search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Remove stray uses of vl.h.
[qemu/mini2440.git] / hw / ide.c
blob575605b952c208ceba59777e018dcc739289e59b
1 /*
2 * QEMU IDE disk and CD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include "hw.h"
26 #include "pc.h"
27 #include "pci.h"
28 #include "scsi-disk.h"
29 #include "pcmcia.h"
30 #include "block.h"
31 #include "qemu-timer.h"
32 #include "sysemu.h"
33
34 /* debug IDE devices */
35 //#define DEBUG_IDE
36 //#define DEBUG_IDE_ATAPI
37 //#define DEBUG_AIO
38 #define USE_DMA_CDROM
39
40 /* Bits of HD_STATUS */
41 #define ERR_STAT 0x01
42 #define INDEX_STAT 0x02
43 #define ECC_STAT 0x04 /* Corrected error */
44 #define DRQ_STAT 0x08
45 #define SEEK_STAT 0x10
46 #define SRV_STAT 0x10
47 #define WRERR_STAT 0x20
48 #define READY_STAT 0x40
49 #define BUSY_STAT 0x80
50
51 /* Bits for HD_ERROR */
52 #define MARK_ERR 0x01 /* Bad address mark */
53 #define TRK0_ERR 0x02 /* couldn't find track 0 */
54 #define ABRT_ERR 0x04 /* Command aborted */
55 #define MCR_ERR 0x08 /* media change request */
56 #define ID_ERR 0x10 /* ID field not found */
57 #define MC_ERR 0x20 /* media changed */
58 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
59 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
60 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
61
62 /* Bits of HD_NSECTOR */
63 #define CD 0x01
64 #define IO 0x02
65 #define REL 0x04
66 #define TAG_MASK 0xf8
67
68 #define IDE_CMD_RESET 0x04
69 #define IDE_CMD_DISABLE_IRQ 0x02
70
71 /* ATA/ATAPI Commands pre T13 Spec */
72 #define WIN_NOP 0x00
73 /*
74 * 0x01->0x02 Reserved
75 */
76 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
77 /*
78 * 0x04->0x07 Reserved
79 */
80 #define WIN_SRST 0x08 /* ATAPI soft reset command */
81 #define WIN_DEVICE_RESET 0x08
82 /*
83 * 0x09->0x0F Reserved
84 */
85 #define WIN_RECAL 0x10
86 #define WIN_RESTORE WIN_RECAL
87 /*
88 * 0x10->0x1F Reserved
89 */
90 #define WIN_READ 0x20 /* 28-Bit */
91 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
92 #define WIN_READ_LONG 0x22 /* 28-Bit */
93 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
94 #define WIN_READ_EXT 0x24 /* 48-Bit */
95 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
96 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
97 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
98 /*
99 * 0x28
100 */
101 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
102 /*
103 * 0x2A->0x2F Reserved
104 */
105 #define WIN_WRITE 0x30 /* 28-Bit */
106 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
107 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
108 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
109 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
110 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
111 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
112 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
113 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
114 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
115 /*
116 * 0x3A->0x3B Reserved
117 */
118 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
119 /*
120 * 0x3D->0x3F Reserved
121 */
122 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
123 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
124 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
125 /*
126 * 0x43->0x4F Reserved
127 */
128 #define WIN_FORMAT 0x50
129 /*
130 * 0x51->0x5F Reserved
131 */
132 #define WIN_INIT 0x60
133 /*
134 * 0x61->0x5F Reserved
135 */
136 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
137 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
138 #define WIN_DIAGNOSE 0x90
139 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
140 #define WIN_DOWNLOAD_MICROCODE 0x92
141 #define WIN_STANDBYNOW2 0x94
142 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
143 #define WIN_STANDBY2 0x96
144 #define WIN_SETIDLE2 0x97
145 #define WIN_CHECKPOWERMODE2 0x98
146 #define WIN_SLEEPNOW2 0x99
147 /*
148 * 0x9A VENDOR
149 */
150 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
151 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
152 #define WIN_QUEUED_SERVICE 0xA2
153 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
154 #define CFA_ACCESS_METADATA_STORAGE 0xB8
155 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
156 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
157 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
158 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
159 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
160 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
161 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
162 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
163 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
164 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
165 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
166 #define WIN_GETMEDIASTATUS 0xDA
167 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
168 #define WIN_POSTBOOT 0xDC
169 #define WIN_PREBOOT 0xDD
170 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
171 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
172 #define WIN_STANDBYNOW1 0xE0
173 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
174 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
175 #define WIN_SETIDLE1 0xE3
176 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
177 #define WIN_CHECKPOWERMODE1 0xE5
178 #define WIN_SLEEPNOW1 0xE6
179 #define WIN_FLUSH_CACHE 0xE7
180 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
181 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
182 /* SET_FEATURES 0x22 or 0xDD */
183 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
184 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
185 #define WIN_MEDIAEJECT 0xED
186 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
187 #define WIN_SETFEATURES 0xEF /* set special drive features */
188 #define EXABYTE_ENABLE_NEST 0xF0
189 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
190 #define WIN_SECURITY_SET_PASS 0xF1
191 #define WIN_SECURITY_UNLOCK 0xF2
192 #define WIN_SECURITY_ERASE_PREPARE 0xF3
193 #define WIN_SECURITY_ERASE_UNIT 0xF4
194 #define WIN_SECURITY_FREEZE_LOCK 0xF5
195 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
196 #define WIN_SECURITY_DISABLE 0xF6
197 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
198 #define WIN_SET_MAX 0xF9
199 #define DISABLE_SEAGATE 0xFB
200
201 /* set to 1 set disable mult support */
202 #define MAX_MULT_SECTORS 16
203
204 /* ATAPI defines */
205
206 #define ATAPI_PACKET_SIZE 12
207
208 /* The generic packet command opcodes for CD/DVD Logical Units,
209 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
210 #define GPCMD_BLANK 0xa1
211 #define GPCMD_CLOSE_TRACK 0x5b
212 #define GPCMD_FLUSH_CACHE 0x35
213 #define GPCMD_FORMAT_UNIT 0x04
214 #define GPCMD_GET_CONFIGURATION 0x46
215 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
216 #define GPCMD_GET_PERFORMANCE 0xac
217 #define GPCMD_INQUIRY 0x12
218 #define GPCMD_LOAD_UNLOAD 0xa6
219 #define GPCMD_MECHANISM_STATUS 0xbd
220 #define GPCMD_MODE_SELECT_10 0x55
221 #define GPCMD_MODE_SENSE_10 0x5a
222 #define GPCMD_PAUSE_RESUME 0x4b
223 #define GPCMD_PLAY_AUDIO_10 0x45
224 #define GPCMD_PLAY_AUDIO_MSF 0x47
225 #define GPCMD_PLAY_AUDIO_TI 0x48
226 #define GPCMD_PLAY_CD 0xbc
227 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
228 #define GPCMD_READ_10 0x28
229 #define GPCMD_READ_12 0xa8
230 #define GPCMD_READ_CDVD_CAPACITY 0x25
231 #define GPCMD_READ_CD 0xbe
232 #define GPCMD_READ_CD_MSF 0xb9
233 #define GPCMD_READ_DISC_INFO 0x51
234 #define GPCMD_READ_DVD_STRUCTURE 0xad
235 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
236 #define GPCMD_READ_HEADER 0x44
237 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
238 #define GPCMD_READ_SUBCHANNEL 0x42
239 #define GPCMD_READ_TOC_PMA_ATIP 0x43
240 #define GPCMD_REPAIR_RZONE_TRACK 0x58
241 #define GPCMD_REPORT_KEY 0xa4
242 #define GPCMD_REQUEST_SENSE 0x03
243 #define GPCMD_RESERVE_RZONE_TRACK 0x53
244 #define GPCMD_SCAN 0xba
245 #define GPCMD_SEEK 0x2b
246 #define GPCMD_SEND_DVD_STRUCTURE 0xad
247 #define GPCMD_SEND_EVENT 0xa2
248 #define GPCMD_SEND_KEY 0xa3
249 #define GPCMD_SEND_OPC 0x54
250 #define GPCMD_SET_READ_AHEAD 0xa7
251 #define GPCMD_SET_STREAMING 0xb6
252 #define GPCMD_START_STOP_UNIT 0x1b
253 #define GPCMD_STOP_PLAY_SCAN 0x4e
254 #define GPCMD_TEST_UNIT_READY 0x00
255 #define GPCMD_VERIFY_10 0x2f
256 #define GPCMD_WRITE_10 0x2a
257 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
258 /* This is listed as optional in ATAPI 2.6, but is (curiously)
259 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
260 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
261 * drives support it. */
262 #define GPCMD_SET_SPEED 0xbb
263 /* This seems to be a SCSI specific CD-ROM opcode
264 * to play data at track/index */
265 #define GPCMD_PLAYAUDIO_TI 0x48
266 /*
267 * From MS Media Status Notification Support Specification. For
268 * older drives only.
269 */
270 #define GPCMD_GET_MEDIA_STATUS 0xda
271 #define GPCMD_MODE_SENSE_6 0x1a
272
273 /* Mode page codes for mode sense/set */
274 #define GPMODE_R_W_ERROR_PAGE 0x01
275 #define GPMODE_WRITE_PARMS_PAGE 0x05
276 #define GPMODE_AUDIO_CTL_PAGE 0x0e
277 #define GPMODE_POWER_PAGE 0x1a
278 #define GPMODE_FAULT_FAIL_PAGE 0x1c
279 #define GPMODE_TO_PROTECT_PAGE 0x1d
280 #define GPMODE_CAPABILITIES_PAGE 0x2a
281 #define GPMODE_ALL_PAGES 0x3f
282 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
283 * of MODE_SENSE_POWER_PAGE */
284 #define GPMODE_CDROM_PAGE 0x0d
285
286 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
287 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
288 #define ATAPI_INT_REASON_REL 0x04
289 #define ATAPI_INT_REASON_TAG 0xf8
290
291 /* same constants as bochs */
292 #define ASC_ILLEGAL_OPCODE 0x20
293 #define ASC_LOGICAL_BLOCK_OOR 0x21
294 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
295 #define ASC_MEDIUM_NOT_PRESENT 0x3a
296 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
297
298 #define CFA_NO_ERROR 0x00
299 #define CFA_MISC_ERROR 0x09
300 #define CFA_INVALID_COMMAND 0x20
301 #define CFA_INVALID_ADDRESS 0x21
302 #define CFA_ADDRESS_OVERFLOW 0x2f
303
304 #define SENSE_NONE 0
305 #define SENSE_NOT_READY 2
306 #define SENSE_ILLEGAL_REQUEST 5
307 #define SENSE_UNIT_ATTENTION 6
308
309 struct IDEState;
310
311 typedef void EndTransferFunc(struct IDEState *);
312
313 /* NOTE: IDEState represents in fact one drive */
314 typedef struct IDEState {
315 /* ide config */
316 int is_cdrom;
317 int is_cf;
318 int cylinders, heads, sectors;
319 int64_t nb_sectors;
320 int mult_sectors;
321 int identify_set;
322 uint16_t identify_data[256];
323 qemu_irq irq;
324 PCIDevice *pci_dev;
325 struct BMDMAState *bmdma;
326 int drive_serial;
327 /* ide regs */
328 uint8_t feature;
329 uint8_t error;
330 uint32_t nsector;
331 uint8_t sector;
332 uint8_t lcyl;
333 uint8_t hcyl;
334 /* other part of tf for lba48 support */
335 uint8_t hob_feature;
336 uint8_t hob_nsector;
337 uint8_t hob_sector;
338 uint8_t hob_lcyl;
339 uint8_t hob_hcyl;
340
341 uint8_t select;
342 uint8_t status;
343
344 /* 0x3f6 command, only meaningful for drive 0 */
345 uint8_t cmd;
346 /* set for lba48 access */
347 uint8_t lba48;
348 /* depends on bit 4 in select, only meaningful for drive 0 */
349 struct IDEState *cur_drive;
350 BlockDriverState *bs;
351 /* ATAPI specific */
352 uint8_t sense_key;
353 uint8_t asc;
354 int packet_transfer_size;
355 int elementary_transfer_size;
356 int io_buffer_index;
357 int lba;
358 int cd_sector_size;
359 int atapi_dma; /* true if dma is requested for the packet cmd */
360 /* ATA DMA state */
361 int io_buffer_size;
362 /* PIO transfer handling */
363 int req_nb_sectors; /* number of sectors per interrupt */
364 EndTransferFunc *end_transfer_func;
365 uint8_t *data_ptr;
366 uint8_t *data_end;
367 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
368 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
369 uint32_t irq_count; /* counts IRQs when using win2k install hack */
370 /* CF-ATA extended error */
371 uint8_t ext_error;
372 /* CF-ATA metadata storage */
373 uint32_t mdata_size;
374 uint8_t *mdata_storage;
375 int media_changed;
376 } IDEState;
377
378 #define BM_STATUS_DMAING 0x01
379 #define BM_STATUS_ERROR 0x02
380 #define BM_STATUS_INT 0x04
381
382 #define BM_CMD_START 0x01
383 #define BM_CMD_READ 0x08
384
385 #define IDE_TYPE_PIIX3 0
386 #define IDE_TYPE_CMD646 1
387 #define IDE_TYPE_PIIX4 2
388
389 /* CMD646 specific */
390 #define MRDMODE 0x71
391 #define MRDMODE_INTR_CH0 0x04
392 #define MRDMODE_INTR_CH1 0x08
393 #define MRDMODE_BLK_CH0 0x10
394 #define MRDMODE_BLK_CH1 0x20
395 #define UDIDETCR0 0x73
396 #define UDIDETCR1 0x7B
397
398 typedef struct BMDMAState {
399 uint8_t cmd;
400 uint8_t status;
401 uint32_t addr;
402
403 struct PCIIDEState *pci_dev;
404 /* current transfer state */
405 uint32_t cur_addr;
406 uint32_t cur_prd_last;
407 uint32_t cur_prd_addr;
408 uint32_t cur_prd_len;
409 IDEState *ide_if;
410 BlockDriverCompletionFunc *dma_cb;
411 BlockDriverAIOCB *aiocb;
412 } BMDMAState;
413
414 typedef struct PCIIDEState {
415 PCIDevice dev;
416 IDEState ide_if[4];
417 BMDMAState bmdma[2];
418 int type; /* see IDE_TYPE_xxx */
419 } PCIIDEState;
420
421 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
422 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
423
424 static void padstr(char *str, const char *src, int len)
425 {
426 int i, v;
427 for(i = 0; i < len; i++) {
428 if (*src)
429 v = *src++;
430 else
431 v = ' ';
432 *(char *)((long)str ^ 1) = v;
433 str++;
434 }
435 }
436
437 static void padstr8(uint8_t *buf, int buf_size, const char *src)
438 {
439 int i;
440 for(i = 0; i < buf_size; i++) {
441 if (*src)
442 buf[i] = *src++;
443 else
444 buf[i] = ' ';
445 }
446 }
447
448 static void put_le16(uint16_t *p, unsigned int v)
449 {
450 *p = cpu_to_le16(v);
451 }
452
453 static void ide_identify(IDEState *s)
454 {
455 uint16_t *p;
456 unsigned int oldsize;
457 char buf[20];
458
459 if (s->identify_set) {
460 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
461 return;
462 }
463
464 memset(s->io_buffer, 0, 512);
465 p = (uint16_t *)s->io_buffer;
466 put_le16(p + 0, 0x0040);
467 put_le16(p + 1, s->cylinders);
468 put_le16(p + 3, s->heads);
469 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
470 put_le16(p + 5, 512); /* XXX: retired, remove ? */
471 put_le16(p + 6, s->sectors);
472 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
473 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
474 put_le16(p + 20, 3); /* XXX: retired, remove ? */
475 put_le16(p + 21, 512); /* cache size in sectors */
476 put_le16(p + 22, 4); /* ecc bytes */
477 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
478 padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
479 #if MAX_MULT_SECTORS > 1
480 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
481 #endif
482 put_le16(p + 48, 1); /* dword I/O */
483 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
484 put_le16(p + 51, 0x200); /* PIO transfer cycle */
485 put_le16(p + 52, 0x200); /* DMA transfer cycle */
486 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
487 put_le16(p + 54, s->cylinders);
488 put_le16(p + 55, s->heads);
489 put_le16(p + 56, s->sectors);
490 oldsize = s->cylinders * s->heads * s->sectors;
491 put_le16(p + 57, oldsize);
492 put_le16(p + 58, oldsize >> 16);
493 if (s->mult_sectors)
494 put_le16(p + 59, 0x100 | s->mult_sectors);
495 put_le16(p + 60, s->nb_sectors);
496 put_le16(p + 61, s->nb_sectors >> 16);
497 put_le16(p + 63, 0x07); /* mdma0-2 supported */
498 put_le16(p + 65, 120);
499 put_le16(p + 66, 120);
500 put_le16(p + 67, 120);
501 put_le16(p + 68, 120);
502 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
503 put_le16(p + 81, 0x16); /* conforms to ata5 */
504 put_le16(p + 82, (1 << 14));
505 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
506 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
507 put_le16(p + 84, (1 << 14));
508 put_le16(p + 85, (1 << 14));
509 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
510 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
511 put_le16(p + 87, (1 << 14));
512 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
513 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
514 put_le16(p + 100, s->nb_sectors);
515 put_le16(p + 101, s->nb_sectors >> 16);
516 put_le16(p + 102, s->nb_sectors >> 32);
517 put_le16(p + 103, s->nb_sectors >> 48);
518
519 memcpy(s->identify_data, p, sizeof(s->identify_data));
520 s->identify_set = 1;
521 }
522
523 static void ide_atapi_identify(IDEState *s)
524 {
525 uint16_t *p;
526 char buf[20];
527
528 if (s->identify_set) {
529 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
530 return;
531 }
532
533 memset(s->io_buffer, 0, 512);
534 p = (uint16_t *)s->io_buffer;
535 /* Removable CDROM, 50us response, 12 byte packets */
536 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
537 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
538 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
539 put_le16(p + 20, 3); /* buffer type */
540 put_le16(p + 21, 512); /* cache size in sectors */
541 put_le16(p + 22, 4); /* ecc bytes */
542 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
543 padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
544 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
545 #ifdef USE_DMA_CDROM
546 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
547 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
548 put_le16(p + 63, 7); /* mdma0-2 supported */
549 put_le16(p + 64, 0x3f); /* PIO modes supported */
550 #else
551 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
552 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
553 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
554 put_le16(p + 64, 1); /* PIO modes */
555 #endif
556 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
557 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
558 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
559 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
560
561 put_le16(p + 71, 30); /* in ns */
562 put_le16(p + 72, 30); /* in ns */
563
564 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
565 #ifdef USE_DMA_CDROM
566 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
567 #endif
568 memcpy(s->identify_data, p, sizeof(s->identify_data));
569 s->identify_set = 1;
570 }
571
572 static void ide_cfata_identify(IDEState *s)
573 {
574 uint16_t *p;
575 uint32_t cur_sec;
576 char buf[20];
577
578 p = (uint16_t *) s->identify_data;
579 if (s->identify_set)
580 goto fill_buffer;
581
582 memset(p, 0, sizeof(s->identify_data));
583
584 cur_sec = s->cylinders * s->heads * s->sectors;
585
586 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
587 put_le16(p + 1, s->cylinders); /* Default cylinders */
588 put_le16(p + 3, s->heads); /* Default heads */
589 put_le16(p + 6, s->sectors); /* Default sectors per track */
590 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
591 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
592 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
593 padstr((uint8_t *)(p + 10), buf, 20); /* Serial number in ASCII */
594 put_le16(p + 22, 0x0004); /* ECC bytes */
595 padstr((uint8_t *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
596 padstr((uint8_t *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
597 #if MAX_MULT_SECTORS > 1
598 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
599 #else
600 put_le16(p + 47, 0x0000);
601 #endif
602 put_le16(p + 49, 0x0f00); /* Capabilities */
603 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
604 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
605 put_le16(p + 53, 0x0003); /* Translation params valid */
606 put_le16(p + 54, s->cylinders); /* Current cylinders */
607 put_le16(p + 55, s->heads); /* Current heads */
608 put_le16(p + 56, s->sectors); /* Current sectors */
609 put_le16(p + 57, cur_sec); /* Current capacity */
610 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
611 if (s->mult_sectors) /* Multiple sector setting */
612 put_le16(p + 59, 0x100 | s->mult_sectors);
613 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
614 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
615 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
616 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
617 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
618 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
619 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
620 put_le16(p + 82, 0x400c); /* Command Set supported */
621 put_le16(p + 83, 0x7068); /* Command Set supported */
622 put_le16(p + 84, 0x4000); /* Features supported */
623 put_le16(p + 85, 0x000c); /* Command Set enabled */
624 put_le16(p + 86, 0x7044); /* Command Set enabled */
625 put_le16(p + 87, 0x4000); /* Features enabled */
626 put_le16(p + 91, 0x4060); /* Current APM level */
627 put_le16(p + 129, 0x0002); /* Current features option */
628 put_le16(p + 130, 0x0005); /* Reassigned sectors */
629 put_le16(p + 131, 0x0001); /* Initial power mode */
630 put_le16(p + 132, 0x0000); /* User signature */
631 put_le16(p + 160, 0x8100); /* Power requirement */
632 put_le16(p + 161, 0x8001); /* CF command set */
633
634 s->identify_set = 1;
635
636 fill_buffer:
637 memcpy(s->io_buffer, p, sizeof(s->identify_data));
638 }
639
640 static void ide_set_signature(IDEState *s)
641 {
642 s->select &= 0xf0; /* clear head */
643 /* put signature */
644 s->nsector = 1;
645 s->sector = 1;
646 if (s->is_cdrom) {
647 s->lcyl = 0x14;
648 s->hcyl = 0xeb;
649 } else if (s->bs) {
650 s->lcyl = 0;
651 s->hcyl = 0;
652 } else {
653 s->lcyl = 0xff;
654 s->hcyl = 0xff;
655 }
656 }
657
658 static inline void ide_abort_command(IDEState *s)
659 {
660 s->status = READY_STAT | ERR_STAT;
661 s->error = ABRT_ERR;
662 }
663
664 static inline void ide_set_irq(IDEState *s)
665 {
666 BMDMAState *bm = s->bmdma;
667 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
668 if (bm) {
669 bm->status |= BM_STATUS_INT;
670 }
671 qemu_irq_raise(s->irq);
672 }
673 }
674
675 /* prepare data transfer and tell what to do after */
676 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
677 EndTransferFunc *end_transfer_func)
678 {
679 s->end_transfer_func = end_transfer_func;
680 s->data_ptr = buf;
681 s->data_end = buf + size;
682 if (!(s->status & ERR_STAT))
683 s->status |= DRQ_STAT;
684 }
685
686 static void ide_transfer_stop(IDEState *s)
687 {
688 s->end_transfer_func = ide_transfer_stop;
689 s->data_ptr = s->io_buffer;
690 s->data_end = s->io_buffer;
691 s->status &= ~DRQ_STAT;
692 }
693
694 static int64_t ide_get_sector(IDEState *s)
695 {
696 int64_t sector_num;
697 if (s->select & 0x40) {
698 /* lba */
699 if (!s->lba48) {
700 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
701 (s->lcyl << 8) | s->sector;
702 } else {
703 sector_num = ((int64_t)s->hob_hcyl << 40) |
704 ((int64_t) s->hob_lcyl << 32) |
705 ((int64_t) s->hob_sector << 24) |
706 ((int64_t) s->hcyl << 16) |
707 ((int64_t) s->lcyl << 8) | s->sector;
708 }
709 } else {
710 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
711 (s->select & 0x0f) * s->sectors + (s->sector - 1);
712 }
713 return sector_num;
714 }
715
716 static void ide_set_sector(IDEState *s, int64_t sector_num)
717 {
718 unsigned int cyl, r;
719 if (s->select & 0x40) {
720 if (!s->lba48) {
721 s->select = (s->select & 0xf0) | (sector_num >> 24);
722 s->hcyl = (sector_num >> 16);
723 s->lcyl = (sector_num >> 8);
724 s->sector = (sector_num);
725 } else {
726 s->sector = sector_num;
727 s->lcyl = sector_num >> 8;
728 s->hcyl = sector_num >> 16;
729 s->hob_sector = sector_num >> 24;
730 s->hob_lcyl = sector_num >> 32;
731 s->hob_hcyl = sector_num >> 40;
732 }
733 } else {
734 cyl = sector_num / (s->heads * s->sectors);
735 r = sector_num % (s->heads * s->sectors);
736 s->hcyl = cyl >> 8;
737 s->lcyl = cyl;
738 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
739 s->sector = (r % s->sectors) + 1;
740 }
741 }
742
743 static void ide_sector_read(IDEState *s)
744 {
745 int64_t sector_num;
746 int ret, n;
747
748 s->status = READY_STAT | SEEK_STAT;
749 s->error = 0; /* not needed by IDE spec, but needed by Windows */
750 sector_num = ide_get_sector(s);
751 n = s->nsector;
752 if (n == 0) {
753 /* no more sector to read from disk */
754 ide_transfer_stop(s);
755 } else {
756 #if defined(DEBUG_IDE)
757 printf("read sector=%Ld\n", sector_num);
758 #endif
759 if (n > s->req_nb_sectors)
760 n = s->req_nb_sectors;
761 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
762 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
763 ide_set_irq(s);
764 ide_set_sector(s, sector_num + n);
765 s->nsector -= n;
766 }
767 }
768
769 /* return 0 if buffer completed */
770 static int dma_buf_rw(BMDMAState *bm, int is_write)
771 {
772 IDEState *s = bm->ide_if;
773 struct {
774 uint32_t addr;
775 uint32_t size;
776 } prd;
777 int l, len;
778
779 for(;;) {
780 l = s->io_buffer_size - s->io_buffer_index;
781 if (l <= 0)
782 break;
783 if (bm->cur_prd_len == 0) {
784 /* end of table (with a fail safe of one page) */
785 if (bm->cur_prd_last ||
786 (bm->cur_addr - bm->addr) >= 4096)
787 return 0;
788 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
789 bm->cur_addr += 8;
790 prd.addr = le32_to_cpu(prd.addr);
791 prd.size = le32_to_cpu(prd.size);
792 len = prd.size & 0xfffe;
793 if (len == 0)
794 len = 0x10000;
795 bm->cur_prd_len = len;
796 bm->cur_prd_addr = prd.addr;
797 bm->cur_prd_last = (prd.size & 0x80000000);
798 }
799 if (l > bm->cur_prd_len)
800 l = bm->cur_prd_len;
801 if (l > 0) {
802 if (is_write) {
803 cpu_physical_memory_write(bm->cur_prd_addr,
804 s->io_buffer + s->io_buffer_index, l);
805 } else {
806 cpu_physical_memory_read(bm->cur_prd_addr,
807 s->io_buffer + s->io_buffer_index, l);
808 }
809 bm->cur_prd_addr += l;
810 bm->cur_prd_len -= l;
811 s->io_buffer_index += l;
812 }
813 }
814 return 1;
815 }
816
817 /* XXX: handle errors */
818 static void ide_read_dma_cb(void *opaque, int ret)
819 {
820 BMDMAState *bm = opaque;
821 IDEState *s = bm->ide_if;
822 int n;
823 int64_t sector_num;
824
825 n = s->io_buffer_size >> 9;
826 sector_num = ide_get_sector(s);
827 if (n > 0) {
828 sector_num += n;
829 ide_set_sector(s, sector_num);
830 s->nsector -= n;
831 if (dma_buf_rw(bm, 1) == 0)
832 goto eot;
833 }
834
835 /* end of transfer ? */
836 if (s->nsector == 0) {
837 s->status = READY_STAT | SEEK_STAT;
838 ide_set_irq(s);
839 eot:
840 bm->status &= ~BM_STATUS_DMAING;
841 bm->status |= BM_STATUS_INT;
842 bm->dma_cb = NULL;
843 bm->ide_if = NULL;
844 bm->aiocb = NULL;
845 return;
846 }
847
848 /* launch next transfer */
849 n = s->nsector;
850 if (n > MAX_MULT_SECTORS)
851 n = MAX_MULT_SECTORS;
852 s->io_buffer_index = 0;
853 s->io_buffer_size = n * 512;
854 #ifdef DEBUG_AIO
855 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
856 #endif
857 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
858 ide_read_dma_cb, bm);
859 }
860
861 static void ide_sector_read_dma(IDEState *s)
862 {
863 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
864 s->io_buffer_index = 0;
865 s->io_buffer_size = 0;
866 ide_dma_start(s, ide_read_dma_cb);
867 }
868
869 static void ide_sector_write_timer_cb(void *opaque)
870 {
871 IDEState *s = opaque;
872 ide_set_irq(s);
873 }
874
875 static void ide_sector_write(IDEState *s)
876 {
877 int64_t sector_num;
878 int ret, n, n1;
879
880 s->status = READY_STAT | SEEK_STAT;
881 sector_num = ide_get_sector(s);
882 #if defined(DEBUG_IDE)
883 printf("write sector=%Ld\n", sector_num);
884 #endif
885 n = s->nsector;
886 if (n > s->req_nb_sectors)
887 n = s->req_nb_sectors;
888 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
889 s->nsector -= n;
890 if (s->nsector == 0) {
891 /* no more sectors to write */
892 ide_transfer_stop(s);
893 } else {
894 n1 = s->nsector;
895 if (n1 > s->req_nb_sectors)
896 n1 = s->req_nb_sectors;
897 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
898 }
899 ide_set_sector(s, sector_num + n);
900
901 #ifdef TARGET_I386
902 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
903 /* It seems there is a bug in the Windows 2000 installer HDD
904 IDE driver which fills the disk with empty logs when the
905 IDE write IRQ comes too early. This hack tries to correct
906 that at the expense of slower write performances. Use this
907 option _only_ to install Windows 2000. You must disable it
908 for normal use. */
909 qemu_mod_timer(s->sector_write_timer,
910 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
911 } else
912 #endif
913 {
914 ide_set_irq(s);
915 }
916 }
917
918 /* XXX: handle errors */
919 static void ide_write_dma_cb(void *opaque, int ret)
920 {
921 BMDMAState *bm = opaque;
922 IDEState *s = bm->ide_if;
923 int n;
924 int64_t sector_num;
925
926 n = s->io_buffer_size >> 9;
927 sector_num = ide_get_sector(s);
928 if (n > 0) {
929 sector_num += n;
930 ide_set_sector(s, sector_num);
931 s->nsector -= n;
932 }
933
934 /* end of transfer ? */
935 if (s->nsector == 0) {
936 s->status = READY_STAT | SEEK_STAT;
937 ide_set_irq(s);
938 eot:
939 bm->status &= ~BM_STATUS_DMAING;
940 bm->status |= BM_STATUS_INT;
941 bm->dma_cb = NULL;
942 bm->ide_if = NULL;
943 bm->aiocb = NULL;
944 return;
945 }
946
947 /* launch next transfer */
948 n = s->nsector;
949 if (n > MAX_MULT_SECTORS)
950 n = MAX_MULT_SECTORS;
951 s->io_buffer_index = 0;
952 s->io_buffer_size = n * 512;
953
954 if (dma_buf_rw(bm, 0) == 0)
955 goto eot;
956 #ifdef DEBUG_AIO
957 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
958 #endif
959 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
960 ide_write_dma_cb, bm);
961 }
962
963 static void ide_sector_write_dma(IDEState *s)
964 {
965 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
966 s->io_buffer_index = 0;
967 s->io_buffer_size = 0;
968 ide_dma_start(s, ide_write_dma_cb);
969 }
970
971 static void ide_atapi_cmd_ok(IDEState *s)
972 {
973 s->error = 0;
974 s->status = READY_STAT;
975 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
976 ide_set_irq(s);
977 }
978
979 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
980 {
981 #ifdef DEBUG_IDE_ATAPI
982 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
983 #endif
984 s->error = sense_key << 4;
985 s->status = READY_STAT | ERR_STAT;
986 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
987 s->sense_key = sense_key;
988 s->asc = asc;
989 ide_set_irq(s);
990 }
991
992 static inline void cpu_to_ube16(uint8_t *buf, int val)
993 {
994 buf[0] = val >> 8;
995 buf[1] = val;
996 }
997
998 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
999 {
1000 buf[0] = val >> 24;
1001 buf[1] = val >> 16;
1002 buf[2] = val >> 8;
1003 buf[3] = val;
1004 }
1005
1006 static inline int ube16_to_cpu(const uint8_t *buf)
1007 {
1008 return (buf[0] << 8) | buf[1];
1009 }
1010
1011 static inline int ube32_to_cpu(const uint8_t *buf)
1012 {
1013 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1014 }
1015
1016 static void lba_to_msf(uint8_t *buf, int lba)
1017 {
1018 lba += 150;
1019 buf[0] = (lba / 75) / 60;
1020 buf[1] = (lba / 75) % 60;
1021 buf[2] = lba % 75;
1022 }
1023
1024 static void cd_data_to_raw(uint8_t *buf, int lba)
1025 {
1026 /* sync bytes */
1027 buf[0] = 0x00;
1028 memset(buf + 1, 0xff, 10);
1029 buf[11] = 0x00;
1030 buf += 12;
1031 /* MSF */
1032 lba_to_msf(buf, lba);
1033 buf[3] = 0x01; /* mode 1 data */
1034 buf += 4;
1035 /* data */
1036 buf += 2048;
1037 /* XXX: ECC not computed */
1038 memset(buf, 0, 288);
1039 }
1040
1041 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
1042 int sector_size)
1043 {
1044 int ret;
1045
1046 switch(sector_size) {
1047 case 2048:
1048 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1049 break;
1050 case 2352:
1051 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1052 if (ret < 0)
1053 return ret;
1054 cd_data_to_raw(buf, lba);
1055 break;
1056 default:
1057 ret = -EIO;
1058 break;
1059 }
1060 return ret;
1061 }
1062
1063 static void ide_atapi_io_error(IDEState *s, int ret)
1064 {
1065 /* XXX: handle more errors */
1066 if (ret == -ENOMEDIUM) {
1067 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1068 ASC_MEDIUM_NOT_PRESENT);
1069 } else {
1070 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1071 ASC_LOGICAL_BLOCK_OOR);
1072 }
1073 }
1074
1075 /* The whole ATAPI transfer logic is handled in this function */
1076 static void ide_atapi_cmd_reply_end(IDEState *s)
1077 {
1078 int byte_count_limit, size, ret;
1079 #ifdef DEBUG_IDE_ATAPI
1080 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1081 s->packet_transfer_size,
1082 s->elementary_transfer_size,
1083 s->io_buffer_index);
1084 #endif
1085 if (s->packet_transfer_size <= 0) {
1086 /* end of transfer */
1087 ide_transfer_stop(s);
1088 s->status = READY_STAT;
1089 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1090 ide_set_irq(s);
1091 #ifdef DEBUG_IDE_ATAPI
1092 printf("status=0x%x\n", s->status);
1093 #endif
1094 } else {
1095 /* see if a new sector must be read */
1096 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1097 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1098 if (ret < 0) {
1099 ide_transfer_stop(s);
1100 ide_atapi_io_error(s, ret);
1101 return;
1102 }
1103 s->lba++;
1104 s->io_buffer_index = 0;
1105 }
1106 if (s->elementary_transfer_size > 0) {
1107 /* there are some data left to transmit in this elementary
1108 transfer */
1109 size = s->cd_sector_size - s->io_buffer_index;
1110 if (size > s->elementary_transfer_size)
1111 size = s->elementary_transfer_size;
1112 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1113 size, ide_atapi_cmd_reply_end);
1114 s->packet_transfer_size -= size;
1115 s->elementary_transfer_size -= size;
1116 s->io_buffer_index += size;
1117 } else {
1118 /* a new transfer is needed */
1119 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1120 byte_count_limit = s->lcyl | (s->hcyl << 8);
1121 #ifdef DEBUG_IDE_ATAPI
1122 printf("byte_count_limit=%d\n", byte_count_limit);
1123 #endif
1124 if (byte_count_limit == 0xffff)
1125 byte_count_limit--;
1126 size = s->packet_transfer_size;
1127 if (size > byte_count_limit) {
1128 /* byte count limit must be even if this case */
1129 if (byte_count_limit & 1)
1130 byte_count_limit--;
1131 size = byte_count_limit;
1132 }
1133 s->lcyl = size;
1134 s->hcyl = size >> 8;
1135 s->elementary_transfer_size = size;
1136 /* we cannot transmit more than one sector at a time */
1137 if (s->lba != -1) {
1138 if (size > (s->cd_sector_size - s->io_buffer_index))
1139 size = (s->cd_sector_size - s->io_buffer_index);
1140 }
1141 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1142 size, ide_atapi_cmd_reply_end);
1143 s->packet_transfer_size -= size;
1144 s->elementary_transfer_size -= size;
1145 s->io_buffer_index += size;
1146 ide_set_irq(s);
1147 #ifdef DEBUG_IDE_ATAPI
1148 printf("status=0x%x\n", s->status);
1149 #endif
1150 }
1151 }
1152 }
1153
1154 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1155 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1156 {
1157 if (size > max_size)
1158 size = max_size;
1159 s->lba = -1; /* no sector read */
1160 s->packet_transfer_size = size;
1161 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1162 s->elementary_transfer_size = 0;
1163 s->io_buffer_index = 0;
1164
1165 if (s->atapi_dma) {
1166 s->status = READY_STAT | DRQ_STAT;
1167 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1168 } else {
1169 s->status = READY_STAT;
1170 ide_atapi_cmd_reply_end(s);
1171 }
1172 }
1173
1174 /* start a CD-CDROM read command */
1175 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1176 int sector_size)
1177 {
1178 s->lba = lba;
1179 s->packet_transfer_size = nb_sectors * sector_size;
1180 s->elementary_transfer_size = 0;
1181 s->io_buffer_index = sector_size;
1182 s->cd_sector_size = sector_size;
1183
1184 s->status = READY_STAT;
1185 ide_atapi_cmd_reply_end(s);
1186 }
1187
1188 /* ATAPI DMA support */
1189
1190 /* XXX: handle read errors */
1191 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1192 {
1193 BMDMAState *bm = opaque;
1194 IDEState *s = bm->ide_if;
1195 int data_offset, n;
1196
1197 if (ret < 0) {
1198 ide_atapi_io_error(s, ret);
1199 goto eot;
1200 }
1201
1202 if (s->io_buffer_size > 0) {
1203 /*
1204 * For a cdrom read sector command (s->lba != -1),
1205 * adjust the lba for the next s->io_buffer_size chunk
1206 * and dma the current chunk.
1207 * For a command != read (s->lba == -1), just transfer
1208 * the reply data.
1209 */
1210 if (s->lba != -1) {
1211 if (s->cd_sector_size == 2352) {
1212 n = 1;
1213 cd_data_to_raw(s->io_buffer, s->lba);
1214 } else {
1215 n = s->io_buffer_size >> 11;
1216 }
1217 s->lba += n;
1218 }
1219 s->packet_transfer_size -= s->io_buffer_size;
1220 if (dma_buf_rw(bm, 1) == 0)
1221 goto eot;
1222 }
1223
1224 if (s->packet_transfer_size <= 0) {
1225 s->status = READY_STAT;
1226 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1227 ide_set_irq(s);
1228 eot:
1229 bm->status &= ~BM_STATUS_DMAING;
1230 bm->status |= BM_STATUS_INT;
1231 bm->dma_cb = NULL;
1232 bm->ide_if = NULL;
1233 bm->aiocb = NULL;
1234 return;
1235 }
1236
1237 s->io_buffer_index = 0;
1238 if (s->cd_sector_size == 2352) {
1239 n = 1;
1240 s->io_buffer_size = s->cd_sector_size;
1241 data_offset = 16;
1242 } else {
1243 n = s->packet_transfer_size >> 11;
1244 if (n > (MAX_MULT_SECTORS / 4))
1245 n = (MAX_MULT_SECTORS / 4);
1246 s->io_buffer_size = n * 2048;
1247 data_offset = 0;
1248 }
1249 #ifdef DEBUG_AIO
1250 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1251 #endif
1252 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1253 s->io_buffer + data_offset, n * 4,
1254 ide_atapi_cmd_read_dma_cb, bm);
1255 if (!bm->aiocb) {
1256 /* Note: media not present is the most likely case */
1257 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1258 ASC_MEDIUM_NOT_PRESENT);
1259 goto eot;
1260 }
1261 }
1262
1263 /* start a CD-CDROM read command with DMA */
1264 /* XXX: test if DMA is available */
1265 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1266 int sector_size)
1267 {
1268 s->lba = lba;
1269 s->packet_transfer_size = nb_sectors * sector_size;
1270 s->io_buffer_index = 0;
1271 s->io_buffer_size = 0;
1272 s->cd_sector_size = sector_size;
1273
1274 /* XXX: check if BUSY_STAT should be set */
1275 s->status = READY_STAT | DRQ_STAT | BUSY_STAT;
1276 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1277 }
1278
1279 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1280 int sector_size)
1281 {
1282 #ifdef DEBUG_IDE_ATAPI
1283 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1284 lba, nb_sectors);
1285 #endif
1286 if (s->atapi_dma) {
1287 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1288 } else {
1289 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1290 }
1291 }
1292
1293 static void ide_atapi_cmd(IDEState *s)
1294 {
1295 const uint8_t *packet;
1296 uint8_t *buf;
1297 int max_len;
1298
1299 packet = s->io_buffer;
1300 buf = s->io_buffer;
1301 #ifdef DEBUG_IDE_ATAPI
1302 {
1303 int i;
1304 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1305 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1306 printf(" %02x", packet[i]);
1307 }
1308 printf("\n");
1309 }
1310 #endif
1311 switch(s->io_buffer[0]) {
1312 case GPCMD_TEST_UNIT_READY:
1313 if (bdrv_is_inserted(s->bs)) {
1314 ide_atapi_cmd_ok(s);
1315 } else {
1316 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1317 ASC_MEDIUM_NOT_PRESENT);
1318 }
1319 break;
1320 case GPCMD_MODE_SENSE_6:
1321 case GPCMD_MODE_SENSE_10:
1322 {
1323 int action, code;
1324 if (packet[0] == GPCMD_MODE_SENSE_10)
1325 max_len = ube16_to_cpu(packet + 7);
1326 else
1327 max_len = packet[4];
1328 action = packet[2] >> 6;
1329 code = packet[2] & 0x3f;
1330 switch(action) {
1331 case 0: /* current values */
1332 switch(code) {
1333 case 0x01: /* error recovery */
1334 cpu_to_ube16(&buf[0], 16 + 6);
1335 buf[2] = 0x70;
1336 buf[3] = 0;
1337 buf[4] = 0;
1338 buf[5] = 0;
1339 buf[6] = 0;
1340 buf[7] = 0;
1341
1342 buf[8] = 0x01;
1343 buf[9] = 0x06;
1344 buf[10] = 0x00;
1345 buf[11] = 0x05;
1346 buf[12] = 0x00;
1347 buf[13] = 0x00;
1348 buf[14] = 0x00;
1349 buf[15] = 0x00;
1350 ide_atapi_cmd_reply(s, 16, max_len);
1351 break;
1352 case 0x2a:
1353 cpu_to_ube16(&buf[0], 28 + 6);
1354 buf[2] = 0x70;
1355 buf[3] = 0;
1356 buf[4] = 0;
1357 buf[5] = 0;
1358 buf[6] = 0;
1359 buf[7] = 0;
1360
1361 buf[8] = 0x2a;
1362 buf[9] = 0x12;
1363 buf[10] = 0x08;
1364 buf[11] = 0x00;
1365
1366 buf[12] = 0x70;
1367 buf[13] = 3 << 5;
1368 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1369 if (bdrv_is_locked(s->bs))
1370 buf[6] |= 1 << 1;
1371 buf[15] = 0x00;
1372 cpu_to_ube16(&buf[16], 706);
1373 buf[18] = 0;
1374 buf[19] = 2;
1375 cpu_to_ube16(&buf[20], 512);
1376 cpu_to_ube16(&buf[22], 706);
1377 buf[24] = 0;
1378 buf[25] = 0;
1379 buf[26] = 0;
1380 buf[27] = 0;
1381 ide_atapi_cmd_reply(s, 28, max_len);
1382 break;
1383 default:
1384 goto error_cmd;
1385 }
1386 break;
1387 case 1: /* changeable values */
1388 goto error_cmd;
1389 case 2: /* default values */
1390 goto error_cmd;
1391 default:
1392 case 3: /* saved values */
1393 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1394 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1395 break;
1396 }
1397 }
1398 break;
1399 case GPCMD_REQUEST_SENSE:
1400 max_len = packet[4];
1401 memset(buf, 0, 18);
1402 buf[0] = 0x70 | (1 << 7);
1403 buf[2] = s->sense_key;
1404 buf[7] = 10;
1405 buf[12] = s->asc;
1406 ide_atapi_cmd_reply(s, 18, max_len);
1407 break;
1408 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1409 if (bdrv_is_inserted(s->bs)) {
1410 bdrv_set_locked(s->bs, packet[4] & 1);
1411 ide_atapi_cmd_ok(s);
1412 } else {
1413 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1414 ASC_MEDIUM_NOT_PRESENT);
1415 }
1416 break;
1417 case GPCMD_READ_10:
1418 case GPCMD_READ_12:
1419 {
1420 int nb_sectors, lba;
1421
1422 if (packet[0] == GPCMD_READ_10)
1423 nb_sectors = ube16_to_cpu(packet + 7);
1424 else
1425 nb_sectors = ube32_to_cpu(packet + 6);
1426 lba = ube32_to_cpu(packet + 2);
1427 if (nb_sectors == 0) {
1428 ide_atapi_cmd_ok(s);
1429 break;
1430 }
1431 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1432 }
1433 break;
1434 case GPCMD_READ_CD:
1435 {
1436 int nb_sectors, lba, transfer_request;
1437
1438 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1439 lba = ube32_to_cpu(packet + 2);
1440 if (nb_sectors == 0) {
1441 ide_atapi_cmd_ok(s);
1442 break;
1443 }
1444 transfer_request = packet[9];
1445 switch(transfer_request & 0xf8) {
1446 case 0x00:
1447 /* nothing */
1448 ide_atapi_cmd_ok(s);
1449 break;
1450 case 0x10:
1451 /* normal read */
1452 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1453 break;
1454 case 0xf8:
1455 /* read all data */
1456 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1457 break;
1458 default:
1459 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1460 ASC_INV_FIELD_IN_CMD_PACKET);
1461 break;
1462 }
1463 }
1464 break;
1465 case GPCMD_SEEK:
1466 {
1467 int lba;
1468 int64_t total_sectors;
1469
1470 bdrv_get_geometry(s->bs, &total_sectors);
1471 total_sectors >>= 2;
1472 if (total_sectors <= 0) {
1473 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1474 ASC_MEDIUM_NOT_PRESENT);
1475 break;
1476 }
1477 lba = ube32_to_cpu(packet + 2);
1478 if (lba >= total_sectors) {
1479 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1480 ASC_LOGICAL_BLOCK_OOR);
1481 break;
1482 }
1483 ide_atapi_cmd_ok(s);
1484 }
1485 break;
1486 case GPCMD_START_STOP_UNIT:
1487 {
1488 int start, eject;
1489 start = packet[4] & 1;
1490 eject = (packet[4] >> 1) & 1;
1491
1492 if (eject && !start) {
1493 /* eject the disk */
1494 bdrv_eject(s->bs, 1);
1495 } else if (eject && start) {
1496 /* close the tray */
1497 bdrv_eject(s->bs, 0);
1498 }
1499 ide_atapi_cmd_ok(s);
1500 }
1501 break;
1502 case GPCMD_MECHANISM_STATUS:
1503 {
1504 max_len = ube16_to_cpu(packet + 8);
1505 cpu_to_ube16(buf, 0);
1506 /* no current LBA */
1507 buf[2] = 0;
1508 buf[3] = 0;
1509 buf[4] = 0;
1510 buf[5] = 1;
1511 cpu_to_ube16(buf + 6, 0);
1512 ide_atapi_cmd_reply(s, 8, max_len);
1513 }
1514 break;
1515 case GPCMD_READ_TOC_PMA_ATIP:
1516 {
1517 int format, msf, start_track, len;
1518 int64_t total_sectors;
1519
1520 bdrv_get_geometry(s->bs, &total_sectors);
1521 total_sectors >>= 2;
1522 if (total_sectors <= 0) {
1523 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1524 ASC_MEDIUM_NOT_PRESENT);
1525 break;
1526 }
1527 max_len = ube16_to_cpu(packet + 7);
1528 format = packet[9] >> 6;
1529 msf = (packet[1] >> 1) & 1;
1530 start_track = packet[6];
1531 switch(format) {
1532 case 0:
1533 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1534 if (len < 0)
1535 goto error_cmd;
1536 ide_atapi_cmd_reply(s, len, max_len);
1537 break;
1538 case 1:
1539 /* multi session : only a single session defined */
1540 memset(buf, 0, 12);
1541 buf[1] = 0x0a;
1542 buf[2] = 0x01;
1543 buf[3] = 0x01;
1544 ide_atapi_cmd_reply(s, 12, max_len);
1545 break;
1546 case 2:
1547 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1548 if (len < 0)
1549 goto error_cmd;
1550 ide_atapi_cmd_reply(s, len, max_len);
1551 break;
1552 default:
1553 error_cmd:
1554 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1555 ASC_INV_FIELD_IN_CMD_PACKET);
1556 break;
1557 }
1558 }
1559 break;
1560 case GPCMD_READ_CDVD_CAPACITY:
1561 {
1562 int64_t total_sectors;
1563
1564 bdrv_get_geometry(s->bs, &total_sectors);
1565 total_sectors >>= 2;
1566 if (total_sectors <= 0) {
1567 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1568 ASC_MEDIUM_NOT_PRESENT);
1569 break;
1570 }
1571 /* NOTE: it is really the number of sectors minus 1 */
1572 cpu_to_ube32(buf, total_sectors - 1);
1573 cpu_to_ube32(buf + 4, 2048);
1574 ide_atapi_cmd_reply(s, 8, 8);
1575 }
1576 break;
1577 case GPCMD_READ_DVD_STRUCTURE:
1578 {
1579 int media = packet[1];
1580 int layer = packet[6];
1581 int format = packet[2];
1582 int64_t total_sectors;
1583
1584 if (media != 0 || layer != 0)
1585 {
1586 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1587 ASC_INV_FIELD_IN_CMD_PACKET);
1588 }
1589
1590 switch (format) {
1591 case 0:
1592 bdrv_get_geometry(s->bs, &total_sectors);
1593 total_sectors >>= 2;
1594
1595 memset(buf, 0, 2052);
1596
1597 buf[4] = 1; // DVD-ROM, part version 1
1598 buf[5] = 0xf; // 120mm disc, maximum rate unspecified
1599 buf[6] = 0; // one layer, embossed data
1600 buf[7] = 0;
1601
1602 cpu_to_ube32(buf + 8, 0);
1603 cpu_to_ube32(buf + 12, total_sectors - 1);
1604 cpu_to_ube32(buf + 16, total_sectors - 1);
1605
1606 cpu_to_be16wu((uint16_t *)buf, 2048 + 4);
1607
1608 ide_atapi_cmd_reply(s, 2048 + 3, 2048 + 4);
1609 break;
1610
1611 default:
1612 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1613 ASC_INV_FIELD_IN_CMD_PACKET);
1614 break;
1615 }
1616 }
1617 break;
1618 case GPCMD_SET_SPEED:
1619 ide_atapi_cmd_ok(s);
1620 break;
1621 case GPCMD_INQUIRY:
1622 max_len = packet[4];
1623 buf[0] = 0x05; /* CD-ROM */
1624 buf[1] = 0x80; /* removable */
1625 buf[2] = 0x00; /* ISO */
1626 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1627 buf[4] = 31; /* additional length */
1628 buf[5] = 0; /* reserved */
1629 buf[6] = 0; /* reserved */
1630 buf[7] = 0; /* reserved */
1631 padstr8(buf + 8, 8, "QEMU");
1632 padstr8(buf + 16, 16, "QEMU CD-ROM");
1633 padstr8(buf + 32, 4, QEMU_VERSION);
1634 ide_atapi_cmd_reply(s, 36, max_len);
1635 break;
1636 case GPCMD_GET_CONFIGURATION:
1637 {
1638 int64_t total_sectors;
1639
1640 /* only feature 0 is supported */
1641 if (packet[2] != 0 || packet[3] != 0) {
1642 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1643 ASC_INV_FIELD_IN_CMD_PACKET);
1644 break;
1645 }
1646 memset(buf, 0, 32);
1647 bdrv_get_geometry(s->bs, &total_sectors);
1648 buf[3] = 16;
1649 buf[7] = total_sectors <= 1433600 ? 0x08 : 0x10; /* current profile */
1650 buf[10] = 0x10 | 0x1;
1651 buf[11] = 0x08; /* size of profile list */
1652 buf[13] = 0x10; /* DVD-ROM profile */
1653 buf[14] = buf[7] == 0x10; /* (in)active */
1654 buf[17] = 0x08; /* CD-ROM profile */
1655 buf[18] = buf[7] == 0x08; /* (in)active */
1656 ide_atapi_cmd_reply(s, 32, 32);
1657 break;
1658 }
1659 default:
1660 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1661 ASC_ILLEGAL_OPCODE);
1662 break;
1663 }
1664 }
1665
1666 static void ide_cfata_metadata_inquiry(IDEState *s)
1667 {
1668 uint16_t *p;
1669 uint32_t spd;
1670
1671 p = (uint16_t *) s->io_buffer;
1672 memset(p, 0, 0x200);
1673 spd = ((s->mdata_size - 1) >> 9) + 1;
1674
1675 put_le16(p + 0, 0x0001); /* Data format revision */
1676 put_le16(p + 1, 0x0000); /* Media property: silicon */
1677 put_le16(p + 2, s->media_changed); /* Media status */
1678 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1679 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1680 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1681 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1682 }
1683
1684 static void ide_cfata_metadata_read(IDEState *s)
1685 {
1686 uint16_t *p;
1687
1688 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1689 s->status = ERR_STAT;
1690 s->error = ABRT_ERR;
1691 return;
1692 }
1693
1694 p = (uint16_t *) s->io_buffer;
1695 memset(p, 0, 0x200);
1696
1697 put_le16(p + 0, s->media_changed); /* Media status */
1698 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1699 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1700 s->nsector << 9), 0x200 - 2));
1701 }
1702
1703 static void ide_cfata_metadata_write(IDEState *s)
1704 {
1705 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1706 s->status = ERR_STAT;
1707 s->error = ABRT_ERR;
1708 return;
1709 }
1710
1711 s->media_changed = 0;
1712
1713 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1714 s->io_buffer + 2,
1715 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1716 s->nsector << 9), 0x200 - 2));
1717 }
1718
1719 /* called when the inserted state of the media has changed */
1720 static void cdrom_change_cb(void *opaque)
1721 {
1722 IDEState *s = opaque;
1723 int64_t nb_sectors;
1724
1725 /* XXX: send interrupt too */
1726 bdrv_get_geometry(s->bs, &nb_sectors);
1727 s->nb_sectors = nb_sectors;
1728 }
1729
1730 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1731 {
1732 s->lba48 = lba48;
1733
1734 /* handle the 'magic' 0 nsector count conversion here. to avoid
1735 * fiddling with the rest of the read logic, we just store the
1736 * full sector count in ->nsector and ignore ->hob_nsector from now
1737 */
1738 if (!s->lba48) {
1739 if (!s->nsector)
1740 s->nsector = 256;
1741 } else {
1742 if (!s->nsector && !s->hob_nsector)
1743 s->nsector = 65536;
1744 else {
1745 int lo = s->nsector;
1746 int hi = s->hob_nsector;
1747
1748 s->nsector = (hi << 8) | lo;
1749 }
1750 }
1751 }
1752
1753 static void ide_clear_hob(IDEState *ide_if)
1754 {
1755 /* any write clears HOB high bit of device control register */
1756 ide_if[0].select &= ~(1 << 7);
1757 ide_if[1].select &= ~(1 << 7);
1758 }
1759
1760 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1761 {
1762 IDEState *ide_if = opaque;
1763 IDEState *s;
1764 int unit, n;
1765 int lba48 = 0;
1766
1767 #ifdef DEBUG_IDE
1768 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1769 #endif
1770
1771 addr &= 7;
1772 switch(addr) {
1773 case 0:
1774 break;
1775 case 1:
1776 ide_clear_hob(ide_if);
1777 /* NOTE: data is written to the two drives */
1778 ide_if[0].hob_feature = ide_if[0].feature;
1779 ide_if[1].hob_feature = ide_if[1].feature;
1780 ide_if[0].feature = val;
1781 ide_if[1].feature = val;
1782 break;
1783 case 2:
1784 ide_clear_hob(ide_if);
1785 ide_if[0].hob_nsector = ide_if[0].nsector;
1786 ide_if[1].hob_nsector = ide_if[1].nsector;
1787 ide_if[0].nsector = val;
1788 ide_if[1].nsector = val;
1789 break;
1790 case 3:
1791 ide_clear_hob(ide_if);
1792 ide_if[0].hob_sector = ide_if[0].sector;
1793 ide_if[1].hob_sector = ide_if[1].sector;
1794 ide_if[0].sector = val;
1795 ide_if[1].sector = val;
1796 break;
1797 case 4:
1798 ide_clear_hob(ide_if);
1799 ide_if[0].hob_lcyl = ide_if[0].lcyl;
1800 ide_if[1].hob_lcyl = ide_if[1].lcyl;
1801 ide_if[0].lcyl = val;
1802 ide_if[1].lcyl = val;
1803 break;
1804 case 5:
1805 ide_clear_hob(ide_if);
1806 ide_if[0].hob_hcyl = ide_if[0].hcyl;
1807 ide_if[1].hob_hcyl = ide_if[1].hcyl;
1808 ide_if[0].hcyl = val;
1809 ide_if[1].hcyl = val;
1810 break;
1811 case 6:
1812 /* FIXME: HOB readback uses bit 7 */
1813 ide_if[0].select = (val & ~0x10) | 0xa0;
1814 ide_if[1].select = (val | 0x10) | 0xa0;
1815 /* select drive */
1816 unit = (val >> 4) & 1;
1817 s = ide_if + unit;
1818 ide_if->cur_drive = s;
1819 break;
1820 default:
1821 case 7:
1822 /* command */
1823 #if defined(DEBUG_IDE)
1824 printf("ide: CMD=%02x\n", val);
1825 #endif
1826 s = ide_if->cur_drive;
1827 /* ignore commands to non existant slave */
1828 if (s != ide_if && !s->bs)
1829 break;
1830
1831 switch(val) {
1832 case WIN_IDENTIFY:
1833 if (s->bs && !s->is_cdrom) {
1834 if (!s->is_cf)
1835 ide_identify(s);
1836 else
1837 ide_cfata_identify(s);
1838 s->status = READY_STAT | SEEK_STAT;
1839 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1840 } else {
1841 if (s->is_cdrom) {
1842 ide_set_signature(s);
1843 }
1844 ide_abort_command(s);
1845 }
1846 ide_set_irq(s);
1847 break;
1848 case WIN_SPECIFY:
1849 case WIN_RECAL:
1850 s->error = 0;
1851 s->status = READY_STAT | SEEK_STAT;
1852 ide_set_irq(s);
1853 break;
1854 case WIN_SETMULT:
1855 if (s->is_cf && s->nsector == 0) {
1856 /* Disable Read and Write Multiple */
1857 s->mult_sectors = 0;
1858 s->status = READY_STAT;
1859 } else if ((s->nsector & 0xff) != 0 &&
1860 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1861 (s->nsector & (s->nsector - 1)) != 0)) {
1862 ide_abort_command(s);
1863 } else {
1864 s->mult_sectors = s->nsector & 0xff;
1865 s->status = READY_STAT;
1866 }
1867 ide_set_irq(s);
1868 break;
1869 case WIN_VERIFY_EXT:
1870 lba48 = 1;
1871 case WIN_VERIFY:
1872 case WIN_VERIFY_ONCE:
1873 /* do sector number check ? */
1874 ide_cmd_lba48_transform(s, lba48);
1875 s->status = READY_STAT;
1876 ide_set_irq(s);
1877 break;
1878 case WIN_READ_EXT:
1879 lba48 = 1;
1880 case WIN_READ:
1881 case WIN_READ_ONCE:
1882 if (!s->bs)
1883 goto abort_cmd;
1884 ide_cmd_lba48_transform(s, lba48);
1885 s->req_nb_sectors = 1;
1886 ide_sector_read(s);
1887 break;
1888 case WIN_WRITE_EXT:
1889 lba48 = 1;
1890 case WIN_WRITE:
1891 case WIN_WRITE_ONCE:
1892 case CFA_WRITE_SECT_WO_ERASE:
1893 case WIN_WRITE_VERIFY:
1894 ide_cmd_lba48_transform(s, lba48);
1895 s->error = 0;
1896 s->status = SEEK_STAT | READY_STAT;
1897 s->req_nb_sectors = 1;
1898 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1899 s->media_changed = 1;
1900 break;
1901 case WIN_MULTREAD_EXT:
1902 lba48 = 1;
1903 case WIN_MULTREAD:
1904 if (!s->mult_sectors)
1905 goto abort_cmd;
1906 ide_cmd_lba48_transform(s, lba48);
1907 s->req_nb_sectors = s->mult_sectors;
1908 ide_sector_read(s);
1909 break;
1910 case WIN_MULTWRITE_EXT:
1911 lba48 = 1;
1912 case WIN_MULTWRITE:
1913 case CFA_WRITE_MULTI_WO_ERASE:
1914 if (!s->mult_sectors)
1915 goto abort_cmd;
1916 ide_cmd_lba48_transform(s, lba48);
1917 s->error = 0;
1918 s->status = SEEK_STAT | READY_STAT;
1919 s->req_nb_sectors = s->mult_sectors;
1920 n = s->nsector;
1921 if (n > s->req_nb_sectors)
1922 n = s->req_nb_sectors;
1923 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1924 s->media_changed = 1;
1925 break;
1926 case WIN_READDMA_EXT:
1927 lba48 = 1;
1928 case WIN_READDMA:
1929 case WIN_READDMA_ONCE:
1930 if (!s->bs)
1931 goto abort_cmd;
1932 ide_cmd_lba48_transform(s, lba48);
1933 ide_sector_read_dma(s);
1934 break;
1935 case WIN_WRITEDMA_EXT:
1936 lba48 = 1;
1937 case WIN_WRITEDMA:
1938 case WIN_WRITEDMA_ONCE:
1939 if (!s->bs)
1940 goto abort_cmd;
1941 ide_cmd_lba48_transform(s, lba48);
1942 ide_sector_write_dma(s);
1943 s->media_changed = 1;
1944 break;
1945 case WIN_READ_NATIVE_MAX_EXT:
1946 lba48 = 1;
1947 case WIN_READ_NATIVE_MAX:
1948 ide_cmd_lba48_transform(s, lba48);
1949 ide_set_sector(s, s->nb_sectors - 1);
1950 s->status = READY_STAT;
1951 ide_set_irq(s);
1952 break;
1953 case WIN_CHECKPOWERMODE1:
1954 case WIN_CHECKPOWERMODE2:
1955 s->nsector = 0xff; /* device active or idle */
1956 s->status = READY_STAT;
1957 ide_set_irq(s);
1958 break;
1959 case WIN_SETFEATURES:
1960 if (!s->bs)
1961 goto abort_cmd;
1962 /* XXX: valid for CDROM ? */
1963 switch(s->feature) {
1964 case 0xcc: /* reverting to power-on defaults enable */
1965 case 0x66: /* reverting to power-on defaults disable */
1966 case 0x02: /* write cache enable */
1967 case 0x82: /* write cache disable */
1968 case 0xaa: /* read look-ahead enable */
1969 case 0x55: /* read look-ahead disable */
1970 case 0x05: /* set advanced power management mode */
1971 case 0x85: /* disable advanced power management mode */
1972 case 0x69: /* NOP */
1973 case 0x67: /* NOP */
1974 case 0x96: /* NOP */
1975 case 0x9a: /* NOP */
1976 case 0x42: /* enable Automatic Acoustic Mode */
1977 case 0xc2: /* disable Automatic Acoustic Mode */
1978 s->status = READY_STAT | SEEK_STAT;
1979 ide_set_irq(s);
1980 break;
1981 case 0x03: { /* set transfer mode */
1982 uint8_t val = s->nsector & 0x07;
1983
1984 switch (s->nsector >> 3) {
1985 case 0x00: /* pio default */
1986 case 0x01: /* pio mode */
1987 put_le16(s->identify_data + 63,0x07);
1988 put_le16(s->identify_data + 88,0x3f);
1989 break;
1990 case 0x04: /* mdma mode */
1991 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
1992 put_le16(s->identify_data + 88,0x3f);
1993 break;
1994 case 0x08: /* udma mode */
1995 put_le16(s->identify_data + 63,0x07);
1996 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
1997 break;
1998 default:
1999 goto abort_cmd;
2000 }
2001 s->status = READY_STAT | SEEK_STAT;
2002 ide_set_irq(s);
2003 break;
2004 }
2005 default:
2006 goto abort_cmd;
2007 }
2008 break;
2009 case WIN_FLUSH_CACHE:
2010 case WIN_FLUSH_CACHE_EXT:
2011 if (s->bs)
2012 bdrv_flush(s->bs);
2013 s->status = READY_STAT;
2014 ide_set_irq(s);
2015 break;
2016 case WIN_STANDBY:
2017 case WIN_STANDBY2:
2018 case WIN_STANDBYNOW1:
2019 case WIN_STANDBYNOW2:
2020 case WIN_IDLEIMMEDIATE:
2021 case CFA_IDLEIMMEDIATE:
2022 case WIN_SETIDLE1:
2023 case WIN_SETIDLE2:
2024 case WIN_SLEEPNOW1:
2025 case WIN_SLEEPNOW2:
2026 s->status = READY_STAT;
2027 ide_set_irq(s);
2028 break;
2029 /* ATAPI commands */
2030 case WIN_PIDENTIFY:
2031 if (s->is_cdrom) {
2032 ide_atapi_identify(s);
2033 s->status = READY_STAT | SEEK_STAT;
2034 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2035 } else {
2036 ide_abort_command(s);
2037 }
2038 ide_set_irq(s);
2039 break;
2040 case WIN_DIAGNOSE:
2041 ide_set_signature(s);
2042 s->status = 0x00; /* NOTE: READY is _not_ set */
2043 s->error = 0x01;
2044 break;
2045 case WIN_SRST:
2046 if (!s->is_cdrom)
2047 goto abort_cmd;
2048 ide_set_signature(s);
2049 s->status = 0x00; /* NOTE: READY is _not_ set */
2050 s->error = 0x01;
2051 break;
2052 case WIN_PACKETCMD:
2053 if (!s->is_cdrom)
2054 goto abort_cmd;
2055 /* overlapping commands not supported */
2056 if (s->feature & 0x02)
2057 goto abort_cmd;
2058 s->status = READY_STAT;
2059 s->atapi_dma = s->feature & 1;
2060 s->nsector = 1;
2061 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2062 ide_atapi_cmd);
2063 break;
2064 /* CF-ATA commands */
2065 case CFA_REQ_EXT_ERROR_CODE:
2066 if (!s->is_cf)
2067 goto abort_cmd;
2068 s->error = 0x09; /* miscellaneous error */
2069 s->status = READY_STAT;
2070 ide_set_irq(s);
2071 break;
2072 case CFA_ERASE_SECTORS:
2073 case CFA_WEAR_LEVEL:
2074 if (!s->is_cf)
2075 goto abort_cmd;
2076 if (val == CFA_WEAR_LEVEL)
2077 s->nsector = 0;
2078 if (val == CFA_ERASE_SECTORS)
2079 s->media_changed = 1;
2080 s->error = 0x00;
2081 s->status = READY_STAT;
2082 ide_set_irq(s);
2083 break;
2084 case CFA_TRANSLATE_SECTOR:
2085 if (!s->is_cf)
2086 goto abort_cmd;
2087 s->error = 0x00;
2088 s->status = READY_STAT;
2089 memset(s->io_buffer, 0, 0x200);
2090 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2091 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2092 s->io_buffer[0x02] = s->select; /* Head */
2093 s->io_buffer[0x03] = s->sector; /* Sector */
2094 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2095 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2096 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2097 s->io_buffer[0x13] = 0x00; /* Erase flag */
2098 s->io_buffer[0x18] = 0x00; /* Hot count */
2099 s->io_buffer[0x19] = 0x00; /* Hot count */
2100 s->io_buffer[0x1a] = 0x01; /* Hot count */
2101 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2102 ide_set_irq(s);
2103 break;
2104 case CFA_ACCESS_METADATA_STORAGE:
2105 if (!s->is_cf)
2106 goto abort_cmd;
2107 switch (s->feature) {
2108 case 0x02: /* Inquiry Metadata Storage */
2109 ide_cfata_metadata_inquiry(s);
2110 break;
2111 case 0x03: /* Read Metadata Storage */
2112 ide_cfata_metadata_read(s);
2113 break;
2114 case 0x04: /* Write Metadata Storage */
2115 ide_cfata_metadata_write(s);
2116 break;
2117 default:
2118 goto abort_cmd;
2119 }
2120 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2121 s->status = 0x00; /* NOTE: READY is _not_ set */
2122 ide_set_irq(s);
2123 break;
2124 case IBM_SENSE_CONDITION:
2125 if (!s->is_cf)
2126 goto abort_cmd;
2127 switch (s->feature) {
2128 case 0x01: /* sense temperature in device */
2129 s->nsector = 0x50; /* +20 C */
2130 break;
2131 default:
2132 goto abort_cmd;
2133 }
2134 s->status = READY_STAT;
2135 ide_set_irq(s);
2136 break;
2137 default:
2138 abort_cmd:
2139 ide_abort_command(s);
2140 ide_set_irq(s);
2141 break;
2142 }
2143 }
2144 }
2145
2146 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2147 {
2148 IDEState *ide_if = opaque;
2149 IDEState *s = ide_if->cur_drive;
2150 uint32_t addr;
2151 int ret, hob;
2152
2153 addr = addr1 & 7;
2154 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2155 //hob = s->select & (1 << 7);
2156 hob = 0;
2157 switch(addr) {
2158 case 0:
2159 ret = 0xff;
2160 break;
2161 case 1:
2162 if (!ide_if[0].bs && !ide_if[1].bs)
2163 ret = 0;
2164 else if (!hob)
2165 ret = s->error;
2166 else
2167 ret = s->hob_feature;
2168 break;
2169 case 2:
2170 if (!ide_if[0].bs && !ide_if[1].bs)
2171 ret = 0;
2172 else if (!hob)
2173 ret = s->nsector & 0xff;
2174 else
2175 ret = s->hob_nsector;
2176 break;
2177 case 3:
2178 if (!ide_if[0].bs && !ide_if[1].bs)
2179 ret = 0;
2180 else if (!hob)
2181 ret = s->sector;
2182 else
2183 ret = s->hob_sector;
2184 break;
2185 case 4:
2186 if (!ide_if[0].bs && !ide_if[1].bs)
2187 ret = 0;
2188 else if (!hob)
2189 ret = s->lcyl;
2190 else
2191 ret = s->hob_lcyl;
2192 break;
2193 case 5:
2194 if (!ide_if[0].bs && !ide_if[1].bs)
2195 ret = 0;
2196 else if (!hob)
2197 ret = s->hcyl;
2198 else
2199 ret = s->hob_hcyl;
2200 break;
2201 case 6:
2202 if (!ide_if[0].bs && !ide_if[1].bs)
2203 ret = 0;
2204 else
2205 ret = s->select;
2206 break;
2207 default:
2208 case 7:
2209 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2210 (s != ide_if && !s->bs))
2211 ret = 0;
2212 else
2213 ret = s->status;
2214 qemu_irq_lower(s->irq);
2215 break;
2216 }
2217 #ifdef DEBUG_IDE
2218 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2219 #endif
2220 return ret;
2221 }
2222
2223 static uint32_t ide_status_read(void *opaque, uint32_t addr)
2224 {
2225 IDEState *ide_if = opaque;
2226 IDEState *s = ide_if->cur_drive;
2227 int ret;
2228
2229 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2230 (s != ide_if && !s->bs))
2231 ret = 0;
2232 else
2233 ret = s->status;
2234 #ifdef DEBUG_IDE
2235 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2236 #endif
2237 return ret;
2238 }
2239
2240 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2241 {
2242 IDEState *ide_if = opaque;
2243 IDEState *s;
2244 int i;
2245
2246 #ifdef DEBUG_IDE
2247 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2248 #endif
2249 /* common for both drives */
2250 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2251 (val & IDE_CMD_RESET)) {
2252 /* reset low to high */
2253 for(i = 0;i < 2; i++) {
2254 s = &ide_if[i];
2255 s->status = BUSY_STAT | SEEK_STAT;
2256 s->error = 0x01;
2257 }
2258 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2259 !(val & IDE_CMD_RESET)) {
2260 /* high to low */
2261 for(i = 0;i < 2; i++) {
2262 s = &ide_if[i];
2263 if (s->is_cdrom)
2264 s->status = 0x00; /* NOTE: READY is _not_ set */
2265 else
2266 s->status = READY_STAT | SEEK_STAT;
2267 ide_set_signature(s);
2268 }
2269 }
2270
2271 ide_if[0].cmd = val;
2272 ide_if[1].cmd = val;
2273 }
2274
2275 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2276 {
2277 IDEState *s = ((IDEState *)opaque)->cur_drive;
2278 uint8_t *p;
2279
2280 p = s->data_ptr;
2281 *(uint16_t *)p = le16_to_cpu(val);
2282 p += 2;
2283 s->data_ptr = p;
2284 if (p >= s->data_end)
2285 s->end_transfer_func(s);
2286 }
2287
2288 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2289 {
2290 IDEState *s = ((IDEState *)opaque)->cur_drive;
2291 uint8_t *p;
2292 int ret;
2293 p = s->data_ptr;
2294 ret = cpu_to_le16(*(uint16_t *)p);
2295 p += 2;
2296 s->data_ptr = p;
2297 if (p >= s->data_end)
2298 s->end_transfer_func(s);
2299 return ret;
2300 }
2301
2302 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2303 {
2304 IDEState *s = ((IDEState *)opaque)->cur_drive;
2305 uint8_t *p;
2306
2307 p = s->data_ptr;
2308 *(uint32_t *)p = le32_to_cpu(val);
2309 p += 4;
2310 s->data_ptr = p;
2311 if (p >= s->data_end)
2312 s->end_transfer_func(s);
2313 }
2314
2315 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2316 {
2317 IDEState *s = ((IDEState *)opaque)->cur_drive;
2318 uint8_t *p;
2319 int ret;
2320
2321 p = s->data_ptr;
2322 ret = cpu_to_le32(*(uint32_t *)p);
2323 p += 4;
2324 s->data_ptr = p;
2325 if (p >= s->data_end)
2326 s->end_transfer_func(s);
2327 return ret;
2328 }
2329
2330 static void ide_dummy_transfer_stop(IDEState *s)
2331 {
2332 s->data_ptr = s->io_buffer;
2333 s->data_end = s->io_buffer;
2334 s->io_buffer[0] = 0xff;
2335 s->io_buffer[1] = 0xff;
2336 s->io_buffer[2] = 0xff;
2337 s->io_buffer[3] = 0xff;
2338 }
2339
2340 static void ide_reset(IDEState *s)
2341 {
2342 if (s->is_cf)
2343 s->mult_sectors = 0;
2344 else
2345 s->mult_sectors = MAX_MULT_SECTORS;
2346 s->cur_drive = s;
2347 s->select = 0xa0;
2348 s->status = READY_STAT;
2349 ide_set_signature(s);
2350 /* init the transfer handler so that 0xffff is returned on data
2351 accesses */
2352 s->end_transfer_func = ide_dummy_transfer_stop;
2353 ide_dummy_transfer_stop(s);
2354 s->media_changed = 0;
2355 }
2356
2357 struct partition {
2358 uint8_t boot_ind; /* 0x80 - active */
2359 uint8_t head; /* starting head */
2360 uint8_t sector; /* starting sector */
2361 uint8_t cyl; /* starting cylinder */
2362 uint8_t sys_ind; /* What partition type */
2363 uint8_t end_head; /* end head */
2364 uint8_t end_sector; /* end sector */
2365 uint8_t end_cyl; /* end cylinder */
2366 uint32_t start_sect; /* starting sector counting from 0 */
2367 uint32_t nr_sects; /* nr of sectors in partition */
2368 } __attribute__((packed));
2369
2370 /* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
2371 static int guess_disk_lchs(IDEState *s,
2372 int *pcylinders, int *pheads, int *psectors)
2373 {
2374 uint8_t buf[512];
2375 int ret, i, heads, sectors, cylinders;
2376 struct partition *p;
2377 uint32_t nr_sects;
2378
2379 ret = bdrv_read(s->bs, 0, buf, 1);
2380 if (ret < 0)
2381 return -1;
2382 /* test msdos magic */
2383 if (buf[510] != 0x55 || buf[511] != 0xaa)
2384 return -1;
2385 for(i = 0; i < 4; i++) {
2386 p = ((struct partition *)(buf + 0x1be)) + i;
2387 nr_sects = le32_to_cpu(p->nr_sects);
2388 if (nr_sects && p->end_head) {
2389 /* We make the assumption that the partition terminates on
2390 a cylinder boundary */
2391 heads = p->end_head + 1;
2392 sectors = p->end_sector & 63;
2393 if (sectors == 0)
2394 continue;
2395 cylinders = s->nb_sectors / (heads * sectors);
2396 if (cylinders < 1 || cylinders > 16383)
2397 continue;
2398 *pheads = heads;
2399 *psectors = sectors;
2400 *pcylinders = cylinders;
2401 #if 0
2402 printf("guessed geometry: LCHS=%d %d %d\n",
2403 cylinders, heads, sectors);
2404 #endif
2405 return 0;
2406 }
2407 }
2408 return -1;
2409 }
2410
2411 static void ide_init2(IDEState *ide_state,
2412 BlockDriverState *hd0, BlockDriverState *hd1,
2413 qemu_irq irq)
2414 {
2415 IDEState *s;
2416 static int drive_serial = 1;
2417 int i, cylinders, heads, secs, translation, lba_detected = 0;
2418 int64_t nb_sectors;
2419
2420 for(i = 0; i < 2; i++) {
2421 s = ide_state + i;
2422 if (i == 0)
2423 s->bs = hd0;
2424 else
2425 s->bs = hd1;
2426 if (s->bs) {
2427 bdrv_get_geometry(s->bs, &nb_sectors);
2428 s->nb_sectors = nb_sectors;
2429 /* if a geometry hint is available, use it */
2430 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
2431 translation = bdrv_get_translation_hint(s->bs);
2432 if (cylinders != 0) {
2433 s->cylinders = cylinders;
2434 s->heads = heads;
2435 s->sectors = secs;
2436 } else {
2437 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
2438 if (heads > 16) {
2439 /* if heads > 16, it means that a BIOS LBA
2440 translation was active, so the default
2441 hardware geometry is OK */
2442 lba_detected = 1;
2443 goto default_geometry;
2444 } else {
2445 s->cylinders = cylinders;
2446 s->heads = heads;
2447 s->sectors = secs;
2448 /* disable any translation to be in sync with
2449 the logical geometry */
2450 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
2451 bdrv_set_translation_hint(s->bs,
2452 BIOS_ATA_TRANSLATION_NONE);
2453 }
2454 }
2455 } else {
2456 default_geometry:
2457 /* if no geometry, use a standard physical disk geometry */
2458 cylinders = nb_sectors / (16 * 63);
2459 if (cylinders > 16383)
2460 cylinders = 16383;
2461 else if (cylinders < 2)
2462 cylinders = 2;
2463 s->cylinders = cylinders;
2464 s->heads = 16;
2465 s->sectors = 63;
2466 if ((lba_detected == 1) && (translation == BIOS_ATA_TRANSLATION_AUTO)) {
2467 if ((s->cylinders * s->heads) <= 131072) {
2468 bdrv_set_translation_hint(s->bs,
2469 BIOS_ATA_TRANSLATION_LARGE);
2470 } else {
2471 bdrv_set_translation_hint(s->bs,
2472 BIOS_ATA_TRANSLATION_LBA);
2473 }
2474 }
2475 }
2476 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
2477 }
2478 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2479 s->is_cdrom = 1;
2480 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2481 }
2482 }
2483 s->drive_serial = drive_serial++;
2484 s->irq = irq;
2485 s->sector_write_timer = qemu_new_timer(vm_clock,
2486 ide_sector_write_timer_cb, s);
2487 ide_reset(s);
2488 }
2489 }
2490
2491 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2492 {
2493 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2494 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2495 if (iobase2) {
2496 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2497 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2498 }
2499
2500 /* data ports */
2501 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2502 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2503 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2504 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2505 }
2506
2507 /* save per IDE drive data */
2508 static void ide_save(QEMUFile* f, IDEState *s)
2509 {
2510 qemu_put_be32s(f, &s->mult_sectors);
2511 qemu_put_be32s(f, &s->identify_set);
2512 if (s->identify_set) {
2513 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2514 }
2515 qemu_put_8s(f, &s->feature);
2516 qemu_put_8s(f, &s->error);
2517 qemu_put_be32s(f, &s->nsector);
2518 qemu_put_8s(f, &s->sector);
2519 qemu_put_8s(f, &s->lcyl);
2520 qemu_put_8s(f, &s->hcyl);
2521 qemu_put_8s(f, &s->hob_feature);
2522 qemu_put_8s(f, &s->hob_nsector);
2523 qemu_put_8s(f, &s->hob_sector);
2524 qemu_put_8s(f, &s->hob_lcyl);
2525 qemu_put_8s(f, &s->hob_hcyl);
2526 qemu_put_8s(f, &s->select);
2527 qemu_put_8s(f, &s->status);
2528 qemu_put_8s(f, &s->lba48);
2529
2530 qemu_put_8s(f, &s->sense_key);
2531 qemu_put_8s(f, &s->asc);
2532 /* XXX: if a transfer is pending, we do not save it yet */
2533 }
2534
2535 /* load per IDE drive data */
2536 static void ide_load(QEMUFile* f, IDEState *s)
2537 {
2538 qemu_get_be32s(f, &s->mult_sectors);
2539 qemu_get_be32s(f, &s->identify_set);
2540 if (s->identify_set) {
2541 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2542 }
2543 qemu_get_8s(f, &s->feature);
2544 qemu_get_8s(f, &s->error);
2545 qemu_get_be32s(f, &s->nsector);
2546 qemu_get_8s(f, &s->sector);
2547 qemu_get_8s(f, &s->lcyl);
2548 qemu_get_8s(f, &s->hcyl);
2549 qemu_get_8s(f, &s->hob_feature);
2550 qemu_get_8s(f, &s->hob_nsector);
2551 qemu_get_8s(f, &s->hob_sector);
2552 qemu_get_8s(f, &s->hob_lcyl);
2553 qemu_get_8s(f, &s->hob_hcyl);
2554 qemu_get_8s(f, &s->select);
2555 qemu_get_8s(f, &s->status);
2556 qemu_get_8s(f, &s->lba48);
2557
2558 qemu_get_8s(f, &s->sense_key);
2559 qemu_get_8s(f, &s->asc);
2560 /* XXX: if a transfer is pending, we do not save it yet */
2561 }
2562
2563 /***********************************************************/
2564 /* ISA IDE definitions */
2565
2566 void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
2567 BlockDriverState *hd0, BlockDriverState *hd1)
2568 {
2569 IDEState *ide_state;
2570
2571 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2572 if (!ide_state)
2573 return;
2574
2575 ide_init2(ide_state, hd0, hd1, irq);
2576 ide_init_ioport(ide_state, iobase, iobase2);
2577 }
2578
2579 /***********************************************************/
2580 /* PCI IDE definitions */
2581
2582 static void cmd646_update_irq(PCIIDEState *d);
2583
2584 static void ide_map(PCIDevice *pci_dev, int region_num,
2585 uint32_t addr, uint32_t size, int type)
2586 {
2587 PCIIDEState *d = (PCIIDEState *)pci_dev;
2588 IDEState *ide_state;
2589
2590 if (region_num <= 3) {
2591 ide_state = &d->ide_if[(region_num >> 1) * 2];
2592 if (region_num & 1) {
2593 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2594 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2595 } else {
2596 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2597 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2598
2599 /* data ports */
2600 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2601 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2602 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2603 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2604 }
2605 }
2606 }
2607
2608 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2609 {
2610 BMDMAState *bm = s->bmdma;
2611 if(!bm)
2612 return;
2613 bm->ide_if = s;
2614 bm->dma_cb = dma_cb;
2615 bm->cur_prd_last = 0;
2616 bm->cur_prd_addr = 0;
2617 bm->cur_prd_len = 0;
2618 if (bm->status & BM_STATUS_DMAING) {
2619 bm->dma_cb(bm, 0);
2620 }
2621 }
2622
2623 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2624 {
2625 BMDMAState *bm = opaque;
2626 #ifdef DEBUG_IDE
2627 printf("%s: 0x%08x\n", __func__, val);
2628 #endif
2629 if (!(val & BM_CMD_START)) {
2630 /* XXX: do it better */
2631 if (bm->status & BM_STATUS_DMAING) {
2632 bm->status &= ~BM_STATUS_DMAING;
2633 /* cancel DMA request */
2634 bm->ide_if = NULL;
2635 bm->dma_cb = NULL;
2636 if (bm->aiocb) {
2637 #ifdef DEBUG_AIO
2638 printf("aio_cancel\n");
2639 #endif
2640 bdrv_aio_cancel(bm->aiocb);
2641 bm->aiocb = NULL;
2642 }
2643 }
2644 bm->cmd = val & 0x09;
2645 } else {
2646 if (!(bm->status & BM_STATUS_DMAING)) {
2647 bm->status |= BM_STATUS_DMAING;
2648 /* start dma transfer if possible */
2649 if (bm->dma_cb)
2650 bm->dma_cb(bm, 0);
2651 }
2652 bm->cmd = val & 0x09;
2653 }
2654 }
2655
2656 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2657 {
2658 BMDMAState *bm = opaque;
2659 PCIIDEState *pci_dev;
2660 uint32_t val;
2661
2662 switch(addr & 3) {
2663 case 0:
2664 val = bm->cmd;
2665 break;
2666 case 1:
2667 pci_dev = bm->pci_dev;
2668 if (pci_dev->type == IDE_TYPE_CMD646) {
2669 val = pci_dev->dev.config[MRDMODE];
2670 } else {
2671 val = 0xff;
2672 }
2673 break;
2674 case 2:
2675 val = bm->status;
2676 break;
2677 case 3:
2678 pci_dev = bm->pci_dev;
2679 if (pci_dev->type == IDE_TYPE_CMD646) {
2680 if (bm == &pci_dev->bmdma[0])
2681 val = pci_dev->dev.config[UDIDETCR0];
2682 else
2683 val = pci_dev->dev.config[UDIDETCR1];
2684 } else {
2685 val = 0xff;
2686 }
2687 break;
2688 default:
2689 val = 0xff;
2690 break;
2691 }
2692 #ifdef DEBUG_IDE
2693 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2694 #endif
2695 return val;
2696 }
2697
2698 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2699 {
2700 BMDMAState *bm = opaque;
2701 PCIIDEState *pci_dev;
2702 #ifdef DEBUG_IDE
2703 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
2704 #endif
2705 switch(addr & 3) {
2706 case 1:
2707 pci_dev = bm->pci_dev;
2708 if (pci_dev->type == IDE_TYPE_CMD646) {
2709 pci_dev->dev.config[MRDMODE] =
2710 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2711 cmd646_update_irq(pci_dev);
2712 }
2713 break;
2714 case 2:
2715 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2716 break;
2717 case 3:
2718 pci_dev = bm->pci_dev;
2719 if (pci_dev->type == IDE_TYPE_CMD646) {
2720 if (bm == &pci_dev->bmdma[0])
2721 pci_dev->dev.config[UDIDETCR0] = val;
2722 else
2723 pci_dev->dev.config[UDIDETCR1] = val;
2724 }
2725 break;
2726 }
2727 }
2728
2729 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2730 {
2731 BMDMAState *bm = opaque;
2732 uint32_t val;
2733 val = bm->addr;
2734 #ifdef DEBUG_IDE
2735 printf("%s: 0x%08x\n", __func__, val);
2736 #endif
2737 return val;
2738 }
2739
2740 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2741 {
2742 BMDMAState *bm = opaque;
2743 #ifdef DEBUG_IDE
2744 printf("%s: 0x%08x\n", __func__, val);
2745 #endif
2746 bm->addr = val & ~3;
2747 bm->cur_addr = bm->addr;
2748 }
2749
2750 static void bmdma_map(PCIDevice *pci_dev, int region_num,
2751 uint32_t addr, uint32_t size, int type)
2752 {
2753 PCIIDEState *d = (PCIIDEState *)pci_dev;
2754 int i;
2755
2756 for(i = 0;i < 2; i++) {
2757 BMDMAState *bm = &d->bmdma[i];
2758 d->ide_if[2 * i].bmdma = bm;
2759 d->ide_if[2 * i + 1].bmdma = bm;
2760 bm->pci_dev = (PCIIDEState *)pci_dev;
2761
2762 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2763
2764 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
2765 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
2766
2767 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2768 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2769 addr += 8;
2770 }
2771 }
2772
2773 /* XXX: call it also when the MRDMODE is changed from the PCI config
2774 registers */
2775 static void cmd646_update_irq(PCIIDEState *d)
2776 {
2777 int pci_level;
2778 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
2779 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
2780 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
2781 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
2782 qemu_set_irq(d->dev.irq[0], pci_level);
2783 }
2784
2785 /* the PCI irq level is the logical OR of the two channels */
2786 static void cmd646_set_irq(void *opaque, int channel, int level)
2787 {
2788 PCIIDEState *d = opaque;
2789 int irq_mask;
2790
2791 irq_mask = MRDMODE_INTR_CH0 << channel;
2792 if (level)
2793 d->dev.config[MRDMODE] |= irq_mask;
2794 else
2795 d->dev.config[MRDMODE] &= ~irq_mask;
2796 cmd646_update_irq(d);
2797 }
2798
2799 /* CMD646 PCI IDE controller */
2800 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
2801 int secondary_ide_enabled)
2802 {
2803 PCIIDEState *d;
2804 uint8_t *pci_conf;
2805 int i;
2806 qemu_irq *irq;
2807
2808 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
2809 sizeof(PCIIDEState),
2810 -1,
2811 NULL, NULL);
2812 d->type = IDE_TYPE_CMD646;
2813 pci_conf = d->dev.config;
2814 pci_conf[0x00] = 0x95; // CMD646
2815 pci_conf[0x01] = 0x10;
2816 pci_conf[0x02] = 0x46;
2817 pci_conf[0x03] = 0x06;
2818
2819 pci_conf[0x08] = 0x07; // IDE controller revision
2820 pci_conf[0x09] = 0x8f;
2821
2822 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2823 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2824 pci_conf[0x0e] = 0x00; // header_type
2825
2826 if (secondary_ide_enabled) {
2827 /* XXX: if not enabled, really disable the seconday IDE controller */
2828 pci_conf[0x51] = 0x80; /* enable IDE1 */
2829 }
2830
2831 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2832 PCI_ADDRESS_SPACE_IO, ide_map);
2833 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2834 PCI_ADDRESS_SPACE_IO, ide_map);
2835 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2836 PCI_ADDRESS_SPACE_IO, ide_map);
2837 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2838 PCI_ADDRESS_SPACE_IO, ide_map);
2839 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2840 PCI_ADDRESS_SPACE_IO, bmdma_map);
2841
2842 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2843
2844 for(i = 0; i < 4; i++)
2845 d->ide_if[i].pci_dev = (PCIDevice *)d;
2846
2847 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
2848 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
2849 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
2850 }
2851
2852 static void pci_ide_save(QEMUFile* f, void *opaque)
2853 {
2854 PCIIDEState *d = opaque;
2855 int i;
2856
2857 pci_device_save(&d->dev, f);
2858
2859 for(i = 0; i < 2; i++) {
2860 BMDMAState *bm = &d->bmdma[i];
2861 qemu_put_8s(f, &bm->cmd);
2862 qemu_put_8s(f, &bm->status);
2863 qemu_put_be32s(f, &bm->addr);
2864 /* XXX: if a transfer is pending, we do not save it yet */
2865 }
2866
2867 /* per IDE interface data */
2868 for(i = 0; i < 2; i++) {
2869 IDEState *s = &d->ide_if[i * 2];
2870 uint8_t drive1_selected;
2871 qemu_put_8s(f, &s->cmd);
2872 drive1_selected = (s->cur_drive != s);
2873 qemu_put_8s(f, &drive1_selected);
2874 }
2875
2876 /* per IDE drive data */
2877 for(i = 0; i < 4; i++) {
2878 ide_save(f, &d->ide_if[i]);
2879 }
2880 }
2881
2882 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
2883 {
2884 PCIIDEState *d = opaque;
2885 int ret, i;
2886
2887 if (version_id != 1)
2888 return -EINVAL;
2889 ret = pci_device_load(&d->dev, f);
2890 if (ret < 0)
2891 return ret;
2892
2893 for(i = 0; i < 2; i++) {
2894 BMDMAState *bm = &d->bmdma[i];
2895 qemu_get_8s(f, &bm->cmd);
2896 qemu_get_8s(f, &bm->status);
2897 qemu_get_be32s(f, &bm->addr);
2898 /* XXX: if a transfer is pending, we do not save it yet */
2899 }
2900
2901 /* per IDE interface data */
2902 for(i = 0; i < 2; i++) {
2903 IDEState *s = &d->ide_if[i * 2];
2904 uint8_t drive1_selected;
2905 qemu_get_8s(f, &s->cmd);
2906 qemu_get_8s(f, &drive1_selected);
2907 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
2908 }
2909
2910 /* per IDE drive data */
2911 for(i = 0; i < 4; i++) {
2912 ide_load(f, &d->ide_if[i]);
2913 }
2914 return 0;
2915 }
2916
2917 static void piix3_reset(PCIIDEState *d)
2918 {
2919 uint8_t *pci_conf = d->dev.config;
2920
2921 pci_conf[0x04] = 0x00;
2922 pci_conf[0x05] = 0x00;
2923 pci_conf[0x06] = 0x80; /* FBC */
2924 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
2925 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
2926 }
2927
2928 /* hd_table must contain 4 block drivers */
2929 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
2930 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
2931 qemu_irq *pic)
2932 {
2933 PCIIDEState *d;
2934 uint8_t *pci_conf;
2935
2936 /* register a function 1 of PIIX3 */
2937 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2938 sizeof(PCIIDEState),
2939 devfn,
2940 NULL, NULL);
2941 d->type = IDE_TYPE_PIIX3;
2942
2943 pci_conf = d->dev.config;
2944 pci_conf[0x00] = 0x86; // Intel
2945 pci_conf[0x01] = 0x80;
2946 pci_conf[0x02] = 0x10;
2947 pci_conf[0x03] = 0x70;
2948 pci_conf[0x09] = 0x80; // legacy ATA mode
2949 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2950 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2951 pci_conf[0x0e] = 0x00; // header_type
2952
2953 piix3_reset(d);
2954
2955 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2956 PCI_ADDRESS_SPACE_IO, bmdma_map);
2957
2958 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
2959 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
2960 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2961 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2962
2963 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
2964 }
2965
2966 /* hd_table must contain 4 block drivers */
2967 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
2968 void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
2969 qemu_irq *pic)
2970 {
2971 PCIIDEState *d;
2972 uint8_t *pci_conf;
2973
2974 /* register a function 1 of PIIX4 */
2975 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
2976 sizeof(PCIIDEState),
2977 devfn,
2978 NULL, NULL);
2979 d->type = IDE_TYPE_PIIX4;
2980
2981 pci_conf = d->dev.config;
2982 pci_conf[0x00] = 0x86; // Intel
2983 pci_conf[0x01] = 0x80;
2984 pci_conf[0x02] = 0x11;
2985 pci_conf[0x03] = 0x71;
2986 pci_conf[0x09] = 0x80; // legacy ATA mode
2987 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2988 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2989 pci_conf[0x0e] = 0x00; // header_type
2990
2991 piix3_reset(d);
2992
2993 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2994 PCI_ADDRESS_SPACE_IO, bmdma_map);
2995
2996 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
2997 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
2998 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2999 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3000
3001 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3002 }
3003
3004 /***********************************************************/
3005 /* MacIO based PowerPC IDE */
3006
3007 /* PowerMac IDE memory IO */
3008 static void pmac_ide_writeb (void *opaque,
3009 target_phys_addr_t addr, uint32_t val)
3010 {
3011 addr = (addr & 0xFFF) >> 4;
3012 switch (addr) {
3013 case 1 ... 7:
3014 ide_ioport_write(opaque, addr, val);
3015 break;
3016 case 8:
3017 case 22:
3018 ide_cmd_write(opaque, 0, val);
3019 break;
3020 default:
3021 break;
3022 }
3023 }
3024
3025 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3026 {
3027 uint8_t retval;
3028
3029 addr = (addr & 0xFFF) >> 4;
3030 switch (addr) {
3031 case 1 ... 7:
3032 retval = ide_ioport_read(opaque, addr);
3033 break;
3034 case 8:
3035 case 22:
3036 retval = ide_status_read(opaque, 0);
3037 break;
3038 default:
3039 retval = 0xFF;
3040 break;
3041 }
3042 return retval;
3043 }
3044
3045 static void pmac_ide_writew (void *opaque,
3046 target_phys_addr_t addr, uint32_t val)
3047 {
3048 addr = (addr & 0xFFF) >> 4;
3049 #ifdef TARGET_WORDS_BIGENDIAN
3050 val = bswap16(val);
3051 #endif
3052 if (addr == 0) {
3053 ide_data_writew(opaque, 0, val);
3054 }
3055 }
3056
3057 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3058 {
3059 uint16_t retval;
3060
3061 addr = (addr & 0xFFF) >> 4;
3062 if (addr == 0) {
3063 retval = ide_data_readw(opaque, 0);
3064 } else {
3065 retval = 0xFFFF;
3066 }
3067 #ifdef TARGET_WORDS_BIGENDIAN
3068 retval = bswap16(retval);
3069 #endif
3070 return retval;
3071 }
3072
3073 static void pmac_ide_writel (void *opaque,
3074 target_phys_addr_t addr, uint32_t val)
3075 {
3076 addr = (addr & 0xFFF) >> 4;
3077 #ifdef TARGET_WORDS_BIGENDIAN
3078 val = bswap32(val);
3079 #endif
3080 if (addr == 0) {
3081 ide_data_writel(opaque, 0, val);
3082 }
3083 }
3084
3085 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3086 {
3087 uint32_t retval;
3088
3089 addr = (addr & 0xFFF) >> 4;
3090 if (addr == 0) {
3091 retval = ide_data_readl(opaque, 0);
3092 } else {
3093 retval = 0xFFFFFFFF;
3094 }
3095 #ifdef TARGET_WORDS_BIGENDIAN
3096 retval = bswap32(retval);
3097 #endif
3098 return retval;
3099 }
3100
3101 static CPUWriteMemoryFunc *pmac_ide_write[] = {
3102 pmac_ide_writeb,
3103 pmac_ide_writew,
3104 pmac_ide_writel,
3105 };
3106
3107 static CPUReadMemoryFunc *pmac_ide_read[] = {
3108 pmac_ide_readb,
3109 pmac_ide_readw,
3110 pmac_ide_readl,
3111 };
3112
3113 /* hd_table must contain 4 block drivers */
3114 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3115 I/O index to access the ide. */
3116 int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
3117 {
3118 IDEState *ide_if;
3119 int pmac_ide_memory;
3120
3121 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
3122 ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3123
3124 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3125 pmac_ide_write, &ide_if[0]);
3126 return pmac_ide_memory;
3127 }
3128
3129 /***********************************************************/
3130 /* CF-ATA Microdrive */
3131
3132 #define METADATA_SIZE 0x20
3133
3134 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3135 struct md_s {
3136 IDEState ide[2];
3137 struct pcmcia_card_s card;
3138 uint32_t attr_base;
3139 uint32_t io_base;
3140
3141 /* Card state */
3142 uint8_t opt;
3143 uint8_t stat;
3144 uint8_t pins;
3145
3146 uint8_t ctrl;
3147 uint16_t io;
3148 int cycle;
3149 };
3150
3151 /* Register bitfields */
3152 enum md_opt {
3153 OPT_MODE_MMAP = 0,
3154 OPT_MODE_IOMAP16 = 1,
3155 OPT_MODE_IOMAP1 = 2,
3156 OPT_MODE_IOMAP2 = 3,
3157 OPT_MODE = 0x3f,
3158 OPT_LEVIREQ = 0x40,
3159 OPT_SRESET = 0x80,
3160 };
3161 enum md_cstat {
3162 STAT_INT = 0x02,
3163 STAT_PWRDWN = 0x04,
3164 STAT_XE = 0x10,
3165 STAT_IOIS8 = 0x20,
3166 STAT_SIGCHG = 0x40,
3167 STAT_CHANGED = 0x80,
3168 };
3169 enum md_pins {
3170 PINS_MRDY = 0x02,
3171 PINS_CRDY = 0x20,
3172 };
3173 enum md_ctrl {
3174 CTRL_IEN = 0x02,
3175 CTRL_SRST = 0x04,
3176 };
3177
3178 static inline void md_interrupt_update(struct md_s *s)
3179 {
3180 if (!s->card.slot)
3181 return;
3182
3183 qemu_set_irq(s->card.slot->irq,
3184 !(s->stat & STAT_INT) && /* Inverted */
3185 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3186 !(s->opt & OPT_SRESET));
3187 }
3188
3189 static void md_set_irq(void *opaque, int irq, int level)
3190 {
3191 struct md_s *s = (struct md_s *) opaque;
3192 if (level)
3193 s->stat |= STAT_INT;
3194 else
3195 s->stat &= ~STAT_INT;
3196
3197 md_interrupt_update(s);
3198 }
3199
3200 static void md_reset(struct md_s *s)
3201 {
3202 s->opt = OPT_MODE_MMAP;
3203 s->stat = 0;
3204 s->pins = 0;
3205 s->cycle = 0;
3206 s->ctrl = 0;
3207 ide_reset(s->ide);
3208 }
3209
3210 static uint8_t md_attr_read(void *opaque, uint32_t at)
3211 {
3212 struct md_s *s = (struct md_s *) opaque;
3213 if (at < s->attr_base) {
3214 if (at < s->card.cis_len)
3215 return s->card.cis[at];
3216 else
3217 return 0x00;
3218 }
3219
3220 at -= s->attr_base;
3221
3222 switch (at) {
3223 case 0x00: /* Configuration Option Register */
3224 return s->opt;
3225 case 0x02: /* Card Configuration Status Register */
3226 if (s->ctrl & CTRL_IEN)
3227 return s->stat & ~STAT_INT;
3228 else
3229 return s->stat;
3230 case 0x04: /* Pin Replacement Register */
3231 return (s->pins & PINS_CRDY) | 0x0c;
3232 case 0x06: /* Socket and Copy Register */
3233 return 0x00;
3234 #ifdef VERBOSE
3235 default:
3236 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3237 #endif
3238 }
3239
3240 return 0;
3241 }
3242
3243 static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
3244 {
3245 struct md_s *s = (struct md_s *) opaque;
3246 at -= s->attr_base;
3247
3248 switch (at) {
3249 case 0x00: /* Configuration Option Register */
3250 s->opt = value & 0xcf;
3251 if (value & OPT_SRESET)
3252 md_reset(s);
3253 md_interrupt_update(s);
3254 break;
3255 case 0x02: /* Card Configuration Status Register */
3256 if ((s->stat ^ value) & STAT_PWRDWN)
3257 s->pins |= PINS_CRDY;
3258 s->stat &= 0x82;
3259 s->stat |= value & 0x74;
3260 md_interrupt_update(s);
3261 /* Word 170 in Identify Device must be equal to STAT_XE */
3262 break;
3263 case 0x04: /* Pin Replacement Register */
3264 s->pins &= PINS_CRDY;
3265 s->pins |= value & PINS_MRDY;
3266 break;
3267 case 0x06: /* Socket and Copy Register */
3268 break;
3269 default:
3270 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3271 }
3272 }
3273
3274 static uint16_t md_common_read(void *opaque, uint32_t at)
3275 {
3276 struct md_s *s = (struct md_s *) opaque;
3277 uint16_t ret;
3278 at -= s->io_base;
3279
3280 switch (s->opt & OPT_MODE) {
3281 case OPT_MODE_MMAP:
3282 if ((at & ~0x3ff) == 0x400)
3283 at = 0;
3284 break;
3285 case OPT_MODE_IOMAP16:
3286 at &= 0xf;
3287 break;
3288 case OPT_MODE_IOMAP1:
3289 if ((at & ~0xf) == 0x3f0)
3290 at -= 0x3e8;
3291 else if ((at & ~0xf) == 0x1f0)
3292 at -= 0x1f0;
3293 break;
3294 case OPT_MODE_IOMAP2:
3295 if ((at & ~0xf) == 0x370)
3296 at -= 0x368;
3297 else if ((at & ~0xf) == 0x170)
3298 at -= 0x170;
3299 }
3300
3301 switch (at) {
3302 case 0x0: /* Even RD Data */
3303 case 0x8:
3304 return ide_data_readw(s->ide, 0);
3305
3306 /* TODO: 8-bit accesses */
3307 if (s->cycle)
3308 ret = s->io >> 8;
3309 else {
3310 s->io = ide_data_readw(s->ide, 0);
3311 ret = s->io & 0xff;
3312 }
3313 s->cycle = !s->cycle;
3314 return ret;
3315 case 0x9: /* Odd RD Data */
3316 return s->io >> 8;
3317 case 0xd: /* Error */
3318 return ide_ioport_read(s->ide, 0x1);
3319 case 0xe: /* Alternate Status */
3320 if (s->ide->cur_drive->bs)
3321 return s->ide->cur_drive->status;
3322 else
3323 return 0;
3324 case 0xf: /* Device Address */
3325 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
3326 default:
3327 return ide_ioport_read(s->ide, at);
3328 }
3329
3330 return 0;
3331 }
3332
3333 static void md_common_write(void *opaque, uint32_t at, uint16_t value)
3334 {
3335 struct md_s *s = (struct md_s *) opaque;
3336 at -= s->io_base;
3337
3338 switch (s->opt & OPT_MODE) {
3339 case OPT_MODE_MMAP:
3340 if ((at & ~0x3ff) == 0x400)
3341 at = 0;
3342 break;
3343 case OPT_MODE_IOMAP16:
3344 at &= 0xf;
3345 break;
3346 case OPT_MODE_IOMAP1:
3347 if ((at & ~0xf) == 0x3f0)
3348 at -= 0x3e8;
3349 else if ((at & ~0xf) == 0x1f0)
3350 at -= 0x1f0;
3351 break;
3352 case OPT_MODE_IOMAP2:
3353 if ((at & ~0xf) == 0x370)
3354 at -= 0x368;
3355 else if ((at & ~0xf) == 0x170)
3356 at -= 0x170;
3357 }
3358
3359 switch (at) {
3360 case 0x0: /* Even WR Data */
3361 case 0x8:
3362 ide_data_writew(s->ide, 0, value);
3363 break;
3364
3365 /* TODO: 8-bit accesses */
3366 if (s->cycle)
3367 ide_data_writew(s->ide, 0, s->io | (value << 8));
3368 else
3369 s->io = value & 0xff;
3370 s->cycle = !s->cycle;
3371 break;
3372 case 0x9:
3373 s->io = value & 0xff;
3374 s->cycle = !s->cycle;
3375 break;
3376 case 0xd: /* Features */
3377 ide_ioport_write(s->ide, 0x1, value);
3378 break;
3379 case 0xe: /* Device Control */
3380 s->ctrl = value;
3381 if (value & CTRL_SRST)
3382 md_reset(s);
3383 md_interrupt_update(s);
3384 break;
3385 default:
3386 if (s->stat & STAT_PWRDWN) {
3387 s->pins |= PINS_CRDY;
3388 s->stat &= ~STAT_PWRDWN;
3389 }
3390 ide_ioport_write(s->ide, at, value);
3391 }
3392 }
3393
3394 static void md_save(QEMUFile *f, void *opaque)
3395 {
3396 struct md_s *s = (struct md_s *) opaque;
3397 int i;
3398 uint8_t drive1_selected;
3399
3400 qemu_put_8s(f, &s->opt);
3401 qemu_put_8s(f, &s->stat);
3402 qemu_put_8s(f, &s->pins);
3403
3404 qemu_put_8s(f, &s->ctrl);
3405 qemu_put_be16s(f, &s->io);
3406 qemu_put_byte(f, s->cycle);
3407
3408 drive1_selected = (s->ide->cur_drive != s->ide);
3409 qemu_put_8s(f, &s->ide->cmd);
3410 qemu_put_8s(f, &drive1_selected);
3411
3412 for (i = 0; i < 2; i ++)
3413 ide_save(f, &s->ide[i]);
3414 }
3415
3416 static int md_load(QEMUFile *f, void *opaque, int version_id)
3417 {
3418 struct md_s *s = (struct md_s *) opaque;
3419 int i;
3420 uint8_t drive1_selected;
3421
3422 qemu_get_8s(f, &s->opt);
3423 qemu_get_8s(f, &s->stat);
3424 qemu_get_8s(f, &s->pins);
3425
3426 qemu_get_8s(f, &s->ctrl);
3427 qemu_get_be16s(f, &s->io);
3428 s->cycle = qemu_get_byte(f);
3429
3430 qemu_get_8s(f, &s->ide->cmd);
3431 qemu_get_8s(f, &drive1_selected);
3432 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3433
3434 for (i = 0; i < 2; i ++)
3435 ide_load(f, &s->ide[i]);
3436
3437 return 0;
3438 }
3439
3440 static int md_iid = 0;
3441
3442 static const uint8_t dscm1xxxx_cis[0x14a] = {
3443 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3444 [0x002] = 0x03, /* Tuple length = 4 bytes */
3445 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3446 [0x006] = 0x01, /* Size = 2K bytes */
3447 [0x008] = CISTPL_ENDMARK,
3448
3449 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3450 [0x00c] = 0x04, /* Tuple length = 4 byest */
3451 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3452 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3453 [0x012] = 0x01, /* Size = 2K bytes */
3454 [0x014] = CISTPL_ENDMARK,
3455
3456 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3457 [0x018] = 0x02, /* Tuple length = 2 bytes */
3458 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3459 [0x01c] = 0x01,
3460
3461 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3462 [0x020] = 0x04, /* Tuple length = 4 bytes */
3463 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3464 [0x024] = 0x00,
3465 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3466 [0x028] = 0x00,
3467
3468 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3469 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3470 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3471 [0x030] = 0x01, /* Minor Version = 1 */
3472 [0x032] = 'I',
3473 [0x034] = 'B',
3474 [0x036] = 'M',
3475 [0x038] = 0x00,
3476 [0x03a] = 'm',
3477 [0x03c] = 'i',
3478 [0x03e] = 'c',
3479 [0x040] = 'r',
3480 [0x042] = 'o',
3481 [0x044] = 'd',
3482 [0x046] = 'r',
3483 [0x048] = 'i',
3484 [0x04a] = 'v',
3485 [0x04c] = 'e',
3486 [0x04e] = 0x00,
3487 [0x050] = CISTPL_ENDMARK,
3488
3489 [0x052] = CISTPL_FUNCID, /* Function ID */
3490 [0x054] = 0x02, /* Tuple length = 2 bytes */
3491 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3492 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3493
3494 [0x05a] = CISTPL_FUNCE, /* Function Extension */
3495 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3496 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3497 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3498
3499 [0x062] = CISTPL_FUNCE, /* Function Extension */
3500 [0x064] = 0x03, /* Tuple length = 3 bytes */
3501 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3502 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3503 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3504
3505 [0x06c] = CISTPL_CONFIG, /* Configuration */
3506 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3507 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3508 [0x072] = 0x07, /* TPCC_LAST = 7 */
3509 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3510 [0x076] = 0x02,
3511 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3512
3513 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3514 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3515 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3516 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3517 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3518 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3519 [0x086] = 0x55, /* NomV: 5.0 V */
3520 [0x088] = 0x4d, /* MinV: 4.5 V */
3521 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3522 [0x08c] = 0x4e, /* Peakl: 450 mA */
3523 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3524 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3525 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3526
3527 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3528 [0x096] = 0x06, /* Tuple length = 6 bytes */
3529 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3530 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3531 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3532 [0x09e] = 0xb5, /* NomV: 3.3 V */
3533 [0x0a0] = 0x1e,
3534 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3535
3536 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3537 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3538 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3539 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3540 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3541 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3542 [0x0b0] = 0x55, /* NomV: 5.0 V */
3543 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3544 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3545 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3546 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3547 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3548 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3549 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3550 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3551
3552 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3553 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3554 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3555 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3556 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3557 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3558 [0x0ce] = 0x1e,
3559 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3560
3561 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3562 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3563 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3564 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3565 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3566 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3567 [0x0de] = 0x55, /* NomV: 5.0 V */
3568 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3569 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3570 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3571 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3572 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3573 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3574 [0x0ec] = 0x01,
3575 [0x0ee] = 0x07, /* Address block length = 8 */
3576 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3577 [0x0f2] = 0x03,
3578 [0x0f4] = 0x01, /* Address block length = 2 */
3579 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3580 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3581
3582 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3583 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3584 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3585 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3586 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3587 [0x104] = 0xb5, /* NomV: 3.3 V */
3588 [0x106] = 0x1e,
3589 [0x108] = 0x3e, /* Peakl: 350 mA */
3590
3591 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3592 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3593 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3594 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3595 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3596 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3597 [0x116] = 0x55, /* NomV: 5.0 V */
3598 [0x118] = 0x4d, /* MinV: 4.5 V */
3599 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3600 [0x11c] = 0x4e, /* Peakl: 450 mA */
3601 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3602 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3603 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3604 [0x124] = 0x01,
3605 [0x126] = 0x07, /* Address block length = 8 */
3606 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3607 [0x12a] = 0x03,
3608 [0x12c] = 0x01, /* Address block length = 2 */
3609 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3610 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3611
3612 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3613 [0x134] = 0x06, /* Tuple length = 6 bytes */
3614 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3615 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3616 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3617 [0x13c] = 0xb5, /* NomV: 3.3 V */
3618 [0x13e] = 0x1e,
3619 [0x140] = 0x3e, /* Peakl: 350 mA */
3620
3621 [0x142] = CISTPL_NO_LINK, /* No Link */
3622 [0x144] = 0x00, /* Tuple length = 0 bytes */
3623
3624 [0x146] = CISTPL_END, /* Tuple End */
3625 };
3626
3627 static int dscm1xxxx_attach(void *opaque)
3628 {
3629 struct md_s *md = (struct md_s *) opaque;
3630 md->card.attr_read = md_attr_read;
3631 md->card.attr_write = md_attr_write;
3632 md->card.common_read = md_common_read;
3633 md->card.common_write = md_common_write;
3634 md->card.io_read = md_common_read;
3635 md->card.io_write = md_common_write;
3636
3637 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
3638 md->io_base = 0x0;
3639
3640 md_reset(md);
3641 md_interrupt_update(md);
3642
3643 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
3644 return 0;
3645 }
3646
3647 static int dscm1xxxx_detach(void *opaque)
3648 {
3649 struct md_s *md = (struct md_s *) opaque;
3650 md_reset(md);
3651 return 0;
3652 }
3653
3654 struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
3655 {
3656 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
3657 md->card.state = md;
3658 md->card.attach = dscm1xxxx_attach;
3659 md->card.detach = dscm1xxxx_detach;
3660 md->card.cis = dscm1xxxx_cis;
3661 md->card.cis_len = sizeof(dscm1xxxx_cis);
3662
3663 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
3664 md->ide->is_cf = 1;
3665 md->ide->mdata_size = METADATA_SIZE;
3666 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
3667
3668 register_savevm("microdrive", md_iid ++, 0, md_save, md_load, md);
3669
3670 return &md->card;
3671 }
Samsung s3c2440 and arm920t support for the mini2440 dev board