2 * QEMU IDE disk and CD-ROM Emulator
4 * Copyright (c) 2003 Fabrice Bellard
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
26 /* debug IDE devices */
28 //#define DEBUG_IDE_ATAPI
32 /* Bits of HD_STATUS */
34 #define INDEX_STAT 0x02
35 #define ECC_STAT 0x04 /* Corrected error */
37 #define SEEK_STAT 0x10
39 #define WRERR_STAT 0x20
40 #define READY_STAT 0x40
41 #define BUSY_STAT 0x80
43 /* Bits for HD_ERROR */
44 #define MARK_ERR 0x01 /* Bad address mark */
45 #define TRK0_ERR 0x02 /* couldn't find track 0 */
46 #define ABRT_ERR 0x04 /* Command aborted */
47 #define MCR_ERR 0x08 /* media change request */
48 #define ID_ERR 0x10 /* ID field not found */
49 #define MC_ERR 0x20 /* media changed */
50 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
51 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
52 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
54 /* Bits of HD_NSECTOR */
60 #define IDE_CMD_RESET 0x04
61 #define IDE_CMD_DISABLE_IRQ 0x02
63 /* ATA/ATAPI Commands pre T13 Spec */
68 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
72 #define WIN_SRST 0x08 /* ATAPI soft reset command */
73 #define WIN_DEVICE_RESET 0x08
77 #define WIN_RECAL 0x10
78 #define WIN_RESTORE WIN_RECAL
82 #define WIN_READ 0x20 /* 28-Bit */
83 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
84 #define WIN_READ_LONG 0x22 /* 28-Bit */
85 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
86 #define WIN_READ_EXT 0x24 /* 48-Bit */
87 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
88 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
89 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
93 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
97 #define WIN_WRITE 0x30 /* 28-Bit */
98 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
99 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
100 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
101 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
102 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
103 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
104 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
105 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
106 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
108 * 0x3A->0x3B Reserved
110 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
112 * 0x3D->0x3F Reserved
114 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
115 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
116 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
118 * 0x43->0x4F Reserved
120 #define WIN_FORMAT 0x50
122 * 0x51->0x5F Reserved
124 #define WIN_INIT 0x60
126 * 0x61->0x5F Reserved
128 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
129 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
130 #define WIN_DIAGNOSE 0x90
131 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
132 #define WIN_DOWNLOAD_MICROCODE 0x92
133 #define WIN_STANDBYNOW2 0x94
134 #define WIN_STANDBY2 0x96
135 #define WIN_SETIDLE2 0x97
136 #define WIN_CHECKPOWERMODE2 0x98
137 #define WIN_SLEEPNOW2 0x99
141 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
142 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
143 #define WIN_QUEUED_SERVICE 0xA2
144 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
145 #define CFA_ERASE_SECTORS 0xC0
146 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
147 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
148 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
149 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
150 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
151 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
152 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
153 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
154 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
155 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
156 #define WIN_GETMEDIASTATUS 0xDA
157 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
158 #define WIN_POSTBOOT 0xDC
159 #define WIN_PREBOOT 0xDD
160 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
161 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
162 #define WIN_STANDBYNOW1 0xE0
163 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
164 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
165 #define WIN_SETIDLE1 0xE3
166 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
167 #define WIN_CHECKPOWERMODE1 0xE5
168 #define WIN_SLEEPNOW1 0xE6
169 #define WIN_FLUSH_CACHE 0xE7
170 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
171 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
172 /* SET_FEATURES 0x22 or 0xDD */
173 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
174 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
175 #define WIN_MEDIAEJECT 0xED
176 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
177 #define WIN_SETFEATURES 0xEF /* set special drive features */
178 #define EXABYTE_ENABLE_NEST 0xF0
179 #define WIN_SECURITY_SET_PASS 0xF1
180 #define WIN_SECURITY_UNLOCK 0xF2
181 #define WIN_SECURITY_ERASE_PREPARE 0xF3
182 #define WIN_SECURITY_ERASE_UNIT 0xF4
183 #define WIN_SECURITY_FREEZE_LOCK 0xF5
184 #define WIN_SECURITY_DISABLE 0xF6
185 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
186 #define WIN_SET_MAX 0xF9
187 #define DISABLE_SEAGATE 0xFB
189 /* set to 1 set disable mult support */
190 #define MAX_MULT_SECTORS 16
194 #define ATAPI_PACKET_SIZE 12
196 /* The generic packet command opcodes for CD/DVD Logical Units,
197 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
198 #define GPCMD_BLANK 0xa1
199 #define GPCMD_CLOSE_TRACK 0x5b
200 #define GPCMD_FLUSH_CACHE 0x35
201 #define GPCMD_FORMAT_UNIT 0x04
202 #define GPCMD_GET_CONFIGURATION 0x46
203 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
204 #define GPCMD_GET_PERFORMANCE 0xac
205 #define GPCMD_INQUIRY 0x12
206 #define GPCMD_LOAD_UNLOAD 0xa6
207 #define GPCMD_MECHANISM_STATUS 0xbd
208 #define GPCMD_MODE_SELECT_10 0x55
209 #define GPCMD_MODE_SENSE_10 0x5a
210 #define GPCMD_PAUSE_RESUME 0x4b
211 #define GPCMD_PLAY_AUDIO_10 0x45
212 #define GPCMD_PLAY_AUDIO_MSF 0x47
213 #define GPCMD_PLAY_AUDIO_TI 0x48
214 #define GPCMD_PLAY_CD 0xbc
215 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
216 #define GPCMD_READ_10 0x28
217 #define GPCMD_READ_12 0xa8
218 #define GPCMD_READ_CDVD_CAPACITY 0x25
219 #define GPCMD_READ_CD 0xbe
220 #define GPCMD_READ_CD_MSF 0xb9
221 #define GPCMD_READ_DISC_INFO 0x51
222 #define GPCMD_READ_DVD_STRUCTURE 0xad
223 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
224 #define GPCMD_READ_HEADER 0x44
225 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
226 #define GPCMD_READ_SUBCHANNEL 0x42
227 #define GPCMD_READ_TOC_PMA_ATIP 0x43
228 #define GPCMD_REPAIR_RZONE_TRACK 0x58
229 #define GPCMD_REPORT_KEY 0xa4
230 #define GPCMD_REQUEST_SENSE 0x03
231 #define GPCMD_RESERVE_RZONE_TRACK 0x53
232 #define GPCMD_SCAN 0xba
233 #define GPCMD_SEEK 0x2b
234 #define GPCMD_SEND_DVD_STRUCTURE 0xad
235 #define GPCMD_SEND_EVENT 0xa2
236 #define GPCMD_SEND_KEY 0xa3
237 #define GPCMD_SEND_OPC 0x54
238 #define GPCMD_SET_READ_AHEAD 0xa7
239 #define GPCMD_SET_STREAMING 0xb6
240 #define GPCMD_START_STOP_UNIT 0x1b
241 #define GPCMD_STOP_PLAY_SCAN 0x4e
242 #define GPCMD_TEST_UNIT_READY 0x00
243 #define GPCMD_VERIFY_10 0x2f
244 #define GPCMD_WRITE_10 0x2a
245 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
246 /* This is listed as optional in ATAPI 2.6, but is (curiously)
247 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
248 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
249 * drives support it. */
250 #define GPCMD_SET_SPEED 0xbb
251 /* This seems to be a SCSI specific CD-ROM opcode
252 * to play data at track/index */
253 #define GPCMD_PLAYAUDIO_TI 0x48
255 * From MS Media Status Notification Support Specification. For
258 #define GPCMD_GET_MEDIA_STATUS 0xda
260 /* Mode page codes for mode sense/set */
261 #define GPMODE_R_W_ERROR_PAGE 0x01
262 #define GPMODE_WRITE_PARMS_PAGE 0x05
263 #define GPMODE_AUDIO_CTL_PAGE 0x0e
264 #define GPMODE_POWER_PAGE 0x1a
265 #define GPMODE_FAULT_FAIL_PAGE 0x1c
266 #define GPMODE_TO_PROTECT_PAGE 0x1d
267 #define GPMODE_CAPABILITIES_PAGE 0x2a
268 #define GPMODE_ALL_PAGES 0x3f
269 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
270 * of MODE_SENSE_POWER_PAGE */
271 #define GPMODE_CDROM_PAGE 0x0d
273 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
274 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
275 #define ATAPI_INT_REASON_REL 0x04
276 #define ATAPI_INT_REASON_TAG 0xf8
278 /* same constants as bochs */
279 #define ASC_ILLEGAL_OPCODE 0x20
280 #define ASC_LOGICAL_BLOCK_OOR 0x21
281 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
282 #define ASC_MEDIUM_NOT_PRESENT 0x3a
283 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
286 #define SENSE_NOT_READY 2
287 #define SENSE_ILLEGAL_REQUEST 5
288 #define SENSE_UNIT_ATTENTION 6
292 typedef void EndTransferFunc(struct IDEState *);
294 /* NOTE: IDEState represents in fact one drive */
295 typedef struct IDEState {
298 int cylinders, heads, sectors;
302 uint16_t identify_data[256];
307 struct BMDMAState *bmdma;
316 /* other part of tf for lba48 support */
326 /* 0x3f6 command, only meaningful for drive 0 */
328 /* set for lba48 access */
330 /* depends on bit 4 in select, only meaningful for drive 0 */
331 struct IDEState *cur_drive;
332 BlockDriverState *bs;
336 int packet_transfer_size;
337 int elementary_transfer_size;
341 int atapi_dma; /* true if dma is requested for the packet cmd */
344 /* PIO transfer handling */
345 int req_nb_sectors; /* number of sectors per interrupt */
346 EndTransferFunc *end_transfer_func;
349 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
350 QEMUTimer *sector_write_timer; /* only used for win2k instal hack */
351 uint32_t irq_count; /* counts IRQs when using win2k install hack */
354 #define BM_STATUS_DMAING 0x01
355 #define BM_STATUS_ERROR 0x02
356 #define BM_STATUS_INT 0x04
358 #define BM_CMD_START 0x01
359 #define BM_CMD_READ 0x08
361 #define IDE_TYPE_PIIX3 0
362 #define IDE_TYPE_CMD646 1
364 /* CMD646 specific */
366 #define MRDMODE_INTR_CH0 0x04
367 #define MRDMODE_INTR_CH1 0x08
368 #define MRDMODE_BLK_CH0 0x10
369 #define MRDMODE_BLK_CH1 0x20
370 #define UDIDETCR0 0x73
371 #define UDIDETCR1 0x7B
373 typedef struct BMDMAState {
378 struct PCIIDEState *pci_dev;
379 /* current transfer state */
381 uint32_t cur_prd_last;
382 uint32_t cur_prd_addr;
383 uint32_t cur_prd_len;
385 BlockDriverCompletionFunc *dma_cb;
386 BlockDriverAIOCB *aiocb;
389 typedef struct PCIIDEState {
393 int type; /* see IDE_TYPE_xxx */
396 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
397 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
399 static void padstr(char *str, const char *src, int len)
402 for(i = 0; i < len; i++) {
407 *(char *)((long)str ^ 1) = v;
412 static void padstr8(uint8_t *buf, int buf_size, const char *src)
415 for(i = 0; i < buf_size; i++) {
423 static void put_le16(uint16_t *p, unsigned int v)
428 static void ide_identify(IDEState *s)
431 unsigned int oldsize;
434 if (s->identify_set) {
435 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
439 memset(s->io_buffer, 0, 512);
440 p = (uint16_t *)s->io_buffer;
441 put_le16(p + 0, 0x0040);
442 put_le16(p + 1, s->cylinders);
443 put_le16(p + 3, s->heads);
444 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
445 put_le16(p + 5, 512); /* XXX: retired, remove ? */
446 put_le16(p + 6, s->sectors);
447 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
448 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
449 put_le16(p + 20, 3); /* XXX: retired, remove ? */
450 put_le16(p + 21, 512); /* cache size in sectors */
451 put_le16(p + 22, 4); /* ecc bytes */
452 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
453 padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
454 #if MAX_MULT_SECTORS > 1
455 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
457 put_le16(p + 48, 1); /* dword I/O */
458 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
459 put_le16(p + 51, 0x200); /* PIO transfer cycle */
460 put_le16(p + 52, 0x200); /* DMA transfer cycle */
461 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
462 put_le16(p + 54, s->cylinders);
463 put_le16(p + 55, s->heads);
464 put_le16(p + 56, s->sectors);
465 oldsize = s->cylinders * s->heads * s->sectors;
466 put_le16(p + 57, oldsize);
467 put_le16(p + 58, oldsize >> 16);
469 put_le16(p + 59, 0x100 | s->mult_sectors);
470 put_le16(p + 60, s->nb_sectors);
471 put_le16(p + 61, s->nb_sectors >> 16);
472 put_le16(p + 63, 0x07); /* mdma0-2 supported */
473 put_le16(p + 65, 120);
474 put_le16(p + 66, 120);
475 put_le16(p + 67, 120);
476 put_le16(p + 68, 120);
477 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
478 put_le16(p + 81, 0x16); /* conforms to ata5 */
479 put_le16(p + 82, (1 << 14));
480 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
481 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
482 put_le16(p + 84, (1 << 14));
483 put_le16(p + 85, (1 << 14));
484 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
485 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
486 put_le16(p + 87, (1 << 14));
487 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
488 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
489 put_le16(p + 100, s->nb_sectors);
490 put_le16(p + 101, s->nb_sectors >> 16);
491 put_le16(p + 102, s->nb_sectors >> 32);
492 put_le16(p + 103, s->nb_sectors >> 48);
494 memcpy(s->identify_data, p, sizeof(s->identify_data));
498 static void ide_atapi_identify(IDEState *s)
503 if (s->identify_set) {
504 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
508 memset(s->io_buffer, 0, 512);
509 p = (uint16_t *)s->io_buffer;
510 /* Removable CDROM, 50us response, 12 byte packets */
511 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
512 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
513 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
514 put_le16(p + 20, 3); /* buffer type */
515 put_le16(p + 21, 512); /* cache size in sectors */
516 put_le16(p + 22, 4); /* ecc bytes */
517 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
518 padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
519 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
521 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
522 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
523 put_le16(p + 63, 7); /* mdma0-2 supported */
524 put_le16(p + 64, 0x3f); /* PIO modes supported */
526 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
527 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
528 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
529 put_le16(p + 64, 1); /* PIO modes */
531 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
532 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
533 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
534 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
536 put_le16(p + 71, 30); /* in ns */
537 put_le16(p + 72, 30); /* in ns */
539 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
541 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
543 memcpy(s->identify_data, p, sizeof(s->identify_data));
547 static void ide_set_signature(IDEState *s)
549 s->select &= 0xf0; /* clear head */
565 static inline void ide_abort_command(IDEState *s)
567 s->status = READY_STAT | ERR_STAT;
571 static inline void ide_set_irq(IDEState *s)
573 BMDMAState *bm = s->bmdma;
574 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
576 bm->status |= BM_STATUS_INT;
578 s->set_irq(s->irq_opaque, s->irq, 1);
582 /* prepare data transfer and tell what to do after */
583 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
584 EndTransferFunc *end_transfer_func)
586 s->end_transfer_func = end_transfer_func;
588 s->data_end = buf + size;
589 s->status |= DRQ_STAT;
592 static void ide_transfer_stop(IDEState *s)
594 s->end_transfer_func = ide_transfer_stop;
595 s->data_ptr = s->io_buffer;
596 s->data_end = s->io_buffer;
597 s->status &= ~DRQ_STAT;
600 static int64_t ide_get_sector(IDEState *s)
603 if (s->select & 0x40) {
606 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
607 (s->lcyl << 8) | s->sector;
609 sector_num = ((int64_t)s->hob_hcyl << 40) |
610 ((int64_t) s->hob_lcyl << 32) |
611 ((int64_t) s->hob_sector << 24) |
612 ((int64_t) s->hcyl << 16) |
613 ((int64_t) s->lcyl << 8) | s->sector;
616 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
617 (s->select & 0x0f) * s->sectors + (s->sector - 1);
622 static void ide_set_sector(IDEState *s, int64_t sector_num)
625 if (s->select & 0x40) {
627 s->select = (s->select & 0xf0) | (sector_num >> 24);
628 s->hcyl = (sector_num >> 16);
629 s->lcyl = (sector_num >> 8);
630 s->sector = (sector_num);
632 s->sector = sector_num;
633 s->lcyl = sector_num >> 8;
634 s->hcyl = sector_num >> 16;
635 s->hob_sector = sector_num >> 24;
636 s->hob_lcyl = sector_num >> 32;
637 s->hob_hcyl = sector_num >> 40;
640 cyl = sector_num / (s->heads * s->sectors);
641 r = sector_num % (s->heads * s->sectors);
644 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
645 s->sector = (r % s->sectors) + 1;
649 static void ide_sector_read(IDEState *s)
654 s->status = READY_STAT | SEEK_STAT;
655 s->error = 0; /* not needed by IDE spec, but needed by Windows */
656 sector_num = ide_get_sector(s);
659 /* no more sector to read from disk */
660 ide_transfer_stop(s);
662 #if defined(DEBUG_IDE)
663 printf("read sector=%Ld\n", sector_num);
665 if (n > s->req_nb_sectors)
666 n = s->req_nb_sectors;
667 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
668 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
670 ide_set_sector(s, sector_num + n);
675 /* return 0 if buffer completed */
676 static int dma_buf_rw(BMDMAState *bm, int is_write)
678 IDEState *s = bm->ide_if;
686 l = s->io_buffer_size - s->io_buffer_index;
689 if (bm->cur_prd_len == 0) {
690 /* end of table (with a fail safe of one page) */
691 if (bm->cur_prd_last ||
692 (bm->cur_addr - bm->addr) >= 4096)
694 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
696 prd.addr = le32_to_cpu(prd.addr);
697 prd.size = le32_to_cpu(prd.size);
698 len = prd.size & 0xfffe;
701 bm->cur_prd_len = len;
702 bm->cur_prd_addr = prd.addr;
703 bm->cur_prd_last = (prd.size & 0x80000000);
705 if (l > bm->cur_prd_len)
709 cpu_physical_memory_write(bm->cur_prd_addr,
710 s->io_buffer + s->io_buffer_index, l);
712 cpu_physical_memory_read(bm->cur_prd_addr,
713 s->io_buffer + s->io_buffer_index, l);
715 bm->cur_prd_addr += l;
716 bm->cur_prd_len -= l;
717 s->io_buffer_index += l;
723 /* XXX: handle errors */
724 static void ide_read_dma_cb(void *opaque, int ret)
726 BMDMAState *bm = opaque;
727 IDEState *s = bm->ide_if;
731 n = s->io_buffer_size >> 9;
732 sector_num = ide_get_sector(s);
735 ide_set_sector(s, sector_num);
737 if (dma_buf_rw(bm, 1) == 0)
741 /* end of transfer ? */
742 if (s->nsector == 0) {
743 s->status = READY_STAT | SEEK_STAT;
746 bm->status &= ~BM_STATUS_DMAING;
747 bm->status |= BM_STATUS_INT;
754 /* launch next transfer */
756 if (n > MAX_MULT_SECTORS)
757 n = MAX_MULT_SECTORS;
758 s->io_buffer_index = 0;
759 s->io_buffer_size = n * 512;
761 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
763 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
764 ide_read_dma_cb, bm);
767 static void ide_sector_read_dma(IDEState *s)
769 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
770 s->io_buffer_index = 0;
771 s->io_buffer_size = 0;
772 ide_dma_start(s, ide_read_dma_cb);
775 static void ide_sector_write_timer_cb(void *opaque)
777 IDEState *s = opaque;
781 static void ide_sector_write(IDEState *s)
786 s->status = READY_STAT | SEEK_STAT;
787 sector_num = ide_get_sector(s);
788 #if defined(DEBUG_IDE)
789 printf("write sector=%Ld\n", sector_num);
792 if (n > s->req_nb_sectors)
793 n = s->req_nb_sectors;
794 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
796 if (s->nsector == 0) {
797 /* no more sectors to write */
798 ide_transfer_stop(s);
801 if (n1 > s->req_nb_sectors)
802 n1 = s->req_nb_sectors;
803 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
805 ide_set_sector(s, sector_num + n);
808 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
809 /* It seems there is a bug in the Windows 2000 installer HDD
810 IDE driver which fills the disk with empty logs when the
811 IDE write IRQ comes too early. This hack tries to correct
812 that at the expense of slower write performances. Use this
813 option _only_ to install Windows 2000. You must disable it
815 qemu_mod_timer(s->sector_write_timer,
816 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
824 /* XXX: handle errors */
825 static void ide_write_dma_cb(void *opaque, int ret)
827 BMDMAState *bm = opaque;
828 IDEState *s = bm->ide_if;
832 n = s->io_buffer_size >> 9;
833 sector_num = ide_get_sector(s);
836 ide_set_sector(s, sector_num);
840 /* end of transfer ? */
841 if (s->nsector == 0) {
842 s->status = READY_STAT | SEEK_STAT;
845 bm->status &= ~BM_STATUS_DMAING;
846 bm->status |= BM_STATUS_INT;
853 /* launch next transfer */
855 if (n > MAX_MULT_SECTORS)
856 n = MAX_MULT_SECTORS;
857 s->io_buffer_index = 0;
858 s->io_buffer_size = n * 512;
860 if (dma_buf_rw(bm, 0) == 0)
863 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
865 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
866 ide_write_dma_cb, bm);
869 static void ide_sector_write_dma(IDEState *s)
871 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
872 s->io_buffer_index = 0;
873 s->io_buffer_size = 0;
874 ide_dma_start(s, ide_write_dma_cb);
877 static void ide_atapi_cmd_ok(IDEState *s)
880 s->status = READY_STAT;
881 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
885 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
887 #ifdef DEBUG_IDE_ATAPI
888 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
890 s->error = sense_key << 4;
891 s->status = READY_STAT | ERR_STAT;
892 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
893 s->sense_key = sense_key;
898 static inline void cpu_to_ube16(uint8_t *buf, int val)
904 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
912 static inline int ube16_to_cpu(const uint8_t *buf)
914 return (buf[0] << 8) | buf[1];
917 static inline int ube32_to_cpu(const uint8_t *buf)
919 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
922 static void lba_to_msf(uint8_t *buf, int lba)
925 buf[0] = (lba / 75) / 60;
926 buf[1] = (lba / 75) % 60;
930 static void cd_data_to_raw(uint8_t *buf, int lba)
934 memset(buf + 1, 0xff, 10);
938 lba_to_msf(buf, lba);
939 buf[3] = 0x01; /* mode 1 data */
943 /* XXX: ECC not computed */
947 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
952 switch(sector_size) {
954 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
957 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
960 cd_data_to_raw(buf, lba);
969 static void ide_atapi_io_error(IDEState *s, int ret)
971 /* XXX: handle more errors */
972 if (ret == -ENOMEDIUM) {
973 ide_atapi_cmd_error(s, SENSE_NOT_READY,
974 ASC_MEDIUM_NOT_PRESENT);
976 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
977 ASC_LOGICAL_BLOCK_OOR);
981 /* The whole ATAPI transfer logic is handled in this function */
982 static void ide_atapi_cmd_reply_end(IDEState *s)
984 int byte_count_limit, size, ret;
985 #ifdef DEBUG_IDE_ATAPI
986 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
987 s->packet_transfer_size,
988 s->elementary_transfer_size,
991 if (s->packet_transfer_size <= 0) {
992 /* end of transfer */
993 ide_transfer_stop(s);
994 s->status = READY_STAT;
995 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
997 #ifdef DEBUG_IDE_ATAPI
998 printf("status=0x%x\n", s->status);
1001 /* see if a new sector must be read */
1002 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1003 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1005 ide_transfer_stop(s);
1006 ide_atapi_io_error(s, ret);
1010 s->io_buffer_index = 0;
1012 if (s->elementary_transfer_size > 0) {
1013 /* there are some data left to transmit in this elementary
1015 size = s->cd_sector_size - s->io_buffer_index;
1016 if (size > s->elementary_transfer_size)
1017 size = s->elementary_transfer_size;
1018 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1019 size, ide_atapi_cmd_reply_end);
1020 s->packet_transfer_size -= size;
1021 s->elementary_transfer_size -= size;
1022 s->io_buffer_index += size;
1024 /* a new transfer is needed */
1025 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1026 byte_count_limit = s->lcyl | (s->hcyl << 8);
1027 #ifdef DEBUG_IDE_ATAPI
1028 printf("byte_count_limit=%d\n", byte_count_limit);
1030 if (byte_count_limit == 0xffff)
1032 size = s->packet_transfer_size;
1033 if (size > byte_count_limit) {
1034 /* byte count limit must be even if this case */
1035 if (byte_count_limit & 1)
1037 size = byte_count_limit;
1040 s->hcyl = size >> 8;
1041 s->elementary_transfer_size = size;
1042 /* we cannot transmit more than one sector at a time */
1044 if (size > (s->cd_sector_size - s->io_buffer_index))
1045 size = (s->cd_sector_size - s->io_buffer_index);
1047 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1048 size, ide_atapi_cmd_reply_end);
1049 s->packet_transfer_size -= size;
1050 s->elementary_transfer_size -= size;
1051 s->io_buffer_index += size;
1053 #ifdef DEBUG_IDE_ATAPI
1054 printf("status=0x%x\n", s->status);
1060 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1061 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1063 if (size > max_size)
1065 s->lba = -1; /* no sector read */
1066 s->packet_transfer_size = size;
1067 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1068 s->elementary_transfer_size = 0;
1069 s->io_buffer_index = 0;
1072 s->status = READY_STAT | DRQ_STAT;
1073 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1075 s->status = READY_STAT;
1076 ide_atapi_cmd_reply_end(s);
1080 /* start a CD-CDROM read command */
1081 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1085 s->packet_transfer_size = nb_sectors * sector_size;
1086 s->elementary_transfer_size = 0;
1087 s->io_buffer_index = sector_size;
1088 s->cd_sector_size = sector_size;
1090 s->status = READY_STAT;
1091 ide_atapi_cmd_reply_end(s);
1094 /* ATAPI DMA support */
1096 /* XXX: handle read errors */
1097 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1099 BMDMAState *bm = opaque;
1100 IDEState *s = bm->ide_if;
1104 ide_atapi_io_error(s, ret);
1108 if (s->io_buffer_size > 0) {
1110 * For a cdrom read sector command (s->lba != -1),
1111 * adjust the lba for the next s->io_buffer_size chunk
1112 * and dma the current chunk.
1113 * For a command != read (s->lba == -1), just transfer
1117 if (s->cd_sector_size == 2352) {
1119 cd_data_to_raw(s->io_buffer, s->lba);
1121 n = s->io_buffer_size >> 11;
1125 s->packet_transfer_size -= s->io_buffer_size;
1126 if (dma_buf_rw(bm, 1) == 0)
1130 if (s->packet_transfer_size <= 0) {
1131 s->status = READY_STAT;
1132 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1135 bm->status &= ~BM_STATUS_DMAING;
1136 bm->status |= BM_STATUS_INT;
1143 s->io_buffer_index = 0;
1144 if (s->cd_sector_size == 2352) {
1146 s->io_buffer_size = s->cd_sector_size;
1149 n = s->packet_transfer_size >> 11;
1150 if (n > (MAX_MULT_SECTORS / 4))
1151 n = (MAX_MULT_SECTORS / 4);
1152 s->io_buffer_size = n * 2048;
1156 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1158 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1159 s->io_buffer + data_offset, n * 4,
1160 ide_atapi_cmd_read_dma_cb, bm);
1162 /* Note: media not present is the most likely case */
1163 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1164 ASC_MEDIUM_NOT_PRESENT);
1169 /* start a CD-CDROM read command with DMA */
1170 /* XXX: test if DMA is available */
1171 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1175 s->packet_transfer_size = nb_sectors * sector_size;
1176 s->io_buffer_index = 0;
1177 s->io_buffer_size = 0;
1178 s->cd_sector_size = sector_size;
1180 /* XXX: check if BUSY_STAT should be set */
1181 s->status = READY_STAT | DRQ_STAT | BUSY_STAT;
1182 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1185 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1188 #ifdef DEBUG_IDE_ATAPI
1189 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1193 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1195 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1199 static void ide_atapi_cmd(IDEState *s)
1201 const uint8_t *packet;
1205 packet = s->io_buffer;
1207 #ifdef DEBUG_IDE_ATAPI
1210 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1211 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1212 printf(" %02x", packet[i]);
1217 switch(s->io_buffer[0]) {
1218 case GPCMD_TEST_UNIT_READY:
1219 if (bdrv_is_inserted(s->bs)) {
1220 ide_atapi_cmd_ok(s);
1222 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1223 ASC_MEDIUM_NOT_PRESENT);
1226 case GPCMD_MODE_SENSE_10:
1229 max_len = ube16_to_cpu(packet + 7);
1230 action = packet[2] >> 6;
1231 code = packet[2] & 0x3f;
1233 case 0: /* current values */
1235 case 0x01: /* error recovery */
1236 cpu_to_ube16(&buf[0], 16 + 6);
1252 ide_atapi_cmd_reply(s, 16, max_len);
1255 cpu_to_ube16(&buf[0], 28 + 6);
1270 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1271 if (bdrv_is_locked(s->bs))
1274 cpu_to_ube16(&buf[16], 706);
1277 cpu_to_ube16(&buf[20], 512);
1278 cpu_to_ube16(&buf[22], 706);
1283 ide_atapi_cmd_reply(s, 28, max_len);
1289 case 1: /* changeable values */
1291 case 2: /* default values */
1294 case 3: /* saved values */
1295 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1296 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1301 case GPCMD_REQUEST_SENSE:
1302 max_len = packet[4];
1304 buf[0] = 0x70 | (1 << 7);
1305 buf[2] = s->sense_key;
1308 ide_atapi_cmd_reply(s, 18, max_len);
1310 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1311 if (bdrv_is_inserted(s->bs)) {
1312 bdrv_set_locked(s->bs, packet[4] & 1);
1313 ide_atapi_cmd_ok(s);
1315 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1316 ASC_MEDIUM_NOT_PRESENT);
1322 int nb_sectors, lba;
1324 if (packet[0] == GPCMD_READ_10)
1325 nb_sectors = ube16_to_cpu(packet + 7);
1327 nb_sectors = ube32_to_cpu(packet + 6);
1328 lba = ube32_to_cpu(packet + 2);
1329 if (nb_sectors == 0) {
1330 ide_atapi_cmd_ok(s);
1333 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1338 int nb_sectors, lba, transfer_request;
1340 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1341 lba = ube32_to_cpu(packet + 2);
1342 if (nb_sectors == 0) {
1343 ide_atapi_cmd_ok(s);
1346 transfer_request = packet[9];
1347 switch(transfer_request & 0xf8) {
1350 ide_atapi_cmd_ok(s);
1354 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1358 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1361 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1362 ASC_INV_FIELD_IN_CMD_PACKET);
1370 int64_t total_sectors;
1372 bdrv_get_geometry(s->bs, &total_sectors);
1373 total_sectors >>= 2;
1374 if (total_sectors <= 0) {
1375 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1376 ASC_MEDIUM_NOT_PRESENT);
1379 lba = ube32_to_cpu(packet + 2);
1380 if (lba >= total_sectors) {
1381 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1382 ASC_LOGICAL_BLOCK_OOR);
1385 ide_atapi_cmd_ok(s);
1388 case GPCMD_START_STOP_UNIT:
1391 start = packet[4] & 1;
1392 eject = (packet[4] >> 1) & 1;
1394 if (eject && !start) {
1395 /* eject the disk */
1396 bdrv_eject(s->bs, 1);
1397 } else if (eject && start) {
1398 /* close the tray */
1399 bdrv_eject(s->bs, 0);
1401 ide_atapi_cmd_ok(s);
1404 case GPCMD_MECHANISM_STATUS:
1406 max_len = ube16_to_cpu(packet + 8);
1407 cpu_to_ube16(buf, 0);
1408 /* no current LBA */
1413 cpu_to_ube16(buf + 6, 0);
1414 ide_atapi_cmd_reply(s, 8, max_len);
1417 case GPCMD_READ_TOC_PMA_ATIP:
1419 int format, msf, start_track, len;
1420 int64_t total_sectors;
1422 bdrv_get_geometry(s->bs, &total_sectors);
1423 total_sectors >>= 2;
1424 if (total_sectors <= 0) {
1425 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1426 ASC_MEDIUM_NOT_PRESENT);
1429 max_len = ube16_to_cpu(packet + 7);
1430 format = packet[9] >> 6;
1431 msf = (packet[1] >> 1) & 1;
1432 start_track = packet[6];
1435 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1438 ide_atapi_cmd_reply(s, len, max_len);
1441 /* multi session : only a single session defined */
1446 ide_atapi_cmd_reply(s, 12, max_len);
1449 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1452 ide_atapi_cmd_reply(s, len, max_len);
1456 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1457 ASC_INV_FIELD_IN_CMD_PACKET);
1462 case GPCMD_READ_CDVD_CAPACITY:
1464 int64_t total_sectors;
1466 bdrv_get_geometry(s->bs, &total_sectors);
1467 total_sectors >>= 2;
1468 if (total_sectors <= 0) {
1469 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1470 ASC_MEDIUM_NOT_PRESENT);
1473 /* NOTE: it is really the number of sectors minus 1 */
1474 cpu_to_ube32(buf, total_sectors - 1);
1475 cpu_to_ube32(buf + 4, 2048);
1476 ide_atapi_cmd_reply(s, 8, 8);
1480 max_len = packet[4];
1481 buf[0] = 0x05; /* CD-ROM */
1482 buf[1] = 0x80; /* removable */
1483 buf[2] = 0x00; /* ISO */
1484 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1485 buf[4] = 31; /* additionnal length */
1486 buf[5] = 0; /* reserved */
1487 buf[6] = 0; /* reserved */
1488 buf[7] = 0; /* reserved */
1489 padstr8(buf + 8, 8, "QEMU");
1490 padstr8(buf + 16, 16, "QEMU CD-ROM");
1491 padstr8(buf + 32, 4, QEMU_VERSION);
1492 ide_atapi_cmd_reply(s, 36, max_len);
1495 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1496 ASC_ILLEGAL_OPCODE);
1501 /* called when the inserted state of the media has changed */
1502 static void cdrom_change_cb(void *opaque)
1504 IDEState *s = opaque;
1507 /* XXX: send interrupt too */
1508 bdrv_get_geometry(s->bs, &nb_sectors);
1509 s->nb_sectors = nb_sectors;
1512 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1516 /* handle the 'magic' 0 nsector count conversion here. to avoid
1517 * fiddling with the rest of the read logic, we just store the
1518 * full sector count in ->nsector and ignore ->hob_nsector from now
1524 if (!s->nsector && !s->hob_nsector)
1527 int lo = s->nsector;
1528 int hi = s->hob_nsector;
1530 s->nsector = (hi << 8) | lo;
1535 static void ide_clear_hob(IDEState *ide_if)
1537 /* any write clears HOB high bit of device control register */
1538 ide_if[0].select &= ~(1 << 7);
1539 ide_if[1].select &= ~(1 << 7);
1542 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1544 IDEState *ide_if = opaque;
1550 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1558 ide_clear_hob(ide_if);
1559 /* NOTE: data is written to the two drives */
1560 ide_if[0].hob_feature = ide_if[0].feature;
1561 ide_if[1].hob_feature = ide_if[1].feature;
1562 ide_if[0].feature = val;
1563 ide_if[1].feature = val;
1566 ide_clear_hob(ide_if);
1567 ide_if[0].hob_nsector = ide_if[0].nsector;
1568 ide_if[1].hob_nsector = ide_if[1].nsector;
1569 ide_if[0].nsector = val;
1570 ide_if[1].nsector = val;
1573 ide_clear_hob(ide_if);
1574 ide_if[0].hob_sector = ide_if[0].sector;
1575 ide_if[1].hob_sector = ide_if[1].sector;
1576 ide_if[0].sector = val;
1577 ide_if[1].sector = val;
1580 ide_clear_hob(ide_if);
1581 ide_if[0].hob_lcyl = ide_if[0].lcyl;
1582 ide_if[1].hob_lcyl = ide_if[1].lcyl;
1583 ide_if[0].lcyl = val;
1584 ide_if[1].lcyl = val;
1587 ide_clear_hob(ide_if);
1588 ide_if[0].hob_hcyl = ide_if[0].hcyl;
1589 ide_if[1].hob_hcyl = ide_if[1].hcyl;
1590 ide_if[0].hcyl = val;
1591 ide_if[1].hcyl = val;
1594 /* FIXME: HOB readback uses bit 7 */
1595 ide_if[0].select = (val & ~0x10) | 0xa0;
1596 ide_if[1].select = (val | 0x10) | 0xa0;
1598 unit = (val >> 4) & 1;
1600 ide_if->cur_drive = s;
1605 #if defined(DEBUG_IDE)
1606 printf("ide: CMD=%02x\n", val);
1608 s = ide_if->cur_drive;
1609 /* ignore commands to non existant slave */
1610 if (s != ide_if && !s->bs)
1615 if (s->bs && !s->is_cdrom) {
1617 s->status = READY_STAT | SEEK_STAT;
1618 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1621 ide_set_signature(s);
1623 ide_abort_command(s);
1630 s->status = READY_STAT | SEEK_STAT;
1634 if ((s->nsector & 0xff) != 0 &&
1635 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1636 (s->nsector & (s->nsector - 1)) != 0)) {
1637 ide_abort_command(s);
1639 s->mult_sectors = s->nsector & 0xff;
1640 s->status = READY_STAT;
1644 case WIN_VERIFY_EXT:
1647 case WIN_VERIFY_ONCE:
1648 /* do sector number check ? */
1649 ide_cmd_lba48_transform(s, lba48);
1650 s->status = READY_STAT;
1659 ide_cmd_lba48_transform(s, lba48);
1660 s->req_nb_sectors = 1;
1666 case WIN_WRITE_ONCE:
1667 ide_cmd_lba48_transform(s, lba48);
1669 s->status = SEEK_STAT | READY_STAT;
1670 s->req_nb_sectors = 1;
1671 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1673 case WIN_MULTREAD_EXT:
1676 if (!s->mult_sectors)
1678 ide_cmd_lba48_transform(s, lba48);
1679 s->req_nb_sectors = s->mult_sectors;
1682 case WIN_MULTWRITE_EXT:
1685 if (!s->mult_sectors)
1687 ide_cmd_lba48_transform(s, lba48);
1689 s->status = SEEK_STAT | READY_STAT;
1690 s->req_nb_sectors = s->mult_sectors;
1692 if (n > s->req_nb_sectors)
1693 n = s->req_nb_sectors;
1694 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1696 case WIN_READDMA_EXT:
1699 case WIN_READDMA_ONCE:
1702 ide_cmd_lba48_transform(s, lba48);
1703 ide_sector_read_dma(s);
1705 case WIN_WRITEDMA_EXT:
1708 case WIN_WRITEDMA_ONCE:
1711 ide_cmd_lba48_transform(s, lba48);
1712 ide_sector_write_dma(s);
1714 case WIN_READ_NATIVE_MAX_EXT:
1716 case WIN_READ_NATIVE_MAX:
1717 ide_cmd_lba48_transform(s, lba48);
1718 ide_set_sector(s, s->nb_sectors - 1);
1719 s->status = READY_STAT;
1722 case WIN_CHECKPOWERMODE1:
1723 s->nsector = 0xff; /* device active or idle */
1724 s->status = READY_STAT;
1727 case WIN_SETFEATURES:
1730 /* XXX: valid for CDROM ? */
1731 switch(s->feature) {
1732 case 0xcc: /* reverting to power-on defaults enable */
1733 case 0x66: /* reverting to power-on defaults disable */
1734 case 0x02: /* write cache enable */
1735 case 0x82: /* write cache disable */
1736 case 0xaa: /* read look-ahead enable */
1737 case 0x55: /* read look-ahead disable */
1738 s->status = READY_STAT | SEEK_STAT;
1741 case 0x03: { /* set transfer mode */
1742 uint8_t val = s->nsector & 0x07;
1744 switch (s->nsector >> 3) {
1745 case 0x00: /* pio default */
1746 case 0x01: /* pio mode */
1747 put_le16(s->identify_data + 63,0x07);
1748 put_le16(s->identify_data + 88,0x3f);
1750 case 0x04: /* mdma mode */
1751 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
1752 put_le16(s->identify_data + 88,0x3f);
1754 case 0x08: /* udma mode */
1755 put_le16(s->identify_data + 63,0x07);
1756 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
1761 s->status = READY_STAT | SEEK_STAT;
1769 case WIN_FLUSH_CACHE:
1770 case WIN_FLUSH_CACHE_EXT:
1773 s->status = READY_STAT;
1776 case WIN_STANDBYNOW1:
1777 case WIN_IDLEIMMEDIATE:
1778 s->status = READY_STAT;
1781 /* ATAPI commands */
1784 ide_atapi_identify(s);
1785 s->status = READY_STAT | SEEK_STAT;
1786 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1788 ide_abort_command(s);
1793 ide_set_signature(s);
1794 s->status = 0x00; /* NOTE: READY is _not_ set */
1800 ide_set_signature(s);
1801 s->status = 0x00; /* NOTE: READY is _not_ set */
1807 /* overlapping commands not supported */
1808 if (s->feature & 0x02)
1810 s->atapi_dma = s->feature & 1;
1812 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1817 ide_abort_command(s);
1824 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
1826 IDEState *ide_if = opaque;
1827 IDEState *s = ide_if->cur_drive;
1832 /* FIXME: HOB readback uses bit 7, but it's always set right now */
1833 //hob = s->select & (1 << 7);
1840 if (!ide_if[0].bs && !ide_if[1].bs)
1845 ret = s->hob_feature;
1848 if (!ide_if[0].bs && !ide_if[1].bs)
1851 ret = s->nsector & 0xff;
1853 ret = s->hob_nsector;
1856 if (!ide_if[0].bs && !ide_if[1].bs)
1861 ret = s->hob_sector;
1864 if (!ide_if[0].bs && !ide_if[1].bs)
1872 if (!ide_if[0].bs && !ide_if[1].bs)
1880 if (!ide_if[0].bs && !ide_if[1].bs)
1887 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1888 (s != ide_if && !s->bs))
1892 s->set_irq(s->irq_opaque, s->irq, 0);
1896 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1901 static uint32_t ide_status_read(void *opaque, uint32_t addr)
1903 IDEState *ide_if = opaque;
1904 IDEState *s = ide_if->cur_drive;
1907 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1908 (s != ide_if && !s->bs))
1913 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1918 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
1920 IDEState *ide_if = opaque;
1925 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1927 /* common for both drives */
1928 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
1929 (val & IDE_CMD_RESET)) {
1930 /* reset low to high */
1931 for(i = 0;i < 2; i++) {
1933 s->status = BUSY_STAT | SEEK_STAT;
1936 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
1937 !(val & IDE_CMD_RESET)) {
1939 for(i = 0;i < 2; i++) {
1942 s->status = 0x00; /* NOTE: READY is _not_ set */
1944 s->status = READY_STAT | SEEK_STAT;
1945 ide_set_signature(s);
1949 ide_if[0].cmd = val;
1950 ide_if[1].cmd = val;
1953 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
1955 IDEState *s = ((IDEState *)opaque)->cur_drive;
1959 *(uint16_t *)p = le16_to_cpu(val);
1962 if (p >= s->data_end)
1963 s->end_transfer_func(s);
1966 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
1968 IDEState *s = ((IDEState *)opaque)->cur_drive;
1972 ret = cpu_to_le16(*(uint16_t *)p);
1975 if (p >= s->data_end)
1976 s->end_transfer_func(s);
1980 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
1982 IDEState *s = ((IDEState *)opaque)->cur_drive;
1986 *(uint32_t *)p = le32_to_cpu(val);
1989 if (p >= s->data_end)
1990 s->end_transfer_func(s);
1993 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
1995 IDEState *s = ((IDEState *)opaque)->cur_drive;
2000 ret = cpu_to_le32(*(uint32_t *)p);
2003 if (p >= s->data_end)
2004 s->end_transfer_func(s);
2008 static void ide_dummy_transfer_stop(IDEState *s)
2010 s->data_ptr = s->io_buffer;
2011 s->data_end = s->io_buffer;
2012 s->io_buffer[0] = 0xff;
2013 s->io_buffer[1] = 0xff;
2014 s->io_buffer[2] = 0xff;
2015 s->io_buffer[3] = 0xff;
2018 static void ide_reset(IDEState *s)
2020 s->mult_sectors = MAX_MULT_SECTORS;
2023 s->status = READY_STAT;
2024 ide_set_signature(s);
2025 /* init the transfer handler so that 0xffff is returned on data
2027 s->end_transfer_func = ide_dummy_transfer_stop;
2028 ide_dummy_transfer_stop(s);
2032 uint8_t boot_ind; /* 0x80 - active */
2033 uint8_t head; /* starting head */
2034 uint8_t sector; /* starting sector */
2035 uint8_t cyl; /* starting cylinder */
2036 uint8_t sys_ind; /* What partition type */
2037 uint8_t end_head; /* end head */
2038 uint8_t end_sector; /* end sector */
2039 uint8_t end_cyl; /* end cylinder */
2040 uint32_t start_sect; /* starting sector counting from 0 */
2041 uint32_t nr_sects; /* nr of sectors in partition */
2042 } __attribute__((packed));
2044 /* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
2045 static int guess_disk_lchs(IDEState *s,
2046 int *pcylinders, int *pheads, int *psectors)
2049 int ret, i, heads, sectors, cylinders;
2050 struct partition *p;
2053 ret = bdrv_read(s->bs, 0, buf, 1);
2056 /* test msdos magic */
2057 if (buf[510] != 0x55 || buf[511] != 0xaa)
2059 for(i = 0; i < 4; i++) {
2060 p = ((struct partition *)(buf + 0x1be)) + i;
2061 nr_sects = le32_to_cpu(p->nr_sects);
2062 if (nr_sects && p->end_head) {
2063 /* We make the assumption that the partition terminates on
2064 a cylinder boundary */
2065 heads = p->end_head + 1;
2066 sectors = p->end_sector & 63;
2069 cylinders = s->nb_sectors / (heads * sectors);
2070 if (cylinders < 1 || cylinders > 16383)
2073 *psectors = sectors;
2074 *pcylinders = cylinders;
2076 printf("guessed geometry: LCHS=%d %d %d\n",
2077 cylinders, heads, sectors);
2085 static void ide_init2(IDEState *ide_state,
2086 BlockDriverState *hd0, BlockDriverState *hd1,
2087 SetIRQFunc *set_irq, void *irq_opaque, int irq)
2090 static int drive_serial = 1;
2091 int i, cylinders, heads, secs, translation, lba_detected = 0;
2094 for(i = 0; i < 2; i++) {
2101 bdrv_get_geometry(s->bs, &nb_sectors);
2102 s->nb_sectors = nb_sectors;
2103 /* if a geometry hint is available, use it */
2104 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
2105 translation = bdrv_get_translation_hint(s->bs);
2106 if (cylinders != 0) {
2107 s->cylinders = cylinders;
2111 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
2113 /* if heads > 16, it means that a BIOS LBA
2114 translation was active, so the default
2115 hardware geometry is OK */
2117 goto default_geometry;
2119 s->cylinders = cylinders;
2122 /* disable any translation to be in sync with
2123 the logical geometry */
2124 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
2125 bdrv_set_translation_hint(s->bs,
2126 BIOS_ATA_TRANSLATION_NONE);
2131 /* if no geometry, use a standard physical disk geometry */
2132 cylinders = nb_sectors / (16 * 63);
2133 if (cylinders > 16383)
2135 else if (cylinders < 2)
2137 s->cylinders = cylinders;
2140 if ((lba_detected == 1) && (translation == BIOS_ATA_TRANSLATION_AUTO)) {
2141 if ((s->cylinders * s->heads) <= 131072) {
2142 bdrv_set_translation_hint(s->bs,
2143 BIOS_ATA_TRANSLATION_LARGE);
2145 bdrv_set_translation_hint(s->bs,
2146 BIOS_ATA_TRANSLATION_LBA);
2150 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
2152 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2154 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2157 s->drive_serial = drive_serial++;
2158 s->set_irq = set_irq;
2159 s->irq_opaque = irq_opaque;
2161 s->sector_write_timer = qemu_new_timer(vm_clock,
2162 ide_sector_write_timer_cb, s);
2167 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2169 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2170 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2172 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2173 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2177 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2178 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2179 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2180 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2183 /***********************************************************/
2184 /* ISA IDE definitions */
2186 void isa_ide_init(int iobase, int iobase2, int irq,
2187 BlockDriverState *hd0, BlockDriverState *hd1)
2189 IDEState *ide_state;
2191 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2195 ide_init2(ide_state, hd0, hd1, pic_set_irq_new, isa_pic, irq);
2196 ide_init_ioport(ide_state, iobase, iobase2);
2199 /***********************************************************/
2200 /* PCI IDE definitions */
2202 static void cmd646_update_irq(PCIIDEState *d);
2204 static void ide_map(PCIDevice *pci_dev, int region_num,
2205 uint32_t addr, uint32_t size, int type)
2207 PCIIDEState *d = (PCIIDEState *)pci_dev;
2208 IDEState *ide_state;
2210 if (region_num <= 3) {
2211 ide_state = &d->ide_if[(region_num >> 1) * 2];
2212 if (region_num & 1) {
2213 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2214 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2216 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2217 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2220 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2221 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2222 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2223 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2228 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2230 BMDMAState *bm = s->bmdma;
2234 bm->dma_cb = dma_cb;
2235 bm->cur_prd_last = 0;
2236 bm->cur_prd_addr = 0;
2237 bm->cur_prd_len = 0;
2238 if (bm->status & BM_STATUS_DMAING) {
2243 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2245 BMDMAState *bm = opaque;
2247 printf("%s: 0x%08x\n", __func__, val);
2249 if (!(val & BM_CMD_START)) {
2250 /* XXX: do it better */
2251 if (bm->status & BM_STATUS_DMAING) {
2252 bm->status &= ~BM_STATUS_DMAING;
2253 /* cancel DMA request */
2258 printf("aio_cancel\n");
2260 bdrv_aio_cancel(bm->aiocb);
2264 bm->cmd = val & 0x09;
2266 if (!(bm->status & BM_STATUS_DMAING)) {
2267 bm->status |= BM_STATUS_DMAING;
2268 /* start dma transfer if possible */
2272 bm->cmd = val & 0x09;
2276 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2278 BMDMAState *bm = opaque;
2279 PCIIDEState *pci_dev;
2287 pci_dev = bm->pci_dev;
2288 if (pci_dev->type == IDE_TYPE_CMD646) {
2289 val = pci_dev->dev.config[MRDMODE];
2298 pci_dev = bm->pci_dev;
2299 if (pci_dev->type == IDE_TYPE_CMD646) {
2300 if (bm == &pci_dev->bmdma[0])
2301 val = pci_dev->dev.config[UDIDETCR0];
2303 val = pci_dev->dev.config[UDIDETCR1];
2313 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2318 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2320 BMDMAState *bm = opaque;
2321 PCIIDEState *pci_dev;
2323 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
2327 pci_dev = bm->pci_dev;
2328 if (pci_dev->type == IDE_TYPE_CMD646) {
2329 pci_dev->dev.config[MRDMODE] =
2330 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2331 cmd646_update_irq(pci_dev);
2335 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2338 pci_dev = bm->pci_dev;
2339 if (pci_dev->type == IDE_TYPE_CMD646) {
2340 if (bm == &pci_dev->bmdma[0])
2341 pci_dev->dev.config[UDIDETCR0] = val;
2343 pci_dev->dev.config[UDIDETCR1] = val;
2349 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2351 BMDMAState *bm = opaque;
2355 printf("%s: 0x%08x\n", __func__, val);
2360 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2362 BMDMAState *bm = opaque;
2364 printf("%s: 0x%08x\n", __func__, val);
2366 bm->addr = val & ~3;
2367 bm->cur_addr = bm->addr;
2370 static void bmdma_map(PCIDevice *pci_dev, int region_num,
2371 uint32_t addr, uint32_t size, int type)
2373 PCIIDEState *d = (PCIIDEState *)pci_dev;
2376 for(i = 0;i < 2; i++) {
2377 BMDMAState *bm = &d->bmdma[i];
2378 d->ide_if[2 * i].bmdma = bm;
2379 d->ide_if[2 * i + 1].bmdma = bm;
2380 bm->pci_dev = (PCIIDEState *)pci_dev;
2382 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2384 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
2385 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
2387 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2388 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2393 /* XXX: call it also when the MRDMODE is changed from the PCI config
2395 static void cmd646_update_irq(PCIIDEState *d)
2398 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
2399 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
2400 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
2401 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
2402 pci_set_irq((PCIDevice *)d, 0, pci_level);
2405 /* the PCI irq level is the logical OR of the two channels */
2406 static void cmd646_set_irq(void *opaque, int channel, int level)
2408 PCIIDEState *d = opaque;
2411 irq_mask = MRDMODE_INTR_CH0 << channel;
2413 d->dev.config[MRDMODE] |= irq_mask;
2415 d->dev.config[MRDMODE] &= ~irq_mask;
2416 cmd646_update_irq(d);
2419 /* CMD646 PCI IDE controller */
2420 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
2421 int secondary_ide_enabled)
2427 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
2428 sizeof(PCIIDEState),
2431 d->type = IDE_TYPE_CMD646;
2432 pci_conf = d->dev.config;
2433 pci_conf[0x00] = 0x95; // CMD646
2434 pci_conf[0x01] = 0x10;
2435 pci_conf[0x02] = 0x46;
2436 pci_conf[0x03] = 0x06;
2438 pci_conf[0x08] = 0x07; // IDE controller revision
2439 pci_conf[0x09] = 0x8f;
2441 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2442 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2443 pci_conf[0x0e] = 0x00; // header_type
2445 if (secondary_ide_enabled) {
2446 /* XXX: if not enabled, really disable the seconday IDE controller */
2447 pci_conf[0x51] = 0x80; /* enable IDE1 */
2450 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2451 PCI_ADDRESS_SPACE_IO, ide_map);
2452 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2453 PCI_ADDRESS_SPACE_IO, ide_map);
2454 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2455 PCI_ADDRESS_SPACE_IO, ide_map);
2456 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2457 PCI_ADDRESS_SPACE_IO, ide_map);
2458 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2459 PCI_ADDRESS_SPACE_IO, bmdma_map);
2461 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2463 for(i = 0; i < 4; i++)
2464 d->ide_if[i].pci_dev = (PCIDevice *)d;
2465 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1],
2466 cmd646_set_irq, d, 0);
2467 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3],
2468 cmd646_set_irq, d, 1);
2471 static void pci_ide_save(QEMUFile* f, void *opaque)
2473 PCIIDEState *d = opaque;
2476 pci_device_save(&d->dev, f);
2478 for(i = 0; i < 2; i++) {
2479 BMDMAState *bm = &d->bmdma[i];
2480 qemu_put_8s(f, &bm->cmd);
2481 qemu_put_8s(f, &bm->status);
2482 qemu_put_be32s(f, &bm->addr);
2483 /* XXX: if a transfer is pending, we do not save it yet */
2486 /* per IDE interface data */
2487 for(i = 0; i < 2; i++) {
2488 IDEState *s = &d->ide_if[i * 2];
2489 uint8_t drive1_selected;
2490 qemu_put_8s(f, &s->cmd);
2491 drive1_selected = (s->cur_drive != s);
2492 qemu_put_8s(f, &drive1_selected);
2495 /* per IDE drive data */
2496 for(i = 0; i < 4; i++) {
2497 IDEState *s = &d->ide_if[i];
2498 qemu_put_be32s(f, &s->mult_sectors);
2499 qemu_put_be32s(f, &s->identify_set);
2500 if (s->identify_set) {
2501 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2503 qemu_put_8s(f, &s->feature);
2504 qemu_put_8s(f, &s->error);
2505 qemu_put_be32s(f, &s->nsector);
2506 qemu_put_8s(f, &s->sector);
2507 qemu_put_8s(f, &s->lcyl);
2508 qemu_put_8s(f, &s->hcyl);
2509 qemu_put_8s(f, &s->hob_feature);
2510 qemu_put_8s(f, &s->hob_nsector);
2511 qemu_put_8s(f, &s->hob_sector);
2512 qemu_put_8s(f, &s->hob_lcyl);
2513 qemu_put_8s(f, &s->hob_hcyl);
2514 qemu_put_8s(f, &s->select);
2515 qemu_put_8s(f, &s->status);
2516 qemu_put_8s(f, &s->lba48);
2518 qemu_put_8s(f, &s->sense_key);
2519 qemu_put_8s(f, &s->asc);
2520 /* XXX: if a transfer is pending, we do not save it yet */
2524 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
2526 PCIIDEState *d = opaque;
2529 if (version_id != 1)
2531 ret = pci_device_load(&d->dev, f);
2535 for(i = 0; i < 2; i++) {
2536 BMDMAState *bm = &d->bmdma[i];
2537 qemu_get_8s(f, &bm->cmd);
2538 qemu_get_8s(f, &bm->status);
2539 qemu_get_be32s(f, &bm->addr);
2540 /* XXX: if a transfer is pending, we do not save it yet */
2543 /* per IDE interface data */
2544 for(i = 0; i < 2; i++) {
2545 IDEState *s = &d->ide_if[i * 2];
2546 uint8_t drive1_selected;
2547 qemu_get_8s(f, &s->cmd);
2548 qemu_get_8s(f, &drive1_selected);
2549 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
2552 /* per IDE drive data */
2553 for(i = 0; i < 4; i++) {
2554 IDEState *s = &d->ide_if[i];
2555 qemu_get_be32s(f, &s->mult_sectors);
2556 qemu_get_be32s(f, &s->identify_set);
2557 if (s->identify_set) {
2558 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2560 qemu_get_8s(f, &s->feature);
2561 qemu_get_8s(f, &s->error);
2562 qemu_get_be32s(f, &s->nsector);
2563 qemu_get_8s(f, &s->sector);
2564 qemu_get_8s(f, &s->lcyl);
2565 qemu_get_8s(f, &s->hcyl);
2566 qemu_get_8s(f, &s->hob_feature);
2567 qemu_get_8s(f, &s->hob_nsector);
2568 qemu_get_8s(f, &s->hob_sector);
2569 qemu_get_8s(f, &s->hob_lcyl);
2570 qemu_get_8s(f, &s->hob_hcyl);
2571 qemu_get_8s(f, &s->select);
2572 qemu_get_8s(f, &s->status);
2573 qemu_get_8s(f, &s->lba48);
2575 qemu_get_8s(f, &s->sense_key);
2576 qemu_get_8s(f, &s->asc);
2577 /* XXX: if a transfer is pending, we do not save it yet */
2582 static void piix3_reset(PCIIDEState *d)
2584 uint8_t *pci_conf = d->dev.config;
2586 pci_conf[0x04] = 0x00;
2587 pci_conf[0x05] = 0x00;
2588 pci_conf[0x06] = 0x80; /* FBC */
2589 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
2590 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
2593 /* hd_table must contain 4 block drivers */
2594 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
2595 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn)
2600 /* register a function 1 of PIIX3 */
2601 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2602 sizeof(PCIIDEState),
2605 d->type = IDE_TYPE_PIIX3;
2607 pci_conf = d->dev.config;
2608 pci_conf[0x00] = 0x86; // Intel
2609 pci_conf[0x01] = 0x80;
2610 pci_conf[0x02] = 0x10;
2611 pci_conf[0x03] = 0x70;
2612 pci_conf[0x09] = 0x80; // legacy ATA mode
2613 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2614 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2615 pci_conf[0x0e] = 0x00; // header_type
2619 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2620 PCI_ADDRESS_SPACE_IO, bmdma_map);
2622 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1],
2623 pic_set_irq_new, isa_pic, 14);
2624 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3],
2625 pic_set_irq_new, isa_pic, 15);
2626 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2627 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2629 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
2632 /***********************************************************/
2633 /* MacIO based PowerPC IDE */
2635 /* PowerMac IDE memory IO */
2636 static void pmac_ide_writeb (void *opaque,
2637 target_phys_addr_t addr, uint32_t val)
2639 addr = (addr & 0xFFF) >> 4;
2642 ide_ioport_write(opaque, addr, val);
2646 ide_cmd_write(opaque, 0, val);
2653 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
2657 addr = (addr & 0xFFF) >> 4;
2660 retval = ide_ioport_read(opaque, addr);
2664 retval = ide_status_read(opaque, 0);
2673 static void pmac_ide_writew (void *opaque,
2674 target_phys_addr_t addr, uint32_t val)
2676 addr = (addr & 0xFFF) >> 4;
2677 #ifdef TARGET_WORDS_BIGENDIAN
2681 ide_data_writew(opaque, 0, val);
2685 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
2689 addr = (addr & 0xFFF) >> 4;
2691 retval = ide_data_readw(opaque, 0);
2695 #ifdef TARGET_WORDS_BIGENDIAN
2696 retval = bswap16(retval);
2701 static void pmac_ide_writel (void *opaque,
2702 target_phys_addr_t addr, uint32_t val)
2704 addr = (addr & 0xFFF) >> 4;
2705 #ifdef TARGET_WORDS_BIGENDIAN
2709 ide_data_writel(opaque, 0, val);
2713 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
2717 addr = (addr & 0xFFF) >> 4;
2719 retval = ide_data_readl(opaque, 0);
2721 retval = 0xFFFFFFFF;
2723 #ifdef TARGET_WORDS_BIGENDIAN
2724 retval = bswap32(retval);
2729 static CPUWriteMemoryFunc *pmac_ide_write[] = {
2735 static CPUReadMemoryFunc *pmac_ide_read[] = {
2741 /* hd_table must contain 4 block drivers */
2742 /* PowerMac uses memory mapped registers, not I/O. Return the memory
2743 I/O index to access the ide. */
2744 int pmac_ide_init (BlockDriverState **hd_table,
2745 SetIRQFunc *set_irq, void *irq_opaque, int irq)
2748 int pmac_ide_memory;
2750 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
2751 ide_init2(&ide_if[0], hd_table[0], hd_table[1],
2752 set_irq, irq_opaque, irq);
2754 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
2755 pmac_ide_write, &ide_if[0]);
2756 return pmac_ide_memory;
projects / qemu / blob