search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ide: split away ide-pci.c
[qemu/aliguori-queue.git] / hw / ide.c
blob14f74a4ab4336d108589680c0ead17eb6e795e54
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include "hw.h"
26 #include "pc.h"
27 #include "pci.h"
28 #include "scsi-disk.h"
29 #include "pcmcia.h"
30 #include "block.h"
31 #include "block_int.h"
32 #include "qemu-timer.h"
33 #include "sysemu.h"
34 #include "ppc_mac.h"
35 #include "mac_dbdma.h"
36 #include "sh.h"
37 #include "dma.h"
38 #include "ide-internal.h"
39
40 static int smart_attributes[][5] = {
41 /* id, flags, val, wrst, thrsh */
42 { 0x01, 0x03, 0x64, 0x64, 0x06}, /* raw read */
43 { 0x03, 0x03, 0x64, 0x64, 0x46}, /* spin up */
44 { 0x04, 0x02, 0x64, 0x64, 0x14}, /* start stop count */
45 { 0x05, 0x03, 0x64, 0x64, 0x36}, /* remapped sectors */
46 { 0x00, 0x00, 0x00, 0x00, 0x00}
47 };
48
49 /* XXX: DVDs that could fit on a CD will be reported as a CD */
50 static inline int media_present(IDEState *s)
51 {
52 return (s->nb_sectors > 0);
53 }
54
55 static inline int media_is_dvd(IDEState *s)
56 {
57 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
58 }
59
60 static inline int media_is_cd(IDEState *s)
61 {
62 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
63 }
64
65 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
66 static void ide_dma_restart(IDEState *s);
67 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
68
69 static void padstr(char *str, const char *src, int len)
70 {
71 int i, v;
72 for(i = 0; i < len; i++) {
73 if (*src)
74 v = *src++;
75 else
76 v = ' ';
77 str[i^1] = v;
78 }
79 }
80
81 static void padstr8(uint8_t *buf, int buf_size, const char *src)
82 {
83 int i;
84 for(i = 0; i < buf_size; i++) {
85 if (*src)
86 buf[i] = *src++;
87 else
88 buf[i] = ' ';
89 }
90 }
91
92 static void put_le16(uint16_t *p, unsigned int v)
93 {
94 *p = cpu_to_le16(v);
95 }
96
97 static void ide_identify(IDEState *s)
98 {
99 uint16_t *p;
100 unsigned int oldsize;
101
102 if (s->identify_set) {
103 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
104 return;
105 }
106
107 memset(s->io_buffer, 0, 512);
108 p = (uint16_t *)s->io_buffer;
109 put_le16(p + 0, 0x0040);
110 put_le16(p + 1, s->cylinders);
111 put_le16(p + 3, s->heads);
112 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
113 put_le16(p + 5, 512); /* XXX: retired, remove ? */
114 put_le16(p + 6, s->sectors);
115 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
116 put_le16(p + 20, 3); /* XXX: retired, remove ? */
117 put_le16(p + 21, 512); /* cache size in sectors */
118 put_le16(p + 22, 4); /* ecc bytes */
119 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
120 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
121 #if MAX_MULT_SECTORS > 1
122 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
123 #endif
124 put_le16(p + 48, 1); /* dword I/O */
125 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
126 put_le16(p + 51, 0x200); /* PIO transfer cycle */
127 put_le16(p + 52, 0x200); /* DMA transfer cycle */
128 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
129 put_le16(p + 54, s->cylinders);
130 put_le16(p + 55, s->heads);
131 put_le16(p + 56, s->sectors);
132 oldsize = s->cylinders * s->heads * s->sectors;
133 put_le16(p + 57, oldsize);
134 put_le16(p + 58, oldsize >> 16);
135 if (s->mult_sectors)
136 put_le16(p + 59, 0x100 | s->mult_sectors);
137 put_le16(p + 60, s->nb_sectors);
138 put_le16(p + 61, s->nb_sectors >> 16);
139 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
140 put_le16(p + 63, 0x07); /* mdma0-2 supported */
141 put_le16(p + 65, 120);
142 put_le16(p + 66, 120);
143 put_le16(p + 67, 120);
144 put_le16(p + 68, 120);
145 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
146 put_le16(p + 81, 0x16); /* conforms to ata5 */
147 /* 14=NOP supported, 0=SMART supported */
148 put_le16(p + 82, (1 << 14) | 1);
149 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
150 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
151 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
152 put_le16(p + 84, (1 << 14) | 0);
153 /* 14 = NOP supported, 0=SMART feature set enabled */
154 put_le16(p + 85, (1 << 14) | 1);
155 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
156 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
157 /* 14=set to 1, 1=smart self test, 0=smart error logging */
158 put_le16(p + 87, (1 << 14) | 0);
159 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
160 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
161 put_le16(p + 100, s->nb_sectors);
162 put_le16(p + 101, s->nb_sectors >> 16);
163 put_le16(p + 102, s->nb_sectors >> 32);
164 put_le16(p + 103, s->nb_sectors >> 48);
165
166 memcpy(s->identify_data, p, sizeof(s->identify_data));
167 s->identify_set = 1;
168 }
169
170 static void ide_atapi_identify(IDEState *s)
171 {
172 uint16_t *p;
173
174 if (s->identify_set) {
175 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
176 return;
177 }
178
179 memset(s->io_buffer, 0, 512);
180 p = (uint16_t *)s->io_buffer;
181 /* Removable CDROM, 50us response, 12 byte packets */
182 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
183 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
184 put_le16(p + 20, 3); /* buffer type */
185 put_le16(p + 21, 512); /* cache size in sectors */
186 put_le16(p + 22, 4); /* ecc bytes */
187 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
188 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
189 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
190 #ifdef USE_DMA_CDROM
191 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
192 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
193 put_le16(p + 62, 7); /* single word dma0-2 supported */
194 put_le16(p + 63, 7); /* mdma0-2 supported */
195 put_le16(p + 64, 0x3f); /* PIO modes supported */
196 #else
197 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
198 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
199 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
200 put_le16(p + 64, 1); /* PIO modes */
201 #endif
202 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
203 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
204 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
205 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
206
207 put_le16(p + 71, 30); /* in ns */
208 put_le16(p + 72, 30); /* in ns */
209
210 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
211 #ifdef USE_DMA_CDROM
212 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
213 #endif
214 memcpy(s->identify_data, p, sizeof(s->identify_data));
215 s->identify_set = 1;
216 }
217
218 static void ide_cfata_identify(IDEState *s)
219 {
220 uint16_t *p;
221 uint32_t cur_sec;
222
223 p = (uint16_t *) s->identify_data;
224 if (s->identify_set)
225 goto fill_buffer;
226
227 memset(p, 0, sizeof(s->identify_data));
228
229 cur_sec = s->cylinders * s->heads * s->sectors;
230
231 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
232 put_le16(p + 1, s->cylinders); /* Default cylinders */
233 put_le16(p + 3, s->heads); /* Default heads */
234 put_le16(p + 6, s->sectors); /* Default sectors per track */
235 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
236 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
237 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
238 put_le16(p + 22, 0x0004); /* ECC bytes */
239 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
240 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
241 #if MAX_MULT_SECTORS > 1
242 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
243 #else
244 put_le16(p + 47, 0x0000);
245 #endif
246 put_le16(p + 49, 0x0f00); /* Capabilities */
247 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
248 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
249 put_le16(p + 53, 0x0003); /* Translation params valid */
250 put_le16(p + 54, s->cylinders); /* Current cylinders */
251 put_le16(p + 55, s->heads); /* Current heads */
252 put_le16(p + 56, s->sectors); /* Current sectors */
253 put_le16(p + 57, cur_sec); /* Current capacity */
254 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
255 if (s->mult_sectors) /* Multiple sector setting */
256 put_le16(p + 59, 0x100 | s->mult_sectors);
257 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
258 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
259 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
260 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
261 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
262 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
263 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
264 put_le16(p + 82, 0x400c); /* Command Set supported */
265 put_le16(p + 83, 0x7068); /* Command Set supported */
266 put_le16(p + 84, 0x4000); /* Features supported */
267 put_le16(p + 85, 0x000c); /* Command Set enabled */
268 put_le16(p + 86, 0x7044); /* Command Set enabled */
269 put_le16(p + 87, 0x4000); /* Features enabled */
270 put_le16(p + 91, 0x4060); /* Current APM level */
271 put_le16(p + 129, 0x0002); /* Current features option */
272 put_le16(p + 130, 0x0005); /* Reassigned sectors */
273 put_le16(p + 131, 0x0001); /* Initial power mode */
274 put_le16(p + 132, 0x0000); /* User signature */
275 put_le16(p + 160, 0x8100); /* Power requirement */
276 put_le16(p + 161, 0x8001); /* CF command set */
277
278 s->identify_set = 1;
279
280 fill_buffer:
281 memcpy(s->io_buffer, p, sizeof(s->identify_data));
282 }
283
284 static void ide_set_signature(IDEState *s)
285 {
286 s->select &= 0xf0; /* clear head */
287 /* put signature */
288 s->nsector = 1;
289 s->sector = 1;
290 if (s->is_cdrom) {
291 s->lcyl = 0x14;
292 s->hcyl = 0xeb;
293 } else if (s->bs) {
294 s->lcyl = 0;
295 s->hcyl = 0;
296 } else {
297 s->lcyl = 0xff;
298 s->hcyl = 0xff;
299 }
300 }
301
302 static inline void ide_abort_command(IDEState *s)
303 {
304 s->status = READY_STAT | ERR_STAT;
305 s->error = ABRT_ERR;
306 }
307
308 static inline void ide_dma_submit_check(IDEState *s,
309 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
310 {
311 if (bm->aiocb)
312 return;
313 dma_cb(bm, -1);
314 }
315
316 /* prepare data transfer and tell what to do after */
317 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
318 EndTransferFunc *end_transfer_func)
319 {
320 s->end_transfer_func = end_transfer_func;
321 s->data_ptr = buf;
322 s->data_end = buf + size;
323 if (!(s->status & ERR_STAT))
324 s->status |= DRQ_STAT;
325 }
326
327 static void ide_transfer_stop(IDEState *s)
328 {
329 s->end_transfer_func = ide_transfer_stop;
330 s->data_ptr = s->io_buffer;
331 s->data_end = s->io_buffer;
332 s->status &= ~DRQ_STAT;
333 }
334
335 int64_t ide_get_sector(IDEState *s)
336 {
337 int64_t sector_num;
338 if (s->select & 0x40) {
339 /* lba */
340 if (!s->lba48) {
341 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
342 (s->lcyl << 8) | s->sector;
343 } else {
344 sector_num = ((int64_t)s->hob_hcyl << 40) |
345 ((int64_t) s->hob_lcyl << 32) |
346 ((int64_t) s->hob_sector << 24) |
347 ((int64_t) s->hcyl << 16) |
348 ((int64_t) s->lcyl << 8) | s->sector;
349 }
350 } else {
351 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
352 (s->select & 0x0f) * s->sectors + (s->sector - 1);
353 }
354 return sector_num;
355 }
356
357 void ide_set_sector(IDEState *s, int64_t sector_num)
358 {
359 unsigned int cyl, r;
360 if (s->select & 0x40) {
361 if (!s->lba48) {
362 s->select = (s->select & 0xf0) | (sector_num >> 24);
363 s->hcyl = (sector_num >> 16);
364 s->lcyl = (sector_num >> 8);
365 s->sector = (sector_num);
366 } else {
367 s->sector = sector_num;
368 s->lcyl = sector_num >> 8;
369 s->hcyl = sector_num >> 16;
370 s->hob_sector = sector_num >> 24;
371 s->hob_lcyl = sector_num >> 32;
372 s->hob_hcyl = sector_num >> 40;
373 }
374 } else {
375 cyl = sector_num / (s->heads * s->sectors);
376 r = sector_num % (s->heads * s->sectors);
377 s->hcyl = cyl >> 8;
378 s->lcyl = cyl;
379 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
380 s->sector = (r % s->sectors) + 1;
381 }
382 }
383
384 static void ide_rw_error(IDEState *s) {
385 ide_abort_command(s);
386 ide_set_irq(s);
387 }
388
389 static void ide_sector_read(IDEState *s)
390 {
391 int64_t sector_num;
392 int ret, n;
393
394 s->status = READY_STAT | SEEK_STAT;
395 s->error = 0; /* not needed by IDE spec, but needed by Windows */
396 sector_num = ide_get_sector(s);
397 n = s->nsector;
398 if (n == 0) {
399 /* no more sector to read from disk */
400 ide_transfer_stop(s);
401 } else {
402 #if defined(DEBUG_IDE)
403 printf("read sector=%" PRId64 "\n", sector_num);
404 #endif
405 if (n > s->req_nb_sectors)
406 n = s->req_nb_sectors;
407 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
408 if (ret != 0) {
409 ide_rw_error(s);
410 return;
411 }
412 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
413 ide_set_irq(s);
414 ide_set_sector(s, sector_num + n);
415 s->nsector -= n;
416 }
417 }
418
419
420 /* return 0 if buffer completed */
421 static int dma_buf_prepare(BMDMAState *bm, int is_write)
422 {
423 IDEState *s = bmdma_active_if(bm);
424 struct {
425 uint32_t addr;
426 uint32_t size;
427 } prd;
428 int l, len;
429
430 qemu_sglist_init(&s->sg, s->nsector / (TARGET_PAGE_SIZE/512) + 1);
431 s->io_buffer_size = 0;
432 for(;;) {
433 if (bm->cur_prd_len == 0) {
434 /* end of table (with a fail safe of one page) */
435 if (bm->cur_prd_last ||
436 (bm->cur_addr - bm->addr) >= 4096)
437 return s->io_buffer_size != 0;
438 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
439 bm->cur_addr += 8;
440 prd.addr = le32_to_cpu(prd.addr);
441 prd.size = le32_to_cpu(prd.size);
442 len = prd.size & 0xfffe;
443 if (len == 0)
444 len = 0x10000;
445 bm->cur_prd_len = len;
446 bm->cur_prd_addr = prd.addr;
447 bm->cur_prd_last = (prd.size & 0x80000000);
448 }
449 l = bm->cur_prd_len;
450 if (l > 0) {
451 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l);
452 bm->cur_prd_addr += l;
453 bm->cur_prd_len -= l;
454 s->io_buffer_size += l;
455 }
456 }
457 return 1;
458 }
459
460 static void dma_buf_commit(IDEState *s, int is_write)
461 {
462 qemu_sglist_destroy(&s->sg);
463 }
464
465 void ide_dma_error(IDEState *s)
466 {
467 ide_transfer_stop(s);
468 s->error = ABRT_ERR;
469 s->status = READY_STAT | ERR_STAT;
470 ide_set_irq(s);
471 }
472
473 static int ide_handle_write_error(IDEState *s, int error, int op)
474 {
475 BlockInterfaceErrorAction action = drive_get_onerror(s->bs);
476
477 if (action == BLOCK_ERR_IGNORE)
478 return 0;
479
480 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
481 || action == BLOCK_ERR_STOP_ANY) {
482 s->bus->bmdma->unit = s->unit;
483 s->bus->bmdma->status |= op;
484 vm_stop(0);
485 } else {
486 if (op == BM_STATUS_DMA_RETRY) {
487 dma_buf_commit(s, 0);
488 ide_dma_error(s);
489 } else {
490 ide_rw_error(s);
491 }
492 }
493
494 return 1;
495 }
496
497 /* return 0 if buffer completed */
498 static int dma_buf_rw(BMDMAState *bm, int is_write)
499 {
500 IDEState *s = bmdma_active_if(bm);
501 struct {
502 uint32_t addr;
503 uint32_t size;
504 } prd;
505 int l, len;
506
507 for(;;) {
508 l = s->io_buffer_size - s->io_buffer_index;
509 if (l <= 0)
510 break;
511 if (bm->cur_prd_len == 0) {
512 /* end of table (with a fail safe of one page) */
513 if (bm->cur_prd_last ||
514 (bm->cur_addr - bm->addr) >= 4096)
515 return 0;
516 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
517 bm->cur_addr += 8;
518 prd.addr = le32_to_cpu(prd.addr);
519 prd.size = le32_to_cpu(prd.size);
520 len = prd.size & 0xfffe;
521 if (len == 0)
522 len = 0x10000;
523 bm->cur_prd_len = len;
524 bm->cur_prd_addr = prd.addr;
525 bm->cur_prd_last = (prd.size & 0x80000000);
526 }
527 if (l > bm->cur_prd_len)
528 l = bm->cur_prd_len;
529 if (l > 0) {
530 if (is_write) {
531 cpu_physical_memory_write(bm->cur_prd_addr,
532 s->io_buffer + s->io_buffer_index, l);
533 } else {
534 cpu_physical_memory_read(bm->cur_prd_addr,
535 s->io_buffer + s->io_buffer_index, l);
536 }
537 bm->cur_prd_addr += l;
538 bm->cur_prd_len -= l;
539 s->io_buffer_index += l;
540 }
541 }
542 return 1;
543 }
544
545 static void ide_read_dma_cb(void *opaque, int ret)
546 {
547 BMDMAState *bm = opaque;
548 IDEState *s = bmdma_active_if(bm);
549 int n;
550 int64_t sector_num;
551
552 if (ret < 0) {
553 dma_buf_commit(s, 1);
554 ide_dma_error(s);
555 return;
556 }
557
558 n = s->io_buffer_size >> 9;
559 sector_num = ide_get_sector(s);
560 if (n > 0) {
561 dma_buf_commit(s, 1);
562 sector_num += n;
563 ide_set_sector(s, sector_num);
564 s->nsector -= n;
565 }
566
567 /* end of transfer ? */
568 if (s->nsector == 0) {
569 s->status = READY_STAT | SEEK_STAT;
570 ide_set_irq(s);
571 eot:
572 bm->status &= ~BM_STATUS_DMAING;
573 bm->status |= BM_STATUS_INT;
574 bm->dma_cb = NULL;
575 bm->unit = -1;
576 bm->aiocb = NULL;
577 return;
578 }
579
580 /* launch next transfer */
581 n = s->nsector;
582 s->io_buffer_index = 0;
583 s->io_buffer_size = n * 512;
584 if (dma_buf_prepare(bm, 1) == 0)
585 goto eot;
586 #ifdef DEBUG_AIO
587 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n);
588 #endif
589 bm->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_read_dma_cb, bm);
590 ide_dma_submit_check(s, ide_read_dma_cb, bm);
591 }
592
593 static void ide_sector_read_dma(IDEState *s)
594 {
595 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
596 s->io_buffer_index = 0;
597 s->io_buffer_size = 0;
598 s->is_read = 1;
599 ide_dma_start(s, ide_read_dma_cb);
600 }
601
602 static void ide_sector_write_timer_cb(void *opaque)
603 {
604 IDEState *s = opaque;
605 ide_set_irq(s);
606 }
607
608 static void ide_sector_write(IDEState *s)
609 {
610 int64_t sector_num;
611 int ret, n, n1;
612
613 s->status = READY_STAT | SEEK_STAT;
614 sector_num = ide_get_sector(s);
615 #if defined(DEBUG_IDE)
616 printf("write sector=%" PRId64 "\n", sector_num);
617 #endif
618 n = s->nsector;
619 if (n > s->req_nb_sectors)
620 n = s->req_nb_sectors;
621 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
622
623 if (ret != 0) {
624 if (ide_handle_write_error(s, -ret, BM_STATUS_PIO_RETRY))
625 return;
626 }
627
628 s->nsector -= n;
629 if (s->nsector == 0) {
630 /* no more sectors to write */
631 ide_transfer_stop(s);
632 } else {
633 n1 = s->nsector;
634 if (n1 > s->req_nb_sectors)
635 n1 = s->req_nb_sectors;
636 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
637 }
638 ide_set_sector(s, sector_num + n);
639
640 #ifdef TARGET_I386
641 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
642 /* It seems there is a bug in the Windows 2000 installer HDD
643 IDE driver which fills the disk with empty logs when the
644 IDE write IRQ comes too early. This hack tries to correct
645 that at the expense of slower write performances. Use this
646 option _only_ to install Windows 2000. You must disable it
647 for normal use. */
648 qemu_mod_timer(s->sector_write_timer,
649 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
650 } else
651 #endif
652 {
653 ide_set_irq(s);
654 }
655 }
656
657 static void ide_dma_restart_bh(void *opaque)
658 {
659 BMDMAState *bm = opaque;
660
661 qemu_bh_delete(bm->bh);
662 bm->bh = NULL;
663
664 if (bm->status & BM_STATUS_DMA_RETRY) {
665 bm->status &= ~BM_STATUS_DMA_RETRY;
666 ide_dma_restart(bmdma_active_if(bm));
667 } else if (bm->status & BM_STATUS_PIO_RETRY) {
668 bm->status &= ~BM_STATUS_PIO_RETRY;
669 ide_sector_write(bmdma_active_if(bm));
670 }
671 }
672
673 void ide_dma_restart_cb(void *opaque, int running, int reason)
674 {
675 BMDMAState *bm = opaque;
676
677 if (!running)
678 return;
679
680 if (!bm->bh) {
681 bm->bh = qemu_bh_new(ide_dma_restart_bh, bm);
682 qemu_bh_schedule(bm->bh);
683 }
684 }
685
686 static void ide_write_dma_cb(void *opaque, int ret)
687 {
688 BMDMAState *bm = opaque;
689 IDEState *s = bmdma_active_if(bm);
690 int n;
691 int64_t sector_num;
692
693 if (ret < 0) {
694 if (ide_handle_write_error(s, -ret, BM_STATUS_DMA_RETRY))
695 return;
696 }
697
698 n = s->io_buffer_size >> 9;
699 sector_num = ide_get_sector(s);
700 if (n > 0) {
701 dma_buf_commit(s, 0);
702 sector_num += n;
703 ide_set_sector(s, sector_num);
704 s->nsector -= n;
705 }
706
707 /* end of transfer ? */
708 if (s->nsector == 0) {
709 s->status = READY_STAT | SEEK_STAT;
710 ide_set_irq(s);
711 eot:
712 bm->status &= ~BM_STATUS_DMAING;
713 bm->status |= BM_STATUS_INT;
714 bm->dma_cb = NULL;
715 bm->unit = -1;
716 bm->aiocb = NULL;
717 return;
718 }
719
720 n = s->nsector;
721 s->io_buffer_size = n * 512;
722 /* launch next transfer */
723 if (dma_buf_prepare(bm, 0) == 0)
724 goto eot;
725 #ifdef DEBUG_AIO
726 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n);
727 #endif
728 bm->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_write_dma_cb, bm);
729 ide_dma_submit_check(s, ide_write_dma_cb, bm);
730 }
731
732 static void ide_sector_write_dma(IDEState *s)
733 {
734 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
735 s->io_buffer_index = 0;
736 s->io_buffer_size = 0;
737 s->is_read = 0;
738 ide_dma_start(s, ide_write_dma_cb);
739 }
740
741 void ide_atapi_cmd_ok(IDEState *s)
742 {
743 s->error = 0;
744 s->status = READY_STAT | SEEK_STAT;
745 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
746 ide_set_irq(s);
747 }
748
749 void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
750 {
751 #ifdef DEBUG_IDE_ATAPI
752 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
753 #endif
754 s->error = sense_key << 4;
755 s->status = READY_STAT | ERR_STAT;
756 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
757 s->sense_key = sense_key;
758 s->asc = asc;
759 ide_set_irq(s);
760 }
761
762 static void ide_atapi_cmd_check_status(IDEState *s)
763 {
764 #ifdef DEBUG_IDE_ATAPI
765 printf("atapi_cmd_check_status\n");
766 #endif
767 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
768 s->status = ERR_STAT;
769 s->nsector = 0;
770 ide_set_irq(s);
771 }
772
773 static inline void cpu_to_ube16(uint8_t *buf, int val)
774 {
775 buf[0] = val >> 8;
776 buf[1] = val & 0xff;
777 }
778
779 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
780 {
781 buf[0] = val >> 24;
782 buf[1] = val >> 16;
783 buf[2] = val >> 8;
784 buf[3] = val & 0xff;
785 }
786
787 static inline int ube16_to_cpu(const uint8_t *buf)
788 {
789 return (buf[0] << 8) | buf[1];
790 }
791
792 static inline int ube32_to_cpu(const uint8_t *buf)
793 {
794 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
795 }
796
797 static void lba_to_msf(uint8_t *buf, int lba)
798 {
799 lba += 150;
800 buf[0] = (lba / 75) / 60;
801 buf[1] = (lba / 75) % 60;
802 buf[2] = lba % 75;
803 }
804
805 static void cd_data_to_raw(uint8_t *buf, int lba)
806 {
807 /* sync bytes */
808 buf[0] = 0x00;
809 memset(buf + 1, 0xff, 10);
810 buf[11] = 0x00;
811 buf += 12;
812 /* MSF */
813 lba_to_msf(buf, lba);
814 buf[3] = 0x01; /* mode 1 data */
815 buf += 4;
816 /* data */
817 buf += 2048;
818 /* XXX: ECC not computed */
819 memset(buf, 0, 288);
820 }
821
822 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
823 int sector_size)
824 {
825 int ret;
826
827 switch(sector_size) {
828 case 2048:
829 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
830 break;
831 case 2352:
832 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
833 if (ret < 0)
834 return ret;
835 cd_data_to_raw(buf, lba);
836 break;
837 default:
838 ret = -EIO;
839 break;
840 }
841 return ret;
842 }
843
844 void ide_atapi_io_error(IDEState *s, int ret)
845 {
846 /* XXX: handle more errors */
847 if (ret == -ENOMEDIUM) {
848 ide_atapi_cmd_error(s, SENSE_NOT_READY,
849 ASC_MEDIUM_NOT_PRESENT);
850 } else {
851 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
852 ASC_LOGICAL_BLOCK_OOR);
853 }
854 }
855
856 /* The whole ATAPI transfer logic is handled in this function */
857 static void ide_atapi_cmd_reply_end(IDEState *s)
858 {
859 int byte_count_limit, size, ret;
860 #ifdef DEBUG_IDE_ATAPI
861 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
862 s->packet_transfer_size,
863 s->elementary_transfer_size,
864 s->io_buffer_index);
865 #endif
866 if (s->packet_transfer_size <= 0) {
867 /* end of transfer */
868 ide_transfer_stop(s);
869 s->status = READY_STAT | SEEK_STAT;
870 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
871 ide_set_irq(s);
872 #ifdef DEBUG_IDE_ATAPI
873 printf("status=0x%x\n", s->status);
874 #endif
875 } else {
876 /* see if a new sector must be read */
877 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
878 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
879 if (ret < 0) {
880 ide_transfer_stop(s);
881 ide_atapi_io_error(s, ret);
882 return;
883 }
884 s->lba++;
885 s->io_buffer_index = 0;
886 }
887 if (s->elementary_transfer_size > 0) {
888 /* there are some data left to transmit in this elementary
889 transfer */
890 size = s->cd_sector_size - s->io_buffer_index;
891 if (size > s->elementary_transfer_size)
892 size = s->elementary_transfer_size;
893 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
894 size, ide_atapi_cmd_reply_end);
895 s->packet_transfer_size -= size;
896 s->elementary_transfer_size -= size;
897 s->io_buffer_index += size;
898 } else {
899 /* a new transfer is needed */
900 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
901 byte_count_limit = s->lcyl | (s->hcyl << 8);
902 #ifdef DEBUG_IDE_ATAPI
903 printf("byte_count_limit=%d\n", byte_count_limit);
904 #endif
905 if (byte_count_limit == 0xffff)
906 byte_count_limit--;
907 size = s->packet_transfer_size;
908 if (size > byte_count_limit) {
909 /* byte count limit must be even if this case */
910 if (byte_count_limit & 1)
911 byte_count_limit--;
912 size = byte_count_limit;
913 }
914 s->lcyl = size;
915 s->hcyl = size >> 8;
916 s->elementary_transfer_size = size;
917 /* we cannot transmit more than one sector at a time */
918 if (s->lba != -1) {
919 if (size > (s->cd_sector_size - s->io_buffer_index))
920 size = (s->cd_sector_size - s->io_buffer_index);
921 }
922 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
923 size, ide_atapi_cmd_reply_end);
924 s->packet_transfer_size -= size;
925 s->elementary_transfer_size -= size;
926 s->io_buffer_index += size;
927 ide_set_irq(s);
928 #ifdef DEBUG_IDE_ATAPI
929 printf("status=0x%x\n", s->status);
930 #endif
931 }
932 }
933 }
934
935 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
936 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
937 {
938 if (size > max_size)
939 size = max_size;
940 s->lba = -1; /* no sector read */
941 s->packet_transfer_size = size;
942 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
943 s->elementary_transfer_size = 0;
944 s->io_buffer_index = 0;
945
946 if (s->atapi_dma) {
947 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
948 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
949 } else {
950 s->status = READY_STAT | SEEK_STAT;
951 ide_atapi_cmd_reply_end(s);
952 }
953 }
954
955 /* start a CD-CDROM read command */
956 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
957 int sector_size)
958 {
959 s->lba = lba;
960 s->packet_transfer_size = nb_sectors * sector_size;
961 s->elementary_transfer_size = 0;
962 s->io_buffer_index = sector_size;
963 s->cd_sector_size = sector_size;
964
965 s->status = READY_STAT | SEEK_STAT;
966 ide_atapi_cmd_reply_end(s);
967 }
968
969 /* ATAPI DMA support */
970
971 /* XXX: handle read errors */
972 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
973 {
974 BMDMAState *bm = opaque;
975 IDEState *s = bmdma_active_if(bm);
976 int data_offset, n;
977
978 if (ret < 0) {
979 ide_atapi_io_error(s, ret);
980 goto eot;
981 }
982
983 if (s->io_buffer_size > 0) {
984 /*
985 * For a cdrom read sector command (s->lba != -1),
986 * adjust the lba for the next s->io_buffer_size chunk
987 * and dma the current chunk.
988 * For a command != read (s->lba == -1), just transfer
989 * the reply data.
990 */
991 if (s->lba != -1) {
992 if (s->cd_sector_size == 2352) {
993 n = 1;
994 cd_data_to_raw(s->io_buffer, s->lba);
995 } else {
996 n = s->io_buffer_size >> 11;
997 }
998 s->lba += n;
999 }
1000 s->packet_transfer_size -= s->io_buffer_size;
1001 if (dma_buf_rw(bm, 1) == 0)
1002 goto eot;
1003 }
1004
1005 if (s->packet_transfer_size <= 0) {
1006 s->status = READY_STAT | SEEK_STAT;
1007 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1008 ide_set_irq(s);
1009 eot:
1010 bm->status &= ~BM_STATUS_DMAING;
1011 bm->status |= BM_STATUS_INT;
1012 bm->dma_cb = NULL;
1013 bm->unit = -1;
1014 bm->aiocb = NULL;
1015 return;
1016 }
1017
1018 s->io_buffer_index = 0;
1019 if (s->cd_sector_size == 2352) {
1020 n = 1;
1021 s->io_buffer_size = s->cd_sector_size;
1022 data_offset = 16;
1023 } else {
1024 n = s->packet_transfer_size >> 11;
1025 if (n > (IDE_DMA_BUF_SECTORS / 4))
1026 n = (IDE_DMA_BUF_SECTORS / 4);
1027 s->io_buffer_size = n * 2048;
1028 data_offset = 0;
1029 }
1030 #ifdef DEBUG_AIO
1031 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1032 #endif
1033 bm->iov.iov_base = (void *)(s->io_buffer + data_offset);
1034 bm->iov.iov_len = n * 4 * 512;
1035 qemu_iovec_init_external(&bm->qiov, &bm->iov, 1);
1036 bm->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2, &bm->qiov,
1037 n * 4, ide_atapi_cmd_read_dma_cb, bm);
1038 if (!bm->aiocb) {
1039 /* Note: media not present is the most likely case */
1040 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1041 ASC_MEDIUM_NOT_PRESENT);
1042 goto eot;
1043 }
1044 }
1045
1046 /* start a CD-CDROM read command with DMA */
1047 /* XXX: test if DMA is available */
1048 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1049 int sector_size)
1050 {
1051 s->lba = lba;
1052 s->packet_transfer_size = nb_sectors * sector_size;
1053 s->io_buffer_index = 0;
1054 s->io_buffer_size = 0;
1055 s->cd_sector_size = sector_size;
1056
1057 /* XXX: check if BUSY_STAT should be set */
1058 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1059 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1060 }
1061
1062 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1063 int sector_size)
1064 {
1065 #ifdef DEBUG_IDE_ATAPI
1066 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1067 lba, nb_sectors);
1068 #endif
1069 if (s->atapi_dma) {
1070 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1071 } else {
1072 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1073 }
1074 }
1075
1076 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1077 uint16_t profile)
1078 {
1079 uint8_t *buf_profile = buf + 12; /* start of profiles */
1080
1081 buf_profile += ((*index) * 4); /* start of indexed profile */
1082 cpu_to_ube16 (buf_profile, profile);
1083 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1084
1085 /* each profile adds 4 bytes to the response */
1086 (*index)++;
1087 buf[11] += 4; /* Additional Length */
1088
1089 return 4;
1090 }
1091
1092 static int ide_dvd_read_structure(IDEState *s, int format,
1093 const uint8_t *packet, uint8_t *buf)
1094 {
1095 switch (format) {
1096 case 0x0: /* Physical format information */
1097 {
1098 int layer = packet[6];
1099 uint64_t total_sectors;
1100
1101 if (layer != 0)
1102 return -ASC_INV_FIELD_IN_CMD_PACKET;
1103
1104 bdrv_get_geometry(s->bs, &total_sectors);
1105 total_sectors >>= 2;
1106 if (total_sectors == 0)
1107 return -ASC_MEDIUM_NOT_PRESENT;
1108
1109 buf[4] = 1; /* DVD-ROM, part version 1 */
1110 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1111 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1112 buf[7] = 0; /* default densities */
1113
1114 /* FIXME: 0x30000 per spec? */
1115 cpu_to_ube32(buf + 8, 0); /* start sector */
1116 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1117 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1118
1119 /* Size of buffer, not including 2 byte size field */
1120 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1121
1122 /* 2k data + 4 byte header */
1123 return (2048 + 4);
1124 }
1125
1126 case 0x01: /* DVD copyright information */
1127 buf[4] = 0; /* no copyright data */
1128 buf[5] = 0; /* no region restrictions */
1129
1130 /* Size of buffer, not including 2 byte size field */
1131 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1132
1133 /* 4 byte header + 4 byte data */
1134 return (4 + 4);
1135
1136 case 0x03: /* BCA information - invalid field for no BCA info */
1137 return -ASC_INV_FIELD_IN_CMD_PACKET;
1138
1139 case 0x04: /* DVD disc manufacturing information */
1140 /* Size of buffer, not including 2 byte size field */
1141 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1142
1143 /* 2k data + 4 byte header */
1144 return (2048 + 4);
1145
1146 case 0xff:
1147 /*
1148 * This lists all the command capabilities above. Add new ones
1149 * in order and update the length and buffer return values.
1150 */
1151
1152 buf[4] = 0x00; /* Physical format */
1153 buf[5] = 0x40; /* Not writable, is readable */
1154 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1155
1156 buf[8] = 0x01; /* Copyright info */
1157 buf[9] = 0x40; /* Not writable, is readable */
1158 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1159
1160 buf[12] = 0x03; /* BCA info */
1161 buf[13] = 0x40; /* Not writable, is readable */
1162 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1163
1164 buf[16] = 0x04; /* Manufacturing info */
1165 buf[17] = 0x40; /* Not writable, is readable */
1166 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1167
1168 /* Size of buffer, not including 2 byte size field */
1169 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1170
1171 /* data written + 4 byte header */
1172 return (16 + 4);
1173
1174 default: /* TODO: formats beyond DVD-ROM requires */
1175 return -ASC_INV_FIELD_IN_CMD_PACKET;
1176 }
1177 }
1178
1179 static void ide_atapi_cmd(IDEState *s)
1180 {
1181 const uint8_t *packet;
1182 uint8_t *buf;
1183 int max_len;
1184
1185 packet = s->io_buffer;
1186 buf = s->io_buffer;
1187 #ifdef DEBUG_IDE_ATAPI
1188 {
1189 int i;
1190 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1191 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1192 printf(" %02x", packet[i]);
1193 }
1194 printf("\n");
1195 }
1196 #endif
1197 /* If there's a UNIT_ATTENTION condition pending, only
1198 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1199 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1200 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1201 s->io_buffer[0] != GPCMD_INQUIRY) {
1202 ide_atapi_cmd_check_status(s);
1203 return;
1204 }
1205 switch(s->io_buffer[0]) {
1206 case GPCMD_TEST_UNIT_READY:
1207 if (bdrv_is_inserted(s->bs) && !s->cdrom_changed) {
1208 ide_atapi_cmd_ok(s);
1209 } else {
1210 s->cdrom_changed = 0;
1211 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1212 ASC_MEDIUM_NOT_PRESENT);
1213 }
1214 break;
1215 case GPCMD_MODE_SENSE_6:
1216 case GPCMD_MODE_SENSE_10:
1217 {
1218 int action, code;
1219 if (packet[0] == GPCMD_MODE_SENSE_10)
1220 max_len = ube16_to_cpu(packet + 7);
1221 else
1222 max_len = packet[4];
1223 action = packet[2] >> 6;
1224 code = packet[2] & 0x3f;
1225 switch(action) {
1226 case 0: /* current values */
1227 switch(code) {
1228 case 0x01: /* error recovery */
1229 cpu_to_ube16(&buf[0], 16 + 6);
1230 buf[2] = 0x70;
1231 buf[3] = 0;
1232 buf[4] = 0;
1233 buf[5] = 0;
1234 buf[6] = 0;
1235 buf[7] = 0;
1236
1237 buf[8] = 0x01;
1238 buf[9] = 0x06;
1239 buf[10] = 0x00;
1240 buf[11] = 0x05;
1241 buf[12] = 0x00;
1242 buf[13] = 0x00;
1243 buf[14] = 0x00;
1244 buf[15] = 0x00;
1245 ide_atapi_cmd_reply(s, 16, max_len);
1246 break;
1247 case 0x2a:
1248 cpu_to_ube16(&buf[0], 28 + 6);
1249 buf[2] = 0x70;
1250 buf[3] = 0;
1251 buf[4] = 0;
1252 buf[5] = 0;
1253 buf[6] = 0;
1254 buf[7] = 0;
1255
1256 buf[8] = 0x2a;
1257 buf[9] = 0x12;
1258 buf[10] = 0x00;
1259 buf[11] = 0x00;
1260
1261 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1262 code checks for this to automount media. */
1263 buf[12] = 0x71;
1264 buf[13] = 3 << 5;
1265 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1266 if (bdrv_is_locked(s->bs))
1267 buf[6] |= 1 << 1;
1268 buf[15] = 0x00;
1269 cpu_to_ube16(&buf[16], 706);
1270 buf[18] = 0;
1271 buf[19] = 2;
1272 cpu_to_ube16(&buf[20], 512);
1273 cpu_to_ube16(&buf[22], 706);
1274 buf[24] = 0;
1275 buf[25] = 0;
1276 buf[26] = 0;
1277 buf[27] = 0;
1278 ide_atapi_cmd_reply(s, 28, max_len);
1279 break;
1280 default:
1281 goto error_cmd;
1282 }
1283 break;
1284 case 1: /* changeable values */
1285 goto error_cmd;
1286 case 2: /* default values */
1287 goto error_cmd;
1288 default:
1289 case 3: /* saved values */
1290 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1291 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1292 break;
1293 }
1294 }
1295 break;
1296 case GPCMD_REQUEST_SENSE:
1297 max_len = packet[4];
1298 memset(buf, 0, 18);
1299 buf[0] = 0x70 | (1 << 7);
1300 buf[2] = s->sense_key;
1301 buf[7] = 10;
1302 buf[12] = s->asc;
1303 if (s->sense_key == SENSE_UNIT_ATTENTION)
1304 s->sense_key = SENSE_NONE;
1305 ide_atapi_cmd_reply(s, 18, max_len);
1306 break;
1307 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1308 if (bdrv_is_inserted(s->bs)) {
1309 bdrv_set_locked(s->bs, packet[4] & 1);
1310 ide_atapi_cmd_ok(s);
1311 } else {
1312 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1313 ASC_MEDIUM_NOT_PRESENT);
1314 }
1315 break;
1316 case GPCMD_READ_10:
1317 case GPCMD_READ_12:
1318 {
1319 int nb_sectors, lba;
1320
1321 if (packet[0] == GPCMD_READ_10)
1322 nb_sectors = ube16_to_cpu(packet + 7);
1323 else
1324 nb_sectors = ube32_to_cpu(packet + 6);
1325 lba = ube32_to_cpu(packet + 2);
1326 if (nb_sectors == 0) {
1327 ide_atapi_cmd_ok(s);
1328 break;
1329 }
1330 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1331 }
1332 break;
1333 case GPCMD_READ_CD:
1334 {
1335 int nb_sectors, lba, transfer_request;
1336
1337 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1338 lba = ube32_to_cpu(packet + 2);
1339 if (nb_sectors == 0) {
1340 ide_atapi_cmd_ok(s);
1341 break;
1342 }
1343 transfer_request = packet[9];
1344 switch(transfer_request & 0xf8) {
1345 case 0x00:
1346 /* nothing */
1347 ide_atapi_cmd_ok(s);
1348 break;
1349 case 0x10:
1350 /* normal read */
1351 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1352 break;
1353 case 0xf8:
1354 /* read all data */
1355 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1356 break;
1357 default:
1358 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1359 ASC_INV_FIELD_IN_CMD_PACKET);
1360 break;
1361 }
1362 }
1363 break;
1364 case GPCMD_SEEK:
1365 {
1366 unsigned int lba;
1367 uint64_t total_sectors;
1368
1369 bdrv_get_geometry(s->bs, &total_sectors);
1370 total_sectors >>= 2;
1371 if (total_sectors == 0) {
1372 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1373 ASC_MEDIUM_NOT_PRESENT);
1374 break;
1375 }
1376 lba = ube32_to_cpu(packet + 2);
1377 if (lba >= total_sectors) {
1378 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1379 ASC_LOGICAL_BLOCK_OOR);
1380 break;
1381 }
1382 ide_atapi_cmd_ok(s);
1383 }
1384 break;
1385 case GPCMD_START_STOP_UNIT:
1386 {
1387 int start, eject, err = 0;
1388 start = packet[4] & 1;
1389 eject = (packet[4] >> 1) & 1;
1390
1391 if (eject) {
1392 err = bdrv_eject(s->bs, !start);
1393 }
1394
1395 switch (err) {
1396 case 0:
1397 ide_atapi_cmd_ok(s);
1398 break;
1399 case -EBUSY:
1400 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1401 ASC_MEDIA_REMOVAL_PREVENTED);
1402 break;
1403 default:
1404 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1405 ASC_MEDIUM_NOT_PRESENT);
1406 break;
1407 }
1408 }
1409 break;
1410 case GPCMD_MECHANISM_STATUS:
1411 {
1412 max_len = ube16_to_cpu(packet + 8);
1413 cpu_to_ube16(buf, 0);
1414 /* no current LBA */
1415 buf[2] = 0;
1416 buf[3] = 0;
1417 buf[4] = 0;
1418 buf[5] = 1;
1419 cpu_to_ube16(buf + 6, 0);
1420 ide_atapi_cmd_reply(s, 8, max_len);
1421 }
1422 break;
1423 case GPCMD_READ_TOC_PMA_ATIP:
1424 {
1425 int format, msf, start_track, len;
1426 uint64_t total_sectors;
1427
1428 bdrv_get_geometry(s->bs, &total_sectors);
1429 total_sectors >>= 2;
1430 if (total_sectors == 0) {
1431 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1432 ASC_MEDIUM_NOT_PRESENT);
1433 break;
1434 }
1435 max_len = ube16_to_cpu(packet + 7);
1436 format = packet[9] >> 6;
1437 msf = (packet[1] >> 1) & 1;
1438 start_track = packet[6];
1439 switch(format) {
1440 case 0:
1441 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1442 if (len < 0)
1443 goto error_cmd;
1444 ide_atapi_cmd_reply(s, len, max_len);
1445 break;
1446 case 1:
1447 /* multi session : only a single session defined */
1448 memset(buf, 0, 12);
1449 buf[1] = 0x0a;
1450 buf[2] = 0x01;
1451 buf[3] = 0x01;
1452 ide_atapi_cmd_reply(s, 12, max_len);
1453 break;
1454 case 2:
1455 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1456 if (len < 0)
1457 goto error_cmd;
1458 ide_atapi_cmd_reply(s, len, max_len);
1459 break;
1460 default:
1461 error_cmd:
1462 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1463 ASC_INV_FIELD_IN_CMD_PACKET);
1464 break;
1465 }
1466 }
1467 break;
1468 case GPCMD_READ_CDVD_CAPACITY:
1469 {
1470 uint64_t total_sectors;
1471
1472 bdrv_get_geometry(s->bs, &total_sectors);
1473 total_sectors >>= 2;
1474 if (total_sectors == 0) {
1475 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1476 ASC_MEDIUM_NOT_PRESENT);
1477 break;
1478 }
1479 /* NOTE: it is really the number of sectors minus 1 */
1480 cpu_to_ube32(buf, total_sectors - 1);
1481 cpu_to_ube32(buf + 4, 2048);
1482 ide_atapi_cmd_reply(s, 8, 8);
1483 }
1484 break;
1485 case GPCMD_READ_DVD_STRUCTURE:
1486 {
1487 int media = packet[1];
1488 int format = packet[7];
1489 int ret;
1490
1491 max_len = ube16_to_cpu(packet + 8);
1492
1493 if (format < 0xff) {
1494 if (media_is_cd(s)) {
1495 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1496 ASC_INCOMPATIBLE_FORMAT);
1497 break;
1498 } else if (!media_present(s)) {
1499 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1500 ASC_INV_FIELD_IN_CMD_PACKET);
1501 break;
1502 }
1503 }
1504
1505 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1506 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1507
1508 switch (format) {
1509 case 0x00 ... 0x7f:
1510 case 0xff:
1511 if (media == 0) {
1512 ret = ide_dvd_read_structure(s, format, packet, buf);
1513
1514 if (ret < 0)
1515 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1516 else
1517 ide_atapi_cmd_reply(s, ret, max_len);
1518
1519 break;
1520 }
1521 /* TODO: BD support, fall through for now */
1522
1523 /* Generic disk structures */
1524 case 0x80: /* TODO: AACS volume identifier */
1525 case 0x81: /* TODO: AACS media serial number */
1526 case 0x82: /* TODO: AACS media identifier */
1527 case 0x83: /* TODO: AACS media key block */
1528 case 0x90: /* TODO: List of recognized format layers */
1529 case 0xc0: /* TODO: Write protection status */
1530 default:
1531 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1532 ASC_INV_FIELD_IN_CMD_PACKET);
1533 break;
1534 }
1535 }
1536 break;
1537 case GPCMD_SET_SPEED:
1538 ide_atapi_cmd_ok(s);
1539 break;
1540 case GPCMD_INQUIRY:
1541 max_len = packet[4];
1542 buf[0] = 0x05; /* CD-ROM */
1543 buf[1] = 0x80; /* removable */
1544 buf[2] = 0x00; /* ISO */
1545 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1546 buf[4] = 31; /* additional length */
1547 buf[5] = 0; /* reserved */
1548 buf[6] = 0; /* reserved */
1549 buf[7] = 0; /* reserved */
1550 padstr8(buf + 8, 8, "QEMU");
1551 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1552 padstr8(buf + 32, 4, QEMU_VERSION);
1553 ide_atapi_cmd_reply(s, 36, max_len);
1554 break;
1555 case GPCMD_GET_CONFIGURATION:
1556 {
1557 uint32_t len;
1558 uint8_t index = 0;
1559
1560 /* only feature 0 is supported */
1561 if (packet[2] != 0 || packet[3] != 0) {
1562 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1563 ASC_INV_FIELD_IN_CMD_PACKET);
1564 break;
1565 }
1566
1567 /* XXX: could result in alignment problems in some architectures */
1568 max_len = ube16_to_cpu(packet + 7);
1569
1570 /*
1571 * XXX: avoid overflow for io_buffer if max_len is bigger than
1572 * the size of that buffer (dimensioned to max number of
1573 * sectors to transfer at once)
1574 *
1575 * Only a problem if the feature/profiles grow.
1576 */
1577 if (max_len > 512) /* XXX: assume 1 sector */
1578 max_len = 512;
1579
1580 memset(buf, 0, max_len);
1581 /*
1582 * the number of sectors from the media tells us which profile
1583 * to use as current. 0 means there is no media
1584 */
1585 if (media_is_dvd(s))
1586 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1587 else if (media_is_cd(s))
1588 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1589
1590 buf[10] = 0x02 | 0x01; /* persistent and current */
1591 len = 12; /* headers: 8 + 4 */
1592 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1593 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1594 cpu_to_ube32(buf, len - 4); /* data length */
1595
1596 ide_atapi_cmd_reply(s, len, max_len);
1597 break;
1598 }
1599 default:
1600 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1601 ASC_ILLEGAL_OPCODE);
1602 break;
1603 }
1604 }
1605
1606 static void ide_cfata_metadata_inquiry(IDEState *s)
1607 {
1608 uint16_t *p;
1609 uint32_t spd;
1610
1611 p = (uint16_t *) s->io_buffer;
1612 memset(p, 0, 0x200);
1613 spd = ((s->mdata_size - 1) >> 9) + 1;
1614
1615 put_le16(p + 0, 0x0001); /* Data format revision */
1616 put_le16(p + 1, 0x0000); /* Media property: silicon */
1617 put_le16(p + 2, s->media_changed); /* Media status */
1618 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1619 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1620 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1621 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1622 }
1623
1624 static void ide_cfata_metadata_read(IDEState *s)
1625 {
1626 uint16_t *p;
1627
1628 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1629 s->status = ERR_STAT;
1630 s->error = ABRT_ERR;
1631 return;
1632 }
1633
1634 p = (uint16_t *) s->io_buffer;
1635 memset(p, 0, 0x200);
1636
1637 put_le16(p + 0, s->media_changed); /* Media status */
1638 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1639 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1640 s->nsector << 9), 0x200 - 2));
1641 }
1642
1643 static void ide_cfata_metadata_write(IDEState *s)
1644 {
1645 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1646 s->status = ERR_STAT;
1647 s->error = ABRT_ERR;
1648 return;
1649 }
1650
1651 s->media_changed = 0;
1652
1653 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1654 s->io_buffer + 2,
1655 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1656 s->nsector << 9), 0x200 - 2));
1657 }
1658
1659 /* called when the inserted state of the media has changed */
1660 static void cdrom_change_cb(void *opaque)
1661 {
1662 IDEState *s = opaque;
1663 uint64_t nb_sectors;
1664
1665 bdrv_get_geometry(s->bs, &nb_sectors);
1666 s->nb_sectors = nb_sectors;
1667
1668 s->sense_key = SENSE_UNIT_ATTENTION;
1669 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
1670 s->cdrom_changed = 1;
1671 ide_set_irq(s);
1672 }
1673
1674 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1675 {
1676 s->lba48 = lba48;
1677
1678 /* handle the 'magic' 0 nsector count conversion here. to avoid
1679 * fiddling with the rest of the read logic, we just store the
1680 * full sector count in ->nsector and ignore ->hob_nsector from now
1681 */
1682 if (!s->lba48) {
1683 if (!s->nsector)
1684 s->nsector = 256;
1685 } else {
1686 if (!s->nsector && !s->hob_nsector)
1687 s->nsector = 65536;
1688 else {
1689 int lo = s->nsector;
1690 int hi = s->hob_nsector;
1691
1692 s->nsector = (hi << 8) | lo;
1693 }
1694 }
1695 }
1696
1697 static void ide_clear_hob(IDEBus *bus)
1698 {
1699 /* any write clears HOB high bit of device control register */
1700 bus->ifs[0].select &= ~(1 << 7);
1701 bus->ifs[1].select &= ~(1 << 7);
1702 }
1703
1704 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1705 {
1706 IDEBus *bus = opaque;
1707 IDEState *s;
1708 int n;
1709 int lba48 = 0;
1710
1711 #ifdef DEBUG_IDE
1712 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1713 #endif
1714
1715 addr &= 7;
1716
1717 /* ignore writes to command block while busy with previous command */
1718 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
1719 return;
1720
1721 switch(addr) {
1722 case 0:
1723 break;
1724 case 1:
1725 ide_clear_hob(bus);
1726 /* NOTE: data is written to the two drives */
1727 bus->ifs[0].hob_feature = bus->ifs[0].feature;
1728 bus->ifs[1].hob_feature = bus->ifs[1].feature;
1729 bus->ifs[0].feature = val;
1730 bus->ifs[1].feature = val;
1731 break;
1732 case 2:
1733 ide_clear_hob(bus);
1734 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1735 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
1736 bus->ifs[0].nsector = val;
1737 bus->ifs[1].nsector = val;
1738 break;
1739 case 3:
1740 ide_clear_hob(bus);
1741 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1742 bus->ifs[1].hob_sector = bus->ifs[1].sector;
1743 bus->ifs[0].sector = val;
1744 bus->ifs[1].sector = val;
1745 break;
1746 case 4:
1747 ide_clear_hob(bus);
1748 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1749 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
1750 bus->ifs[0].lcyl = val;
1751 bus->ifs[1].lcyl = val;
1752 break;
1753 case 5:
1754 ide_clear_hob(bus);
1755 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1756 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
1757 bus->ifs[0].hcyl = val;
1758 bus->ifs[1].hcyl = val;
1759 break;
1760 case 6:
1761 /* FIXME: HOB readback uses bit 7 */
1762 bus->ifs[0].select = (val & ~0x10) | 0xa0;
1763 bus->ifs[1].select = (val | 0x10) | 0xa0;
1764 /* select drive */
1765 bus->unit = (val >> 4) & 1;
1766 break;
1767 default:
1768 case 7:
1769 /* command */
1770 #if defined(DEBUG_IDE)
1771 printf("ide: CMD=%02x\n", val);
1772 #endif
1773 s = idebus_active_if(bus);
1774 /* ignore commands to non existant slave */
1775 if (s != bus->ifs && !s->bs)
1776 break;
1777
1778 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1779 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1780 break;
1781
1782 switch(val) {
1783 case WIN_IDENTIFY:
1784 if (s->bs && !s->is_cdrom) {
1785 if (!s->is_cf)
1786 ide_identify(s);
1787 else
1788 ide_cfata_identify(s);
1789 s->status = READY_STAT | SEEK_STAT;
1790 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1791 } else {
1792 if (s->is_cdrom) {
1793 ide_set_signature(s);
1794 }
1795 ide_abort_command(s);
1796 }
1797 ide_set_irq(s);
1798 break;
1799 case WIN_SPECIFY:
1800 case WIN_RECAL:
1801 s->error = 0;
1802 s->status = READY_STAT | SEEK_STAT;
1803 ide_set_irq(s);
1804 break;
1805 case WIN_SETMULT:
1806 if (s->is_cf && s->nsector == 0) {
1807 /* Disable Read and Write Multiple */
1808 s->mult_sectors = 0;
1809 s->status = READY_STAT | SEEK_STAT;
1810 } else if ((s->nsector & 0xff) != 0 &&
1811 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1812 (s->nsector & (s->nsector - 1)) != 0)) {
1813 ide_abort_command(s);
1814 } else {
1815 s->mult_sectors = s->nsector & 0xff;
1816 s->status = READY_STAT | SEEK_STAT;
1817 }
1818 ide_set_irq(s);
1819 break;
1820 case WIN_VERIFY_EXT:
1821 lba48 = 1;
1822 case WIN_VERIFY:
1823 case WIN_VERIFY_ONCE:
1824 /* do sector number check ? */
1825 ide_cmd_lba48_transform(s, lba48);
1826 s->status = READY_STAT | SEEK_STAT;
1827 ide_set_irq(s);
1828 break;
1829 case WIN_READ_EXT:
1830 lba48 = 1;
1831 case WIN_READ:
1832 case WIN_READ_ONCE:
1833 if (!s->bs)
1834 goto abort_cmd;
1835 ide_cmd_lba48_transform(s, lba48);
1836 s->req_nb_sectors = 1;
1837 ide_sector_read(s);
1838 break;
1839 case WIN_WRITE_EXT:
1840 lba48 = 1;
1841 case WIN_WRITE:
1842 case WIN_WRITE_ONCE:
1843 case CFA_WRITE_SECT_WO_ERASE:
1844 case WIN_WRITE_VERIFY:
1845 ide_cmd_lba48_transform(s, lba48);
1846 s->error = 0;
1847 s->status = SEEK_STAT | READY_STAT;
1848 s->req_nb_sectors = 1;
1849 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1850 s->media_changed = 1;
1851 break;
1852 case WIN_MULTREAD_EXT:
1853 lba48 = 1;
1854 case WIN_MULTREAD:
1855 if (!s->mult_sectors)
1856 goto abort_cmd;
1857 ide_cmd_lba48_transform(s, lba48);
1858 s->req_nb_sectors = s->mult_sectors;
1859 ide_sector_read(s);
1860 break;
1861 case WIN_MULTWRITE_EXT:
1862 lba48 = 1;
1863 case WIN_MULTWRITE:
1864 case CFA_WRITE_MULTI_WO_ERASE:
1865 if (!s->mult_sectors)
1866 goto abort_cmd;
1867 ide_cmd_lba48_transform(s, lba48);
1868 s->error = 0;
1869 s->status = SEEK_STAT | READY_STAT;
1870 s->req_nb_sectors = s->mult_sectors;
1871 n = s->nsector;
1872 if (n > s->req_nb_sectors)
1873 n = s->req_nb_sectors;
1874 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1875 s->media_changed = 1;
1876 break;
1877 case WIN_READDMA_EXT:
1878 lba48 = 1;
1879 case WIN_READDMA:
1880 case WIN_READDMA_ONCE:
1881 if (!s->bs)
1882 goto abort_cmd;
1883 ide_cmd_lba48_transform(s, lba48);
1884 ide_sector_read_dma(s);
1885 break;
1886 case WIN_WRITEDMA_EXT:
1887 lba48 = 1;
1888 case WIN_WRITEDMA:
1889 case WIN_WRITEDMA_ONCE:
1890 if (!s->bs)
1891 goto abort_cmd;
1892 ide_cmd_lba48_transform(s, lba48);
1893 ide_sector_write_dma(s);
1894 s->media_changed = 1;
1895 break;
1896 case WIN_READ_NATIVE_MAX_EXT:
1897 lba48 = 1;
1898 case WIN_READ_NATIVE_MAX:
1899 ide_cmd_lba48_transform(s, lba48);
1900 ide_set_sector(s, s->nb_sectors - 1);
1901 s->status = READY_STAT | SEEK_STAT;
1902 ide_set_irq(s);
1903 break;
1904 case WIN_CHECKPOWERMODE1:
1905 case WIN_CHECKPOWERMODE2:
1906 s->nsector = 0xff; /* device active or idle */
1907 s->status = READY_STAT | SEEK_STAT;
1908 ide_set_irq(s);
1909 break;
1910 case WIN_SETFEATURES:
1911 if (!s->bs)
1912 goto abort_cmd;
1913 /* XXX: valid for CDROM ? */
1914 switch(s->feature) {
1915 case 0xcc: /* reverting to power-on defaults enable */
1916 case 0x66: /* reverting to power-on defaults disable */
1917 case 0x02: /* write cache enable */
1918 case 0x82: /* write cache disable */
1919 case 0xaa: /* read look-ahead enable */
1920 case 0x55: /* read look-ahead disable */
1921 case 0x05: /* set advanced power management mode */
1922 case 0x85: /* disable advanced power management mode */
1923 case 0x69: /* NOP */
1924 case 0x67: /* NOP */
1925 case 0x96: /* NOP */
1926 case 0x9a: /* NOP */
1927 case 0x42: /* enable Automatic Acoustic Mode */
1928 case 0xc2: /* disable Automatic Acoustic Mode */
1929 s->status = READY_STAT | SEEK_STAT;
1930 ide_set_irq(s);
1931 break;
1932 case 0x03: { /* set transfer mode */
1933 uint8_t val = s->nsector & 0x07;
1934
1935 switch (s->nsector >> 3) {
1936 case 0x00: /* pio default */
1937 case 0x01: /* pio mode */
1938 put_le16(s->identify_data + 62,0x07);
1939 put_le16(s->identify_data + 63,0x07);
1940 put_le16(s->identify_data + 88,0x3f);
1941 break;
1942 case 0x02: /* sigle word dma mode*/
1943 put_le16(s->identify_data + 62,0x07 | (1 << (val + 8)));
1944 put_le16(s->identify_data + 63,0x07);
1945 put_le16(s->identify_data + 88,0x3f);
1946 break;
1947 case 0x04: /* mdma mode */
1948 put_le16(s->identify_data + 62,0x07);
1949 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
1950 put_le16(s->identify_data + 88,0x3f);
1951 break;
1952 case 0x08: /* udma mode */
1953 put_le16(s->identify_data + 62,0x07);
1954 put_le16(s->identify_data + 63,0x07);
1955 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
1956 break;
1957 default:
1958 goto abort_cmd;
1959 }
1960 s->status = READY_STAT | SEEK_STAT;
1961 ide_set_irq(s);
1962 break;
1963 }
1964 default:
1965 goto abort_cmd;
1966 }
1967 break;
1968 case WIN_FLUSH_CACHE:
1969 case WIN_FLUSH_CACHE_EXT:
1970 if (s->bs)
1971 bdrv_flush(s->bs);
1972 s->status = READY_STAT | SEEK_STAT;
1973 ide_set_irq(s);
1974 break;
1975 case WIN_STANDBY:
1976 case WIN_STANDBY2:
1977 case WIN_STANDBYNOW1:
1978 case WIN_STANDBYNOW2:
1979 case WIN_IDLEIMMEDIATE:
1980 case CFA_IDLEIMMEDIATE:
1981 case WIN_SETIDLE1:
1982 case WIN_SETIDLE2:
1983 case WIN_SLEEPNOW1:
1984 case WIN_SLEEPNOW2:
1985 s->status = READY_STAT;
1986 ide_set_irq(s);
1987 break;
1988 case WIN_SEEK:
1989 if(s->is_cdrom)
1990 goto abort_cmd;
1991 /* XXX: Check that seek is within bounds */
1992 s->status = READY_STAT | SEEK_STAT;
1993 ide_set_irq(s);
1994 break;
1995 /* ATAPI commands */
1996 case WIN_PIDENTIFY:
1997 if (s->is_cdrom) {
1998 ide_atapi_identify(s);
1999 s->status = READY_STAT | SEEK_STAT;
2000 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2001 } else {
2002 ide_abort_command(s);
2003 }
2004 ide_set_irq(s);
2005 break;
2006 case WIN_DIAGNOSE:
2007 ide_set_signature(s);
2008 if (s->is_cdrom)
2009 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2010 * devices to return a clear status register
2011 * with READY_STAT *not* set. */
2012 else
2013 s->status = READY_STAT | SEEK_STAT;
2014 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2015 * present.
2016 */
2017 ide_set_irq(s);
2018 break;
2019 case WIN_SRST:
2020 if (!s->is_cdrom)
2021 goto abort_cmd;
2022 ide_set_signature(s);
2023 s->status = 0x00; /* NOTE: READY is _not_ set */
2024 s->error = 0x01;
2025 break;
2026 case WIN_PACKETCMD:
2027 if (!s->is_cdrom)
2028 goto abort_cmd;
2029 /* overlapping commands not supported */
2030 if (s->feature & 0x02)
2031 goto abort_cmd;
2032 s->status = READY_STAT | SEEK_STAT;
2033 s->atapi_dma = s->feature & 1;
2034 s->nsector = 1;
2035 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2036 ide_atapi_cmd);
2037 break;
2038 /* CF-ATA commands */
2039 case CFA_REQ_EXT_ERROR_CODE:
2040 if (!s->is_cf)
2041 goto abort_cmd;
2042 s->error = 0x09; /* miscellaneous error */
2043 s->status = READY_STAT | SEEK_STAT;
2044 ide_set_irq(s);
2045 break;
2046 case CFA_ERASE_SECTORS:
2047 case CFA_WEAR_LEVEL:
2048 if (!s->is_cf)
2049 goto abort_cmd;
2050 if (val == CFA_WEAR_LEVEL)
2051 s->nsector = 0;
2052 if (val == CFA_ERASE_SECTORS)
2053 s->media_changed = 1;
2054 s->error = 0x00;
2055 s->status = READY_STAT | SEEK_STAT;
2056 ide_set_irq(s);
2057 break;
2058 case CFA_TRANSLATE_SECTOR:
2059 if (!s->is_cf)
2060 goto abort_cmd;
2061 s->error = 0x00;
2062 s->status = READY_STAT | SEEK_STAT;
2063 memset(s->io_buffer, 0, 0x200);
2064 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2065 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2066 s->io_buffer[0x02] = s->select; /* Head */
2067 s->io_buffer[0x03] = s->sector; /* Sector */
2068 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2069 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2070 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2071 s->io_buffer[0x13] = 0x00; /* Erase flag */
2072 s->io_buffer[0x18] = 0x00; /* Hot count */
2073 s->io_buffer[0x19] = 0x00; /* Hot count */
2074 s->io_buffer[0x1a] = 0x01; /* Hot count */
2075 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2076 ide_set_irq(s);
2077 break;
2078 case CFA_ACCESS_METADATA_STORAGE:
2079 if (!s->is_cf)
2080 goto abort_cmd;
2081 switch (s->feature) {
2082 case 0x02: /* Inquiry Metadata Storage */
2083 ide_cfata_metadata_inquiry(s);
2084 break;
2085 case 0x03: /* Read Metadata Storage */
2086 ide_cfata_metadata_read(s);
2087 break;
2088 case 0x04: /* Write Metadata Storage */
2089 ide_cfata_metadata_write(s);
2090 break;
2091 default:
2092 goto abort_cmd;
2093 }
2094 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2095 s->status = 0x00; /* NOTE: READY is _not_ set */
2096 ide_set_irq(s);
2097 break;
2098 case IBM_SENSE_CONDITION:
2099 if (!s->is_cf)
2100 goto abort_cmd;
2101 switch (s->feature) {
2102 case 0x01: /* sense temperature in device */
2103 s->nsector = 0x50; /* +20 C */
2104 break;
2105 default:
2106 goto abort_cmd;
2107 }
2108 s->status = READY_STAT | SEEK_STAT;
2109 ide_set_irq(s);
2110 break;
2111
2112 case WIN_SMART:
2113 if (s->is_cdrom)
2114 goto abort_cmd;
2115 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
2116 goto abort_cmd;
2117 if (!s->smart_enabled && s->feature != SMART_ENABLE)
2118 goto abort_cmd;
2119 switch (s->feature) {
2120 case SMART_DISABLE:
2121 s->smart_enabled = 0;
2122 s->status = READY_STAT | SEEK_STAT;
2123 ide_set_irq(s);
2124 break;
2125 case SMART_ENABLE:
2126 s->smart_enabled = 1;
2127 s->status = READY_STAT | SEEK_STAT;
2128 ide_set_irq(s);
2129 break;
2130 case SMART_ATTR_AUTOSAVE:
2131 switch (s->sector) {
2132 case 0x00:
2133 s->smart_autosave = 0;
2134 break;
2135 case 0xf1:
2136 s->smart_autosave = 1;
2137 break;
2138 default:
2139 goto abort_cmd;
2140 }
2141 s->status = READY_STAT | SEEK_STAT;
2142 ide_set_irq(s);
2143 break;
2144 case SMART_STATUS:
2145 if (!s->smart_errors) {
2146 s->hcyl = 0xc2;
2147 s->lcyl = 0x4f;
2148 } else {
2149 s->hcyl = 0x2c;
2150 s->lcyl = 0xf4;
2151 }
2152 s->status = READY_STAT | SEEK_STAT;
2153 ide_set_irq(s);
2154 break;
2155 case SMART_READ_THRESH:
2156 memset(s->io_buffer, 0, 0x200);
2157 s->io_buffer[0] = 0x01; /* smart struct version */
2158 for (n=0; n<30; n++) {
2159 if (smart_attributes[n][0] == 0)
2160 break;
2161 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2162 s->io_buffer[2+1+(n*12)] = smart_attributes[n][4];
2163 }
2164 for (n=0; n<511; n++) /* checksum */
2165 s->io_buffer[511] += s->io_buffer[n];
2166 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2167 s->status = READY_STAT | SEEK_STAT;
2168 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2169 ide_set_irq(s);
2170 break;
2171 case SMART_READ_DATA:
2172 memset(s->io_buffer, 0, 0x200);
2173 s->io_buffer[0] = 0x01; /* smart struct version */
2174 for (n=0; n<30; n++) {
2175 if (smart_attributes[n][0] == 0)
2176 break;
2177 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2178 s->io_buffer[2+1+(n*12)] = smart_attributes[n][1];
2179 s->io_buffer[2+3+(n*12)] = smart_attributes[n][2];
2180 s->io_buffer[2+4+(n*12)] = smart_attributes[n][3];
2181 }
2182 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
2183 if (s->smart_selftest_count == 0) {
2184 s->io_buffer[363] = 0;
2185 } else {
2186 s->io_buffer[363] =
2187 s->smart_selftest_data[3 +
2188 (s->smart_selftest_count - 1) *
2189 24];
2190 }
2191 s->io_buffer[364] = 0x20;
2192 s->io_buffer[365] = 0x01;
2193 /* offline data collection capacity: execute + self-test*/
2194 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
2195 s->io_buffer[368] = 0x03; /* smart capability (1) */
2196 s->io_buffer[369] = 0x00; /* smart capability (2) */
2197 s->io_buffer[370] = 0x01; /* error logging supported */
2198 s->io_buffer[372] = 0x02; /* minutes for poll short test */
2199 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
2200 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
2201
2202 for (n=0; n<511; n++)
2203 s->io_buffer[511] += s->io_buffer[n];
2204 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2205 s->status = READY_STAT | SEEK_STAT;
2206 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2207 ide_set_irq(s);
2208 break;
2209 case SMART_READ_LOG:
2210 switch (s->sector) {
2211 case 0x01: /* summary smart error log */
2212 memset(s->io_buffer, 0, 0x200);
2213 s->io_buffer[0] = 0x01;
2214 s->io_buffer[1] = 0x00; /* no error entries */
2215 s->io_buffer[452] = s->smart_errors & 0xff;
2216 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
2217
2218 for (n=0; n<511; n++)
2219 s->io_buffer[511] += s->io_buffer[n];
2220 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2221 break;
2222 case 0x06: /* smart self test log */
2223 memset(s->io_buffer, 0, 0x200);
2224 s->io_buffer[0] = 0x01;
2225 if (s->smart_selftest_count == 0) {
2226 s->io_buffer[508] = 0;
2227 } else {
2228 s->io_buffer[508] = s->smart_selftest_count;
2229 for (n=2; n<506; n++)
2230 s->io_buffer[n] = s->smart_selftest_data[n];
2231 }
2232 for (n=0; n<511; n++)
2233 s->io_buffer[511] += s->io_buffer[n];
2234 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2235 break;
2236 default:
2237 goto abort_cmd;
2238 }
2239 s->status = READY_STAT | SEEK_STAT;
2240 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2241 ide_set_irq(s);
2242 break;
2243 case SMART_EXECUTE_OFFLINE:
2244 switch (s->sector) {
2245 case 0: /* off-line routine */
2246 case 1: /* short self test */
2247 case 2: /* extended self test */
2248 s->smart_selftest_count++;
2249 if(s->smart_selftest_count > 21)
2250 s->smart_selftest_count = 0;
2251 n = 2 + (s->smart_selftest_count - 1) * 24;
2252 s->smart_selftest_data[n] = s->sector;
2253 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
2254 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
2255 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
2256 s->status = READY_STAT | SEEK_STAT;
2257 ide_set_irq(s);
2258 break;
2259 default:
2260 goto abort_cmd;
2261 }
2262 break;
2263 default:
2264 goto abort_cmd;
2265 }
2266 break;
2267 default:
2268 abort_cmd:
2269 ide_abort_command(s);
2270 ide_set_irq(s);
2271 break;
2272 }
2273 }
2274 }
2275
2276 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2277 {
2278 IDEBus *bus = opaque;
2279 IDEState *s = idebus_active_if(bus);
2280 uint32_t addr;
2281 int ret, hob;
2282
2283 addr = addr1 & 7;
2284 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2285 //hob = s->select & (1 << 7);
2286 hob = 0;
2287 switch(addr) {
2288 case 0:
2289 ret = 0xff;
2290 break;
2291 case 1:
2292 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2293 (s != bus->ifs && !s->bs))
2294 ret = 0;
2295 else if (!hob)
2296 ret = s->error;
2297 else
2298 ret = s->hob_feature;
2299 break;
2300 case 2:
2301 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2302 ret = 0;
2303 else if (!hob)
2304 ret = s->nsector & 0xff;
2305 else
2306 ret = s->hob_nsector;
2307 break;
2308 case 3:
2309 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2310 ret = 0;
2311 else if (!hob)
2312 ret = s->sector;
2313 else
2314 ret = s->hob_sector;
2315 break;
2316 case 4:
2317 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2318 ret = 0;
2319 else if (!hob)
2320 ret = s->lcyl;
2321 else
2322 ret = s->hob_lcyl;
2323 break;
2324 case 5:
2325 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2326 ret = 0;
2327 else if (!hob)
2328 ret = s->hcyl;
2329 else
2330 ret = s->hob_hcyl;
2331 break;
2332 case 6:
2333 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2334 ret = 0;
2335 else
2336 ret = s->select;
2337 break;
2338 default:
2339 case 7:
2340 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2341 (s != bus->ifs && !s->bs))
2342 ret = 0;
2343 else
2344 ret = s->status;
2345 qemu_irq_lower(s->irq);
2346 break;
2347 }
2348 #ifdef DEBUG_IDE
2349 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2350 #endif
2351 return ret;
2352 }
2353
2354 uint32_t ide_status_read(void *opaque, uint32_t addr)
2355 {
2356 IDEBus *bus = opaque;
2357 IDEState *s = idebus_active_if(bus);
2358 int ret;
2359
2360 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2361 (s != bus->ifs && !s->bs))
2362 ret = 0;
2363 else
2364 ret = s->status;
2365 #ifdef DEBUG_IDE
2366 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2367 #endif
2368 return ret;
2369 }
2370
2371 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2372 {
2373 IDEBus *bus = opaque;
2374 IDEState *s;
2375 int i;
2376
2377 #ifdef DEBUG_IDE
2378 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2379 #endif
2380 /* common for both drives */
2381 if (!(bus->ifs[0].cmd & IDE_CMD_RESET) &&
2382 (val & IDE_CMD_RESET)) {
2383 /* reset low to high */
2384 for(i = 0;i < 2; i++) {
2385 s = &bus->ifs[i];
2386 s->status = BUSY_STAT | SEEK_STAT;
2387 s->error = 0x01;
2388 }
2389 } else if ((bus->ifs[0].cmd & IDE_CMD_RESET) &&
2390 !(val & IDE_CMD_RESET)) {
2391 /* high to low */
2392 for(i = 0;i < 2; i++) {
2393 s = &bus->ifs[i];
2394 if (s->is_cdrom)
2395 s->status = 0x00; /* NOTE: READY is _not_ set */
2396 else
2397 s->status = READY_STAT | SEEK_STAT;
2398 ide_set_signature(s);
2399 }
2400 }
2401
2402 bus->ifs[0].cmd = val;
2403 bus->ifs[1].cmd = val;
2404 }
2405
2406 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2407 {
2408 IDEBus *bus = opaque;
2409 IDEState *s = idebus_active_if(bus);
2410 uint8_t *p;
2411
2412 /* PIO data access allowed only when DRQ bit is set */
2413 if (!(s->status & DRQ_STAT))
2414 return;
2415
2416 p = s->data_ptr;
2417 *(uint16_t *)p = le16_to_cpu(val);
2418 p += 2;
2419 s->data_ptr = p;
2420 if (p >= s->data_end)
2421 s->end_transfer_func(s);
2422 }
2423
2424 uint32_t ide_data_readw(void *opaque, uint32_t addr)
2425 {
2426 IDEBus *bus = opaque;
2427 IDEState *s = idebus_active_if(bus);
2428 uint8_t *p;
2429 int ret;
2430
2431 /* PIO data access allowed only when DRQ bit is set */
2432 if (!(s->status & DRQ_STAT))
2433 return 0;
2434
2435 p = s->data_ptr;
2436 ret = cpu_to_le16(*(uint16_t *)p);
2437 p += 2;
2438 s->data_ptr = p;
2439 if (p >= s->data_end)
2440 s->end_transfer_func(s);
2441 return ret;
2442 }
2443
2444 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2445 {
2446 IDEBus *bus = opaque;
2447 IDEState *s = idebus_active_if(bus);
2448 uint8_t *p;
2449
2450 /* PIO data access allowed only when DRQ bit is set */
2451 if (!(s->status & DRQ_STAT))
2452 return;
2453
2454 p = s->data_ptr;
2455 *(uint32_t *)p = le32_to_cpu(val);
2456 p += 4;
2457 s->data_ptr = p;
2458 if (p >= s->data_end)
2459 s->end_transfer_func(s);
2460 }
2461
2462 uint32_t ide_data_readl(void *opaque, uint32_t addr)
2463 {
2464 IDEBus *bus = opaque;
2465 IDEState *s = idebus_active_if(bus);
2466 uint8_t *p;
2467 int ret;
2468
2469 /* PIO data access allowed only when DRQ bit is set */
2470 if (!(s->status & DRQ_STAT))
2471 return 0;
2472
2473 p = s->data_ptr;
2474 ret = cpu_to_le32(*(uint32_t *)p);
2475 p += 4;
2476 s->data_ptr = p;
2477 if (p >= s->data_end)
2478 s->end_transfer_func(s);
2479 return ret;
2480 }
2481
2482 static void ide_dummy_transfer_stop(IDEState *s)
2483 {
2484 s->data_ptr = s->io_buffer;
2485 s->data_end = s->io_buffer;
2486 s->io_buffer[0] = 0xff;
2487 s->io_buffer[1] = 0xff;
2488 s->io_buffer[2] = 0xff;
2489 s->io_buffer[3] = 0xff;
2490 }
2491
2492 void ide_reset(IDEState *s)
2493 {
2494 IDEBus *bus = s->bus;
2495
2496 if (s->is_cf)
2497 s->mult_sectors = 0;
2498 else
2499 s->mult_sectors = MAX_MULT_SECTORS;
2500 bus->unit = s->unit;
2501 s->select = 0xa0;
2502 s->status = READY_STAT | SEEK_STAT;
2503 ide_set_signature(s);
2504 /* init the transfer handler so that 0xffff is returned on data
2505 accesses */
2506 s->end_transfer_func = ide_dummy_transfer_stop;
2507 ide_dummy_transfer_stop(s);
2508 s->media_changed = 0;
2509 }
2510
2511 void ide_init2(IDEBus *bus, BlockDriverState *hd0, BlockDriverState *hd1,
2512 qemu_irq irq)
2513 {
2514 IDEState *s;
2515 static int drive_serial = 1;
2516 int i, cylinders, heads, secs;
2517 uint64_t nb_sectors;
2518
2519 for(i = 0; i < 2; i++) {
2520 s = bus->ifs + i;
2521 s->bus = bus;
2522 s->unit = i;
2523 s->bs = (i == 0) ? hd0 : hd1;
2524 s->io_buffer = qemu_blockalign(s->bs, IDE_DMA_BUF_SECTORS*512 + 4);
2525 if (s->bs) {
2526 bdrv_get_geometry(s->bs, &nb_sectors);
2527 bdrv_guess_geometry(s->bs, &cylinders, &heads, &secs);
2528 s->cylinders = cylinders;
2529 s->heads = heads;
2530 s->sectors = secs;
2531 s->nb_sectors = nb_sectors;
2532 /* The SMART values should be preserved across power cycles
2533 but they aren't. */
2534 s->smart_enabled = 1;
2535 s->smart_autosave = 1;
2536 s->smart_errors = 0;
2537 s->smart_selftest_count = 0;
2538 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
2539 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2540 s->is_cdrom = 1;
2541 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2542 }
2543 }
2544 s->drive_serial = drive_serial++;
2545 strncpy(s->drive_serial_str, drive_get_serial(s->bs),
2546 sizeof(s->drive_serial_str));
2547 if (strlen(s->drive_serial_str) == 0)
2548 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2549 "QM%05d", s->drive_serial);
2550 s->irq = irq;
2551 s->sector_write_timer = qemu_new_timer(vm_clock,
2552 ide_sector_write_timer_cb, s);
2553 ide_reset(s);
2554 }
2555 }
2556
2557 void ide_init_ioport(IDEBus *bus, int iobase, int iobase2)
2558 {
2559 register_ioport_write(iobase, 8, 1, ide_ioport_write, bus);
2560 register_ioport_read(iobase, 8, 1, ide_ioport_read, bus);
2561 if (iobase2) {
2562 register_ioport_read(iobase2, 1, 1, ide_status_read, bus);
2563 register_ioport_write(iobase2, 1, 1, ide_cmd_write, bus);
2564 }
2565
2566 /* data ports */
2567 register_ioport_write(iobase, 2, 2, ide_data_writew, bus);
2568 register_ioport_read(iobase, 2, 2, ide_data_readw, bus);
2569 register_ioport_write(iobase, 4, 4, ide_data_writel, bus);
2570 register_ioport_read(iobase, 4, 4, ide_data_readl, bus);
2571 }
2572
2573 /* save per IDE drive data */
2574 void ide_save(QEMUFile* f, IDEState *s)
2575 {
2576 qemu_put_be32(f, s->mult_sectors);
2577 qemu_put_be32(f, s->identify_set);
2578 if (s->identify_set) {
2579 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2580 }
2581 qemu_put_8s(f, &s->feature);
2582 qemu_put_8s(f, &s->error);
2583 qemu_put_be32s(f, &s->nsector);
2584 qemu_put_8s(f, &s->sector);
2585 qemu_put_8s(f, &s->lcyl);
2586 qemu_put_8s(f, &s->hcyl);
2587 qemu_put_8s(f, &s->hob_feature);
2588 qemu_put_8s(f, &s->hob_nsector);
2589 qemu_put_8s(f, &s->hob_sector);
2590 qemu_put_8s(f, &s->hob_lcyl);
2591 qemu_put_8s(f, &s->hob_hcyl);
2592 qemu_put_8s(f, &s->select);
2593 qemu_put_8s(f, &s->status);
2594 qemu_put_8s(f, &s->lba48);
2595
2596 qemu_put_8s(f, &s->sense_key);
2597 qemu_put_8s(f, &s->asc);
2598 qemu_put_8s(f, &s->cdrom_changed);
2599 /* XXX: if a transfer is pending, we do not save it yet */
2600 }
2601
2602 /* load per IDE drive data */
2603 void ide_load(QEMUFile* f, IDEState *s, int version_id)
2604 {
2605 s->mult_sectors=qemu_get_be32(f);
2606 s->identify_set=qemu_get_be32(f);
2607 if (s->identify_set) {
2608 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2609 }
2610 qemu_get_8s(f, &s->feature);
2611 qemu_get_8s(f, &s->error);
2612 qemu_get_be32s(f, &s->nsector);
2613 qemu_get_8s(f, &s->sector);
2614 qemu_get_8s(f, &s->lcyl);
2615 qemu_get_8s(f, &s->hcyl);
2616 qemu_get_8s(f, &s->hob_feature);
2617 qemu_get_8s(f, &s->hob_nsector);
2618 qemu_get_8s(f, &s->hob_sector);
2619 qemu_get_8s(f, &s->hob_lcyl);
2620 qemu_get_8s(f, &s->hob_hcyl);
2621 qemu_get_8s(f, &s->select);
2622 qemu_get_8s(f, &s->status);
2623 qemu_get_8s(f, &s->lba48);
2624
2625 qemu_get_8s(f, &s->sense_key);
2626 qemu_get_8s(f, &s->asc);
2627 if (version_id == 3) {
2628 qemu_get_8s(f, &s->cdrom_changed);
2629 } else {
2630 if (s->sense_key == SENSE_UNIT_ATTENTION &&
2631 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED)
2632 s->cdrom_changed = 1;
2633 }
2634 /* XXX: if a transfer is pending, we do not save it yet */
2635 }
2636
2637 void idebus_save(QEMUFile* f, IDEBus *bus)
2638 {
2639 IDEState *s = idebus_active_if(bus);
2640 qemu_put_8s(f, &s->cmd);
2641 qemu_put_8s(f, &bus->unit);
2642 }
2643
2644 void idebus_load(QEMUFile* f, IDEBus *bus, int version_id)
2645 {
2646 IDEState *s;
2647 uint8_t cmd;
2648
2649 qemu_get_8s(f, &cmd);
2650 qemu_get_8s(f, &bus->unit);
2651 s = idebus_active_if(bus);
2652 s->cmd = cmd;
2653 }
2654
2655 /***********************************************************/
2656 /* PCI IDE definitions */
2657
2658 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2659 {
2660 BMDMAState *bm = s->bus->bmdma;
2661 if(!bm)
2662 return;
2663 bm->unit = s->unit;
2664 bm->dma_cb = dma_cb;
2665 bm->cur_prd_last = 0;
2666 bm->cur_prd_addr = 0;
2667 bm->cur_prd_len = 0;
2668 bm->sector_num = ide_get_sector(s);
2669 bm->nsector = s->nsector;
2670 if (bm->status & BM_STATUS_DMAING) {
2671 bm->dma_cb(bm, 0);
2672 }
2673 }
2674
2675 static void ide_dma_restart(IDEState *s)
2676 {
2677 BMDMAState *bm = s->bus->bmdma;
2678 ide_set_sector(s, bm->sector_num);
2679 s->io_buffer_index = 0;
2680 s->io_buffer_size = 0;
2681 s->nsector = bm->nsector;
2682 bm->cur_addr = bm->addr;
2683 bm->dma_cb = ide_write_dma_cb;
2684 ide_dma_start(s, bm->dma_cb);
2685 }
2686
2687 void ide_dma_cancel(BMDMAState *bm)
2688 {
2689 if (bm->status & BM_STATUS_DMAING) {
2690 bm->status &= ~BM_STATUS_DMAING;
2691 /* cancel DMA request */
2692 bm->unit = -1;
2693 bm->dma_cb = NULL;
2694 if (bm->aiocb) {
2695 #ifdef DEBUG_AIO
2696 printf("aio_cancel\n");
2697 #endif
2698 bdrv_aio_cancel(bm->aiocb);
2699 bm->aiocb = NULL;
2700 }
2701 }
2702 }
2703
2704 #if defined(TARGET_PPC)
2705 /***********************************************************/
2706 /* MacIO based PowerPC IDE */
2707
2708 typedef struct MACIOIDEState {
2709 IDEBus bus;
2710 BlockDriverAIOCB *aiocb;
2711 } MACIOIDEState;
2712
2713 static void pmac_ide_atapi_transfer_cb(void *opaque, int ret)
2714 {
2715 DBDMA_io *io = opaque;
2716 MACIOIDEState *m = io->opaque;
2717 IDEState *s = idebus_active_if(&m->bus);
2718
2719 if (ret < 0) {
2720 m->aiocb = NULL;
2721 qemu_sglist_destroy(&s->sg);
2722 ide_atapi_io_error(s, ret);
2723 io->dma_end(opaque);
2724 return;
2725 }
2726
2727 if (s->io_buffer_size > 0) {
2728 m->aiocb = NULL;
2729 qemu_sglist_destroy(&s->sg);
2730
2731 s->packet_transfer_size -= s->io_buffer_size;
2732
2733 s->io_buffer_index += s->io_buffer_size;
2734 s->lba += s->io_buffer_index >> 11;
2735 s->io_buffer_index &= 0x7ff;
2736 }
2737
2738 if (s->packet_transfer_size <= 0)
2739 ide_atapi_cmd_ok(s);
2740
2741 if (io->len == 0) {
2742 io->dma_end(opaque);
2743 return;
2744 }
2745
2746 /* launch next transfer */
2747
2748 s->io_buffer_size = io->len;
2749
2750 qemu_sglist_init(&s->sg, io->len / TARGET_PAGE_SIZE + 1);
2751 qemu_sglist_add(&s->sg, io->addr, io->len);
2752 io->addr += io->len;
2753 io->len = 0;
2754
2755 m->aiocb = dma_bdrv_read(s->bs, &s->sg,
2756 (int64_t)(s->lba << 2) + (s->io_buffer_index >> 9),
2757 pmac_ide_atapi_transfer_cb, io);
2758 if (!m->aiocb) {
2759 qemu_sglist_destroy(&s->sg);
2760 /* Note: media not present is the most likely case */
2761 ide_atapi_cmd_error(s, SENSE_NOT_READY,
2762 ASC_MEDIUM_NOT_PRESENT);
2763 io->dma_end(opaque);
2764 return;
2765 }
2766 }
2767
2768 static void pmac_ide_transfer_cb(void *opaque, int ret)
2769 {
2770 DBDMA_io *io = opaque;
2771 MACIOIDEState *m = io->opaque;
2772 IDEState *s = idebus_active_if(&m->bus);
2773 int n;
2774 int64_t sector_num;
2775
2776 if (ret < 0) {
2777 m->aiocb = NULL;
2778 qemu_sglist_destroy(&s->sg);
2779 ide_dma_error(s);
2780 io->dma_end(io);
2781 return;
2782 }
2783
2784 sector_num = ide_get_sector(s);
2785 if (s->io_buffer_size > 0) {
2786 m->aiocb = NULL;
2787 qemu_sglist_destroy(&s->sg);
2788 n = (s->io_buffer_size + 0x1ff) >> 9;
2789 sector_num += n;
2790 ide_set_sector(s, sector_num);
2791 s->nsector -= n;
2792 }
2793
2794 /* end of transfer ? */
2795 if (s->nsector == 0) {
2796 s->status = READY_STAT | SEEK_STAT;
2797 ide_set_irq(s);
2798 }
2799
2800 /* end of DMA ? */
2801
2802 if (io->len == 0) {
2803 io->dma_end(io);
2804 return;
2805 }
2806
2807 /* launch next transfer */
2808
2809 s->io_buffer_index = 0;
2810 s->io_buffer_size = io->len;
2811
2812 qemu_sglist_init(&s->sg, io->len / TARGET_PAGE_SIZE + 1);
2813 qemu_sglist_add(&s->sg, io->addr, io->len);
2814 io->addr += io->len;
2815 io->len = 0;
2816
2817 if (s->is_read)
2818 m->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num,
2819 pmac_ide_transfer_cb, io);
2820 else
2821 m->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num,
2822 pmac_ide_transfer_cb, io);
2823 if (!m->aiocb)
2824 pmac_ide_transfer_cb(io, -1);
2825 }
2826
2827 static void pmac_ide_transfer(DBDMA_io *io)
2828 {
2829 MACIOIDEState *m = io->opaque;
2830 IDEState *s = idebus_active_if(&m->bus);
2831
2832 s->io_buffer_size = 0;
2833 if (s->is_cdrom) {
2834 pmac_ide_atapi_transfer_cb(io, 0);
2835 return;
2836 }
2837
2838 pmac_ide_transfer_cb(io, 0);
2839 }
2840
2841 static void pmac_ide_flush(DBDMA_io *io)
2842 {
2843 MACIOIDEState *m = io->opaque;
2844
2845 if (m->aiocb)
2846 qemu_aio_flush();
2847 }
2848
2849 /* PowerMac IDE memory IO */
2850 static void pmac_ide_writeb (void *opaque,
2851 target_phys_addr_t addr, uint32_t val)
2852 {
2853 MACIOIDEState *d = opaque;
2854
2855 addr = (addr & 0xFFF) >> 4;
2856 switch (addr) {
2857 case 1 ... 7:
2858 ide_ioport_write(&d->bus, addr, val);
2859 break;
2860 case 8:
2861 case 22:
2862 ide_cmd_write(&d->bus, 0, val);
2863 break;
2864 default:
2865 break;
2866 }
2867 }
2868
2869 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
2870 {
2871 uint8_t retval;
2872 MACIOIDEState *d = opaque;
2873
2874 addr = (addr & 0xFFF) >> 4;
2875 switch (addr) {
2876 case 1 ... 7:
2877 retval = ide_ioport_read(&d->bus, addr);
2878 break;
2879 case 8:
2880 case 22:
2881 retval = ide_status_read(&d->bus, 0);
2882 break;
2883 default:
2884 retval = 0xFF;
2885 break;
2886 }
2887 return retval;
2888 }
2889
2890 static void pmac_ide_writew (void *opaque,
2891 target_phys_addr_t addr, uint32_t val)
2892 {
2893 MACIOIDEState *d = opaque;
2894
2895 addr = (addr & 0xFFF) >> 4;
2896 #ifdef TARGET_WORDS_BIGENDIAN
2897 val = bswap16(val);
2898 #endif
2899 if (addr == 0) {
2900 ide_data_writew(&d->bus, 0, val);
2901 }
2902 }
2903
2904 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
2905 {
2906 uint16_t retval;
2907 MACIOIDEState *d = opaque;
2908
2909 addr = (addr & 0xFFF) >> 4;
2910 if (addr == 0) {
2911 retval = ide_data_readw(&d->bus, 0);
2912 } else {
2913 retval = 0xFFFF;
2914 }
2915 #ifdef TARGET_WORDS_BIGENDIAN
2916 retval = bswap16(retval);
2917 #endif
2918 return retval;
2919 }
2920
2921 static void pmac_ide_writel (void *opaque,
2922 target_phys_addr_t addr, uint32_t val)
2923 {
2924 MACIOIDEState *d = opaque;
2925
2926 addr = (addr & 0xFFF) >> 4;
2927 #ifdef TARGET_WORDS_BIGENDIAN
2928 val = bswap32(val);
2929 #endif
2930 if (addr == 0) {
2931 ide_data_writel(&d->bus, 0, val);
2932 }
2933 }
2934
2935 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
2936 {
2937 uint32_t retval;
2938 MACIOIDEState *d = opaque;
2939
2940 addr = (addr & 0xFFF) >> 4;
2941 if (addr == 0) {
2942 retval = ide_data_readl(&d->bus, 0);
2943 } else {
2944 retval = 0xFFFFFFFF;
2945 }
2946 #ifdef TARGET_WORDS_BIGENDIAN
2947 retval = bswap32(retval);
2948 #endif
2949 return retval;
2950 }
2951
2952 static CPUWriteMemoryFunc * const pmac_ide_write[] = {
2953 pmac_ide_writeb,
2954 pmac_ide_writew,
2955 pmac_ide_writel,
2956 };
2957
2958 static CPUReadMemoryFunc * const pmac_ide_read[] = {
2959 pmac_ide_readb,
2960 pmac_ide_readw,
2961 pmac_ide_readl,
2962 };
2963
2964 static void pmac_ide_save(QEMUFile *f, void *opaque)
2965 {
2966 MACIOIDEState *d = opaque;
2967 unsigned int i;
2968
2969 /* per IDE interface data */
2970 idebus_save(f, &d->bus);
2971
2972 /* per IDE drive data */
2973 for(i = 0; i < 2; i++) {
2974 ide_save(f, &d->bus.ifs[i]);
2975 }
2976 }
2977
2978 static int pmac_ide_load(QEMUFile *f, void *opaque, int version_id)
2979 {
2980 MACIOIDEState *d = opaque;
2981 unsigned int i;
2982
2983 if (version_id != 1 && version_id != 3)
2984 return -EINVAL;
2985
2986 /* per IDE interface data */
2987 idebus_load(f, &d->bus, version_id);
2988
2989 /* per IDE drive data */
2990 for(i = 0; i < 2; i++) {
2991 ide_load(f, &d->bus.ifs[i], version_id);
2992 }
2993 return 0;
2994 }
2995
2996 static void pmac_ide_reset(void *opaque)
2997 {
2998 MACIOIDEState *d = opaque;
2999
3000 ide_reset(d->bus.ifs +0);
3001 ide_reset(d->bus.ifs +1);
3002 }
3003
3004 /* hd_table must contain 4 block drivers */
3005 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3006 I/O index to access the ide. */
3007 int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq,
3008 void *dbdma, int channel, qemu_irq dma_irq)
3009 {
3010 MACIOIDEState *d;
3011 int pmac_ide_memory;
3012
3013 d = qemu_mallocz(sizeof(MACIOIDEState));
3014 ide_init2(&d->bus, hd_table[0], hd_table[1], irq);
3015
3016 if (dbdma)
3017 DBDMA_register_channel(dbdma, channel, dma_irq, pmac_ide_transfer, pmac_ide_flush, d);
3018
3019 pmac_ide_memory = cpu_register_io_memory(pmac_ide_read,
3020 pmac_ide_write, d);
3021 register_savevm("ide", 0, 3, pmac_ide_save, pmac_ide_load, d);
3022 qemu_register_reset(pmac_ide_reset, d);
3023 pmac_ide_reset(d);
3024
3025 return pmac_ide_memory;
3026 }
3027 #endif /* TARGET_PPC */
3028
3029 /***********************************************************/
3030 /* MMIO based ide port
3031 * This emulates IDE device connected directly to the CPU bus without
3032 * dedicated ide controller, which is often seen on embedded boards.
3033 */
3034
3035 typedef struct {
3036 IDEBus *bus;
3037 int shift;
3038 } MMIOState;
3039
3040 static uint32_t mmio_ide_read (void *opaque, target_phys_addr_t addr)
3041 {
3042 MMIOState *s = (MMIOState*)opaque;
3043 IDEBus *bus = s->bus;
3044 addr >>= s->shift;
3045 if (addr & 7)
3046 return ide_ioport_read(bus, addr);
3047 else
3048 return ide_data_readw(bus, 0);
3049 }
3050
3051 static void mmio_ide_write (void *opaque, target_phys_addr_t addr,
3052 uint32_t val)
3053 {
3054 MMIOState *s = (MMIOState*)opaque;
3055 IDEBus *bus = s->bus;
3056 addr >>= s->shift;
3057 if (addr & 7)
3058 ide_ioport_write(bus, addr, val);
3059 else
3060 ide_data_writew(bus, 0, val);
3061 }
3062
3063 static CPUReadMemoryFunc * const mmio_ide_reads[] = {
3064 mmio_ide_read,
3065 mmio_ide_read,
3066 mmio_ide_read,
3067 };
3068
3069 static CPUWriteMemoryFunc * const mmio_ide_writes[] = {
3070 mmio_ide_write,
3071 mmio_ide_write,
3072 mmio_ide_write,
3073 };
3074
3075 static uint32_t mmio_ide_status_read (void *opaque, target_phys_addr_t addr)
3076 {
3077 MMIOState *s= (MMIOState*)opaque;
3078 IDEBus *bus = s->bus;
3079 return ide_status_read(bus, 0);
3080 }
3081
3082 static void mmio_ide_cmd_write (void *opaque, target_phys_addr_t addr,
3083 uint32_t val)
3084 {
3085 MMIOState *s = (MMIOState*)opaque;
3086 IDEBus *bus = s->bus;
3087 ide_cmd_write(bus, 0, val);
3088 }
3089
3090 static CPUReadMemoryFunc * const mmio_ide_status[] = {
3091 mmio_ide_status_read,
3092 mmio_ide_status_read,
3093 mmio_ide_status_read,
3094 };
3095
3096 static CPUWriteMemoryFunc * const mmio_ide_cmd[] = {
3097 mmio_ide_cmd_write,
3098 mmio_ide_cmd_write,
3099 mmio_ide_cmd_write,
3100 };
3101
3102 void mmio_ide_init (target_phys_addr_t membase, target_phys_addr_t membase2,
3103 qemu_irq irq, int shift,
3104 BlockDriverState *hd0, BlockDriverState *hd1)
3105 {
3106 MMIOState *s = qemu_mallocz(sizeof(MMIOState));
3107 IDEBus *bus = qemu_mallocz(sizeof(*bus));
3108 int mem1, mem2;
3109
3110 ide_init2(bus, hd0, hd1, irq);
3111
3112 s->bus = bus;
3113 s->shift = shift;
3114
3115 mem1 = cpu_register_io_memory(mmio_ide_reads, mmio_ide_writes, s);
3116 mem2 = cpu_register_io_memory(mmio_ide_status, mmio_ide_cmd, s);
3117 cpu_register_physical_memory(membase, 16 << shift, mem1);
3118 cpu_register_physical_memory(membase2, 2 << shift, mem2);
3119 }
3120
3121 /***********************************************************/
3122 /* CF-ATA Microdrive */
3123
3124 #define METADATA_SIZE 0x20
3125
3126 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3127 typedef struct {
3128 IDEBus bus;
3129 PCMCIACardState card;
3130 uint32_t attr_base;
3131 uint32_t io_base;
3132
3133 /* Card state */
3134 uint8_t opt;
3135 uint8_t stat;
3136 uint8_t pins;
3137
3138 uint8_t ctrl;
3139 uint16_t io;
3140 int cycle;
3141 } MicroDriveState;
3142
3143 /* Register bitfields */
3144 enum md_opt {
3145 OPT_MODE_MMAP = 0,
3146 OPT_MODE_IOMAP16 = 1,
3147 OPT_MODE_IOMAP1 = 2,
3148 OPT_MODE_IOMAP2 = 3,
3149 OPT_MODE = 0x3f,
3150 OPT_LEVIREQ = 0x40,
3151 OPT_SRESET = 0x80,
3152 };
3153 enum md_cstat {
3154 STAT_INT = 0x02,
3155 STAT_PWRDWN = 0x04,
3156 STAT_XE = 0x10,
3157 STAT_IOIS8 = 0x20,
3158 STAT_SIGCHG = 0x40,
3159 STAT_CHANGED = 0x80,
3160 };
3161 enum md_pins {
3162 PINS_MRDY = 0x02,
3163 PINS_CRDY = 0x20,
3164 };
3165 enum md_ctrl {
3166 CTRL_IEN = 0x02,
3167 CTRL_SRST = 0x04,
3168 };
3169
3170 static inline void md_interrupt_update(MicroDriveState *s)
3171 {
3172 if (!s->card.slot)
3173 return;
3174
3175 qemu_set_irq(s->card.slot->irq,
3176 !(s->stat & STAT_INT) && /* Inverted */
3177 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3178 !(s->opt & OPT_SRESET));
3179 }
3180
3181 static void md_set_irq(void *opaque, int irq, int level)
3182 {
3183 MicroDriveState *s = (MicroDriveState *) opaque;
3184 if (level)
3185 s->stat |= STAT_INT;
3186 else
3187 s->stat &= ~STAT_INT;
3188
3189 md_interrupt_update(s);
3190 }
3191
3192 static void md_reset(MicroDriveState *s)
3193 {
3194 s->opt = OPT_MODE_MMAP;
3195 s->stat = 0;
3196 s->pins = 0;
3197 s->cycle = 0;
3198 s->ctrl = 0;
3199 ide_reset(s->bus.ifs);
3200 }
3201
3202 static uint8_t md_attr_read(void *opaque, uint32_t at)
3203 {
3204 MicroDriveState *s = (MicroDriveState *) opaque;
3205 if (at < s->attr_base) {
3206 if (at < s->card.cis_len)
3207 return s->card.cis[at];
3208 else
3209 return 0x00;
3210 }
3211
3212 at -= s->attr_base;
3213
3214 switch (at) {
3215 case 0x00: /* Configuration Option Register */
3216 return s->opt;
3217 case 0x02: /* Card Configuration Status Register */
3218 if (s->ctrl & CTRL_IEN)
3219 return s->stat & ~STAT_INT;
3220 else
3221 return s->stat;
3222 case 0x04: /* Pin Replacement Register */
3223 return (s->pins & PINS_CRDY) | 0x0c;
3224 case 0x06: /* Socket and Copy Register */
3225 return 0x00;
3226 #ifdef VERBOSE
3227 default:
3228 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3229 #endif
3230 }
3231
3232 return 0;
3233 }
3234
3235 static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
3236 {
3237 MicroDriveState *s = (MicroDriveState *) opaque;
3238 at -= s->attr_base;
3239
3240 switch (at) {
3241 case 0x00: /* Configuration Option Register */
3242 s->opt = value & 0xcf;
3243 if (value & OPT_SRESET)
3244 md_reset(s);
3245 md_interrupt_update(s);
3246 break;
3247 case 0x02: /* Card Configuration Status Register */
3248 if ((s->stat ^ value) & STAT_PWRDWN)
3249 s->pins |= PINS_CRDY;
3250 s->stat &= 0x82;
3251 s->stat |= value & 0x74;
3252 md_interrupt_update(s);
3253 /* Word 170 in Identify Device must be equal to STAT_XE */
3254 break;
3255 case 0x04: /* Pin Replacement Register */
3256 s->pins &= PINS_CRDY;
3257 s->pins |= value & PINS_MRDY;
3258 break;
3259 case 0x06: /* Socket and Copy Register */
3260 break;
3261 default:
3262 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3263 }
3264 }
3265
3266 static uint16_t md_common_read(void *opaque, uint32_t at)
3267 {
3268 MicroDriveState *s = (MicroDriveState *) opaque;
3269 IDEState *ifs;
3270 uint16_t ret;
3271 at -= s->io_base;
3272
3273 switch (s->opt & OPT_MODE) {
3274 case OPT_MODE_MMAP:
3275 if ((at & ~0x3ff) == 0x400)
3276 at = 0;
3277 break;
3278 case OPT_MODE_IOMAP16:
3279 at &= 0xf;
3280 break;
3281 case OPT_MODE_IOMAP1:
3282 if ((at & ~0xf) == 0x3f0)
3283 at -= 0x3e8;
3284 else if ((at & ~0xf) == 0x1f0)
3285 at -= 0x1f0;
3286 break;
3287 case OPT_MODE_IOMAP2:
3288 if ((at & ~0xf) == 0x370)
3289 at -= 0x368;
3290 else if ((at & ~0xf) == 0x170)
3291 at -= 0x170;
3292 }
3293
3294 switch (at) {
3295 case 0x0: /* Even RD Data */
3296 case 0x8:
3297 return ide_data_readw(&s->bus, 0);
3298
3299 /* TODO: 8-bit accesses */
3300 if (s->cycle)
3301 ret = s->io >> 8;
3302 else {
3303 s->io = ide_data_readw(&s->bus, 0);
3304 ret = s->io & 0xff;
3305 }
3306 s->cycle = !s->cycle;
3307 return ret;
3308 case 0x9: /* Odd RD Data */
3309 return s->io >> 8;
3310 case 0xd: /* Error */
3311 return ide_ioport_read(&s->bus, 0x1);
3312 case 0xe: /* Alternate Status */
3313 ifs = idebus_active_if(&s->bus);
3314 if (ifs->bs)
3315 return ifs->status;
3316 else
3317 return 0;
3318 case 0xf: /* Device Address */
3319 ifs = idebus_active_if(&s->bus);
3320 return 0xc2 | ((~ifs->select << 2) & 0x3c);
3321 default:
3322 return ide_ioport_read(&s->bus, at);
3323 }
3324
3325 return 0;
3326 }
3327
3328 static void md_common_write(void *opaque, uint32_t at, uint16_t value)
3329 {
3330 MicroDriveState *s = (MicroDriveState *) opaque;
3331 at -= s->io_base;
3332
3333 switch (s->opt & OPT_MODE) {
3334 case OPT_MODE_MMAP:
3335 if ((at & ~0x3ff) == 0x400)
3336 at = 0;
3337 break;
3338 case OPT_MODE_IOMAP16:
3339 at &= 0xf;
3340 break;
3341 case OPT_MODE_IOMAP1:
3342 if ((at & ~0xf) == 0x3f0)
3343 at -= 0x3e8;
3344 else if ((at & ~0xf) == 0x1f0)
3345 at -= 0x1f0;
3346 break;
3347 case OPT_MODE_IOMAP2:
3348 if ((at & ~0xf) == 0x370)
3349 at -= 0x368;
3350 else if ((at & ~0xf) == 0x170)
3351 at -= 0x170;
3352 }
3353
3354 switch (at) {
3355 case 0x0: /* Even WR Data */
3356 case 0x8:
3357 ide_data_writew(&s->bus, 0, value);
3358 break;
3359
3360 /* TODO: 8-bit accesses */
3361 if (s->cycle)
3362 ide_data_writew(&s->bus, 0, s->io | (value << 8));
3363 else
3364 s->io = value & 0xff;
3365 s->cycle = !s->cycle;
3366 break;
3367 case 0x9:
3368 s->io = value & 0xff;
3369 s->cycle = !s->cycle;
3370 break;
3371 case 0xd: /* Features */
3372 ide_ioport_write(&s->bus, 0x1, value);
3373 break;
3374 case 0xe: /* Device Control */
3375 s->ctrl = value;
3376 if (value & CTRL_SRST)
3377 md_reset(s);
3378 md_interrupt_update(s);
3379 break;
3380 default:
3381 if (s->stat & STAT_PWRDWN) {
3382 s->pins |= PINS_CRDY;
3383 s->stat &= ~STAT_PWRDWN;
3384 }
3385 ide_ioport_write(&s->bus, at, value);
3386 }
3387 }
3388
3389 static void md_save(QEMUFile *f, void *opaque)
3390 {
3391 MicroDriveState *s = (MicroDriveState *) opaque;
3392 int i;
3393
3394 qemu_put_8s(f, &s->opt);
3395 qemu_put_8s(f, &s->stat);
3396 qemu_put_8s(f, &s->pins);
3397
3398 qemu_put_8s(f, &s->ctrl);
3399 qemu_put_be16s(f, &s->io);
3400 qemu_put_byte(f, s->cycle);
3401
3402 idebus_save(f, &s->bus);
3403
3404 for (i = 0; i < 2; i ++)
3405 ide_save(f, &s->bus.ifs[i]);
3406 }
3407
3408 static int md_load(QEMUFile *f, void *opaque, int version_id)
3409 {
3410 MicroDriveState *s = (MicroDriveState *) opaque;
3411 int i;
3412
3413 if (version_id != 0 && version_id != 3)
3414 return -EINVAL;
3415
3416 qemu_get_8s(f, &s->opt);
3417 qemu_get_8s(f, &s->stat);
3418 qemu_get_8s(f, &s->pins);
3419
3420 qemu_get_8s(f, &s->ctrl);
3421 qemu_get_be16s(f, &s->io);
3422 s->cycle = qemu_get_byte(f);
3423
3424 idebus_load(f, &s->bus, version_id);
3425
3426 for (i = 0; i < 2; i ++)
3427 ide_load(f, &s->bus.ifs[i], version_id);
3428
3429 return 0;
3430 }
3431
3432 static const uint8_t dscm1xxxx_cis[0x14a] = {
3433 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3434 [0x002] = 0x03, /* Tuple length = 4 bytes */
3435 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3436 [0x006] = 0x01, /* Size = 2K bytes */
3437 [0x008] = CISTPL_ENDMARK,
3438
3439 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3440 [0x00c] = 0x04, /* Tuple length = 4 byest */
3441 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3442 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3443 [0x012] = 0x01, /* Size = 2K bytes */
3444 [0x014] = CISTPL_ENDMARK,
3445
3446 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3447 [0x018] = 0x02, /* Tuple length = 2 bytes */
3448 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3449 [0x01c] = 0x01,
3450
3451 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3452 [0x020] = 0x04, /* Tuple length = 4 bytes */
3453 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3454 [0x024] = 0x00,
3455 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3456 [0x028] = 0x00,
3457
3458 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3459 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3460 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3461 [0x030] = 0x01, /* Minor Version = 1 */
3462 [0x032] = 'I',
3463 [0x034] = 'B',
3464 [0x036] = 'M',
3465 [0x038] = 0x00,
3466 [0x03a] = 'm',
3467 [0x03c] = 'i',
3468 [0x03e] = 'c',
3469 [0x040] = 'r',
3470 [0x042] = 'o',
3471 [0x044] = 'd',
3472 [0x046] = 'r',
3473 [0x048] = 'i',
3474 [0x04a] = 'v',
3475 [0x04c] = 'e',
3476 [0x04e] = 0x00,
3477 [0x050] = CISTPL_ENDMARK,
3478
3479 [0x052] = CISTPL_FUNCID, /* Function ID */
3480 [0x054] = 0x02, /* Tuple length = 2 bytes */
3481 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3482 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3483
3484 [0x05a] = CISTPL_FUNCE, /* Function Extension */
3485 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3486 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3487 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3488
3489 [0x062] = CISTPL_FUNCE, /* Function Extension */
3490 [0x064] = 0x03, /* Tuple length = 3 bytes */
3491 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3492 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3493 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3494
3495 [0x06c] = CISTPL_CONFIG, /* Configuration */
3496 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3497 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3498 [0x072] = 0x07, /* TPCC_LAST = 7 */
3499 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3500 [0x076] = 0x02,
3501 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3502
3503 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3504 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3505 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3506 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3507 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3508 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3509 [0x086] = 0x55, /* NomV: 5.0 V */
3510 [0x088] = 0x4d, /* MinV: 4.5 V */
3511 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3512 [0x08c] = 0x4e, /* Peakl: 450 mA */
3513 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3514 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3515 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3516
3517 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3518 [0x096] = 0x06, /* Tuple length = 6 bytes */
3519 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3520 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3521 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3522 [0x09e] = 0xb5, /* NomV: 3.3 V */
3523 [0x0a0] = 0x1e,
3524 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3525
3526 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3527 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3528 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3529 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3530 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3531 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3532 [0x0b0] = 0x55, /* NomV: 5.0 V */
3533 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3534 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3535 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3536 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3537 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3538 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3539 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3540 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3541
3542 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3543 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3544 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3545 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3546 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3547 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3548 [0x0ce] = 0x1e,
3549 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3550
3551 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3552 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3553 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3554 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3555 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3556 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3557 [0x0de] = 0x55, /* NomV: 5.0 V */
3558 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3559 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3560 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3561 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3562 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3563 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3564 [0x0ec] = 0x01,
3565 [0x0ee] = 0x07, /* Address block length = 8 */
3566 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3567 [0x0f2] = 0x03,
3568 [0x0f4] = 0x01, /* Address block length = 2 */
3569 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3570 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3571
3572 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3573 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3574 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3575 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3576 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3577 [0x104] = 0xb5, /* NomV: 3.3 V */
3578 [0x106] = 0x1e,
3579 [0x108] = 0x3e, /* Peakl: 350 mA */
3580
3581 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3582 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3583 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3584 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3585 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3586 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3587 [0x116] = 0x55, /* NomV: 5.0 V */
3588 [0x118] = 0x4d, /* MinV: 4.5 V */
3589 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3590 [0x11c] = 0x4e, /* Peakl: 450 mA */
3591 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3592 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3593 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3594 [0x124] = 0x01,
3595 [0x126] = 0x07, /* Address block length = 8 */
3596 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3597 [0x12a] = 0x03,
3598 [0x12c] = 0x01, /* Address block length = 2 */
3599 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3600 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3601
3602 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3603 [0x134] = 0x06, /* Tuple length = 6 bytes */
3604 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3605 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3606 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3607 [0x13c] = 0xb5, /* NomV: 3.3 V */
3608 [0x13e] = 0x1e,
3609 [0x140] = 0x3e, /* Peakl: 350 mA */
3610
3611 [0x142] = CISTPL_NO_LINK, /* No Link */
3612 [0x144] = 0x00, /* Tuple length = 0 bytes */
3613
3614 [0x146] = CISTPL_END, /* Tuple End */
3615 };
3616
3617 static int dscm1xxxx_attach(void *opaque)
3618 {
3619 MicroDriveState *md = (MicroDriveState *) opaque;
3620 md->card.attr_read = md_attr_read;
3621 md->card.attr_write = md_attr_write;
3622 md->card.common_read = md_common_read;
3623 md->card.common_write = md_common_write;
3624 md->card.io_read = md_common_read;
3625 md->card.io_write = md_common_write;
3626
3627 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
3628 md->io_base = 0x0;
3629
3630 md_reset(md);
3631 md_interrupt_update(md);
3632
3633 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
3634 return 0;
3635 }
3636
3637 static int dscm1xxxx_detach(void *opaque)
3638 {
3639 MicroDriveState *md = (MicroDriveState *) opaque;
3640 md_reset(md);
3641 return 0;
3642 }
3643
3644 PCMCIACardState *dscm1xxxx_init(BlockDriverState *bdrv)
3645 {
3646 MicroDriveState *md = (MicroDriveState *) qemu_mallocz(sizeof(MicroDriveState));
3647 md->card.state = md;
3648 md->card.attach = dscm1xxxx_attach;
3649 md->card.detach = dscm1xxxx_detach;
3650 md->card.cis = dscm1xxxx_cis;
3651 md->card.cis_len = sizeof(dscm1xxxx_cis);
3652
3653 ide_init2(&md->bus, bdrv, NULL, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
3654 md->bus.ifs[0].is_cf = 1;
3655 md->bus.ifs[0].mdata_size = METADATA_SIZE;
3656 md->bus.ifs[0].mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
3657
3658 register_savevm("microdrive", -1, 3, md_save, md_load, md);
3659
3660 return &md->card;
3661 }
Anthony Liguori's QEMU queue