2 * QEMU IDE disk and CD/DVD-ROM Emulator
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
28 #include "scsi-disk.h"
31 #include "qemu-timer.h"
35 /* debug IDE devices */
37 //#define DEBUG_IDE_ATAPI
41 /* Bits of HD_STATUS */
43 #define INDEX_STAT 0x02
44 #define ECC_STAT 0x04 /* Corrected error */
46 #define SEEK_STAT 0x10
48 #define WRERR_STAT 0x20
49 #define READY_STAT 0x40
50 #define BUSY_STAT 0x80
52 /* Bits for HD_ERROR */
53 #define MARK_ERR 0x01 /* Bad address mark */
54 #define TRK0_ERR 0x02 /* couldn't find track 0 */
55 #define ABRT_ERR 0x04 /* Command aborted */
56 #define MCR_ERR 0x08 /* media change request */
57 #define ID_ERR 0x10 /* ID field not found */
58 #define MC_ERR 0x20 /* media changed */
59 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
60 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
61 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
63 /* Bits of HD_NSECTOR */
69 #define IDE_CMD_RESET 0x04
70 #define IDE_CMD_DISABLE_IRQ 0x02
72 /* ATA/ATAPI Commands pre T13 Spec */
77 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
81 #define WIN_SRST 0x08 /* ATAPI soft reset command */
82 #define WIN_DEVICE_RESET 0x08
86 #define WIN_RECAL 0x10
87 #define WIN_RESTORE WIN_RECAL
91 #define WIN_READ 0x20 /* 28-Bit */
92 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
93 #define WIN_READ_LONG 0x22 /* 28-Bit */
94 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
95 #define WIN_READ_EXT 0x24 /* 48-Bit */
96 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
97 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
98 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
102 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
104 * 0x2A->0x2F Reserved
106 #define WIN_WRITE 0x30 /* 28-Bit */
107 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
108 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
109 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
110 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
111 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
112 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
113 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
114 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
115 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
117 * 0x3A->0x3B Reserved
119 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
121 * 0x3D->0x3F Reserved
123 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
124 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
125 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
127 * 0x43->0x4F Reserved
129 #define WIN_FORMAT 0x50
131 * 0x51->0x5F Reserved
133 #define WIN_INIT 0x60
135 * 0x61->0x5F Reserved
137 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
138 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
139 #define WIN_DIAGNOSE 0x90
140 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
141 #define WIN_DOWNLOAD_MICROCODE 0x92
142 #define WIN_STANDBYNOW2 0x94
143 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
144 #define WIN_STANDBY2 0x96
145 #define WIN_SETIDLE2 0x97
146 #define WIN_CHECKPOWERMODE2 0x98
147 #define WIN_SLEEPNOW2 0x99
151 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
152 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
153 #define WIN_QUEUED_SERVICE 0xA2
154 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
155 #define CFA_ACCESS_METADATA_STORAGE 0xB8
156 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
157 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
158 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
159 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
160 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
161 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
162 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
163 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
164 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
165 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
166 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
167 #define WIN_GETMEDIASTATUS 0xDA
168 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
169 #define WIN_POSTBOOT 0xDC
170 #define WIN_PREBOOT 0xDD
171 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
172 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
173 #define WIN_STANDBYNOW1 0xE0
174 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
175 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
176 #define WIN_SETIDLE1 0xE3
177 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
178 #define WIN_CHECKPOWERMODE1 0xE5
179 #define WIN_SLEEPNOW1 0xE6
180 #define WIN_FLUSH_CACHE 0xE7
181 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
182 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
183 /* SET_FEATURES 0x22 or 0xDD */
184 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
185 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
186 #define WIN_MEDIAEJECT 0xED
187 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
188 #define WIN_SETFEATURES 0xEF /* set special drive features */
189 #define EXABYTE_ENABLE_NEST 0xF0
190 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
191 #define WIN_SECURITY_SET_PASS 0xF1
192 #define WIN_SECURITY_UNLOCK 0xF2
193 #define WIN_SECURITY_ERASE_PREPARE 0xF3
194 #define WIN_SECURITY_ERASE_UNIT 0xF4
195 #define WIN_SECURITY_FREEZE_LOCK 0xF5
196 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
197 #define WIN_SECURITY_DISABLE 0xF6
198 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
199 #define WIN_SET_MAX 0xF9
200 #define DISABLE_SEAGATE 0xFB
202 /* set to 1 set disable mult support */
203 #define MAX_MULT_SECTORS 16
205 #define IDE_DMA_BUF_SECTORS 256
207 #if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
208 #error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
213 #define ATAPI_PACKET_SIZE 12
215 /* The generic packet command opcodes for CD/DVD Logical Units,
216 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
217 #define GPCMD_BLANK 0xa1
218 #define GPCMD_CLOSE_TRACK 0x5b
219 #define GPCMD_FLUSH_CACHE 0x35
220 #define GPCMD_FORMAT_UNIT 0x04
221 #define GPCMD_GET_CONFIGURATION 0x46
222 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
223 #define GPCMD_GET_PERFORMANCE 0xac
224 #define GPCMD_INQUIRY 0x12
225 #define GPCMD_LOAD_UNLOAD 0xa6
226 #define GPCMD_MECHANISM_STATUS 0xbd
227 #define GPCMD_MODE_SELECT_10 0x55
228 #define GPCMD_MODE_SENSE_10 0x5a
229 #define GPCMD_PAUSE_RESUME 0x4b
230 #define GPCMD_PLAY_AUDIO_10 0x45
231 #define GPCMD_PLAY_AUDIO_MSF 0x47
232 #define GPCMD_PLAY_AUDIO_TI 0x48
233 #define GPCMD_PLAY_CD 0xbc
234 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
235 #define GPCMD_READ_10 0x28
236 #define GPCMD_READ_12 0xa8
237 #define GPCMD_READ_CDVD_CAPACITY 0x25
238 #define GPCMD_READ_CD 0xbe
239 #define GPCMD_READ_CD_MSF 0xb9
240 #define GPCMD_READ_DISC_INFO 0x51
241 #define GPCMD_READ_DVD_STRUCTURE 0xad
242 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
243 #define GPCMD_READ_HEADER 0x44
244 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
245 #define GPCMD_READ_SUBCHANNEL 0x42
246 #define GPCMD_READ_TOC_PMA_ATIP 0x43
247 #define GPCMD_REPAIR_RZONE_TRACK 0x58
248 #define GPCMD_REPORT_KEY 0xa4
249 #define GPCMD_REQUEST_SENSE 0x03
250 #define GPCMD_RESERVE_RZONE_TRACK 0x53
251 #define GPCMD_SCAN 0xba
252 #define GPCMD_SEEK 0x2b
253 #define GPCMD_SEND_DVD_STRUCTURE 0xad
254 #define GPCMD_SEND_EVENT 0xa2
255 #define GPCMD_SEND_KEY 0xa3
256 #define GPCMD_SEND_OPC 0x54
257 #define GPCMD_SET_READ_AHEAD 0xa7
258 #define GPCMD_SET_STREAMING 0xb6
259 #define GPCMD_START_STOP_UNIT 0x1b
260 #define GPCMD_STOP_PLAY_SCAN 0x4e
261 #define GPCMD_TEST_UNIT_READY 0x00
262 #define GPCMD_VERIFY_10 0x2f
263 #define GPCMD_WRITE_10 0x2a
264 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
265 /* This is listed as optional in ATAPI 2.6, but is (curiously)
266 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
267 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
268 * drives support it. */
269 #define GPCMD_SET_SPEED 0xbb
270 /* This seems to be a SCSI specific CD-ROM opcode
271 * to play data at track/index */
272 #define GPCMD_PLAYAUDIO_TI 0x48
274 * From MS Media Status Notification Support Specification. For
277 #define GPCMD_GET_MEDIA_STATUS 0xda
278 #define GPCMD_MODE_SENSE_6 0x1a
280 /* Mode page codes for mode sense/set */
281 #define GPMODE_R_W_ERROR_PAGE 0x01
282 #define GPMODE_WRITE_PARMS_PAGE 0x05
283 #define GPMODE_AUDIO_CTL_PAGE 0x0e
284 #define GPMODE_POWER_PAGE 0x1a
285 #define GPMODE_FAULT_FAIL_PAGE 0x1c
286 #define GPMODE_TO_PROTECT_PAGE 0x1d
287 #define GPMODE_CAPABILITIES_PAGE 0x2a
288 #define GPMODE_ALL_PAGES 0x3f
289 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
290 * of MODE_SENSE_POWER_PAGE */
291 #define GPMODE_CDROM_PAGE 0x0d
294 * Based on values from <linux/cdrom.h> but extending CD_MINS
295 * to the maximum common size allowed by the Orange's Book ATIP
297 * 90 and 99 min CDs are also available but using them as the
298 * upper limit reduces the effectiveness of the heuristic to
299 * detect DVDs burned to less than 25% of their maximum capacity
302 /* Some generally useful CD-ROM information */
303 #define CD_MINS 80 /* max. minutes per CD */
304 #define CD_SECS 60 /* seconds per minute */
305 #define CD_FRAMES 75 /* frames per second */
306 #define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
307 #define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
308 #define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
311 * The MMC values are not IDE specific and might need to be moved
312 * to a common header if they are also needed for the SCSI emulation
315 /* Profile list from MMC-6 revision 1 table 91 */
316 #define MMC_PROFILE_NONE 0x0000
317 #define MMC_PROFILE_CD_ROM 0x0008
318 #define MMC_PROFILE_CD_R 0x0009
319 #define MMC_PROFILE_CD_RW 0x000A
320 #define MMC_PROFILE_DVD_ROM 0x0010
321 #define MMC_PROFILE_DVD_R_SR 0x0011
322 #define MMC_PROFILE_DVD_RAM 0x0012
323 #define MMC_PROFILE_DVD_RW_RO 0x0013
324 #define MMC_PROFILE_DVD_RW_SR 0x0014
325 #define MMC_PROFILE_DVD_R_DL_SR 0x0015
326 #define MMC_PROFILE_DVD_R_DL_JR 0x0016
327 #define MMC_PROFILE_DVD_RW_DL 0x0017
328 #define MMC_PROFILE_DVD_DDR 0x0018
329 #define MMC_PROFILE_DVD_PLUS_RW 0x001A
330 #define MMC_PROFILE_DVD_PLUS_R 0x001B
331 #define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
332 #define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
333 #define MMC_PROFILE_BD_ROM 0x0040
334 #define MMC_PROFILE_BD_R_SRM 0x0041
335 #define MMC_PROFILE_BD_R_RRM 0x0042
336 #define MMC_PROFILE_BD_RE 0x0043
337 #define MMC_PROFILE_HDDVD_ROM 0x0050
338 #define MMC_PROFILE_HDDVD_R 0x0051
339 #define MMC_PROFILE_HDDVD_RAM 0x0052
340 #define MMC_PROFILE_HDDVD_RW 0x0053
341 #define MMC_PROFILE_HDDVD_R_DL 0x0058
342 #define MMC_PROFILE_HDDVD_RW_DL 0x005A
343 #define MMC_PROFILE_INVALID 0xFFFF
345 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
346 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
347 #define ATAPI_INT_REASON_REL 0x04
348 #define ATAPI_INT_REASON_TAG 0xf8
350 /* same constants as bochs */
351 #define ASC_ILLEGAL_OPCODE 0x20
352 #define ASC_LOGICAL_BLOCK_OOR 0x21
353 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
354 #define ASC_INCOMPATIBLE_FORMAT 0x30
355 #define ASC_MEDIUM_NOT_PRESENT 0x3a
356 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
358 #define CFA_NO_ERROR 0x00
359 #define CFA_MISC_ERROR 0x09
360 #define CFA_INVALID_COMMAND 0x20
361 #define CFA_INVALID_ADDRESS 0x21
362 #define CFA_ADDRESS_OVERFLOW 0x2f
365 #define SENSE_NOT_READY 2
366 #define SENSE_ILLEGAL_REQUEST 5
367 #define SENSE_UNIT_ATTENTION 6
371 typedef void EndTransferFunc(struct IDEState
*);
373 /* NOTE: IDEState represents in fact one drive */
374 typedef struct IDEState
{
378 int cylinders
, heads
, sectors
;
382 uint16_t identify_data
[256];
385 struct BMDMAState
*bmdma
;
394 /* other part of tf for lba48 support */
404 /* 0x3f6 command, only meaningful for drive 0 */
406 /* set for lba48 access */
408 /* depends on bit 4 in select, only meaningful for drive 0 */
409 struct IDEState
*cur_drive
;
410 BlockDriverState
*bs
;
414 int packet_transfer_size
;
415 int elementary_transfer_size
;
419 int atapi_dma
; /* true if dma is requested for the packet cmd */
422 /* PIO transfer handling */
423 int req_nb_sectors
; /* number of sectors per interrupt */
424 EndTransferFunc
*end_transfer_func
;
428 QEMUTimer
*sector_write_timer
; /* only used for win2k install hack */
429 uint32_t irq_count
; /* counts IRQs when using win2k install hack */
430 /* CF-ATA extended error */
432 /* CF-ATA metadata storage */
434 uint8_t *mdata_storage
;
438 /* XXX: DVDs that could fit on a CD will be reported as a CD */
439 static inline int media_present(IDEState
*s
)
441 return (s
->nb_sectors
> 0);
444 static inline int media_is_dvd(IDEState
*s
)
446 return (media_present(s
) && s
->nb_sectors
> CD_MAX_SECTORS
);
449 static inline int media_is_cd(IDEState
*s
)
451 return (media_present(s
) && s
->nb_sectors
<= CD_MAX_SECTORS
);
454 #define BM_STATUS_DMAING 0x01
455 #define BM_STATUS_ERROR 0x02
456 #define BM_STATUS_INT 0x04
458 #define BM_CMD_START 0x01
459 #define BM_CMD_READ 0x08
461 #define IDE_TYPE_PIIX3 0
462 #define IDE_TYPE_CMD646 1
463 #define IDE_TYPE_PIIX4 2
465 /* CMD646 specific */
467 #define MRDMODE_INTR_CH0 0x04
468 #define MRDMODE_INTR_CH1 0x08
469 #define MRDMODE_BLK_CH0 0x10
470 #define MRDMODE_BLK_CH1 0x20
471 #define UDIDETCR0 0x73
472 #define UDIDETCR1 0x7B
474 typedef struct BMDMAState
{
479 struct PCIIDEState
*pci_dev
;
480 /* current transfer state */
482 uint32_t cur_prd_last
;
483 uint32_t cur_prd_addr
;
484 uint32_t cur_prd_len
;
486 BlockDriverCompletionFunc
*dma_cb
;
487 BlockDriverAIOCB
*aiocb
;
490 typedef struct PCIIDEState
{
494 int type
; /* see IDE_TYPE_xxx */
497 static void ide_dma_start(IDEState
*s
, BlockDriverCompletionFunc
*dma_cb
);
498 static void ide_atapi_cmd_read_dma_cb(void *opaque
, int ret
);
500 static void padstr(char *str
, const char *src
, int len
)
503 for(i
= 0; i
< len
; i
++) {
512 static void padstr8(uint8_t *buf
, int buf_size
, const char *src
)
515 for(i
= 0; i
< buf_size
; i
++) {
523 static void put_le16(uint16_t *p
, unsigned int v
)
528 static void ide_identify(IDEState
*s
)
531 unsigned int oldsize
;
534 if (s
->identify_set
) {
535 memcpy(s
->io_buffer
, s
->identify_data
, sizeof(s
->identify_data
));
539 memset(s
->io_buffer
, 0, 512);
540 p
= (uint16_t *)s
->io_buffer
;
541 put_le16(p
+ 0, 0x0040);
542 put_le16(p
+ 1, s
->cylinders
);
543 put_le16(p
+ 3, s
->heads
);
544 put_le16(p
+ 4, 512 * s
->sectors
); /* XXX: retired, remove ? */
545 put_le16(p
+ 5, 512); /* XXX: retired, remove ? */
546 put_le16(p
+ 6, s
->sectors
);
547 snprintf(buf
, sizeof(buf
), "QM%05d", s
->drive_serial
);
548 padstr((char *)(p
+ 10), buf
, 20); /* serial number */
549 put_le16(p
+ 20, 3); /* XXX: retired, remove ? */
550 put_le16(p
+ 21, 512); /* cache size in sectors */
551 put_le16(p
+ 22, 4); /* ecc bytes */
552 padstr((char *)(p
+ 23), QEMU_VERSION
, 8); /* firmware version */
553 padstr((char *)(p
+ 27), "QEMU HARDDISK", 40); /* model */
554 #if MAX_MULT_SECTORS > 1
555 put_le16(p
+ 47, 0x8000 | MAX_MULT_SECTORS
);
557 put_le16(p
+ 48, 1); /* dword I/O */
558 put_le16(p
+ 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
559 put_le16(p
+ 51, 0x200); /* PIO transfer cycle */
560 put_le16(p
+ 52, 0x200); /* DMA transfer cycle */
561 put_le16(p
+ 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
562 put_le16(p
+ 54, s
->cylinders
);
563 put_le16(p
+ 55, s
->heads
);
564 put_le16(p
+ 56, s
->sectors
);
565 oldsize
= s
->cylinders
* s
->heads
* s
->sectors
;
566 put_le16(p
+ 57, oldsize
);
567 put_le16(p
+ 58, oldsize
>> 16);
569 put_le16(p
+ 59, 0x100 | s
->mult_sectors
);
570 put_le16(p
+ 60, s
->nb_sectors
);
571 put_le16(p
+ 61, s
->nb_sectors
>> 16);
572 put_le16(p
+ 62, 0x07); /* single word dma0-2 supported */
573 put_le16(p
+ 63, 0x07); /* mdma0-2 supported */
574 put_le16(p
+ 65, 120);
575 put_le16(p
+ 66, 120);
576 put_le16(p
+ 67, 120);
577 put_le16(p
+ 68, 120);
578 put_le16(p
+ 80, 0xf0); /* ata3 -> ata6 supported */
579 put_le16(p
+ 81, 0x16); /* conforms to ata5 */
580 put_le16(p
+ 82, (1 << 14));
581 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
582 put_le16(p
+ 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
583 put_le16(p
+ 84, (1 << 14));
584 put_le16(p
+ 85, (1 << 14));
585 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
586 put_le16(p
+ 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
587 put_le16(p
+ 87, (1 << 14));
588 put_le16(p
+ 88, 0x3f | (1 << 13)); /* udma5 set and supported */
589 put_le16(p
+ 93, 1 | (1 << 14) | 0x2000);
590 put_le16(p
+ 100, s
->nb_sectors
);
591 put_le16(p
+ 101, s
->nb_sectors
>> 16);
592 put_le16(p
+ 102, s
->nb_sectors
>> 32);
593 put_le16(p
+ 103, s
->nb_sectors
>> 48);
595 memcpy(s
->identify_data
, p
, sizeof(s
->identify_data
));
599 static void ide_atapi_identify(IDEState
*s
)
604 if (s
->identify_set
) {
605 memcpy(s
->io_buffer
, s
->identify_data
, sizeof(s
->identify_data
));
609 memset(s
->io_buffer
, 0, 512);
610 p
= (uint16_t *)s
->io_buffer
;
611 /* Removable CDROM, 50us response, 12 byte packets */
612 put_le16(p
+ 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
613 snprintf(buf
, sizeof(buf
), "QM%05d", s
->drive_serial
);
614 padstr((char *)(p
+ 10), buf
, 20); /* serial number */
615 put_le16(p
+ 20, 3); /* buffer type */
616 put_le16(p
+ 21, 512); /* cache size in sectors */
617 put_le16(p
+ 22, 4); /* ecc bytes */
618 padstr((char *)(p
+ 23), QEMU_VERSION
, 8); /* firmware version */
619 padstr((char *)(p
+ 27), "QEMU DVD-ROM", 40); /* model */
620 put_le16(p
+ 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
622 put_le16(p
+ 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
623 put_le16(p
+ 53, 7); /* words 64-70, 54-58, 88 valid */
624 put_le16(p
+ 62, 7); /* single word dma0-2 supported */
625 put_le16(p
+ 63, 7); /* mdma0-2 supported */
626 put_le16(p
+ 64, 0x3f); /* PIO modes supported */
628 put_le16(p
+ 49, 1 << 9); /* LBA supported, no DMA */
629 put_le16(p
+ 53, 3); /* words 64-70, 54-58 valid */
630 put_le16(p
+ 63, 0x103); /* DMA modes XXX: may be incorrect */
631 put_le16(p
+ 64, 1); /* PIO modes */
633 put_le16(p
+ 65, 0xb4); /* minimum DMA multiword tx cycle time */
634 put_le16(p
+ 66, 0xb4); /* recommended DMA multiword tx cycle time */
635 put_le16(p
+ 67, 0x12c); /* minimum PIO cycle time without flow control */
636 put_le16(p
+ 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
638 put_le16(p
+ 71, 30); /* in ns */
639 put_le16(p
+ 72, 30); /* in ns */
641 put_le16(p
+ 80, 0x1e); /* support up to ATA/ATAPI-4 */
643 put_le16(p
+ 88, 0x3f | (1 << 13)); /* udma5 set and supported */
645 memcpy(s
->identify_data
, p
, sizeof(s
->identify_data
));
649 static void ide_cfata_identify(IDEState
*s
)
655 p
= (uint16_t *) s
->identify_data
;
659 memset(p
, 0, sizeof(s
->identify_data
));
661 cur_sec
= s
->cylinders
* s
->heads
* s
->sectors
;
663 put_le16(p
+ 0, 0x848a); /* CF Storage Card signature */
664 put_le16(p
+ 1, s
->cylinders
); /* Default cylinders */
665 put_le16(p
+ 3, s
->heads
); /* Default heads */
666 put_le16(p
+ 6, s
->sectors
); /* Default sectors per track */
667 put_le16(p
+ 7, s
->nb_sectors
>> 16); /* Sectors per card */
668 put_le16(p
+ 8, s
->nb_sectors
); /* Sectors per card */
669 snprintf(buf
, sizeof(buf
), "QM%05d", s
->drive_serial
);
670 padstr((char *)(p
+ 10), buf
, 20); /* Serial number in ASCII */
671 put_le16(p
+ 22, 0x0004); /* ECC bytes */
672 padstr((char *) (p
+ 23), QEMU_VERSION
, 8); /* Firmware Revision */
673 padstr((char *) (p
+ 27), "QEMU MICRODRIVE", 40);/* Model number */
674 #if MAX_MULT_SECTORS > 1
675 put_le16(p
+ 47, 0x8000 | MAX_MULT_SECTORS
);
677 put_le16(p
+ 47, 0x0000);
679 put_le16(p
+ 49, 0x0f00); /* Capabilities */
680 put_le16(p
+ 51, 0x0002); /* PIO cycle timing mode */
681 put_le16(p
+ 52, 0x0001); /* DMA cycle timing mode */
682 put_le16(p
+ 53, 0x0003); /* Translation params valid */
683 put_le16(p
+ 54, s
->cylinders
); /* Current cylinders */
684 put_le16(p
+ 55, s
->heads
); /* Current heads */
685 put_le16(p
+ 56, s
->sectors
); /* Current sectors */
686 put_le16(p
+ 57, cur_sec
); /* Current capacity */
687 put_le16(p
+ 58, cur_sec
>> 16); /* Current capacity */
688 if (s
->mult_sectors
) /* Multiple sector setting */
689 put_le16(p
+ 59, 0x100 | s
->mult_sectors
);
690 put_le16(p
+ 60, s
->nb_sectors
); /* Total LBA sectors */
691 put_le16(p
+ 61, s
->nb_sectors
>> 16); /* Total LBA sectors */
692 put_le16(p
+ 63, 0x0203); /* Multiword DMA capability */
693 put_le16(p
+ 64, 0x0001); /* Flow Control PIO support */
694 put_le16(p
+ 65, 0x0096); /* Min. Multiword DMA cycle */
695 put_le16(p
+ 66, 0x0096); /* Rec. Multiword DMA cycle */
696 put_le16(p
+ 68, 0x00b4); /* Min. PIO cycle time */
697 put_le16(p
+ 82, 0x400c); /* Command Set supported */
698 put_le16(p
+ 83, 0x7068); /* Command Set supported */
699 put_le16(p
+ 84, 0x4000); /* Features supported */
700 put_le16(p
+ 85, 0x000c); /* Command Set enabled */
701 put_le16(p
+ 86, 0x7044); /* Command Set enabled */
702 put_le16(p
+ 87, 0x4000); /* Features enabled */
703 put_le16(p
+ 91, 0x4060); /* Current APM level */
704 put_le16(p
+ 129, 0x0002); /* Current features option */
705 put_le16(p
+ 130, 0x0005); /* Reassigned sectors */
706 put_le16(p
+ 131, 0x0001); /* Initial power mode */
707 put_le16(p
+ 132, 0x0000); /* User signature */
708 put_le16(p
+ 160, 0x8100); /* Power requirement */
709 put_le16(p
+ 161, 0x8001); /* CF command set */
714 memcpy(s
->io_buffer
, p
, sizeof(s
->identify_data
));
717 static void ide_set_signature(IDEState
*s
)
719 s
->select
&= 0xf0; /* clear head */
735 static inline void ide_abort_command(IDEState
*s
)
737 s
->status
= READY_STAT
| ERR_STAT
;
741 static inline void ide_dma_submit_check(IDEState
*s
,
742 BlockDriverCompletionFunc
*dma_cb
, BMDMAState
*bm
)
749 static inline void ide_set_irq(IDEState
*s
)
751 BMDMAState
*bm
= s
->bmdma
;
752 if (!(s
->cmd
& IDE_CMD_DISABLE_IRQ
)) {
754 bm
->status
|= BM_STATUS_INT
;
756 qemu_irq_raise(s
->irq
);
760 /* prepare data transfer and tell what to do after */
761 static void ide_transfer_start(IDEState
*s
, uint8_t *buf
, int size
,
762 EndTransferFunc
*end_transfer_func
)
764 s
->end_transfer_func
= end_transfer_func
;
766 s
->data_end
= buf
+ size
;
767 if (!(s
->status
& ERR_STAT
))
768 s
->status
|= DRQ_STAT
;
771 static void ide_transfer_stop(IDEState
*s
)
773 s
->end_transfer_func
= ide_transfer_stop
;
774 s
->data_ptr
= s
->io_buffer
;
775 s
->data_end
= s
->io_buffer
;
776 s
->status
&= ~DRQ_STAT
;
779 static int64_t ide_get_sector(IDEState
*s
)
782 if (s
->select
& 0x40) {
785 sector_num
= ((s
->select
& 0x0f) << 24) | (s
->hcyl
<< 16) |
786 (s
->lcyl
<< 8) | s
->sector
;
788 sector_num
= ((int64_t)s
->hob_hcyl
<< 40) |
789 ((int64_t) s
->hob_lcyl
<< 32) |
790 ((int64_t) s
->hob_sector
<< 24) |
791 ((int64_t) s
->hcyl
<< 16) |
792 ((int64_t) s
->lcyl
<< 8) | s
->sector
;
795 sector_num
= ((s
->hcyl
<< 8) | s
->lcyl
) * s
->heads
* s
->sectors
+
796 (s
->select
& 0x0f) * s
->sectors
+ (s
->sector
- 1);
801 static void ide_set_sector(IDEState
*s
, int64_t sector_num
)
804 if (s
->select
& 0x40) {
806 s
->select
= (s
->select
& 0xf0) | (sector_num
>> 24);
807 s
->hcyl
= (sector_num
>> 16);
808 s
->lcyl
= (sector_num
>> 8);
809 s
->sector
= (sector_num
);
811 s
->sector
= sector_num
;
812 s
->lcyl
= sector_num
>> 8;
813 s
->hcyl
= sector_num
>> 16;
814 s
->hob_sector
= sector_num
>> 24;
815 s
->hob_lcyl
= sector_num
>> 32;
816 s
->hob_hcyl
= sector_num
>> 40;
819 cyl
= sector_num
/ (s
->heads
* s
->sectors
);
820 r
= sector_num
% (s
->heads
* s
->sectors
);
823 s
->select
= (s
->select
& 0xf0) | ((r
/ s
->sectors
) & 0x0f);
824 s
->sector
= (r
% s
->sectors
) + 1;
828 static void ide_rw_error(IDEState
*s
) {
829 ide_abort_command(s
);
833 static void ide_sector_read(IDEState
*s
)
838 s
->status
= READY_STAT
| SEEK_STAT
;
839 s
->error
= 0; /* not needed by IDE spec, but needed by Windows */
840 sector_num
= ide_get_sector(s
);
843 /* no more sector to read from disk */
844 ide_transfer_stop(s
);
846 #if defined(DEBUG_IDE)
847 printf("read sector=%Ld\n", sector_num
);
849 if (n
> s
->req_nb_sectors
)
850 n
= s
->req_nb_sectors
;
851 ret
= bdrv_read(s
->bs
, sector_num
, s
->io_buffer
, n
);
856 ide_transfer_start(s
, s
->io_buffer
, 512 * n
, ide_sector_read
);
858 ide_set_sector(s
, sector_num
+ n
);
863 static void ide_dma_error(IDEState
*s
)
865 ide_transfer_stop(s
);
867 s
->status
= READY_STAT
| ERR_STAT
;
871 /* return 0 if buffer completed */
872 static int dma_buf_rw(BMDMAState
*bm
, int is_write
)
874 IDEState
*s
= bm
->ide_if
;
882 l
= s
->io_buffer_size
- s
->io_buffer_index
;
885 if (bm
->cur_prd_len
== 0) {
886 /* end of table (with a fail safe of one page) */
887 if (bm
->cur_prd_last
||
888 (bm
->cur_addr
- bm
->addr
) >= 4096)
890 cpu_physical_memory_read(bm
->cur_addr
, (uint8_t *)&prd
, 8);
892 prd
.addr
= le32_to_cpu(prd
.addr
);
893 prd
.size
= le32_to_cpu(prd
.size
);
894 len
= prd
.size
& 0xfffe;
897 bm
->cur_prd_len
= len
;
898 bm
->cur_prd_addr
= prd
.addr
;
899 bm
->cur_prd_last
= (prd
.size
& 0x80000000);
901 if (l
> bm
->cur_prd_len
)
905 cpu_physical_memory_write(bm
->cur_prd_addr
,
906 s
->io_buffer
+ s
->io_buffer_index
, l
);
908 cpu_physical_memory_read(bm
->cur_prd_addr
,
909 s
->io_buffer
+ s
->io_buffer_index
, l
);
911 bm
->cur_prd_addr
+= l
;
912 bm
->cur_prd_len
-= l
;
913 s
->io_buffer_index
+= l
;
919 static void ide_read_dma_cb(void *opaque
, int ret
)
921 BMDMAState
*bm
= opaque
;
922 IDEState
*s
= bm
->ide_if
;
931 n
= s
->io_buffer_size
>> 9;
932 sector_num
= ide_get_sector(s
);
935 ide_set_sector(s
, sector_num
);
937 if (dma_buf_rw(bm
, 1) == 0)
941 /* end of transfer ? */
942 if (s
->nsector
== 0) {
943 s
->status
= READY_STAT
| SEEK_STAT
;
946 bm
->status
&= ~BM_STATUS_DMAING
;
947 bm
->status
|= BM_STATUS_INT
;
954 /* launch next transfer */
956 if (n
> IDE_DMA_BUF_SECTORS
)
957 n
= IDE_DMA_BUF_SECTORS
;
958 s
->io_buffer_index
= 0;
959 s
->io_buffer_size
= n
* 512;
961 printf("aio_read: sector_num=%lld n=%d\n", sector_num
, n
);
963 bm
->aiocb
= bdrv_aio_read(s
->bs
, sector_num
, s
->io_buffer
, n
,
964 ide_read_dma_cb
, bm
);
965 ide_dma_submit_check(s
, ide_read_dma_cb
, bm
);
968 static void ide_sector_read_dma(IDEState
*s
)
970 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
| BUSY_STAT
;
971 s
->io_buffer_index
= 0;
972 s
->io_buffer_size
= 0;
973 ide_dma_start(s
, ide_read_dma_cb
);
976 static void ide_sector_write_timer_cb(void *opaque
)
978 IDEState
*s
= opaque
;
982 static void ide_sector_write(IDEState
*s
)
987 s
->status
= READY_STAT
| SEEK_STAT
;
988 sector_num
= ide_get_sector(s
);
989 #if defined(DEBUG_IDE)
990 printf("write sector=%Ld\n", sector_num
);
993 if (n
> s
->req_nb_sectors
)
994 n
= s
->req_nb_sectors
;
995 ret
= bdrv_write(s
->bs
, sector_num
, s
->io_buffer
, n
);
1002 if (s
->nsector
== 0) {
1003 /* no more sectors to write */
1004 ide_transfer_stop(s
);
1007 if (n1
> s
->req_nb_sectors
)
1008 n1
= s
->req_nb_sectors
;
1009 ide_transfer_start(s
, s
->io_buffer
, 512 * n1
, ide_sector_write
);
1011 ide_set_sector(s
, sector_num
+ n
);
1014 if (win2k_install_hack
&& ((++s
->irq_count
% 16) == 0)) {
1015 /* It seems there is a bug in the Windows 2000 installer HDD
1016 IDE driver which fills the disk with empty logs when the
1017 IDE write IRQ comes too early. This hack tries to correct
1018 that at the expense of slower write performances. Use this
1019 option _only_ to install Windows 2000. You must disable it
1021 qemu_mod_timer(s
->sector_write_timer
,
1022 qemu_get_clock(vm_clock
) + (ticks_per_sec
/ 1000));
1030 static void ide_write_dma_cb(void *opaque
, int ret
)
1032 BMDMAState
*bm
= opaque
;
1033 IDEState
*s
= bm
->ide_if
;
1042 n
= s
->io_buffer_size
>> 9;
1043 sector_num
= ide_get_sector(s
);
1046 ide_set_sector(s
, sector_num
);
1050 /* end of transfer ? */
1051 if (s
->nsector
== 0) {
1052 s
->status
= READY_STAT
| SEEK_STAT
;
1055 bm
->status
&= ~BM_STATUS_DMAING
;
1056 bm
->status
|= BM_STATUS_INT
;
1063 /* launch next transfer */
1065 if (n
> IDE_DMA_BUF_SECTORS
)
1066 n
= IDE_DMA_BUF_SECTORS
;
1067 s
->io_buffer_index
= 0;
1068 s
->io_buffer_size
= n
* 512;
1070 if (dma_buf_rw(bm
, 0) == 0)
1073 printf("aio_write: sector_num=%lld n=%d\n", sector_num
, n
);
1075 bm
->aiocb
= bdrv_aio_write(s
->bs
, sector_num
, s
->io_buffer
, n
,
1076 ide_write_dma_cb
, bm
);
1077 ide_dma_submit_check(s
, ide_write_dma_cb
, bm
);
1080 static void ide_sector_write_dma(IDEState
*s
)
1082 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
| BUSY_STAT
;
1083 s
->io_buffer_index
= 0;
1084 s
->io_buffer_size
= 0;
1085 ide_dma_start(s
, ide_write_dma_cb
);
1088 static void ide_atapi_cmd_ok(IDEState
*s
)
1091 s
->status
= READY_STAT
| SEEK_STAT
;
1092 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
1096 static void ide_atapi_cmd_error(IDEState
*s
, int sense_key
, int asc
)
1098 #ifdef DEBUG_IDE_ATAPI
1099 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key
, asc
);
1101 s
->error
= sense_key
<< 4;
1102 s
->status
= READY_STAT
| ERR_STAT
;
1103 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
1104 s
->sense_key
= sense_key
;
1109 static inline void cpu_to_ube16(uint8_t *buf
, int val
)
1115 static inline void cpu_to_ube32(uint8_t *buf
, unsigned int val
)
1123 static inline int ube16_to_cpu(const uint8_t *buf
)
1125 return (buf
[0] << 8) | buf
[1];
1128 static inline int ube32_to_cpu(const uint8_t *buf
)
1130 return (buf
[0] << 24) | (buf
[1] << 16) | (buf
[2] << 8) | buf
[3];
1133 static void lba_to_msf(uint8_t *buf
, int lba
)
1136 buf
[0] = (lba
/ 75) / 60;
1137 buf
[1] = (lba
/ 75) % 60;
1141 static void cd_data_to_raw(uint8_t *buf
, int lba
)
1145 memset(buf
+ 1, 0xff, 10);
1149 lba_to_msf(buf
, lba
);
1150 buf
[3] = 0x01; /* mode 1 data */
1154 /* XXX: ECC not computed */
1155 memset(buf
, 0, 288);
1158 static int cd_read_sector(BlockDriverState
*bs
, int lba
, uint8_t *buf
,
1163 switch(sector_size
) {
1165 ret
= bdrv_read(bs
, (int64_t)lba
<< 2, buf
, 4);
1168 ret
= bdrv_read(bs
, (int64_t)lba
<< 2, buf
+ 16, 4);
1171 cd_data_to_raw(buf
, lba
);
1180 static void ide_atapi_io_error(IDEState
*s
, int ret
)
1182 /* XXX: handle more errors */
1183 if (ret
== -ENOMEDIUM
) {
1184 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1185 ASC_MEDIUM_NOT_PRESENT
);
1187 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1188 ASC_LOGICAL_BLOCK_OOR
);
1192 /* The whole ATAPI transfer logic is handled in this function */
1193 static void ide_atapi_cmd_reply_end(IDEState
*s
)
1195 int byte_count_limit
, size
, ret
;
1196 #ifdef DEBUG_IDE_ATAPI
1197 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1198 s
->packet_transfer_size
,
1199 s
->elementary_transfer_size
,
1200 s
->io_buffer_index
);
1202 if (s
->packet_transfer_size
<= 0) {
1203 /* end of transfer */
1204 ide_transfer_stop(s
);
1205 s
->status
= READY_STAT
| SEEK_STAT
;
1206 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
1208 #ifdef DEBUG_IDE_ATAPI
1209 printf("status=0x%x\n", s
->status
);
1212 /* see if a new sector must be read */
1213 if (s
->lba
!= -1 && s
->io_buffer_index
>= s
->cd_sector_size
) {
1214 ret
= cd_read_sector(s
->bs
, s
->lba
, s
->io_buffer
, s
->cd_sector_size
);
1216 ide_transfer_stop(s
);
1217 ide_atapi_io_error(s
, ret
);
1221 s
->io_buffer_index
= 0;
1223 if (s
->elementary_transfer_size
> 0) {
1224 /* there are some data left to transmit in this elementary
1226 size
= s
->cd_sector_size
- s
->io_buffer_index
;
1227 if (size
> s
->elementary_transfer_size
)
1228 size
= s
->elementary_transfer_size
;
1229 ide_transfer_start(s
, s
->io_buffer
+ s
->io_buffer_index
,
1230 size
, ide_atapi_cmd_reply_end
);
1231 s
->packet_transfer_size
-= size
;
1232 s
->elementary_transfer_size
-= size
;
1233 s
->io_buffer_index
+= size
;
1235 /* a new transfer is needed */
1236 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
;
1237 byte_count_limit
= s
->lcyl
| (s
->hcyl
<< 8);
1238 #ifdef DEBUG_IDE_ATAPI
1239 printf("byte_count_limit=%d\n", byte_count_limit
);
1241 if (byte_count_limit
== 0xffff)
1243 size
= s
->packet_transfer_size
;
1244 if (size
> byte_count_limit
) {
1245 /* byte count limit must be even if this case */
1246 if (byte_count_limit
& 1)
1248 size
= byte_count_limit
;
1251 s
->hcyl
= size
>> 8;
1252 s
->elementary_transfer_size
= size
;
1253 /* we cannot transmit more than one sector at a time */
1255 if (size
> (s
->cd_sector_size
- s
->io_buffer_index
))
1256 size
= (s
->cd_sector_size
- s
->io_buffer_index
);
1258 ide_transfer_start(s
, s
->io_buffer
+ s
->io_buffer_index
,
1259 size
, ide_atapi_cmd_reply_end
);
1260 s
->packet_transfer_size
-= size
;
1261 s
->elementary_transfer_size
-= size
;
1262 s
->io_buffer_index
+= size
;
1264 #ifdef DEBUG_IDE_ATAPI
1265 printf("status=0x%x\n", s
->status
);
1271 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1272 static void ide_atapi_cmd_reply(IDEState
*s
, int size
, int max_size
)
1274 if (size
> max_size
)
1276 s
->lba
= -1; /* no sector read */
1277 s
->packet_transfer_size
= size
;
1278 s
->io_buffer_size
= size
; /* dma: send the reply data as one chunk */
1279 s
->elementary_transfer_size
= 0;
1280 s
->io_buffer_index
= 0;
1283 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
;
1284 ide_dma_start(s
, ide_atapi_cmd_read_dma_cb
);
1286 s
->status
= READY_STAT
| SEEK_STAT
;
1287 ide_atapi_cmd_reply_end(s
);
1291 /* start a CD-CDROM read command */
1292 static void ide_atapi_cmd_read_pio(IDEState
*s
, int lba
, int nb_sectors
,
1296 s
->packet_transfer_size
= nb_sectors
* sector_size
;
1297 s
->elementary_transfer_size
= 0;
1298 s
->io_buffer_index
= sector_size
;
1299 s
->cd_sector_size
= sector_size
;
1301 s
->status
= READY_STAT
| SEEK_STAT
;
1302 ide_atapi_cmd_reply_end(s
);
1305 /* ATAPI DMA support */
1307 /* XXX: handle read errors */
1308 static void ide_atapi_cmd_read_dma_cb(void *opaque
, int ret
)
1310 BMDMAState
*bm
= opaque
;
1311 IDEState
*s
= bm
->ide_if
;
1315 ide_atapi_io_error(s
, ret
);
1319 if (s
->io_buffer_size
> 0) {
1321 * For a cdrom read sector command (s->lba != -1),
1322 * adjust the lba for the next s->io_buffer_size chunk
1323 * and dma the current chunk.
1324 * For a command != read (s->lba == -1), just transfer
1328 if (s
->cd_sector_size
== 2352) {
1330 cd_data_to_raw(s
->io_buffer
, s
->lba
);
1332 n
= s
->io_buffer_size
>> 11;
1336 s
->packet_transfer_size
-= s
->io_buffer_size
;
1337 if (dma_buf_rw(bm
, 1) == 0)
1341 if (s
->packet_transfer_size
<= 0) {
1342 s
->status
= READY_STAT
| SEEK_STAT
;
1343 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
1346 bm
->status
&= ~BM_STATUS_DMAING
;
1347 bm
->status
|= BM_STATUS_INT
;
1354 s
->io_buffer_index
= 0;
1355 if (s
->cd_sector_size
== 2352) {
1357 s
->io_buffer_size
= s
->cd_sector_size
;
1360 n
= s
->packet_transfer_size
>> 11;
1361 if (n
> (IDE_DMA_BUF_SECTORS
/ 4))
1362 n
= (IDE_DMA_BUF_SECTORS
/ 4);
1363 s
->io_buffer_size
= n
* 2048;
1367 printf("aio_read_cd: lba=%u n=%d\n", s
->lba
, n
);
1369 bm
->aiocb
= bdrv_aio_read(s
->bs
, (int64_t)s
->lba
<< 2,
1370 s
->io_buffer
+ data_offset
, n
* 4,
1371 ide_atapi_cmd_read_dma_cb
, bm
);
1373 /* Note: media not present is the most likely case */
1374 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1375 ASC_MEDIUM_NOT_PRESENT
);
1380 /* start a CD-CDROM read command with DMA */
1381 /* XXX: test if DMA is available */
1382 static void ide_atapi_cmd_read_dma(IDEState
*s
, int lba
, int nb_sectors
,
1386 s
->packet_transfer_size
= nb_sectors
* sector_size
;
1387 s
->io_buffer_index
= 0;
1388 s
->io_buffer_size
= 0;
1389 s
->cd_sector_size
= sector_size
;
1391 /* XXX: check if BUSY_STAT should be set */
1392 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
| BUSY_STAT
;
1393 ide_dma_start(s
, ide_atapi_cmd_read_dma_cb
);
1396 static void ide_atapi_cmd_read(IDEState
*s
, int lba
, int nb_sectors
,
1399 #ifdef DEBUG_IDE_ATAPI
1400 printf("read %s: LBA=%d nb_sectors=%d\n", s
->atapi_dma
? "dma" : "pio",
1404 ide_atapi_cmd_read_dma(s
, lba
, nb_sectors
, sector_size
);
1406 ide_atapi_cmd_read_pio(s
, lba
, nb_sectors
, sector_size
);
1410 static inline uint8_t ide_atapi_set_profile(uint8_t *buf
, uint8_t *index
,
1413 uint8_t *buf_profile
= buf
+ 12; /* start of profiles */
1415 buf_profile
+= ((*index
) * 4); /* start of indexed profile */
1416 cpu_to_ube16 (buf_profile
, profile
);
1417 buf_profile
[2] = ((buf_profile
[0] == buf
[6]) && (buf_profile
[1] == buf
[7]));
1419 /* each profile adds 4 bytes to the response */
1421 buf
[11] += 4; /* Additional Length */
1426 static int ide_dvd_read_structure(IDEState
*s
, int format
,
1427 const uint8_t *packet
, uint8_t *buf
)
1430 case 0x0: /* Physical format information */
1432 int layer
= packet
[6];
1433 uint64_t total_sectors
;
1436 return -ASC_INV_FIELD_IN_CMD_PACKET
;
1438 bdrv_get_geometry(s
->bs
, &total_sectors
);
1439 total_sectors
>>= 2;
1440 if (total_sectors
== 0)
1441 return -ASC_MEDIUM_NOT_PRESENT
;
1443 buf
[4] = 1; /* DVD-ROM, part version 1 */
1444 buf
[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1445 buf
[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1446 buf
[7] = 0; /* default densities */
1448 /* FIXME: 0x30000 per spec? */
1449 cpu_to_ube32(buf
+ 8, 0); /* start sector */
1450 cpu_to_ube32(buf
+ 12, total_sectors
- 1); /* end sector */
1451 cpu_to_ube32(buf
+ 16, total_sectors
- 1); /* l0 end sector */
1453 /* Size of buffer, not including 2 byte size field */
1454 cpu_to_be16wu((uint16_t *)buf
, 2048 + 2);
1456 /* 2k data + 4 byte header */
1460 case 0x01: /* DVD copyright information */
1461 buf
[4] = 0; /* no copyright data */
1462 buf
[5] = 0; /* no region restrictions */
1464 /* Size of buffer, not including 2 byte size field */
1465 cpu_to_be16wu((uint16_t *)buf
, 4 + 2);
1467 /* 4 byte header + 4 byte data */
1470 case 0x03: /* BCA information - invalid field for no BCA info */
1471 return -ASC_INV_FIELD_IN_CMD_PACKET
;
1473 case 0x04: /* DVD disc manufacturing information */
1474 /* Size of buffer, not including 2 byte size field */
1475 cpu_to_be16wu((uint16_t *)buf
, 2048 + 2);
1477 /* 2k data + 4 byte header */
1482 * This lists all the command capabilities above. Add new ones
1483 * in order and update the length and buffer return values.
1486 buf
[4] = 0x00; /* Physical format */
1487 buf
[5] = 0x40; /* Not writable, is readable */
1488 cpu_to_be16wu((uint16_t *)(buf
+ 6), 2048 + 4);
1490 buf
[8] = 0x01; /* Copyright info */
1491 buf
[9] = 0x40; /* Not writable, is readable */
1492 cpu_to_be16wu((uint16_t *)(buf
+ 10), 4 + 4);
1494 buf
[12] = 0x03; /* BCA info */
1495 buf
[13] = 0x40; /* Not writable, is readable */
1496 cpu_to_be16wu((uint16_t *)(buf
+ 14), 188 + 4);
1498 buf
[16] = 0x04; /* Manufacturing info */
1499 buf
[17] = 0x40; /* Not writable, is readable */
1500 cpu_to_be16wu((uint16_t *)(buf
+ 18), 2048 + 4);
1502 /* Size of buffer, not including 2 byte size field */
1503 cpu_to_be16wu((uint16_t *)buf
, 16 + 2);
1505 /* data written + 4 byte header */
1508 default: /* TODO: formats beyond DVD-ROM requires */
1509 return -ASC_INV_FIELD_IN_CMD_PACKET
;
1513 static void ide_atapi_cmd(IDEState
*s
)
1515 const uint8_t *packet
;
1519 packet
= s
->io_buffer
;
1521 #ifdef DEBUG_IDE_ATAPI
1524 printf("ATAPI limit=0x%x packet:", s
->lcyl
| (s
->hcyl
<< 8));
1525 for(i
= 0; i
< ATAPI_PACKET_SIZE
; i
++) {
1526 printf(" %02x", packet
[i
]);
1531 switch(s
->io_buffer
[0]) {
1532 case GPCMD_TEST_UNIT_READY
:
1533 if (bdrv_is_inserted(s
->bs
)) {
1534 ide_atapi_cmd_ok(s
);
1536 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1537 ASC_MEDIUM_NOT_PRESENT
);
1540 case GPCMD_MODE_SENSE_6
:
1541 case GPCMD_MODE_SENSE_10
:
1544 if (packet
[0] == GPCMD_MODE_SENSE_10
)
1545 max_len
= ube16_to_cpu(packet
+ 7);
1547 max_len
= packet
[4];
1548 action
= packet
[2] >> 6;
1549 code
= packet
[2] & 0x3f;
1551 case 0: /* current values */
1553 case 0x01: /* error recovery */
1554 cpu_to_ube16(&buf
[0], 16 + 6);
1570 ide_atapi_cmd_reply(s
, 16, max_len
);
1573 cpu_to_ube16(&buf
[0], 28 + 6);
1588 buf
[14] = (1 << 0) | (1 << 3) | (1 << 5);
1589 if (bdrv_is_locked(s
->bs
))
1592 cpu_to_ube16(&buf
[16], 706);
1595 cpu_to_ube16(&buf
[20], 512);
1596 cpu_to_ube16(&buf
[22], 706);
1601 ide_atapi_cmd_reply(s
, 28, max_len
);
1607 case 1: /* changeable values */
1609 case 2: /* default values */
1612 case 3: /* saved values */
1613 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1614 ASC_SAVING_PARAMETERS_NOT_SUPPORTED
);
1619 case GPCMD_REQUEST_SENSE
:
1620 max_len
= packet
[4];
1622 buf
[0] = 0x70 | (1 << 7);
1623 buf
[2] = s
->sense_key
;
1626 ide_atapi_cmd_reply(s
, 18, max_len
);
1628 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL
:
1629 if (bdrv_is_inserted(s
->bs
)) {
1630 bdrv_set_locked(s
->bs
, packet
[4] & 1);
1631 ide_atapi_cmd_ok(s
);
1633 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1634 ASC_MEDIUM_NOT_PRESENT
);
1640 int nb_sectors
, lba
;
1642 if (packet
[0] == GPCMD_READ_10
)
1643 nb_sectors
= ube16_to_cpu(packet
+ 7);
1645 nb_sectors
= ube32_to_cpu(packet
+ 6);
1646 lba
= ube32_to_cpu(packet
+ 2);
1647 if (nb_sectors
== 0) {
1648 ide_atapi_cmd_ok(s
);
1651 ide_atapi_cmd_read(s
, lba
, nb_sectors
, 2048);
1656 int nb_sectors
, lba
, transfer_request
;
1658 nb_sectors
= (packet
[6] << 16) | (packet
[7] << 8) | packet
[8];
1659 lba
= ube32_to_cpu(packet
+ 2);
1660 if (nb_sectors
== 0) {
1661 ide_atapi_cmd_ok(s
);
1664 transfer_request
= packet
[9];
1665 switch(transfer_request
& 0xf8) {
1668 ide_atapi_cmd_ok(s
);
1672 ide_atapi_cmd_read(s
, lba
, nb_sectors
, 2048);
1676 ide_atapi_cmd_read(s
, lba
, nb_sectors
, 2352);
1679 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1680 ASC_INV_FIELD_IN_CMD_PACKET
);
1688 uint64_t total_sectors
;
1690 bdrv_get_geometry(s
->bs
, &total_sectors
);
1691 total_sectors
>>= 2;
1692 if (total_sectors
== 0) {
1693 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1694 ASC_MEDIUM_NOT_PRESENT
);
1697 lba
= ube32_to_cpu(packet
+ 2);
1698 if (lba
>= total_sectors
) {
1699 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1700 ASC_LOGICAL_BLOCK_OOR
);
1703 ide_atapi_cmd_ok(s
);
1706 case GPCMD_START_STOP_UNIT
:
1709 start
= packet
[4] & 1;
1710 eject
= (packet
[4] >> 1) & 1;
1712 if (eject
&& !start
) {
1713 /* eject the disk */
1714 bdrv_eject(s
->bs
, 1);
1715 } else if (eject
&& start
) {
1716 /* close the tray */
1717 bdrv_eject(s
->bs
, 0);
1719 ide_atapi_cmd_ok(s
);
1722 case GPCMD_MECHANISM_STATUS
:
1724 max_len
= ube16_to_cpu(packet
+ 8);
1725 cpu_to_ube16(buf
, 0);
1726 /* no current LBA */
1731 cpu_to_ube16(buf
+ 6, 0);
1732 ide_atapi_cmd_reply(s
, 8, max_len
);
1735 case GPCMD_READ_TOC_PMA_ATIP
:
1737 int format
, msf
, start_track
, len
;
1738 uint64_t total_sectors
;
1740 bdrv_get_geometry(s
->bs
, &total_sectors
);
1741 total_sectors
>>= 2;
1742 if (total_sectors
== 0) {
1743 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1744 ASC_MEDIUM_NOT_PRESENT
);
1747 max_len
= ube16_to_cpu(packet
+ 7);
1748 format
= packet
[9] >> 6;
1749 msf
= (packet
[1] >> 1) & 1;
1750 start_track
= packet
[6];
1753 len
= cdrom_read_toc(total_sectors
, buf
, msf
, start_track
);
1756 ide_atapi_cmd_reply(s
, len
, max_len
);
1759 /* multi session : only a single session defined */
1764 ide_atapi_cmd_reply(s
, 12, max_len
);
1767 len
= cdrom_read_toc_raw(total_sectors
, buf
, msf
, start_track
);
1770 ide_atapi_cmd_reply(s
, len
, max_len
);
1774 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1775 ASC_INV_FIELD_IN_CMD_PACKET
);
1780 case GPCMD_READ_CDVD_CAPACITY
:
1782 uint64_t total_sectors
;
1784 bdrv_get_geometry(s
->bs
, &total_sectors
);
1785 total_sectors
>>= 2;
1786 if (total_sectors
== 0) {
1787 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1788 ASC_MEDIUM_NOT_PRESENT
);
1791 /* NOTE: it is really the number of sectors minus 1 */
1792 cpu_to_ube32(buf
, total_sectors
- 1);
1793 cpu_to_ube32(buf
+ 4, 2048);
1794 ide_atapi_cmd_reply(s
, 8, 8);
1797 case GPCMD_READ_DVD_STRUCTURE
:
1799 int media
= packet
[1];
1800 int format
= packet
[7];
1803 max_len
= ube16_to_cpu(packet
+ 8);
1805 if (format
< 0xff) {
1806 if (media_is_cd(s
)) {
1807 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1808 ASC_INCOMPATIBLE_FORMAT
);
1810 } else if (!media_present(s
)) {
1811 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1812 ASC_INV_FIELD_IN_CMD_PACKET
);
1817 memset(buf
, 0, max_len
> IDE_DMA_BUF_SECTORS
* 512 + 4 ?
1818 IDE_DMA_BUF_SECTORS
* 512 + 4 : max_len
);
1824 ret
= ide_dvd_read_structure(s
, format
, packet
, buf
);
1827 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
, -ret
);
1829 ide_atapi_cmd_reply(s
, ret
, max_len
);
1833 /* TODO: BD support, fall through for now */
1835 /* Generic disk structures */
1836 case 0x80: /* TODO: AACS volume identifier */
1837 case 0x81: /* TODO: AACS media serial number */
1838 case 0x82: /* TODO: AACS media identifier */
1839 case 0x83: /* TODO: AACS media key block */
1840 case 0x90: /* TODO: List of recognized format layers */
1841 case 0xc0: /* TODO: Write protection status */
1843 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1844 ASC_INV_FIELD_IN_CMD_PACKET
);
1849 case GPCMD_SET_SPEED
:
1850 ide_atapi_cmd_ok(s
);
1853 max_len
= packet
[4];
1854 buf
[0] = 0x05; /* CD-ROM */
1855 buf
[1] = 0x80; /* removable */
1856 buf
[2] = 0x00; /* ISO */
1857 buf
[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1858 buf
[4] = 31; /* additional length */
1859 buf
[5] = 0; /* reserved */
1860 buf
[6] = 0; /* reserved */
1861 buf
[7] = 0; /* reserved */
1862 padstr8(buf
+ 8, 8, "QEMU");
1863 padstr8(buf
+ 16, 16, "QEMU DVD-ROM");
1864 padstr8(buf
+ 32, 4, QEMU_VERSION
);
1865 ide_atapi_cmd_reply(s
, 36, max_len
);
1867 case GPCMD_GET_CONFIGURATION
:
1872 /* only feature 0 is supported */
1873 if (packet
[2] != 0 || packet
[3] != 0) {
1874 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1875 ASC_INV_FIELD_IN_CMD_PACKET
);
1879 /* XXX: could result in alignment problems in some architectures */
1880 max_len
= ube16_to_cpu(packet
+ 7);
1883 * XXX: avoid overflow for io_buffer if max_len is bigger than
1884 * the size of that buffer (dimensioned to max number of
1885 * sectors to transfer at once)
1887 * Only a problem if the feature/profiles grow.
1889 if (max_len
> 512) /* XXX: assume 1 sector */
1892 memset(buf
, 0, max_len
);
1894 * the number of sectors from the media tells us which profile
1895 * to use as current. 0 means there is no media
1897 if (media_is_dvd(s
))
1898 cpu_to_ube16(buf
+ 6, MMC_PROFILE_DVD_ROM
);
1899 else if (media_is_cd(s
))
1900 cpu_to_ube16(buf
+ 6, MMC_PROFILE_CD_ROM
);
1902 buf
[10] = 0x02 | 0x01; /* persistent and current */
1903 len
= 12; /* headers: 8 + 4 */
1904 len
+= ide_atapi_set_profile(buf
, &index
, MMC_PROFILE_DVD_ROM
);
1905 len
+= ide_atapi_set_profile(buf
, &index
, MMC_PROFILE_CD_ROM
);
1906 cpu_to_ube32(buf
, len
- 4); /* data length */
1908 ide_atapi_cmd_reply(s
, len
, max_len
);
1912 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1913 ASC_ILLEGAL_OPCODE
);
1918 static void ide_cfata_metadata_inquiry(IDEState
*s
)
1923 p
= (uint16_t *) s
->io_buffer
;
1924 memset(p
, 0, 0x200);
1925 spd
= ((s
->mdata_size
- 1) >> 9) + 1;
1927 put_le16(p
+ 0, 0x0001); /* Data format revision */
1928 put_le16(p
+ 1, 0x0000); /* Media property: silicon */
1929 put_le16(p
+ 2, s
->media_changed
); /* Media status */
1930 put_le16(p
+ 3, s
->mdata_size
& 0xffff); /* Capacity in bytes (low) */
1931 put_le16(p
+ 4, s
->mdata_size
>> 16); /* Capacity in bytes (high) */
1932 put_le16(p
+ 5, spd
& 0xffff); /* Sectors per device (low) */
1933 put_le16(p
+ 6, spd
>> 16); /* Sectors per device (high) */
1936 static void ide_cfata_metadata_read(IDEState
*s
)
1940 if (((s
->hcyl
<< 16) | s
->lcyl
) << 9 > s
->mdata_size
+ 2) {
1941 s
->status
= ERR_STAT
;
1942 s
->error
= ABRT_ERR
;
1946 p
= (uint16_t *) s
->io_buffer
;
1947 memset(p
, 0, 0x200);
1949 put_le16(p
+ 0, s
->media_changed
); /* Media status */
1950 memcpy(p
+ 1, s
->mdata_storage
+ (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1951 MIN(MIN(s
->mdata_size
- (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1952 s
->nsector
<< 9), 0x200 - 2));
1955 static void ide_cfata_metadata_write(IDEState
*s
)
1957 if (((s
->hcyl
<< 16) | s
->lcyl
) << 9 > s
->mdata_size
+ 2) {
1958 s
->status
= ERR_STAT
;
1959 s
->error
= ABRT_ERR
;
1963 s
->media_changed
= 0;
1965 memcpy(s
->mdata_storage
+ (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1967 MIN(MIN(s
->mdata_size
- (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1968 s
->nsector
<< 9), 0x200 - 2));
1971 /* called when the inserted state of the media has changed */
1972 static void cdrom_change_cb(void *opaque
)
1974 IDEState
*s
= opaque
;
1975 uint64_t nb_sectors
;
1977 /* XXX: send interrupt too */
1978 bdrv_get_geometry(s
->bs
, &nb_sectors
);
1979 s
->nb_sectors
= nb_sectors
;
1982 static void ide_cmd_lba48_transform(IDEState
*s
, int lba48
)
1986 /* handle the 'magic' 0 nsector count conversion here. to avoid
1987 * fiddling with the rest of the read logic, we just store the
1988 * full sector count in ->nsector and ignore ->hob_nsector from now
1994 if (!s
->nsector
&& !s
->hob_nsector
)
1997 int lo
= s
->nsector
;
1998 int hi
= s
->hob_nsector
;
2000 s
->nsector
= (hi
<< 8) | lo
;
2005 static void ide_clear_hob(IDEState
*ide_if
)
2007 /* any write clears HOB high bit of device control register */
2008 ide_if
[0].select
&= ~(1 << 7);
2009 ide_if
[1].select
&= ~(1 << 7);
2012 static void ide_ioport_write(void *opaque
, uint32_t addr
, uint32_t val
)
2014 IDEState
*ide_if
= opaque
;
2020 printf("IDE: write addr=0x%x val=0x%02x\n", addr
, val
);
2025 /* ignore writes to command block while busy with previous command */
2026 if (addr
!= 7 && (ide_if
->cur_drive
->status
& (BUSY_STAT
|DRQ_STAT
)))
2033 ide_clear_hob(ide_if
);
2034 /* NOTE: data is written to the two drives */
2035 ide_if
[0].hob_feature
= ide_if
[0].feature
;
2036 ide_if
[1].hob_feature
= ide_if
[1].feature
;
2037 ide_if
[0].feature
= val
;
2038 ide_if
[1].feature
= val
;
2041 ide_clear_hob(ide_if
);
2042 ide_if
[0].hob_nsector
= ide_if
[0].nsector
;
2043 ide_if
[1].hob_nsector
= ide_if
[1].nsector
;
2044 ide_if
[0].nsector
= val
;
2045 ide_if
[1].nsector
= val
;
2048 ide_clear_hob(ide_if
);
2049 ide_if
[0].hob_sector
= ide_if
[0].sector
;
2050 ide_if
[1].hob_sector
= ide_if
[1].sector
;
2051 ide_if
[0].sector
= val
;
2052 ide_if
[1].sector
= val
;
2055 ide_clear_hob(ide_if
);
2056 ide_if
[0].hob_lcyl
= ide_if
[0].lcyl
;
2057 ide_if
[1].hob_lcyl
= ide_if
[1].lcyl
;
2058 ide_if
[0].lcyl
= val
;
2059 ide_if
[1].lcyl
= val
;
2062 ide_clear_hob(ide_if
);
2063 ide_if
[0].hob_hcyl
= ide_if
[0].hcyl
;
2064 ide_if
[1].hob_hcyl
= ide_if
[1].hcyl
;
2065 ide_if
[0].hcyl
= val
;
2066 ide_if
[1].hcyl
= val
;
2069 /* FIXME: HOB readback uses bit 7 */
2070 ide_if
[0].select
= (val
& ~0x10) | 0xa0;
2071 ide_if
[1].select
= (val
| 0x10) | 0xa0;
2073 unit
= (val
>> 4) & 1;
2075 ide_if
->cur_drive
= s
;
2080 #if defined(DEBUG_IDE)
2081 printf("ide: CMD=%02x\n", val
);
2083 s
= ide_if
->cur_drive
;
2084 /* ignore commands to non existant slave */
2085 if (s
!= ide_if
&& !s
->bs
)
2088 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
2089 if ((s
->status
& (BUSY_STAT
|DRQ_STAT
)) && val
!= WIN_DEVICE_RESET
)
2094 if (s
->bs
&& !s
->is_cdrom
) {
2098 ide_cfata_identify(s
);
2099 s
->status
= READY_STAT
| SEEK_STAT
;
2100 ide_transfer_start(s
, s
->io_buffer
, 512, ide_transfer_stop
);
2103 ide_set_signature(s
);
2105 ide_abort_command(s
);
2112 s
->status
= READY_STAT
| SEEK_STAT
;
2116 if (s
->is_cf
&& s
->nsector
== 0) {
2117 /* Disable Read and Write Multiple */
2118 s
->mult_sectors
= 0;
2119 s
->status
= READY_STAT
| SEEK_STAT
;
2120 } else if ((s
->nsector
& 0xff) != 0 &&
2121 ((s
->nsector
& 0xff) > MAX_MULT_SECTORS
||
2122 (s
->nsector
& (s
->nsector
- 1)) != 0)) {
2123 ide_abort_command(s
);
2125 s
->mult_sectors
= s
->nsector
& 0xff;
2126 s
->status
= READY_STAT
| SEEK_STAT
;
2130 case WIN_VERIFY_EXT
:
2133 case WIN_VERIFY_ONCE
:
2134 /* do sector number check ? */
2135 ide_cmd_lba48_transform(s
, lba48
);
2136 s
->status
= READY_STAT
| SEEK_STAT
;
2145 ide_cmd_lba48_transform(s
, lba48
);
2146 s
->req_nb_sectors
= 1;
2152 case WIN_WRITE_ONCE
:
2153 case CFA_WRITE_SECT_WO_ERASE
:
2154 case WIN_WRITE_VERIFY
:
2155 ide_cmd_lba48_transform(s
, lba48
);
2157 s
->status
= SEEK_STAT
| READY_STAT
;
2158 s
->req_nb_sectors
= 1;
2159 ide_transfer_start(s
, s
->io_buffer
, 512, ide_sector_write
);
2160 s
->media_changed
= 1;
2162 case WIN_MULTREAD_EXT
:
2165 if (!s
->mult_sectors
)
2167 ide_cmd_lba48_transform(s
, lba48
);
2168 s
->req_nb_sectors
= s
->mult_sectors
;
2171 case WIN_MULTWRITE_EXT
:
2174 case CFA_WRITE_MULTI_WO_ERASE
:
2175 if (!s
->mult_sectors
)
2177 ide_cmd_lba48_transform(s
, lba48
);
2179 s
->status
= SEEK_STAT
| READY_STAT
;
2180 s
->req_nb_sectors
= s
->mult_sectors
;
2182 if (n
> s
->req_nb_sectors
)
2183 n
= s
->req_nb_sectors
;
2184 ide_transfer_start(s
, s
->io_buffer
, 512 * n
, ide_sector_write
);
2185 s
->media_changed
= 1;
2187 case WIN_READDMA_EXT
:
2190 case WIN_READDMA_ONCE
:
2193 ide_cmd_lba48_transform(s
, lba48
);
2194 ide_sector_read_dma(s
);
2196 case WIN_WRITEDMA_EXT
:
2199 case WIN_WRITEDMA_ONCE
:
2202 ide_cmd_lba48_transform(s
, lba48
);
2203 ide_sector_write_dma(s
);
2204 s
->media_changed
= 1;
2206 case WIN_READ_NATIVE_MAX_EXT
:
2208 case WIN_READ_NATIVE_MAX
:
2209 ide_cmd_lba48_transform(s
, lba48
);
2210 ide_set_sector(s
, s
->nb_sectors
- 1);
2211 s
->status
= READY_STAT
| SEEK_STAT
;
2214 case WIN_CHECKPOWERMODE1
:
2215 case WIN_CHECKPOWERMODE2
:
2216 s
->nsector
= 0xff; /* device active or idle */
2217 s
->status
= READY_STAT
| SEEK_STAT
;
2220 case WIN_SETFEATURES
:
2223 /* XXX: valid for CDROM ? */
2224 switch(s
->feature
) {
2225 case 0xcc: /* reverting to power-on defaults enable */
2226 case 0x66: /* reverting to power-on defaults disable */
2227 case 0x02: /* write cache enable */
2228 case 0x82: /* write cache disable */
2229 case 0xaa: /* read look-ahead enable */
2230 case 0x55: /* read look-ahead disable */
2231 case 0x05: /* set advanced power management mode */
2232 case 0x85: /* disable advanced power management mode */
2233 case 0x69: /* NOP */
2234 case 0x67: /* NOP */
2235 case 0x96: /* NOP */
2236 case 0x9a: /* NOP */
2237 case 0x42: /* enable Automatic Acoustic Mode */
2238 case 0xc2: /* disable Automatic Acoustic Mode */
2239 s
->status
= READY_STAT
| SEEK_STAT
;
2242 case 0x03: { /* set transfer mode */
2243 uint8_t val
= s
->nsector
& 0x07;
2245 switch (s
->nsector
>> 3) {
2246 case 0x00: /* pio default */
2247 case 0x01: /* pio mode */
2248 put_le16(s
->identify_data
+ 62,0x07);
2249 put_le16(s
->identify_data
+ 63,0x07);
2250 put_le16(s
->identify_data
+ 88,0x3f);
2252 case 0x02: /* sigle word dma mode*/
2253 put_le16(s
->identify_data
+ 62,0x07 | (1 << (val
+ 8)));
2254 put_le16(s
->identify_data
+ 63,0x07);
2255 put_le16(s
->identify_data
+ 88,0x3f);
2257 case 0x04: /* mdma mode */
2258 put_le16(s
->identify_data
+ 62,0x07);
2259 put_le16(s
->identify_data
+ 63,0x07 | (1 << (val
+ 8)));
2260 put_le16(s
->identify_data
+ 88,0x3f);
2262 case 0x08: /* udma mode */
2263 put_le16(s
->identify_data
+ 62,0x07);
2264 put_le16(s
->identify_data
+ 63,0x07);
2265 put_le16(s
->identify_data
+ 88,0x3f | (1 << (val
+ 8)));
2270 s
->status
= READY_STAT
| SEEK_STAT
;
2278 case WIN_FLUSH_CACHE
:
2279 case WIN_FLUSH_CACHE_EXT
:
2282 s
->status
= READY_STAT
| SEEK_STAT
;
2287 case WIN_STANDBYNOW1
:
2288 case WIN_STANDBYNOW2
:
2289 case WIN_IDLEIMMEDIATE
:
2290 case CFA_IDLEIMMEDIATE
:
2295 s
->status
= READY_STAT
;
2298 /* ATAPI commands */
2301 ide_atapi_identify(s
);
2302 s
->status
= READY_STAT
| SEEK_STAT
;
2303 ide_transfer_start(s
, s
->io_buffer
, 512, ide_transfer_stop
);
2305 ide_abort_command(s
);
2310 ide_set_signature(s
);
2312 s
->status
= 0; /* ATAPI spec (v6) section 9.10 defines packet
2313 * devices to return a clear status register
2314 * with READY_STAT *not* set. */
2316 s
->status
= READY_STAT
| SEEK_STAT
;
2317 s
->error
= 0x01; /* Device 0 passed, Device 1 passed or not
2325 ide_set_signature(s
);
2326 s
->status
= 0x00; /* NOTE: READY is _not_ set */
2332 /* overlapping commands not supported */
2333 if (s
->feature
& 0x02)
2335 s
->status
= READY_STAT
| SEEK_STAT
;
2336 s
->atapi_dma
= s
->feature
& 1;
2338 ide_transfer_start(s
, s
->io_buffer
, ATAPI_PACKET_SIZE
,
2341 /* CF-ATA commands */
2342 case CFA_REQ_EXT_ERROR_CODE
:
2345 s
->error
= 0x09; /* miscellaneous error */
2346 s
->status
= READY_STAT
| SEEK_STAT
;
2349 case CFA_ERASE_SECTORS
:
2350 case CFA_WEAR_LEVEL
:
2353 if (val
== CFA_WEAR_LEVEL
)
2355 if (val
== CFA_ERASE_SECTORS
)
2356 s
->media_changed
= 1;
2358 s
->status
= READY_STAT
| SEEK_STAT
;
2361 case CFA_TRANSLATE_SECTOR
:
2365 s
->status
= READY_STAT
| SEEK_STAT
;
2366 memset(s
->io_buffer
, 0, 0x200);
2367 s
->io_buffer
[0x00] = s
->hcyl
; /* Cyl MSB */
2368 s
->io_buffer
[0x01] = s
->lcyl
; /* Cyl LSB */
2369 s
->io_buffer
[0x02] = s
->select
; /* Head */
2370 s
->io_buffer
[0x03] = s
->sector
; /* Sector */
2371 s
->io_buffer
[0x04] = ide_get_sector(s
) >> 16; /* LBA MSB */
2372 s
->io_buffer
[0x05] = ide_get_sector(s
) >> 8; /* LBA */
2373 s
->io_buffer
[0x06] = ide_get_sector(s
) >> 0; /* LBA LSB */
2374 s
->io_buffer
[0x13] = 0x00; /* Erase flag */
2375 s
->io_buffer
[0x18] = 0x00; /* Hot count */
2376 s
->io_buffer
[0x19] = 0x00; /* Hot count */
2377 s
->io_buffer
[0x1a] = 0x01; /* Hot count */
2378 ide_transfer_start(s
, s
->io_buffer
, 0x200, ide_transfer_stop
);
2381 case CFA_ACCESS_METADATA_STORAGE
:
2384 switch (s
->feature
) {
2385 case 0x02: /* Inquiry Metadata Storage */
2386 ide_cfata_metadata_inquiry(s
);
2388 case 0x03: /* Read Metadata Storage */
2389 ide_cfata_metadata_read(s
);
2391 case 0x04: /* Write Metadata Storage */
2392 ide_cfata_metadata_write(s
);
2397 ide_transfer_start(s
, s
->io_buffer
, 0x200, ide_transfer_stop
);
2398 s
->status
= 0x00; /* NOTE: READY is _not_ set */
2401 case IBM_SENSE_CONDITION
:
2404 switch (s
->feature
) {
2405 case 0x01: /* sense temperature in device */
2406 s
->nsector
= 0x50; /* +20 C */
2411 s
->status
= READY_STAT
| SEEK_STAT
;
2416 ide_abort_command(s
);
2423 static uint32_t ide_ioport_read(void *opaque
, uint32_t addr1
)
2425 IDEState
*ide_if
= opaque
;
2426 IDEState
*s
= ide_if
->cur_drive
;
2431 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2432 //hob = s->select & (1 << 7);
2439 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2444 ret
= s
->hob_feature
;
2447 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2450 ret
= s
->nsector
& 0xff;
2452 ret
= s
->hob_nsector
;
2455 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2460 ret
= s
->hob_sector
;
2463 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2471 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2479 if (!ide_if
[0].bs
&& !ide_if
[1].bs
)
2486 if ((!ide_if
[0].bs
&& !ide_if
[1].bs
) ||
2487 (s
!= ide_if
&& !s
->bs
))
2491 qemu_irq_lower(s
->irq
);
2495 printf("ide: read addr=0x%x val=%02x\n", addr1
, ret
);
2500 static uint32_t ide_status_read(void *opaque
, uint32_t addr
)
2502 IDEState
*ide_if
= opaque
;
2503 IDEState
*s
= ide_if
->cur_drive
;
2506 if ((!ide_if
[0].bs
&& !ide_if
[1].bs
) ||
2507 (s
!= ide_if
&& !s
->bs
))
2512 printf("ide: read status addr=0x%x val=%02x\n", addr
, ret
);
2517 static void ide_cmd_write(void *opaque
, uint32_t addr
, uint32_t val
)
2519 IDEState
*ide_if
= opaque
;
2524 printf("ide: write control addr=0x%x val=%02x\n", addr
, val
);
2526 /* common for both drives */
2527 if (!(ide_if
[0].cmd
& IDE_CMD_RESET
) &&
2528 (val
& IDE_CMD_RESET
)) {
2529 /* reset low to high */
2530 for(i
= 0;i
< 2; i
++) {
2532 s
->status
= BUSY_STAT
| SEEK_STAT
;
2535 } else if ((ide_if
[0].cmd
& IDE_CMD_RESET
) &&
2536 !(val
& IDE_CMD_RESET
)) {
2538 for(i
= 0;i
< 2; i
++) {
2541 s
->status
= 0x00; /* NOTE: READY is _not_ set */
2543 s
->status
= READY_STAT
| SEEK_STAT
;
2544 ide_set_signature(s
);
2548 ide_if
[0].cmd
= val
;
2549 ide_if
[1].cmd
= val
;
2552 static void ide_data_writew(void *opaque
, uint32_t addr
, uint32_t val
)
2554 IDEState
*s
= ((IDEState
*)opaque
)->cur_drive
;
2557 /* PIO data access allowed only when DRQ bit is set */
2558 if (!(s
->status
& DRQ_STAT
))
2562 *(uint16_t *)p
= le16_to_cpu(val
);
2565 if (p
>= s
->data_end
)
2566 s
->end_transfer_func(s
);
2569 static uint32_t ide_data_readw(void *opaque
, uint32_t addr
)
2571 IDEState
*s
= ((IDEState
*)opaque
)->cur_drive
;
2575 /* PIO data access allowed only when DRQ bit is set */
2576 if (!(s
->status
& DRQ_STAT
))
2580 ret
= cpu_to_le16(*(uint16_t *)p
);
2583 if (p
>= s
->data_end
)
2584 s
->end_transfer_func(s
);
2588 static void ide_data_writel(void *opaque
, uint32_t addr
, uint32_t val
)
2590 IDEState
*s
= ((IDEState
*)opaque
)->cur_drive
;
2593 /* PIO data access allowed only when DRQ bit is set */
2594 if (!(s
->status
& DRQ_STAT
))
2598 *(uint32_t *)p
= le32_to_cpu(val
);
2601 if (p
>= s
->data_end
)
2602 s
->end_transfer_func(s
);
2605 static uint32_t ide_data_readl(void *opaque
, uint32_t addr
)
2607 IDEState
*s
= ((IDEState
*)opaque
)->cur_drive
;
2611 /* PIO data access allowed only when DRQ bit is set */
2612 if (!(s
->status
& DRQ_STAT
))
2616 ret
= cpu_to_le32(*(uint32_t *)p
);
2619 if (p
>= s
->data_end
)
2620 s
->end_transfer_func(s
);
2624 static void ide_dummy_transfer_stop(IDEState
*s
)
2626 s
->data_ptr
= s
->io_buffer
;
2627 s
->data_end
= s
->io_buffer
;
2628 s
->io_buffer
[0] = 0xff;
2629 s
->io_buffer
[1] = 0xff;
2630 s
->io_buffer
[2] = 0xff;
2631 s
->io_buffer
[3] = 0xff;
2634 static void ide_reset(IDEState
*s
)
2637 s
->mult_sectors
= 0;
2639 s
->mult_sectors
= MAX_MULT_SECTORS
;
2642 s
->status
= READY_STAT
| SEEK_STAT
;
2643 ide_set_signature(s
);
2644 /* init the transfer handler so that 0xffff is returned on data
2646 s
->end_transfer_func
= ide_dummy_transfer_stop
;
2647 ide_dummy_transfer_stop(s
);
2648 s
->media_changed
= 0;
2652 uint8_t boot_ind
; /* 0x80 - active */
2653 uint8_t head
; /* starting head */
2654 uint8_t sector
; /* starting sector */
2655 uint8_t cyl
; /* starting cylinder */
2656 uint8_t sys_ind
; /* What partition type */
2657 uint8_t end_head
; /* end head */
2658 uint8_t end_sector
; /* end sector */
2659 uint8_t end_cyl
; /* end cylinder */
2660 uint32_t start_sect
; /* starting sector counting from 0 */
2661 uint32_t nr_sects
; /* nr of sectors in partition */
2662 } __attribute__((packed
));
2664 /* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
2665 static int guess_disk_lchs(IDEState
*s
,
2666 int *pcylinders
, int *pheads
, int *psectors
)
2668 uint8_t *buf
= s
->io_buffer
;
2669 int ret
, i
, heads
, sectors
, cylinders
;
2670 struct partition
*p
;
2673 ret
= bdrv_read(s
->bs
, 0, buf
, 1);
2677 /* test msdos magic */
2678 if (buf
[510] != 0x55 || buf
[511] != 0xaa) {
2681 for(i
= 0; i
< 4; i
++) {
2682 p
= ((struct partition
*)(buf
+ 0x1be)) + i
;
2683 nr_sects
= le32_to_cpu(p
->nr_sects
);
2684 if (nr_sects
&& p
->end_head
) {
2685 /* We make the assumption that the partition terminates on
2686 a cylinder boundary */
2687 heads
= p
->end_head
+ 1;
2688 sectors
= p
->end_sector
& 63;
2691 cylinders
= s
->nb_sectors
/ (heads
* sectors
);
2692 if (cylinders
< 1 || cylinders
> 16383)
2695 *psectors
= sectors
;
2696 *pcylinders
= cylinders
;
2698 printf("guessed geometry: LCHS=%d %d %d\n",
2699 cylinders
, heads
, sectors
);
2707 static void ide_init2(IDEState
*ide_state
,
2708 BlockDriverState
*hd0
, BlockDriverState
*hd1
,
2712 static int drive_serial
= 1;
2713 int i
, cylinders
, heads
, secs
, translation
, lba_detected
= 0;
2714 uint64_t nb_sectors
;
2716 for(i
= 0; i
< 2; i
++) {
2718 s
->io_buffer
= qemu_memalign(512, IDE_DMA_BUF_SECTORS
*512 + 4);
2724 bdrv_get_geometry(s
->bs
, &nb_sectors
);
2725 s
->nb_sectors
= nb_sectors
;
2726 /* if a geometry hint is available, use it */
2727 bdrv_get_geometry_hint(s
->bs
, &cylinders
, &heads
, &secs
);
2728 translation
= bdrv_get_translation_hint(s
->bs
);
2729 if (cylinders
!= 0) {
2730 s
->cylinders
= cylinders
;
2734 if (guess_disk_lchs(s
, &cylinders
, &heads
, &secs
) == 0) {
2736 /* if heads > 16, it means that a BIOS LBA
2737 translation was active, so the default
2738 hardware geometry is OK */
2740 goto default_geometry
;
2742 s
->cylinders
= cylinders
;
2745 /* disable any translation to be in sync with
2746 the logical geometry */
2747 if (translation
== BIOS_ATA_TRANSLATION_AUTO
) {
2748 bdrv_set_translation_hint(s
->bs
,
2749 BIOS_ATA_TRANSLATION_NONE
);
2754 /* if no geometry, use a standard physical disk geometry */
2755 cylinders
= nb_sectors
/ (16 * 63);
2756 if (cylinders
> 16383)
2758 else if (cylinders
< 2)
2760 s
->cylinders
= cylinders
;
2763 if ((lba_detected
== 1) && (translation
== BIOS_ATA_TRANSLATION_AUTO
)) {
2764 if ((s
->cylinders
* s
->heads
) <= 131072) {
2765 bdrv_set_translation_hint(s
->bs
,
2766 BIOS_ATA_TRANSLATION_LARGE
);
2768 bdrv_set_translation_hint(s
->bs
,
2769 BIOS_ATA_TRANSLATION_LBA
);
2773 bdrv_set_geometry_hint(s
->bs
, s
->cylinders
, s
->heads
, s
->sectors
);
2775 if (bdrv_get_type_hint(s
->bs
) == BDRV_TYPE_CDROM
) {
2777 bdrv_set_change_cb(s
->bs
, cdrom_change_cb
, s
);
2780 s
->drive_serial
= drive_serial
++;
2782 s
->sector_write_timer
= qemu_new_timer(vm_clock
,
2783 ide_sector_write_timer_cb
, s
);
2788 static void ide_init_ioport(IDEState
*ide_state
, int iobase
, int iobase2
)
2790 register_ioport_write(iobase
, 8, 1, ide_ioport_write
, ide_state
);
2791 register_ioport_read(iobase
, 8, 1, ide_ioport_read
, ide_state
);
2793 register_ioport_read(iobase2
, 1, 1, ide_status_read
, ide_state
);
2794 register_ioport_write(iobase2
, 1, 1, ide_cmd_write
, ide_state
);
2798 register_ioport_write(iobase
, 2, 2, ide_data_writew
, ide_state
);
2799 register_ioport_read(iobase
, 2, 2, ide_data_readw
, ide_state
);
2800 register_ioport_write(iobase
, 4, 4, ide_data_writel
, ide_state
);
2801 register_ioport_read(iobase
, 4, 4, ide_data_readl
, ide_state
);
2804 /* save per IDE drive data */
2805 static void ide_save(QEMUFile
* f
, IDEState
*s
)
2807 qemu_put_be32(f
, s
->mult_sectors
);
2808 qemu_put_be32(f
, s
->identify_set
);
2809 if (s
->identify_set
) {
2810 qemu_put_buffer(f
, (const uint8_t *)s
->identify_data
, 512);
2812 qemu_put_8s(f
, &s
->feature
);
2813 qemu_put_8s(f
, &s
->error
);
2814 qemu_put_be32s(f
, &s
->nsector
);
2815 qemu_put_8s(f
, &s
->sector
);
2816 qemu_put_8s(f
, &s
->lcyl
);
2817 qemu_put_8s(f
, &s
->hcyl
);
2818 qemu_put_8s(f
, &s
->hob_feature
);
2819 qemu_put_8s(f
, &s
->hob_nsector
);
2820 qemu_put_8s(f
, &s
->hob_sector
);
2821 qemu_put_8s(f
, &s
->hob_lcyl
);
2822 qemu_put_8s(f
, &s
->hob_hcyl
);
2823 qemu_put_8s(f
, &s
->select
);
2824 qemu_put_8s(f
, &s
->status
);
2825 qemu_put_8s(f
, &s
->lba48
);
2827 qemu_put_8s(f
, &s
->sense_key
);
2828 qemu_put_8s(f
, &s
->asc
);
2829 /* XXX: if a transfer is pending, we do not save it yet */
2832 /* load per IDE drive data */
2833 static void ide_load(QEMUFile
* f
, IDEState
*s
)
2835 s
->mult_sectors
=qemu_get_be32(f
);
2836 s
->identify_set
=qemu_get_be32(f
);
2837 if (s
->identify_set
) {
2838 qemu_get_buffer(f
, (uint8_t *)s
->identify_data
, 512);
2840 qemu_get_8s(f
, &s
->feature
);
2841 qemu_get_8s(f
, &s
->error
);
2842 qemu_get_be32s(f
, &s
->nsector
);
2843 qemu_get_8s(f
, &s
->sector
);
2844 qemu_get_8s(f
, &s
->lcyl
);
2845 qemu_get_8s(f
, &s
->hcyl
);
2846 qemu_get_8s(f
, &s
->hob_feature
);
2847 qemu_get_8s(f
, &s
->hob_nsector
);
2848 qemu_get_8s(f
, &s
->hob_sector
);
2849 qemu_get_8s(f
, &s
->hob_lcyl
);
2850 qemu_get_8s(f
, &s
->hob_hcyl
);
2851 qemu_get_8s(f
, &s
->select
);
2852 qemu_get_8s(f
, &s
->status
);
2853 qemu_get_8s(f
, &s
->lba48
);
2855 qemu_get_8s(f
, &s
->sense_key
);
2856 qemu_get_8s(f
, &s
->asc
);
2857 /* XXX: if a transfer is pending, we do not save it yet */
2860 /***********************************************************/
2861 /* ISA IDE definitions */
2863 void isa_ide_init(int iobase
, int iobase2
, qemu_irq irq
,
2864 BlockDriverState
*hd0
, BlockDriverState
*hd1
)
2866 IDEState
*ide_state
;
2868 ide_state
= qemu_mallocz(sizeof(IDEState
) * 2);
2872 ide_init2(ide_state
, hd0
, hd1
, irq
);
2873 ide_init_ioport(ide_state
, iobase
, iobase2
);
2876 /***********************************************************/
2877 /* PCI IDE definitions */
2879 static void cmd646_update_irq(PCIIDEState
*d
);
2881 static void ide_map(PCIDevice
*pci_dev
, int region_num
,
2882 uint32_t addr
, uint32_t size
, int type
)
2884 PCIIDEState
*d
= (PCIIDEState
*)pci_dev
;
2885 IDEState
*ide_state
;
2887 if (region_num
<= 3) {
2888 ide_state
= &d
->ide_if
[(region_num
>> 1) * 2];
2889 if (region_num
& 1) {
2890 register_ioport_read(addr
+ 2, 1, 1, ide_status_read
, ide_state
);
2891 register_ioport_write(addr
+ 2, 1, 1, ide_cmd_write
, ide_state
);
2893 register_ioport_write(addr
, 8, 1, ide_ioport_write
, ide_state
);
2894 register_ioport_read(addr
, 8, 1, ide_ioport_read
, ide_state
);
2897 register_ioport_write(addr
, 2, 2, ide_data_writew
, ide_state
);
2898 register_ioport_read(addr
, 2, 2, ide_data_readw
, ide_state
);
2899 register_ioport_write(addr
, 4, 4, ide_data_writel
, ide_state
);
2900 register_ioport_read(addr
, 4, 4, ide_data_readl
, ide_state
);
2905 static void ide_dma_start(IDEState
*s
, BlockDriverCompletionFunc
*dma_cb
)
2907 BMDMAState
*bm
= s
->bmdma
;
2911 bm
->dma_cb
= dma_cb
;
2912 bm
->cur_prd_last
= 0;
2913 bm
->cur_prd_addr
= 0;
2914 bm
->cur_prd_len
= 0;
2915 if (bm
->status
& BM_STATUS_DMAING
) {
2920 static void ide_dma_cancel(BMDMAState
*bm
)
2922 if (bm
->status
& BM_STATUS_DMAING
) {
2923 bm
->status
&= ~BM_STATUS_DMAING
;
2924 /* cancel DMA request */
2929 printf("aio_cancel\n");
2931 bdrv_aio_cancel(bm
->aiocb
);
2937 static void bmdma_cmd_writeb(void *opaque
, uint32_t addr
, uint32_t val
)
2939 BMDMAState
*bm
= opaque
;
2941 printf("%s: 0x%08x\n", __func__
, val
);
2943 if (!(val
& BM_CMD_START
)) {
2944 /* XXX: do it better */
2946 bm
->cmd
= val
& 0x09;
2948 if (!(bm
->status
& BM_STATUS_DMAING
)) {
2949 bm
->status
|= BM_STATUS_DMAING
;
2950 /* start dma transfer if possible */
2954 bm
->cmd
= val
& 0x09;
2958 static uint32_t bmdma_readb(void *opaque
, uint32_t addr
)
2960 BMDMAState
*bm
= opaque
;
2961 PCIIDEState
*pci_dev
;
2969 pci_dev
= bm
->pci_dev
;
2970 if (pci_dev
->type
== IDE_TYPE_CMD646
) {
2971 val
= pci_dev
->dev
.config
[MRDMODE
];
2980 pci_dev
= bm
->pci_dev
;
2981 if (pci_dev
->type
== IDE_TYPE_CMD646
) {
2982 if (bm
== &pci_dev
->bmdma
[0])
2983 val
= pci_dev
->dev
.config
[UDIDETCR0
];
2985 val
= pci_dev
->dev
.config
[UDIDETCR1
];
2995 printf("bmdma: readb 0x%02x : 0x%02x\n", addr
, val
);
3000 static void bmdma_writeb(void *opaque
, uint32_t addr
, uint32_t val
)
3002 BMDMAState
*bm
= opaque
;
3003 PCIIDEState
*pci_dev
;
3005 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr
, val
);
3009 pci_dev
= bm
->pci_dev
;
3010 if (pci_dev
->type
== IDE_TYPE_CMD646
) {
3011 pci_dev
->dev
.config
[MRDMODE
] =
3012 (pci_dev
->dev
.config
[MRDMODE
] & ~0x30) | (val
& 0x30);
3013 cmd646_update_irq(pci_dev
);
3017 bm
->status
= (val
& 0x60) | (bm
->status
& 1) | (bm
->status
& ~val
& 0x06);
3020 pci_dev
= bm
->pci_dev
;
3021 if (pci_dev
->type
== IDE_TYPE_CMD646
) {
3022 if (bm
== &pci_dev
->bmdma
[0])
3023 pci_dev
->dev
.config
[UDIDETCR0
] = val
;
3025 pci_dev
->dev
.config
[UDIDETCR1
] = val
;
3031 static uint32_t bmdma_addr_readb(void *opaque
, uint32_t addr
)
3033 BMDMAState
*bm
= opaque
;
3035 val
= (bm
->addr
>> ((addr
& 3) * 8)) & 0xff;
3037 printf("%s: 0x%08x\n", __func__
, val
);
3042 static void bmdma_addr_writeb(void *opaque
, uint32_t addr
, uint32_t val
)
3044 BMDMAState
*bm
= opaque
;
3045 int shift
= (addr
& 3) * 8;
3047 printf("%s: 0x%08x\n", __func__
, val
);
3049 bm
->addr
&= ~(0xFF << shift
);
3050 bm
->addr
|= ((val
& 0xFF) << shift
) & ~3;
3051 bm
->cur_addr
= bm
->addr
;
3054 static uint32_t bmdma_addr_readw(void *opaque
, uint32_t addr
)
3056 BMDMAState
*bm
= opaque
;
3058 val
= (bm
->addr
>> ((addr
& 3) * 8)) & 0xffff;
3060 printf("%s: 0x%08x\n", __func__
, val
);
3065 static void bmdma_addr_writew(void *opaque
, uint32_t addr
, uint32_t val
)
3067 BMDMAState
*bm
= opaque
;
3068 int shift
= (addr
& 3) * 8;
3070 printf("%s: 0x%08x\n", __func__
, val
);
3072 bm
->addr
&= ~(0xFFFF << shift
);
3073 bm
->addr
|= ((val
& 0xFFFF) << shift
) & ~3;
3074 bm
->cur_addr
= bm
->addr
;
3077 static uint32_t bmdma_addr_readl(void *opaque
, uint32_t addr
)
3079 BMDMAState
*bm
= opaque
;
3083 printf("%s: 0x%08x\n", __func__
, val
);
3088 static void bmdma_addr_writel(void *opaque
, uint32_t addr
, uint32_t val
)
3090 BMDMAState
*bm
= opaque
;
3092 printf("%s: 0x%08x\n", __func__
, val
);
3094 bm
->addr
= val
& ~3;
3095 bm
->cur_addr
= bm
->addr
;
3098 static void bmdma_map(PCIDevice
*pci_dev
, int region_num
,
3099 uint32_t addr
, uint32_t size
, int type
)
3101 PCIIDEState
*d
= (PCIIDEState
*)pci_dev
;
3104 for(i
= 0;i
< 2; i
++) {
3105 BMDMAState
*bm
= &d
->bmdma
[i
];
3106 d
->ide_if
[2 * i
].bmdma
= bm
;
3107 d
->ide_if
[2 * i
+ 1].bmdma
= bm
;
3108 bm
->pci_dev
= (PCIIDEState
*)pci_dev
;
3110 register_ioport_write(addr
, 1, 1, bmdma_cmd_writeb
, bm
);
3112 register_ioport_write(addr
+ 1, 3, 1, bmdma_writeb
, bm
);
3113 register_ioport_read(addr
, 4, 1, bmdma_readb
, bm
);
3115 register_ioport_write(addr
+ 4, 4, 1, bmdma_addr_writeb
, bm
);
3116 register_ioport_read(addr
+ 4, 4, 1, bmdma_addr_readb
, bm
);
3117 register_ioport_write(addr
+ 4, 4, 2, bmdma_addr_writew
, bm
);
3118 register_ioport_read(addr
+ 4, 4, 2, bmdma_addr_readw
, bm
);
3119 register_ioport_write(addr
+ 4, 4, 4, bmdma_addr_writel
, bm
);
3120 register_ioport_read(addr
+ 4, 4, 4, bmdma_addr_readl
, bm
);
3125 /* XXX: call it also when the MRDMODE is changed from the PCI config
3127 static void cmd646_update_irq(PCIIDEState
*d
)
3130 pci_level
= ((d
->dev
.config
[MRDMODE
] & MRDMODE_INTR_CH0
) &&
3131 !(d
->dev
.config
[MRDMODE
] & MRDMODE_BLK_CH0
)) ||
3132 ((d
->dev
.config
[MRDMODE
] & MRDMODE_INTR_CH1
) &&
3133 !(d
->dev
.config
[MRDMODE
] & MRDMODE_BLK_CH1
));
3134 qemu_set_irq(d
->dev
.irq
[0], pci_level
);
3137 /* the PCI irq level is the logical OR of the two channels */
3138 static void cmd646_set_irq(void *opaque
, int channel
, int level
)
3140 PCIIDEState
*d
= opaque
;
3143 irq_mask
= MRDMODE_INTR_CH0
<< channel
;
3145 d
->dev
.config
[MRDMODE
] |= irq_mask
;
3147 d
->dev
.config
[MRDMODE
] &= ~irq_mask
;
3148 cmd646_update_irq(d
);
3151 /* CMD646 PCI IDE controller */
3152 void pci_cmd646_ide_init(PCIBus
*bus
, BlockDriverState
**hd_table
,
3153 int secondary_ide_enabled
)
3160 d
= (PCIIDEState
*)pci_register_device(bus
, "CMD646 IDE",
3161 sizeof(PCIIDEState
),
3164 d
->type
= IDE_TYPE_CMD646
;
3165 pci_conf
= d
->dev
.config
;
3166 pci_conf
[0x00] = 0x95; // CMD646
3167 pci_conf
[0x01] = 0x10;
3168 pci_conf
[0x02] = 0x46;
3169 pci_conf
[0x03] = 0x06;
3171 pci_conf
[0x08] = 0x07; // IDE controller revision
3172 pci_conf
[0x09] = 0x8f;
3174 pci_conf
[0x0a] = 0x01; // class_sub = PCI_IDE
3175 pci_conf
[0x0b] = 0x01; // class_base = PCI_mass_storage
3176 pci_conf
[0x0e] = 0x00; // header_type
3178 if (secondary_ide_enabled
) {
3179 /* XXX: if not enabled, really disable the seconday IDE controller */
3180 pci_conf
[0x51] = 0x80; /* enable IDE1 */
3183 pci_register_io_region((PCIDevice
*)d
, 0, 0x8,
3184 PCI_ADDRESS_SPACE_IO
, ide_map
);
3185 pci_register_io_region((PCIDevice
*)d
, 1, 0x4,
3186 PCI_ADDRESS_SPACE_IO
, ide_map
);
3187 pci_register_io_region((PCIDevice
*)d
, 2, 0x8,
3188 PCI_ADDRESS_SPACE_IO
, ide_map
);
3189 pci_register_io_region((PCIDevice
*)d
, 3, 0x4,
3190 PCI_ADDRESS_SPACE_IO
, ide_map
);
3191 pci_register_io_region((PCIDevice
*)d
, 4, 0x10,
3192 PCI_ADDRESS_SPACE_IO
, bmdma_map
);
3194 pci_conf
[0x3d] = 0x01; // interrupt on pin 1
3196 for(i
= 0; i
< 4; i
++)
3197 d
->ide_if
[i
].pci_dev
= (PCIDevice
*)d
;
3199 irq
= qemu_allocate_irqs(cmd646_set_irq
, d
, 2);
3200 ide_init2(&d
->ide_if
[0], hd_table
[0], hd_table
[1], irq
[0]);
3201 ide_init2(&d
->ide_if
[2], hd_table
[2], hd_table
[3], irq
[1]);
3204 static void pci_ide_save(QEMUFile
* f
, void *opaque
)
3206 PCIIDEState
*d
= opaque
;
3209 pci_device_save(&d
->dev
, f
);
3211 for(i
= 0; i
< 2; i
++) {
3212 BMDMAState
*bm
= &d
->bmdma
[i
];
3213 qemu_put_8s(f
, &bm
->cmd
);
3214 qemu_put_8s(f
, &bm
->status
);
3215 qemu_put_be32s(f
, &bm
->addr
);
3216 /* XXX: if a transfer is pending, we do not save it yet */
3219 /* per IDE interface data */
3220 for(i
= 0; i
< 2; i
++) {
3221 IDEState
*s
= &d
->ide_if
[i
* 2];
3222 uint8_t drive1_selected
;
3223 qemu_put_8s(f
, &s
->cmd
);
3224 drive1_selected
= (s
->cur_drive
!= s
);
3225 qemu_put_8s(f
, &drive1_selected
);
3228 /* per IDE drive data */
3229 for(i
= 0; i
< 4; i
++) {
3230 ide_save(f
, &d
->ide_if
[i
]);
3234 static int pci_ide_load(QEMUFile
* f
, void *opaque
, int version_id
)
3236 PCIIDEState
*d
= opaque
;
3239 if (version_id
!= 1)
3241 ret
= pci_device_load(&d
->dev
, f
);
3245 for(i
= 0; i
< 2; i
++) {
3246 BMDMAState
*bm
= &d
->bmdma
[i
];
3247 qemu_get_8s(f
, &bm
->cmd
);
3248 qemu_get_8s(f
, &bm
->status
);
3249 qemu_get_be32s(f
, &bm
->addr
);
3250 /* XXX: if a transfer is pending, we do not save it yet */
3253 /* per IDE interface data */
3254 for(i
= 0; i
< 2; i
++) {
3255 IDEState
*s
= &d
->ide_if
[i
* 2];
3256 uint8_t drive1_selected
;
3257 qemu_get_8s(f
, &s
->cmd
);
3258 qemu_get_8s(f
, &drive1_selected
);
3259 s
->cur_drive
= &d
->ide_if
[i
* 2 + (drive1_selected
!= 0)];
3262 /* per IDE drive data */
3263 for(i
= 0; i
< 4; i
++) {
3264 ide_load(f
, &d
->ide_if
[i
]);
3269 static void piix3_reset(void *opaque
)
3271 PCIIDEState
*d
= opaque
;
3272 uint8_t *pci_conf
= d
->dev
.config
;
3275 for (i
= 0; i
< 2; i
++)
3276 ide_dma_cancel(&d
->bmdma
[i
]);
3278 pci_conf
[0x04] = 0x00;
3279 pci_conf
[0x05] = 0x00;
3280 pci_conf
[0x06] = 0x80; /* FBC */
3281 pci_conf
[0x07] = 0x02; // PCI_status_devsel_medium
3282 pci_conf
[0x20] = 0x01; /* BMIBA: 20-23h */
3285 /* hd_table must contain 4 block drivers */
3286 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
3287 void pci_piix3_ide_init(PCIBus
*bus
, BlockDriverState
**hd_table
, int devfn
,
3293 /* register a function 1 of PIIX3 */
3294 d
= (PCIIDEState
*)pci_register_device(bus
, "PIIX3 IDE",
3295 sizeof(PCIIDEState
),
3298 d
->type
= IDE_TYPE_PIIX3
;
3300 pci_conf
= d
->dev
.config
;
3301 pci_conf
[0x00] = 0x86; // Intel
3302 pci_conf
[0x01] = 0x80;
3303 pci_conf
[0x02] = 0x10;
3304 pci_conf
[0x03] = 0x70;
3305 pci_conf
[0x09] = 0x80; // legacy ATA mode
3306 pci_conf
[0x0a] = 0x01; // class_sub = PCI_IDE
3307 pci_conf
[0x0b] = 0x01; // class_base = PCI_mass_storage
3308 pci_conf
[0x0e] = 0x00; // header_type
3310 qemu_register_reset(piix3_reset
, d
);
3313 pci_register_io_region((PCIDevice
*)d
, 4, 0x10,
3314 PCI_ADDRESS_SPACE_IO
, bmdma_map
);
3316 ide_init2(&d
->ide_if
[0], hd_table
[0], hd_table
[1], pic
[14]);
3317 ide_init2(&d
->ide_if
[2], hd_table
[2], hd_table
[3], pic
[15]);
3318 ide_init_ioport(&d
->ide_if
[0], 0x1f0, 0x3f6);
3319 ide_init_ioport(&d
->ide_if
[2], 0x170, 0x376);
3321 register_savevm("ide", 0, 1, pci_ide_save
, pci_ide_load
, d
);
3324 /* hd_table must contain 4 block drivers */
3325 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3326 void pci_piix4_ide_init(PCIBus
*bus
, BlockDriverState
**hd_table
, int devfn
,
3332 /* register a function 1 of PIIX4 */
3333 d
= (PCIIDEState
*)pci_register_device(bus
, "PIIX4 IDE",
3334 sizeof(PCIIDEState
),
3337 d
->type
= IDE_TYPE_PIIX4
;
3339 pci_conf
= d
->dev
.config
;
3340 pci_conf
[0x00] = 0x86; // Intel
3341 pci_conf
[0x01] = 0x80;
3342 pci_conf
[0x02] = 0x11;
3343 pci_conf
[0x03] = 0x71;
3344 pci_conf
[0x09] = 0x80; // legacy ATA mode
3345 pci_conf
[0x0a] = 0x01; // class_sub = PCI_IDE
3346 pci_conf
[0x0b] = 0x01; // class_base = PCI_mass_storage
3347 pci_conf
[0x0e] = 0x00; // header_type
3349 qemu_register_reset(piix3_reset
, d
);
3352 pci_register_io_region((PCIDevice
*)d
, 4, 0x10,
3353 PCI_ADDRESS_SPACE_IO
, bmdma_map
);
3355 ide_init2(&d
->ide_if
[0], hd_table
[0], hd_table
[1], pic
[14]);
3356 ide_init2(&d
->ide_if
[2], hd_table
[2], hd_table
[3], pic
[15]);
3357 ide_init_ioport(&d
->ide_if
[0], 0x1f0, 0x3f6);
3358 ide_init_ioport(&d
->ide_if
[2], 0x170, 0x376);
3360 register_savevm("ide", 0, 1, pci_ide_save
, pci_ide_load
, d
);
3363 /***********************************************************/
3364 /* MacIO based PowerPC IDE */
3366 /* PowerMac IDE memory IO */
3367 static void pmac_ide_writeb (void *opaque
,
3368 target_phys_addr_t addr
, uint32_t val
)
3370 addr
= (addr
& 0xFFF) >> 4;
3373 ide_ioport_write(opaque
, addr
, val
);
3377 ide_cmd_write(opaque
, 0, val
);
3384 static uint32_t pmac_ide_readb (void *opaque
,target_phys_addr_t addr
)
3388 addr
= (addr
& 0xFFF) >> 4;
3391 retval
= ide_ioport_read(opaque
, addr
);
3395 retval
= ide_status_read(opaque
, 0);
3404 static void pmac_ide_writew (void *opaque
,
3405 target_phys_addr_t addr
, uint32_t val
)
3407 addr
= (addr
& 0xFFF) >> 4;
3408 #ifdef TARGET_WORDS_BIGENDIAN
3412 ide_data_writew(opaque
, 0, val
);
3416 static uint32_t pmac_ide_readw (void *opaque
,target_phys_addr_t addr
)
3420 addr
= (addr
& 0xFFF) >> 4;
3422 retval
= ide_data_readw(opaque
, 0);
3426 #ifdef TARGET_WORDS_BIGENDIAN
3427 retval
= bswap16(retval
);
3432 static void pmac_ide_writel (void *opaque
,
3433 target_phys_addr_t addr
, uint32_t val
)
3435 addr
= (addr
& 0xFFF) >> 4;
3436 #ifdef TARGET_WORDS_BIGENDIAN
3440 ide_data_writel(opaque
, 0, val
);
3444 static uint32_t pmac_ide_readl (void *opaque
,target_phys_addr_t addr
)
3448 addr
= (addr
& 0xFFF) >> 4;
3450 retval
= ide_data_readl(opaque
, 0);
3452 retval
= 0xFFFFFFFF;
3454 #ifdef TARGET_WORDS_BIGENDIAN
3455 retval
= bswap32(retval
);
3460 static CPUWriteMemoryFunc
*pmac_ide_write
[] = {
3466 static CPUReadMemoryFunc
*pmac_ide_read
[] = {
3472 /* hd_table must contain 4 block drivers */
3473 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3474 I/O index to access the ide. */
3475 int pmac_ide_init (BlockDriverState
**hd_table
, qemu_irq irq
)
3478 int pmac_ide_memory
;
3480 ide_if
= qemu_mallocz(sizeof(IDEState
) * 2);
3481 ide_init2(&ide_if
[0], hd_table
[0], hd_table
[1], irq
);
3483 pmac_ide_memory
= cpu_register_io_memory(0, pmac_ide_read
,
3484 pmac_ide_write
, &ide_if
[0]);
3485 return pmac_ide_memory
;
3488 /***********************************************************/
3489 /* CF-ATA Microdrive */
3491 #define METADATA_SIZE 0x20
3493 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3496 struct pcmcia_card_s card
;
3510 /* Register bitfields */
3513 OPT_MODE_IOMAP16
= 1,
3514 OPT_MODE_IOMAP1
= 2,
3515 OPT_MODE_IOMAP2
= 3,
3526 STAT_CHANGED
= 0x80,
3537 static inline void md_interrupt_update(struct md_s
*s
)
3542 qemu_set_irq(s
->card
.slot
->irq
,
3543 !(s
->stat
& STAT_INT
) && /* Inverted */
3544 !(s
->ctrl
& (CTRL_IEN
| CTRL_SRST
)) &&
3545 !(s
->opt
& OPT_SRESET
));
3548 static void md_set_irq(void *opaque
, int irq
, int level
)
3550 struct md_s
*s
= (struct md_s
*) opaque
;
3552 s
->stat
|= STAT_INT
;
3554 s
->stat
&= ~STAT_INT
;
3556 md_interrupt_update(s
);
3559 static void md_reset(struct md_s
*s
)
3561 s
->opt
= OPT_MODE_MMAP
;
3569 static uint8_t md_attr_read(void *opaque
, uint32_t at
)
3571 struct md_s
*s
= (struct md_s
*) opaque
;
3572 if (at
< s
->attr_base
) {
3573 if (at
< s
->card
.cis_len
)
3574 return s
->card
.cis
[at
];
3582 case 0x00: /* Configuration Option Register */
3584 case 0x02: /* Card Configuration Status Register */
3585 if (s
->ctrl
& CTRL_IEN
)
3586 return s
->stat
& ~STAT_INT
;
3589 case 0x04: /* Pin Replacement Register */
3590 return (s
->pins
& PINS_CRDY
) | 0x0c;
3591 case 0x06: /* Socket and Copy Register */
3595 printf("%s: Bad attribute space register %02x\n", __FUNCTION__
, at
);
3602 static void md_attr_write(void *opaque
, uint32_t at
, uint8_t value
)
3604 struct md_s
*s
= (struct md_s
*) opaque
;
3608 case 0x00: /* Configuration Option Register */
3609 s
->opt
= value
& 0xcf;
3610 if (value
& OPT_SRESET
)
3612 md_interrupt_update(s
);
3614 case 0x02: /* Card Configuration Status Register */
3615 if ((s
->stat
^ value
) & STAT_PWRDWN
)
3616 s
->pins
|= PINS_CRDY
;
3618 s
->stat
|= value
& 0x74;
3619 md_interrupt_update(s
);
3620 /* Word 170 in Identify Device must be equal to STAT_XE */
3622 case 0x04: /* Pin Replacement Register */
3623 s
->pins
&= PINS_CRDY
;
3624 s
->pins
|= value
& PINS_MRDY
;
3626 case 0x06: /* Socket and Copy Register */
3629 printf("%s: Bad attribute space register %02x\n", __FUNCTION__
, at
);
3633 static uint16_t md_common_read(void *opaque
, uint32_t at
)
3635 struct md_s
*s
= (struct md_s
*) opaque
;
3639 switch (s
->opt
& OPT_MODE
) {
3641 if ((at
& ~0x3ff) == 0x400)
3644 case OPT_MODE_IOMAP16
:
3647 case OPT_MODE_IOMAP1
:
3648 if ((at
& ~0xf) == 0x3f0)
3650 else if ((at
& ~0xf) == 0x1f0)
3653 case OPT_MODE_IOMAP2
:
3654 if ((at
& ~0xf) == 0x370)
3656 else if ((at
& ~0xf) == 0x170)
3661 case 0x0: /* Even RD Data */
3663 return ide_data_readw(s
->ide
, 0);
3665 /* TODO: 8-bit accesses */
3669 s
->io
= ide_data_readw(s
->ide
, 0);
3672 s
->cycle
= !s
->cycle
;
3674 case 0x9: /* Odd RD Data */
3676 case 0xd: /* Error */
3677 return ide_ioport_read(s
->ide
, 0x1);
3678 case 0xe: /* Alternate Status */
3679 if (s
->ide
->cur_drive
->bs
)
3680 return s
->ide
->cur_drive
->status
;
3683 case 0xf: /* Device Address */
3684 return 0xc2 | ((~s
->ide
->select
<< 2) & 0x3c);
3686 return ide_ioport_read(s
->ide
, at
);
3692 static void md_common_write(void *opaque
, uint32_t at
, uint16_t value
)
3694 struct md_s
*s
= (struct md_s
*) opaque
;
3697 switch (s
->opt
& OPT_MODE
) {
3699 if ((at
& ~0x3ff) == 0x400)
3702 case OPT_MODE_IOMAP16
:
3705 case OPT_MODE_IOMAP1
:
3706 if ((at
& ~0xf) == 0x3f0)
3708 else if ((at
& ~0xf) == 0x1f0)
3711 case OPT_MODE_IOMAP2
:
3712 if ((at
& ~0xf) == 0x370)
3714 else if ((at
& ~0xf) == 0x170)
3719 case 0x0: /* Even WR Data */
3721 ide_data_writew(s
->ide
, 0, value
);
3724 /* TODO: 8-bit accesses */
3726 ide_data_writew(s
->ide
, 0, s
->io
| (value
<< 8));
3728 s
->io
= value
& 0xff;
3729 s
->cycle
= !s
->cycle
;
3732 s
->io
= value
& 0xff;
3733 s
->cycle
= !s
->cycle
;
3735 case 0xd: /* Features */
3736 ide_ioport_write(s
->ide
, 0x1, value
);
3738 case 0xe: /* Device Control */
3740 if (value
& CTRL_SRST
)
3742 md_interrupt_update(s
);
3745 if (s
->stat
& STAT_PWRDWN
) {
3746 s
->pins
|= PINS_CRDY
;
3747 s
->stat
&= ~STAT_PWRDWN
;
3749 ide_ioport_write(s
->ide
, at
, value
);
3753 static void md_save(QEMUFile
*f
, void *opaque
)
3755 struct md_s
*s
= (struct md_s
*) opaque
;
3757 uint8_t drive1_selected
;
3759 qemu_put_8s(f
, &s
->opt
);
3760 qemu_put_8s(f
, &s
->stat
);
3761 qemu_put_8s(f
, &s
->pins
);
3763 qemu_put_8s(f
, &s
->ctrl
);
3764 qemu_put_be16s(f
, &s
->io
);
3765 qemu_put_byte(f
, s
->cycle
);
3767 drive1_selected
= (s
->ide
->cur_drive
!= s
->ide
);
3768 qemu_put_8s(f
, &s
->ide
->cmd
);
3769 qemu_put_8s(f
, &drive1_selected
);
3771 for (i
= 0; i
< 2; i
++)
3772 ide_save(f
, &s
->ide
[i
]);
3775 static int md_load(QEMUFile
*f
, void *opaque
, int version_id
)
3777 struct md_s
*s
= (struct md_s
*) opaque
;
3779 uint8_t drive1_selected
;
3781 qemu_get_8s(f
, &s
->opt
);
3782 qemu_get_8s(f
, &s
->stat
);
3783 qemu_get_8s(f
, &s
->pins
);
3785 qemu_get_8s(f
, &s
->ctrl
);
3786 qemu_get_be16s(f
, &s
->io
);
3787 s
->cycle
= qemu_get_byte(f
);
3789 qemu_get_8s(f
, &s
->ide
->cmd
);
3790 qemu_get_8s(f
, &drive1_selected
);
3791 s
->ide
->cur_drive
= &s
->ide
[(drive1_selected
!= 0)];
3793 for (i
= 0; i
< 2; i
++)
3794 ide_load(f
, &s
->ide
[i
]);
3799 static const uint8_t dscm1xxxx_cis
[0x14a] = {
3800 [0x000] = CISTPL_DEVICE
, /* 5V Device Information */
3801 [0x002] = 0x03, /* Tuple length = 4 bytes */
3802 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3803 [0x006] = 0x01, /* Size = 2K bytes */
3804 [0x008] = CISTPL_ENDMARK
,
3806 [0x00a] = CISTPL_DEVICE_OC
, /* Additional Device Information */
3807 [0x00c] = 0x04, /* Tuple length = 4 byest */
3808 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3809 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3810 [0x012] = 0x01, /* Size = 2K bytes */
3811 [0x014] = CISTPL_ENDMARK
,
3813 [0x016] = CISTPL_JEDEC_C
, /* JEDEC ID */
3814 [0x018] = 0x02, /* Tuple length = 2 bytes */
3815 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3818 [0x01e] = CISTPL_MANFID
, /* Manufacture ID */
3819 [0x020] = 0x04, /* Tuple length = 4 bytes */
3820 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3822 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3825 [0x02a] = CISTPL_VERS_1
, /* Level 1 Version */
3826 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3827 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3828 [0x030] = 0x01, /* Minor Version = 1 */
3844 [0x050] = CISTPL_ENDMARK
,
3846 [0x052] = CISTPL_FUNCID
, /* Function ID */
3847 [0x054] = 0x02, /* Tuple length = 2 bytes */
3848 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3849 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3851 [0x05a] = CISTPL_FUNCE
, /* Function Extension */
3852 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3853 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3854 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3856 [0x062] = CISTPL_FUNCE
, /* Function Extension */
3857 [0x064] = 0x03, /* Tuple length = 3 bytes */
3858 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3859 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3860 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3862 [0x06c] = CISTPL_CONFIG
, /* Configuration */
3863 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3864 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3865 [0x072] = 0x07, /* TPCC_LAST = 7 */
3866 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3868 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3870 [0x07a] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3871 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3872 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3873 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3874 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3875 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3876 [0x086] = 0x55, /* NomV: 5.0 V */
3877 [0x088] = 0x4d, /* MinV: 4.5 V */
3878 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3879 [0x08c] = 0x4e, /* Peakl: 450 mA */
3880 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3881 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3882 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3884 [0x094] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3885 [0x096] = 0x06, /* Tuple length = 6 bytes */
3886 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3887 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3888 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3889 [0x09e] = 0xb5, /* NomV: 3.3 V */
3891 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3893 [0x0a4] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3894 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3895 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3896 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3897 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3898 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3899 [0x0b0] = 0x55, /* NomV: 5.0 V */
3900 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3901 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3902 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3903 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3904 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3905 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3906 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3907 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3909 [0x0c2] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3910 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3911 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3912 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3913 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3914 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3916 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3918 [0x0d2] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3919 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3920 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3921 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3922 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3923 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3924 [0x0de] = 0x55, /* NomV: 5.0 V */
3925 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3926 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3927 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3928 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3929 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3930 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3932 [0x0ee] = 0x07, /* Address block length = 8 */
3933 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3935 [0x0f4] = 0x01, /* Address block length = 2 */
3936 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3937 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3939 [0x0fa] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3940 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3941 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3942 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3943 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3944 [0x104] = 0xb5, /* NomV: 3.3 V */
3946 [0x108] = 0x3e, /* Peakl: 350 mA */
3948 [0x10a] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3949 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3950 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3951 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3952 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3953 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3954 [0x116] = 0x55, /* NomV: 5.0 V */
3955 [0x118] = 0x4d, /* MinV: 4.5 V */
3956 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3957 [0x11c] = 0x4e, /* Peakl: 450 mA */
3958 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3959 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3960 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3962 [0x126] = 0x07, /* Address block length = 8 */
3963 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3965 [0x12c] = 0x01, /* Address block length = 2 */
3966 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3967 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3969 [0x132] = CISTPL_CFTABLE_ENTRY
, /* 16-bit PC Card Configuration */
3970 [0x134] = 0x06, /* Tuple length = 6 bytes */
3971 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3972 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3973 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3974 [0x13c] = 0xb5, /* NomV: 3.3 V */
3976 [0x140] = 0x3e, /* Peakl: 350 mA */
3978 [0x142] = CISTPL_NO_LINK
, /* No Link */
3979 [0x144] = 0x00, /* Tuple length = 0 bytes */
3981 [0x146] = CISTPL_END
, /* Tuple End */
3984 static int dscm1xxxx_attach(void *opaque
)
3986 struct md_s
*md
= (struct md_s
*) opaque
;
3987 md
->card
.attr_read
= md_attr_read
;
3988 md
->card
.attr_write
= md_attr_write
;
3989 md
->card
.common_read
= md_common_read
;
3990 md
->card
.common_write
= md_common_write
;
3991 md
->card
.io_read
= md_common_read
;
3992 md
->card
.io_write
= md_common_write
;
3994 md
->attr_base
= md
->card
.cis
[0x74] | (md
->card
.cis
[0x76] << 8);
3998 md_interrupt_update(md
);
4000 md
->card
.slot
->card_string
= "DSCM-1xxxx Hitachi Microdrive";
4004 static int dscm1xxxx_detach(void *opaque
)
4006 struct md_s
*md
= (struct md_s
*) opaque
;
4011 struct pcmcia_card_s
*dscm1xxxx_init(BlockDriverState
*bdrv
)
4013 struct md_s
*md
= (struct md_s
*) qemu_mallocz(sizeof(struct md_s
));
4014 md
->card
.state
= md
;
4015 md
->card
.attach
= dscm1xxxx_attach
;
4016 md
->card
.detach
= dscm1xxxx_detach
;
4017 md
->card
.cis
= dscm1xxxx_cis
;
4018 md
->card
.cis_len
= sizeof(dscm1xxxx_cis
);
4020 ide_init2(md
->ide
, bdrv
, 0, qemu_allocate_irqs(md_set_irq
, md
, 1)[0]);
4022 md
->ide
->mdata_size
= METADATA_SIZE
;
4023 md
->ide
->mdata_storage
= (uint8_t *) qemu_mallocz(METADATA_SIZE
);
4025 register_savevm("microdrive", -1, 0, md_save
, md_load
, md
);