search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Replace tabs by 8 spaces. No code change, by Herve Poussineau.
[qemu/dscho.git] / hw / ide.c
blob4a7fa8b6d533e2a608ea9ae78731961971d58a5f
1 /*
2 * QEMU IDE disk and CD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include "vl.h"
26
27 /* debug IDE devices */
28 //#define DEBUG_IDE
29 //#define DEBUG_IDE_ATAPI
30 //#define DEBUG_AIO
31 #define USE_DMA_CDROM
32
33 /* Bits of HD_STATUS */
34 #define ERR_STAT 0x01
35 #define INDEX_STAT 0x02
36 #define ECC_STAT 0x04 /* Corrected error */
37 #define DRQ_STAT 0x08
38 #define SEEK_STAT 0x10
39 #define SRV_STAT 0x10
40 #define WRERR_STAT 0x20
41 #define READY_STAT 0x40
42 #define BUSY_STAT 0x80
43
44 /* Bits for HD_ERROR */
45 #define MARK_ERR 0x01 /* Bad address mark */
46 #define TRK0_ERR 0x02 /* couldn't find track 0 */
47 #define ABRT_ERR 0x04 /* Command aborted */
48 #define MCR_ERR 0x08 /* media change request */
49 #define ID_ERR 0x10 /* ID field not found */
50 #define MC_ERR 0x20 /* media changed */
51 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
52 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
53 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
54
55 /* Bits of HD_NSECTOR */
56 #define CD 0x01
57 #define IO 0x02
58 #define REL 0x04
59 #define TAG_MASK 0xf8
60
61 #define IDE_CMD_RESET 0x04
62 #define IDE_CMD_DISABLE_IRQ 0x02
63
64 /* ATA/ATAPI Commands pre T13 Spec */
65 #define WIN_NOP 0x00
66 /*
67 * 0x01->0x02 Reserved
68 */
69 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
70 /*
71 * 0x04->0x07 Reserved
72 */
73 #define WIN_SRST 0x08 /* ATAPI soft reset command */
74 #define WIN_DEVICE_RESET 0x08
75 /*
76 * 0x09->0x0F Reserved
77 */
78 #define WIN_RECAL 0x10
79 #define WIN_RESTORE WIN_RECAL
80 /*
81 * 0x10->0x1F Reserved
82 */
83 #define WIN_READ 0x20 /* 28-Bit */
84 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
85 #define WIN_READ_LONG 0x22 /* 28-Bit */
86 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
87 #define WIN_READ_EXT 0x24 /* 48-Bit */
88 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
89 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
90 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
91 /*
92 * 0x28
93 */
94 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
95 /*
96 * 0x2A->0x2F Reserved
97 */
98 #define WIN_WRITE 0x30 /* 28-Bit */
99 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
100 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
101 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
102 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
103 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
104 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
105 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
106 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
107 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
108 /*
109 * 0x3A->0x3B Reserved
110 */
111 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
112 /*
113 * 0x3D->0x3F Reserved
114 */
115 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
116 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
117 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
118 /*
119 * 0x43->0x4F Reserved
120 */
121 #define WIN_FORMAT 0x50
122 /*
123 * 0x51->0x5F Reserved
124 */
125 #define WIN_INIT 0x60
126 /*
127 * 0x61->0x5F Reserved
128 */
129 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
130 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
131 #define WIN_DIAGNOSE 0x90
132 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
133 #define WIN_DOWNLOAD_MICROCODE 0x92
134 #define WIN_STANDBYNOW2 0x94
135 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
136 #define WIN_STANDBY2 0x96
137 #define WIN_SETIDLE2 0x97
138 #define WIN_CHECKPOWERMODE2 0x98
139 #define WIN_SLEEPNOW2 0x99
140 /*
141 * 0x9A VENDOR
142 */
143 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
144 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
145 #define WIN_QUEUED_SERVICE 0xA2
146 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
147 #define CFA_ACCESS_METADATA_STORAGE 0xB8
148 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
149 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
150 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
151 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
152 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
153 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
154 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
155 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
156 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
157 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
158 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
159 #define WIN_GETMEDIASTATUS 0xDA
160 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
161 #define WIN_POSTBOOT 0xDC
162 #define WIN_PREBOOT 0xDD
163 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
164 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
165 #define WIN_STANDBYNOW1 0xE0
166 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
167 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
168 #define WIN_SETIDLE1 0xE3
169 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
170 #define WIN_CHECKPOWERMODE1 0xE5
171 #define WIN_SLEEPNOW1 0xE6
172 #define WIN_FLUSH_CACHE 0xE7
173 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
174 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
175 /* SET_FEATURES 0x22 or 0xDD */
176 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
177 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
178 #define WIN_MEDIAEJECT 0xED
179 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
180 #define WIN_SETFEATURES 0xEF /* set special drive features */
181 #define EXABYTE_ENABLE_NEST 0xF0
182 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
183 #define WIN_SECURITY_SET_PASS 0xF1
184 #define WIN_SECURITY_UNLOCK 0xF2
185 #define WIN_SECURITY_ERASE_PREPARE 0xF3
186 #define WIN_SECURITY_ERASE_UNIT 0xF4
187 #define WIN_SECURITY_FREEZE_LOCK 0xF5
188 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
189 #define WIN_SECURITY_DISABLE 0xF6
190 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
191 #define WIN_SET_MAX 0xF9
192 #define DISABLE_SEAGATE 0xFB
193
194 /* set to 1 set disable mult support */
195 #define MAX_MULT_SECTORS 16
196
197 /* ATAPI defines */
198
199 #define ATAPI_PACKET_SIZE 12
200
201 /* The generic packet command opcodes for CD/DVD Logical Units,
202 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
203 #define GPCMD_BLANK 0xa1
204 #define GPCMD_CLOSE_TRACK 0x5b
205 #define GPCMD_FLUSH_CACHE 0x35
206 #define GPCMD_FORMAT_UNIT 0x04
207 #define GPCMD_GET_CONFIGURATION 0x46
208 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
209 #define GPCMD_GET_PERFORMANCE 0xac
210 #define GPCMD_INQUIRY 0x12
211 #define GPCMD_LOAD_UNLOAD 0xa6
212 #define GPCMD_MECHANISM_STATUS 0xbd
213 #define GPCMD_MODE_SELECT_10 0x55
214 #define GPCMD_MODE_SENSE_10 0x5a
215 #define GPCMD_PAUSE_RESUME 0x4b
216 #define GPCMD_PLAY_AUDIO_10 0x45
217 #define GPCMD_PLAY_AUDIO_MSF 0x47
218 #define GPCMD_PLAY_AUDIO_TI 0x48
219 #define GPCMD_PLAY_CD 0xbc
220 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
221 #define GPCMD_READ_10 0x28
222 #define GPCMD_READ_12 0xa8
223 #define GPCMD_READ_CDVD_CAPACITY 0x25
224 #define GPCMD_READ_CD 0xbe
225 #define GPCMD_READ_CD_MSF 0xb9
226 #define GPCMD_READ_DISC_INFO 0x51
227 #define GPCMD_READ_DVD_STRUCTURE 0xad
228 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
229 #define GPCMD_READ_HEADER 0x44
230 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
231 #define GPCMD_READ_SUBCHANNEL 0x42
232 #define GPCMD_READ_TOC_PMA_ATIP 0x43
233 #define GPCMD_REPAIR_RZONE_TRACK 0x58
234 #define GPCMD_REPORT_KEY 0xa4
235 #define GPCMD_REQUEST_SENSE 0x03
236 #define GPCMD_RESERVE_RZONE_TRACK 0x53
237 #define GPCMD_SCAN 0xba
238 #define GPCMD_SEEK 0x2b
239 #define GPCMD_SEND_DVD_STRUCTURE 0xad
240 #define GPCMD_SEND_EVENT 0xa2
241 #define GPCMD_SEND_KEY 0xa3
242 #define GPCMD_SEND_OPC 0x54
243 #define GPCMD_SET_READ_AHEAD 0xa7
244 #define GPCMD_SET_STREAMING 0xb6
245 #define GPCMD_START_STOP_UNIT 0x1b
246 #define GPCMD_STOP_PLAY_SCAN 0x4e
247 #define GPCMD_TEST_UNIT_READY 0x00
248 #define GPCMD_VERIFY_10 0x2f
249 #define GPCMD_WRITE_10 0x2a
250 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
251 /* This is listed as optional in ATAPI 2.6, but is (curiously)
252 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
253 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
254 * drives support it. */
255 #define GPCMD_SET_SPEED 0xbb
256 /* This seems to be a SCSI specific CD-ROM opcode
257 * to play data at track/index */
258 #define GPCMD_PLAYAUDIO_TI 0x48
259 /*
260 * From MS Media Status Notification Support Specification. For
261 * older drives only.
262 */
263 #define GPCMD_GET_MEDIA_STATUS 0xda
264
265 /* Mode page codes for mode sense/set */
266 #define GPMODE_R_W_ERROR_PAGE 0x01
267 #define GPMODE_WRITE_PARMS_PAGE 0x05
268 #define GPMODE_AUDIO_CTL_PAGE 0x0e
269 #define GPMODE_POWER_PAGE 0x1a
270 #define GPMODE_FAULT_FAIL_PAGE 0x1c
271 #define GPMODE_TO_PROTECT_PAGE 0x1d
272 #define GPMODE_CAPABILITIES_PAGE 0x2a
273 #define GPMODE_ALL_PAGES 0x3f
274 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
275 * of MODE_SENSE_POWER_PAGE */
276 #define GPMODE_CDROM_PAGE 0x0d
277
278 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
279 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
280 #define ATAPI_INT_REASON_REL 0x04
281 #define ATAPI_INT_REASON_TAG 0xf8
282
283 /* same constants as bochs */
284 #define ASC_ILLEGAL_OPCODE 0x20
285 #define ASC_LOGICAL_BLOCK_OOR 0x21
286 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
287 #define ASC_MEDIUM_NOT_PRESENT 0x3a
288 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
289
290 #define CFA_NO_ERROR 0x00
291 #define CFA_MISC_ERROR 0x09
292 #define CFA_INVALID_COMMAND 0x20
293 #define CFA_INVALID_ADDRESS 0x21
294 #define CFA_ADDRESS_OVERFLOW 0x2f
295
296 #define SENSE_NONE 0
297 #define SENSE_NOT_READY 2
298 #define SENSE_ILLEGAL_REQUEST 5
299 #define SENSE_UNIT_ATTENTION 6
300
301 struct IDEState;
302
303 typedef void EndTransferFunc(struct IDEState *);
304
305 /* NOTE: IDEState represents in fact one drive */
306 typedef struct IDEState {
307 /* ide config */
308 int is_cdrom;
309 int is_cf;
310 int cylinders, heads, sectors;
311 int64_t nb_sectors;
312 int mult_sectors;
313 int identify_set;
314 uint16_t identify_data[256];
315 qemu_irq irq;
316 PCIDevice *pci_dev;
317 struct BMDMAState *bmdma;
318 int drive_serial;
319 /* ide regs */
320 uint8_t feature;
321 uint8_t error;
322 uint32_t nsector;
323 uint8_t sector;
324 uint8_t lcyl;
325 uint8_t hcyl;
326 /* other part of tf for lba48 support */
327 uint8_t hob_feature;
328 uint8_t hob_nsector;
329 uint8_t hob_sector;
330 uint8_t hob_lcyl;
331 uint8_t hob_hcyl;
332
333 uint8_t select;
334 uint8_t status;
335
336 /* 0x3f6 command, only meaningful for drive 0 */
337 uint8_t cmd;
338 /* set for lba48 access */
339 uint8_t lba48;
340 /* depends on bit 4 in select, only meaningful for drive 0 */
341 struct IDEState *cur_drive;
342 BlockDriverState *bs;
343 /* ATAPI specific */
344 uint8_t sense_key;
345 uint8_t asc;
346 int packet_transfer_size;
347 int elementary_transfer_size;
348 int io_buffer_index;
349 int lba;
350 int cd_sector_size;
351 int atapi_dma; /* true if dma is requested for the packet cmd */
352 /* ATA DMA state */
353 int io_buffer_size;
354 /* PIO transfer handling */
355 int req_nb_sectors; /* number of sectors per interrupt */
356 EndTransferFunc *end_transfer_func;
357 uint8_t *data_ptr;
358 uint8_t *data_end;
359 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
360 QEMUTimer *sector_write_timer; /* only used for win2k instal hack */
361 uint32_t irq_count; /* counts IRQs when using win2k install hack */
362 /* CF-ATA extended error */
363 uint8_t ext_error;
364 /* CF-ATA metadata storage */
365 uint32_t mdata_size;
366 uint8_t *mdata_storage;
367 int media_changed;
368 } IDEState;
369
370 #define BM_STATUS_DMAING 0x01
371 #define BM_STATUS_ERROR 0x02
372 #define BM_STATUS_INT 0x04
373
374 #define BM_CMD_START 0x01
375 #define BM_CMD_READ 0x08
376
377 #define IDE_TYPE_PIIX3 0
378 #define IDE_TYPE_CMD646 1
379 #define IDE_TYPE_PIIX4 2
380
381 /* CMD646 specific */
382 #define MRDMODE 0x71
383 #define MRDMODE_INTR_CH0 0x04
384 #define MRDMODE_INTR_CH1 0x08
385 #define MRDMODE_BLK_CH0 0x10
386 #define MRDMODE_BLK_CH1 0x20
387 #define UDIDETCR0 0x73
388 #define UDIDETCR1 0x7B
389
390 typedef struct BMDMAState {
391 uint8_t cmd;
392 uint8_t status;
393 uint32_t addr;
394
395 struct PCIIDEState *pci_dev;
396 /* current transfer state */
397 uint32_t cur_addr;
398 uint32_t cur_prd_last;
399 uint32_t cur_prd_addr;
400 uint32_t cur_prd_len;
401 IDEState *ide_if;
402 BlockDriverCompletionFunc *dma_cb;
403 BlockDriverAIOCB *aiocb;
404 } BMDMAState;
405
406 typedef struct PCIIDEState {
407 PCIDevice dev;
408 IDEState ide_if[4];
409 BMDMAState bmdma[2];
410 int type; /* see IDE_TYPE_xxx */
411 } PCIIDEState;
412
413 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
414 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
415
416 static void padstr(char *str, const char *src, int len)
417 {
418 int i, v;
419 for(i = 0; i < len; i++) {
420 if (*src)
421 v = *src++;
422 else
423 v = ' ';
424 *(char *)((long)str ^ 1) = v;
425 str++;
426 }
427 }
428
429 static void padstr8(uint8_t *buf, int buf_size, const char *src)
430 {
431 int i;
432 for(i = 0; i < buf_size; i++) {
433 if (*src)
434 buf[i] = *src++;
435 else
436 buf[i] = ' ';
437 }
438 }
439
440 static void put_le16(uint16_t *p, unsigned int v)
441 {
442 *p = cpu_to_le16(v);
443 }
444
445 static void ide_identify(IDEState *s)
446 {
447 uint16_t *p;
448 unsigned int oldsize;
449 char buf[20];
450
451 if (s->identify_set) {
452 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
453 return;
454 }
455
456 memset(s->io_buffer, 0, 512);
457 p = (uint16_t *)s->io_buffer;
458 put_le16(p + 0, 0x0040);
459 put_le16(p + 1, s->cylinders);
460 put_le16(p + 3, s->heads);
461 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
462 put_le16(p + 5, 512); /* XXX: retired, remove ? */
463 put_le16(p + 6, s->sectors);
464 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
465 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
466 put_le16(p + 20, 3); /* XXX: retired, remove ? */
467 put_le16(p + 21, 512); /* cache size in sectors */
468 put_le16(p + 22, 4); /* ecc bytes */
469 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
470 padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
471 #if MAX_MULT_SECTORS > 1
472 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
473 #endif
474 put_le16(p + 48, 1); /* dword I/O */
475 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
476 put_le16(p + 51, 0x200); /* PIO transfer cycle */
477 put_le16(p + 52, 0x200); /* DMA transfer cycle */
478 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
479 put_le16(p + 54, s->cylinders);
480 put_le16(p + 55, s->heads);
481 put_le16(p + 56, s->sectors);
482 oldsize = s->cylinders * s->heads * s->sectors;
483 put_le16(p + 57, oldsize);
484 put_le16(p + 58, oldsize >> 16);
485 if (s->mult_sectors)
486 put_le16(p + 59, 0x100 | s->mult_sectors);
487 put_le16(p + 60, s->nb_sectors);
488 put_le16(p + 61, s->nb_sectors >> 16);
489 put_le16(p + 63, 0x07); /* mdma0-2 supported */
490 put_le16(p + 65, 120);
491 put_le16(p + 66, 120);
492 put_le16(p + 67, 120);
493 put_le16(p + 68, 120);
494 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
495 put_le16(p + 81, 0x16); /* conforms to ata5 */
496 put_le16(p + 82, (1 << 14));
497 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
498 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
499 put_le16(p + 84, (1 << 14));
500 put_le16(p + 85, (1 << 14));
501 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
502 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
503 put_le16(p + 87, (1 << 14));
504 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
505 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
506 put_le16(p + 100, s->nb_sectors);
507 put_le16(p + 101, s->nb_sectors >> 16);
508 put_le16(p + 102, s->nb_sectors >> 32);
509 put_le16(p + 103, s->nb_sectors >> 48);
510
511 memcpy(s->identify_data, p, sizeof(s->identify_data));
512 s->identify_set = 1;
513 }
514
515 static void ide_atapi_identify(IDEState *s)
516 {
517 uint16_t *p;
518 char buf[20];
519
520 if (s->identify_set) {
521 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
522 return;
523 }
524
525 memset(s->io_buffer, 0, 512);
526 p = (uint16_t *)s->io_buffer;
527 /* Removable CDROM, 50us response, 12 byte packets */
528 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
529 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
530 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
531 put_le16(p + 20, 3); /* buffer type */
532 put_le16(p + 21, 512); /* cache size in sectors */
533 put_le16(p + 22, 4); /* ecc bytes */
534 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
535 padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
536 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
537 #ifdef USE_DMA_CDROM
538 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
539 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
540 put_le16(p + 63, 7); /* mdma0-2 supported */
541 put_le16(p + 64, 0x3f); /* PIO modes supported */
542 #else
543 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
544 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
545 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
546 put_le16(p + 64, 1); /* PIO modes */
547 #endif
548 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
549 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
550 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
551 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
552
553 put_le16(p + 71, 30); /* in ns */
554 put_le16(p + 72, 30); /* in ns */
555
556 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
557 #ifdef USE_DMA_CDROM
558 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
559 #endif
560 memcpy(s->identify_data, p, sizeof(s->identify_data));
561 s->identify_set = 1;
562 }
563
564 static void ide_cfata_identify(IDEState *s)
565 {
566 uint16_t *p;
567 uint32_t cur_sec;
568 char buf[20];
569
570 p = (uint16_t *) s->identify_data;
571 if (s->identify_set)
572 goto fill_buffer;
573
574 memset(p, 0, sizeof(s->identify_data));
575
576 cur_sec = s->cylinders * s->heads * s->sectors;
577
578 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
579 put_le16(p + 1, s->cylinders); /* Default cylinders */
580 put_le16(p + 3, s->heads); /* Default heads */
581 put_le16(p + 6, s->sectors); /* Default sectors per track */
582 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
583 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
584 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
585 padstr((uint8_t *)(p + 10), buf, 20); /* Serial number in ASCII */
586 put_le16(p + 22, 0x0004); /* ECC bytes */
587 padstr((uint8_t *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
588 padstr((uint8_t *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
589 #if MAX_MULT_SECTORS > 1
590 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
591 #else
592 put_le16(p + 47, 0x0000);
593 #endif
594 put_le16(p + 49, 0x0f00); /* Capabilities */
595 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
596 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
597 put_le16(p + 53, 0x0003); /* Translation params valid */
598 put_le16(p + 54, s->cylinders); /* Current cylinders */
599 put_le16(p + 55, s->heads); /* Current heads */
600 put_le16(p + 56, s->sectors); /* Current sectors */
601 put_le16(p + 57, cur_sec); /* Current capacity */
602 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
603 if (s->mult_sectors) /* Multiple sector setting */
604 put_le16(p + 59, 0x100 | s->mult_sectors);
605 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
606 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
607 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
608 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
609 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
610 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
611 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
612 put_le16(p + 82, 0x400c); /* Command Set supported */
613 put_le16(p + 83, 0x7068); /* Command Set supported */
614 put_le16(p + 84, 0x4000); /* Features supported */
615 put_le16(p + 85, 0x000c); /* Command Set enabled */
616 put_le16(p + 86, 0x7044); /* Command Set enabled */
617 put_le16(p + 87, 0x4000); /* Features enabled */
618 put_le16(p + 91, 0x4060); /* Current APM level */
619 put_le16(p + 129, 0x0002); /* Current features option */
620 put_le16(p + 130, 0x0005); /* Reassigned sectors */
621 put_le16(p + 131, 0x0001); /* Initial power mode */
622 put_le16(p + 132, 0x0000); /* User signature */
623 put_le16(p + 160, 0x8100); /* Power requirement */
624 put_le16(p + 161, 0x8001); /* CF command set */
625
626 s->identify_set = 1;
627
628 fill_buffer:
629 memcpy(s->io_buffer, p, sizeof(s->identify_data));
630 }
631
632 static void ide_set_signature(IDEState *s)
633 {
634 s->select &= 0xf0; /* clear head */
635 /* put signature */
636 s->nsector = 1;
637 s->sector = 1;
638 if (s->is_cdrom) {
639 s->lcyl = 0x14;
640 s->hcyl = 0xeb;
641 } else if (s->bs) {
642 s->lcyl = 0;
643 s->hcyl = 0;
644 } else {
645 s->lcyl = 0xff;
646 s->hcyl = 0xff;
647 }
648 }
649
650 static inline void ide_abort_command(IDEState *s)
651 {
652 s->status = READY_STAT | ERR_STAT;
653 s->error = ABRT_ERR;
654 }
655
656 static inline void ide_set_irq(IDEState *s)
657 {
658 BMDMAState *bm = s->bmdma;
659 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
660 if (bm) {
661 bm->status |= BM_STATUS_INT;
662 }
663 qemu_irq_raise(s->irq);
664 }
665 }
666
667 /* prepare data transfer and tell what to do after */
668 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
669 EndTransferFunc *end_transfer_func)
670 {
671 s->end_transfer_func = end_transfer_func;
672 s->data_ptr = buf;
673 s->data_end = buf + size;
674 if (!(s->status & ERR_STAT))
675 s->status |= DRQ_STAT;
676 }
677
678 static void ide_transfer_stop(IDEState *s)
679 {
680 s->end_transfer_func = ide_transfer_stop;
681 s->data_ptr = s->io_buffer;
682 s->data_end = s->io_buffer;
683 s->status &= ~DRQ_STAT;
684 }
685
686 static int64_t ide_get_sector(IDEState *s)
687 {
688 int64_t sector_num;
689 if (s->select & 0x40) {
690 /* lba */
691 if (!s->lba48) {
692 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
693 (s->lcyl << 8) | s->sector;
694 } else {
695 sector_num = ((int64_t)s->hob_hcyl << 40) |
696 ((int64_t) s->hob_lcyl << 32) |
697 ((int64_t) s->hob_sector << 24) |
698 ((int64_t) s->hcyl << 16) |
699 ((int64_t) s->lcyl << 8) | s->sector;
700 }
701 } else {
702 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
703 (s->select & 0x0f) * s->sectors + (s->sector - 1);
704 }
705 return sector_num;
706 }
707
708 static void ide_set_sector(IDEState *s, int64_t sector_num)
709 {
710 unsigned int cyl, r;
711 if (s->select & 0x40) {
712 if (!s->lba48) {
713 s->select = (s->select & 0xf0) | (sector_num >> 24);
714 s->hcyl = (sector_num >> 16);
715 s->lcyl = (sector_num >> 8);
716 s->sector = (sector_num);
717 } else {
718 s->sector = sector_num;
719 s->lcyl = sector_num >> 8;
720 s->hcyl = sector_num >> 16;
721 s->hob_sector = sector_num >> 24;
722 s->hob_lcyl = sector_num >> 32;
723 s->hob_hcyl = sector_num >> 40;
724 }
725 } else {
726 cyl = sector_num / (s->heads * s->sectors);
727 r = sector_num % (s->heads * s->sectors);
728 s->hcyl = cyl >> 8;
729 s->lcyl = cyl;
730 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
731 s->sector = (r % s->sectors) + 1;
732 }
733 }
734
735 static void ide_sector_read(IDEState *s)
736 {
737 int64_t sector_num;
738 int ret, n;
739
740 s->status = READY_STAT | SEEK_STAT;
741 s->error = 0; /* not needed by IDE spec, but needed by Windows */
742 sector_num = ide_get_sector(s);
743 n = s->nsector;
744 if (n == 0) {
745 /* no more sector to read from disk */
746 ide_transfer_stop(s);
747 } else {
748 #if defined(DEBUG_IDE)
749 printf("read sector=%Ld\n", sector_num);
750 #endif
751 if (n > s->req_nb_sectors)
752 n = s->req_nb_sectors;
753 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
754 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
755 ide_set_irq(s);
756 ide_set_sector(s, sector_num + n);
757 s->nsector -= n;
758 }
759 }
760
761 /* return 0 if buffer completed */
762 static int dma_buf_rw(BMDMAState *bm, int is_write)
763 {
764 IDEState *s = bm->ide_if;
765 struct {
766 uint32_t addr;
767 uint32_t size;
768 } prd;
769 int l, len;
770
771 for(;;) {
772 l = s->io_buffer_size - s->io_buffer_index;
773 if (l <= 0)
774 break;
775 if (bm->cur_prd_len == 0) {
776 /* end of table (with a fail safe of one page) */
777 if (bm->cur_prd_last ||
778 (bm->cur_addr - bm->addr) >= 4096)
779 return 0;
780 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
781 bm->cur_addr += 8;
782 prd.addr = le32_to_cpu(prd.addr);
783 prd.size = le32_to_cpu(prd.size);
784 len = prd.size & 0xfffe;
785 if (len == 0)
786 len = 0x10000;
787 bm->cur_prd_len = len;
788 bm->cur_prd_addr = prd.addr;
789 bm->cur_prd_last = (prd.size & 0x80000000);
790 }
791 if (l > bm->cur_prd_len)
792 l = bm->cur_prd_len;
793 if (l > 0) {
794 if (is_write) {
795 cpu_physical_memory_write(bm->cur_prd_addr,
796 s->io_buffer + s->io_buffer_index, l);
797 } else {
798 cpu_physical_memory_read(bm->cur_prd_addr,
799 s->io_buffer + s->io_buffer_index, l);
800 }
801 bm->cur_prd_addr += l;
802 bm->cur_prd_len -= l;
803 s->io_buffer_index += l;
804 }
805 }
806 return 1;
807 }
808
809 /* XXX: handle errors */
810 static void ide_read_dma_cb(void *opaque, int ret)
811 {
812 BMDMAState *bm = opaque;
813 IDEState *s = bm->ide_if;
814 int n;
815 int64_t sector_num;
816
817 n = s->io_buffer_size >> 9;
818 sector_num = ide_get_sector(s);
819 if (n > 0) {
820 sector_num += n;
821 ide_set_sector(s, sector_num);
822 s->nsector -= n;
823 if (dma_buf_rw(bm, 1) == 0)
824 goto eot;
825 }
826
827 /* end of transfer ? */
828 if (s->nsector == 0) {
829 s->status = READY_STAT | SEEK_STAT;
830 ide_set_irq(s);
831 eot:
832 bm->status &= ~BM_STATUS_DMAING;
833 bm->status |= BM_STATUS_INT;
834 bm->dma_cb = NULL;
835 bm->ide_if = NULL;
836 bm->aiocb = NULL;
837 return;
838 }
839
840 /* launch next transfer */
841 n = s->nsector;
842 if (n > MAX_MULT_SECTORS)
843 n = MAX_MULT_SECTORS;
844 s->io_buffer_index = 0;
845 s->io_buffer_size = n * 512;
846 #ifdef DEBUG_AIO
847 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
848 #endif
849 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
850 ide_read_dma_cb, bm);
851 }
852
853 static void ide_sector_read_dma(IDEState *s)
854 {
855 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
856 s->io_buffer_index = 0;
857 s->io_buffer_size = 0;
858 ide_dma_start(s, ide_read_dma_cb);
859 }
860
861 static void ide_sector_write_timer_cb(void *opaque)
862 {
863 IDEState *s = opaque;
864 ide_set_irq(s);
865 }
866
867 static void ide_sector_write_aio_cb(void *opaque, int ret)
868 {
869 BMDMAState *bm = opaque;
870 IDEState *s = bm->ide_if;
871
872 #ifdef TARGET_I386
873 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
874 /* It seems there is a bug in the Windows 2000 installer HDD
875 IDE driver which fills the disk with empty logs when the
876 IDE write IRQ comes too early. This hack tries to correct
877 that at the expense of slower write performances. Use this
878 option _only_ to install Windows 2000. You must disable it
879 for normal use. */
880 qemu_mod_timer(s->sector_write_timer,
881 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
882 } else
883 #endif
884 {
885 ide_set_irq(s);
886 }
887 bm->aiocb = NULL;
888 }
889
890 static void ide_sector_write(IDEState *s)
891 {
892 BMDMAState *bm;
893 int64_t sector_num;
894 int n, n1;
895
896 s->io_buffer_index = 0;
897 s->io_buffer_size = 0;
898 bm = s->bmdma;
899 if(bm == NULL) {
900 bm = qemu_mallocz(sizeof(BMDMAState));
901 s->bmdma = bm;
902 }
903 bm->ide_if = s;
904 bm->dma_cb = ide_sector_write_aio_cb;
905
906 s->status = READY_STAT | SEEK_STAT;
907 sector_num = ide_get_sector(s);
908 #if defined(DEBUG_IDE)
909 printf("write sector=%Ld\n", sector_num);
910 #endif
911 n = s->nsector;
912 if (n > s->req_nb_sectors)
913 n = s->req_nb_sectors;
914 s->nsector -= n;
915 if (s->nsector == 0) {
916 /* no more sectors to write */
917 ide_transfer_stop(s);
918 } else {
919 n1 = s->nsector;
920 if (n1 > s->req_nb_sectors)
921 n1 = s->req_nb_sectors;
922 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
923 }
924 ide_set_sector(s, sector_num + n);
925
926 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
927 ide_sector_write_aio_cb, bm);
928 }
929
930 /* XXX: handle errors */
931 static void ide_write_dma_cb(void *opaque, int ret)
932 {
933 BMDMAState *bm = opaque;
934 IDEState *s = bm->ide_if;
935 int n;
936 int64_t sector_num;
937
938 n = s->io_buffer_size >> 9;
939 sector_num = ide_get_sector(s);
940 if (n > 0) {
941 sector_num += n;
942 ide_set_sector(s, sector_num);
943 s->nsector -= n;
944 }
945
946 /* end of transfer ? */
947 if (s->nsector == 0) {
948 s->status = READY_STAT | SEEK_STAT;
949 ide_set_irq(s);
950 eot:
951 bm->status &= ~BM_STATUS_DMAING;
952 bm->status |= BM_STATUS_INT;
953 bm->dma_cb = NULL;
954 bm->ide_if = NULL;
955 bm->aiocb = NULL;
956 return;
957 }
958
959 /* launch next transfer */
960 n = s->nsector;
961 if (n > MAX_MULT_SECTORS)
962 n = MAX_MULT_SECTORS;
963 s->io_buffer_index = 0;
964 s->io_buffer_size = n * 512;
965
966 if (dma_buf_rw(bm, 0) == 0)
967 goto eot;
968 #ifdef DEBUG_AIO
969 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
970 #endif
971 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
972 ide_write_dma_cb, bm);
973 }
974
975 static void ide_sector_write_dma(IDEState *s)
976 {
977 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
978 s->io_buffer_index = 0;
979 s->io_buffer_size = 0;
980 ide_dma_start(s, ide_write_dma_cb);
981 }
982
983 static void ide_atapi_cmd_ok(IDEState *s)
984 {
985 s->error = 0;
986 s->status = READY_STAT;
987 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
988 ide_set_irq(s);
989 }
990
991 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
992 {
993 #ifdef DEBUG_IDE_ATAPI
994 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
995 #endif
996 s->error = sense_key << 4;
997 s->status = READY_STAT | ERR_STAT;
998 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
999 s->sense_key = sense_key;
1000 s->asc = asc;
1001 ide_set_irq(s);
1002 }
1003
1004 static inline void cpu_to_ube16(uint8_t *buf, int val)
1005 {
1006 buf[0] = val >> 8;
1007 buf[1] = val;
1008 }
1009
1010 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1011 {
1012 buf[0] = val >> 24;
1013 buf[1] = val >> 16;
1014 buf[2] = val >> 8;
1015 buf[3] = val;
1016 }
1017
1018 static inline int ube16_to_cpu(const uint8_t *buf)
1019 {
1020 return (buf[0] << 8) | buf[1];
1021 }
1022
1023 static inline int ube32_to_cpu(const uint8_t *buf)
1024 {
1025 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1026 }
1027
1028 static void lba_to_msf(uint8_t *buf, int lba)
1029 {
1030 lba += 150;
1031 buf[0] = (lba / 75) / 60;
1032 buf[1] = (lba / 75) % 60;
1033 buf[2] = lba % 75;
1034 }
1035
1036 static void cd_data_to_raw(uint8_t *buf, int lba)
1037 {
1038 /* sync bytes */
1039 buf[0] = 0x00;
1040 memset(buf + 1, 0xff, 10);
1041 buf[11] = 0x00;
1042 buf += 12;
1043 /* MSF */
1044 lba_to_msf(buf, lba);
1045 buf[3] = 0x01; /* mode 1 data */
1046 buf += 4;
1047 /* data */
1048 buf += 2048;
1049 /* XXX: ECC not computed */
1050 memset(buf, 0, 288);
1051 }
1052
1053 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
1054 int sector_size)
1055 {
1056 int ret;
1057
1058 switch(sector_size) {
1059 case 2048:
1060 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1061 break;
1062 case 2352:
1063 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1064 if (ret < 0)
1065 return ret;
1066 cd_data_to_raw(buf, lba);
1067 break;
1068 default:
1069 ret = -EIO;
1070 break;
1071 }
1072 return ret;
1073 }
1074
1075 static void ide_atapi_io_error(IDEState *s, int ret)
1076 {
1077 /* XXX: handle more errors */
1078 if (ret == -ENOMEDIUM) {
1079 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1080 ASC_MEDIUM_NOT_PRESENT);
1081 } else {
1082 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1083 ASC_LOGICAL_BLOCK_OOR);
1084 }
1085 }
1086
1087 /* The whole ATAPI transfer logic is handled in this function */
1088 static void ide_atapi_cmd_reply_end(IDEState *s)
1089 {
1090 int byte_count_limit, size, ret;
1091 #ifdef DEBUG_IDE_ATAPI
1092 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1093 s->packet_transfer_size,
1094 s->elementary_transfer_size,
1095 s->io_buffer_index);
1096 #endif
1097 if (s->packet_transfer_size <= 0) {
1098 /* end of transfer */
1099 ide_transfer_stop(s);
1100 s->status = READY_STAT;
1101 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1102 ide_set_irq(s);
1103 #ifdef DEBUG_IDE_ATAPI
1104 printf("status=0x%x\n", s->status);
1105 #endif
1106 } else {
1107 /* see if a new sector must be read */
1108 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1109 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1110 if (ret < 0) {
1111 ide_transfer_stop(s);
1112 ide_atapi_io_error(s, ret);
1113 return;
1114 }
1115 s->lba++;
1116 s->io_buffer_index = 0;
1117 }
1118 if (s->elementary_transfer_size > 0) {
1119 /* there are some data left to transmit in this elementary
1120 transfer */
1121 size = s->cd_sector_size - s->io_buffer_index;
1122 if (size > s->elementary_transfer_size)
1123 size = s->elementary_transfer_size;
1124 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1125 size, ide_atapi_cmd_reply_end);
1126 s->packet_transfer_size -= size;
1127 s->elementary_transfer_size -= size;
1128 s->io_buffer_index += size;
1129 } else {
1130 /* a new transfer is needed */
1131 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1132 byte_count_limit = s->lcyl | (s->hcyl << 8);
1133 #ifdef DEBUG_IDE_ATAPI
1134 printf("byte_count_limit=%d\n", byte_count_limit);
1135 #endif
1136 if (byte_count_limit == 0xffff)
1137 byte_count_limit--;
1138 size = s->packet_transfer_size;
1139 if (size > byte_count_limit) {
1140 /* byte count limit must be even if this case */
1141 if (byte_count_limit & 1)
1142 byte_count_limit--;
1143 size = byte_count_limit;
1144 }
1145 s->lcyl = size;
1146 s->hcyl = size >> 8;
1147 s->elementary_transfer_size = size;
1148 /* we cannot transmit more than one sector at a time */
1149 if (s->lba != -1) {
1150 if (size > (s->cd_sector_size - s->io_buffer_index))
1151 size = (s->cd_sector_size - s->io_buffer_index);
1152 }
1153 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1154 size, ide_atapi_cmd_reply_end);
1155 s->packet_transfer_size -= size;
1156 s->elementary_transfer_size -= size;
1157 s->io_buffer_index += size;
1158 ide_set_irq(s);
1159 #ifdef DEBUG_IDE_ATAPI
1160 printf("status=0x%x\n", s->status);
1161 #endif
1162 }
1163 }
1164 }
1165
1166 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1167 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1168 {
1169 if (size > max_size)
1170 size = max_size;
1171 s->lba = -1; /* no sector read */
1172 s->packet_transfer_size = size;
1173 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1174 s->elementary_transfer_size = 0;
1175 s->io_buffer_index = 0;
1176
1177 if (s->atapi_dma) {
1178 s->status = READY_STAT | DRQ_STAT;
1179 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1180 } else {
1181 s->status = READY_STAT;
1182 ide_atapi_cmd_reply_end(s);
1183 }
1184 }
1185
1186 /* start a CD-CDROM read command */
1187 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1188 int sector_size)
1189 {
1190 s->lba = lba;
1191 s->packet_transfer_size = nb_sectors * sector_size;
1192 s->elementary_transfer_size = 0;
1193 s->io_buffer_index = sector_size;
1194 s->cd_sector_size = sector_size;
1195
1196 s->status = READY_STAT;
1197 ide_atapi_cmd_reply_end(s);
1198 }
1199
1200 /* ATAPI DMA support */
1201
1202 /* XXX: handle read errors */
1203 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1204 {
1205 BMDMAState *bm = opaque;
1206 IDEState *s = bm->ide_if;
1207 int data_offset, n;
1208
1209 if (ret < 0) {
1210 ide_atapi_io_error(s, ret);
1211 goto eot;
1212 }
1213
1214 if (s->io_buffer_size > 0) {
1215 /*
1216 * For a cdrom read sector command (s->lba != -1),
1217 * adjust the lba for the next s->io_buffer_size chunk
1218 * and dma the current chunk.
1219 * For a command != read (s->lba == -1), just transfer
1220 * the reply data.
1221 */
1222 if (s->lba != -1) {
1223 if (s->cd_sector_size == 2352) {
1224 n = 1;
1225 cd_data_to_raw(s->io_buffer, s->lba);
1226 } else {
1227 n = s->io_buffer_size >> 11;
1228 }
1229 s->lba += n;
1230 }
1231 s->packet_transfer_size -= s->io_buffer_size;
1232 if (dma_buf_rw(bm, 1) == 0)
1233 goto eot;
1234 }
1235
1236 if (s->packet_transfer_size <= 0) {
1237 s->status = READY_STAT;
1238 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1239 ide_set_irq(s);
1240 eot:
1241 bm->status &= ~BM_STATUS_DMAING;
1242 bm->status |= BM_STATUS_INT;
1243 bm->dma_cb = NULL;
1244 bm->ide_if = NULL;
1245 bm->aiocb = NULL;
1246 return;
1247 }
1248
1249 s->io_buffer_index = 0;
1250 if (s->cd_sector_size == 2352) {
1251 n = 1;
1252 s->io_buffer_size = s->cd_sector_size;
1253 data_offset = 16;
1254 } else {
1255 n = s->packet_transfer_size >> 11;
1256 if (n > (MAX_MULT_SECTORS / 4))
1257 n = (MAX_MULT_SECTORS / 4);
1258 s->io_buffer_size = n * 2048;
1259 data_offset = 0;
1260 }
1261 #ifdef DEBUG_AIO
1262 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1263 #endif
1264 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1265 s->io_buffer + data_offset, n * 4,
1266 ide_atapi_cmd_read_dma_cb, bm);
1267 if (!bm->aiocb) {
1268 /* Note: media not present is the most likely case */
1269 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1270 ASC_MEDIUM_NOT_PRESENT);
1271 goto eot;
1272 }
1273 }
1274
1275 /* start a CD-CDROM read command with DMA */
1276 /* XXX: test if DMA is available */
1277 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1278 int sector_size)
1279 {
1280 s->lba = lba;
1281 s->packet_transfer_size = nb_sectors * sector_size;
1282 s->io_buffer_index = 0;
1283 s->io_buffer_size = 0;
1284 s->cd_sector_size = sector_size;
1285
1286 /* XXX: check if BUSY_STAT should be set */
1287 s->status = READY_STAT | DRQ_STAT | BUSY_STAT;
1288 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1289 }
1290
1291 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1292 int sector_size)
1293 {
1294 #ifdef DEBUG_IDE_ATAPI
1295 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1296 lba, nb_sectors);
1297 #endif
1298 if (s->atapi_dma) {
1299 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1300 } else {
1301 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1302 }
1303 }
1304
1305 static void ide_atapi_cmd(IDEState *s)
1306 {
1307 const uint8_t *packet;
1308 uint8_t *buf;
1309 int max_len;
1310
1311 packet = s->io_buffer;
1312 buf = s->io_buffer;
1313 #ifdef DEBUG_IDE_ATAPI
1314 {
1315 int i;
1316 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1317 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1318 printf(" %02x", packet[i]);
1319 }
1320 printf("\n");
1321 }
1322 #endif
1323 switch(s->io_buffer[0]) {
1324 case GPCMD_TEST_UNIT_READY:
1325 if (bdrv_is_inserted(s->bs)) {
1326 ide_atapi_cmd_ok(s);
1327 } else {
1328 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1329 ASC_MEDIUM_NOT_PRESENT);
1330 }
1331 break;
1332 case GPCMD_MODE_SENSE_10:
1333 {
1334 int action, code;
1335 max_len = ube16_to_cpu(packet + 7);
1336 action = packet[2] >> 6;
1337 code = packet[2] & 0x3f;
1338 switch(action) {
1339 case 0: /* current values */
1340 switch(code) {
1341 case 0x01: /* error recovery */
1342 cpu_to_ube16(&buf[0], 16 + 6);
1343 buf[2] = 0x70;
1344 buf[3] = 0;
1345 buf[4] = 0;
1346 buf[5] = 0;
1347 buf[6] = 0;
1348 buf[7] = 0;
1349
1350 buf[8] = 0x01;
1351 buf[9] = 0x06;
1352 buf[10] = 0x00;
1353 buf[11] = 0x05;
1354 buf[12] = 0x00;
1355 buf[13] = 0x00;
1356 buf[14] = 0x00;
1357 buf[15] = 0x00;
1358 ide_atapi_cmd_reply(s, 16, max_len);
1359 break;
1360 case 0x2a:
1361 cpu_to_ube16(&buf[0], 28 + 6);
1362 buf[2] = 0x70;
1363 buf[3] = 0;
1364 buf[4] = 0;
1365 buf[5] = 0;
1366 buf[6] = 0;
1367 buf[7] = 0;
1368
1369 buf[8] = 0x2a;
1370 buf[9] = 0x12;
1371 buf[10] = 0x00;
1372 buf[11] = 0x00;
1373
1374 buf[12] = 0x70;
1375 buf[13] = 3 << 5;
1376 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1377 if (bdrv_is_locked(s->bs))
1378 buf[6] |= 1 << 1;
1379 buf[15] = 0x00;
1380 cpu_to_ube16(&buf[16], 706);
1381 buf[18] = 0;
1382 buf[19] = 2;
1383 cpu_to_ube16(&buf[20], 512);
1384 cpu_to_ube16(&buf[22], 706);
1385 buf[24] = 0;
1386 buf[25] = 0;
1387 buf[26] = 0;
1388 buf[27] = 0;
1389 ide_atapi_cmd_reply(s, 28, max_len);
1390 break;
1391 default:
1392 goto error_cmd;
1393 }
1394 break;
1395 case 1: /* changeable values */
1396 goto error_cmd;
1397 case 2: /* default values */
1398 goto error_cmd;
1399 default:
1400 case 3: /* saved values */
1401 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1402 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1403 break;
1404 }
1405 }
1406 break;
1407 case GPCMD_REQUEST_SENSE:
1408 max_len = packet[4];
1409 memset(buf, 0, 18);
1410 buf[0] = 0x70 | (1 << 7);
1411 buf[2] = s->sense_key;
1412 buf[7] = 10;
1413 buf[12] = s->asc;
1414 ide_atapi_cmd_reply(s, 18, max_len);
1415 break;
1416 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1417 if (bdrv_is_inserted(s->bs)) {
1418 bdrv_set_locked(s->bs, packet[4] & 1);
1419 ide_atapi_cmd_ok(s);
1420 } else {
1421 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1422 ASC_MEDIUM_NOT_PRESENT);
1423 }
1424 break;
1425 case GPCMD_READ_10:
1426 case GPCMD_READ_12:
1427 {
1428 int nb_sectors, lba;
1429
1430 if (packet[0] == GPCMD_READ_10)
1431 nb_sectors = ube16_to_cpu(packet + 7);
1432 else
1433 nb_sectors = ube32_to_cpu(packet + 6);
1434 lba = ube32_to_cpu(packet + 2);
1435 if (nb_sectors == 0) {
1436 ide_atapi_cmd_ok(s);
1437 break;
1438 }
1439 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1440 }
1441 break;
1442 case GPCMD_READ_CD:
1443 {
1444 int nb_sectors, lba, transfer_request;
1445
1446 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1447 lba = ube32_to_cpu(packet + 2);
1448 if (nb_sectors == 0) {
1449 ide_atapi_cmd_ok(s);
1450 break;
1451 }
1452 transfer_request = packet[9];
1453 switch(transfer_request & 0xf8) {
1454 case 0x00:
1455 /* nothing */
1456 ide_atapi_cmd_ok(s);
1457 break;
1458 case 0x10:
1459 /* normal read */
1460 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1461 break;
1462 case 0xf8:
1463 /* read all data */
1464 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1465 break;
1466 default:
1467 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1468 ASC_INV_FIELD_IN_CMD_PACKET);
1469 break;
1470 }
1471 }
1472 break;
1473 case GPCMD_SEEK:
1474 {
1475 int lba;
1476 int64_t total_sectors;
1477
1478 bdrv_get_geometry(s->bs, &total_sectors);
1479 total_sectors >>= 2;
1480 if (total_sectors <= 0) {
1481 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1482 ASC_MEDIUM_NOT_PRESENT);
1483 break;
1484 }
1485 lba = ube32_to_cpu(packet + 2);
1486 if (lba >= total_sectors) {
1487 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1488 ASC_LOGICAL_BLOCK_OOR);
1489 break;
1490 }
1491 ide_atapi_cmd_ok(s);
1492 }
1493 break;
1494 case GPCMD_START_STOP_UNIT:
1495 {
1496 int start, eject;
1497 start = packet[4] & 1;
1498 eject = (packet[4] >> 1) & 1;
1499
1500 if (eject && !start) {
1501 /* eject the disk */
1502 bdrv_eject(s->bs, 1);
1503 } else if (eject && start) {
1504 /* close the tray */
1505 bdrv_eject(s->bs, 0);
1506 }
1507 ide_atapi_cmd_ok(s);
1508 }
1509 break;
1510 case GPCMD_MECHANISM_STATUS:
1511 {
1512 max_len = ube16_to_cpu(packet + 8);
1513 cpu_to_ube16(buf, 0);
1514 /* no current LBA */
1515 buf[2] = 0;
1516 buf[3] = 0;
1517 buf[4] = 0;
1518 buf[5] = 1;
1519 cpu_to_ube16(buf + 6, 0);
1520 ide_atapi_cmd_reply(s, 8, max_len);
1521 }
1522 break;
1523 case GPCMD_READ_TOC_PMA_ATIP:
1524 {
1525 int format, msf, start_track, len;
1526 int64_t total_sectors;
1527
1528 bdrv_get_geometry(s->bs, &total_sectors);
1529 total_sectors >>= 2;
1530 if (total_sectors <= 0) {
1531 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1532 ASC_MEDIUM_NOT_PRESENT);
1533 break;
1534 }
1535 max_len = ube16_to_cpu(packet + 7);
1536 format = packet[9] >> 6;
1537 msf = (packet[1] >> 1) & 1;
1538 start_track = packet[6];
1539 switch(format) {
1540 case 0:
1541 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1542 if (len < 0)
1543 goto error_cmd;
1544 ide_atapi_cmd_reply(s, len, max_len);
1545 break;
1546 case 1:
1547 /* multi session : only a single session defined */
1548 memset(buf, 0, 12);
1549 buf[1] = 0x0a;
1550 buf[2] = 0x01;
1551 buf[3] = 0x01;
1552 ide_atapi_cmd_reply(s, 12, max_len);
1553 break;
1554 case 2:
1555 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1556 if (len < 0)
1557 goto error_cmd;
1558 ide_atapi_cmd_reply(s, len, max_len);
1559 break;
1560 default:
1561 error_cmd:
1562 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1563 ASC_INV_FIELD_IN_CMD_PACKET);
1564 break;
1565 }
1566 }
1567 break;
1568 case GPCMD_READ_CDVD_CAPACITY:
1569 {
1570 int64_t total_sectors;
1571
1572 bdrv_get_geometry(s->bs, &total_sectors);
1573 total_sectors >>= 2;
1574 if (total_sectors <= 0) {
1575 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1576 ASC_MEDIUM_NOT_PRESENT);
1577 break;
1578 }
1579 /* NOTE: it is really the number of sectors minus 1 */
1580 cpu_to_ube32(buf, total_sectors - 1);
1581 cpu_to_ube32(buf + 4, 2048);
1582 ide_atapi_cmd_reply(s, 8, 8);
1583 }
1584 break;
1585 case GPCMD_INQUIRY:
1586 max_len = packet[4];
1587 buf[0] = 0x05; /* CD-ROM */
1588 buf[1] = 0x80; /* removable */
1589 buf[2] = 0x00; /* ISO */
1590 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1591 buf[4] = 31; /* additional length */
1592 buf[5] = 0; /* reserved */
1593 buf[6] = 0; /* reserved */
1594 buf[7] = 0; /* reserved */
1595 padstr8(buf + 8, 8, "QEMU");
1596 padstr8(buf + 16, 16, "QEMU CD-ROM");
1597 padstr8(buf + 32, 4, QEMU_VERSION);
1598 ide_atapi_cmd_reply(s, 36, max_len);
1599 break;
1600 default:
1601 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1602 ASC_ILLEGAL_OPCODE);
1603 break;
1604 }
1605 }
1606
1607 static void ide_cfata_metadata_inquiry(IDEState *s)
1608 {
1609 uint16_t *p;
1610 uint32_t spd;
1611
1612 p = (uint16_t *) s->io_buffer;
1613 memset(p, 0, 0x200);
1614 spd = ((s->mdata_size - 1) >> 9) + 1;
1615
1616 put_le16(p + 0, 0x0001); /* Data format revision */
1617 put_le16(p + 1, 0x0000); /* Media property: silicon */
1618 put_le16(p + 2, s->media_changed); /* Media status */
1619 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1620 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1621 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1622 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1623 }
1624
1625 static void ide_cfata_metadata_read(IDEState *s)
1626 {
1627 uint16_t *p;
1628
1629 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1630 s->status = ERR_STAT;
1631 s->error = ABRT_ERR;
1632 return;
1633 }
1634
1635 p = (uint16_t *) s->io_buffer;
1636 memset(p, 0, 0x200);
1637
1638 put_le16(p + 0, s->media_changed); /* Media status */
1639 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1640 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1641 s->nsector << 9), 0x200 - 2));
1642 }
1643
1644 static void ide_cfata_metadata_write(IDEState *s)
1645 {
1646 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1647 s->status = ERR_STAT;
1648 s->error = ABRT_ERR;
1649 return;
1650 }
1651
1652 s->media_changed = 0;
1653
1654 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1655 s->io_buffer + 2,
1656 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1657 s->nsector << 9), 0x200 - 2));
1658 }
1659
1660 /* called when the inserted state of the media has changed */
1661 static void cdrom_change_cb(void *opaque)
1662 {
1663 IDEState *s = opaque;
1664 int64_t nb_sectors;
1665
1666 /* XXX: send interrupt too */
1667 bdrv_get_geometry(s->bs, &nb_sectors);
1668 s->nb_sectors = nb_sectors;
1669 }
1670
1671 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1672 {
1673 s->lba48 = lba48;
1674
1675 /* handle the 'magic' 0 nsector count conversion here. to avoid
1676 * fiddling with the rest of the read logic, we just store the
1677 * full sector count in ->nsector and ignore ->hob_nsector from now
1678 */
1679 if (!s->lba48) {
1680 if (!s->nsector)
1681 s->nsector = 256;
1682 } else {
1683 if (!s->nsector && !s->hob_nsector)
1684 s->nsector = 65536;
1685 else {
1686 int lo = s->nsector;
1687 int hi = s->hob_nsector;
1688
1689 s->nsector = (hi << 8) | lo;
1690 }
1691 }
1692 }
1693
1694 static void ide_clear_hob(IDEState *ide_if)
1695 {
1696 /* any write clears HOB high bit of device control register */
1697 ide_if[0].select &= ~(1 << 7);
1698 ide_if[1].select &= ~(1 << 7);
1699 }
1700
1701 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1702 {
1703 IDEState *ide_if = opaque;
1704 IDEState *s;
1705 int unit, n;
1706 int lba48 = 0;
1707
1708 #ifdef DEBUG_IDE
1709 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1710 #endif
1711
1712 addr &= 7;
1713 switch(addr) {
1714 case 0:
1715 break;
1716 case 1:
1717 ide_clear_hob(ide_if);
1718 /* NOTE: data is written to the two drives */
1719 ide_if[0].hob_feature = ide_if[0].feature;
1720 ide_if[1].hob_feature = ide_if[1].feature;
1721 ide_if[0].feature = val;
1722 ide_if[1].feature = val;
1723 break;
1724 case 2:
1725 ide_clear_hob(ide_if);
1726 ide_if[0].hob_nsector = ide_if[0].nsector;
1727 ide_if[1].hob_nsector = ide_if[1].nsector;
1728 ide_if[0].nsector = val;
1729 ide_if[1].nsector = val;
1730 break;
1731 case 3:
1732 ide_clear_hob(ide_if);
1733 ide_if[0].hob_sector = ide_if[0].sector;
1734 ide_if[1].hob_sector = ide_if[1].sector;
1735 ide_if[0].sector = val;
1736 ide_if[1].sector = val;
1737 break;
1738 case 4:
1739 ide_clear_hob(ide_if);
1740 ide_if[0].hob_lcyl = ide_if[0].lcyl;
1741 ide_if[1].hob_lcyl = ide_if[1].lcyl;
1742 ide_if[0].lcyl = val;
1743 ide_if[1].lcyl = val;
1744 break;
1745 case 5:
1746 ide_clear_hob(ide_if);
1747 ide_if[0].hob_hcyl = ide_if[0].hcyl;
1748 ide_if[1].hob_hcyl = ide_if[1].hcyl;
1749 ide_if[0].hcyl = val;
1750 ide_if[1].hcyl = val;
1751 break;
1752 case 6:
1753 /* FIXME: HOB readback uses bit 7 */
1754 ide_if[0].select = (val & ~0x10) | 0xa0;
1755 ide_if[1].select = (val | 0x10) | 0xa0;
1756 /* select drive */
1757 unit = (val >> 4) & 1;
1758 s = ide_if + unit;
1759 ide_if->cur_drive = s;
1760 break;
1761 default:
1762 case 7:
1763 /* command */
1764 #if defined(DEBUG_IDE)
1765 printf("ide: CMD=%02x\n", val);
1766 #endif
1767 s = ide_if->cur_drive;
1768 /* ignore commands to non existant slave */
1769 if (s != ide_if && !s->bs)
1770 break;
1771
1772 switch(val) {
1773 case WIN_IDENTIFY:
1774 if (s->bs && !s->is_cdrom) {
1775 if (!s->is_cf)
1776 ide_identify(s);
1777 else
1778 ide_cfata_identify(s);
1779 s->status = READY_STAT | SEEK_STAT;
1780 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1781 } else {
1782 if (s->is_cdrom) {
1783 ide_set_signature(s);
1784 }
1785 ide_abort_command(s);
1786 }
1787 ide_set_irq(s);
1788 break;
1789 case WIN_SPECIFY:
1790 case WIN_RECAL:
1791 s->error = 0;
1792 s->status = READY_STAT | SEEK_STAT;
1793 ide_set_irq(s);
1794 break;
1795 case WIN_SETMULT:
1796 if (s->is_cf && s->nsector == 0) {
1797 /* Disable Read and Write Multiple */
1798 s->mult_sectors = 0;
1799 s->status = READY_STAT;
1800 } else if ((s->nsector & 0xff) != 0 &&
1801 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1802 (s->nsector & (s->nsector - 1)) != 0)) {
1803 ide_abort_command(s);
1804 } else {
1805 s->mult_sectors = s->nsector & 0xff;
1806 s->status = READY_STAT;
1807 }
1808 ide_set_irq(s);
1809 break;
1810 case WIN_VERIFY_EXT:
1811 lba48 = 1;
1812 case WIN_VERIFY:
1813 case WIN_VERIFY_ONCE:
1814 /* do sector number check ? */
1815 ide_cmd_lba48_transform(s, lba48);
1816 s->status = READY_STAT;
1817 ide_set_irq(s);
1818 break;
1819 case WIN_READ_EXT:
1820 lba48 = 1;
1821 case WIN_READ:
1822 case WIN_READ_ONCE:
1823 if (!s->bs)
1824 goto abort_cmd;
1825 ide_cmd_lba48_transform(s, lba48);
1826 s->req_nb_sectors = 1;
1827 ide_sector_read(s);
1828 break;
1829 case WIN_WRITE_EXT:
1830 lba48 = 1;
1831 case WIN_WRITE:
1832 case WIN_WRITE_ONCE:
1833 case CFA_WRITE_SECT_WO_ERASE:
1834 case WIN_WRITE_VERIFY:
1835 ide_cmd_lba48_transform(s, lba48);
1836 s->error = 0;
1837 s->status = SEEK_STAT | READY_STAT;
1838 s->req_nb_sectors = 1;
1839 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1840 s->media_changed = 1;
1841 break;
1842 case WIN_MULTREAD_EXT:
1843 lba48 = 1;
1844 case WIN_MULTREAD:
1845 if (!s->mult_sectors)
1846 goto abort_cmd;
1847 ide_cmd_lba48_transform(s, lba48);
1848 s->req_nb_sectors = s->mult_sectors;
1849 ide_sector_read(s);
1850 break;
1851 case WIN_MULTWRITE_EXT:
1852 lba48 = 1;
1853 case WIN_MULTWRITE:
1854 case CFA_WRITE_MULTI_WO_ERASE:
1855 if (!s->mult_sectors)
1856 goto abort_cmd;
1857 ide_cmd_lba48_transform(s, lba48);
1858 s->error = 0;
1859 s->status = SEEK_STAT | READY_STAT;
1860 s->req_nb_sectors = s->mult_sectors;
1861 n = s->nsector;
1862 if (n > s->req_nb_sectors)
1863 n = s->req_nb_sectors;
1864 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1865 s->media_changed = 1;
1866 break;
1867 case WIN_READDMA_EXT:
1868 lba48 = 1;
1869 case WIN_READDMA:
1870 case WIN_READDMA_ONCE:
1871 if (!s->bs)
1872 goto abort_cmd;
1873 ide_cmd_lba48_transform(s, lba48);
1874 ide_sector_read_dma(s);
1875 break;
1876 case WIN_WRITEDMA_EXT:
1877 lba48 = 1;
1878 case WIN_WRITEDMA:
1879 case WIN_WRITEDMA_ONCE:
1880 if (!s->bs)
1881 goto abort_cmd;
1882 ide_cmd_lba48_transform(s, lba48);
1883 ide_sector_write_dma(s);
1884 s->media_changed = 1;
1885 break;
1886 case WIN_READ_NATIVE_MAX_EXT:
1887 lba48 = 1;
1888 case WIN_READ_NATIVE_MAX:
1889 ide_cmd_lba48_transform(s, lba48);
1890 ide_set_sector(s, s->nb_sectors - 1);
1891 s->status = READY_STAT;
1892 ide_set_irq(s);
1893 break;
1894 case WIN_CHECKPOWERMODE1:
1895 case WIN_CHECKPOWERMODE2:
1896 s->nsector = 0xff; /* device active or idle */
1897 s->status = READY_STAT;
1898 ide_set_irq(s);
1899 break;
1900 case WIN_SETFEATURES:
1901 if (!s->bs)
1902 goto abort_cmd;
1903 /* XXX: valid for CDROM ? */
1904 switch(s->feature) {
1905 case 0xcc: /* reverting to power-on defaults enable */
1906 case 0x66: /* reverting to power-on defaults disable */
1907 case 0x02: /* write cache enable */
1908 case 0x82: /* write cache disable */
1909 case 0xaa: /* read look-ahead enable */
1910 case 0x55: /* read look-ahead disable */
1911 case 0x05: /* set advanced power management mode */
1912 case 0x85: /* disable advanced power management mode */
1913 case 0x69: /* NOP */
1914 case 0x67: /* NOP */
1915 case 0x96: /* NOP */
1916 case 0x9a: /* NOP */
1917 s->status = READY_STAT | SEEK_STAT;
1918 ide_set_irq(s);
1919 break;
1920 case 0x03: { /* set transfer mode */
1921 uint8_t val = s->nsector & 0x07;
1922
1923 switch (s->nsector >> 3) {
1924 case 0x00: /* pio default */
1925 case 0x01: /* pio mode */
1926 put_le16(s->identify_data + 63,0x07);
1927 put_le16(s->identify_data + 88,0x3f);
1928 break;
1929 case 0x04: /* mdma mode */
1930 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
1931 put_le16(s->identify_data + 88,0x3f);
1932 break;
1933 case 0x08: /* udma mode */
1934 put_le16(s->identify_data + 63,0x07);
1935 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
1936 break;
1937 default:
1938 goto abort_cmd;
1939 }
1940 s->status = READY_STAT | SEEK_STAT;
1941 ide_set_irq(s);
1942 break;
1943 }
1944 default:
1945 goto abort_cmd;
1946 }
1947 break;
1948 case WIN_FLUSH_CACHE:
1949 case WIN_FLUSH_CACHE_EXT:
1950 if (s->bs)
1951 bdrv_flush(s->bs);
1952 s->status = READY_STAT;
1953 ide_set_irq(s);
1954 break;
1955 case WIN_STANDBYNOW1:
1956 case WIN_STANDBYNOW2:
1957 case WIN_IDLEIMMEDIATE:
1958 case CFA_IDLEIMMEDIATE:
1959 case WIN_SETIDLE1:
1960 case WIN_SETIDLE2:
1961 s->status = READY_STAT;
1962 ide_set_irq(s);
1963 break;
1964 /* ATAPI commands */
1965 case WIN_PIDENTIFY:
1966 if (s->is_cdrom) {
1967 ide_atapi_identify(s);
1968 s->status = READY_STAT | SEEK_STAT;
1969 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1970 } else {
1971 ide_abort_command(s);
1972 }
1973 ide_set_irq(s);
1974 break;
1975 case WIN_DIAGNOSE:
1976 ide_set_signature(s);
1977 s->status = 0x00; /* NOTE: READY is _not_ set */
1978 s->error = 0x01;
1979 break;
1980 case WIN_SRST:
1981 if (!s->is_cdrom)
1982 goto abort_cmd;
1983 ide_set_signature(s);
1984 s->status = 0x00; /* NOTE: READY is _not_ set */
1985 s->error = 0x01;
1986 break;
1987 case WIN_PACKETCMD:
1988 if (!s->is_cdrom)
1989 goto abort_cmd;
1990 /* overlapping commands not supported */
1991 if (s->feature & 0x02)
1992 goto abort_cmd;
1993 s->status = READY_STAT;
1994 s->atapi_dma = s->feature & 1;
1995 s->nsector = 1;
1996 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1997 ide_atapi_cmd);
1998 break;
1999 /* CF-ATA commands */
2000 case CFA_REQ_EXT_ERROR_CODE:
2001 if (!s->is_cf)
2002 goto abort_cmd;
2003 s->error = 0x09; /* miscellaneous error */
2004 s->status = READY_STAT;
2005 ide_set_irq(s);
2006 break;
2007 case CFA_ERASE_SECTORS:
2008 case CFA_WEAR_LEVEL:
2009 if (!s->is_cf)
2010 goto abort_cmd;
2011 if (val == CFA_WEAR_LEVEL)
2012 s->nsector = 0;
2013 if (val == CFA_ERASE_SECTORS)
2014 s->media_changed = 1;
2015 s->error = 0x00;
2016 s->status = READY_STAT;
2017 ide_set_irq(s);
2018 break;
2019 case CFA_TRANSLATE_SECTOR:
2020 if (!s->is_cf)
2021 goto abort_cmd;
2022 s->error = 0x00;
2023 s->status = READY_STAT;
2024 memset(s->io_buffer, 0, 0x200);
2025 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2026 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2027 s->io_buffer[0x02] = s->select; /* Head */
2028 s->io_buffer[0x03] = s->sector; /* Sector */
2029 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2030 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2031 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2032 s->io_buffer[0x13] = 0x00; /* Erase flag */
2033 s->io_buffer[0x18] = 0x00; /* Hot count */
2034 s->io_buffer[0x19] = 0x00; /* Hot count */
2035 s->io_buffer[0x1a] = 0x01; /* Hot count */
2036 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2037 ide_set_irq(s);
2038 break;
2039 case CFA_ACCESS_METADATA_STORAGE:
2040 if (!s->is_cf)
2041 goto abort_cmd;
2042 switch (s->feature) {
2043 case 0x02: /* Inquiry Metadata Storage */
2044 ide_cfata_metadata_inquiry(s);
2045 break;
2046 case 0x03: /* Read Metadata Storage */
2047 ide_cfata_metadata_read(s);
2048 break;
2049 case 0x04: /* Write Metadata Storage */
2050 ide_cfata_metadata_write(s);
2051 break;
2052 default:
2053 goto abort_cmd;
2054 }
2055 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2056 s->status = 0x00; /* NOTE: READY is _not_ set */
2057 ide_set_irq(s);
2058 break;
2059 case IBM_SENSE_CONDITION:
2060 if (!s->is_cf)
2061 goto abort_cmd;
2062 switch (s->feature) {
2063 case 0x01: /* sense temperature in device */
2064 s->nsector = 0x50; /* +20 C */
2065 break;
2066 default:
2067 goto abort_cmd;
2068 }
2069 s->status = READY_STAT;
2070 ide_set_irq(s);
2071 break;
2072 default:
2073 abort_cmd:
2074 ide_abort_command(s);
2075 ide_set_irq(s);
2076 break;
2077 }
2078 }
2079 }
2080
2081 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2082 {
2083 IDEState *ide_if = opaque;
2084 IDEState *s = ide_if->cur_drive;
2085 uint32_t addr;
2086 int ret, hob;
2087
2088 addr = addr1 & 7;
2089 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2090 //hob = s->select & (1 << 7);
2091 hob = 0;
2092 switch(addr) {
2093 case 0:
2094 ret = 0xff;
2095 break;
2096 case 1:
2097 if (!ide_if[0].bs && !ide_if[1].bs)
2098 ret = 0;
2099 else if (!hob)
2100 ret = s->error;
2101 else
2102 ret = s->hob_feature;
2103 break;
2104 case 2:
2105 if (!ide_if[0].bs && !ide_if[1].bs)
2106 ret = 0;
2107 else if (!hob)
2108 ret = s->nsector & 0xff;
2109 else
2110 ret = s->hob_nsector;
2111 break;
2112 case 3:
2113 if (!ide_if[0].bs && !ide_if[1].bs)
2114 ret = 0;
2115 else if (!hob)
2116 ret = s->sector;
2117 else
2118 ret = s->hob_sector;
2119 break;
2120 case 4:
2121 if (!ide_if[0].bs && !ide_if[1].bs)
2122 ret = 0;
2123 else if (!hob)
2124 ret = s->lcyl;
2125 else
2126 ret = s->hob_lcyl;
2127 break;
2128 case 5:
2129 if (!ide_if[0].bs && !ide_if[1].bs)
2130 ret = 0;
2131 else if (!hob)
2132 ret = s->hcyl;
2133 else
2134 ret = s->hob_hcyl;
2135 break;
2136 case 6:
2137 if (!ide_if[0].bs && !ide_if[1].bs)
2138 ret = 0;
2139 else
2140 ret = s->select;
2141 break;
2142 default:
2143 case 7:
2144 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2145 (s != ide_if && !s->bs))
2146 ret = 0;
2147 else
2148 ret = s->status;
2149 qemu_irq_lower(s->irq);
2150 break;
2151 }
2152 #ifdef DEBUG_IDE
2153 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2154 #endif
2155 return ret;
2156 }
2157
2158 static uint32_t ide_status_read(void *opaque, uint32_t addr)
2159 {
2160 IDEState *ide_if = opaque;
2161 IDEState *s = ide_if->cur_drive;
2162 int ret;
2163
2164 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2165 (s != ide_if && !s->bs))
2166 ret = 0;
2167 else
2168 ret = s->status;
2169 #ifdef DEBUG_IDE
2170 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2171 #endif
2172 return ret;
2173 }
2174
2175 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2176 {
2177 IDEState *ide_if = opaque;
2178 IDEState *s;
2179 int i;
2180
2181 #ifdef DEBUG_IDE
2182 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2183 #endif
2184 /* common for both drives */
2185 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2186 (val & IDE_CMD_RESET)) {
2187 /* reset low to high */
2188 for(i = 0;i < 2; i++) {
2189 s = &ide_if[i];
2190 s->status = BUSY_STAT | SEEK_STAT;
2191 s->error = 0x01;
2192 }
2193 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2194 !(val & IDE_CMD_RESET)) {
2195 /* high to low */
2196 for(i = 0;i < 2; i++) {
2197 s = &ide_if[i];
2198 if (s->is_cdrom)
2199 s->status = 0x00; /* NOTE: READY is _not_ set */
2200 else
2201 s->status = READY_STAT | SEEK_STAT;
2202 ide_set_signature(s);
2203 }
2204 }
2205
2206 ide_if[0].cmd = val;
2207 ide_if[1].cmd = val;
2208 }
2209
2210 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2211 {
2212 IDEState *s = ((IDEState *)opaque)->cur_drive;
2213 uint8_t *p;
2214
2215 p = s->data_ptr;
2216 *(uint16_t *)p = le16_to_cpu(val);
2217 p += 2;
2218 s->data_ptr = p;
2219 if (p >= s->data_end)
2220 s->end_transfer_func(s);
2221 }
2222
2223 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2224 {
2225 IDEState *s = ((IDEState *)opaque)->cur_drive;
2226 uint8_t *p;
2227 int ret;
2228 p = s->data_ptr;
2229 ret = cpu_to_le16(*(uint16_t *)p);
2230 p += 2;
2231 s->data_ptr = p;
2232 if (p >= s->data_end)
2233 s->end_transfer_func(s);
2234 return ret;
2235 }
2236
2237 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2238 {
2239 IDEState *s = ((IDEState *)opaque)->cur_drive;
2240 uint8_t *p;
2241
2242 p = s->data_ptr;
2243 *(uint32_t *)p = le32_to_cpu(val);
2244 p += 4;
2245 s->data_ptr = p;
2246 if (p >= s->data_end)
2247 s->end_transfer_func(s);
2248 }
2249
2250 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2251 {
2252 IDEState *s = ((IDEState *)opaque)->cur_drive;
2253 uint8_t *p;
2254 int ret;
2255
2256 p = s->data_ptr;
2257 ret = cpu_to_le32(*(uint32_t *)p);
2258 p += 4;
2259 s->data_ptr = p;
2260 if (p >= s->data_end)
2261 s->end_transfer_func(s);
2262 return ret;
2263 }
2264
2265 static void ide_dummy_transfer_stop(IDEState *s)
2266 {
2267 s->data_ptr = s->io_buffer;
2268 s->data_end = s->io_buffer;
2269 s->io_buffer[0] = 0xff;
2270 s->io_buffer[1] = 0xff;
2271 s->io_buffer[2] = 0xff;
2272 s->io_buffer[3] = 0xff;
2273 }
2274
2275 static void ide_reset(IDEState *s)
2276 {
2277 if (s->is_cf)
2278 s->mult_sectors = 0;
2279 else
2280 s->mult_sectors = MAX_MULT_SECTORS;
2281 s->cur_drive = s;
2282 s->select = 0xa0;
2283 s->status = READY_STAT;
2284 ide_set_signature(s);
2285 /* init the transfer handler so that 0xffff is returned on data
2286 accesses */
2287 s->end_transfer_func = ide_dummy_transfer_stop;
2288 ide_dummy_transfer_stop(s);
2289 s->media_changed = 0;
2290 }
2291
2292 struct partition {
2293 uint8_t boot_ind; /* 0x80 - active */
2294 uint8_t head; /* starting head */
2295 uint8_t sector; /* starting sector */
2296 uint8_t cyl; /* starting cylinder */
2297 uint8_t sys_ind; /* What partition type */
2298 uint8_t end_head; /* end head */
2299 uint8_t end_sector; /* end sector */
2300 uint8_t end_cyl; /* end cylinder */
2301 uint32_t start_sect; /* starting sector counting from 0 */
2302 uint32_t nr_sects; /* nr of sectors in partition */
2303 } __attribute__((packed));
2304
2305 /* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
2306 static int guess_disk_lchs(IDEState *s,
2307 int *pcylinders, int *pheads, int *psectors)
2308 {
2309 uint8_t buf[512];
2310 int ret, i, heads, sectors, cylinders;
2311 struct partition *p;
2312 uint32_t nr_sects;
2313
2314 ret = bdrv_read(s->bs, 0, buf, 1);
2315 if (ret < 0)
2316 return -1;
2317 /* test msdos magic */
2318 if (buf[510] != 0x55 || buf[511] != 0xaa)
2319 return -1;
2320 for(i = 0; i < 4; i++) {
2321 p = ((struct partition *)(buf + 0x1be)) + i;
2322 nr_sects = le32_to_cpu(p->nr_sects);
2323 if (nr_sects && p->end_head) {
2324 /* We make the assumption that the partition terminates on
2325 a cylinder boundary */
2326 heads = p->end_head + 1;
2327 sectors = p->end_sector & 63;
2328 if (sectors == 0)
2329 continue;
2330 cylinders = s->nb_sectors / (heads * sectors);
2331 if (cylinders < 1 || cylinders > 16383)
2332 continue;
2333 *pheads = heads;
2334 *psectors = sectors;
2335 *pcylinders = cylinders;
2336 #if 0
2337 printf("guessed geometry: LCHS=%d %d %d\n",
2338 cylinders, heads, sectors);
2339 #endif
2340 return 0;
2341 }
2342 }
2343 return -1;
2344 }
2345
2346 static void ide_init2(IDEState *ide_state,
2347 BlockDriverState *hd0, BlockDriverState *hd1,
2348 qemu_irq irq)
2349 {
2350 IDEState *s;
2351 static int drive_serial = 1;
2352 int i, cylinders, heads, secs, translation, lba_detected = 0;
2353 int64_t nb_sectors;
2354
2355 for(i = 0; i < 2; i++) {
2356 s = ide_state + i;
2357 if (i == 0)
2358 s->bs = hd0;
2359 else
2360 s->bs = hd1;
2361 if (s->bs) {
2362 bdrv_get_geometry(s->bs, &nb_sectors);
2363 s->nb_sectors = nb_sectors;
2364 /* if a geometry hint is available, use it */
2365 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
2366 translation = bdrv_get_translation_hint(s->bs);
2367 if (cylinders != 0) {
2368 s->cylinders = cylinders;
2369 s->heads = heads;
2370 s->sectors = secs;
2371 } else {
2372 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
2373 if (heads > 16) {
2374 /* if heads > 16, it means that a BIOS LBA
2375 translation was active, so the default
2376 hardware geometry is OK */
2377 lba_detected = 1;
2378 goto default_geometry;
2379 } else {
2380 s->cylinders = cylinders;
2381 s->heads = heads;
2382 s->sectors = secs;
2383 /* disable any translation to be in sync with
2384 the logical geometry */
2385 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
2386 bdrv_set_translation_hint(s->bs,
2387 BIOS_ATA_TRANSLATION_NONE);
2388 }
2389 }
2390 } else {
2391 default_geometry:
2392 /* if no geometry, use a standard physical disk geometry */
2393 cylinders = nb_sectors / (16 * 63);
2394 if (cylinders > 16383)
2395 cylinders = 16383;
2396 else if (cylinders < 2)
2397 cylinders = 2;
2398 s->cylinders = cylinders;
2399 s->heads = 16;
2400 s->sectors = 63;
2401 if ((lba_detected == 1) && (translation == BIOS_ATA_TRANSLATION_AUTO)) {
2402 if ((s->cylinders * s->heads) <= 131072) {
2403 bdrv_set_translation_hint(s->bs,
2404 BIOS_ATA_TRANSLATION_LARGE);
2405 } else {
2406 bdrv_set_translation_hint(s->bs,
2407 BIOS_ATA_TRANSLATION_LBA);
2408 }
2409 }
2410 }
2411 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
2412 }
2413 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2414 s->is_cdrom = 1;
2415 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2416 }
2417 }
2418 s->drive_serial = drive_serial++;
2419 s->irq = irq;
2420 s->sector_write_timer = qemu_new_timer(vm_clock,
2421 ide_sector_write_timer_cb, s);
2422 ide_reset(s);
2423 }
2424 }
2425
2426 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2427 {
2428 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2429 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2430 if (iobase2) {
2431 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2432 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2433 }
2434
2435 /* data ports */
2436 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2437 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2438 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2439 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2440 }
2441
2442 /* save per IDE drive data */
2443 static void ide_save(QEMUFile* f, IDEState *s)
2444 {
2445 qemu_put_be32s(f, &s->mult_sectors);
2446 qemu_put_be32s(f, &s->identify_set);
2447 if (s->identify_set) {
2448 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2449 }
2450 qemu_put_8s(f, &s->feature);
2451 qemu_put_8s(f, &s->error);
2452 qemu_put_be32s(f, &s->nsector);
2453 qemu_put_8s(f, &s->sector);
2454 qemu_put_8s(f, &s->lcyl);
2455 qemu_put_8s(f, &s->hcyl);
2456 qemu_put_8s(f, &s->hob_feature);
2457 qemu_put_8s(f, &s->hob_nsector);
2458 qemu_put_8s(f, &s->hob_sector);
2459 qemu_put_8s(f, &s->hob_lcyl);
2460 qemu_put_8s(f, &s->hob_hcyl);
2461 qemu_put_8s(f, &s->select);
2462 qemu_put_8s(f, &s->status);
2463 qemu_put_8s(f, &s->lba48);
2464
2465 qemu_put_8s(f, &s->sense_key);
2466 qemu_put_8s(f, &s->asc);
2467 /* XXX: if a transfer is pending, we do not save it yet */
2468 }
2469
2470 /* load per IDE drive data */
2471 static void ide_load(QEMUFile* f, IDEState *s)
2472 {
2473 qemu_get_be32s(f, &s->mult_sectors);
2474 qemu_get_be32s(f, &s->identify_set);
2475 if (s->identify_set) {
2476 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2477 }
2478 qemu_get_8s(f, &s->feature);
2479 qemu_get_8s(f, &s->error);
2480 qemu_get_be32s(f, &s->nsector);
2481 qemu_get_8s(f, &s->sector);
2482 qemu_get_8s(f, &s->lcyl);
2483 qemu_get_8s(f, &s->hcyl);
2484 qemu_get_8s(f, &s->hob_feature);
2485 qemu_get_8s(f, &s->hob_nsector);
2486 qemu_get_8s(f, &s->hob_sector);
2487 qemu_get_8s(f, &s->hob_lcyl);
2488 qemu_get_8s(f, &s->hob_hcyl);
2489 qemu_get_8s(f, &s->select);
2490 qemu_get_8s(f, &s->status);
2491 qemu_get_8s(f, &s->lba48);
2492
2493 qemu_get_8s(f, &s->sense_key);
2494 qemu_get_8s(f, &s->asc);
2495 /* XXX: if a transfer is pending, we do not save it yet */
2496 }
2497
2498 /***********************************************************/
2499 /* ISA IDE definitions */
2500
2501 void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
2502 BlockDriverState *hd0, BlockDriverState *hd1)
2503 {
2504 IDEState *ide_state;
2505
2506 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2507 if (!ide_state)
2508 return;
2509
2510 ide_init2(ide_state, hd0, hd1, irq);
2511 ide_init_ioport(ide_state, iobase, iobase2);
2512 }
2513
2514 /***********************************************************/
2515 /* PCI IDE definitions */
2516
2517 static void cmd646_update_irq(PCIIDEState *d);
2518
2519 static void ide_map(PCIDevice *pci_dev, int region_num,
2520 uint32_t addr, uint32_t size, int type)
2521 {
2522 PCIIDEState *d = (PCIIDEState *)pci_dev;
2523 IDEState *ide_state;
2524
2525 if (region_num <= 3) {
2526 ide_state = &d->ide_if[(region_num >> 1) * 2];
2527 if (region_num & 1) {
2528 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2529 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2530 } else {
2531 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2532 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2533
2534 /* data ports */
2535 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2536 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2537 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2538 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2539 }
2540 }
2541 }
2542
2543 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2544 {
2545 BMDMAState *bm = s->bmdma;
2546 if(!bm)
2547 return;
2548 bm->ide_if = s;
2549 bm->dma_cb = dma_cb;
2550 bm->cur_prd_last = 0;
2551 bm->cur_prd_addr = 0;
2552 bm->cur_prd_len = 0;
2553 if (bm->status & BM_STATUS_DMAING) {
2554 bm->dma_cb(bm, 0);
2555 }
2556 }
2557
2558 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2559 {
2560 BMDMAState *bm = opaque;
2561 #ifdef DEBUG_IDE
2562 printf("%s: 0x%08x\n", __func__, val);
2563 #endif
2564 if (!(val & BM_CMD_START)) {
2565 /* XXX: do it better */
2566 if (bm->status & BM_STATUS_DMAING) {
2567 bm->status &= ~BM_STATUS_DMAING;
2568 /* cancel DMA request */
2569 bm->ide_if = NULL;
2570 bm->dma_cb = NULL;
2571 if (bm->aiocb) {
2572 #ifdef DEBUG_AIO
2573 printf("aio_cancel\n");
2574 #endif
2575 bdrv_aio_cancel(bm->aiocb);
2576 bm->aiocb = NULL;
2577 }
2578 }
2579 bm->cmd = val & 0x09;
2580 } else {
2581 if (!(bm->status & BM_STATUS_DMAING)) {
2582 bm->status |= BM_STATUS_DMAING;
2583 /* start dma transfer if possible */
2584 if (bm->dma_cb)
2585 bm->dma_cb(bm, 0);
2586 }
2587 bm->cmd = val & 0x09;
2588 }
2589 }
2590
2591 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2592 {
2593 BMDMAState *bm = opaque;
2594 PCIIDEState *pci_dev;
2595 uint32_t val;
2596
2597 switch(addr & 3) {
2598 case 0:
2599 val = bm->cmd;
2600 break;
2601 case 1:
2602 pci_dev = bm->pci_dev;
2603 if (pci_dev->type == IDE_TYPE_CMD646) {
2604 val = pci_dev->dev.config[MRDMODE];
2605 } else {
2606 val = 0xff;
2607 }
2608 break;
2609 case 2:
2610 val = bm->status;
2611 break;
2612 case 3:
2613 pci_dev = bm->pci_dev;
2614 if (pci_dev->type == IDE_TYPE_CMD646) {
2615 if (bm == &pci_dev->bmdma[0])
2616 val = pci_dev->dev.config[UDIDETCR0];
2617 else
2618 val = pci_dev->dev.config[UDIDETCR1];
2619 } else {
2620 val = 0xff;
2621 }
2622 break;
2623 default:
2624 val = 0xff;
2625 break;
2626 }
2627 #ifdef DEBUG_IDE
2628 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2629 #endif
2630 return val;
2631 }
2632
2633 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2634 {
2635 BMDMAState *bm = opaque;
2636 PCIIDEState *pci_dev;
2637 #ifdef DEBUG_IDE
2638 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
2639 #endif
2640 switch(addr & 3) {
2641 case 1:
2642 pci_dev = bm->pci_dev;
2643 if (pci_dev->type == IDE_TYPE_CMD646) {
2644 pci_dev->dev.config[MRDMODE] =
2645 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2646 cmd646_update_irq(pci_dev);
2647 }
2648 break;
2649 case 2:
2650 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2651 break;
2652 case 3:
2653 pci_dev = bm->pci_dev;
2654 if (pci_dev->type == IDE_TYPE_CMD646) {
2655 if (bm == &pci_dev->bmdma[0])
2656 pci_dev->dev.config[UDIDETCR0] = val;
2657 else
2658 pci_dev->dev.config[UDIDETCR1] = val;
2659 }
2660 break;
2661 }
2662 }
2663
2664 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2665 {
2666 BMDMAState *bm = opaque;
2667 uint32_t val;
2668 val = bm->addr;
2669 #ifdef DEBUG_IDE
2670 printf("%s: 0x%08x\n", __func__, val);
2671 #endif
2672 return val;
2673 }
2674
2675 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2676 {
2677 BMDMAState *bm = opaque;
2678 #ifdef DEBUG_IDE
2679 printf("%s: 0x%08x\n", __func__, val);
2680 #endif
2681 bm->addr = val & ~3;
2682 bm->cur_addr = bm->addr;
2683 }
2684
2685 static void bmdma_map(PCIDevice *pci_dev, int region_num,
2686 uint32_t addr, uint32_t size, int type)
2687 {
2688 PCIIDEState *d = (PCIIDEState *)pci_dev;
2689 int i;
2690
2691 for(i = 0;i < 2; i++) {
2692 BMDMAState *bm = &d->bmdma[i];
2693 d->ide_if[2 * i].bmdma = bm;
2694 d->ide_if[2 * i + 1].bmdma = bm;
2695 bm->pci_dev = (PCIIDEState *)pci_dev;
2696
2697 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2698
2699 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
2700 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
2701
2702 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2703 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2704 addr += 8;
2705 }
2706 }
2707
2708 /* XXX: call it also when the MRDMODE is changed from the PCI config
2709 registers */
2710 static void cmd646_update_irq(PCIIDEState *d)
2711 {
2712 int pci_level;
2713 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
2714 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
2715 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
2716 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
2717 qemu_set_irq(d->dev.irq[0], pci_level);
2718 }
2719
2720 /* the PCI irq level is the logical OR of the two channels */
2721 static void cmd646_set_irq(void *opaque, int channel, int level)
2722 {
2723 PCIIDEState *d = opaque;
2724 int irq_mask;
2725
2726 irq_mask = MRDMODE_INTR_CH0 << channel;
2727 if (level)
2728 d->dev.config[MRDMODE] |= irq_mask;
2729 else
2730 d->dev.config[MRDMODE] &= ~irq_mask;
2731 cmd646_update_irq(d);
2732 }
2733
2734 /* CMD646 PCI IDE controller */
2735 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
2736 int secondary_ide_enabled)
2737 {
2738 PCIIDEState *d;
2739 uint8_t *pci_conf;
2740 int i;
2741 qemu_irq *irq;
2742
2743 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
2744 sizeof(PCIIDEState),
2745 -1,
2746 NULL, NULL);
2747 d->type = IDE_TYPE_CMD646;
2748 pci_conf = d->dev.config;
2749 pci_conf[0x00] = 0x95; // CMD646
2750 pci_conf[0x01] = 0x10;
2751 pci_conf[0x02] = 0x46;
2752 pci_conf[0x03] = 0x06;
2753
2754 pci_conf[0x08] = 0x07; // IDE controller revision
2755 pci_conf[0x09] = 0x8f;
2756
2757 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2758 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2759 pci_conf[0x0e] = 0x00; // header_type
2760
2761 if (secondary_ide_enabled) {
2762 /* XXX: if not enabled, really disable the seconday IDE controller */
2763 pci_conf[0x51] = 0x80; /* enable IDE1 */
2764 }
2765
2766 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2767 PCI_ADDRESS_SPACE_IO, ide_map);
2768 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2769 PCI_ADDRESS_SPACE_IO, ide_map);
2770 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2771 PCI_ADDRESS_SPACE_IO, ide_map);
2772 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2773 PCI_ADDRESS_SPACE_IO, ide_map);
2774 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2775 PCI_ADDRESS_SPACE_IO, bmdma_map);
2776
2777 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2778
2779 for(i = 0; i < 4; i++)
2780 d->ide_if[i].pci_dev = (PCIDevice *)d;
2781
2782 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
2783 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
2784 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
2785 }
2786
2787 static void pci_ide_save(QEMUFile* f, void *opaque)
2788 {
2789 PCIIDEState *d = opaque;
2790 int i;
2791
2792 pci_device_save(&d->dev, f);
2793
2794 for(i = 0; i < 2; i++) {
2795 BMDMAState *bm = &d->bmdma[i];
2796 qemu_put_8s(f, &bm->cmd);
2797 qemu_put_8s(f, &bm->status);
2798 qemu_put_be32s(f, &bm->addr);
2799 /* XXX: if a transfer is pending, we do not save it yet */
2800 }
2801
2802 /* per IDE interface data */
2803 for(i = 0; i < 2; i++) {
2804 IDEState *s = &d->ide_if[i * 2];
2805 uint8_t drive1_selected;
2806 qemu_put_8s(f, &s->cmd);
2807 drive1_selected = (s->cur_drive != s);
2808 qemu_put_8s(f, &drive1_selected);
2809 }
2810
2811 /* per IDE drive data */
2812 for(i = 0; i < 4; i++) {
2813 ide_save(f, &d->ide_if[i]);
2814 }
2815 }
2816
2817 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
2818 {
2819 PCIIDEState *d = opaque;
2820 int ret, i;
2821
2822 if (version_id != 1)
2823 return -EINVAL;
2824 ret = pci_device_load(&d->dev, f);
2825 if (ret < 0)
2826 return ret;
2827
2828 for(i = 0; i < 2; i++) {
2829 BMDMAState *bm = &d->bmdma[i];
2830 qemu_get_8s(f, &bm->cmd);
2831 qemu_get_8s(f, &bm->status);
2832 qemu_get_be32s(f, &bm->addr);
2833 /* XXX: if a transfer is pending, we do not save it yet */
2834 }
2835
2836 /* per IDE interface data */
2837 for(i = 0; i < 2; i++) {
2838 IDEState *s = &d->ide_if[i * 2];
2839 uint8_t drive1_selected;
2840 qemu_get_8s(f, &s->cmd);
2841 qemu_get_8s(f, &drive1_selected);
2842 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
2843 }
2844
2845 /* per IDE drive data */
2846 for(i = 0; i < 4; i++) {
2847 ide_load(f, &d->ide_if[i]);
2848 }
2849 return 0;
2850 }
2851
2852 static void piix3_reset(PCIIDEState *d)
2853 {
2854 uint8_t *pci_conf = d->dev.config;
2855
2856 pci_conf[0x04] = 0x00;
2857 pci_conf[0x05] = 0x00;
2858 pci_conf[0x06] = 0x80; /* FBC */
2859 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
2860 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
2861 }
2862
2863 /* hd_table must contain 4 block drivers */
2864 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
2865 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
2866 qemu_irq *pic)
2867 {
2868 PCIIDEState *d;
2869 uint8_t *pci_conf;
2870
2871 /* register a function 1 of PIIX3 */
2872 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2873 sizeof(PCIIDEState),
2874 devfn,
2875 NULL, NULL);
2876 d->type = IDE_TYPE_PIIX3;
2877
2878 pci_conf = d->dev.config;
2879 pci_conf[0x00] = 0x86; // Intel
2880 pci_conf[0x01] = 0x80;
2881 pci_conf[0x02] = 0x10;
2882 pci_conf[0x03] = 0x70;
2883 pci_conf[0x09] = 0x80; // legacy ATA mode
2884 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2885 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2886 pci_conf[0x0e] = 0x00; // header_type
2887
2888 piix3_reset(d);
2889
2890 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2891 PCI_ADDRESS_SPACE_IO, bmdma_map);
2892
2893 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
2894 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
2895 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2896 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2897
2898 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
2899 }
2900
2901 /* hd_table must contain 4 block drivers */
2902 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
2903 void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
2904 qemu_irq *pic)
2905 {
2906 PCIIDEState *d;
2907 uint8_t *pci_conf;
2908
2909 /* register a function 1 of PIIX4 */
2910 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
2911 sizeof(PCIIDEState),
2912 devfn,
2913 NULL, NULL);
2914 d->type = IDE_TYPE_PIIX4;
2915
2916 pci_conf = d->dev.config;
2917 pci_conf[0x00] = 0x86; // Intel
2918 pci_conf[0x01] = 0x80;
2919 pci_conf[0x02] = 0x11;
2920 pci_conf[0x03] = 0x71;
2921 pci_conf[0x09] = 0x80; // legacy ATA mode
2922 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2923 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2924 pci_conf[0x0e] = 0x00; // header_type
2925
2926 piix3_reset(d);
2927
2928 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2929 PCI_ADDRESS_SPACE_IO, bmdma_map);
2930
2931 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
2932 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
2933 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2934 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2935
2936 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
2937 }
2938
2939 /***********************************************************/
2940 /* MacIO based PowerPC IDE */
2941
2942 /* PowerMac IDE memory IO */
2943 static void pmac_ide_writeb (void *opaque,
2944 target_phys_addr_t addr, uint32_t val)
2945 {
2946 addr = (addr & 0xFFF) >> 4;
2947 switch (addr) {
2948 case 1 ... 7:
2949 ide_ioport_write(opaque, addr, val);
2950 break;
2951 case 8:
2952 case 22:
2953 ide_cmd_write(opaque, 0, val);
2954 break;
2955 default:
2956 break;
2957 }
2958 }
2959
2960 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
2961 {
2962 uint8_t retval;
2963
2964 addr = (addr & 0xFFF) >> 4;
2965 switch (addr) {
2966 case 1 ... 7:
2967 retval = ide_ioport_read(opaque, addr);
2968 break;
2969 case 8:
2970 case 22:
2971 retval = ide_status_read(opaque, 0);
2972 break;
2973 default:
2974 retval = 0xFF;
2975 break;
2976 }
2977 return retval;
2978 }
2979
2980 static void pmac_ide_writew (void *opaque,
2981 target_phys_addr_t addr, uint32_t val)
2982 {
2983 addr = (addr & 0xFFF) >> 4;
2984 #ifdef TARGET_WORDS_BIGENDIAN
2985 val = bswap16(val);
2986 #endif
2987 if (addr == 0) {
2988 ide_data_writew(opaque, 0, val);
2989 }
2990 }
2991
2992 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
2993 {
2994 uint16_t retval;
2995
2996 addr = (addr & 0xFFF) >> 4;
2997 if (addr == 0) {
2998 retval = ide_data_readw(opaque, 0);
2999 } else {
3000 retval = 0xFFFF;
3001 }
3002 #ifdef TARGET_WORDS_BIGENDIAN
3003 retval = bswap16(retval);
3004 #endif
3005 return retval;
3006 }
3007
3008 static void pmac_ide_writel (void *opaque,
3009 target_phys_addr_t addr, uint32_t val)
3010 {
3011 addr = (addr & 0xFFF) >> 4;
3012 #ifdef TARGET_WORDS_BIGENDIAN
3013 val = bswap32(val);
3014 #endif
3015 if (addr == 0) {
3016 ide_data_writel(opaque, 0, val);
3017 }
3018 }
3019
3020 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3021 {
3022 uint32_t retval;
3023
3024 addr = (addr & 0xFFF) >> 4;
3025 if (addr == 0) {
3026 retval = ide_data_readl(opaque, 0);
3027 } else {
3028 retval = 0xFFFFFFFF;
3029 }
3030 #ifdef TARGET_WORDS_BIGENDIAN
3031 retval = bswap32(retval);
3032 #endif
3033 return retval;
3034 }
3035
3036 static CPUWriteMemoryFunc *pmac_ide_write[] = {
3037 pmac_ide_writeb,
3038 pmac_ide_writew,
3039 pmac_ide_writel,
3040 };
3041
3042 static CPUReadMemoryFunc *pmac_ide_read[] = {
3043 pmac_ide_readb,
3044 pmac_ide_readw,
3045 pmac_ide_readl,
3046 };
3047
3048 /* hd_table must contain 4 block drivers */
3049 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3050 I/O index to access the ide. */
3051 int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
3052 {
3053 IDEState *ide_if;
3054 int pmac_ide_memory;
3055
3056 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
3057 ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3058
3059 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3060 pmac_ide_write, &ide_if[0]);
3061 return pmac_ide_memory;
3062 }
3063
3064 /***********************************************************/
3065 /* CF-ATA Microdrive */
3066
3067 #define METADATA_SIZE 0x20
3068
3069 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3070 struct md_s {
3071 IDEState ide[2];
3072 struct pcmcia_card_s card;
3073 uint32_t attr_base;
3074 uint32_t io_base;
3075
3076 /* Card state */
3077 uint8_t opt;
3078 uint8_t stat;
3079 uint8_t pins;
3080
3081 uint8_t ctrl;
3082 uint16_t io;
3083 int cycle;
3084 };
3085
3086 /* Register bitfields */
3087 enum md_opt {
3088 OPT_MODE_MMAP = 0,
3089 OPT_MODE_IOMAP16 = 1,
3090 OPT_MODE_IOMAP1 = 2,
3091 OPT_MODE_IOMAP2 = 3,
3092 OPT_MODE = 0x3f,
3093 OPT_LEVIREQ = 0x40,
3094 OPT_SRESET = 0x80,
3095 };
3096 enum md_cstat {
3097 STAT_INT = 0x02,
3098 STAT_PWRDWN = 0x04,
3099 STAT_XE = 0x10,
3100 STAT_IOIS8 = 0x20,
3101 STAT_SIGCHG = 0x40,
3102 STAT_CHANGED = 0x80,
3103 };
3104 enum md_pins {
3105 PINS_MRDY = 0x02,
3106 PINS_CRDY = 0x20,
3107 };
3108 enum md_ctrl {
3109 CTRL_IEN = 0x02,
3110 CTRL_SRST = 0x04,
3111 };
3112
3113 static inline void md_interrupt_update(struct md_s *s)
3114 {
3115 if (!s->card.slot)
3116 return;
3117
3118 qemu_set_irq(s->card.slot->irq,
3119 !(s->stat & STAT_INT) && /* Inverted */
3120 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3121 !(s->opt & OPT_SRESET));
3122 }
3123
3124 static void md_set_irq(void *opaque, int irq, int level)
3125 {
3126 struct md_s *s = (struct md_s *) opaque;
3127 if (level)
3128 s->stat |= STAT_INT;
3129 else
3130 s->stat &= ~STAT_INT;
3131
3132 md_interrupt_update(s);
3133 }
3134
3135 static void md_reset(struct md_s *s)
3136 {
3137 s->opt = OPT_MODE_MMAP;
3138 s->stat = 0;
3139 s->pins = 0;
3140 s->cycle = 0;
3141 s->ctrl = 0;
3142 ide_reset(s->ide);
3143 }
3144
3145 static uint8_t md_attr_read(void *opaque, uint32_t at)
3146 {
3147 struct md_s *s = (struct md_s *) opaque;
3148 if (at < s->attr_base) {
3149 if (at < s->card.cis_len)
3150 return s->card.cis[at];
3151 else
3152 return 0x00;
3153 }
3154
3155 at -= s->attr_base;
3156
3157 switch (at) {
3158 case 0x00: /* Configuration Option Register */
3159 return s->opt;
3160 case 0x02: /* Card Configuration Status Register */
3161 if (s->ctrl & CTRL_IEN)
3162 return s->stat & ~STAT_INT;
3163 else
3164 return s->stat;
3165 case 0x04: /* Pin Replacement Register */
3166 return (s->pins & PINS_CRDY) | 0x0c;
3167 case 0x06: /* Socket and Copy Register */
3168 return 0x00;
3169 #ifdef VERBOSE
3170 default:
3171 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3172 #endif
3173 }
3174
3175 return 0;
3176 }
3177
3178 static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
3179 {
3180 struct md_s *s = (struct md_s *) opaque;
3181 at -= s->attr_base;
3182
3183 switch (at) {
3184 case 0x00: /* Configuration Option Register */
3185 s->opt = value & 0xcf;
3186 if (value & OPT_SRESET)
3187 md_reset(s);
3188 md_interrupt_update(s);
3189 break;
3190 case 0x02: /* Card Configuration Status Register */
3191 if ((s->stat ^ value) & STAT_PWRDWN)
3192 s->pins |= PINS_CRDY;
3193 s->stat &= 0x82;
3194 s->stat |= value & 0x74;
3195 md_interrupt_update(s);
3196 /* Word 170 in Identify Device must be equal to STAT_XE */
3197 break;
3198 case 0x04: /* Pin Replacement Register */
3199 s->pins &= PINS_CRDY;
3200 s->pins |= value & PINS_MRDY;
3201 break;
3202 case 0x06: /* Socket and Copy Register */
3203 break;
3204 default:
3205 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3206 }
3207 }
3208
3209 static uint16_t md_common_read(void *opaque, uint32_t at)
3210 {
3211 struct md_s *s = (struct md_s *) opaque;
3212 uint16_t ret;
3213 at -= s->io_base;
3214
3215 switch (s->opt & OPT_MODE) {
3216 case OPT_MODE_MMAP:
3217 if ((at & ~0x3ff) == 0x400)
3218 at = 0;
3219 break;
3220 case OPT_MODE_IOMAP16:
3221 at &= 0xf;
3222 break;
3223 case OPT_MODE_IOMAP1:
3224 if ((at & ~0xf) == 0x3f0)
3225 at -= 0x3e8;
3226 else if ((at & ~0xf) == 0x1f0)
3227 at -= 0x1f0;
3228 break;
3229 case OPT_MODE_IOMAP2:
3230 if ((at & ~0xf) == 0x370)
3231 at -= 0x368;
3232 else if ((at & ~0xf) == 0x170)
3233 at -= 0x170;
3234 }
3235
3236 switch (at) {
3237 case 0x0: /* Even RD Data */
3238 case 0x8:
3239 return ide_data_readw(s->ide, 0);
3240
3241 /* TODO: 8-bit accesses */
3242 if (s->cycle)
3243 ret = s->io >> 8;
3244 else {
3245 s->io = ide_data_readw(s->ide, 0);
3246 ret = s->io & 0xff;
3247 }
3248 s->cycle = !s->cycle;
3249 return ret;
3250 case 0x9: /* Odd RD Data */
3251 return s->io >> 8;
3252 case 0xd: /* Error */
3253 return ide_ioport_read(s->ide, 0x1);
3254 case 0xe: /* Alternate Status */
3255 if (s->ide->cur_drive->bs)
3256 return s->ide->cur_drive->status;
3257 else
3258 return 0;
3259 case 0xf: /* Device Address */
3260 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
3261 default:
3262 return ide_ioport_read(s->ide, at);
3263 }
3264
3265 return 0;
3266 }
3267
3268 static void md_common_write(void *opaque, uint32_t at, uint16_t value)
3269 {
3270 struct md_s *s = (struct md_s *) opaque;
3271 at -= s->io_base;
3272
3273 switch (s->opt & OPT_MODE) {
3274 case OPT_MODE_MMAP:
3275 if ((at & ~0x3ff) == 0x400)
3276 at = 0;
3277 break;
3278 case OPT_MODE_IOMAP16:
3279 at &= 0xf;
3280 break;
3281 case OPT_MODE_IOMAP1:
3282 if ((at & ~0xf) == 0x3f0)
3283 at -= 0x3e8;
3284 else if ((at & ~0xf) == 0x1f0)
3285 at -= 0x1f0;
3286 break;
3287 case OPT_MODE_IOMAP2:
3288 if ((at & ~0xf) == 0x370)
3289 at -= 0x368;
3290 else if ((at & ~0xf) == 0x170)
3291 at -= 0x170;
3292 }
3293
3294 switch (at) {
3295 case 0x0: /* Even WR Data */
3296 case 0x8:
3297 ide_data_writew(s->ide, 0, value);
3298 break;
3299
3300 /* TODO: 8-bit accesses */
3301 if (s->cycle)
3302 ide_data_writew(s->ide, 0, s->io | (value << 8));
3303 else
3304 s->io = value & 0xff;
3305 s->cycle = !s->cycle;
3306 break;
3307 case 0x9:
3308 s->io = value & 0xff;
3309 s->cycle = !s->cycle;
3310 break;
3311 case 0xd: /* Features */
3312 ide_ioport_write(s->ide, 0x1, value);
3313 break;
3314 case 0xe: /* Device Control */
3315 s->ctrl = value;
3316 if (value & CTRL_SRST)
3317 md_reset(s);
3318 md_interrupt_update(s);
3319 break;
3320 default:
3321 if (s->stat & STAT_PWRDWN) {
3322 s->pins |= PINS_CRDY;
3323 s->stat &= ~STAT_PWRDWN;
3324 }
3325 ide_ioport_write(s->ide, at, value);
3326 }
3327 }
3328
3329 static void md_save(QEMUFile *f, void *opaque)
3330 {
3331 struct md_s *s = (struct md_s *) opaque;
3332 int i;
3333 uint8_t drive1_selected;
3334
3335 qemu_put_8s(f, &s->opt);
3336 qemu_put_8s(f, &s->stat);
3337 qemu_put_8s(f, &s->pins);
3338
3339 qemu_put_8s(f, &s->ctrl);
3340 qemu_put_be16s(f, &s->io);
3341 qemu_put_byte(f, s->cycle);
3342
3343 drive1_selected = (s->ide->cur_drive != s->ide);
3344 qemu_put_8s(f, &s->ide->cmd);
3345 qemu_put_8s(f, &drive1_selected);
3346
3347 for (i = 0; i < 2; i ++)
3348 ide_save(f, &s->ide[i]);
3349 }
3350
3351 static int md_load(QEMUFile *f, void *opaque, int version_id)
3352 {
3353 struct md_s *s = (struct md_s *) opaque;
3354 int i;
3355 uint8_t drive1_selected;
3356
3357 qemu_get_8s(f, &s->opt);
3358 qemu_get_8s(f, &s->stat);
3359 qemu_get_8s(f, &s->pins);
3360
3361 qemu_get_8s(f, &s->ctrl);
3362 qemu_get_be16s(f, &s->io);
3363 s->cycle = qemu_get_byte(f);
3364
3365 qemu_get_8s(f, &s->ide->cmd);
3366 qemu_get_8s(f, &drive1_selected);
3367 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3368
3369 for (i = 0; i < 2; i ++)
3370 ide_load(f, &s->ide[i]);
3371
3372 return 0;
3373 }
3374
3375 static int md_iid = 0;
3376
3377 static const uint8_t dscm1xxxx_cis[0x14a] = {
3378 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3379 [0x002] = 0x03, /* Tuple length = 4 bytes */
3380 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3381 [0x006] = 0x01, /* Size = 2K bytes */
3382 [0x008] = CISTPL_ENDMARK,
3383
3384 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3385 [0x00c] = 0x04, /* Tuple length = 4 byest */
3386 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3387 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3388 [0x012] = 0x01, /* Size = 2K bytes */
3389 [0x014] = CISTPL_ENDMARK,
3390
3391 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3392 [0x018] = 0x02, /* Tuple length = 2 bytes */
3393 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3394 [0x01c] = 0x01,
3395
3396 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3397 [0x020] = 0x04, /* Tuple length = 4 bytes */
3398 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3399 [0x024] = 0x00,
3400 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3401 [0x028] = 0x00,
3402
3403 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3404 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3405 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3406 [0x030] = 0x01, /* Minor Version = 1 */
3407 [0x032] = 'I',
3408 [0x034] = 'B',
3409 [0x036] = 'M',
3410 [0x038] = 0x00,
3411 [0x03a] = 'm',
3412 [0x03c] = 'i',
3413 [0x03e] = 'c',
3414 [0x040] = 'r',
3415 [0x042] = 'o',
3416 [0x044] = 'd',
3417 [0x046] = 'r',
3418 [0x048] = 'i',
3419 [0x04a] = 'v',
3420 [0x04c] = 'e',
3421 [0x04e] = 0x00,
3422 [0x050] = CISTPL_ENDMARK,
3423
3424 [0x052] = CISTPL_FUNCID, /* Function ID */
3425 [0x054] = 0x02, /* Tuple length = 2 bytes */
3426 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3427 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3428
3429 [0x05a] = CISTPL_FUNCE, /* Function Extension */
3430 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3431 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3432 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3433
3434 [0x062] = CISTPL_FUNCE, /* Function Extension */
3435 [0x064] = 0x03, /* Tuple length = 3 bytes */
3436 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3437 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3438 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3439
3440 [0x06c] = CISTPL_CONFIG, /* Configuration */
3441 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3442 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3443 [0x072] = 0x07, /* TPCC_LAST = 7 */
3444 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3445 [0x076] = 0x02,
3446 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3447
3448 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3449 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3450 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3451 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3452 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3453 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3454 [0x086] = 0x55, /* NomV: 5.0 V */
3455 [0x088] = 0x4d, /* MinV: 4.5 V */
3456 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3457 [0x08c] = 0x4e, /* Peakl: 450 mA */
3458 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3459 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3460 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3461
3462 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3463 [0x096] = 0x06, /* Tuple length = 6 bytes */
3464 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3465 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3466 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3467 [0x09e] = 0xb5, /* NomV: 3.3 V */
3468 [0x0a0] = 0x1e,
3469 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3470
3471 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3472 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3473 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3474 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3475 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3476 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3477 [0x0b0] = 0x55, /* NomV: 5.0 V */
3478 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3479 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3480 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3481 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3482 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3483 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3484 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3485 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3486
3487 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3488 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3489 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3490 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3491 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3492 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3493 [0x0ce] = 0x1e,
3494 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3495
3496 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3497 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3498 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3499 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3500 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3501 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3502 [0x0de] = 0x55, /* NomV: 5.0 V */
3503 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3504 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3505 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3506 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3507 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3508 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3509 [0x0ec] = 0x01,
3510 [0x0ee] = 0x07, /* Address block length = 8 */
3511 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3512 [0x0f2] = 0x03,
3513 [0x0f4] = 0x01, /* Address block length = 2 */
3514 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3515 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3516
3517 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3518 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3519 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3520 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3521 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3522 [0x104] = 0xb5, /* NomV: 3.3 V */
3523 [0x106] = 0x1e,
3524 [0x108] = 0x3e, /* Peakl: 350 mA */
3525
3526 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3527 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3528 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3529 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3530 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3531 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3532 [0x116] = 0x55, /* NomV: 5.0 V */
3533 [0x118] = 0x4d, /* MinV: 4.5 V */
3534 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3535 [0x11c] = 0x4e, /* Peakl: 450 mA */
3536 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3537 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3538 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3539 [0x124] = 0x01,
3540 [0x126] = 0x07, /* Address block length = 8 */
3541 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3542 [0x12a] = 0x03,
3543 [0x12c] = 0x01, /* Address block length = 2 */
3544 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3545 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3546
3547 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3548 [0x134] = 0x06, /* Tuple length = 6 bytes */
3549 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3550 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3551 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3552 [0x13c] = 0xb5, /* NomV: 3.3 V */
3553 [0x13e] = 0x1e,
3554 [0x140] = 0x3e, /* Peakl: 350 mA */
3555
3556 [0x142] = CISTPL_NO_LINK, /* No Link */
3557 [0x144] = 0x00, /* Tuple length = 0 bytes */
3558
3559 [0x146] = CISTPL_END, /* Tuple End */
3560 };
3561
3562 static int dscm1xxxx_attach(void *opaque)
3563 {
3564 struct md_s *md = (struct md_s *) opaque;
3565 md->card.attr_read = md_attr_read;
3566 md->card.attr_write = md_attr_write;
3567 md->card.common_read = md_common_read;
3568 md->card.common_write = md_common_write;
3569 md->card.io_read = md_common_read;
3570 md->card.io_write = md_common_write;
3571
3572 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
3573 md->io_base = 0x0;
3574
3575 md_reset(md);
3576 md_interrupt_update(md);
3577
3578 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
3579 return 0;
3580 }
3581
3582 static int dscm1xxxx_detach(void *opaque)
3583 {
3584 struct md_s *md = (struct md_s *) opaque;
3585 md_reset(md);
3586 return 0;
3587 }
3588
3589 struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
3590 {
3591 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
3592 md->card.state = md;
3593 md->card.attach = dscm1xxxx_attach;
3594 md->card.detach = dscm1xxxx_detach;
3595 md->card.cis = dscm1xxxx_cis;
3596 md->card.cis_len = sizeof(dscm1xxxx_cis);
3597
3598 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
3599 md->ide->is_cf = 1;
3600 md->ide->mdata_size = METADATA_SIZE;
3601 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
3602
3603 register_savevm("microdrive", md_iid ++, 0, md_save, md_load, md);
3604
3605 return &md->card;
3606 }
Random branches for QEmu