search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix incorrect return type.
[qemu/mini2440.git] / hw / ide.c
blobcf9a9a7bb2316c50a0e1b74a74b62de58a7a80f0
1 /*
2 * QEMU IDE disk and CD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24 #include "vl.h"
25
26 /* debug IDE devices */
27 //#define DEBUG_IDE
28 //#define DEBUG_IDE_ATAPI
29
30 /* Bits of HD_STATUS */
31 #define ERR_STAT 0x01
32 #define INDEX_STAT 0x02
33 #define ECC_STAT 0x04 /* Corrected error */
34 #define DRQ_STAT 0x08
35 #define SEEK_STAT 0x10
36 #define SRV_STAT 0x10
37 #define WRERR_STAT 0x20
38 #define READY_STAT 0x40
39 #define BUSY_STAT 0x80
40
41 /* Bits for HD_ERROR */
42 #define MARK_ERR 0x01 /* Bad address mark */
43 #define TRK0_ERR 0x02 /* couldn't find track 0 */
44 #define ABRT_ERR 0x04 /* Command aborted */
45 #define MCR_ERR 0x08 /* media change request */
46 #define ID_ERR 0x10 /* ID field not found */
47 #define MC_ERR 0x20 /* media changed */
48 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
49 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
50 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
51
52 /* Bits of HD_NSECTOR */
53 #define CD 0x01
54 #define IO 0x02
55 #define REL 0x04
56 #define TAG_MASK 0xf8
57
58 #define IDE_CMD_RESET 0x04
59 #define IDE_CMD_DISABLE_IRQ 0x02
60
61 /* ATA/ATAPI Commands pre T13 Spec */
62 #define WIN_NOP 0x00
63 /*
64 * 0x01->0x02 Reserved
65 */
66 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
67 /*
68 * 0x04->0x07 Reserved
69 */
70 #define WIN_SRST 0x08 /* ATAPI soft reset command */
71 #define WIN_DEVICE_RESET 0x08
72 /*
73 * 0x09->0x0F Reserved
74 */
75 #define WIN_RECAL 0x10
76 #define WIN_RESTORE WIN_RECAL
77 /*
78 * 0x10->0x1F Reserved
79 */
80 #define WIN_READ 0x20 /* 28-Bit */
81 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
82 #define WIN_READ_LONG 0x22 /* 28-Bit */
83 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
84 #define WIN_READ_EXT 0x24 /* 48-Bit */
85 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
86 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
87 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
88 /*
89 * 0x28
90 */
91 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
92 /*
93 * 0x2A->0x2F Reserved
94 */
95 #define WIN_WRITE 0x30 /* 28-Bit */
96 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
97 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
98 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
99 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
100 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
101 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
102 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
103 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
104 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
105 /*
106 * 0x3A->0x3B Reserved
107 */
108 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
109 /*
110 * 0x3D->0x3F Reserved
111 */
112 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
113 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
114 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
115 /*
116 * 0x43->0x4F Reserved
117 */
118 #define WIN_FORMAT 0x50
119 /*
120 * 0x51->0x5F Reserved
121 */
122 #define WIN_INIT 0x60
123 /*
124 * 0x61->0x5F Reserved
125 */
126 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
127 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
128 #define WIN_DIAGNOSE 0x90
129 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
130 #define WIN_DOWNLOAD_MICROCODE 0x92
131 #define WIN_STANDBYNOW2 0x94
132 #define WIN_STANDBY2 0x96
133 #define WIN_SETIDLE2 0x97
134 #define WIN_CHECKPOWERMODE2 0x98
135 #define WIN_SLEEPNOW2 0x99
136 /*
137 * 0x9A VENDOR
138 */
139 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
140 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
141 #define WIN_QUEUED_SERVICE 0xA2
142 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
143 #define CFA_ERASE_SECTORS 0xC0
144 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
145 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
146 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
147 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
148 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
149 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
150 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
151 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
152 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
153 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
154 #define WIN_GETMEDIASTATUS 0xDA
155 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
156 #define WIN_POSTBOOT 0xDC
157 #define WIN_PREBOOT 0xDD
158 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
159 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
160 #define WIN_STANDBYNOW1 0xE0
161 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
162 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
163 #define WIN_SETIDLE1 0xE3
164 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
165 #define WIN_CHECKPOWERMODE1 0xE5
166 #define WIN_SLEEPNOW1 0xE6
167 #define WIN_FLUSH_CACHE 0xE7
168 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
169 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
170 /* SET_FEATURES 0x22 or 0xDD */
171 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
172 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
173 #define WIN_MEDIAEJECT 0xED
174 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
175 #define WIN_SETFEATURES 0xEF /* set special drive features */
176 #define EXABYTE_ENABLE_NEST 0xF0
177 #define WIN_SECURITY_SET_PASS 0xF1
178 #define WIN_SECURITY_UNLOCK 0xF2
179 #define WIN_SECURITY_ERASE_PREPARE 0xF3
180 #define WIN_SECURITY_ERASE_UNIT 0xF4
181 #define WIN_SECURITY_FREEZE_LOCK 0xF5
182 #define WIN_SECURITY_DISABLE 0xF6
183 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
184 #define WIN_SET_MAX 0xF9
185 #define DISABLE_SEAGATE 0xFB
186
187 /* set to 1 set disable mult support */
188 #define MAX_MULT_SECTORS 16
189
190 /* ATAPI defines */
191
192 #define ATAPI_PACKET_SIZE 12
193
194 /* The generic packet command opcodes for CD/DVD Logical Units,
195 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
196 #define GPCMD_BLANK 0xa1
197 #define GPCMD_CLOSE_TRACK 0x5b
198 #define GPCMD_FLUSH_CACHE 0x35
199 #define GPCMD_FORMAT_UNIT 0x04
200 #define GPCMD_GET_CONFIGURATION 0x46
201 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
202 #define GPCMD_GET_PERFORMANCE 0xac
203 #define GPCMD_INQUIRY 0x12
204 #define GPCMD_LOAD_UNLOAD 0xa6
205 #define GPCMD_MECHANISM_STATUS 0xbd
206 #define GPCMD_MODE_SELECT_10 0x55
207 #define GPCMD_MODE_SENSE_10 0x5a
208 #define GPCMD_PAUSE_RESUME 0x4b
209 #define GPCMD_PLAY_AUDIO_10 0x45
210 #define GPCMD_PLAY_AUDIO_MSF 0x47
211 #define GPCMD_PLAY_AUDIO_TI 0x48
212 #define GPCMD_PLAY_CD 0xbc
213 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
214 #define GPCMD_READ_10 0x28
215 #define GPCMD_READ_12 0xa8
216 #define GPCMD_READ_CDVD_CAPACITY 0x25
217 #define GPCMD_READ_CD 0xbe
218 #define GPCMD_READ_CD_MSF 0xb9
219 #define GPCMD_READ_DISC_INFO 0x51
220 #define GPCMD_READ_DVD_STRUCTURE 0xad
221 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
222 #define GPCMD_READ_HEADER 0x44
223 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
224 #define GPCMD_READ_SUBCHANNEL 0x42
225 #define GPCMD_READ_TOC_PMA_ATIP 0x43
226 #define GPCMD_REPAIR_RZONE_TRACK 0x58
227 #define GPCMD_REPORT_KEY 0xa4
228 #define GPCMD_REQUEST_SENSE 0x03
229 #define GPCMD_RESERVE_RZONE_TRACK 0x53
230 #define GPCMD_SCAN 0xba
231 #define GPCMD_SEEK 0x2b
232 #define GPCMD_SEND_DVD_STRUCTURE 0xad
233 #define GPCMD_SEND_EVENT 0xa2
234 #define GPCMD_SEND_KEY 0xa3
235 #define GPCMD_SEND_OPC 0x54
236 #define GPCMD_SET_READ_AHEAD 0xa7
237 #define GPCMD_SET_STREAMING 0xb6
238 #define GPCMD_START_STOP_UNIT 0x1b
239 #define GPCMD_STOP_PLAY_SCAN 0x4e
240 #define GPCMD_TEST_UNIT_READY 0x00
241 #define GPCMD_VERIFY_10 0x2f
242 #define GPCMD_WRITE_10 0x2a
243 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
244 /* This is listed as optional in ATAPI 2.6, but is (curiously)
245 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
246 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
247 * drives support it. */
248 #define GPCMD_SET_SPEED 0xbb
249 /* This seems to be a SCSI specific CD-ROM opcode
250 * to play data at track/index */
251 #define GPCMD_PLAYAUDIO_TI 0x48
252 /*
253 * From MS Media Status Notification Support Specification. For
254 * older drives only.
255 */
256 #define GPCMD_GET_MEDIA_STATUS 0xda
257
258 /* Mode page codes for mode sense/set */
259 #define GPMODE_R_W_ERROR_PAGE 0x01
260 #define GPMODE_WRITE_PARMS_PAGE 0x05
261 #define GPMODE_AUDIO_CTL_PAGE 0x0e
262 #define GPMODE_POWER_PAGE 0x1a
263 #define GPMODE_FAULT_FAIL_PAGE 0x1c
264 #define GPMODE_TO_PROTECT_PAGE 0x1d
265 #define GPMODE_CAPABILITIES_PAGE 0x2a
266 #define GPMODE_ALL_PAGES 0x3f
267 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
268 * of MODE_SENSE_POWER_PAGE */
269 #define GPMODE_CDROM_PAGE 0x0d
270
271 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
272 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
273 #define ATAPI_INT_REASON_REL 0x04
274 #define ATAPI_INT_REASON_TAG 0xf8
275
276 /* same constants as bochs */
277 #define ASC_ILLEGAL_OPCODE 0x20
278 #define ASC_LOGICAL_BLOCK_OOR 0x21
279 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
280 #define ASC_MEDIUM_NOT_PRESENT 0x3a
281 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
282
283 #define SENSE_NONE 0
284 #define SENSE_NOT_READY 2
285 #define SENSE_ILLEGAL_REQUEST 5
286 #define SENSE_UNIT_ATTENTION 6
287
288 struct IDEState;
289
290 typedef void EndTransferFunc(struct IDEState *);
291
292 /* NOTE: IDEState represents in fact one drive */
293 typedef struct IDEState {
294 /* ide config */
295 int is_cdrom;
296 int cylinders, heads, sectors;
297 int64_t nb_sectors;
298 int mult_sectors;
299 int identify_set;
300 uint16_t identify_data[256];
301 SetIRQFunc *set_irq;
302 void *irq_opaque;
303 int irq;
304 PCIDevice *pci_dev;
305 struct BMDMAState *bmdma;
306 int drive_serial;
307 /* ide regs */
308 uint8_t feature;
309 uint8_t error;
310 uint16_t nsector; /* 0 is 256 to ease computations */
311 uint8_t sector;
312 uint8_t lcyl;
313 uint8_t hcyl;
314 uint8_t select;
315 uint8_t status;
316 /* 0x3f6 command, only meaningful for drive 0 */
317 uint8_t cmd;
318 /* depends on bit 4 in select, only meaningful for drive 0 */
319 struct IDEState *cur_drive;
320 BlockDriverState *bs;
321 /* ATAPI specific */
322 uint8_t sense_key;
323 uint8_t asc;
324 int packet_transfer_size;
325 int elementary_transfer_size;
326 int io_buffer_index;
327 int lba;
328 int cd_sector_size;
329 int atapi_dma; /* true if dma is requested for the packet cmd */
330 /* ATA DMA state */
331 int io_buffer_size;
332 /* PIO transfer handling */
333 int req_nb_sectors; /* number of sectors per interrupt */
334 EndTransferFunc *end_transfer_func;
335 uint8_t *data_ptr;
336 uint8_t *data_end;
337 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
338 QEMUTimer *sector_write_timer; /* only used for win2k instal hack */
339 } IDEState;
340
341 #define BM_STATUS_DMAING 0x01
342 #define BM_STATUS_ERROR 0x02
343 #define BM_STATUS_INT 0x04
344
345 #define BM_CMD_START 0x01
346 #define BM_CMD_READ 0x08
347
348 #define IDE_TYPE_PIIX3 0
349 #define IDE_TYPE_CMD646 1
350
351 /* CMD646 specific */
352 #define MRDMODE 0x71
353 #define MRDMODE_INTR_CH0 0x04
354 #define MRDMODE_INTR_CH1 0x08
355 #define MRDMODE_BLK_CH0 0x10
356 #define MRDMODE_BLK_CH1 0x20
357 #define UDIDETCR0 0x73
358 #define UDIDETCR1 0x7B
359
360 typedef int IDEDMAFunc(IDEState *s,
361 target_phys_addr_t phys_addr,
362 int transfer_size1);
363
364 typedef struct BMDMAState {
365 uint8_t cmd;
366 uint8_t status;
367 uint32_t addr;
368
369 struct PCIIDEState *pci_dev;
370 /* current transfer state */
371 IDEState *ide_if;
372 IDEDMAFunc *dma_cb;
373 } BMDMAState;
374
375 typedef struct PCIIDEState {
376 PCIDevice dev;
377 IDEState ide_if[4];
378 BMDMAState bmdma[2];
379 int type; /* see IDE_TYPE_xxx */
380 } PCIIDEState;
381
382 static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb);
383
384 static void padstr(char *str, const char *src, int len)
385 {
386 int i, v;
387 for(i = 0; i < len; i++) {
388 if (*src)
389 v = *src++;
390 else
391 v = ' ';
392 *(char *)((long)str ^ 1) = v;
393 str++;
394 }
395 }
396
397 static void padstr8(uint8_t *buf, int buf_size, const char *src)
398 {
399 int i;
400 for(i = 0; i < buf_size; i++) {
401 if (*src)
402 buf[i] = *src++;
403 else
404 buf[i] = ' ';
405 }
406 }
407
408 static void put_le16(uint16_t *p, unsigned int v)
409 {
410 *p = cpu_to_le16(v);
411 }
412
413 static void ide_identify(IDEState *s)
414 {
415 uint16_t *p;
416 unsigned int oldsize;
417 char buf[20];
418
419 if (s->identify_set) {
420 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
421 return;
422 }
423
424 memset(s->io_buffer, 0, 512);
425 p = (uint16_t *)s->io_buffer;
426 put_le16(p + 0, 0x0040);
427 put_le16(p + 1, s->cylinders);
428 put_le16(p + 3, s->heads);
429 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
430 put_le16(p + 5, 512); /* XXX: retired, remove ? */
431 put_le16(p + 6, s->sectors);
432 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
433 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
434 put_le16(p + 20, 3); /* XXX: retired, remove ? */
435 put_le16(p + 21, 512); /* cache size in sectors */
436 put_le16(p + 22, 4); /* ecc bytes */
437 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
438 padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
439 #if MAX_MULT_SECTORS > 1
440 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
441 #endif
442 put_le16(p + 48, 1); /* dword I/O */
443 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
444 put_le16(p + 51, 0x200); /* PIO transfer cycle */
445 put_le16(p + 52, 0x200); /* DMA transfer cycle */
446 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
447 put_le16(p + 54, s->cylinders);
448 put_le16(p + 55, s->heads);
449 put_le16(p + 56, s->sectors);
450 oldsize = s->cylinders * s->heads * s->sectors;
451 put_le16(p + 57, oldsize);
452 put_le16(p + 58, oldsize >> 16);
453 if (s->mult_sectors)
454 put_le16(p + 59, 0x100 | s->mult_sectors);
455 put_le16(p + 60, s->nb_sectors);
456 put_le16(p + 61, s->nb_sectors >> 16);
457 put_le16(p + 63, 0x07); /* mdma0-2 supported */
458 put_le16(p + 65, 120);
459 put_le16(p + 66, 120);
460 put_le16(p + 67, 120);
461 put_le16(p + 68, 120);
462 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
463 put_le16(p + 81, 0x16); /* conforms to ata5 */
464 put_le16(p + 82, (1 << 14));
465 put_le16(p + 83, (1 << 14));
466 put_le16(p + 84, (1 << 14));
467 put_le16(p + 85, (1 << 14));
468 put_le16(p + 86, 0);
469 put_le16(p + 87, (1 << 14));
470 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
471 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
472
473 memcpy(s->identify_data, p, sizeof(s->identify_data));
474 s->identify_set = 1;
475 }
476
477 static void ide_atapi_identify(IDEState *s)
478 {
479 uint16_t *p;
480 char buf[20];
481
482 if (s->identify_set) {
483 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
484 return;
485 }
486
487 memset(s->io_buffer, 0, 512);
488 p = (uint16_t *)s->io_buffer;
489 /* Removable CDROM, 50us response, 12 byte packets */
490 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
491 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
492 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
493 put_le16(p + 20, 3); /* buffer type */
494 put_le16(p + 21, 512); /* cache size in sectors */
495 put_le16(p + 22, 4); /* ecc bytes */
496 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
497 padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
498 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
499 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
500 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
501 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
502 put_le16(p + 64, 1); /* PIO modes */
503 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
504 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
505 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
506 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
507
508 put_le16(p + 71, 30); /* in ns */
509 put_le16(p + 72, 30); /* in ns */
510
511 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
512
513 memcpy(s->identify_data, p, sizeof(s->identify_data));
514 s->identify_set = 1;
515 }
516
517 static void ide_set_signature(IDEState *s)
518 {
519 s->select &= 0xf0; /* clear head */
520 /* put signature */
521 s->nsector = 1;
522 s->sector = 1;
523 if (s->is_cdrom) {
524 s->lcyl = 0x14;
525 s->hcyl = 0xeb;
526 } else if (s->bs) {
527 s->lcyl = 0;
528 s->hcyl = 0;
529 } else {
530 s->lcyl = 0xff;
531 s->hcyl = 0xff;
532 }
533 }
534
535 static inline void ide_abort_command(IDEState *s)
536 {
537 s->status = READY_STAT | ERR_STAT;
538 s->error = ABRT_ERR;
539 }
540
541 static inline void ide_set_irq(IDEState *s)
542 {
543 BMDMAState *bm = s->bmdma;
544 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
545 if (bm) {
546 bm->status |= BM_STATUS_INT;
547 }
548 s->set_irq(s->irq_opaque, s->irq, 1);
549 }
550 }
551
552 /* prepare data transfer and tell what to do after */
553 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
554 EndTransferFunc *end_transfer_func)
555 {
556 s->end_transfer_func = end_transfer_func;
557 s->data_ptr = buf;
558 s->data_end = buf + size;
559 s->status |= DRQ_STAT;
560 }
561
562 static void ide_transfer_stop(IDEState *s)
563 {
564 s->end_transfer_func = ide_transfer_stop;
565 s->data_ptr = s->io_buffer;
566 s->data_end = s->io_buffer;
567 s->status &= ~DRQ_STAT;
568 }
569
570 static int64_t ide_get_sector(IDEState *s)
571 {
572 int64_t sector_num;
573 if (s->select & 0x40) {
574 /* lba */
575 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
576 (s->lcyl << 8) | s->sector;
577 } else {
578 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
579 (s->select & 0x0f) * s->sectors +
580 (s->sector - 1);
581 }
582 return sector_num;
583 }
584
585 static void ide_set_sector(IDEState *s, int64_t sector_num)
586 {
587 unsigned int cyl, r;
588 if (s->select & 0x40) {
589 s->select = (s->select & 0xf0) | (sector_num >> 24);
590 s->hcyl = (sector_num >> 16);
591 s->lcyl = (sector_num >> 8);
592 s->sector = (sector_num);
593 } else {
594 cyl = sector_num / (s->heads * s->sectors);
595 r = sector_num % (s->heads * s->sectors);
596 s->hcyl = cyl >> 8;
597 s->lcyl = cyl;
598 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
599 s->sector = (r % s->sectors) + 1;
600 }
601 }
602
603 static void ide_sector_read(IDEState *s)
604 {
605 int64_t sector_num;
606 int ret, n;
607
608 s->status = READY_STAT | SEEK_STAT;
609 s->error = 0; /* not needed by IDE spec, but needed by Windows */
610 sector_num = ide_get_sector(s);
611 n = s->nsector;
612 if (n == 0) {
613 /* no more sector to read from disk */
614 ide_transfer_stop(s);
615 } else {
616 #if defined(DEBUG_IDE)
617 printf("read sector=%Ld\n", sector_num);
618 #endif
619 if (n > s->req_nb_sectors)
620 n = s->req_nb_sectors;
621 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
622 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
623 ide_set_irq(s);
624 ide_set_sector(s, sector_num + n);
625 s->nsector -= n;
626 }
627 }
628
629 static int ide_read_dma_cb(IDEState *s,
630 target_phys_addr_t phys_addr,
631 int transfer_size1)
632 {
633 int len, transfer_size, n;
634 int64_t sector_num;
635
636 transfer_size = transfer_size1;
637 while (transfer_size > 0) {
638 len = s->io_buffer_size - s->io_buffer_index;
639 if (len <= 0) {
640 /* transfert next data */
641 n = s->nsector;
642 if (n == 0)
643 break;
644 if (n > MAX_MULT_SECTORS)
645 n = MAX_MULT_SECTORS;
646 sector_num = ide_get_sector(s);
647 bdrv_read(s->bs, sector_num, s->io_buffer, n);
648 s->io_buffer_index = 0;
649 s->io_buffer_size = n * 512;
650 len = s->io_buffer_size;
651 sector_num += n;
652 ide_set_sector(s, sector_num);
653 s->nsector -= n;
654 }
655 if (len > transfer_size)
656 len = transfer_size;
657 cpu_physical_memory_write(phys_addr,
658 s->io_buffer + s->io_buffer_index, len);
659 s->io_buffer_index += len;
660 transfer_size -= len;
661 phys_addr += len;
662 }
663 if (s->io_buffer_index >= s->io_buffer_size && s->nsector == 0) {
664 s->status = READY_STAT | SEEK_STAT;
665 ide_set_irq(s);
666 #ifdef DEBUG_IDE_ATAPI
667 printf("dma status=0x%x\n", s->status);
668 #endif
669 return 0;
670 }
671 return transfer_size1 - transfer_size;
672 }
673
674 static void ide_sector_read_dma(IDEState *s)
675 {
676 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
677 s->io_buffer_index = 0;
678 s->io_buffer_size = 0;
679 ide_dma_start(s, ide_read_dma_cb);
680 }
681
682 static void ide_sector_write_timer_cb(void *opaque)
683 {
684 IDEState *s = opaque;
685 ide_set_irq(s);
686 }
687
688 static void ide_sector_write(IDEState *s)
689 {
690 int64_t sector_num;
691 int ret, n, n1;
692
693 s->status = READY_STAT | SEEK_STAT;
694 sector_num = ide_get_sector(s);
695 #if defined(DEBUG_IDE)
696 printf("write sector=%Ld\n", sector_num);
697 #endif
698 n = s->nsector;
699 if (n > s->req_nb_sectors)
700 n = s->req_nb_sectors;
701 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
702 s->nsector -= n;
703 if (s->nsector == 0) {
704 /* no more sector to write */
705 ide_transfer_stop(s);
706 } else {
707 n1 = s->nsector;
708 if (n1 > s->req_nb_sectors)
709 n1 = s->req_nb_sectors;
710 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
711 }
712 ide_set_sector(s, sector_num + n);
713
714 #ifdef TARGET_I386
715 if (win2k_install_hack) {
716 /* It seems there is a bug in the Windows 2000 installer HDD
717 IDE driver which fills the disk with empty logs when the
718 IDE write IRQ comes too early. This hack tries to correct
719 that at the expense of slower write performances. Use this
720 option _only_ to install Windows 2000. You must disable it
721 for normal use. */
722 qemu_mod_timer(s->sector_write_timer,
723 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
724 } else
725 #endif
726 {
727 ide_set_irq(s);
728 }
729 }
730
731 static int ide_write_dma_cb(IDEState *s,
732 target_phys_addr_t phys_addr,
733 int transfer_size1)
734 {
735 int len, transfer_size, n;
736 int64_t sector_num;
737
738 transfer_size = transfer_size1;
739 for(;;) {
740 len = s->io_buffer_size - s->io_buffer_index;
741 if (len == 0) {
742 n = s->io_buffer_size >> 9;
743 sector_num = ide_get_sector(s);
744 bdrv_write(s->bs, sector_num, s->io_buffer,
745 s->io_buffer_size >> 9);
746 sector_num += n;
747 ide_set_sector(s, sector_num);
748 s->nsector -= n;
749 n = s->nsector;
750 if (n == 0) {
751 /* end of transfer */
752 s->status = READY_STAT | SEEK_STAT;
753 ide_set_irq(s);
754 return 0;
755 }
756 if (n > MAX_MULT_SECTORS)
757 n = MAX_MULT_SECTORS;
758 s->io_buffer_index = 0;
759 s->io_buffer_size = n * 512;
760 len = s->io_buffer_size;
761 }
762 if (transfer_size <= 0)
763 break;
764 if (len > transfer_size)
765 len = transfer_size;
766 cpu_physical_memory_read(phys_addr,
767 s->io_buffer + s->io_buffer_index, len);
768 s->io_buffer_index += len;
769 transfer_size -= len;
770 phys_addr += len;
771 }
772 return transfer_size1 - transfer_size;
773 }
774
775 static void ide_sector_write_dma(IDEState *s)
776 {
777 int n;
778 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
779 n = s->nsector;
780 if (n > MAX_MULT_SECTORS)
781 n = MAX_MULT_SECTORS;
782 s->io_buffer_index = 0;
783 s->io_buffer_size = n * 512;
784 ide_dma_start(s, ide_write_dma_cb);
785 }
786
787 static void ide_atapi_cmd_ok(IDEState *s)
788 {
789 s->error = 0;
790 s->status = READY_STAT;
791 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
792 ide_set_irq(s);
793 }
794
795 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
796 {
797 #ifdef DEBUG_IDE_ATAPI
798 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
799 #endif
800 s->error = sense_key << 4;
801 s->status = READY_STAT | ERR_STAT;
802 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
803 s->sense_key = sense_key;
804 s->asc = asc;
805 ide_set_irq(s);
806 }
807
808 static inline void cpu_to_ube16(uint8_t *buf, int val)
809 {
810 buf[0] = val >> 8;
811 buf[1] = val;
812 }
813
814 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
815 {
816 buf[0] = val >> 24;
817 buf[1] = val >> 16;
818 buf[2] = val >> 8;
819 buf[3] = val;
820 }
821
822 static inline int ube16_to_cpu(const uint8_t *buf)
823 {
824 return (buf[0] << 8) | buf[1];
825 }
826
827 static inline int ube32_to_cpu(const uint8_t *buf)
828 {
829 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
830 }
831
832 static void lba_to_msf(uint8_t *buf, int lba)
833 {
834 lba += 150;
835 buf[0] = (lba / 75) / 60;
836 buf[1] = (lba / 75) % 60;
837 buf[2] = lba % 75;
838 }
839
840 static void cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
841 int sector_size)
842 {
843 switch(sector_size) {
844 case 2048:
845 bdrv_read(bs, (int64_t)lba << 2, buf, 4);
846 break;
847 case 2352:
848 /* sync bytes */
849 buf[0] = 0x00;
850 memset(buf + 1, 0xff, 10);
851 buf[11] = 0x00;
852 buf += 12;
853 /* MSF */
854 lba_to_msf(buf, lba);
855 buf[3] = 0x01; /* mode 1 data */
856 buf += 4;
857 /* data */
858 bdrv_read(bs, (int64_t)lba << 2, buf, 4);
859 buf += 2048;
860 /* ECC */
861 memset(buf, 0, 288);
862 break;
863 default:
864 break;
865 }
866 }
867
868 /* The whole ATAPI transfer logic is handled in this function */
869 static void ide_atapi_cmd_reply_end(IDEState *s)
870 {
871 int byte_count_limit, size;
872 #ifdef DEBUG_IDE_ATAPI
873 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
874 s->packet_transfer_size,
875 s->elementary_transfer_size,
876 s->io_buffer_index);
877 #endif
878 if (s->packet_transfer_size <= 0) {
879 /* end of transfer */
880 ide_transfer_stop(s);
881 s->status = READY_STAT;
882 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
883 ide_set_irq(s);
884 #ifdef DEBUG_IDE_ATAPI
885 printf("status=0x%x\n", s->status);
886 #endif
887 } else {
888 /* see if a new sector must be read */
889 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
890 cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
891 s->lba++;
892 s->io_buffer_index = 0;
893 }
894 if (s->elementary_transfer_size > 0) {
895 /* there are some data left to transmit in this elementary
896 transfer */
897 size = s->cd_sector_size - s->io_buffer_index;
898 if (size > s->elementary_transfer_size)
899 size = s->elementary_transfer_size;
900 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
901 size, ide_atapi_cmd_reply_end);
902 s->packet_transfer_size -= size;
903 s->elementary_transfer_size -= size;
904 s->io_buffer_index += size;
905 } else {
906 /* a new transfer is needed */
907 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
908 byte_count_limit = s->lcyl | (s->hcyl << 8);
909 #ifdef DEBUG_IDE_ATAPI
910 printf("byte_count_limit=%d\n", byte_count_limit);
911 #endif
912 if (byte_count_limit == 0xffff)
913 byte_count_limit--;
914 size = s->packet_transfer_size;
915 if (size > byte_count_limit) {
916 /* byte count limit must be even if this case */
917 if (byte_count_limit & 1)
918 byte_count_limit--;
919 size = byte_count_limit;
920 }
921 s->lcyl = size;
922 s->hcyl = size >> 8;
923 s->elementary_transfer_size = size;
924 /* we cannot transmit more than one sector at a time */
925 if (s->lba != -1) {
926 if (size > (s->cd_sector_size - s->io_buffer_index))
927 size = (s->cd_sector_size - s->io_buffer_index);
928 }
929 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
930 size, ide_atapi_cmd_reply_end);
931 s->packet_transfer_size -= size;
932 s->elementary_transfer_size -= size;
933 s->io_buffer_index += size;
934 ide_set_irq(s);
935 #ifdef DEBUG_IDE_ATAPI
936 printf("status=0x%x\n", s->status);
937 #endif
938 }
939 }
940 }
941
942 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
943 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
944 {
945 if (size > max_size)
946 size = max_size;
947 s->lba = -1; /* no sector read */
948 s->packet_transfer_size = size;
949 s->elementary_transfer_size = 0;
950 s->io_buffer_index = 0;
951
952 s->status = READY_STAT;
953 ide_atapi_cmd_reply_end(s);
954 }
955
956 /* start a CD-CDROM read command */
957 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
958 int sector_size)
959 {
960 s->lba = lba;
961 s->packet_transfer_size = nb_sectors * sector_size;
962 s->elementary_transfer_size = 0;
963 s->io_buffer_index = sector_size;
964 s->cd_sector_size = sector_size;
965
966 s->status = READY_STAT;
967 ide_atapi_cmd_reply_end(s);
968 }
969
970 /* ATAPI DMA support */
971 static int ide_atapi_cmd_read_dma_cb(IDEState *s,
972 target_phys_addr_t phys_addr,
973 int transfer_size1)
974 {
975 int len, transfer_size;
976
977 transfer_size = transfer_size1;
978 while (transfer_size > 0) {
979 #ifdef DEBUG_IDE_ATAPI
980 printf("transfer_size: %d phys_addr=%08x\n", transfer_size, phys_addr);
981 #endif
982 if (s->packet_transfer_size <= 0)
983 break;
984 len = s->cd_sector_size - s->io_buffer_index;
985 if (len <= 0) {
986 /* transfert next data */
987 cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
988 s->lba++;
989 s->io_buffer_index = 0;
990 len = s->cd_sector_size;
991 }
992 if (len > transfer_size)
993 len = transfer_size;
994 cpu_physical_memory_write(phys_addr,
995 s->io_buffer + s->io_buffer_index, len);
996 s->packet_transfer_size -= len;
997 s->io_buffer_index += len;
998 transfer_size -= len;
999 phys_addr += len;
1000 }
1001 if (s->packet_transfer_size <= 0) {
1002 s->status = READY_STAT;
1003 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1004 ide_set_irq(s);
1005 #ifdef DEBUG_IDE_ATAPI
1006 printf("dma status=0x%x\n", s->status);
1007 #endif
1008 return 0;
1009 }
1010 return transfer_size1 - transfer_size;
1011 }
1012
1013 /* start a CD-CDROM read command with DMA */
1014 /* XXX: test if DMA is available */
1015 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1016 int sector_size)
1017 {
1018 s->lba = lba;
1019 s->packet_transfer_size = nb_sectors * sector_size;
1020 s->io_buffer_index = sector_size;
1021 s->cd_sector_size = sector_size;
1022
1023 s->status = READY_STAT | DRQ_STAT;
1024 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1025 }
1026
1027 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1028 int sector_size)
1029 {
1030 #ifdef DEBUG_IDE_ATAPI
1031 printf("read: LBA=%d nb_sectors=%d\n", lba, nb_sectors);
1032 #endif
1033 if (s->atapi_dma) {
1034 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1035 } else {
1036 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1037 }
1038 }
1039
1040 /* same toc as bochs. Return -1 if error or the toc length */
1041 /* XXX: check this */
1042 static int cdrom_read_toc(IDEState *s, uint8_t *buf, int msf, int start_track)
1043 {
1044 uint8_t *q;
1045 int nb_sectors, len;
1046
1047 if (start_track > 1 && start_track != 0xaa)
1048 return -1;
1049 q = buf + 2;
1050 *q++ = 1; /* first session */
1051 *q++ = 1; /* last session */
1052 if (start_track <= 1) {
1053 *q++ = 0; /* reserved */
1054 *q++ = 0x14; /* ADR, control */
1055 *q++ = 1; /* track number */
1056 *q++ = 0; /* reserved */
1057 if (msf) {
1058 *q++ = 0; /* reserved */
1059 lba_to_msf(q, 0);
1060 q += 3;
1061 } else {
1062 /* sector 0 */
1063 cpu_to_ube32(q, 0);
1064 q += 4;
1065 }
1066 }
1067 /* lead out track */
1068 *q++ = 0; /* reserved */
1069 *q++ = 0x16; /* ADR, control */
1070 *q++ = 0xaa; /* track number */
1071 *q++ = 0; /* reserved */
1072 nb_sectors = s->nb_sectors >> 2;
1073 if (msf) {
1074 *q++ = 0; /* reserved */
1075 lba_to_msf(q, nb_sectors);
1076 q += 3;
1077 } else {
1078 cpu_to_ube32(q, nb_sectors);
1079 q += 4;
1080 }
1081 len = q - buf;
1082 cpu_to_ube16(buf, len - 2);
1083 return len;
1084 }
1085
1086 /* mostly same info as PearPc */
1087 static int cdrom_read_toc_raw(IDEState *s, uint8_t *buf, int msf,
1088 int session_num)
1089 {
1090 uint8_t *q;
1091 int nb_sectors, len;
1092
1093 q = buf + 2;
1094 *q++ = 1; /* first session */
1095 *q++ = 1; /* last session */
1096
1097 *q++ = 1; /* session number */
1098 *q++ = 0x14; /* data track */
1099 *q++ = 0; /* track number */
1100 *q++ = 0xa0; /* lead-in */
1101 *q++ = 0; /* min */
1102 *q++ = 0; /* sec */
1103 *q++ = 0; /* frame */
1104 *q++ = 0;
1105 *q++ = 1; /* first track */
1106 *q++ = 0x00; /* disk type */
1107 *q++ = 0x00;
1108
1109 *q++ = 1; /* session number */
1110 *q++ = 0x14; /* data track */
1111 *q++ = 0; /* track number */
1112 *q++ = 0xa1;
1113 *q++ = 0; /* min */
1114 *q++ = 0; /* sec */
1115 *q++ = 0; /* frame */
1116 *q++ = 0;
1117 *q++ = 1; /* last track */
1118 *q++ = 0x00;
1119 *q++ = 0x00;
1120
1121 *q++ = 1; /* session number */
1122 *q++ = 0x14; /* data track */
1123 *q++ = 0; /* track number */
1124 *q++ = 0xa2; /* lead-out */
1125 *q++ = 0; /* min */
1126 *q++ = 0; /* sec */
1127 *q++ = 0; /* frame */
1128 nb_sectors = s->nb_sectors >> 2;
1129 if (msf) {
1130 *q++ = 0; /* reserved */
1131 lba_to_msf(q, nb_sectors);
1132 q += 3;
1133 } else {
1134 cpu_to_ube32(q, nb_sectors);
1135 q += 4;
1136 }
1137
1138 *q++ = 1; /* session number */
1139 *q++ = 0x14; /* ADR, control */
1140 *q++ = 0; /* track number */
1141 *q++ = 1; /* point */
1142 *q++ = 0; /* min */
1143 *q++ = 0; /* sec */
1144 *q++ = 0; /* frame */
1145 if (msf) {
1146 *q++ = 0;
1147 lba_to_msf(q, 0);
1148 q += 3;
1149 } else {
1150 *q++ = 0;
1151 *q++ = 0;
1152 *q++ = 0;
1153 *q++ = 0;
1154 }
1155
1156 len = q - buf;
1157 cpu_to_ube16(buf, len - 2);
1158 return len;
1159 }
1160
1161 static void ide_atapi_cmd(IDEState *s)
1162 {
1163 const uint8_t *packet;
1164 uint8_t *buf;
1165 int max_len;
1166
1167 packet = s->io_buffer;
1168 buf = s->io_buffer;
1169 #ifdef DEBUG_IDE_ATAPI
1170 {
1171 int i;
1172 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1173 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1174 printf(" %02x", packet[i]);
1175 }
1176 printf("\n");
1177 }
1178 #endif
1179 switch(s->io_buffer[0]) {
1180 case GPCMD_TEST_UNIT_READY:
1181 if (bdrv_is_inserted(s->bs)) {
1182 ide_atapi_cmd_ok(s);
1183 } else {
1184 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1185 ASC_MEDIUM_NOT_PRESENT);
1186 }
1187 break;
1188 case GPCMD_MODE_SENSE_10:
1189 {
1190 int action, code;
1191 max_len = ube16_to_cpu(packet + 7);
1192 action = packet[2] >> 6;
1193 code = packet[2] & 0x3f;
1194 switch(action) {
1195 case 0: /* current values */
1196 switch(code) {
1197 case 0x01: /* error recovery */
1198 cpu_to_ube16(&buf[0], 16 + 6);
1199 buf[2] = 0x70;
1200 buf[3] = 0;
1201 buf[4] = 0;
1202 buf[5] = 0;
1203 buf[6] = 0;
1204 buf[7] = 0;
1205
1206 buf[8] = 0x01;
1207 buf[9] = 0x06;
1208 buf[10] = 0x00;
1209 buf[11] = 0x05;
1210 buf[12] = 0x00;
1211 buf[13] = 0x00;
1212 buf[14] = 0x00;
1213 buf[15] = 0x00;
1214 ide_atapi_cmd_reply(s, 16, max_len);
1215 break;
1216 case 0x2a:
1217 cpu_to_ube16(&buf[0], 28 + 6);
1218 buf[2] = 0x70;
1219 buf[3] = 0;
1220 buf[4] = 0;
1221 buf[5] = 0;
1222 buf[6] = 0;
1223 buf[7] = 0;
1224
1225 buf[8] = 0x2a;
1226 buf[9] = 0x12;
1227 buf[10] = 0x00;
1228 buf[11] = 0x00;
1229
1230 buf[12] = 0x70;
1231 buf[13] = 3 << 5;
1232 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1233 if (bdrv_is_locked(s->bs))
1234 buf[6] |= 1 << 1;
1235 buf[15] = 0x00;
1236 cpu_to_ube16(&buf[16], 706);
1237 buf[18] = 0;
1238 buf[19] = 2;
1239 cpu_to_ube16(&buf[20], 512);
1240 cpu_to_ube16(&buf[22], 706);
1241 buf[24] = 0;
1242 buf[25] = 0;
1243 buf[26] = 0;
1244 buf[27] = 0;
1245 ide_atapi_cmd_reply(s, 28, max_len);
1246 break;
1247 default:
1248 goto error_cmd;
1249 }
1250 break;
1251 case 1: /* changeable values */
1252 goto error_cmd;
1253 case 2: /* default values */
1254 goto error_cmd;
1255 default:
1256 case 3: /* saved values */
1257 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1258 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1259 break;
1260 }
1261 }
1262 break;
1263 case GPCMD_REQUEST_SENSE:
1264 max_len = packet[4];
1265 memset(buf, 0, 18);
1266 buf[0] = 0x70 | (1 << 7);
1267 buf[2] = s->sense_key;
1268 buf[7] = 10;
1269 buf[12] = s->asc;
1270 ide_atapi_cmd_reply(s, 18, max_len);
1271 break;
1272 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1273 if (bdrv_is_inserted(s->bs)) {
1274 bdrv_set_locked(s->bs, packet[4] & 1);
1275 ide_atapi_cmd_ok(s);
1276 } else {
1277 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1278 ASC_MEDIUM_NOT_PRESENT);
1279 }
1280 break;
1281 case GPCMD_READ_10:
1282 case GPCMD_READ_12:
1283 {
1284 int nb_sectors, lba;
1285
1286 if (!bdrv_is_inserted(s->bs)) {
1287 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1288 ASC_MEDIUM_NOT_PRESENT);
1289 break;
1290 }
1291 if (packet[0] == GPCMD_READ_10)
1292 nb_sectors = ube16_to_cpu(packet + 7);
1293 else
1294 nb_sectors = ube32_to_cpu(packet + 6);
1295 lba = ube32_to_cpu(packet + 2);
1296 if (nb_sectors == 0) {
1297 ide_atapi_cmd_ok(s);
1298 break;
1299 }
1300 if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
1301 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1302 ASC_LOGICAL_BLOCK_OOR);
1303 break;
1304 }
1305 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1306 }
1307 break;
1308 case GPCMD_READ_CD:
1309 {
1310 int nb_sectors, lba, transfer_request;
1311
1312 if (!bdrv_is_inserted(s->bs)) {
1313 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1314 ASC_MEDIUM_NOT_PRESENT);
1315 break;
1316 }
1317 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1318 lba = ube32_to_cpu(packet + 2);
1319 if (nb_sectors == 0) {
1320 ide_atapi_cmd_ok(s);
1321 break;
1322 }
1323 if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
1324 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1325 ASC_LOGICAL_BLOCK_OOR);
1326 break;
1327 }
1328 transfer_request = packet[9];
1329 switch(transfer_request & 0xf8) {
1330 case 0x00:
1331 /* nothing */
1332 ide_atapi_cmd_ok(s);
1333 break;
1334 case 0x10:
1335 /* normal read */
1336 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1337 break;
1338 case 0xf8:
1339 /* read all data */
1340 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1341 break;
1342 default:
1343 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1344 ASC_INV_FIELD_IN_CMD_PACKET);
1345 break;
1346 }
1347 }
1348 break;
1349 case GPCMD_SEEK:
1350 {
1351 int lba;
1352 if (!bdrv_is_inserted(s->bs)) {
1353 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1354 ASC_MEDIUM_NOT_PRESENT);
1355 break;
1356 }
1357 lba = ube32_to_cpu(packet + 2);
1358 if (((int64_t)lba << 2) > s->nb_sectors) {
1359 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1360 ASC_LOGICAL_BLOCK_OOR);
1361 break;
1362 }
1363 ide_atapi_cmd_ok(s);
1364 }
1365 break;
1366 case GPCMD_START_STOP_UNIT:
1367 {
1368 int start, eject;
1369 start = packet[4] & 1;
1370 eject = (packet[4] >> 1) & 1;
1371
1372 if (eject && !start) {
1373 /* eject the disk */
1374 bdrv_close(s->bs);
1375 }
1376 ide_atapi_cmd_ok(s);
1377 }
1378 break;
1379 case GPCMD_MECHANISM_STATUS:
1380 {
1381 max_len = ube16_to_cpu(packet + 8);
1382 cpu_to_ube16(buf, 0);
1383 /* no current LBA */
1384 buf[2] = 0;
1385 buf[3] = 0;
1386 buf[4] = 0;
1387 buf[5] = 1;
1388 cpu_to_ube16(buf + 6, 0);
1389 ide_atapi_cmd_reply(s, 8, max_len);
1390 }
1391 break;
1392 case GPCMD_READ_TOC_PMA_ATIP:
1393 {
1394 int format, msf, start_track, len;
1395
1396 if (!bdrv_is_inserted(s->bs)) {
1397 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1398 ASC_MEDIUM_NOT_PRESENT);
1399 break;
1400 }
1401 max_len = ube16_to_cpu(packet + 7);
1402 format = packet[9] >> 6;
1403 msf = (packet[1] >> 1) & 1;
1404 start_track = packet[6];
1405 switch(format) {
1406 case 0:
1407 len = cdrom_read_toc(s, buf, msf, start_track);
1408 if (len < 0)
1409 goto error_cmd;
1410 ide_atapi_cmd_reply(s, len, max_len);
1411 break;
1412 case 1:
1413 /* multi session : only a single session defined */
1414 memset(buf, 0, 12);
1415 buf[1] = 0x0a;
1416 buf[2] = 0x01;
1417 buf[3] = 0x01;
1418 ide_atapi_cmd_reply(s, 12, max_len);
1419 break;
1420 case 2:
1421 len = cdrom_read_toc_raw(s, buf, msf, start_track);
1422 if (len < 0)
1423 goto error_cmd;
1424 ide_atapi_cmd_reply(s, len, max_len);
1425 break;
1426 default:
1427 error_cmd:
1428 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1429 ASC_INV_FIELD_IN_CMD_PACKET);
1430 break;
1431 }
1432 }
1433 break;
1434 case GPCMD_READ_CDVD_CAPACITY:
1435 if (!bdrv_is_inserted(s->bs)) {
1436 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1437 ASC_MEDIUM_NOT_PRESENT);
1438 break;
1439 }
1440 /* NOTE: it is really the number of sectors minus 1 */
1441 cpu_to_ube32(buf, (s->nb_sectors >> 2) - 1);
1442 cpu_to_ube32(buf + 4, 2048);
1443 ide_atapi_cmd_reply(s, 8, 8);
1444 break;
1445 case GPCMD_INQUIRY:
1446 max_len = packet[4];
1447 buf[0] = 0x05; /* CD-ROM */
1448 buf[1] = 0x80; /* removable */
1449 buf[2] = 0x00; /* ISO */
1450 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1451 buf[4] = 31; /* additionnal length */
1452 buf[5] = 0; /* reserved */
1453 buf[6] = 0; /* reserved */
1454 buf[7] = 0; /* reserved */
1455 padstr8(buf + 8, 8, "QEMU");
1456 padstr8(buf + 16, 16, "QEMU CD-ROM");
1457 padstr8(buf + 32, 4, QEMU_VERSION);
1458 ide_atapi_cmd_reply(s, 36, max_len);
1459 break;
1460 default:
1461 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1462 ASC_ILLEGAL_OPCODE);
1463 break;
1464 }
1465 }
1466
1467 /* called when the inserted state of the media has changed */
1468 static void cdrom_change_cb(void *opaque)
1469 {
1470 IDEState *s = opaque;
1471 int64_t nb_sectors;
1472
1473 /* XXX: send interrupt too */
1474 bdrv_get_geometry(s->bs, &nb_sectors);
1475 s->nb_sectors = nb_sectors;
1476 }
1477
1478 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1479 {
1480 IDEState *ide_if = opaque;
1481 IDEState *s;
1482 int unit, n;
1483
1484 #ifdef DEBUG_IDE
1485 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1486 #endif
1487 addr &= 7;
1488 switch(addr) {
1489 case 0:
1490 break;
1491 case 1:
1492 /* NOTE: data is written to the two drives */
1493 ide_if[0].feature = val;
1494 ide_if[1].feature = val;
1495 break;
1496 case 2:
1497 if (val == 0)
1498 val = 256;
1499 ide_if[0].nsector = val;
1500 ide_if[1].nsector = val;
1501 break;
1502 case 3:
1503 ide_if[0].sector = val;
1504 ide_if[1].sector = val;
1505 break;
1506 case 4:
1507 ide_if[0].lcyl = val;
1508 ide_if[1].lcyl = val;
1509 break;
1510 case 5:
1511 ide_if[0].hcyl = val;
1512 ide_if[1].hcyl = val;
1513 break;
1514 case 6:
1515 ide_if[0].select = (val & ~0x10) | 0xa0;
1516 ide_if[1].select = (val | 0x10) | 0xa0;
1517 /* select drive */
1518 unit = (val >> 4) & 1;
1519 s = ide_if + unit;
1520 ide_if->cur_drive = s;
1521 break;
1522 default:
1523 case 7:
1524 /* command */
1525 #if defined(DEBUG_IDE)
1526 printf("ide: CMD=%02x\n", val);
1527 #endif
1528 s = ide_if->cur_drive;
1529 /* ignore commands to non existant slave */
1530 if (s != ide_if && !s->bs)
1531 break;
1532 switch(val) {
1533 case WIN_IDENTIFY:
1534 if (s->bs && !s->is_cdrom) {
1535 ide_identify(s);
1536 s->status = READY_STAT | SEEK_STAT;
1537 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1538 } else {
1539 if (s->is_cdrom) {
1540 ide_set_signature(s);
1541 }
1542 ide_abort_command(s);
1543 }
1544 ide_set_irq(s);
1545 break;
1546 case WIN_SPECIFY:
1547 case WIN_RECAL:
1548 s->error = 0;
1549 s->status = READY_STAT | SEEK_STAT;
1550 ide_set_irq(s);
1551 break;
1552 case WIN_SETMULT:
1553 if (s->nsector > MAX_MULT_SECTORS ||
1554 s->nsector == 0 ||
1555 (s->nsector & (s->nsector - 1)) != 0) {
1556 ide_abort_command(s);
1557 } else {
1558 s->mult_sectors = s->nsector;
1559 s->status = READY_STAT;
1560 }
1561 ide_set_irq(s);
1562 break;
1563 case WIN_VERIFY:
1564 case WIN_VERIFY_ONCE:
1565 /* do sector number check ? */
1566 s->status = READY_STAT;
1567 ide_set_irq(s);
1568 break;
1569 case WIN_READ:
1570 case WIN_READ_ONCE:
1571 if (!s->bs)
1572 goto abort_cmd;
1573 s->req_nb_sectors = 1;
1574 ide_sector_read(s);
1575 break;
1576 case WIN_WRITE:
1577 case WIN_WRITE_ONCE:
1578 s->error = 0;
1579 s->status = SEEK_STAT | READY_STAT;
1580 s->req_nb_sectors = 1;
1581 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1582 break;
1583 case WIN_MULTREAD:
1584 if (!s->mult_sectors)
1585 goto abort_cmd;
1586 s->req_nb_sectors = s->mult_sectors;
1587 ide_sector_read(s);
1588 break;
1589 case WIN_MULTWRITE:
1590 if (!s->mult_sectors)
1591 goto abort_cmd;
1592 s->error = 0;
1593 s->status = SEEK_STAT | READY_STAT;
1594 s->req_nb_sectors = s->mult_sectors;
1595 n = s->nsector;
1596 if (n > s->req_nb_sectors)
1597 n = s->req_nb_sectors;
1598 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1599 break;
1600 case WIN_READDMA:
1601 case WIN_READDMA_ONCE:
1602 if (!s->bs)
1603 goto abort_cmd;
1604 ide_sector_read_dma(s);
1605 break;
1606 case WIN_WRITEDMA:
1607 case WIN_WRITEDMA_ONCE:
1608 if (!s->bs)
1609 goto abort_cmd;
1610 ide_sector_write_dma(s);
1611 break;
1612 case WIN_READ_NATIVE_MAX:
1613 ide_set_sector(s, s->nb_sectors - 1);
1614 s->status = READY_STAT;
1615 ide_set_irq(s);
1616 break;
1617 case WIN_CHECKPOWERMODE1:
1618 s->nsector = 0xff; /* device active or idle */
1619 s->status = READY_STAT;
1620 ide_set_irq(s);
1621 break;
1622 case WIN_SETFEATURES:
1623 if (!s->bs)
1624 goto abort_cmd;
1625 /* XXX: valid for CDROM ? */
1626 switch(s->feature) {
1627 case 0x02: /* write cache enable */
1628 case 0x82: /* write cache disable */
1629 case 0xaa: /* read look-ahead enable */
1630 case 0x55: /* read look-ahead disable */
1631 s->status = READY_STAT | SEEK_STAT;
1632 ide_set_irq(s);
1633 break;
1634 case 0x03: { /* set transfer mode */
1635 uint8_t val = s->nsector & 0x07;
1636
1637 switch (s->nsector >> 3) {
1638 case 0x00: /* pio default */
1639 case 0x01: /* pio mode */
1640 put_le16(s->identify_data + 63,0x07);
1641 put_le16(s->identify_data + 88,0x3f);
1642 break;
1643 case 0x04: /* mdma mode */
1644 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
1645 put_le16(s->identify_data + 88,0x3f);
1646 break;
1647 case 0x08: /* udma mode */
1648 put_le16(s->identify_data + 63,0x07);
1649 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
1650 break;
1651 default:
1652 goto abort_cmd;
1653 }
1654 s->status = READY_STAT | SEEK_STAT;
1655 ide_set_irq(s);
1656 break;
1657 }
1658 default:
1659 goto abort_cmd;
1660 }
1661 break;
1662 case WIN_STANDBYNOW1:
1663 case WIN_IDLEIMMEDIATE:
1664 case WIN_FLUSH_CACHE:
1665 s->status = READY_STAT;
1666 ide_set_irq(s);
1667 break;
1668 /* ATAPI commands */
1669 case WIN_PIDENTIFY:
1670 if (s->is_cdrom) {
1671 ide_atapi_identify(s);
1672 s->status = READY_STAT | SEEK_STAT;
1673 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1674 } else {
1675 ide_abort_command(s);
1676 }
1677 ide_set_irq(s);
1678 break;
1679 case WIN_DIAGNOSE:
1680 ide_set_signature(s);
1681 s->status = 0x00; /* NOTE: READY is _not_ set */
1682 s->error = 0x01;
1683 break;
1684 case WIN_SRST:
1685 if (!s->is_cdrom)
1686 goto abort_cmd;
1687 ide_set_signature(s);
1688 s->status = 0x00; /* NOTE: READY is _not_ set */
1689 s->error = 0x01;
1690 break;
1691 case WIN_PACKETCMD:
1692 if (!s->is_cdrom)
1693 goto abort_cmd;
1694 /* overlapping commands not supported */
1695 if (s->feature & 0x02)
1696 goto abort_cmd;
1697 s->atapi_dma = s->feature & 1;
1698 s->nsector = 1;
1699 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1700 ide_atapi_cmd);
1701 break;
1702 default:
1703 abort_cmd:
1704 ide_abort_command(s);
1705 ide_set_irq(s);
1706 break;
1707 }
1708 }
1709 }
1710
1711 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
1712 {
1713 IDEState *ide_if = opaque;
1714 IDEState *s = ide_if->cur_drive;
1715 uint32_t addr;
1716 int ret;
1717
1718 addr = addr1 & 7;
1719 switch(addr) {
1720 case 0:
1721 ret = 0xff;
1722 break;
1723 case 1:
1724 if (!ide_if[0].bs && !ide_if[1].bs)
1725 ret = 0;
1726 else
1727 ret = s->error;
1728 break;
1729 case 2:
1730 if (!ide_if[0].bs && !ide_if[1].bs)
1731 ret = 0;
1732 else
1733 ret = s->nsector & 0xff;
1734 break;
1735 case 3:
1736 if (!ide_if[0].bs && !ide_if[1].bs)
1737 ret = 0;
1738 else
1739 ret = s->sector;
1740 break;
1741 case 4:
1742 if (!ide_if[0].bs && !ide_if[1].bs)
1743 ret = 0;
1744 else
1745 ret = s->lcyl;
1746 break;
1747 case 5:
1748 if (!ide_if[0].bs && !ide_if[1].bs)
1749 ret = 0;
1750 else
1751 ret = s->hcyl;
1752 break;
1753 case 6:
1754 if (!ide_if[0].bs && !ide_if[1].bs)
1755 ret = 0;
1756 else
1757 ret = s->select;
1758 break;
1759 default:
1760 case 7:
1761 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1762 (s != ide_if && !s->bs))
1763 ret = 0;
1764 else
1765 ret = s->status;
1766 s->set_irq(s->irq_opaque, s->irq, 0);
1767 break;
1768 }
1769 #ifdef DEBUG_IDE
1770 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1771 #endif
1772 return ret;
1773 }
1774
1775 static uint32_t ide_status_read(void *opaque, uint32_t addr)
1776 {
1777 IDEState *ide_if = opaque;
1778 IDEState *s = ide_if->cur_drive;
1779 int ret;
1780
1781 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1782 (s != ide_if && !s->bs))
1783 ret = 0;
1784 else
1785 ret = s->status;
1786 #ifdef DEBUG_IDE
1787 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1788 #endif
1789 return ret;
1790 }
1791
1792 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
1793 {
1794 IDEState *ide_if = opaque;
1795 IDEState *s;
1796 int i;
1797
1798 #ifdef DEBUG_IDE
1799 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1800 #endif
1801 /* common for both drives */
1802 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
1803 (val & IDE_CMD_RESET)) {
1804 /* reset low to high */
1805 for(i = 0;i < 2; i++) {
1806 s = &ide_if[i];
1807 s->status = BUSY_STAT | SEEK_STAT;
1808 s->error = 0x01;
1809 }
1810 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
1811 !(val & IDE_CMD_RESET)) {
1812 /* high to low */
1813 for(i = 0;i < 2; i++) {
1814 s = &ide_if[i];
1815 if (s->is_cdrom)
1816 s->status = 0x00; /* NOTE: READY is _not_ set */
1817 else
1818 s->status = READY_STAT | SEEK_STAT;
1819 ide_set_signature(s);
1820 }
1821 }
1822
1823 ide_if[0].cmd = val;
1824 ide_if[1].cmd = val;
1825 }
1826
1827 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
1828 {
1829 IDEState *s = ((IDEState *)opaque)->cur_drive;
1830 uint8_t *p;
1831
1832 p = s->data_ptr;
1833 *(uint16_t *)p = le16_to_cpu(val);
1834 p += 2;
1835 s->data_ptr = p;
1836 if (p >= s->data_end)
1837 s->end_transfer_func(s);
1838 }
1839
1840 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
1841 {
1842 IDEState *s = ((IDEState *)opaque)->cur_drive;
1843 uint8_t *p;
1844 int ret;
1845 p = s->data_ptr;
1846 ret = cpu_to_le16(*(uint16_t *)p);
1847 p += 2;
1848 s->data_ptr = p;
1849 if (p >= s->data_end)
1850 s->end_transfer_func(s);
1851 return ret;
1852 }
1853
1854 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
1855 {
1856 IDEState *s = ((IDEState *)opaque)->cur_drive;
1857 uint8_t *p;
1858
1859 p = s->data_ptr;
1860 *(uint32_t *)p = le32_to_cpu(val);
1861 p += 4;
1862 s->data_ptr = p;
1863 if (p >= s->data_end)
1864 s->end_transfer_func(s);
1865 }
1866
1867 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
1868 {
1869 IDEState *s = ((IDEState *)opaque)->cur_drive;
1870 uint8_t *p;
1871 int ret;
1872
1873 p = s->data_ptr;
1874 ret = cpu_to_le32(*(uint32_t *)p);
1875 p += 4;
1876 s->data_ptr = p;
1877 if (p >= s->data_end)
1878 s->end_transfer_func(s);
1879 return ret;
1880 }
1881
1882 static void ide_dummy_transfer_stop(IDEState *s)
1883 {
1884 s->data_ptr = s->io_buffer;
1885 s->data_end = s->io_buffer;
1886 s->io_buffer[0] = 0xff;
1887 s->io_buffer[1] = 0xff;
1888 s->io_buffer[2] = 0xff;
1889 s->io_buffer[3] = 0xff;
1890 }
1891
1892 static void ide_reset(IDEState *s)
1893 {
1894 s->mult_sectors = MAX_MULT_SECTORS;
1895 s->cur_drive = s;
1896 s->select = 0xa0;
1897 s->status = READY_STAT;
1898 ide_set_signature(s);
1899 /* init the transfer handler so that 0xffff is returned on data
1900 accesses */
1901 s->end_transfer_func = ide_dummy_transfer_stop;
1902 ide_dummy_transfer_stop(s);
1903 }
1904
1905 struct partition {
1906 uint8_t boot_ind; /* 0x80 - active */
1907 uint8_t head; /* starting head */
1908 uint8_t sector; /* starting sector */
1909 uint8_t cyl; /* starting cylinder */
1910 uint8_t sys_ind; /* What partition type */
1911 uint8_t end_head; /* end head */
1912 uint8_t end_sector; /* end sector */
1913 uint8_t end_cyl; /* end cylinder */
1914 uint32_t start_sect; /* starting sector counting from 0 */
1915 uint32_t nr_sects; /* nr of sectors in partition */
1916 } __attribute__((packed));
1917
1918 /* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
1919 static int guess_disk_lchs(IDEState *s,
1920 int *pcylinders, int *pheads, int *psectors)
1921 {
1922 uint8_t buf[512];
1923 int ret, i, heads, sectors, cylinders;
1924 struct partition *p;
1925 uint32_t nr_sects;
1926
1927 ret = bdrv_read(s->bs, 0, buf, 1);
1928 if (ret < 0)
1929 return -1;
1930 /* test msdos magic */
1931 if (buf[510] != 0x55 || buf[511] != 0xaa)
1932 return -1;
1933 for(i = 0; i < 4; i++) {
1934 p = ((struct partition *)(buf + 0x1be)) + i;
1935 nr_sects = le32_to_cpu(p->nr_sects);
1936 if (nr_sects && p->end_head) {
1937 /* We make the assumption that the partition terminates on
1938 a cylinder boundary */
1939 heads = p->end_head + 1;
1940 sectors = p->end_sector & 63;
1941 if (sectors == 0)
1942 continue;
1943 cylinders = s->nb_sectors / (heads * sectors);
1944 if (cylinders < 1 || cylinders > 16383)
1945 continue;
1946 *pheads = heads;
1947 *psectors = sectors;
1948 *pcylinders = cylinders;
1949 #if 0
1950 printf("guessed geometry: LCHS=%d %d %d\n",
1951 cylinders, heads, sectors);
1952 #endif
1953 return 0;
1954 }
1955 }
1956 return -1;
1957 }
1958
1959 static void ide_init2(IDEState *ide_state,
1960 BlockDriverState *hd0, BlockDriverState *hd1,
1961 SetIRQFunc *set_irq, void *irq_opaque, int irq)
1962 {
1963 IDEState *s;
1964 static int drive_serial = 1;
1965 int i, cylinders, heads, secs, translation;
1966 int64_t nb_sectors;
1967
1968 for(i = 0; i < 2; i++) {
1969 s = ide_state + i;
1970 if (i == 0)
1971 s->bs = hd0;
1972 else
1973 s->bs = hd1;
1974 if (s->bs) {
1975 bdrv_get_geometry(s->bs, &nb_sectors);
1976 s->nb_sectors = nb_sectors;
1977 /* if a geometry hint is available, use it */
1978 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
1979 if (cylinders != 0) {
1980 s->cylinders = cylinders;
1981 s->heads = heads;
1982 s->sectors = secs;
1983 } else {
1984 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
1985 if (heads > 16) {
1986 /* if heads > 16, it means that a BIOS LBA
1987 translation was active, so the default
1988 hardware geometry is OK */
1989 goto default_geometry;
1990 } else {
1991 s->cylinders = cylinders;
1992 s->heads = heads;
1993 s->sectors = secs;
1994 /* disable any translation to be in sync with
1995 the logical geometry */
1996 translation = bdrv_get_translation_hint(s->bs);
1997 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
1998 bdrv_set_translation_hint(s->bs,
1999 BIOS_ATA_TRANSLATION_NONE);
2000 }
2001 }
2002 } else {
2003 default_geometry:
2004 /* if no geometry, use a standard physical disk geometry */
2005 cylinders = nb_sectors / (16 * 63);
2006 if (cylinders > 16383)
2007 cylinders = 16383;
2008 else if (cylinders < 2)
2009 cylinders = 2;
2010 s->cylinders = cylinders;
2011 s->heads = 16;
2012 s->sectors = 63;
2013 }
2014 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
2015 }
2016 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2017 s->is_cdrom = 1;
2018 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2019 }
2020 }
2021 s->drive_serial = drive_serial++;
2022 s->set_irq = set_irq;
2023 s->irq_opaque = irq_opaque;
2024 s->irq = irq;
2025 s->sector_write_timer = qemu_new_timer(vm_clock,
2026 ide_sector_write_timer_cb, s);
2027 ide_reset(s);
2028 }
2029 }
2030
2031 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2032 {
2033 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2034 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2035 if (iobase2) {
2036 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2037 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2038 }
2039
2040 /* data ports */
2041 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2042 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2043 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2044 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2045 }
2046
2047 /***********************************************************/
2048 /* ISA IDE definitions */
2049
2050 void isa_ide_init(int iobase, int iobase2, int irq,
2051 BlockDriverState *hd0, BlockDriverState *hd1)
2052 {
2053 IDEState *ide_state;
2054
2055 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2056 if (!ide_state)
2057 return;
2058
2059 ide_init2(ide_state, hd0, hd1, pic_set_irq_new, isa_pic, irq);
2060 ide_init_ioport(ide_state, iobase, iobase2);
2061 }
2062
2063 /***********************************************************/
2064 /* PCI IDE definitions */
2065
2066 static void cmd646_update_irq(PCIIDEState *d);
2067
2068 static void ide_map(PCIDevice *pci_dev, int region_num,
2069 uint32_t addr, uint32_t size, int type)
2070 {
2071 PCIIDEState *d = (PCIIDEState *)pci_dev;
2072 IDEState *ide_state;
2073
2074 if (region_num <= 3) {
2075 ide_state = &d->ide_if[(region_num >> 1) * 2];
2076 if (region_num & 1) {
2077 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2078 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2079 } else {
2080 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2081 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2082
2083 /* data ports */
2084 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2085 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2086 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2087 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2088 }
2089 }
2090 }
2091
2092 /* XXX: full callback usage to prepare non blocking I/Os support -
2093 error handling */
2094 static void ide_dma_loop(BMDMAState *bm)
2095 {
2096 struct {
2097 uint32_t addr;
2098 uint32_t size;
2099 } prd;
2100 target_phys_addr_t cur_addr;
2101 int len, i, len1;
2102
2103 cur_addr = bm->addr;
2104 /* at most one page to avoid hanging if erroneous parameters */
2105 for(i = 0; i < 512; i++) {
2106 cpu_physical_memory_read(cur_addr, (uint8_t *)&prd, 8);
2107 prd.addr = le32_to_cpu(prd.addr);
2108 prd.size = le32_to_cpu(prd.size);
2109 #ifdef DEBUG_IDE
2110 printf("ide: dma: prd: %08x: addr=0x%08x size=0x%08x\n",
2111 (int)cur_addr, prd.addr, prd.size);
2112 #endif
2113 len = prd.size & 0xfffe;
2114 if (len == 0)
2115 len = 0x10000;
2116 while (len > 0) {
2117 len1 = bm->dma_cb(bm->ide_if, prd.addr, len);
2118 if (len1 == 0)
2119 goto the_end;
2120 prd.addr += len1;
2121 len -= len1;
2122 }
2123 /* end of transfer */
2124 if (prd.size & 0x80000000)
2125 break;
2126 cur_addr += 8;
2127 }
2128 /* end of transfer */
2129 the_end:
2130 bm->status &= ~BM_STATUS_DMAING;
2131 bm->status |= BM_STATUS_INT;
2132 bm->dma_cb = NULL;
2133 bm->ide_if = NULL;
2134 }
2135
2136 static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb)
2137 {
2138 BMDMAState *bm = s->bmdma;
2139 if(!bm)
2140 return;
2141 bm->ide_if = s;
2142 bm->dma_cb = dma_cb;
2143 if (bm->status & BM_STATUS_DMAING) {
2144 ide_dma_loop(bm);
2145 }
2146 }
2147
2148 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2149 {
2150 BMDMAState *bm = opaque;
2151 #ifdef DEBUG_IDE
2152 printf("%s: 0x%08x\n", __func__, val);
2153 #endif
2154 if (!(val & BM_CMD_START)) {
2155 /* XXX: do it better */
2156 bm->status &= ~BM_STATUS_DMAING;
2157 bm->cmd = val & 0x09;
2158 } else {
2159 bm->status |= BM_STATUS_DMAING;
2160 bm->cmd = val & 0x09;
2161 /* start dma transfer if possible */
2162 if (bm->dma_cb)
2163 ide_dma_loop(bm);
2164 }
2165 }
2166
2167 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2168 {
2169 BMDMAState *bm = opaque;
2170 PCIIDEState *pci_dev;
2171 uint32_t val;
2172
2173 switch(addr & 3) {
2174 case 0:
2175 val = bm->cmd;
2176 break;
2177 case 1:
2178 pci_dev = bm->pci_dev;
2179 if (pci_dev->type == IDE_TYPE_CMD646) {
2180 val = pci_dev->dev.config[MRDMODE];
2181 } else {
2182 val = 0xff;
2183 }
2184 break;
2185 case 2:
2186 val = bm->status;
2187 break;
2188 case 3:
2189 pci_dev = bm->pci_dev;
2190 if (pci_dev->type == IDE_TYPE_CMD646) {
2191 if (bm == &pci_dev->bmdma[0])
2192 val = pci_dev->dev.config[UDIDETCR0];
2193 else
2194 val = pci_dev->dev.config[UDIDETCR1];
2195 } else {
2196 val = 0xff;
2197 }
2198 break;
2199 default:
2200 val = 0xff;
2201 break;
2202 }
2203 #ifdef DEBUG_IDE
2204 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2205 #endif
2206 return val;
2207 }
2208
2209 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2210 {
2211 BMDMAState *bm = opaque;
2212 PCIIDEState *pci_dev;
2213 #ifdef DEBUG_IDE
2214 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
2215 #endif
2216 switch(addr & 3) {
2217 case 1:
2218 pci_dev = bm->pci_dev;
2219 if (pci_dev->type == IDE_TYPE_CMD646) {
2220 pci_dev->dev.config[MRDMODE] =
2221 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2222 cmd646_update_irq(pci_dev);
2223 }
2224 break;
2225 case 2:
2226 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2227 break;
2228 case 3:
2229 pci_dev = bm->pci_dev;
2230 if (pci_dev->type == IDE_TYPE_CMD646) {
2231 if (bm == &pci_dev->bmdma[0])
2232 pci_dev->dev.config[UDIDETCR0] = val;
2233 else
2234 pci_dev->dev.config[UDIDETCR1] = val;
2235 }
2236 break;
2237 }
2238 }
2239
2240 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2241 {
2242 BMDMAState *bm = opaque;
2243 uint32_t val;
2244 val = bm->addr;
2245 #ifdef DEBUG_IDE
2246 printf("%s: 0x%08x\n", __func__, val);
2247 #endif
2248 return val;
2249 }
2250
2251 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2252 {
2253 BMDMAState *bm = opaque;
2254 #ifdef DEBUG_IDE
2255 printf("%s: 0x%08x\n", __func__, val);
2256 #endif
2257 bm->addr = val & ~3;
2258 }
2259
2260 static void bmdma_map(PCIDevice *pci_dev, int region_num,
2261 uint32_t addr, uint32_t size, int type)
2262 {
2263 PCIIDEState *d = (PCIIDEState *)pci_dev;
2264 int i;
2265
2266 for(i = 0;i < 2; i++) {
2267 BMDMAState *bm = &d->bmdma[i];
2268 d->ide_if[2 * i].bmdma = bm;
2269 d->ide_if[2 * i + 1].bmdma = bm;
2270 bm->pci_dev = (PCIIDEState *)pci_dev;
2271
2272 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2273
2274 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
2275 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
2276
2277 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2278 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2279 addr += 8;
2280 }
2281 }
2282
2283 /* XXX: call it also when the MRDMODE is changed from the PCI config
2284 registers */
2285 static void cmd646_update_irq(PCIIDEState *d)
2286 {
2287 int pci_level;
2288 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
2289 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
2290 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
2291 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
2292 pci_set_irq((PCIDevice *)d, 0, pci_level);
2293 }
2294
2295 /* the PCI irq level is the logical OR of the two channels */
2296 static void cmd646_set_irq(void *opaque, int channel, int level)
2297 {
2298 PCIIDEState *d = opaque;
2299 int irq_mask;
2300
2301 irq_mask = MRDMODE_INTR_CH0 << channel;
2302 if (level)
2303 d->dev.config[MRDMODE] |= irq_mask;
2304 else
2305 d->dev.config[MRDMODE] &= ~irq_mask;
2306 cmd646_update_irq(d);
2307 }
2308
2309 /* CMD646 PCI IDE controller */
2310 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
2311 int secondary_ide_enabled)
2312 {
2313 PCIIDEState *d;
2314 uint8_t *pci_conf;
2315 int i;
2316
2317 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
2318 sizeof(PCIIDEState),
2319 -1,
2320 NULL, NULL);
2321 d->type = IDE_TYPE_CMD646;
2322 pci_conf = d->dev.config;
2323 pci_conf[0x00] = 0x95; // CMD646
2324 pci_conf[0x01] = 0x10;
2325 pci_conf[0x02] = 0x46;
2326 pci_conf[0x03] = 0x06;
2327
2328 pci_conf[0x08] = 0x07; // IDE controller revision
2329 pci_conf[0x09] = 0x8f;
2330
2331 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2332 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2333 pci_conf[0x0e] = 0x00; // header_type
2334
2335 if (secondary_ide_enabled) {
2336 /* XXX: if not enabled, really disable the seconday IDE controller */
2337 pci_conf[0x51] = 0x80; /* enable IDE1 */
2338 }
2339
2340 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2341 PCI_ADDRESS_SPACE_IO, ide_map);
2342 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2343 PCI_ADDRESS_SPACE_IO, ide_map);
2344 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2345 PCI_ADDRESS_SPACE_IO, ide_map);
2346 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2347 PCI_ADDRESS_SPACE_IO, ide_map);
2348 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2349 PCI_ADDRESS_SPACE_IO, bmdma_map);
2350
2351 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2352
2353 for(i = 0; i < 4; i++)
2354 d->ide_if[i].pci_dev = (PCIDevice *)d;
2355 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1],
2356 cmd646_set_irq, d, 0);
2357 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3],
2358 cmd646_set_irq, d, 1);
2359 }
2360
2361 /* hd_table must contain 4 block drivers */
2362 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
2363 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table)
2364 {
2365 PCIIDEState *d;
2366 uint8_t *pci_conf;
2367
2368 /* register a function 1 of PIIX3 */
2369 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2370 sizeof(PCIIDEState),
2371 ((PCIDevice *)piix3_state)->devfn + 1,
2372 NULL, NULL);
2373 d->type = IDE_TYPE_PIIX3;
2374
2375 pci_conf = d->dev.config;
2376 pci_conf[0x00] = 0x86; // Intel
2377 pci_conf[0x01] = 0x80;
2378 pci_conf[0x02] = 0x10;
2379 pci_conf[0x03] = 0x70;
2380 pci_conf[0x09] = 0x80; // legacy ATA mode
2381 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2382 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2383 pci_conf[0x0e] = 0x00; // header_type
2384
2385 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2386 PCI_ADDRESS_SPACE_IO, bmdma_map);
2387
2388 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1],
2389 pic_set_irq_new, isa_pic, 14);
2390 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3],
2391 pic_set_irq_new, isa_pic, 15);
2392 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2393 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2394 }
2395
2396 /***********************************************************/
2397 /* MacIO based PowerPC IDE */
2398
2399 /* PowerMac IDE memory IO */
2400 static void pmac_ide_writeb (void *opaque,
2401 target_phys_addr_t addr, uint32_t val)
2402 {
2403 addr = (addr & 0xFFF) >> 4;
2404 switch (addr) {
2405 case 1 ... 7:
2406 ide_ioport_write(opaque, addr, val);
2407 break;
2408 case 8:
2409 case 22:
2410 ide_cmd_write(opaque, 0, val);
2411 break;
2412 default:
2413 break;
2414 }
2415 }
2416
2417 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
2418 {
2419 uint8_t retval;
2420
2421 addr = (addr & 0xFFF) >> 4;
2422 switch (addr) {
2423 case 1 ... 7:
2424 retval = ide_ioport_read(opaque, addr);
2425 break;
2426 case 8:
2427 case 22:
2428 retval = ide_status_read(opaque, 0);
2429 break;
2430 default:
2431 retval = 0xFF;
2432 break;
2433 }
2434 return retval;
2435 }
2436
2437 static void pmac_ide_writew (void *opaque,
2438 target_phys_addr_t addr, uint32_t val)
2439 {
2440 addr = (addr & 0xFFF) >> 4;
2441 #ifdef TARGET_WORDS_BIGENDIAN
2442 val = bswap16(val);
2443 #endif
2444 if (addr == 0) {
2445 ide_data_writew(opaque, 0, val);
2446 }
2447 }
2448
2449 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
2450 {
2451 uint16_t retval;
2452
2453 addr = (addr & 0xFFF) >> 4;
2454 if (addr == 0) {
2455 retval = ide_data_readw(opaque, 0);
2456 } else {
2457 retval = 0xFFFF;
2458 }
2459 #ifdef TARGET_WORDS_BIGENDIAN
2460 retval = bswap16(retval);
2461 #endif
2462 return retval;
2463 }
2464
2465 static void pmac_ide_writel (void *opaque,
2466 target_phys_addr_t addr, uint32_t val)
2467 {
2468 addr = (addr & 0xFFF) >> 4;
2469 #ifdef TARGET_WORDS_BIGENDIAN
2470 val = bswap32(val);
2471 #endif
2472 if (addr == 0) {
2473 ide_data_writel(opaque, 0, val);
2474 }
2475 }
2476
2477 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
2478 {
2479 uint32_t retval;
2480
2481 addr = (addr & 0xFFF) >> 4;
2482 if (addr == 0) {
2483 retval = ide_data_readl(opaque, 0);
2484 } else {
2485 retval = 0xFFFFFFFF;
2486 }
2487 #ifdef TARGET_WORDS_BIGENDIAN
2488 retval = bswap32(retval);
2489 #endif
2490 return retval;
2491 }
2492
2493 static CPUWriteMemoryFunc *pmac_ide_write[] = {
2494 pmac_ide_writeb,
2495 pmac_ide_writew,
2496 pmac_ide_writel,
2497 };
2498
2499 static CPUReadMemoryFunc *pmac_ide_read[] = {
2500 pmac_ide_readb,
2501 pmac_ide_readw,
2502 pmac_ide_readl,
2503 };
2504
2505 /* hd_table must contain 4 block drivers */
2506 /* PowerMac uses memory mapped registers, not I/O. Return the memory
2507 I/O index to access the ide. */
2508 int pmac_ide_init (BlockDriverState **hd_table,
2509 SetIRQFunc *set_irq, void *irq_opaque, int irq)
2510 {
2511 IDEState *ide_if;
2512 int pmac_ide_memory;
2513
2514 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
2515 ide_init2(&ide_if[0], hd_table[0], hd_table[1],
2516 set_irq, irq_opaque, irq);
2517
2518 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
2519 pmac_ide_write, &ide_if[0]);
2520 return pmac_ide_memory;
2521 }
Samsung s3c2440 and arm920t support for the mini2440 dev board