management mode */
2078 case 0x69: /* NOP */
2079 case 0x67: /* NOP */
2080 case 0x96: /* NOP */
2081 case 0x9a: /* NOP */
2082 case 0x42: /* enable Automatic Acoustic Mode */
2083 case 0xc2: /* disable Automatic Acoustic Mode */
2084 s->status = READY_STAT | SEEK_STAT;
2085 ide_set_irq(s);
2086 break;
2087 case 0x03: { /* set transfer mode */
2088 uint8_t val = s->nsector & 0x07;
2089
2090 switch (s->nsector >> 3) {
2091 case 0x00: /* pio default */
2092 case 0x01: /* pio mode */
2093 put_le16(s->identify_data + 63,0x07);
2094 put_le16(s->identify_data + 88,0x3f);
2095 break;
2096 case 0x04: /* mdma mode */
2097 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
2098 put_le16(s->identify_data + 88,0x3f);
2099 break;
2100 case 0x08: /* udma mode */
2101 put_le16(s->identify_data + 63,0x07);
2102 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
2103 break;
2104 default:
2105 goto abort_cmd;
2106 }
2107 s->status = READY_STAT | SEEK_STAT;
2108 ide_set_irq(s);
2109 break;
2110 }
2111 default:
2112 goto abort_cmd;
2113 }
2114 break;
2115 case WIN_FLUSH_CACHE:
2116 case WIN_FLUSH_CACHE_EXT:
2117 if (s->bs)
2118 bdrv_flush(s->bs);
2119 s->status = READY_STAT;
2120 ide_set_irq(s);
2121 break;
2122 case WIN_STANDBY:
2123 case WIN_STANDBY2:
2124 case WIN_STANDBYNOW1:
2125 case WIN_STANDBYNOW2:
2126 case WIN_IDLEIMMEDIATE:
2127 case CFA_IDLEIMMEDIATE:
2128 case WIN_SETIDLE1:
2129 case WIN_SETIDLE2:
2130 case WIN_SLEEPNOW1:
2131 case WIN_SLEEPNOW2:
2132 s->status = READY_STAT;
2133 ide_set_irq(s);
2134 break;
2135 /* ATAPI commands */
2136 case WIN_PIDENTIFY:
2137 if (s->is_cdrom) {
2138 ide_atapi_identify(s);
2139 s->status = READY_STAT | SEEK_STAT;
2140 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2141 } else {
2142 ide_abort_command(s);
2143 }
2144 ide_set_irq(s);
2145 break;
2146 case WIN_DIAGNOSE:
2147 ide_set_signature(s);
2148 s->status = READY_STAT;
2149 s->error = 0x01;
2150 ide_set_irq(s);
2151 break;
2152 case WIN_SRST:
2153 if (!s->is_cdrom)
2154 goto abort_cmd;
2155 ide_set_signature(s);
2156 s->status = 0x00; /* NOTE: READY is _not_ set */
2157 s->error = 0x01;
2158 break;
2159 case WIN_PACKETCMD:
2160 if (!s->is_cdrom)
2161 goto abort_cmd;
2162 /* overlapping commands not supported */
2163 if (s->feature & 0x02)
2164 goto abort_cmd;
2165 s->status = READY_STAT;
2166 s->atapi_dma = s->feature & 1;
2167 s->nsector = 1;
2168 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2169 ide_atapi_cmd);
2170 break;
2171 /* CF-ATA commands */
2172 case CFA_REQ_EXT_ERROR_CODE:
2173 if (!s->is_cf)
2174 goto abort_cmd;
2175 s->error = 0x09; /* miscellaneous error */
2176 s->status = READY_STAT;
2177 ide_set_irq(s);
2178 break;
2179 case CFA_ERASE_SECTORS:
2180 case CFA_WEAR_LEVEL:
2181 if (!s->is_cf)
2182 goto abort_cmd;
2183 if (val == CFA_WEAR_LEVEL)
2184 s->nsector = 0;
2185 if (val == CFA_ERASE_SECTORS)
2186 s->media_changed = 1;
2187 s->error = 0x00;
2188 s->status = READY_STAT;
2189 ide_set_irq(s);
2190 break;
2191 case CFA_TRANSLATE_SECTOR:
2192 if (!s->is_cf)
2193 goto abort_cmd;
2194 s->error = 0x00;
2195 s->status = READY_STAT;
2196 memset(s->io_buffer, 0, 0x200);
2197 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2198 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2199 s->io_buffer[0x02] = s->select; /* Head */
2200 s->io_buffer[0x03] = s->sector; /* Sector */
2201 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2202 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2203 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2204 s->io_buffer[0x13] = 0x00; /* Erase flag */
2205 s->io_buffer[0x18] = 0x00; /* Hot count */
2206 s->io_buffer[0x19] = 0x00; /* Hot count */
2207 s->io_buffer[0x1a] = 0x01; /* Hot count */
2208 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2209 ide_set_irq(s);
2210 break;
2211 case CFA_ACCESS_METADATA_STORAGE:
2212 if (!s->is_cf)
2213 goto abort_cmd;
2214 switch (s->feature) {
2215 case 0x02: /* Inquiry Metadata Storage */
2216 ide_cfata_metadata_inquiry(s);
2217 break;
2218 case 0x03: /* Read Metadata Storage */
2219 ide_cfata_metadata_read(s);
2220 break;
2221 case 0x04: /* Write Metadata Storage */
2222 ide_cfata_metadata_write(s);
2223 break;
2224 default:
2225 goto abort_cmd;
2226 }
2227 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2228 s->status = 0x00; /* NOTE: READY is _not_ set */
2229 ide_set_irq(s);
2230 break;
2231 case IBM_SENSE_CONDITION:
2232 if (!s->is_cf)
2233 goto abort_cmd;
2234 switch (s->feature) {
2235 case 0x01: /* sense temperature in device */
2236 s->nsector = 0x50; /* +20 C */
2237 break;
2238 default:
2239 goto abort_cmd;
2240 }
2241 s->status = READY_STAT;
2242 ide_set_irq(s);
2243 break;
2244 default:
2245 abort_cmd:
2246 ide_abort_command(s);
2247 ide_set_irq(s);
2248 break;
2249 }
2250 }
2251 }
2252
2253 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2254 {
2255 IDEState *ide_if = opaque;
2256 IDEState *s = ide_if->cur_drive;
2257 uint32_t addr;
2258 int ret, hob;
2259
2260 addr = addr1 & 7;
2261 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2262 //hob = s->select & (1 << 7);
2263 hob = 0;
2264 switch(addr) {
2265 case 0:
2266 ret = 0xff;
2267 break;
2268 case 1:
2269 if (!ide_if[0].bs && !ide_if[1].bs)
2270 ret = 0;
2271 else if (!hob)
2272 ret = s->error;
2273 else
2274 ret = s->hob_feature;
2275 break;
2276 case 2:
2277 if (!ide_if[0].bs && !ide_if[1].bs)
2278 ret = 0;
2279 else if (!hob)
2280 ret = s->nsector & 0xff;
2281 else
2282 ret = s->hob_nsector;
2283 break;
2284 case 3:
2285 if (!ide_if[0].bs && !ide_if[1].bs)
2286 ret = 0;
2287 else if (!hob)
2288 ret = s->sector;
2289 else
2290 ret = s->hob_sector;
2291 break;
2292 case 4:
2293 if (!ide_if[0].bs && !ide_if[1].bs)
2294 ret = 0;
2295 else if (!hob)
2296 ret = s->lcyl;
2297 else
2298 ret = s->hob_lcyl;
2299 break;
2300 case 5:
2301 if (!ide_if[0].bs && !ide_if[1].bs)
2302 ret = 0;
2303 else if (!hob)
2304 ret = s->hcyl;
2305 else
2306 ret = s->hob_hcyl;
2307 break;
2308 case 6:
2309 if (!ide_if[0].bs && !ide_if[1].bs)
2310 ret = 0;
2311 else
2312 ret = s->select;
2313 break;
2314 default:
2315 case 7:
2316 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2317 (s != ide_if && !s->bs))
2318 ret = 0;
2319 else
2320 ret = s->status;
2321 qemu_irq_lower(s->irq);
2322 break;
2323 }
2324 #ifdef DEBUG_IDE
2325 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2326 #endif
2327 return ret;
2328 }
2329
2330 static uint32_t ide_status_read(void *opaque, uint32_t addr)
2331 {
2332 IDEState *ide_if = opaque;
2333 IDEState *s = ide_if->cur_drive;
2334 int ret;
2335
2336 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2337 (s != ide_if && !s->bs))
2338 ret = 0;
2339 else
2340 ret = s->status;
2341 #ifdef DEBUG_IDE
2342 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2343 #endif
2344 return ret;
2345 }
2346
2347 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2348 {
2349 IDEState *ide_if = opaque;
2350 IDEState *s;
2351 int i;
2352
2353 #ifdef DEBUG_IDE
2354 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2355 #endif
2356 /* common for both drives */
2357 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2358 (val & IDE_CMD_RESET)) {
2359 /* reset low to high */
2360 for(i = 0;i < 2; i++) {
2361 s = &ide_if[i];
2362 s->status = BUSY_STAT | SEEK_STAT;
2363 s->error = 0x01;
2364 }
2365 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2366 !(val & IDE_CMD_RESET)) {
2367 /* high to low */
2368 for(i = 0;i < 2; i++) {
2369 s = &ide_if[i];
2370 if (s->is_cdrom)
2371 s->status = 0x00; /* NOTE: READY is _not_ set */
2372 else
2373 s->status = READY_STAT | SEEK_STAT;
2374 ide_set_signature(s);
2375 }
2376 }
2377
2378 ide_if[0].cmd = val;
2379 ide_if[1].cmd = val;
2380 }
2381
2382 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2383 {
2384 IDEState *s = ((IDEState *)opaque)->cur_drive;
2385 uint8_t *p;
2386
2387 p = s->data_ptr;
2388 *(uint16_t *)p = le16_to_cpu(val);
2389 p += 2;
2390 s->data_ptr = p;
2391 if (p >= s->data_end)
2392 s->end_transfer_func(s);
2393 }
2394
2395 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2396 {
2397 IDEState *s = ((IDEState *)opaque)->cur_drive;
2398 uint8_t *p;
2399 int ret;
2400 p = s->data_ptr;
2401 ret = cpu_to_le16(*(uint16_t *)p);
2402 p += 2;
2403 s->data_ptr = p;
2404 if (p >= s->data_end)
2405 s->end_transfer_func(s);
2406 return ret;
2407 }
2408
2409 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2410 {
2411 IDEState *s = ((IDEState *)opaque)->cur_drive;
2412 uint8_t *p;
2413
2414 p = s->data_ptr;
2415 *(uint32_t *)p = le32_to_cpu(val);
2416 p += 4;
2417 s->data_ptr = p;
2418 if (p >= s->data_end)
2419 s->end_transfer_func(s);
2420 }
2421
2422 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2423 {
2424 IDEState *s = ((IDEState *)opaque)->cur_drive;
2425 uint8_t *p;
2426 int ret;
2427
2428 p = s->data_ptr;
2429 ret = cpu_to_le32(*(uint32_t *)p);
2430 p += 4;
2431 s->data_ptr = p;
2432 if (p >= s->data_end)
2433 s->end_transfer_func(s);
2434 return ret;
2435 }
2436
2437 static void ide_dummy_transfer_stop(IDEState *s)
2438 {
2439 s->data_ptr = s->io_buffer;
2440 s->data_end = s->io_buffer;
2441 s->io_buffer[0] = 0xff;
2442 s->io_buffer[1] = 0xff;
2443 s->io_buffer[2] = 0xff;
2444 s->io_buffer[3] = 0xff;
2445 }
2446
2447 static void ide_reset(IDEState *s)
2448 {
2449 if (s->is_cf)
2450 s->mult_sectors = 0;
2451 else
2452 s->mult_sectors = MAX_MULT_SECTORS;
2453 s->cur_drive = s;
2454 s->select = 0xa0;
2455 s->status = READY_STAT;
2456 ide_set_signature(s);
2457 /* init the transfer handler so that 0xffff is returned on data
2458 accesses */
2459 s->end_transfer_func = ide_dummy_transfer_stop;
2460 ide_dummy_transfer_stop(s);
2461 s->media_changed = 0;
2462 }
2463
2464 static void ide_init2(IDEState *ide_state,
2465 BlockDriverState *hd0, BlockDriverState *hd1,
2466 qemu_irq irq)
2467 {
2468 IDEState *s;
2469 static int drive_serial = 1;
2470 int i, cylinders, heads, secs;
2471 uint64_t nb_sectors;
2472
2473 for(i = 0; i < 2; i++) {
2474 s = ide_state + i;
2475 s->io_buffer = qemu_memalign(512, IDE_DMA_BUF_SECTORS*512 + 4);
2476 if (i == 0)
2477 s->bs = hd0;
2478 else
2479 s->bs = hd1;
2480 if (s->bs) {
2481 bdrv_get_geometry(s->bs, &nb_sectors);
2482 bdrv_guess_geometry(s->bs, &cylinders, &heads, &secs);
2483 s->cylinders = cylinders;
2484 s->heads = heads;
2485 s->sectors = secs;
2486 s->nb_sectors = nb_sectors;
2487
2488 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2489 s->is_cdrom = 1;
2490 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2491 }
2492 }
2493 s->drive_serial = drive_serial++;
2494 s->irq = irq;
2495 s->sector_write_timer = qemu_new_timer(vm_clock,
2496 ide_sector_write_timer_cb, s);
2497 ide_reset(s);
2498 }
2499 }
2500
2501 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2502 {
2503 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2504 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2505 if (iobase2) {
2506 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2507 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2508 }
2509
2510 /* data ports */
2511 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2512 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2513 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2514 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2515 }
2516
2517 /* save per IDE drive data */
2518 static void ide_save(QEMUFile* f, IDEState *s)
2519 {
2520 qemu_put_be32(f, s->mult_sectors);
2521 qemu_put_be32(f, s->identify_set);
2522 if (s->identify_set) {
2523 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2524 }
2525 qemu_put_8s(f, &s->feature);
2526 qemu_put_8s(f, &s->error);
2527 qemu_put_be32s(f, &s->nsector);
2528 qemu_put_8s(f, &s->sector);
2529 qemu_put_8s(f, &s->lcyl);
2530 qemu_put_8s(f, &s->hcyl);
2531 qemu_put_8s(f, &s->hob_feature);
2532 qemu_put_8s(f, &s->hob_nsector);
2533 qemu_put_8s(f, &s->hob_sector);
2534 qemu_put_8s(f, &s->hob_lcyl);
2535 qemu_put_8s(f, &s->hob_hcyl);
2536 qemu_put_8s(f, &s->select);
2537 qemu_put_8s(f, &s->status);
2538 qemu_put_8s(f, &s->lba48);
2539
2540 qemu_put_8s(f, &s->sense_key);
2541 qemu_put_8s(f, &s->asc);
2542 /* XXX: if a transfer is pending, we do not save it yet */
2543 }
2544
2545 /* load per IDE drive data */
2546 static void ide_load(QEMUFile* f, IDEState *s)
2547 {
2548 s->mult_sectors=qemu_get_be32(f);
2549 s->identify_set=qemu_get_be32(f);
2550 if (s->identify_set) {
2551 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2552 }
2553 qemu_get_8s(f, &s->feature);
2554 qemu_get_8s(f, &s->error);
2555 qemu_get_be32s(f, &s->nsector);
2556 qemu_get_8s(f, &s->sector);
2557 qemu_get_8s(f, &s->lcyl);
2558 qemu_get_8s(f, &s->hcyl);
2559 qemu_get_8s(f, &s->hob_feature);
2560 qemu_get_8s(f, &s->hob_nsector);
2561 qemu_get_8s(f, &s->hob_sector);
2562 qemu_get_8s(f, &s->hob_lcyl);
2563 qemu_get_8s(f, &s->hob_hcyl);
2564 qemu_get_8s(f, &s->select);
2565 qemu_get_8s(f, &s->status);
2566 qemu_get_8s(f, &s->lba48);
2567
2568 qemu_get_8s(f, &s->sense_key);
2569 qemu_get_8s(f, &s->asc);
2570 /* XXX: if a transfer is pending, we do not save it yet */
2571 }
2572
2573 /***********************************************************/
2574 /* ISA IDE definitions */
2575
2576 void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
2577 BlockDriverState *hd0, BlockDriverState *hd1)
2578 {
2579 IDEState *ide_state;
2580
2581 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2582 if (!ide_state)
2583 return;
2584
2585 ide_init2(ide_state, hd0, hd1, irq);
2586 ide_init_ioport(ide_state, iobase, iobase2);
2587 }
2588
2589 /***********************************************************/
2590 /* PCI IDE definitions */
2591
2592 static void cmd646_update_irq(PCIIDEState *d);
2593
2594 static void ide_map(PCIDevice *pci_dev, int region_num,
2595 uint32_t addr, uint32_t size, int type)
2596 {
2597 PCIIDEState *d = (PCIIDEState *)pci_dev;
2598 IDEState *ide_state;
2599
2600 if (region_num <= 3) {
2601 ide_state = &d->ide_if[(region_num >> 1) * 2];
2602 if (region_num & 1) {
2603 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2604 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2605 } else {
2606 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2607 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2608
2609 /* data ports */
2610 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2611 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2612 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2613 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2614 }
2615 }
2616 }
2617
2618 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2619 {
2620 BMDMAState *bm = s->bmdma;
2621 if(!bm)
2622 return;
2623 bm->ide_if = s;
2624 bm->dma_cb = dma_cb;
2625 bm->cur_prd_last = 0;
2626 bm->cur_prd_addr = 0;
2627 bm->cur_prd_len = 0;
2628 if (bm->status & BM_STATUS_DMAING) {
2629 bm->dma_cb(bm, 0);
2630 }
2631 }
2632
2633 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2634 {
2635 BMDMAState *bm = opaque;
2636 #ifdef DEBUG_IDE
2637 printf("%s: 0x%08x\n", __func__, val);
2638 #endif
2639 if (!(val & BM_CMD_START)) {
2640 /* XXX: do it better */
2641 if (bm->status & BM_STATUS_DMAING) {
2642 bm->status &= ~BM_STATUS_DMAING;
2643 /* cancel DMA request */
2644 bm->ide_if = NULL;
2645 bm->dma_cb = NULL;
2646 if (bm->aiocb) {
2647 #ifdef DEBUG_AIO
2648 printf("aio_cancel\n");
2649 #endif
2650 bdrv_aio_cancel(bm->aiocb);
2651 bm->aiocb = NULL;
2652 }
2653 }
2654 bm->cmd = val & 0x09;
2655 } else {
2656 if (!(bm->status & BM_STATUS_DMAING)) {
2657 bm->status |= BM_STATUS_DMAING;
2658 /* start dma transfer if possible */
2659 if (bm->dma_cb)
2660 bm->dma_cb(bm, 0);
2661 }
2662 bm->cmd = val & 0x09;
2663 }
2664 }
2665
2666 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2667 {
2668 BMDMAState *bm = opaque;
2669 PCIIDEState *pci_dev;
2670 uint32_t val;
2671
2672 switch(addr & 3) {
2673 case 0:
2674 val = bm->cmd;
2675 break;
2676 case 1:
2677 pci_dev = bm->pci_dev;
2678 if (pci_dev->type == IDE_TYPE_CMD646) {
2679 val = pci_dev->dev.config[MRDMODE];
2680 } else {
2681 val = 0xff;
2682 }
2683 break;
2684 case 2:
2685 val = bm->status;
2686 break;
2687 case 3:
2688 pci_dev = bm->pci_dev;
2689 if (pci_dev->type == IDE_TYPE_CMD646) {
2690 if (bm == &pci_dev->bmdma[0])
2691 val = pci_dev->dev.config[UDIDETCR0];
2692 else
2693 val = pci_dev->dev.config[UDIDETCR1];
2694 } else {
2695 val = 0xff;
2696 }
2697 break;
2698 default:
2699 val = 0xff;
2700 break;
2701 }
2702 #ifdef DEBUG_IDE
2703 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2704 #endif
2705 return val;
2706 }
2707
2708 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2709 {
2710 BMDMAState *bm = opaque;
2711 PCIIDEState *pci_dev;
2712 #ifdef DEBUG_IDE
2713 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
2714 #endif
2715 switch(addr & 3) {
2716 case 1:
2717 pci_dev = bm->pci_dev;
2718 if (pci_dev->type == IDE_TYPE_CMD646) {
2719 pci_dev->dev.config[MRDMODE] =
2720 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2721 cmd646_update_irq(pci_dev);
2722 }
2723 break;
2724 case 2:
2725 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2726 break;
2727 case 3:
2728 pci_dev = bm->pci_dev;
2729 if (pci_dev->type == IDE_TYPE_CMD646) {
2730 if (bm == &pci_dev->bmdma[0])
2731 pci_dev->dev.config[UDIDETCR0] = val;
2732 else
2733 pci_dev->dev.config[UDIDETCR1] = val;
2734 }
2735 break;
2736 }
2737 }
2738
2739 static uint32_t bmdma_addr_readb(void *opaque, uint32_t addr)
2740 {
2741 BMDMAState *bm = opaque;
2742 uint32_t val;
2743 val = (bm->addr >> ((addr & 3) * 8)) & 0xff;
2744 #ifdef DEBUG_IDE
2745 printf("%s: 0x%08x\n", __func__, val);
2746 #endif
2747 return val;
2748 }
2749
2750 static void bmdma_addr_writeb(void *opaque, uint32_t addr, uint32_t val)
2751 {
2752 BMDMAState *bm = opaque;
2753 int shift = (addr & 3) * 8;
2754 #ifdef DEBUG_IDE
2755 printf("%s: 0x%08x\n", __func__, val);
2756 #endif
2757 bm->addr &= ~(0xFF << shift);
2758 bm->addr |= ((val & 0xFF) << shift) & ~3;
2759 bm->cur_addr = bm->addr;
2760 }
2761
2762 static uint32_t bmdma_addr_readw(void *opaque, uint32_t addr)
2763 {
2764 BMDMAState *bm = opaque;
2765 uint32_t val;
2766 val = (bm->addr >> ((addr & 3) * 8)) & 0xffff;
2767 #ifdef DEBUG_IDE
2768 printf("%s: 0x%08x\n", __func__, val);
2769 #endif
2770 return val;
2771 }
2772
2773 static void bmdma_addr_writew(void *opaque, uint32_t addr, uint32_t val)
2774 {
2775 BMDMAState *bm = opaque;
2776 int shift = (addr & 3) * 8;
2777 #ifdef DEBUG_IDE
2778 printf("%s: 0x%08x\n", __func__, val);
2779 #endif
2780 bm->addr &= ~(0xFFFF << shift);
2781 bm->addr |= ((val & 0xFFFF) << shift) & ~3;
2782 bm->cur_addr = bm->addr;
2783 }
2784
2785 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2786 {
2787 BMDMAState *bm = opaque;
2788 uint32_t val;
2789 val = bm->addr;
2790 #ifdef DEBUG_IDE
2791 printf("%s: 0x%08x\n", __func__, val);
2792 #endif
2793 return val;
2794 }
2795
2796 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2797 {
2798 BMDMAState *bm = opaque;
2799 #ifdef DEBUG_IDE
2800 printf("%s: 0x%08x\n", __func__, val);
2801 #endif
2802 bm->addr = val & ~3;
2803 bm->cur_addr = bm->addr;
2804 }
2805
2806 static void bmdma_map(PCIDevice *pci_dev, int region_num,
2807 uint32_t addr, uint32_t size, int type)
2808 {
2809 PCIIDEState *d = (PCIIDEState *)pci_dev;
2810 int i;
2811
2812 for(i = 0;i < 2; i++) {
2813 BMDMAState *bm = &d->bmdma[i];
2814 d->ide_if[2 * i].bmdma = bm;
2815 d->ide_if[2 * i + 1].bmdma = bm;
2816 bm->pci_dev = (PCIIDEState *)pci_dev;
2817
2818 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2819
2820 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
2821 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
2822
2823 register_ioport_write(addr + 4, 4, 1, bmdma_addr_writeb, bm);
2824 register_ioport_read(addr + 4, 4, 1, bmdma_addr_readb, bm);
2825 register_ioport_write(addr + 4, 4, 2, bmdma_addr_writew, bm);
2826 register_ioport_read(addr + 4, 4, 2, bmdma_addr_readw, bm);
2827 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2828 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2829 addr += 8;
2830 }
2831 }
2832
2833 /* XXX: call it also when the MRDMODE is changed from the PCI config
2834 registers */
2835 static void cmd646_update_irq(PCIIDEState *d)
2836 {
2837 int pci_level;
2838 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
2839 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
2840 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
2841 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
2842 qemu_set_irq(d->dev.irq[0], pci_level);
2843 }
2844
2845 /* the PCI irq level is the logical OR of the two channels */
2846 static void cmd646_set_irq(void *opaque, int channel, int level)
2847 {
2848 PCIIDEState *d = opaque;
2849 int irq_mask;
2850
2851 irq_mask = MRDMODE_INTR_CH0 << channel;
2852 if (level)
2853 d->dev.config[MRDMODE] |= irq_mask;
2854 else
2855 d->dev.config[MRDMODE] &= ~irq_mask;
2856 cmd646_update_irq(d);
2857 }
2858
2859 /* CMD646 PCI IDE controller */
2860 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
2861 int secondary_ide_enabled)
2862 {
2863 PCIIDEState *d;
2864 uint8_t *pci_conf;
2865 int i;
2866 qemu_irq *irq;
2867
2868 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
2869 sizeof(PCIIDEState),
2870 -1,
2871 NULL, NULL);
2872 d->type = IDE_TYPE_CMD646;
2873 pci_conf = d->dev.config;
2874 pci_conf[0x00] = 0x95; // CMD646
2875 pci_conf[0x01] = 0x10;
2876 pci_conf[0x02] = 0x46;
2877 pci_conf[0x03] = 0x06;
2878
2879 pci_conf[0x08] = 0x07; // IDE controller revision
2880 pci_conf[0x09] = 0x8f;
2881
2882 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2883 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2884 pci_conf[0x0e] = 0x00; // header_type
2885
2886 if (secondary_ide_enabled) {
2887 /* XXX: if not enabled, really disable the seconday IDE controller */
2888 pci_conf[0x51] = 0x80; /* enable IDE1 */
2889 }
2890
2891 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2892 PCI_ADDRESS_SPACE_IO, ide_map);
2893 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2894 PCI_ADDRESS_SPACE_IO, ide_map);
2895 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2896 PCI_ADDRESS_SPACE_IO, ide_map);
2897 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2898 PCI_ADDRESS_SPACE_IO, ide_map);
2899 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2900 PCI_ADDRESS_SPACE_IO, bmdma_map);
2901
2902 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2903
2904 for(i = 0; i < 4; i++)
2905 d->ide_if[i].pci_dev = (PCIDevice *)d;
2906
2907 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
2908 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
2909 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
2910 }
2911
2912 static void pci_ide_save(QEMUFile* f, void *opaque)
2913 {
2914 PCIIDEState *d = opaque;
2915 int i;
2916
2917 pci_device_save(&d->dev, f);
2918
2919 for(i = 0; i < 2; i++) {
2920 BMDMAState *bm = &d->bmdma[i];
2921 qemu_put_8s(f, &bm->cmd);
2922 qemu_put_8s(f, &bm->status);
2923 qemu_put_be32s(f, &bm->addr);
2924 /* XXX: if a transfer is pending, we do not save it yet */
2925 }
2926
2927 /* per IDE interface data */
2928 for(i = 0; i < 2; i++) {
2929 IDEState *s = &d->ide_if[i * 2];
2930 uint8_t drive1_selected;
2931 qemu_put_8s(f, &s->cmd);
2932 drive1_selected = (s->cur_drive != s);
2933 qemu_put_8s(f, &drive1_selected);
2934 }
2935
2936 /* per IDE drive data */
2937 for(i = 0; i < 4; i++) {
2938 ide_save(f, &d->ide_if[i]);
2939 }
2940 }
2941
2942 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
2943 {
2944 PCIIDEState *d = opaque;
2945 int ret, i;
2946
2947 if (version_id != 1)
2948 return -EINVAL;
2949 ret = pci_device_load(&d->dev, f);
2950 if (ret < 0)
2951 return ret;
2952
2953 for(i = 0; i < 2; i++) {
2954 BMDMAState *bm = &d->bmdma[i];
2955 qemu_get_8s(f, &bm->cmd);
2956 qemu_get_8s(f, &bm->status);
2957 qemu_get_be32s(f, &bm->addr);
2958 /* XXX: if a transfer is pending, we do not save it yet */
2959 }
2960
2961 /* per IDE interface data */
2962 for(i = 0; i < 2; i++) {
2963 IDEState *s = &d->ide_if[i * 2];
2964 uint8_t drive1_selected;
2965 qemu_get_8s(f, &s->cmd);
2966 qemu_get_8s(f, &drive1_selected);
2967 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
2968 }
2969
2970 /* per IDE drive data */
2971 for(i = 0; i < 4; i++) {
2972 ide_load(f, &d->ide_if[i]);
2973 }
2974 return 0;
2975 }
2976
2977 static void piix3_reset(PCIIDEState *d)
2978 {
2979 uint8_t *pci_conf = d->dev.config;
2980
2981 pci_conf[0x04] = 0x00;
2982 pci_conf[0x05] = 0x00;
2983 pci_conf[0x06] = 0x80; /* FBC */
2984 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
2985 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
2986 }
2987
2988 /* hd_table must contain 4 block drivers */
2989 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
2990 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
2991 qemu_irq *pic)
2992 {
2993 PCIIDEState *d;
2994 uint8_t *pci_conf;
2995 int i;
2996
2997 /* register a function 1 of PIIX3 */
2998 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2999 sizeof(PCIIDEState),
3000 devfn,
3001 NULL, NULL);
3002 d->type = IDE_TYPE_PIIX3;
3003
3004 pci_conf = d->dev.config;
3005 pci_conf[0x00] = 0x86; // Intel
3006 pci_conf[0x01] = 0x80;
3007 pci_conf[0x02] = 0x10;
3008 pci_conf[0x03] = 0x70;
3009 pci_conf[0x09] = 0x80; // legacy ATA mode
3010 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3011 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3012 pci_conf[0x0e] = 0x00; // header_type
3013
3014 piix3_reset(d);
3015
3016 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3017 PCI_ADDRESS_SPACE_IO, bmdma_map);
3018
3019 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3020 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3021 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3022 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3023
3024 for (i = 0; i < 4; i++)
3025 if (hd_table[i])
3026 hd_table[i]->devfn = d->dev.devfn;
3027
3028 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3029 }
3030
3031 /* hd_table must contain 4 block drivers */
3032 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3033 void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3034 qemu_irq *pic)
3035 {
3036 PCIIDEState *d;
3037 uint8_t *pci_conf;
3038
3039 /* register a function 1 of PIIX4 */
3040 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
3041 sizeof(PCIIDEState),
3042 devfn,
3043 NULL, NULL);
3044 d->type = IDE_TYPE_PIIX4;
3045
3046 pci_conf = d->dev.config;
3047 pci_conf[0x00] = 0x86; // Intel
3048 pci_conf[0x01] = 0x80;
3049 pci_conf[0x02] = 0x11;
3050 pci_conf[0x03] = 0x71;
3051 pci_conf[0x09] = 0x80; // legacy ATA mode
3052 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3053 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3054 pci_conf[0x0e] = 0x00; // header_type
3055
3056 piix3_reset(d);
3057
3058 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3059 PCI_ADDRESS_SPACE_IO, bmdma_map);
3060
3061 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3062 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3063 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3064 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3065
3066 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3067 }
3068
3069 /***********************************************************/
3070 /* MacIO based PowerPC IDE */
3071
3072 /* PowerMac IDE memory IO */
3073 static void pmac_ide_writeb (void *opaque,
3074 target_phys_addr_t addr, uint32_t val)
3075 {
3076 addr = (addr & 0xFFF) >> 4;
3077 switch (addr) {
3078 case 1 ... 7:
3079 ide_ioport_write(opaque, addr, val);
3080 break;
3081 case 8:
3082 case 22:
3083 ide_cmd_write(opaque, 0, val);
3084 break;
3085 default:
3086 break;
3087 }
3088 }
3089
3090 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3091 {
3092 uint8_t retval;
3093
3094 addr = (addr & 0xFFF) >> 4;
3095 switch (addr) {
3096 case 1 ... 7:
3097 retval = ide_ioport_read(opaque, addr);
3098 break;
3099 case 8:
3100 case 22:
3101 retval = ide_status_read(opaque, 0);
3102 break;
3103 default:
3104 retval = 0xFF;
3105 break;
3106 }
3107 return retval;
3108 }
3109
3110 static void pmac_ide_writew (void *opaque,
3111 target_phys_addr_t addr, uint32_t val)
3112 {
3113 addr = (addr & 0xFFF) >> 4;
3114 #ifdef TARGET_WORDS_BIGENDIAN
3115 val = bswap16(val);
3116 #endif
3117 if (addr == 0) {
3118 ide_data_writew(opaque, 0, val);
3119 }
3120 }
3121
3122 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3123 {
3124 uint16_t retval;
3125
3126 addr = (addr & 0xFFF) >> 4;
3127 if (addr == 0) {
3128 retval = ide_data_readw(opaque, 0);
3129 } else {
3130 retval = 0xFFFF;
3131 }
3132 #ifdef TARGET_WORDS_BIGENDIAN
3133 retval = bswap16(retval);
3134 #endif
3135 return retval;
3136 }
3137
3138 static void pmac_ide_writel (void *opaque,
3139 target_phys_addr_t addr, uint32_t val)
3140 {
3141 addr = (addr & 0xFFF) >> 4;
3142 #ifdef TARGET_WORDS_BIGENDIAN
3143 val = bswap32(val);
3144 #endif
3145 if (addr == 0) {
3146 ide_data_writel(opaque, 0, val);
3147 }
3148 }
3149
3150 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3151 {
3152 uint32_t retval;
3153
3154 addr = (addr & 0xFFF) >> 4;
3155 if (addr == 0) {
3156 retval = ide_data_readl(opaque, 0);
3157 } else {
3158 retval = 0xFFFFFFFF;
3159 }
3160 #ifdef TARGET_WORDS_BIGENDIAN
3161 retval = bswap32(retval);
3162 #endif
3163 return retval;
3164 }
3165
3166 static CPUWriteMemoryFunc *pmac_ide_write[] = {
3167 pmac_ide_writeb,
3168 pmac_ide_writew,
3169 pmac_ide_writel,
3170 };
3171
3172 static CPUReadMemoryFunc *pmac_ide_read[] = {
3173 pmac_ide_readb,
3174 pmac_ide_readw,
3175 pmac_ide_readl,
3176 };
3177
3178 /* hd_table must contain 4 block drivers */
3179 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3180 I/O index to access the ide. */
3181 int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
3182 {
3183 IDEState *ide_if;
3184 int pmac_ide_memory;
3185
3186 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
3187 ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3188
3189 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3190 pmac_ide_write, &ide_if[0]);
3191 return pmac_ide_memory;
3192 }
3193
3194 /***********************************************************/
3195 /* CF-ATA Microdrive */
3196
3197 #define METADATA_SIZE 0x20
3198
3199 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3200 struct md_s {
3201 IDEState ide[2];
3202 struct pcmcia_card_s card;
3203 uint32_t attr_base;
3204 uint32_t io_base;
3205
3206 /* Card state */
3207 uint8_t opt;
3208 uint8_t stat;
3209 uint8_t pins;
3210
3211 uint8_t ctrl;
3212 uint16_t io;
3213 int cycle;
3214 };
3215
3216 /* Register bitfields */
3217 enum md_opt {
3218 OPT_MODE_MMAP = 0,
3219 OPT_MODE_IOMAP16 = 1,
3220 OPT_MODE_IOMAP1 = 2,
3221 OPT_MODE_IOMAP2 = 3,
3222 OPT_MODE = 0x3f,
3223 OPT_LEVIREQ = 0x40,
3224 OPT_SRESET = 0x80,
3225 };
3226 enum md_cstat {
3227 STAT_INT = 0x02,
3228 STAT_PWRDWN = 0x04,
3229 STAT_XE = 0x10,
3230 STAT_IOIS8 = 0x20,
3231 STAT_SIGCHG = 0x40,
3232 STAT_CHANGED = 0x80,
3233 };
3234 enum md_pins {
3235 PINS_MRDY = 0x02,
3236 PINS_CRDY = 0x20,
3237 };
3238 enum md_ctrl {
3239 CTRL_IEN = 0x02,
3240 CTRL_SRST = 0x04,
3241 };
3242
3243 static inline void md_interrupt_update(struct md_s *s)
3244 {
3245 if (!s->card.slot)
3246 return;
3247
3248 qemu_set_irq(s->card.slot->irq,
3249 !(s->stat & STAT_INT) && /* Inverted */
3250 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3251 !(s->opt & OPT_SRESET));
3252 }
3253
3254 static void md_set_irq(void *opaque, int irq, int level)
3255 {
3256 struct md_s *s = (struct md_s *) opaque;
3257 if (level)
3258 s->stat |= STAT_INT;
3259 else
3260 s->stat &= ~STAT_INT;
3261
3262 md_interrupt_update(s);
3263 }
3264
3265 static void md_reset(struct md_s *s)
3266 {
3267 s->opt = OPT_MODE_MMAP;
3268 s->stat = 0;
3269 s->pins = 0;
3270 s->cycle = 0;
3271 s->ctrl = 0;
3272 ide_reset(s->ide);
3273 }
3274
3275 static uint8_t md_attr_read(void *opaque, uint32_t at)
3276 {
3277 struct md_s *s = (struct md_s *) opaque;
3278 if (at < s->attr_base) {
3279 if (at < s->card.cis_len)
3280 return s->card.cis[at];
3281 else
3282 return 0x00;
3283 }
3284
3285 at -= s->attr_base;
3286
3287 switch (at) {
3288 case 0x00: /* Configuration Option Register */
3289 return s->opt;
3290 case 0x02: /* Card Configuration Status Register */
3291 if (s->ctrl & CTRL_IEN)
3292 return s->stat & ~STAT_INT;
3293 else
3294 return s->stat;
3295 case 0x04: /* Pin Replacement Register */
3296 return (s->pins & PINS_CRDY) | 0x0c;
3297 case 0x06: /* Socket and Copy Register */
3298 return 0x00;
3299 #ifdef VERBOSE
3300 default:
3301 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3302 #endif
3303 }
3304
3305 return 0;
3306 }
3307
3308 static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
3309 {
3310 struct md_s *s = (struct md_s *) opaque;
3311 at -= s->attr_base;
3312
3313 switch (at) {
3314 case 0x00: /* Configuration Option Register */
3315 s->opt = value & 0xcf;
3316 if (value & OPT_SRESET)
3317 md_reset(s);
3318 md_interrupt_update(s);
3319 break;
3320 case 0x02: /* Card Configuration Status Register */
3321 if ((s->stat ^ value) & STAT_PWRDWN)
3322 s->pins |= PINS_CRDY;
3323 s->stat &= 0x82;
3324 s->stat |= value & 0x74;
3325 md_interrupt_update(s);
3326 /* Word 170 in Identify Device must be equal to STAT_XE */
3327 break;
3328 case 0x04: /* Pin Replacement Register */
3329 s->pins &= PINS_CRDY;
3330 s->pins |= value & PINS_MRDY;
3331 break;
3332 case 0x06: /* Socket and Copy Register */
3333 break;
3334 default:
3335 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3336 }
3337 }
3338
3339 static uint16_t md_common_read(void *opaque, uint32_t at)
3340 {
3341 struct md_s *s = (struct md_s *) opaque;
3342 uint16_t ret;
3343 at -= s->io_base;
3344
3345 switch (s->opt & OPT_MODE) {
3346 case OPT_MODE_MMAP:
3347 if ((at & ~0x3ff) == 0x400)
3348 at = 0;
3349 break;
3350 case OPT_MODE_IOMAP16:
3351 at &= 0xf;
3352 break;
3353 case OPT_MODE_IOMAP1:
3354 if ((at & ~0xf) == 0x3f0)
3355 at -= 0x3e8;
3356 else if ((at & ~0xf) == 0x1f0)
3357 at -= 0x1f0;
3358 break;
3359 case OPT_MODE_IOMAP2:
3360 if ((at & ~0xf) == 0x370)
3361 at -= 0x368;
3362 else if ((at & ~0xf) == 0x170)
3363 at -= 0x170;
3364 }
3365
3366 switch (at) {
3367 case 0x0: /* Even RD Data */
3368 case 0x8:
3369 return ide_data_readw(s->ide, 0);
3370
3371 /* TODO: 8-bit accesses */
3372 if (s->cycle)
3373 ret = s->io >> 8;
3374 else {
3375 s->io = ide_data_readw(s->ide, 0);
3376 ret = s->io & 0xff;
3377 }
3378 s->cycle = !s->cycle;
3379 return ret;
3380 case 0x9: /* Odd RD Data */
3381 return s->io >> 8;
3382 case 0xd: /* Error */
3383 return ide_ioport_read(s->ide, 0x1);
3384 case 0xe: /* Alternate Status */
3385 if (s->ide->cur_drive->bs)
3386 return s->ide->cur_drive->status;
3387 else
3388 return 0;
3389 case 0xf: /* Device Address */
3390 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
3391 default:
3392 return ide_ioport_read(s->ide, at);
3393 }
3394
3395 return 0;
3396 }
3397
3398 static void md_common_write(void *opaque, uint32_t at, uint16_t value)
3399 {
3400 struct md_s *s = (struct md_s *) opaque;
3401 at -= s->io_base;
3402
3403 switch (s->opt & OPT_MODE) {
3404 case OPT_MODE_MMAP:
3405 if ((at & ~0x3ff) == 0x400)
3406 at = 0;
3407 break;
3408 case OPT_MODE_IOMAP16:
3409 at &= 0xf;
3410 break;
3411 case OPT_MODE_IOMAP1:
3412 if ((at & ~0xf) == 0x3f0)
3413 at -= 0x3e8;
3414 else if ((at & ~0xf) == 0x1f0)
3415 at -= 0x1f0;
3416 break;
3417 case OPT_MODE_IOMAP2:
3418 if ((at & ~0xf) == 0x370)
3419 at -= 0x368;
3420 else if ((at & ~0xf) == 0x170)
3421 at -= 0x170;
3422 }
3423
3424 switch (at) {
3425 case 0x0: /* Even WR Data */
3426 case 0x8:
3427 ide_data_writew(s->ide, 0, value);
3428 break;
3429
3430 /* TODO: 8-bit accesses */
3431 if (s->cycle)
3432 ide_data_writew(s->ide, 0, s->io | (value << 8));
3433 else
3434 s->io = value & 0xff;
3435 s->cycle = !s->cycle;
3436 break;
3437 case 0x9:
3438 s->io = value & 0xff;
3439 s->cycle = !s->cycle;
3440 break;
3441 case 0xd: /* Features */
3442 ide_ioport_write(s->ide, 0x1, value);
3443 break;
3444 case 0xe: /* Device Control */
3445 s->ctrl = value;
3446 if (value & CTRL_SRST)
3447 md_reset(s);
3448 md_interrupt_update(s);
3449 break;
3450 default:
3451 if (s->stat & STAT_PWRDWN) {
3452 s->pins |= PINS_CRDY;
3453 s->stat &= ~STAT_PWRDWN;
3454 }
3455 ide_ioport_write(s->ide, at, value);
3456 }
3457 }
3458
3459 static void md_save(QEMUFile *f, void *opaque)
3460 {
3461 struct md_s *s = (struct md_s *) opaque;
3462 int i;
3463 uint8_t drive1_selected;
3464
3465 qemu_put_8s(f, &s->opt);
3466 qemu_put_8s(f, &s->stat);
3467 qemu_put_8s(f, &s->pins);
3468
3469 qemu_put_8s(f, &s->ctrl);
3470 qemu_put_be16s(f, &s->io);
3471 qemu_put_byte(f, s->cycle);
3472
3473 drive1_selected = (s->ide->cur_drive != s->ide);
3474 qemu_put_8s(f, &s->ide->cmd);
3475 qemu_put_8s(f, &drive1_selected);
3476
3477 for (i = 0; i < 2; i ++)
3478 ide_save(f, &s->ide[i]);
3479 }
3480
3481 static int md_load(QEMUFile *f, void *opaque, int version_id)
3482 {
3483 struct md_s *s = (struct md_s *) opaque;
3484 int i;
3485 uint8_t drive1_selected;
3486
3487 qemu_get_8s(f, &s->opt);
3488 qemu_get_8s(f, &s->stat);
3489 qemu_get_8s(f, &s->pins);
3490
3491 qemu_get_8s(f, &s->ctrl);
3492 qemu_get_be16s(f, &s->io);
3493 s->cycle = qemu_get_byte(f);
3494
3495 qemu_get_8s(f, &s->ide->cmd);
3496 qemu_get_8s(f, &drive1_selected);
3497 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3498
3499 for (i = 0; i < 2; i ++)
3500 ide_load(f, &s->ide[i]);
3501
3502 return 0;
3503 }
3504
3505 static int md_iid = 0;
3506
3507 static const uint8_t dscm1xxxx_cis[0x14a] = {
3508 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3509 [0x002] = 0x03, /* Tuple length = 4 bytes */
3510 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3511 [0x006] = 0x01, /* Size = 2K bytes */
3512 [0x008] = CISTPL_ENDMARK,
3513
3514 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3515 [0x00c] = 0x04, /* Tuple length = 4 byest */
3516 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3517 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3518 [0x012] = 0x01, /* Size = 2K bytes */
3519 [0x014] = CISTPL_ENDMARK,
3520
3521 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3522 [0x018] = 0x02, /* Tuple length = 2 bytes */
3523 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3524 [0x01c] = 0x01,
3525
3526 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3527 [0x020] = 0x04, /* Tuple length = 4 bytes */
3528 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3529 [0x024] = 0x00,
3530 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3531 [0x028] = 0x00,
3532
3533 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3534 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3535 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3536 [0x030] = 0x01, /* Minor Version = 1 */
3537 [0x032] = 'I',
3538 [0x034] = 'B',
3539 [0x036] = 'M',
3540 [0x038] = 0x00,
3541 [0x03a] = 'm',
3542 [0x03c] = 'i',
3543 [0x03e] = 'c',
3544 [0x040] = 'r',
3545 [0x042] = 'o',
3546 [0x044] = 'd',
3547 [0x046] = 'r',
3548 [0x048] = 'i',
3549 [0x04a] = 'v',
3550 [0x04c] = 'e',
3551 [0x04e] = 0x00,
3552 [0x050] = CISTPL_ENDMARK,
3553
3554 [0x052] = CISTPL_FUNCID, /* Function ID */
3555 [0x054] = 0x02, /* Tuple length = 2 bytes */
3556 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3557 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3558
3559 [0x05a] = CISTPL_FUNCE, /* Function Extension */
3560 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3561 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3562 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3563
3564 [0x062] = CISTPL_FUNCE, /* Function Extension */
3565 [0x064] = 0x03, /* Tuple length = 3 bytes */
3566 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3567 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3568 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3569
3570 [0x06c] = CISTPL_CONFIG, /* Configuration */
3571 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3572 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3573 [0x072] = 0x07, /* TPCC_LAST = 7 */
3574 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3575 [0x076] = 0x02,
3576 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3577
3578 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3579 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3580 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3581 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3582 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3583 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3584 [0x086] = 0x55, /* NomV: 5.0 V */
3585 [0x088] = 0x4d, /* MinV: 4.5 V */
3586 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3587 [0x08c] = 0x4e, /* Peakl: 450 mA */
3588 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3589 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3590 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3591
3592 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3593 [0x096] = 0x06, /* Tuple length = 6 bytes */
3594 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3595 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3596 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3597 [0x09e] = 0xb5, /* NomV: 3.3 V */
3598 [0x0a0] = 0x1e,
3599 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3600
3601 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3602 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3603 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3604 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3605 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3606 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3607 [0x0b0] = 0x55, /* NomV: 5.0 V */
3608 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3609 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3610 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3611 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3612 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3613 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3614 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3615 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3616
3617 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3618 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3619 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3620 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3621 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3622 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3623 [0x0ce] = 0x1e,
3624 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3625
3626 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3627 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3628 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3629 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3630 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3631 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3632 [0x0de] = 0x55, /* NomV: 5.0 V */
3633 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3634 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3635 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3636 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3637 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3638 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3639 [0x0ec] = 0x01,
3640 [0x0ee] = 0x07, /* Address block length = 8 */
3641 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3642 [0x0f2] = 0x03,
3643 [0x0f4] = 0x01, /* Address block length = 2 */
3644 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3645 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3646
3647 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3648 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3649 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3650 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3651 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3652 [0x104] = 0xb5, /* NomV: 3.3 V */
3653 [0x106] = 0x1e,
3654 [0x108] = 0x3e, /* Peakl: 350 mA */
3655
3656 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3657 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3658 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3659 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3660 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3661 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3662 [0x116] = 0x55, /* NomV: 5.0 V */
3663 [0x118] = 0x4d, /* MinV: 4.5 V */
3664 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3665 [0x11c] = 0x4e, /* Peakl: 450 mA */
3666 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3667 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3668 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3669 [0x124] = 0x01,
3670 [0x126] = 0x07, /* Address block length = 8 */
3671 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3672 [0x12a] = 0x03,
3673 [0x12c] = 0x01, /* Address block length = 2 */
3674 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3675 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3676
3677 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3678 [0x134] = 0x06, /* Tuple length = 6 bytes */
3679 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3680 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3681 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3682 [0x13c] = 0xb5, /* NomV: 3.3 V */
3683 [0x13e] = 0x1e,
3684 [0x140] = 0x3e, /* Peakl: 350 mA */
3685
3686 [0x142] = CISTPL_NO_LINK, /* No Link */
3687 [0x144] = 0x00, /* Tuple length = 0 bytes */
3688
3689 [0x146] = CISTPL_END, /* Tuple End */
3690 };
3691
3692 static int dscm1xxxx_attach(void *opaque)
3693 {
3694 struct md_s *md = (struct md_s *) opaque;
3695 md->card.attr_read = md_attr_read;
3696 md->card.attr_write = md_attr_write;
3697 md->card.common_read = md_common_read;
3698 md->card.common_write = md_common_write;
3699 md->card.io_read = md_common_read;
3700 md->card.io_write = md_common_write;
3701
3702 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
3703 md->io_base = 0x0;
3704
3705 md_reset(md);
3706 md_interrupt_update(md);
3707
3708 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
3709 return 0;
3710 }
3711
3712 static int dscm1xxxx_detach(void *opaque)
3713 {
3714 struct md_s *md = (struct md_s *) opaque;
3715 md_reset(md);
3716 return 0;
3717 }
3718
3719 struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
3720 {
3721 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
3722 md->card.state = md;
3723 md->card.attach = dscm1xxxx_attach;
3724 md->card.detach = dscm1xxxx_detach;
3725 md->card.cis = dscm1xxxx_cis;
3726 md->card.cis_len = sizeof(dscm1xxxx_cis);
3727
3728 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
3729 md->ide->is_cf = 1;
3730 md->ide->mdata_size = METADATA_SIZE;
3731 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
3732
3733 register_savevm("microdrive", md_iid ++, 0, md_save, md_load, md);
3734
3735 return &md->card;
3736 }
Patches shipped by Fedora