2 * QEMU IDE disk and CD/DVD-ROM Emulator
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
28 #include "scsi-disk.h"
31 #include "qemu-timer.h"
35 /* debug IDE devices */
37 //#define DEBUG_IDE_ATAPI
41 /* Bits of HD_STATUS */
43 #define INDEX_STAT 0x02
44 #define ECC_STAT 0x04 /* Corrected error */
46 #define SEEK_STAT 0x10
48 #define WRERR_STAT 0x20
49 #define READY_STAT 0x40
50 #define BUSY_STAT 0x80
52 /* Bits for HD_ERROR */
53 #define MARK_ERR 0x01 /* Bad address mark */
54 #define TRK0_ERR 0x02 /* couldn't find track 0 */
55 #define ABRT_ERR 0x04 /* Command aborted */
56 #define MCR_ERR 0x08 /* media change request */
57 #define ID_ERR 0x10 /* ID field not found */
58 #define MC_ERR 0x20 /* media changed */
59 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
60 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
61 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
63 /* Bits of HD_NSECTOR */
69 #define IDE_CMD_RESET 0x04
70 #define IDE_CMD_DISABLE_IRQ 0x02
72 /* ATA/ATAPI Commands pre T13 Spec */
77 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
81 #define WIN_SRST 0x08 /* ATAPI soft reset command */
82 #define WIN_DEVICE_RESET 0x08
86 #define WIN_RECAL 0x10
87 #define WIN_RESTORE WIN_RECAL
91 #define WIN_READ 0x20 /* 28-Bit */
92 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
93 #define WIN_READ_LONG 0x22 /* 28-Bit */
94 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
95 #define WIN_READ_EXT 0x24 /* 48-Bit */
96 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
97 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
98 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
102 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
104 * 0x2A->0x2F Reserved
106 #define WIN_WRITE 0x30 /* 28-Bit */
107 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
108 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
109 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
110 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
111 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
112 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
113 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
114 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
115 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
117 * 0x3A->0x3B Reserved
119 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
121 * 0x3D->0x3F Reserved
123 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
124 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
125 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
127 * 0x43->0x4F Reserved
129 #define WIN_FORMAT 0x50
131 * 0x51->0x5F Reserved
133 #define WIN_INIT 0x60
135 * 0x61->0x5F Reserved
137 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
138 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
139 #define WIN_DIAGNOSE 0x90
140 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
141 #define WIN_DOWNLOAD_MICROCODE 0x92
142 #define WIN_STANDBYNOW2 0x94
143 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
144 #define WIN_STANDBY2 0x96
145 #define WIN_SETIDLE2 0x97
146 #define WIN_CHECKPOWERMODE2 0x98
147 #define WIN_SLEEPNOW2 0x99
151 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
152 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
153 #define WIN_QUEUED_SERVICE 0xA2
154 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
155 #define CFA_ACCESS_METADATA_STORAGE 0xB8
156 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
157 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
158 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
159 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
160 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
161 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
162 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
163 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
164 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
165 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
166 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
167 #define WIN_GETMEDIASTATUS 0xDA
168 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
169 #define WIN_POSTBOOT 0xDC
170 #define WIN_PREBOOT 0xDD
171 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
172 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
173 #define WIN_STANDBYNOW1 0xE0
174 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
175 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
176 #define WIN_SETIDLE1 0xE3
177 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
178 #define WIN_CHECKPOWERMODE1 0xE5
179 #define WIN_SLEEPNOW1 0xE6
180 #define WIN_FLUSH_CACHE 0xE7
181 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
182 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
183 /* SET_FEATURES 0x22 or 0xDD */
184 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
185 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
186 #define WIN_MEDIAEJECT 0xED
187 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
188 #define WIN_SETFEATURES 0xEF /* set special drive features */
189 #define EXABYTE_ENABLE_NEST 0xF0
190 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
191 #define WIN_SECURITY_SET_PASS 0xF1
192 #define WIN_SECURITY_UNLOCK 0xF2
193 #define WIN_SECURITY_ERASE_PREPARE 0xF3
194 #define WIN_SECURITY_ERASE_UNIT 0xF4
195 #define WIN_SECURITY_FREEZE_LOCK 0xF5
196 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
197 #define WIN_SECURITY_DISABLE 0xF6
198 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
199 #define WIN_SET_MAX 0xF9
200 #define DISABLE_SEAGATE 0xFB
202 /* set to 1 set disable mult support */
203 #define MAX_MULT_SECTORS 16
205 #define IDE_DMA_BUF_SECTORS 256
207 #if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
208 #error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
213 #define ATAPI_PACKET_SIZE 12
215 /* The generic packet command opcodes for CD/DVD Logical Units,
216 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
217 #define GPCMD_BLANK 0xa1
218 #define GPCMD_CLOSE_TRACK 0x5b
219 #define GPCMD_FLUSH_CACHE 0x35
220 #define GPCMD_FORMAT_UNIT 0x04
221 #define GPCMD_GET_CONFIGURATION 0x46
222 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
223 #define GPCMD_GET_PERFORMANCE 0xac
224 #define GPCMD_INQUIRY 0x12
225 #define GPCMD_LOAD_UNLOAD 0xa6
226 #define GPCMD_MECHANISM_STATUS 0xbd
227 #define GPCMD_MODE_SELECT_10 0x55
228 #define GPCMD_MODE_SENSE_10 0x5a
229 #define GPCMD_PAUSE_RESUME 0x4b
230 #define GPCMD_PLAY_AUDIO_10 0x45
231 #define GPCMD_PLAY_AUDIO_MSF 0x47
232 #define GPCMD_PLAY_AUDIO_TI 0x48
233 #define GPCMD_PLAY_CD 0xbc
234 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
235 #define GPCMD_READ_10 0x28
236 #define GPCMD_READ_12 0xa8
237 #define GPCMD_READ_CDVD_CAPACITY 0x25
238 #define GPCMD_READ_CD 0xbe
239 #define GPCMD_READ_CD_MSF 0xb9
240 #define GPCMD_READ_DISC_INFO 0x51
241 #define GPCMD_READ_DVD_STRUCTURE 0xad
242 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
243 #define GPCMD_READ_HEADER 0x44
244 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
245 #define GPCMD_READ_SUBCHANNEL 0x42
246 #define GPCMD_READ_TOC_PMA_ATIP 0x43
247 #define GPCMD_REPAIR_RZONE_TRACK 0x58
248 #define GPCMD_REPORT_KEY 0xa4
249 #define GPCMD_REQUEST_SENSE 0x03
250 #define GPCMD_RESERVE_RZONE_TRACK 0x53
251 #define GPCMD_SCAN 0xba
252 #define GPCMD_SEEK 0x2b
253 #define GPCMD_SEND_DVD_STRUCTURE 0xad
254 #define GPCMD_SEND_EVENT 0xa2
255 #define GPCMD_SEND_KEY 0xa3
256 #define GPCMD_SEND_OPC 0x54
257 #define GPCMD_SET_READ_AHEAD 0xa7
258 #define GPCMD_SET_STREAMING 0xb6
259 #define GPCMD_START_STOP_UNIT 0x1b
260 #define GPCMD_STOP_PLAY_SCAN 0x4e
261 #define GPCMD_TEST_UNIT_READY 0x00
262 #define GPCMD_VERIFY_10 0x2f
263 #define GPCMD_WRITE_10 0x2a
264 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
265 /* This is listed as optional in ATAPI 2.6, but is (curiously)
266 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
267 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
268 * drives support it. */
269 #define GPCMD_SET_SPEED 0xbb
270 /* This seems to be a SCSI specific CD-ROM opcode
271 * to play data at track/index */
272 #define GPCMD_PLAYAUDIO_TI 0x48
274 * From MS Media Status Notification Support Specification. For
277 #define GPCMD_GET_MEDIA_STATUS 0xda
278 #define GPCMD_MODE_SENSE_6 0x1a
280 /* Mode page codes for mode sense/set */
281 #define GPMODE_R_W_ERROR_PAGE 0x01
282 #define GPMODE_WRITE_PARMS_PAGE 0x05
283 #define GPMODE_AUDIO_CTL_PAGE 0x0e
284 #define GPMODE_POWER_PAGE 0x1a
285 #define GPMODE_FAULT_FAIL_PAGE 0x1c
286 #define GPMODE_TO_PROTECT_PAGE 0x1d
287 #define GPMODE_CAPABILITIES_PAGE 0x2a
288 #define GPMODE_ALL_PAGES 0x3f
289 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
290 * of MODE_SENSE_POWER_PAGE */
291 #define GPMODE_CDROM_PAGE 0x0d
294 * Based on values from <linux/cdrom.h> but extending CD_MINS
295 * to the maximum common size allowed by the Orange's Book ATIP
297 * 90 and 99 min CDs are also available but using them as the
298 * upper limit reduces the effectiveness of the heuristic to
299 * detect DVDs burned to less than 25% of their maximum capacity
302 /* Some generally useful CD-ROM information */
303 #define CD_MINS 80 /* max. minutes per CD */
304 #define CD_SECS 60 /* seconds per minute */
305 #define CD_FRAMES 75 /* frames per second */
306 #define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
307 #define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
308 #define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
311 * The MMC values are not IDE specific and might need to be moved
312 * to a common header if they are also needed for the SCSI emulation
315 /* Profile list from MMC-6 revision 1 table 91 */
316 #define MMC_PROFILE_NONE 0x0000
317 #define MMC_PROFILE_CD_ROM 0x0008
318 #define MMC_PROFILE_CD_R 0x0009
319 #define MMC_PROFILE_CD_RW 0x000A
320 #define MMC_PROFILE_DVD_ROM 0x0010
321 #define MMC_PROFILE_DVD_R_SR 0x0011
322 #define MMC_PROFILE_DVD_RAM 0x0012
323 #define MMC_PROFILE_DVD_RW_RO 0x0013
324 #define MMC_PROFILE_DVD_RW_SR 0x0014
325 #define MMC_PROFILE_DVD_R_DL_SR 0x0015
326 #define MMC_PROFILE_DVD_R_DL_JR 0x0016
327 #define MMC_PROFILE_DVD_RW_DL 0x0017
328 #define MMC_PROFILE_DVD_DDR 0x0018
329 #define MMC_PROFILE_DVD_PLUS_RW 0x001A
330 #define MMC_PROFILE_DVD_PLUS_R 0x001B
331 #define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
332 #define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
333 #define MMC_PROFILE_BD_ROM 0x0040
334 #define MMC_PROFILE_BD_R_SRM 0x0041
335 #define MMC_PROFILE_BD_R_RRM 0x0042
336 #define MMC_PROFILE_BD_RE 0x0043
337 #define MMC_PROFILE_HDDVD_ROM 0x0050
338 #define MMC_PROFILE_HDDVD_R 0x0051
339 #define MMC_PROFILE_HDDVD_RAM 0x0052
340 #define MMC_PROFILE_HDDVD_RW 0x0053
341 #define MMC_PROFILE_HDDVD_R_DL 0x0058
342 #define MMC_PROFILE_HDDVD_RW_DL 0x005A
343 #define MMC_PROFILE_INVALID 0xFFFF
345 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
346 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
347 #define ATAPI_INT_REASON_REL 0x04
348 #define ATAPI_INT_REASON_TAG 0xf8
350 /* same constants as bochs */
351 #define ASC_ILLEGAL_OPCODE 0x20
352 #define ASC_LOGICAL_BLOCK_OOR 0x21
353 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
354 #define ASC_INCOMPATIBLE_FORMAT 0x30
355 #define ASC_MEDIUM_NOT_PRESENT 0x3a
356 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
358 #define CFA_NO_ERROR 0x00
359 #define CFA_MISC_ERROR 0x09
360 #define CFA_INVALID_COMMAND 0x20
361 #define CFA_INVALID_ADDRESS 0x21
362 #define CFA_ADDRESS_OVERFLOW 0x2f
365 #define SENSE_NOT_READY 2
366 #define SENSE_ILLEGAL_REQUEST 5
367 #define SENSE_UNIT_ATTENTION 6
371 typedef void EndTransferFunc(struct IDEState *);
373 /* NOTE: IDEState represents in fact one drive */
374 typedef struct IDEState {
378 int cylinders, heads, sectors;
382 uint16_t identify_data[256];
385 struct BMDMAState *bmdma;
394 /* other part of tf for lba48 support */
404 /* 0x3f6 command, only meaningful for drive 0 */
406 /* set for lba48 access */
408 /* depends on bit 4 in select, only meaningful for drive 0 */
409 struct IDEState *cur_drive;
410 BlockDriverState *bs;
414 int packet_transfer_size;
415 int elementary_transfer_size;
419 int atapi_dma; /* true if dma is requested for the packet cmd */
422 /* PIO transfer handling */
423 int req_nb_sectors; /* number of sectors per interrupt */
424 EndTransferFunc *end_transfer_func;
428 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
429 uint32_t irq_count; /* counts IRQs when using win2k install hack */
430 /* CF-ATA extended error */
432 /* CF-ATA metadata storage */
434 uint8_t *mdata_storage;
438 /* XXX: DVDs that could fit on a CD will be reported as a CD */
439 static inline int media_present(IDEState *s)
441 return (s->nb_sectors > 0);
444 static inline int media_is_dvd(IDEState *s)
446 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
449 static inline int media_is_cd(IDEState *s)
451 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
454 #define BM_STATUS_DMAING 0x01
455 #define BM_STATUS_ERROR 0x02
456 #define BM_STATUS_INT 0x04
458 #define BM_CMD_START 0x01
459 #define BM_CMD_READ 0x08
461 #define IDE_TYPE_PIIX3 0
462 #define IDE_TYPE_CMD646 1
463 #define IDE_TYPE_PIIX4 2
465 /* CMD646 specific */
467 #define MRDMODE_INTR_CH0 0x04
468 #define MRDMODE_INTR_CH1 0x08
469 #define MRDMODE_BLK_CH0 0x10
470 #define MRDMODE_BLK_CH1 0x20
471 #define UDIDETCR0 0x73
472 #define UDIDETCR1 0x7B
474 typedef struct BMDMAState {
479 struct PCIIDEState *pci_dev;
480 /* current transfer state */
482 uint32_t cur_prd_last;
483 uint32_t cur_prd_addr;
484 uint32_t cur_prd_len;
486 BlockDriverCompletionFunc *dma_cb;
487 BlockDriverAIOCB *aiocb;
490 typedef struct PCIIDEState {
494 int type; /* see IDE_TYPE_xxx */
497 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
498 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
500 static void padstr(char *str, const char *src, int len)
503 for(i = 0; i < len; i++) {
512 static void padstr8(uint8_t *buf, int buf_size, const char *src)
515 for(i = 0; i < buf_size; i++) {
523 static void put_le16(uint16_t *p, unsigned int v)
528 static void ide_identify(IDEState *s)
531 unsigned int oldsize;
534 if (s->identify_set) {
535 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
539 memset(s->io_buffer, 0, 512);
540 p = (uint16_t *)s->io_buffer;
541 put_le16(p + 0, 0x0040);
542 put_le16(p + 1, s->cylinders);
543 put_le16(p + 3, s->heads);
544 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
545 put_le16(p + 5, 512); /* XXX: retired, remove ? */
546 put_le16(p + 6, s->sectors);
547 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
548 padstr((char *)(p + 10), buf, 20); /* serial number */
549 put_le16(p + 20, 3); /* XXX: retired, remove ? */
550 put_le16(p + 21, 512); /* cache size in sectors */
551 put_le16(p + 22, 4); /* ecc bytes */
552 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
553 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
554 #if MAX_MULT_SECTORS > 1
555 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
557 put_le16(p + 48, 1); /* dword I/O */
558 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
559 put_le16(p + 51, 0x200); /* PIO transfer cycle */
560 put_le16(p + 52, 0x200); /* DMA transfer cycle */
561 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
562 put_le16(p + 54, s->cylinders);
563 put_le16(p + 55, s->heads);
564 put_le16(p + 56, s->sectors);
565 oldsize = s->cylinders * s->heads * s->sectors;
566 put_le16(p + 57, oldsize);
567 put_le16(p + 58, oldsize >> 16);
569 put_le16(p + 59, 0x100 | s->mult_sectors);
570 put_le16(p + 60, s->nb_sectors);
571 put_le16(p + 61, s->nb_sectors >> 16);
572 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
573 put_le16(p + 63, 0x07); /* mdma0-2 supported */
574 put_le16(p + 65, 120);
575 put_le16(p + 66, 120);
576 put_le16(p + 67, 120);
577 put_le16(p + 68, 120);
578 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
579 put_le16(p + 81, 0x16); /* conforms to ata5 */
580 put_le16(p + 82, (1 << 14));
581 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
582 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
583 put_le16(p + 84, (1 << 14));
584 put_le16(p + 85, (1 << 14));
585 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
586 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
587 put_le16(p + 87, (1 << 14));
588 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
589 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
590 put_le16(p + 100, s->nb_sectors);
591 put_le16(p + 101, s->nb_sectors >> 16);
592 put_le16(p + 102, s->nb_sectors >> 32);
593 put_le16(p + 103, s->nb_sectors >> 48);
595 memcpy(s->identify_data, p, sizeof(s->identify_data));
599 static void ide_atapi_identify(IDEState *s)
604 if (s->identify_set) {
605 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
609 memset(s->io_buffer, 0, 512);
610 p = (uint16_t *)s->io_buffer;
611 /* Removable CDROM, 50us response, 12 byte packets */
612 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
613 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
614 padstr((char *)(p + 10), buf, 20); /* serial number */
615 put_le16(p + 20, 3); /* buffer type */
616 put_le16(p + 21, 512); /* cache size in sectors */
617 put_le16(p + 22, 4); /* ecc bytes */
618 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
619 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
620 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
622 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
623 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
624 put_le16(p + 62, 7); /* single word dma0-2 supported */
625 put_le16(p + 63, 7); /* mdma0-2 supported */
626 put_le16(p + 64, 0x3f); /* PIO modes supported */
628 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
629 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
630 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
631 put_le16(p + 64, 1); /* PIO modes */
633 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
634 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
635 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
636 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
638 put_le16(p + 71, 30); /* in ns */
639 put_le16(p + 72, 30); /* in ns */
641 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
643 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
645 memcpy(s->identify_data, p, sizeof(s->identify_data));
649 static void ide_cfata_identify(IDEState *s)
655 p = (uint16_t *) s->identify_data;
659 memset(p, 0, sizeof(s->identify_data));
661 cur_sec = s->cylinders * s->heads * s->sectors;
663 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
664 put_le16(p + 1, s->cylinders); /* Default cylinders */
665 put_le16(p + 3, s->heads); /* Default heads */
666 put_le16(p + 6, s->sectors); /* Default sectors per track */
667 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
668 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
669 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
670 padstr((char *)(p + 10), buf, 20); /* Serial number in ASCII */
671 put_le16(p + 22, 0x0004); /* ECC bytes */
672 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
673 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
674 #if MAX_MULT_SECTORS > 1
675 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
677 put_le16(p + 47, 0x0000);
679 put_le16(p + 49, 0x0f00); /* Capabilities */
680 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
681 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
682 put_le16(p + 53, 0x0003); /* Translation params valid */
683 put_le16(p + 54, s->cylinders); /* Current cylinders */
684 put_le16(p + 55, s->heads); /* Current heads */
685 put_le16(p + 56, s->sectors); /* Current sectors */
686 put_le16(p + 57, cur_sec); /* Current capacity */
687 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
688 if (s->mult_sectors) /* Multiple sector setting */
689 put_le16(p + 59, 0x100 | s->mult_sectors);
690 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
691 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
692 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
693 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
694 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
695 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
696 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
697 put_le16(p + 82, 0x400c); /* Command Set supported */
698 put_le16(p + 83, 0x7068); /* Command Set supported */
699 put_le16(p + 84, 0x4000); /* Features supported */
700 put_le16(p + 85, 0x000c); /* Command Set enabled */
701 put_le16(p + 86, 0x7044); /* Command Set enabled */
702 put_le16(p + 87, 0x4000); /* Features enabled */
703 put_le16(p + 91, 0x4060); /* Current APM level */
704 put_le16(p + 129, 0x0002); /* Current features option */
705 put_le16(p + 130, 0x0005); /* Reassigned sectors */
706 put_le16(p + 131, 0x0001); /* Initial power mode */
707 put_le16(p + 132, 0x0000); /* User signature */
708 put_le16(p + 160, 0x8100); /* Power requirement */
709 put_le16(p + 161, 0x8001); /* CF command set */
714 memcpy(s->io_buffer, p, sizeof(s->identify_data));
717 static void ide_set_signature(IDEState *s)
719 s->select &= 0xf0; /* clear head */
735 static inline void ide_abort_command(IDEState *s)
737 s->status = READY_STAT | ERR_STAT;
741 static inline void ide_set_irq(IDEState *s)
743 BMDMAState *bm = s->bmdma;
744 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
746 bm->status |= BM_STATUS_INT;
748 qemu_irq_raise(s->irq);
752 /* prepare data transfer and tell what to do after */
753 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
754 EndTransferFunc *end_transfer_func)
756 s->end_transfer_func = end_transfer_func;
758 s->data_end = buf + size;
759 if (!(s->status & ERR_STAT))
760 s->status |= DRQ_STAT;
763 static void ide_transfer_stop(IDEState *s)
765 s->end_transfer_func = ide_transfer_stop;
766 s->data_ptr = s->io_buffer;
767 s->data_end = s->io_buffer;
768 s->status &= ~DRQ_STAT;
771 static int64_t ide_get_sector(IDEState *s)
774 if (s->select & 0x40) {
777 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
778 (s->lcyl << 8) | s->sector;
780 sector_num = ((int64_t)s->hob_hcyl << 40) |
781 ((int64_t) s->hob_lcyl << 32) |
782 ((int64_t) s->hob_sector << 24) |
783 ((int64_t) s->hcyl << 16) |
784 ((int64_t) s->lcyl << 8) | s->sector;
787 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
788 (s->select & 0x0f) * s->sectors + (s->sector - 1);
793 static void ide_set_sector(IDEState *s, int64_t sector_num)
796 if (s->select & 0x40) {
798 s->select = (s->select & 0xf0) | (sector_num >> 24);
799 s->hcyl = (sector_num >> 16);
800 s->lcyl = (sector_num >> 8);
801 s->sector = (sector_num);
803 s->sector = sector_num;
804 s->lcyl = sector_num >> 8;
805 s->hcyl = sector_num >> 16;
806 s->hob_sector = sector_num >> 24;
807 s->hob_lcyl = sector_num >> 32;
808 s->hob_hcyl = sector_num >> 40;
811 cyl = sector_num / (s->heads * s->sectors);
812 r = sector_num % (s->heads * s->sectors);
815 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
816 s->sector = (r % s->sectors) + 1;
820 static void ide_sector_read(IDEState *s)
825 s->status = READY_STAT | SEEK_STAT;
826 s->error = 0; /* not needed by IDE spec, but needed by Windows */
827 sector_num = ide_get_sector(s);
830 /* no more sector to read from disk */
831 ide_transfer_stop(s);
833 #if defined(DEBUG_IDE)
834 printf("read sector=%Ld\n", sector_num);
836 if (n > s->req_nb_sectors)
837 n = s->req_nb_sectors;
838 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
839 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
841 ide_set_sector(s, sector_num + n);
846 /* return 0 if buffer completed */
847 static int dma_buf_rw(BMDMAState *bm, int is_write)
849 IDEState *s = bm->ide_if;
857 l = s->io_buffer_size - s->io_buffer_index;
860 if (bm->cur_prd_len == 0) {
861 /* end of table (with a fail safe of one page) */
862 if (bm->cur_prd_last ||
863 (bm->cur_addr - bm->addr) >= 4096)
865 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
867 prd.addr = le32_to_cpu(prd.addr);
868 prd.size = le32_to_cpu(prd.size);
869 len = prd.size & 0xfffe;
872 bm->cur_prd_len = len;
873 bm->cur_prd_addr = prd.addr;
874 bm->cur_prd_last = (prd.size & 0x80000000);
876 if (l > bm->cur_prd_len)
880 cpu_physical_memory_write(bm->cur_prd_addr,
881 s->io_buffer + s->io_buffer_index, l);
883 cpu_physical_memory_read(bm->cur_prd_addr,
884 s->io_buffer + s->io_buffer_index, l);
886 bm->cur_prd_addr += l;
887 bm->cur_prd_len -= l;
888 s->io_buffer_index += l;
894 /* XXX: handle errors */
895 static void ide_read_dma_cb(void *opaque, int ret)
897 BMDMAState *bm = opaque;
898 IDEState *s = bm->ide_if;
902 n = s->io_buffer_size >> 9;
903 sector_num = ide_get_sector(s);
906 ide_set_sector(s, sector_num);
908 if (dma_buf_rw(bm, 1) == 0)
912 /* end of transfer ? */
913 if (s->nsector == 0) {
914 s->status = READY_STAT | SEEK_STAT;
917 bm->status &= ~BM_STATUS_DMAING;
918 bm->status |= BM_STATUS_INT;
925 /* launch next transfer */
927 if (n > IDE_DMA_BUF_SECTORS)
928 n = IDE_DMA_BUF_SECTORS;
929 s->io_buffer_index = 0;
930 s->io_buffer_size = n * 512;
932 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
934 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
935 ide_read_dma_cb, bm);
938 static void ide_sector_read_dma(IDEState *s)
940 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
941 s->io_buffer_index = 0;
942 s->io_buffer_size = 0;
943 ide_dma_start(s, ide_read_dma_cb);
946 static void ide_sector_write_timer_cb(void *opaque)
948 IDEState *s = opaque;
952 static void ide_sector_write(IDEState *s)
957 s->status = READY_STAT | SEEK_STAT;
958 sector_num = ide_get_sector(s);
959 #if defined(DEBUG_IDE)
960 printf("write sector=%Ld\n", sector_num);
963 if (n > s->req_nb_sectors)
964 n = s->req_nb_sectors;
965 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
967 if (s->nsector == 0) {
968 /* no more sectors to write */
969 ide_transfer_stop(s);
972 if (n1 > s->req_nb_sectors)
973 n1 = s->req_nb_sectors;
974 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
976 ide_set_sector(s, sector_num + n);
979 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
980 /* It seems there is a bug in the Windows 2000 installer HDD
981 IDE driver which fills the disk with empty logs when the
982 IDE write IRQ comes too early. This hack tries to correct
983 that at the expense of slower write performances. Use this
984 option _only_ to install Windows 2000. You must disable it
986 qemu_mod_timer(s->sector_write_timer,
987 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
995 /* XXX: handle errors */
996 static void ide_write_dma_cb(void *opaque, int ret)
998 BMDMAState *bm = opaque;
999 IDEState *s = bm->ide_if;
1003 n = s->io_buffer_size >> 9;
1004 sector_num = ide_get_sector(s);
1007 ide_set_sector(s, sector_num);
1011 /* end of transfer ? */
1012 if (s->nsector == 0) {
1013 s->status = READY_STAT | SEEK_STAT;
1016 bm->status &= ~BM_STATUS_DMAING;
1017 bm->status |= BM_STATUS_INT;
1024 /* launch next transfer */
1026 if (n > IDE_DMA_BUF_SECTORS)
1027 n = IDE_DMA_BUF_SECTORS;
1028 s->io_buffer_index = 0;
1029 s->io_buffer_size = n * 512;
1031 if (dma_buf_rw(bm, 0) == 0)
1034 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
1036 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
1037 ide_write_dma_cb, bm);
1040 static void ide_sector_write_dma(IDEState *s)
1042 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1043 s->io_buffer_index = 0;
1044 s->io_buffer_size = 0;
1045 ide_dma_start(s, ide_write_dma_cb);
1048 static void ide_atapi_cmd_ok(IDEState *s)
1051 s->status = READY_STAT | SEEK_STAT;
1052 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1056 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1058 #ifdef DEBUG_IDE_ATAPI
1059 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1061 s->error = sense_key << 4;
1062 s->status = READY_STAT | ERR_STAT;
1063 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1064 s->sense_key = sense_key;
1069 static inline void cpu_to_ube16(uint8_t *buf, int val)
1075 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1083 static inline int ube16_to_cpu(const uint8_t *buf)
1085 return (buf[0] << 8) | buf[1];
1088 static inline int ube32_to_cpu(const uint8_t *buf)
1090 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1093 static void lba_to_msf(uint8_t *buf, int lba)
1096 buf[0] = (lba / 75) / 60;
1097 buf[1] = (lba / 75) % 60;
1101 static void cd_data_to_raw(uint8_t *buf, int lba)
1105 memset(buf + 1, 0xff, 10);
1109 lba_to_msf(buf, lba);
1110 buf[3] = 0x01; /* mode 1 data */
1114 /* XXX: ECC not computed */
1115 memset(buf, 0, 288);
1118 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
1123 switch(sector_size) {
1125 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1128 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1131 cd_data_to_raw(buf, lba);
1140 static void ide_atapi_io_error(IDEState *s, int ret)
1142 /* XXX: handle more errors */
1143 if (ret == -ENOMEDIUM) {
1144 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1145 ASC_MEDIUM_NOT_PRESENT);
1147 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1148 ASC_LOGICAL_BLOCK_OOR);
1152 /* The whole ATAPI transfer logic is handled in this function */
1153 static void ide_atapi_cmd_reply_end(IDEState *s)
1155 int byte_count_limit, size, ret;
1156 #ifdef DEBUG_IDE_ATAPI
1157 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1158 s->packet_transfer_size,
1159 s->elementary_transfer_size,
1160 s->io_buffer_index);
1162 if (s->packet_transfer_size <= 0) {
1163 /* end of transfer */
1164 ide_transfer_stop(s);
1165 s->status = READY_STAT | SEEK_STAT;
1166 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1168 #ifdef DEBUG_IDE_ATAPI
1169 printf("status=0x%x\n", s->status);
1172 /* see if a new sector must be read */
1173 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1174 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1176 ide_transfer_stop(s);
1177 ide_atapi_io_error(s, ret);
1181 s->io_buffer_index = 0;
1183 if (s->elementary_transfer_size > 0) {
1184 /* there are some data left to transmit in this elementary
1186 size = s->cd_sector_size - s->io_buffer_index;
1187 if (size > s->elementary_transfer_size)
1188 size = s->elementary_transfer_size;
1189 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1190 size, ide_atapi_cmd_reply_end);
1191 s->packet_transfer_size -= size;
1192 s->elementary_transfer_size -= size;
1193 s->io_buffer_index += size;
1195 /* a new transfer is needed */
1196 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1197 byte_count_limit = s->lcyl | (s->hcyl << 8);
1198 #ifdef DEBUG_IDE_ATAPI
1199 printf("byte_count_limit=%d\n", byte_count_limit);
1201 if (byte_count_limit == 0xffff)
1203 size = s->packet_transfer_size;
1204 if (size > byte_count_limit) {
1205 /* byte count limit must be even if this case */
1206 if (byte_count_limit & 1)
1208 size = byte_count_limit;
1211 s->hcyl = size >> 8;
1212 s->elementary_transfer_size = size;
1213 /* we cannot transmit more than one sector at a time */
1215 if (size > (s->cd_sector_size - s->io_buffer_index))
1216 size = (s->cd_sector_size - s->io_buffer_index);
1218 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1219 size, ide_atapi_cmd_reply_end);
1220 s->packet_transfer_size -= size;
1221 s->elementary_transfer_size -= size;
1222 s->io_buffer_index += size;
1224 #ifdef DEBUG_IDE_ATAPI
1225 printf("status=0x%x\n", s->status);
1231 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1232 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1234 if (size > max_size)
1236 s->lba = -1; /* no sector read */
1237 s->packet_transfer_size = size;
1238 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1239 s->elementary_transfer_size = 0;
1240 s->io_buffer_index = 0;
1243 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
1244 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1246 s->status = READY_STAT | SEEK_STAT;
1247 ide_atapi_cmd_reply_end(s);
1251 /* start a CD-CDROM read command */
1252 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1256 s->packet_transfer_size = nb_sectors * sector_size;
1257 s->elementary_transfer_size = 0;
1258 s->io_buffer_index = sector_size;
1259 s->cd_sector_size = sector_size;
1261 s->status = READY_STAT | SEEK_STAT;
1262 ide_atapi_cmd_reply_end(s);
1265 /* ATAPI DMA support */
1267 /* XXX: handle read errors */
1268 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1270 BMDMAState *bm = opaque;
1271 IDEState *s = bm->ide_if;
1275 ide_atapi_io_error(s, ret);
1279 if (s->io_buffer_size > 0) {
1281 * For a cdrom read sector command (s->lba != -1),
1282 * adjust the lba for the next s->io_buffer_size chunk
1283 * and dma the current chunk.
1284 * For a command != read (s->lba == -1), just transfer
1288 if (s->cd_sector_size == 2352) {
1290 cd_data_to_raw(s->io_buffer, s->lba);
1292 n = s->io_buffer_size >> 11;
1296 s->packet_transfer_size -= s->io_buffer_size;
1297 if (dma_buf_rw(bm, 1) == 0)
1301 if (s->packet_transfer_size <= 0) {
1302 s->status = READY_STAT | SEEK_STAT;
1303 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1306 bm->status &= ~BM_STATUS_DMAING;
1307 bm->status |= BM_STATUS_INT;
1314 s->io_buffer_index = 0;
1315 if (s->cd_sector_size == 2352) {
1317 s->io_buffer_size = s->cd_sector_size;
1320 n = s->packet_transfer_size >> 11;
1321 if (n > (IDE_DMA_BUF_SECTORS / 4))
1322 n = (IDE_DMA_BUF_SECTORS / 4);
1323 s->io_buffer_size = n * 2048;
1327 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1329 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1330 s->io_buffer + data_offset, n * 4,
1331 ide_atapi_cmd_read_dma_cb, bm);
1333 /* Note: media not present is the most likely case */
1334 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1335 ASC_MEDIUM_NOT_PRESENT);
1340 /* start a CD-CDROM read command with DMA */
1341 /* XXX: test if DMA is available */
1342 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1346 s->packet_transfer_size = nb_sectors * sector_size;
1347 s->io_buffer_index = 0;
1348 s->io_buffer_size = 0;
1349 s->cd_sector_size = sector_size;
1351 /* XXX: check if BUSY_STAT should be set */
1352 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1353 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1356 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1359 #ifdef DEBUG_IDE_ATAPI
1360 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1364 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1366 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1370 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1373 uint8_t *buf_profile = buf + 12; /* start of profiles */
1375 buf_profile += ((*index) * 4); /* start of indexed profile */
1376 cpu_to_ube16 (buf_profile, profile);
1377 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1379 /* each profile adds 4 bytes to the response */
1381 buf[11] += 4; /* Additional Length */
1386 static int ide_dvd_read_structure(IDEState *s, int format,
1387 const uint8_t *packet, uint8_t *buf)
1390 case 0x0: /* Physical format information */
1392 int layer = packet[6];
1393 uint64_t total_sectors;
1396 return -ASC_INV_FIELD_IN_CMD_PACKET;
1398 bdrv_get_geometry(s->bs, &total_sectors);
1399 total_sectors >>= 2;
1400 if (total_sectors == 0)
1401 return -ASC_MEDIUM_NOT_PRESENT;
1403 buf[4] = 1; /* DVD-ROM, part version 1 */
1404 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1405 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1406 buf[7] = 0; /* default densities */
1408 /* FIXME: 0x30000 per spec? */
1409 cpu_to_ube32(buf + 8, 0); /* start sector */
1410 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1411 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1413 /* Size of buffer, not including 2 byte size field */
1414 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1416 /* 2k data + 4 byte header */
1420 case 0x01: /* DVD copyright information */
1421 buf[4] = 0; /* no copyright data */
1422 buf[5] = 0; /* no region restrictions */
1424 /* Size of buffer, not including 2 byte size field */
1425 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1427 /* 4 byte header + 4 byte data */
1430 case 0x03: /* BCA information - invalid field for no BCA info */
1431 return -ASC_INV_FIELD_IN_CMD_PACKET;
1433 case 0x04: /* DVD disc manufacturing information */
1434 /* Size of buffer, not including 2 byte size field */
1435 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1437 /* 2k data + 4 byte header */
1442 * This lists all the command capabilities above. Add new ones
1443 * in order and update the length and buffer return values.
1446 buf[4] = 0x00; /* Physical format */
1447 buf[5] = 0x40; /* Not writable, is readable */
1448 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1450 buf[8] = 0x01; /* Copyright info */
1451 buf[9] = 0x40; /* Not writable, is readable */
1452 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1454 buf[12] = 0x03; /* BCA info */
1455 buf[13] = 0x40; /* Not writable, is readable */
1456 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1458 buf[16] = 0x04; /* Manufacturing info */
1459 buf[17] = 0x40; /* Not writable, is readable */
1460 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1462 /* Size of buffer, not including 2 byte size field */
1463 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1465 /* data written + 4 byte header */
1468 default: /* TODO: formats beyond DVD-ROM requires */
1469 return -ASC_INV_FIELD_IN_CMD_PACKET;
1473 static void ide_atapi_cmd(IDEState *s)
1475 const uint8_t *packet;
1479 packet = s->io_buffer;
1481 #ifdef DEBUG_IDE_ATAPI
1484 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1485 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1486 printf(" %02x", packet[i]);
1491 switch(s->io_buffer[0]) {
1492 case GPCMD_TEST_UNIT_READY:
1493 if (bdrv_is_inserted(s->bs)) {
1494 ide_atapi_cmd_ok(s);
1496 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1497 ASC_MEDIUM_NOT_PRESENT);
1500 case GPCMD_MODE_SENSE_6:
1501 case GPCMD_MODE_SENSE_10:
1504 if (packet[0] == GPCMD_MODE_SENSE_10)
1505 max_len = ube16_to_cpu(packet + 7);
1507 max_len = packet[4];
1508 action = packet[2] >> 6;
1509 code = packet[2] & 0x3f;
1511 case 0: /* current values */
1513 case 0x01: /* error recovery */
1514 cpu_to_ube16(&buf[0], 16 + 6);
1530 ide_atapi_cmd_reply(s, 16, max_len);
1533 cpu_to_ube16(&buf[0], 28 + 6);
1548 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1549 if (bdrv_is_locked(s->bs))
1552 cpu_to_ube16(&buf[16], 706);
1555 cpu_to_ube16(&buf[20], 512);
1556 cpu_to_ube16(&buf[22], 706);
1561 ide_atapi_cmd_reply(s, 28, max_len);
1567 case 1: /* changeable values */
1569 case 2: /* default values */
1572 case 3: /* saved values */
1573 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1574 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1579 case GPCMD_REQUEST_SENSE:
1580 max_len = packet[4];
1582 buf[0] = 0x70 | (1 << 7);
1583 buf[2] = s->sense_key;
1586 ide_atapi_cmd_reply(s, 18, max_len);
1588 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1589 if (bdrv_is_inserted(s->bs)) {
1590 bdrv_set_locked(s->bs, packet[4] & 1);
1591 ide_atapi_cmd_ok(s);
1593 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1594 ASC_MEDIUM_NOT_PRESENT);
1600 int nb_sectors, lba;
1602 if (packet[0] == GPCMD_READ_10)
1603 nb_sectors = ube16_to_cpu(packet + 7);
1605 nb_sectors = ube32_to_cpu(packet + 6);
1606 lba = ube32_to_cpu(packet + 2);
1607 if (nb_sectors == 0) {
1608 ide_atapi_cmd_ok(s);
1611 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1616 int nb_sectors, lba, transfer_request;
1618 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1619 lba = ube32_to_cpu(packet + 2);
1620 if (nb_sectors == 0) {
1621 ide_atapi_cmd_ok(s);
1624 transfer_request = packet[9];
1625 switch(transfer_request & 0xf8) {
1628 ide_atapi_cmd_ok(s);
1632 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1636 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1639 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1640 ASC_INV_FIELD_IN_CMD_PACKET);
1648 uint64_t total_sectors;
1650 bdrv_get_geometry(s->bs, &total_sectors);
1651 total_sectors >>= 2;
1652 if (total_sectors == 0) {
1653 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1654 ASC_MEDIUM_NOT_PRESENT);
1657 lba = ube32_to_cpu(packet + 2);
1658 if (lba >= total_sectors) {
1659 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1660 ASC_LOGICAL_BLOCK_OOR);
1663 ide_atapi_cmd_ok(s);
1666 case GPCMD_START_STOP_UNIT:
1669 start = packet[4] & 1;
1670 eject = (packet[4] >> 1) & 1;
1672 if (eject && !start) {
1673 /* eject the disk */
1674 bdrv_eject(s->bs, 1);
1675 } else if (eject && start) {
1676 /* close the tray */
1677 bdrv_eject(s->bs, 0);
1679 ide_atapi_cmd_ok(s);
1682 case GPCMD_MECHANISM_STATUS:
1684 max_len = ube16_to_cpu(packet + 8);
1685 cpu_to_ube16(buf, 0);
1686 /* no current LBA */
1691 cpu_to_ube16(buf + 6, 0);
1692 ide_atapi_cmd_reply(s, 8, max_len);
1695 case GPCMD_READ_TOC_PMA_ATIP:
1697 int format, msf, start_track, len;
1698 uint64_t total_sectors;
1700 bdrv_get_geometry(s->bs, &total_sectors);
1701 total_sectors >>= 2;
1702 if (total_sectors == 0) {
1703 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1704 ASC_MEDIUM_NOT_PRESENT);
1707 max_len = ube16_to_cpu(packet + 7);
1708 format = packet[9] >> 6;
1709 msf = (packet[1] >> 1) & 1;
1710 start_track = packet[6];
1713 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1716 ide_atapi_cmd_reply(s, len, max_len);
1719 /* multi session : only a single session defined */
1724 ide_atapi_cmd_reply(s, 12, max_len);
1727 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1730 ide_atapi_cmd_reply(s, len, max_len);
1734 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1735 ASC_INV_FIELD_IN_CMD_PACKET);
1740 case GPCMD_READ_CDVD_CAPACITY:
1742 uint64_t total_sectors;
1744 bdrv_get_geometry(s->bs, &total_sectors);
1745 total_sectors >>= 2;
1746 if (total_sectors == 0) {
1747 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1748 ASC_MEDIUM_NOT_PRESENT);
1751 /* NOTE: it is really the number of sectors minus 1 */
1752 cpu_to_ube32(buf, total_sectors - 1);
1753 cpu_to_ube32(buf + 4, 2048);
1754 ide_atapi_cmd_reply(s, 8, 8);
1757 case GPCMD_READ_DVD_STRUCTURE:
1759 int media = packet[1];
1760 int format = packet[7];
1763 max_len = ube16_to_cpu(packet + 8);
1765 if (format < 0xff) {
1766 if (media_is_cd(s)) {
1767 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1768 ASC_INCOMPATIBLE_FORMAT);
1770 } else if (!media_present(s)) {
1771 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1772 ASC_INV_FIELD_IN_CMD_PACKET);
1777 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1778 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1784 ret = ide_dvd_read_structure(s, format, packet, buf);
1787 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1789 ide_atapi_cmd_reply(s, ret, max_len);
1793 /* TODO: BD support, fall through for now */
1795 /* Generic disk structures */
1796 case 0x80: /* TODO: AACS volume identifier */
1797 case 0x81: /* TODO: AACS media serial number */
1798 case 0x82: /* TODO: AACS media identifier */
1799 case 0x83: /* TODO: AACS media key block */
1800 case 0x90: /* TODO: List of recognized format layers */
1801 case 0xc0: /* TODO: Write protection status */
1803 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1804 ASC_INV_FIELD_IN_CMD_PACKET);
1809 case GPCMD_SET_SPEED:
1810 ide_atapi_cmd_ok(s);
1813 max_len = packet[4];
1814 buf[0] = 0x05; /* CD-ROM */
1815 buf[1] = 0x80; /* removable */
1816 buf[2] = 0x00; /* ISO */
1817 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1818 buf[4] = 31; /* additional length */
1819 buf[5] = 0; /* reserved */
1820 buf[6] = 0; /* reserved */
1821 buf[7] = 0; /* reserved */
1822 padstr8(buf + 8, 8, "QEMU");
1823 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1824 padstr8(buf + 32, 4, QEMU_VERSION);
1825 ide_atapi_cmd_reply(s, 36, max_len);
1827 case GPCMD_GET_CONFIGURATION:
1832 /* only feature 0 is supported */
1833 if (packet[2] != 0 || packet[3] != 0) {
1834 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1835 ASC_INV_FIELD_IN_CMD_PACKET);
1839 /* XXX: could result in alignment problems in some architectures */
1840 max_len = ube16_to_cpu(packet + 7);
1843 * XXX: avoid overflow for io_buffer if max_len is bigger than
1844 * the size of that buffer (dimensioned to max number of
1845 * sectors to transfer at once)
1847 * Only a problem if the feature/profiles grow.
1849 if (max_len > 512) /* XXX: assume 1 sector */
1852 memset(buf, 0, max_len);
1854 * the number of sectors from the media tells us which profile
1855 * to use as current. 0 means there is no media
1857 if (media_is_dvd(s))
1858 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1859 else if (media_is_cd(s))
1860 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1862 buf[10] = 0x02 | 0x01; /* persistent and current */
1863 len = 12; /* headers: 8 + 4 */
1864 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1865 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1866 cpu_to_ube32(buf, len - 4); /* data length */
1868 ide_atapi_cmd_reply(s, len, max_len);
1872 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1873 ASC_ILLEGAL_OPCODE);
1878 static void ide_cfata_metadata_inquiry(IDEState *s)
1883 p = (uint16_t *) s->io_buffer;
1884 memset(p, 0, 0x200);
1885 spd = ((s->mdata_size - 1) >> 9) + 1;
1887 put_le16(p + 0, 0x0001); /* Data format revision */
1888 put_le16(p + 1, 0x0000); /* Media property: silicon */
1889 put_le16(p + 2, s->media_changed); /* Media status */
1890 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1891 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1892 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1893 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1896 static void ide_cfata_metadata_read(IDEState *s)
1900 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1901 s->status = ERR_STAT;
1902 s->error = ABRT_ERR;
1906 p = (uint16_t *) s->io_buffer;
1907 memset(p, 0, 0x200);
1909 put_le16(p + 0, s->media_changed); /* Media status */
1910 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1911 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1912 s->nsector << 9), 0x200 - 2));
1915 static void ide_cfata_metadata_write(IDEState *s)
1917 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1918 s->status = ERR_STAT;
1919 s->error = ABRT_ERR;
1923 s->media_changed = 0;
1925 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1927 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1928 s->nsector << 9), 0x200 - 2));
1931 /* called when the inserted state of the media has changed */
1932 static void cdrom_change_cb(void *opaque)
1934 IDEState *s = opaque;
1935 uint64_t nb_sectors;
1937 /* XXX: send interrupt too */
1938 bdrv_get_geometry(s->bs, &nb_sectors);
1939 s->nb_sectors = nb_sectors;
1942 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1946 /* handle the 'magic' 0 nsector count conversion here. to avoid
1947 * fiddling with the rest of the read logic, we just store the
1948 * full sector count in ->nsector and ignore ->hob_nsector from now
1954 if (!s->nsector && !s->hob_nsector)
1957 int lo = s->nsector;
1958 int hi = s->hob_nsector;
1960 s->nsector = (hi << 8) | lo;
1965 static void ide_clear_hob(IDEState *ide_if)
1967 /* any write clears HOB high bit of device control register */
1968 ide_if[0].select &= ~(1 << 7);
1969 ide_if[1].select &= ~(1 << 7);
1972 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1974 IDEState *ide_if = opaque;
1980 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1988 ide_clear_hob(ide_if);
1989 /* NOTE: data is written to the two drives */
1990 ide_if[0].hob_feature = ide_if[0].feature;
1991 ide_if[1].hob_feature = ide_if[1].feature;
1992 ide_if[0].feature = val;
1993 ide_if[1].feature = val;
1996 ide_clear_hob(ide_if);
1997 ide_if[0].hob_nsector = ide_if[0].nsector;
1998 ide_if[1].hob_nsector = ide_if[1].nsector;
1999 ide_if[0].nsector = val;
2000 ide_if[1].nsector = val;
2003 ide_clear_hob(ide_if);
2004 ide_if[0].hob_sector = ide_if[0].sector;
2005 ide_if[1].hob_sector = ide_if[1].sector;
2006 ide_if[0].sector = val;
2007 ide_if[1].sector = val;
2010 ide_clear_hob(ide_if);
2011 ide_if[0].hob_lcyl = ide_if[0].lcyl;
2012 ide_if[1].hob_lcyl = ide_if[1].lcyl;
2013 ide_if[0].lcyl = val;
2014 ide_if[1].lcyl = val;
2017 ide_clear_hob(ide_if);
2018 ide_if[0].hob_hcyl = ide_if[0].hcyl;
2019 ide_if[1].hob_hcyl = ide_if[1].hcyl;
2020 ide_if[0].hcyl = val;
2021 ide_if[1].hcyl = val;
2024 /* FIXME: HOB readback uses bit 7 */
2025 ide_if[0].select = (val & ~0x10) | 0xa0;
2026 ide_if[1].select = (val | 0x10) | 0xa0;
2028 unit = (val >> 4) & 1;
2030 ide_if->cur_drive = s;
2035 #if defined(DEBUG_IDE)
2036 printf("ide: CMD=%02x\n", val);
2038 s = ide_if->cur_drive;
2039 /* ignore commands to non existant slave */
2040 if (s != ide_if && !s->bs)
2045 if (s->bs && !s->is_cdrom) {
2049 ide_cfata_identify(s);
2050 s->status = READY_STAT | SEEK_STAT;
2051 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2054 ide_set_signature(s);
2056 ide_abort_command(s);
2063 s->status = READY_STAT | SEEK_STAT;
2067 if (s->is_cf && s->nsector == 0) {
2068 /* Disable Read and Write Multiple */
2069 s->mult_sectors = 0;
2070 s->status = READY_STAT | SEEK_STAT;
2071 } else if ((s->nsector & 0xff) != 0 &&
2072 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
2073 (s->nsector & (s->nsector - 1)) != 0)) {
2074 ide_abort_command(s);
2076 s->mult_sectors = s->nsector & 0xff;
2077 s->status = READY_STAT | SEEK_STAT;
2081 case WIN_VERIFY_EXT:
2084 case WIN_VERIFY_ONCE:
2085 /* do sector number check ? */
2086 ide_cmd_lba48_transform(s, lba48);
2087 s->status = READY_STAT | SEEK_STAT;
2096 ide_cmd_lba48_transform(s, lba48);
2097 s->req_nb_sectors = 1;
2103 case WIN_WRITE_ONCE:
2104 case CFA_WRITE_SECT_WO_ERASE:
2105 case WIN_WRITE_VERIFY:
2106 ide_cmd_lba48_transform(s, lba48);
2108 s->status = SEEK_STAT | READY_STAT;
2109 s->req_nb_sectors = 1;
2110 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
2111 s->media_changed = 1;
2113 case WIN_MULTREAD_EXT:
2116 if (!s->mult_sectors)
2118 ide_cmd_lba48_transform(s, lba48);
2119 s->req_nb_sectors = s->mult_sectors;
2122 case WIN_MULTWRITE_EXT:
2125 case CFA_WRITE_MULTI_WO_ERASE:
2126 if (!s->mult_sectors)
2128 ide_cmd_lba48_transform(s, lba48);
2130 s->status = SEEK_STAT | READY_STAT;
2131 s->req_nb_sectors = s->mult_sectors;
2133 if (n > s->req_nb_sectors)
2134 n = s->req_nb_sectors;
2135 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
2136 s->media_changed = 1;
2138 case WIN_READDMA_EXT:
2141 case WIN_READDMA_ONCE:
2144 ide_cmd_lba48_transform(s, lba48);
2145 ide_sector_read_dma(s);
2147 case WIN_WRITEDMA_EXT:
2150 case WIN_WRITEDMA_ONCE:
2153 ide_cmd_lba48_transform(s, lba48);
2154 ide_sector_write_dma(s);
2155 s->media_changed = 1;
2157 case WIN_READ_NATIVE_MAX_EXT:
2159 case WIN_READ_NATIVE_MAX:
2160 ide_cmd_lba48_transform(s, lba48);
2161 ide_set_sector(s, s->nb_sectors - 1);
2162 s->status = READY_STAT | SEEK_STAT;
2165 case WIN_CHECKPOWERMODE1:
2166 case WIN_CHECKPOWERMODE2:
2167 s->nsector = 0xff; /* device active or idle */
2168 s->status = READY_STAT | SEEK_STAT;
2171 case WIN_SETFEATURES:
2174 /* XXX: valid for CDROM ? */
2175 switch(s->feature) {
2176 case 0xcc: /* reverting to power-on defaults enable */
2177 case 0x66: /* reverting to power-on defaults disable */
2178 case 0x02: /* write cache enable */
2179 case 0x82: /* write cache disable */
2180 case 0xaa: /* read look-ahead enable */
2181 case 0x55: /* read look-ahead disable */
2182 case 0x05: /* set advanced power management mode */
2183 case 0x85: /* disable advanced power management mode */
2184 case 0x69: /* NOP */
2185 case 0x67: /* NOP */
2186 case 0x96: /* NOP */
2187 case 0x9a: /* NOP */
2188 case 0x42: /* enable Automatic Acoustic Mode */
2189 case 0xc2: /* disable Automatic Acoustic Mode */
2190 s->status = READY_STAT | SEEK_STAT;
2193 case 0x03: { /* set transfer mode */
2194 uint8_t val = s->nsector & 0x07;
2196 switch (s->nsector >> 3) {
2197 case 0x00: /* pio default */
2198 case 0x01: /* pio mode */
2199 put_le16(s->identify_data + 62,0x07);
2200 put_le16(s->identify_data + 63,0x07);
2201 put_le16(s->identify_data + 88,0x3f);
2203 case 0x02: /* sigle word dma mode*/
2204 put_le16(s->identify_data + 62,0x07 | (1 << (val + 8)));
2205 put_le16(s->identify_data + 63,0x07);
2206 put_le16(s->identify_data + 88,0x3f);
2208 case 0x04: /* mdma mode */
2209 put_le16(s->identify_data + 62,0x07);
2210 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
2211 put_le16(s->identify_data + 88,0x3f);
2213 case 0x08: /* udma mode */
2214 put_le16(s->identify_data + 62,0x07);
2215 put_le16(s->identify_data + 63,0x07);
2216 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
2221 s->status = READY_STAT | SEEK_STAT;
2229 case WIN_FLUSH_CACHE:
2230 case WIN_FLUSH_CACHE_EXT:
2233 s->status = READY_STAT | SEEK_STAT;
2238 case WIN_STANDBYNOW1:
2239 case WIN_STANDBYNOW2:
2240 case WIN_IDLEIMMEDIATE:
2241 case CFA_IDLEIMMEDIATE:
2246 s->status = READY_STAT;
2249 /* ATAPI commands */
2252 ide_atapi_identify(s);
2253 s->status = READY_STAT | SEEK_STAT;
2254 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2256 ide_abort_command(s);
2261 ide_set_signature(s);
2262 s->status = READY_STAT | SEEK_STAT;
2269 ide_set_signature(s);
2270 s->status = 0x00; /* NOTE: READY is _not_ set */
2276 /* overlapping commands not supported */
2277 if (s->feature & 0x02)
2279 s->status = READY_STAT | SEEK_STAT;
2280 s->atapi_dma = s->feature & 1;
2282 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2285 /* CF-ATA commands */
2286 case CFA_REQ_EXT_ERROR_CODE:
2289 s->error = 0x09; /* miscellaneous error */
2290 s->status = READY_STAT | SEEK_STAT;
2293 case CFA_ERASE_SECTORS:
2294 case CFA_WEAR_LEVEL:
2297 if (val == CFA_WEAR_LEVEL)
2299 if (val == CFA_ERASE_SECTORS)
2300 s->media_changed = 1;
2302 s->status = READY_STAT | SEEK_STAT;
2305 case CFA_TRANSLATE_SECTOR:
2309 s->status = READY_STAT | SEEK_STAT;
2310 memset(s->io_buffer, 0, 0x200);
2311 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2312 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2313 s->io_buffer[0x02] = s->select; /* Head */
2314 s->io_buffer[0x03] = s->sector; /* Sector */
2315 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2316 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2317 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2318 s->io_buffer[0x13] = 0x00; /* Erase flag */
2319 s->io_buffer[0x18] = 0x00; /* Hot count */
2320 s->io_buffer[0x19] = 0x00; /* Hot count */
2321 s->io_buffer[0x1a] = 0x01; /* Hot count */
2322 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2325 case CFA_ACCESS_METADATA_STORAGE:
2328 switch (s->feature) {
2329 case 0x02: /* Inquiry Metadata Storage */
2330 ide_cfata_metadata_inquiry(s);
2332 case 0x03: /* Read Metadata Storage */
2333 ide_cfata_metadata_read(s);
2335 case 0x04: /* Write Metadata Storage */
2336 ide_cfata_metadata_write(s);
2341 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2342 s->status = 0x00; /* NOTE: READY is _not_ set */
2345 case IBM_SENSE_CONDITION:
2348 switch (s->feature) {
2349 case 0x01: /* sense temperature in device */
2350 s->nsector = 0x50; /* +20 C */
2355 s->status = READY_STAT | SEEK_STAT;
2360 ide_abort_command(s);
2367 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2369 IDEState *ide_if = opaque;
2370 IDEState *s = ide_if->cur_drive;
2375 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2376 //hob = s->select & (1 << 7);
2383 if (!ide_if[0].bs && !ide_if[1].bs)
2388 ret = s->hob_feature;
2391 if (!ide_if[0].bs && !ide_if[1].bs)
2394 ret = s->nsector & 0xff;
2396 ret = s->hob_nsector;
2399 if (!ide_if[0].bs && !ide_if[1].bs)
2404 ret = s->hob_sector;
2407 if (!ide_if[0].bs && !ide_if[1].bs)
2415 if (!ide_if[0].bs && !ide_if[1].bs)
2423 if (!ide_if[0].bs && !ide_if[1].bs)
2430 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2431 (s != ide_if && !s->bs))
2435 qemu_irq_lower(s->irq);
2439 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2444 static uint32_t ide_status_read(void *opaque, uint32_t addr)
2446 IDEState *ide_if = opaque;
2447 IDEState *s = ide_if->cur_drive;
2450 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2451 (s != ide_if && !s->bs))
2456 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2461 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2463 IDEState *ide_if = opaque;
2468 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2470 /* common for both drives */
2471 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2472 (val & IDE_CMD_RESET)) {
2473 /* reset low to high */
2474 for(i = 0;i < 2; i++) {
2476 s->status = BUSY_STAT | SEEK_STAT;
2479 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2480 !(val & IDE_CMD_RESET)) {
2482 for(i = 0;i < 2; i++) {
2485 s->status = 0x00; /* NOTE: READY is _not_ set */
2487 s->status = READY_STAT | SEEK_STAT;
2488 ide_set_signature(s);
2492 ide_if[0].cmd = val;
2493 ide_if[1].cmd = val;
2496 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2498 IDEState *s = ((IDEState *)opaque)->cur_drive;
2502 *(uint16_t *)p = le16_to_cpu(val);
2505 if (p >= s->data_end)
2506 s->end_transfer_func(s);
2509 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2511 IDEState *s = ((IDEState *)opaque)->cur_drive;
2515 ret = cpu_to_le16(*(uint16_t *)p);
2518 if (p >= s->data_end)
2519 s->end_transfer_func(s);
2523 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2525 IDEState *s = ((IDEState *)opaque)->cur_drive;
2529 *(uint32_t *)p = le32_to_cpu(val);
2532 if (p >= s->data_end)
2533 s->end_transfer_func(s);
2536 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2538 IDEState *s = ((IDEState *)opaque)->cur_drive;
2543 ret = cpu_to_le32(*(uint32_t *)p);
2546 if (p >= s->data_end)
2547 s->end_transfer_func(s);
2551 static void ide_dummy_transfer_stop(IDEState *s)
2553 s->data_ptr = s->io_buffer;
2554 s->data_end = s->io_buffer;
2555 s->io_buffer[0] = 0xff;
2556 s->io_buffer[1] = 0xff;
2557 s->io_buffer[2] = 0xff;
2558 s->io_buffer[3] = 0xff;
2561 static void ide_reset(IDEState *s)
2564 s->mult_sectors = 0;
2566 s->mult_sectors = MAX_MULT_SECTORS;
2569 s->status = READY_STAT | SEEK_STAT;
2570 ide_set_signature(s);
2571 /* init the transfer handler so that 0xffff is returned on data
2573 s->end_transfer_func = ide_dummy_transfer_stop;
2574 ide_dummy_transfer_stop(s);
2575 s->media_changed = 0;
2579 uint8_t boot_ind; /* 0x80 - active */
2580 uint8_t head; /* starting head */
2581 uint8_t sector; /* starting sector */
2582 uint8_t cyl; /* starting cylinder */
2583 uint8_t sys_ind; /* What partition type */
2584 uint8_t end_head; /* end head */
2585 uint8_t end_sector; /* end sector */
2586 uint8_t end_cyl; /* end cylinder */
2587 uint32_t start_sect; /* starting sector counting from 0 */
2588 uint32_t nr_sects; /* nr of sectors in partition */
2589 } __attribute__((packed));
2591 /* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
2592 static int guess_disk_lchs(IDEState *s,
2593 int *pcylinders, int *pheads, int *psectors)
2595 uint8_t *buf = s->io_buffer;
2596 int ret, i, heads, sectors, cylinders;
2597 struct partition *p;
2600 ret = bdrv_read(s->bs, 0, buf, 1);
2604 /* test msdos magic */
2605 if (buf[510] != 0x55 || buf[511] != 0xaa) {
2608 for(i = 0; i < 4; i++) {
2609 p = ((struct partition *)(buf + 0x1be)) + i;
2610 nr_sects = le32_to_cpu(p->nr_sects);
2611 if (nr_sects && p->end_head) {
2612 /* We make the assumption that the partition terminates on
2613 a cylinder boundary */
2614 heads = p->end_head + 1;
2615 sectors = p->end_sector & 63;
2618 cylinders = s->nb_sectors / (heads * sectors);
2619 if (cylinders < 1 || cylinders > 16383)
2622 *psectors = sectors;
2623 *pcylinders = cylinders;
2625 printf("guessed geometry: LCHS=%d %d %d\n",
2626 cylinders, heads, sectors);
2634 static void ide_init2(IDEState *ide_state,
2635 BlockDriverState *hd0, BlockDriverState *hd1,
2639 static int drive_serial = 1;
2640 int i, cylinders, heads, secs, translation, lba_detected = 0;
2641 uint64_t nb_sectors;
2643 for(i = 0; i < 2; i++) {
2645 s->io_buffer = qemu_memalign(512, IDE_DMA_BUF_SECTORS*512 + 4);
2651 bdrv_get_geometry(s->bs, &nb_sectors);
2652 s->nb_sectors = nb_sectors;
2653 /* if a geometry hint is available, use it */
2654 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
2655 translation = bdrv_get_translation_hint(s->bs);
2656 if (cylinders != 0) {
2657 s->cylinders = cylinders;
2661 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
2663 /* if heads > 16, it means that a BIOS LBA
2664 translation was active, so the default
2665 hardware geometry is OK */
2667 goto default_geometry;
2669 s->cylinders = cylinders;
2672 /* disable any translation to be in sync with
2673 the logical geometry */
2674 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
2675 bdrv_set_translation_hint(s->bs,
2676 BIOS_ATA_TRANSLATION_NONE);
2681 /* if no geometry, use a standard physical disk geometry */
2682 cylinders = nb_sectors / (16 * 63);
2683 if (cylinders > 16383)
2685 else if (cylinders < 2)
2687 s->cylinders = cylinders;
2690 if ((lba_detected == 1) && (translation == BIOS_ATA_TRANSLATION_AUTO)) {
2691 if ((s->cylinders * s->heads) <= 131072) {
2692 bdrv_set_translation_hint(s->bs,
2693 BIOS_ATA_TRANSLATION_LARGE);
2695 bdrv_set_translation_hint(s->bs,
2696 BIOS_ATA_TRANSLATION_LBA);
2700 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
2702 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2704 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2707 s->drive_serial = drive_serial++;
2709 s->sector_write_timer = qemu_new_timer(vm_clock,
2710 ide_sector_write_timer_cb, s);
2715 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2717 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2718 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2720 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2721 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2725 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2726 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2727 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2728 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2731 /* save per IDE drive data */
2732 static void ide_save(QEMUFile* f, IDEState *s)
2734 qemu_put_be32(f, s->mult_sectors);
2735 qemu_put_be32(f, s->identify_set);
2736 if (s->identify_set) {
2737 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2739 qemu_put_8s(f, &s->feature);
2740 qemu_put_8s(f, &s->error);
2741 qemu_put_be32s(f, &s->nsector);
2742 qemu_put_8s(f, &s->sector);
2743 qemu_put_8s(f, &s->lcyl);
2744 qemu_put_8s(f, &s->hcyl);
2745 qemu_put_8s(f, &s->hob_feature);
2746 qemu_put_8s(f, &s->hob_nsector);
2747 qemu_put_8s(f, &s->hob_sector);
2748 qemu_put_8s(f, &s->hob_lcyl);
2749 qemu_put_8s(f, &s->hob_hcyl);
2750 qemu_put_8s(f, &s->select);
2751 qemu_put_8s(f, &s->status);
2752 qemu_put_8s(f, &s->lba48);
2754 qemu_put_8s(f, &s->sense_key);
2755 qemu_put_8s(f, &s->asc);
2756 /* XXX: if a transfer is pending, we do not save it yet */
2759 /* load per IDE drive data */
2760 static void ide_load(QEMUFile* f, IDEState *s)
2762 s->mult_sectors=qemu_get_be32(f);
2763 s->identify_set=qemu_get_be32(f);
2764 if (s->identify_set) {
2765 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2767 qemu_get_8s(f, &s->feature);
2768 qemu_get_8s(f, &s->error);
2769 qemu_get_be32s(f, &s->nsector);
2770 qemu_get_8s(f, &s->sector);
2771 qemu_get_8s(f, &s->lcyl);
2772 qemu_get_8s(f, &s->hcyl);
2773 qemu_get_8s(f, &s->hob_feature);
2774 qemu_get_8s(f, &s->hob_nsector);
2775 qemu_get_8s(f, &s->hob_sector);
2776 qemu_get_8s(f, &s->hob_lcyl);
2777 qemu_get_8s(f, &s->hob_hcyl);
2778 qemu_get_8s(f, &s->select);
2779 qemu_get_8s(f, &s->status);
2780 qemu_get_8s(f, &s->lba48);
2782 qemu_get_8s(f, &s->sense_key);
2783 qemu_get_8s(f, &s->asc);
2784 /* XXX: if a transfer is pending, we do not save it yet */
2787 /***********************************************************/
2788 /* ISA IDE definitions */
2790 void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
2791 BlockDriverState *hd0, BlockDriverState *hd1)
2793 IDEState *ide_state;
2795 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2799 ide_init2(ide_state, hd0, hd1, irq);
2800 ide_init_ioport(ide_state, iobase, iobase2);
2803 /***********************************************************/
2804 /* PCI IDE definitions */
2806 static void cmd646_update_irq(PCIIDEState *d);
2808 static void ide_map(PCIDevice *pci_dev, int region_num,
2809 uint32_t addr, uint32_t size, int type)
2811 PCIIDEState *d = (PCIIDEState *)pci_dev;
2812 IDEState *ide_state;
2814 if (region_num <= 3) {
2815 ide_state = &d->ide_if[(region_num >> 1) * 2];
2816 if (region_num & 1) {
2817 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2818 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2820 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2821 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2824 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2825 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2826 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2827 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2832 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2834 BMDMAState *bm = s->bmdma;
2838 bm->dma_cb = dma_cb;
2839 bm->cur_prd_last = 0;
2840 bm->cur_prd_addr = 0;
2841 bm->cur_prd_len = 0;
2842 if (bm->status & BM_STATUS_DMAING) {
2847 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2849 BMDMAState *bm = opaque;
2851 printf("%s: 0x%08x\n", __func__, val);
2853 if (!(val & BM_CMD_START)) {
2854 /* XXX: do it better */
2855 if (bm->status & BM_STATUS_DMAING) {
2856 bm->status &= ~BM_STATUS_DMAING;
2857 /* cancel DMA request */
2862 printf("aio_cancel\n");
2864 bdrv_aio_cancel(bm->aiocb);
2868 bm->cmd = val & 0x09;
2870 if (!(bm->status & BM_STATUS_DMAING)) {
2871 bm->status |= BM_STATUS_DMAING;
2872 /* start dma transfer if possible */
2876 bm->cmd = val & 0x09;
2880 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2882 BMDMAState *bm = opaque;
2883 PCIIDEState *pci_dev;
2891 pci_dev = bm->pci_dev;
2892 if (pci_dev->type == IDE_TYPE_CMD646) {
2893 val = pci_dev->dev.config[MRDMODE];
2902 pci_dev = bm->pci_dev;
2903 if (pci_dev->type == IDE_TYPE_CMD646) {
2904 if (bm == &pci_dev->bmdma[0])
2905 val = pci_dev->dev.config[UDIDETCR0];
2907 val = pci_dev->dev.config[UDIDETCR1];
2917 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2922 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2924 BMDMAState *bm = opaque;
2925 PCIIDEState *pci_dev;
2927 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
2931 pci_dev = bm->pci_dev;
2932 if (pci_dev->type == IDE_TYPE_CMD646) {
2933 pci_dev->dev.config[MRDMODE] =
2934 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2935 cmd646_update_irq(pci_dev);
2939 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2942 pci_dev = bm->pci_dev;
2943 if (pci_dev->type == IDE_TYPE_CMD646) {
2944 if (bm == &pci_dev->bmdma[0])
2945 pci_dev->dev.config[UDIDETCR0] = val;
2947 pci_dev->dev.config[UDIDETCR1] = val;
2953 static uint32_t bmdma_addr_readb(void *opaque, uint32_t addr)
2955 BMDMAState *bm = opaque;
2957 val = (bm->addr >> ((addr & 3) * 8)) & 0xff;
2959 printf("%s: 0x%08x\n", __func__, val);
2964 static void bmdma_addr_writeb(void *opaque, uint32_t addr, uint32_t val)
2966 BMDMAState *bm = opaque;
2967 int shift = (addr & 3) * 8;
2969 printf("%s: 0x%08x\n", __func__, val);
2971 bm->addr &= ~(0xFF << shift);
2972 bm->addr |= ((val & 0xFF) << shift) & ~3;
2973 bm->cur_addr = bm->addr;
2976 static uint32_t bmdma_addr_readw(void *opaque, uint32_t addr)
2978 BMDMAState *bm = opaque;
2980 val = (bm->addr >> ((addr & 3) * 8)) & 0xffff;
2982 printf("%s: 0x%08x\n", __func__, val);
2987 static void bmdma_addr_writew(void *opaque, uint32_t addr, uint32_t val)
2989 BMDMAState *bm = opaque;
2990 int shift = (addr & 3) * 8;
2992 printf("%s: 0x%08x\n", __func__, val);
2994 bm->addr &= ~(0xFFFF << shift);
2995 bm->addr |= ((val & 0xFFFF) << shift) & ~3;
2996 bm->cur_addr = bm->addr;
2999 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
3001 BMDMAState *bm = opaque;
3005 printf("%s: 0x%08x\n", __func__, val);
3010 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
3012 BMDMAState *bm = opaque;
3014 printf("%s: 0x%08x\n", __func__, val);
3016 bm->addr = val & ~3;
3017 bm->cur_addr = bm->addr;
3020 static void bmdma_map(PCIDevice *pci_dev, int region_num,
3021 uint32_t addr, uint32_t size, int type)
3023 PCIIDEState *d = (PCIIDEState *)pci_dev;
3026 for(i = 0;i < 2; i++) {
3027 BMDMAState *bm = &d->bmdma[i];
3028 d->ide_if[2 * i].bmdma = bm;
3029 d->ide_if[2 * i + 1].bmdma = bm;
3030 bm->pci_dev = (PCIIDEState *)pci_dev;
3032 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
3034 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
3035 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
3037 register_ioport_write(addr + 4, 4, 1, bmdma_addr_writeb, bm);
3038 register_ioport_read(addr + 4, 4, 1, bmdma_addr_readb, bm);
3039 register_ioport_write(addr + 4, 4, 2, bmdma_addr_writew, bm);
3040 register_ioport_read(addr + 4, 4, 2, bmdma_addr_readw, bm);
3041 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
3042 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
3047 /* XXX: call it also when the MRDMODE is changed from the PCI config
3049 static void cmd646_update_irq(PCIIDEState *d)
3052 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
3053 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
3054 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
3055 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
3056 qemu_set_irq(d->dev.irq[0], pci_level);
3059 /* the PCI irq level is the logical OR of the two channels */
3060 static void cmd646_set_irq(void *opaque, int channel, int level)
3062 PCIIDEState *d = opaque;
3065 irq_mask = MRDMODE_INTR_CH0 << channel;
3067 d->dev.config[MRDMODE] |= irq_mask;
3069 d->dev.config[MRDMODE] &= ~irq_mask;
3070 cmd646_update_irq(d);
3073 /* CMD646 PCI IDE controller */
3074 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
3075 int secondary_ide_enabled)
3082 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
3083 sizeof(PCIIDEState),
3086 d->type = IDE_TYPE_CMD646;
3087 pci_conf = d->dev.config;
3088 pci_conf[0x00] = 0x95; // CMD646
3089 pci_conf[0x01] = 0x10;
3090 pci_conf[0x02] = 0x46;
3091 pci_conf[0x03] = 0x06;
3093 pci_conf[0x08] = 0x07; // IDE controller revision
3094 pci_conf[0x09] = 0x8f;
3096 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3097 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3098 pci_conf[0x0e] = 0x00; // header_type
3100 if (secondary_ide_enabled) {
3101 /* XXX: if not enabled, really disable the seconday IDE controller */
3102 pci_conf[0x51] = 0x80; /* enable IDE1 */
3105 pci_register_io_region((PCIDevice *)d, 0, 0x8,
3106 PCI_ADDRESS_SPACE_IO, ide_map);
3107 pci_register_io_region((PCIDevice *)d, 1, 0x4,
3108 PCI_ADDRESS_SPACE_IO, ide_map);
3109 pci_register_io_region((PCIDevice *)d, 2, 0x8,
3110 PCI_ADDRESS_SPACE_IO, ide_map);
3111 pci_register_io_region((PCIDevice *)d, 3, 0x4,
3112 PCI_ADDRESS_SPACE_IO, ide_map);
3113 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3114 PCI_ADDRESS_SPACE_IO, bmdma_map);
3116 pci_conf[0x3d] = 0x01; // interrupt on pin 1
3118 for(i = 0; i < 4; i++)
3119 d->ide_if[i].pci_dev = (PCIDevice *)d;
3121 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
3122 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
3123 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
3126 static void pci_ide_save(QEMUFile* f, void *opaque)
3128 PCIIDEState *d = opaque;
3131 pci_device_save(&d->dev, f);
3133 for(i = 0; i < 2; i++) {
3134 BMDMAState *bm = &d->bmdma[i];
3135 qemu_put_8s(f, &bm->cmd);
3136 qemu_put_8s(f, &bm->status);
3137 qemu_put_be32s(f, &bm->addr);
3138 /* XXX: if a transfer is pending, we do not save it yet */
3141 /* per IDE interface data */
3142 for(i = 0; i < 2; i++) {
3143 IDEState *s = &d->ide_if[i * 2];
3144 uint8_t drive1_selected;
3145 qemu_put_8s(f, &s->cmd);
3146 drive1_selected = (s->cur_drive != s);
3147 qemu_put_8s(f, &drive1_selected);
3150 /* per IDE drive data */
3151 for(i = 0; i < 4; i++) {
3152 ide_save(f, &d->ide_if[i]);
3156 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
3158 PCIIDEState *d = opaque;
3161 if (version_id != 1)
3163 ret = pci_device_load(&d->dev, f);
3167 for(i = 0; i < 2; i++) {
3168 BMDMAState *bm = &d->bmdma[i];
3169 qemu_get_8s(f, &bm->cmd);
3170 qemu_get_8s(f, &bm->status);
3171 qemu_get_be32s(f, &bm->addr);
3172 /* XXX: if a transfer is pending, we do not save it yet */
3175 /* per IDE interface data */
3176 for(i = 0; i < 2; i++) {
3177 IDEState *s = &d->ide_if[i * 2];
3178 uint8_t drive1_selected;
3179 qemu_get_8s(f, &s->cmd);
3180 qemu_get_8s(f, &drive1_selected);
3181 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
3184 /* per IDE drive data */
3185 for(i = 0; i < 4; i++) {
3186 ide_load(f, &d->ide_if[i]);
3191 static void piix3_reset(PCIIDEState *d)
3193 uint8_t *pci_conf = d->dev.config;
3195 pci_conf[0x04] = 0x00;
3196 pci_conf[0x05] = 0x00;
3197 pci_conf[0x06] = 0x80; /* FBC */
3198 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
3199 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
3202 /* hd_table must contain 4 block drivers */
3203 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
3204 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3210 /* register a function 1 of PIIX3 */
3211 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
3212 sizeof(PCIIDEState),
3215 d->type = IDE_TYPE_PIIX3;
3217 pci_conf = d->dev.config;
3218 pci_conf[0x00] = 0x86; // Intel
3219 pci_conf[0x01] = 0x80;
3220 pci_conf[0x02] = 0x10;
3221 pci_conf[0x03] = 0x70;
3222 pci_conf[0x09] = 0x80; // legacy ATA mode
3223 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3224 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3225 pci_conf[0x0e] = 0x00; // header_type
3229 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3230 PCI_ADDRESS_SPACE_IO, bmdma_map);
3232 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3233 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3234 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3235 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3237 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3240 /* hd_table must contain 4 block drivers */
3241 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3242 void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3248 /* register a function 1 of PIIX4 */
3249 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
3250 sizeof(PCIIDEState),
3253 d->type = IDE_TYPE_PIIX4;
3255 pci_conf = d->dev.config;
3256 pci_conf[0x00] = 0x86; // Intel
3257 pci_conf[0x01] = 0x80;
3258 pci_conf[0x02] = 0x11;
3259 pci_conf[0x03] = 0x71;
3260 pci_conf[0x09] = 0x80; // legacy ATA mode
3261 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3262 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3263 pci_conf[0x0e] = 0x00; // header_type
3267 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3268 PCI_ADDRESS_SPACE_IO, bmdma_map);
3270 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3271 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3272 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3273 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3275 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3278 /***********************************************************/
3279 /* MacIO based PowerPC IDE */
3281 /* PowerMac IDE memory IO */
3282 static void pmac_ide_writeb (void *opaque,
3283 target_phys_addr_t addr, uint32_t val)
3285 addr = (addr & 0xFFF) >> 4;
3288 ide_ioport_write(opaque, addr, val);
3292 ide_cmd_write(opaque, 0, val);
3299 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3303 addr = (addr & 0xFFF) >> 4;
3306 retval = ide_ioport_read(opaque, addr);
3310 retval = ide_status_read(opaque, 0);
3319 static void pmac_ide_writew (void *opaque,
3320 target_phys_addr_t addr, uint32_t val)
3322 addr = (addr & 0xFFF) >> 4;
3323 #ifdef TARGET_WORDS_BIGENDIAN
3327 ide_data_writew(opaque, 0, val);
3331 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3335 addr = (addr & 0xFFF) >> 4;
3337 retval = ide_data_readw(opaque, 0);
3341 #ifdef TARGET_WORDS_BIGENDIAN
3342 retval = bswap16(retval);
3347 static void pmac_ide_writel (void *opaque,
3348 target_phys_addr_t addr, uint32_t val)
3350 addr = (addr & 0xFFF) >> 4;
3351 #ifdef TARGET_WORDS_BIGENDIAN
3355 ide_data_writel(opaque, 0, val);
3359 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3363 addr = (addr & 0xFFF) >> 4;
3365 retval = ide_data_readl(opaque, 0);
3367 retval = 0xFFFFFFFF;
3369 #ifdef TARGET_WORDS_BIGENDIAN
3370 retval = bswap32(retval);
3375 static CPUWriteMemoryFunc *pmac_ide_write[] = {
3381 static CPUReadMemoryFunc *pmac_ide_read[] = {
3387 /* hd_table must contain 4 block drivers */
3388 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3389 I/O index to access the ide. */
3390 int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
3393 int pmac_ide_memory;
3395 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
3396 ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3398 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3399 pmac_ide_write, &ide_if[0]);
3400 return pmac_ide_memory;
3403 /***********************************************************/
3404 /* CF-ATA Microdrive */
3406 #define METADATA_SIZE 0x20
3408 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3411 struct pcmcia_card_s card;
3425 /* Register bitfields */
3428 OPT_MODE_IOMAP16 = 1,
3429 OPT_MODE_IOMAP1 = 2,
3430 OPT_MODE_IOMAP2 = 3,
3441 STAT_CHANGED = 0x80,
3452 static inline void md_interrupt_update(struct md_s *s)
3457 qemu_set_irq(s->card.slot->irq,
3458 !(s->stat & STAT_INT) && /* Inverted */
3459 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3460 !(s->opt & OPT_SRESET));
3463 static void md_set_irq(void *opaque, int irq, int level)
3465 struct md_s *s = (struct md_s *) opaque;
3467 s->stat |= STAT_INT;
3469 s->stat &= ~STAT_INT;
3471 md_interrupt_update(s);
3474 static void md_reset(struct md_s *s)
3476 s->opt = OPT_MODE_MMAP;
3484 static uint8_t md_attr_read(void *opaque, uint32_t at)
3486 struct md_s *s = (struct md_s *) opaque;
3487 if (at < s->attr_base) {
3488 if (at < s->card.cis_len)
3489 return s->card.cis[at];
3497 case 0x00: /* Configuration Option Register */
3499 case 0x02: /* Card Configuration Status Register */
3500 if (s->ctrl & CTRL_IEN)
3501 return s->stat & ~STAT_INT;
3504 case 0x04: /* Pin Replacement Register */
3505 return (s->pins & PINS_CRDY) | 0x0c;
3506 case 0x06: /* Socket and Copy Register */
3510 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3517 static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
3519 struct md_s *s = (struct md_s *) opaque;
3523 case 0x00: /* Configuration Option Register */
3524 s->opt = value & 0xcf;
3525 if (value & OPT_SRESET)
3527 md_interrupt_update(s);
3529 case 0x02: /* Card Configuration Status Register */
3530 if ((s->stat ^ value) & STAT_PWRDWN)
3531 s->pins |= PINS_CRDY;
3533 s->stat |= value & 0x74;
3534 md_interrupt_update(s);
3535 /* Word 170 in Identify Device must be equal to STAT_XE */
3537 case 0x04: /* Pin Replacement Register */
3538 s->pins &= PINS_CRDY;
3539 s->pins |= value & PINS_MRDY;
3541 case 0x06: /* Socket and Copy Register */
3544 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3548 static uint16_t md_common_read(void *opaque, uint32_t at)
3550 struct md_s *s = (struct md_s *) opaque;
3554 switch (s->opt & OPT_MODE) {
3556 if ((at & ~0x3ff) == 0x400)
3559 case OPT_MODE_IOMAP16:
3562 case OPT_MODE_IOMAP1:
3563 if ((at & ~0xf) == 0x3f0)
3565 else if ((at & ~0xf) == 0x1f0)
3568 case OPT_MODE_IOMAP2:
3569 if ((at & ~0xf) == 0x370)
3571 else if ((at & ~0xf) == 0x170)
3576 case 0x0: /* Even RD Data */
3578 return ide_data_readw(s->ide, 0);
3580 /* TODO: 8-bit accesses */
3584 s->io = ide_data_readw(s->ide, 0);
3587 s->cycle = !s->cycle;
3589 case 0x9: /* Odd RD Data */
3591 case 0xd: /* Error */
3592 return ide_ioport_read(s->ide, 0x1);
3593 case 0xe: /* Alternate Status */
3594 if (s->ide->cur_drive->bs)
3595 return s->ide->cur_drive->status;
3598 case 0xf: /* Device Address */
3599 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
3601 return ide_ioport_read(s->ide, at);
3607 static void md_common_write(void *opaque, uint32_t at, uint16_t value)
3609 struct md_s *s = (struct md_s *) opaque;
3612 switch (s->opt & OPT_MODE) {
3614 if ((at & ~0x3ff) == 0x400)
3617 case OPT_MODE_IOMAP16:
3620 case OPT_MODE_IOMAP1:
3621 if ((at & ~0xf) == 0x3f0)
3623 else if ((at & ~0xf) == 0x1f0)
3626 case OPT_MODE_IOMAP2:
3627 if ((at & ~0xf) == 0x370)
3629 else if ((at & ~0xf) == 0x170)
3634 case 0x0: /* Even WR Data */
3636 ide_data_writew(s->ide, 0, value);
3639 /* TODO: 8-bit accesses */
3641 ide_data_writew(s->ide, 0, s->io | (value << 8));
3643 s->io = value & 0xff;
3644 s->cycle = !s->cycle;
3647 s->io = value & 0xff;
3648 s->cycle = !s->cycle;
3650 case 0xd: /* Features */
3651 ide_ioport_write(s->ide, 0x1, value);
3653 case 0xe: /* Device Control */
3655 if (value & CTRL_SRST)
3657 md_interrupt_update(s);
3660 if (s->stat & STAT_PWRDWN) {
3661 s->pins |= PINS_CRDY;
3662 s->stat &= ~STAT_PWRDWN;
3664 ide_ioport_write(s->ide, at, value);
3668 static void md_save(QEMUFile *f, void *opaque)
3670 struct md_s *s = (struct md_s *) opaque;
3672 uint8_t drive1_selected;
3674 qemu_put_8s(f, &s->opt);
3675 qemu_put_8s(f, &s->stat);
3676 qemu_put_8s(f, &s->pins);
3678 qemu_put_8s(f, &s->ctrl);
3679 qemu_put_be16s(f, &s->io);
3680 qemu_put_byte(f, s->cycle);
3682 drive1_selected = (s->ide->cur_drive != s->ide);
3683 qemu_put_8s(f, &s->ide->cmd);
3684 qemu_put_8s(f, &drive1_selected);
3686 for (i = 0; i < 2; i ++)
3687 ide_save(f, &s->ide[i]);
3690 static int md_load(QEMUFile *f, void *opaque, int version_id)
3692 struct md_s *s = (struct md_s *) opaque;
3694 uint8_t drive1_selected;
3696 qemu_get_8s(f, &s->opt);
3697 qemu_get_8s(f, &s->stat);
3698 qemu_get_8s(f, &s->pins);
3700 qemu_get_8s(f, &s->ctrl);
3701 qemu_get_be16s(f, &s->io);
3702 s->cycle = qemu_get_byte(f);
3704 qemu_get_8s(f, &s->ide->cmd);
3705 qemu_get_8s(f, &drive1_selected);
3706 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3708 for (i = 0; i < 2; i ++)
3709 ide_load(f, &s->ide[i]);
3714 static const uint8_t dscm1xxxx_cis[0x14a] = {
3715 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3716 [0x002] = 0x03, /* Tuple length = 4 bytes */
3717 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3718 [0x006] = 0x01, /* Size = 2K bytes */
3719 [0x008] = CISTPL_ENDMARK,
3721 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3722 [0x00c] = 0x04, /* Tuple length = 4 byest */
3723 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3724 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3725 [0x012] = 0x01, /* Size = 2K bytes */
3726 [0x014] = CISTPL_ENDMARK,
3728 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3729 [0x018] = 0x02, /* Tuple length = 2 bytes */
3730 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3733 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3734 [0x020] = 0x04, /* Tuple length = 4 bytes */
3735 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3737 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3740 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3741 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3742 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3743 [0x030] = 0x01, /* Minor Version = 1 */
3759 [0x050] = CISTPL_ENDMARK,
3761 [0x052] = CISTPL_FUNCID, /* Function ID */
3762 [0x054] = 0x02, /* Tuple length = 2 bytes */
3763 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3764 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3766 [0x05a] = CISTPL_FUNCE, /* Function Extension */
3767 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3768 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3769 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3771 [0x062] = CISTPL_FUNCE, /* Function Extension */
3772 [0x064] = 0x03, /* Tuple length = 3 bytes */
3773 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3774 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3775 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3777 [0x06c] = CISTPL_CONFIG, /* Configuration */
3778 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3779 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3780 [0x072] = 0x07, /* TPCC_LAST = 7 */
3781 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3783 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3785 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3786 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3787 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3788 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3789 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3790 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3791 [0x086] = 0x55, /* NomV: 5.0 V */
3792 [0x088] = 0x4d, /* MinV: 4.5 V */
3793 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3794 [0x08c] = 0x4e, /* Peakl: 450 mA */
3795 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3796 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3797 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3799 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3800 [0x096] = 0x06, /* Tuple length = 6 bytes */
3801 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3802 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3803 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3804 [0x09e] = 0xb5, /* NomV: 3.3 V */
3806 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3808 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3809 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3810 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3811 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3812 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3813 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3814 [0x0b0] = 0x55, /* NomV: 5.0 V */
3815 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3816 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3817 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3818 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3819 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3820 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3821 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3822 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3824 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3825 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3826 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3827 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3828 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3829 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3831 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3833 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3834 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3835 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3836 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3837 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3838 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3839 [0x0de] = 0x55, /* NomV: 5.0 V */
3840 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3841 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3842 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3843 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3844 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3845 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3847 [0x0ee] = 0x07, /* Address block length = 8 */
3848 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3850 [0x0f4] = 0x01, /* Address block length = 2 */
3851 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3852 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3854 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3855 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3856 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3857 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3858 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3859 [0x104] = 0xb5, /* NomV: 3.3 V */
3861 [0x108] = 0x3e, /* Peakl: 350 mA */
3863 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3864 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3865 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3866 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3867 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3868 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3869 [0x116] = 0x55, /* NomV: 5.0 V */
3870 [0x118] = 0x4d, /* MinV: 4.5 V */
3871 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3872 [0x11c] = 0x4e, /* Peakl: 450 mA */
3873 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3874 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3875 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3877 [0x126] = 0x07, /* Address block length = 8 */
3878 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3880 [0x12c] = 0x01, /* Address block length = 2 */
3881 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3882 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3884 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3885 [0x134] = 0x06, /* Tuple length = 6 bytes */
3886 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3887 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3888 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3889 [0x13c] = 0xb5, /* NomV: 3.3 V */
3891 [0x140] = 0x3e, /* Peakl: 350 mA */
3893 [0x142] = CISTPL_NO_LINK, /* No Link */
3894 [0x144] = 0x00, /* Tuple length = 0 bytes */
3896 [0x146] = CISTPL_END, /* Tuple End */
3899 static int dscm1xxxx_attach(void *opaque)
3901 struct md_s *md = (struct md_s *) opaque;
3902 md->card.attr_read = md_attr_read;
3903 md->card.attr_write = md_attr_write;
3904 md->card.common_read = md_common_read;
3905 md->card.common_write = md_common_write;
3906 md->card.io_read = md_common_read;
3907 md->card.io_write = md_common_write;
3909 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
3913 md_interrupt_update(md);
3915 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
3919 static int dscm1xxxx_detach(void *opaque)
3921 struct md_s *md = (struct md_s *) opaque;
3926 struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
3928 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
3929 md->card.state = md;
3930 md->card.attach = dscm1xxxx_attach;
3931 md->card.detach = dscm1xxxx_detach;
3932 md->card.cis = dscm1xxxx_cis;
3933 md->card.cis_len = sizeof(dscm1xxxx_cis);
3935 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
3937 md->ide->mdata_size = METADATA_SIZE;
3938 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
3940 register_savevm("microdrive", -1, 0, md_save, md_load, md);
projects / qemu / blob