2 * QEMU IDE disk and CD/DVD-ROM Emulator
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
28 #include "scsi-disk.h"
31 #include "qemu-timer.h"
36 /* debug IDE devices */
38 //#define DEBUG_IDE_ATAPI
42 /* Bits of HD_STATUS */
44 #define INDEX_STAT 0x02
45 #define ECC_STAT 0x04 /* Corrected error */
47 #define SEEK_STAT 0x10
49 #define WRERR_STAT 0x20
50 #define READY_STAT 0x40
51 #define BUSY_STAT 0x80
53 /* Bits for HD_ERROR */
54 #define MARK_ERR 0x01 /* Bad address mark */
55 #define TRK0_ERR 0x02 /* couldn't find track 0 */
56 #define ABRT_ERR 0x04 /* Command aborted */
57 #define MCR_ERR 0x08 /* media change request */
58 #define ID_ERR 0x10 /* ID field not found */
59 #define MC_ERR 0x20 /* media changed */
60 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
61 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
62 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
64 /* Bits of HD_NSECTOR */
70 #define IDE_CMD_RESET 0x04
71 #define IDE_CMD_DISABLE_IRQ 0x02
73 /* ATA/ATAPI Commands pre T13 Spec */
78 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
82 #define WIN_SRST 0x08 /* ATAPI soft reset command */
83 #define WIN_DEVICE_RESET 0x08
87 #define WIN_RECAL 0x10
88 #define WIN_RESTORE WIN_RECAL
92 #define WIN_READ 0x20 /* 28-Bit */
93 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
94 #define WIN_READ_LONG 0x22 /* 28-Bit */
95 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
96 #define WIN_READ_EXT 0x24 /* 48-Bit */
97 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
98 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
99 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
103 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
105 * 0x2A->0x2F Reserved
107 #define WIN_WRITE 0x30 /* 28-Bit */
108 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
109 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
110 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
111 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
112 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
113 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
114 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
115 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
116 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
118 * 0x3A->0x3B Reserved
120 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
122 * 0x3D->0x3F Reserved
124 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
125 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
126 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
128 * 0x43->0x4F Reserved
130 #define WIN_FORMAT 0x50
132 * 0x51->0x5F Reserved
134 #define WIN_INIT 0x60
136 * 0x61->0x5F Reserved
138 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
139 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
140 #define WIN_DIAGNOSE 0x90
141 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
142 #define WIN_DOWNLOAD_MICROCODE 0x92
143 #define WIN_STANDBYNOW2 0x94
144 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
145 #define WIN_STANDBY2 0x96
146 #define WIN_SETIDLE2 0x97
147 #define WIN_CHECKPOWERMODE2 0x98
148 #define WIN_SLEEPNOW2 0x99
152 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
153 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
154 #define WIN_QUEUED_SERVICE 0xA2
155 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
156 #define CFA_ACCESS_METADATA_STORAGE 0xB8
157 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
158 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
159 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
160 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
161 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
162 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
163 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
164 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
165 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
166 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
167 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
168 #define WIN_GETMEDIASTATUS 0xDA
169 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
170 #define WIN_POSTBOOT 0xDC
171 #define WIN_PREBOOT 0xDD
172 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
173 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
174 #define WIN_STANDBYNOW1 0xE0
175 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
176 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
177 #define WIN_SETIDLE1 0xE3
178 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
179 #define WIN_CHECKPOWERMODE1 0xE5
180 #define WIN_SLEEPNOW1 0xE6
181 #define WIN_FLUSH_CACHE 0xE7
182 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
183 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
184 /* SET_FEATURES 0x22 or 0xDD */
185 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
186 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
187 #define WIN_MEDIAEJECT 0xED
188 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
189 #define WIN_SETFEATURES 0xEF /* set special drive features */
190 #define EXABYTE_ENABLE_NEST 0xF0
191 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
192 #define WIN_SECURITY_SET_PASS 0xF1
193 #define WIN_SECURITY_UNLOCK 0xF2
194 #define WIN_SECURITY_ERASE_PREPARE 0xF3
195 #define WIN_SECURITY_ERASE_UNIT 0xF4
196 #define WIN_SECURITY_FREEZE_LOCK 0xF5
197 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
198 #define WIN_SECURITY_DISABLE 0xF6
199 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
200 #define WIN_SET_MAX 0xF9
201 #define DISABLE_SEAGATE 0xFB
203 /* set to 1 set disable mult support */
204 #define MAX_MULT_SECTORS 16
206 #define IDE_DMA_BUF_SECTORS 256
208 #if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
209 #error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
214 #define ATAPI_PACKET_SIZE 12
216 /* The generic packet command opcodes for CD/DVD Logical Units,
217 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
218 #define GPCMD_BLANK 0xa1
219 #define GPCMD_CLOSE_TRACK 0x5b
220 #define GPCMD_FLUSH_CACHE 0x35
221 #define GPCMD_FORMAT_UNIT 0x04
222 #define GPCMD_GET_CONFIGURATION 0x46
223 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
224 #define GPCMD_GET_PERFORMANCE 0xac
225 #define GPCMD_INQUIRY 0x12
226 #define GPCMD_LOAD_UNLOAD 0xa6
227 #define GPCMD_MECHANISM_STATUS 0xbd
228 #define GPCMD_MODE_SELECT_10 0x55
229 #define GPCMD_MODE_SENSE_10 0x5a
230 #define GPCMD_PAUSE_RESUME 0x4b
231 #define GPCMD_PLAY_AUDIO_10 0x45
232 #define GPCMD_PLAY_AUDIO_MSF 0x47
233 #define GPCMD_PLAY_AUDIO_TI 0x48
234 #define GPCMD_PLAY_CD 0xbc
235 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
236 #define GPCMD_READ_10 0x28
237 #define GPCMD_READ_12 0xa8
238 #define GPCMD_READ_CDVD_CAPACITY 0x25
239 #define GPCMD_READ_CD 0xbe
240 #define GPCMD_READ_CD_MSF 0xb9
241 #define GPCMD_READ_DISC_INFO 0x51
242 #define GPCMD_READ_DVD_STRUCTURE 0xad
243 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
244 #define GPCMD_READ_HEADER 0x44
245 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
246 #define GPCMD_READ_SUBCHANNEL 0x42
247 #define GPCMD_READ_TOC_PMA_ATIP 0x43
248 #define GPCMD_REPAIR_RZONE_TRACK 0x58
249 #define GPCMD_REPORT_KEY 0xa4
250 #define GPCMD_REQUEST_SENSE 0x03
251 #define GPCMD_RESERVE_RZONE_TRACK 0x53
252 #define GPCMD_SCAN 0xba
253 #define GPCMD_SEEK 0x2b
254 #define GPCMD_SEND_DVD_STRUCTURE 0xad
255 #define GPCMD_SEND_EVENT 0xa2
256 #define GPCMD_SEND_KEY 0xa3
257 #define GPCMD_SEND_OPC 0x54
258 #define GPCMD_SET_READ_AHEAD 0xa7
259 #define GPCMD_SET_STREAMING 0xb6
260 #define GPCMD_START_STOP_UNIT 0x1b
261 #define GPCMD_STOP_PLAY_SCAN 0x4e
262 #define GPCMD_TEST_UNIT_READY 0x00
263 #define GPCMD_VERIFY_10 0x2f
264 #define GPCMD_WRITE_10 0x2a
265 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
266 /* This is listed as optional in ATAPI 2.6, but is (curiously)
267 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
268 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
269 * drives support it. */
270 #define GPCMD_SET_SPEED 0xbb
271 /* This seems to be a SCSI specific CD-ROM opcode
272 * to play data at track/index */
273 #define GPCMD_PLAYAUDIO_TI 0x48
275 * From MS Media Status Notification Support Specification. For
278 #define GPCMD_GET_MEDIA_STATUS 0xda
279 #define GPCMD_MODE_SENSE_6 0x1a
281 /* Mode page codes for mode sense/set */
282 #define GPMODE_R_W_ERROR_PAGE 0x01
283 #define GPMODE_WRITE_PARMS_PAGE 0x05
284 #define GPMODE_AUDIO_CTL_PAGE 0x0e
285 #define GPMODE_POWER_PAGE 0x1a
286 #define GPMODE_FAULT_FAIL_PAGE 0x1c
287 #define GPMODE_TO_PROTECT_PAGE 0x1d
288 #define GPMODE_CAPABILITIES_PAGE 0x2a
289 #define GPMODE_ALL_PAGES 0x3f
290 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
291 * of MODE_SENSE_POWER_PAGE */
292 #define GPMODE_CDROM_PAGE 0x0d
295 * Based on values from <linux/cdrom.h> but extending CD_MINS
296 * to the maximum common size allowed by the Orange's Book ATIP
298 * 90 and 99 min CDs are also available but using them as the
299 * upper limit reduces the effectiveness of the heuristic to
300 * detect DVDs burned to less than 25% of their maximum capacity
303 /* Some generally useful CD-ROM information */
304 #define CD_MINS 80 /* max. minutes per CD */
305 #define CD_SECS 60 /* seconds per minute */
306 #define CD_FRAMES 75 /* frames per second */
307 #define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
308 #define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
309 #define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
312 * The MMC values are not IDE specific and might need to be moved
313 * to a common header if they are also needed for the SCSI emulation
316 /* Profile list from MMC-6 revision 1 table 91 */
317 #define MMC_PROFILE_NONE 0x0000
318 #define MMC_PROFILE_CD_ROM 0x0008
319 #define MMC_PROFILE_CD_R 0x0009
320 #define MMC_PROFILE_CD_RW 0x000A
321 #define MMC_PROFILE_DVD_ROM 0x0010
322 #define MMC_PROFILE_DVD_R_SR 0x0011
323 #define MMC_PROFILE_DVD_RAM 0x0012
324 #define MMC_PROFILE_DVD_RW_RO 0x0013
325 #define MMC_PROFILE_DVD_RW_SR 0x0014
326 #define MMC_PROFILE_DVD_R_DL_SR 0x0015
327 #define MMC_PROFILE_DVD_R_DL_JR 0x0016
328 #define MMC_PROFILE_DVD_RW_DL 0x0017
329 #define MMC_PROFILE_DVD_DDR 0x0018
330 #define MMC_PROFILE_DVD_PLUS_RW 0x001A
331 #define MMC_PROFILE_DVD_PLUS_R 0x001B
332 #define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
333 #define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
334 #define MMC_PROFILE_BD_ROM 0x0040
335 #define MMC_PROFILE_BD_R_SRM 0x0041
336 #define MMC_PROFILE_BD_R_RRM 0x0042
337 #define MMC_PROFILE_BD_RE 0x0043
338 #define MMC_PROFILE_HDDVD_ROM 0x0050
339 #define MMC_PROFILE_HDDVD_R 0x0051
340 #define MMC_PROFILE_HDDVD_RAM 0x0052
341 #define MMC_PROFILE_HDDVD_RW 0x0053
342 #define MMC_PROFILE_HDDVD_R_DL 0x0058
343 #define MMC_PROFILE_HDDVD_RW_DL 0x005A
344 #define MMC_PROFILE_INVALID 0xFFFF
346 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
347 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
348 #define ATAPI_INT_REASON_REL 0x04
349 #define ATAPI_INT_REASON_TAG 0xf8
351 /* same constants as bochs */
352 #define ASC_ILLEGAL_OPCODE 0x20
353 #define ASC_LOGICAL_BLOCK_OOR 0x21
354 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
355 #define ASC_MEDIUM_MAY_HAVE_CHANGED 0x28
356 #define ASC_INCOMPATIBLE_FORMAT 0x30
357 #define ASC_MEDIUM_NOT_PRESENT 0x3a
358 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
360 #define CFA_NO_ERROR 0x00
361 #define CFA_MISC_ERROR 0x09
362 #define CFA_INVALID_COMMAND 0x20
363 #define CFA_INVALID_ADDRESS 0x21
364 #define CFA_ADDRESS_OVERFLOW 0x2f
367 #define SENSE_NOT_READY 2
368 #define SENSE_ILLEGAL_REQUEST 5
369 #define SENSE_UNIT_ATTENTION 6
373 typedef void EndTransferFunc(struct IDEState
*);
375 /* NOTE: IDEState represents in fact one drive */
376 typedef struct IDEState
{
380 int cylinders
, heads
, sectors
;
384 uint16_t identify_data
[256];
387 struct BMDMAState
*bmdma
;
396 /* other part of tf for lba48 support */
406 /* 0x3f6 command, only meaningful for drive 0 */
408 /* set for lba48 access */
410 /* depends on bit 4 in select, only meaningful for drive 0 */
411 struct IDEState
*cur_drive
;
412 BlockDriverState
*bs
;
416 int packet_transfer_size
;
417 int elementary_transfer_size
;
421 int atapi_dma
; /* true if dma is requested for the packet cmd */
424 /* PIO transfer handling */
425 int req_nb_sectors
; /* number of sectors per interrupt */
426 EndTransferFunc
*end_transfer_func
;
430 QEMUTimer
*sector_write_timer
; /* only used for win2k install hack */
431 uint32_t irq_count
; /* counts IRQs when using win2k install hack */
432 /* CF-ATA extended error */
434 /* CF-ATA metadata storage */
436 uint8_t *mdata_storage
;
440 /* XXX: DVDs that could fit on a CD will be reported as a CD */
441 static inline int media_present(IDEState
*s
)
443 return (s
->nb_sectors
> 0);
446 static inline int media_is_dvd(IDEState
*s
)
448 return (media_present(s
) && s
->nb_sectors
> CD_MAX_SECTORS
);
451 static inline int media_is_cd(IDEState
*s
)
453 return (media_present(s
) && s
->nb_sectors
<= CD_MAX_SECTORS
);
456 #define BM_STATUS_DMAING 0x01
457 #define BM_STATUS_ERROR 0x02
458 #define BM_STATUS_INT 0x04
460 #define BM_CMD_START 0x01
461 #define BM_CMD_READ 0x08
463 #define IDE_TYPE_PIIX3 0
464 #define IDE_TYPE_CMD646 1
465 #define IDE_TYPE_PIIX4 2
467 /* CMD646 specific */
469 #define MRDMODE_INTR_CH0 0x04
470 #define MRDMODE_INTR_CH1 0x08
471 #define MRDMODE_BLK_CH0 0x10
472 #define MRDMODE_BLK_CH1 0x20
473 #define UDIDETCR0 0x73
474 #define UDIDETCR1 0x7B
476 typedef struct BMDMAState
{
481 struct PCIIDEState
*pci_dev
;
482 /* current transfer state */
484 uint32_t cur_prd_last
;
485 uint32_t cur_prd_addr
;
486 uint32_t cur_prd_len
;
488 BlockDriverCompletionFunc
*dma_cb
;
489 BlockDriverAIOCB
*aiocb
;
492 typedef struct PCIIDEState
{
496 int type
; /* see IDE_TYPE_xxx */
499 static void ide_dma_start(IDEState
*s
, BlockDriverCompletionFunc
*dma_cb
);
500 static void ide_atapi_cmd_read_dma_cb(void *opaque
, int ret
);
502 static void padstr(char *str
, const char *src
, int len
)
505 for(i
= 0; i
< len
; i
++) {
514 static void padstr8(uint8_t *buf
, int buf_size
, const char *src
)
517 for(i
= 0; i
< buf_size
; i
++) {
525 static void put_le16(uint16_t *p
, unsigned int v
)
530 static void ide_identify(IDEState
*s
)
533 unsigned int oldsize
;
536 if (s
->identify_set
) {
537 memcpy(s
->io_buffer
, s
->identify_data
, sizeof(s
->identify_data
));
541 memset(s
->io_buffer
, 0, 512);
542 p
= (uint16_t *)s
->io_buffer
;
543 put_le16(p
+ 0, 0x0040);
544 put_le16(p
+ 1, s
->cylinders
);
545 put_le16(p
+ 3, s
->heads
);
546 put_le16(p
+ 4, 512 * s
->sectors
); /* XXX: retired, remove ? */
547 put_le16(p
+ 5, 512); /* XXX: retired, remove ? */
548 put_le16(p
+ 6, s
->sectors
);
549 snprintf(buf
, sizeof(buf
), "QM%05d", s
->drive_serial
);
550 padstr((char *)(p
+ 10), buf
, 20); /* serial number */
551 put_le16(p
+ 20, 3); /* XXX: retired, remove ? */
552 put_le16(p
+ 21, 512); /* cache size in sectors */
553 put_le16(p
+ 22, 4); /* ecc bytes */
554 padstr((char *)(p
+ 23), QEMU_VERSION
, 8); /* firmware version */
555 padstr((char *)(p
+ 27), "QEMU HARDDISK", 40); /* model */
556 #if MAX_MULT_SECTORS > 1
557 put_le16(p
+ 47, 0x8000 | MAX_MULT_SECTORS
);
559 put_le16(p
+ 48, 1); /* dword I/O */
560 put_le16(p
+ 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
561 put_le16(p
+ 51, 0x200); /* PIO transfer cycle */
562 put_le16(p
+ 52, 0x200); /* DMA transfer cycle */
563 put_le16(p
+ 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
564 put_le16(p
+ 54, s
->cylinders
);
565 put_le16(p
+ 55, s
->heads
);
566 put_le16(p
+ 56, s
->sectors
);
567 oldsize
= s
->cylinders
* s
->heads
* s
->sectors
;
568 put_le16(p
+ 57, oldsize
);
569 put_le16(p
+ 58, oldsize
>> 16);
571 put_le16(p
+ 59, 0x100 | s
->mult_sectors
);
572 put_le16(p
+ 60, s
->nb_sectors
);
573 put_le16(p
+ 61, s
->nb_sectors
>> 16);
574 put_le16(p
+ 62, 0x07); /* single word dma0-2 supported */
575 put_le16(p
+ 63, 0x07); /* mdma0-2 supported */
576 put_le16(p
+ 65, 120);
577 put_le16(p
+ 66, 120);
578 put_le16(p
+ 67, 120);
579 put_le16(p
+ 68, 120);
580 put_le16(p
+ 80, 0xf0); /* ata3 -> ata6 supported */
581 put_le16(p
+ 81, 0x16); /* conforms to ata5 */
582 put_le16(p
+ 82, (1 << 14));
583 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
584 put_le16(p
+ 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
585 put_le16(p
+ 84, (1 << 14));
586 put_le16(p
+ 85, (1 << 14));
587 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
588 put_le16(p
+ 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
589 put_le16(p
+ 87, (1 << 14));
590 put_le16(p
+ 88, 0x3f | (1 << 13)); /* udma5 set and supported */
591 put_le16(p
+ 93, 1 | (1 << 14) | 0x2000);
592 put_le16(p
+ 100, s
->nb_sectors
);
593 put_le16(p
+ 101, s
->nb_sectors
>> 16);
594 put_le16(p
+ 102, s
->nb_sectors
>> 32);
595 put_le16(p
+ 103, s
->nb_sectors
>> 48);
597 memcpy(s
->identify_data
, p
, sizeof(s
->identify_data
));
601 static void ide_atapi_identify(IDEState
*s
)
606 if (s
->identify_set
) {
607 memcpy(s
->io_buffer
, s
->identify_data
, sizeof(s
->identify_data
));
611 memset(s
->io_buffer
, 0, 512);
612 p
= (uint16_t *)s
->io_buffer
;
613 /* Removable CDROM, 50us response, 12 byte packets */
614 put_le16(p
+ 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
615 snprintf(buf
, sizeof(buf
), "QM%05d", s
->drive_serial
);
616 padstr((char *)(p
+ 10), buf
, 20); /* serial number */
617 put_le16(p
+ 20, 3); /* buffer type */
618 put_le16(p
+ 21, 512); /* cache size in sectors */
619 put_le16(p
+ 22, 4); /* ecc bytes */
620 padstr((char *)(p
+ 23), QEMU_VERSION
, 8); /* firmware version */
621 padstr((char *)(p
+ 27), "QEMU DVD-ROM", 40); /* model */
622 put_le16(p
+ 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
624 put_le16(p
+ 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
625 put_le16(p
+ 53, 7); /* words 64-70, 54-58, 88 valid */
626 put_le16(p
+ 62, 7); /* single word dma0-2 supported */
627 put_le16(p
+ 63, 7); /* mdma0-2 supported */
628 put_le16(p
+ 64, 0x3f); /* PIO modes supported */
630 put_le16(p
+ 49, 1 << 9); /* LBA supported, no DMA */
631 put_le16(p
+ 53, 3); /* words 64-70, 54-58 valid */
632 put_le16(p
+ 63, 0x103); /* DMA modes XXX: may be incorrect */
633 put_le16(p
+ 64, 1); /* PIO modes */
635 put_le16(p
+ 65, 0xb4); /* minimum DMA multiword tx cycle time */
636 put_le16(p
+ 66, 0xb4); /* recommended DMA multiword tx cycle time */
637 put_le16(p
+ 67, 0x12c); /* minimum PIO cycle time without flow control */
638 put_le16(p
+ 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
640 put_le16(p
+ 71, 30); /* in ns */
641 put_le16(p
+ 72, 30); /* in ns */
643 put_le16(p
+ 80, 0x1e); /* support up to ATA/ATAPI-4 */
645 put_le16(p
+ 88, 0x3f | (1 << 13)); /* udma5 set and supported */
647 memcpy(s
->identify_data
, p
, sizeof(s
->identify_data
));
651 static void ide_cfata_identify(IDEState
*s
)
657 p
= (uint16_t *) s
->identify_data
;
661 memset(p
, 0, sizeof(s
->identify_data
));
663 cur_sec
= s
->cylinders
* s
->heads
* s
->sectors
;
665 put_le16(p
+ 0, 0x848a); /* CF Storage Card signature */
666 put_le16(p
+ 1, s
->cylinders
); /* Default cylinders */
667 put_le16(p
+ 3, s
->heads
); /* Default heads */
668 put_le16(p
+ 6, s
->sectors
); /* Default sectors per track */
669 put_le16(p
+ 7, s
->nb_sectors
>> 16); /* Sectors per card */
670 put_le16(p
+ 8, s
->nb_sectors
); /* Sectors per card */
671 snprintf(buf
, sizeof(buf
), "QM%05d", s
->drive_serial
);
672 padstr((char *)(p
+ 10), buf
, 20); /* Serial number in ASCII */
673 put_le16(p
+ 22, 0x0004); /* ECC bytes */
674 padstr((char *) (p
+ 23), QEMU_VERSION
, 8); /* Firmware Revision */
675 padstr((char *) (p
+ 27), "QEMU MICRODRIVE", 40);/* Model number */
676 #if MAX_MULT_SECTORS > 1
677 put_le16(p
+ 47, 0x8000 | MAX_MULT_SECTORS
);
679 put_le16(p
+ 47, 0x0000);
681 put_le16(p
+ 49, 0x0f00); /* Capabilities */
682 put_le16(p
+ 51, 0x0002); /* PIO cycle timing mode */
683 put_le16(p
+ 52, 0x0001); /* DMA cycle timing mode */
684 put_le16(p
+ 53, 0x0003); /* Translation params valid */
685 put_le16(p
+ 54, s
->cylinders
); /* Current cylinders */
686 put_le16(p
+ 55, s
->heads
); /* Current heads */
687 put_le16(p
+ 56, s
->sectors
); /* Current sectors */
688 put_le16(p
+ 57, cur_sec
); /* Current capacity */
689 put_le16(p
+ 58, cur_sec
>> 16); /* Current capacity */
690 if (s
->mult_sectors
) /* Multiple sector setting */
691 put_le16(p
+ 59, 0x100 | s
->mult_sectors
);
692 put_le16(p
+ 60, s
->nb_sectors
); /* Total LBA sectors */
693 put_le16(p
+ 61, s
->nb_sectors
>> 16); /* Total LBA sectors */
694 put_le16(p
+ 63, 0x0203); /* Multiword DMA capability */
695 put_le16(p
+ 64, 0x0001); /* Flow Control PIO support */
696 put_le16(p
+ 65, 0x0096); /* Min. Multiword DMA cycle */
697 put_le16(p
+ 66, 0x0096); /* Rec. Multiword DMA cycle */
698 put_le16(p
+ 68, 0x00b4); /* Min. PIO cycle time */
699 put_le16(p
+ 82, 0x400c); /* Command Set supported */
700 put_le16(p
+ 83, 0x7068); /* Command Set supported */
701 put_le16(p
+ 84, 0x4000); /* Features supported */
702 put_le16(p
+ 85, 0x000c); /* Command Set enabled */
703 put_le16(p
+ 86, 0x7044); /* Command Set enabled */
704 put_le16(p
+ 87, 0x4000); /* Features enabled */
705 put_le16(p
+ 91, 0x4060); /* Current APM level */
706 put_le16(p
+ 129, 0x0002); /* Current features option */
707 put_le16(p
+ 130, 0x0005); /* Reassigned sectors */
708 put_le16(p
+ 131, 0x0001); /* Initial power mode */
709 put_le16(p
+ 132, 0x0000); /* User signature */
710 put_le16(p
+ 160, 0x8100); /* Power requirement */
711 put_le16(p
+ 161, 0x8001); /* CF command set */
716 memcpy(s
->io_buffer
, p
, sizeof(s
->identify_data
));
719 static void ide_set_signature(IDEState
*s
)
721 s
->select
&= 0xf0; /* clear head */
737 static inline void ide_abort_command(IDEState
*s
)
739 s
->status
= READY_STAT
| ERR_STAT
;
743 static inline void ide_dma_submit_check(IDEState
*s
,
744 BlockDriverCompletionFunc
*dma_cb
, BMDMAState
*bm
)
751 static inline void ide_set_irq(IDEState
*s
)
753 BMDMAState
*bm
= s
->bmdma
;
754 if (!(s
->cmd
& IDE_CMD_DISABLE_IRQ
)) {
756 bm
->status
|= BM_STATUS_INT
;
758 qemu_irq_raise(s
->irq
);
762 /* prepare data transfer and tell what to do after */
763 static void ide_transfer_start(IDEState
*s
, uint8_t *buf
, int size
,
764 EndTransferFunc
*end_transfer_func
)
766 s
->end_transfer_func
= end_transfer_func
;
768 s
->data_end
= buf
+ size
;
769 if (!(s
->status
& ERR_STAT
))
770 s
->status
|= DRQ_STAT
;
773 static void ide_transfer_stop(IDEState
*s
)
775 s
->end_transfer_func
= ide_transfer_stop
;
776 s
->data_ptr
= s
->io_buffer
;
777 s
->data_end
= s
->io_buffer
;
778 s
->status
&= ~DRQ_STAT
;
781 static int64_t ide_get_sector(IDEState
*s
)
784 if (s
->select
& 0x40) {
787 sector_num
= ((s
->select
& 0x0f) << 24) | (s
->hcyl
<< 16) |
788 (s
->lcyl
<< 8) | s
->sector
;
790 sector_num
= ((int64_t)s
->hob_hcyl
<< 40) |
791 ((int64_t) s
->hob_lcyl
<< 32) |
792 ((int64_t) s
->hob_sector
<< 24) |
793 ((int64_t) s
->hcyl
<< 16) |
794 ((int64_t) s
->lcyl
<< 8) | s
->sector
;
797 sector_num
= ((s
->hcyl
<< 8) | s
->lcyl
) * s
->heads
* s
->sectors
+
798 (s
->select
& 0x0f) * s
->sectors
+ (s
->sector
- 1);
803 static void ide_set_sector(IDEState
*s
, int64_t sector_num
)
806 if (s
->select
& 0x40) {
808 s
->select
= (s
->select
& 0xf0) | (sector_num
>> 24);
809 s
->hcyl
= (sector_num
>> 16);
810 s
->lcyl
= (sector_num
>> 8);
811 s
->sector
= (sector_num
);
813 s
->sector
= sector_num
;
814 s
->lcyl
= sector_num
>> 8;
815 s
->hcyl
= sector_num
>> 16;
816 s
->hob_sector
= sector_num
>> 24;
817 s
->hob_lcyl
= sector_num
>> 32;
818 s
->hob_hcyl
= sector_num
>> 40;
821 cyl
= sector_num
/ (s
->heads
* s
->sectors
);
822 r
= sector_num
% (s
->heads
* s
->sectors
);
825 s
->select
= (s
->select
& 0xf0) | ((r
/ s
->sectors
) & 0x0f);
826 s
->sector
= (r
% s
->sectors
) + 1;
830 static void ide_rw_error(IDEState
*s
) {
831 ide_abort_command(s
);
835 static void ide_sector_read(IDEState
*s
)
840 s
->status
= READY_STAT
| SEEK_STAT
;
841 s
->error
= 0; /* not needed by IDE spec, but needed by Windows */
842 sector_num
= ide_get_sector(s
);
845 /* no more sector to read from disk */
846 ide_transfer_stop(s
);
848 #if defined(DEBUG_IDE)
849 printf("read sector=%" PRId64
"\n", sector_num
);
851 if (n
> s
->req_nb_sectors
)
852 n
= s
->req_nb_sectors
;
853 ret
= bdrv_read(s
->bs
, sector_num
, s
->io_buffer
, n
);
858 ide_transfer_start(s
, s
->io_buffer
, 512 * n
, ide_sector_read
);
860 ide_set_sector(s
, sector_num
+ n
);
865 static void ide_dma_error(IDEState
*s
)
867 ide_transfer_stop(s
);
869 s
->status
= READY_STAT
| ERR_STAT
;
873 /* return 0 if buffer completed */
874 static int dma_buf_rw(BMDMAState
*bm
, int is_write
)
876 IDEState
*s
= bm
->ide_if
;
884 l
= s
->io_buffer_size
- s
->io_buffer_index
;
887 if (bm
->cur_prd_len
== 0) {
888 /* end of table (with a fail safe of one page) */
889 if (bm
->cur_prd_last
||
890 (bm
->cur_addr
- bm
->addr
) >= 4096)
892 cpu_physical_memory_read(bm
->cur_addr
, (uint8_t *)&prd
, 8);
894 prd
.addr
= le32_to_cpu(prd
.addr
);
895 prd
.size
= le32_to_cpu(prd
.size
);
896 len
= prd
.size
& 0xfffe;
899 bm
->cur_prd_len
= len
;
900 bm
->cur_prd_addr
= prd
.addr
;
901 bm
->cur_prd_last
= (prd
.size
& 0x80000000);
903 if (l
> bm
->cur_prd_len
)
907 cpu_physical_memory_write(bm
->cur_prd_addr
,
908 s
->io_buffer
+ s
->io_buffer_index
, l
);
910 cpu_physical_memory_read(bm
->cur_prd_addr
,
911 s
->io_buffer
+ s
->io_buffer_index
, l
);
913 bm
->cur_prd_addr
+= l
;
914 bm
->cur_prd_len
-= l
;
915 s
->io_buffer_index
+= l
;
921 static void ide_read_dma_cb(void *opaque
, int ret
)
923 BMDMAState
*bm
= opaque
;
924 IDEState
*s
= bm
->ide_if
;
933 n
= s
->io_buffer_size
>> 9;
934 sector_num
= ide_get_sector(s
);
937 ide_set_sector(s
, sector_num
);
939 if (dma_buf_rw(bm
, 1) == 0)
943 /* end of transfer ? */
944 if (s
->nsector
== 0) {
945 s
->status
= READY_STAT
| SEEK_STAT
;
948 bm
->status
&= ~BM_STATUS_DMAING
;
949 bm
->status
|= BM_STATUS_INT
;
956 /* launch next transfer */
958 if (n
> IDE_DMA_BUF_SECTORS
)
959 n
= IDE_DMA_BUF_SECTORS
;
960 s
->io_buffer_index
= 0;
961 s
->io_buffer_size
= n
* 512;
963 printf("aio_read: sector_num=%lld n=%d\n", sector_num
, n
);
965 bm
->aiocb
= bdrv_aio_read(s
->bs
, sector_num
, s
->io_buffer
, n
,
966 ide_read_dma_cb
, bm
);
967 ide_dma_submit_check(s
, ide_read_dma_cb
, bm
);
970 static void ide_sector_read_dma(IDEState
*s
)
972 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
| BUSY_STAT
;
973 s
->io_buffer_index
= 0;
974 s
->io_buffer_size
= 0;
975 ide_dma_start(s
, ide_read_dma_cb
);
978 static void ide_sector_write_timer_cb(void *opaque
)
980 IDEState
*s
= opaque
;
984 static void ide_sector_write(IDEState
*s
)
989 s
->status
= READY_STAT
| SEEK_STAT
;
990 sector_num
= ide_get_sector(s
);
991 #if defined(DEBUG_IDE)
992 printf("write sector=%" PRId64
"\n", sector_num
);
995 if (n
> s
->req_nb_sectors
)
996 n
= s
->req_nb_sectors
;
997 ret
= bdrv_write(s
->bs
, sector_num
, s
->io_buffer
, n
);
1004 if (s
->nsector
== 0) {
1005 /* no more sectors to write */
1006 ide_transfer_stop(s
);
1009 if (n1
> s
->req_nb_sectors
)
1010 n1
= s
->req_nb_sectors
;
1011 ide_transfer_start(s
, s
->io_buffer
, 512 * n1
, ide_sector_write
);
1013 ide_set_sector(s
, sector_num
+ n
);
1016 if (win2k_install_hack
&& ((++s
->irq_count
% 16) == 0)) {
1017 /* It seems there is a bug in the Windows 2000 installer HDD
1018 IDE driver which fills the disk with empty logs when the
1019 IDE write IRQ comes too early. This hack tries to correct
1020 that at the expense of slower write performances. Use this
1021 option _only_ to install Windows 2000. You must disable it
1023 qemu_mod_timer(s
->sector_write_timer
,
1024 qemu_get_clock(vm_clock
) + (ticks_per_sec
/ 1000));
1032 static void ide_write_dma_cb(void *opaque
, int ret
)
1034 BMDMAState
*bm
= opaque
;
1035 IDEState
*s
= bm
->ide_if
;
1044 n
= s
->io_buffer_size
>> 9;
1045 sector_num
= ide_get_sector(s
);
1048 ide_set_sector(s
, sector_num
);
1052 /* end of transfer ? */
1053 if (s
->nsector
== 0) {
1054 s
->status
= READY_STAT
| SEEK_STAT
;
1057 bm
->status
&= ~BM_STATUS_DMAING
;
1058 bm
->status
|= BM_STATUS_INT
;
1065 /* launch next transfer */
1067 if (n
> IDE_DMA_BUF_SECTORS
)
1068 n
= IDE_DMA_BUF_SECTORS
;
1069 s
->io_buffer_index
= 0;
1070 s
->io_buffer_size
= n
* 512;
1072 if (dma_buf_rw(bm
, 0) == 0)
1075 printf("aio_write: sector_num=%lld n=%d\n", sector_num
, n
);
1077 bm
->aiocb
= bdrv_aio_write(s
->bs
, sector_num
, s
->io_buffer
, n
,
1078 ide_write_dma_cb
, bm
);
1079 ide_dma_submit_check(s
, ide_write_dma_cb
, bm
);
1082 static void ide_sector_write_dma(IDEState
*s
)
1084 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
| BUSY_STAT
;
1085 s
->io_buffer_index
= 0;
1086 s
->io_buffer_size
= 0;
1087 ide_dma_start(s
, ide_write_dma_cb
);
1090 static void ide_atapi_cmd_ok(IDEState
*s
)
1093 s
->status
= READY_STAT
| SEEK_STAT
;
1094 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
1098 static void ide_atapi_cmd_error(IDEState
*s
, int sense_key
, int asc
)
1100 #ifdef DEBUG_IDE_ATAPI
1101 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key
, asc
);
1103 s
->error
= sense_key
<< 4;
1104 s
->status
= READY_STAT
| ERR_STAT
;
1105 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
1106 s
->sense_key
= sense_key
;
1111 static void ide_atapi_cmd_check_status(IDEState
*s
)
1113 #ifdef DEBUG_IDE_ATAPI
1114 printf("atapi_cmd_check_status\n");
1116 s
->error
= MC_ERR
| (SENSE_UNIT_ATTENTION
<< 4);
1117 s
->status
= ERR_STAT
;
1122 static inline void cpu_to_ube16(uint8_t *buf
, int val
)
1128 static inline void cpu_to_ube32(uint8_t *buf
, unsigned int val
)
1136 static inline int ube16_to_cpu(const uint8_t *buf
)
1138 return (buf
[0] << 8) | buf
[1];
1141 static inline int ube32_to_cpu(const uint8_t *buf
)
1143 return (buf
[0] << 24) | (buf
[1] << 16) | (buf
[2] << 8) | buf
[3];
1146 static void lba_to_msf(uint8_t *buf
, int lba
)
1149 buf
[0] = (lba
/ 75) / 60;
1150 buf
[1] = (lba
/ 75) % 60;
1154 static void cd_data_to_raw(uint8_t *buf
, int lba
)
1158 memset(buf
+ 1, 0xff, 10);
1162 lba_to_msf(buf
, lba
);
1163 buf
[3] = 0x01; /* mode 1 data */
1167 /* XXX: ECC not computed */
1168 memset(buf
, 0, 288);
1171 static int cd_read_sector(BlockDriverState
*bs
, int lba
, uint8_t *buf
,
1176 switch(sector_size
) {
1178 ret
= bdrv_read(bs
, (int64_t)lba
<< 2, buf
, 4);
1181 ret
= bdrv_read(bs
, (int64_t)lba
<< 2, buf
+ 16, 4);
1184 cd_data_to_raw(buf
, lba
);
1193 static void ide_atapi_io_error(IDEState
*s
, int ret
)
1195 /* XXX: handle more errors */
1196 if (ret
== -ENOMEDIUM
) {
1197 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1198 ASC_MEDIUM_NOT_PRESENT
);
1200 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1201 ASC_LOGICAL_BLOCK_OOR
);
1205 /* The whole ATAPI transfer logic is handled in this function */
1206 static void ide_atapi_cmd_reply_end(IDEState
*s
)
1208 int byte_count_limit
, size
, ret
;
1209 #ifdef DEBUG_IDE_ATAPI
1210 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1211 s
->packet_transfer_size
,
1212 s
->elementary_transfer_size
,
1213 s
->io_buffer_index
);
1215 if (s
->packet_transfer_size
<= 0) {
1216 /* end of transfer */
1217 ide_transfer_stop(s
);
1218 s
->status
= READY_STAT
| SEEK_STAT
;
1219 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
1221 #ifdef DEBUG_IDE_ATAPI
1222 printf("status=0x%x\n", s
->status
);
1225 /* see if a new sector must be read */
1226 if (s
->lba
!= -1 && s
->io_buffer_index
>= s
->cd_sector_size
) {
1227 ret
= cd_read_sector(s
->bs
, s
->lba
, s
->io_buffer
, s
->cd_sector_size
);
1229 ide_transfer_stop(s
);
1230 ide_atapi_io_error(s
, ret
);
1234 s
->io_buffer_index
= 0;
1236 if (s
->elementary_transfer_size
> 0) {
1237 /* there are some data left to transmit in this elementary
1239 size
= s
->cd_sector_size
- s
->io_buffer_index
;
1240 if (size
> s
->elementary_transfer_size
)
1241 size
= s
->elementary_transfer_size
;
1242 ide_transfer_start(s
, s
->io_buffer
+ s
->io_buffer_index
,
1243 size
, ide_atapi_cmd_reply_end
);
1244 s
->packet_transfer_size
-= size
;
1245 s
->elementary_transfer_size
-= size
;
1246 s
->io_buffer_index
+= size
;
1248 /* a new transfer is needed */
1249 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
;
1250 byte_count_limit
= s
->lcyl
| (s
->hcyl
<< 8);
1251 #ifdef DEBUG_IDE_ATAPI
1252 printf("byte_count_limit=%d\n", byte_count_limit
);
1254 if (byte_count_limit
== 0xffff)
1256 size
= s
->packet_transfer_size
;
1257 if (size
> byte_count_limit
) {
1258 /* byte count limit must be even if this case */
1259 if (byte_count_limit
& 1)
1261 size
= byte_count_limit
;
1264 s
->hcyl
= size
>> 8;
1265 s
->elementary_transfer_size
= size
;
1266 /* we cannot transmit more than one sector at a time */
1268 if (size
> (s
->cd_sector_size
- s
->io_buffer_index
))
1269 size
= (s
->cd_sector_size
- s
->io_buffer_index
);
1271 ide_transfer_start(s
, s
->io_buffer
+ s
->io_buffer_index
,
1272 size
, ide_atapi_cmd_reply_end
);
1273 s
->packet_transfer_size
-= size
;
1274 s
->elementary_transfer_size
-= size
;
1275 s
->io_buffer_index
+= size
;
1277 #ifdef DEBUG_IDE_ATAPI
1278 printf("status=0x%x\n", s
->status
);
1284 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1285 static void ide_atapi_cmd_reply(IDEState
*s
, int size
, int max_size
)
1287 if (size
> max_size
)
1289 s
->lba
= -1; /* no sector read */
1290 s
->packet_transfer_size
= size
;
1291 s
->io_buffer_size
= size
; /* dma: send the reply data as one chunk */
1292 s
->elementary_transfer_size
= 0;
1293 s
->io_buffer_index
= 0;
1296 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
;
1297 ide_dma_start(s
, ide_atapi_cmd_read_dma_cb
);
1299 s
->status
= READY_STAT
| SEEK_STAT
;
1300 ide_atapi_cmd_reply_end(s
);
1304 /* start a CD-CDROM read command */
1305 static void ide_atapi_cmd_read_pio(IDEState
*s
, int lba
, int nb_sectors
,
1309 s
->packet_transfer_size
= nb_sectors
* sector_size
;
1310 s
->elementary_transfer_size
= 0;
1311 s
->io_buffer_index
= sector_size
;
1312 s
->cd_sector_size
= sector_size
;
1314 s
->status
= READY_STAT
| SEEK_STAT
;
1315 ide_atapi_cmd_reply_end(s
);
1318 /* ATAPI DMA support */
1320 /* XXX: handle read errors */
1321 static void ide_atapi_cmd_read_dma_cb(void *opaque
, int ret
)
1323 BMDMAState
*bm
= opaque
;
1324 IDEState
*s
= bm
->ide_if
;
1328 ide_atapi_io_error(s
, ret
);
1332 if (s
->io_buffer_size
> 0) {
1334 * For a cdrom read sector command (s->lba != -1),
1335 * adjust the lba for the next s->io_buffer_size chunk
1336 * and dma the current chunk.
1337 * For a command != read (s->lba == -1), just transfer
1341 if (s
->cd_sector_size
== 2352) {
1343 cd_data_to_raw(s
->io_buffer
, s
->lba
);
1345 n
= s
->io_buffer_size
>> 11;
1349 s
->packet_transfer_size
-= s
->io_buffer_size
;
1350 if (dma_buf_rw(bm
, 1) == 0)
1354 if (s
->packet_transfer_size
<= 0) {
1355 s
->status
= READY_STAT
| SEEK_STAT
;
1356 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
1359 bm
->status
&= ~BM_STATUS_DMAING
;
1360 bm
->status
|= BM_STATUS_INT
;
1367 s
->io_buffer_index
= 0;
1368 if (s
->cd_sector_size
== 2352) {
1370 s
->io_buffer_size
= s
->cd_sector_size
;
1373 n
= s
->packet_transfer_size
>> 11;
1374 if (n
> (IDE_DMA_BUF_SECTORS
/ 4))
1375 n
= (IDE_DMA_BUF_SECTORS
/ 4);
1376 s
->io_buffer_size
= n
* 2048;
1380 printf("aio_read_cd: lba=%u n=%d\n", s
->lba
, n
);
1382 bm
->aiocb
= bdrv_aio_read(s
->bs
, (int64_t)s
->lba
<< 2,
1383 s
->io_buffer
+ data_offset
, n
* 4,
1384 ide_atapi_cmd_read_dma_cb
, bm
);
1386 /* Note: media not present is the most likely case */
1387 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1388 ASC_MEDIUM_NOT_PRESENT
);
1393 /* start a CD-CDROM read command with DMA */
1394 /* XXX: test if DMA is available */
1395 static void ide_atapi_cmd_read_dma(IDEState
*s
, int lba
, int nb_sectors
,
1399 s
->packet_transfer_size
= nb_sectors
* sector_size
;
1400 s
->io_buffer_index
= 0;
1401 s
->io_buffer_size
= 0;
1402 s
->cd_sector_size
= sector_size
;
1404 /* XXX: check if BUSY_STAT should be set */
1405 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
| BUSY_STAT
;
1406 ide_dma_start(s
, ide_atapi_cmd_read_dma_cb
);
1409 static void ide_atapi_cmd_read(IDEState
*s
, int lba
, int nb_sectors
,
1412 #ifdef DEBUG_IDE_ATAPI
1413 printf("read %s: LBA=%d nb_sectors=%d\n", s
->atapi_dma
? "dma" : "pio",
1417 ide_atapi_cmd_read_dma(s
, lba
, nb_sectors
, sector_size
);
1419 ide_atapi_cmd_read_pio(s
, lba
, nb_sectors
, sector_size
);
1423 static inline uint8_t ide_atapi_set_profile(uint8_t *buf
, uint8_t *index
,
1426 uint8_t *buf_profile
= buf
+ 12; /* start of profiles */
1428 buf_profile
+= ((*index
) * 4); /* start of indexed profile */
1429 cpu_to_ube16 (buf_profile
, profile
);
1430 buf_profile
[2] = ((buf_profile
[0] == buf
[6]) && (buf_profile
[1] == buf
[7]));
1432 /* each profile adds 4 bytes to the response */
1434 buf
[11] += 4; /* Additional Length */
1439 static int ide_dvd_read_structure(IDEState
*s
, int format
,
1440 const uint8_t *packet
, uint8_t *buf
)
1443 case 0x0: /* Physical format information */
1445 int layer
= packet
[6];
1446 uint64_t total_sectors
;
1449 return -ASC_INV_FIELD_IN_CMD_PACKET
;
1451 bdrv_get_geometry(s
->bs
, &total_sectors
);
1452 total_sectors
>>= 2;
1453 if (total_sectors
== 0)
1454 return -ASC_MEDIUM_NOT_PRESENT
;
1456 buf
[4] = 1; /* DVD-ROM, part version 1 */
1457 buf
[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1458 buf
[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1459 buf
[7] = 0; /* default densities */
1461 /* FIXME: 0x30000 per spec? */
1462 cpu_to_ube32(buf
+ 8, 0); /* start sector */
1463 cpu_to_ube32(buf
+ 12, total_sectors
- 1); /* end sector */
1464 cpu_to_ube32(buf
+ 16, total_sectors
- 1); /* l0 end sector */
1466 /* Size of buffer, not including 2 byte size field */
1467 cpu_to_be16wu((uint16_t *)buf
, 2048 + 2);
1469 /* 2k data + 4 byte header */
1473 case 0x01: /* DVD copyright information */
1474 buf
[4] = 0; /* no copyright data */
1475 buf
[5] = 0; /* no region restrictions */
1477 /* Size of buffer, not including 2 byte size field */
1478 cpu_to_be16wu((uint16_t *)buf
, 4 + 2);
1480 /* 4 byte header + 4 byte data */
1483 case 0x03: /* BCA information - invalid field for no BCA info */
1484 return -ASC_INV_FIELD_IN_CMD_PACKET
;
1486 case 0x04: /* DVD disc manufacturing information */
1487 /* Size of buffer, not including 2 byte size field */
1488 cpu_to_be16wu((uint16_t *)buf
, 2048 + 2);
1490 /* 2k data + 4 byte header */
1495 * This lists all the command capabilities above. Add new ones
1496 * in order and update the length and buffer return values.
1499 buf
[4] = 0x00; /* Physical format */
1500 buf
[5] = 0x40; /* Not writable, is readable */
1501 cpu_to_be16wu((uint16_t *)(buf
+ 6), 2048 + 4);
1503 buf
[8] = 0x01; /* Copyright info */
1504 buf
[9] = 0x40; /* Not writable, is readable */
1505 cpu_to_be16wu((uint16_t *)(buf
+ 10), 4 + 4);
1507 buf
[12] = 0x03; /* BCA info */
1508 buf
[13] = 0x40; /* Not writable, is readable */
1509 cpu_to_be16wu((uint16_t *)(buf
+ 14), 188 + 4);
1511 buf
[16] = 0x04; /* Manufacturing info */
1512 buf
[17] = 0x40; /* Not writable, is readable */
1513 cpu_to_be16wu((uint16_t *)(buf
+ 18), 2048 + 4);
1515 /* Size of buffer, not including 2 byte size field */
1516 cpu_to_be16wu((uint16_t *)buf
, 16 + 2);
1518 /* data written + 4 byte header */
1521 default: /* TODO: formats beyond DVD-ROM requires */
1522 return -ASC_INV_FIELD_IN_CMD_PACKET
;
1526 static void ide_atapi_cmd(IDEState
*s
)
1528 const uint8_t *packet
;
1532 packet
= s
->io_buffer
;
1534 #ifdef DEBUG_IDE_ATAPI
1537 printf("ATAPI limit=0x%x packet:", s
->lcyl
| (s
->hcyl
<< 8));
1538 for(i
= 0; i
< ATAPI_PACKET_SIZE
; i
++) {
1539 printf(" %02x", packet
[i
]);
1544 /* If there's a UNIT_ATTENTION condition pending, only
1545 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1546 if (s
->sense_key
== SENSE_UNIT_ATTENTION
&&
1547 s
->io_buffer
[0] != GPCMD_REQUEST_SENSE
&&
1548 s
->io_buffer
[0] != GPCMD_INQUIRY
) {
1549 ide_atapi_cmd_check_status(s
);
1552 switch(s
->io_buffer
[0]) {
1553 case GPCMD_TEST_UNIT_READY
:
1554 if (bdrv_is_inserted(s
->bs
)) {
1555 ide_atapi_cmd_ok(s
);
1557 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1558 ASC_MEDIUM_NOT_PRESENT
);
1561 case GPCMD_MODE_SENSE_6
:
1562 case GPCMD_MODE_SENSE_10
:
1565 if (packet
[0] == GPCMD_MODE_SENSE_10
)
1566 max_len
= ube16_to_cpu(packet
+ 7);
1568 max_len
= packet
[4];
1569 action
= packet
[2] >> 6;
1570 code
= packet
[2] & 0x3f;
1572 case 0: /* current values */
1574 case 0x01: /* error recovery */
1575 cpu_to_ube16(&buf
[0], 16 + 6);
1591 ide_atapi_cmd_reply(s
, 16, max_len
);
1594 cpu_to_ube16(&buf
[0], 28 + 6);
1607 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1608 code checks for this to automount media. */
1611 buf
[14] = (1 << 0) | (1 << 3) | (1 << 5);
1612 if (bdrv_is_locked(s
->bs
))
1615 cpu_to_ube16(&buf
[16], 706);
1618 cpu_to_ube16(&buf
[20], 512);
1619 cpu_to_ube16(&buf
[22], 706);
1624 ide_atapi_cmd_reply(s
, 28, max_len
);
1630 case 1: /* changeable values */
1632 case 2: /* default values */
1635 case 3: /* saved values */
1636 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1637 ASC_SAVING_PARAMETERS_NOT_SUPPORTED
);
1642 case GPCMD_REQUEST_SENSE
:
1643 max_len
= packet
[4];
1645 buf
[0] = 0x70 | (1 << 7);
1646 buf
[2] = s
->sense_key
;
1649 if (s
->sense_key
== SENSE_UNIT_ATTENTION
)
1650 s
->sense_key
= SENSE_NONE
;
1651 ide_atapi_cmd_reply(s
, 18, max_len
);
1653 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL
:
1654 if (bdrv_is_inserted(s
->bs
)) {
1655 bdrv_set_locked(s
->bs
, packet
[4] & 1);
1656 ide_atapi_cmd_ok(s
);
1658 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1659 ASC_MEDIUM_NOT_PRESENT
);
1665 int nb_sectors
, lba
;
1667 if (packet
[0] == GPCMD_READ_10
)
1668 nb_sectors
= ube16_to_cpu(packet
+ 7);
1670 nb_sectors
= ube32_to_cpu(packet
+ 6);
1671 lba
= ube32_to_cpu(packet
+ 2);
1672 if (nb_sectors
== 0) {
1673 ide_atapi_cmd_ok(s
);
1676 ide_atapi_cmd_read(s
, lba
, nb_sectors
, 2048);
1681 int nb_sectors
, lba
, transfer_request
;
1683 nb_sectors
= (packet
[6] << 16) | (packet
[7] << 8) | packet
[8];
1684 lba
= ube32_to_cpu(packet
+ 2);
1685 if (nb_sectors
== 0) {
1686 ide_atapi_cmd_ok(s
);
1689 transfer_request
= packet
[9];
1690 switch(transfer_request
& 0xf8) {
1693 ide_atapi_cmd_ok(s
);
1697 ide_atapi_cmd_read(s
, lba
, nb_sectors
, 2048);
1701 ide_atapi_cmd_read(s
, lba
, nb_sectors
, 2352);
1704 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1705 ASC_INV_FIELD_IN_CMD_PACKET
);
1713 uint64_t total_sectors
;
1715 bdrv_get_geometry(s
->bs
, &total_sectors
);
1716 total_sectors
>>= 2;
1717 if (total_sectors
== 0) {
1718 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1719 ASC_MEDIUM_NOT_PRESENT
);
1722 lba
= ube32_to_cpu(packet
+ 2);
1723 if (lba
>= total_sectors
) {
1724 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1725 ASC_LOGICAL_BLOCK_OOR
);
1728 ide_atapi_cmd_ok(s
);
1731 case GPCMD_START_STOP_UNIT
:
1734 start
= packet
[4] & 1;
1735 eject
= (packet
[4] >> 1) & 1;
1737 if (eject
&& !start
) {
1738 /* eject the disk */
1739 bdrv_eject(s
->bs
, 1);
1740 } else if (eject
&& start
) {
1741 /* close the tray */
1742 bdrv_eject(s
->bs
, 0);
1744 ide_atapi_cmd_ok(s
);
1747 case GPCMD_MECHANISM_STATUS
:
1749 max_len
= ube16_to_cpu(packet
+ 8);
1750 cpu_to_ube16(buf
, 0);
1751 /* no current LBA */
1756 cpu_to_ube16(buf
+ 6, 0);
1757 ide_atapi_cmd_reply(s
, 8, max_len
);
1760 case GPCMD_READ_TOC_PMA_ATIP
:
1762 int format
, msf
, start_track
, len
;
1763 uint64_t total_sectors
;
1765 bdrv_get_geometry(s
->bs
, &total_sectors
);
1766 total_sectors
>>= 2;
1767 if (total_sectors
== 0) {
1768 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1769 ASC_MEDIUM_NOT_PRESENT
);
1772 max_len
= ube16_to_cpu(packet
+ 7);
1773 format
= packet
[9] >> 6;
1774 msf
= (packet
[1] >> 1) & 1;
1775 start_track
= packet
[6];
1778 len
= cdrom_read_toc(total_sectors
, buf
, msf
, start_track
);
1781 ide_atapi_cmd_reply(s
, len
, max_len
);
1784 /* multi session : only a single session defined */
1789 ide_atapi_cmd_reply(s
, 12, max_len
);
1792 len
= cdrom_read_toc_raw(total_sectors
, buf
, msf
, start_track
);
1795 ide_atapi_cmd_reply(s
, len
, max_len
);
1799 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1800 ASC_INV_FIELD_IN_CMD_PACKET
);
1805 case GPCMD_READ_CDVD_CAPACITY
:
1807 uint64_t total_sectors
;
1809 bdrv_get_geometry(s
->bs
, &total_sectors
);
1810 total_sectors
>>= 2;
1811 if (total_sectors
== 0) {
1812 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1813 ASC_MEDIUM_NOT_PRESENT
);
1816 /* NOTE: it is really the number of sectors minus 1 */
1817 cpu_to_ube32(buf
, total_sectors
- 1);
1818 cpu_to_ube32(buf
+ 4, 2048);
1819 ide_atapi_cmd_reply(s
, 8, 8);
1822 case GPCMD_READ_DVD_STRUCTURE
:
1824 int media
= packet
[1];
1825 int format
= packet
[7];
1828 max_len
= ube16_to_cpu(packet
+ 8);
1830 if (format
< 0xff) {
1831 if (media_is_cd(s
)) {
1832 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1833 ASC_INCOMPATIBLE_FORMAT
);
1835 } else if (!media_present(s
)) {
1836 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1837 ASC_INV_FIELD_IN_CMD_PACKET
);
1842 memset(buf
, 0, max_len
> IDE_DMA_BUF_SECTORS
* 512 + 4 ?
1843 IDE_DMA_BUF_SECTORS
* 512 + 4 : max_len
);
1849 ret
= ide_dvd_read_structure(s
, format
, packet
, buf
);
1852 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
, -ret
);
1854 ide_atapi_cmd_reply(s
, ret
, max_len
);
1858 /* TODO: BD support, fall through for now */
1860 /* Generic disk structures */
1861 case 0x80: /* TODO: AACS volume identifier */
1862 case 0x81: /* TODO: AACS media serial number */
1863 case 0x82: /* TODO: AACS media identifier */
1864 case 0x83: /* TODO: AACS media key block */
1865 case 0x90: /* TODO: List of recognized format layers */
1866 case 0xc0: /* TODO: Write protection status */
1868 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1869 ASC_INV_FIELD_IN_CMD_PACKET
);
1874 case GPCMD_SET_SPEED
:
1875 ide_atapi_cmd_ok(s
);
1878 max_len
= packet
[4];
1879 buf
[0] = 0x05; /* CD-ROM */
1880 buf
[1] = 0x80; /* removable */
1881 buf
[2] = 0x00; /* ISO */
1882 buf
[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1883 buf
[4] = 31; /* additional length */
1884 buf
[5] = 0; /* reserved */
1885 buf
[6] = 0; /* reserved */
1886 buf
[7] = 0; /* reserved */
1887 padstr8(buf
+ 8, 8, "QEMU");
1888 padstr8(buf
+ 16, 16, "QEMU DVD-ROM");
1889 padstr8(buf
+ 32, 4, QEMU_VERSION
);
1890 ide_atapi_cmd_reply(s
, 36, max_len
);
1892 case GPCMD_GET_CONFIGURATION
:
1897 /* only feature 0 is supported */
1898 if (packet
[2] != 0 || packet
[3] != 0) {
1899 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1900 ASC_INV_FIELD_IN_CMD_PACKET
);
1904 /* XXX: could result in alignment problems in some architectures */
1905 max_len
= ube16_to_cpu(packet
+ 7);
1908 * XXX: avoid overflow for io_buffer if max_len is bigger than
1909 * the size of that buffer (dimensioned to max number of
1910 * sectors to transfer at once)
1912 * Only a problem if the feature/profiles grow.
1914 if (max_len
> 512) /* XXX: assume 1 sector */
1917 memset(buf
, 0, max_len
);
1919 * the number of sectors from the media tells us which profile
1920 * to use as current. 0 means there is no media
1922 if (media_is_dvd(s
))
1923 cpu_to_ube16(buf
+ 6, MMC_PROFILE_DVD_ROM
);
1924 else if (media_is_cd(s
))
1925 cpu_to_ube16(buf
+ 6, MMC_PROFILE_CD_ROM
);
1927 buf
[10] = 0x02 | 0x01; /* persistent and current */
1928 len
= 12; /* headers: 8 + 4 */
1929 len
+= ide_atapi_set_profile(buf
, &index
, MMC_PROFILE_DVD_ROM
);
1930 len
+= ide_atapi_set_profile(buf
, &index
, MMC_PROFILE_CD_ROM
);
1931 cpu_to_ube32(buf
, len
- 4); /* data length */
1933 ide_atapi_cmd_reply(s
, len
, max_len
);
1937 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1938 ASC_ILLEGAL_OPCODE
);
1943 static void ide_cfata_metadata_inquiry(IDEState
*s
)
1948 p
= (uint16_t *) s
->io_buffer
;
1949 memset(p
, 0, 0x200);
1950 spd
= ((s
->mdata_size
- 1) >> 9) + 1;
1952 put_le16(p
+ 0, 0x0001); /* Data format revision */
1953 put_le16(p
+ 1, 0x0000); /* Media property: silicon */
1954 put_le16(p
+ 2, s
->media_changed
); /* Media status */
1955 put_le16(p
+ 3, s
->mdata_size
& 0xffff); /* Capacity in bytes (low) */
1956 put_le16(p
+ 4, s
->mdata_size
>> 16); /* Capacity in bytes (high) */
1957 put_le16(p
+ 5, spd
& 0xffff); /* Sectors per device (low) */
1958 put_le16(p
+ 6, spd
>> 16); /* Sectors per device (high) */
1961 static void ide_cfata_metadata_read(IDEState
*s
)
1965 if (((s
->hcyl
<< 16) | s
->lcyl
) << 9 > s
->mdata_size
+ 2) {
1966 s
->status
= ERR_STAT
;
1967 s
->error
= ABRT_ERR
;
1971 p
= (uint16_t *) s
->io_buffer
;
1972 memset(p
, 0, 0x200);
1974 put_le16(p
+ 0, s
->media_changed
); /* Media status */
1975 memcpy(p
+ 1, s
->mdata_storage
+ (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1976 MIN(MIN(s
->mdata_size
- (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1977 s
->nsector
<< 9), 0x200 - 2));
1980 static void ide_cfata_metadata_write(IDEState
*s
)
1982 if (((s
->hcyl
<< 16) | s
->lcyl
) << 9 > s
->mdata_size
+ 2) {
1983 s
->status
= ERR_STAT
;
1984 s
->error
= ABRT_ERR
;
1988 s
->media_changed
= 0;
1990 memcpy(s
->mdata_storage
+ (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1992 MIN(MIN(s
->mdata_size
- (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1993 s
->nsector
<< 9), 0x200 - 2));
1996 /* called when the inserted state of the media has changed */
1997 static void cdrom_change_cb(void *opaque
)
1999 IDEState
*s
= opaque
;
2000 uint64_t nb_sectors
;
2002 bdrv_get_geometry(s
->bs
, &nb_sectors
);
2003 s
->nb_sectors
= nb_sectors
;
2005 s
->sense_key
= SENSE_UNIT_ATTENTION
;
2006 s
->asc
= ASC_MEDIUM_MAY_HAVE_CHANGED
;
2011 static void ide_cmd_lba48_transform(IDEState
*s
, int lba48
)
2015 /* handle the 'magic' 0 nsector count conversion here. to avoid
2016 * fiddling with the rest of the read logic, we just store the
2017 * full sector count in ->nsector and ignore ->hob_nsector from now
2023 if (!s
->nsector
&& !s
->hob_nsector
)
2026 int lo
= s
->nsector
;
2027 int hi
= s
->hob_nsector
;
2029 s
->nsector
= (hi
<< 8) | lo
;
2034 static void ide_clear_hob(IDEState
*ide_if
)
2036 /* any write clears HOB high bit of device control register */
2037 ide_if
[0].select
&= ~(1 << 7);
2038 ide_if
[1].select
&= ~(1 << 7);
2041 static void ide_ioport_write(void *opaque
, uint32_t addr
, uint32_t val
)
2043 IDEState
*ide_if
= opaque
;
2049 printf("IDE: write addr=0x%x val=0x%02x\n", addr
, val
);
2054 /* ignore writes to command block while busy with previous command */
2055 if (addr
!= 7 && (ide_if
->cur_drive
->status
& (BUSY_STAT
|DRQ_STAT
)))
2062 ide_clear_hob(ide_if
);
2063 /* NOTE: data is written to the two drives */
2064 ide_if
[0].hob_feature
= ide_if
[0].feature
;
2065 ide_if
[1].hob_feature
= ide_if
[1].feature
;
2066 ide_if
[0].feature
= val
;
2067 ide_if
[1].feature
= val
;
2070 ide_clear_hob(ide_if
);
2071 ide_if
[0].hob_nsector
= ide_if
[0].nsector
;
2072 ide_if
[1].hob_nsector
= ide_if
[1].nsector
;
2073 ide_if
[0].nsector
= val
;
2074 ide_if
[1].nsector
= val
;
2077 ide_clear_hob(ide_if
);
2078 ide_if
[0].hob_sector
= ide_if
[0].sector
;
2079 ide_if
[1].hob_sector
= ide_if
[1].sector
;
2080 ide_if
[0].sector
= val
;
2081 ide_if
[1].sector
= val
;
2084 ide_clear_hob(ide_if
);
2085 ide_if
[0].hob_lcyl
= ide_if
[0].lcyl
;
2086 ide_if
[1].hob_lcyl
= ide_if
[1].lcyl
;
2087 ide_if
[0].lcyl
= val
;
2088 ide_if
[1].lcyl
= val
;
2091 ide_clear_hob(ide_if
);
2092 ide_if
[0].hob_hcyl
= ide_if
[0].hcyl
;
2093 ide_if
[1].hob_hcyl
= ide_if
[1].hcyl
;
2094 ide_if
[0].hcyl
= val
;
2095 ide_if
[1].hcyl
= val
;
2098 /* FIXME: HOB readback uses bit 7 */
2099 ide_if
[0].select
= (val
& ~0x10) | 0xa0;
2100 ide_if
[1].select
= (val
| 0x10) | 0xa0;
2102 unit
= (val
>> 4) & 1;
2104 ide_if
->cur_drive
= s
;
2109 #if defined(DEBUG_IDE)
2110 printf("ide: CMD=%02x\n", val
);
2112 s
= ide_if
->cur_drive
;
2113 /* ignore commands to non existant slave */
2114 if (s
!= ide_if
&& !s
->bs
)
2117 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
2118 if ((s
->status
& (BUSY_STAT
|DRQ_STAT
)) && val
!= WIN_DEVICE_RESET
)
2123 if (s
->bs
&& !s
->is_cdrom
) {
2127 ide_cfata_identify(s
);
2128 s
->status
= READY_STAT
| SEEK_STAT
;
2129 ide_transfer_start(s
, s
->io_buffer
, 512, ide_transfer_stop
);
2132 ide_set_signature(s
);
2134 ide_abort_command(s
);
2141 s
->status
= READY_STAT
| SEEK_STAT
;
2145 if (s
->is_cf
&& s
->nsector
== 0) {
2146 /* Disable Read and Write Multiple */
2147 s
->mult_sectors
= 0;
2148 s
->status
= READY_STAT
| SEEK_STAT
;
2149 } else if ((s
->nsector
& 0xff) != 0 &&
2150 ((s
->nsector
& 0xff) > MAX_MULT_SECTORS
||
2151 (s
->nsector
& (s
->nsector
- 1)) != 0)) {
2152 ide_abort_command(s
);
2154 s
->mult_sectors
= s
->nsector
& 0xff;
2155 s
->status
= READY_STAT
| SEEK_STAT
;
2159 case WIN_VERIFY_EXT
:
2162 case WIN_VERIFY_ONCE
:
2163 /* do sector number check ? */
2164 ide_cmd_lba48_transform(s
, lba48
);
2165 s
->status
= READY_STAT
| SEEK_STAT
;
2174 ide_cmd_lba48_transform(s
, lba48
);
2175 s
->req_nb_sectors
= 1;
2181 case WIN_WRITE_ONCE
:
2182 case CFA_WRITE_SECT_WO_ERASE
:
2183 case WIN_WRITE_VERIFY
:
2184 ide_cmd_lba48_transform(s
, lba48
);
2186 s
->status
= SEEK_STAT
| READY_STAT
;
2187 s
->req_nb_sectors
= 1;
2188 ide_transfer_start(s
, s
->io_buffer
, 512, ide_sector_write
);
2189 s
->media_changed
= 1;
2191 case WIN_MULTREAD_EXT
:
2194 if (!s
->mult_sectors
)
2196 ide_cmd_lba48_transform(s
, lba48
);
2197 s
->req_nb_sectors
= s
->mult_sectors
;
2200 case WIN_MULTWRITE_EXT
:
2203 case CFA_WRITE_MULTI_WO_ERASE
:
2204 if (!s
->mult_sectors
)
2206 ide_cmd_lba48_transform(s
, lba48
);
2208 s
->status
= SEEK_STAT
| READY_STAT
;
2209 s
->req_nb_sectors
= s
->mult_sectors
;
2211 if (n
> s
->req_nb_sectors
)
2212 n
= s
->req_nb_sectors
;
2213 ide_transfer_start(s
, s
->io_buffer
, 512 * n
, ide_sector_write
);
2214 s
->media_changed
= 1;
2216 case WIN_READDMA_EXT
:
2219 case WIN_READDMA_ONCE
:
2222 ide_cmd_lba48_transform(s
, lba48
);
2223 ide_sector_read_dma(s
);
2225 case WIN_WRITEDMA_EXT
:
2228 case WIN_WRITEDMA_ONCE
:
2231 ide_cmd_lba48_transform(s
, lba48
);
2232 ide_sector_write_dma(s
);
2233 s
->media_changed
= 1;
2235 case WIN_READ_NATIVE_MAX_EXT
:
2237 case WIN_READ_NATIVE_MAX
:
2238 ide_cmd_lba48_transform(s
, lba48
);
2239 ide_set_sector(s
, s
->nb_sectors
- 1);
2240 s
->status
= READY_STAT
| SEEK_STAT
;
2243 case WIN_CHECKPOWERMODE1
:
2244 case WIN_CHECKPOWERMODE2
:
2245 s
->nsector
= 0xff; /* device active or idle */
2246 s
->status
= READY_STAT
| SEEK_STAT
;
2249 case WIN_SETFEATURES
:
2252 /* XXX: valid for CDROM ? */
2253 switch(s
->feature
) {
2254 case 0xcc: /* reverting to power-on defaults enable */
2255 case 0x66: /* reverting to power-on defaults disable */
2256 case 0x02: /* write cache enable */
2257 case 0x82: /* write cache disable */
2258 case 0xaa: /* read look-ahead enable */
2259 case 0x55: /* read look-ahead disable */
2260 case 0x05: /* set advanced power management mode */
2261 case 0x85: /* disable advanced power management mode */
2262 case 0x69: /* NOP */
2263 case 0x67: /* NOP */
2264 case 0x96: /* NOP */
2265 case 0x9a: /* NOP */
2266 case 0x42: /* enable Automatic Acoustic Mode */
2267 case 0xc2: /* disable Automatic Acoustic Mode */
2268 s
->status
= READY_STAT
| SEEK_STAT
;
2271 case 0x03: { /* set transfer mode */
2272 uint8_t val
= s
->nsector
& 0x07;
2274 switch (s
->nsector
>> 3) {
2275 case 0x00: /* pio default */
2276 case 0x01: /* pio mode */
2277 put_le16(s
->identify_data
+ 62,0x07);
2278 put_le16(s
->identify_data
+ 63,0x07);
2279 put_le16(s
->identify_data
+ 88,0x3f);
2281 case 0x02: /* sigle word dma mode*/
2282 put_le16(s
->identify_data
+ 62,0x07 | (1 << (val
+ 8)));
2283 put_le16(s
->identify_data
+ 63,0x07);
2284 put_le16(s
->identify_data
+ 88,0x3f);
2286 case 0x04: /* mdma mode */
2287 put_le16(s
->identify_data
+ 62,0x07);
2288 put_le16(s
->identify_data
+ 63,0x07 | (1 << (val
+ 8)));
2289 put_le16(s
->identify_data
+ 88,0x3f);
2291 case 0x08: /* udma mode */
2292 put_le16(s
->identify_data
+ 62,0x07);
2293 put_le16(s
->identify_data
+ 63,0x07);
2294 put_le16(s
->identify_data
+ 88,0x3f | (1 << (val
+ 8)));
2299 s
->status
= READY_STAT
| SEEK_STAT
;
2307 case WIN_FLUSH_CACHE
:
2308 case WIN_FLUSH_CACHE_EXT
:
2311 s
->status
= READY_STAT
| SEEK_STAT
;
2316 case WIN_STANDBYNOW1
:
2317 case WIN_STANDBYNOW2
:
2318 case WIN_IDLEIMMEDIATE
:
2319 case CFA_IDLEIMMEDIATE
:
2324 s
->status
= READY_STAT
;
2330 /* XXX: Check that seek is within bounds */
2331 s
->status
= READY_STAT
| SEEK_STAT
;
2334 /* ATAPI commands */
2337 ide_atapi_identify(s
);
2338 s
->status
= READY_STAT
| SEEK_STAT
;
2339 ide_transfer_start(s
, s
->io_buffer
, 512, ide_transfer_stop
);
2341 ide_abort_command(s
);
2346 ide_set_signature(s
);
2348 s
->status
= 0; /* ATAPI spec (v6) section 9.10 defines packet
2349 * devices to return a clear status register
2350 * with READY_STAT *not* set. */
2352 s
->status
= READY_STAT
| SEEK_STAT
;
2353 s
->error
= 0x01; /* Device 0 passed, Device 1 passed or not
2361 ide_set_signature(s
);
2362 s
->status
= 0x00; /* NOTE: READY is _not_ set */
2368 /* overlapping commands not supported */
2369 if (s
->feature
& 0x02)
2371 s
->status
= READY_STAT
| SEEK_STAT
;
2372 s
->atapi_dma
= s
->feature
& 1;
2374 ide_transfer_start(s
, s
->io_buffer
, ATAPI_PACKET_SIZE
,
2377 /* CF-ATA commands */
2378 case CFA_REQ_EXT_ERROR_CODE
:
2381 s
->error
= 0x09; /* miscellaneous error */
2382 s
->status
= READY_STAT
| SEEK_STAT
;
2385 case CFA_ERASE_SECTORS
:
2386 case CFA_WEAR_LEVEL
:
2389 if (val
== CFA_WEAR_LEVEL
)
2391 if (val
== CFA_ERASE_SECTORS
)
2392 s
->media_changed
= 1;
2394 s
->status
= READY_STAT
| SEEK_STAT
;
2397 case CFA_TRANSLATE_SECTOR
:
2401 s
->status
= READY_STAT
| SEEK_STAT
;
2402 memset(s
->io_buffer
, 0, 0x200);
2403 s
->io_buffer
[0x00] = s
->hcyl
; /* Cyl MSB */
2404 s
->io_buffer
[0x01] = s
->lcyl
; /* Cyl LSB */
2405 s
->io_buffer
[0x02] = s
->select
; /* Head */
2406 s
->io_buffer
[0x03] = s
->sector
; /* Sector */
2407 s
->io_buffer
[0x04] = ide_get_sector(s
) >> 16; /* LBA MSB */
2408 s
->io_buffer
[0x05] = ide_get_sector(s
) >> 8; /* LBA */
2409 s
->io_buffer
[0x06] = ide_get_sector(s
) >> 0; /* LBA LSB */
2410 s
->io_buffer
[0x13] = 0x00; /* Erase flag */
2411 s
->io_buffer
[0x18] = 0x00; /* Hot count */
2412 s
->io_buffer
[0x19] = 0x00; /* Hot count */
2413 s
->io_buffer
[0x1a] = 0x01; /* Hot count */
2414 ide_transfer_start(s
, s
->io_buffer
, 0x200, ide_transfer_stop
);
2417 case CFA_ACCESS_METADATA_STORAGE
:
2420 switch (s
->feature
) {
2421 case 0x02: /* Inquiry Metadata Storage */
2422 ide_cfata_metadata_inquiry(s
);
2424 case 0x03: /* Read Metadata Storage */
2425 ide_cfata_metadata_read(s
);
2427 case 0x04: /* Write Metadata Storage */
2428 ide_cfata_metadata_write(s
);
2433 ide_transfer_start(s
, s
->io_buffer
, 0x200, ide_transfer_stop
);
2434 s
->status
= 0x00; /* NOTE: READY is _not_ set */
2437 case IBM_SENSE_CONDITION
:
2440 switch (s
->feature
) {
2441 case 0x01: /* sense temperature in device */
2442 s
->nsector
= 0x50; /* +20 C */
2447 s
->status
= READY_STAT
| SEEK_STAT
;
2452 ide_abort_command(s
);
2459 static uint32_t ide_ioport_read(void *opaque
, uint32_t addr1
)
2461 IDEState
*ide_if
= opaque
;
2462 IDEState
*s
= ide_if
->cur_drive
;
2467 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2468 //hob = s->select & (1 << 7);
2475 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2480 ret
= s
->hob_feature
;
2483 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2486 ret
= s
->nsector
& 0xff;
2488 ret
= s
->hob_nsector
;
2491 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2496 ret
= s
->hob_sector
;
2499 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2507 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2515 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2522 if ((!ide_if
[0].bs
&& !ide_if
[1].bs
) ||
2523 (s
!= ide_if
&& !s
->bs
))
2527 qemu_irq_lower(s
->irq
);
2531 printf("ide: read addr=0x%x val=%02x\n", addr1
, ret
);
2536 static uint32_t ide_status_read(void *opaque
, uint32_t addr
)
2538 IDEState
*ide_if
= opaque
;
2539 IDEState
*s
= ide_if
->cur_drive
;
2542 if ((!ide_if
[0].bs
&& !ide_if
[1].bs
) ||
2543 (s
!= ide_if
&& !s
->bs
))
2548 printf("ide: read status addr=0x%x val=%02x\n", addr
, ret
);
2553 static void ide_cmd_write(void *opaque
, uint32_t addr
, uint32_t val
)
2555 IDEState
*ide_if
= opaque
;
2560 printf("ide: write control addr=0x%x val=%02x\n", addr
, val
);
2562 /* common for both drives */
2563 if (!(ide_if
[0].cmd
& IDE_CMD_RESET
) &&
2564 (val
& IDE_CMD_RESET
)) {
2565 /* reset low to high */
2566 for(i
= 0;i
< 2; i
++) {
2568 s
->status
= BUSY_STAT
| SEEK_STAT
;
2571 } else if ((ide_if
[0].cmd
& IDE_CMD_RESET
) &&
2572 !(val
& IDE_CMD_RESET
)) {
2574 for(i
= 0;i
< 2; i
++) {
2577 s
->status
= 0x00; /* NOTE: READY is _not_ set */
2579 s
->status
= READY_STAT
| SEEK_STAT
;
2580 ide_set_signature(s
);
2584 ide_if
[0].cmd
= val
;
2585 ide_if
[1].cmd
= val
;
2588 static void ide_data_writew(void *opaque
, uint32_t addr
, uint32_t val
)
2590 IDEState
*s
= ((IDEState
*)opaque
)->cur_drive
;
2593 /* PIO data access allowed only when DRQ bit is set */
2594 if (!(s
->status
& DRQ_STAT
))
2598 *(uint16_t *)p
= le16_to_cpu(val
);
2601 if (p
>= s
->data_end
)
2602 s
->end_transfer_func(s
);
2605 static uint32_t ide_data_readw(void *opaque
, uint32_t addr
)
2607 IDEState
*s
= ((IDEState
*)opaque
)->cur_drive
;
2611 /* PIO data access allowed only when DRQ bit is set */
2612 if (!(s
->status
& DRQ_STAT
))
2616 ret
= cpu_to_le16(*(uint16_t *)p
);
2619 if (p
>= s
->data_end
)
2620 s
->end_transfer_func(s
);
2624 static void ide_data_writel(void *opaque
, uint32_t addr
, uint32_t val
)
2626 IDEState
*s
= ((IDEState
*)opaque
)->cur_drive
;
2629 /* PIO data access allowed only when DRQ bit is set */
2630 if (!(s
->status
& DRQ_STAT
))
2634 *(uint32_t *)p
= le32_to_cpu(val
);
2637 if (p
>= s
->data_end
)
2638 s
->end_transfer_func(s
);
2641 static uint32_t ide_data_readl(void *opaque
, uint32_t addr
)
2643 IDEState
*s
= ((IDEState
*)opaque
)->cur_drive
;
2647 /* PIO data access allowed only when DRQ bit is set */
2648 if (!(s
->status
& DRQ_STAT
))
2652 ret
= cpu_to_le32(*(uint32_t *)p
);
2655 if (p
>= s
->data_end
)
2656 s
->end_transfer_func(s
);
2660 static void ide_dummy_transfer_stop(IDEState
*s
)
2662 s
->data_ptr
= s
->io_buffer
;
2663 s
->data_end
= s
->io_buffer
;
2664 s
->io_buffer
[0] = 0xff;
2665 s
->io_buffer
[1] = 0xff;
2666 s
->io_buffer
[2] = 0xff;
2667 s
->io_buffer
[3] = 0xff;
2670 static void ide_reset(IDEState
*s
)
2673 s
->mult_sectors
= 0;
2675 s
->mult_sectors
= MAX_MULT_SECTORS
;
2678 s
->status
= READY_STAT
| SEEK_STAT
;
2679 ide_set_signature(s
);
2680 /* init the transfer handler so that 0xffff is returned on data
2682 s
->end_transfer_func
= ide_dummy_transfer_stop
;
2683 ide_dummy_transfer_stop(s
);
2684 s
->media_changed
= 0;
2687 static void ide_init2(IDEState
*ide_state
,
2688 BlockDriverState
*hd0
, BlockDriverState
*hd1
,
2692 static int drive_serial
= 1;
2693 int i
, cylinders
, heads
, secs
;
2694 uint64_t nb_sectors
;
2696 for(i
= 0; i
< 2; i
++) {
2698 s
->io_buffer
= qemu_memalign(512, IDE_DMA_BUF_SECTORS
*512 + 4);
2704 bdrv_get_geometry(s
->bs
, &nb_sectors
);
2705 bdrv_guess_geometry(s
->bs
, &cylinders
, &heads
, &secs
);
2706 s
->cylinders
= cylinders
;
2709 s
->nb_sectors
= nb_sectors
;
2711 if (bdrv_get_type_hint(s
->bs
) == BDRV_TYPE_CDROM
) {
2713 bdrv_set_change_cb(s
->bs
, cdrom_change_cb
, s
);
2716 s
->drive_serial
= drive_serial
++;
2718 s
->sector_write_timer
= qemu_new_timer(vm_clock
,
2719 ide_sector_write_timer_cb
, s
);
2724 static void ide_init_ioport(IDEState
*ide_state
, int iobase
, int iobase2
)
2726 register_ioport_write(iobase
, 8, 1, ide_ioport_write
, ide_state
);
2727 register_ioport_read(iobase
, 8, 1, ide_ioport_read
, ide_state
);
2729 register_ioport_read(iobase2
, 1, 1, ide_status_read
, ide_state
);
2730 register_ioport_write(iobase2
, 1, 1, ide_cmd_write
, ide_state
);
2734 register_ioport_write(iobase
, 2, 2, ide_data_writew
, ide_state
);
2735 register_ioport_read(iobase
, 2, 2, ide_data_readw
, ide_state
);
2736 register_ioport_write(iobase
, 4, 4, ide_data_writel
, ide_state
);
2737 register_ioport_read(iobase
, 4, 4, ide_data_readl
, ide_state
);
2740 /* save per IDE drive data */
2741 static void ide_save(QEMUFile
* f
, IDEState
*s
)
2743 qemu_put_be32(f
, s
->mult_sectors
);
2744 qemu_put_be32(f
, s
->identify_set
);
2745 if (s
->identify_set
) {
2746 qemu_put_buffer(f
, (const uint8_t *)s
->identify_data
, 512);
2748 qemu_put_8s(f
, &s
->feature
);
2749 qemu_put_8s(f
, &s
->error
);
2750 qemu_put_be32s(f
, &s
->nsector
);
2751 qemu_put_8s(f
, &s
->sector
);
2752 qemu_put_8s(f
, &s
->lcyl
);
2753 qemu_put_8s(f
, &s
->hcyl
);
2754 qemu_put_8s(f
, &s
->hob_feature
);
2755 qemu_put_8s(f
, &s
->hob_nsector
);
2756 qemu_put_8s(f
, &s
->hob_sector
);
2757 qemu_put_8s(f
, &s
->hob_lcyl
);
2758 qemu_put_8s(f
, &s
->hob_hcyl
);
2759 qemu_put_8s(f
, &s
->select
);
2760 qemu_put_8s(f
, &s
->status
);
2761 qemu_put_8s(f
, &s
->lba48
);
2763 qemu_put_8s(f
, &s
->sense_key
);
2764 qemu_put_8s(f
, &s
->asc
);
2765 /* XXX: if a transfer is pending, we do not save it yet */
2768 /* load per IDE drive data */
2769 static void ide_load(QEMUFile
* f
, IDEState
*s
)
2771 s
->mult_sectors
=qemu_get_be32(f
);
2772 s
->identify_set
=qemu_get_be32(f
);
2773 if (s
->identify_set
) {
2774 qemu_get_buffer(f
, (uint8_t *)s
->identify_data
, 512);
2776 qemu_get_8s(f
, &s
->feature
);
2777 qemu_get_8s(f
, &s
->error
);
2778 qemu_get_be32s(f
, &s
->nsector
);
2779 qemu_get_8s(f
, &s
->sector
);
2780 qemu_get_8s(f
, &s
->lcyl
);
2781 qemu_get_8s(f
, &s
->hcyl
);
2782 qemu_get_8s(f
, &s
->hob_feature
);
2783 qemu_get_8s(f
, &s
->hob_nsector
);
2784 qemu_get_8s(f
, &s
->hob_sector
);
2785 qemu_get_8s(f
, &s
->hob_lcyl
);
2786 qemu_get_8s(f
, &s
->hob_hcyl
);
2787 qemu_get_8s(f
, &s
->select
);
2788 qemu_get_8s(f
, &s
->status
);
2789 qemu_get_8s(f
, &s
->lba48
);
2791 qemu_get_8s(f
, &s
->sense_key
);
2792 qemu_get_8s(f
, &s
->asc
);
2793 /* XXX: if a transfer is pending, we do not save it yet */
2796 /***********************************************************/
2797 /* ISA IDE definitions */
2799 void isa_ide_init(int iobase
, int iobase2
, qemu_irq irq
,
2800 BlockDriverState
*hd0
, BlockDriverState
*hd1
)
2802 IDEState
*ide_state
;
2804 ide_state
= qemu_mallocz(sizeof(IDEState
) * 2);
2808 ide_init2(ide_state
, hd0
, hd1
, irq
);
2809 ide_init_ioport(ide_state
, iobase
, iobase2
);
2812 /***********************************************************/
2813 /* PCI IDE definitions */
2815 static void cmd646_update_irq(PCIIDEState
*d
);
2817 static void ide_map(PCIDevice
*pci_dev
, int region_num
,
2818 uint32_t addr
, uint32_t size
, int type
)
2820 PCIIDEState
*d
= (PCIIDEState
*)pci_dev
;
2821 IDEState
*ide_state
;
2823 if (region_num
<= 3) {
2824 ide_state
= &d
->ide_if
[(region_num
>> 1) * 2];
2825 if (region_num
& 1) {
2826 register_ioport_read(addr
+ 2, 1, 1, ide_status_read
, ide_state
);
2827 register_ioport_write(addr
+ 2, 1, 1, ide_cmd_write
, ide_state
);
2829 register_ioport_write(addr
, 8, 1, ide_ioport_write
, ide_state
);
2830 register_ioport_read(addr
, 8, 1, ide_ioport_read
, ide_state
);
2833 register_ioport_write(addr
, 2, 2, ide_data_writew
, ide_state
);
2834 register_ioport_read(addr
, 2, 2, ide_data_readw
, ide_state
);
2835 register_ioport_write(addr
, 4, 4, ide_data_writel
, ide_state
);
2836 register_ioport_read(addr
, 4, 4, ide_data_readl
, ide_state
);
2841 static void ide_dma_start(IDEState
*s
, BlockDriverCompletionFunc
*dma_cb
)
2843 BMDMAState
*bm
= s
->bmdma
;
2847 bm
->dma_cb
= dma_cb
;
2848 bm
->cur_prd_last
= 0;
2849 bm
->cur_prd_addr
= 0;
2850 bm
->cur_prd_len
= 0;
2851 if (bm
->status
& BM_STATUS_DMAING
) {
2856 static void ide_dma_cancel(BMDMAState
*bm
)
2858 if (bm
->status
& BM_STATUS_DMAING
) {
2859 bm
->status
&= ~BM_STATUS_DMAING
;
2860 /* cancel DMA request */
2865 printf("aio_cancel\n");
2867 bdrv_aio_cancel(bm
->aiocb
);
2873 static void bmdma_cmd_writeb(void *opaque
, uint32_t addr
, uint32_t val
)
2875 BMDMAState
*bm
= opaque
;
2877 printf("%s: 0x%08x\n", __func__
, val
);
2879 if (!(val
& BM_CMD_START
)) {
2880 /* XXX: do it better */
2882 bm
->cmd
= val
& 0x09;
2884 if (!(bm
->status
& BM_STATUS_DMAING
)) {
2885 bm
->status
|= BM_STATUS_DMAING
;
2886 /* start dma transfer if possible */
2890 bm
->cmd
= val
& 0x09;
2894 static uint32_t bmdma_readb(void *opaque
, uint32_t addr
)
2896 BMDMAState
*bm
= opaque
;
2897 PCIIDEState
*pci_dev
;
2905 pci_dev
= bm
->pci_dev
;
2906 if (pci_dev
->type
== IDE_TYPE_CMD646
) {
2907 val
= pci_dev
->dev
.config
[MRDMODE
];
2916 pci_dev
= bm
->pci_dev
;
2917 if (pci_dev
->type
== IDE_TYPE_CMD646
) {
2918 if (bm
== &pci_dev
->bmdma
[0])
2919 val
= pci_dev
->dev
.config
[UDIDETCR0
];
2921 val
= pci_dev
->dev
.config
[UDIDETCR1
];
2931 printf("bmdma: readb 0x%02x : 0x%02x\n", addr
, val
);
2936 static void bmdma_writeb(void *opaque
, uint32_t addr
, uint32_t val
)
2938 BMDMAState
*bm
= opaque
;
2939 PCIIDEState
*pci_dev
;
2941 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr
, val
);
2945 pci_dev
= bm
->pci_dev
;
2946 if (pci_dev
->type
== IDE_TYPE_CMD646
) {
2947 pci_dev
->dev
.config
[MRDMODE
] =
2948 (pci_dev
->dev
.config
[MRDMODE
] & ~0x30) | (val
& 0x30);
2949 cmd646_update_irq(pci_dev
);
2953 bm
->status
= (val
& 0x60) | (bm
->status
& 1) | (bm
->status
& ~val
& 0x06);
2956 pci_dev
= bm
->pci_dev
;
2957 if (pci_dev
->type
== IDE_TYPE_CMD646
) {
2958 if (bm
== &pci_dev
->bmdma
[0])
2959 pci_dev
->dev
.config
[UDIDETCR0
] = val
;
2961 pci_dev
->dev
.config
[UDIDETCR1
] = val
;
2967 static uint32_t bmdma_addr_readb(void *opaque
, uint32_t addr
)
2969 BMDMAState
*bm
= opaque
;
2971 val
= (bm
->addr
>> ((addr
& 3) * 8)) & 0xff;
2973 printf("%s: 0x%08x\n", __func__
, val
);
2978 static void bmdma_addr_writeb(void *opaque
, uint32_t addr
, uint32_t val
)
2980 BMDMAState
*bm
= opaque
;
2981 int shift
= (addr
& 3) * 8;
2983 printf("%s: 0x%08x\n", __func__
, val
);
2985 bm
->addr
&= ~(0xFF << shift
);
2986 bm
->addr
|= ((val
& 0xFF) << shift
) & ~3;
2987 bm
->cur_addr
= bm
->addr
;
2990 static uint32_t bmdma_addr_readw(void *opaque
, uint32_t addr
)
2992 BMDMAState
*bm
= opaque
;
2994 val
= (bm
->addr
>> ((addr
& 3) * 8)) & 0xffff;
2996 printf("%s: 0x%08x\n", __func__
, val
);
3001 static void bmdma_addr_writew(void *opaque
, uint32_t addr
, uint32_t val
)
3003 BMDMAState
*bm
= opaque
;
3004 int shift
= (addr
& 3) * 8;
3006 printf("%s: 0x%08x\n", __func__
, val
);
3008 bm
->addr
&= ~(0xFFFF << shift
);
3009 bm
->addr
|= ((val
& 0xFFFF) << shift
) & ~3;
3010 bm
->cur_addr
= bm
->addr
;
3013 static uint32_t bmdma_addr_readl(void *opaque
, uint32_t addr
)
3015 BMDMAState
*bm
= opaque
;
3019 printf("%s: 0x%08x\n", __func__
, val
);
3024 static void bmdma_addr_writel(void *opaque
, uint32_t addr
, uint32_t val
)
3026 BMDMAState
*bm
= opaque
;
3028 printf("%s: 0x%08x\n", __func__
, val
);
3030 bm
->addr
= val
& ~3;
3031 bm
->cur_addr
= bm
->addr
;
3034 static void bmdma_map(PCIDevice
*pci_dev
, int region_num
,
3035 uint32_t addr
, uint32_t size
, int type
)
3037 PCIIDEState
*d
= (PCIIDEState
*)pci_dev
;
3040 for(i
= 0;i
< 2; i
++) {
3041 BMDMAState
*bm
= &d
->bmdma
[i
];
3042 d
->ide_if
[2 * i
].bmdma
= bm
;
3043 d
->ide_if
[2 * i
+ 1].bmdma
= bm
;
3044 bm
->pci_dev
= (PCIIDEState
*)pci_dev
;
3046 register_ioport_write(addr
, 1, 1, bmdma_cmd_writeb
, bm
);
3048 register_ioport_write(addr
+ 1, 3, 1, bmdma_writeb
, bm
);
3049 register_ioport_read(addr
, 4, 1, bmdma_readb
, bm
);
3051 register_ioport_write(addr
+ 4, 4, 1, bmdma_addr_writeb
, bm
);
3052 register_ioport_read(addr
+ 4, 4, 1, bmdma_addr_readb
, bm
);
3053 register_ioport_write(addr
+ 4, 4, 2, bmdma_addr_writew
, bm
);
3054 register_ioport_read(addr
+ 4, 4, 2, bmdma_addr_readw
, bm
);
3055 register_ioport_write(addr
+ 4, 4, 4, bmdma_addr_writel
, bm
);
3056 register_ioport_read(addr
+ 4, 4, 4, bmdma_addr_readl
, bm
);
3061 /* XXX: call it also when the MRDMODE is changed from the PCI config
3063 static void cmd646_update_irq(PCIIDEState
*d
)
3066 pci_level
= ((d
->dev
.config
[MRDMODE
] & MRDMODE_INTR_CH0
) &&
3067 !(d
->dev
.config
[MRDMODE
] & MRDMODE_BLK_CH0
)) ||
3068 ((d
->dev
.config
[MRDMODE
] & MRDMODE_INTR_CH1
) &&
3069 !(d
->dev
.config
[MRDMODE
] & MRDMODE_BLK_CH1
));
3070 qemu_set_irq(d
->dev
.irq
[0], pci_level
);
3073 /* the PCI irq level is the logical OR of the two channels */
3074 static void cmd646_set_irq(void *opaque
, int channel
, int level
)
3076 PCIIDEState
*d
= opaque
;
3079 irq_mask
= MRDMODE_INTR_CH0
<< channel
;
3081 d
->dev
.config
[MRDMODE
] |= irq_mask
;
3083 d
->dev
.config
[MRDMODE
] &= ~irq_mask
;
3084 cmd646_update_irq(d
);
3087 /* CMD646 PCI IDE controller */
3088 void pci_cmd646_ide_init(PCIBus
*bus
, BlockDriverState
**hd_table
,
3089 int secondary_ide_enabled
)
3096 d
= (PCIIDEState
*)pci_register_device(bus
, "CMD646 IDE",
3097 sizeof(PCIIDEState
),
3100 d
->type
= IDE_TYPE_CMD646
;
3101 pci_conf
= d
->dev
.config
;
3102 pci_conf
[0x00] = 0x95; // CMD646
3103 pci_conf
[0x01] = 0x10;
3104 pci_conf
[0x02] = 0x46;
3105 pci_conf
[0x03] = 0x06;
3107 pci_conf
[0x08] = 0x07; // IDE controller revision
3108 pci_conf
[0x09] = 0x8f;
3110 pci_conf
[0x0a] = 0x01; // class_sub = PCI_IDE
3111 pci_conf
[0x0b] = 0x01; // class_base = PCI_mass_storage
3112 pci_conf
[0x0e] = 0x00; // header_type
3114 if (secondary_ide_enabled
) {
3115 /* XXX: if not enabled, really disable the seconday IDE controller */
3116 pci_conf
[0x51] = 0x80; /* enable IDE1 */
3119 pci_register_io_region((PCIDevice
*)d
, 0, 0x8,
3120 PCI_ADDRESS_SPACE_IO
, ide_map
);
3121 pci_register_io_region((PCIDevice
*)d
, 1, 0x4,
3122 PCI_ADDRESS_SPACE_IO
, ide_map
);
3123 pci_register_io_region((PCIDevice
*)d
, 2, 0x8,
3124 PCI_ADDRESS_SPACE_IO
, ide_map
);
3125 pci_register_io_region((PCIDevice
*)d
, 3, 0x4,
3126 PCI_ADDRESS_SPACE_IO
, ide_map
);
3127 pci_register_io_region((PCIDevice
*)d
, 4, 0x10,
3128 PCI_ADDRESS_SPACE_IO
, bmdma_map
);
3130 pci_conf
[0x3d] = 0x01; // interrupt on pin 1
3132 for(i
= 0; i
< 4; i
++)
3133 d
->ide_if
[i
].pci_dev
= (PCIDevice
*)d
;
3135 irq
= qemu_allocate_irqs(cmd646_set_irq
, d
, 2);
3136 ide_init2(&d
->ide_if
[0], hd_table
[0], hd_table
[1], irq
[0]);
3137 ide_init2(&d
->ide_if
[2], hd_table
[2], hd_table
[3], irq
[1]);
3140 static void pci_ide_save(QEMUFile
* f
, void *opaque
)
3142 PCIIDEState
*d
= opaque
;
3145 pci_device_save(&d
->dev
, f
);
3147 for(i
= 0; i
< 2; i
++) {
3148 BMDMAState
*bm
= &d
->bmdma
[i
];
3149 qemu_put_8s(f
, &bm
->cmd
);
3150 qemu_put_8s(f
, &bm
->status
);
3151 qemu_put_be32s(f
, &bm
->addr
);
3152 /* XXX: if a transfer is pending, we do not save it yet */
3155 /* per IDE interface data */
3156 for(i
= 0; i
< 2; i
++) {
3157 IDEState
*s
= &d
->ide_if
[i
* 2];
3158 uint8_t drive1_selected
;
3159 qemu_put_8s(f
, &s
->cmd
);
3160 drive1_selected
= (s
->cur_drive
!= s
);
3161 qemu_put_8s(f
, &drive1_selected
);
3164 /* per IDE drive data */
3165 for(i
= 0; i
< 4; i
++) {
3166 ide_save(f
, &d
->ide_if
[i
]);
3170 static int pci_ide_load(QEMUFile
* f
, void *opaque
, int version_id
)
3172 PCIIDEState
*d
= opaque
;
3175 if (version_id
!= 1)
3177 ret
= pci_device_load(&d
->dev
, f
);
3181 for(i
= 0; i
< 2; i
++) {
3182 BMDMAState
*bm
= &d
->bmdma
[i
];
3183 qemu_get_8s(f
, &bm
->cmd
);
3184 qemu_get_8s(f
, &bm
->status
);
3185 qemu_get_be32s(f
, &bm
->addr
);
3186 /* XXX: if a transfer is pending, we do not save it yet */
3189 /* per IDE interface data */
3190 for(i
= 0; i
< 2; i
++) {
3191 IDEState
*s
= &d
->ide_if
[i
* 2];
3192 uint8_t drive1_selected
;
3193 qemu_get_8s(f
, &s
->cmd
);
3194 qemu_get_8s(f
, &drive1_selected
);
3195 s
->cur_drive
= &d
->ide_if
[i
* 2 + (drive1_selected
!= 0)];
3198 /* per IDE drive data */
3199 for(i
= 0; i
< 4; i
++) {
3200 ide_load(f
, &d
->ide_if
[i
]);
3205 static void piix3_reset(void *opaque
)
3207 PCIIDEState
*d
= opaque
;
3208 uint8_t *pci_conf
= d
->dev
.config
;
3211 for (i
= 0; i
< 2; i
++)
3212 ide_dma_cancel(&d
->bmdma
[i
]);
3214 pci_conf
[0x04] = 0x00;
3215 pci_conf
[0x05] = 0x00;
3216 pci_conf
[0x06] = 0x80; /* FBC */
3217 pci_conf
[0x07] = 0x02; // PCI_status_devsel_medium
3218 pci_conf
[0x20] = 0x01; /* BMIBA: 20-23h */
3221 /* hd_table must contain 4 block drivers */
3222 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
3223 void pci_piix3_ide_init(PCIBus
*bus
, BlockDriverState
**hd_table
, int devfn
,
3229 /* register a function 1 of PIIX3 */
3230 d
= (PCIIDEState
*)pci_register_device(bus
, "PIIX3 IDE",
3231 sizeof(PCIIDEState
),
3234 d
->type
= IDE_TYPE_PIIX3
;
3236 pci_conf
= d
->dev
.config
;
3237 pci_conf
[0x00] = 0x86; // Intel
3238 pci_conf
[0x01] = 0x80;
3239 pci_conf
[0x02] = 0x10;
3240 pci_conf
[0x03] = 0x70;
3241 pci_conf
[0x09] = 0x80; // legacy ATA mode
3242 pci_conf
[0x0a] = 0x01; // class_sub = PCI_IDE
3243 pci_conf
[0x0b] = 0x01; // class_base = PCI_mass_storage
3244 pci_conf
[0x0e] = 0x00; // header_type
3246 qemu_register_reset(piix3_reset
, d
);
3249 pci_register_io_region((PCIDevice
*)d
, 4, 0x10,
3250 PCI_ADDRESS_SPACE_IO
, bmdma_map
);
3252 ide_init2(&d
->ide_if
[0], hd_table
[0], hd_table
[1], pic
[14]);
3253 ide_init2(&d
->ide_if
[2], hd_table
[2], hd_table
[3], pic
[15]);
3254 ide_init_ioport(&d
->ide_if
[0], 0x1f0, 0x3f6);
3255 ide_init_ioport(&d
->ide_if
[2], 0x170, 0x376);
3257 register_savevm("ide", 0, 1, pci_ide_save
, pci_ide_load
, d
);
3260 /* hd_table must contain 4 block drivers */
3261 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3262 void pci_piix4_ide_init(PCIBus
*bus
, BlockDriverState
**hd_table
, int devfn
,
3268 /* register a function 1 of PIIX4 */
3269 d
= (PCIIDEState
*)pci_register_device(bus
, "PIIX4 IDE",
3270 sizeof(PCIIDEState
),
3273 d
->type
= IDE_TYPE_PIIX4
;
3275 pci_conf
= d
->dev
.config
;
3276 pci_conf
[0x00] = 0x86; // Intel
3277 pci_conf
[0x01] = 0x80;
3278 pci_conf
[0x02] = 0x11;
3279 pci_conf
[0x03] = 0x71;
3280 pci_conf
[0x09] = 0x80; // legacy ATA mode
3281 pci_conf
[0x0a] = 0x01; // class_sub = PCI_IDE
3282 pci_conf
[0x0b] = 0x01; // class_base = PCI_mass_storage
3283 pci_conf
[0x0e] = 0x00; // header_type
3285 qemu_register_reset(piix3_reset
, d
);
3288 pci_register_io_region((PCIDevice
*)d
, 4, 0x10,
3289 PCI_ADDRESS_SPACE_IO
, bmdma_map
);
3291 ide_init2(&d
->ide_if
[0], hd_table
[0], hd_table
[1], pic
[14]);
3292 ide_init2(&d
->ide_if
[2], hd_table
[2], hd_table
[3], pic
[15]);
3293 ide_init_ioport(&d
->ide_if
[0], 0x1f0, 0x3f6);
3294 ide_init_ioport(&d
->ide_if
[2], 0x170, 0x376);
3296 register_savevm("ide", 0, 1, pci_ide_save
, pci_ide_load
, d
);
3299 /***********************************************************/
3300 /* MacIO based PowerPC IDE */
3302 /* PowerMac IDE memory IO */
3303 static void pmac_ide_writeb (void *opaque
,
3304 target_phys_addr_t addr
, uint32_t val
)
3306 addr
= (addr
& 0xFFF) >> 4;
3309 ide_ioport_write(opaque
, addr
, val
);
3313 ide_cmd_write(opaque
, 0, val
);
3320 static uint32_t pmac_ide_readb (void *opaque
,target_phys_addr_t addr
)
3324 addr
= (addr
& 0xFFF) >> 4;
3327 retval
= ide_ioport_read(opaque
, addr
);
3331 retval
= ide_status_read(opaque
, 0);
3340 static void pmac_ide_writew (void *opaque
,
3341 target_phys_addr_t addr
, uint32_t val
)
3343 addr
= (addr
& 0xFFF) >> 4;
3344 #ifdef TARGET_WORDS_BIGENDIAN
3348 ide_data_writew(opaque
, 0, val
);
3352 static uint32_t pmac_ide_readw (void *opaque
,target_phys_addr_t addr
)
3356 addr
= (addr
& 0xFFF) >> 4;
3358 retval
= ide_data_readw(opaque
, 0);
3362 #ifdef TARGET_WORDS_BIGENDIAN
3363 retval
= bswap16(retval
);
3368 static void pmac_ide_writel (void *opaque
,
3369 target_phys_addr_t addr
, uint32_t val
)
3371 addr
= (addr
& 0xFFF) >> 4;
3372 #ifdef TARGET_WORDS_BIGENDIAN
3376 ide_data_writel(opaque
, 0, val
);
3380 static uint32_t pmac_ide_readl (void *opaque
,target_phys_addr_t addr
)
3384 addr
= (addr
& 0xFFF) >> 4;
3386 retval
= ide_data_readl(opaque
, 0);
3388 retval
= 0xFFFFFFFF;
3390 #ifdef TARGET_WORDS_BIGENDIAN
3391 retval
= bswap32(retval
);
3396 static CPUWriteMemoryFunc
*pmac_ide_write
[] = {
3402 static CPUReadMemoryFunc
*pmac_ide_read
[] = {
3408 /* hd_table must contain 4 block drivers */
3409 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3410 I/O index to access the ide. */
3411 int pmac_ide_init (BlockDriverState
**hd_table
, qemu_irq irq
)
3414 int pmac_ide_memory
;
3416 ide_if
= qemu_mallocz(sizeof(IDEState
) * 2);
3417 ide_init2(&ide_if
[0], hd_table
[0], hd_table
[1], irq
);
3419 pmac_ide_memory
= cpu_register_io_memory(0, pmac_ide_read
,
3420 pmac_ide_write
, &ide_if
[0]);
3421 return pmac_ide_memory
;
3424 /***********************************************************/
3425 /* MMIO based ide port
3426 * This emulates IDE device connected directly to the CPU bus without
3427 * dedicated ide controller, which is often seen on embedded boards.
3435 static uint32_t mmio_ide_read (void *opaque
, target_phys_addr_t addr
)
3437 MMIOState
*s
= (MMIOState
*)opaque
;
3438 IDEState
*ide
= (IDEState
*)s
->dev
;
3441 return ide_ioport_read(ide
, addr
);
3443 return ide_data_readw(ide
, 0);
3446 static void mmio_ide_write (void *opaque
, target_phys_addr_t addr
,
3449 MMIOState
*s
= (MMIOState
*)opaque
;
3450 IDEState
*ide
= (IDEState
*)s
->dev
;
3453 ide_ioport_write(ide
, addr
, val
);
3455 ide_data_writew(ide
, 0, val
);
3458 static CPUReadMemoryFunc
*mmio_ide_reads
[] = {
3464 static CPUWriteMemoryFunc
*mmio_ide_writes
[] = {
3470 static uint32_t mmio_ide_status_read (void *opaque
, target_phys_addr_t addr
)
3472 MMIOState
*s
= (MMIOState
*)opaque
;
3473 IDEState
*ide
= (IDEState
*)s
->dev
;
3474 return ide_status_read(ide
, 0);
3477 static void mmio_ide_cmd_write (void *opaque
, target_phys_addr_t addr
,
3480 MMIOState
*s
= (MMIOState
*)opaque
;
3481 IDEState
*ide
= (IDEState
*)s
->dev
;
3482 ide_cmd_write(ide
, 0, val
);
3485 static CPUReadMemoryFunc
*mmio_ide_status
[] = {
3486 mmio_ide_status_read
,
3487 mmio_ide_status_read
,
3488 mmio_ide_status_read
,
3491 static CPUWriteMemoryFunc
*mmio_ide_cmd
[] = {
3497 void mmio_ide_init (target_phys_addr_t membase
, target_phys_addr_t membase2
,
3498 qemu_irq irq
, int shift
,
3499 BlockDriverState
*hd0
, BlockDriverState
*hd1
)
3501 MMIOState
*s
= qemu_mallocz(sizeof(MMIOState
));
3502 IDEState
*ide
= qemu_mallocz(sizeof(IDEState
) * 2);
3505 ide_init2(ide
, hd0
, hd1
, irq
);
3510 mem1
= cpu_register_io_memory(0, mmio_ide_reads
, mmio_ide_writes
, s
);
3511 mem2
= cpu_register_io_memory(0, mmio_ide_status
, mmio_ide_cmd
, s
);
3512 cpu_register_physical_memory(membase
, 16 << shift
, mem1
);
3513 cpu_register_physical_memory(membase2
, 2 << shift
, mem2
);
3516 /***********************************************************/
3517 /* CF-ATA Microdrive */
3519 #define METADATA_SIZE 0x20
3521 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3524 struct pcmcia_card_s card
;
3538 /* Register bitfields */
3541 OPT_MODE_IOMAP16
= 1,
3542 OPT_MODE_IOMAP1
= 2,
3543 OPT_MODE_IOMAP2
= 3,
3554 STAT_CHANGED
= 0x80,
3565 static inline void md_interrupt_update(struct md_s
*s
)
3570 qemu_set_irq(s
->card
.slot
->irq
,
3571 !(s
->stat
& STAT_INT
) && /* Inverted */
3572 !(s
->ctrl
& (CTRL_IEN
| CTRL_SRST
)) &&
3573 !(s
->opt
& OPT_SRESET
));
3576 static void md_set_irq(void *opaque
, int irq
, int level
)
3578 struct md_s
*s
= (struct md_s
*) opaque
;
3580 s
->stat
|= STAT_INT
;
3582 s
->stat
&= ~STAT_INT
;
3584 md_interrupt_update(s
);
3587 static void md_reset(struct md_s
*s
)
3589 s
->opt
= OPT_MODE_MMAP
;
3597 static uint8_t md_attr_read(void *opaque
, uint32_t at
)
3599 struct md_s
*s
= (struct md_s
*) opaque
;
3600 if (at
< s
->attr_base
) {
3601 if (at
< s
->card
.cis_len
)
3602 return s
->card
.cis
[at
];
3610 case 0x00: /* Configuration Option Register */
3612 case 0x02: /* Card Configuration Status Register */
3613 if (s
->ctrl
& CTRL_IEN
)
3614 return s
->stat
& ~STAT_INT
;
3617 case 0x04: /* Pin Replacement Register */
3618 return (s
->pins
& PINS_CRDY
) | 0x0c;
3619 case 0x06: /* Socket and Copy Register */
3623 printf("%s: Bad attribute space register %02x\n", __FUNCTION__
, at
);
3630 static void md_attr_write(void *opaque
, uint32_t at
, uint8_t value
)
3632 struct md_s
*s
= (struct md_s
*) opaque
;
3636 case 0x00: /* Configuration Option Register */
3637 s
->opt
= value
& 0xcf;
3638 if (value
& OPT_SRESET
)
3640 md_interrupt_update(s
);
3642 case 0x02: /* Card Configuration Status Register */
3643 if ((s
->stat
^ value
) & STAT_PWRDWN
)
3644 s
->pins
|= PINS_CRDY
;
3646 s
->stat
|= value
& 0x74;
3647 md_interrupt_update(s
);
3648 /* Word 170 in Identify Device must be equal to STAT_XE */
3650 case 0x04: /* Pin Replacement Register */
3651 s
->pins
&= PINS_CRDY
;
3652 s
->pins
|= value
& PINS_MRDY
;
3654 case 0x06: /* Socket and Copy Register */
3657 printf("%s: Bad attribute space register %02x\n", __FUNCTION__
, at
);
3661 static uint16_t md_common_read(void *opaque
, uint32_t at
)
3663 struct md_s
*s
= (struct md_s
*) opaque
;
3667 switch (s
->opt
& OPT_MODE
) {
3669 if ((at
& ~0x3ff) == 0x400)
3672 case OPT_MODE_IOMAP16
:
3675 case OPT_MODE_IOMAP1
:
3676 if ((at
& ~0xf) == 0x3f0)
3678 else if ((at
& ~0xf) == 0x1f0)
3681 case OPT_MODE_IOMAP2
:
3682 if ((at
& ~0xf) == 0x370)
3684 else if ((at
& ~0xf) == 0x170)
3689 case 0x0: /* Even RD Data */
3691 return ide_data_readw(s
->ide
, 0);
3693 /* TODO: 8-bit accesses */
3697 s
->io
= ide_data_readw(s
->ide
, 0);
3700 s
->cycle
= !s
->cycle
;
3702 case 0x9: /* Odd RD Data */
3704 case 0xd: /* Error */
3705 return ide_ioport_read(s
->ide
, 0x1);
3706 case 0xe: /* Alternate Status */
3707 if (s
->ide
->cur_drive
->bs
)
3708 return s
->ide
->cur_drive
->status
;
3711 case 0xf: /* Device Address */
3712 return 0xc2 | ((~s
->ide
->select
<< 2) & 0x3c);
3714 return ide_ioport_read(s
->ide
, at
);
3720 static void md_common_write(void *opaque
, uint32_t at
, uint16_t value
)
3722 struct md_s
*s
= (struct md_s
*) opaque
;
3725 switch (s
->opt
& OPT_MODE
) {
3727 if ((at
& ~0x3ff) == 0x400)
3730 case OPT_MODE_IOMAP16
:
3733 case OPT_MODE_IOMAP1
:
3734 if ((at
& ~0xf) == 0x3f0)
3736 else if ((at
& ~0xf) == 0x1f0)
3739 case OPT_MODE_IOMAP2
:
3740 if ((at
& ~0xf) == 0x370)
3742 else if ((at
& ~0xf) == 0x170)
3747 case 0x0: /* Even WR Data */
3749 ide_data_writew(s
->ide
, 0, value
);
3752 /* TODO: 8-bit accesses */
3754 ide_data_writew(s
->ide
, 0, s
->io
| (value
<< 8));
3756 s
->io
= value
& 0xff;
3757 s
->cycle
= !s
->cycle
;
3760 s
->io
= value
& 0xff;
3761 s
->cycle
= !s
->cycle
;
3763 case 0xd: /* Features */
3764 ide_ioport_write(s
->ide
, 0x1, value
);
3766 case 0xe: /* Device Control */
3768 if (value
& CTRL_SRST
)
3770 md_interrupt_update(s
);
3773 if (s
->stat
& STAT_PWRDWN
) {
3774 s
->pins
|= PINS_CRDY
;
3775 s
->stat
&= ~STAT_PWRDWN
;
3777 ide_ioport_write(s
->ide
, at
, value
);
3781 static void md_save(QEMUFile
*f
, void *opaque
)
3783 struct md_s
*s
= (struct md_s
*) opaque
;
3785 uint8_t drive1_selected
;
3787 qemu_put_8s(f
, &s
->opt
);
3788 qemu_put_8s(f
, &s
->stat
);
3789 qemu_put_8s(f
, &s
->pins
);
3791 qemu_put_8s(f
, &s
->ctrl
);
3792 qemu_put_be16s(f
, &s
->io
);
3793 qemu_put_byte(f
, s
->cycle
);
3795 drive1_selected
= (s
->ide
->cur_drive
!= s
->ide
);
3796 qemu_put_8s(f
, &s
->ide
->cmd
);
3797 qemu_put_8s(f
, &drive1_selected
);
3799 for (i
= 0; i
< 2; i
++)
3800 ide_save(f
, &s
->ide
[i
]);
3803 static int md_load(QEMUFile
*f
, void *opaque
, int version_id
)
3805 struct md_s
*s
= (struct md_s
*) opaque
;
3807 uint8_t drive1_selected
;
3809 qemu_get_8s(f
, &s
->opt
);
3810 qemu_get_8s(f
, &s
->stat
);
3811 qemu_get_8s(f
, &s
->pins
);
3813 qemu_get_8s(f
, &s
->ctrl
);
3814 qemu_get_be16s(f
, &s
->io
);
3815 s
->cycle
= qemu_get_byte(f
);
3817 qemu_get_8s(f
, &s
->ide
->cmd
);
3818 qemu_get_8s(f
, &drive1_selected
);
3819 s
->ide
->cur_drive
= &s
->ide
[(drive1_selected
!= 0)];
3821 for (i
= 0; i
< 2; i
++)
3822 ide_load(f
, &s
->ide
[i
]);
3827 static const uint8_t dscm1xxxx_cis
[0x14a] = {
3828 [0x000] = CISTPL_DEVICE
, /* 5V Device Information */
3829 [0x002] = 0x03, /* Tuple length = 4 bytes */
3830 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3831 [0x006] = 0x01, /* Size = 2K bytes */
3832 [0x008] = CISTPL_ENDMARK
,
3834 [0x00a] = CISTPL_DEVICE_OC
, /* Additional Device Information */
3835 [0x00c] = 0x04, /* Tuple length = 4 byest */
3836 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3837 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3838 [0x012] = 0x01, /* Size = 2K bytes */
3839 [0x014] = CISTPL_ENDMARK
,
3841 [0x016] = CISTPL_JEDEC_C
, /* JEDEC ID */
3842 [0x018] = 0x02, /* Tuple length = 2 bytes */
3843 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3846 [0x01e] = CISTPL_MANFID
, /* Manufacture ID */
3847 [0x020] = 0x04, /* Tuple length = 4 bytes */
3848 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3850 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3853 [0x02a] = CISTPL_VERS_1
, /* Level 1 Version */
3854 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3855 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3856 [0x030] = 0x01, /* Minor Version = 1 */
3872 [0x050] = CISTPL_ENDMARK
,
3874 [0x052] = CISTPL_FUNCID
, /* Function ID */
3875 [0x054] = 0x02, /* Tuple length = 2 bytes */
3876 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3877 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3879 [0x05a] = CISTPL_FUNCE
, /* Function Extension */
3880 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3881 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3882 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3884 [0x062] = CISTPL_FUNCE
, /* Function Extension */
3885 [0x064] = 0x03, /* Tuple length = 3 bytes */
3886 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3887 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3888 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3890 [0x06c] = CISTPL_CONFIG
, /* Configuration */
3891 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3892 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3893 [0x072] = 0x07, /* TPCC_LAST = 7 */
3894 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3896 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3898 [0x07a] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3899 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3900 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3901 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3902 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3903 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3904 [0x086] = 0x55, /* NomV: 5.0 V */
3905 [0x088] = 0x4d, /* MinV: 4.5 V */
3906 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3907 [0x08c] = 0x4e, /* Peakl: 450 mA */
3908 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3909 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3910 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3912 [0x094] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3913 [0x096] = 0x06, /* Tuple length = 6 bytes */
3914 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3915 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3916 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3917 [0x09e] = 0xb5, /* NomV: 3.3 V */
3919 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3921 [0x0a4] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3922 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3923 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3924 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3925 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3926 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3927 [0x0b0] = 0x55, /* NomV: 5.0 V */
3928 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3929 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3930 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3931 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3932 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3933 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3934 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3935 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3937 [0x0c2] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3938 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3939 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3940 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3941 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3942 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3944 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3946 [0x0d2] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3947 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3948 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3949 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3950 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3951 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3952 [0x0de] = 0x55, /* NomV: 5.0 V */
3953 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3954 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3955 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3956 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3957 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3958 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3960 [0x0ee] = 0x07, /* Address block length = 8 */
3961 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3963 [0x0f4] = 0x01, /* Address block length = 2 */
3964 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3965 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3967 [0x0fa] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3968 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3969 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3970 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3971 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3972 [0x104] = 0xb5, /* NomV: 3.3 V */
3974 [0x108] = 0x3e, /* Peakl: 350 mA */
3976 [0x10a] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3977 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3978 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3979 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3980 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3981 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3982 [0x116] = 0x55, /* NomV: 5.0 V */
3983 [0x118] = 0x4d, /* MinV: 4.5 V */
3984 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3985 [0x11c] = 0x4e, /* Peakl: 450 mA */
3986 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3987 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3988 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3990 [0x126] = 0x07, /* Address block length = 8 */
3991 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3993 [0x12c] = 0x01, /* Address block length = 2 */
3994 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3995 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3997 [0x132] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3998 [0x134] = 0x06, /* Tuple length = 6 bytes */
3999 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
4000 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4001 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4002 [0x13c] = 0xb5, /* NomV: 3.3 V */
4004 [0x140] = 0x3e, /* Peakl: 350 mA */
4006 [0x142] = CISTPL_NO_LINK
, /* No Link */
4007 [0x144] = 0x00, /* Tuple length = 0 bytes */
4009 [0x146] = CISTPL_END
, /* Tuple End */
4012 static int dscm1xxxx_attach(void *opaque
)
4014 struct md_s
*md
= (struct md_s
*) opaque
;
4015 md
->card
.attr_read
= md_attr_read
;
4016 md
->card
.attr_write
= md_attr_write
;
4017 md
->card
.common_read
= md_common_read
;
4018 md
->card
.common_write
= md_common_write
;
4019 md
->card
.io_read
= md_common_read
;
4020 md
->card
.io_write
= md_common_write
;
4022 md
->attr_base
= md
->card
.cis
[0x74] | (md
->card
.cis
[0x76] << 8);
4026 md_interrupt_update(md
);
4028 md
->card
.slot
->card_string
= "DSCM-1xxxx Hitachi Microdrive";
4032 static int dscm1xxxx_detach(void *opaque
)
4034 struct md_s
*md
= (struct md_s
*) opaque
;
4039 struct pcmcia_card_s
*dscm1xxxx_init(BlockDriverState
*bdrv
)
4041 struct md_s
*md
= (struct md_s
*) qemu_mallocz(sizeof(struct md_s
));
4042 md
->card
.state
= md
;
4043 md
->card
.attach
= dscm1xxxx_attach
;
4044 md
->card
.detach
= dscm1xxxx_detach
;
4045 md
->card
.cis
= dscm1xxxx_cis
;
4046 md
->card
.cis_len
= sizeof(dscm1xxxx_cis
);
4048 ide_init2(md
->ide
, bdrv
, 0, qemu_allocate_irqs(md_set_irq
, md
, 1)[0]);
4050 md
->ide
->mdata_size
= METADATA_SIZE
;
4051 md
->ide
->mdata_storage
= (uint8_t *) qemu_mallocz(METADATA_SIZE
);
4053 register_savevm("microdrive", -1, 0, md_save
, md_load
, md
);