2 * QEMU IDE disk and CD-ROM Emulator
4 * Copyright (c) 2003 Fabrice Bellard
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
26 /* debug IDE devices */
28 //#define DEBUG_IDE_ATAPI
32 /* Bits of HD_STATUS */
34 #define INDEX_STAT 0x02
35 #define ECC_STAT 0x04 /* Corrected error */
37 #define SEEK_STAT 0x10
39 #define WRERR_STAT 0x20
40 #define READY_STAT 0x40
41 #define BUSY_STAT 0x80
43 /* Bits for HD_ERROR */
44 #define MARK_ERR 0x01 /* Bad address mark */
45 #define TRK0_ERR 0x02 /* couldn't find track 0 */
46 #define ABRT_ERR 0x04 /* Command aborted */
47 #define MCR_ERR 0x08 /* media change request */
48 #define ID_ERR 0x10 /* ID field not found */
49 #define MC_ERR 0x20 /* media changed */
50 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
51 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
52 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
54 /* Bits of HD_NSECTOR */
60 #define IDE_CMD_RESET 0x04
61 #define IDE_CMD_DISABLE_IRQ 0x02
63 /* ATA/ATAPI Commands pre T13 Spec */
68 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
72 #define WIN_SRST 0x08 /* ATAPI soft reset command */
73 #define WIN_DEVICE_RESET 0x08
77 #define WIN_RECAL 0x10
78 #define WIN_RESTORE WIN_RECAL
82 #define WIN_READ 0x20 /* 28-Bit */
83 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
84 #define WIN_READ_LONG 0x22 /* 28-Bit */
85 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
86 #define WIN_READ_EXT 0x24 /* 48-Bit */
87 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
88 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
89 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
93 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
97 #define WIN_WRITE 0x30 /* 28-Bit */
98 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
99 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
100 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
101 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
102 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
103 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
104 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
105 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
106 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
108 * 0x3A->0x3B Reserved
110 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
112 * 0x3D->0x3F Reserved
114 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
115 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
116 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
118 * 0x43->0x4F Reserved
120 #define WIN_FORMAT 0x50
122 * 0x51->0x5F Reserved
124 #define WIN_INIT 0x60
126 * 0x61->0x5F Reserved
128 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
129 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
130 #define WIN_DIAGNOSE 0x90
131 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
132 #define WIN_DOWNLOAD_MICROCODE 0x92
133 #define WIN_STANDBYNOW2 0x94
134 #define WIN_STANDBY2 0x96
135 #define WIN_SETIDLE2 0x97
136 #define WIN_CHECKPOWERMODE2 0x98
137 #define WIN_SLEEPNOW2 0x99
141 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
142 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
143 #define WIN_QUEUED_SERVICE 0xA2
144 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
145 #define CFA_ERASE_SECTORS 0xC0
146 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
147 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
148 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
149 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
150 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
151 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
152 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
153 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
154 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
155 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
156 #define WIN_GETMEDIASTATUS 0xDA
157 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
158 #define WIN_POSTBOOT 0xDC
159 #define WIN_PREBOOT 0xDD
160 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
161 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
162 #define WIN_STANDBYNOW1 0xE0
163 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
164 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
165 #define WIN_SETIDLE1 0xE3
166 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
167 #define WIN_CHECKPOWERMODE1 0xE5
168 #define WIN_SLEEPNOW1 0xE6
169 #define WIN_FLUSH_CACHE 0xE7
170 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
171 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
172 /* SET_FEATURES 0x22 or 0xDD */
173 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
174 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
175 #define WIN_MEDIAEJECT 0xED
176 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
177 #define WIN_SETFEATURES 0xEF /* set special drive features */
178 #define EXABYTE_ENABLE_NEST 0xF0
179 #define WIN_SECURITY_SET_PASS 0xF1
180 #define WIN_SECURITY_UNLOCK 0xF2
181 #define WIN_SECURITY_ERASE_PREPARE 0xF3
182 #define WIN_SECURITY_ERASE_UNIT 0xF4
183 #define WIN_SECURITY_FREEZE_LOCK 0xF5
184 #define WIN_SECURITY_DISABLE 0xF6
185 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
186 #define WIN_SET_MAX 0xF9
187 #define DISABLE_SEAGATE 0xFB
189 /* set to 1 set disable mult support */
190 #define MAX_MULT_SECTORS 16
194 #define ATAPI_PACKET_SIZE 12
196 /* The generic packet command opcodes for CD/DVD Logical Units,
197 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
198 #define GPCMD_BLANK 0xa1
199 #define GPCMD_CLOSE_TRACK 0x5b
200 #define GPCMD_FLUSH_CACHE 0x35
201 #define GPCMD_FORMAT_UNIT 0x04
202 #define GPCMD_GET_CONFIGURATION 0x46
203 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
204 #define GPCMD_GET_PERFORMANCE 0xac
205 #define GPCMD_INQUIRY 0x12
206 #define GPCMD_LOAD_UNLOAD 0xa6
207 #define GPCMD_MECHANISM_STATUS 0xbd
208 #define GPCMD_MODE_SELECT_10 0x55
209 #define GPCMD_MODE_SENSE_10 0x5a
210 #define GPCMD_PAUSE_RESUME 0x4b
211 #define GPCMD_PLAY_AUDIO_10 0x45
212 #define GPCMD_PLAY_AUDIO_MSF 0x47
213 #define GPCMD_PLAY_AUDIO_TI 0x48
214 #define GPCMD_PLAY_CD 0xbc
215 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
216 #define GPCMD_READ_10 0x28
217 #define GPCMD_READ_12 0xa8
218 #define GPCMD_READ_CDVD_CAPACITY 0x25
219 #define GPCMD_READ_CD 0xbe
220 #define GPCMD_READ_CD_MSF 0xb9
221 #define GPCMD_READ_DISC_INFO 0x51
222 #define GPCMD_READ_DVD_STRUCTURE 0xad
223 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
224 #define GPCMD_READ_HEADER 0x44
225 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
226 #define GPCMD_READ_SUBCHANNEL 0x42
227 #define GPCMD_READ_TOC_PMA_ATIP 0x43
228 #define GPCMD_REPAIR_RZONE_TRACK 0x58
229 #define GPCMD_REPORT_KEY 0xa4
230 #define GPCMD_REQUEST_SENSE 0x03
231 #define GPCMD_RESERVE_RZONE_TRACK 0x53
232 #define GPCMD_SCAN 0xba
233 #define GPCMD_SEEK 0x2b
234 #define GPCMD_SEND_DVD_STRUCTURE 0xad
235 #define GPCMD_SEND_EVENT 0xa2
236 #define GPCMD_SEND_KEY 0xa3
237 #define GPCMD_SEND_OPC 0x54
238 #define GPCMD_SET_READ_AHEAD 0xa7
239 #define GPCMD_SET_STREAMING 0xb6
240 #define GPCMD_START_STOP_UNIT 0x1b
241 #define GPCMD_STOP_PLAY_SCAN 0x4e
242 #define GPCMD_TEST_UNIT_READY 0x00
243 #define GPCMD_VERIFY_10 0x2f
244 #define GPCMD_WRITE_10 0x2a
245 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
246 /* This is listed as optional in ATAPI 2.6, but is (curiously)
247 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
248 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
249 * drives support it. */
250 #define GPCMD_SET_SPEED 0xbb
251 /* This seems to be a SCSI specific CD-ROM opcode
252 * to play data at track/index */
253 #define GPCMD_PLAYAUDIO_TI 0x48
255 * From MS Media Status Notification Support Specification. For
258 #define GPCMD_GET_MEDIA_STATUS 0xda
260 /* Mode page codes for mode sense/set */
261 #define GPMODE_R_W_ERROR_PAGE 0x01
262 #define GPMODE_WRITE_PARMS_PAGE 0x05
263 #define GPMODE_AUDIO_CTL_PAGE 0x0e
264 #define GPMODE_POWER_PAGE 0x1a
265 #define GPMODE_FAULT_FAIL_PAGE 0x1c
266 #define GPMODE_TO_PROTECT_PAGE 0x1d
267 #define GPMODE_CAPABILITIES_PAGE 0x2a
268 #define GPMODE_ALL_PAGES 0x3f
269 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
270 * of MODE_SENSE_POWER_PAGE */
271 #define GPMODE_CDROM_PAGE 0x0d
273 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
274 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
275 #define ATAPI_INT_REASON_REL 0x04
276 #define ATAPI_INT_REASON_TAG 0xf8
278 /* same constants as bochs */
279 #define ASC_ILLEGAL_OPCODE 0x20
280 #define ASC_LOGICAL_BLOCK_OOR 0x21
281 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
282 #define ASC_MEDIUM_NOT_PRESENT 0x3a
283 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
286 #define SENSE_NOT_READY 2
287 #define SENSE_ILLEGAL_REQUEST 5
288 #define SENSE_UNIT_ATTENTION 6
292 typedef void EndTransferFunc(struct IDEState *);
294 /* NOTE: IDEState represents in fact one drive */
295 typedef struct IDEState {
298 int cylinders, heads, sectors;
302 uint16_t identify_data[256];
307 struct BMDMAState *bmdma;
316 /* other part of tf for lba48 support */
326 /* 0x3f6 command, only meaningful for drive 0 */
328 /* set for lba48 access */
330 /* depends on bit 4 in select, only meaningful for drive 0 */
331 struct IDEState *cur_drive;
332 BlockDriverState *bs;
336 int packet_transfer_size;
337 int elementary_transfer_size;
341 int atapi_dma; /* true if dma is requested for the packet cmd */
344 /* PIO transfer handling */
345 int req_nb_sectors; /* number of sectors per interrupt */
346 EndTransferFunc *end_transfer_func;
349 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
350 QEMUTimer *sector_write_timer; /* only used for win2k instal hack */
351 uint32_t irq_count; /* counts IRQs when using win2k install hack */
354 #define BM_STATUS_DMAING 0x01
355 #define BM_STATUS_ERROR 0x02
356 #define BM_STATUS_INT 0x04
358 #define BM_CMD_START 0x01
359 #define BM_CMD_READ 0x08
361 #define IDE_TYPE_PIIX3 0
362 #define IDE_TYPE_CMD646 1
364 /* CMD646 specific */
366 #define MRDMODE_INTR_CH0 0x04
367 #define MRDMODE_INTR_CH1 0x08
368 #define MRDMODE_BLK_CH0 0x10
369 #define MRDMODE_BLK_CH1 0x20
370 #define UDIDETCR0 0x73
371 #define UDIDETCR1 0x7B
373 typedef struct BMDMAState {
378 struct PCIIDEState *pci_dev;
379 /* current transfer state */
381 uint32_t cur_prd_last;
382 uint32_t cur_prd_addr;
383 uint32_t cur_prd_len;
385 BlockDriverCompletionFunc *dma_cb;
386 BlockDriverAIOCB *aiocb;
389 typedef struct PCIIDEState {
393 int type; /* see IDE_TYPE_xxx */
396 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
398 static void padstr(char *str, const char *src, int len)
401 for(i = 0; i < len; i++) {
406 *(char *)((long)str ^ 1) = v;
411 static void padstr8(uint8_t *buf, int buf_size, const char *src)
414 for(i = 0; i < buf_size; i++) {
422 static void put_le16(uint16_t *p, unsigned int v)
427 static void ide_identify(IDEState *s)
430 unsigned int oldsize;
433 if (s->identify_set) {
434 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
438 memset(s->io_buffer, 0, 512);
439 p = (uint16_t *)s->io_buffer;
440 put_le16(p + 0, 0x0040);
441 put_le16(p + 1, s->cylinders);
442 put_le16(p + 3, s->heads);
443 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
444 put_le16(p + 5, 512); /* XXX: retired, remove ? */
445 put_le16(p + 6, s->sectors);
446 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
447 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
448 put_le16(p + 20, 3); /* XXX: retired, remove ? */
449 put_le16(p + 21, 512); /* cache size in sectors */
450 put_le16(p + 22, 4); /* ecc bytes */
451 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
452 padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
453 #if MAX_MULT_SECTORS > 1
454 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
456 put_le16(p + 48, 1); /* dword I/O */
457 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
458 put_le16(p + 51, 0x200); /* PIO transfer cycle */
459 put_le16(p + 52, 0x200); /* DMA transfer cycle */
460 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
461 put_le16(p + 54, s->cylinders);
462 put_le16(p + 55, s->heads);
463 put_le16(p + 56, s->sectors);
464 oldsize = s->cylinders * s->heads * s->sectors;
465 put_le16(p + 57, oldsize);
466 put_le16(p + 58, oldsize >> 16);
468 put_le16(p + 59, 0x100 | s->mult_sectors);
469 put_le16(p + 60, s->nb_sectors);
470 put_le16(p + 61, s->nb_sectors >> 16);
471 put_le16(p + 63, 0x07); /* mdma0-2 supported */
472 put_le16(p + 65, 120);
473 put_le16(p + 66, 120);
474 put_le16(p + 67, 120);
475 put_le16(p + 68, 120);
476 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
477 put_le16(p + 81, 0x16); /* conforms to ata5 */
478 put_le16(p + 82, (1 << 14));
479 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
480 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
481 put_le16(p + 84, (1 << 14));
482 put_le16(p + 85, (1 << 14));
483 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
484 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
485 put_le16(p + 87, (1 << 14));
486 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
487 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
488 put_le16(p + 100, s->nb_sectors);
489 put_le16(p + 101, s->nb_sectors >> 16);
490 put_le16(p + 102, s->nb_sectors >> 32);
491 put_le16(p + 103, s->nb_sectors >> 48);
493 memcpy(s->identify_data, p, sizeof(s->identify_data));
497 static void ide_atapi_identify(IDEState *s)
502 if (s->identify_set) {
503 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
507 memset(s->io_buffer, 0, 512);
508 p = (uint16_t *)s->io_buffer;
509 /* Removable CDROM, 50us response, 12 byte packets */
510 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
511 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
512 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
513 put_le16(p + 20, 3); /* buffer type */
514 put_le16(p + 21, 512); /* cache size in sectors */
515 put_le16(p + 22, 4); /* ecc bytes */
516 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
517 padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
518 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
520 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
521 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
522 put_le16(p + 63, 7); /* mdma0-2 supported */
523 put_le16(p + 64, 0x3f); /* PIO modes supported */
525 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
526 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
527 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
528 put_le16(p + 64, 1); /* PIO modes */
530 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
531 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
532 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
533 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
535 put_le16(p + 71, 30); /* in ns */
536 put_le16(p + 72, 30); /* in ns */
538 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
540 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
542 memcpy(s->identify_data, p, sizeof(s->identify_data));
546 static void ide_set_signature(IDEState *s)
548 s->select &= 0xf0; /* clear head */
564 static inline void ide_abort_command(IDEState *s)
566 s->status = READY_STAT | ERR_STAT;
570 static inline void ide_set_irq(IDEState *s)
572 BMDMAState *bm = s->bmdma;
573 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
575 bm->status |= BM_STATUS_INT;
577 s->set_irq(s->irq_opaque, s->irq, 1);
581 /* prepare data transfer and tell what to do after */
582 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
583 EndTransferFunc *end_transfer_func)
585 s->end_transfer_func = end_transfer_func;
587 s->data_end = buf + size;
588 s->status |= DRQ_STAT;
591 static void ide_transfer_stop(IDEState *s)
593 s->end_transfer_func = ide_transfer_stop;
594 s->data_ptr = s->io_buffer;
595 s->data_end = s->io_buffer;
596 s->status &= ~DRQ_STAT;
599 static int64_t ide_get_sector(IDEState *s)
602 if (s->select & 0x40) {
605 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
606 (s->lcyl << 8) | s->sector;
608 sector_num = ((int64_t)s->hob_hcyl << 40) |
609 ((int64_t) s->hob_lcyl << 32) |
610 ((int64_t) s->hob_sector << 24) |
611 ((int64_t) s->hcyl << 16) |
612 ((int64_t) s->lcyl << 8) | s->sector;
615 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
616 (s->select & 0x0f) * s->sectors + (s->sector - 1);
621 static void ide_set_sector(IDEState *s, int64_t sector_num)
624 if (s->select & 0x40) {
626 s->select = (s->select & 0xf0) | (sector_num >> 24);
627 s->hcyl = (sector_num >> 16);
628 s->lcyl = (sector_num >> 8);
629 s->sector = (sector_num);
631 s->sector = sector_num;
632 s->lcyl = sector_num >> 8;
633 s->hcyl = sector_num >> 16;
634 s->hob_sector = sector_num >> 24;
635 s->hob_lcyl = sector_num >> 32;
636 s->hob_hcyl = sector_num >> 40;
639 cyl = sector_num / (s->heads * s->sectors);
640 r = sector_num % (s->heads * s->sectors);
643 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
644 s->sector = (r % s->sectors) + 1;
648 static void ide_sector_read(IDEState *s)
653 s->status = READY_STAT | SEEK_STAT;
654 s->error = 0; /* not needed by IDE spec, but needed by Windows */
655 sector_num = ide_get_sector(s);
658 /* no more sector to read from disk */
659 ide_transfer_stop(s);
661 #if defined(DEBUG_IDE)
662 printf("read sector=%Ld\n", sector_num);
664 if (n > s->req_nb_sectors)
665 n = s->req_nb_sectors;
666 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
667 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
669 ide_set_sector(s, sector_num + n);
674 /* return 0 if buffer completed */
675 static int dma_buf_rw(BMDMAState *bm, int is_write)
677 IDEState *s = bm->ide_if;
685 l = s->io_buffer_size - s->io_buffer_index;
688 if (bm->cur_prd_len == 0) {
689 /* end of table (with a fail safe of one page) */
690 if (bm->cur_prd_last ||
691 (bm->cur_addr - bm->addr) >= 4096)
693 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
695 prd.addr = le32_to_cpu(prd.addr);
696 prd.size = le32_to_cpu(prd.size);
697 len = prd.size & 0xfffe;
700 bm->cur_prd_len = len;
701 bm->cur_prd_addr = prd.addr;
702 bm->cur_prd_last = (prd.size & 0x80000000);
704 if (l > bm->cur_prd_len)
708 cpu_physical_memory_write(bm->cur_prd_addr,
709 s->io_buffer + s->io_buffer_index, l);
711 cpu_physical_memory_read(bm->cur_prd_addr,
712 s->io_buffer + s->io_buffer_index, l);
714 bm->cur_prd_addr += l;
715 bm->cur_prd_len -= l;
716 s->io_buffer_index += l;
722 /* XXX: handle errors */
723 static void ide_read_dma_cb(void *opaque, int ret)
725 BMDMAState *bm = opaque;
726 IDEState *s = bm->ide_if;
730 n = s->io_buffer_size >> 9;
731 sector_num = ide_get_sector(s);
734 ide_set_sector(s, sector_num);
736 if (dma_buf_rw(bm, 1) == 0)
740 /* end of transfer ? */
741 if (s->nsector == 0) {
742 s->status = READY_STAT | SEEK_STAT;
745 bm->status &= ~BM_STATUS_DMAING;
746 bm->status |= BM_STATUS_INT;
753 /* launch next transfer */
755 if (n > MAX_MULT_SECTORS)
756 n = MAX_MULT_SECTORS;
757 s->io_buffer_index = 0;
758 s->io_buffer_size = n * 512;
760 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
762 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
763 ide_read_dma_cb, bm);
766 static void ide_sector_read_dma(IDEState *s)
768 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
769 s->io_buffer_index = 0;
770 s->io_buffer_size = 0;
771 ide_dma_start(s, ide_read_dma_cb);
774 static void ide_sector_write_timer_cb(void *opaque)
776 IDEState *s = opaque;
780 static void ide_sector_write(IDEState *s)
785 s->status = READY_STAT | SEEK_STAT;
786 sector_num = ide_get_sector(s);
787 #if defined(DEBUG_IDE)
788 printf("write sector=%Ld\n", sector_num);
791 if (n > s->req_nb_sectors)
792 n = s->req_nb_sectors;
793 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
795 if (s->nsector == 0) {
796 /* no more sector to write */
797 ide_transfer_stop(s);
800 if (n1 > s->req_nb_sectors)
801 n1 = s->req_nb_sectors;
802 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
804 ide_set_sector(s, sector_num + n);
807 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
808 /* It seems there is a bug in the Windows 2000 installer HDD
809 IDE driver which fills the disk with empty logs when the
810 IDE write IRQ comes too early. This hack tries to correct
811 that at the expense of slower write performances. Use this
812 option _only_ to install Windows 2000. You must disable it
814 qemu_mod_timer(s->sector_write_timer,
815 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
823 /* XXX: handle errors */
824 static void ide_write_dma_cb(void *opaque, int ret)
826 BMDMAState *bm = opaque;
827 IDEState *s = bm->ide_if;
831 n = s->io_buffer_size >> 9;
832 sector_num = ide_get_sector(s);
835 ide_set_sector(s, sector_num);
839 /* end of transfer ? */
840 if (s->nsector == 0) {
841 s->status = READY_STAT | SEEK_STAT;
844 bm->status &= ~BM_STATUS_DMAING;
845 bm->status |= BM_STATUS_INT;
852 /* launch next transfer */
854 if (n > MAX_MULT_SECTORS)
855 n = MAX_MULT_SECTORS;
856 s->io_buffer_index = 0;
857 s->io_buffer_size = n * 512;
859 if (dma_buf_rw(bm, 0) == 0)
862 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
864 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
865 ide_write_dma_cb, bm);
868 static void ide_sector_write_dma(IDEState *s)
870 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
871 s->io_buffer_index = 0;
872 s->io_buffer_size = 0;
873 ide_dma_start(s, ide_write_dma_cb);
876 static void ide_atapi_cmd_ok(IDEState *s)
879 s->status = READY_STAT;
880 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
884 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
886 #ifdef DEBUG_IDE_ATAPI
887 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
889 s->error = sense_key << 4;
890 s->status = READY_STAT | ERR_STAT;
891 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
892 s->sense_key = sense_key;
897 static inline void cpu_to_ube16(uint8_t *buf, int val)
903 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
911 static inline int ube16_to_cpu(const uint8_t *buf)
913 return (buf[0] << 8) | buf[1];
916 static inline int ube32_to_cpu(const uint8_t *buf)
918 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
921 static void lba_to_msf(uint8_t *buf, int lba)
924 buf[0] = (lba / 75) / 60;
925 buf[1] = (lba / 75) % 60;
929 static void cd_data_to_raw(uint8_t *buf, int lba)
933 memset(buf + 1, 0xff, 10);
937 lba_to_msf(buf, lba);
938 buf[3] = 0x01; /* mode 1 data */
942 /* XXX: ECC not computed */
946 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
951 switch(sector_size) {
953 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
956 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
959 cd_data_to_raw(buf, lba);
968 static void ide_atapi_io_error(IDEState *s, int ret)
970 /* XXX: handle more errors */
971 if (ret == -ENOMEDIUM) {
972 ide_atapi_cmd_error(s, SENSE_NOT_READY,
973 ASC_MEDIUM_NOT_PRESENT);
975 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
976 ASC_LOGICAL_BLOCK_OOR);
980 /* The whole ATAPI transfer logic is handled in this function */
981 static void ide_atapi_cmd_reply_end(IDEState *s)
983 int byte_count_limit, size, ret;
984 #ifdef DEBUG_IDE_ATAPI
985 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
986 s->packet_transfer_size,
987 s->elementary_transfer_size,
990 if (s->packet_transfer_size <= 0) {
991 /* end of transfer */
992 ide_transfer_stop(s);
993 s->status = READY_STAT;
994 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
996 #ifdef DEBUG_IDE_ATAPI
997 printf("status=0x%x\n", s->status);
1000 /* see if a new sector must be read */
1001 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1002 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1004 ide_transfer_stop(s);
1005 ide_atapi_io_error(s, ret);
1009 s->io_buffer_index = 0;
1011 if (s->elementary_transfer_size > 0) {
1012 /* there are some data left to transmit in this elementary
1014 size = s->cd_sector_size - s->io_buffer_index;
1015 if (size > s->elementary_transfer_size)
1016 size = s->elementary_transfer_size;
1017 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1018 size, ide_atapi_cmd_reply_end);
1019 s->packet_transfer_size -= size;
1020 s->elementary_transfer_size -= size;
1021 s->io_buffer_index += size;
1023 /* a new transfer is needed */
1024 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1025 byte_count_limit = s->lcyl | (s->hcyl << 8);
1026 #ifdef DEBUG_IDE_ATAPI
1027 printf("byte_count_limit=%d\n", byte_count_limit);
1029 if (byte_count_limit == 0xffff)
1031 size = s->packet_transfer_size;
1032 if (size > byte_count_limit) {
1033 /* byte count limit must be even if this case */
1034 if (byte_count_limit & 1)
1036 size = byte_count_limit;
1039 s->hcyl = size >> 8;
1040 s->elementary_transfer_size = size;
1041 /* we cannot transmit more than one sector at a time */
1043 if (size > (s->cd_sector_size - s->io_buffer_index))
1044 size = (s->cd_sector_size - s->io_buffer_index);
1046 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1047 size, ide_atapi_cmd_reply_end);
1048 s->packet_transfer_size -= size;
1049 s->elementary_transfer_size -= size;
1050 s->io_buffer_index += size;
1052 #ifdef DEBUG_IDE_ATAPI
1053 printf("status=0x%x\n", s->status);
1059 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1060 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1062 if (size > max_size)
1064 s->lba = -1; /* no sector read */
1065 s->packet_transfer_size = size;
1066 s->elementary_transfer_size = 0;
1067 s->io_buffer_index = 0;
1069 s->status = READY_STAT;
1070 ide_atapi_cmd_reply_end(s);
1073 /* start a CD-CDROM read command */
1074 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1078 s->packet_transfer_size = nb_sectors * sector_size;
1079 s->elementary_transfer_size = 0;
1080 s->io_buffer_index = sector_size;
1081 s->cd_sector_size = sector_size;
1083 s->status = READY_STAT;
1084 ide_atapi_cmd_reply_end(s);
1087 /* ATAPI DMA support */
1089 /* XXX: handle read errors */
1090 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1092 BMDMAState *bm = opaque;
1093 IDEState *s = bm->ide_if;
1097 ide_atapi_io_error(s, ret);
1101 if (s->io_buffer_size > 0) {
1102 if (s->cd_sector_size == 2352) {
1104 cd_data_to_raw(s->io_buffer, s->lba);
1106 n = s->io_buffer_size >> 11;
1108 s->packet_transfer_size -= s->io_buffer_size;
1110 if (dma_buf_rw(bm, 1) == 0)
1114 if (s->packet_transfer_size <= 0) {
1115 s->status = READY_STAT;
1116 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1119 bm->status &= ~BM_STATUS_DMAING;
1120 bm->status |= BM_STATUS_INT;
1127 s->io_buffer_index = 0;
1128 if (s->cd_sector_size == 2352) {
1130 s->io_buffer_size = s->cd_sector_size;
1133 n = s->packet_transfer_size >> 11;
1134 if (n > (MAX_MULT_SECTORS / 4))
1135 n = (MAX_MULT_SECTORS / 4);
1136 s->io_buffer_size = n * 2048;
1140 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1142 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1143 s->io_buffer + data_offset, n * 4,
1144 ide_atapi_cmd_read_dma_cb, bm);
1146 /* Note: media not present is the most likely case */
1147 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1148 ASC_MEDIUM_NOT_PRESENT);
1153 /* start a CD-CDROM read command with DMA */
1154 /* XXX: test if DMA is available */
1155 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1159 s->packet_transfer_size = nb_sectors * sector_size;
1160 s->io_buffer_index = 0;
1161 s->io_buffer_size = 0;
1162 s->cd_sector_size = sector_size;
1164 /* XXX: check if BUSY_STAT should be set */
1165 s->status = READY_STAT | DRQ_STAT | BUSY_STAT;
1166 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1169 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1172 #ifdef DEBUG_IDE_ATAPI
1173 printf("read: LBA=%d nb_sectors=%d\n", lba, nb_sectors);
1176 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1178 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1182 static void ide_atapi_cmd(IDEState *s)
1184 const uint8_t *packet;
1188 packet = s->io_buffer;
1190 #ifdef DEBUG_IDE_ATAPI
1193 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1194 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1195 printf(" %02x", packet[i]);
1200 switch(s->io_buffer[0]) {
1201 case GPCMD_TEST_UNIT_READY:
1202 if (bdrv_is_inserted(s->bs)) {
1203 ide_atapi_cmd_ok(s);
1205 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1206 ASC_MEDIUM_NOT_PRESENT);
1209 case GPCMD_MODE_SENSE_10:
1212 max_len = ube16_to_cpu(packet + 7);
1213 action = packet[2] >> 6;
1214 code = packet[2] & 0x3f;
1216 case 0: /* current values */
1218 case 0x01: /* error recovery */
1219 cpu_to_ube16(&buf[0], 16 + 6);
1235 ide_atapi_cmd_reply(s, 16, max_len);
1238 cpu_to_ube16(&buf[0], 28 + 6);
1253 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1254 if (bdrv_is_locked(s->bs))
1257 cpu_to_ube16(&buf[16], 706);
1260 cpu_to_ube16(&buf[20], 512);
1261 cpu_to_ube16(&buf[22], 706);
1266 ide_atapi_cmd_reply(s, 28, max_len);
1272 case 1: /* changeable values */
1274 case 2: /* default values */
1277 case 3: /* saved values */
1278 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1279 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1284 case GPCMD_REQUEST_SENSE:
1285 max_len = packet[4];
1287 buf[0] = 0x70 | (1 << 7);
1288 buf[2] = s->sense_key;
1291 ide_atapi_cmd_reply(s, 18, max_len);
1293 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1294 if (bdrv_is_inserted(s->bs)) {
1295 bdrv_set_locked(s->bs, packet[4] & 1);
1296 ide_atapi_cmd_ok(s);
1298 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1299 ASC_MEDIUM_NOT_PRESENT);
1305 int nb_sectors, lba;
1307 if (packet[0] == GPCMD_READ_10)
1308 nb_sectors = ube16_to_cpu(packet + 7);
1310 nb_sectors = ube32_to_cpu(packet + 6);
1311 lba = ube32_to_cpu(packet + 2);
1312 if (nb_sectors == 0) {
1313 ide_atapi_cmd_ok(s);
1316 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1321 int nb_sectors, lba, transfer_request;
1323 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1324 lba = ube32_to_cpu(packet + 2);
1325 if (nb_sectors == 0) {
1326 ide_atapi_cmd_ok(s);
1329 transfer_request = packet[9];
1330 switch(transfer_request & 0xf8) {
1333 ide_atapi_cmd_ok(s);
1337 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1341 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1344 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1345 ASC_INV_FIELD_IN_CMD_PACKET);
1353 int64_t total_sectors;
1355 bdrv_get_geometry(s->bs, &total_sectors);
1356 total_sectors >>= 2;
1357 if (total_sectors <= 0) {
1358 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1359 ASC_MEDIUM_NOT_PRESENT);
1362 lba = ube32_to_cpu(packet + 2);
1363 if (lba >= total_sectors) {
1364 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1365 ASC_LOGICAL_BLOCK_OOR);
1368 ide_atapi_cmd_ok(s);
1371 case GPCMD_START_STOP_UNIT:
1374 start = packet[4] & 1;
1375 eject = (packet[4] >> 1) & 1;
1377 if (eject && !start) {
1378 /* eject the disk */
1379 bdrv_eject(s->bs, 1);
1380 } else if (eject && start) {
1381 /* close the tray */
1382 bdrv_eject(s->bs, 0);
1384 ide_atapi_cmd_ok(s);
1387 case GPCMD_MECHANISM_STATUS:
1389 max_len = ube16_to_cpu(packet + 8);
1390 cpu_to_ube16(buf, 0);
1391 /* no current LBA */
1396 cpu_to_ube16(buf + 6, 0);
1397 ide_atapi_cmd_reply(s, 8, max_len);
1400 case GPCMD_READ_TOC_PMA_ATIP:
1402 int format, msf, start_track, len;
1403 int64_t total_sectors;
1405 bdrv_get_geometry(s->bs, &total_sectors);
1406 total_sectors >>= 2;
1407 if (total_sectors <= 0) {
1408 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1409 ASC_MEDIUM_NOT_PRESENT);
1412 max_len = ube16_to_cpu(packet + 7);
1413 format = packet[9] >> 6;
1414 msf = (packet[1] >> 1) & 1;
1415 start_track = packet[6];
1418 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1421 ide_atapi_cmd_reply(s, len, max_len);
1424 /* multi session : only a single session defined */
1429 ide_atapi_cmd_reply(s, 12, max_len);
1432 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1435 ide_atapi_cmd_reply(s, len, max_len);
1439 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1440 ASC_INV_FIELD_IN_CMD_PACKET);
1445 case GPCMD_READ_CDVD_CAPACITY:
1447 int64_t total_sectors;
1449 bdrv_get_geometry(s->bs, &total_sectors);
1450 total_sectors >>= 2;
1451 if (total_sectors <= 0) {
1452 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1453 ASC_MEDIUM_NOT_PRESENT);
1456 /* NOTE: it is really the number of sectors minus 1 */
1457 cpu_to_ube32(buf, total_sectors - 1);
1458 cpu_to_ube32(buf + 4, 2048);
1459 ide_atapi_cmd_reply(s, 8, 8);
1463 max_len = packet[4];
1464 buf[0] = 0x05; /* CD-ROM */
1465 buf[1] = 0x80; /* removable */
1466 buf[2] = 0x00; /* ISO */
1467 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1468 buf[4] = 31; /* additionnal length */
1469 buf[5] = 0; /* reserved */
1470 buf[6] = 0; /* reserved */
1471 buf[7] = 0; /* reserved */
1472 padstr8(buf + 8, 8, "QEMU");
1473 padstr8(buf + 16, 16, "QEMU CD-ROM");
1474 padstr8(buf + 32, 4, QEMU_VERSION);
1475 ide_atapi_cmd_reply(s, 36, max_len);
1478 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1479 ASC_ILLEGAL_OPCODE);
1484 /* called when the inserted state of the media has changed */
1485 static void cdrom_change_cb(void *opaque)
1487 IDEState *s = opaque;
1490 /* XXX: send interrupt too */
1491 bdrv_get_geometry(s->bs, &nb_sectors);
1492 s->nb_sectors = nb_sectors;
1495 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1499 /* handle the 'magic' 0 nsector count conversion here. to avoid
1500 * fiddling with the rest of the read logic, we just store the
1501 * full sector count in ->nsector and ignore ->hob_nsector from now
1507 if (!s->nsector && !s->hob_nsector)
1510 int lo = s->nsector;
1511 int hi = s->hob_nsector;
1513 s->nsector = (hi << 8) | lo;
1518 static void ide_clear_hob(IDEState *ide_if)
1520 /* any write clears HOB high bit of device control register */
1521 ide_if[0].select &= ~(1 << 7);
1522 ide_if[1].select &= ~(1 << 7);
1525 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1527 IDEState *ide_if = opaque;
1533 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1541 ide_clear_hob(ide_if);
1542 /* NOTE: data is written to the two drives */
1543 ide_if[0].hob_feature = ide_if[0].feature;
1544 ide_if[1].hob_feature = ide_if[1].feature;
1545 ide_if[0].feature = val;
1546 ide_if[1].feature = val;
1549 ide_clear_hob(ide_if);
1550 ide_if[0].hob_nsector = ide_if[0].nsector;
1551 ide_if[1].hob_nsector = ide_if[1].nsector;
1552 ide_if[0].nsector = val;
1553 ide_if[1].nsector = val;
1556 ide_clear_hob(ide_if);
1557 ide_if[0].hob_sector = ide_if[0].sector;
1558 ide_if[1].hob_sector = ide_if[1].sector;
1559 ide_if[0].sector = val;
1560 ide_if[1].sector = val;
1563 ide_clear_hob(ide_if);
1564 ide_if[0].hob_lcyl = ide_if[0].lcyl;
1565 ide_if[1].hob_lcyl = ide_if[1].lcyl;
1566 ide_if[0].lcyl = val;
1567 ide_if[1].lcyl = val;
1570 ide_clear_hob(ide_if);
1571 ide_if[0].hob_hcyl = ide_if[0].hcyl;
1572 ide_if[1].hob_hcyl = ide_if[1].hcyl;
1573 ide_if[0].hcyl = val;
1574 ide_if[1].hcyl = val;
1577 /* FIXME: HOB readback uses bit 7 */
1578 ide_if[0].select = (val & ~0x10) | 0xa0;
1579 ide_if[1].select = (val | 0x10) | 0xa0;
1581 unit = (val >> 4) & 1;
1583 ide_if->cur_drive = s;
1588 #if defined(DEBUG_IDE)
1589 printf("ide: CMD=%02x\n", val);
1591 s = ide_if->cur_drive;
1592 /* ignore commands to non existant slave */
1593 if (s != ide_if && !s->bs)
1598 if (s->bs && !s->is_cdrom) {
1600 s->status = READY_STAT | SEEK_STAT;
1601 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1604 ide_set_signature(s);
1606 ide_abort_command(s);
1613 s->status = READY_STAT | SEEK_STAT;
1617 if (s->nsector > MAX_MULT_SECTORS ||
1619 (s->nsector & (s->nsector - 1)) != 0) {
1620 ide_abort_command(s);
1622 s->mult_sectors = s->nsector;
1623 s->status = READY_STAT;
1627 case WIN_VERIFY_EXT:
1630 case WIN_VERIFY_ONCE:
1631 /* do sector number check ? */
1632 ide_cmd_lba48_transform(s, lba48);
1633 s->status = READY_STAT;
1642 ide_cmd_lba48_transform(s, lba48);
1643 s->req_nb_sectors = 1;
1649 case WIN_WRITE_ONCE:
1650 ide_cmd_lba48_transform(s, lba48);
1652 s->status = SEEK_STAT | READY_STAT;
1653 s->req_nb_sectors = 1;
1654 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1656 case WIN_MULTREAD_EXT:
1659 if (!s->mult_sectors)
1661 ide_cmd_lba48_transform(s, lba48);
1662 s->req_nb_sectors = s->mult_sectors;
1665 case WIN_MULTWRITE_EXT:
1668 if (!s->mult_sectors)
1670 ide_cmd_lba48_transform(s, lba48);
1672 s->status = SEEK_STAT | READY_STAT;
1673 s->req_nb_sectors = s->mult_sectors;
1675 if (n > s->req_nb_sectors)
1676 n = s->req_nb_sectors;
1677 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1679 case WIN_READDMA_EXT:
1682 case WIN_READDMA_ONCE:
1685 ide_cmd_lba48_transform(s, lba48);
1686 ide_sector_read_dma(s);
1688 case WIN_WRITEDMA_EXT:
1691 case WIN_WRITEDMA_ONCE:
1694 ide_cmd_lba48_transform(s, lba48);
1695 ide_sector_write_dma(s);
1697 case WIN_READ_NATIVE_MAX_EXT:
1699 case WIN_READ_NATIVE_MAX:
1700 ide_cmd_lba48_transform(s, lba48);
1701 ide_set_sector(s, s->nb_sectors - 1);
1702 s->status = READY_STAT;
1705 case WIN_CHECKPOWERMODE1:
1706 s->nsector = 0xff; /* device active or idle */
1707 s->status = READY_STAT;
1710 case WIN_SETFEATURES:
1713 /* XXX: valid for CDROM ? */
1714 switch(s->feature) {
1715 case 0x02: /* write cache enable */
1716 case 0x82: /* write cache disable */
1717 case 0xaa: /* read look-ahead enable */
1718 case 0x55: /* read look-ahead disable */
1719 s->status = READY_STAT | SEEK_STAT;
1722 case 0x03: { /* set transfer mode */
1723 uint8_t val = s->nsector & 0x07;
1725 switch (s->nsector >> 3) {
1726 case 0x00: /* pio default */
1727 case 0x01: /* pio mode */
1728 put_le16(s->identify_data + 63,0x07);
1729 put_le16(s->identify_data + 88,0x3f);
1731 case 0x04: /* mdma mode */
1732 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
1733 put_le16(s->identify_data + 88,0x3f);
1735 case 0x08: /* udma mode */
1736 put_le16(s->identify_data + 63,0x07);
1737 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
1742 s->status = READY_STAT | SEEK_STAT;
1750 case WIN_FLUSH_CACHE:
1751 case WIN_FLUSH_CACHE_EXT:
1754 s->status = READY_STAT;
1757 case WIN_STANDBYNOW1:
1758 case WIN_IDLEIMMEDIATE:
1759 s->status = READY_STAT;
1762 /* ATAPI commands */
1765 ide_atapi_identify(s);
1766 s->status = READY_STAT | SEEK_STAT;
1767 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1769 ide_abort_command(s);
1774 ide_set_signature(s);
1775 s->status = 0x00; /* NOTE: READY is _not_ set */
1781 ide_set_signature(s);
1782 s->status = 0x00; /* NOTE: READY is _not_ set */
1788 /* overlapping commands not supported */
1789 if (s->feature & 0x02)
1791 s->atapi_dma = s->feature & 1;
1793 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1798 ide_abort_command(s);
1805 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
1807 IDEState *ide_if = opaque;
1808 IDEState *s = ide_if->cur_drive;
1813 /* FIXME: HOB readback uses bit 7, but it's always set right now */
1814 //hob = s->select & (1 << 7);
1821 if (!ide_if[0].bs && !ide_if[1].bs)
1826 ret = s->hob_feature;
1829 if (!ide_if[0].bs && !ide_if[1].bs)
1832 ret = s->nsector & 0xff;
1834 ret = s->hob_nsector;
1837 if (!ide_if[0].bs && !ide_if[1].bs)
1842 ret = s->hob_sector;
1845 if (!ide_if[0].bs && !ide_if[1].bs)
1853 if (!ide_if[0].bs && !ide_if[1].bs)
1861 if (!ide_if[0].bs && !ide_if[1].bs)
1868 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1869 (s != ide_if && !s->bs))
1873 s->set_irq(s->irq_opaque, s->irq, 0);
1877 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1882 static uint32_t ide_status_read(void *opaque, uint32_t addr)
1884 IDEState *ide_if = opaque;
1885 IDEState *s = ide_if->cur_drive;
1888 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1889 (s != ide_if && !s->bs))
1894 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1899 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
1901 IDEState *ide_if = opaque;
1906 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1908 /* common for both drives */
1909 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
1910 (val & IDE_CMD_RESET)) {
1911 /* reset low to high */
1912 for(i = 0;i < 2; i++) {
1914 s->status = BUSY_STAT | SEEK_STAT;
1917 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
1918 !(val & IDE_CMD_RESET)) {
1920 for(i = 0;i < 2; i++) {
1923 s->status = 0x00; /* NOTE: READY is _not_ set */
1925 s->status = READY_STAT | SEEK_STAT;
1926 ide_set_signature(s);
1930 ide_if[0].cmd = val;
1931 ide_if[1].cmd = val;
1934 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
1936 IDEState *s = ((IDEState *)opaque)->cur_drive;
1940 *(uint16_t *)p = le16_to_cpu(val);
1943 if (p >= s->data_end)
1944 s->end_transfer_func(s);
1947 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
1949 IDEState *s = ((IDEState *)opaque)->cur_drive;
1953 ret = cpu_to_le16(*(uint16_t *)p);
1956 if (p >= s->data_end)
1957 s->end_transfer_func(s);
1961 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
1963 IDEState *s = ((IDEState *)opaque)->cur_drive;
1967 *(uint32_t *)p = le32_to_cpu(val);
1970 if (p >= s->data_end)
1971 s->end_transfer_func(s);
1974 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
1976 IDEState *s = ((IDEState *)opaque)->cur_drive;
1981 ret = cpu_to_le32(*(uint32_t *)p);
1984 if (p >= s->data_end)
1985 s->end_transfer_func(s);
1989 static void ide_dummy_transfer_stop(IDEState *s)
1991 s->data_ptr = s->io_buffer;
1992 s->data_end = s->io_buffer;
1993 s->io_buffer[0] = 0xff;
1994 s->io_buffer[1] = 0xff;
1995 s->io_buffer[2] = 0xff;
1996 s->io_buffer[3] = 0xff;
1999 static void ide_reset(IDEState *s)
2001 s->mult_sectors = MAX_MULT_SECTORS;
2004 s->status = READY_STAT;
2005 ide_set_signature(s);
2006 /* init the transfer handler so that 0xffff is returned on data
2008 s->end_transfer_func = ide_dummy_transfer_stop;
2009 ide_dummy_transfer_stop(s);
2013 uint8_t boot_ind; /* 0x80 - active */
2014 uint8_t head; /* starting head */
2015 uint8_t sector; /* starting sector */
2016 uint8_t cyl; /* starting cylinder */
2017 uint8_t sys_ind; /* What partition type */
2018 uint8_t end_head; /* end head */
2019 uint8_t end_sector; /* end sector */
2020 uint8_t end_cyl; /* end cylinder */
2021 uint32_t start_sect; /* starting sector counting from 0 */
2022 uint32_t nr_sects; /* nr of sectors in partition */
2023 } __attribute__((packed));
2025 /* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
2026 static int guess_disk_lchs(IDEState *s,
2027 int *pcylinders, int *pheads, int *psectors)
2030 int ret, i, heads, sectors, cylinders;
2031 struct partition *p;
2034 ret = bdrv_read(s->bs, 0, buf, 1);
2037 /* test msdos magic */
2038 if (buf[510] != 0x55 || buf[511] != 0xaa)
2040 for(i = 0; i < 4; i++) {
2041 p = ((struct partition *)(buf + 0x1be)) + i;
2042 nr_sects = le32_to_cpu(p->nr_sects);
2043 if (nr_sects && p->end_head) {
2044 /* We make the assumption that the partition terminates on
2045 a cylinder boundary */
2046 heads = p->end_head + 1;
2047 sectors = p->end_sector & 63;
2050 cylinders = s->nb_sectors / (heads * sectors);
2051 if (cylinders < 1 || cylinders > 16383)
2054 *psectors = sectors;
2055 *pcylinders = cylinders;
2057 printf("guessed geometry: LCHS=%d %d %d\n",
2058 cylinders, heads, sectors);
2066 static void ide_init2(IDEState *ide_state,
2067 BlockDriverState *hd0, BlockDriverState *hd1,
2068 SetIRQFunc *set_irq, void *irq_opaque, int irq)
2071 static int drive_serial = 1;
2072 int i, cylinders, heads, secs, translation, lba_detected = 0;
2075 for(i = 0; i < 2; i++) {
2082 bdrv_get_geometry(s->bs, &nb_sectors);
2083 s->nb_sectors = nb_sectors;
2084 /* if a geometry hint is available, use it */
2085 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
2086 translation = bdrv_get_translation_hint(s->bs);
2087 if (cylinders != 0) {
2088 s->cylinders = cylinders;
2092 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
2094 /* if heads > 16, it means that a BIOS LBA
2095 translation was active, so the default
2096 hardware geometry is OK */
2098 goto default_geometry;
2100 s->cylinders = cylinders;
2103 /* disable any translation to be in sync with
2104 the logical geometry */
2105 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
2106 bdrv_set_translation_hint(s->bs,
2107 BIOS_ATA_TRANSLATION_NONE);
2112 /* if no geometry, use a standard physical disk geometry */
2113 cylinders = nb_sectors / (16 * 63);
2114 if (cylinders > 16383)
2116 else if (cylinders < 2)
2118 s->cylinders = cylinders;
2121 if ((lba_detected == 1) && (translation == BIOS_ATA_TRANSLATION_AUTO)) {
2122 if ((s->cylinders * s->heads) <= 131072) {
2123 bdrv_set_translation_hint(s->bs,
2124 BIOS_ATA_TRANSLATION_LARGE);
2126 bdrv_set_translation_hint(s->bs,
2127 BIOS_ATA_TRANSLATION_LBA);
2131 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
2133 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2135 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2138 s->drive_serial = drive_serial++;
2139 s->set_irq = set_irq;
2140 s->irq_opaque = irq_opaque;
2142 s->sector_write_timer = qemu_new_timer(vm_clock,
2143 ide_sector_write_timer_cb, s);
2148 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2150 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2151 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2153 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2154 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2158 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2159 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2160 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2161 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2164 /***********************************************************/
2165 /* ISA IDE definitions */
2167 void isa_ide_init(int iobase, int iobase2, int irq,
2168 BlockDriverState *hd0, BlockDriverState *hd1)
2170 IDEState *ide_state;
2172 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2176 ide_init2(ide_state, hd0, hd1, pic_set_irq_new, isa_pic, irq);
2177 ide_init_ioport(ide_state, iobase, iobase2);
2180 /***********************************************************/
2181 /* PCI IDE definitions */
2183 static void cmd646_update_irq(PCIIDEState *d);
2185 static void ide_map(PCIDevice *pci_dev, int region_num,
2186 uint32_t addr, uint32_t size, int type)
2188 PCIIDEState *d = (PCIIDEState *)pci_dev;
2189 IDEState *ide_state;
2191 if (region_num <= 3) {
2192 ide_state = &d->ide_if[(region_num >> 1) * 2];
2193 if (region_num & 1) {
2194 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2195 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2197 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2198 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2201 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2202 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2203 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2204 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2209 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2211 BMDMAState *bm = s->bmdma;
2215 bm->dma_cb = dma_cb;
2216 bm->cur_addr = bm->addr;
2217 bm->cur_prd_last = 0;
2218 bm->cur_prd_addr = 0;
2219 bm->cur_prd_len = 0;
2220 if (bm->status & BM_STATUS_DMAING) {
2225 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2227 BMDMAState *bm = opaque;
2229 printf("%s: 0x%08x\n", __func__, val);
2231 if (!(val & BM_CMD_START)) {
2232 /* XXX: do it better */
2233 if (bm->status & BM_STATUS_DMAING) {
2234 bm->status &= ~BM_STATUS_DMAING;
2235 /* cancel DMA request */
2240 printf("aio_cancel\n");
2242 bdrv_aio_cancel(bm->aiocb);
2246 bm->cmd = val & 0x09;
2248 if (!(bm->status & BM_STATUS_DMAING)) {
2249 bm->status |= BM_STATUS_DMAING;
2250 /* start dma transfer if possible */
2254 bm->cmd = val & 0x09;
2258 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2260 BMDMAState *bm = opaque;
2261 PCIIDEState *pci_dev;
2269 pci_dev = bm->pci_dev;
2270 if (pci_dev->type == IDE_TYPE_CMD646) {
2271 val = pci_dev->dev.config[MRDMODE];
2280 pci_dev = bm->pci_dev;
2281 if (pci_dev->type == IDE_TYPE_CMD646) {
2282 if (bm == &pci_dev->bmdma[0])
2283 val = pci_dev->dev.config[UDIDETCR0];
2285 val = pci_dev->dev.config[UDIDETCR1];
2295 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2300 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2302 BMDMAState *bm = opaque;
2303 PCIIDEState *pci_dev;
2305 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
2309 pci_dev = bm->pci_dev;
2310 if (pci_dev->type == IDE_TYPE_CMD646) {
2311 pci_dev->dev.config[MRDMODE] =
2312 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2313 cmd646_update_irq(pci_dev);
2317 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2320 pci_dev = bm->pci_dev;
2321 if (pci_dev->type == IDE_TYPE_CMD646) {
2322 if (bm == &pci_dev->bmdma[0])
2323 pci_dev->dev.config[UDIDETCR0] = val;
2325 pci_dev->dev.config[UDIDETCR1] = val;
2331 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2333 BMDMAState *bm = opaque;
2337 printf("%s: 0x%08x\n", __func__, val);
2342 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2344 BMDMAState *bm = opaque;
2346 printf("%s: 0x%08x\n", __func__, val);
2348 bm->addr = val & ~3;
2351 static void bmdma_map(PCIDevice *pci_dev, int region_num,
2352 uint32_t addr, uint32_t size, int type)
2354 PCIIDEState *d = (PCIIDEState *)pci_dev;
2357 for(i = 0;i < 2; i++) {
2358 BMDMAState *bm = &d->bmdma[i];
2359 d->ide_if[2 * i].bmdma = bm;
2360 d->ide_if[2 * i + 1].bmdma = bm;
2361 bm->pci_dev = (PCIIDEState *)pci_dev;
2363 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2365 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
2366 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
2368 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2369 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2374 /* XXX: call it also when the MRDMODE is changed from the PCI config
2376 static void cmd646_update_irq(PCIIDEState *d)
2379 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
2380 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
2381 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
2382 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
2383 pci_set_irq((PCIDevice *)d, 0, pci_level);
2386 /* the PCI irq level is the logical OR of the two channels */
2387 static void cmd646_set_irq(void *opaque, int channel, int level)
2389 PCIIDEState *d = opaque;
2392 irq_mask = MRDMODE_INTR_CH0 << channel;
2394 d->dev.config[MRDMODE] |= irq_mask;
2396 d->dev.config[MRDMODE] &= ~irq_mask;
2397 cmd646_update_irq(d);
2400 /* CMD646 PCI IDE controller */
2401 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
2402 int secondary_ide_enabled)
2408 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
2409 sizeof(PCIIDEState),
2412 d->type = IDE_TYPE_CMD646;
2413 pci_conf = d->dev.config;
2414 pci_conf[0x00] = 0x95; // CMD646
2415 pci_conf[0x01] = 0x10;
2416 pci_conf[0x02] = 0x46;
2417 pci_conf[0x03] = 0x06;
2419 pci_conf[0x08] = 0x07; // IDE controller revision
2420 pci_conf[0x09] = 0x8f;
2422 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2423 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2424 pci_conf[0x0e] = 0x00; // header_type
2426 if (secondary_ide_enabled) {
2427 /* XXX: if not enabled, really disable the seconday IDE controller */
2428 pci_conf[0x51] = 0x80; /* enable IDE1 */
2431 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2432 PCI_ADDRESS_SPACE_IO, ide_map);
2433 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2434 PCI_ADDRESS_SPACE_IO, ide_map);
2435 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2436 PCI_ADDRESS_SPACE_IO, ide_map);
2437 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2438 PCI_ADDRESS_SPACE_IO, ide_map);
2439 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2440 PCI_ADDRESS_SPACE_IO, bmdma_map);
2442 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2444 for(i = 0; i < 4; i++)
2445 d->ide_if[i].pci_dev = (PCIDevice *)d;
2446 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1],
2447 cmd646_set_irq, d, 0);
2448 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3],
2449 cmd646_set_irq, d, 1);
2452 static void pci_ide_save(QEMUFile* f, void *opaque)
2454 PCIIDEState *d = opaque;
2457 pci_device_save(&d->dev, f);
2459 for(i = 0; i < 2; i++) {
2460 BMDMAState *bm = &d->bmdma[i];
2461 qemu_put_8s(f, &bm->cmd);
2462 qemu_put_8s(f, &bm->status);
2463 qemu_put_be32s(f, &bm->addr);
2464 /* XXX: if a transfer is pending, we do not save it yet */
2467 /* per IDE interface data */
2468 for(i = 0; i < 2; i++) {
2469 IDEState *s = &d->ide_if[i * 2];
2470 uint8_t drive1_selected;
2471 qemu_put_8s(f, &s->cmd);
2472 drive1_selected = (s->cur_drive != s);
2473 qemu_put_8s(f, &drive1_selected);
2476 /* per IDE drive data */
2477 for(i = 0; i < 4; i++) {
2478 IDEState *s = &d->ide_if[i];
2479 qemu_put_be32s(f, &s->mult_sectors);
2480 qemu_put_be32s(f, &s->identify_set);
2481 if (s->identify_set) {
2482 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2484 qemu_put_8s(f, &s->feature);
2485 qemu_put_8s(f, &s->error);
2486 qemu_put_be32s(f, &s->nsector);
2487 qemu_put_8s(f, &s->sector);
2488 qemu_put_8s(f, &s->lcyl);
2489 qemu_put_8s(f, &s->hcyl);
2490 qemu_put_8s(f, &s->hob_feature);
2491 qemu_put_8s(f, &s->hob_nsector);
2492 qemu_put_8s(f, &s->hob_sector);
2493 qemu_put_8s(f, &s->hob_lcyl);
2494 qemu_put_8s(f, &s->hob_hcyl);
2495 qemu_put_8s(f, &s->select);
2496 qemu_put_8s(f, &s->status);
2497 qemu_put_8s(f, &s->lba48);
2499 qemu_put_8s(f, &s->sense_key);
2500 qemu_put_8s(f, &s->asc);
2501 /* XXX: if a transfer is pending, we do not save it yet */
2505 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
2507 PCIIDEState *d = opaque;
2510 if (version_id != 1)
2512 ret = pci_device_load(&d->dev, f);
2516 for(i = 0; i < 2; i++) {
2517 BMDMAState *bm = &d->bmdma[i];
2518 qemu_get_8s(f, &bm->cmd);
2519 qemu_get_8s(f, &bm->status);
2520 qemu_get_be32s(f, &bm->addr);
2521 /* XXX: if a transfer is pending, we do not save it yet */
2524 /* per IDE interface data */
2525 for(i = 0; i < 2; i++) {
2526 IDEState *s = &d->ide_if[i * 2];
2527 uint8_t drive1_selected;
2528 qemu_get_8s(f, &s->cmd);
2529 qemu_get_8s(f, &drive1_selected);
2530 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
2533 /* per IDE drive data */
2534 for(i = 0; i < 4; i++) {
2535 IDEState *s = &d->ide_if[i];
2536 qemu_get_be32s(f, &s->mult_sectors);
2537 qemu_get_be32s(f, &s->identify_set);
2538 if (s->identify_set) {
2539 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2541 qemu_get_8s(f, &s->feature);
2542 qemu_get_8s(f, &s->error);
2543 qemu_get_be32s(f, &s->nsector);
2544 qemu_get_8s(f, &s->sector);
2545 qemu_get_8s(f, &s->lcyl);
2546 qemu_get_8s(f, &s->hcyl);
2547 qemu_get_8s(f, &s->hob_feature);
2548 qemu_get_8s(f, &s->hob_nsector);
2549 qemu_get_8s(f, &s->hob_sector);
2550 qemu_get_8s(f, &s->hob_lcyl);
2551 qemu_get_8s(f, &s->hob_hcyl);
2552 qemu_get_8s(f, &s->select);
2553 qemu_get_8s(f, &s->status);
2554 qemu_get_8s(f, &s->lba48);
2556 qemu_get_8s(f, &s->sense_key);
2557 qemu_get_8s(f, &s->asc);
2558 /* XXX: if a transfer is pending, we do not save it yet */
2563 /* hd_table must contain 4 block drivers */
2564 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
2565 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn)
2570 /* register a function 1 of PIIX3 */
2571 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2572 sizeof(PCIIDEState),
2575 d->type = IDE_TYPE_PIIX3;
2577 pci_conf = d->dev.config;
2578 pci_conf[0x00] = 0x86; // Intel
2579 pci_conf[0x01] = 0x80;
2580 pci_conf[0x02] = 0x10;
2581 pci_conf[0x03] = 0x70;
2582 pci_conf[0x09] = 0x80; // legacy ATA mode
2583 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2584 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2585 pci_conf[0x0e] = 0x00; // header_type
2587 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2588 PCI_ADDRESS_SPACE_IO, bmdma_map);
2590 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1],
2591 pic_set_irq_new, isa_pic, 14);
2592 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3],
2593 pic_set_irq_new, isa_pic, 15);
2594 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2595 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2597 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
2600 /***********************************************************/
2601 /* MacIO based PowerPC IDE */
2603 /* PowerMac IDE memory IO */
2604 static void pmac_ide_writeb (void *opaque,
2605 target_phys_addr_t addr, uint32_t val)
2607 addr = (addr & 0xFFF) >> 4;
2610 ide_ioport_write(opaque, addr, val);
2614 ide_cmd_write(opaque, 0, val);
2621 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
2625 addr = (addr & 0xFFF) >> 4;
2628 retval = ide_ioport_read(opaque, addr);
2632 retval = ide_status_read(opaque, 0);
2641 static void pmac_ide_writew (void *opaque,
2642 target_phys_addr_t addr, uint32_t val)
2644 addr = (addr & 0xFFF) >> 4;
2645 #ifdef TARGET_WORDS_BIGENDIAN
2649 ide_data_writew(opaque, 0, val);
2653 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
2657 addr = (addr & 0xFFF) >> 4;
2659 retval = ide_data_readw(opaque, 0);
2663 #ifdef TARGET_WORDS_BIGENDIAN
2664 retval = bswap16(retval);
2669 static void pmac_ide_writel (void *opaque,
2670 target_phys_addr_t addr, uint32_t val)
2672 addr = (addr & 0xFFF) >> 4;
2673 #ifdef TARGET_WORDS_BIGENDIAN
2677 ide_data_writel(opaque, 0, val);
2681 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
2685 addr = (addr & 0xFFF) >> 4;
2687 retval = ide_data_readl(opaque, 0);
2689 retval = 0xFFFFFFFF;
2691 #ifdef TARGET_WORDS_BIGENDIAN
2692 retval = bswap32(retval);
2697 static CPUWriteMemoryFunc *pmac_ide_write[] = {
2703 static CPUReadMemoryFunc *pmac_ide_read[] = {
2709 /* hd_table must contain 4 block drivers */
2710 /* PowerMac uses memory mapped registers, not I/O. Return the memory
2711 I/O index to access the ide. */
2712 int pmac_ide_init (BlockDriverState **hd_table,
2713 SetIRQFunc *set_irq, void *irq_opaque, int irq)
2716 int pmac_ide_memory;
2718 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
2719 ide_init2(&ide_if[0], hd_table[0], hd_table[1],
2720 set_irq, irq_opaque, irq);
2722 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
2723 pmac_ide_write, &ide_if[0]);
2724 return pmac_ide_memory;
projects / qemu / blob