2 * QEMU IDE disk and CD-ROM Emulator
4 * Copyright (c) 2003 Fabrice Bellard
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
41 #include <netinet/in.h>
43 #define NO_THUNK_TYPE_SIZE
51 /* debug IDE devices */
53 //#define DEBUG_IDE_ATAPI
55 /* Bits of HD_STATUS */
57 #define INDEX_STAT 0x02
58 #define ECC_STAT 0x04 /* Corrected error */
60 #define SEEK_STAT 0x10
62 #define WRERR_STAT 0x20
63 #define READY_STAT 0x40
64 #define BUSY_STAT 0x80
66 /* Bits for HD_ERROR */
67 #define MARK_ERR 0x01 /* Bad address mark */
68 #define TRK0_ERR 0x02 /* couldn't find track 0 */
69 #define ABRT_ERR 0x04 /* Command aborted */
70 #define MCR_ERR 0x08 /* media change request */
71 #define ID_ERR 0x10 /* ID field not found */
72 #define MC_ERR 0x20 /* media changed */
73 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
74 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
75 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
77 /* Bits of HD_NSECTOR */
83 #define IDE_CMD_RESET 0x04
84 #define IDE_CMD_DISABLE_IRQ 0x02
86 /* ATA/ATAPI Commands pre T13 Spec */
91 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
95 #define WIN_SRST 0x08 /* ATAPI soft reset command */
96 #define WIN_DEVICE_RESET 0x08
100 #define WIN_RECAL 0x10
101 #define WIN_RESTORE WIN_RECAL
103 * 0x10->0x1F Reserved
105 #define WIN_READ 0x20 /* 28-Bit */
106 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
107 #define WIN_READ_LONG 0x22 /* 28-Bit */
108 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
109 #define WIN_READ_EXT 0x24 /* 48-Bit */
110 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
111 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
112 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
116 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
118 * 0x2A->0x2F Reserved
120 #define WIN_WRITE 0x30 /* 28-Bit */
121 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
122 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
123 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
124 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
125 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
126 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
127 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
128 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
129 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
131 * 0x3A->0x3B Reserved
133 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
135 * 0x3D->0x3F Reserved
137 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
138 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
139 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
141 * 0x43->0x4F Reserved
143 #define WIN_FORMAT 0x50
145 * 0x51->0x5F Reserved
147 #define WIN_INIT 0x60
149 * 0x61->0x5F Reserved
151 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
152 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
153 #define WIN_DIAGNOSE 0x90
154 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
155 #define WIN_DOWNLOAD_MICROCODE 0x92
156 #define WIN_STANDBYNOW2 0x94
157 #define WIN_STANDBY2 0x96
158 #define WIN_SETIDLE2 0x97
159 #define WIN_CHECKPOWERMODE2 0x98
160 #define WIN_SLEEPNOW2 0x99
164 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
165 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
166 #define WIN_QUEUED_SERVICE 0xA2
167 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
168 #define CFA_ERASE_SECTORS 0xC0
169 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
170 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
171 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
172 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
173 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
174 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
175 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
176 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
177 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
178 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
179 #define WIN_GETMEDIASTATUS 0xDA
180 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
181 #define WIN_POSTBOOT 0xDC
182 #define WIN_PREBOOT 0xDD
183 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
184 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
185 #define WIN_STANDBYNOW1 0xE0
186 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
187 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
188 #define WIN_SETIDLE1 0xE3
189 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
190 #define WIN_CHECKPOWERMODE1 0xE5
191 #define WIN_SLEEPNOW1 0xE6
192 #define WIN_FLUSH_CACHE 0xE7
193 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
194 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
195 /* SET_FEATURES 0x22 or 0xDD */
196 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
197 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
198 #define WIN_MEDIAEJECT 0xED
199 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
200 #define WIN_SETFEATURES 0xEF /* set special drive features */
201 #define EXABYTE_ENABLE_NEST 0xF0
202 #define WIN_SECURITY_SET_PASS 0xF1
203 #define WIN_SECURITY_UNLOCK 0xF2
204 #define WIN_SECURITY_ERASE_PREPARE 0xF3
205 #define WIN_SECURITY_ERASE_UNIT 0xF4
206 #define WIN_SECURITY_FREEZE_LOCK 0xF5
207 #define WIN_SECURITY_DISABLE 0xF6
208 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
209 #define WIN_SET_MAX 0xF9
210 #define DISABLE_SEAGATE 0xFB
212 /* set to 1 set disable mult support */
213 #define MAX_MULT_SECTORS 8
217 #define ATAPI_PACKET_SIZE 12
219 /* The generic packet command opcodes for CD/DVD Logical Units,
220 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
221 #define GPCMD_BLANK 0xa1
222 #define GPCMD_CLOSE_TRACK 0x5b
223 #define GPCMD_FLUSH_CACHE 0x35
224 #define GPCMD_FORMAT_UNIT 0x04
225 #define GPCMD_GET_CONFIGURATION 0x46
226 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
227 #define GPCMD_GET_PERFORMANCE 0xac
228 #define GPCMD_INQUIRY 0x12
229 #define GPCMD_LOAD_UNLOAD 0xa6
230 #define GPCMD_MECHANISM_STATUS 0xbd
231 #define GPCMD_MODE_SELECT_10 0x55
232 #define GPCMD_MODE_SENSE_10 0x5a
233 #define GPCMD_PAUSE_RESUME 0x4b
234 #define GPCMD_PLAY_AUDIO_10 0x45
235 #define GPCMD_PLAY_AUDIO_MSF 0x47
236 #define GPCMD_PLAY_AUDIO_TI 0x48
237 #define GPCMD_PLAY_CD 0xbc
238 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
239 #define GPCMD_READ_10 0x28
240 #define GPCMD_READ_12 0xa8
241 #define GPCMD_READ_CDVD_CAPACITY 0x25
242 #define GPCMD_READ_CD 0xbe
243 #define GPCMD_READ_CD_MSF 0xb9
244 #define GPCMD_READ_DISC_INFO 0x51
245 #define GPCMD_READ_DVD_STRUCTURE 0xad
246 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
247 #define GPCMD_READ_HEADER 0x44
248 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
249 #define GPCMD_READ_SUBCHANNEL 0x42
250 #define GPCMD_READ_TOC_PMA_ATIP 0x43
251 #define GPCMD_REPAIR_RZONE_TRACK 0x58
252 #define GPCMD_REPORT_KEY 0xa4
253 #define GPCMD_REQUEST_SENSE 0x03
254 #define GPCMD_RESERVE_RZONE_TRACK 0x53
255 #define GPCMD_SCAN 0xba
256 #define GPCMD_SEEK 0x2b
257 #define GPCMD_SEND_DVD_STRUCTURE 0xad
258 #define GPCMD_SEND_EVENT 0xa2
259 #define GPCMD_SEND_KEY 0xa3
260 #define GPCMD_SEND_OPC 0x54
261 #define GPCMD_SET_READ_AHEAD 0xa7
262 #define GPCMD_SET_STREAMING 0xb6
263 #define GPCMD_START_STOP_UNIT 0x1b
264 #define GPCMD_STOP_PLAY_SCAN 0x4e
265 #define GPCMD_TEST_UNIT_READY 0x00
266 #define GPCMD_VERIFY_10 0x2f
267 #define GPCMD_WRITE_10 0x2a
268 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
269 /* This is listed as optional in ATAPI 2.6, but is (curiously)
270 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
271 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
272 * drives support it. */
273 #define GPCMD_SET_SPEED 0xbb
274 /* This seems to be a SCSI specific CD-ROM opcode
275 * to play data at track/index */
276 #define GPCMD_PLAYAUDIO_TI 0x48
278 * From MS Media Status Notification Support Specification. For
281 #define GPCMD_GET_MEDIA_STATUS 0xda
283 /* Mode page codes for mode sense/set */
284 #define GPMODE_R_W_ERROR_PAGE 0x01
285 #define GPMODE_WRITE_PARMS_PAGE 0x05
286 #define GPMODE_AUDIO_CTL_PAGE 0x0e
287 #define GPMODE_POWER_PAGE 0x1a
288 #define GPMODE_FAULT_FAIL_PAGE 0x1c
289 #define GPMODE_TO_PROTECT_PAGE 0x1d
290 #define GPMODE_CAPABILITIES_PAGE 0x2a
291 #define GPMODE_ALL_PAGES 0x3f
292 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
293 * of MODE_SENSE_POWER_PAGE */
294 #define GPMODE_CDROM_PAGE 0x0d
296 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
297 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
298 #define ATAPI_INT_REASON_REL 0x04
299 #define ATAPI_INT_REASON_TAG 0xf8
301 /* same constants as bochs */
302 #define ASC_LOGICAL_BLOCK_OOR 0x21
303 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
304 #define ASC_MEDIUM_NOT_PRESENT 0x3a
305 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
308 #define SENSE_NOT_READY 2
309 #define SENSE_ILLEGAL_REQUEST 5
310 #define SENSE_UNIT_ATTENTION 6
314 typedef void EndTransferFunc(struct IDEState *);
316 typedef struct IDEState {
320 int cylinders, heads, sectors;
327 uint16_t nsector; /* 0 is 256 to ease computations */
333 /* 0x3f6 command, only meaningful for drive 0 */
335 /* depends on bit 4 in select, only meaningful for drive 0 */
336 struct IDEState *cur_drive;
337 BlockDriverState *bs;
341 int packet_transfer_size;
342 int elementary_transfer_size;
345 /* transfer handling */
346 int req_nb_sectors; /* number of sectors per interrupt */
347 EndTransferFunc *end_transfer_func;
350 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
353 IDEState ide_state[MAX_DISKS];
354 IDEState *ide_table[0x400 >> 3];
356 static inline IDEState *get_ide_interface(uint32_t addr)
358 return ide_table[addr >> 3];
361 static void padstr(char *str, const char *src, int len)
364 for(i = 0; i < len; i++) {
369 *(char *)((long)str ^ 1) = v;
374 static void padstr8(uint8_t *buf, int buf_size, const char *src)
377 for(i = 0; i < buf_size; i++) {
385 static void ide_identify(IDEState *s)
388 unsigned int oldsize;
390 memset(s->io_buffer, 0, 512);
391 p = (uint16_t *)s->io_buffer;
392 stw_raw(p + 0, 0x0040);
393 stw_raw(p + 1, s->cylinders);
394 stw_raw(p + 3, s->heads);
395 stw_raw(p + 4, 512 * s->sectors); /* sectors */
396 stw_raw(p + 5, 512); /* sector size */
397 stw_raw(p + 6, s->sectors);
398 padstr((uint8_t *)(p + 10), "QM00001", 20); /* serial number */
399 stw_raw(p + 20, 3); /* buffer type */
400 stw_raw(p + 21, 512); /* cache size in sectors */
401 stw_raw(p + 22, 4); /* ecc bytes */
402 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
403 padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
404 #if MAX_MULT_SECTORS > 1
405 stw_raw(p + 47, MAX_MULT_SECTORS);
407 stw_raw(p + 48, 1); /* dword I/O */
408 stw_raw(p + 49, 1 << 9); /* LBA supported, no DMA */
409 stw_raw(p + 51, 0x200); /* PIO transfer cycle */
410 stw_raw(p + 52, 0x200); /* DMA transfer cycle */
411 stw_raw(p + 54, s->cylinders);
412 stw_raw(p + 55, s->heads);
413 stw_raw(p + 56, s->sectors);
414 oldsize = s->cylinders * s->heads * s->sectors;
415 stw_raw(p + 57, oldsize);
416 stw_raw(p + 58, oldsize >> 16);
418 stw_raw(p + 59, 0x100 | s->mult_sectors);
419 stw_raw(p + 60, s->nb_sectors);
420 stw_raw(p + 61, s->nb_sectors >> 16);
421 stw_raw(p + 80, (1 << 1) | (1 << 2));
422 stw_raw(p + 82, (1 << 14));
423 stw_raw(p + 83, (1 << 14));
424 stw_raw(p + 84, (1 << 14));
425 stw_raw(p + 85, (1 << 14));
427 stw_raw(p + 87, (1 << 14));
430 static void ide_atapi_identify(IDEState *s)
434 memset(s->io_buffer, 0, 512);
435 p = (uint16_t *)s->io_buffer;
436 /* Removable CDROM, 50us response, 12 byte packets */
437 stw_raw(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
438 stw_raw(p + 1, s->cylinders);
439 stw_raw(p + 3, s->heads);
440 stw_raw(p + 4, 512 * s->sectors); /* sectors */
441 stw_raw(p + 5, 512); /* sector size */
442 stw_raw(p + 6, s->sectors);
443 padstr((uint8_t *)(p + 10), "QM00001", 20); /* serial number */
444 stw_raw(p + 20, 3); /* buffer type */
445 stw_raw(p + 21, 512); /* cache size in sectors */
446 stw_raw(p + 22, 4); /* ecc bytes */
447 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
448 padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
449 stw_raw(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
450 stw_raw(p + 49, 1 << 9); /* LBA supported, no DMA */
451 stw_raw(p + 53, 3); /* words 64-70, 54-58 valid */
452 stw_raw(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
453 stw_raw(p + 64, 1); /* PIO modes */
454 stw_raw(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
455 stw_raw(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
456 stw_raw(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
457 stw_raw(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
459 stw_raw(p + 71, 30); /* in ns */
460 stw_raw(p + 72, 30); /* in ns */
462 stw_raw(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
465 static void ide_set_signature(IDEState *s)
467 s->select &= 0xf0; /* clear head */
483 static inline void ide_abort_command(IDEState *s)
485 s->status = READY_STAT | ERR_STAT;
489 static inline void ide_set_irq(IDEState *s)
491 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
492 pic_set_irq(s->irq, 1);
496 /* prepare data transfer and tell what to do after */
497 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
498 EndTransferFunc *end_transfer_func)
500 s->end_transfer_func = end_transfer_func;
502 s->data_end = buf + size;
503 s->status |= DRQ_STAT;
506 static void ide_transfer_stop(IDEState *s)
508 s->end_transfer_func = ide_transfer_stop;
509 s->data_ptr = s->io_buffer;
510 s->data_end = s->io_buffer;
511 s->status &= ~DRQ_STAT;
514 static int64_t ide_get_sector(IDEState *s)
517 if (s->select & 0x40) {
519 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
520 (s->lcyl << 8) | s->sector;
522 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
523 (s->select & 0x0f) * s->sectors +
529 static void ide_set_sector(IDEState *s, int64_t sector_num)
532 if (s->select & 0x40) {
533 s->select = (s->select & 0xf0) | (sector_num >> 24);
534 s->hcyl = (sector_num >> 16);
535 s->lcyl = (sector_num >> 8);
536 s->sector = (sector_num);
538 cyl = sector_num / (s->heads * s->sectors);
539 r = sector_num % (s->heads * s->sectors);
542 s->select = (s->select & 0xf0) | (r / s->sectors);
543 s->sector = (r % s->sectors) + 1;
547 static void ide_sector_read(IDEState *s)
552 s->status = READY_STAT | SEEK_STAT;
553 sector_num = ide_get_sector(s);
556 /* no more sector to read from disk */
557 ide_transfer_stop(s);
559 #if defined(DEBUG_IDE)
560 printf("read sector=%Ld\n", sector_num);
562 if (n > s->req_nb_sectors)
563 n = s->req_nb_sectors;
564 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
565 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
567 ide_set_sector(s, sector_num + n);
572 static void ide_sector_write(IDEState *s)
577 s->status = READY_STAT | SEEK_STAT;
578 sector_num = ide_get_sector(s);
579 #if defined(DEBUG_IDE)
580 printf("write sector=%Ld\n", sector_num);
583 if (n > s->req_nb_sectors)
584 n = s->req_nb_sectors;
585 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
587 if (s->nsector == 0) {
588 /* no more sector to write */
589 ide_transfer_stop(s);
592 if (n1 > s->req_nb_sectors)
593 n1 = s->req_nb_sectors;
594 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
596 ide_set_sector(s, sector_num + n);
600 static void ide_atapi_cmd_ok(IDEState *s)
603 s->status = READY_STAT;
604 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
608 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
610 #ifdef DEBUG_IDE_ATAPI
611 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
613 s->error = sense_key << 4;
614 s->status = READY_STAT | ERR_STAT;
615 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
616 s->sense_key = sense_key;
621 static inline void cpu_to_ube16(uint8_t *buf, int val)
627 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
635 static inline int ube16_to_cpu(const uint8_t *buf)
637 return (buf[0] << 8) | buf[1];
640 static inline int ube32_to_cpu(const uint8_t *buf)
642 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
645 /* The whole ATAPI transfer logic is handled in this function */
646 static void ide_atapi_cmd_reply_end(IDEState *s)
648 int byte_count_limit, size;
649 #ifdef DEBUG_IDE_ATAPI
650 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
651 s->packet_transfer_size,
652 s->elementary_transfer_size,
655 if (s->packet_transfer_size <= 0) {
656 /* end of transfer */
657 ide_transfer_stop(s);
658 s->status = READY_STAT;
659 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
661 #ifdef DEBUG_IDE_ATAPI
662 printf("status=0x%x\n", s->status);
665 /* see if a new sector must be read */
666 if (s->lba != -1 && s->io_buffer_index >= 2048) {
667 bdrv_read(s->bs, (int64_t)s->lba << 2, s->io_buffer, 4);
669 s->io_buffer_index = 0;
671 if (s->elementary_transfer_size > 0) {
672 /* there are some data left to transmit in this elementary
674 size = 2048 - s->io_buffer_index;
675 if (size > s->elementary_transfer_size)
676 size = s->elementary_transfer_size;
677 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
678 size, ide_atapi_cmd_reply_end);
679 s->packet_transfer_size -= size;
680 s->elementary_transfer_size -= size;
681 s->io_buffer_index += size;
683 /* a new transfer is needed */
684 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
685 byte_count_limit = s->lcyl | (s->hcyl << 8);
686 #ifdef DEBUG_IDE_ATAPI
687 printf("byte_count_limit=%d\n", byte_count_limit);
689 if (byte_count_limit == 0xffff)
691 size = s->packet_transfer_size;
692 if (size > byte_count_limit) {
693 /* byte count limit must be even if this case */
694 if (byte_count_limit & 1)
696 size = byte_count_limit;
701 s->elementary_transfer_size = size;
702 /* we cannot transmit more than one sector at a time */
704 if (size > (2048 - s->io_buffer_index))
705 size = (2048 - s->io_buffer_index);
707 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
708 size, ide_atapi_cmd_reply_end);
709 s->packet_transfer_size -= size;
710 s->elementary_transfer_size -= size;
711 s->io_buffer_index += size;
713 #ifdef DEBUG_IDE_ATAPI
714 printf("status=0x%x\n", s->status);
720 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
721 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
725 s->lba = -1; /* no sector read */
726 s->packet_transfer_size = size;
727 s->elementary_transfer_size = 0;
728 s->io_buffer_index = 0;
730 s->status = READY_STAT;
731 ide_atapi_cmd_reply_end(s);
734 /* start a CD-CDROM read command */
735 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors)
737 #ifdef DEBUG_IDE_ATAPI
738 printf("read: LBA=%d nb_sectors=%d\n", lba, nb_sectors);
741 s->packet_transfer_size = nb_sectors * 2048;
742 s->elementary_transfer_size = 0;
743 s->io_buffer_index = 2048;
745 s->status = READY_STAT;
746 ide_atapi_cmd_reply_end(s);
749 /* same toc as bochs. Return -1 if error or the toc length */
750 static int cdrom_read_toc(IDEState *s, uint8_t *buf, int msf, int start_track)
755 if (start_track > 1 && start_track != 0xaa)
760 if (start_track <= 1) {
761 *q++ = 0; /* reserved */
762 *q++ = 0x14; /* ADR, control */
763 *q++ = 1; /* track number */
764 *q++ = 0; /* reserved */
766 *q++ = 0; /* reserved */
767 *q++ = 0; /* minute */
768 *q++ = 2; /* second */
769 *q++ = 0; /* frame */
777 *q++ = 0; /* reserved */
778 *q++ = 0x16; /* ADR, control */
779 *q++ = 0xaa; /* track number */
780 *q++ = 0; /* reserved */
781 nb_sectors = s->nb_sectors >> 2;
783 *q++ = 0; /* reserved */
784 *q++ = ((nb_sectors + 150) / 75) / 60;
785 *q++ = ((nb_sectors + 150) / 75) % 60;
786 *q++ = (nb_sectors + 150) % 75;
788 cpu_to_ube32(q, nb_sectors);
792 cpu_to_ube16(buf, len - 2);
796 static void ide_atapi_cmd(IDEState *s)
798 const uint8_t *packet;
802 packet = s->io_buffer;
804 #ifdef DEBUG_IDE_ATAPI
807 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
808 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
809 printf(" %02x", packet[i]);
814 switch(s->io_buffer[0]) {
815 case GPCMD_TEST_UNIT_READY:
819 ide_atapi_cmd_error(s, SENSE_NOT_READY,
820 ASC_MEDIUM_NOT_PRESENT);
823 case GPCMD_MODE_SENSE_10:
826 max_len = ube16_to_cpu(packet + 7);
827 action = packet[2] >> 6;
828 code = packet[2] & 0x3f;
830 case 0: /* current values */
832 case 0x01: /* error recovery */
833 cpu_to_ube16(&buf[0], 16 + 6);
849 ide_atapi_cmd_reply(s, 16, max_len);
852 cpu_to_ube16(&buf[0], 28 + 6);
867 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
871 cpu_to_ube16(&buf[16], 706);
874 cpu_to_ube16(&buf[20], 512);
875 cpu_to_ube16(&buf[22], 706);
880 ide_atapi_cmd_reply(s, 28, max_len);
886 case 1: /* changeable values */
888 case 2: /* default values */
891 case 3: /* saved values */
892 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
893 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
898 case GPCMD_REQUEST_SENSE:
901 buf[0] = 0x70 | (1 << 7);
902 buf[2] = s->sense_key;
905 ide_atapi_cmd_reply(s, 18, max_len);
907 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
909 s->cdrom_locked = packet[4] & 1;
912 ide_atapi_cmd_error(s, SENSE_NOT_READY,
913 ASC_MEDIUM_NOT_PRESENT);
922 ide_atapi_cmd_error(s, SENSE_NOT_READY,
923 ASC_MEDIUM_NOT_PRESENT);
926 if (packet[0] == GPCMD_READ_10)
927 nb_sectors = ube16_to_cpu(packet + 7);
929 nb_sectors = ube32_to_cpu(packet + 6);
930 lba = ube32_to_cpu(packet + 2);
931 if (nb_sectors == 0) {
935 if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
936 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
937 ASC_LOGICAL_BLOCK_OOR);
940 ide_atapi_cmd_read(s, lba, nb_sectors);
947 ide_atapi_cmd_error(s, SENSE_NOT_READY,
948 ASC_MEDIUM_NOT_PRESENT);
951 lba = ube32_to_cpu(packet + 2);
952 if (((int64_t)lba << 2) > s->nb_sectors) {
953 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
954 ASC_LOGICAL_BLOCK_OOR);
960 case GPCMD_START_STOP_UNIT:
963 start = packet[4] & 1;
964 eject = (packet[4] >> 1) & 1;
966 /* XXX: currently none implemented */
970 case GPCMD_MECHANISM_STATUS:
972 max_len = ube16_to_cpu(packet + 8);
973 cpu_to_ube16(buf, 0);
979 cpu_to_ube16(buf + 6, 0);
980 ide_atapi_cmd_reply(s, 8, max_len);
983 case GPCMD_READ_TOC_PMA_ATIP:
985 int format, msf, start_track, len;
988 ide_atapi_cmd_error(s, SENSE_NOT_READY,
989 ASC_MEDIUM_NOT_PRESENT);
992 max_len = ube16_to_cpu(packet + 7);
993 format = packet[9] >> 6;
994 msf = (packet[1] >> 1) & 1;
995 start_track = packet[6];
998 len = cdrom_read_toc(s, buf, msf, start_track);
1001 ide_atapi_cmd_reply(s, len, max_len);
1004 /* multi session : only a single session defined */
1009 ide_atapi_cmd_reply(s, 12, max_len);
1016 case GPCMD_READ_CDVD_CAPACITY:
1018 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1019 ASC_MEDIUM_NOT_PRESENT);
1022 /* NOTE: it is really the number of sectors minus 1 */
1023 cpu_to_ube32(buf, (s->nb_sectors >> 2) - 1);
1024 cpu_to_ube32(buf + 4, 2048);
1025 ide_atapi_cmd_reply(s, 8, 8);
1028 max_len = packet[4];
1029 buf[0] = 0x05; /* CD-ROM */
1030 buf[1] = 0x80; /* removable */
1031 buf[2] = 0x00; /* ISO */
1032 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1033 buf[4] = 31; /* additionnal length */
1034 buf[5] = 0; /* reserved */
1035 buf[6] = 0; /* reserved */
1036 buf[7] = 0; /* reserved */
1037 padstr8(buf + 8, 8, "QEMU");
1038 padstr8(buf + 16, 16, "QEMU CD-ROM");
1039 padstr8(buf + 32, 4, QEMU_VERSION);
1040 ide_atapi_cmd_reply(s, 36, max_len);
1044 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1045 ASC_INV_FIELD_IN_CMD_PACKET);
1050 static void ide_ioport_write(CPUState *env, uint32_t addr, uint32_t val)
1052 IDEState *ide_if = get_ide_interface(addr);
1053 IDEState *s = ide_if->cur_drive;
1057 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1082 unit = (val >> 4) & 1;
1084 ide_if->cur_drive = s;
1090 #if defined(DEBUG_IDE)
1091 printf("ide: CMD=%02x\n", val);
1095 if (s->bs && !s->is_cdrom) {
1097 s->status = READY_STAT;
1098 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1101 ide_set_signature(s);
1103 ide_abort_command(s);
1109 s->status = READY_STAT;
1113 if (s->nsector > MAX_MULT_SECTORS ||
1115 (s->nsector & (s->nsector - 1)) != 0) {
1116 ide_abort_command(s);
1118 s->mult_sectors = s->nsector;
1119 s->status = READY_STAT;
1124 case WIN_VERIFY_ONCE:
1125 /* do sector number check ? */
1126 s->status = READY_STAT;
1133 s->req_nb_sectors = 1;
1137 case WIN_WRITE_ONCE:
1138 s->status = SEEK_STAT;
1139 s->req_nb_sectors = 1;
1140 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1143 if (!s->mult_sectors)
1145 s->req_nb_sectors = s->mult_sectors;
1149 if (!s->mult_sectors)
1151 s->status = SEEK_STAT;
1152 s->req_nb_sectors = s->mult_sectors;
1154 if (n > s->req_nb_sectors)
1155 n = s->req_nb_sectors;
1156 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1158 case WIN_READ_NATIVE_MAX:
1159 ide_set_sector(s, s->nb_sectors - 1);
1160 s->status = READY_STAT;
1164 /* ATAPI commands */
1167 ide_atapi_identify(s);
1168 s->status = READY_STAT;
1169 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1171 ide_abort_command(s);
1178 ide_set_signature(s);
1179 s->status = 0x00; /* NOTE: READY is _not_ set */
1185 /* DMA or overlapping commands not supported */
1186 if ((s->feature & 0x03) != 0)
1189 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1194 ide_abort_command(s);
1201 static uint32_t ide_ioport_read(CPUState *env, uint32_t addr1)
1203 IDEState *s = get_ide_interface(addr1)->cur_drive;
1216 ret = s->nsector & 0xff;
1233 pic_set_irq(s->irq, 0);
1237 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1242 static uint32_t ide_status_read(CPUState *env, uint32_t addr)
1244 IDEState *s = get_ide_interface(addr)->cur_drive;
1248 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1253 static void ide_cmd_write(CPUState *env, uint32_t addr, uint32_t val)
1255 IDEState *ide_if = get_ide_interface(addr);
1260 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1262 /* common for both drives */
1263 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
1264 (val & IDE_CMD_RESET)) {
1265 /* reset low to high */
1266 for(i = 0;i < 2; i++) {
1268 s->status = BUSY_STAT | SEEK_STAT;
1271 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
1272 !(val & IDE_CMD_RESET)) {
1274 for(i = 0;i < 2; i++) {
1277 s->status = 0x00; /* NOTE: READY is _not_ set */
1279 s->status = READY_STAT;
1280 ide_set_signature(s);
1284 ide_if[0].cmd = val;
1285 ide_if[1].cmd = val;
1288 static void ide_data_writew(CPUState *env, uint32_t addr, uint32_t val)
1290 IDEState *s = get_ide_interface(addr)->cur_drive;
1294 *(uint16_t *)p = tswap16(val);
1297 if (p >= s->data_end)
1298 s->end_transfer_func(s);
1301 static uint32_t ide_data_readw(CPUState *env, uint32_t addr)
1303 IDEState *s = get_ide_interface(addr)->cur_drive;
1307 ret = tswap16(*(uint16_t *)p);
1310 if (p >= s->data_end)
1311 s->end_transfer_func(s);
1315 static void ide_data_writel(CPUState *env, uint32_t addr, uint32_t val)
1317 IDEState *s = get_ide_interface(addr)->cur_drive;
1321 *(uint32_t *)p = tswap32(val);
1324 if (p >= s->data_end)
1325 s->end_transfer_func(s);
1328 static uint32_t ide_data_readl(CPUState *env, uint32_t addr)
1330 IDEState *s = get_ide_interface(addr)->cur_drive;
1335 ret = tswap32(*(uint32_t *)p);
1338 if (p >= s->data_end)
1339 s->end_transfer_func(s);
1343 static void ide_reset(IDEState *s)
1345 s->mult_sectors = MAX_MULT_SECTORS;
1348 s->status = READY_STAT;
1349 ide_set_signature(s);
1353 uint8_t boot_ind; /* 0x80 - active */
1354 uint8_t head; /* starting head */
1355 uint8_t sector; /* starting sector */
1356 uint8_t cyl; /* starting cylinder */
1357 uint8_t sys_ind; /* What partition type */
1358 uint8_t end_head; /* end head */
1359 uint8_t end_sector; /* end sector */
1360 uint8_t end_cyl; /* end cylinder */
1361 uint32_t start_sect; /* starting sector counting from 0 */
1362 uint32_t nr_sects; /* nr of sectors in partition */
1363 } __attribute__((packed));
1365 /* try to guess the IDE geometry from the MSDOS partition table */
1366 static void ide_guess_geometry(IDEState *s)
1370 struct partition *p;
1373 if (s->cylinders != 0)
1375 ret = bdrv_read(s->bs, 0, buf, 1);
1378 /* test msdos magic */
1379 if (buf[510] != 0x55 || buf[511] != 0xaa)
1381 for(i = 0; i < 4; i++) {
1382 p = ((struct partition *)(buf + 0x1be)) + i;
1383 nr_sects = tswap32(p->nr_sects);
1384 if (nr_sects && p->end_head) {
1385 /* We make the assumption that the partition terminates on
1386 a cylinder boundary */
1387 s->heads = p->end_head + 1;
1388 s->sectors = p->end_sector & 63;
1389 s->cylinders = s->nb_sectors / (s->heads * s->sectors);
1391 printf("guessed partition: CHS=%d %d %d\n",
1392 s->cylinders, s->heads, s->sectors);
1401 int i, cylinders, iobase, iobase2;
1403 static const int ide_iobase[2] = { 0x1f0, 0x170 };
1404 static const int ide_iobase2[2] = { 0x3f6, 0x376 };
1405 static const int ide_irq[2] = { 14, 15 };
1407 for(i = 0; i < MAX_DISKS; i++) {
1409 s->bs = bs_table[i];
1411 bdrv_get_geometry(s->bs, &nb_sectors);
1412 s->nb_sectors = nb_sectors;
1413 ide_guess_geometry(s);
1414 if (s->cylinders == 0) {
1415 /* if no geometry, use a LBA compatible one */
1416 cylinders = nb_sectors / (16 * 63);
1417 if (cylinders > 16383)
1419 else if (cylinders < 2)
1421 s->cylinders = cylinders;
1426 s->irq = ide_irq[i >> 1];
1429 for(i = 0; i < (MAX_DISKS / 2); i++) {
1430 iobase = ide_iobase[i];
1431 iobase2 = ide_iobase2[i];
1432 ide_table[iobase >> 3] = &ide_state[2 * i];
1434 ide_table[iobase2 >> 3] = &ide_state[2 * i];
1435 register_ioport_write(iobase, 8, ide_ioport_write, 1);
1436 register_ioport_read(iobase, 8, ide_ioport_read, 1);
1437 register_ioport_read(iobase2, 1, ide_status_read, 1);
1438 register_ioport_write(iobase2, 1, ide_cmd_write, 1);
1441 register_ioport_write(iobase, 2, ide_data_writew, 2);
1442 register_ioport_read(iobase, 2, ide_data_readw, 2);
1443 register_ioport_write(iobase, 4, ide_data_writel, 4);
1444 register_ioport_read(iobase, 4, ide_data_readl, 4);
1448 void ide_set_geometry(int n, int cyls, int heads, int secs)
1450 ide_state[n].cylinders = cyls;
1451 ide_state[n].heads = heads;
1452 ide_state[n].sectors = secs;
1455 void ide_set_cdrom(int n, int is_cdrom)
1457 ide_state[n].is_cdrom = is_cdrom;
projects / qemu / blob