2 * QEMU IDE disk and CD/DVD-ROM Emulator
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
28 #include "scsi-disk.h"
31 #include "qemu-timer.h"
35 /* debug IDE devices */
37 //#define DEBUG_IDE_ATAPI
41 /* Bits of HD_STATUS */
43 #define INDEX_STAT 0x02
44 #define ECC_STAT 0x04 /* Corrected error */
46 #define SEEK_STAT 0x10
48 #define WRERR_STAT 0x20
49 #define READY_STAT 0x40
50 #define BUSY_STAT 0x80
52 /* Bits for HD_ERROR */
53 #define MARK_ERR 0x01 /* Bad address mark */
54 #define TRK0_ERR 0x02 /* couldn't find track 0 */
55 #define ABRT_ERR 0x04 /* Command aborted */
56 #define MCR_ERR 0x08 /* media change request */
57 #define ID_ERR 0x10 /* ID field not found */
58 #define MC_ERR 0x20 /* media changed */
59 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
60 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
61 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
63 /* Bits of HD_NSECTOR */
69 #define IDE_CMD_RESET 0x04
70 #define IDE_CMD_DISABLE_IRQ 0x02
72 /* ATA/ATAPI Commands pre T13 Spec */
77 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
81 #define WIN_SRST 0x08 /* ATAPI soft reset command */
82 #define WIN_DEVICE_RESET 0x08
86 #define WIN_RECAL 0x10
87 #define WIN_RESTORE WIN_RECAL
91 #define WIN_READ 0x20 /* 28-Bit */
92 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
93 #define WIN_READ_LONG 0x22 /* 28-Bit */
94 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
95 #define WIN_READ_EXT 0x24 /* 48-Bit */
96 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
97 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
98 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
102 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
104 * 0x2A->0x2F Reserved
106 #define WIN_WRITE 0x30 /* 28-Bit */
107 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
108 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
109 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
110 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
111 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
112 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
113 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
114 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
115 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
117 * 0x3A->0x3B Reserved
119 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
121 * 0x3D->0x3F Reserved
123 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
124 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
125 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
127 * 0x43->0x4F Reserved
129 #define WIN_FORMAT 0x50
131 * 0x51->0x5F Reserved
133 #define WIN_INIT 0x60
135 * 0x61->0x5F Reserved
137 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
138 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
139 #define WIN_DIAGNOSE 0x90
140 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
141 #define WIN_DOWNLOAD_MICROCODE 0x92
142 #define WIN_STANDBYNOW2 0x94
143 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
144 #define WIN_STANDBY2 0x96
145 #define WIN_SETIDLE2 0x97
146 #define WIN_CHECKPOWERMODE2 0x98
147 #define WIN_SLEEPNOW2 0x99
151 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
152 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
153 #define WIN_QUEUED_SERVICE 0xA2
154 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
155 #define CFA_ACCESS_METADATA_STORAGE 0xB8
156 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
157 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
158 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
159 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
160 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
161 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
162 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
163 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
164 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
165 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
166 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
167 #define WIN_GETMEDIASTATUS 0xDA
168 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
169 #define WIN_POSTBOOT 0xDC
170 #define WIN_PREBOOT 0xDD
171 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
172 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
173 #define WIN_STANDBYNOW1 0xE0
174 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
175 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
176 #define WIN_SETIDLE1 0xE3
177 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
178 #define WIN_CHECKPOWERMODE1 0xE5
179 #define WIN_SLEEPNOW1 0xE6
180 #define WIN_FLUSH_CACHE 0xE7
181 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
182 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
183 /* SET_FEATURES 0x22 or 0xDD */
184 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
185 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
186 #define WIN_MEDIAEJECT 0xED
187 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
188 #define WIN_SETFEATURES 0xEF /* set special drive features */
189 #define EXABYTE_ENABLE_NEST 0xF0
190 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
191 #define WIN_SECURITY_SET_PASS 0xF1
192 #define WIN_SECURITY_UNLOCK 0xF2
193 #define WIN_SECURITY_ERASE_PREPARE 0xF3
194 #define WIN_SECURITY_ERASE_UNIT 0xF4
195 #define WIN_SECURITY_FREEZE_LOCK 0xF5
196 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
197 #define WIN_SECURITY_DISABLE 0xF6
198 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
199 #define WIN_SET_MAX 0xF9
200 #define DISABLE_SEAGATE 0xFB
202 /* set to 1 set disable mult support */
203 #define MAX_MULT_SECTORS 16
205 #define IDE_DMA_BUF_SECTORS 256
207 #if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
208 #error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
213 #define ATAPI_PACKET_SIZE 12
215 /* The generic packet command opcodes for CD/DVD Logical Units,
216 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
217 #define GPCMD_BLANK 0xa1
218 #define GPCMD_CLOSE_TRACK 0x5b
219 #define GPCMD_FLUSH_CACHE 0x35
220 #define GPCMD_FORMAT_UNIT 0x04
221 #define GPCMD_GET_CONFIGURATION 0x46
222 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
223 #define GPCMD_GET_PERFORMANCE 0xac
224 #define GPCMD_INQUIRY 0x12
225 #define GPCMD_LOAD_UNLOAD 0xa6
226 #define GPCMD_MECHANISM_STATUS 0xbd
227 #define GPCMD_MODE_SELECT_10 0x55
228 #define GPCMD_MODE_SENSE_10 0x5a
229 #define GPCMD_PAUSE_RESUME 0x4b
230 #define GPCMD_PLAY_AUDIO_10 0x45
231 #define GPCMD_PLAY_AUDIO_MSF 0x47
232 #define GPCMD_PLAY_AUDIO_TI 0x48
233 #define GPCMD_PLAY_CD 0xbc
234 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
235 #define GPCMD_READ_10 0x28
236 #define GPCMD_READ_12 0xa8
237 #define GPCMD_READ_CDVD_CAPACITY 0x25
238 #define GPCMD_READ_CD 0xbe
239 #define GPCMD_READ_CD_MSF 0xb9
240 #define GPCMD_READ_DISC_INFO 0x51
241 #define GPCMD_READ_DVD_STRUCTURE 0xad
242 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
243 #define GPCMD_READ_HEADER 0x44
244 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
245 #define GPCMD_READ_SUBCHANNEL 0x42
246 #define GPCMD_READ_TOC_PMA_ATIP 0x43
247 #define GPCMD_REPAIR_RZONE_TRACK 0x58
248 #define GPCMD_REPORT_KEY 0xa4
249 #define GPCMD_REQUEST_SENSE 0x03
250 #define GPCMD_RESERVE_RZONE_TRACK 0x53
251 #define GPCMD_SCAN 0xba
252 #define GPCMD_SEEK 0x2b
253 #define GPCMD_SEND_DVD_STRUCTURE 0xad
254 #define GPCMD_SEND_EVENT 0xa2
255 #define GPCMD_SEND_KEY 0xa3
256 #define GPCMD_SEND_OPC 0x54
257 #define GPCMD_SET_READ_AHEAD 0xa7
258 #define GPCMD_SET_STREAMING 0xb6
259 #define GPCMD_START_STOP_UNIT 0x1b
260 #define GPCMD_STOP_PLAY_SCAN 0x4e
261 #define GPCMD_TEST_UNIT_READY 0x00
262 #define GPCMD_VERIFY_10 0x2f
263 #define GPCMD_WRITE_10 0x2a
264 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
265 /* This is listed as optional in ATAPI 2.6, but is (curiously)
266 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
267 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
268 * drives support it. */
269 #define GPCMD_SET_SPEED 0xbb
270 /* This seems to be a SCSI specific CD-ROM opcode
271 * to play data at track/index */
272 #define GPCMD_PLAYAUDIO_TI 0x48
274 * From MS Media Status Notification Support Specification. For
277 #define GPCMD_GET_MEDIA_STATUS 0xda
278 #define GPCMD_MODE_SENSE_6 0x1a
280 /* Mode page codes for mode sense/set */
281 #define GPMODE_R_W_ERROR_PAGE 0x01
282 #define GPMODE_WRITE_PARMS_PAGE 0x05
283 #define GPMODE_AUDIO_CTL_PAGE 0x0e
284 #define GPMODE_POWER_PAGE 0x1a
285 #define GPMODE_FAULT_FAIL_PAGE 0x1c
286 #define GPMODE_TO_PROTECT_PAGE 0x1d
287 #define GPMODE_CAPABILITIES_PAGE 0x2a
288 #define GPMODE_ALL_PAGES 0x3f
289 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
290 * of MODE_SENSE_POWER_PAGE */
291 #define GPMODE_CDROM_PAGE 0x0d
294 * Based on values from <linux/cdrom.h> but extending CD_MINS
295 * to the maximum common size allowed by the Orange's Book ATIP
297 * 90 and 99 min CDs are also available but using them as the
298 * upper limit reduces the effectiveness of the heuristic to
299 * detect DVDs burned to less than 25% of their maximum capacity
302 /* Some generally useful CD-ROM information */
303 #define CD_MINS 80 /* max. minutes per CD */
304 #define CD_SECS 60 /* seconds per minute */
305 #define CD_FRAMES 75 /* frames per second */
306 #define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
307 #define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
308 #define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
311 * The MMC values are not IDE specific and might need to be moved
312 * to a common header if they are also needed for the SCSI emulation
315 /* Profile list from MMC-6 revision 1 table 91 */
316 #define MMC_PROFILE_NONE 0x0000
317 #define MMC_PROFILE_CD_ROM 0x0008
318 #define MMC_PROFILE_CD_R 0x0009
319 #define MMC_PROFILE_CD_RW 0x000A
320 #define MMC_PROFILE_DVD_ROM 0x0010
321 #define MMC_PROFILE_DVD_R_SR 0x0011
322 #define MMC_PROFILE_DVD_RAM 0x0012
323 #define MMC_PROFILE_DVD_RW_RO 0x0013
324 #define MMC_PROFILE_DVD_RW_SR 0x0014
325 #define MMC_PROFILE_DVD_R_DL_SR 0x0015
326 #define MMC_PROFILE_DVD_R_DL_JR 0x0016
327 #define MMC_PROFILE_DVD_RW_DL 0x0017
328 #define MMC_PROFILE_DVD_DDR 0x0018
329 #define MMC_PROFILE_DVD_PLUS_RW 0x001A
330 #define MMC_PROFILE_DVD_PLUS_R 0x001B
331 #define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
332 #define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
333 #define MMC_PROFILE_BD_ROM 0x0040
334 #define MMC_PROFILE_BD_R_SRM 0x0041
335 #define MMC_PROFILE_BD_R_RRM 0x0042
336 #define MMC_PROFILE_BD_RE 0x0043
337 #define MMC_PROFILE_HDDVD_ROM 0x0050
338 #define MMC_PROFILE_HDDVD_R 0x0051
339 #define MMC_PROFILE_HDDVD_RAM 0x0052
340 #define MMC_PROFILE_HDDVD_RW 0x0053
341 #define MMC_PROFILE_HDDVD_R_DL 0x0058
342 #define MMC_PROFILE_HDDVD_RW_DL 0x005A
343 #define MMC_PROFILE_INVALID 0xFFFF
345 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
346 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
347 #define ATAPI_INT_REASON_REL 0x04
348 #define ATAPI_INT_REASON_TAG 0xf8
350 /* same constants as bochs */
351 #define ASC_ILLEGAL_OPCODE 0x20
352 #define ASC_LOGICAL_BLOCK_OOR 0x21
353 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
354 #define ASC_MEDIUM_MAY_HAVE_CHANGED 0x28
355 #define ASC_INCOMPATIBLE_FORMAT 0x30
356 #define ASC_MEDIUM_NOT_PRESENT 0x3a
357 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
359 #define CFA_NO_ERROR 0x00
360 #define CFA_MISC_ERROR 0x09
361 #define CFA_INVALID_COMMAND 0x20
362 #define CFA_INVALID_ADDRESS 0x21
363 #define CFA_ADDRESS_OVERFLOW 0x2f
366 #define SENSE_NOT_READY 2
367 #define SENSE_ILLEGAL_REQUEST 5
368 #define SENSE_UNIT_ATTENTION 6
372 typedef void EndTransferFunc(struct IDEState *);
374 /* NOTE: IDEState represents in fact one drive */
375 typedef struct IDEState {
379 int cylinders, heads, sectors;
383 uint16_t identify_data[256];
386 struct BMDMAState *bmdma;
395 /* other part of tf for lba48 support */
405 /* 0x3f6 command, only meaningful for drive 0 */
407 /* set for lba48 access */
409 /* depends on bit 4 in select, only meaningful for drive 0 */
410 struct IDEState *cur_drive;
411 BlockDriverState *bs;
415 int packet_transfer_size;
416 int elementary_transfer_size;
420 int atapi_dma; /* true if dma is requested for the packet cmd */
423 /* PIO transfer handling */
424 int req_nb_sectors; /* number of sectors per interrupt */
425 EndTransferFunc *end_transfer_func;
429 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
430 uint32_t irq_count; /* counts IRQs when using win2k install hack */
431 /* CF-ATA extended error */
433 /* CF-ATA metadata storage */
435 uint8_t *mdata_storage;
439 /* XXX: DVDs that could fit on a CD will be reported as a CD */
440 static inline int media_present(IDEState *s)
442 return (s->nb_sectors > 0);
445 static inline int media_is_dvd(IDEState *s)
447 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
450 static inline int media_is_cd(IDEState *s)
452 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
455 #define BM_STATUS_DMAING 0x01
456 #define BM_STATUS_ERROR 0x02
457 #define BM_STATUS_INT 0x04
459 #define BM_CMD_START 0x01
460 #define BM_CMD_READ 0x08
462 #define IDE_TYPE_PIIX3 0
463 #define IDE_TYPE_CMD646 1
464 #define IDE_TYPE_PIIX4 2
466 /* CMD646 specific */
468 #define MRDMODE_INTR_CH0 0x04
469 #define MRDMODE_INTR_CH1 0x08
470 #define MRDMODE_BLK_CH0 0x10
471 #define MRDMODE_BLK_CH1 0x20
472 #define UDIDETCR0 0x73
473 #define UDIDETCR1 0x7B
475 typedef struct BMDMAState {
480 struct PCIIDEState *pci_dev;
481 /* current transfer state */
483 uint32_t cur_prd_last;
484 uint32_t cur_prd_addr;
485 uint32_t cur_prd_len;
487 BlockDriverCompletionFunc *dma_cb;
488 BlockDriverAIOCB *aiocb;
491 typedef struct PCIIDEState {
495 int type; /* see IDE_TYPE_xxx */
498 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
499 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
501 static void padstr(char *str, const char *src, int len)
504 for(i = 0; i < len; i++) {
513 static void padstr8(uint8_t *buf, int buf_size, const char *src)
516 for(i = 0; i < buf_size; i++) {
524 static void put_le16(uint16_t *p, unsigned int v)
529 static void ide_identify(IDEState *s)
532 unsigned int oldsize;
535 if (s->identify_set) {
536 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
540 memset(s->io_buffer, 0, 512);
541 p = (uint16_t *)s->io_buffer;
542 put_le16(p + 0, 0x0040);
543 put_le16(p + 1, s->cylinders);
544 put_le16(p + 3, s->heads);
545 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
546 put_le16(p + 5, 512); /* XXX: retired, remove ? */
547 put_le16(p + 6, s->sectors);
548 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
549 padstr((char *)(p + 10), buf, 20); /* serial number */
550 put_le16(p + 20, 3); /* XXX: retired, remove ? */
551 put_le16(p + 21, 512); /* cache size in sectors */
552 put_le16(p + 22, 4); /* ecc bytes */
553 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
554 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
555 #if MAX_MULT_SECTORS > 1
556 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
558 put_le16(p + 48, 1); /* dword I/O */
559 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
560 put_le16(p + 51, 0x200); /* PIO transfer cycle */
561 put_le16(p + 52, 0x200); /* DMA transfer cycle */
562 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
563 put_le16(p + 54, s->cylinders);
564 put_le16(p + 55, s->heads);
565 put_le16(p + 56, s->sectors);
566 oldsize = s->cylinders * s->heads * s->sectors;
567 put_le16(p + 57, oldsize);
568 put_le16(p + 58, oldsize >> 16);
570 put_le16(p + 59, 0x100 | s->mult_sectors);
571 put_le16(p + 60, s->nb_sectors);
572 put_le16(p + 61, s->nb_sectors >> 16);
573 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
574 put_le16(p + 63, 0x07); /* mdma0-2 supported */
575 put_le16(p + 65, 120);
576 put_le16(p + 66, 120);
577 put_le16(p + 67, 120);
578 put_le16(p + 68, 120);
579 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
580 put_le16(p + 81, 0x16); /* conforms to ata5 */
581 put_le16(p + 82, (1 << 14));
582 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
583 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
584 put_le16(p + 84, (1 << 14));
585 put_le16(p + 85, (1 << 14));
586 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
587 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
588 put_le16(p + 87, (1 << 14));
589 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
590 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
591 put_le16(p + 100, s->nb_sectors);
592 put_le16(p + 101, s->nb_sectors >> 16);
593 put_le16(p + 102, s->nb_sectors >> 32);
594 put_le16(p + 103, s->nb_sectors >> 48);
596 memcpy(s->identify_data, p, sizeof(s->identify_data));
600 static void ide_atapi_identify(IDEState *s)
605 if (s->identify_set) {
606 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
610 memset(s->io_buffer, 0, 512);
611 p = (uint16_t *)s->io_buffer;
612 /* Removable CDROM, 50us response, 12 byte packets */
613 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
614 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
615 padstr((char *)(p + 10), buf, 20); /* serial number */
616 put_le16(p + 20, 3); /* buffer type */
617 put_le16(p + 21, 512); /* cache size in sectors */
618 put_le16(p + 22, 4); /* ecc bytes */
619 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
620 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
621 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
623 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
624 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
625 put_le16(p + 62, 7); /* single word dma0-2 supported */
626 put_le16(p + 63, 7); /* mdma0-2 supported */
627 put_le16(p + 64, 0x3f); /* PIO modes supported */
629 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
630 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
631 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
632 put_le16(p + 64, 1); /* PIO modes */
634 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
635 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
636 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
637 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
639 put_le16(p + 71, 30); /* in ns */
640 put_le16(p + 72, 30); /* in ns */
642 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
644 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
646 memcpy(s->identify_data, p, sizeof(s->identify_data));
650 static void ide_cfata_identify(IDEState *s)
656 p = (uint16_t *) s->identify_data;
660 memset(p, 0, sizeof(s->identify_data));
662 cur_sec = s->cylinders * s->heads * s->sectors;
664 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
665 put_le16(p + 1, s->cylinders); /* Default cylinders */
666 put_le16(p + 3, s->heads); /* Default heads */
667 put_le16(p + 6, s->sectors); /* Default sectors per track */
668 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
669 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
670 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
671 padstr((char *)(p + 10), buf, 20); /* Serial number in ASCII */
672 put_le16(p + 22, 0x0004); /* ECC bytes */
673 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
674 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
675 #if MAX_MULT_SECTORS > 1
676 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
678 put_le16(p + 47, 0x0000);
680 put_le16(p + 49, 0x0f00); /* Capabilities */
681 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
682 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
683 put_le16(p + 53, 0x0003); /* Translation params valid */
684 put_le16(p + 54, s->cylinders); /* Current cylinders */
685 put_le16(p + 55, s->heads); /* Current heads */
686 put_le16(p + 56, s->sectors); /* Current sectors */
687 put_le16(p + 57, cur_sec); /* Current capacity */
688 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
689 if (s->mult_sectors) /* Multiple sector setting */
690 put_le16(p + 59, 0x100 | s->mult_sectors);
691 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
692 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
693 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
694 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
695 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
696 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
697 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
698 put_le16(p + 82, 0x400c); /* Command Set supported */
699 put_le16(p + 83, 0x7068); /* Command Set supported */
700 put_le16(p + 84, 0x4000); /* Features supported */
701 put_le16(p + 85, 0x000c); /* Command Set enabled */
702 put_le16(p + 86, 0x7044); /* Command Set enabled */
703 put_le16(p + 87, 0x4000); /* Features enabled */
704 put_le16(p + 91, 0x4060); /* Current APM level */
705 put_le16(p + 129, 0x0002); /* Current features option */
706 put_le16(p + 130, 0x0005); /* Reassigned sectors */
707 put_le16(p + 131, 0x0001); /* Initial power mode */
708 put_le16(p + 132, 0x0000); /* User signature */
709 put_le16(p + 160, 0x8100); /* Power requirement */
710 put_le16(p + 161, 0x8001); /* CF command set */
715 memcpy(s->io_buffer, p, sizeof(s->identify_data));
718 static void ide_set_signature(IDEState *s)
720 s->select &= 0xf0; /* clear head */
736 static inline void ide_abort_command(IDEState *s)
738 s->status = READY_STAT | ERR_STAT;
742 static inline void ide_dma_submit_check(IDEState *s,
743 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
750 static inline void ide_set_irq(IDEState *s)
752 BMDMAState *bm = s->bmdma;
753 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
755 bm->status |= BM_STATUS_INT;
757 qemu_irq_raise(s->irq);
761 /* prepare data transfer and tell what to do after */
762 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
763 EndTransferFunc *end_transfer_func)
765 s->end_transfer_func = end_transfer_func;
767 s->data_end = buf + size;
768 if (!(s->status & ERR_STAT))
769 s->status |= DRQ_STAT;
772 static void ide_transfer_stop(IDEState *s)
774 s->end_transfer_func = ide_transfer_stop;
775 s->data_ptr = s->io_buffer;
776 s->data_end = s->io_buffer;
777 s->status &= ~DRQ_STAT;
780 static int64_t ide_get_sector(IDEState *s)
783 if (s->select & 0x40) {
786 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
787 (s->lcyl << 8) | s->sector;
789 sector_num = ((int64_t)s->hob_hcyl << 40) |
790 ((int64_t) s->hob_lcyl << 32) |
791 ((int64_t) s->hob_sector << 24) |
792 ((int64_t) s->hcyl << 16) |
793 ((int64_t) s->lcyl << 8) | s->sector;
796 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
797 (s->select & 0x0f) * s->sectors + (s->sector - 1);
802 static void ide_set_sector(IDEState *s, int64_t sector_num)
805 if (s->select & 0x40) {
807 s->select = (s->select & 0xf0) | (sector_num >> 24);
808 s->hcyl = (sector_num >> 16);
809 s->lcyl = (sector_num >> 8);
810 s->sector = (sector_num);
812 s->sector = sector_num;
813 s->lcyl = sector_num >> 8;
814 s->hcyl = sector_num >> 16;
815 s->hob_sector = sector_num >> 24;
816 s->hob_lcyl = sector_num >> 32;
817 s->hob_hcyl = sector_num >> 40;
820 cyl = sector_num / (s->heads * s->sectors);
821 r = sector_num % (s->heads * s->sectors);
824 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
825 s->sector = (r % s->sectors) + 1;
829 static void ide_rw_error(IDEState *s) {
830 ide_abort_command(s);
834 static void ide_sector_read(IDEState *s)
839 s->status = READY_STAT | SEEK_STAT;
840 s->error = 0; /* not needed by IDE spec, but needed by Windows */
841 sector_num = ide_get_sector(s);
844 /* no more sector to read from disk */
845 ide_transfer_stop(s);
847 #if defined(DEBUG_IDE)
848 printf("read sector=%" PRId64 "\n", sector_num);
850 if (n > s->req_nb_sectors)
851 n = s->req_nb_sectors;
852 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
857 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
859 ide_set_sector(s, sector_num + n);
864 static void ide_dma_error(IDEState *s)
866 ide_transfer_stop(s);
868 s->status = READY_STAT | ERR_STAT;
872 /* return 0 if buffer completed */
873 static int dma_buf_rw(BMDMAState *bm, int is_write)
875 IDEState *s = bm->ide_if;
883 l = s->io_buffer_size - s->io_buffer_index;
886 if (bm->cur_prd_len == 0) {
887 /* end of table (with a fail safe of one page) */
888 if (bm->cur_prd_last ||
889 (bm->cur_addr - bm->addr) >= 4096)
891 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
893 prd.addr = le32_to_cpu(prd.addr);
894 prd.size = le32_to_cpu(prd.size);
895 len = prd.size & 0xfffe;
898 bm->cur_prd_len = len;
899 bm->cur_prd_addr = prd.addr;
900 bm->cur_prd_last = (prd.size & 0x80000000);
902 if (l > bm->cur_prd_len)
906 cpu_physical_memory_write(bm->cur_prd_addr,
907 s->io_buffer + s->io_buffer_index, l);
909 cpu_physical_memory_read(bm->cur_prd_addr,
910 s->io_buffer + s->io_buffer_index, l);
912 bm->cur_prd_addr += l;
913 bm->cur_prd_len -= l;
914 s->io_buffer_index += l;
920 static void ide_read_dma_cb(void *opaque, int ret)
922 BMDMAState *bm = opaque;
923 IDEState *s = bm->ide_if;
932 n = s->io_buffer_size >> 9;
933 sector_num = ide_get_sector(s);
936 ide_set_sector(s, sector_num);
938 if (dma_buf_rw(bm, 1) == 0)
942 /* end of transfer ? */
943 if (s->nsector == 0) {
944 s->status = READY_STAT | SEEK_STAT;
947 bm->status &= ~BM_STATUS_DMAING;
948 bm->status |= BM_STATUS_INT;
955 /* launch next transfer */
957 if (n > IDE_DMA_BUF_SECTORS)
958 n = IDE_DMA_BUF_SECTORS;
959 s->io_buffer_index = 0;
960 s->io_buffer_size = n * 512;
962 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
964 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
965 ide_read_dma_cb, bm);
966 ide_dma_submit_check(s, ide_read_dma_cb, bm);
969 static void ide_sector_read_dma(IDEState *s)
971 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
972 s->io_buffer_index = 0;
973 s->io_buffer_size = 0;
974 ide_dma_start(s, ide_read_dma_cb);
977 static void ide_sector_write_timer_cb(void *opaque)
979 IDEState *s = opaque;
983 static void ide_sector_write(IDEState *s)
988 s->status = READY_STAT | SEEK_STAT;
989 sector_num = ide_get_sector(s);
990 #if defined(DEBUG_IDE)
991 printf("write sector=%" PRId64 "\n", sector_num);
994 if (n > s->req_nb_sectors)
995 n = s->req_nb_sectors;
996 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
1003 if (s->nsector == 0) {
1004 /* no more sectors to write */
1005 ide_transfer_stop(s);
1008 if (n1 > s->req_nb_sectors)
1009 n1 = s->req_nb_sectors;
1010 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
1012 ide_set_sector(s, sector_num + n);
1015 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
1016 /* It seems there is a bug in the Windows 2000 installer HDD
1017 IDE driver which fills the disk with empty logs when the
1018 IDE write IRQ comes too early. This hack tries to correct
1019 that at the expense of slower write performances. Use this
1020 option _only_ to install Windows 2000. You must disable it
1022 qemu_mod_timer(s->sector_write_timer,
1023 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
1031 static void ide_write_dma_cb(void *opaque, int ret)
1033 BMDMAState *bm = opaque;
1034 IDEState *s = bm->ide_if;
1043 n = s->io_buffer_size >> 9;
1044 sector_num = ide_get_sector(s);
1047 ide_set_sector(s, sector_num);
1051 /* end of transfer ? */
1052 if (s->nsector == 0) {
1053 s->status = READY_STAT | SEEK_STAT;
1056 bm->status &= ~BM_STATUS_DMAING;
1057 bm->status |= BM_STATUS_INT;
1064 /* launch next transfer */
1066 if (n > IDE_DMA_BUF_SECTORS)
1067 n = IDE_DMA_BUF_SECTORS;
1068 s->io_buffer_index = 0;
1069 s->io_buffer_size = n * 512;
1071 if (dma_buf_rw(bm, 0) == 0)
1074 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
1076 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
1077 ide_write_dma_cb, bm);
1078 ide_dma_submit_check(s, ide_write_dma_cb, bm);
1081 static void ide_sector_write_dma(IDEState *s)
1083 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1084 s->io_buffer_index = 0;
1085 s->io_buffer_size = 0;
1086 ide_dma_start(s, ide_write_dma_cb);
1089 static void ide_atapi_cmd_ok(IDEState *s)
1092 s->status = READY_STAT | SEEK_STAT;
1093 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1097 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1099 #ifdef DEBUG_IDE_ATAPI
1100 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1102 s->error = sense_key << 4;
1103 s->status = READY_STAT | ERR_STAT;
1104 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1105 s->sense_key = sense_key;
1110 static void ide_atapi_cmd_check_status(IDEState *s)
1112 #ifdef DEBUG_IDE_ATAPI
1113 printf("atapi_cmd_check_status\n");
1115 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
1116 s->status = ERR_STAT;
1121 static inline void cpu_to_ube16(uint8_t *buf, int val)
1127 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1135 static inline int ube16_to_cpu(const uint8_t *buf)
1137 return (buf[0] << 8) | buf[1];
1140 static inline int ube32_to_cpu(const uint8_t *buf)
1142 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1145 static void lba_to_msf(uint8_t *buf, int lba)
1148 buf[0] = (lba / 75) / 60;
1149 buf[1] = (lba / 75) % 60;
1153 static void cd_data_to_raw(uint8_t *buf, int lba)
1157 memset(buf + 1, 0xff, 10);
1161 lba_to_msf(buf, lba);
1162 buf[3] = 0x01; /* mode 1 data */
1166 /* XXX: ECC not computed */
1167 memset(buf, 0, 288);
1170 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
1175 switch(sector_size) {
1177 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1180 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1183 cd_data_to_raw(buf, lba);
1192 static void ide_atapi_io_error(IDEState *s, int ret)
1194 /* XXX: handle more errors */
1195 if (ret == -ENOMEDIUM) {
1196 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1197 ASC_MEDIUM_NOT_PRESENT);
1199 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1200 ASC_LOGICAL_BLOCK_OOR);
1204 /* The whole ATAPI transfer logic is handled in this function */
1205 static void ide_atapi_cmd_reply_end(IDEState *s)
1207 int byte_count_limit, size, ret;
1208 #ifdef DEBUG_IDE_ATAPI
1209 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1210 s->packet_transfer_size,
1211 s->elementary_transfer_size,
1212 s->io_buffer_index);
1214 if (s->packet_transfer_size <= 0) {
1215 /* end of transfer */
1216 ide_transfer_stop(s);
1217 s->status = READY_STAT | SEEK_STAT;
1218 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1220 #ifdef DEBUG_IDE_ATAPI
1221 printf("status=0x%x\n", s->status);
1224 /* see if a new sector must be read */
1225 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1226 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1228 ide_transfer_stop(s);
1229 ide_atapi_io_error(s, ret);
1233 s->io_buffer_index = 0;
1235 if (s->elementary_transfer_size > 0) {
1236 /* there are some data left to transmit in this elementary
1238 size = s->cd_sector_size - s->io_buffer_index;
1239 if (size > s->elementary_transfer_size)
1240 size = s->elementary_transfer_size;
1241 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1242 size, ide_atapi_cmd_reply_end);
1243 s->packet_transfer_size -= size;
1244 s->elementary_transfer_size -= size;
1245 s->io_buffer_index += size;
1247 /* a new transfer is needed */
1248 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1249 byte_count_limit = s->lcyl | (s->hcyl << 8);
1250 #ifdef DEBUG_IDE_ATAPI
1251 printf("byte_count_limit=%d\n", byte_count_limit);
1253 if (byte_count_limit == 0xffff)
1255 size = s->packet_transfer_size;
1256 if (size > byte_count_limit) {
1257 /* byte count limit must be even if this case */
1258 if (byte_count_limit & 1)
1260 size = byte_count_limit;
1263 s->hcyl = size >> 8;
1264 s->elementary_transfer_size = size;
1265 /* we cannot transmit more than one sector at a time */
1267 if (size > (s->cd_sector_size - s->io_buffer_index))
1268 size = (s->cd_sector_size - s->io_buffer_index);
1270 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1271 size, ide_atapi_cmd_reply_end);
1272 s->packet_transfer_size -= size;
1273 s->elementary_transfer_size -= size;
1274 s->io_buffer_index += size;
1276 #ifdef DEBUG_IDE_ATAPI
1277 printf("status=0x%x\n", s->status);
1283 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1284 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1286 if (size > max_size)
1288 s->lba = -1; /* no sector read */
1289 s->packet_transfer_size = size;
1290 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1291 s->elementary_transfer_size = 0;
1292 s->io_buffer_index = 0;
1295 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
1296 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1298 s->status = READY_STAT | SEEK_STAT;
1299 ide_atapi_cmd_reply_end(s);
1303 /* start a CD-CDROM read command */
1304 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1308 s->packet_transfer_size = nb_sectors * sector_size;
1309 s->elementary_transfer_size = 0;
1310 s->io_buffer_index = sector_size;
1311 s->cd_sector_size = sector_size;
1313 s->status = READY_STAT | SEEK_STAT;
1314 ide_atapi_cmd_reply_end(s);
1317 /* ATAPI DMA support */
1319 /* XXX: handle read errors */
1320 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1322 BMDMAState *bm = opaque;
1323 IDEState *s = bm->ide_if;
1327 ide_atapi_io_error(s, ret);
1331 if (s->io_buffer_size > 0) {
1333 * For a cdrom read sector command (s->lba != -1),
1334 * adjust the lba for the next s->io_buffer_size chunk
1335 * and dma the current chunk.
1336 * For a command != read (s->lba == -1), just transfer
1340 if (s->cd_sector_size == 2352) {
1342 cd_data_to_raw(s->io_buffer, s->lba);
1344 n = s->io_buffer_size >> 11;
1348 s->packet_transfer_size -= s->io_buffer_size;
1349 if (dma_buf_rw(bm, 1) == 0)
1353 if (s->packet_transfer_size <= 0) {
1354 s->status = READY_STAT | SEEK_STAT;
1355 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1358 bm->status &= ~BM_STATUS_DMAING;
1359 bm->status |= BM_STATUS_INT;
1366 s->io_buffer_index = 0;
1367 if (s->cd_sector_size == 2352) {
1369 s->io_buffer_size = s->cd_sector_size;
1372 n = s->packet_transfer_size >> 11;
1373 if (n > (IDE_DMA_BUF_SECTORS / 4))
1374 n = (IDE_DMA_BUF_SECTORS / 4);
1375 s->io_buffer_size = n * 2048;
1379 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1381 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1382 s->io_buffer + data_offset, n * 4,
1383 ide_atapi_cmd_read_dma_cb, bm);
1385 /* Note: media not present is the most likely case */
1386 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1387 ASC_MEDIUM_NOT_PRESENT);
1392 /* start a CD-CDROM read command with DMA */
1393 /* XXX: test if DMA is available */
1394 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1398 s->packet_transfer_size = nb_sectors * sector_size;
1399 s->io_buffer_index = 0;
1400 s->io_buffer_size = 0;
1401 s->cd_sector_size = sector_size;
1403 /* XXX: check if BUSY_STAT should be set */
1404 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1405 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1408 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1411 #ifdef DEBUG_IDE_ATAPI
1412 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1416 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1418 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1422 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1425 uint8_t *buf_profile = buf + 12; /* start of profiles */
1427 buf_profile += ((*index) * 4); /* start of indexed profile */
1428 cpu_to_ube16 (buf_profile, profile);
1429 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1431 /* each profile adds 4 bytes to the response */
1433 buf[11] += 4; /* Additional Length */
1438 static int ide_dvd_read_structure(IDEState *s, int format,
1439 const uint8_t *packet, uint8_t *buf)
1442 case 0x0: /* Physical format information */
1444 int layer = packet[6];
1445 uint64_t total_sectors;
1448 return -ASC_INV_FIELD_IN_CMD_PACKET;
1450 bdrv_get_geometry(s->bs, &total_sectors);
1451 total_sectors >>= 2;
1452 if (total_sectors == 0)
1453 return -ASC_MEDIUM_NOT_PRESENT;
1455 buf[4] = 1; /* DVD-ROM, part version 1 */
1456 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1457 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1458 buf[7] = 0; /* default densities */
1460 /* FIXME: 0x30000 per spec? */
1461 cpu_to_ube32(buf + 8, 0); /* start sector */
1462 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1463 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1465 /* Size of buffer, not including 2 byte size field */
1466 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1468 /* 2k data + 4 byte header */
1472 case 0x01: /* DVD copyright information */
1473 buf[4] = 0; /* no copyright data */
1474 buf[5] = 0; /* no region restrictions */
1476 /* Size of buffer, not including 2 byte size field */
1477 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1479 /* 4 byte header + 4 byte data */
1482 case 0x03: /* BCA information - invalid field for no BCA info */
1483 return -ASC_INV_FIELD_IN_CMD_PACKET;
1485 case 0x04: /* DVD disc manufacturing information */
1486 /* Size of buffer, not including 2 byte size field */
1487 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1489 /* 2k data + 4 byte header */
1494 * This lists all the command capabilities above. Add new ones
1495 * in order and update the length and buffer return values.
1498 buf[4] = 0x00; /* Physical format */
1499 buf[5] = 0x40; /* Not writable, is readable */
1500 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1502 buf[8] = 0x01; /* Copyright info */
1503 buf[9] = 0x40; /* Not writable, is readable */
1504 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1506 buf[12] = 0x03; /* BCA info */
1507 buf[13] = 0x40; /* Not writable, is readable */
1508 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1510 buf[16] = 0x04; /* Manufacturing info */
1511 buf[17] = 0x40; /* Not writable, is readable */
1512 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1514 /* Size of buffer, not including 2 byte size field */
1515 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1517 /* data written + 4 byte header */
1520 default: /* TODO: formats beyond DVD-ROM requires */
1521 return -ASC_INV_FIELD_IN_CMD_PACKET;
1525 static void ide_atapi_cmd(IDEState *s)
1527 const uint8_t *packet;
1531 packet = s->io_buffer;
1533 #ifdef DEBUG_IDE_ATAPI
1536 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1537 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1538 printf(" %02x", packet[i]);
1543 /* If there's a UNIT_ATTENTION condition pending, only
1544 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1545 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1546 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1547 s->io_buffer[0] != GPCMD_INQUIRY) {
1548 ide_atapi_cmd_check_status(s);
1551 switch(s->io_buffer[0]) {
1552 case GPCMD_TEST_UNIT_READY:
1553 if (bdrv_is_inserted(s->bs)) {
1554 ide_atapi_cmd_ok(s);
1556 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1557 ASC_MEDIUM_NOT_PRESENT);
1560 case GPCMD_MODE_SENSE_6:
1561 case GPCMD_MODE_SENSE_10:
1564 if (packet[0] == GPCMD_MODE_SENSE_10)
1565 max_len = ube16_to_cpu(packet + 7);
1567 max_len = packet[4];
1568 action = packet[2] >> 6;
1569 code = packet[2] & 0x3f;
1571 case 0: /* current values */
1573 case 0x01: /* error recovery */
1574 cpu_to_ube16(&buf[0], 16 + 6);
1590 ide_atapi_cmd_reply(s, 16, max_len);
1593 cpu_to_ube16(&buf[0], 28 + 6);
1606 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1607 code checks for this to automount media. */
1610 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1611 if (bdrv_is_locked(s->bs))
1614 cpu_to_ube16(&buf[16], 706);
1617 cpu_to_ube16(&buf[20], 512);
1618 cpu_to_ube16(&buf[22], 706);
1623 ide_atapi_cmd_reply(s, 28, max_len);
1629 case 1: /* changeable values */
1631 case 2: /* default values */
1634 case 3: /* saved values */
1635 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1636 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1641 case GPCMD_REQUEST_SENSE:
1642 max_len = packet[4];
1644 buf[0] = 0x70 | (1 << 7);
1645 buf[2] = s->sense_key;
1648 if (s->sense_key == SENSE_UNIT_ATTENTION)
1649 s->sense_key = SENSE_NONE;
1650 ide_atapi_cmd_reply(s, 18, max_len);
1652 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1653 if (bdrv_is_inserted(s->bs)) {
1654 bdrv_set_locked(s->bs, packet[4] & 1);
1655 ide_atapi_cmd_ok(s);
1657 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1658 ASC_MEDIUM_NOT_PRESENT);
1664 int nb_sectors, lba;
1666 if (packet[0] == GPCMD_READ_10)
1667 nb_sectors = ube16_to_cpu(packet + 7);
1669 nb_sectors = ube32_to_cpu(packet + 6);
1670 lba = ube32_to_cpu(packet + 2);
1671 if (nb_sectors == 0) {
1672 ide_atapi_cmd_ok(s);
1675 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1680 int nb_sectors, lba, transfer_request;
1682 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1683 lba = ube32_to_cpu(packet + 2);
1684 if (nb_sectors == 0) {
1685 ide_atapi_cmd_ok(s);
1688 transfer_request = packet[9];
1689 switch(transfer_request & 0xf8) {
1692 ide_atapi_cmd_ok(s);
1696 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1700 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1703 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1704 ASC_INV_FIELD_IN_CMD_PACKET);
1712 uint64_t total_sectors;
1714 bdrv_get_geometry(s->bs, &total_sectors);
1715 total_sectors >>= 2;
1716 if (total_sectors == 0) {
1717 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1718 ASC_MEDIUM_NOT_PRESENT);
1721 lba = ube32_to_cpu(packet + 2);
1722 if (lba >= total_sectors) {
1723 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1724 ASC_LOGICAL_BLOCK_OOR);
1727 ide_atapi_cmd_ok(s);
1730 case GPCMD_START_STOP_UNIT:
1733 start = packet[4] & 1;
1734 eject = (packet[4] >> 1) & 1;
1736 if (eject && !start) {
1737 /* eject the disk */
1738 bdrv_eject(s->bs, 1);
1739 } else if (eject && start) {
1740 /* close the tray */
1741 bdrv_eject(s->bs, 0);
1743 ide_atapi_cmd_ok(s);
1746 case GPCMD_MECHANISM_STATUS:
1748 max_len = ube16_to_cpu(packet + 8);
1749 cpu_to_ube16(buf, 0);
1750 /* no current LBA */
1755 cpu_to_ube16(buf + 6, 0);
1756 ide_atapi_cmd_reply(s, 8, max_len);
1759 case GPCMD_READ_TOC_PMA_ATIP:
1761 int format, msf, start_track, len;
1762 uint64_t total_sectors;
1764 bdrv_get_geometry(s->bs, &total_sectors);
1765 total_sectors >>= 2;
1766 if (total_sectors == 0) {
1767 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1768 ASC_MEDIUM_NOT_PRESENT);
1771 max_len = ube16_to_cpu(packet + 7);
1772 format = packet[9] >> 6;
1773 msf = (packet[1] >> 1) & 1;
1774 start_track = packet[6];
1777 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1780 ide_atapi_cmd_reply(s, len, max_len);
1783 /* multi session : only a single session defined */
1788 ide_atapi_cmd_reply(s, 12, max_len);
1791 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1794 ide_atapi_cmd_reply(s, len, max_len);
1798 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1799 ASC_INV_FIELD_IN_CMD_PACKET);
1804 case GPCMD_READ_CDVD_CAPACITY:
1806 uint64_t total_sectors;
1808 bdrv_get_geometry(s->bs, &total_sectors);
1809 total_sectors >>= 2;
1810 if (total_sectors == 0) {
1811 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1812 ASC_MEDIUM_NOT_PRESENT);
1815 /* NOTE: it is really the number of sectors minus 1 */
1816 cpu_to_ube32(buf, total_sectors - 1);
1817 cpu_to_ube32(buf + 4, 2048);
1818 ide_atapi_cmd_reply(s, 8, 8);
1821 case GPCMD_READ_DVD_STRUCTURE:
1823 int media = packet[1];
1824 int format = packet[7];
1827 max_len = ube16_to_cpu(packet + 8);
1829 if (format < 0xff) {
1830 if (media_is_cd(s)) {
1831 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1832 ASC_INCOMPATIBLE_FORMAT);
1834 } else if (!media_present(s)) {
1835 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1836 ASC_INV_FIELD_IN_CMD_PACKET);
1841 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1842 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1848 ret = ide_dvd_read_structure(s, format, packet, buf);
1851 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1853 ide_atapi_cmd_reply(s, ret, max_len);
1857 /* TODO: BD support, fall through for now */
1859 /* Generic disk structures */
1860 case 0x80: /* TODO: AACS volume identifier */
1861 case 0x81: /* TODO: AACS media serial number */
1862 case 0x82: /* TODO: AACS media identifier */
1863 case 0x83: /* TODO: AACS media key block */
1864 case 0x90: /* TODO: List of recognized format layers */
1865 case 0xc0: /* TODO: Write protection status */
1867 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1868 ASC_INV_FIELD_IN_CMD_PACKET);
1873 case GPCMD_SET_SPEED:
1874 ide_atapi_cmd_ok(s);
1877 max_len = packet[4];
1878 buf[0] = 0x05; /* CD-ROM */
1879 buf[1] = 0x80; /* removable */
1880 buf[2] = 0x00; /* ISO */
1881 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1882 buf[4] = 31; /* additional length */
1883 buf[5] = 0; /* reserved */
1884 buf[6] = 0; /* reserved */
1885 buf[7] = 0; /* reserved */
1886 padstr8(buf + 8, 8, "QEMU");
1887 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1888 padstr8(buf + 32, 4, QEMU_VERSION);
1889 ide_atapi_cmd_reply(s, 36, max_len);
1891 case GPCMD_GET_CONFIGURATION:
1896 /* only feature 0 is supported */
1897 if (packet[2] != 0 || packet[3] != 0) {
1898 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1899 ASC_INV_FIELD_IN_CMD_PACKET);
1903 /* XXX: could result in alignment problems in some architectures */
1904 max_len = ube16_to_cpu(packet + 7);
1907 * XXX: avoid overflow for io_buffer if max_len is bigger than
1908 * the size of that buffer (dimensioned to max number of
1909 * sectors to transfer at once)
1911 * Only a problem if the feature/profiles grow.
1913 if (max_len > 512) /* XXX: assume 1 sector */
1916 memset(buf, 0, max_len);
1918 * the number of sectors from the media tells us which profile
1919 * to use as current. 0 means there is no media
1921 if (media_is_dvd(s))
1922 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1923 else if (media_is_cd(s))
1924 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1926 buf[10] = 0x02 | 0x01; /* persistent and current */
1927 len = 12; /* headers: 8 + 4 */
1928 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1929 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1930 cpu_to_ube32(buf, len - 4); /* data length */
1932 ide_atapi_cmd_reply(s, len, max_len);
1936 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1937 ASC_ILLEGAL_OPCODE);
1942 static void ide_cfata_metadata_inquiry(IDEState *s)
1947 p = (uint16_t *) s->io_buffer;
1948 memset(p, 0, 0x200);
1949 spd = ((s->mdata_size - 1) >> 9) + 1;
1951 put_le16(p + 0, 0x0001); /* Data format revision */
1952 put_le16(p + 1, 0x0000); /* Media property: silicon */
1953 put_le16(p + 2, s->media_changed); /* Media status */
1954 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1955 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1956 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1957 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1960 static void ide_cfata_metadata_read(IDEState *s)
1964 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1965 s->status = ERR_STAT;
1966 s->error = ABRT_ERR;
1970 p = (uint16_t *) s->io_buffer;
1971 memset(p, 0, 0x200);
1973 put_le16(p + 0, s->media_changed); /* Media status */
1974 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1975 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1976 s->nsector << 9), 0x200 - 2));
1979 static void ide_cfata_metadata_write(IDEState *s)
1981 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1982 s->status = ERR_STAT;
1983 s->error = ABRT_ERR;
1987 s->media_changed = 0;
1989 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1991 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1992 s->nsector << 9), 0x200 - 2));
1995 /* called when the inserted state of the media has changed */
1996 static void cdrom_change_cb(void *opaque)
1998 IDEState *s = opaque;
1999 uint64_t nb_sectors;
2001 bdrv_get_geometry(s->bs, &nb_sectors);
2002 s->nb_sectors = nb_sectors;
2004 s->sense_key = SENSE_UNIT_ATTENTION;
2005 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
2010 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
2014 /* handle the 'magic' 0 nsector count conversion here. to avoid
2015 * fiddling with the rest of the read logic, we just store the
2016 * full sector count in ->nsector and ignore ->hob_nsector from now
2022 if (!s->nsector && !s->hob_nsector)
2025 int lo = s->nsector;
2026 int hi = s->hob_nsector;
2028 s->nsector = (hi << 8) | lo;
2033 static void ide_clear_hob(IDEState *ide_if)
2035 /* any write clears HOB high bit of device control register */
2036 ide_if[0].select &= ~(1 << 7);
2037 ide_if[1].select &= ~(1 << 7);
2040 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
2042 IDEState *ide_if = opaque;
2048 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
2053 /* ignore writes to command block while busy with previous command */
2054 if (addr != 7 && (ide_if->cur_drive->status & (BUSY_STAT|DRQ_STAT)))
2061 ide_clear_hob(ide_if);
2062 /* NOTE: data is written to the two drives */
2063 ide_if[0].hob_feature = ide_if[0].feature;
2064 ide_if[1].hob_feature = ide_if[1].feature;
2065 ide_if[0].feature = val;
2066 ide_if[1].feature = val;
2069 ide_clear_hob(ide_if);
2070 ide_if[0].hob_nsector = ide_if[0].nsector;
2071 ide_if[1].hob_nsector = ide_if[1].nsector;
2072 ide_if[0].nsector = val;
2073 ide_if[1].nsector = val;
2076 ide_clear_hob(ide_if);
2077 ide_if[0].hob_sector = ide_if[0].sector;
2078 ide_if[1].hob_sector = ide_if[1].sector;
2079 ide_if[0].sector = val;
2080 ide_if[1].sector = val;
2083 ide_clear_hob(ide_if);
2084 ide_if[0].hob_lcyl = ide_if[0].lcyl;
2085 ide_if[1].hob_lcyl = ide_if[1].lcyl;
2086 ide_if[0].lcyl = val;
2087 ide_if[1].lcyl = val;
2090 ide_clear_hob(ide_if);
2091 ide_if[0].hob_hcyl = ide_if[0].hcyl;
2092 ide_if[1].hob_hcyl = ide_if[1].hcyl;
2093 ide_if[0].hcyl = val;
2094 ide_if[1].hcyl = val;
2097 /* FIXME: HOB readback uses bit 7 */
2098 ide_if[0].select = (val & ~0x10) | 0xa0;
2099 ide_if[1].select = (val | 0x10) | 0xa0;
2101 unit = (val >> 4) & 1;
2103 ide_if->cur_drive = s;
2108 #if defined(DEBUG_IDE)
2109 printf("ide: CMD=%02x\n", val);
2111 s = ide_if->cur_drive;
2112 /* ignore commands to non existant slave */
2113 if (s != ide_if && !s->bs)
2116 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
2117 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
2122 if (s->bs && !s->is_cdrom) {
2126 ide_cfata_identify(s);
2127 s->status = READY_STAT | SEEK_STAT;
2128 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2131 ide_set_signature(s);
2133 ide_abort_command(s);
2140 s->status = READY_STAT | SEEK_STAT;
2144 if (s->is_cf && s->nsector == 0) {
2145 /* Disable Read and Write Multiple */
2146 s->mult_sectors = 0;
2147 s->status = READY_STAT | SEEK_STAT;
2148 } else if ((s->nsector & 0xff) != 0 &&
2149 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
2150 (s->nsector & (s->nsector - 1)) != 0)) {
2151 ide_abort_command(s);
2153 s->mult_sectors = s->nsector & 0xff;
2154 s->status = READY_STAT | SEEK_STAT;
2158 case WIN_VERIFY_EXT:
2161 case WIN_VERIFY_ONCE:
2162 /* do sector number check ? */
2163 ide_cmd_lba48_transform(s, lba48);
2164 s->status = READY_STAT | SEEK_STAT;
2173 ide_cmd_lba48_transform(s, lba48);
2174 s->req_nb_sectors = 1;
2180 case WIN_WRITE_ONCE:
2181 case CFA_WRITE_SECT_WO_ERASE:
2182 case WIN_WRITE_VERIFY:
2183 ide_cmd_lba48_transform(s, lba48);
2185 s->status = SEEK_STAT | READY_STAT;
2186 s->req_nb_sectors = 1;
2187 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
2188 s->media_changed = 1;
2190 case WIN_MULTREAD_EXT:
2193 if (!s->mult_sectors)
2195 ide_cmd_lba48_transform(s, lba48);
2196 s->req_nb_sectors = s->mult_sectors;
2199 case WIN_MULTWRITE_EXT:
2202 case CFA_WRITE_MULTI_WO_ERASE:
2203 if (!s->mult_sectors)
2205 ide_cmd_lba48_transform(s, lba48);
2207 s->status = SEEK_STAT | READY_STAT;
2208 s->req_nb_sectors = s->mult_sectors;
2210 if (n > s->req_nb_sectors)
2211 n = s->req_nb_sectors;
2212 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
2213 s->media_changed = 1;
2215 case WIN_READDMA_EXT:
2218 case WIN_READDMA_ONCE:
2221 ide_cmd_lba48_transform(s, lba48);
2222 ide_sector_read_dma(s);
2224 case WIN_WRITEDMA_EXT:
2227 case WIN_WRITEDMA_ONCE:
2230 ide_cmd_lba48_transform(s, lba48);
2231 ide_sector_write_dma(s);
2232 s->media_changed = 1;
2234 case WIN_READ_NATIVE_MAX_EXT:
2236 case WIN_READ_NATIVE_MAX:
2237 ide_cmd_lba48_transform(s, lba48);
2238 ide_set_sector(s, s->nb_sectors - 1);
2239 s->status = READY_STAT | SEEK_STAT;
2242 case WIN_CHECKPOWERMODE1:
2243 case WIN_CHECKPOWERMODE2:
2244 s->nsector = 0xff; /* device active or idle */
2245 s->status = READY_STAT | SEEK_STAT;
2248 case WIN_SETFEATURES:
2251 /* XXX: valid for CDROM ? */
2252 switch(s->feature) {
2253 case 0xcc: /* reverting to power-on defaults enable */
2254 case 0x66: /* reverting to power-on defaults disable */
2255 case 0x02: /* write cache enable */
2256 case 0x82: /* write cache disable */
2257 case 0xaa: /* read look-ahead enable */
2258 case 0x55: /* read look-ahead disable */
2259 case 0x05: /* set advanced power management mode */
2260 case 0x85: /* disable advanced power management mode */
2261 case 0x69: /* NOP */
2262 case 0x67: /* NOP */
2263 case 0x96: /* NOP */
2264 case 0x9a: /* NOP */
2265 case 0x42: /* enable Automatic Acoustic Mode */
2266 case 0xc2: /* disable Automatic Acoustic Mode */
2267 s->status = READY_STAT | SEEK_STAT;
2270 case 0x03: { /* set transfer mode */
2271 uint8_t val = s->nsector & 0x07;
2273 switch (s->nsector >> 3) {
2274 case 0x00: /* pio default */
2275 case 0x01: /* pio mode */
2276 put_le16(s->identify_data + 62,0x07);
2277 put_le16(s->identify_data + 63,0x07);
2278 put_le16(s->identify_data + 88,0x3f);
2280 case 0x02: /* sigle word dma mode*/
2281 put_le16(s->identify_data + 62,0x07 | (1 << (val + 8)));
2282 put_le16(s->identify_data + 63,0x07);
2283 put_le16(s->identify_data + 88,0x3f);
2285 case 0x04: /* mdma mode */
2286 put_le16(s->identify_data + 62,0x07);
2287 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
2288 put_le16(s->identify_data + 88,0x3f);
2290 case 0x08: /* udma mode */
2291 put_le16(s->identify_data + 62,0x07);
2292 put_le16(s->identify_data + 63,0x07);
2293 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
2298 s->status = READY_STAT | SEEK_STAT;
2306 case WIN_FLUSH_CACHE:
2307 case WIN_FLUSH_CACHE_EXT:
2310 s->status = READY_STAT | SEEK_STAT;
2315 case WIN_STANDBYNOW1:
2316 case WIN_STANDBYNOW2:
2317 case WIN_IDLEIMMEDIATE:
2318 case CFA_IDLEIMMEDIATE:
2323 s->status = READY_STAT;
2326 /* ATAPI commands */
2329 ide_atapi_identify(s);
2330 s->status = READY_STAT | SEEK_STAT;
2331 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2333 ide_abort_command(s);
2338 ide_set_signature(s);
2340 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2341 * devices to return a clear status register
2342 * with READY_STAT *not* set. */
2344 s->status = READY_STAT | SEEK_STAT;
2345 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2353 ide_set_signature(s);
2354 s->status = 0x00; /* NOTE: READY is _not_ set */
2360 /* overlapping commands not supported */
2361 if (s->feature & 0x02)
2363 s->status = READY_STAT | SEEK_STAT;
2364 s->atapi_dma = s->feature & 1;
2366 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2369 /* CF-ATA commands */
2370 case CFA_REQ_EXT_ERROR_CODE:
2373 s->error = 0x09; /* miscellaneous error */
2374 s->status = READY_STAT | SEEK_STAT;
2377 case CFA_ERASE_SECTORS:
2378 case CFA_WEAR_LEVEL:
2381 if (val == CFA_WEAR_LEVEL)
2383 if (val == CFA_ERASE_SECTORS)
2384 s->media_changed = 1;
2386 s->status = READY_STAT | SEEK_STAT;
2389 case CFA_TRANSLATE_SECTOR:
2393 s->status = READY_STAT | SEEK_STAT;
2394 memset(s->io_buffer, 0, 0x200);
2395 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2396 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2397 s->io_buffer[0x02] = s->select; /* Head */
2398 s->io_buffer[0x03] = s->sector; /* Sector */
2399 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2400 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2401 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2402 s->io_buffer[0x13] = 0x00; /* Erase flag */
2403 s->io_buffer[0x18] = 0x00; /* Hot count */
2404 s->io_buffer[0x19] = 0x00; /* Hot count */
2405 s->io_buffer[0x1a] = 0x01; /* Hot count */
2406 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2409 case CFA_ACCESS_METADATA_STORAGE:
2412 switch (s->feature) {
2413 case 0x02: /* Inquiry Metadata Storage */
2414 ide_cfata_metadata_inquiry(s);
2416 case 0x03: /* Read Metadata Storage */
2417 ide_cfata_metadata_read(s);
2419 case 0x04: /* Write Metadata Storage */
2420 ide_cfata_metadata_write(s);
2425 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2426 s->status = 0x00; /* NOTE: READY is _not_ set */
2429 case IBM_SENSE_CONDITION:
2432 switch (s->feature) {
2433 case 0x01: /* sense temperature in device */
2434 s->nsector = 0x50; /* +20 C */
2439 s->status = READY_STAT | SEEK_STAT;
2444 ide_abort_command(s);
2451 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2453 IDEState *ide_if = opaque;
2454 IDEState *s = ide_if->cur_drive;
2459 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2460 //hob = s->select & (1 << 7);
2467 if (!ide_if[0].bs && !ide_if[1].bs)
2472 ret = s->hob_feature;
2475 if (!ide_if[0].bs && !ide_if[1].bs)
2478 ret = s->nsector & 0xff;
2480 ret = s->hob_nsector;
2483 if (!ide_if[0].bs && !ide_if[1].bs)
2488 ret = s->hob_sector;
2491 if (!ide_if[0].bs && !ide_if[1].bs)
2499 if (!ide_if[0].bs && !ide_if[1].bs)
2507 if (!ide_if[0].bs && !ide_if[1].bs)
2514 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2515 (s != ide_if && !s->bs))
2519 qemu_irq_lower(s->irq);
2523 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2528 static uint32_t ide_status_read(void *opaque, uint32_t addr)
2530 IDEState *ide_if = opaque;
2531 IDEState *s = ide_if->cur_drive;
2534 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2535 (s != ide_if && !s->bs))
2540 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2545 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2547 IDEState *ide_if = opaque;
2552 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2554 /* common for both drives */
2555 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2556 (val & IDE_CMD_RESET)) {
2557 /* reset low to high */
2558 for(i = 0;i < 2; i++) {
2560 s->status = BUSY_STAT | SEEK_STAT;
2563 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2564 !(val & IDE_CMD_RESET)) {
2566 for(i = 0;i < 2; i++) {
2569 s->status = 0x00; /* NOTE: READY is _not_ set */
2571 s->status = READY_STAT | SEEK_STAT;
2572 ide_set_signature(s);
2576 ide_if[0].cmd = val;
2577 ide_if[1].cmd = val;
2580 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2582 IDEState *s = ((IDEState *)opaque)->cur_drive;
2585 /* PIO data access allowed only when DRQ bit is set */
2586 if (!(s->status & DRQ_STAT))
2590 *(uint16_t *)p = le16_to_cpu(val);
2593 if (p >= s->data_end)
2594 s->end_transfer_func(s);
2597 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2599 IDEState *s = ((IDEState *)opaque)->cur_drive;
2603 /* PIO data access allowed only when DRQ bit is set */
2604 if (!(s->status & DRQ_STAT))
2608 ret = cpu_to_le16(*(uint16_t *)p);
2611 if (p >= s->data_end)
2612 s->end_transfer_func(s);
2616 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2618 IDEState *s = ((IDEState *)opaque)->cur_drive;
2621 /* PIO data access allowed only when DRQ bit is set */
2622 if (!(s->status & DRQ_STAT))
2626 *(uint32_t *)p = le32_to_cpu(val);
2629 if (p >= s->data_end)
2630 s->end_transfer_func(s);
2633 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2635 IDEState *s = ((IDEState *)opaque)->cur_drive;
2639 /* PIO data access allowed only when DRQ bit is set */
2640 if (!(s->status & DRQ_STAT))
2644 ret = cpu_to_le32(*(uint32_t *)p);
2647 if (p >= s->data_end)
2648 s->end_transfer_func(s);
2652 static void ide_dummy_transfer_stop(IDEState *s)
2654 s->data_ptr = s->io_buffer;
2655 s->data_end = s->io_buffer;
2656 s->io_buffer[0] = 0xff;
2657 s->io_buffer[1] = 0xff;
2658 s->io_buffer[2] = 0xff;
2659 s->io_buffer[3] = 0xff;
2662 static void ide_reset(IDEState *s)
2665 s->mult_sectors = 0;
2667 s->mult_sectors = MAX_MULT_SECTORS;
2670 s->status = READY_STAT | SEEK_STAT;
2671 ide_set_signature(s);
2672 /* init the transfer handler so that 0xffff is returned on data
2674 s->end_transfer_func = ide_dummy_transfer_stop;
2675 ide_dummy_transfer_stop(s);
2676 s->media_changed = 0;
2680 uint8_t boot_ind; /* 0x80 - active */
2681 uint8_t head; /* starting head */
2682 uint8_t sector; /* starting sector */
2683 uint8_t cyl; /* starting cylinder */
2684 uint8_t sys_ind; /* What partition type */
2685 uint8_t end_head; /* end head */
2686 uint8_t end_sector; /* end sector */
2687 uint8_t end_cyl; /* end cylinder */
2688 uint32_t start_sect; /* starting sector counting from 0 */
2689 uint32_t nr_sects; /* nr of sectors in partition */
2690 } __attribute__((packed));
2692 /* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
2693 static int guess_disk_lchs(IDEState *s,
2694 int *pcylinders, int *pheads, int *psectors)
2696 uint8_t *buf = s->io_buffer;
2697 int ret, i, heads, sectors, cylinders;
2698 struct partition *p;
2701 ret = bdrv_read(s->bs, 0, buf, 1);
2705 /* test msdos magic */
2706 if (buf[510] != 0x55 || buf[511] != 0xaa) {
2709 for(i = 0; i < 4; i++) {
2710 p = ((struct partition *)(buf + 0x1be)) + i;
2711 nr_sects = le32_to_cpu(p->nr_sects);
2712 if (nr_sects && p->end_head) {
2713 /* We make the assumption that the partition terminates on
2714 a cylinder boundary */
2715 heads = p->end_head + 1;
2716 sectors = p->end_sector & 63;
2719 cylinders = s->nb_sectors / (heads * sectors);
2720 if (cylinders < 1 || cylinders > 16383)
2723 *psectors = sectors;
2724 *pcylinders = cylinders;
2726 printf("guessed geometry: LCHS=%d %d %d\n",
2727 cylinders, heads, sectors);
2735 static void ide_init2(IDEState *ide_state,
2736 BlockDriverState *hd0, BlockDriverState *hd1,
2740 static int drive_serial = 1;
2741 int i, cylinders, heads, secs, translation, lba_detected = 0;
2742 uint64_t nb_sectors;
2744 for(i = 0; i < 2; i++) {
2746 s->io_buffer = qemu_memalign(512, IDE_DMA_BUF_SECTORS*512 + 4);
2752 bdrv_get_geometry(s->bs, &nb_sectors);
2753 s->nb_sectors = nb_sectors;
2754 /* if a geometry hint is available, use it */
2755 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
2756 translation = bdrv_get_translation_hint(s->bs);
2757 if (cylinders != 0) {
2758 s->cylinders = cylinders;
2762 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
2764 /* if heads > 16, it means that a BIOS LBA
2765 translation was active, so the default
2766 hardware geometry is OK */
2768 goto default_geometry;
2770 s->cylinders = cylinders;
2773 /* disable any translation to be in sync with
2774 the logical geometry */
2775 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
2776 bdrv_set_translation_hint(s->bs,
2777 BIOS_ATA_TRANSLATION_NONE);
2782 /* if no geometry, use a standard physical disk geometry */
2783 cylinders = nb_sectors / (16 * 63);
2784 if (cylinders > 16383)
2786 else if (cylinders < 2)
2788 s->cylinders = cylinders;
2791 if ((lba_detected == 1) && (translation == BIOS_ATA_TRANSLATION_AUTO)) {
2792 if ((s->cylinders * s->heads) <= 131072) {
2793 bdrv_set_translation_hint(s->bs,
2794 BIOS_ATA_TRANSLATION_LARGE);
2796 bdrv_set_translation_hint(s->bs,
2797 BIOS_ATA_TRANSLATION_LBA);
2801 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
2803 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2805 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2808 s->drive_serial = drive_serial++;
2810 s->sector_write_timer = qemu_new_timer(vm_clock,
2811 ide_sector_write_timer_cb, s);
2816 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2818 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2819 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2821 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2822 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2826 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2827 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2828 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2829 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2832 /* save per IDE drive data */
2833 static void ide_save(QEMUFile* f, IDEState *s)
2835 qemu_put_be32(f, s->mult_sectors);
2836 qemu_put_be32(f, s->identify_set);
2837 if (s->identify_set) {
2838 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2840 qemu_put_8s(f, &s->feature);
2841 qemu_put_8s(f, &s->error);
2842 qemu_put_be32s(f, &s->nsector);
2843 qemu_put_8s(f, &s->sector);
2844 qemu_put_8s(f, &s->lcyl);
2845 qemu_put_8s(f, &s->hcyl);
2846 qemu_put_8s(f, &s->hob_feature);
2847 qemu_put_8s(f, &s->hob_nsector);
2848 qemu_put_8s(f, &s->hob_sector);
2849 qemu_put_8s(f, &s->hob_lcyl);
2850 qemu_put_8s(f, &s->hob_hcyl);
2851 qemu_put_8s(f, &s->select);
2852 qemu_put_8s(f, &s->status);
2853 qemu_put_8s(f, &s->lba48);
2855 qemu_put_8s(f, &s->sense_key);
2856 qemu_put_8s(f, &s->asc);
2857 /* XXX: if a transfer is pending, we do not save it yet */
2860 /* load per IDE drive data */
2861 static void ide_load(QEMUFile* f, IDEState *s)
2863 s->mult_sectors=qemu_get_be32(f);
2864 s->identify_set=qemu_get_be32(f);
2865 if (s->identify_set) {
2866 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2868 qemu_get_8s(f, &s->feature);
2869 qemu_get_8s(f, &s->error);
2870 qemu_get_be32s(f, &s->nsector);
2871 qemu_get_8s(f, &s->sector);
2872 qemu_get_8s(f, &s->lcyl);
2873 qemu_get_8s(f, &s->hcyl);
2874 qemu_get_8s(f, &s->hob_feature);
2875 qemu_get_8s(f, &s->hob_nsector);
2876 qemu_get_8s(f, &s->hob_sector);
2877 qemu_get_8s(f, &s->hob_lcyl);
2878 qemu_get_8s(f, &s->hob_hcyl);
2879 qemu_get_8s(f, &s->select);
2880 qemu_get_8s(f, &s->status);
2881 qemu_get_8s(f, &s->lba48);
2883 qemu_get_8s(f, &s->sense_key);
2884 qemu_get_8s(f, &s->asc);
2885 /* XXX: if a transfer is pending, we do not save it yet */
2888 /***********************************************************/
2889 /* ISA IDE definitions */
2891 void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
2892 BlockDriverState *hd0, BlockDriverState *hd1)
2894 IDEState *ide_state;
2896 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2900 ide_init2(ide_state, hd0, hd1, irq);
2901 ide_init_ioport(ide_state, iobase, iobase2);
2904 /***********************************************************/
2905 /* PCI IDE definitions */
2907 static void cmd646_update_irq(PCIIDEState *d);
2909 static void ide_map(PCIDevice *pci_dev, int region_num,
2910 uint32_t addr, uint32_t size, int type)
2912 PCIIDEState *d = (PCIIDEState *)pci_dev;
2913 IDEState *ide_state;
2915 if (region_num <= 3) {
2916 ide_state = &d->ide_if[(region_num >> 1) * 2];
2917 if (region_num & 1) {
2918 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2919 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2921 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2922 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2925 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2926 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2927 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2928 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2933 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2935 BMDMAState *bm = s->bmdma;
2939 bm->dma_cb = dma_cb;
2940 bm->cur_prd_last = 0;
2941 bm->cur_prd_addr = 0;
2942 bm->cur_prd_len = 0;
2943 if (bm->status & BM_STATUS_DMAING) {
2948 static void ide_dma_cancel(BMDMAState *bm)
2950 if (bm->status & BM_STATUS_DMAING) {
2951 bm->status &= ~BM_STATUS_DMAING;
2952 /* cancel DMA request */
2957 printf("aio_cancel\n");
2959 bdrv_aio_cancel(bm->aiocb);
2965 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2967 BMDMAState *bm = opaque;
2969 printf("%s: 0x%08x\n", __func__, val);
2971 if (!(val & BM_CMD_START)) {
2972 /* XXX: do it better */
2974 bm->cmd = val & 0x09;
2976 if (!(bm->status & BM_STATUS_DMAING)) {
2977 bm->status |= BM_STATUS_DMAING;
2978 /* start dma transfer if possible */
2982 bm->cmd = val & 0x09;
2986 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2988 BMDMAState *bm = opaque;
2989 PCIIDEState *pci_dev;
2997 pci_dev = bm->pci_dev;
2998 if (pci_dev->type == IDE_TYPE_CMD646) {
2999 val = pci_dev->dev.config[MRDMODE];
3008 pci_dev = bm->pci_dev;
3009 if (pci_dev->type == IDE_TYPE_CMD646) {
3010 if (bm == &pci_dev->bmdma[0])
3011 val = pci_dev->dev.config[UDIDETCR0];
3013 val = pci_dev->dev.config[UDIDETCR1];
3023 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
3028 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
3030 BMDMAState *bm = opaque;
3031 PCIIDEState *pci_dev;
3033 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
3037 pci_dev = bm->pci_dev;
3038 if (pci_dev->type == IDE_TYPE_CMD646) {
3039 pci_dev->dev.config[MRDMODE] =
3040 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
3041 cmd646_update_irq(pci_dev);
3045 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
3048 pci_dev = bm->pci_dev;
3049 if (pci_dev->type == IDE_TYPE_CMD646) {
3050 if (bm == &pci_dev->bmdma[0])
3051 pci_dev->dev.config[UDIDETCR0] = val;
3053 pci_dev->dev.config[UDIDETCR1] = val;
3059 static uint32_t bmdma_addr_readb(void *opaque, uint32_t addr)
3061 BMDMAState *bm = opaque;
3063 val = (bm->addr >> ((addr & 3) * 8)) & 0xff;
3065 printf("%s: 0x%08x\n", __func__, val);
3070 static void bmdma_addr_writeb(void *opaque, uint32_t addr, uint32_t val)
3072 BMDMAState *bm = opaque;
3073 int shift = (addr & 3) * 8;
3075 printf("%s: 0x%08x\n", __func__, val);
3077 bm->addr &= ~(0xFF << shift);
3078 bm->addr |= ((val & 0xFF) << shift) & ~3;
3079 bm->cur_addr = bm->addr;
3082 static uint32_t bmdma_addr_readw(void *opaque, uint32_t addr)
3084 BMDMAState *bm = opaque;
3086 val = (bm->addr >> ((addr & 3) * 8)) & 0xffff;
3088 printf("%s: 0x%08x\n", __func__, val);
3093 static void bmdma_addr_writew(void *opaque, uint32_t addr, uint32_t val)
3095 BMDMAState *bm = opaque;
3096 int shift = (addr & 3) * 8;
3098 printf("%s: 0x%08x\n", __func__, val);
3100 bm->addr &= ~(0xFFFF << shift);
3101 bm->addr |= ((val & 0xFFFF) << shift) & ~3;
3102 bm->cur_addr = bm->addr;
3105 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
3107 BMDMAState *bm = opaque;
3111 printf("%s: 0x%08x\n", __func__, val);
3116 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
3118 BMDMAState *bm = opaque;
3120 printf("%s: 0x%08x\n", __func__, val);
3122 bm->addr = val & ~3;
3123 bm->cur_addr = bm->addr;
3126 static void bmdma_map(PCIDevice *pci_dev, int region_num,
3127 uint32_t addr, uint32_t size, int type)
3129 PCIIDEState *d = (PCIIDEState *)pci_dev;
3132 for(i = 0;i < 2; i++) {
3133 BMDMAState *bm = &d->bmdma[i];
3134 d->ide_if[2 * i].bmdma = bm;
3135 d->ide_if[2 * i + 1].bmdma = bm;
3136 bm->pci_dev = (PCIIDEState *)pci_dev;
3138 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
3140 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
3141 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
3143 register_ioport_write(addr + 4, 4, 1, bmdma_addr_writeb, bm);
3144 register_ioport_read(addr + 4, 4, 1, bmdma_addr_readb, bm);
3145 register_ioport_write(addr + 4, 4, 2, bmdma_addr_writew, bm);
3146 register_ioport_read(addr + 4, 4, 2, bmdma_addr_readw, bm);
3147 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
3148 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
3153 /* XXX: call it also when the MRDMODE is changed from the PCI config
3155 static void cmd646_update_irq(PCIIDEState *d)
3158 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
3159 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
3160 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
3161 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
3162 qemu_set_irq(d->dev.irq[0], pci_level);
3165 /* the PCI irq level is the logical OR of the two channels */
3166 static void cmd646_set_irq(void *opaque, int channel, int level)
3168 PCIIDEState *d = opaque;
3171 irq_mask = MRDMODE_INTR_CH0 << channel;
3173 d->dev.config[MRDMODE] |= irq_mask;
3175 d->dev.config[MRDMODE] &= ~irq_mask;
3176 cmd646_update_irq(d);
3179 /* CMD646 PCI IDE controller */
3180 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
3181 int secondary_ide_enabled)
3188 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
3189 sizeof(PCIIDEState),
3192 d->type = IDE_TYPE_CMD646;
3193 pci_conf = d->dev.config;
3194 pci_conf[0x00] = 0x95; // CMD646
3195 pci_conf[0x01] = 0x10;
3196 pci_conf[0x02] = 0x46;
3197 pci_conf[0x03] = 0x06;
3199 pci_conf[0x08] = 0x07; // IDE controller revision
3200 pci_conf[0x09] = 0x8f;
3202 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3203 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3204 pci_conf[0x0e] = 0x00; // header_type
3206 if (secondary_ide_enabled) {
3207 /* XXX: if not enabled, really disable the seconday IDE controller */
3208 pci_conf[0x51] = 0x80; /* enable IDE1 */
3211 pci_register_io_region((PCIDevice *)d, 0, 0x8,
3212 PCI_ADDRESS_SPACE_IO, ide_map);
3213 pci_register_io_region((PCIDevice *)d, 1, 0x4,
3214 PCI_ADDRESS_SPACE_IO, ide_map);
3215 pci_register_io_region((PCIDevice *)d, 2, 0x8,
3216 PCI_ADDRESS_SPACE_IO, ide_map);
3217 pci_register_io_region((PCIDevice *)d, 3, 0x4,
3218 PCI_ADDRESS_SPACE_IO, ide_map);
3219 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3220 PCI_ADDRESS_SPACE_IO, bmdma_map);
3222 pci_conf[0x3d] = 0x01; // interrupt on pin 1
3224 for(i = 0; i < 4; i++)
3225 d->ide_if[i].pci_dev = (PCIDevice *)d;
3227 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
3228 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
3229 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
3232 static void pci_ide_save(QEMUFile* f, void *opaque)
3234 PCIIDEState *d = opaque;
3237 pci_device_save(&d->dev, f);
3239 for(i = 0; i < 2; i++) {
3240 BMDMAState *bm = &d->bmdma[i];
3241 qemu_put_8s(f, &bm->cmd);
3242 qemu_put_8s(f, &bm->status);
3243 qemu_put_be32s(f, &bm->addr);
3244 /* XXX: if a transfer is pending, we do not save it yet */
3247 /* per IDE interface data */
3248 for(i = 0; i < 2; i++) {
3249 IDEState *s = &d->ide_if[i * 2];
3250 uint8_t drive1_selected;
3251 qemu_put_8s(f, &s->cmd);
3252 drive1_selected = (s->cur_drive != s);
3253 qemu_put_8s(f, &drive1_selected);
3256 /* per IDE drive data */
3257 for(i = 0; i < 4; i++) {
3258 ide_save(f, &d->ide_if[i]);
3262 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
3264 PCIIDEState *d = opaque;
3267 if (version_id != 1)
3269 ret = pci_device_load(&d->dev, f);
3273 for(i = 0; i < 2; i++) {
3274 BMDMAState *bm = &d->bmdma[i];
3275 qemu_get_8s(f, &bm->cmd);
3276 qemu_get_8s(f, &bm->status);
3277 qemu_get_be32s(f, &bm->addr);
3278 /* XXX: if a transfer is pending, we do not save it yet */
3281 /* per IDE interface data */
3282 for(i = 0; i < 2; i++) {
3283 IDEState *s = &d->ide_if[i * 2];
3284 uint8_t drive1_selected;
3285 qemu_get_8s(f, &s->cmd);
3286 qemu_get_8s(f, &drive1_selected);
3287 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
3290 /* per IDE drive data */
3291 for(i = 0; i < 4; i++) {
3292 ide_load(f, &d->ide_if[i]);
3297 static void piix3_reset(void *opaque)
3299 PCIIDEState *d = opaque;
3300 uint8_t *pci_conf = d->dev.config;
3303 for (i = 0; i < 2; i++)
3304 ide_dma_cancel(&d->bmdma[i]);
3306 pci_conf[0x04] = 0x00;
3307 pci_conf[0x05] = 0x00;
3308 pci_conf[0x06] = 0x80; /* FBC */
3309 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
3310 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
3313 /* hd_table must contain 4 block drivers */
3314 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
3315 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3321 /* register a function 1 of PIIX3 */
3322 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
3323 sizeof(PCIIDEState),
3326 d->type = IDE_TYPE_PIIX3;
3328 pci_conf = d->dev.config;
3329 pci_conf[0x00] = 0x86; // Intel
3330 pci_conf[0x01] = 0x80;
3331 pci_conf[0x02] = 0x10;
3332 pci_conf[0x03] = 0x70;
3333 pci_conf[0x09] = 0x80; // legacy ATA mode
3334 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3335 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3336 pci_conf[0x0e] = 0x00; // header_type
3338 qemu_register_reset(piix3_reset, d);
3341 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3342 PCI_ADDRESS_SPACE_IO, bmdma_map);
3344 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3345 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3346 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3347 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3349 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3352 /* hd_table must contain 4 block drivers */
3353 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3354 void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3360 /* register a function 1 of PIIX4 */
3361 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
3362 sizeof(PCIIDEState),
3365 d->type = IDE_TYPE_PIIX4;
3367 pci_conf = d->dev.config;
3368 pci_conf[0x00] = 0x86; // Intel
3369 pci_conf[0x01] = 0x80;
3370 pci_conf[0x02] = 0x11;
3371 pci_conf[0x03] = 0x71;
3372 pci_conf[0x09] = 0x80; // legacy ATA mode
3373 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3374 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3375 pci_conf[0x0e] = 0x00; // header_type
3377 qemu_register_reset(piix3_reset, d);
3380 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3381 PCI_ADDRESS_SPACE_IO, bmdma_map);
3383 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3384 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3385 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3386 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3388 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3391 /***********************************************************/
3392 /* MacIO based PowerPC IDE */
3394 /* PowerMac IDE memory IO */
3395 static void pmac_ide_writeb (void *opaque,
3396 target_phys_addr_t addr, uint32_t val)
3398 addr = (addr & 0xFFF) >> 4;
3401 ide_ioport_write(opaque, addr, val);
3405 ide_cmd_write(opaque, 0, val);
3412 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3416 addr = (addr & 0xFFF) >> 4;
3419 retval = ide_ioport_read(opaque, addr);
3423 retval = ide_status_read(opaque, 0);
3432 static void pmac_ide_writew (void *opaque,
3433 target_phys_addr_t addr, uint32_t val)
3435 addr = (addr & 0xFFF) >> 4;
3436 #ifdef TARGET_WORDS_BIGENDIAN
3440 ide_data_writew(opaque, 0, val);
3444 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3448 addr = (addr & 0xFFF) >> 4;
3450 retval = ide_data_readw(opaque, 0);
3454 #ifdef TARGET_WORDS_BIGENDIAN
3455 retval = bswap16(retval);
3460 static void pmac_ide_writel (void *opaque,
3461 target_phys_addr_t addr, uint32_t val)
3463 addr = (addr & 0xFFF) >> 4;
3464 #ifdef TARGET_WORDS_BIGENDIAN
3468 ide_data_writel(opaque, 0, val);
3472 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3476 addr = (addr & 0xFFF) >> 4;
3478 retval = ide_data_readl(opaque, 0);
3480 retval = 0xFFFFFFFF;
3482 #ifdef TARGET_WORDS_BIGENDIAN
3483 retval = bswap32(retval);
3488 static CPUWriteMemoryFunc *pmac_ide_write[] = {
3494 static CPUReadMemoryFunc *pmac_ide_read[] = {
3500 /* hd_table must contain 4 block drivers */
3501 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3502 I/O index to access the ide. */
3503 int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
3506 int pmac_ide_memory;
3508 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
3509 ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3511 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3512 pmac_ide_write, &ide_if[0]);
3513 return pmac_ide_memory;
3516 /***********************************************************/
3517 /* CF-ATA Microdrive */
3519 #define METADATA_SIZE 0x20
3521 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3524 struct pcmcia_card_s card;
3538 /* Register bitfields */
3541 OPT_MODE_IOMAP16 = 1,
3542 OPT_MODE_IOMAP1 = 2,
3543 OPT_MODE_IOMAP2 = 3,
3554 STAT_CHANGED = 0x80,
3565 static inline void md_interrupt_update(struct md_s *s)
3570 qemu_set_irq(s->card.slot->irq,
3571 !(s->stat & STAT_INT) && /* Inverted */
3572 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3573 !(s->opt & OPT_SRESET));
3576 static void md_set_irq(void *opaque, int irq, int level)
3578 struct md_s *s = (struct md_s *) opaque;
3580 s->stat |= STAT_INT;
3582 s->stat &= ~STAT_INT;
3584 md_interrupt_update(s);
3587 static void md_reset(struct md_s *s)
3589 s->opt = OPT_MODE_MMAP;
3597 static uint8_t md_attr_read(void *opaque, uint32_t at)
3599 struct md_s *s = (struct md_s *) opaque;
3600 if (at < s->attr_base) {
3601 if (at < s->card.cis_len)
3602 return s->card.cis[at];
3610 case 0x00: /* Configuration Option Register */
3612 case 0x02: /* Card Configuration Status Register */
3613 if (s->ctrl & CTRL_IEN)
3614 return s->stat & ~STAT_INT;
3617 case 0x04: /* Pin Replacement Register */
3618 return (s->pins & PINS_CRDY) | 0x0c;
3619 case 0x06: /* Socket and Copy Register */
3623 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3630 static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
3632 struct md_s *s = (struct md_s *) opaque;
3636 case 0x00: /* Configuration Option Register */
3637 s->opt = value & 0xcf;
3638 if (value & OPT_SRESET)
3640 md_interrupt_update(s);
3642 case 0x02: /* Card Configuration Status Register */
3643 if ((s->stat ^ value) & STAT_PWRDWN)
3644 s->pins |= PINS_CRDY;
3646 s->stat |= value & 0x74;
3647 md_interrupt_update(s);
3648 /* Word 170 in Identify Device must be equal to STAT_XE */
3650 case 0x04: /* Pin Replacement Register */
3651 s->pins &= PINS_CRDY;
3652 s->pins |= value & PINS_MRDY;
3654 case 0x06: /* Socket and Copy Register */
3657 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3661 static uint16_t md_common_read(void *opaque, uint32_t at)
3663 struct md_s *s = (struct md_s *) opaque;
3667 switch (s->opt & OPT_MODE) {
3669 if ((at & ~0x3ff) == 0x400)
3672 case OPT_MODE_IOMAP16:
3675 case OPT_MODE_IOMAP1:
3676 if ((at & ~0xf) == 0x3f0)
3678 else if ((at & ~0xf) == 0x1f0)
3681 case OPT_MODE_IOMAP2:
3682 if ((at & ~0xf) == 0x370)
3684 else if ((at & ~0xf) == 0x170)
3689 case 0x0: /* Even RD Data */
3691 return ide_data_readw(s->ide, 0);
3693 /* TODO: 8-bit accesses */
3697 s->io = ide_data_readw(s->ide, 0);
3700 s->cycle = !s->cycle;
3702 case 0x9: /* Odd RD Data */
3704 case 0xd: /* Error */
3705 return ide_ioport_read(s->ide, 0x1);
3706 case 0xe: /* Alternate Status */
3707 if (s->ide->cur_drive->bs)
3708 return s->ide->cur_drive->status;
3711 case 0xf: /* Device Address */
3712 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
3714 return ide_ioport_read(s->ide, at);
3720 static void md_common_write(void *opaque, uint32_t at, uint16_t value)
3722 struct md_s *s = (struct md_s *) opaque;
3725 switch (s->opt & OPT_MODE) {
3727 if ((at & ~0x3ff) == 0x400)
3730 case OPT_MODE_IOMAP16:
3733 case OPT_MODE_IOMAP1:
3734 if ((at & ~0xf) == 0x3f0)
3736 else if ((at & ~0xf) == 0x1f0)
3739 case OPT_MODE_IOMAP2:
3740 if ((at & ~0xf) == 0x370)
3742 else if ((at & ~0xf) == 0x170)
3747 case 0x0: /* Even WR Data */
3749 ide_data_writew(s->ide, 0, value);
3752 /* TODO: 8-bit accesses */
3754 ide_data_writew(s->ide, 0, s->io | (value << 8));
3756 s->io = value & 0xff;
3757 s->cycle = !s->cycle;
3760 s->io = value & 0xff;
3761 s->cycle = !s->cycle;
3763 case 0xd: /* Features */
3764 ide_ioport_write(s->ide, 0x1, value);
3766 case 0xe: /* Device Control */
3768 if (value & CTRL_SRST)
3770 md_interrupt_update(s);
3773 if (s->stat & STAT_PWRDWN) {
3774 s->pins |= PINS_CRDY;
3775 s->stat &= ~STAT_PWRDWN;
3777 ide_ioport_write(s->ide, at, value);
3781 static void md_save(QEMUFile *f, void *opaque)
3783 struct md_s *s = (struct md_s *) opaque;
3785 uint8_t drive1_selected;
3787 qemu_put_8s(f, &s->opt);
3788 qemu_put_8s(f, &s->stat);
3789 qemu_put_8s(f, &s->pins);
3791 qemu_put_8s(f, &s->ctrl);
3792 qemu_put_be16s(f, &s->io);
3793 qemu_put_byte(f, s->cycle);
3795 drive1_selected = (s->ide->cur_drive != s->ide);
3796 qemu_put_8s(f, &s->ide->cmd);
3797 qemu_put_8s(f, &drive1_selected);
3799 for (i = 0; i < 2; i ++)
3800 ide_save(f, &s->ide[i]);
3803 static int md_load(QEMUFile *f, void *opaque, int version_id)
3805 struct md_s *s = (struct md_s *) opaque;
3807 uint8_t drive1_selected;
3809 qemu_get_8s(f, &s->opt);
3810 qemu_get_8s(f, &s->stat);
3811 qemu_get_8s(f, &s->pins);
3813 qemu_get_8s(f, &s->ctrl);
3814 qemu_get_be16s(f, &s->io);
3815 s->cycle = qemu_get_byte(f);
3817 qemu_get_8s(f, &s->ide->cmd);
3818 qemu_get_8s(f, &drive1_selected);
3819 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3821 for (i = 0; i < 2; i ++)
3822 ide_load(f, &s->ide[i]);
3827 static const uint8_t dscm1xxxx_cis[0x14a] = {
3828 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3829 [0x002] = 0x03, /* Tuple length = 4 bytes */
3830 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3831 [0x006] = 0x01, /* Size = 2K bytes */
3832 [0x008] = CISTPL_ENDMARK,
3834 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3835 [0x00c] = 0x04, /* Tuple length = 4 byest */
3836 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3837 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3838 [0x012] = 0x01, /* Size = 2K bytes */
3839 [0x014] = CISTPL_ENDMARK,
3841 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3842 [0x018] = 0x02, /* Tuple length = 2 bytes */
3843 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3846 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3847 [0x020] = 0x04, /* Tuple length = 4 bytes */
3848 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3850 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3853 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3854 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3855 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3856 [0x030] = 0x01, /* Minor Version = 1 */
3872 [0x050] = CISTPL_ENDMARK,
3874 [0x052] = CISTPL_FUNCID, /* Function ID */
3875 [0x054] = 0x02, /* Tuple length = 2 bytes */
3876 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3877 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3879 [0x05a] = CISTPL_FUNCE, /* Function Extension */
3880 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3881 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3882 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3884 [0x062] = CISTPL_FUNCE, /* Function Extension */
3885 [0x064] = 0x03, /* Tuple length = 3 bytes */
3886 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3887 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3888 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3890 [0x06c] = CISTPL_CONFIG, /* Configuration */
3891 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3892 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3893 [0x072] = 0x07, /* TPCC_LAST = 7 */
3894 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3896 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3898 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3899 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3900 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3901 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3902 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3903 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3904 [0x086] = 0x55, /* NomV: 5.0 V */
3905 [0x088] = 0x4d, /* MinV: 4.5 V */
3906 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3907 [0x08c] = 0x4e, /* Peakl: 450 mA */
3908 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3909 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3910 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3912 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3913 [0x096] = 0x06, /* Tuple length = 6 bytes */
3914 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3915 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3916 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3917 [0x09e] = 0xb5, /* NomV: 3.3 V */
3919 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3921 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3922 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3923 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3924 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3925 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3926 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3927 [0x0b0] = 0x55, /* NomV: 5.0 V */
3928 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3929 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3930 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3931 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3932 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3933 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3934 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3935 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3937 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3938 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3939 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3940 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3941 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3942 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3944 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3946 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3947 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3948 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3949 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3950 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3951 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3952 [0x0de] = 0x55, /* NomV: 5.0 V */
3953 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3954 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3955 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3956 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3957 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3958 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3960 [0x0ee] = 0x07, /* Address block length = 8 */
3961 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3963 [0x0f4] = 0x01, /* Address block length = 2 */
3964 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3965 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3967 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3968 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3969 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3970 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3971 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3972 [0x104] = 0xb5, /* NomV: 3.3 V */
3974 [0x108] = 0x3e, /* Peakl: 350 mA */
3976 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3977 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3978 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3979 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3980 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3981 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3982 [0x116] = 0x55, /* NomV: 5.0 V */
3983 [0x118] = 0x4d, /* MinV: 4.5 V */
3984 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3985 [0x11c] = 0x4e, /* Peakl: 450 mA */
3986 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3987 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3988 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3990 [0x126] = 0x07, /* Address block length = 8 */
3991 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3993 [0x12c] = 0x01, /* Address block length = 2 */
3994 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3995 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3997 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3998 [0x134] = 0x06, /* Tuple length = 6 bytes */
3999 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
4000 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4001 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4002 [0x13c] = 0xb5, /* NomV: 3.3 V */
4004 [0x140] = 0x3e, /* Peakl: 350 mA */
4006 [0x142] = CISTPL_NO_LINK, /* No Link */
4007 [0x144] = 0x00, /* Tuple length = 0 bytes */
4009 [0x146] = CISTPL_END, /* Tuple End */
4012 static int dscm1xxxx_attach(void *opaque)
4014 struct md_s *md = (struct md_s *) opaque;
4015 md->card.attr_read = md_attr_read;
4016 md->card.attr_write = md_attr_write;
4017 md->card.common_read = md_common_read;
4018 md->card.common_write = md_common_write;
4019 md->card.io_read = md_common_read;
4020 md->card.io_write = md_common_write;
4022 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
4026 md_interrupt_update(md);
4028 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
4032 static int dscm1xxxx_detach(void *opaque)
4034 struct md_s *md = (struct md_s *) opaque;
4039 struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
4041 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
4042 md->card.state = md;
4043 md->card.attach = dscm1xxxx_attach;
4044 md->card.detach = dscm1xxxx_detach;
4045 md->card.cis = dscm1xxxx_cis;
4046 md->card.cis_len = sizeof(dscm1xxxx_cis);
4048 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
4050 md->ide->mdata_size = METADATA_SIZE;
4051 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
4053 register_savevm("microdrive", -1, 0, md_save, md_load, md);
projects / qemu / blob