2 * QEMU IDE disk and CD/DVD-ROM Emulator
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
28 #include "scsi-disk.h"
31 #include "qemu-timer.h"
36 /* debug IDE devices */
38 //#define DEBUG_IDE_ATAPI
42 /* Bits of HD_STATUS */
44 #define INDEX_STAT 0x02
45 #define ECC_STAT 0x04 /* Corrected error */
47 #define SEEK_STAT 0x10
49 #define WRERR_STAT 0x20
50 #define READY_STAT 0x40
51 #define BUSY_STAT 0x80
53 /* Bits for HD_ERROR */
54 #define MARK_ERR 0x01 /* Bad address mark */
55 #define TRK0_ERR 0x02 /* couldn't find track 0 */
56 #define ABRT_ERR 0x04 /* Command aborted */
57 #define MCR_ERR 0x08 /* media change request */
58 #define ID_ERR 0x10 /* ID field not found */
59 #define MC_ERR 0x20 /* media changed */
60 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
61 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
62 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
64 /* Bits of HD_NSECTOR */
70 #define IDE_CMD_RESET 0x04
71 #define IDE_CMD_DISABLE_IRQ 0x02
73 /* ATA/ATAPI Commands pre T13 Spec */
78 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
82 #define WIN_SRST 0x08 /* ATAPI soft reset command */
83 #define WIN_DEVICE_RESET 0x08
87 #define WIN_RECAL 0x10
88 #define WIN_RESTORE WIN_RECAL
92 #define WIN_READ 0x20 /* 28-Bit */
93 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
94 #define WIN_READ_LONG 0x22 /* 28-Bit */
95 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
96 #define WIN_READ_EXT 0x24 /* 48-Bit */
97 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
98 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
99 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
103 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
105 * 0x2A->0x2F Reserved
107 #define WIN_WRITE 0x30 /* 28-Bit */
108 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
109 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
110 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
111 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
112 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
113 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
114 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
115 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
116 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
118 * 0x3A->0x3B Reserved
120 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
122 * 0x3D->0x3F Reserved
124 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
125 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
126 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
128 * 0x43->0x4F Reserved
130 #define WIN_FORMAT 0x50
132 * 0x51->0x5F Reserved
134 #define WIN_INIT 0x60
136 * 0x61->0x5F Reserved
138 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
139 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
140 #define WIN_DIAGNOSE 0x90
141 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
142 #define WIN_DOWNLOAD_MICROCODE 0x92
143 #define WIN_STANDBYNOW2 0x94
144 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
145 #define WIN_STANDBY2 0x96
146 #define WIN_SETIDLE2 0x97
147 #define WIN_CHECKPOWERMODE2 0x98
148 #define WIN_SLEEPNOW2 0x99
152 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
153 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
154 #define WIN_QUEUED_SERVICE 0xA2
155 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
156 #define CFA_ACCESS_METADATA_STORAGE 0xB8
157 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
158 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
159 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
160 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
161 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
162 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
163 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
164 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
165 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
166 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
167 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
168 #define WIN_GETMEDIASTATUS 0xDA
169 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
170 #define WIN_POSTBOOT 0xDC
171 #define WIN_PREBOOT 0xDD
172 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
173 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
174 #define WIN_STANDBYNOW1 0xE0
175 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
176 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
177 #define WIN_SETIDLE1 0xE3
178 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
179 #define WIN_CHECKPOWERMODE1 0xE5
180 #define WIN_SLEEPNOW1 0xE6
181 #define WIN_FLUSH_CACHE 0xE7
182 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
183 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
184 /* SET_FEATURES 0x22 or 0xDD */
185 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
186 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
187 #define WIN_MEDIAEJECT 0xED
188 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
189 #define WIN_SETFEATURES 0xEF /* set special drive features */
190 #define EXABYTE_ENABLE_NEST 0xF0
191 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
192 #define WIN_SECURITY_SET_PASS 0xF1
193 #define WIN_SECURITY_UNLOCK 0xF2
194 #define WIN_SECURITY_ERASE_PREPARE 0xF3
195 #define WIN_SECURITY_ERASE_UNIT 0xF4
196 #define WIN_SECURITY_FREEZE_LOCK 0xF5
197 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
198 #define WIN_SECURITY_DISABLE 0xF6
199 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
200 #define WIN_SET_MAX 0xF9
201 #define DISABLE_SEAGATE 0xFB
203 /* set to 1 set disable mult support */
204 #define MAX_MULT_SECTORS 16
206 #define IDE_DMA_BUF_SECTORS 256
208 #if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
209 #error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
214 #define ATAPI_PACKET_SIZE 12
216 /* The generic packet command opcodes for CD/DVD Logical Units,
217 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
218 #define GPCMD_BLANK 0xa1
219 #define GPCMD_CLOSE_TRACK 0x5b
220 #define GPCMD_FLUSH_CACHE 0x35
221 #define GPCMD_FORMAT_UNIT 0x04
222 #define GPCMD_GET_CONFIGURATION 0x46
223 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
224 #define GPCMD_GET_PERFORMANCE 0xac
225 #define GPCMD_INQUIRY 0x12
226 #define GPCMD_LOAD_UNLOAD 0xa6
227 #define GPCMD_MECHANISM_STATUS 0xbd
228 #define GPCMD_MODE_SELECT_10 0x55
229 #define GPCMD_MODE_SENSE_10 0x5a
230 #define GPCMD_PAUSE_RESUME 0x4b
231 #define GPCMD_PLAY_AUDIO_10 0x45
232 #define GPCMD_PLAY_AUDIO_MSF 0x47
233 #define GPCMD_PLAY_AUDIO_TI 0x48
234 #define GPCMD_PLAY_CD 0xbc
235 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
236 #define GPCMD_READ_10 0x28
237 #define GPCMD_READ_12 0xa8
238 #define GPCMD_READ_CDVD_CAPACITY 0x25
239 #define GPCMD_READ_CD 0xbe
240 #define GPCMD_READ_CD_MSF 0xb9
241 #define GPCMD_READ_DISC_INFO 0x51
242 #define GPCMD_READ_DVD_STRUCTURE 0xad
243 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
244 #define GPCMD_READ_HEADER 0x44
245 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
246 #define GPCMD_READ_SUBCHANNEL 0x42
247 #define GPCMD_READ_TOC_PMA_ATIP 0x43
248 #define GPCMD_REPAIR_RZONE_TRACK 0x58
249 #define GPCMD_REPORT_KEY 0xa4
250 #define GPCMD_REQUEST_SENSE 0x03
251 #define GPCMD_RESERVE_RZONE_TRACK 0x53
252 #define GPCMD_SCAN 0xba
253 #define GPCMD_SEEK 0x2b
254 #define GPCMD_SEND_DVD_STRUCTURE 0xad
255 #define GPCMD_SEND_EVENT 0xa2
256 #define GPCMD_SEND_KEY 0xa3
257 #define GPCMD_SEND_OPC 0x54
258 #define GPCMD_SET_READ_AHEAD 0xa7
259 #define GPCMD_SET_STREAMING 0xb6
260 #define GPCMD_START_STOP_UNIT 0x1b
261 #define GPCMD_STOP_PLAY_SCAN 0x4e
262 #define GPCMD_TEST_UNIT_READY 0x00
263 #define GPCMD_VERIFY_10 0x2f
264 #define GPCMD_WRITE_10 0x2a
265 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
266 /* This is listed as optional in ATAPI 2.6, but is (curiously)
267 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
268 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
269 * drives support it. */
270 #define GPCMD_SET_SPEED 0xbb
271 /* This seems to be a SCSI specific CD-ROM opcode
272 * to play data at track/index */
273 #define GPCMD_PLAYAUDIO_TI 0x48
275 * From MS Media Status Notification Support Specification. For
278 #define GPCMD_GET_MEDIA_STATUS 0xda
279 #define GPCMD_MODE_SENSE_6 0x1a
281 /* Mode page codes for mode sense/set */
282 #define GPMODE_R_W_ERROR_PAGE 0x01
283 #define GPMODE_WRITE_PARMS_PAGE 0x05
284 #define GPMODE_AUDIO_CTL_PAGE 0x0e
285 #define GPMODE_POWER_PAGE 0x1a
286 #define GPMODE_FAULT_FAIL_PAGE 0x1c
287 #define GPMODE_TO_PROTECT_PAGE 0x1d
288 #define GPMODE_CAPABILITIES_PAGE 0x2a
289 #define GPMODE_ALL_PAGES 0x3f
290 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
291 * of MODE_SENSE_POWER_PAGE */
292 #define GPMODE_CDROM_PAGE 0x0d
295 * Based on values from <linux/cdrom.h> but extending CD_MINS
296 * to the maximum common size allowed by the Orange's Book ATIP
298 * 90 and 99 min CDs are also available but using them as the
299 * upper limit reduces the effectiveness of the heuristic to
300 * detect DVDs burned to less than 25% of their maximum capacity
303 /* Some generally useful CD-ROM information */
304 #define CD_MINS 80 /* max. minutes per CD */
305 #define CD_SECS 60 /* seconds per minute */
306 #define CD_FRAMES 75 /* frames per second */
307 #define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
308 #define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
309 #define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
312 * The MMC values are not IDE specific and might need to be moved
313 * to a common header if they are also needed for the SCSI emulation
316 /* Profile list from MMC-6 revision 1 table 91 */
317 #define MMC_PROFILE_NONE 0x0000
318 #define MMC_PROFILE_CD_ROM 0x0008
319 #define MMC_PROFILE_CD_R 0x0009
320 #define MMC_PROFILE_CD_RW 0x000A
321 #define MMC_PROFILE_DVD_ROM 0x0010
322 #define MMC_PROFILE_DVD_R_SR 0x0011
323 #define MMC_PROFILE_DVD_RAM 0x0012
324 #define MMC_PROFILE_DVD_RW_RO 0x0013
325 #define MMC_PROFILE_DVD_RW_SR 0x0014
326 #define MMC_PROFILE_DVD_R_DL_SR 0x0015
327 #define MMC_PROFILE_DVD_R_DL_JR 0x0016
328 #define MMC_PROFILE_DVD_RW_DL 0x0017
329 #define MMC_PROFILE_DVD_DDR 0x0018
330 #define MMC_PROFILE_DVD_PLUS_RW 0x001A
331 #define MMC_PROFILE_DVD_PLUS_R 0x001B
332 #define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
333 #define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
334 #define MMC_PROFILE_BD_ROM 0x0040
335 #define MMC_PROFILE_BD_R_SRM 0x0041
336 #define MMC_PROFILE_BD_R_RRM 0x0042
337 #define MMC_PROFILE_BD_RE 0x0043
338 #define MMC_PROFILE_HDDVD_ROM 0x0050
339 #define MMC_PROFILE_HDDVD_R 0x0051
340 #define MMC_PROFILE_HDDVD_RAM 0x0052
341 #define MMC_PROFILE_HDDVD_RW 0x0053
342 #define MMC_PROFILE_HDDVD_R_DL 0x0058
343 #define MMC_PROFILE_HDDVD_RW_DL 0x005A
344 #define MMC_PROFILE_INVALID 0xFFFF
346 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
347 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
348 #define ATAPI_INT_REASON_REL 0x04
349 #define ATAPI_INT_REASON_TAG 0xf8
351 /* same constants as bochs */
352 #define ASC_ILLEGAL_OPCODE 0x20
353 #define ASC_LOGICAL_BLOCK_OOR 0x21
354 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
355 #define ASC_MEDIUM_MAY_HAVE_CHANGED 0x28
356 #define ASC_INCOMPATIBLE_FORMAT 0x30
357 #define ASC_MEDIUM_NOT_PRESENT 0x3a
358 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
360 #define CFA_NO_ERROR 0x00
361 #define CFA_MISC_ERROR 0x09
362 #define CFA_INVALID_COMMAND 0x20
363 #define CFA_INVALID_ADDRESS 0x21
364 #define CFA_ADDRESS_OVERFLOW 0x2f
367 #define SENSE_NOT_READY 2
368 #define SENSE_ILLEGAL_REQUEST 5
369 #define SENSE_UNIT_ATTENTION 6
373 typedef void EndTransferFunc(struct IDEState *);
375 /* NOTE: IDEState represents in fact one drive */
376 typedef struct IDEState {
380 int cylinders, heads, sectors;
384 uint16_t identify_data[256];
387 struct BMDMAState *bmdma;
389 char drive_serial_str[21];
397 /* other part of tf for lba48 support */
407 /* 0x3f6 command, only meaningful for drive 0 */
409 /* set for lba48 access */
411 /* depends on bit 4 in select, only meaningful for drive 0 */
412 struct IDEState *cur_drive;
413 BlockDriverState *bs;
417 int packet_transfer_size;
418 int elementary_transfer_size;
422 int atapi_dma; /* true if dma is requested for the packet cmd */
425 /* PIO transfer handling */
426 int req_nb_sectors; /* number of sectors per interrupt */
427 EndTransferFunc *end_transfer_func;
431 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
432 uint32_t irq_count; /* counts IRQs when using win2k install hack */
433 /* CF-ATA extended error */
435 /* CF-ATA metadata storage */
437 uint8_t *mdata_storage;
441 /* XXX: DVDs that could fit on a CD will be reported as a CD */
442 static inline int media_present(IDEState *s)
444 return (s->nb_sectors > 0);
447 static inline int media_is_dvd(IDEState *s)
449 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
452 static inline int media_is_cd(IDEState *s)
454 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
457 #define BM_STATUS_DMAING 0x01
458 #define BM_STATUS_ERROR 0x02
459 #define BM_STATUS_INT 0x04
460 #define BM_STATUS_DMA_RETRY 0x08
461 #define BM_STATUS_PIO_RETRY 0x10
463 #define BM_CMD_START 0x01
464 #define BM_CMD_READ 0x08
466 #define IDE_TYPE_PIIX3 0
467 #define IDE_TYPE_CMD646 1
468 #define IDE_TYPE_PIIX4 2
470 /* CMD646 specific */
472 #define MRDMODE_INTR_CH0 0x04
473 #define MRDMODE_INTR_CH1 0x08
474 #define MRDMODE_BLK_CH0 0x10
475 #define MRDMODE_BLK_CH1 0x20
476 #define UDIDETCR0 0x73
477 #define UDIDETCR1 0x7B
479 typedef struct BMDMAState {
484 struct PCIIDEState *pci_dev;
485 /* current transfer state */
487 uint32_t cur_prd_last;
488 uint32_t cur_prd_addr;
489 uint32_t cur_prd_len;
491 BlockDriverCompletionFunc *dma_cb;
492 BlockDriverAIOCB *aiocb;
497 typedef struct PCIIDEState {
501 int type; /* see IDE_TYPE_xxx */
504 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
505 static void ide_dma_restart(IDEState *s);
506 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
508 static void padstr(char *str, const char *src, int len)
511 for(i = 0; i < len; i++) {
520 static void padstr8(uint8_t *buf, int buf_size, const char *src)
523 for(i = 0; i < buf_size; i++) {
531 static void put_le16(uint16_t *p, unsigned int v)
536 static void ide_identify(IDEState *s)
539 unsigned int oldsize;
541 if (s->identify_set) {
542 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
546 memset(s->io_buffer, 0, 512);
547 p = (uint16_t *)s->io_buffer;
548 put_le16(p + 0, 0x0040);
549 put_le16(p + 1, s->cylinders);
550 put_le16(p + 3, s->heads);
551 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
552 put_le16(p + 5, 512); /* XXX: retired, remove ? */
553 put_le16(p + 6, s->sectors);
554 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
555 put_le16(p + 20, 3); /* XXX: retired, remove ? */
556 put_le16(p + 21, 512); /* cache size in sectors */
557 put_le16(p + 22, 4); /* ecc bytes */
558 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
559 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
560 #if MAX_MULT_SECTORS > 1
561 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
563 put_le16(p + 48, 1); /* dword I/O */
564 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
565 put_le16(p + 51, 0x200); /* PIO transfer cycle */
566 put_le16(p + 52, 0x200); /* DMA transfer cycle */
567 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
568 put_le16(p + 54, s->cylinders);
569 put_le16(p + 55, s->heads);
570 put_le16(p + 56, s->sectors);
571 oldsize = s->cylinders * s->heads * s->sectors;
572 put_le16(p + 57, oldsize);
573 put_le16(p + 58, oldsize >> 16);
575 put_le16(p + 59, 0x100 | s->mult_sectors);
576 put_le16(p + 60, s->nb_sectors);
577 put_le16(p + 61, s->nb_sectors >> 16);
578 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
579 put_le16(p + 63, 0x07); /* mdma0-2 supported */
580 put_le16(p + 65, 120);
581 put_le16(p + 66, 120);
582 put_le16(p + 67, 120);
583 put_le16(p + 68, 120);
584 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
585 put_le16(p + 81, 0x16); /* conforms to ata5 */
586 put_le16(p + 82, (1 << 14));
587 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
588 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
589 put_le16(p + 84, (1 << 14));
590 put_le16(p + 85, (1 << 14));
591 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
592 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
593 put_le16(p + 87, (1 << 14));
594 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
595 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
596 put_le16(p + 100, s->nb_sectors);
597 put_le16(p + 101, s->nb_sectors >> 16);
598 put_le16(p + 102, s->nb_sectors >> 32);
599 put_le16(p + 103, s->nb_sectors >> 48);
601 memcpy(s->identify_data, p, sizeof(s->identify_data));
605 static void ide_atapi_identify(IDEState *s)
609 if (s->identify_set) {
610 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
614 memset(s->io_buffer, 0, 512);
615 p = (uint16_t *)s->io_buffer;
616 /* Removable CDROM, 50us response, 12 byte packets */
617 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
618 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
619 put_le16(p + 20, 3); /* buffer type */
620 put_le16(p + 21, 512); /* cache size in sectors */
621 put_le16(p + 22, 4); /* ecc bytes */
622 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
623 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
624 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
626 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
627 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
628 put_le16(p + 62, 7); /* single word dma0-2 supported */
629 put_le16(p + 63, 7); /* mdma0-2 supported */
630 put_le16(p + 64, 0x3f); /* PIO modes supported */
632 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
633 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
634 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
635 put_le16(p + 64, 1); /* PIO modes */
637 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
638 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
639 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
640 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
642 put_le16(p + 71, 30); /* in ns */
643 put_le16(p + 72, 30); /* in ns */
645 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
647 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
649 memcpy(s->identify_data, p, sizeof(s->identify_data));
653 static void ide_cfata_identify(IDEState *s)
658 p = (uint16_t *) s->identify_data;
662 memset(p, 0, sizeof(s->identify_data));
664 cur_sec = s->cylinders * s->heads * s->sectors;
666 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
667 put_le16(p + 1, s->cylinders); /* Default cylinders */
668 put_le16(p + 3, s->heads); /* Default heads */
669 put_le16(p + 6, s->sectors); /* Default sectors per track */
670 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
671 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
672 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
673 put_le16(p + 22, 0x0004); /* ECC bytes */
674 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
675 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
676 #if MAX_MULT_SECTORS > 1
677 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
679 put_le16(p + 47, 0x0000);
681 put_le16(p + 49, 0x0f00); /* Capabilities */
682 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
683 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
684 put_le16(p + 53, 0x0003); /* Translation params valid */
685 put_le16(p + 54, s->cylinders); /* Current cylinders */
686 put_le16(p + 55, s->heads); /* Current heads */
687 put_le16(p + 56, s->sectors); /* Current sectors */
688 put_le16(p + 57, cur_sec); /* Current capacity */
689 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
690 if (s->mult_sectors) /* Multiple sector setting */
691 put_le16(p + 59, 0x100 | s->mult_sectors);
692 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
693 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
694 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
695 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
696 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
697 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
698 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
699 put_le16(p + 82, 0x400c); /* Command Set supported */
700 put_le16(p + 83, 0x7068); /* Command Set supported */
701 put_le16(p + 84, 0x4000); /* Features supported */
702 put_le16(p + 85, 0x000c); /* Command Set enabled */
703 put_le16(p + 86, 0x7044); /* Command Set enabled */
704 put_le16(p + 87, 0x4000); /* Features enabled */
705 put_le16(p + 91, 0x4060); /* Current APM level */
706 put_le16(p + 129, 0x0002); /* Current features option */
707 put_le16(p + 130, 0x0005); /* Reassigned sectors */
708 put_le16(p + 131, 0x0001); /* Initial power mode */
709 put_le16(p + 132, 0x0000); /* User signature */
710 put_le16(p + 160, 0x8100); /* Power requirement */
711 put_le16(p + 161, 0x8001); /* CF command set */
716 memcpy(s->io_buffer, p, sizeof(s->identify_data));
719 static void ide_set_signature(IDEState *s)
721 s->select &= 0xf0; /* clear head */
737 static inline void ide_abort_command(IDEState *s)
739 s->status = READY_STAT | ERR_STAT;
743 static inline void ide_dma_submit_check(IDEState *s,
744 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
751 static inline void ide_set_irq(IDEState *s)
753 BMDMAState *bm = s->bmdma;
754 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
756 bm->status |= BM_STATUS_INT;
758 qemu_irq_raise(s->irq);
762 /* prepare data transfer and tell what to do after */
763 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
764 EndTransferFunc *end_transfer_func)
766 s->end_transfer_func = end_transfer_func;
768 s->data_end = buf + size;
769 if (!(s->status & ERR_STAT))
770 s->status |= DRQ_STAT;
773 static void ide_transfer_stop(IDEState *s)
775 s->end_transfer_func = ide_transfer_stop;
776 s->data_ptr = s->io_buffer;
777 s->data_end = s->io_buffer;
778 s->status &= ~DRQ_STAT;
781 static int64_t ide_get_sector(IDEState *s)
784 if (s->select & 0x40) {
787 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
788 (s->lcyl << 8) | s->sector;
790 sector_num = ((int64_t)s->hob_hcyl << 40) |
791 ((int64_t) s->hob_lcyl << 32) |
792 ((int64_t) s->hob_sector << 24) |
793 ((int64_t) s->hcyl << 16) |
794 ((int64_t) s->lcyl << 8) | s->sector;
797 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
798 (s->select & 0x0f) * s->sectors + (s->sector - 1);
803 static void ide_set_sector(IDEState *s, int64_t sector_num)
806 if (s->select & 0x40) {
808 s->select = (s->select & 0xf0) | (sector_num >> 24);
809 s->hcyl = (sector_num >> 16);
810 s->lcyl = (sector_num >> 8);
811 s->sector = (sector_num);
813 s->sector = sector_num;
814 s->lcyl = sector_num >> 8;
815 s->hcyl = sector_num >> 16;
816 s->hob_sector = sector_num >> 24;
817 s->hob_lcyl = sector_num >> 32;
818 s->hob_hcyl = sector_num >> 40;
821 cyl = sector_num / (s->heads * s->sectors);
822 r = sector_num % (s->heads * s->sectors);
825 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
826 s->sector = (r % s->sectors) + 1;
830 static void ide_rw_error(IDEState *s) {
831 ide_abort_command(s);
835 static void ide_sector_read(IDEState *s)
840 s->status = READY_STAT | SEEK_STAT;
841 s->error = 0; /* not needed by IDE spec, but needed by Windows */
842 sector_num = ide_get_sector(s);
845 /* no more sector to read from disk */
846 ide_transfer_stop(s);
848 #if defined(DEBUG_IDE)
849 printf("read sector=%" PRId64 "\n", sector_num);
851 if (n > s->req_nb_sectors)
852 n = s->req_nb_sectors;
853 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
858 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
860 ide_set_sector(s, sector_num + n);
865 static void ide_dma_error(IDEState *s)
867 ide_transfer_stop(s);
869 s->status = READY_STAT | ERR_STAT;
873 static int ide_handle_write_error(IDEState *s, int error, int op)
875 BlockInterfaceErrorAction action = drive_get_onerror(s->bs);
877 if (action == BLOCK_ERR_IGNORE)
880 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
881 || action == BLOCK_ERR_STOP_ANY) {
882 s->bmdma->ide_if = s;
883 s->bmdma->status |= op;
886 if (op == BM_STATUS_DMA_RETRY)
895 /* return 0 if buffer completed */
896 static int dma_buf_rw(BMDMAState *bm, int is_write)
898 IDEState *s = bm->ide_if;
906 l = s->io_buffer_size - s->io_buffer_index;
909 if (bm->cur_prd_len == 0) {
910 /* end of table (with a fail safe of one page) */
911 if (bm->cur_prd_last ||
912 (bm->cur_addr - bm->addr) >= 4096)
914 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
916 prd.addr = le32_to_cpu(prd.addr);
917 prd.size = le32_to_cpu(prd.size);
918 len = prd.size & 0xfffe;
921 bm->cur_prd_len = len;
922 bm->cur_prd_addr = prd.addr;
923 bm->cur_prd_last = (prd.size & 0x80000000);
925 if (l > bm->cur_prd_len)
929 cpu_physical_memory_write(bm->cur_prd_addr,
930 s->io_buffer + s->io_buffer_index, l);
932 cpu_physical_memory_read(bm->cur_prd_addr,
933 s->io_buffer + s->io_buffer_index, l);
935 bm->cur_prd_addr += l;
936 bm->cur_prd_len -= l;
937 s->io_buffer_index += l;
943 static void ide_read_dma_cb(void *opaque, int ret)
945 BMDMAState *bm = opaque;
946 IDEState *s = bm->ide_if;
955 n = s->io_buffer_size >> 9;
956 sector_num = ide_get_sector(s);
959 ide_set_sector(s, sector_num);
961 if (dma_buf_rw(bm, 1) == 0)
965 /* end of transfer ? */
966 if (s->nsector == 0) {
967 s->status = READY_STAT | SEEK_STAT;
970 bm->status &= ~BM_STATUS_DMAING;
971 bm->status |= BM_STATUS_INT;
978 /* launch next transfer */
980 if (n > IDE_DMA_BUF_SECTORS)
981 n = IDE_DMA_BUF_SECTORS;
982 s->io_buffer_index = 0;
983 s->io_buffer_size = n * 512;
985 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n);
987 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
988 ide_read_dma_cb, bm);
989 ide_dma_submit_check(s, ide_read_dma_cb, bm);
992 static void ide_sector_read_dma(IDEState *s)
994 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
995 s->io_buffer_index = 0;
996 s->io_buffer_size = 0;
997 ide_dma_start(s, ide_read_dma_cb);
1000 static void ide_sector_write_timer_cb(void *opaque)
1002 IDEState *s = opaque;
1006 static void ide_sector_write(IDEState *s)
1011 s->status = READY_STAT | SEEK_STAT;
1012 sector_num = ide_get_sector(s);
1013 #if defined(DEBUG_IDE)
1014 printf("write sector=%" PRId64 "\n", sector_num);
1017 if (n > s->req_nb_sectors)
1018 n = s->req_nb_sectors;
1019 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
1022 if (ide_handle_write_error(s, -ret, BM_STATUS_PIO_RETRY))
1027 if (s->nsector == 0) {
1028 /* no more sectors to write */
1029 ide_transfer_stop(s);
1032 if (n1 > s->req_nb_sectors)
1033 n1 = s->req_nb_sectors;
1034 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
1036 ide_set_sector(s, sector_num + n);
1039 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
1040 /* It seems there is a bug in the Windows 2000 installer HDD
1041 IDE driver which fills the disk with empty logs when the
1042 IDE write IRQ comes too early. This hack tries to correct
1043 that at the expense of slower write performances. Use this
1044 option _only_ to install Windows 2000. You must disable it
1046 qemu_mod_timer(s->sector_write_timer,
1047 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
1055 static void ide_dma_restart_cb(void *opaque, int running)
1057 BMDMAState *bm = opaque;
1060 if (bm->status & BM_STATUS_DMA_RETRY) {
1061 bm->status &= ~BM_STATUS_DMA_RETRY;
1062 ide_dma_restart(bm->ide_if);
1063 } else if (bm->status & BM_STATUS_PIO_RETRY) {
1064 bm->status &= ~BM_STATUS_PIO_RETRY;
1065 ide_sector_write(bm->ide_if);
1069 static void ide_write_dma_cb(void *opaque, int ret)
1071 BMDMAState *bm = opaque;
1072 IDEState *s = bm->ide_if;
1077 if (ide_handle_write_error(s, -ret, BM_STATUS_DMA_RETRY))
1081 n = s->io_buffer_size >> 9;
1082 sector_num = ide_get_sector(s);
1085 ide_set_sector(s, sector_num);
1089 /* end of transfer ? */
1090 if (s->nsector == 0) {
1091 s->status = READY_STAT | SEEK_STAT;
1094 bm->status &= ~BM_STATUS_DMAING;
1095 bm->status |= BM_STATUS_INT;
1102 /* launch next transfer */
1104 if (n > IDE_DMA_BUF_SECTORS)
1105 n = IDE_DMA_BUF_SECTORS;
1106 s->io_buffer_index = 0;
1107 s->io_buffer_size = n * 512;
1109 if (dma_buf_rw(bm, 0) == 0)
1112 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n);
1114 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
1115 ide_write_dma_cb, bm);
1116 ide_dma_submit_check(s, ide_write_dma_cb, bm);
1119 static void ide_sector_write_dma(IDEState *s)
1121 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1122 s->io_buffer_index = 0;
1123 s->io_buffer_size = 0;
1124 ide_dma_start(s, ide_write_dma_cb);
1127 static void ide_atapi_cmd_ok(IDEState *s)
1130 s->status = READY_STAT | SEEK_STAT;
1131 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1135 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1137 #ifdef DEBUG_IDE_ATAPI
1138 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1140 s->error = sense_key << 4;
1141 s->status = READY_STAT | ERR_STAT;
1142 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1143 s->sense_key = sense_key;
1148 static void ide_atapi_cmd_check_status(IDEState *s)
1150 #ifdef DEBUG_IDE_ATAPI
1151 printf("atapi_cmd_check_status\n");
1153 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
1154 s->status = ERR_STAT;
1159 static inline void cpu_to_ube16(uint8_t *buf, int val)
1165 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1173 static inline int ube16_to_cpu(const uint8_t *buf)
1175 return (buf[0] << 8) | buf[1];
1178 static inline int ube32_to_cpu(const uint8_t *buf)
1180 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1183 static void lba_to_msf(uint8_t *buf, int lba)
1186 buf[0] = (lba / 75) / 60;
1187 buf[1] = (lba / 75) % 60;
1191 static void cd_data_to_raw(uint8_t *buf, int lba)
1195 memset(buf + 1, 0xff, 10);
1199 lba_to_msf(buf, lba);
1200 buf[3] = 0x01; /* mode 1 data */
1204 /* XXX: ECC not computed */
1205 memset(buf, 0, 288);
1208 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
1213 switch(sector_size) {
1215 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1218 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1221 cd_data_to_raw(buf, lba);
1230 static void ide_atapi_io_error(IDEState *s, int ret)
1232 /* XXX: handle more errors */
1233 if (ret == -ENOMEDIUM) {
1234 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1235 ASC_MEDIUM_NOT_PRESENT);
1237 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1238 ASC_LOGICAL_BLOCK_OOR);
1242 /* The whole ATAPI transfer logic is handled in this function */
1243 static void ide_atapi_cmd_reply_end(IDEState *s)
1245 int byte_count_limit, size, ret;
1246 #ifdef DEBUG_IDE_ATAPI
1247 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1248 s->packet_transfer_size,
1249 s->elementary_transfer_size,
1250 s->io_buffer_index);
1252 if (s->packet_transfer_size <= 0) {
1253 /* end of transfer */
1254 ide_transfer_stop(s);
1255 s->status = READY_STAT | SEEK_STAT;
1256 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1258 #ifdef DEBUG_IDE_ATAPI
1259 printf("status=0x%x\n", s->status);
1262 /* see if a new sector must be read */
1263 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1264 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1266 ide_transfer_stop(s);
1267 ide_atapi_io_error(s, ret);
1271 s->io_buffer_index = 0;
1273 if (s->elementary_transfer_size > 0) {
1274 /* there are some data left to transmit in this elementary
1276 size = s->cd_sector_size - s->io_buffer_index;
1277 if (size > s->elementary_transfer_size)
1278 size = s->elementary_transfer_size;
1279 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1280 size, ide_atapi_cmd_reply_end);
1281 s->packet_transfer_size -= size;
1282 s->elementary_transfer_size -= size;
1283 s->io_buffer_index += size;
1285 /* a new transfer is needed */
1286 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1287 byte_count_limit = s->lcyl | (s->hcyl << 8);
1288 #ifdef DEBUG_IDE_ATAPI
1289 printf("byte_count_limit=%d\n", byte_count_limit);
1291 if (byte_count_limit == 0xffff)
1293 size = s->packet_transfer_size;
1294 if (size > byte_count_limit) {
1295 /* byte count limit must be even if this case */
1296 if (byte_count_limit & 1)
1298 size = byte_count_limit;
1301 s->hcyl = size >> 8;
1302 s->elementary_transfer_size = size;
1303 /* we cannot transmit more than one sector at a time */
1305 if (size > (s->cd_sector_size - s->io_buffer_index))
1306 size = (s->cd_sector_size - s->io_buffer_index);
1308 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1309 size, ide_atapi_cmd_reply_end);
1310 s->packet_transfer_size -= size;
1311 s->elementary_transfer_size -= size;
1312 s->io_buffer_index += size;
1314 #ifdef DEBUG_IDE_ATAPI
1315 printf("status=0x%x\n", s->status);
1321 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1322 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1324 if (size > max_size)
1326 s->lba = -1; /* no sector read */
1327 s->packet_transfer_size = size;
1328 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1329 s->elementary_transfer_size = 0;
1330 s->io_buffer_index = 0;
1333 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
1334 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1336 s->status = READY_STAT | SEEK_STAT;
1337 ide_atapi_cmd_reply_end(s);
1341 /* start a CD-CDROM read command */
1342 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1346 s->packet_transfer_size = nb_sectors * sector_size;
1347 s->elementary_transfer_size = 0;
1348 s->io_buffer_index = sector_size;
1349 s->cd_sector_size = sector_size;
1351 s->status = READY_STAT | SEEK_STAT;
1352 ide_atapi_cmd_reply_end(s);
1355 /* ATAPI DMA support */
1357 /* XXX: handle read errors */
1358 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1360 BMDMAState *bm = opaque;
1361 IDEState *s = bm->ide_if;
1365 ide_atapi_io_error(s, ret);
1369 if (s->io_buffer_size > 0) {
1371 * For a cdrom read sector command (s->lba != -1),
1372 * adjust the lba for the next s->io_buffer_size chunk
1373 * and dma the current chunk.
1374 * For a command != read (s->lba == -1), just transfer
1378 if (s->cd_sector_size == 2352) {
1380 cd_data_to_raw(s->io_buffer, s->lba);
1382 n = s->io_buffer_size >> 11;
1386 s->packet_transfer_size -= s->io_buffer_size;
1387 if (dma_buf_rw(bm, 1) == 0)
1391 if (s->packet_transfer_size <= 0) {
1392 s->status = READY_STAT | SEEK_STAT;
1393 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1396 bm->status &= ~BM_STATUS_DMAING;
1397 bm->status |= BM_STATUS_INT;
1404 s->io_buffer_index = 0;
1405 if (s->cd_sector_size == 2352) {
1407 s->io_buffer_size = s->cd_sector_size;
1410 n = s->packet_transfer_size >> 11;
1411 if (n > (IDE_DMA_BUF_SECTORS / 4))
1412 n = (IDE_DMA_BUF_SECTORS / 4);
1413 s->io_buffer_size = n * 2048;
1417 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1419 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1420 s->io_buffer + data_offset, n * 4,
1421 ide_atapi_cmd_read_dma_cb, bm);
1423 /* Note: media not present is the most likely case */
1424 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1425 ASC_MEDIUM_NOT_PRESENT);
1430 /* start a CD-CDROM read command with DMA */
1431 /* XXX: test if DMA is available */
1432 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1436 s->packet_transfer_size = nb_sectors * sector_size;
1437 s->io_buffer_index = 0;
1438 s->io_buffer_size = 0;
1439 s->cd_sector_size = sector_size;
1441 /* XXX: check if BUSY_STAT should be set */
1442 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1443 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1446 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1449 #ifdef DEBUG_IDE_ATAPI
1450 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1454 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1456 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1460 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1463 uint8_t *buf_profile = buf + 12; /* start of profiles */
1465 buf_profile += ((*index) * 4); /* start of indexed profile */
1466 cpu_to_ube16 (buf_profile, profile);
1467 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1469 /* each profile adds 4 bytes to the response */
1471 buf[11] += 4; /* Additional Length */
1476 static int ide_dvd_read_structure(IDEState *s, int format,
1477 const uint8_t *packet, uint8_t *buf)
1480 case 0x0: /* Physical format information */
1482 int layer = packet[6];
1483 uint64_t total_sectors;
1486 return -ASC_INV_FIELD_IN_CMD_PACKET;
1488 bdrv_get_geometry(s->bs, &total_sectors);
1489 total_sectors >>= 2;
1490 if (total_sectors == 0)
1491 return -ASC_MEDIUM_NOT_PRESENT;
1493 buf[4] = 1; /* DVD-ROM, part version 1 */
1494 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1495 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1496 buf[7] = 0; /* default densities */
1498 /* FIXME: 0x30000 per spec? */
1499 cpu_to_ube32(buf + 8, 0); /* start sector */
1500 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1501 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1503 /* Size of buffer, not including 2 byte size field */
1504 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1506 /* 2k data + 4 byte header */
1510 case 0x01: /* DVD copyright information */
1511 buf[4] = 0; /* no copyright data */
1512 buf[5] = 0; /* no region restrictions */
1514 /* Size of buffer, not including 2 byte size field */
1515 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1517 /* 4 byte header + 4 byte data */
1520 case 0x03: /* BCA information - invalid field for no BCA info */
1521 return -ASC_INV_FIELD_IN_CMD_PACKET;
1523 case 0x04: /* DVD disc manufacturing information */
1524 /* Size of buffer, not including 2 byte size field */
1525 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1527 /* 2k data + 4 byte header */
1532 * This lists all the command capabilities above. Add new ones
1533 * in order and update the length and buffer return values.
1536 buf[4] = 0x00; /* Physical format */
1537 buf[5] = 0x40; /* Not writable, is readable */
1538 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1540 buf[8] = 0x01; /* Copyright info */
1541 buf[9] = 0x40; /* Not writable, is readable */
1542 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1544 buf[12] = 0x03; /* BCA info */
1545 buf[13] = 0x40; /* Not writable, is readable */
1546 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1548 buf[16] = 0x04; /* Manufacturing info */
1549 buf[17] = 0x40; /* Not writable, is readable */
1550 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1552 /* Size of buffer, not including 2 byte size field */
1553 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1555 /* data written + 4 byte header */
1558 default: /* TODO: formats beyond DVD-ROM requires */
1559 return -ASC_INV_FIELD_IN_CMD_PACKET;
1563 static void ide_atapi_cmd(IDEState *s)
1565 const uint8_t *packet;
1569 packet = s->io_buffer;
1571 #ifdef DEBUG_IDE_ATAPI
1574 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1575 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1576 printf(" %02x", packet[i]);
1581 /* If there's a UNIT_ATTENTION condition pending, only
1582 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1583 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1584 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1585 s->io_buffer[0] != GPCMD_INQUIRY) {
1586 ide_atapi_cmd_check_status(s);
1589 switch(s->io_buffer[0]) {
1590 case GPCMD_TEST_UNIT_READY:
1591 if (bdrv_is_inserted(s->bs)) {
1592 ide_atapi_cmd_ok(s);
1594 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1595 ASC_MEDIUM_NOT_PRESENT);
1598 case GPCMD_MODE_SENSE_6:
1599 case GPCMD_MODE_SENSE_10:
1602 if (packet[0] == GPCMD_MODE_SENSE_10)
1603 max_len = ube16_to_cpu(packet + 7);
1605 max_len = packet[4];
1606 action = packet[2] >> 6;
1607 code = packet[2] & 0x3f;
1609 case 0: /* current values */
1611 case 0x01: /* error recovery */
1612 cpu_to_ube16(&buf[0], 16 + 6);
1628 ide_atapi_cmd_reply(s, 16, max_len);
1631 cpu_to_ube16(&buf[0], 28 + 6);
1644 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1645 code checks for this to automount media. */
1648 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1649 if (bdrv_is_locked(s->bs))
1652 cpu_to_ube16(&buf[16], 706);
1655 cpu_to_ube16(&buf[20], 512);
1656 cpu_to_ube16(&buf[22], 706);
1661 ide_atapi_cmd_reply(s, 28, max_len);
1667 case 1: /* changeable values */
1669 case 2: /* default values */
1672 case 3: /* saved values */
1673 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1674 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1679 case GPCMD_REQUEST_SENSE:
1680 max_len = packet[4];
1682 buf[0] = 0x70 | (1 << 7);
1683 buf[2] = s->sense_key;
1686 if (s->sense_key == SENSE_UNIT_ATTENTION)
1687 s->sense_key = SENSE_NONE;
1688 ide_atapi_cmd_reply(s, 18, max_len);
1690 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1691 if (bdrv_is_inserted(s->bs)) {
1692 bdrv_set_locked(s->bs, packet[4] & 1);
1693 ide_atapi_cmd_ok(s);
1695 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1696 ASC_MEDIUM_NOT_PRESENT);
1702 int nb_sectors, lba;
1704 if (packet[0] == GPCMD_READ_10)
1705 nb_sectors = ube16_to_cpu(packet + 7);
1707 nb_sectors = ube32_to_cpu(packet + 6);
1708 lba = ube32_to_cpu(packet + 2);
1709 if (nb_sectors == 0) {
1710 ide_atapi_cmd_ok(s);
1713 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1718 int nb_sectors, lba, transfer_request;
1720 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1721 lba = ube32_to_cpu(packet + 2);
1722 if (nb_sectors == 0) {
1723 ide_atapi_cmd_ok(s);
1726 transfer_request = packet[9];
1727 switch(transfer_request & 0xf8) {
1730 ide_atapi_cmd_ok(s);
1734 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1738 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1741 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1742 ASC_INV_FIELD_IN_CMD_PACKET);
1750 uint64_t total_sectors;
1752 bdrv_get_geometry(s->bs, &total_sectors);
1753 total_sectors >>= 2;
1754 if (total_sectors == 0) {
1755 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1756 ASC_MEDIUM_NOT_PRESENT);
1759 lba = ube32_to_cpu(packet + 2);
1760 if (lba >= total_sectors) {
1761 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1762 ASC_LOGICAL_BLOCK_OOR);
1765 ide_atapi_cmd_ok(s);
1768 case GPCMD_START_STOP_UNIT:
1771 start = packet[4] & 1;
1772 eject = (packet[4] >> 1) & 1;
1774 if (eject && !start) {
1775 /* eject the disk */
1776 bdrv_eject(s->bs, 1);
1777 } else if (eject && start) {
1778 /* close the tray */
1779 bdrv_eject(s->bs, 0);
1781 ide_atapi_cmd_ok(s);
1784 case GPCMD_MECHANISM_STATUS:
1786 max_len = ube16_to_cpu(packet + 8);
1787 cpu_to_ube16(buf, 0);
1788 /* no current LBA */
1793 cpu_to_ube16(buf + 6, 0);
1794 ide_atapi_cmd_reply(s, 8, max_len);
1797 case GPCMD_READ_TOC_PMA_ATIP:
1799 int format, msf, start_track, len;
1800 uint64_t total_sectors;
1802 bdrv_get_geometry(s->bs, &total_sectors);
1803 total_sectors >>= 2;
1804 if (total_sectors == 0) {
1805 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1806 ASC_MEDIUM_NOT_PRESENT);
1809 max_len = ube16_to_cpu(packet + 7);
1810 format = packet[9] >> 6;
1811 msf = (packet[1] >> 1) & 1;
1812 start_track = packet[6];
1815 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1818 ide_atapi_cmd_reply(s, len, max_len);
1821 /* multi session : only a single session defined */
1826 ide_atapi_cmd_reply(s, 12, max_len);
1829 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1832 ide_atapi_cmd_reply(s, len, max_len);
1836 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1837 ASC_INV_FIELD_IN_CMD_PACKET);
1842 case GPCMD_READ_CDVD_CAPACITY:
1844 uint64_t total_sectors;
1846 bdrv_get_geometry(s->bs, &total_sectors);
1847 total_sectors >>= 2;
1848 if (total_sectors == 0) {
1849 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1850 ASC_MEDIUM_NOT_PRESENT);
1853 /* NOTE: it is really the number of sectors minus 1 */
1854 cpu_to_ube32(buf, total_sectors - 1);
1855 cpu_to_ube32(buf + 4, 2048);
1856 ide_atapi_cmd_reply(s, 8, 8);
1859 case GPCMD_READ_DVD_STRUCTURE:
1861 int media = packet[1];
1862 int format = packet[7];
1865 max_len = ube16_to_cpu(packet + 8);
1867 if (format < 0xff) {
1868 if (media_is_cd(s)) {
1869 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1870 ASC_INCOMPATIBLE_FORMAT);
1872 } else if (!media_present(s)) {
1873 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1874 ASC_INV_FIELD_IN_CMD_PACKET);
1879 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1880 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1886 ret = ide_dvd_read_structure(s, format, packet, buf);
1889 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1891 ide_atapi_cmd_reply(s, ret, max_len);
1895 /* TODO: BD support, fall through for now */
1897 /* Generic disk structures */
1898 case 0x80: /* TODO: AACS volume identifier */
1899 case 0x81: /* TODO: AACS media serial number */
1900 case 0x82: /* TODO: AACS media identifier */
1901 case 0x83: /* TODO: AACS media key block */
1902 case 0x90: /* TODO: List of recognized format layers */
1903 case 0xc0: /* TODO: Write protection status */
1905 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1906 ASC_INV_FIELD_IN_CMD_PACKET);
1911 case GPCMD_SET_SPEED:
1912 ide_atapi_cmd_ok(s);
1915 max_len = packet[4];
1916 buf[0] = 0x05; /* CD-ROM */
1917 buf[1] = 0x80; /* removable */
1918 buf[2] = 0x00; /* ISO */
1919 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1920 buf[4] = 31; /* additional length */
1921 buf[5] = 0; /* reserved */
1922 buf[6] = 0; /* reserved */
1923 buf[7] = 0; /* reserved */
1924 padstr8(buf + 8, 8, "QEMU");
1925 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1926 padstr8(buf + 32, 4, QEMU_VERSION);
1927 ide_atapi_cmd_reply(s, 36, max_len);
1929 case GPCMD_GET_CONFIGURATION:
1934 /* only feature 0 is supported */
1935 if (packet[2] != 0 || packet[3] != 0) {
1936 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1937 ASC_INV_FIELD_IN_CMD_PACKET);
1941 /* XXX: could result in alignment problems in some architectures */
1942 max_len = ube16_to_cpu(packet + 7);
1945 * XXX: avoid overflow for io_buffer if max_len is bigger than
1946 * the size of that buffer (dimensioned to max number of
1947 * sectors to transfer at once)
1949 * Only a problem if the feature/profiles grow.
1951 if (max_len > 512) /* XXX: assume 1 sector */
1954 memset(buf, 0, max_len);
1956 * the number of sectors from the media tells us which profile
1957 * to use as current. 0 means there is no media
1959 if (media_is_dvd(s))
1960 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1961 else if (media_is_cd(s))
1962 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1964 buf[10] = 0x02 | 0x01; /* persistent and current */
1965 len = 12; /* headers: 8 + 4 */
1966 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1967 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1968 cpu_to_ube32(buf, len - 4); /* data length */
1970 ide_atapi_cmd_reply(s, len, max_len);
1974 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1975 ASC_ILLEGAL_OPCODE);
1980 static void ide_cfata_metadata_inquiry(IDEState *s)
1985 p = (uint16_t *) s->io_buffer;
1986 memset(p, 0, 0x200);
1987 spd = ((s->mdata_size - 1) >> 9) + 1;
1989 put_le16(p + 0, 0x0001); /* Data format revision */
1990 put_le16(p + 1, 0x0000); /* Media property: silicon */
1991 put_le16(p + 2, s->media_changed); /* Media status */
1992 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1993 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1994 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1995 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1998 static void ide_cfata_metadata_read(IDEState *s)
2002 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
2003 s->status = ERR_STAT;
2004 s->error = ABRT_ERR;
2008 p = (uint16_t *) s->io_buffer;
2009 memset(p, 0, 0x200);
2011 put_le16(p + 0, s->media_changed); /* Media status */
2012 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
2013 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
2014 s->nsector << 9), 0x200 - 2));
2017 static void ide_cfata_metadata_write(IDEState *s)
2019 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
2020 s->status = ERR_STAT;
2021 s->error = ABRT_ERR;
2025 s->media_changed = 0;
2027 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
2029 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
2030 s->nsector << 9), 0x200 - 2));
2033 /* called when the inserted state of the media has changed */
2034 static void cdrom_change_cb(void *opaque)
2036 IDEState *s = opaque;
2037 uint64_t nb_sectors;
2039 bdrv_get_geometry(s->bs, &nb_sectors);
2040 s->nb_sectors = nb_sectors;
2042 s->sense_key = SENSE_UNIT_ATTENTION;
2043 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
2048 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
2052 /* handle the 'magic' 0 nsector count conversion here. to avoid
2053 * fiddling with the rest of the read logic, we just store the
2054 * full sector count in ->nsector and ignore ->hob_nsector from now
2060 if (!s->nsector && !s->hob_nsector)
2063 int lo = s->nsector;
2064 int hi = s->hob_nsector;
2066 s->nsector = (hi << 8) | lo;
2071 static void ide_clear_hob(IDEState *ide_if)
2073 /* any write clears HOB high bit of device control register */
2074 ide_if[0].select &= ~(1 << 7);
2075 ide_if[1].select &= ~(1 << 7);
2078 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
2080 IDEState *ide_if = opaque;
2086 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
2091 /* ignore writes to command block while busy with previous command */
2092 if (addr != 7 && (ide_if->cur_drive->status & (BUSY_STAT|DRQ_STAT)))
2099 ide_clear_hob(ide_if);
2100 /* NOTE: data is written to the two drives */
2101 ide_if[0].hob_feature = ide_if[0].feature;
2102 ide_if[1].hob_feature = ide_if[1].feature;
2103 ide_if[0].feature = val;
2104 ide_if[1].feature = val;
2107 ide_clear_hob(ide_if);
2108 ide_if[0].hob_nsector = ide_if[0].nsector;
2109 ide_if[1].hob_nsector = ide_if[1].nsector;
2110 ide_if[0].nsector = val;
2111 ide_if[1].nsector = val;
2114 ide_clear_hob(ide_if);
2115 ide_if[0].hob_sector = ide_if[0].sector;
2116 ide_if[1].hob_sector = ide_if[1].sector;
2117 ide_if[0].sector = val;
2118 ide_if[1].sector = val;
2121 ide_clear_hob(ide_if);
2122 ide_if[0].hob_lcyl = ide_if[0].lcyl;
2123 ide_if[1].hob_lcyl = ide_if[1].lcyl;
2124 ide_if[0].lcyl = val;
2125 ide_if[1].lcyl = val;
2128 ide_clear_hob(ide_if);
2129 ide_if[0].hob_hcyl = ide_if[0].hcyl;
2130 ide_if[1].hob_hcyl = ide_if[1].hcyl;
2131 ide_if[0].hcyl = val;
2132 ide_if[1].hcyl = val;
2135 /* FIXME: HOB readback uses bit 7 */
2136 ide_if[0].select = (val & ~0x10) | 0xa0;
2137 ide_if[1].select = (val | 0x10) | 0xa0;
2139 unit = (val >> 4) & 1;
2141 ide_if->cur_drive = s;
2146 #if defined(DEBUG_IDE)
2147 printf("ide: CMD=%02x\n", val);
2149 s = ide_if->cur_drive;
2150 /* ignore commands to non existant slave */
2151 if (s != ide_if && !s->bs)
2154 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
2155 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
2160 if (s->bs && !s->is_cdrom) {
2164 ide_cfata_identify(s);
2165 s->status = READY_STAT | SEEK_STAT;
2166 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2169 ide_set_signature(s);
2171 ide_abort_command(s);
2178 s->status = READY_STAT | SEEK_STAT;
2182 if (s->is_cf && s->nsector == 0) {
2183 /* Disable Read and Write Multiple */
2184 s->mult_sectors = 0;
2185 s->status = READY_STAT | SEEK_STAT;
2186 } else if ((s->nsector & 0xff) != 0 &&
2187 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
2188 (s->nsector & (s->nsector - 1)) != 0)) {
2189 ide_abort_command(s);
2191 s->mult_sectors = s->nsector & 0xff;
2192 s->status = READY_STAT | SEEK_STAT;
2196 case WIN_VERIFY_EXT:
2199 case WIN_VERIFY_ONCE:
2200 /* do sector number check ? */
2201 ide_cmd_lba48_transform(s, lba48);
2202 s->status = READY_STAT | SEEK_STAT;
2211 ide_cmd_lba48_transform(s, lba48);
2212 s->req_nb_sectors = 1;
2218 case WIN_WRITE_ONCE:
2219 case CFA_WRITE_SECT_WO_ERASE:
2220 case WIN_WRITE_VERIFY:
2221 ide_cmd_lba48_transform(s, lba48);
2223 s->status = SEEK_STAT | READY_STAT;
2224 s->req_nb_sectors = 1;
2225 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
2226 s->media_changed = 1;
2228 case WIN_MULTREAD_EXT:
2231 if (!s->mult_sectors)
2233 ide_cmd_lba48_transform(s, lba48);
2234 s->req_nb_sectors = s->mult_sectors;
2237 case WIN_MULTWRITE_EXT:
2240 case CFA_WRITE_MULTI_WO_ERASE:
2241 if (!s->mult_sectors)
2243 ide_cmd_lba48_transform(s, lba48);
2245 s->status = SEEK_STAT | READY_STAT;
2246 s->req_nb_sectors = s->mult_sectors;
2248 if (n > s->req_nb_sectors)
2249 n = s->req_nb_sectors;
2250 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
2251 s->media_changed = 1;
2253 case WIN_READDMA_EXT:
2256 case WIN_READDMA_ONCE:
2259 ide_cmd_lba48_transform(s, lba48);
2260 ide_sector_read_dma(s);
2262 case WIN_WRITEDMA_EXT:
2265 case WIN_WRITEDMA_ONCE:
2268 ide_cmd_lba48_transform(s, lba48);
2269 ide_sector_write_dma(s);
2270 s->media_changed = 1;
2272 case WIN_READ_NATIVE_MAX_EXT:
2274 case WIN_READ_NATIVE_MAX:
2275 ide_cmd_lba48_transform(s, lba48);
2276 ide_set_sector(s, s->nb_sectors - 1);
2277 s->status = READY_STAT | SEEK_STAT;
2280 case WIN_CHECKPOWERMODE1:
2281 case WIN_CHECKPOWERMODE2:
2282 s->nsector = 0xff; /* device active or idle */
2283 s->status = READY_STAT | SEEK_STAT;
2286 case WIN_SETFEATURES:
2289 /* XXX: valid for CDROM ? */
2290 switch(s->feature) {
2291 case 0xcc: /* reverting to power-on defaults enable */
2292 case 0x66: /* reverting to power-on defaults disable */
2293 case 0x02: /* write cache enable */
2294 case 0x82: /* write cache disable */
2295 case 0xaa: /* read look-ahead enable */
2296 case 0x55: /* read look-ahead disable */
2297 case 0x05: /* set advanced power management mode */
2298 case 0x85: /* disable advanced power management mode */
2299 case 0x69: /* NOP */
2300 case 0x67: /* NOP */
2301 case 0x96: /* NOP */
2302 case 0x9a: /* NOP */
2303 case 0x42: /* enable Automatic Acoustic Mode */
2304 case 0xc2: /* disable Automatic Acoustic Mode */
2305 s->status = READY_STAT | SEEK_STAT;
2308 case 0x03: { /* set transfer mode */
2309 uint8_t val = s->nsector & 0x07;
2311 switch (s->nsector >> 3) {
2312 case 0x00: /* pio default */
2313 case 0x01: /* pio mode */
2314 put_le16(s->identify_data + 62,0x07);
2315 put_le16(s->identify_data + 63,0x07);
2316 put_le16(s->identify_data + 88,0x3f);
2318 case 0x02: /* sigle word dma mode*/
2319 put_le16(s->identify_data + 62,0x07 | (1 << (val + 8)));
2320 put_le16(s->identify_data + 63,0x07);
2321 put_le16(s->identify_data + 88,0x3f);
2323 case 0x04: /* mdma mode */
2324 put_le16(s->identify_data + 62,0x07);
2325 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
2326 put_le16(s->identify_data + 88,0x3f);
2328 case 0x08: /* udma mode */
2329 put_le16(s->identify_data + 62,0x07);
2330 put_le16(s->identify_data + 63,0x07);
2331 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
2336 s->status = READY_STAT | SEEK_STAT;
2344 case WIN_FLUSH_CACHE:
2345 case WIN_FLUSH_CACHE_EXT:
2348 s->status = READY_STAT | SEEK_STAT;
2353 case WIN_STANDBYNOW1:
2354 case WIN_STANDBYNOW2:
2355 case WIN_IDLEIMMEDIATE:
2356 case CFA_IDLEIMMEDIATE:
2361 s->status = READY_STAT;
2367 /* XXX: Check that seek is within bounds */
2368 s->status = READY_STAT | SEEK_STAT;
2371 /* ATAPI commands */
2374 ide_atapi_identify(s);
2375 s->status = READY_STAT | SEEK_STAT;
2376 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2378 ide_abort_command(s);
2383 ide_set_signature(s);
2385 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2386 * devices to return a clear status register
2387 * with READY_STAT *not* set. */
2389 s->status = READY_STAT | SEEK_STAT;
2390 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2398 ide_set_signature(s);
2399 s->status = 0x00; /* NOTE: READY is _not_ set */
2405 /* overlapping commands not supported */
2406 if (s->feature & 0x02)
2408 s->status = READY_STAT | SEEK_STAT;
2409 s->atapi_dma = s->feature & 1;
2411 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2414 /* CF-ATA commands */
2415 case CFA_REQ_EXT_ERROR_CODE:
2418 s->error = 0x09; /* miscellaneous error */
2419 s->status = READY_STAT | SEEK_STAT;
2422 case CFA_ERASE_SECTORS:
2423 case CFA_WEAR_LEVEL:
2426 if (val == CFA_WEAR_LEVEL)
2428 if (val == CFA_ERASE_SECTORS)
2429 s->media_changed = 1;
2431 s->status = READY_STAT | SEEK_STAT;
2434 case CFA_TRANSLATE_SECTOR:
2438 s->status = READY_STAT | SEEK_STAT;
2439 memset(s->io_buffer, 0, 0x200);
2440 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2441 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2442 s->io_buffer[0x02] = s->select; /* Head */
2443 s->io_buffer[0x03] = s->sector; /* Sector */
2444 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2445 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2446 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2447 s->io_buffer[0x13] = 0x00; /* Erase flag */
2448 s->io_buffer[0x18] = 0x00; /* Hot count */
2449 s->io_buffer[0x19] = 0x00; /* Hot count */
2450 s->io_buffer[0x1a] = 0x01; /* Hot count */
2451 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2454 case CFA_ACCESS_METADATA_STORAGE:
2457 switch (s->feature) {
2458 case 0x02: /* Inquiry Metadata Storage */
2459 ide_cfata_metadata_inquiry(s);
2461 case 0x03: /* Read Metadata Storage */
2462 ide_cfata_metadata_read(s);
2464 case 0x04: /* Write Metadata Storage */
2465 ide_cfata_metadata_write(s);
2470 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2471 s->status = 0x00; /* NOTE: READY is _not_ set */
2474 case IBM_SENSE_CONDITION:
2477 switch (s->feature) {
2478 case 0x01: /* sense temperature in device */
2479 s->nsector = 0x50; /* +20 C */
2484 s->status = READY_STAT | SEEK_STAT;
2489 ide_abort_command(s);
2496 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2498 IDEState *ide_if = opaque;
2499 IDEState *s = ide_if->cur_drive;
2504 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2505 //hob = s->select & (1 << 7);
2512 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2513 (s != ide_if && !s->bs))
2518 ret = s->hob_feature;
2521 if (!ide_if[0].bs && !ide_if[1].bs)
2524 ret = s->nsector & 0xff;
2526 ret = s->hob_nsector;
2529 if (!ide_if[0].bs && !ide_if[1].bs)
2534 ret = s->hob_sector;
2537 if (!ide_if[0].bs && !ide_if[1].bs)
2545 if (!ide_if[0].bs && !ide_if[1].bs)
2553 if (!ide_if[0].bs && !ide_if[1].bs)
2560 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2561 (s != ide_if && !s->bs))
2565 qemu_irq_lower(s->irq);
2569 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2574 static uint32_t ide_status_read(void *opaque, uint32_t addr)
2576 IDEState *ide_if = opaque;
2577 IDEState *s = ide_if->cur_drive;
2580 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2581 (s != ide_if && !s->bs))
2586 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2591 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2593 IDEState *ide_if = opaque;
2598 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2600 /* common for both drives */
2601 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2602 (val & IDE_CMD_RESET)) {
2603 /* reset low to high */
2604 for(i = 0;i < 2; i++) {
2606 s->status = BUSY_STAT | SEEK_STAT;
2609 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2610 !(val & IDE_CMD_RESET)) {
2612 for(i = 0;i < 2; i++) {
2615 s->status = 0x00; /* NOTE: READY is _not_ set */
2617 s->status = READY_STAT | SEEK_STAT;
2618 ide_set_signature(s);
2622 ide_if[0].cmd = val;
2623 ide_if[1].cmd = val;
2626 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2628 IDEState *s = ((IDEState *)opaque)->cur_drive;
2631 /* PIO data access allowed only when DRQ bit is set */
2632 if (!(s->status & DRQ_STAT))
2636 *(uint16_t *)p = le16_to_cpu(val);
2639 if (p >= s->data_end)
2640 s->end_transfer_func(s);
2643 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2645 IDEState *s = ((IDEState *)opaque)->cur_drive;
2649 /* PIO data access allowed only when DRQ bit is set */
2650 if (!(s->status & DRQ_STAT))
2654 ret = cpu_to_le16(*(uint16_t *)p);
2657 if (p >= s->data_end)
2658 s->end_transfer_func(s);
2662 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2664 IDEState *s = ((IDEState *)opaque)->cur_drive;
2667 /* PIO data access allowed only when DRQ bit is set */
2668 if (!(s->status & DRQ_STAT))
2672 *(uint32_t *)p = le32_to_cpu(val);
2675 if (p >= s->data_end)
2676 s->end_transfer_func(s);
2679 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2681 IDEState *s = ((IDEState *)opaque)->cur_drive;
2685 /* PIO data access allowed only when DRQ bit is set */
2686 if (!(s->status & DRQ_STAT))
2690 ret = cpu_to_le32(*(uint32_t *)p);
2693 if (p >= s->data_end)
2694 s->end_transfer_func(s);
2698 static void ide_dummy_transfer_stop(IDEState *s)
2700 s->data_ptr = s->io_buffer;
2701 s->data_end = s->io_buffer;
2702 s->io_buffer[0] = 0xff;
2703 s->io_buffer[1] = 0xff;
2704 s->io_buffer[2] = 0xff;
2705 s->io_buffer[3] = 0xff;
2708 static void ide_reset(IDEState *s)
2711 s->mult_sectors = 0;
2713 s->mult_sectors = MAX_MULT_SECTORS;
2716 s->status = READY_STAT | SEEK_STAT;
2717 ide_set_signature(s);
2718 /* init the transfer handler so that 0xffff is returned on data
2720 s->end_transfer_func = ide_dummy_transfer_stop;
2721 ide_dummy_transfer_stop(s);
2722 s->media_changed = 0;
2725 static void ide_init2(IDEState *ide_state,
2726 BlockDriverState *hd0, BlockDriverState *hd1,
2730 static int drive_serial = 1;
2731 int i, cylinders, heads, secs;
2732 uint64_t nb_sectors;
2734 for(i = 0; i < 2; i++) {
2736 s->io_buffer = qemu_memalign(512, IDE_DMA_BUF_SECTORS*512 + 4);
2742 bdrv_get_geometry(s->bs, &nb_sectors);
2743 bdrv_guess_geometry(s->bs, &cylinders, &heads, &secs);
2744 s->cylinders = cylinders;
2747 s->nb_sectors = nb_sectors;
2749 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2751 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2754 s->drive_serial = drive_serial++;
2755 strncpy(s->drive_serial_str, drive_get_serial(s->bs),
2756 sizeof(s->drive_serial_str));
2757 if (strlen(s->drive_serial_str) == 0)
2758 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2759 "QM%05d", s->drive_serial);
2761 s->sector_write_timer = qemu_new_timer(vm_clock,
2762 ide_sector_write_timer_cb, s);
2767 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2769 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2770 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2772 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2773 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2777 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2778 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2779 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2780 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2783 /* save per IDE drive data */
2784 static void ide_save(QEMUFile* f, IDEState *s)
2786 qemu_put_be32(f, s->mult_sectors);
2787 qemu_put_be32(f, s->identify_set);
2788 if (s->identify_set) {
2789 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2791 qemu_put_8s(f, &s->feature);
2792 qemu_put_8s(f, &s->error);
2793 qemu_put_be32s(f, &s->nsector);
2794 qemu_put_8s(f, &s->sector);
2795 qemu_put_8s(f, &s->lcyl);
2796 qemu_put_8s(f, &s->hcyl);
2797 qemu_put_8s(f, &s->hob_feature);
2798 qemu_put_8s(f, &s->hob_nsector);
2799 qemu_put_8s(f, &s->hob_sector);
2800 qemu_put_8s(f, &s->hob_lcyl);
2801 qemu_put_8s(f, &s->hob_hcyl);
2802 qemu_put_8s(f, &s->select);
2803 qemu_put_8s(f, &s->status);
2804 qemu_put_8s(f, &s->lba48);
2806 qemu_put_8s(f, &s->sense_key);
2807 qemu_put_8s(f, &s->asc);
2808 /* XXX: if a transfer is pending, we do not save it yet */
2811 /* load per IDE drive data */
2812 static void ide_load(QEMUFile* f, IDEState *s)
2814 s->mult_sectors=qemu_get_be32(f);
2815 s->identify_set=qemu_get_be32(f);
2816 if (s->identify_set) {
2817 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2819 qemu_get_8s(f, &s->feature);
2820 qemu_get_8s(f, &s->error);
2821 qemu_get_be32s(f, &s->nsector);
2822 qemu_get_8s(f, &s->sector);
2823 qemu_get_8s(f, &s->lcyl);
2824 qemu_get_8s(f, &s->hcyl);
2825 qemu_get_8s(f, &s->hob_feature);
2826 qemu_get_8s(f, &s->hob_nsector);
2827 qemu_get_8s(f, &s->hob_sector);
2828 qemu_get_8s(f, &s->hob_lcyl);
2829 qemu_get_8s(f, &s->hob_hcyl);
2830 qemu_get_8s(f, &s->select);
2831 qemu_get_8s(f, &s->status);
2832 qemu_get_8s(f, &s->lba48);
2834 qemu_get_8s(f, &s->sense_key);
2835 qemu_get_8s(f, &s->asc);
2836 /* XXX: if a transfer is pending, we do not save it yet */
2839 /***********************************************************/
2840 /* ISA IDE definitions */
2842 void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
2843 BlockDriverState *hd0, BlockDriverState *hd1)
2845 IDEState *ide_state;
2847 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2851 ide_init2(ide_state, hd0, hd1, irq);
2852 ide_init_ioport(ide_state, iobase, iobase2);
2855 /***********************************************************/
2856 /* PCI IDE definitions */
2858 static void cmd646_update_irq(PCIIDEState *d);
2860 static void ide_map(PCIDevice *pci_dev, int region_num,
2861 uint32_t addr, uint32_t size, int type)
2863 PCIIDEState *d = (PCIIDEState *)pci_dev;
2864 IDEState *ide_state;
2866 if (region_num <= 3) {
2867 ide_state = &d->ide_if[(region_num >> 1) * 2];
2868 if (region_num & 1) {
2869 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2870 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2872 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2873 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2876 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2877 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2878 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2879 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2884 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2886 BMDMAState *bm = s->bmdma;
2890 bm->dma_cb = dma_cb;
2891 bm->cur_prd_last = 0;
2892 bm->cur_prd_addr = 0;
2893 bm->cur_prd_len = 0;
2894 bm->sector_num = ide_get_sector(s);
2895 bm->nsector = s->nsector;
2896 if (bm->status & BM_STATUS_DMAING) {
2901 static void ide_dma_restart(IDEState *s)
2903 BMDMAState *bm = s->bmdma;
2904 ide_set_sector(s, bm->sector_num);
2905 s->io_buffer_index = 0;
2906 s->io_buffer_size = 0;
2907 s->nsector = bm->nsector;
2908 bm->cur_addr = bm->addr;
2909 bm->dma_cb = ide_write_dma_cb;
2910 ide_dma_start(s, bm->dma_cb);
2913 static void ide_dma_cancel(BMDMAState *bm)
2915 if (bm->status & BM_STATUS_DMAING) {
2916 bm->status &= ~BM_STATUS_DMAING;
2917 /* cancel DMA request */
2922 printf("aio_cancel\n");
2924 bdrv_aio_cancel(bm->aiocb);
2930 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2932 BMDMAState *bm = opaque;
2934 printf("%s: 0x%08x\n", __func__, val);
2936 if (!(val & BM_CMD_START)) {
2937 /* XXX: do it better */
2939 bm->cmd = val & 0x09;
2941 if (!(bm->status & BM_STATUS_DMAING)) {
2942 bm->status |= BM_STATUS_DMAING;
2943 /* start dma transfer if possible */
2947 bm->cmd = val & 0x09;
2951 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2953 BMDMAState *bm = opaque;
2954 PCIIDEState *pci_dev;
2962 pci_dev = bm->pci_dev;
2963 if (pci_dev->type == IDE_TYPE_CMD646) {
2964 val = pci_dev->dev.config[MRDMODE];
2973 pci_dev = bm->pci_dev;
2974 if (pci_dev->type == IDE_TYPE_CMD646) {
2975 if (bm == &pci_dev->bmdma[0])
2976 val = pci_dev->dev.config[UDIDETCR0];
2978 val = pci_dev->dev.config[UDIDETCR1];
2988 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2993 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2995 BMDMAState *bm = opaque;
2996 PCIIDEState *pci_dev;
2998 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
3002 pci_dev = bm->pci_dev;
3003 if (pci_dev->type == IDE_TYPE_CMD646) {
3004 pci_dev->dev.config[MRDMODE] =
3005 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
3006 cmd646_update_irq(pci_dev);
3010 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
3013 pci_dev = bm->pci_dev;
3014 if (pci_dev->type == IDE_TYPE_CMD646) {
3015 if (bm == &pci_dev->bmdma[0])
3016 pci_dev->dev.config[UDIDETCR0] = val;
3018 pci_dev->dev.config[UDIDETCR1] = val;
3024 static uint32_t bmdma_addr_readb(void *opaque, uint32_t addr)
3026 BMDMAState *bm = opaque;
3028 val = (bm->addr >> ((addr & 3) * 8)) & 0xff;
3030 printf("%s: 0x%08x\n", __func__, val);
3035 static void bmdma_addr_writeb(void *opaque, uint32_t addr, uint32_t val)
3037 BMDMAState *bm = opaque;
3038 int shift = (addr & 3) * 8;
3040 printf("%s: 0x%08x\n", __func__, val);
3042 bm->addr &= ~(0xFF << shift);
3043 bm->addr |= ((val & 0xFF) << shift) & ~3;
3044 bm->cur_addr = bm->addr;
3047 static uint32_t bmdma_addr_readw(void *opaque, uint32_t addr)
3049 BMDMAState *bm = opaque;
3051 val = (bm->addr >> ((addr & 3) * 8)) & 0xffff;
3053 printf("%s: 0x%08x\n", __func__, val);
3058 static void bmdma_addr_writew(void *opaque, uint32_t addr, uint32_t val)
3060 BMDMAState *bm = opaque;
3061 int shift = (addr & 3) * 8;
3063 printf("%s: 0x%08x\n", __func__, val);
3065 bm->addr &= ~(0xFFFF << shift);
3066 bm->addr |= ((val & 0xFFFF) << shift) & ~3;
3067 bm->cur_addr = bm->addr;
3070 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
3072 BMDMAState *bm = opaque;
3076 printf("%s: 0x%08x\n", __func__, val);
3081 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
3083 BMDMAState *bm = opaque;
3085 printf("%s: 0x%08x\n", __func__, val);
3087 bm->addr = val & ~3;
3088 bm->cur_addr = bm->addr;
3091 static void bmdma_map(PCIDevice *pci_dev, int region_num,
3092 uint32_t addr, uint32_t size, int type)
3094 PCIIDEState *d = (PCIIDEState *)pci_dev;
3097 for(i = 0;i < 2; i++) {
3098 BMDMAState *bm = &d->bmdma[i];
3099 d->ide_if[2 * i].bmdma = bm;
3100 d->ide_if[2 * i + 1].bmdma = bm;
3101 bm->pci_dev = (PCIIDEState *)pci_dev;
3102 qemu_add_vm_change_state_handler(ide_dma_restart_cb, bm);
3104 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
3106 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
3107 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
3109 register_ioport_write(addr + 4, 4, 1, bmdma_addr_writeb, bm);
3110 register_ioport_read(addr + 4, 4, 1, bmdma_addr_readb, bm);
3111 register_ioport_write(addr + 4, 4, 2, bmdma_addr_writew, bm);
3112 register_ioport_read(addr + 4, 4, 2, bmdma_addr_readw, bm);
3113 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
3114 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
3119 static void pci_ide_save(QEMUFile* f, void *opaque)
3121 PCIIDEState *d = opaque;
3124 pci_device_save(&d->dev, f);
3126 for(i = 0; i < 2; i++) {
3127 BMDMAState *bm = &d->bmdma[i];
3129 qemu_put_8s(f, &bm->cmd);
3130 qemu_put_8s(f, &bm->status);
3131 qemu_put_be32s(f, &bm->addr);
3132 qemu_put_sbe64s(f, &bm->sector_num);
3133 qemu_put_be32s(f, &bm->nsector);
3134 ifidx = bm->ide_if ? bm->ide_if - d->ide_if : 0;
3135 qemu_put_8s(f, &ifidx);
3136 /* XXX: if a transfer is pending, we do not save it yet */
3139 /* per IDE interface data */
3140 for(i = 0; i < 2; i++) {
3141 IDEState *s = &d->ide_if[i * 2];
3142 uint8_t drive1_selected;
3143 qemu_put_8s(f, &s->cmd);
3144 drive1_selected = (s->cur_drive != s);
3145 qemu_put_8s(f, &drive1_selected);
3148 /* per IDE drive data */
3149 for(i = 0; i < 4; i++) {
3150 ide_save(f, &d->ide_if[i]);
3154 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
3156 PCIIDEState *d = opaque;
3159 if (version_id != 2)
3161 ret = pci_device_load(&d->dev, f);
3165 for(i = 0; i < 2; i++) {
3166 BMDMAState *bm = &d->bmdma[i];
3168 qemu_get_8s(f, &bm->cmd);
3169 qemu_get_8s(f, &bm->status);
3170 qemu_get_be32s(f, &bm->addr);
3171 qemu_get_sbe64s(f, &bm->sector_num);
3172 qemu_get_be32s(f, &bm->nsector);
3173 qemu_get_8s(f, &ifidx);
3174 bm->ide_if = &d->ide_if[ifidx];
3175 /* XXX: if a transfer is pending, we do not save it yet */
3178 /* per IDE interface data */
3179 for(i = 0; i < 2; i++) {
3180 IDEState *s = &d->ide_if[i * 2];
3181 uint8_t drive1_selected;
3182 qemu_get_8s(f, &s->cmd);
3183 qemu_get_8s(f, &drive1_selected);
3184 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
3187 /* per IDE drive data */
3188 for(i = 0; i < 4; i++) {
3189 ide_load(f, &d->ide_if[i]);
3194 /* XXX: call it also when the MRDMODE is changed from the PCI config
3196 static void cmd646_update_irq(PCIIDEState *d)
3199 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
3200 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
3201 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
3202 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
3203 qemu_set_irq(d->dev.irq[0], pci_level);
3206 /* the PCI irq level is the logical OR of the two channels */
3207 static void cmd646_set_irq(void *opaque, int channel, int level)
3209 PCIIDEState *d = opaque;
3212 irq_mask = MRDMODE_INTR_CH0 << channel;
3214 d->dev.config[MRDMODE] |= irq_mask;
3216 d->dev.config[MRDMODE] &= ~irq_mask;
3217 cmd646_update_irq(d);
3220 static void cmd646_reset(void *opaque)
3222 PCIIDEState *d = opaque;
3225 for (i = 0; i < 2; i++)
3226 ide_dma_cancel(&d->bmdma[i]);
3229 /* CMD646 PCI IDE controller */
3230 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
3231 int secondary_ide_enabled)
3238 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
3239 sizeof(PCIIDEState),
3242 d->type = IDE_TYPE_CMD646;
3243 pci_conf = d->dev.config;
3244 pci_conf[0x00] = 0x95; // CMD646
3245 pci_conf[0x01] = 0x10;
3246 pci_conf[0x02] = 0x46;
3247 pci_conf[0x03] = 0x06;
3249 pci_conf[0x08] = 0x07; // IDE controller revision
3250 pci_conf[0x09] = 0x8f;
3252 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3253 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3254 pci_conf[0x0e] = 0x00; // header_type
3256 pci_conf[0x51] = 0x04; // enable IDE0
3257 if (secondary_ide_enabled) {
3258 /* XXX: if not enabled, really disable the seconday IDE controller */
3259 pci_conf[0x51] |= 0x08; /* enable IDE1 */
3262 pci_register_io_region((PCIDevice *)d, 0, 0x8,
3263 PCI_ADDRESS_SPACE_IO, ide_map);
3264 pci_register_io_region((PCIDevice *)d, 1, 0x4,
3265 PCI_ADDRESS_SPACE_IO, ide_map);
3266 pci_register_io_region((PCIDevice *)d, 2, 0x8,
3267 PCI_ADDRESS_SPACE_IO, ide_map);
3268 pci_register_io_region((PCIDevice *)d, 3, 0x4,
3269 PCI_ADDRESS_SPACE_IO, ide_map);
3270 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3271 PCI_ADDRESS_SPACE_IO, bmdma_map);
3273 pci_conf[0x3d] = 0x01; // interrupt on pin 1
3275 for(i = 0; i < 4; i++)
3276 d->ide_if[i].pci_dev = (PCIDevice *)d;
3278 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
3279 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
3280 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
3282 register_savevm("ide", 0, 2, pci_ide_save, pci_ide_load, d);
3283 qemu_register_reset(cmd646_reset, d);
3287 static void piix3_reset(void *opaque)
3289 PCIIDEState *d = opaque;
3290 uint8_t *pci_conf = d->dev.config;
3293 for (i = 0; i < 2; i++)
3294 ide_dma_cancel(&d->bmdma[i]);
3296 pci_conf[0x04] = 0x00;
3297 pci_conf[0x05] = 0x00;
3298 pci_conf[0x06] = 0x80; /* FBC */
3299 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
3300 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
3303 /* hd_table must contain 4 block drivers */
3304 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
3305 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3311 /* register a function 1 of PIIX3 */
3312 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
3313 sizeof(PCIIDEState),
3316 d->type = IDE_TYPE_PIIX3;
3318 pci_conf = d->dev.config;
3319 pci_conf[0x00] = 0x86; // Intel
3320 pci_conf[0x01] = 0x80;
3321 pci_conf[0x02] = 0x10;
3322 pci_conf[0x03] = 0x70;
3323 pci_conf[0x09] = 0x80; // legacy ATA mode
3324 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3325 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3326 pci_conf[0x0e] = 0x00; // header_type
3328 qemu_register_reset(piix3_reset, d);
3331 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3332 PCI_ADDRESS_SPACE_IO, bmdma_map);
3334 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3335 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3336 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3337 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3339 register_savevm("ide", 0, 2, pci_ide_save, pci_ide_load, d);
3342 /* hd_table must contain 4 block drivers */
3343 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3344 void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3350 /* register a function 1 of PIIX4 */
3351 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
3352 sizeof(PCIIDEState),
3355 d->type = IDE_TYPE_PIIX4;
3357 pci_conf = d->dev.config;
3358 pci_conf[0x00] = 0x86; // Intel
3359 pci_conf[0x01] = 0x80;
3360 pci_conf[0x02] = 0x11;
3361 pci_conf[0x03] = 0x71;
3362 pci_conf[0x09] = 0x80; // legacy ATA mode
3363 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3364 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3365 pci_conf[0x0e] = 0x00; // header_type
3367 qemu_register_reset(piix3_reset, d);
3370 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3371 PCI_ADDRESS_SPACE_IO, bmdma_map);
3373 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3374 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3375 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3376 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3378 register_savevm("ide", 0, 2, pci_ide_save, pci_ide_load, d);
3381 /***********************************************************/
3382 /* MacIO based PowerPC IDE */
3384 /* PowerMac IDE memory IO */
3385 static void pmac_ide_writeb (void *opaque,
3386 target_phys_addr_t addr, uint32_t val)
3388 addr = (addr & 0xFFF) >> 4;
3391 ide_ioport_write(opaque, addr, val);
3395 ide_cmd_write(opaque, 0, val);
3402 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3406 addr = (addr & 0xFFF) >> 4;
3409 retval = ide_ioport_read(opaque, addr);
3413 retval = ide_status_read(opaque, 0);
3422 static void pmac_ide_writew (void *opaque,
3423 target_phys_addr_t addr, uint32_t val)
3425 addr = (addr & 0xFFF) >> 4;
3426 #ifdef TARGET_WORDS_BIGENDIAN
3430 ide_data_writew(opaque, 0, val);
3434 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3438 addr = (addr & 0xFFF) >> 4;
3440 retval = ide_data_readw(opaque, 0);
3444 #ifdef TARGET_WORDS_BIGENDIAN
3445 retval = bswap16(retval);
3450 static void pmac_ide_writel (void *opaque,
3451 target_phys_addr_t addr, uint32_t val)
3453 addr = (addr & 0xFFF) >> 4;
3454 #ifdef TARGET_WORDS_BIGENDIAN
3458 ide_data_writel(opaque, 0, val);
3462 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3466 addr = (addr & 0xFFF) >> 4;
3468 retval = ide_data_readl(opaque, 0);
3470 retval = 0xFFFFFFFF;
3472 #ifdef TARGET_WORDS_BIGENDIAN
3473 retval = bswap32(retval);
3478 static CPUWriteMemoryFunc *pmac_ide_write[] = {
3484 static CPUReadMemoryFunc *pmac_ide_read[] = {
3490 static void pmac_ide_save(QEMUFile *f, void *opaque)
3492 IDEState *s = (IDEState *)opaque;
3493 uint8_t drive1_selected;
3496 /* per IDE interface data */
3497 qemu_put_8s(f, &s->cmd);
3498 drive1_selected = (s->cur_drive != s);
3499 qemu_put_8s(f, &drive1_selected);
3501 /* per IDE drive data */
3502 for(i = 0; i < 2; i++) {
3507 static int pmac_ide_load(QEMUFile *f, void *opaque, int version_id)
3509 IDEState *s = (IDEState *)opaque;
3510 uint8_t drive1_selected;
3513 if (version_id != 1)
3516 /* per IDE interface data */
3517 qemu_get_8s(f, &s->cmd);
3518 qemu_get_8s(f, &drive1_selected);
3519 s->cur_drive = &s[(drive1_selected != 0)];
3521 /* per IDE drive data */
3522 for(i = 0; i < 2; i++) {
3528 static void pmac_ide_reset(void *opaque)
3530 IDEState *s = (IDEState *)opaque;
3536 /* hd_table must contain 4 block drivers */
3537 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3538 I/O index to access the ide. */
3539 int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
3542 int pmac_ide_memory;
3544 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
3545 ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3547 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3548 pmac_ide_write, &ide_if[0]);
3549 register_savevm("ide", 0, 1, pmac_ide_save, pmac_ide_load, &ide_if[0]);
3550 qemu_register_reset(pmac_ide_reset, &ide_if[0]);
3551 pmac_ide_reset(&ide_if[0]);
3552 return pmac_ide_memory;
3555 /***********************************************************/
3556 /* MMIO based ide port
3557 * This emulates IDE device connected directly to the CPU bus without
3558 * dedicated ide controller, which is often seen on embedded boards.
3566 static uint32_t mmio_ide_read (void *opaque, target_phys_addr_t addr)
3568 MMIOState *s = (MMIOState*)opaque;
3569 IDEState *ide = (IDEState*)s->dev;
3572 return ide_ioport_read(ide, addr);
3574 return ide_data_readw(ide, 0);
3577 static void mmio_ide_write (void *opaque, target_phys_addr_t addr,
3580 MMIOState *s = (MMIOState*)opaque;
3581 IDEState *ide = (IDEState*)s->dev;
3584 ide_ioport_write(ide, addr, val);
3586 ide_data_writew(ide, 0, val);
3589 static CPUReadMemoryFunc *mmio_ide_reads[] = {
3595 static CPUWriteMemoryFunc *mmio_ide_writes[] = {
3601 static uint32_t mmio_ide_status_read (void *opaque, target_phys_addr_t addr)
3603 MMIOState *s= (MMIOState*)opaque;
3604 IDEState *ide = (IDEState*)s->dev;
3605 return ide_status_read(ide, 0);
3608 static void mmio_ide_cmd_write (void *opaque, target_phys_addr_t addr,
3611 MMIOState *s = (MMIOState*)opaque;
3612 IDEState *ide = (IDEState*)s->dev;
3613 ide_cmd_write(ide, 0, val);
3616 static CPUReadMemoryFunc *mmio_ide_status[] = {
3617 mmio_ide_status_read,
3618 mmio_ide_status_read,
3619 mmio_ide_status_read,
3622 static CPUWriteMemoryFunc *mmio_ide_cmd[] = {
3628 void mmio_ide_init (target_phys_addr_t membase, target_phys_addr_t membase2,
3629 qemu_irq irq, int shift,
3630 BlockDriverState *hd0, BlockDriverState *hd1)
3632 MMIOState *s = qemu_mallocz(sizeof(MMIOState));
3633 IDEState *ide = qemu_mallocz(sizeof(IDEState) * 2);
3636 ide_init2(ide, hd0, hd1, irq);
3641 mem1 = cpu_register_io_memory(0, mmio_ide_reads, mmio_ide_writes, s);
3642 mem2 = cpu_register_io_memory(0, mmio_ide_status, mmio_ide_cmd, s);
3643 cpu_register_physical_memory(membase, 16 << shift, mem1);
3644 cpu_register_physical_memory(membase2, 2 << shift, mem2);
3647 /***********************************************************/
3648 /* CF-ATA Microdrive */
3650 #define METADATA_SIZE 0x20
3652 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3655 struct pcmcia_card_s card;
3669 /* Register bitfields */
3672 OPT_MODE_IOMAP16 = 1,
3673 OPT_MODE_IOMAP1 = 2,
3674 OPT_MODE_IOMAP2 = 3,
3685 STAT_CHANGED = 0x80,
3696 static inline void md_interrupt_update(struct md_s *s)
3701 qemu_set_irq(s->card.slot->irq,
3702 !(s->stat & STAT_INT) && /* Inverted */
3703 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3704 !(s->opt & OPT_SRESET));
3707 static void md_set_irq(void *opaque, int irq, int level)
3709 struct md_s *s = (struct md_s *) opaque;
3711 s->stat |= STAT_INT;
3713 s->stat &= ~STAT_INT;
3715 md_interrupt_update(s);
3718 static void md_reset(struct md_s *s)
3720 s->opt = OPT_MODE_MMAP;
3728 static uint8_t md_attr_read(void *opaque, uint32_t at)
3730 struct md_s *s = (struct md_s *) opaque;
3731 if (at < s->attr_base) {
3732 if (at < s->card.cis_len)
3733 return s->card.cis[at];
3741 case 0x00: /* Configuration Option Register */
3743 case 0x02: /* Card Configuration Status Register */
3744 if (s->ctrl & CTRL_IEN)
3745 return s->stat & ~STAT_INT;
3748 case 0x04: /* Pin Replacement Register */
3749 return (s->pins & PINS_CRDY) | 0x0c;
3750 case 0x06: /* Socket and Copy Register */
3754 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3761 static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
3763 struct md_s *s = (struct md_s *) opaque;
3767 case 0x00: /* Configuration Option Register */
3768 s->opt = value & 0xcf;
3769 if (value & OPT_SRESET)
3771 md_interrupt_update(s);
3773 case 0x02: /* Card Configuration Status Register */
3774 if ((s->stat ^ value) & STAT_PWRDWN)
3775 s->pins |= PINS_CRDY;
3777 s->stat |= value & 0x74;
3778 md_interrupt_update(s);
3779 /* Word 170 in Identify Device must be equal to STAT_XE */
3781 case 0x04: /* Pin Replacement Register */
3782 s->pins &= PINS_CRDY;
3783 s->pins |= value & PINS_MRDY;
3785 case 0x06: /* Socket and Copy Register */
3788 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3792 static uint16_t md_common_read(void *opaque, uint32_t at)
3794 struct md_s *s = (struct md_s *) opaque;
3798 switch (s->opt & OPT_MODE) {
3800 if ((at & ~0x3ff) == 0x400)
3803 case OPT_MODE_IOMAP16:
3806 case OPT_MODE_IOMAP1:
3807 if ((at & ~0xf) == 0x3f0)
3809 else if ((at & ~0xf) == 0x1f0)
3812 case OPT_MODE_IOMAP2:
3813 if ((at & ~0xf) == 0x370)
3815 else if ((at & ~0xf) == 0x170)
3820 case 0x0: /* Even RD Data */
3822 return ide_data_readw(s->ide, 0);
3824 /* TODO: 8-bit accesses */
3828 s->io = ide_data_readw(s->ide, 0);
3831 s->cycle = !s->cycle;
3833 case 0x9: /* Odd RD Data */
3835 case 0xd: /* Error */
3836 return ide_ioport_read(s->ide, 0x1);
3837 case 0xe: /* Alternate Status */
3838 if (s->ide->cur_drive->bs)
3839 return s->ide->cur_drive->status;
3842 case 0xf: /* Device Address */
3843 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
3845 return ide_ioport_read(s->ide, at);
3851 static void md_common_write(void *opaque, uint32_t at, uint16_t value)
3853 struct md_s *s = (struct md_s *) opaque;
3856 switch (s->opt & OPT_MODE) {
3858 if ((at & ~0x3ff) == 0x400)
3861 case OPT_MODE_IOMAP16:
3864 case OPT_MODE_IOMAP1:
3865 if ((at & ~0xf) == 0x3f0)
3867 else if ((at & ~0xf) == 0x1f0)
3870 case OPT_MODE_IOMAP2:
3871 if ((at & ~0xf) == 0x370)
3873 else if ((at & ~0xf) == 0x170)
3878 case 0x0: /* Even WR Data */
3880 ide_data_writew(s->ide, 0, value);
3883 /* TODO: 8-bit accesses */
3885 ide_data_writew(s->ide, 0, s->io | (value << 8));
3887 s->io = value & 0xff;
3888 s->cycle = !s->cycle;
3891 s->io = value & 0xff;
3892 s->cycle = !s->cycle;
3894 case 0xd: /* Features */
3895 ide_ioport_write(s->ide, 0x1, value);
3897 case 0xe: /* Device Control */
3899 if (value & CTRL_SRST)
3901 md_interrupt_update(s);
3904 if (s->stat & STAT_PWRDWN) {
3905 s->pins |= PINS_CRDY;
3906 s->stat &= ~STAT_PWRDWN;
3908 ide_ioport_write(s->ide, at, value);
3912 static void md_save(QEMUFile *f, void *opaque)
3914 struct md_s *s = (struct md_s *) opaque;
3916 uint8_t drive1_selected;
3918 qemu_put_8s(f, &s->opt);
3919 qemu_put_8s(f, &s->stat);
3920 qemu_put_8s(f, &s->pins);
3922 qemu_put_8s(f, &s->ctrl);
3923 qemu_put_be16s(f, &s->io);
3924 qemu_put_byte(f, s->cycle);
3926 drive1_selected = (s->ide->cur_drive != s->ide);
3927 qemu_put_8s(f, &s->ide->cmd);
3928 qemu_put_8s(f, &drive1_selected);
3930 for (i = 0; i < 2; i ++)
3931 ide_save(f, &s->ide[i]);
3934 static int md_load(QEMUFile *f, void *opaque, int version_id)
3936 struct md_s *s = (struct md_s *) opaque;
3938 uint8_t drive1_selected;
3940 qemu_get_8s(f, &s->opt);
3941 qemu_get_8s(f, &s->stat);
3942 qemu_get_8s(f, &s->pins);
3944 qemu_get_8s(f, &s->ctrl);
3945 qemu_get_be16s(f, &s->io);
3946 s->cycle = qemu_get_byte(f);
3948 qemu_get_8s(f, &s->ide->cmd);
3949 qemu_get_8s(f, &drive1_selected);
3950 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3952 for (i = 0; i < 2; i ++)
3953 ide_load(f, &s->ide[i]);
3958 static const uint8_t dscm1xxxx_cis[0x14a] = {
3959 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3960 [0x002] = 0x03, /* Tuple length = 4 bytes */
3961 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3962 [0x006] = 0x01, /* Size = 2K bytes */
3963 [0x008] = CISTPL_ENDMARK,
3965 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3966 [0x00c] = 0x04, /* Tuple length = 4 byest */
3967 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3968 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3969 [0x012] = 0x01, /* Size = 2K bytes */
3970 [0x014] = CISTPL_ENDMARK,
3972 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3973 [0x018] = 0x02, /* Tuple length = 2 bytes */
3974 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3977 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3978 [0x020] = 0x04, /* Tuple length = 4 bytes */
3979 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3981 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3984 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3985 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3986 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3987 [0x030] = 0x01, /* Minor Version = 1 */
4003 [0x050] = CISTPL_ENDMARK,
4005 [0x052] = CISTPL_FUNCID, /* Function ID */
4006 [0x054] = 0x02, /* Tuple length = 2 bytes */
4007 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
4008 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
4010 [0x05a] = CISTPL_FUNCE, /* Function Extension */
4011 [0x05c] = 0x02, /* Tuple length = 2 bytes */
4012 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
4013 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
4015 [0x062] = CISTPL_FUNCE, /* Function Extension */
4016 [0x064] = 0x03, /* Tuple length = 3 bytes */
4017 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
4018 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
4019 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
4021 [0x06c] = CISTPL_CONFIG, /* Configuration */
4022 [0x06e] = 0x05, /* Tuple length = 5 bytes */
4023 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
4024 [0x072] = 0x07, /* TPCC_LAST = 7 */
4025 [0x074] = 0x00, /* TPCC_RADR = 0200 */
4027 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
4029 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4030 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
4031 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
4032 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
4033 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
4034 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4035 [0x086] = 0x55, /* NomV: 5.0 V */
4036 [0x088] = 0x4d, /* MinV: 4.5 V */
4037 [0x08a] = 0x5d, /* MaxV: 5.5 V */
4038 [0x08c] = 0x4e, /* Peakl: 450 mA */
4039 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
4040 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
4041 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
4043 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4044 [0x096] = 0x06, /* Tuple length = 6 bytes */
4045 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
4046 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4047 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4048 [0x09e] = 0xb5, /* NomV: 3.3 V */
4050 [0x0a2] = 0x3e, /* Peakl: 350 mA */
4052 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4053 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
4054 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
4055 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4056 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4057 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4058 [0x0b0] = 0x55, /* NomV: 5.0 V */
4059 [0x0b2] = 0x4d, /* MinV: 4.5 V */
4060 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
4061 [0x0b6] = 0x4e, /* Peakl: 450 mA */
4062 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
4063 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
4064 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
4065 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
4066 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
4068 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4069 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
4070 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
4071 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4072 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4073 [0x0cc] = 0xb5, /* NomV: 3.3 V */
4075 [0x0d0] = 0x3e, /* Peakl: 350 mA */
4077 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4078 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
4079 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
4080 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4081 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4082 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4083 [0x0de] = 0x55, /* NomV: 5.0 V */
4084 [0x0e0] = 0x4d, /* MinV: 4.5 V */
4085 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
4086 [0x0e4] = 0x4e, /* Peakl: 450 mA */
4087 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
4088 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
4089 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
4091 [0x0ee] = 0x07, /* Address block length = 8 */
4092 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
4094 [0x0f4] = 0x01, /* Address block length = 2 */
4095 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
4096 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
4098 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4099 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
4100 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
4101 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4102 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4103 [0x104] = 0xb5, /* NomV: 3.3 V */
4105 [0x108] = 0x3e, /* Peakl: 350 mA */
4107 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4108 [0x10c] = 0x12, /* Tuple length = 18 bytes */
4109 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
4110 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4111 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4112 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4113 [0x116] = 0x55, /* NomV: 5.0 V */
4114 [0x118] = 0x4d, /* MinV: 4.5 V */
4115 [0x11a] = 0x5d, /* MaxV: 5.5 V */
4116 [0x11c] = 0x4e, /* Peakl: 450 mA */
4117 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
4118 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
4119 [0x122] = 0x70, /* Field 1 address = 0x0170 */
4121 [0x126] = 0x07, /* Address block length = 8 */
4122 [0x128] = 0x76, /* Field 2 address = 0x0376 */
4124 [0x12c] = 0x01, /* Address block length = 2 */
4125 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
4126 [0x130] = 0x20, /* TPCE_MI = support power down mode */
4128 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4129 [0x134] = 0x06, /* Tuple length = 6 bytes */
4130 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
4131 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4132 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4133 [0x13c] = 0xb5, /* NomV: 3.3 V */
4135 [0x140] = 0x3e, /* Peakl: 350 mA */
4137 [0x142] = CISTPL_NO_LINK, /* No Link */
4138 [0x144] = 0x00, /* Tuple length = 0 bytes */
4140 [0x146] = CISTPL_END, /* Tuple End */
4143 static int dscm1xxxx_attach(void *opaque)
4145 struct md_s *md = (struct md_s *) opaque;
4146 md->card.attr_read = md_attr_read;
4147 md->card.attr_write = md_attr_write;
4148 md->card.common_read = md_common_read;
4149 md->card.common_write = md_common_write;
4150 md->card.io_read = md_common_read;
4151 md->card.io_write = md_common_write;
4153 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
4157 md_interrupt_update(md);
4159 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
4163 static int dscm1xxxx_detach(void *opaque)
4165 struct md_s *md = (struct md_s *) opaque;
4170 struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
4172 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
4173 md->card.state = md;
4174 md->card.attach = dscm1xxxx_attach;
4175 md->card.detach = dscm1xxxx_detach;
4176 md->card.cis = dscm1xxxx_cis;
4177 md->card.cis_len = sizeof(dscm1xxxx_cis);
4179 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
4181 md->ide->mdata_size = METADATA_SIZE;
4182 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
4184 register_savevm("microdrive", -1, 0, md_save, md_load, md);
projects / qemu / blob