2 * QEMU IDE disk and CD/DVD-ROM Emulator
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
28 #include "scsi-disk.h"
31 #include "block_int.h"
32 #include "qemu-timer.h"
35 #include "mac_dbdma.h"
39 typedef struct IDEBus IDEBus;
40 typedef struct IDEState IDEState;
41 typedef struct BMDMAState BMDMAState;
43 /* debug IDE devices */
45 //#define DEBUG_IDE_ATAPI
49 /* Bits of HD_STATUS */
51 #define INDEX_STAT 0x02
52 #define ECC_STAT 0x04 /* Corrected error */
54 #define SEEK_STAT 0x10
56 #define WRERR_STAT 0x20
57 #define READY_STAT 0x40
58 #define BUSY_STAT 0x80
60 /* Bits for HD_ERROR */
61 #define MARK_ERR 0x01 /* Bad address mark */
62 #define TRK0_ERR 0x02 /* couldn't find track 0 */
63 #define ABRT_ERR 0x04 /* Command aborted */
64 #define MCR_ERR 0x08 /* media change request */
65 #define ID_ERR 0x10 /* ID field not found */
66 #define MC_ERR 0x20 /* media changed */
67 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
68 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
69 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
71 /* Bits of HD_NSECTOR */
77 #define IDE_CMD_RESET 0x04
78 #define IDE_CMD_DISABLE_IRQ 0x02
80 /* ATA/ATAPI Commands pre T13 Spec */
85 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
89 #define WIN_SRST 0x08 /* ATAPI soft reset command */
90 #define WIN_DEVICE_RESET 0x08
94 #define WIN_RECAL 0x10
95 #define WIN_RESTORE WIN_RECAL
99 #define WIN_READ 0x20 /* 28-Bit */
100 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
101 #define WIN_READ_LONG 0x22 /* 28-Bit */
102 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
103 #define WIN_READ_EXT 0x24 /* 48-Bit */
104 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
105 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
106 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
110 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
112 * 0x2A->0x2F Reserved
114 #define WIN_WRITE 0x30 /* 28-Bit */
115 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
116 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
117 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
118 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
119 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
120 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
121 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
122 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
123 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
125 * 0x3A->0x3B Reserved
127 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
129 * 0x3D->0x3F Reserved
131 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
132 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
133 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
135 * 0x43->0x4F Reserved
137 #define WIN_FORMAT 0x50
139 * 0x51->0x5F Reserved
141 #define WIN_INIT 0x60
143 * 0x61->0x5F Reserved
145 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
146 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
147 #define WIN_DIAGNOSE 0x90
148 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
149 #define WIN_DOWNLOAD_MICROCODE 0x92
150 #define WIN_STANDBYNOW2 0x94
151 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
152 #define WIN_STANDBY2 0x96
153 #define WIN_SETIDLE2 0x97
154 #define WIN_CHECKPOWERMODE2 0x98
155 #define WIN_SLEEPNOW2 0x99
159 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
160 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
161 #define WIN_QUEUED_SERVICE 0xA2
162 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
163 #define CFA_ACCESS_METADATA_STORAGE 0xB8
164 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
165 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
166 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
167 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
168 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
169 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
170 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
171 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
172 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
173 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
174 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
175 #define WIN_GETMEDIASTATUS 0xDA
176 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
177 #define WIN_POSTBOOT 0xDC
178 #define WIN_PREBOOT 0xDD
179 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
180 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
181 #define WIN_STANDBYNOW1 0xE0
182 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
183 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
184 #define WIN_SETIDLE1 0xE3
185 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
186 #define WIN_CHECKPOWERMODE1 0xE5
187 #define WIN_SLEEPNOW1 0xE6
188 #define WIN_FLUSH_CACHE 0xE7
189 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
190 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
191 /* SET_FEATURES 0x22 or 0xDD */
192 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
193 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
194 #define WIN_MEDIAEJECT 0xED
195 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
196 #define WIN_SETFEATURES 0xEF /* set special drive features */
197 #define EXABYTE_ENABLE_NEST 0xF0
198 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
199 #define WIN_SECURITY_SET_PASS 0xF1
200 #define WIN_SECURITY_UNLOCK 0xF2
201 #define WIN_SECURITY_ERASE_PREPARE 0xF3
202 #define WIN_SECURITY_ERASE_UNIT 0xF4
203 #define WIN_SECURITY_FREEZE_LOCK 0xF5
204 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
205 #define WIN_SECURITY_DISABLE 0xF6
206 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
207 #define WIN_SET_MAX 0xF9
208 #define DISABLE_SEAGATE 0xFB
210 /* set to 1 set disable mult support */
211 #define MAX_MULT_SECTORS 16
213 #define IDE_DMA_BUF_SECTORS 256
215 #if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
216 #error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
221 #define ATAPI_PACKET_SIZE 12
223 /* The generic packet command opcodes for CD/DVD Logical Units,
224 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
225 #define GPCMD_BLANK 0xa1
226 #define GPCMD_CLOSE_TRACK 0x5b
227 #define GPCMD_FLUSH_CACHE 0x35
228 #define GPCMD_FORMAT_UNIT 0x04
229 #define GPCMD_GET_CONFIGURATION 0x46
230 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
231 #define GPCMD_GET_PERFORMANCE 0xac
232 #define GPCMD_INQUIRY 0x12
233 #define GPCMD_LOAD_UNLOAD 0xa6
234 #define GPCMD_MECHANISM_STATUS 0xbd
235 #define GPCMD_MODE_SELECT_10 0x55
236 #define GPCMD_MODE_SENSE_10 0x5a
237 #define GPCMD_PAUSE_RESUME 0x4b
238 #define GPCMD_PLAY_AUDIO_10 0x45
239 #define GPCMD_PLAY_AUDIO_MSF 0x47
240 #define GPCMD_PLAY_AUDIO_TI 0x48
241 #define GPCMD_PLAY_CD 0xbc
242 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
243 #define GPCMD_READ_10 0x28
244 #define GPCMD_READ_12 0xa8
245 #define GPCMD_READ_CDVD_CAPACITY 0x25
246 #define GPCMD_READ_CD 0xbe
247 #define GPCMD_READ_CD_MSF 0xb9
248 #define GPCMD_READ_DISC_INFO 0x51
249 #define GPCMD_READ_DVD_STRUCTURE 0xad
250 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
251 #define GPCMD_READ_HEADER 0x44
252 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
253 #define GPCMD_READ_SUBCHANNEL 0x42
254 #define GPCMD_READ_TOC_PMA_ATIP 0x43
255 #define GPCMD_REPAIR_RZONE_TRACK 0x58
256 #define GPCMD_REPORT_KEY 0xa4
257 #define GPCMD_REQUEST_SENSE 0x03
258 #define GPCMD_RESERVE_RZONE_TRACK 0x53
259 #define GPCMD_SCAN 0xba
260 #define GPCMD_SEEK 0x2b
261 #define GPCMD_SEND_DVD_STRUCTURE 0xad
262 #define GPCMD_SEND_EVENT 0xa2
263 #define GPCMD_SEND_KEY 0xa3
264 #define GPCMD_SEND_OPC 0x54
265 #define GPCMD_SET_READ_AHEAD 0xa7
266 #define GPCMD_SET_STREAMING 0xb6
267 #define GPCMD_START_STOP_UNIT 0x1b
268 #define GPCMD_STOP_PLAY_SCAN 0x4e
269 #define GPCMD_TEST_UNIT_READY 0x00
270 #define GPCMD_VERIFY_10 0x2f
271 #define GPCMD_WRITE_10 0x2a
272 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
273 /* This is listed as optional in ATAPI 2.6, but is (curiously)
274 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
275 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
276 * drives support it. */
277 #define GPCMD_SET_SPEED 0xbb
278 /* This seems to be a SCSI specific CD-ROM opcode
279 * to play data at track/index */
280 #define GPCMD_PLAYAUDIO_TI 0x48
282 * From MS Media Status Notification Support Specification. For
285 #define GPCMD_GET_MEDIA_STATUS 0xda
286 #define GPCMD_MODE_SENSE_6 0x1a
288 /* Mode page codes for mode sense/set */
289 #define GPMODE_R_W_ERROR_PAGE 0x01
290 #define GPMODE_WRITE_PARMS_PAGE 0x05
291 #define GPMODE_AUDIO_CTL_PAGE 0x0e
292 #define GPMODE_POWER_PAGE 0x1a
293 #define GPMODE_FAULT_FAIL_PAGE 0x1c
294 #define GPMODE_TO_PROTECT_PAGE 0x1d
295 #define GPMODE_CAPABILITIES_PAGE 0x2a
296 #define GPMODE_ALL_PAGES 0x3f
297 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
298 * of MODE_SENSE_POWER_PAGE */
299 #define GPMODE_CDROM_PAGE 0x0d
302 * Based on values from <linux/cdrom.h> but extending CD_MINS
303 * to the maximum common size allowed by the Orange's Book ATIP
305 * 90 and 99 min CDs are also available but using them as the
306 * upper limit reduces the effectiveness of the heuristic to
307 * detect DVDs burned to less than 25% of their maximum capacity
310 /* Some generally useful CD-ROM information */
311 #define CD_MINS 80 /* max. minutes per CD */
312 #define CD_SECS 60 /* seconds per minute */
313 #define CD_FRAMES 75 /* frames per second */
314 #define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
315 #define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
316 #define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
319 * The MMC values are not IDE specific and might need to be moved
320 * to a common header if they are also needed for the SCSI emulation
323 /* Profile list from MMC-6 revision 1 table 91 */
324 #define MMC_PROFILE_NONE 0x0000
325 #define MMC_PROFILE_CD_ROM 0x0008
326 #define MMC_PROFILE_CD_R 0x0009
327 #define MMC_PROFILE_CD_RW 0x000A
328 #define MMC_PROFILE_DVD_ROM 0x0010
329 #define MMC_PROFILE_DVD_R_SR 0x0011
330 #define MMC_PROFILE_DVD_RAM 0x0012
331 #define MMC_PROFILE_DVD_RW_RO 0x0013
332 #define MMC_PROFILE_DVD_RW_SR 0x0014
333 #define MMC_PROFILE_DVD_R_DL_SR 0x0015
334 #define MMC_PROFILE_DVD_R_DL_JR 0x0016
335 #define MMC_PROFILE_DVD_RW_DL 0x0017
336 #define MMC_PROFILE_DVD_DDR 0x0018
337 #define MMC_PROFILE_DVD_PLUS_RW 0x001A
338 #define MMC_PROFILE_DVD_PLUS_R 0x001B
339 #define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
340 #define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
341 #define MMC_PROFILE_BD_ROM 0x0040
342 #define MMC_PROFILE_BD_R_SRM 0x0041
343 #define MMC_PROFILE_BD_R_RRM 0x0042
344 #define MMC_PROFILE_BD_RE 0x0043
345 #define MMC_PROFILE_HDDVD_ROM 0x0050
346 #define MMC_PROFILE_HDDVD_R 0x0051
347 #define MMC_PROFILE_HDDVD_RAM 0x0052
348 #define MMC_PROFILE_HDDVD_RW 0x0053
349 #define MMC_PROFILE_HDDVD_R_DL 0x0058
350 #define MMC_PROFILE_HDDVD_RW_DL 0x005A
351 #define MMC_PROFILE_INVALID 0xFFFF
353 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
354 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
355 #define ATAPI_INT_REASON_REL 0x04
356 #define ATAPI_INT_REASON_TAG 0xf8
358 /* same constants as bochs */
359 #define ASC_ILLEGAL_OPCODE 0x20
360 #define ASC_LOGICAL_BLOCK_OOR 0x21
361 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
362 #define ASC_MEDIUM_MAY_HAVE_CHANGED 0x28
363 #define ASC_INCOMPATIBLE_FORMAT 0x30
364 #define ASC_MEDIUM_NOT_PRESENT 0x3a
365 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
366 #define ASC_MEDIA_REMOVAL_PREVENTED 0x53
368 #define CFA_NO_ERROR 0x00
369 #define CFA_MISC_ERROR 0x09
370 #define CFA_INVALID_COMMAND 0x20
371 #define CFA_INVALID_ADDRESS 0x21
372 #define CFA_ADDRESS_OVERFLOW 0x2f
375 #define SENSE_NOT_READY 2
376 #define SENSE_ILLEGAL_REQUEST 5
377 #define SENSE_UNIT_ATTENTION 6
379 #define SMART_READ_DATA 0xd0
380 #define SMART_READ_THRESH 0xd1
381 #define SMART_ATTR_AUTOSAVE 0xd2
382 #define SMART_SAVE_ATTR 0xd3
383 #define SMART_EXECUTE_OFFLINE 0xd4
384 #define SMART_READ_LOG 0xd5
385 #define SMART_WRITE_LOG 0xd6
386 #define SMART_ENABLE 0xd8
387 #define SMART_DISABLE 0xd9
388 #define SMART_STATUS 0xda
390 static int smart_attributes[][5] = {
391 /* id, flags, val, wrst, thrsh */
392 { 0x01, 0x03, 0x64, 0x64, 0x06}, /* raw read */
393 { 0x03, 0x03, 0x64, 0x64, 0x46}, /* spin up */
394 { 0x04, 0x02, 0x64, 0x64, 0x14}, /* start stop count */
395 { 0x05, 0x03, 0x64, 0x64, 0x36}, /* remapped sectors */
396 { 0x00, 0x00, 0x00, 0x00, 0x00}
401 typedef void EndTransferFunc(IDEState *);
403 /* NOTE: IDEState represents in fact one drive */
410 int cylinders, heads, sectors;
414 uint16_t identify_data[256];
417 char drive_serial_str[21];
425 /* other part of tf for lba48 support */
435 /* 0x3f6 command, only meaningful for drive 0 */
437 /* set for lba48 access */
439 BlockDriverState *bs;
443 uint8_t cdrom_changed;
444 int packet_transfer_size;
445 int elementary_transfer_size;
449 int atapi_dma; /* true if dma is requested for the packet cmd */
453 /* PIO transfer handling */
454 int req_nb_sectors; /* number of sectors per interrupt */
455 EndTransferFunc *end_transfer_func;
459 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
460 uint32_t irq_count; /* counts IRQs when using win2k install hack */
461 /* CF-ATA extended error */
463 /* CF-ATA metadata storage */
465 uint8_t *mdata_storage;
470 uint8_t smart_enabled;
471 uint8_t smart_autosave;
473 uint8_t smart_selftest_count;
474 uint8_t *smart_selftest_data;
484 /* XXX: DVDs that could fit on a CD will be reported as a CD */
485 static inline int media_present(IDEState *s)
487 return (s->nb_sectors > 0);
490 static inline int media_is_dvd(IDEState *s)
492 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
495 static inline int media_is_cd(IDEState *s)
497 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
500 #define BM_STATUS_DMAING 0x01
501 #define BM_STATUS_ERROR 0x02
502 #define BM_STATUS_INT 0x04
503 #define BM_STATUS_DMA_RETRY 0x08
504 #define BM_STATUS_PIO_RETRY 0x10
506 #define BM_CMD_START 0x01
507 #define BM_CMD_READ 0x08
509 #define IDE_TYPE_PIIX3 0
510 #define IDE_TYPE_CMD646 1
511 #define IDE_TYPE_PIIX4 2
513 /* CMD646 specific */
515 #define MRDMODE_INTR_CH0 0x04
516 #define MRDMODE_INTR_CH1 0x08
517 #define MRDMODE_BLK_CH0 0x10
518 #define MRDMODE_BLK_CH1 0x20
519 #define UDIDETCR0 0x73
520 #define UDIDETCR1 0x7B
527 struct PCIIDEState *pci_dev;
529 /* current transfer state */
531 uint32_t cur_prd_last;
532 uint32_t cur_prd_addr;
533 uint32_t cur_prd_len;
535 BlockDriverCompletionFunc *dma_cb;
536 BlockDriverAIOCB *aiocb;
544 typedef struct PCIIDEState {
548 int type; /* see IDE_TYPE_xxx */
551 static inline IDEState *bmdma_active_if(BMDMAState *bmdma)
553 assert(bmdma->unit != -1);
554 return bmdma->bus->ifs + bmdma->unit;
557 static inline IDEState *idebus_active_if(IDEBus *bus)
559 return bus->ifs + bus->unit;
562 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
563 static void ide_dma_restart(IDEState *s);
564 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
566 static void padstr(char *str, const char *src, int len)
569 for(i = 0; i < len; i++) {
578 static void padstr8(uint8_t *buf, int buf_size, const char *src)
581 for(i = 0; i < buf_size; i++) {
589 static void put_le16(uint16_t *p, unsigned int v)
594 static void ide_identify(IDEState *s)
597 unsigned int oldsize;
599 if (s->identify_set) {
600 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
604 memset(s->io_buffer, 0, 512);
605 p = (uint16_t *)s->io_buffer;
606 put_le16(p + 0, 0x0040);
607 put_le16(p + 1, s->cylinders);
608 put_le16(p + 3, s->heads);
609 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
610 put_le16(p + 5, 512); /* XXX: retired, remove ? */
611 put_le16(p + 6, s->sectors);
612 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
613 put_le16(p + 20, 3); /* XXX: retired, remove ? */
614 put_le16(p + 21, 512); /* cache size in sectors */
615 put_le16(p + 22, 4); /* ecc bytes */
616 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
617 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
618 #if MAX_MULT_SECTORS > 1
619 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
621 put_le16(p + 48, 1); /* dword I/O */
622 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
623 put_le16(p + 51, 0x200); /* PIO transfer cycle */
624 put_le16(p + 52, 0x200); /* DMA transfer cycle */
625 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
626 put_le16(p + 54, s->cylinders);
627 put_le16(p + 55, s->heads);
628 put_le16(p + 56, s->sectors);
629 oldsize = s->cylinders * s->heads * s->sectors;
630 put_le16(p + 57, oldsize);
631 put_le16(p + 58, oldsize >> 16);
633 put_le16(p + 59, 0x100 | s->mult_sectors);
634 put_le16(p + 60, s->nb_sectors);
635 put_le16(p + 61, s->nb_sectors >> 16);
636 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
637 put_le16(p + 63, 0x07); /* mdma0-2 supported */
638 put_le16(p + 65, 120);
639 put_le16(p + 66, 120);
640 put_le16(p + 67, 120);
641 put_le16(p + 68, 120);
642 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
643 put_le16(p + 81, 0x16); /* conforms to ata5 */
644 /* 14=NOP supported, 0=SMART supported */
645 put_le16(p + 82, (1 << 14) | 1);
646 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
647 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
648 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
649 put_le16(p + 84, (1 << 14) | 0);
650 /* 14 = NOP supported, 0=SMART feature set enabled */
651 put_le16(p + 85, (1 << 14) | 1);
652 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
653 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
654 /* 14=set to 1, 1=smart self test, 0=smart error logging */
655 put_le16(p + 87, (1 << 14) | 0);
656 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
657 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
658 put_le16(p + 100, s->nb_sectors);
659 put_le16(p + 101, s->nb_sectors >> 16);
660 put_le16(p + 102, s->nb_sectors >> 32);
661 put_le16(p + 103, s->nb_sectors >> 48);
663 memcpy(s->identify_data, p, sizeof(s->identify_data));
667 static void ide_atapi_identify(IDEState *s)
671 if (s->identify_set) {
672 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
676 memset(s->io_buffer, 0, 512);
677 p = (uint16_t *)s->io_buffer;
678 /* Removable CDROM, 50us response, 12 byte packets */
679 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
680 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
681 put_le16(p + 20, 3); /* buffer type */
682 put_le16(p + 21, 512); /* cache size in sectors */
683 put_le16(p + 22, 4); /* ecc bytes */
684 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
685 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
686 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
688 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
689 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
690 put_le16(p + 62, 7); /* single word dma0-2 supported */
691 put_le16(p + 63, 7); /* mdma0-2 supported */
692 put_le16(p + 64, 0x3f); /* PIO modes supported */
694 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
695 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
696 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
697 put_le16(p + 64, 1); /* PIO modes */
699 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
700 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
701 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
702 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
704 put_le16(p + 71, 30); /* in ns */
705 put_le16(p + 72, 30); /* in ns */
707 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
709 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
711 memcpy(s->identify_data, p, sizeof(s->identify_data));
715 static void ide_cfata_identify(IDEState *s)
720 p = (uint16_t *) s->identify_data;
724 memset(p, 0, sizeof(s->identify_data));
726 cur_sec = s->cylinders * s->heads * s->sectors;
728 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
729 put_le16(p + 1, s->cylinders); /* Default cylinders */
730 put_le16(p + 3, s->heads); /* Default heads */
731 put_le16(p + 6, s->sectors); /* Default sectors per track */
732 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
733 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
734 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
735 put_le16(p + 22, 0x0004); /* ECC bytes */
736 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
737 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
738 #if MAX_MULT_SECTORS > 1
739 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
741 put_le16(p + 47, 0x0000);
743 put_le16(p + 49, 0x0f00); /* Capabilities */
744 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
745 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
746 put_le16(p + 53, 0x0003); /* Translation params valid */
747 put_le16(p + 54, s->cylinders); /* Current cylinders */
748 put_le16(p + 55, s->heads); /* Current heads */
749 put_le16(p + 56, s->sectors); /* Current sectors */
750 put_le16(p + 57, cur_sec); /* Current capacity */
751 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
752 if (s->mult_sectors) /* Multiple sector setting */
753 put_le16(p + 59, 0x100 | s->mult_sectors);
754 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
755 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
756 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
757 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
758 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
759 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
760 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
761 put_le16(p + 82, 0x400c); /* Command Set supported */
762 put_le16(p + 83, 0x7068); /* Command Set supported */
763 put_le16(p + 84, 0x4000); /* Features supported */
764 put_le16(p + 85, 0x000c); /* Command Set enabled */
765 put_le16(p + 86, 0x7044); /* Command Set enabled */
766 put_le16(p + 87, 0x4000); /* Features enabled */
767 put_le16(p + 91, 0x4060); /* Current APM level */
768 put_le16(p + 129, 0x0002); /* Current features option */
769 put_le16(p + 130, 0x0005); /* Reassigned sectors */
770 put_le16(p + 131, 0x0001); /* Initial power mode */
771 put_le16(p + 132, 0x0000); /* User signature */
772 put_le16(p + 160, 0x8100); /* Power requirement */
773 put_le16(p + 161, 0x8001); /* CF command set */
778 memcpy(s->io_buffer, p, sizeof(s->identify_data));
781 static void ide_set_signature(IDEState *s)
783 s->select &= 0xf0; /* clear head */
799 static inline void ide_abort_command(IDEState *s)
801 s->status = READY_STAT | ERR_STAT;
805 static inline void ide_dma_submit_check(IDEState *s,
806 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
813 static inline void ide_set_irq(IDEState *s)
815 BMDMAState *bm = s->bus->bmdma;
816 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
818 bm->status |= BM_STATUS_INT;
820 qemu_irq_raise(s->irq);
824 /* prepare data transfer and tell what to do after */
825 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
826 EndTransferFunc *end_transfer_func)
828 s->end_transfer_func = end_transfer_func;
830 s->data_end = buf + size;
831 if (!(s->status & ERR_STAT))
832 s->status |= DRQ_STAT;
835 static void ide_transfer_stop(IDEState *s)
837 s->end_transfer_func = ide_transfer_stop;
838 s->data_ptr = s->io_buffer;
839 s->data_end = s->io_buffer;
840 s->status &= ~DRQ_STAT;
843 static int64_t ide_get_sector(IDEState *s)
846 if (s->select & 0x40) {
849 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
850 (s->lcyl << 8) | s->sector;
852 sector_num = ((int64_t)s->hob_hcyl << 40) |
853 ((int64_t) s->hob_lcyl << 32) |
854 ((int64_t) s->hob_sector << 24) |
855 ((int64_t) s->hcyl << 16) |
856 ((int64_t) s->lcyl << 8) | s->sector;
859 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
860 (s->select & 0x0f) * s->sectors + (s->sector - 1);
865 static void ide_set_sector(IDEState *s, int64_t sector_num)
868 if (s->select & 0x40) {
870 s->select = (s->select & 0xf0) | (sector_num >> 24);
871 s->hcyl = (sector_num >> 16);
872 s->lcyl = (sector_num >> 8);
873 s->sector = (sector_num);
875 s->sector = sector_num;
876 s->lcyl = sector_num >> 8;
877 s->hcyl = sector_num >> 16;
878 s->hob_sector = sector_num >> 24;
879 s->hob_lcyl = sector_num >> 32;
880 s->hob_hcyl = sector_num >> 40;
883 cyl = sector_num / (s->heads * s->sectors);
884 r = sector_num % (s->heads * s->sectors);
887 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
888 s->sector = (r % s->sectors) + 1;
892 static void ide_rw_error(IDEState *s) {
893 ide_abort_command(s);
897 static void ide_sector_read(IDEState *s)
902 s->status = READY_STAT | SEEK_STAT;
903 s->error = 0; /* not needed by IDE spec, but needed by Windows */
904 sector_num = ide_get_sector(s);
907 /* no more sector to read from disk */
908 ide_transfer_stop(s);
910 #if defined(DEBUG_IDE)
911 printf("read sector=%" PRId64 "\n", sector_num);
913 if (n > s->req_nb_sectors)
914 n = s->req_nb_sectors;
915 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
920 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
922 ide_set_sector(s, sector_num + n);
928 /* return 0 if buffer completed */
929 static int dma_buf_prepare(BMDMAState *bm, int is_write)
931 IDEState *s = bmdma_active_if(bm);
938 qemu_sglist_init(&s->sg, s->nsector / (TARGET_PAGE_SIZE/512) + 1);
939 s->io_buffer_size = 0;
941 if (bm->cur_prd_len == 0) {
942 /* end of table (with a fail safe of one page) */
943 if (bm->cur_prd_last ||
944 (bm->cur_addr - bm->addr) >= 4096)
945 return s->io_buffer_size != 0;
946 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
948 prd.addr = le32_to_cpu(prd.addr);
949 prd.size = le32_to_cpu(prd.size);
950 len = prd.size & 0xfffe;
953 bm->cur_prd_len = len;
954 bm->cur_prd_addr = prd.addr;
955 bm->cur_prd_last = (prd.size & 0x80000000);
959 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l);
960 bm->cur_prd_addr += l;
961 bm->cur_prd_len -= l;
962 s->io_buffer_size += l;
968 static void dma_buf_commit(IDEState *s, int is_write)
970 qemu_sglist_destroy(&s->sg);
973 static void ide_dma_error(IDEState *s)
975 ide_transfer_stop(s);
977 s->status = READY_STAT | ERR_STAT;
981 static int ide_handle_write_error(IDEState *s, int error, int op)
983 BlockInterfaceErrorAction action = drive_get_onerror(s->bs);
985 if (action == BLOCK_ERR_IGNORE)
988 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
989 || action == BLOCK_ERR_STOP_ANY) {
990 s->bus->bmdma->unit = s->unit;
991 s->bus->bmdma->status |= op;
994 if (op == BM_STATUS_DMA_RETRY) {
995 dma_buf_commit(s, 0);
1005 /* return 0 if buffer completed */
1006 static int dma_buf_rw(BMDMAState *bm, int is_write)
1008 IDEState *s = bmdma_active_if(bm);
1016 l = s->io_buffer_size - s->io_buffer_index;
1019 if (bm->cur_prd_len == 0) {
1020 /* end of table (with a fail safe of one page) */
1021 if (bm->cur_prd_last ||
1022 (bm->cur_addr - bm->addr) >= 4096)
1024 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
1026 prd.addr = le32_to_cpu(prd.addr);
1027 prd.size = le32_to_cpu(prd.size);
1028 len = prd.size & 0xfffe;
1031 bm->cur_prd_len = len;
1032 bm->cur_prd_addr = prd.addr;
1033 bm->cur_prd_last = (prd.size & 0x80000000);
1035 if (l > bm->cur_prd_len)
1036 l = bm->cur_prd_len;
1039 cpu_physical_memory_write(bm->cur_prd_addr,
1040 s->io_buffer + s->io_buffer_index, l);
1042 cpu_physical_memory_read(bm->cur_prd_addr,
1043 s->io_buffer + s->io_buffer_index, l);
1045 bm->cur_prd_addr += l;
1046 bm->cur_prd_len -= l;
1047 s->io_buffer_index += l;
1053 static void ide_read_dma_cb(void *opaque, int ret)
1055 BMDMAState *bm = opaque;
1056 IDEState *s = bmdma_active_if(bm);
1061 dma_buf_commit(s, 1);
1066 n = s->io_buffer_size >> 9;
1067 sector_num = ide_get_sector(s);
1069 dma_buf_commit(s, 1);
1071 ide_set_sector(s, sector_num);
1075 /* end of transfer ? */
1076 if (s->nsector == 0) {
1077 s->status = READY_STAT | SEEK_STAT;
1080 bm->status &= ~BM_STATUS_DMAING;
1081 bm->status |= BM_STATUS_INT;
1088 /* launch next transfer */
1090 s->io_buffer_index = 0;
1091 s->io_buffer_size = n * 512;
1092 if (dma_buf_prepare(bm, 1) == 0)
1095 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n);
1097 bm->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_read_dma_cb, bm);
1098 ide_dma_submit_check(s, ide_read_dma_cb, bm);
1101 static void ide_sector_read_dma(IDEState *s)
1103 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1104 s->io_buffer_index = 0;
1105 s->io_buffer_size = 0;
1107 ide_dma_start(s, ide_read_dma_cb);
1110 static void ide_sector_write_timer_cb(void *opaque)
1112 IDEState *s = opaque;
1116 static void ide_sector_write(IDEState *s)
1121 s->status = READY_STAT | SEEK_STAT;
1122 sector_num = ide_get_sector(s);
1123 #if defined(DEBUG_IDE)
1124 printf("write sector=%" PRId64 "\n", sector_num);
1127 if (n > s->req_nb_sectors)
1128 n = s->req_nb_sectors;
1129 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
1132 if (ide_handle_write_error(s, -ret, BM_STATUS_PIO_RETRY))
1137 if (s->nsector == 0) {
1138 /* no more sectors to write */
1139 ide_transfer_stop(s);
1142 if (n1 > s->req_nb_sectors)
1143 n1 = s->req_nb_sectors;
1144 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
1146 ide_set_sector(s, sector_num + n);
1149 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
1150 /* It seems there is a bug in the Windows 2000 installer HDD
1151 IDE driver which fills the disk with empty logs when the
1152 IDE write IRQ comes too early. This hack tries to correct
1153 that at the expense of slower write performances. Use this
1154 option _only_ to install Windows 2000. You must disable it
1156 qemu_mod_timer(s->sector_write_timer,
1157 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
1165 static void ide_dma_restart_bh(void *opaque)
1167 BMDMAState *bm = opaque;
1169 qemu_bh_delete(bm->bh);
1172 if (bm->status & BM_STATUS_DMA_RETRY) {
1173 bm->status &= ~BM_STATUS_DMA_RETRY;
1174 ide_dma_restart(bmdma_active_if(bm));
1175 } else if (bm->status & BM_STATUS_PIO_RETRY) {
1176 bm->status &= ~BM_STATUS_PIO_RETRY;
1177 ide_sector_write(bmdma_active_if(bm));
1181 static void ide_dma_restart_cb(void *opaque, int running, int reason)
1183 BMDMAState *bm = opaque;
1189 bm->bh = qemu_bh_new(ide_dma_restart_bh, bm);
1190 qemu_bh_schedule(bm->bh);
1194 static void ide_write_dma_cb(void *opaque, int ret)
1196 BMDMAState *bm = opaque;
1197 IDEState *s = bmdma_active_if(bm);
1202 if (ide_handle_write_error(s, -ret, BM_STATUS_DMA_RETRY))
1206 n = s->io_buffer_size >> 9;
1207 sector_num = ide_get_sector(s);
1209 dma_buf_commit(s, 0);
1211 ide_set_sector(s, sector_num);
1215 /* end of transfer ? */
1216 if (s->nsector == 0) {
1217 s->status = READY_STAT | SEEK_STAT;
1220 bm->status &= ~BM_STATUS_DMAING;
1221 bm->status |= BM_STATUS_INT;
1229 s->io_buffer_size = n * 512;
1230 /* launch next transfer */
1231 if (dma_buf_prepare(bm, 0) == 0)
1234 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n);
1236 bm->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_write_dma_cb, bm);
1237 ide_dma_submit_check(s, ide_write_dma_cb, bm);
1240 static void ide_sector_write_dma(IDEState *s)
1242 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1243 s->io_buffer_index = 0;
1244 s->io_buffer_size = 0;
1246 ide_dma_start(s, ide_write_dma_cb);
1249 static void ide_atapi_cmd_ok(IDEState *s)
1252 s->status = READY_STAT | SEEK_STAT;
1253 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1257 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1259 #ifdef DEBUG_IDE_ATAPI
1260 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1262 s->error = sense_key << 4;
1263 s->status = READY_STAT | ERR_STAT;
1264 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1265 s->sense_key = sense_key;
1270 static void ide_atapi_cmd_check_status(IDEState *s)
1272 #ifdef DEBUG_IDE_ATAPI
1273 printf("atapi_cmd_check_status\n");
1275 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
1276 s->status = ERR_STAT;
1281 static inline void cpu_to_ube16(uint8_t *buf, int val)
1284 buf[1] = val & 0xff;
1287 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1292 buf[3] = val & 0xff;
1295 static inline int ube16_to_cpu(const uint8_t *buf)
1297 return (buf[0] << 8) | buf[1];
1300 static inline int ube32_to_cpu(const uint8_t *buf)
1302 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1305 static void lba_to_msf(uint8_t *buf, int lba)
1308 buf[0] = (lba / 75) / 60;
1309 buf[1] = (lba / 75) % 60;
1313 static void cd_data_to_raw(uint8_t *buf, int lba)
1317 memset(buf + 1, 0xff, 10);
1321 lba_to_msf(buf, lba);
1322 buf[3] = 0x01; /* mode 1 data */
1326 /* XXX: ECC not computed */
1327 memset(buf, 0, 288);
1330 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
1335 switch(sector_size) {
1337 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1340 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1343 cd_data_to_raw(buf, lba);
1352 static void ide_atapi_io_error(IDEState *s, int ret)
1354 /* XXX: handle more errors */
1355 if (ret == -ENOMEDIUM) {
1356 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1357 ASC_MEDIUM_NOT_PRESENT);
1359 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1360 ASC_LOGICAL_BLOCK_OOR);
1364 /* The whole ATAPI transfer logic is handled in this function */
1365 static void ide_atapi_cmd_reply_end(IDEState *s)
1367 int byte_count_limit, size, ret;
1368 #ifdef DEBUG_IDE_ATAPI
1369 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1370 s->packet_transfer_size,
1371 s->elementary_transfer_size,
1372 s->io_buffer_index);
1374 if (s->packet_transfer_size <= 0) {
1375 /* end of transfer */
1376 ide_transfer_stop(s);
1377 s->status = READY_STAT | SEEK_STAT;
1378 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1380 #ifdef DEBUG_IDE_ATAPI
1381 printf("status=0x%x\n", s->status);
1384 /* see if a new sector must be read */
1385 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1386 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1388 ide_transfer_stop(s);
1389 ide_atapi_io_error(s, ret);
1393 s->io_buffer_index = 0;
1395 if (s->elementary_transfer_size > 0) {
1396 /* there are some data left to transmit in this elementary
1398 size = s->cd_sector_size - s->io_buffer_index;
1399 if (size > s->elementary_transfer_size)
1400 size = s->elementary_transfer_size;
1401 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1402 size, ide_atapi_cmd_reply_end);
1403 s->packet_transfer_size -= size;
1404 s->elementary_transfer_size -= size;
1405 s->io_buffer_index += size;
1407 /* a new transfer is needed */
1408 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1409 byte_count_limit = s->lcyl | (s->hcyl << 8);
1410 #ifdef DEBUG_IDE_ATAPI
1411 printf("byte_count_limit=%d\n", byte_count_limit);
1413 if (byte_count_limit == 0xffff)
1415 size = s->packet_transfer_size;
1416 if (size > byte_count_limit) {
1417 /* byte count limit must be even if this case */
1418 if (byte_count_limit & 1)
1420 size = byte_count_limit;
1423 s->hcyl = size >> 8;
1424 s->elementary_transfer_size = size;
1425 /* we cannot transmit more than one sector at a time */
1427 if (size > (s->cd_sector_size - s->io_buffer_index))
1428 size = (s->cd_sector_size - s->io_buffer_index);
1430 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1431 size, ide_atapi_cmd_reply_end);
1432 s->packet_transfer_size -= size;
1433 s->elementary_transfer_size -= size;
1434 s->io_buffer_index += size;
1436 #ifdef DEBUG_IDE_ATAPI
1437 printf("status=0x%x\n", s->status);
1443 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1444 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1446 if (size > max_size)
1448 s->lba = -1; /* no sector read */
1449 s->packet_transfer_size = size;
1450 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1451 s->elementary_transfer_size = 0;
1452 s->io_buffer_index = 0;
1455 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
1456 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1458 s->status = READY_STAT | SEEK_STAT;
1459 ide_atapi_cmd_reply_end(s);
1463 /* start a CD-CDROM read command */
1464 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1468 s->packet_transfer_size = nb_sectors * sector_size;
1469 s->elementary_transfer_size = 0;
1470 s->io_buffer_index = sector_size;
1471 s->cd_sector_size = sector_size;
1473 s->status = READY_STAT | SEEK_STAT;
1474 ide_atapi_cmd_reply_end(s);
1477 /* ATAPI DMA support */
1479 /* XXX: handle read errors */
1480 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1482 BMDMAState *bm = opaque;
1483 IDEState *s = bmdma_active_if(bm);
1487 ide_atapi_io_error(s, ret);
1491 if (s->io_buffer_size > 0) {
1493 * For a cdrom read sector command (s->lba != -1),
1494 * adjust the lba for the next s->io_buffer_size chunk
1495 * and dma the current chunk.
1496 * For a command != read (s->lba == -1), just transfer
1500 if (s->cd_sector_size == 2352) {
1502 cd_data_to_raw(s->io_buffer, s->lba);
1504 n = s->io_buffer_size >> 11;
1508 s->packet_transfer_size -= s->io_buffer_size;
1509 if (dma_buf_rw(bm, 1) == 0)
1513 if (s->packet_transfer_size <= 0) {
1514 s->status = READY_STAT | SEEK_STAT;
1515 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1518 bm->status &= ~BM_STATUS_DMAING;
1519 bm->status |= BM_STATUS_INT;
1526 s->io_buffer_index = 0;
1527 if (s->cd_sector_size == 2352) {
1529 s->io_buffer_size = s->cd_sector_size;
1532 n = s->packet_transfer_size >> 11;
1533 if (n > (IDE_DMA_BUF_SECTORS / 4))
1534 n = (IDE_DMA_BUF_SECTORS / 4);
1535 s->io_buffer_size = n * 2048;
1539 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1541 bm->iov.iov_base = (void *)(s->io_buffer + data_offset);
1542 bm->iov.iov_len = n * 4 * 512;
1543 qemu_iovec_init_external(&bm->qiov, &bm->iov, 1);
1544 bm->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2, &bm->qiov,
1545 n * 4, ide_atapi_cmd_read_dma_cb, bm);
1547 /* Note: media not present is the most likely case */
1548 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1549 ASC_MEDIUM_NOT_PRESENT);
1554 /* start a CD-CDROM read command with DMA */
1555 /* XXX: test if DMA is available */
1556 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1560 s->packet_transfer_size = nb_sectors * sector_size;
1561 s->io_buffer_index = 0;
1562 s->io_buffer_size = 0;
1563 s->cd_sector_size = sector_size;
1565 /* XXX: check if BUSY_STAT should be set */
1566 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1567 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1570 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1573 #ifdef DEBUG_IDE_ATAPI
1574 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1578 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1580 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1584 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1587 uint8_t *buf_profile = buf + 12; /* start of profiles */
1589 buf_profile += ((*index) * 4); /* start of indexed profile */
1590 cpu_to_ube16 (buf_profile, profile);
1591 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1593 /* each profile adds 4 bytes to the response */
1595 buf[11] += 4; /* Additional Length */
1600 static int ide_dvd_read_structure(IDEState *s, int format,
1601 const uint8_t *packet, uint8_t *buf)
1604 case 0x0: /* Physical format information */
1606 int layer = packet[6];
1607 uint64_t total_sectors;
1610 return -ASC_INV_FIELD_IN_CMD_PACKET;
1612 bdrv_get_geometry(s->bs, &total_sectors);
1613 total_sectors >>= 2;
1614 if (total_sectors == 0)
1615 return -ASC_MEDIUM_NOT_PRESENT;
1617 buf[4] = 1; /* DVD-ROM, part version 1 */
1618 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1619 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1620 buf[7] = 0; /* default densities */
1622 /* FIXME: 0x30000 per spec? */
1623 cpu_to_ube32(buf + 8, 0); /* start sector */
1624 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1625 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1627 /* Size of buffer, not including 2 byte size field */
1628 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1630 /* 2k data + 4 byte header */
1634 case 0x01: /* DVD copyright information */
1635 buf[4] = 0; /* no copyright data */
1636 buf[5] = 0; /* no region restrictions */
1638 /* Size of buffer, not including 2 byte size field */
1639 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1641 /* 4 byte header + 4 byte data */
1644 case 0x03: /* BCA information - invalid field for no BCA info */
1645 return -ASC_INV_FIELD_IN_CMD_PACKET;
1647 case 0x04: /* DVD disc manufacturing information */
1648 /* Size of buffer, not including 2 byte size field */
1649 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1651 /* 2k data + 4 byte header */
1656 * This lists all the command capabilities above. Add new ones
1657 * in order and update the length and buffer return values.
1660 buf[4] = 0x00; /* Physical format */
1661 buf[5] = 0x40; /* Not writable, is readable */
1662 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1664 buf[8] = 0x01; /* Copyright info */
1665 buf[9] = 0x40; /* Not writable, is readable */
1666 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1668 buf[12] = 0x03; /* BCA info */
1669 buf[13] = 0x40; /* Not writable, is readable */
1670 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1672 buf[16] = 0x04; /* Manufacturing info */
1673 buf[17] = 0x40; /* Not writable, is readable */
1674 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1676 /* Size of buffer, not including 2 byte size field */
1677 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1679 /* data written + 4 byte header */
1682 default: /* TODO: formats beyond DVD-ROM requires */
1683 return -ASC_INV_FIELD_IN_CMD_PACKET;
1687 static void ide_atapi_cmd(IDEState *s)
1689 const uint8_t *packet;
1693 packet = s->io_buffer;
1695 #ifdef DEBUG_IDE_ATAPI
1698 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1699 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1700 printf(" %02x", packet[i]);
1705 /* If there's a UNIT_ATTENTION condition pending, only
1706 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1707 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1708 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1709 s->io_buffer[0] != GPCMD_INQUIRY) {
1710 ide_atapi_cmd_check_status(s);
1713 switch(s->io_buffer[0]) {
1714 case GPCMD_TEST_UNIT_READY:
1715 if (bdrv_is_inserted(s->bs) && !s->cdrom_changed) {
1716 ide_atapi_cmd_ok(s);
1718 s->cdrom_changed = 0;
1719 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1720 ASC_MEDIUM_NOT_PRESENT);
1723 case GPCMD_MODE_SENSE_6:
1724 case GPCMD_MODE_SENSE_10:
1727 if (packet[0] == GPCMD_MODE_SENSE_10)
1728 max_len = ube16_to_cpu(packet + 7);
1730 max_len = packet[4];
1731 action = packet[2] >> 6;
1732 code = packet[2] & 0x3f;
1734 case 0: /* current values */
1736 case 0x01: /* error recovery */
1737 cpu_to_ube16(&buf[0], 16 + 6);
1753 ide_atapi_cmd_reply(s, 16, max_len);
1756 cpu_to_ube16(&buf[0], 28 + 6);
1769 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1770 code checks for this to automount media. */
1773 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1774 if (bdrv_is_locked(s->bs))
1777 cpu_to_ube16(&buf[16], 706);
1780 cpu_to_ube16(&buf[20], 512);
1781 cpu_to_ube16(&buf[22], 706);
1786 ide_atapi_cmd_reply(s, 28, max_len);
1792 case 1: /* changeable values */
1794 case 2: /* default values */
1797 case 3: /* saved values */
1798 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1799 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1804 case GPCMD_REQUEST_SENSE:
1805 max_len = packet[4];
1807 buf[0] = 0x70 | (1 << 7);
1808 buf[2] = s->sense_key;
1811 if (s->sense_key == SENSE_UNIT_ATTENTION)
1812 s->sense_key = SENSE_NONE;
1813 ide_atapi_cmd_reply(s, 18, max_len);
1815 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1816 if (bdrv_is_inserted(s->bs)) {
1817 bdrv_set_locked(s->bs, packet[4] & 1);
1818 ide_atapi_cmd_ok(s);
1820 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1821 ASC_MEDIUM_NOT_PRESENT);
1827 int nb_sectors, lba;
1829 if (packet[0] == GPCMD_READ_10)
1830 nb_sectors = ube16_to_cpu(packet + 7);
1832 nb_sectors = ube32_to_cpu(packet + 6);
1833 lba = ube32_to_cpu(packet + 2);
1834 if (nb_sectors == 0) {
1835 ide_atapi_cmd_ok(s);
1838 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1843 int nb_sectors, lba, transfer_request;
1845 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1846 lba = ube32_to_cpu(packet + 2);
1847 if (nb_sectors == 0) {
1848 ide_atapi_cmd_ok(s);
1851 transfer_request = packet[9];
1852 switch(transfer_request & 0xf8) {
1855 ide_atapi_cmd_ok(s);
1859 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1863 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1866 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1867 ASC_INV_FIELD_IN_CMD_PACKET);
1875 uint64_t total_sectors;
1877 bdrv_get_geometry(s->bs, &total_sectors);
1878 total_sectors >>= 2;
1879 if (total_sectors == 0) {
1880 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1881 ASC_MEDIUM_NOT_PRESENT);
1884 lba = ube32_to_cpu(packet + 2);
1885 if (lba >= total_sectors) {
1886 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1887 ASC_LOGICAL_BLOCK_OOR);
1890 ide_atapi_cmd_ok(s);
1893 case GPCMD_START_STOP_UNIT:
1895 int start, eject, err = 0;
1896 start = packet[4] & 1;
1897 eject = (packet[4] >> 1) & 1;
1900 err = bdrv_eject(s->bs, !start);
1905 ide_atapi_cmd_ok(s);
1908 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1909 ASC_MEDIA_REMOVAL_PREVENTED);
1912 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1913 ASC_MEDIUM_NOT_PRESENT);
1918 case GPCMD_MECHANISM_STATUS:
1920 max_len = ube16_to_cpu(packet + 8);
1921 cpu_to_ube16(buf, 0);
1922 /* no current LBA */
1927 cpu_to_ube16(buf + 6, 0);
1928 ide_atapi_cmd_reply(s, 8, max_len);
1931 case GPCMD_READ_TOC_PMA_ATIP:
1933 int format, msf, start_track, len;
1934 uint64_t total_sectors;
1936 bdrv_get_geometry(s->bs, &total_sectors);
1937 total_sectors >>= 2;
1938 if (total_sectors == 0) {
1939 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1940 ASC_MEDIUM_NOT_PRESENT);
1943 max_len = ube16_to_cpu(packet + 7);
1944 format = packet[9] >> 6;
1945 msf = (packet[1] >> 1) & 1;
1946 start_track = packet[6];
1949 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1952 ide_atapi_cmd_reply(s, len, max_len);
1955 /* multi session : only a single session defined */
1960 ide_atapi_cmd_reply(s, 12, max_len);
1963 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1966 ide_atapi_cmd_reply(s, len, max_len);
1970 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1971 ASC_INV_FIELD_IN_CMD_PACKET);
1976 case GPCMD_READ_CDVD_CAPACITY:
1978 uint64_t total_sectors;
1980 bdrv_get_geometry(s->bs, &total_sectors);
1981 total_sectors >>= 2;
1982 if (total_sectors == 0) {
1983 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1984 ASC_MEDIUM_NOT_PRESENT);
1987 /* NOTE: it is really the number of sectors minus 1 */
1988 cpu_to_ube32(buf, total_sectors - 1);
1989 cpu_to_ube32(buf + 4, 2048);
1990 ide_atapi_cmd_reply(s, 8, 8);
1993 case GPCMD_READ_DVD_STRUCTURE:
1995 int media = packet[1];
1996 int format = packet[7];
1999 max_len = ube16_to_cpu(packet + 8);
2001 if (format < 0xff) {
2002 if (media_is_cd(s)) {
2003 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
2004 ASC_INCOMPATIBLE_FORMAT);
2006 } else if (!media_present(s)) {
2007 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
2008 ASC_INV_FIELD_IN_CMD_PACKET);
2013 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
2014 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
2020 ret = ide_dvd_read_structure(s, format, packet, buf);
2023 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
2025 ide_atapi_cmd_reply(s, ret, max_len);
2029 /* TODO: BD support, fall through for now */
2031 /* Generic disk structures */
2032 case 0x80: /* TODO: AACS volume identifier */
2033 case 0x81: /* TODO: AACS media serial number */
2034 case 0x82: /* TODO: AACS media identifier */
2035 case 0x83: /* TODO: AACS media key block */
2036 case 0x90: /* TODO: List of recognized format layers */
2037 case 0xc0: /* TODO: Write protection status */
2039 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
2040 ASC_INV_FIELD_IN_CMD_PACKET);
2045 case GPCMD_SET_SPEED:
2046 ide_atapi_cmd_ok(s);
2049 max_len = packet[4];
2050 buf[0] = 0x05; /* CD-ROM */
2051 buf[1] = 0x80; /* removable */
2052 buf[2] = 0x00; /* ISO */
2053 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
2054 buf[4] = 31; /* additional length */
2055 buf[5] = 0; /* reserved */
2056 buf[6] = 0; /* reserved */
2057 buf[7] = 0; /* reserved */
2058 padstr8(buf + 8, 8, "QEMU");
2059 padstr8(buf + 16, 16, "QEMU DVD-ROM");
2060 padstr8(buf + 32, 4, QEMU_VERSION);
2061 ide_atapi_cmd_reply(s, 36, max_len);
2063 case GPCMD_GET_CONFIGURATION:
2068 /* only feature 0 is supported */
2069 if (packet[2] != 0 || packet[3] != 0) {
2070 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
2071 ASC_INV_FIELD_IN_CMD_PACKET);
2075 /* XXX: could result in alignment problems in some architectures */
2076 max_len = ube16_to_cpu(packet + 7);
2079 * XXX: avoid overflow for io_buffer if max_len is bigger than
2080 * the size of that buffer (dimensioned to max number of
2081 * sectors to transfer at once)
2083 * Only a problem if the feature/profiles grow.
2085 if (max_len > 512) /* XXX: assume 1 sector */
2088 memset(buf, 0, max_len);
2090 * the number of sectors from the media tells us which profile
2091 * to use as current. 0 means there is no media
2093 if (media_is_dvd(s))
2094 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
2095 else if (media_is_cd(s))
2096 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
2098 buf[10] = 0x02 | 0x01; /* persistent and current */
2099 len = 12; /* headers: 8 + 4 */
2100 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
2101 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
2102 cpu_to_ube32(buf, len - 4); /* data length */
2104 ide_atapi_cmd_reply(s, len, max_len);
2108 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
2109 ASC_ILLEGAL_OPCODE);
2114 static void ide_cfata_metadata_inquiry(IDEState *s)
2119 p = (uint16_t *) s->io_buffer;
2120 memset(p, 0, 0x200);
2121 spd = ((s->mdata_size - 1) >> 9) + 1;
2123 put_le16(p + 0, 0x0001); /* Data format revision */
2124 put_le16(p + 1, 0x0000); /* Media property: silicon */
2125 put_le16(p + 2, s->media_changed); /* Media status */
2126 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
2127 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
2128 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
2129 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
2132 static void ide_cfata_metadata_read(IDEState *s)
2136 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
2137 s->status = ERR_STAT;
2138 s->error = ABRT_ERR;
2142 p = (uint16_t *) s->io_buffer;
2143 memset(p, 0, 0x200);
2145 put_le16(p + 0, s->media_changed); /* Media status */
2146 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
2147 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
2148 s->nsector << 9), 0x200 - 2));
2151 static void ide_cfata_metadata_write(IDEState *s)
2153 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
2154 s->status = ERR_STAT;
2155 s->error = ABRT_ERR;
2159 s->media_changed = 0;
2161 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
2163 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
2164 s->nsector << 9), 0x200 - 2));
2167 /* called when the inserted state of the media has changed */
2168 static void cdrom_change_cb(void *opaque)
2170 IDEState *s = opaque;
2171 uint64_t nb_sectors;
2173 bdrv_get_geometry(s->bs, &nb_sectors);
2174 s->nb_sectors = nb_sectors;
2176 s->sense_key = SENSE_UNIT_ATTENTION;
2177 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
2178 s->cdrom_changed = 1;
2182 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
2186 /* handle the 'magic' 0 nsector count conversion here. to avoid
2187 * fiddling with the rest of the read logic, we just store the
2188 * full sector count in ->nsector and ignore ->hob_nsector from now
2194 if (!s->nsector && !s->hob_nsector)
2197 int lo = s->nsector;
2198 int hi = s->hob_nsector;
2200 s->nsector = (hi << 8) | lo;
2205 static void ide_clear_hob(IDEBus *bus)
2207 /* any write clears HOB high bit of device control register */
2208 bus->ifs[0].select &= ~(1 << 7);
2209 bus->ifs[1].select &= ~(1 << 7);
2212 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
2214 IDEBus *bus = opaque;
2220 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
2225 /* ignore writes to command block while busy with previous command */
2226 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
2234 /* NOTE: data is written to the two drives */
2235 bus->ifs[0].hob_feature = bus->ifs[0].feature;
2236 bus->ifs[1].hob_feature = bus->ifs[1].feature;
2237 bus->ifs[0].feature = val;
2238 bus->ifs[1].feature = val;
2242 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
2243 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
2244 bus->ifs[0].nsector = val;
2245 bus->ifs[1].nsector = val;
2249 bus->ifs[0].hob_sector = bus->ifs[0].sector;
2250 bus->ifs[1].hob_sector = bus->ifs[1].sector;
2251 bus->ifs[0].sector = val;
2252 bus->ifs[1].sector = val;
2256 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
2257 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
2258 bus->ifs[0].lcyl = val;
2259 bus->ifs[1].lcyl = val;
2263 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
2264 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
2265 bus->ifs[0].hcyl = val;
2266 bus->ifs[1].hcyl = val;
2269 /* FIXME: HOB readback uses bit 7 */
2270 bus->ifs[0].select = (val & ~0x10) | 0xa0;
2271 bus->ifs[1].select = (val | 0x10) | 0xa0;
2273 bus->unit = (val >> 4) & 1;
2278 #if defined(DEBUG_IDE)
2279 printf("ide: CMD=%02x\n", val);
2281 s = idebus_active_if(bus);
2282 /* ignore commands to non existant slave */
2283 if (s != bus->ifs && !s->bs)
2286 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
2287 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
2292 if (s->bs && !s->is_cdrom) {
2296 ide_cfata_identify(s);
2297 s->status = READY_STAT | SEEK_STAT;
2298 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2301 ide_set_signature(s);
2303 ide_abort_command(s);
2310 s->status = READY_STAT | SEEK_STAT;
2314 if (s->is_cf && s->nsector == 0) {
2315 /* Disable Read and Write Multiple */
2316 s->mult_sectors = 0;
2317 s->status = READY_STAT | SEEK_STAT;
2318 } else if ((s->nsector & 0xff) != 0 &&
2319 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
2320 (s->nsector & (s->nsector - 1)) != 0)) {
2321 ide_abort_command(s);
2323 s->mult_sectors = s->nsector & 0xff;
2324 s->status = READY_STAT | SEEK_STAT;
2328 case WIN_VERIFY_EXT:
2331 case WIN_VERIFY_ONCE:
2332 /* do sector number check ? */
2333 ide_cmd_lba48_transform(s, lba48);
2334 s->status = READY_STAT | SEEK_STAT;
2343 ide_cmd_lba48_transform(s, lba48);
2344 s->req_nb_sectors = 1;
2350 case WIN_WRITE_ONCE:
2351 case CFA_WRITE_SECT_WO_ERASE:
2352 case WIN_WRITE_VERIFY:
2353 ide_cmd_lba48_transform(s, lba48);
2355 s->status = SEEK_STAT | READY_STAT;
2356 s->req_nb_sectors = 1;
2357 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
2358 s->media_changed = 1;
2360 case WIN_MULTREAD_EXT:
2363 if (!s->mult_sectors)
2365 ide_cmd_lba48_transform(s, lba48);
2366 s->req_nb_sectors = s->mult_sectors;
2369 case WIN_MULTWRITE_EXT:
2372 case CFA_WRITE_MULTI_WO_ERASE:
2373 if (!s->mult_sectors)
2375 ide_cmd_lba48_transform(s, lba48);
2377 s->status = SEEK_STAT | READY_STAT;
2378 s->req_nb_sectors = s->mult_sectors;
2380 if (n > s->req_nb_sectors)
2381 n = s->req_nb_sectors;
2382 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
2383 s->media_changed = 1;
2385 case WIN_READDMA_EXT:
2388 case WIN_READDMA_ONCE:
2391 ide_cmd_lba48_transform(s, lba48);
2392 ide_sector_read_dma(s);
2394 case WIN_WRITEDMA_EXT:
2397 case WIN_WRITEDMA_ONCE:
2400 ide_cmd_lba48_transform(s, lba48);
2401 ide_sector_write_dma(s);
2402 s->media_changed = 1;
2404 case WIN_READ_NATIVE_MAX_EXT:
2406 case WIN_READ_NATIVE_MAX:
2407 ide_cmd_lba48_transform(s, lba48);
2408 ide_set_sector(s, s->nb_sectors - 1);
2409 s->status = READY_STAT | SEEK_STAT;
2412 case WIN_CHECKPOWERMODE1:
2413 case WIN_CHECKPOWERMODE2:
2414 s->nsector = 0xff; /* device active or idle */
2415 s->status = READY_STAT | SEEK_STAT;
2418 case WIN_SETFEATURES:
2421 /* XXX: valid for CDROM ? */
2422 switch(s->feature) {
2423 case 0xcc: /* reverting to power-on defaults enable */
2424 case 0x66: /* reverting to power-on defaults disable */
2425 case 0x02: /* write cache enable */
2426 case 0x82: /* write cache disable */
2427 case 0xaa: /* read look-ahead enable */
2428 case 0x55: /* read look-ahead disable */
2429 case 0x05: /* set advanced power management mode */
2430 case 0x85: /* disable advanced power management mode */
2431 case 0x69: /* NOP */
2432 case 0x67: /* NOP */
2433 case 0x96: /* NOP */
2434 case 0x9a: /* NOP */
2435 case 0x42: /* enable Automatic Acoustic Mode */
2436 case 0xc2: /* disable Automatic Acoustic Mode */
2437 s->status = READY_STAT | SEEK_STAT;
2440 case 0x03: { /* set transfer mode */
2441 uint8_t val = s->nsector & 0x07;
2443 switch (s->nsector >> 3) {
2444 case 0x00: /* pio default */
2445 case 0x01: /* pio mode */
2446 put_le16(s->identify_data + 62,0x07);
2447 put_le16(s->identify_data + 63,0x07);
2448 put_le16(s->identify_data + 88,0x3f);
2450 case 0x02: /* sigle word dma mode*/
2451 put_le16(s->identify_data + 62,0x07 | (1 << (val + 8)));
2452 put_le16(s->identify_data + 63,0x07);
2453 put_le16(s->identify_data + 88,0x3f);
2455 case 0x04: /* mdma mode */
2456 put_le16(s->identify_data + 62,0x07);
2457 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
2458 put_le16(s->identify_data + 88,0x3f);
2460 case 0x08: /* udma mode */
2461 put_le16(s->identify_data + 62,0x07);
2462 put_le16(s->identify_data + 63,0x07);
2463 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
2468 s->status = READY_STAT | SEEK_STAT;
2476 case WIN_FLUSH_CACHE:
2477 case WIN_FLUSH_CACHE_EXT:
2480 s->status = READY_STAT | SEEK_STAT;
2485 case WIN_STANDBYNOW1:
2486 case WIN_STANDBYNOW2:
2487 case WIN_IDLEIMMEDIATE:
2488 case CFA_IDLEIMMEDIATE:
2493 s->status = READY_STAT;
2499 /* XXX: Check that seek is within bounds */
2500 s->status = READY_STAT | SEEK_STAT;
2503 /* ATAPI commands */
2506 ide_atapi_identify(s);
2507 s->status = READY_STAT | SEEK_STAT;
2508 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2510 ide_abort_command(s);
2515 ide_set_signature(s);
2517 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2518 * devices to return a clear status register
2519 * with READY_STAT *not* set. */
2521 s->status = READY_STAT | SEEK_STAT;
2522 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2530 ide_set_signature(s);
2531 s->status = 0x00; /* NOTE: READY is _not_ set */
2537 /* overlapping commands not supported */
2538 if (s->feature & 0x02)
2540 s->status = READY_STAT | SEEK_STAT;
2541 s->atapi_dma = s->feature & 1;
2543 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2546 /* CF-ATA commands */
2547 case CFA_REQ_EXT_ERROR_CODE:
2550 s->error = 0x09; /* miscellaneous error */
2551 s->status = READY_STAT | SEEK_STAT;
2554 case CFA_ERASE_SECTORS:
2555 case CFA_WEAR_LEVEL:
2558 if (val == CFA_WEAR_LEVEL)
2560 if (val == CFA_ERASE_SECTORS)
2561 s->media_changed = 1;
2563 s->status = READY_STAT | SEEK_STAT;
2566 case CFA_TRANSLATE_SECTOR:
2570 s->status = READY_STAT | SEEK_STAT;
2571 memset(s->io_buffer, 0, 0x200);
2572 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2573 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2574 s->io_buffer[0x02] = s->select; /* Head */
2575 s->io_buffer[0x03] = s->sector; /* Sector */
2576 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2577 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2578 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2579 s->io_buffer[0x13] = 0x00; /* Erase flag */
2580 s->io_buffer[0x18] = 0x00; /* Hot count */
2581 s->io_buffer[0x19] = 0x00; /* Hot count */
2582 s->io_buffer[0x1a] = 0x01; /* Hot count */
2583 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2586 case CFA_ACCESS_METADATA_STORAGE:
2589 switch (s->feature) {
2590 case 0x02: /* Inquiry Metadata Storage */
2591 ide_cfata_metadata_inquiry(s);
2593 case 0x03: /* Read Metadata Storage */
2594 ide_cfata_metadata_read(s);
2596 case 0x04: /* Write Metadata Storage */
2597 ide_cfata_metadata_write(s);
2602 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2603 s->status = 0x00; /* NOTE: READY is _not_ set */
2606 case IBM_SENSE_CONDITION:
2609 switch (s->feature) {
2610 case 0x01: /* sense temperature in device */
2611 s->nsector = 0x50; /* +20 C */
2616 s->status = READY_STAT | SEEK_STAT;
2623 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
2625 if (!s->smart_enabled && s->feature != SMART_ENABLE)
2627 switch (s->feature) {
2629 s->smart_enabled = 0;
2630 s->status = READY_STAT | SEEK_STAT;
2634 s->smart_enabled = 1;
2635 s->status = READY_STAT | SEEK_STAT;
2638 case SMART_ATTR_AUTOSAVE:
2639 switch (s->sector) {
2641 s->smart_autosave = 0;
2644 s->smart_autosave = 1;
2649 s->status = READY_STAT | SEEK_STAT;
2653 if (!s->smart_errors) {
2660 s->status = READY_STAT | SEEK_STAT;
2663 case SMART_READ_THRESH:
2664 memset(s->io_buffer, 0, 0x200);
2665 s->io_buffer[0] = 0x01; /* smart struct version */
2666 for (n=0; n<30; n++) {
2667 if (smart_attributes[n][0] == 0)
2669 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2670 s->io_buffer[2+1+(n*12)] = smart_attributes[n][4];
2672 for (n=0; n<511; n++) /* checksum */
2673 s->io_buffer[511] += s->io_buffer[n];
2674 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2675 s->status = READY_STAT | SEEK_STAT;
2676 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2679 case SMART_READ_DATA:
2680 memset(s->io_buffer, 0, 0x200);
2681 s->io_buffer[0] = 0x01; /* smart struct version */
2682 for (n=0; n<30; n++) {
2683 if (smart_attributes[n][0] == 0)
2685 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2686 s->io_buffer[2+1+(n*12)] = smart_attributes[n][1];
2687 s->io_buffer[2+3+(n*12)] = smart_attributes[n][2];
2688 s->io_buffer[2+4+(n*12)] = smart_attributes[n][3];
2690 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
2691 if (s->smart_selftest_count == 0) {
2692 s->io_buffer[363] = 0;
2695 s->smart_selftest_data[3 +
2696 (s->smart_selftest_count - 1) *
2699 s->io_buffer[364] = 0x20;
2700 s->io_buffer[365] = 0x01;
2701 /* offline data collection capacity: execute + self-test*/
2702 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
2703 s->io_buffer[368] = 0x03; /* smart capability (1) */
2704 s->io_buffer[369] = 0x00; /* smart capability (2) */
2705 s->io_buffer[370] = 0x01; /* error logging supported */
2706 s->io_buffer[372] = 0x02; /* minutes for poll short test */
2707 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
2708 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
2710 for (n=0; n<511; n++)
2711 s->io_buffer[511] += s->io_buffer[n];
2712 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2713 s->status = READY_STAT | SEEK_STAT;
2714 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2717 case SMART_READ_LOG:
2718 switch (s->sector) {
2719 case 0x01: /* summary smart error log */
2720 memset(s->io_buffer, 0, 0x200);
2721 s->io_buffer[0] = 0x01;
2722 s->io_buffer[1] = 0x00; /* no error entries */
2723 s->io_buffer[452] = s->smart_errors & 0xff;
2724 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
2726 for (n=0; n<511; n++)
2727 s->io_buffer[511] += s->io_buffer[n];
2728 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2730 case 0x06: /* smart self test log */
2731 memset(s->io_buffer, 0, 0x200);
2732 s->io_buffer[0] = 0x01;
2733 if (s->smart_selftest_count == 0) {
2734 s->io_buffer[508] = 0;
2736 s->io_buffer[508] = s->smart_selftest_count;
2737 for (n=2; n<506; n++)
2738 s->io_buffer[n] = s->smart_selftest_data[n];
2740 for (n=0; n<511; n++)
2741 s->io_buffer[511] += s->io_buffer[n];
2742 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2747 s->status = READY_STAT | SEEK_STAT;
2748 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2751 case SMART_EXECUTE_OFFLINE:
2752 switch (s->sector) {
2753 case 0: /* off-line routine */
2754 case 1: /* short self test */
2755 case 2: /* extended self test */
2756 s->smart_selftest_count++;
2757 if(s->smart_selftest_count > 21)
2758 s->smart_selftest_count = 0;
2759 n = 2 + (s->smart_selftest_count - 1) * 24;
2760 s->smart_selftest_data[n] = s->sector;
2761 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
2762 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
2763 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
2764 s->status = READY_STAT | SEEK_STAT;
2777 ide_abort_command(s);
2784 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2786 IDEBus *bus = opaque;
2787 IDEState *s = idebus_active_if(bus);
2792 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2793 //hob = s->select & (1 << 7);
2800 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2801 (s != bus->ifs && !s->bs))
2806 ret = s->hob_feature;
2809 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2812 ret = s->nsector & 0xff;
2814 ret = s->hob_nsector;
2817 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2822 ret = s->hob_sector;
2825 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2833 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2841 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2848 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2849 (s != bus->ifs && !s->bs))
2853 qemu_irq_lower(s->irq);
2857 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2862 static uint32_t ide_status_read(void *opaque, uint32_t addr)
2864 IDEBus *bus = opaque;
2865 IDEState *s = idebus_active_if(bus);
2868 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2869 (s != bus->ifs && !s->bs))
2874 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2879 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2881 IDEBus *bus = opaque;
2886 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2888 /* common for both drives */
2889 if (!(bus->ifs[0].cmd & IDE_CMD_RESET) &&
2890 (val & IDE_CMD_RESET)) {
2891 /* reset low to high */
2892 for(i = 0;i < 2; i++) {
2894 s->status = BUSY_STAT | SEEK_STAT;
2897 } else if ((bus->ifs[0].cmd & IDE_CMD_RESET) &&
2898 !(val & IDE_CMD_RESET)) {
2900 for(i = 0;i < 2; i++) {
2903 s->status = 0x00; /* NOTE: READY is _not_ set */
2905 s->status = READY_STAT | SEEK_STAT;
2906 ide_set_signature(s);
2910 bus->ifs[0].cmd = val;
2911 bus->ifs[1].cmd = val;
2914 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2916 IDEBus *bus = opaque;
2917 IDEState *s = idebus_active_if(bus);
2920 /* PIO data access allowed only when DRQ bit is set */
2921 if (!(s->status & DRQ_STAT))
2925 *(uint16_t *)p = le16_to_cpu(val);
2928 if (p >= s->data_end)
2929 s->end_transfer_func(s);
2932 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2934 IDEBus *bus = opaque;
2935 IDEState *s = idebus_active_if(bus);
2939 /* PIO data access allowed only when DRQ bit is set */
2940 if (!(s->status & DRQ_STAT))
2944 ret = cpu_to_le16(*(uint16_t *)p);
2947 if (p >= s->data_end)
2948 s->end_transfer_func(s);
2952 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2954 IDEBus *bus = opaque;
2955 IDEState *s = idebus_active_if(bus);
2958 /* PIO data access allowed only when DRQ bit is set */
2959 if (!(s->status & DRQ_STAT))
2963 *(uint32_t *)p = le32_to_cpu(val);
2966 if (p >= s->data_end)
2967 s->end_transfer_func(s);
2970 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2972 IDEBus *bus = opaque;
2973 IDEState *s = idebus_active_if(bus);
2977 /* PIO data access allowed only when DRQ bit is set */
2978 if (!(s->status & DRQ_STAT))
2982 ret = cpu_to_le32(*(uint32_t *)p);
2985 if (p >= s->data_end)
2986 s->end_transfer_func(s);
2990 static void ide_dummy_transfer_stop(IDEState *s)
2992 s->data_ptr = s->io_buffer;
2993 s->data_end = s->io_buffer;
2994 s->io_buffer[0] = 0xff;
2995 s->io_buffer[1] = 0xff;
2996 s->io_buffer[2] = 0xff;
2997 s->io_buffer[3] = 0xff;
3000 static void ide_reset(IDEState *s)
3002 IDEBus *bus = s->bus;
3005 s->mult_sectors = 0;
3007 s->mult_sectors = MAX_MULT_SECTORS;
3008 bus->unit = s->unit;
3010 s->status = READY_STAT | SEEK_STAT;
3011 ide_set_signature(s);
3012 /* init the transfer handler so that 0xffff is returned on data
3014 s->end_transfer_func = ide_dummy_transfer_stop;
3015 ide_dummy_transfer_stop(s);
3016 s->media_changed = 0;
3019 static void ide_init2(IDEBus *bus,
3020 BlockDriverState *hd0, BlockDriverState *hd1,
3024 static int drive_serial = 1;
3025 int i, cylinders, heads, secs;
3026 uint64_t nb_sectors;
3028 for(i = 0; i < 2; i++) {
3032 s->bs = (i == 0) ? hd0 : hd1;
3033 s->io_buffer = qemu_blockalign(s->bs, IDE_DMA_BUF_SECTORS*512 + 4);
3035 bdrv_get_geometry(s->bs, &nb_sectors);
3036 bdrv_guess_geometry(s->bs, &cylinders, &heads, &secs);
3037 s->cylinders = cylinders;
3040 s->nb_sectors = nb_sectors;
3041 /* The SMART values should be preserved across power cycles
3043 s->smart_enabled = 1;
3044 s->smart_autosave = 1;
3045 s->smart_errors = 0;
3046 s->smart_selftest_count = 0;
3047 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
3048 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
3050 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
3053 s->drive_serial = drive_serial++;
3054 strncpy(s->drive_serial_str, drive_get_serial(s->bs),
3055 sizeof(s->drive_serial_str));
3056 if (strlen(s->drive_serial_str) == 0)
3057 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
3058 "QM%05d", s->drive_serial);
3060 s->sector_write_timer = qemu_new_timer(vm_clock,
3061 ide_sector_write_timer_cb, s);
3066 static void ide_init_ioport(IDEBus *bus, int iobase, int iobase2)
3068 register_ioport_write(iobase, 8, 1, ide_ioport_write, bus);
3069 register_ioport_read(iobase, 8, 1, ide_ioport_read, bus);
3071 register_ioport_read(iobase2, 1, 1, ide_status_read, bus);
3072 register_ioport_write(iobase2, 1, 1, ide_cmd_write, bus);
3076 register_ioport_write(iobase, 2, 2, ide_data_writew, bus);
3077 register_ioport_read(iobase, 2, 2, ide_data_readw, bus);
3078 register_ioport_write(iobase, 4, 4, ide_data_writel, bus);
3079 register_ioport_read(iobase, 4, 4, ide_data_readl, bus);
3082 /* save per IDE drive data */
3083 static void ide_save(QEMUFile* f, IDEState *s)
3085 qemu_put_be32(f, s->mult_sectors);
3086 qemu_put_be32(f, s->identify_set);
3087 if (s->identify_set) {
3088 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
3090 qemu_put_8s(f, &s->feature);
3091 qemu_put_8s(f, &s->error);
3092 qemu_put_be32s(f, &s->nsector);
3093 qemu_put_8s(f, &s->sector);
3094 qemu_put_8s(f, &s->lcyl);
3095 qemu_put_8s(f, &s->hcyl);
3096 qemu_put_8s(f, &s->hob_feature);
3097 qemu_put_8s(f, &s->hob_nsector);
3098 qemu_put_8s(f, &s->hob_sector);
3099 qemu_put_8s(f, &s->hob_lcyl);
3100 qemu_put_8s(f, &s->hob_hcyl);
3101 qemu_put_8s(f, &s->select);
3102 qemu_put_8s(f, &s->status);
3103 qemu_put_8s(f, &s->lba48);
3105 qemu_put_8s(f, &s->sense_key);
3106 qemu_put_8s(f, &s->asc);
3107 qemu_put_8s(f, &s->cdrom_changed);
3108 /* XXX: if a transfer is pending, we do not save it yet */
3111 /* load per IDE drive data */
3112 static void ide_load(QEMUFile* f, IDEState *s, int version_id)
3114 s->mult_sectors=qemu_get_be32(f);
3115 s->identify_set=qemu_get_be32(f);
3116 if (s->identify_set) {
3117 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
3119 qemu_get_8s(f, &s->feature);
3120 qemu_get_8s(f, &s->error);
3121 qemu_get_be32s(f, &s->nsector);
3122 qemu_get_8s(f, &s->sector);
3123 qemu_get_8s(f, &s->lcyl);
3124 qemu_get_8s(f, &s->hcyl);
3125 qemu_get_8s(f, &s->hob_feature);
3126 qemu_get_8s(f, &s->hob_nsector);
3127 qemu_get_8s(f, &s->hob_sector);
3128 qemu_get_8s(f, &s->hob_lcyl);
3129 qemu_get_8s(f, &s->hob_hcyl);
3130 qemu_get_8s(f, &s->select);
3131 qemu_get_8s(f, &s->status);
3132 qemu_get_8s(f, &s->lba48);
3134 qemu_get_8s(f, &s->sense_key);
3135 qemu_get_8s(f, &s->asc);
3136 if (version_id == 3) {
3137 qemu_get_8s(f, &s->cdrom_changed);
3139 if (s->sense_key == SENSE_UNIT_ATTENTION &&
3140 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED)
3141 s->cdrom_changed = 1;
3143 /* XXX: if a transfer is pending, we do not save it yet */
3146 static void idebus_save(QEMUFile* f, IDEBus *bus)
3148 IDEState *s = idebus_active_if(bus);
3149 qemu_put_8s(f, &s->cmd);
3150 qemu_put_8s(f, &bus->unit);
3153 static void idebus_load(QEMUFile* f, IDEBus *bus, int version_id)
3158 qemu_get_8s(f, &cmd);
3159 qemu_get_8s(f, &bus->unit);
3160 s = idebus_active_if(bus);
3164 /***********************************************************/
3165 /* ISA IDE definitions */
3167 void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
3168 BlockDriverState *hd0, BlockDriverState *hd1)
3172 bus = qemu_mallocz(sizeof(*bus));
3174 ide_init2(bus, hd0, hd1, irq);
3175 ide_init_ioport(bus, iobase, iobase2);
3178 /***********************************************************/
3179 /* PCI IDE definitions */
3181 static void cmd646_update_irq(PCIIDEState *d);
3183 static void ide_map(PCIDevice *pci_dev, int region_num,
3184 uint32_t addr, uint32_t size, int type)
3186 PCIIDEState *d = (PCIIDEState *)pci_dev;
3189 if (region_num <= 3) {
3190 bus = &d->bus[(region_num >> 1)];
3191 if (region_num & 1) {
3192 register_ioport_read(addr + 2, 1, 1, ide_status_read, bus);
3193 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, bus);
3195 register_ioport_write(addr, 8, 1, ide_ioport_write, bus);
3196 register_ioport_read(addr, 8, 1, ide_ioport_read, bus);
3199 register_ioport_write(addr, 2, 2, ide_data_writew, bus);
3200 register_ioport_read(addr, 2, 2, ide_data_readw, bus);
3201 register_ioport_write(addr, 4, 4, ide_data_writel, bus);
3202 register_ioport_read(addr, 4, 4, ide_data_readl, bus);
3207 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
3209 BMDMAState *bm = s->bus->bmdma;
3213 bm->dma_cb = dma_cb;
3214 bm->cur_prd_last = 0;
3215 bm->cur_prd_addr = 0;
3216 bm->cur_prd_len = 0;
3217 bm->sector_num = ide_get_sector(s);
3218 bm->nsector = s->nsector;
3219 if (bm->status & BM_STATUS_DMAING) {
3224 static void ide_dma_restart(IDEState *s)
3226 BMDMAState *bm = s->bus->bmdma;
3227 ide_set_sector(s, bm->sector_num);
3228 s->io_buffer_index = 0;
3229 s->io_buffer_size = 0;
3230 s->nsector = bm->nsector;
3231 bm->cur_addr = bm->addr;
3232 bm->dma_cb = ide_write_dma_cb;
3233 ide_dma_start(s, bm->dma_cb);
3236 static void ide_dma_cancel(BMDMAState *bm)
3238 if (bm->status & BM_STATUS_DMAING) {
3239 bm->status &= ~BM_STATUS_DMAING;
3240 /* cancel DMA request */
3245 printf("aio_cancel\n");
3247 bdrv_aio_cancel(bm->aiocb);
3253 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
3255 BMDMAState *bm = opaque;
3257 printf("%s: 0x%08x\n", __func__, val);
3259 if (!(val & BM_CMD_START)) {
3260 /* XXX: do it better */
3262 bm->cmd = val & 0x09;
3264 if (!(bm->status & BM_STATUS_DMAING)) {
3265 bm->status |= BM_STATUS_DMAING;
3266 /* start dma transfer if possible */
3270 bm->cmd = val & 0x09;
3274 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
3276 BMDMAState *bm = opaque;
3277 PCIIDEState *pci_dev;
3285 pci_dev = bm->pci_dev;
3286 if (pci_dev->type == IDE_TYPE_CMD646) {
3287 val = pci_dev->dev.config[MRDMODE];
3296 pci_dev = bm->pci_dev;
3297 if (pci_dev->type == IDE_TYPE_CMD646) {
3298 if (bm == &pci_dev->bmdma[0])
3299 val = pci_dev->dev.config[UDIDETCR0];
3301 val = pci_dev->dev.config[UDIDETCR1];
3311 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
3316 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
3318 BMDMAState *bm = opaque;
3319 PCIIDEState *pci_dev;
3321 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
3325 pci_dev = bm->pci_dev;
3326 if (pci_dev->type == IDE_TYPE_CMD646) {
3327 pci_dev->dev.config[MRDMODE] =
3328 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
3329 cmd646_update_irq(pci_dev);
3333 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
3336 pci_dev = bm->pci_dev;
3337 if (pci_dev->type == IDE_TYPE_CMD646) {
3338 if (bm == &pci_dev->bmdma[0])
3339 pci_dev->dev.config[UDIDETCR0] = val;
3341 pci_dev->dev.config[UDIDETCR1] = val;
3347 static uint32_t bmdma_addr_readb(void *opaque, uint32_t addr)
3349 BMDMAState *bm = opaque;
3351 val = (bm->addr >> ((addr & 3) * 8)) & 0xff;
3353 printf("%s: 0x%08x\n", __func__, val);
3358 static void bmdma_addr_writeb(void *opaque, uint32_t addr, uint32_t val)
3360 BMDMAState *bm = opaque;
3361 int shift = (addr & 3) * 8;
3363 printf("%s: 0x%08x\n", __func__, val);
3365 bm->addr &= ~(0xFF << shift);
3366 bm->addr |= ((val & 0xFF) << shift) & ~3;
3367 bm->cur_addr = bm->addr;
3370 static uint32_t bmdma_addr_readw(void *opaque, uint32_t addr)
3372 BMDMAState *bm = opaque;
3374 val = (bm->addr >> ((addr & 3) * 8)) & 0xffff;
3376 printf("%s: 0x%08x\n", __func__, val);
3381 static void bmdma_addr_writew(void *opaque, uint32_t addr, uint32_t val)
3383 BMDMAState *bm = opaque;
3384 int shift = (addr & 3) * 8;
3386 printf("%s: 0x%08x\n", __func__, val);
3388 bm->addr &= ~(0xFFFF << shift);
3389 bm->addr |= ((val & 0xFFFF) << shift) & ~3;
3390 bm->cur_addr = bm->addr;
3393 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
3395 BMDMAState *bm = opaque;
3399 printf("%s: 0x%08x\n", __func__, val);
3404 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
3406 BMDMAState *bm = opaque;
3408 printf("%s: 0x%08x\n", __func__, val);
3410 bm->addr = val & ~3;
3411 bm->cur_addr = bm->addr;
3414 static void bmdma_map(PCIDevice *pci_dev, int region_num,
3415 uint32_t addr, uint32_t size, int type)
3417 PCIIDEState *d = (PCIIDEState *)pci_dev;
3420 for(i = 0;i < 2; i++) {
3421 BMDMAState *bm = &d->bmdma[i];
3422 d->bus[i].bmdma = bm;
3423 bm->pci_dev = DO_UPCAST(PCIIDEState, dev, pci_dev);
3425 qemu_add_vm_change_state_handler(ide_dma_restart_cb, bm);
3427 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
3429 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
3430 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
3432 register_ioport_write(addr + 4, 4, 1, bmdma_addr_writeb, bm);
3433 register_ioport_read(addr + 4, 4, 1, bmdma_addr_readb, bm);
3434 register_ioport_write(addr + 4, 4, 2, bmdma_addr_writew, bm);
3435 register_ioport_read(addr + 4, 4, 2, bmdma_addr_readw, bm);
3436 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
3437 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
3442 static void pci_ide_save(QEMUFile* f, void *opaque)
3444 PCIIDEState *d = opaque;
3447 pci_device_save(&d->dev, f);
3449 for(i = 0; i < 2; i++) {
3450 BMDMAState *bm = &d->bmdma[i];
3452 qemu_put_8s(f, &bm->cmd);
3453 qemu_put_8s(f, &bm->status);
3454 qemu_put_be32s(f, &bm->addr);
3455 qemu_put_sbe64s(f, &bm->sector_num);
3456 qemu_put_be32s(f, &bm->nsector);
3457 ifidx = bm->unit + 2*i;
3458 qemu_put_8s(f, &ifidx);
3459 /* XXX: if a transfer is pending, we do not save it yet */
3462 /* per IDE interface data */
3463 for(i = 0; i < 2; i++) {
3464 idebus_save(f, &d->bus[i]);
3467 /* per IDE drive data */
3468 for(i = 0; i < 2; i++) {
3469 ide_save(f, &d->bus[i].ifs[0]);
3470 ide_save(f, &d->bus[i].ifs[1]);
3474 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
3476 PCIIDEState *d = opaque;
3479 if (version_id != 2 && version_id != 3)
3481 ret = pci_device_load(&d->dev, f);
3485 for(i = 0; i < 2; i++) {
3486 BMDMAState *bm = &d->bmdma[i];
3488 qemu_get_8s(f, &bm->cmd);
3489 qemu_get_8s(f, &bm->status);
3490 qemu_get_be32s(f, &bm->addr);
3491 qemu_get_sbe64s(f, &bm->sector_num);
3492 qemu_get_be32s(f, &bm->nsector);
3493 qemu_get_8s(f, &ifidx);
3494 bm->unit = ifidx & 1;
3495 /* XXX: if a transfer is pending, we do not save it yet */
3498 /* per IDE interface data */
3499 for(i = 0; i < 2; i++) {
3500 idebus_load(f, &d->bus[i], version_id);
3503 /* per IDE drive data */
3504 for(i = 0; i < 2; i++) {
3505 ide_load(f, &d->bus[i].ifs[0], version_id);
3506 ide_load(f, &d->bus[i].ifs[1], version_id);
3511 /* XXX: call it also when the MRDMODE is changed from the PCI config
3513 static void cmd646_update_irq(PCIIDEState *d)
3516 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
3517 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
3518 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
3519 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
3520 qemu_set_irq(d->dev.irq[0], pci_level);
3523 /* the PCI irq level is the logical OR of the two channels */
3524 static void cmd646_set_irq(void *opaque, int channel, int level)
3526 PCIIDEState *d = opaque;
3529 irq_mask = MRDMODE_INTR_CH0 << channel;
3531 d->dev.config[MRDMODE] |= irq_mask;
3533 d->dev.config[MRDMODE] &= ~irq_mask;
3534 cmd646_update_irq(d);
3537 static void cmd646_reset(void *opaque)
3539 PCIIDEState *d = opaque;
3542 for (i = 0; i < 2; i++)
3543 ide_dma_cancel(&d->bmdma[i]);
3546 /* CMD646 PCI IDE controller */
3547 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
3548 int secondary_ide_enabled)
3554 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
3555 sizeof(PCIIDEState),
3558 d->type = IDE_TYPE_CMD646;
3559 pci_conf = d->dev.config;
3560 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_CMD);
3561 pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_CMD_646);
3563 pci_conf[0x08] = 0x07; // IDE controller revision
3564 pci_conf[0x09] = 0x8f;
3566 pci_config_set_class(pci_conf, PCI_CLASS_STORAGE_IDE);
3567 pci_conf[PCI_HEADER_TYPE] = PCI_HEADER_TYPE_NORMAL; // header_type
3569 pci_conf[0x51] = 0x04; // enable IDE0
3570 if (secondary_ide_enabled) {
3571 /* XXX: if not enabled, really disable the seconday IDE controller */
3572 pci_conf[0x51] |= 0x08; /* enable IDE1 */
3575 pci_register_bar((PCIDevice *)d, 0, 0x8,
3576 PCI_ADDRESS_SPACE_IO, ide_map);
3577 pci_register_bar((PCIDevice *)d, 1, 0x4,
3578 PCI_ADDRESS_SPACE_IO, ide_map);
3579 pci_register_bar((PCIDevice *)d, 2, 0x8,
3580 PCI_ADDRESS_SPACE_IO, ide_map);
3581 pci_register_bar((PCIDevice *)d, 3, 0x4,
3582 PCI_ADDRESS_SPACE_IO, ide_map);
3583 pci_register_bar((PCIDevice *)d, 4, 0x10,
3584 PCI_ADDRESS_SPACE_IO, bmdma_map);
3586 pci_conf[0x3d] = 0x01; // interrupt on pin 1
3588 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
3589 ide_init2(&d->bus[0], hd_table[0], hd_table[1], irq[0]);
3590 ide_init2(&d->bus[1], hd_table[2], hd_table[3], irq[1]);
3592 register_savevm("ide", 0, 3, pci_ide_save, pci_ide_load, d);
3593 qemu_register_reset(cmd646_reset, d);
3597 static void piix3_reset(void *opaque)
3599 PCIIDEState *d = opaque;
3600 uint8_t *pci_conf = d->dev.config;
3603 for (i = 0; i < 2; i++)
3604 ide_dma_cancel(&d->bmdma[i]);
3606 pci_conf[0x04] = 0x00;
3607 pci_conf[0x05] = 0x00;
3608 pci_conf[0x06] = 0x80; /* FBC */
3609 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
3610 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
3613 /* hd_table must contain 4 block drivers */
3614 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
3615 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3622 /* register a function 1 of PIIX3 */
3623 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
3624 sizeof(PCIIDEState),
3627 d->type = IDE_TYPE_PIIX3;
3629 pci_conf = d->dev.config;
3630 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
3631 pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_INTEL_82371SB_1);
3632 pci_conf[0x09] = 0x80; // legacy ATA mode
3633 pci_config_set_class(pci_conf, PCI_CLASS_STORAGE_IDE);
3634 pci_conf[PCI_HEADER_TYPE] = PCI_HEADER_TYPE_NORMAL; // header_type
3636 qemu_register_reset(piix3_reset, d);
3639 pci_register_bar((PCIDevice *)d, 4, 0x10,
3640 PCI_ADDRESS_SPACE_IO, bmdma_map);
3642 ide_init2(&d->bus[0], hd_table[0], hd_table[1], isa_reserve_irq(14));
3643 ide_init2(&d->bus[1], hd_table[2], hd_table[3], isa_reserve_irq(15));
3644 ide_init_ioport(&d->bus[0], 0x1f0, 0x3f6);
3645 ide_init_ioport(&d->bus[1], 0x170, 0x376);
3647 for (i = 0; i < 4; i++)
3649 hd_table[i]->private = &d->dev;
3651 register_savevm("ide", 0, 3, pci_ide_save, pci_ide_load, d);
3654 /* hd_table must contain 4 block drivers */
3655 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3656 void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3662 /* register a function 1 of PIIX4 */
3663 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
3664 sizeof(PCIIDEState),
3667 d->type = IDE_TYPE_PIIX4;
3669 pci_conf = d->dev.config;
3670 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
3671 pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_INTEL_82371AB);
3672 pci_conf[0x09] = 0x80; // legacy ATA mode
3673 pci_config_set_class(pci_conf, PCI_CLASS_STORAGE_IDE);
3674 pci_conf[PCI_HEADER_TYPE] = PCI_HEADER_TYPE_NORMAL; // header_type
3676 qemu_register_reset(piix3_reset, d);
3679 pci_register_bar((PCIDevice *)d, 4, 0x10,
3680 PCI_ADDRESS_SPACE_IO, bmdma_map);
3683 * These should call isa_reserve_irq() instead when MIPS supports it
3685 ide_init2(&d->bus[0], hd_table[0], hd_table[1], pic[14]);
3686 ide_init2(&d->bus[1], hd_table[2], hd_table[3], pic[15]);
3687 ide_init_ioport(&d->bus[0], 0x1f0, 0x3f6);
3688 ide_init_ioport(&d->bus[1], 0x170, 0x376);
3690 register_savevm("ide", 0, 3, pci_ide_save, pci_ide_load, d);
3693 #if defined(TARGET_PPC)
3694 /***********************************************************/
3695 /* MacIO based PowerPC IDE */
3697 typedef struct MACIOIDEState {
3699 BlockDriverAIOCB *aiocb;
3702 static void pmac_ide_atapi_transfer_cb(void *opaque, int ret)
3704 DBDMA_io *io = opaque;
3705 MACIOIDEState *m = io->opaque;
3706 IDEState *s = idebus_active_if(&m->bus);
3710 qemu_sglist_destroy(&s->sg);
3711 ide_atapi_io_error(s, ret);
3712 io->dma_end(opaque);
3716 if (s->io_buffer_size > 0) {
3718 qemu_sglist_destroy(&s->sg);
3720 s->packet_transfer_size -= s->io_buffer_size;
3722 s->io_buffer_index += s->io_buffer_size;
3723 s->lba += s->io_buffer_index >> 11;
3724 s->io_buffer_index &= 0x7ff;
3727 if (s->packet_transfer_size <= 0)
3728 ide_atapi_cmd_ok(s);
3731 io->dma_end(opaque);
3735 /* launch next transfer */
3737 s->io_buffer_size = io->len;
3739 qemu_sglist_init(&s->sg, io->len / TARGET_PAGE_SIZE + 1);
3740 qemu_sglist_add(&s->sg, io->addr, io->len);
3741 io->addr += io->len;
3744 m->aiocb = dma_bdrv_read(s->bs, &s->sg,
3745 (int64_t)(s->lba << 2) + (s->io_buffer_index >> 9),
3746 pmac_ide_atapi_transfer_cb, io);
3748 qemu_sglist_destroy(&s->sg);
3749 /* Note: media not present is the most likely case */
3750 ide_atapi_cmd_error(s, SENSE_NOT_READY,
3751 ASC_MEDIUM_NOT_PRESENT);
3752 io->dma_end(opaque);
3757 static void pmac_ide_transfer_cb(void *opaque, int ret)
3759 DBDMA_io *io = opaque;
3760 MACIOIDEState *m = io->opaque;
3761 IDEState *s = idebus_active_if(&m->bus);
3767 qemu_sglist_destroy(&s->sg);
3773 sector_num = ide_get_sector(s);
3774 if (s->io_buffer_size > 0) {
3776 qemu_sglist_destroy(&s->sg);
3777 n = (s->io_buffer_size + 0x1ff) >> 9;
3779 ide_set_sector(s, sector_num);
3783 /* end of transfer ? */
3784 if (s->nsector == 0) {
3785 s->status = READY_STAT | SEEK_STAT;
3796 /* launch next transfer */
3798 s->io_buffer_index = 0;
3799 s->io_buffer_size = io->len;
3801 qemu_sglist_init(&s->sg, io->len / TARGET_PAGE_SIZE + 1);
3802 qemu_sglist_add(&s->sg, io->addr, io->len);
3803 io->addr += io->len;
3807 m->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num,
3808 pmac_ide_transfer_cb, io);
3810 m->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num,
3811 pmac_ide_transfer_cb, io);
3813 pmac_ide_transfer_cb(io, -1);
3816 static void pmac_ide_transfer(DBDMA_io *io)
3818 MACIOIDEState *m = io->opaque;
3819 IDEState *s = idebus_active_if(&m->bus);
3821 s->io_buffer_size = 0;
3823 pmac_ide_atapi_transfer_cb(io, 0);
3827 pmac_ide_transfer_cb(io, 0);
3830 static void pmac_ide_flush(DBDMA_io *io)
3832 MACIOIDEState *m = io->opaque;
3838 /* PowerMac IDE memory IO */
3839 static void pmac_ide_writeb (void *opaque,
3840 target_phys_addr_t addr, uint32_t val)
3842 MACIOIDEState *d = opaque;
3844 addr = (addr & 0xFFF) >> 4;
3847 ide_ioport_write(&d->bus, addr, val);
3851 ide_cmd_write(&d->bus, 0, val);
3858 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3861 MACIOIDEState *d = opaque;
3863 addr = (addr & 0xFFF) >> 4;
3866 retval = ide_ioport_read(&d->bus, addr);
3870 retval = ide_status_read(&d->bus, 0);
3879 static void pmac_ide_writew (void *opaque,
3880 target_phys_addr_t addr, uint32_t val)
3882 MACIOIDEState *d = opaque;
3884 addr = (addr & 0xFFF) >> 4;
3885 #ifdef TARGET_WORDS_BIGENDIAN
3889 ide_data_writew(&d->bus, 0, val);
3893 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3896 MACIOIDEState *d = opaque;
3898 addr = (addr & 0xFFF) >> 4;
3900 retval = ide_data_readw(&d->bus, 0);
3904 #ifdef TARGET_WORDS_BIGENDIAN
3905 retval = bswap16(retval);
3910 static void pmac_ide_writel (void *opaque,
3911 target_phys_addr_t addr, uint32_t val)
3913 MACIOIDEState *d = opaque;
3915 addr = (addr & 0xFFF) >> 4;
3916 #ifdef TARGET_WORDS_BIGENDIAN
3920 ide_data_writel(&d->bus, 0, val);
3924 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3927 MACIOIDEState *d = opaque;
3929 addr = (addr & 0xFFF) >> 4;
3931 retval = ide_data_readl(&d->bus, 0);
3933 retval = 0xFFFFFFFF;
3935 #ifdef TARGET_WORDS_BIGENDIAN
3936 retval = bswap32(retval);
3941 static CPUWriteMemoryFunc * const pmac_ide_write[] = {
3947 static CPUReadMemoryFunc * const pmac_ide_read[] = {
3953 static void pmac_ide_save(QEMUFile *f, void *opaque)
3955 MACIOIDEState *d = opaque;
3958 /* per IDE interface data */
3959 idebus_save(f, &d->bus);
3961 /* per IDE drive data */
3962 for(i = 0; i < 2; i++) {
3963 ide_save(f, &d->bus.ifs[i]);
3967 static int pmac_ide_load(QEMUFile *f, void *opaque, int version_id)
3969 MACIOIDEState *d = opaque;
3972 if (version_id != 1 && version_id != 3)
3975 /* per IDE interface data */
3976 idebus_load(f, &d->bus, version_id);
3978 /* per IDE drive data */
3979 for(i = 0; i < 2; i++) {
3980 ide_load(f, &d->bus.ifs[i], version_id);
3985 static void pmac_ide_reset(void *opaque)
3987 MACIOIDEState *d = opaque;
3989 ide_reset(d->bus.ifs +0);
3990 ide_reset(d->bus.ifs +1);
3993 /* hd_table must contain 4 block drivers */
3994 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3995 I/O index to access the ide. */
3996 int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq,
3997 void *dbdma, int channel, qemu_irq dma_irq)
4000 int pmac_ide_memory;
4002 d = qemu_mallocz(sizeof(MACIOIDEState));
4003 ide_init2(&d->bus, hd_table[0], hd_table[1], irq);
4006 DBDMA_register_channel(dbdma, channel, dma_irq, pmac_ide_transfer, pmac_ide_flush, d);
4008 pmac_ide_memory = cpu_register_io_memory(pmac_ide_read,
4010 register_savevm("ide", 0, 3, pmac_ide_save, pmac_ide_load, d);
4011 qemu_register_reset(pmac_ide_reset, d);
4014 return pmac_ide_memory;
4016 #endif /* TARGET_PPC */
4018 /***********************************************************/
4019 /* MMIO based ide port
4020 * This emulates IDE device connected directly to the CPU bus without
4021 * dedicated ide controller, which is often seen on embedded boards.
4029 static uint32_t mmio_ide_read (void *opaque, target_phys_addr_t addr)
4031 MMIOState *s = (MMIOState*)opaque;
4032 IDEBus *bus = s->bus;
4035 return ide_ioport_read(bus, addr);
4037 return ide_data_readw(bus, 0);
4040 static void mmio_ide_write (void *opaque, target_phys_addr_t addr,
4043 MMIOState *s = (MMIOState*)opaque;
4044 IDEBus *bus = s->bus;
4047 ide_ioport_write(bus, addr, val);
4049 ide_data_writew(bus, 0, val);
4052 static CPUReadMemoryFunc * const mmio_ide_reads[] = {
4058 static CPUWriteMemoryFunc * const mmio_ide_writes[] = {
4064 static uint32_t mmio_ide_status_read (void *opaque, target_phys_addr_t addr)
4066 MMIOState *s= (MMIOState*)opaque;
4067 IDEBus *bus = s->bus;
4068 return ide_status_read(bus, 0);
4071 static void mmio_ide_cmd_write (void *opaque, target_phys_addr_t addr,
4074 MMIOState *s = (MMIOState*)opaque;
4075 IDEBus *bus = s->bus;
4076 ide_cmd_write(bus, 0, val);
4079 static CPUReadMemoryFunc * const mmio_ide_status[] = {
4080 mmio_ide_status_read,
4081 mmio_ide_status_read,
4082 mmio_ide_status_read,
4085 static CPUWriteMemoryFunc * const mmio_ide_cmd[] = {
4091 void mmio_ide_init (target_phys_addr_t membase, target_phys_addr_t membase2,
4092 qemu_irq irq, int shift,
4093 BlockDriverState *hd0, BlockDriverState *hd1)
4095 MMIOState *s = qemu_mallocz(sizeof(MMIOState));
4096 IDEBus *bus = qemu_mallocz(sizeof(*bus));
4099 ide_init2(bus, hd0, hd1, irq);
4104 mem1 = cpu_register_io_memory(mmio_ide_reads, mmio_ide_writes, s);
4105 mem2 = cpu_register_io_memory(mmio_ide_status, mmio_ide_cmd, s);
4106 cpu_register_physical_memory(membase, 16 << shift, mem1);
4107 cpu_register_physical_memory(membase2, 2 << shift, mem2);
4110 /***********************************************************/
4111 /* CF-ATA Microdrive */
4113 #define METADATA_SIZE 0x20
4115 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
4118 PCMCIACardState card;
4132 /* Register bitfields */
4135 OPT_MODE_IOMAP16 = 1,
4136 OPT_MODE_IOMAP1 = 2,
4137 OPT_MODE_IOMAP2 = 3,
4148 STAT_CHANGED = 0x80,
4159 static inline void md_interrupt_update(MicroDriveState *s)
4164 qemu_set_irq(s->card.slot->irq,
4165 !(s->stat & STAT_INT) && /* Inverted */
4166 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
4167 !(s->opt & OPT_SRESET));
4170 static void md_set_irq(void *opaque, int irq, int level)
4172 MicroDriveState *s = (MicroDriveState *) opaque;
4174 s->stat |= STAT_INT;
4176 s->stat &= ~STAT_INT;
4178 md_interrupt_update(s);
4181 static void md_reset(MicroDriveState *s)
4183 s->opt = OPT_MODE_MMAP;
4188 ide_reset(s->bus.ifs);
4191 static uint8_t md_attr_read(void *opaque, uint32_t at)
4193 MicroDriveState *s = (MicroDriveState *) opaque;
4194 if (at < s->attr_base) {
4195 if (at < s->card.cis_len)
4196 return s->card.cis[at];
4204 case 0x00: /* Configuration Option Register */
4206 case 0x02: /* Card Configuration Status Register */
4207 if (s->ctrl & CTRL_IEN)
4208 return s->stat & ~STAT_INT;
4211 case 0x04: /* Pin Replacement Register */
4212 return (s->pins & PINS_CRDY) | 0x0c;
4213 case 0x06: /* Socket and Copy Register */
4217 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
4224 static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
4226 MicroDriveState *s = (MicroDriveState *) opaque;
4230 case 0x00: /* Configuration Option Register */
4231 s->opt = value & 0xcf;
4232 if (value & OPT_SRESET)
4234 md_interrupt_update(s);
4236 case 0x02: /* Card Configuration Status Register */
4237 if ((s->stat ^ value) & STAT_PWRDWN)
4238 s->pins |= PINS_CRDY;
4240 s->stat |= value & 0x74;
4241 md_interrupt_update(s);
4242 /* Word 170 in Identify Device must be equal to STAT_XE */
4244 case 0x04: /* Pin Replacement Register */
4245 s->pins &= PINS_CRDY;
4246 s->pins |= value & PINS_MRDY;
4248 case 0x06: /* Socket and Copy Register */
4251 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
4255 static uint16_t md_common_read(void *opaque, uint32_t at)
4257 MicroDriveState *s = (MicroDriveState *) opaque;
4262 switch (s->opt & OPT_MODE) {
4264 if ((at & ~0x3ff) == 0x400)
4267 case OPT_MODE_IOMAP16:
4270 case OPT_MODE_IOMAP1:
4271 if ((at & ~0xf) == 0x3f0)
4273 else if ((at & ~0xf) == 0x1f0)
4276 case OPT_MODE_IOMAP2:
4277 if ((at & ~0xf) == 0x370)
4279 else if ((at & ~0xf) == 0x170)
4284 case 0x0: /* Even RD Data */
4286 return ide_data_readw(&s->bus, 0);
4288 /* TODO: 8-bit accesses */
4292 s->io = ide_data_readw(&s->bus, 0);
4295 s->cycle = !s->cycle;
4297 case 0x9: /* Odd RD Data */
4299 case 0xd: /* Error */
4300 return ide_ioport_read(&s->bus, 0x1);
4301 case 0xe: /* Alternate Status */
4302 ifs = idebus_active_if(&s->bus);
4307 case 0xf: /* Device Address */
4308 ifs = idebus_active_if(&s->bus);
4309 return 0xc2 | ((~ifs->select << 2) & 0x3c);
4311 return ide_ioport_read(&s->bus, at);
4317 static void md_common_write(void *opaque, uint32_t at, uint16_t value)
4319 MicroDriveState *s = (MicroDriveState *) opaque;
4322 switch (s->opt & OPT_MODE) {
4324 if ((at & ~0x3ff) == 0x400)
4327 case OPT_MODE_IOMAP16:
4330 case OPT_MODE_IOMAP1:
4331 if ((at & ~0xf) == 0x3f0)
4333 else if ((at & ~0xf) == 0x1f0)
4336 case OPT_MODE_IOMAP2:
4337 if ((at & ~0xf) == 0x370)
4339 else if ((at & ~0xf) == 0x170)
4344 case 0x0: /* Even WR Data */
4346 ide_data_writew(&s->bus, 0, value);
4349 /* TODO: 8-bit accesses */
4351 ide_data_writew(&s->bus, 0, s->io | (value << 8));
4353 s->io = value & 0xff;
4354 s->cycle = !s->cycle;
4357 s->io = value & 0xff;
4358 s->cycle = !s->cycle;
4360 case 0xd: /* Features */
4361 ide_ioport_write(&s->bus, 0x1, value);
4363 case 0xe: /* Device Control */
4365 if (value & CTRL_SRST)
4367 md_interrupt_update(s);
4370 if (s->stat & STAT_PWRDWN) {
4371 s->pins |= PINS_CRDY;
4372 s->stat &= ~STAT_PWRDWN;
4374 ide_ioport_write(&s->bus, at, value);
4378 static void md_save(QEMUFile *f, void *opaque)
4380 MicroDriveState *s = (MicroDriveState *) opaque;
4383 qemu_put_8s(f, &s->opt);
4384 qemu_put_8s(f, &s->stat);
4385 qemu_put_8s(f, &s->pins);
4387 qemu_put_8s(f, &s->ctrl);
4388 qemu_put_be16s(f, &s->io);
4389 qemu_put_byte(f, s->cycle);
4391 idebus_save(f, &s->bus);
4393 for (i = 0; i < 2; i ++)
4394 ide_save(f, &s->bus.ifs[i]);
4397 static int md_load(QEMUFile *f, void *opaque, int version_id)
4399 MicroDriveState *s = (MicroDriveState *) opaque;
4402 if (version_id != 0 && version_id != 3)
4405 qemu_get_8s(f, &s->opt);
4406 qemu_get_8s(f, &s->stat);
4407 qemu_get_8s(f, &s->pins);
4409 qemu_get_8s(f, &s->ctrl);
4410 qemu_get_be16s(f, &s->io);
4411 s->cycle = qemu_get_byte(f);
4413 idebus_load(f, &s->bus, version_id);
4415 for (i = 0; i < 2; i ++)
4416 ide_load(f, &s->bus.ifs[i], version_id);
4421 static const uint8_t dscm1xxxx_cis[0x14a] = {
4422 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
4423 [0x002] = 0x03, /* Tuple length = 4 bytes */
4424 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
4425 [0x006] = 0x01, /* Size = 2K bytes */
4426 [0x008] = CISTPL_ENDMARK,
4428 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
4429 [0x00c] = 0x04, /* Tuple length = 4 byest */
4430 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
4431 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
4432 [0x012] = 0x01, /* Size = 2K bytes */
4433 [0x014] = CISTPL_ENDMARK,
4435 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
4436 [0x018] = 0x02, /* Tuple length = 2 bytes */
4437 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
4440 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
4441 [0x020] = 0x04, /* Tuple length = 4 bytes */
4442 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
4444 [0x026] = 0x00, /* PLMID_CARD = 0000 */
4447 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
4448 [0x02c] = 0x12, /* Tuple length = 23 bytes */
4449 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
4450 [0x030] = 0x01, /* Minor Version = 1 */
4466 [0x050] = CISTPL_ENDMARK,
4468 [0x052] = CISTPL_FUNCID, /* Function ID */
4469 [0x054] = 0x02, /* Tuple length = 2 bytes */
4470 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
4471 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
4473 [0x05a] = CISTPL_FUNCE, /* Function Extension */
4474 [0x05c] = 0x02, /* Tuple length = 2 bytes */
4475 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
4476 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
4478 [0x062] = CISTPL_FUNCE, /* Function Extension */
4479 [0x064] = 0x03, /* Tuple length = 3 bytes */
4480 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
4481 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
4482 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
4484 [0x06c] = CISTPL_CONFIG, /* Configuration */
4485 [0x06e] = 0x05, /* Tuple length = 5 bytes */
4486 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
4487 [0x072] = 0x07, /* TPCC_LAST = 7 */
4488 [0x074] = 0x00, /* TPCC_RADR = 0200 */
4490 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
4492 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4493 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
4494 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
4495 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
4496 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
4497 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4498 [0x086] = 0x55, /* NomV: 5.0 V */
4499 [0x088] = 0x4d, /* MinV: 4.5 V */
4500 [0x08a] = 0x5d, /* MaxV: 5.5 V */
4501 [0x08c] = 0x4e, /* Peakl: 450 mA */
4502 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
4503 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
4504 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
4506 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4507 [0x096] = 0x06, /* Tuple length = 6 bytes */
4508 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
4509 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4510 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4511 [0x09e] = 0xb5, /* NomV: 3.3 V */
4513 [0x0a2] = 0x3e, /* Peakl: 350 mA */
4515 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4516 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
4517 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
4518 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4519 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4520 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4521 [0x0b0] = 0x55, /* NomV: 5.0 V */
4522 [0x0b2] = 0x4d, /* MinV: 4.5 V */
4523 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
4524 [0x0b6] = 0x4e, /* Peakl: 450 mA */
4525 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
4526 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
4527 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
4528 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
4529 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
4531 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4532 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
4533 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
4534 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4535 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4536 [0x0cc] = 0xb5, /* NomV: 3.3 V */
4538 [0x0d0] = 0x3e, /* Peakl: 350 mA */
4540 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4541 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
4542 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
4543 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4544 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4545 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4546 [0x0de] = 0x55, /* NomV: 5.0 V */
4547 [0x0e0] = 0x4d, /* MinV: 4.5 V */
4548 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
4549 [0x0e4] = 0x4e, /* Peakl: 450 mA */
4550 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
4551 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
4552 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
4554 [0x0ee] = 0x07, /* Address block length = 8 */
4555 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
4557 [0x0f4] = 0x01, /* Address block length = 2 */
4558 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
4559 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
4561 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4562 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
4563 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
4564 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4565 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4566 [0x104] = 0xb5, /* NomV: 3.3 V */
4568 [0x108] = 0x3e, /* Peakl: 350 mA */
4570 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4571 [0x10c] = 0x12, /* Tuple length = 18 bytes */
4572 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
4573 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4574 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4575 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4576 [0x116] = 0x55, /* NomV: 5.0 V */
4577 [0x118] = 0x4d, /* MinV: 4.5 V */
4578 [0x11a] = 0x5d, /* MaxV: 5.5 V */
4579 [0x11c] = 0x4e, /* Peakl: 450 mA */
4580 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
4581 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
4582 [0x122] = 0x70, /* Field 1 address = 0x0170 */
4584 [0x126] = 0x07, /* Address block length = 8 */
4585 [0x128] = 0x76, /* Field 2 address = 0x0376 */
4587 [0x12c] = 0x01, /* Address block length = 2 */
4588 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
4589 [0x130] = 0x20, /* TPCE_MI = support power down mode */
4591 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4592 [0x134] = 0x06, /* Tuple length = 6 bytes */
4593 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
4594 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4595 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4596 [0x13c] = 0xb5, /* NomV: 3.3 V */
4598 [0x140] = 0x3e, /* Peakl: 350 mA */
4600 [0x142] = CISTPL_NO_LINK, /* No Link */
4601 [0x144] = 0x00, /* Tuple length = 0 bytes */
4603 [0x146] = CISTPL_END, /* Tuple End */
4606 static int dscm1xxxx_attach(void *opaque)
4608 MicroDriveState *md = (MicroDriveState *) opaque;
4609 md->card.attr_read = md_attr_read;
4610 md->card.attr_write = md_attr_write;
4611 md->card.common_read = md_common_read;
4612 md->card.common_write = md_common_write;
4613 md->card.io_read = md_common_read;
4614 md->card.io_write = md_common_write;
4616 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
4620 md_interrupt_update(md);
4622 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
4626 static int dscm1xxxx_detach(void *opaque)
4628 MicroDriveState *md = (MicroDriveState *) opaque;
4633 PCMCIACardState *dscm1xxxx_init(BlockDriverState *bdrv)
4635 MicroDriveState *md = (MicroDriveState *) qemu_mallocz(sizeof(MicroDriveState));
4636 md->card.state = md;
4637 md->card.attach = dscm1xxxx_attach;
4638 md->card.detach = dscm1xxxx_detach;
4639 md->card.cis = dscm1xxxx_cis;
4640 md->card.cis_len = sizeof(dscm1xxxx_cis);
4642 ide_init2(&md->bus, bdrv, NULL, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
4643 md->bus.ifs[0].is_cf = 1;
4644 md->bus.ifs[0].mdata_size = METADATA_SIZE;
4645 md->bus.ifs[0].mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
4647 register_savevm("microdrive", -1, 3, md_save, md_load, md);
projects / qemu / blob