2 * QEMU IDE disk and CD/DVD-ROM Emulator
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
28 #include "scsi-disk.h"
31 #include "qemu-timer.h"
36 /* debug IDE devices */
38 //#define DEBUG_IDE_ATAPI
42 /* Bits of HD_STATUS */
44 #define INDEX_STAT 0x02
45 #define ECC_STAT 0x04 /* Corrected error */
47 #define SEEK_STAT 0x10
49 #define WRERR_STAT 0x20
50 #define READY_STAT 0x40
51 #define BUSY_STAT 0x80
53 /* Bits for HD_ERROR */
54 #define MARK_ERR 0x01 /* Bad address mark */
55 #define TRK0_ERR 0x02 /* couldn't find track 0 */
56 #define ABRT_ERR 0x04 /* Command aborted */
57 #define MCR_ERR 0x08 /* media change request */
58 #define ID_ERR 0x10 /* ID field not found */
59 #define MC_ERR 0x20 /* media changed */
60 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
61 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
62 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
64 /* Bits of HD_NSECTOR */
70 #define IDE_CMD_RESET 0x04
71 #define IDE_CMD_DISABLE_IRQ 0x02
73 /* ATA/ATAPI Commands pre T13 Spec */
78 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
82 #define WIN_SRST 0x08 /* ATAPI soft reset command */
83 #define WIN_DEVICE_RESET 0x08
87 #define WIN_RECAL 0x10
88 #define WIN_RESTORE WIN_RECAL
92 #define WIN_READ 0x20 /* 28-Bit */
93 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
94 #define WIN_READ_LONG 0x22 /* 28-Bit */
95 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
96 #define WIN_READ_EXT 0x24 /* 48-Bit */
97 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
98 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
99 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
103 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
105 * 0x2A->0x2F Reserved
107 #define WIN_WRITE 0x30 /* 28-Bit */
108 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
109 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
110 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
111 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
112 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
113 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
114 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
115 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
116 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
118 * 0x3A->0x3B Reserved
120 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
122 * 0x3D->0x3F Reserved
124 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
125 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
126 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
128 * 0x43->0x4F Reserved
130 #define WIN_FORMAT 0x50
132 * 0x51->0x5F Reserved
134 #define WIN_INIT 0x60
136 * 0x61->0x5F Reserved
138 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
139 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
140 #define WIN_DIAGNOSE 0x90
141 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
142 #define WIN_DOWNLOAD_MICROCODE 0x92
143 #define WIN_STANDBYNOW2 0x94
144 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
145 #define WIN_STANDBY2 0x96
146 #define WIN_SETIDLE2 0x97
147 #define WIN_CHECKPOWERMODE2 0x98
148 #define WIN_SLEEPNOW2 0x99
152 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
153 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
154 #define WIN_QUEUED_SERVICE 0xA2
155 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
156 #define CFA_ACCESS_METADATA_STORAGE 0xB8
157 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
158 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
159 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
160 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
161 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
162 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
163 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
164 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
165 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
166 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
167 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
168 #define WIN_GETMEDIASTATUS 0xDA
169 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
170 #define WIN_POSTBOOT 0xDC
171 #define WIN_PREBOOT 0xDD
172 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
173 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
174 #define WIN_STANDBYNOW1 0xE0
175 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
176 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
177 #define WIN_SETIDLE1 0xE3
178 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
179 #define WIN_CHECKPOWERMODE1 0xE5
180 #define WIN_SLEEPNOW1 0xE6
181 #define WIN_FLUSH_CACHE 0xE7
182 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
183 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
184 /* SET_FEATURES 0x22 or 0xDD */
185 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
186 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
187 #define WIN_MEDIAEJECT 0xED
188 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
189 #define WIN_SETFEATURES 0xEF /* set special drive features */
190 #define EXABYTE_ENABLE_NEST 0xF0
191 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
192 #define WIN_SECURITY_SET_PASS 0xF1
193 #define WIN_SECURITY_UNLOCK 0xF2
194 #define WIN_SECURITY_ERASE_PREPARE 0xF3
195 #define WIN_SECURITY_ERASE_UNIT 0xF4
196 #define WIN_SECURITY_FREEZE_LOCK 0xF5
197 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
198 #define WIN_SECURITY_DISABLE 0xF6
199 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
200 #define WIN_SET_MAX 0xF9
201 #define DISABLE_SEAGATE 0xFB
203 /* set to 1 set disable mult support */
204 #define MAX_MULT_SECTORS 16
206 #define IDE_DMA_BUF_SECTORS 256
208 #if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
209 #error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
214 #define ATAPI_PACKET_SIZE 12
216 /* The generic packet command opcodes for CD/DVD Logical Units,
217 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
218 #define GPCMD_BLANK 0xa1
219 #define GPCMD_CLOSE_TRACK 0x5b
220 #define GPCMD_FLUSH_CACHE 0x35
221 #define GPCMD_FORMAT_UNIT 0x04
222 #define GPCMD_GET_CONFIGURATION 0x46
223 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
224 #define GPCMD_GET_PERFORMANCE 0xac
225 #define GPCMD_INQUIRY 0x12
226 #define GPCMD_LOAD_UNLOAD 0xa6
227 #define GPCMD_MECHANISM_STATUS 0xbd
228 #define GPCMD_MODE_SELECT_10 0x55
229 #define GPCMD_MODE_SENSE_10 0x5a
230 #define GPCMD_PAUSE_RESUME 0x4b
231 #define GPCMD_PLAY_AUDIO_10 0x45
232 #define GPCMD_PLAY_AUDIO_MSF 0x47
233 #define GPCMD_PLAY_AUDIO_TI 0x48
234 #define GPCMD_PLAY_CD 0xbc
235 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
236 #define GPCMD_READ_10 0x28
237 #define GPCMD_READ_12 0xa8
238 #define GPCMD_READ_CDVD_CAPACITY 0x25
239 #define GPCMD_READ_CD 0xbe
240 #define GPCMD_READ_CD_MSF 0xb9
241 #define GPCMD_READ_DISC_INFO 0x51
242 #define GPCMD_READ_DVD_STRUCTURE 0xad
243 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
244 #define GPCMD_READ_HEADER 0x44
245 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
246 #define GPCMD_READ_SUBCHANNEL 0x42
247 #define GPCMD_READ_TOC_PMA_ATIP 0x43
248 #define GPCMD_REPAIR_RZONE_TRACK 0x58
249 #define GPCMD_REPORT_KEY 0xa4
250 #define GPCMD_REQUEST_SENSE 0x03
251 #define GPCMD_RESERVE_RZONE_TRACK 0x53
252 #define GPCMD_SCAN 0xba
253 #define GPCMD_SEEK 0x2b
254 #define GPCMD_SEND_DVD_STRUCTURE 0xad
255 #define GPCMD_SEND_EVENT 0xa2
256 #define GPCMD_SEND_KEY 0xa3
257 #define GPCMD_SEND_OPC 0x54
258 #define GPCMD_SET_READ_AHEAD 0xa7
259 #define GPCMD_SET_STREAMING 0xb6
260 #define GPCMD_START_STOP_UNIT 0x1b
261 #define GPCMD_STOP_PLAY_SCAN 0x4e
262 #define GPCMD_TEST_UNIT_READY 0x00
263 #define GPCMD_VERIFY_10 0x2f
264 #define GPCMD_WRITE_10 0x2a
265 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
266 /* This is listed as optional in ATAPI 2.6, but is (curiously)
267 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
268 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
269 * drives support it. */
270 #define GPCMD_SET_SPEED 0xbb
271 /* This seems to be a SCSI specific CD-ROM opcode
272 * to play data at track/index */
273 #define GPCMD_PLAYAUDIO_TI 0x48
275 * From MS Media Status Notification Support Specification. For
278 #define GPCMD_GET_MEDIA_STATUS 0xda
279 #define GPCMD_MODE_SENSE_6 0x1a
281 /* Mode page codes for mode sense/set */
282 #define GPMODE_R_W_ERROR_PAGE 0x01
283 #define GPMODE_WRITE_PARMS_PAGE 0x05
284 #define GPMODE_AUDIO_CTL_PAGE 0x0e
285 #define GPMODE_POWER_PAGE 0x1a
286 #define GPMODE_FAULT_FAIL_PAGE 0x1c
287 #define GPMODE_TO_PROTECT_PAGE 0x1d
288 #define GPMODE_CAPABILITIES_PAGE 0x2a
289 #define GPMODE_ALL_PAGES 0x3f
290 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
291 * of MODE_SENSE_POWER_PAGE */
292 #define GPMODE_CDROM_PAGE 0x0d
295 * Based on values from <linux/cdrom.h> but extending CD_MINS
296 * to the maximum common size allowed by the Orange's Book ATIP
298 * 90 and 99 min CDs are also available but using them as the
299 * upper limit reduces the effectiveness of the heuristic to
300 * detect DVDs burned to less than 25% of their maximum capacity
303 /* Some generally useful CD-ROM information */
304 #define CD_MINS 80 /* max. minutes per CD */
305 #define CD_SECS 60 /* seconds per minute */
306 #define CD_FRAMES 75 /* frames per second */
307 #define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
308 #define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
309 #define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
312 * The MMC values are not IDE specific and might need to be moved
313 * to a common header if they are also needed for the SCSI emulation
316 /* Profile list from MMC-6 revision 1 table 91 */
317 #define MMC_PROFILE_NONE 0x0000
318 #define MMC_PROFILE_CD_ROM 0x0008
319 #define MMC_PROFILE_CD_R 0x0009
320 #define MMC_PROFILE_CD_RW 0x000A
321 #define MMC_PROFILE_DVD_ROM 0x0010
322 #define MMC_PROFILE_DVD_R_SR 0x0011
323 #define MMC_PROFILE_DVD_RAM 0x0012
324 #define MMC_PROFILE_DVD_RW_RO 0x0013
325 #define MMC_PROFILE_DVD_RW_SR 0x0014
326 #define MMC_PROFILE_DVD_R_DL_SR 0x0015
327 #define MMC_PROFILE_DVD_R_DL_JR 0x0016
328 #define MMC_PROFILE_DVD_RW_DL 0x0017
329 #define MMC_PROFILE_DVD_DDR 0x0018
330 #define MMC_PROFILE_DVD_PLUS_RW 0x001A
331 #define MMC_PROFILE_DVD_PLUS_R 0x001B
332 #define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
333 #define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
334 #define MMC_PROFILE_BD_ROM 0x0040
335 #define MMC_PROFILE_BD_R_SRM 0x0041
336 #define MMC_PROFILE_BD_R_RRM 0x0042
337 #define MMC_PROFILE_BD_RE 0x0043
338 #define MMC_PROFILE_HDDVD_ROM 0x0050
339 #define MMC_PROFILE_HDDVD_R 0x0051
340 #define MMC_PROFILE_HDDVD_RAM 0x0052
341 #define MMC_PROFILE_HDDVD_RW 0x0053
342 #define MMC_PROFILE_HDDVD_R_DL 0x0058
343 #define MMC_PROFILE_HDDVD_RW_DL 0x005A
344 #define MMC_PROFILE_INVALID 0xFFFF
346 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
347 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
348 #define ATAPI_INT_REASON_REL 0x04
349 #define ATAPI_INT_REASON_TAG 0xf8
351 /* same constants as bochs */
352 #define ASC_ILLEGAL_OPCODE 0x20
353 #define ASC_LOGICAL_BLOCK_OOR 0x21
354 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
355 #define ASC_MEDIUM_MAY_HAVE_CHANGED 0x28
356 #define ASC_INCOMPATIBLE_FORMAT 0x30
357 #define ASC_MEDIUM_NOT_PRESENT 0x3a
358 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
360 #define CFA_NO_ERROR 0x00
361 #define CFA_MISC_ERROR 0x09
362 #define CFA_INVALID_COMMAND 0x20
363 #define CFA_INVALID_ADDRESS 0x21
364 #define CFA_ADDRESS_OVERFLOW 0x2f
367 #define SENSE_NOT_READY 2
368 #define SENSE_ILLEGAL_REQUEST 5
369 #define SENSE_UNIT_ATTENTION 6
373 typedef void EndTransferFunc(struct IDEState
*);
375 /* NOTE: IDEState represents in fact one drive */
376 typedef struct IDEState
{
380 int cylinders
, heads
, sectors
;
384 uint16_t identify_data
[256];
387 struct BMDMAState
*bmdma
;
389 char drive_serial_str
[21];
397 /* other part of tf for lba48 support */
407 /* 0x3f6 command, only meaningful for drive 0 */
409 /* set for lba48 access */
411 /* depends on bit 4 in select, only meaningful for drive 0 */
412 struct IDEState
*cur_drive
;
413 BlockDriverState
*bs
;
417 int packet_transfer_size
;
418 int elementary_transfer_size
;
422 int atapi_dma
; /* true if dma is requested for the packet cmd */
425 /* PIO transfer handling */
426 int req_nb_sectors
; /* number of sectors per interrupt */
427 EndTransferFunc
*end_transfer_func
;
431 QEMUTimer
*sector_write_timer
; /* only used for win2k install hack */
432 uint32_t irq_count
; /* counts IRQs when using win2k install hack */
433 /* CF-ATA extended error */
435 /* CF-ATA metadata storage */
437 uint8_t *mdata_storage
;
441 /* XXX: DVDs that could fit on a CD will be reported as a CD */
442 static inline int media_present(IDEState
*s
)
444 return (s
->nb_sectors
> 0);
447 static inline int media_is_dvd(IDEState
*s
)
449 return (media_present(s
) && s
->nb_sectors
> CD_MAX_SECTORS
);
452 static inline int media_is_cd(IDEState
*s
)
454 return (media_present(s
) && s
->nb_sectors
<= CD_MAX_SECTORS
);
457 #define BM_STATUS_DMAING 0x01
458 #define BM_STATUS_ERROR 0x02
459 #define BM_STATUS_INT 0x04
461 #define BM_CMD_START 0x01
462 #define BM_CMD_READ 0x08
464 #define IDE_TYPE_PIIX3 0
465 #define IDE_TYPE_CMD646 1
466 #define IDE_TYPE_PIIX4 2
468 /* CMD646 specific */
470 #define MRDMODE_INTR_CH0 0x04
471 #define MRDMODE_INTR_CH1 0x08
472 #define MRDMODE_BLK_CH0 0x10
473 #define MRDMODE_BLK_CH1 0x20
474 #define UDIDETCR0 0x73
475 #define UDIDETCR1 0x7B
477 typedef struct BMDMAState
{
482 struct PCIIDEState
*pci_dev
;
483 /* current transfer state */
485 uint32_t cur_prd_last
;
486 uint32_t cur_prd_addr
;
487 uint32_t cur_prd_len
;
489 BlockDriverCompletionFunc
*dma_cb
;
490 BlockDriverAIOCB
*aiocb
;
493 typedef struct PCIIDEState
{
497 int type
; /* see IDE_TYPE_xxx */
500 static void ide_dma_start(IDEState
*s
, BlockDriverCompletionFunc
*dma_cb
);
501 static void ide_atapi_cmd_read_dma_cb(void *opaque
, int ret
);
503 static void padstr(char *str
, const char *src
, int len
)
506 for(i
= 0; i
< len
; i
++) {
515 static void padstr8(uint8_t *buf
, int buf_size
, const char *src
)
518 for(i
= 0; i
< buf_size
; i
++) {
526 static void put_le16(uint16_t *p
, unsigned int v
)
531 static void ide_identify(IDEState
*s
)
534 unsigned int oldsize
;
536 if (s
->identify_set
) {
537 memcpy(s
->io_buffer
, s
->identify_data
, sizeof(s
->identify_data
));
541 memset(s
->io_buffer
, 0, 512);
542 p
= (uint16_t *)s
->io_buffer
;
543 put_le16(p
+ 0, 0x0040);
544 put_le16(p
+ 1, s
->cylinders
);
545 put_le16(p
+ 3, s
->heads
);
546 put_le16(p
+ 4, 512 * s
->sectors
); /* XXX: retired, remove ? */
547 put_le16(p
+ 5, 512); /* XXX: retired, remove ? */
548 put_le16(p
+ 6, s
->sectors
);
549 padstr((char *)(p
+ 10), s
->drive_serial_str
, 20); /* serial number */
550 put_le16(p
+ 20, 3); /* XXX: retired, remove ? */
551 put_le16(p
+ 21, 512); /* cache size in sectors */
552 put_le16(p
+ 22, 4); /* ecc bytes */
553 padstr((char *)(p
+ 23), QEMU_VERSION
, 8); /* firmware version */
554 padstr((char *)(p
+ 27), "QEMU HARDDISK", 40); /* model */
555 #if MAX_MULT_SECTORS > 1
556 put_le16(p
+ 47, 0x8000 | MAX_MULT_SECTORS
);
558 put_le16(p
+ 48, 1); /* dword I/O */
559 put_le16(p
+ 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
560 put_le16(p
+ 51, 0x200); /* PIO transfer cycle */
561 put_le16(p
+ 52, 0x200); /* DMA transfer cycle */
562 put_le16(p
+ 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
563 put_le16(p
+ 54, s
->cylinders
);
564 put_le16(p
+ 55, s
->heads
);
565 put_le16(p
+ 56, s
->sectors
);
566 oldsize
= s
->cylinders
* s
->heads
* s
->sectors
;
567 put_le16(p
+ 57, oldsize
);
568 put_le16(p
+ 58, oldsize
>> 16);
570 put_le16(p
+ 59, 0x100 | s
->mult_sectors
);
571 put_le16(p
+ 60, s
->nb_sectors
);
572 put_le16(p
+ 61, s
->nb_sectors
>> 16);
573 put_le16(p
+ 62, 0x07); /* single word dma0-2 supported */
574 put_le16(p
+ 63, 0x07); /* mdma0-2 supported */
575 put_le16(p
+ 65, 120);
576 put_le16(p
+ 66, 120);
577 put_le16(p
+ 67, 120);
578 put_le16(p
+ 68, 120);
579 put_le16(p
+ 80, 0xf0); /* ata3 -> ata6 supported */
580 put_le16(p
+ 81, 0x16); /* conforms to ata5 */
581 put_le16(p
+ 82, (1 << 14));
582 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
583 put_le16(p
+ 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
584 put_le16(p
+ 84, (1 << 14));
585 put_le16(p
+ 85, (1 << 14));
586 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
587 put_le16(p
+ 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
588 put_le16(p
+ 87, (1 << 14));
589 put_le16(p
+ 88, 0x3f | (1 << 13)); /* udma5 set and supported */
590 put_le16(p
+ 93, 1 | (1 << 14) | 0x2000);
591 put_le16(p
+ 100, s
->nb_sectors
);
592 put_le16(p
+ 101, s
->nb_sectors
>> 16);
593 put_le16(p
+ 102, s
->nb_sectors
>> 32);
594 put_le16(p
+ 103, s
->nb_sectors
>> 48);
596 memcpy(s
->identify_data
, p
, sizeof(s
->identify_data
));
600 static void ide_atapi_identify(IDEState
*s
)
604 if (s
->identify_set
) {
605 memcpy(s
->io_buffer
, s
->identify_data
, sizeof(s
->identify_data
));
609 memset(s
->io_buffer
, 0, 512);
610 p
= (uint16_t *)s
->io_buffer
;
611 /* Removable CDROM, 50us response, 12 byte packets */
612 put_le16(p
+ 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
613 padstr((char *)(p
+ 10), s
->drive_serial_str
, 20); /* serial number */
614 put_le16(p
+ 20, 3); /* buffer type */
615 put_le16(p
+ 21, 512); /* cache size in sectors */
616 put_le16(p
+ 22, 4); /* ecc bytes */
617 padstr((char *)(p
+ 23), QEMU_VERSION
, 8); /* firmware version */
618 padstr((char *)(p
+ 27), "QEMU DVD-ROM", 40); /* model */
619 put_le16(p
+ 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
621 put_le16(p
+ 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
622 put_le16(p
+ 53, 7); /* words 64-70, 54-58, 88 valid */
623 put_le16(p
+ 62, 7); /* single word dma0-2 supported */
624 put_le16(p
+ 63, 7); /* mdma0-2 supported */
625 put_le16(p
+ 64, 0x3f); /* PIO modes supported */
627 put_le16(p
+ 49, 1 << 9); /* LBA supported, no DMA */
628 put_le16(p
+ 53, 3); /* words 64-70, 54-58 valid */
629 put_le16(p
+ 63, 0x103); /* DMA modes XXX: may be incorrect */
630 put_le16(p
+ 64, 1); /* PIO modes */
632 put_le16(p
+ 65, 0xb4); /* minimum DMA multiword tx cycle time */
633 put_le16(p
+ 66, 0xb4); /* recommended DMA multiword tx cycle time */
634 put_le16(p
+ 67, 0x12c); /* minimum PIO cycle time without flow control */
635 put_le16(p
+ 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
637 put_le16(p
+ 71, 30); /* in ns */
638 put_le16(p
+ 72, 30); /* in ns */
640 put_le16(p
+ 80, 0x1e); /* support up to ATA/ATAPI-4 */
642 put_le16(p
+ 88, 0x3f | (1 << 13)); /* udma5 set and supported */
644 memcpy(s
->identify_data
, p
, sizeof(s
->identify_data
));
648 static void ide_cfata_identify(IDEState
*s
)
653 p
= (uint16_t *) s
->identify_data
;
657 memset(p
, 0, sizeof(s
->identify_data
));
659 cur_sec
= s
->cylinders
* s
->heads
* s
->sectors
;
661 put_le16(p
+ 0, 0x848a); /* CF Storage Card signature */
662 put_le16(p
+ 1, s
->cylinders
); /* Default cylinders */
663 put_le16(p
+ 3, s
->heads
); /* Default heads */
664 put_le16(p
+ 6, s
->sectors
); /* Default sectors per track */
665 put_le16(p
+ 7, s
->nb_sectors
>> 16); /* Sectors per card */
666 put_le16(p
+ 8, s
->nb_sectors
); /* Sectors per card */
667 padstr((char *)(p
+ 10), s
->drive_serial_str
, 20); /* serial number */
668 put_le16(p
+ 22, 0x0004); /* ECC bytes */
669 padstr((char *) (p
+ 23), QEMU_VERSION
, 8); /* Firmware Revision */
670 padstr((char *) (p
+ 27), "QEMU MICRODRIVE", 40);/* Model number */
671 #if MAX_MULT_SECTORS > 1
672 put_le16(p
+ 47, 0x8000 | MAX_MULT_SECTORS
);
674 put_le16(p
+ 47, 0x0000);
676 put_le16(p
+ 49, 0x0f00); /* Capabilities */
677 put_le16(p
+ 51, 0x0002); /* PIO cycle timing mode */
678 put_le16(p
+ 52, 0x0001); /* DMA cycle timing mode */
679 put_le16(p
+ 53, 0x0003); /* Translation params valid */
680 put_le16(p
+ 54, s
->cylinders
); /* Current cylinders */
681 put_le16(p
+ 55, s
->heads
); /* Current heads */
682 put_le16(p
+ 56, s
->sectors
); /* Current sectors */
683 put_le16(p
+ 57, cur_sec
); /* Current capacity */
684 put_le16(p
+ 58, cur_sec
>> 16); /* Current capacity */
685 if (s
->mult_sectors
) /* Multiple sector setting */
686 put_le16(p
+ 59, 0x100 | s
->mult_sectors
);
687 put_le16(p
+ 60, s
->nb_sectors
); /* Total LBA sectors */
688 put_le16(p
+ 61, s
->nb_sectors
>> 16); /* Total LBA sectors */
689 put_le16(p
+ 63, 0x0203); /* Multiword DMA capability */
690 put_le16(p
+ 64, 0x0001); /* Flow Control PIO support */
691 put_le16(p
+ 65, 0x0096); /* Min. Multiword DMA cycle */
692 put_le16(p
+ 66, 0x0096); /* Rec. Multiword DMA cycle */
693 put_le16(p
+ 68, 0x00b4); /* Min. PIO cycle time */
694 put_le16(p
+ 82, 0x400c); /* Command Set supported */
695 put_le16(p
+ 83, 0x7068); /* Command Set supported */
696 put_le16(p
+ 84, 0x4000); /* Features supported */
697 put_le16(p
+ 85, 0x000c); /* Command Set enabled */
698 put_le16(p
+ 86, 0x7044); /* Command Set enabled */
699 put_le16(p
+ 87, 0x4000); /* Features enabled */
700 put_le16(p
+ 91, 0x4060); /* Current APM level */
701 put_le16(p
+ 129, 0x0002); /* Current features option */
702 put_le16(p
+ 130, 0x0005); /* Reassigned sectors */
703 put_le16(p
+ 131, 0x0001); /* Initial power mode */
704 put_le16(p
+ 132, 0x0000); /* User signature */
705 put_le16(p
+ 160, 0x8100); /* Power requirement */
706 put_le16(p
+ 161, 0x8001); /* CF command set */
711 memcpy(s
->io_buffer
, p
, sizeof(s
->identify_data
));
714 static void ide_set_signature(IDEState
*s
)
716 s
->select
&= 0xf0; /* clear head */
732 static inline void ide_abort_command(IDEState
*s
)
734 s
->status
= READY_STAT
| ERR_STAT
;
738 static inline void ide_dma_submit_check(IDEState
*s
,
739 BlockDriverCompletionFunc
*dma_cb
, BMDMAState
*bm
)
746 static inline void ide_set_irq(IDEState
*s
)
748 BMDMAState
*bm
= s
->bmdma
;
749 if (!(s
->cmd
& IDE_CMD_DISABLE_IRQ
)) {
751 bm
->status
|= BM_STATUS_INT
;
753 qemu_irq_raise(s
->irq
);
757 /* prepare data transfer and tell what to do after */
758 static void ide_transfer_start(IDEState
*s
, uint8_t *buf
, int size
,
759 EndTransferFunc
*end_transfer_func
)
761 s
->end_transfer_func
= end_transfer_func
;
763 s
->data_end
= buf
+ size
;
764 if (!(s
->status
& ERR_STAT
))
765 s
->status
|= DRQ_STAT
;
768 static void ide_transfer_stop(IDEState
*s
)
770 s
->end_transfer_func
= ide_transfer_stop
;
771 s
->data_ptr
= s
->io_buffer
;
772 s
->data_end
= s
->io_buffer
;
773 s
->status
&= ~DRQ_STAT
;
776 static int64_t ide_get_sector(IDEState
*s
)
779 if (s
->select
& 0x40) {
782 sector_num
= ((s
->select
& 0x0f) << 24) | (s
->hcyl
<< 16) |
783 (s
->lcyl
<< 8) | s
->sector
;
785 sector_num
= ((int64_t)s
->hob_hcyl
<< 40) |
786 ((int64_t) s
->hob_lcyl
<< 32) |
787 ((int64_t) s
->hob_sector
<< 24) |
788 ((int64_t) s
->hcyl
<< 16) |
789 ((int64_t) s
->lcyl
<< 8) | s
->sector
;
792 sector_num
= ((s
->hcyl
<< 8) | s
->lcyl
) * s
->heads
* s
->sectors
+
793 (s
->select
& 0x0f) * s
->sectors
+ (s
->sector
- 1);
798 static void ide_set_sector(IDEState
*s
, int64_t sector_num
)
801 if (s
->select
& 0x40) {
803 s
->select
= (s
->select
& 0xf0) | (sector_num
>> 24);
804 s
->hcyl
= (sector_num
>> 16);
805 s
->lcyl
= (sector_num
>> 8);
806 s
->sector
= (sector_num
);
808 s
->sector
= sector_num
;
809 s
->lcyl
= sector_num
>> 8;
810 s
->hcyl
= sector_num
>> 16;
811 s
->hob_sector
= sector_num
>> 24;
812 s
->hob_lcyl
= sector_num
>> 32;
813 s
->hob_hcyl
= sector_num
>> 40;
816 cyl
= sector_num
/ (s
->heads
* s
->sectors
);
817 r
= sector_num
% (s
->heads
* s
->sectors
);
820 s
->select
= (s
->select
& 0xf0) | ((r
/ s
->sectors
) & 0x0f);
821 s
->sector
= (r
% s
->sectors
) + 1;
825 static void ide_rw_error(IDEState
*s
) {
826 ide_abort_command(s
);
830 static void ide_sector_read(IDEState
*s
)
835 s
->status
= READY_STAT
| SEEK_STAT
;
836 s
->error
= 0; /* not needed by IDE spec, but needed by Windows */
837 sector_num
= ide_get_sector(s
);
840 /* no more sector to read from disk */
841 ide_transfer_stop(s
);
843 #if defined(DEBUG_IDE)
844 printf("read sector=%" PRId64
"\n", sector_num
);
846 if (n
> s
->req_nb_sectors
)
847 n
= s
->req_nb_sectors
;
848 ret
= bdrv_read(s
->bs
, sector_num
, s
->io_buffer
, n
);
853 ide_transfer_start(s
, s
->io_buffer
, 512 * n
, ide_sector_read
);
855 ide_set_sector(s
, sector_num
+ n
);
860 static void ide_dma_error(IDEState
*s
)
862 ide_transfer_stop(s
);
864 s
->status
= READY_STAT
| ERR_STAT
;
868 /* return 0 if buffer completed */
869 static int dma_buf_rw(BMDMAState
*bm
, int is_write
)
871 IDEState
*s
= bm
->ide_if
;
879 l
= s
->io_buffer_size
- s
->io_buffer_index
;
882 if (bm
->cur_prd_len
== 0) {
883 /* end of table (with a fail safe of one page) */
884 if (bm
->cur_prd_last
||
885 (bm
->cur_addr
- bm
->addr
) >= 4096)
887 cpu_physical_memory_read(bm
->cur_addr
, (uint8_t *)&prd
, 8);
889 prd
.addr
= le32_to_cpu(prd
.addr
);
890 prd
.size
= le32_to_cpu(prd
.size
);
891 len
= prd
.size
& 0xfffe;
894 bm
->cur_prd_len
= len
;
895 bm
->cur_prd_addr
= prd
.addr
;
896 bm
->cur_prd_last
= (prd
.size
& 0x80000000);
898 if (l
> bm
->cur_prd_len
)
902 cpu_physical_memory_write(bm
->cur_prd_addr
,
903 s
->io_buffer
+ s
->io_buffer_index
, l
);
905 cpu_physical_memory_read(bm
->cur_prd_addr
,
906 s
->io_buffer
+ s
->io_buffer_index
, l
);
908 bm
->cur_prd_addr
+= l
;
909 bm
->cur_prd_len
-= l
;
910 s
->io_buffer_index
+= l
;
916 static void ide_read_dma_cb(void *opaque
, int ret
)
918 BMDMAState
*bm
= opaque
;
919 IDEState
*s
= bm
->ide_if
;
928 n
= s
->io_buffer_size
>> 9;
929 sector_num
= ide_get_sector(s
);
932 ide_set_sector(s
, sector_num
);
934 if (dma_buf_rw(bm
, 1) == 0)
938 /* end of transfer ? */
939 if (s
->nsector
== 0) {
940 s
->status
= READY_STAT
| SEEK_STAT
;
943 bm
->status
&= ~BM_STATUS_DMAING
;
944 bm
->status
|= BM_STATUS_INT
;
951 /* launch next transfer */
953 if (n
> IDE_DMA_BUF_SECTORS
)
954 n
= IDE_DMA_BUF_SECTORS
;
955 s
->io_buffer_index
= 0;
956 s
->io_buffer_size
= n
* 512;
958 printf("aio_read: sector_num=%" PRId64
" n=%d\n", sector_num
, n
);
960 bm
->aiocb
= bdrv_aio_read(s
->bs
, sector_num
, s
->io_buffer
, n
,
961 ide_read_dma_cb
, bm
);
962 ide_dma_submit_check(s
, ide_read_dma_cb
, bm
);
965 static void ide_sector_read_dma(IDEState
*s
)
967 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
| BUSY_STAT
;
968 s
->io_buffer_index
= 0;
969 s
->io_buffer_size
= 0;
970 ide_dma_start(s
, ide_read_dma_cb
);
973 static void ide_sector_write_timer_cb(void *opaque
)
975 IDEState
*s
= opaque
;
979 static void ide_sector_write(IDEState
*s
)
984 s
->status
= READY_STAT
| SEEK_STAT
;
985 sector_num
= ide_get_sector(s
);
986 #if defined(DEBUG_IDE)
987 printf("write sector=%" PRId64
"\n", sector_num
);
990 if (n
> s
->req_nb_sectors
)
991 n
= s
->req_nb_sectors
;
992 ret
= bdrv_write(s
->bs
, sector_num
, s
->io_buffer
, n
);
999 if (s
->nsector
== 0) {
1000 /* no more sectors to write */
1001 ide_transfer_stop(s
);
1004 if (n1
> s
->req_nb_sectors
)
1005 n1
= s
->req_nb_sectors
;
1006 ide_transfer_start(s
, s
->io_buffer
, 512 * n1
, ide_sector_write
);
1008 ide_set_sector(s
, sector_num
+ n
);
1011 if (win2k_install_hack
&& ((++s
->irq_count
% 16) == 0)) {
1012 /* It seems there is a bug in the Windows 2000 installer HDD
1013 IDE driver which fills the disk with empty logs when the
1014 IDE write IRQ comes too early. This hack tries to correct
1015 that at the expense of slower write performances. Use this
1016 option _only_ to install Windows 2000. You must disable it
1018 qemu_mod_timer(s
->sector_write_timer
,
1019 qemu_get_clock(vm_clock
) + (ticks_per_sec
/ 1000));
1027 static void ide_write_dma_cb(void *opaque
, int ret
)
1029 BMDMAState
*bm
= opaque
;
1030 IDEState
*s
= bm
->ide_if
;
1039 n
= s
->io_buffer_size
>> 9;
1040 sector_num
= ide_get_sector(s
);
1043 ide_set_sector(s
, sector_num
);
1047 /* end of transfer ? */
1048 if (s
->nsector
== 0) {
1049 s
->status
= READY_STAT
| SEEK_STAT
;
1052 bm
->status
&= ~BM_STATUS_DMAING
;
1053 bm
->status
|= BM_STATUS_INT
;
1060 /* launch next transfer */
1062 if (n
> IDE_DMA_BUF_SECTORS
)
1063 n
= IDE_DMA_BUF_SECTORS
;
1064 s
->io_buffer_index
= 0;
1065 s
->io_buffer_size
= n
* 512;
1067 if (dma_buf_rw(bm
, 0) == 0)
1070 printf("aio_write: sector_num=%" PRId64
" n=%d\n", sector_num
, n
);
1072 bm
->aiocb
= bdrv_aio_write(s
->bs
, sector_num
, s
->io_buffer
, n
,
1073 ide_write_dma_cb
, bm
);
1074 ide_dma_submit_check(s
, ide_write_dma_cb
, bm
);
1077 static void ide_sector_write_dma(IDEState
*s
)
1079 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
| BUSY_STAT
;
1080 s
->io_buffer_index
= 0;
1081 s
->io_buffer_size
= 0;
1082 ide_dma_start(s
, ide_write_dma_cb
);
1085 static void ide_atapi_cmd_ok(IDEState
*s
)
1088 s
->status
= READY_STAT
| SEEK_STAT
;
1089 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
1093 static void ide_atapi_cmd_error(IDEState
*s
, int sense_key
, int asc
)
1095 #ifdef DEBUG_IDE_ATAPI
1096 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key
, asc
);
1098 s
->error
= sense_key
<< 4;
1099 s
->status
= READY_STAT
| ERR_STAT
;
1100 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
1101 s
->sense_key
= sense_key
;
1106 static void ide_atapi_cmd_check_status(IDEState
*s
)
1108 #ifdef DEBUG_IDE_ATAPI
1109 printf("atapi_cmd_check_status\n");
1111 s
->error
= MC_ERR
| (SENSE_UNIT_ATTENTION
<< 4);
1112 s
->status
= ERR_STAT
;
1117 static inline void cpu_to_ube16(uint8_t *buf
, int val
)
1123 static inline void cpu_to_ube32(uint8_t *buf
, unsigned int val
)
1131 static inline int ube16_to_cpu(const uint8_t *buf
)
1133 return (buf
[0] << 8) | buf
[1];
1136 static inline int ube32_to_cpu(const uint8_t *buf
)
1138 return (buf
[0] << 24) | (buf
[1] << 16) | (buf
[2] << 8) | buf
[3];
1141 static void lba_to_msf(uint8_t *buf
, int lba
)
1144 buf
[0] = (lba
/ 75) / 60;
1145 buf
[1] = (lba
/ 75) % 60;
1149 static void cd_data_to_raw(uint8_t *buf
, int lba
)
1153 memset(buf
+ 1, 0xff, 10);
1157 lba_to_msf(buf
, lba
);
1158 buf
[3] = 0x01; /* mode 1 data */
1162 /* XXX: ECC not computed */
1163 memset(buf
, 0, 288);
1166 static int cd_read_sector(BlockDriverState
*bs
, int lba
, uint8_t *buf
,
1171 switch(sector_size
) {
1173 ret
= bdrv_read(bs
, (int64_t)lba
<< 2, buf
, 4);
1176 ret
= bdrv_read(bs
, (int64_t)lba
<< 2, buf
+ 16, 4);
1179 cd_data_to_raw(buf
, lba
);
1188 static void ide_atapi_io_error(IDEState
*s
, int ret
)
1190 /* XXX: handle more errors */
1191 if (ret
== -ENOMEDIUM
) {
1192 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1193 ASC_MEDIUM_NOT_PRESENT
);
1195 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1196 ASC_LOGICAL_BLOCK_OOR
);
1200 /* The whole ATAPI transfer logic is handled in this function */
1201 static void ide_atapi_cmd_reply_end(IDEState
*s
)
1203 int byte_count_limit
, size
, ret
;
1204 #ifdef DEBUG_IDE_ATAPI
1205 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1206 s
->packet_transfer_size
,
1207 s
->elementary_transfer_size
,
1208 s
->io_buffer_index
);
1210 if (s
->packet_transfer_size
<= 0) {
1211 /* end of transfer */
1212 ide_transfer_stop(s
);
1213 s
->status
= READY_STAT
| SEEK_STAT
;
1214 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
1216 #ifdef DEBUG_IDE_ATAPI
1217 printf("status=0x%x\n", s
->status
);
1220 /* see if a new sector must be read */
1221 if (s
->lba
!= -1 && s
->io_buffer_index
>= s
->cd_sector_size
) {
1222 ret
= cd_read_sector(s
->bs
, s
->lba
, s
->io_buffer
, s
->cd_sector_size
);
1224 ide_transfer_stop(s
);
1225 ide_atapi_io_error(s
, ret
);
1229 s
->io_buffer_index
= 0;
1231 if (s
->elementary_transfer_size
> 0) {
1232 /* there are some data left to transmit in this elementary
1234 size
= s
->cd_sector_size
- s
->io_buffer_index
;
1235 if (size
> s
->elementary_transfer_size
)
1236 size
= s
->elementary_transfer_size
;
1237 ide_transfer_start(s
, s
->io_buffer
+ s
->io_buffer_index
,
1238 size
, ide_atapi_cmd_reply_end
);
1239 s
->packet_transfer_size
-= size
;
1240 s
->elementary_transfer_size
-= size
;
1241 s
->io_buffer_index
+= size
;
1243 /* a new transfer is needed */
1244 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
;
1245 byte_count_limit
= s
->lcyl
| (s
->hcyl
<< 8);
1246 #ifdef DEBUG_IDE_ATAPI
1247 printf("byte_count_limit=%d\n", byte_count_limit
);
1249 if (byte_count_limit
== 0xffff)
1251 size
= s
->packet_transfer_size
;
1252 if (size
> byte_count_limit
) {
1253 /* byte count limit must be even if this case */
1254 if (byte_count_limit
& 1)
1256 size
= byte_count_limit
;
1259 s
->hcyl
= size
>> 8;
1260 s
->elementary_transfer_size
= size
;
1261 /* we cannot transmit more than one sector at a time */
1263 if (size
> (s
->cd_sector_size
- s
->io_buffer_index
))
1264 size
= (s
->cd_sector_size
- s
->io_buffer_index
);
1266 ide_transfer_start(s
, s
->io_buffer
+ s
->io_buffer_index
,
1267 size
, ide_atapi_cmd_reply_end
);
1268 s
->packet_transfer_size
-= size
;
1269 s
->elementary_transfer_size
-= size
;
1270 s
->io_buffer_index
+= size
;
1272 #ifdef DEBUG_IDE_ATAPI
1273 printf("status=0x%x\n", s
->status
);
1279 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1280 static void ide_atapi_cmd_reply(IDEState
*s
, int size
, int max_size
)
1282 if (size
> max_size
)
1284 s
->lba
= -1; /* no sector read */
1285 s
->packet_transfer_size
= size
;
1286 s
->io_buffer_size
= size
; /* dma: send the reply data as one chunk */
1287 s
->elementary_transfer_size
= 0;
1288 s
->io_buffer_index
= 0;
1291 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
;
1292 ide_dma_start(s
, ide_atapi_cmd_read_dma_cb
);
1294 s
->status
= READY_STAT
| SEEK_STAT
;
1295 ide_atapi_cmd_reply_end(s
);
1299 /* start a CD-CDROM read command */
1300 static void ide_atapi_cmd_read_pio(IDEState
*s
, int lba
, int nb_sectors
,
1304 s
->packet_transfer_size
= nb_sectors
* sector_size
;
1305 s
->elementary_transfer_size
= 0;
1306 s
->io_buffer_index
= sector_size
;
1307 s
->cd_sector_size
= sector_size
;
1309 s
->status
= READY_STAT
| SEEK_STAT
;
1310 ide_atapi_cmd_reply_end(s
);
1313 /* ATAPI DMA support */
1315 /* XXX: handle read errors */
1316 static void ide_atapi_cmd_read_dma_cb(void *opaque
, int ret
)
1318 BMDMAState
*bm
= opaque
;
1319 IDEState
*s
= bm
->ide_if
;
1323 ide_atapi_io_error(s
, ret
);
1327 if (s
->io_buffer_size
> 0) {
1329 * For a cdrom read sector command (s->lba != -1),
1330 * adjust the lba for the next s->io_buffer_size chunk
1331 * and dma the current chunk.
1332 * For a command != read (s->lba == -1), just transfer
1336 if (s
->cd_sector_size
== 2352) {
1338 cd_data_to_raw(s
->io_buffer
, s
->lba
);
1340 n
= s
->io_buffer_size
>> 11;
1344 s
->packet_transfer_size
-= s
->io_buffer_size
;
1345 if (dma_buf_rw(bm
, 1) == 0)
1349 if (s
->packet_transfer_size
<= 0) {
1350 s
->status
= READY_STAT
| SEEK_STAT
;
1351 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
1354 bm
->status
&= ~BM_STATUS_DMAING
;
1355 bm
->status
|= BM_STATUS_INT
;
1362 s
->io_buffer_index
= 0;
1363 if (s
->cd_sector_size
== 2352) {
1365 s
->io_buffer_size
= s
->cd_sector_size
;
1368 n
= s
->packet_transfer_size
>> 11;
1369 if (n
> (IDE_DMA_BUF_SECTORS
/ 4))
1370 n
= (IDE_DMA_BUF_SECTORS
/ 4);
1371 s
->io_buffer_size
= n
* 2048;
1375 printf("aio_read_cd: lba=%u n=%d\n", s
->lba
, n
);
1377 bm
->aiocb
= bdrv_aio_read(s
->bs
, (int64_t)s
->lba
<< 2,
1378 s
->io_buffer
+ data_offset
, n
* 4,
1379 ide_atapi_cmd_read_dma_cb
, bm
);
1381 /* Note: media not present is the most likely case */
1382 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1383 ASC_MEDIUM_NOT_PRESENT
);
1388 /* start a CD-CDROM read command with DMA */
1389 /* XXX: test if DMA is available */
1390 static void ide_atapi_cmd_read_dma(IDEState
*s
, int lba
, int nb_sectors
,
1394 s
->packet_transfer_size
= nb_sectors
* sector_size
;
1395 s
->io_buffer_index
= 0;
1396 s
->io_buffer_size
= 0;
1397 s
->cd_sector_size
= sector_size
;
1399 /* XXX: check if BUSY_STAT should be set */
1400 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
| BUSY_STAT
;
1401 ide_dma_start(s
, ide_atapi_cmd_read_dma_cb
);
1404 static void ide_atapi_cmd_read(IDEState
*s
, int lba
, int nb_sectors
,
1407 #ifdef DEBUG_IDE_ATAPI
1408 printf("read %s: LBA=%d nb_sectors=%d\n", s
->atapi_dma
? "dma" : "pio",
1412 ide_atapi_cmd_read_dma(s
, lba
, nb_sectors
, sector_size
);
1414 ide_atapi_cmd_read_pio(s
, lba
, nb_sectors
, sector_size
);
1418 static inline uint8_t ide_atapi_set_profile(uint8_t *buf
, uint8_t *index
,
1421 uint8_t *buf_profile
= buf
+ 12; /* start of profiles */
1423 buf_profile
+= ((*index
) * 4); /* start of indexed profile */
1424 cpu_to_ube16 (buf_profile
, profile
);
1425 buf_profile
[2] = ((buf_profile
[0] == buf
[6]) && (buf_profile
[1] == buf
[7]));
1427 /* each profile adds 4 bytes to the response */
1429 buf
[11] += 4; /* Additional Length */
1434 static int ide_dvd_read_structure(IDEState
*s
, int format
,
1435 const uint8_t *packet
, uint8_t *buf
)
1438 case 0x0: /* Physical format information */
1440 int layer
= packet
[6];
1441 uint64_t total_sectors
;
1444 return -ASC_INV_FIELD_IN_CMD_PACKET
;
1446 bdrv_get_geometry(s
->bs
, &total_sectors
);
1447 total_sectors
>>= 2;
1448 if (total_sectors
== 0)
1449 return -ASC_MEDIUM_NOT_PRESENT
;
1451 buf
[4] = 1; /* DVD-ROM, part version 1 */
1452 buf
[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1453 buf
[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1454 buf
[7] = 0; /* default densities */
1456 /* FIXME: 0x30000 per spec? */
1457 cpu_to_ube32(buf
+ 8, 0); /* start sector */
1458 cpu_to_ube32(buf
+ 12, total_sectors
- 1); /* end sector */
1459 cpu_to_ube32(buf
+ 16, total_sectors
- 1); /* l0 end sector */
1461 /* Size of buffer, not including 2 byte size field */
1462 cpu_to_be16wu((uint16_t *)buf
, 2048 + 2);
1464 /* 2k data + 4 byte header */
1468 case 0x01: /* DVD copyright information */
1469 buf
[4] = 0; /* no copyright data */
1470 buf
[5] = 0; /* no region restrictions */
1472 /* Size of buffer, not including 2 byte size field */
1473 cpu_to_be16wu((uint16_t *)buf
, 4 + 2);
1475 /* 4 byte header + 4 byte data */
1478 case 0x03: /* BCA information - invalid field for no BCA info */
1479 return -ASC_INV_FIELD_IN_CMD_PACKET
;
1481 case 0x04: /* DVD disc manufacturing information */
1482 /* Size of buffer, not including 2 byte size field */
1483 cpu_to_be16wu((uint16_t *)buf
, 2048 + 2);
1485 /* 2k data + 4 byte header */
1490 * This lists all the command capabilities above. Add new ones
1491 * in order and update the length and buffer return values.
1494 buf
[4] = 0x00; /* Physical format */
1495 buf
[5] = 0x40; /* Not writable, is readable */
1496 cpu_to_be16wu((uint16_t *)(buf
+ 6), 2048 + 4);
1498 buf
[8] = 0x01; /* Copyright info */
1499 buf
[9] = 0x40; /* Not writable, is readable */
1500 cpu_to_be16wu((uint16_t *)(buf
+ 10), 4 + 4);
1502 buf
[12] = 0x03; /* BCA info */
1503 buf
[13] = 0x40; /* Not writable, is readable */
1504 cpu_to_be16wu((uint16_t *)(buf
+ 14), 188 + 4);
1506 buf
[16] = 0x04; /* Manufacturing info */
1507 buf
[17] = 0x40; /* Not writable, is readable */
1508 cpu_to_be16wu((uint16_t *)(buf
+ 18), 2048 + 4);
1510 /* Size of buffer, not including 2 byte size field */
1511 cpu_to_be16wu((uint16_t *)buf
, 16 + 2);
1513 /* data written + 4 byte header */
1516 default: /* TODO: formats beyond DVD-ROM requires */
1517 return -ASC_INV_FIELD_IN_CMD_PACKET
;
1521 static void ide_atapi_cmd(IDEState
*s
)
1523 const uint8_t *packet
;
1527 packet
= s
->io_buffer
;
1529 #ifdef DEBUG_IDE_ATAPI
1532 printf("ATAPI limit=0x%x packet:", s
->lcyl
| (s
->hcyl
<< 8));
1533 for(i
= 0; i
< ATAPI_PACKET_SIZE
; i
++) {
1534 printf(" %02x", packet
[i
]);
1539 /* If there's a UNIT_ATTENTION condition pending, only
1540 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1541 if (s
->sense_key
== SENSE_UNIT_ATTENTION
&&
1542 s
->io_buffer
[0] != GPCMD_REQUEST_SENSE
&&
1543 s
->io_buffer
[0] != GPCMD_INQUIRY
) {
1544 ide_atapi_cmd_check_status(s
);
1547 switch(s
->io_buffer
[0]) {
1548 case GPCMD_TEST_UNIT_READY
:
1549 if (bdrv_is_inserted(s
->bs
)) {
1550 ide_atapi_cmd_ok(s
);
1552 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1553 ASC_MEDIUM_NOT_PRESENT
);
1556 case GPCMD_MODE_SENSE_6
:
1557 case GPCMD_MODE_SENSE_10
:
1560 if (packet
[0] == GPCMD_MODE_SENSE_10
)
1561 max_len
= ube16_to_cpu(packet
+ 7);
1563 max_len
= packet
[4];
1564 action
= packet
[2] >> 6;
1565 code
= packet
[2] & 0x3f;
1567 case 0: /* current values */
1569 case 0x01: /* error recovery */
1570 cpu_to_ube16(&buf
[0], 16 + 6);
1586 ide_atapi_cmd_reply(s
, 16, max_len
);
1589 cpu_to_ube16(&buf
[0], 28 + 6);
1602 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1603 code checks for this to automount media. */
1606 buf
[14] = (1 << 0) | (1 << 3) | (1 << 5);
1607 if (bdrv_is_locked(s
->bs
))
1610 cpu_to_ube16(&buf
[16], 706);
1613 cpu_to_ube16(&buf
[20], 512);
1614 cpu_to_ube16(&buf
[22], 706);
1619 ide_atapi_cmd_reply(s
, 28, max_len
);
1625 case 1: /* changeable values */
1627 case 2: /* default values */
1630 case 3: /* saved values */
1631 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1632 ASC_SAVING_PARAMETERS_NOT_SUPPORTED
);
1637 case GPCMD_REQUEST_SENSE
:
1638 max_len
= packet
[4];
1640 buf
[0] = 0x70 | (1 << 7);
1641 buf
[2] = s
->sense_key
;
1644 if (s
->sense_key
== SENSE_UNIT_ATTENTION
)
1645 s
->sense_key
= SENSE_NONE
;
1646 ide_atapi_cmd_reply(s
, 18, max_len
);
1648 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL
:
1649 if (bdrv_is_inserted(s
->bs
)) {
1650 bdrv_set_locked(s
->bs
, packet
[4] & 1);
1651 ide_atapi_cmd_ok(s
);
1653 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1654 ASC_MEDIUM_NOT_PRESENT
);
1660 int nb_sectors
, lba
;
1662 if (packet
[0] == GPCMD_READ_10
)
1663 nb_sectors
= ube16_to_cpu(packet
+ 7);
1665 nb_sectors
= ube32_to_cpu(packet
+ 6);
1666 lba
= ube32_to_cpu(packet
+ 2);
1667 if (nb_sectors
== 0) {
1668 ide_atapi_cmd_ok(s
);
1671 ide_atapi_cmd_read(s
, lba
, nb_sectors
, 2048);
1676 int nb_sectors
, lba
, transfer_request
;
1678 nb_sectors
= (packet
[6] << 16) | (packet
[7] << 8) | packet
[8];
1679 lba
= ube32_to_cpu(packet
+ 2);
1680 if (nb_sectors
== 0) {
1681 ide_atapi_cmd_ok(s
);
1684 transfer_request
= packet
[9];
1685 switch(transfer_request
& 0xf8) {
1688 ide_atapi_cmd_ok(s
);
1692 ide_atapi_cmd_read(s
, lba
, nb_sectors
, 2048);
1696 ide_atapi_cmd_read(s
, lba
, nb_sectors
, 2352);
1699 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1700 ASC_INV_FIELD_IN_CMD_PACKET
);
1708 uint64_t total_sectors
;
1710 bdrv_get_geometry(s
->bs
, &total_sectors
);
1711 total_sectors
>>= 2;
1712 if (total_sectors
== 0) {
1713 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1714 ASC_MEDIUM_NOT_PRESENT
);
1717 lba
= ube32_to_cpu(packet
+ 2);
1718 if (lba
>= total_sectors
) {
1719 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1720 ASC_LOGICAL_BLOCK_OOR
);
1723 ide_atapi_cmd_ok(s
);
1726 case GPCMD_START_STOP_UNIT
:
1729 start
= packet
[4] & 1;
1730 eject
= (packet
[4] >> 1) & 1;
1732 if (eject
&& !start
) {
1733 /* eject the disk */
1734 bdrv_eject(s
->bs
, 1);
1735 } else if (eject
&& start
) {
1736 /* close the tray */
1737 bdrv_eject(s
->bs
, 0);
1739 ide_atapi_cmd_ok(s
);
1742 case GPCMD_MECHANISM_STATUS
:
1744 max_len
= ube16_to_cpu(packet
+ 8);
1745 cpu_to_ube16(buf
, 0);
1746 /* no current LBA */
1751 cpu_to_ube16(buf
+ 6, 0);
1752 ide_atapi_cmd_reply(s
, 8, max_len
);
1755 case GPCMD_READ_TOC_PMA_ATIP
:
1757 int format
, msf
, start_track
, len
;
1758 uint64_t total_sectors
;
1760 bdrv_get_geometry(s
->bs
, &total_sectors
);
1761 total_sectors
>>= 2;
1762 if (total_sectors
== 0) {
1763 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1764 ASC_MEDIUM_NOT_PRESENT
);
1767 max_len
= ube16_to_cpu(packet
+ 7);
1768 format
= packet
[9] >> 6;
1769 msf
= (packet
[1] >> 1) & 1;
1770 start_track
= packet
[6];
1773 len
= cdrom_read_toc(total_sectors
, buf
, msf
, start_track
);
1776 ide_atapi_cmd_reply(s
, len
, max_len
);
1779 /* multi session : only a single session defined */
1784 ide_atapi_cmd_reply(s
, 12, max_len
);
1787 len
= cdrom_read_toc_raw(total_sectors
, buf
, msf
, start_track
);
1790 ide_atapi_cmd_reply(s
, len
, max_len
);
1794 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1795 ASC_INV_FIELD_IN_CMD_PACKET
);
1800 case GPCMD_READ_CDVD_CAPACITY
:
1802 uint64_t total_sectors
;
1804 bdrv_get_geometry(s
->bs
, &total_sectors
);
1805 total_sectors
>>= 2;
1806 if (total_sectors
== 0) {
1807 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1808 ASC_MEDIUM_NOT_PRESENT
);
1811 /* NOTE: it is really the number of sectors minus 1 */
1812 cpu_to_ube32(buf
, total_sectors
- 1);
1813 cpu_to_ube32(buf
+ 4, 2048);
1814 ide_atapi_cmd_reply(s
, 8, 8);
1817 case GPCMD_READ_DVD_STRUCTURE
:
1819 int media
= packet
[1];
1820 int format
= packet
[7];
1823 max_len
= ube16_to_cpu(packet
+ 8);
1825 if (format
< 0xff) {
1826 if (media_is_cd(s
)) {
1827 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1828 ASC_INCOMPATIBLE_FORMAT
);
1830 } else if (!media_present(s
)) {
1831 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1832 ASC_INV_FIELD_IN_CMD_PACKET
);
1837 memset(buf
, 0, max_len
> IDE_DMA_BUF_SECTORS
* 512 + 4 ?
1838 IDE_DMA_BUF_SECTORS
* 512 + 4 : max_len
);
1844 ret
= ide_dvd_read_structure(s
, format
, packet
, buf
);
1847 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
, -ret
);
1849 ide_atapi_cmd_reply(s
, ret
, max_len
);
1853 /* TODO: BD support, fall through for now */
1855 /* Generic disk structures */
1856 case 0x80: /* TODO: AACS volume identifier */
1857 case 0x81: /* TODO: AACS media serial number */
1858 case 0x82: /* TODO: AACS media identifier */
1859 case 0x83: /* TODO: AACS media key block */
1860 case 0x90: /* TODO: List of recognized format layers */
1861 case 0xc0: /* TODO: Write protection status */
1863 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1864 ASC_INV_FIELD_IN_CMD_PACKET
);
1869 case GPCMD_SET_SPEED
:
1870 ide_atapi_cmd_ok(s
);
1873 max_len
= packet
[4];
1874 buf
[0] = 0x05; /* CD-ROM */
1875 buf
[1] = 0x80; /* removable */
1876 buf
[2] = 0x00; /* ISO */
1877 buf
[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1878 buf
[4] = 31; /* additional length */
1879 buf
[5] = 0; /* reserved */
1880 buf
[6] = 0; /* reserved */
1881 buf
[7] = 0; /* reserved */
1882 padstr8(buf
+ 8, 8, "QEMU");
1883 padstr8(buf
+ 16, 16, "QEMU DVD-ROM");
1884 padstr8(buf
+ 32, 4, QEMU_VERSION
);
1885 ide_atapi_cmd_reply(s
, 36, max_len
);
1887 case GPCMD_GET_CONFIGURATION
:
1892 /* only feature 0 is supported */
1893 if (packet
[2] != 0 || packet
[3] != 0) {
1894 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1895 ASC_INV_FIELD_IN_CMD_PACKET
);
1899 /* XXX: could result in alignment problems in some architectures */
1900 max_len
= ube16_to_cpu(packet
+ 7);
1903 * XXX: avoid overflow for io_buffer if max_len is bigger than
1904 * the size of that buffer (dimensioned to max number of
1905 * sectors to transfer at once)
1907 * Only a problem if the feature/profiles grow.
1909 if (max_len
> 512) /* XXX: assume 1 sector */
1912 memset(buf
, 0, max_len
);
1914 * the number of sectors from the media tells us which profile
1915 * to use as current. 0 means there is no media
1917 if (media_is_dvd(s
))
1918 cpu_to_ube16(buf
+ 6, MMC_PROFILE_DVD_ROM
);
1919 else if (media_is_cd(s
))
1920 cpu_to_ube16(buf
+ 6, MMC_PROFILE_CD_ROM
);
1922 buf
[10] = 0x02 | 0x01; /* persistent and current */
1923 len
= 12; /* headers: 8 + 4 */
1924 len
+= ide_atapi_set_profile(buf
, &index
, MMC_PROFILE_DVD_ROM
);
1925 len
+= ide_atapi_set_profile(buf
, &index
, MMC_PROFILE_CD_ROM
);
1926 cpu_to_ube32(buf
, len
- 4); /* data length */
1928 ide_atapi_cmd_reply(s
, len
, max_len
);
1932 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1933 ASC_ILLEGAL_OPCODE
);
1938 static void ide_cfata_metadata_inquiry(IDEState
*s
)
1943 p
= (uint16_t *) s
->io_buffer
;
1944 memset(p
, 0, 0x200);
1945 spd
= ((s
->mdata_size
- 1) >> 9) + 1;
1947 put_le16(p
+ 0, 0x0001); /* Data format revision */
1948 put_le16(p
+ 1, 0x0000); /* Media property: silicon */
1949 put_le16(p
+ 2, s
->media_changed
); /* Media status */
1950 put_le16(p
+ 3, s
->mdata_size
& 0xffff); /* Capacity in bytes (low) */
1951 put_le16(p
+ 4, s
->mdata_size
>> 16); /* Capacity in bytes (high) */
1952 put_le16(p
+ 5, spd
& 0xffff); /* Sectors per device (low) */
1953 put_le16(p
+ 6, spd
>> 16); /* Sectors per device (high) */
1956 static void ide_cfata_metadata_read(IDEState
*s
)
1960 if (((s
->hcyl
<< 16) | s
->lcyl
) << 9 > s
->mdata_size
+ 2) {
1961 s
->status
= ERR_STAT
;
1962 s
->error
= ABRT_ERR
;
1966 p
= (uint16_t *) s
->io_buffer
;
1967 memset(p
, 0, 0x200);
1969 put_le16(p
+ 0, s
->media_changed
); /* Media status */
1970 memcpy(p
+ 1, s
->mdata_storage
+ (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1971 MIN(MIN(s
->mdata_size
- (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1972 s
->nsector
<< 9), 0x200 - 2));
1975 static void ide_cfata_metadata_write(IDEState
*s
)
1977 if (((s
->hcyl
<< 16) | s
->lcyl
) << 9 > s
->mdata_size
+ 2) {
1978 s
->status
= ERR_STAT
;
1979 s
->error
= ABRT_ERR
;
1983 s
->media_changed
= 0;
1985 memcpy(s
->mdata_storage
+ (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1987 MIN(MIN(s
->mdata_size
- (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1988 s
->nsector
<< 9), 0x200 - 2));
1991 /* called when the inserted state of the media has changed */
1992 static void cdrom_change_cb(void *opaque
)
1994 IDEState
*s
= opaque
;
1995 uint64_t nb_sectors
;
1997 bdrv_get_geometry(s
->bs
, &nb_sectors
);
1998 s
->nb_sectors
= nb_sectors
;
2000 s
->sense_key
= SENSE_UNIT_ATTENTION
;
2001 s
->asc
= ASC_MEDIUM_MAY_HAVE_CHANGED
;
2006 static void ide_cmd_lba48_transform(IDEState
*s
, int lba48
)
2010 /* handle the 'magic' 0 nsector count conversion here. to avoid
2011 * fiddling with the rest of the read logic, we just store the
2012 * full sector count in ->nsector and ignore ->hob_nsector from now
2018 if (!s
->nsector
&& !s
->hob_nsector
)
2021 int lo
= s
->nsector
;
2022 int hi
= s
->hob_nsector
;
2024 s
->nsector
= (hi
<< 8) | lo
;
2029 static void ide_clear_hob(IDEState
*ide_if
)
2031 /* any write clears HOB high bit of device control register */
2032 ide_if
[0].select
&= ~(1 << 7);
2033 ide_if
[1].select
&= ~(1 << 7);
2036 static void ide_ioport_write(void *opaque
, uint32_t addr
, uint32_t val
)
2038 IDEState
*ide_if
= opaque
;
2044 printf("IDE: write addr=0x%x val=0x%02x\n", addr
, val
);
2049 /* ignore writes to command block while busy with previous command */
2050 if (addr
!= 7 && (ide_if
->cur_drive
->status
& (BUSY_STAT
|DRQ_STAT
)))
2057 ide_clear_hob(ide_if
);
2058 /* NOTE: data is written to the two drives */
2059 ide_if
[0].hob_feature
= ide_if
[0].feature
;
2060 ide_if
[1].hob_feature
= ide_if
[1].feature
;
2061 ide_if
[0].feature
= val
;
2062 ide_if
[1].feature
= val
;
2065 ide_clear_hob(ide_if
);
2066 ide_if
[0].hob_nsector
= ide_if
[0].nsector
;
2067 ide_if
[1].hob_nsector
= ide_if
[1].nsector
;
2068 ide_if
[0].nsector
= val
;
2069 ide_if
[1].nsector
= val
;
2072 ide_clear_hob(ide_if
);
2073 ide_if
[0].hob_sector
= ide_if
[0].sector
;
2074 ide_if
[1].hob_sector
= ide_if
[1].sector
;
2075 ide_if
[0].sector
= val
;
2076 ide_if
[1].sector
= val
;
2079 ide_clear_hob(ide_if
);
2080 ide_if
[0].hob_lcyl
= ide_if
[0].lcyl
;
2081 ide_if
[1].hob_lcyl
= ide_if
[1].lcyl
;
2082 ide_if
[0].lcyl
= val
;
2083 ide_if
[1].lcyl
= val
;
2086 ide_clear_hob(ide_if
);
2087 ide_if
[0].hob_hcyl
= ide_if
[0].hcyl
;
2088 ide_if
[1].hob_hcyl
= ide_if
[1].hcyl
;
2089 ide_if
[0].hcyl
= val
;
2090 ide_if
[1].hcyl
= val
;
2093 /* FIXME: HOB readback uses bit 7 */
2094 ide_if
[0].select
= (val
& ~0x10) | 0xa0;
2095 ide_if
[1].select
= (val
| 0x10) | 0xa0;
2097 unit
= (val
>> 4) & 1;
2099 ide_if
->cur_drive
= s
;
2104 #if defined(DEBUG_IDE)
2105 printf("ide: CMD=%02x\n", val
);
2107 s
= ide_if
->cur_drive
;
2108 /* ignore commands to non existant slave */
2109 if (s
!= ide_if
&& !s
->bs
)
2112 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
2113 if ((s
->status
& (BUSY_STAT
|DRQ_STAT
)) && val
!= WIN_DEVICE_RESET
)
2118 if (s
->bs
&& !s
->is_cdrom
) {
2122 ide_cfata_identify(s
);
2123 s
->status
= READY_STAT
| SEEK_STAT
;
2124 ide_transfer_start(s
, s
->io_buffer
, 512, ide_transfer_stop
);
2127 ide_set_signature(s
);
2129 ide_abort_command(s
);
2136 s
->status
= READY_STAT
| SEEK_STAT
;
2140 if (s
->is_cf
&& s
->nsector
== 0) {
2141 /* Disable Read and Write Multiple */
2142 s
->mult_sectors
= 0;
2143 s
->status
= READY_STAT
| SEEK_STAT
;
2144 } else if ((s
->nsector
& 0xff) != 0 &&
2145 ((s
->nsector
& 0xff) > MAX_MULT_SECTORS
||
2146 (s
->nsector
& (s
->nsector
- 1)) != 0)) {
2147 ide_abort_command(s
);
2149 s
->mult_sectors
= s
->nsector
& 0xff;
2150 s
->status
= READY_STAT
| SEEK_STAT
;
2154 case WIN_VERIFY_EXT
:
2157 case WIN_VERIFY_ONCE
:
2158 /* do sector number check ? */
2159 ide_cmd_lba48_transform(s
, lba48
);
2160 s
->status
= READY_STAT
| SEEK_STAT
;
2169 ide_cmd_lba48_transform(s
, lba48
);
2170 s
->req_nb_sectors
= 1;
2176 case WIN_WRITE_ONCE
:
2177 case CFA_WRITE_SECT_WO_ERASE
:
2178 case WIN_WRITE_VERIFY
:
2179 ide_cmd_lba48_transform(s
, lba48
);
2181 s
->status
= SEEK_STAT
| READY_STAT
;
2182 s
->req_nb_sectors
= 1;
2183 ide_transfer_start(s
, s
->io_buffer
, 512, ide_sector_write
);
2184 s
->media_changed
= 1;
2186 case WIN_MULTREAD_EXT
:
2189 if (!s
->mult_sectors
)
2191 ide_cmd_lba48_transform(s
, lba48
);
2192 s
->req_nb_sectors
= s
->mult_sectors
;
2195 case WIN_MULTWRITE_EXT
:
2198 case CFA_WRITE_MULTI_WO_ERASE
:
2199 if (!s
->mult_sectors
)
2201 ide_cmd_lba48_transform(s
, lba48
);
2203 s
->status
= SEEK_STAT
| READY_STAT
;
2204 s
->req_nb_sectors
= s
->mult_sectors
;
2206 if (n
> s
->req_nb_sectors
)
2207 n
= s
->req_nb_sectors
;
2208 ide_transfer_start(s
, s
->io_buffer
, 512 * n
, ide_sector_write
);
2209 s
->media_changed
= 1;
2211 case WIN_READDMA_EXT
:
2214 case WIN_READDMA_ONCE
:
2217 ide_cmd_lba48_transform(s
, lba48
);
2218 ide_sector_read_dma(s
);
2220 case WIN_WRITEDMA_EXT
:
2223 case WIN_WRITEDMA_ONCE
:
2226 ide_cmd_lba48_transform(s
, lba48
);
2227 ide_sector_write_dma(s
);
2228 s
->media_changed
= 1;
2230 case WIN_READ_NATIVE_MAX_EXT
:
2232 case WIN_READ_NATIVE_MAX
:
2233 ide_cmd_lba48_transform(s
, lba48
);
2234 ide_set_sector(s
, s
->nb_sectors
- 1);
2235 s
->status
= READY_STAT
| SEEK_STAT
;
2238 case WIN_CHECKPOWERMODE1
:
2239 case WIN_CHECKPOWERMODE2
:
2240 s
->nsector
= 0xff; /* device active or idle */
2241 s
->status
= READY_STAT
| SEEK_STAT
;
2244 case WIN_SETFEATURES
:
2247 /* XXX: valid for CDROM ? */
2248 switch(s
->feature
) {
2249 case 0xcc: /* reverting to power-on defaults enable */
2250 case 0x66: /* reverting to power-on defaults disable */
2251 case 0x02: /* write cache enable */
2252 case 0x82: /* write cache disable */
2253 case 0xaa: /* read look-ahead enable */
2254 case 0x55: /* read look-ahead disable */
2255 case 0x05: /* set advanced power management mode */
2256 case 0x85: /* disable advanced power management mode */
2257 case 0x69: /* NOP */
2258 case 0x67: /* NOP */
2259 case 0x96: /* NOP */
2260 case 0x9a: /* NOP */
2261 case 0x42: /* enable Automatic Acoustic Mode */
2262 case 0xc2: /* disable Automatic Acoustic Mode */
2263 s
->status
= READY_STAT
| SEEK_STAT
;
2266 case 0x03: { /* set transfer mode */
2267 uint8_t val
= s
->nsector
& 0x07;
2269 switch (s
->nsector
>> 3) {
2270 case 0x00: /* pio default */
2271 case 0x01: /* pio mode */
2272 put_le16(s
->identify_data
+ 62,0x07);
2273 put_le16(s
->identify_data
+ 63,0x07);
2274 put_le16(s
->identify_data
+ 88,0x3f);
2276 case 0x02: /* sigle word dma mode*/
2277 put_le16(s
->identify_data
+ 62,0x07 | (1 << (val
+ 8)));
2278 put_le16(s
->identify_data
+ 63,0x07);
2279 put_le16(s
->identify_data
+ 88,0x3f);
2281 case 0x04: /* mdma mode */
2282 put_le16(s
->identify_data
+ 62,0x07);
2283 put_le16(s
->identify_data
+ 63,0x07 | (1 << (val
+ 8)));
2284 put_le16(s
->identify_data
+ 88,0x3f);
2286 case 0x08: /* udma mode */
2287 put_le16(s
->identify_data
+ 62,0x07);
2288 put_le16(s
->identify_data
+ 63,0x07);
2289 put_le16(s
->identify_data
+ 88,0x3f | (1 << (val
+ 8)));
2294 s
->status
= READY_STAT
| SEEK_STAT
;
2302 case WIN_FLUSH_CACHE
:
2303 case WIN_FLUSH_CACHE_EXT
:
2306 s
->status
= READY_STAT
| SEEK_STAT
;
2311 case WIN_STANDBYNOW1
:
2312 case WIN_STANDBYNOW2
:
2313 case WIN_IDLEIMMEDIATE
:
2314 case CFA_IDLEIMMEDIATE
:
2319 s
->status
= READY_STAT
;
2325 /* XXX: Check that seek is within bounds */
2326 s
->status
= READY_STAT
| SEEK_STAT
;
2329 /* ATAPI commands */
2332 ide_atapi_identify(s
);
2333 s
->status
= READY_STAT
| SEEK_STAT
;
2334 ide_transfer_start(s
, s
->io_buffer
, 512, ide_transfer_stop
);
2336 ide_abort_command(s
);
2341 ide_set_signature(s
);
2343 s
->status
= 0; /* ATAPI spec (v6) section 9.10 defines packet
2344 * devices to return a clear status register
2345 * with READY_STAT *not* set. */
2347 s
->status
= READY_STAT
| SEEK_STAT
;
2348 s
->error
= 0x01; /* Device 0 passed, Device 1 passed or not
2356 ide_set_signature(s
);
2357 s
->status
= 0x00; /* NOTE: READY is _not_ set */
2363 /* overlapping commands not supported */
2364 if (s
->feature
& 0x02)
2366 s
->status
= READY_STAT
| SEEK_STAT
;
2367 s
->atapi_dma
= s
->feature
& 1;
2369 ide_transfer_start(s
, s
->io_buffer
, ATAPI_PACKET_SIZE
,
2372 /* CF-ATA commands */
2373 case CFA_REQ_EXT_ERROR_CODE
:
2376 s
->error
= 0x09; /* miscellaneous error */
2377 s
->status
= READY_STAT
| SEEK_STAT
;
2380 case CFA_ERASE_SECTORS
:
2381 case CFA_WEAR_LEVEL
:
2384 if (val
== CFA_WEAR_LEVEL
)
2386 if (val
== CFA_ERASE_SECTORS
)
2387 s
->media_changed
= 1;
2389 s
->status
= READY_STAT
| SEEK_STAT
;
2392 case CFA_TRANSLATE_SECTOR
:
2396 s
->status
= READY_STAT
| SEEK_STAT
;
2397 memset(s
->io_buffer
, 0, 0x200);
2398 s
->io_buffer
[0x00] = s
->hcyl
; /* Cyl MSB */
2399 s
->io_buffer
[0x01] = s
->lcyl
; /* Cyl LSB */
2400 s
->io_buffer
[0x02] = s
->select
; /* Head */
2401 s
->io_buffer
[0x03] = s
->sector
; /* Sector */
2402 s
->io_buffer
[0x04] = ide_get_sector(s
) >> 16; /* LBA MSB */
2403 s
->io_buffer
[0x05] = ide_get_sector(s
) >> 8; /* LBA */
2404 s
->io_buffer
[0x06] = ide_get_sector(s
) >> 0; /* LBA LSB */
2405 s
->io_buffer
[0x13] = 0x00; /* Erase flag */
2406 s
->io_buffer
[0x18] = 0x00; /* Hot count */
2407 s
->io_buffer
[0x19] = 0x00; /* Hot count */
2408 s
->io_buffer
[0x1a] = 0x01; /* Hot count */
2409 ide_transfer_start(s
, s
->io_buffer
, 0x200, ide_transfer_stop
);
2412 case CFA_ACCESS_METADATA_STORAGE
:
2415 switch (s
->feature
) {
2416 case 0x02: /* Inquiry Metadata Storage */
2417 ide_cfata_metadata_inquiry(s
);
2419 case 0x03: /* Read Metadata Storage */
2420 ide_cfata_metadata_read(s
);
2422 case 0x04: /* Write Metadata Storage */
2423 ide_cfata_metadata_write(s
);
2428 ide_transfer_start(s
, s
->io_buffer
, 0x200, ide_transfer_stop
);
2429 s
->status
= 0x00; /* NOTE: READY is _not_ set */
2432 case IBM_SENSE_CONDITION
:
2435 switch (s
->feature
) {
2436 case 0x01: /* sense temperature in device */
2437 s
->nsector
= 0x50; /* +20 C */
2442 s
->status
= READY_STAT
| SEEK_STAT
;
2447 ide_abort_command(s
);
2454 static uint32_t ide_ioport_read(void *opaque
, uint32_t addr1
)
2456 IDEState
*ide_if
= opaque
;
2457 IDEState
*s
= ide_if
->cur_drive
;
2462 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2463 //hob = s->select & (1 << 7);
2470 if ((!ide_if
[0].bs
&& !ide_if
[1].bs
) ||
2471 (s
!= ide_if
&& !s
->bs
))
2476 ret
= s
->hob_feature
;
2479 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2482 ret
= s
->nsector
& 0xff;
2484 ret
= s
->hob_nsector
;
2487 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2492 ret
= s
->hob_sector
;
2495 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2503 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2511 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2518 if ((!ide_if
[0].bs
&& !ide_if
[1].bs
) ||
2519 (s
!= ide_if
&& !s
->bs
))
2523 qemu_irq_lower(s
->irq
);
2527 printf("ide: read addr=0x%x val=%02x\n", addr1
, ret
);
2532 static uint32_t ide_status_read(void *opaque
, uint32_t addr
)
2534 IDEState
*ide_if
= opaque
;
2535 IDEState
*s
= ide_if
->cur_drive
;
2538 if ((!ide_if
[0].bs
&& !ide_if
[1].bs
) ||
2539 (s
!= ide_if
&& !s
->bs
))
2544 printf("ide: read status addr=0x%x val=%02x\n", addr
, ret
);
2549 static void ide_cmd_write(void *opaque
, uint32_t addr
, uint32_t val
)
2551 IDEState
*ide_if
= opaque
;
2556 printf("ide: write control addr=0x%x val=%02x\n", addr
, val
);
2558 /* common for both drives */
2559 if (!(ide_if
[0].cmd
& IDE_CMD_RESET
) &&
2560 (val
& IDE_CMD_RESET
)) {
2561 /* reset low to high */
2562 for(i
= 0;i
< 2; i
++) {
2564 s
->status
= BUSY_STAT
| SEEK_STAT
;
2567 } else if ((ide_if
[0].cmd
& IDE_CMD_RESET
) &&
2568 !(val
& IDE_CMD_RESET
)) {
2570 for(i
= 0;i
< 2; i
++) {
2573 s
->status
= 0x00; /* NOTE: READY is _not_ set */
2575 s
->status
= READY_STAT
| SEEK_STAT
;
2576 ide_set_signature(s
);
2580 ide_if
[0].cmd
= val
;
2581 ide_if
[1].cmd
= val
;
2584 static void ide_data_writew(void *opaque
, uint32_t addr
, uint32_t val
)
2586 IDEState
*s
= ((IDEState
*)opaque
)->cur_drive
;
2589 /* PIO data access allowed only when DRQ bit is set */
2590 if (!(s
->status
& DRQ_STAT
))
2594 *(uint16_t *)p
= le16_to_cpu(val
);
2597 if (p
>= s
->data_end
)
2598 s
->end_transfer_func(s
);
2601 static uint32_t ide_data_readw(void *opaque
, uint32_t addr
)
2603 IDEState
*s
= ((IDEState
*)opaque
)->cur_drive
;
2607 /* PIO data access allowed only when DRQ bit is set */
2608 if (!(s
->status
& DRQ_STAT
))
2612 ret
= cpu_to_le16(*(uint16_t *)p
);
2615 if (p
>= s
->data_end
)
2616 s
->end_transfer_func(s
);
2620 static void ide_data_writel(void *opaque
, uint32_t addr
, uint32_t val
)
2622 IDEState
*s
= ((IDEState
*)opaque
)->cur_drive
;
2625 /* PIO data access allowed only when DRQ bit is set */
2626 if (!(s
->status
& DRQ_STAT
))
2630 *(uint32_t *)p
= le32_to_cpu(val
);
2633 if (p
>= s
->data_end
)
2634 s
->end_transfer_func(s
);
2637 static uint32_t ide_data_readl(void *opaque
, uint32_t addr
)
2639 IDEState
*s
= ((IDEState
*)opaque
)->cur_drive
;
2643 /* PIO data access allowed only when DRQ bit is set */
2644 if (!(s
->status
& DRQ_STAT
))
2648 ret
= cpu_to_le32(*(uint32_t *)p
);
2651 if (p
>= s
->data_end
)
2652 s
->end_transfer_func(s
);
2656 static void ide_dummy_transfer_stop(IDEState
*s
)
2658 s
->data_ptr
= s
->io_buffer
;
2659 s
->data_end
= s
->io_buffer
;
2660 s
->io_buffer
[0] = 0xff;
2661 s
->io_buffer
[1] = 0xff;
2662 s
->io_buffer
[2] = 0xff;
2663 s
->io_buffer
[3] = 0xff;
2666 static void ide_reset(IDEState
*s
)
2669 s
->mult_sectors
= 0;
2671 s
->mult_sectors
= MAX_MULT_SECTORS
;
2674 s
->status
= READY_STAT
| SEEK_STAT
;
2675 ide_set_signature(s
);
2676 /* init the transfer handler so that 0xffff is returned on data
2678 s
->end_transfer_func
= ide_dummy_transfer_stop
;
2679 ide_dummy_transfer_stop(s
);
2680 s
->media_changed
= 0;
2683 static void ide_init2(IDEState
*ide_state
,
2684 BlockDriverState
*hd0
, BlockDriverState
*hd1
,
2688 static int drive_serial
= 1;
2689 int i
, cylinders
, heads
, secs
;
2690 uint64_t nb_sectors
;
2692 for(i
= 0; i
< 2; i
++) {
2694 s
->io_buffer
= qemu_memalign(512, IDE_DMA_BUF_SECTORS
*512 + 4);
2700 bdrv_get_geometry(s
->bs
, &nb_sectors
);
2701 bdrv_guess_geometry(s
->bs
, &cylinders
, &heads
, &secs
);
2702 s
->cylinders
= cylinders
;
2705 s
->nb_sectors
= nb_sectors
;
2707 if (bdrv_get_type_hint(s
->bs
) == BDRV_TYPE_CDROM
) {
2709 bdrv_set_change_cb(s
->bs
, cdrom_change_cb
, s
);
2712 s
->drive_serial
= drive_serial
++;
2713 strncpy(s
->drive_serial_str
, drive_get_serial(s
->bs
),
2714 sizeof(s
->drive_serial_str
));
2715 if (strlen(s
->drive_serial_str
) == 0)
2716 snprintf(s
->drive_serial_str
, sizeof(s
->drive_serial_str
),
2717 "QM%05d", s
->drive_serial
);
2719 s
->sector_write_timer
= qemu_new_timer(vm_clock
,
2720 ide_sector_write_timer_cb
, s
);
2725 static void ide_init_ioport(IDEState
*ide_state
, int iobase
, int iobase2
)
2727 register_ioport_write(iobase
, 8, 1, ide_ioport_write
, ide_state
);
2728 register_ioport_read(iobase
, 8, 1, ide_ioport_read
, ide_state
);
2730 register_ioport_read(iobase2
, 1, 1, ide_status_read
, ide_state
);
2731 register_ioport_write(iobase2
, 1, 1, ide_cmd_write
, ide_state
);
2735 register_ioport_write(iobase
, 2, 2, ide_data_writew
, ide_state
);
2736 register_ioport_read(iobase
, 2, 2, ide_data_readw
, ide_state
);
2737 register_ioport_write(iobase
, 4, 4, ide_data_writel
, ide_state
);
2738 register_ioport_read(iobase
, 4, 4, ide_data_readl
, ide_state
);
2741 /* save per IDE drive data */
2742 static void ide_save(QEMUFile
* f
, IDEState
*s
)
2744 qemu_put_be32(f
, s
->mult_sectors
);
2745 qemu_put_be32(f
, s
->identify_set
);
2746 if (s
->identify_set
) {
2747 qemu_put_buffer(f
, (const uint8_t *)s
->identify_data
, 512);
2749 qemu_put_8s(f
, &s
->feature
);
2750 qemu_put_8s(f
, &s
->error
);
2751 qemu_put_be32s(f
, &s
->nsector
);
2752 qemu_put_8s(f
, &s
->sector
);
2753 qemu_put_8s(f
, &s
->lcyl
);
2754 qemu_put_8s(f
, &s
->hcyl
);
2755 qemu_put_8s(f
, &s
->hob_feature
);
2756 qemu_put_8s(f
, &s
->hob_nsector
);
2757 qemu_put_8s(f
, &s
->hob_sector
);
2758 qemu_put_8s(f
, &s
->hob_lcyl
);
2759 qemu_put_8s(f
, &s
->hob_hcyl
);
2760 qemu_put_8s(f
, &s
->select
);
2761 qemu_put_8s(f
, &s
->status
);
2762 qemu_put_8s(f
, &s
->lba48
);
2764 qemu_put_8s(f
, &s
->sense_key
);
2765 qemu_put_8s(f
, &s
->asc
);
2766 /* XXX: if a transfer is pending, we do not save it yet */
2769 /* load per IDE drive data */
2770 static void ide_load(QEMUFile
* f
, IDEState
*s
)
2772 s
->mult_sectors
=qemu_get_be32(f
);
2773 s
->identify_set
=qemu_get_be32(f
);
2774 if (s
->identify_set
) {
2775 qemu_get_buffer(f
, (uint8_t *)s
->identify_data
, 512);
2777 qemu_get_8s(f
, &s
->feature
);
2778 qemu_get_8s(f
, &s
->error
);
2779 qemu_get_be32s(f
, &s
->nsector
);
2780 qemu_get_8s(f
, &s
->sector
);
2781 qemu_get_8s(f
, &s
->lcyl
);
2782 qemu_get_8s(f
, &s
->hcyl
);
2783 qemu_get_8s(f
, &s
->hob_feature
);
2784 qemu_get_8s(f
, &s
->hob_nsector
);
2785 qemu_get_8s(f
, &s
->hob_sector
);
2786 qemu_get_8s(f
, &s
->hob_lcyl
);
2787 qemu_get_8s(f
, &s
->hob_hcyl
);
2788 qemu_get_8s(f
, &s
->select
);
2789 qemu_get_8s(f
, &s
->status
);
2790 qemu_get_8s(f
, &s
->lba48
);
2792 qemu_get_8s(f
, &s
->sense_key
);
2793 qemu_get_8s(f
, &s
->asc
);
2794 /* XXX: if a transfer is pending, we do not save it yet */
2797 /***********************************************************/
2798 /* ISA IDE definitions */
2800 void isa_ide_init(int iobase
, int iobase2
, qemu_irq irq
,
2801 BlockDriverState
*hd0
, BlockDriverState
*hd1
)
2803 IDEState
*ide_state
;
2805 ide_state
= qemu_mallocz(sizeof(IDEState
) * 2);
2809 ide_init2(ide_state
, hd0
, hd1
, irq
);
2810 ide_init_ioport(ide_state
, iobase
, iobase2
);
2813 /***********************************************************/
2814 /* PCI IDE definitions */
2816 static void cmd646_update_irq(PCIIDEState
*d
);
2818 static void ide_map(PCIDevice
*pci_dev
, int region_num
,
2819 uint32_t addr
, uint32_t size
, int type
)
2821 PCIIDEState
*d
= (PCIIDEState
*)pci_dev
;
2822 IDEState
*ide_state
;
2824 if (region_num
<= 3) {
2825 ide_state
= &d
->ide_if
[(region_num
>> 1) * 2];
2826 if (region_num
& 1) {
2827 register_ioport_read(addr
+ 2, 1, 1, ide_status_read
, ide_state
);
2828 register_ioport_write(addr
+ 2, 1, 1, ide_cmd_write
, ide_state
);
2830 register_ioport_write(addr
, 8, 1, ide_ioport_write
, ide_state
);
2831 register_ioport_read(addr
, 8, 1, ide_ioport_read
, ide_state
);
2834 register_ioport_write(addr
, 2, 2, ide_data_writew
, ide_state
);
2835 register_ioport_read(addr
, 2, 2, ide_data_readw
, ide_state
);
2836 register_ioport_write(addr
, 4, 4, ide_data_writel
, ide_state
);
2837 register_ioport_read(addr
, 4, 4, ide_data_readl
, ide_state
);
2842 static void ide_dma_start(IDEState
*s
, BlockDriverCompletionFunc
*dma_cb
)
2844 BMDMAState
*bm
= s
->bmdma
;
2848 bm
->dma_cb
= dma_cb
;
2849 bm
->cur_prd_last
= 0;
2850 bm
->cur_prd_addr
= 0;
2851 bm
->cur_prd_len
= 0;
2852 if (bm
->status
& BM_STATUS_DMAING
) {
2857 static void ide_dma_cancel(BMDMAState
*bm
)
2859 if (bm
->status
& BM_STATUS_DMAING
) {
2860 bm
->status
&= ~BM_STATUS_DMAING
;
2861 /* cancel DMA request */
2866 printf("aio_cancel\n");
2868 bdrv_aio_cancel(bm
->aiocb
);
2874 static void bmdma_cmd_writeb(void *opaque
, uint32_t addr
, uint32_t val
)
2876 BMDMAState
*bm
= opaque
;
2878 printf("%s: 0x%08x\n", __func__
, val
);
2880 if (!(val
& BM_CMD_START
)) {
2881 /* XXX: do it better */
2883 bm
->cmd
= val
& 0x09;
2885 if (!(bm
->status
& BM_STATUS_DMAING
)) {
2886 bm
->status
|= BM_STATUS_DMAING
;
2887 /* start dma transfer if possible */
2891 bm
->cmd
= val
& 0x09;
2895 static uint32_t bmdma_readb(void *opaque
, uint32_t addr
)
2897 BMDMAState
*bm
= opaque
;
2898 PCIIDEState
*pci_dev
;
2906 pci_dev
= bm
->pci_dev
;
2907 if (pci_dev
->type
== IDE_TYPE_CMD646
) {
2908 val
= pci_dev
->dev
.config
[MRDMODE
];
2917 pci_dev
= bm
->pci_dev
;
2918 if (pci_dev
->type
== IDE_TYPE_CMD646
) {
2919 if (bm
== &pci_dev
->bmdma
[0])
2920 val
= pci_dev
->dev
.config
[UDIDETCR0
];
2922 val
= pci_dev
->dev
.config
[UDIDETCR1
];
2932 printf("bmdma: readb 0x%02x : 0x%02x\n", addr
, val
);
2937 static void bmdma_writeb(void *opaque
, uint32_t addr
, uint32_t val
)
2939 BMDMAState
*bm
= opaque
;
2940 PCIIDEState
*pci_dev
;
2942 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr
, val
);
2946 pci_dev
= bm
->pci_dev
;
2947 if (pci_dev
->type
== IDE_TYPE_CMD646
) {
2948 pci_dev
->dev
.config
[MRDMODE
] =
2949 (pci_dev
->dev
.config
[MRDMODE
] & ~0x30) | (val
& 0x30);
2950 cmd646_update_irq(pci_dev
);
2954 bm
->status
= (val
& 0x60) | (bm
->status
& 1) | (bm
->status
& ~val
& 0x06);
2957 pci_dev
= bm
->pci_dev
;
2958 if (pci_dev
->type
== IDE_TYPE_CMD646
) {
2959 if (bm
== &pci_dev
->bmdma
[0])
2960 pci_dev
->dev
.config
[UDIDETCR0
] = val
;
2962 pci_dev
->dev
.config
[UDIDETCR1
] = val
;
2968 static uint32_t bmdma_addr_readb(void *opaque
, uint32_t addr
)
2970 BMDMAState
*bm
= opaque
;
2972 val
= (bm
->addr
>> ((addr
& 3) * 8)) & 0xff;
2974 printf("%s: 0x%08x\n", __func__
, val
);
2979 static void bmdma_addr_writeb(void *opaque
, uint32_t addr
, uint32_t val
)
2981 BMDMAState
*bm
= opaque
;
2982 int shift
= (addr
& 3) * 8;
2984 printf("%s: 0x%08x\n", __func__
, val
);
2986 bm
->addr
&= ~(0xFF << shift
);
2987 bm
->addr
|= ((val
& 0xFF) << shift
) & ~3;
2988 bm
->cur_addr
= bm
->addr
;
2991 static uint32_t bmdma_addr_readw(void *opaque
, uint32_t addr
)
2993 BMDMAState
*bm
= opaque
;
2995 val
= (bm
->addr
>> ((addr
& 3) * 8)) & 0xffff;
2997 printf("%s: 0x%08x\n", __func__
, val
);
3002 static void bmdma_addr_writew(void *opaque
, uint32_t addr
, uint32_t val
)
3004 BMDMAState
*bm
= opaque
;
3005 int shift
= (addr
& 3) * 8;
3007 printf("%s: 0x%08x\n", __func__
, val
);
3009 bm
->addr
&= ~(0xFFFF << shift
);
3010 bm
->addr
|= ((val
& 0xFFFF) << shift
) & ~3;
3011 bm
->cur_addr
= bm
->addr
;
3014 static uint32_t bmdma_addr_readl(void *opaque
, uint32_t addr
)
3016 BMDMAState
*bm
= opaque
;
3020 printf("%s: 0x%08x\n", __func__
, val
);
3025 static void bmdma_addr_writel(void *opaque
, uint32_t addr
, uint32_t val
)
3027 BMDMAState
*bm
= opaque
;
3029 printf("%s: 0x%08x\n", __func__
, val
);
3031 bm
->addr
= val
& ~3;
3032 bm
->cur_addr
= bm
->addr
;
3035 static void bmdma_map(PCIDevice
*pci_dev
, int region_num
,
3036 uint32_t addr
, uint32_t size
, int type
)
3038 PCIIDEState
*d
= (PCIIDEState
*)pci_dev
;
3041 for(i
= 0;i
< 2; i
++) {
3042 BMDMAState
*bm
= &d
->bmdma
[i
];
3043 d
->ide_if
[2 * i
].bmdma
= bm
;
3044 d
->ide_if
[2 * i
+ 1].bmdma
= bm
;
3045 bm
->pci_dev
= (PCIIDEState
*)pci_dev
;
3047 register_ioport_write(addr
, 1, 1, bmdma_cmd_writeb
, bm
);
3049 register_ioport_write(addr
+ 1, 3, 1, bmdma_writeb
, bm
);
3050 register_ioport_read(addr
, 4, 1, bmdma_readb
, bm
);
3052 register_ioport_write(addr
+ 4, 4, 1, bmdma_addr_writeb
, bm
);
3053 register_ioport_read(addr
+ 4, 4, 1, bmdma_addr_readb
, bm
);
3054 register_ioport_write(addr
+ 4, 4, 2, bmdma_addr_writew
, bm
);
3055 register_ioport_read(addr
+ 4, 4, 2, bmdma_addr_readw
, bm
);
3056 register_ioport_write(addr
+ 4, 4, 4, bmdma_addr_writel
, bm
);
3057 register_ioport_read(addr
+ 4, 4, 4, bmdma_addr_readl
, bm
);
3062 static void pci_ide_save(QEMUFile
* f
, void *opaque
)
3064 PCIIDEState
*d
= opaque
;
3067 pci_device_save(&d
->dev
, f
);
3069 for(i
= 0; i
< 2; i
++) {
3070 BMDMAState
*bm
= &d
->bmdma
[i
];
3071 qemu_put_8s(f
, &bm
->cmd
);
3072 qemu_put_8s(f
, &bm
->status
);
3073 qemu_put_be32s(f
, &bm
->addr
);
3074 /* XXX: if a transfer is pending, we do not save it yet */
3077 /* per IDE interface data */
3078 for(i
= 0; i
< 2; i
++) {
3079 IDEState
*s
= &d
->ide_if
[i
* 2];
3080 uint8_t drive1_selected
;
3081 qemu_put_8s(f
, &s
->cmd
);
3082 drive1_selected
= (s
->cur_drive
!= s
);
3083 qemu_put_8s(f
, &drive1_selected
);
3086 /* per IDE drive data */
3087 for(i
= 0; i
< 4; i
++) {
3088 ide_save(f
, &d
->ide_if
[i
]);
3092 static int pci_ide_load(QEMUFile
* f
, void *opaque
, int version_id
)
3094 PCIIDEState
*d
= opaque
;
3097 if (version_id
!= 1)
3099 ret
= pci_device_load(&d
->dev
, f
);
3103 for(i
= 0; i
< 2; i
++) {
3104 BMDMAState
*bm
= &d
->bmdma
[i
];
3105 qemu_get_8s(f
, &bm
->cmd
);
3106 qemu_get_8s(f
, &bm
->status
);
3107 qemu_get_be32s(f
, &bm
->addr
);
3108 /* XXX: if a transfer is pending, we do not save it yet */
3111 /* per IDE interface data */
3112 for(i
= 0; i
< 2; i
++) {
3113 IDEState
*s
= &d
->ide_if
[i
* 2];
3114 uint8_t drive1_selected
;
3115 qemu_get_8s(f
, &s
->cmd
);
3116 qemu_get_8s(f
, &drive1_selected
);
3117 s
->cur_drive
= &d
->ide_if
[i
* 2 + (drive1_selected
!= 0)];
3120 /* per IDE drive data */
3121 for(i
= 0; i
< 4; i
++) {
3122 ide_load(f
, &d
->ide_if
[i
]);
3127 /* XXX: call it also when the MRDMODE is changed from the PCI config
3129 static void cmd646_update_irq(PCIIDEState
*d
)
3132 pci_level
= ((d
->dev
.config
[MRDMODE
] & MRDMODE_INTR_CH0
) &&
3133 !(d
->dev
.config
[MRDMODE
] & MRDMODE_BLK_CH0
)) ||
3134 ((d
->dev
.config
[MRDMODE
] & MRDMODE_INTR_CH1
) &&
3135 !(d
->dev
.config
[MRDMODE
] & MRDMODE_BLK_CH1
));
3136 qemu_set_irq(d
->dev
.irq
[0], pci_level
);
3139 /* the PCI irq level is the logical OR of the two channels */
3140 static void cmd646_set_irq(void *opaque
, int channel
, int level
)
3142 PCIIDEState
*d
= opaque
;
3145 irq_mask
= MRDMODE_INTR_CH0
<< channel
;
3147 d
->dev
.config
[MRDMODE
] |= irq_mask
;
3149 d
->dev
.config
[MRDMODE
] &= ~irq_mask
;
3150 cmd646_update_irq(d
);
3153 static void cmd646_reset(void *opaque
)
3155 PCIIDEState
*d
= opaque
;
3158 for (i
= 0; i
< 2; i
++)
3159 ide_dma_cancel(&d
->bmdma
[i
]);
3162 /* CMD646 PCI IDE controller */
3163 void pci_cmd646_ide_init(PCIBus
*bus
, BlockDriverState
**hd_table
,
3164 int secondary_ide_enabled
)
3171 d
= (PCIIDEState
*)pci_register_device(bus
, "CMD646 IDE",
3172 sizeof(PCIIDEState
),
3175 d
->type
= IDE_TYPE_CMD646
;
3176 pci_conf
= d
->dev
.config
;
3177 pci_conf
[0x00] = 0x95; // CMD646
3178 pci_conf
[0x01] = 0x10;
3179 pci_conf
[0x02] = 0x46;
3180 pci_conf
[0x03] = 0x06;
3182 pci_conf
[0x08] = 0x07; // IDE controller revision
3183 pci_conf
[0x09] = 0x8f;
3185 pci_conf
[0x0a] = 0x01; // class_sub = PCI_IDE
3186 pci_conf
[0x0b] = 0x01; // class_base = PCI_mass_storage
3187 pci_conf
[0x0e] = 0x00; // header_type
3189 pci_conf
[0x51] = 0x04; // enable IDE0
3190 if (secondary_ide_enabled
) {
3191 /* XXX: if not enabled, really disable the seconday IDE controller */
3192 pci_conf
[0x51] |= 0x08; /* enable IDE1 */
3195 pci_register_io_region((PCIDevice
*)d
, 0, 0x8,
3196 PCI_ADDRESS_SPACE_IO
, ide_map
);
3197 pci_register_io_region((PCIDevice
*)d
, 1, 0x4,
3198 PCI_ADDRESS_SPACE_IO
, ide_map
);
3199 pci_register_io_region((PCIDevice
*)d
, 2, 0x8,
3200 PCI_ADDRESS_SPACE_IO
, ide_map
);
3201 pci_register_io_region((PCIDevice
*)d
, 3, 0x4,
3202 PCI_ADDRESS_SPACE_IO
, ide_map
);
3203 pci_register_io_region((PCIDevice
*)d
, 4, 0x10,
3204 PCI_ADDRESS_SPACE_IO
, bmdma_map
);
3206 pci_conf
[0x3d] = 0x01; // interrupt on pin 1
3208 for(i
= 0; i
< 4; i
++)
3209 d
->ide_if
[i
].pci_dev
= (PCIDevice
*)d
;
3211 irq
= qemu_allocate_irqs(cmd646_set_irq
, d
, 2);
3212 ide_init2(&d
->ide_if
[0], hd_table
[0], hd_table
[1], irq
[0]);
3213 ide_init2(&d
->ide_if
[2], hd_table
[2], hd_table
[3], irq
[1]);
3215 register_savevm("ide", 0, 1, pci_ide_save
, pci_ide_load
, d
);
3216 qemu_register_reset(cmd646_reset
, d
);
3220 static void piix3_reset(void *opaque
)
3222 PCIIDEState
*d
= opaque
;
3223 uint8_t *pci_conf
= d
->dev
.config
;
3226 for (i
= 0; i
< 2; i
++)
3227 ide_dma_cancel(&d
->bmdma
[i
]);
3229 pci_conf
[0x04] = 0x00;
3230 pci_conf
[0x05] = 0x00;
3231 pci_conf
[0x06] = 0x80; /* FBC */
3232 pci_conf
[0x07] = 0x02; // PCI_status_devsel_medium
3233 pci_conf
[0x20] = 0x01; /* BMIBA: 20-23h */
3236 /* hd_table must contain 4 block drivers */
3237 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
3238 void pci_piix3_ide_init(PCIBus
*bus
, BlockDriverState
**hd_table
, int devfn
,
3244 /* register a function 1 of PIIX3 */
3245 d
= (PCIIDEState
*)pci_register_device(bus
, "PIIX3 IDE",
3246 sizeof(PCIIDEState
),
3249 d
->type
= IDE_TYPE_PIIX3
;
3251 pci_conf
= d
->dev
.config
;
3252 pci_conf
[0x00] = 0x86; // Intel
3253 pci_conf
[0x01] = 0x80;
3254 pci_conf
[0x02] = 0x10;
3255 pci_conf
[0x03] = 0x70;
3256 pci_conf
[0x09] = 0x80; // legacy ATA mode
3257 pci_conf
[0x0a] = 0x01; // class_sub = PCI_IDE
3258 pci_conf
[0x0b] = 0x01; // class_base = PCI_mass_storage
3259 pci_conf
[0x0e] = 0x00; // header_type
3261 qemu_register_reset(piix3_reset
, d
);
3264 pci_register_io_region((PCIDevice
*)d
, 4, 0x10,
3265 PCI_ADDRESS_SPACE_IO
, bmdma_map
);
3267 ide_init2(&d
->ide_if
[0], hd_table
[0], hd_table
[1], pic
[14]);
3268 ide_init2(&d
->ide_if
[2], hd_table
[2], hd_table
[3], pic
[15]);
3269 ide_init_ioport(&d
->ide_if
[0], 0x1f0, 0x3f6);
3270 ide_init_ioport(&d
->ide_if
[2], 0x170, 0x376);
3272 register_savevm("ide", 0, 1, pci_ide_save
, pci_ide_load
, d
);
3275 /* hd_table must contain 4 block drivers */
3276 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3277 void pci_piix4_ide_init(PCIBus
*bus
, BlockDriverState
**hd_table
, int devfn
,
3283 /* register a function 1 of PIIX4 */
3284 d
= (PCIIDEState
*)pci_register_device(bus
, "PIIX4 IDE",
3285 sizeof(PCIIDEState
),
3288 d
->type
= IDE_TYPE_PIIX4
;
3290 pci_conf
= d
->dev
.config
;
3291 pci_conf
[0x00] = 0x86; // Intel
3292 pci_conf
[0x01] = 0x80;
3293 pci_conf
[0x02] = 0x11;
3294 pci_conf
[0x03] = 0x71;
3295 pci_conf
[0x09] = 0x80; // legacy ATA mode
3296 pci_conf
[0x0a] = 0x01; // class_sub = PCI_IDE
3297 pci_conf
[0x0b] = 0x01; // class_base = PCI_mass_storage
3298 pci_conf
[0x0e] = 0x00; // header_type
3300 qemu_register_reset(piix3_reset
, d
);
3303 pci_register_io_region((PCIDevice
*)d
, 4, 0x10,
3304 PCI_ADDRESS_SPACE_IO
, bmdma_map
);
3306 ide_init2(&d
->ide_if
[0], hd_table
[0], hd_table
[1], pic
[14]);
3307 ide_init2(&d
->ide_if
[2], hd_table
[2], hd_table
[3], pic
[15]);
3308 ide_init_ioport(&d
->ide_if
[0], 0x1f0, 0x3f6);
3309 ide_init_ioport(&d
->ide_if
[2], 0x170, 0x376);
3311 register_savevm("ide", 0, 1, pci_ide_save
, pci_ide_load
, d
);
3314 /***********************************************************/
3315 /* MacIO based PowerPC IDE */
3317 /* PowerMac IDE memory IO */
3318 static void pmac_ide_writeb (void *opaque
,
3319 target_phys_addr_t addr
, uint32_t val
)
3321 addr
= (addr
& 0xFFF) >> 4;
3324 ide_ioport_write(opaque
, addr
, val
);
3328 ide_cmd_write(opaque
, 0, val
);
3335 static uint32_t pmac_ide_readb (void *opaque
,target_phys_addr_t addr
)
3339 addr
= (addr
& 0xFFF) >> 4;
3342 retval
= ide_ioport_read(opaque
, addr
);
3346 retval
= ide_status_read(opaque
, 0);
3355 static void pmac_ide_writew (void *opaque
,
3356 target_phys_addr_t addr
, uint32_t val
)
3358 addr
= (addr
& 0xFFF) >> 4;
3359 #ifdef TARGET_WORDS_BIGENDIAN
3363 ide_data_writew(opaque
, 0, val
);
3367 static uint32_t pmac_ide_readw (void *opaque
,target_phys_addr_t addr
)
3371 addr
= (addr
& 0xFFF) >> 4;
3373 retval
= ide_data_readw(opaque
, 0);
3377 #ifdef TARGET_WORDS_BIGENDIAN
3378 retval
= bswap16(retval
);
3383 static void pmac_ide_writel (void *opaque
,
3384 target_phys_addr_t addr
, uint32_t val
)
3386 addr
= (addr
& 0xFFF) >> 4;
3387 #ifdef TARGET_WORDS_BIGENDIAN
3391 ide_data_writel(opaque
, 0, val
);
3395 static uint32_t pmac_ide_readl (void *opaque
,target_phys_addr_t addr
)
3399 addr
= (addr
& 0xFFF) >> 4;
3401 retval
= ide_data_readl(opaque
, 0);
3403 retval
= 0xFFFFFFFF;
3405 #ifdef TARGET_WORDS_BIGENDIAN
3406 retval
= bswap32(retval
);
3411 static CPUWriteMemoryFunc
*pmac_ide_write
[] = {
3417 static CPUReadMemoryFunc
*pmac_ide_read
[] = {
3423 static void pmac_ide_save(QEMUFile
*f
, void *opaque
)
3425 IDEState
*s
= (IDEState
*)opaque
;
3426 uint8_t drive1_selected
;
3429 /* per IDE interface data */
3430 qemu_put_8s(f
, &s
->cmd
);
3431 drive1_selected
= (s
->cur_drive
!= s
);
3432 qemu_put_8s(f
, &drive1_selected
);
3434 /* per IDE drive data */
3435 for(i
= 0; i
< 2; i
++) {
3440 static int pmac_ide_load(QEMUFile
*f
, void *opaque
, int version_id
)
3442 IDEState
*s
= (IDEState
*)opaque
;
3443 uint8_t drive1_selected
;
3446 if (version_id
!= 1)
3449 /* per IDE interface data */
3450 qemu_get_8s(f
, &s
->cmd
);
3451 qemu_get_8s(f
, &drive1_selected
);
3452 s
->cur_drive
= &s
[(drive1_selected
!= 0)];
3454 /* per IDE drive data */
3455 for(i
= 0; i
< 2; i
++) {
3461 static void pmac_ide_reset(void *opaque
)
3463 IDEState
*s
= (IDEState
*)opaque
;
3469 /* hd_table must contain 4 block drivers */
3470 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3471 I/O index to access the ide. */
3472 int pmac_ide_init (BlockDriverState
**hd_table
, qemu_irq irq
)
3475 int pmac_ide_memory
;
3477 ide_if
= qemu_mallocz(sizeof(IDEState
) * 2);
3478 ide_init2(&ide_if
[0], hd_table
[0], hd_table
[1], irq
);
3480 pmac_ide_memory
= cpu_register_io_memory(0, pmac_ide_read
,
3481 pmac_ide_write
, &ide_if
[0]);
3482 register_savevm("ide", 0, 1, pmac_ide_save
, pmac_ide_load
, &ide_if
[0]);
3483 qemu_register_reset(pmac_ide_reset
, &ide_if
[0]);
3484 pmac_ide_reset(&ide_if
[0]);
3485 return pmac_ide_memory
;
3488 /***********************************************************/
3489 /* MMIO based ide port
3490 * This emulates IDE device connected directly to the CPU bus without
3491 * dedicated ide controller, which is often seen on embedded boards.
3499 static uint32_t mmio_ide_read (void *opaque
, target_phys_addr_t addr
)
3501 MMIOState
*s
= (MMIOState
*)opaque
;
3502 IDEState
*ide
= (IDEState
*)s
->dev
;
3505 return ide_ioport_read(ide
, addr
);
3507 return ide_data_readw(ide
, 0);
3510 static void mmio_ide_write (void *opaque
, target_phys_addr_t addr
,
3513 MMIOState
*s
= (MMIOState
*)opaque
;
3514 IDEState
*ide
= (IDEState
*)s
->dev
;
3517 ide_ioport_write(ide
, addr
, val
);
3519 ide_data_writew(ide
, 0, val
);
3522 static CPUReadMemoryFunc
*mmio_ide_reads
[] = {
3528 static CPUWriteMemoryFunc
*mmio_ide_writes
[] = {
3534 static uint32_t mmio_ide_status_read (void *opaque
, target_phys_addr_t addr
)
3536 MMIOState
*s
= (MMIOState
*)opaque
;
3537 IDEState
*ide
= (IDEState
*)s
->dev
;
3538 return ide_status_read(ide
, 0);
3541 static void mmio_ide_cmd_write (void *opaque
, target_phys_addr_t addr
,
3544 MMIOState
*s
= (MMIOState
*)opaque
;
3545 IDEState
*ide
= (IDEState
*)s
->dev
;
3546 ide_cmd_write(ide
, 0, val
);
3549 static CPUReadMemoryFunc
*mmio_ide_status
[] = {
3550 mmio_ide_status_read
,
3551 mmio_ide_status_read
,
3552 mmio_ide_status_read
,
3555 static CPUWriteMemoryFunc
*mmio_ide_cmd
[] = {
3561 void mmio_ide_init (target_phys_addr_t membase
, target_phys_addr_t membase2
,
3562 qemu_irq irq
, int shift
,
3563 BlockDriverState
*hd0
, BlockDriverState
*hd1
)
3565 MMIOState
*s
= qemu_mallocz(sizeof(MMIOState
));
3566 IDEState
*ide
= qemu_mallocz(sizeof(IDEState
) * 2);
3569 ide_init2(ide
, hd0
, hd1
, irq
);
3574 mem1
= cpu_register_io_memory(0, mmio_ide_reads
, mmio_ide_writes
, s
);
3575 mem2
= cpu_register_io_memory(0, mmio_ide_status
, mmio_ide_cmd
, s
);
3576 cpu_register_physical_memory(membase
, 16 << shift
, mem1
);
3577 cpu_register_physical_memory(membase2
, 2 << shift
, mem2
);
3580 /***********************************************************/
3581 /* CF-ATA Microdrive */
3583 #define METADATA_SIZE 0x20
3585 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3588 struct pcmcia_card_s card
;
3602 /* Register bitfields */
3605 OPT_MODE_IOMAP16
= 1,
3606 OPT_MODE_IOMAP1
= 2,
3607 OPT_MODE_IOMAP2
= 3,
3618 STAT_CHANGED
= 0x80,
3629 static inline void md_interrupt_update(struct md_s
*s
)
3634 qemu_set_irq(s
->card
.slot
->irq
,
3635 !(s
->stat
& STAT_INT
) && /* Inverted */
3636 !(s
->ctrl
& (CTRL_IEN
| CTRL_SRST
)) &&
3637 !(s
->opt
& OPT_SRESET
));
3640 static void md_set_irq(void *opaque
, int irq
, int level
)
3642 struct md_s
*s
= (struct md_s
*) opaque
;
3644 s
->stat
|= STAT_INT
;
3646 s
->stat
&= ~STAT_INT
;
3648 md_interrupt_update(s
);
3651 static void md_reset(struct md_s
*s
)
3653 s
->opt
= OPT_MODE_MMAP
;
3661 static uint8_t md_attr_read(void *opaque
, uint32_t at
)
3663 struct md_s
*s
= (struct md_s
*) opaque
;
3664 if (at
< s
->attr_base
) {
3665 if (at
< s
->card
.cis_len
)
3666 return s
->card
.cis
[at
];
3674 case 0x00: /* Configuration Option Register */
3676 case 0x02: /* Card Configuration Status Register */
3677 if (s
->ctrl
& CTRL_IEN
)
3678 return s
->stat
& ~STAT_INT
;
3681 case 0x04: /* Pin Replacement Register */
3682 return (s
->pins
& PINS_CRDY
) | 0x0c;
3683 case 0x06: /* Socket and Copy Register */
3687 printf("%s: Bad attribute space register %02x\n", __FUNCTION__
, at
);
3694 static void md_attr_write(void *opaque
, uint32_t at
, uint8_t value
)
3696 struct md_s
*s
= (struct md_s
*) opaque
;
3700 case 0x00: /* Configuration Option Register */
3701 s
->opt
= value
& 0xcf;
3702 if (value
& OPT_SRESET
)
3704 md_interrupt_update(s
);
3706 case 0x02: /* Card Configuration Status Register */
3707 if ((s
->stat
^ value
) & STAT_PWRDWN
)
3708 s
->pins
|= PINS_CRDY
;
3710 s
->stat
|= value
& 0x74;
3711 md_interrupt_update(s
);
3712 /* Word 170 in Identify Device must be equal to STAT_XE */
3714 case 0x04: /* Pin Replacement Register */
3715 s
->pins
&= PINS_CRDY
;
3716 s
->pins
|= value
& PINS_MRDY
;
3718 case 0x06: /* Socket and Copy Register */
3721 printf("%s: Bad attribute space register %02x\n", __FUNCTION__
, at
);
3725 static uint16_t md_common_read(void *opaque
, uint32_t at
)
3727 struct md_s
*s
= (struct md_s
*) opaque
;
3731 switch (s
->opt
& OPT_MODE
) {
3733 if ((at
& ~0x3ff) == 0x400)
3736 case OPT_MODE_IOMAP16
:
3739 case OPT_MODE_IOMAP1
:
3740 if ((at
& ~0xf) == 0x3f0)
3742 else if ((at
& ~0xf) == 0x1f0)
3745 case OPT_MODE_IOMAP2
:
3746 if ((at
& ~0xf) == 0x370)
3748 else if ((at
& ~0xf) == 0x170)
3753 case 0x0: /* Even RD Data */
3755 return ide_data_readw(s
->ide
, 0);
3757 /* TODO: 8-bit accesses */
3761 s
->io
= ide_data_readw(s
->ide
, 0);
3764 s
->cycle
= !s
->cycle
;
3766 case 0x9: /* Odd RD Data */
3768 case 0xd: /* Error */
3769 return ide_ioport_read(s
->ide
, 0x1);
3770 case 0xe: /* Alternate Status */
3771 if (s
->ide
->cur_drive
->bs
)
3772 return s
->ide
->cur_drive
->status
;
3775 case 0xf: /* Device Address */
3776 return 0xc2 | ((~s
->ide
->select
<< 2) & 0x3c);
3778 return ide_ioport_read(s
->ide
, at
);
3784 static void md_common_write(void *opaque
, uint32_t at
, uint16_t value
)
3786 struct md_s
*s
= (struct md_s
*) opaque
;
3789 switch (s
->opt
& OPT_MODE
) {
3791 if ((at
& ~0x3ff) == 0x400)
3794 case OPT_MODE_IOMAP16
:
3797 case OPT_MODE_IOMAP1
:
3798 if ((at
& ~0xf) == 0x3f0)
3800 else if ((at
& ~0xf) == 0x1f0)
3803 case OPT_MODE_IOMAP2
:
3804 if ((at
& ~0xf) == 0x370)
3806 else if ((at
& ~0xf) == 0x170)
3811 case 0x0: /* Even WR Data */
3813 ide_data_writew(s
->ide
, 0, value
);
3816 /* TODO: 8-bit accesses */
3818 ide_data_writew(s
->ide
, 0, s
->io
| (value
<< 8));
3820 s
->io
= value
& 0xff;
3821 s
->cycle
= !s
->cycle
;
3824 s
->io
= value
& 0xff;
3825 s
->cycle
= !s
->cycle
;
3827 case 0xd: /* Features */
3828 ide_ioport_write(s
->ide
, 0x1, value
);
3830 case 0xe: /* Device Control */
3832 if (value
& CTRL_SRST
)
3834 md_interrupt_update(s
);
3837 if (s
->stat
& STAT_PWRDWN
) {
3838 s
->pins
|= PINS_CRDY
;
3839 s
->stat
&= ~STAT_PWRDWN
;
3841 ide_ioport_write(s
->ide
, at
, value
);
3845 static void md_save(QEMUFile
*f
, void *opaque
)
3847 struct md_s
*s
= (struct md_s
*) opaque
;
3849 uint8_t drive1_selected
;
3851 qemu_put_8s(f
, &s
->opt
);
3852 qemu_put_8s(f
, &s
->stat
);
3853 qemu_put_8s(f
, &s
->pins
);
3855 qemu_put_8s(f
, &s
->ctrl
);
3856 qemu_put_be16s(f
, &s
->io
);
3857 qemu_put_byte(f
, s
->cycle
);
3859 drive1_selected
= (s
->ide
->cur_drive
!= s
->ide
);
3860 qemu_put_8s(f
, &s
->ide
->cmd
);
3861 qemu_put_8s(f
, &drive1_selected
);
3863 for (i
= 0; i
< 2; i
++)
3864 ide_save(f
, &s
->ide
[i
]);
3867 static int md_load(QEMUFile
*f
, void *opaque
, int version_id
)
3869 struct md_s
*s
= (struct md_s
*) opaque
;
3871 uint8_t drive1_selected
;
3873 qemu_get_8s(f
, &s
->opt
);
3874 qemu_get_8s(f
, &s
->stat
);
3875 qemu_get_8s(f
, &s
->pins
);
3877 qemu_get_8s(f
, &s
->ctrl
);
3878 qemu_get_be16s(f
, &s
->io
);
3879 s
->cycle
= qemu_get_byte(f
);
3881 qemu_get_8s(f
, &s
->ide
->cmd
);
3882 qemu_get_8s(f
, &drive1_selected
);
3883 s
->ide
->cur_drive
= &s
->ide
[(drive1_selected
!= 0)];
3885 for (i
= 0; i
< 2; i
++)
3886 ide_load(f
, &s
->ide
[i
]);
3891 static const uint8_t dscm1xxxx_cis
[0x14a] = {
3892 [0x000] = CISTPL_DEVICE
, /* 5V Device Information */
3893 [0x002] = 0x03, /* Tuple length = 4 bytes */
3894 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3895 [0x006] = 0x01, /* Size = 2K bytes */
3896 [0x008] = CISTPL_ENDMARK
,
3898 [0x00a] = CISTPL_DEVICE_OC
, /* Additional Device Information */
3899 [0x00c] = 0x04, /* Tuple length = 4 byest */
3900 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3901 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3902 [0x012] = 0x01, /* Size = 2K bytes */
3903 [0x014] = CISTPL_ENDMARK
,
3905 [0x016] = CISTPL_JEDEC_C
, /* JEDEC ID */
3906 [0x018] = 0x02, /* Tuple length = 2 bytes */
3907 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3910 [0x01e] = CISTPL_MANFID
, /* Manufacture ID */
3911 [0x020] = 0x04, /* Tuple length = 4 bytes */
3912 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3914 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3917 [0x02a] = CISTPL_VERS_1
, /* Level 1 Version */
3918 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3919 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3920 [0x030] = 0x01, /* Minor Version = 1 */
3936 [0x050] = CISTPL_ENDMARK
,
3938 [0x052] = CISTPL_FUNCID
, /* Function ID */
3939 [0x054] = 0x02, /* Tuple length = 2 bytes */
3940 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3941 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3943 [0x05a] = CISTPL_FUNCE
, /* Function Extension */
3944 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3945 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3946 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3948 [0x062] = CISTPL_FUNCE
, /* Function Extension */
3949 [0x064] = 0x03, /* Tuple length = 3 bytes */
3950 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3951 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3952 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3954 [0x06c] = CISTPL_CONFIG
, /* Configuration */
3955 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3956 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3957 [0x072] = 0x07, /* TPCC_LAST = 7 */
3958 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3960 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3962 [0x07a] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3963 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3964 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3965 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3966 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3967 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3968 [0x086] = 0x55, /* NomV: 5.0 V */
3969 [0x088] = 0x4d, /* MinV: 4.5 V */
3970 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3971 [0x08c] = 0x4e, /* Peakl: 450 mA */
3972 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3973 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3974 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3976 [0x094] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3977 [0x096] = 0x06, /* Tuple length = 6 bytes */
3978 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3979 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3980 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3981 [0x09e] = 0xb5, /* NomV: 3.3 V */
3983 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3985 [0x0a4] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3986 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3987 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3988 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3989 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3990 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3991 [0x0b0] = 0x55, /* NomV: 5.0 V */
3992 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3993 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3994 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3995 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3996 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3997 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3998 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3999 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
4001 [0x0c2] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
4002 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
4003 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
4004 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4005 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4006 [0x0cc] = 0xb5, /* NomV: 3.3 V */
4008 [0x0d0] = 0x3e, /* Peakl: 350 mA */
4010 [0x0d2] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
4011 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
4012 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
4013 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4014 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4015 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4016 [0x0de] = 0x55, /* NomV: 5.0 V */
4017 [0x0e0] = 0x4d, /* MinV: 4.5 V */
4018 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
4019 [0x0e4] = 0x4e, /* Peakl: 450 mA */
4020 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
4021 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
4022 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
4024 [0x0ee] = 0x07, /* Address block length = 8 */
4025 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
4027 [0x0f4] = 0x01, /* Address block length = 2 */
4028 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
4029 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
4031 [0x0fa] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
4032 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
4033 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
4034 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4035 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4036 [0x104] = 0xb5, /* NomV: 3.3 V */
4038 [0x108] = 0x3e, /* Peakl: 350 mA */
4040 [0x10a] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
4041 [0x10c] = 0x12, /* Tuple length = 18 bytes */
4042 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
4043 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4044 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4045 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4046 [0x116] = 0x55, /* NomV: 5.0 V */
4047 [0x118] = 0x4d, /* MinV: 4.5 V */
4048 [0x11a] = 0x5d, /* MaxV: 5.5 V */
4049 [0x11c] = 0x4e, /* Peakl: 450 mA */
4050 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
4051 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
4052 [0x122] = 0x70, /* Field 1 address = 0x0170 */
4054 [0x126] = 0x07, /* Address block length = 8 */
4055 [0x128] = 0x76, /* Field 2 address = 0x0376 */
4057 [0x12c] = 0x01, /* Address block length = 2 */
4058 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
4059 [0x130] = 0x20, /* TPCE_MI = support power down mode */
4061 [0x132] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
4062 [0x134] = 0x06, /* Tuple length = 6 bytes */
4063 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
4064 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4065 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4066 [0x13c] = 0xb5, /* NomV: 3.3 V */
4068 [0x140] = 0x3e, /* Peakl: 350 mA */
4070 [0x142] = CISTPL_NO_LINK
, /* No Link */
4071 [0x144] = 0x00, /* Tuple length = 0 bytes */
4073 [0x146] = CISTPL_END
, /* Tuple End */
4076 static int dscm1xxxx_attach(void *opaque
)
4078 struct md_s
*md
= (struct md_s
*) opaque
;
4079 md
->card
.attr_read
= md_attr_read
;
4080 md
->card
.attr_write
= md_attr_write
;
4081 md
->card
.common_read
= md_common_read
;
4082 md
->card
.common_write
= md_common_write
;
4083 md
->card
.io_read
= md_common_read
;
4084 md
->card
.io_write
= md_common_write
;
4086 md
->attr_base
= md
->card
.cis
[0x74] | (md
->card
.cis
[0x76] << 8);
4090 md_interrupt_update(md
);
4092 md
->card
.slot
->card_string
= "DSCM-1xxxx Hitachi Microdrive";
4096 static int dscm1xxxx_detach(void *opaque
)
4098 struct md_s
*md
= (struct md_s
*) opaque
;
4103 struct pcmcia_card_s
*dscm1xxxx_init(BlockDriverState
*bdrv
)
4105 struct md_s
*md
= (struct md_s
*) qemu_mallocz(sizeof(struct md_s
));
4106 md
->card
.state
= md
;
4107 md
->card
.attach
= dscm1xxxx_attach
;
4108 md
->card
.detach
= dscm1xxxx_detach
;
4109 md
->card
.cis
= dscm1xxxx_cis
;
4110 md
->card
.cis_len
= sizeof(dscm1xxxx_cis
);
4112 ide_init2(md
->ide
, bdrv
, 0, qemu_allocate_irqs(md_set_irq
, md
, 1)[0]);
4114 md
->ide
->mdata_size
= METADATA_SIZE
;
4115 md
->ide
->mdata_storage
= (uint8_t *) qemu_mallocz(METADATA_SIZE
);
4117 register_savevm("microdrive", -1, 0, md_save
, md_load
, md
);