]> Git Repo - qemu.git/blame - hw/ide.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Sparc32: convert idreg to qdev
[qemu.git] / hw / ide.c
CommitLineData
5391d806 1/*
38cdea7c 2 * QEMU IDE disk and CD/DVD-ROM Emulator
5fafdf24 3 *
5391d806 4 * Copyright (c) 2003 Fabrice Bellard
201a51fc 5 * Copyright (c) 2006 Openedhand Ltd.
5fafdf24 6 *
5391d806
FB		 7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
87ecb68b
PB		 25#include "hw.h"
26#include "pc.h"
27#include "pci.h"
28#include "scsi-disk.h"
29#include "pcmcia.h"
30#include "block.h"
b0a7b120 31#include "block_int.h"
87ecb68b
PB		 32#include "qemu-timer.h"
33#include "sysemu.h"
9596ebb7 34#include "ppc_mac.h"
e3007e66 35#include "mac_dbdma.h"
b79e1752 36#include "sh.h"
1fb8648d 37#include "dma.h"
5391d806 38
5391d806
FB		 39/* debug IDE devices */
40//#define DEBUG_IDE
41//#define DEBUG_IDE_ATAPI
8ccad811
FB		 42//#define DEBUG_AIO
43#define USE_DMA_CDROM
5391d806
FB		 44
45/* Bits of HD_STATUS */
46#define ERR_STAT 0x01
47#define INDEX_STAT 0x02
48#define ECC_STAT 0x04 /* Corrected error */
49#define DRQ_STAT 0x08
50#define SEEK_STAT 0x10
51#define SRV_STAT 0x10
52#define WRERR_STAT 0x20
53#define READY_STAT 0x40
54#define BUSY_STAT 0x80
55
56/* Bits for HD_ERROR */
57#define MARK_ERR 0x01 /* Bad address mark */
58#define TRK0_ERR 0x02 /* couldn't find track 0 */
59#define ABRT_ERR 0x04 /* Command aborted */
60#define MCR_ERR 0x08 /* media change request */
61#define ID_ERR 0x10 /* ID field not found */
62#define MC_ERR 0x20 /* media changed */
63#define ECC_ERR 0x40 /* Uncorrectable ECC error */
64#define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
65#define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
66
67/* Bits of HD_NSECTOR */
68#define CD 0x01
69#define IO 0x02
70#define REL 0x04
71#define TAG_MASK 0xf8
72
73#define IDE_CMD_RESET 0x04
74#define IDE_CMD_DISABLE_IRQ 0x02
75
76/* ATA/ATAPI Commands pre T13 Spec */
77#define WIN_NOP 0x00
78/*
79 * 0x01->0x02 Reserved
80 */
81#define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
82/*
83 * 0x04->0x07 Reserved
84 */
85#define WIN_SRST 0x08 /* ATAPI soft reset command */
86#define WIN_DEVICE_RESET 0x08
87/*
88 * 0x09->0x0F Reserved
89 */
90#define WIN_RECAL 0x10
91#define WIN_RESTORE WIN_RECAL
92/*
93 * 0x10->0x1F Reserved
94 */
95#define WIN_READ 0x20 /* 28-Bit */
96#define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
97#define WIN_READ_LONG 0x22 /* 28-Bit */
98#define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
99#define WIN_READ_EXT 0x24 /* 48-Bit */
100#define WIN_READDMA_EXT 0x25 /* 48-Bit */
101#define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
102#define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
103/*
104 * 0x28
105 */
106#define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
107/*
108 * 0x2A->0x2F Reserved
109 */
110#define WIN_WRITE 0x30 /* 28-Bit */
111#define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
112#define WIN_WRITE_LONG 0x32 /* 28-Bit */
113#define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
114#define WIN_WRITE_EXT 0x34 /* 48-Bit */
115#define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
116#define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
117#define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
118#define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
119#define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
120/*
121 * 0x3A->0x3B Reserved
122 */
123#define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
124/*
125 * 0x3D->0x3F Reserved
126 */
127#define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
128#define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
129#define WIN_VERIFY_EXT 0x42 /* 48-Bit */
130/*
131 * 0x43->0x4F Reserved
132 */
133#define WIN_FORMAT 0x50
134/*
135 * 0x51->0x5F Reserved
136 */
137#define WIN_INIT 0x60
138/*
139 * 0x61->0x5F Reserved
140 */
141#define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
142#define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
143#define WIN_DIAGNOSE 0x90
144#define WIN_SPECIFY 0x91 /* set drive geometry translation */
145#define WIN_DOWNLOAD_MICROCODE 0x92
146#define WIN_STANDBYNOW2 0x94
201a51fc 147#define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
5391d806
FB		 148#define WIN_STANDBY2 0x96
149#define WIN_SETIDLE2 0x97
150#define WIN_CHECKPOWERMODE2 0x98
151#define WIN_SLEEPNOW2 0x99
152/*
153 * 0x9A VENDOR
154 */
155#define WIN_PACKETCMD 0xA0 /* Send a packet command. */
156#define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
157#define WIN_QUEUED_SERVICE 0xA2
158#define WIN_SMART 0xB0 /* self-monitoring and reporting */
201a51fc
AZ		 159#define CFA_ACCESS_METADATA_STORAGE 0xB8
160#define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
5391d806
FB		 161#define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
162#define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
163#define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
164#define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
165#define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
166#define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
167#define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
168#define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
169#define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
170#define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
5fafdf24 171#define WIN_GETMEDIASTATUS 0xDA
5391d806
FB		 172#define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
173#define WIN_POSTBOOT 0xDC
174#define WIN_PREBOOT 0xDD
175#define WIN_DOORLOCK 0xDE /* lock door on removable drives */
176#define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
177#define WIN_STANDBYNOW1 0xE0
178#define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
179#define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
180#define WIN_SETIDLE1 0xE3
181#define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
182#define WIN_CHECKPOWERMODE1 0xE5
183#define WIN_SLEEPNOW1 0xE6
184#define WIN_FLUSH_CACHE 0xE7
185#define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
186#define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
187 /* SET_FEATURES 0x22 or 0xDD */
188#define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
189#define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
190#define WIN_MEDIAEJECT 0xED
191#define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
192#define WIN_SETFEATURES 0xEF /* set special drive features */
193#define EXABYTE_ENABLE_NEST 0xF0
201a51fc 194#define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
5391d806
FB		 195#define WIN_SECURITY_SET_PASS 0xF1
196#define WIN_SECURITY_UNLOCK 0xF2
197#define WIN_SECURITY_ERASE_PREPARE 0xF3
198#define WIN_SECURITY_ERASE_UNIT 0xF4
199#define WIN_SECURITY_FREEZE_LOCK 0xF5
201a51fc 200#define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
5391d806
FB		 201#define WIN_SECURITY_DISABLE 0xF6
202#define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
203#define WIN_SET_MAX 0xF9
204#define DISABLE_SEAGATE 0xFB
205
206/* set to 1 set disable mult support */
f66723fa 207#define MAX_MULT_SECTORS 16
5391d806 208
1d8cde5b
AJ		 209#define IDE_DMA_BUF_SECTORS 256
210
211#if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
212#error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
213#endif
214
5391d806
FB		 215/* ATAPI defines */
216
217#define ATAPI_PACKET_SIZE 12
218
219/* The generic packet command opcodes for CD/DVD Logical Units,
220 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
221#define GPCMD_BLANK 0xa1
222#define GPCMD_CLOSE_TRACK 0x5b
223#define GPCMD_FLUSH_CACHE 0x35
224#define GPCMD_FORMAT_UNIT 0x04
225#define GPCMD_GET_CONFIGURATION 0x46
226#define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
227#define GPCMD_GET_PERFORMANCE 0xac
228#define GPCMD_INQUIRY 0x12
229#define GPCMD_LOAD_UNLOAD 0xa6
230#define GPCMD_MECHANISM_STATUS 0xbd
231#define GPCMD_MODE_SELECT_10 0x55
232#define GPCMD_MODE_SENSE_10 0x5a
233#define GPCMD_PAUSE_RESUME 0x4b
234#define GPCMD_PLAY_AUDIO_10 0x45
235#define GPCMD_PLAY_AUDIO_MSF 0x47
236#define GPCMD_PLAY_AUDIO_TI 0x48
237#define GPCMD_PLAY_CD 0xbc
238#define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
239#define GPCMD_READ_10 0x28
240#define GPCMD_READ_12 0xa8
241#define GPCMD_READ_CDVD_CAPACITY 0x25
242#define GPCMD_READ_CD 0xbe
243#define GPCMD_READ_CD_MSF 0xb9
244#define GPCMD_READ_DISC_INFO 0x51
245#define GPCMD_READ_DVD_STRUCTURE 0xad
246#define GPCMD_READ_FORMAT_CAPACITIES 0x23
247#define GPCMD_READ_HEADER 0x44
248#define GPCMD_READ_TRACK_RZONE_INFO 0x52
249#define GPCMD_READ_SUBCHANNEL 0x42
250#define GPCMD_READ_TOC_PMA_ATIP 0x43
251#define GPCMD_REPAIR_RZONE_TRACK 0x58
252#define GPCMD_REPORT_KEY 0xa4
253#define GPCMD_REQUEST_SENSE 0x03
254#define GPCMD_RESERVE_RZONE_TRACK 0x53
255#define GPCMD_SCAN 0xba
256#define GPCMD_SEEK 0x2b
257#define GPCMD_SEND_DVD_STRUCTURE 0xad
258#define GPCMD_SEND_EVENT 0xa2
259#define GPCMD_SEND_KEY 0xa3
260#define GPCMD_SEND_OPC 0x54
261#define GPCMD_SET_READ_AHEAD 0xa7
262#define GPCMD_SET_STREAMING 0xb6
263#define GPCMD_START_STOP_UNIT 0x1b
264#define GPCMD_STOP_PLAY_SCAN 0x4e
265#define GPCMD_TEST_UNIT_READY 0x00
266#define GPCMD_VERIFY_10 0x2f
267#define GPCMD_WRITE_10 0x2a
268#define GPCMD_WRITE_AND_VERIFY_10 0x2e
5fafdf24 269/* This is listed as optional in ATAPI 2.6, but is (curiously)
5391d806
FB		 270 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
271 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
272 * drives support it. */
273#define GPCMD_SET_SPEED 0xbb
5fafdf24 274/* This seems to be a SCSI specific CD-ROM opcode
5391d806
FB		 275 * to play data at track/index */
276#define GPCMD_PLAYAUDIO_TI 0x48
277/*
278 * From MS Media Status Notification Support Specification. For
279 * older drives only.
280 */
281#define GPCMD_GET_MEDIA_STATUS 0xda
d14049ea 282#define GPCMD_MODE_SENSE_6 0x1a
5391d806
FB		 283
284/* Mode page codes for mode sense/set */
285#define GPMODE_R_W_ERROR_PAGE 0x01
286#define GPMODE_WRITE_PARMS_PAGE 0x05
287#define GPMODE_AUDIO_CTL_PAGE 0x0e
288#define GPMODE_POWER_PAGE 0x1a
289#define GPMODE_FAULT_FAIL_PAGE 0x1c
290#define GPMODE_TO_PROTECT_PAGE 0x1d
291#define GPMODE_CAPABILITIES_PAGE 0x2a
292#define GPMODE_ALL_PAGES 0x3f
293/* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
294 * of MODE_SENSE_POWER_PAGE */
295#define GPMODE_CDROM_PAGE 0x0d
296
38cdea7c
AZ		 297/*
298 * Based on values from <linux/cdrom.h> but extending CD_MINS
299 * to the maximum common size allowed by the Orange's Book ATIP
300 *
301 * 90 and 99 min CDs are also available but using them as the
302 * upper limit reduces the effectiveness of the heuristic to
303 * detect DVDs burned to less than 25% of their maximum capacity
304 */
305
306/* Some generally useful CD-ROM information */
307#define CD_MINS 80 /* max. minutes per CD */
308#define CD_SECS 60 /* seconds per minute */
309#define CD_FRAMES 75 /* frames per second */
310#define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
311#define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
312#define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
313
314/*
315 * The MMC values are not IDE specific and might need to be moved
316 * to a common header if they are also needed for the SCSI emulation
317 */
318
319/* Profile list from MMC-6 revision 1 table 91 */
320#define MMC_PROFILE_NONE 0x0000
321#define MMC_PROFILE_CD_ROM 0x0008
322#define MMC_PROFILE_CD_R 0x0009
323#define MMC_PROFILE_CD_RW 0x000A
324#define MMC_PROFILE_DVD_ROM 0x0010
325#define MMC_PROFILE_DVD_R_SR 0x0011
326#define MMC_PROFILE_DVD_RAM 0x0012
327#define MMC_PROFILE_DVD_RW_RO 0x0013
328#define MMC_PROFILE_DVD_RW_SR 0x0014
329#define MMC_PROFILE_DVD_R_DL_SR 0x0015
330#define MMC_PROFILE_DVD_R_DL_JR 0x0016
331#define MMC_PROFILE_DVD_RW_DL 0x0017
332#define MMC_PROFILE_DVD_DDR 0x0018
333#define MMC_PROFILE_DVD_PLUS_RW 0x001A
334#define MMC_PROFILE_DVD_PLUS_R 0x001B
335#define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
336#define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
337#define MMC_PROFILE_BD_ROM 0x0040
338#define MMC_PROFILE_BD_R_SRM 0x0041
339#define MMC_PROFILE_BD_R_RRM 0x0042
340#define MMC_PROFILE_BD_RE 0x0043
341#define MMC_PROFILE_HDDVD_ROM 0x0050
342#define MMC_PROFILE_HDDVD_R 0x0051
343#define MMC_PROFILE_HDDVD_RAM 0x0052
344#define MMC_PROFILE_HDDVD_RW 0x0053
345#define MMC_PROFILE_HDDVD_R_DL 0x0058
346#define MMC_PROFILE_HDDVD_RW_DL 0x005A
347#define MMC_PROFILE_INVALID 0xFFFF
348
5391d806
FB		 349#define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
350#define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
351#define ATAPI_INT_REASON_REL 0x04
352#define ATAPI_INT_REASON_TAG 0xf8
353
354/* same constants as bochs */
7f777bf3 355#define ASC_ILLEGAL_OPCODE 0x20
5391d806
FB		 356#define ASC_LOGICAL_BLOCK_OOR 0x21
357#define ASC_INV_FIELD_IN_CMD_PACKET 0x24
9118e7f0 358#define ASC_MEDIUM_MAY_HAVE_CHANGED 0x28
8114e9e8 359#define ASC_INCOMPATIBLE_FORMAT 0x30
5391d806
FB		 360#define ASC_MEDIUM_NOT_PRESENT 0x3a
361#define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
aea2a33c 362#define ASC_MEDIA_REMOVAL_PREVENTED 0x53
5391d806 363
201a51fc
AZ		 364#define CFA_NO_ERROR 0x00
365#define CFA_MISC_ERROR 0x09
366#define CFA_INVALID_COMMAND 0x20
367#define CFA_INVALID_ADDRESS 0x21
368#define CFA_ADDRESS_OVERFLOW 0x2f
369
5391d806
FB		 370#define SENSE_NONE 0
371#define SENSE_NOT_READY 2
372#define SENSE_ILLEGAL_REQUEST 5
373#define SENSE_UNIT_ATTENTION 6
374
375struct IDEState;
376
377typedef void EndTransferFunc(struct IDEState *);
378
caed8802 379/* NOTE: IDEState represents in fact one drive */
5391d806
FB		 380typedef struct IDEState {
381 /* ide config */
382 int is_cdrom;
201a51fc 383 int is_cf;
5391d806
FB		 384 int cylinders, heads, sectors;
385 int64_t nb_sectors;
386 int mult_sectors;
94458802
FB		 387 int identify_set;
388 uint16_t identify_data[256];
d537cf6c 389 qemu_irq irq;
34e538ae 390 PCIDevice *pci_dev;
98087450 391 struct BMDMAState *bmdma;
aedf5382 392 int drive_serial;
fa879c64 393 char drive_serial_str[21];
5391d806
FB		 394 /* ide regs */
395 uint8_t feature;
396 uint8_t error;
c2ff060f 397 uint32_t nsector;
5391d806
FB		 398 uint8_t sector;
399 uint8_t lcyl;
400 uint8_t hcyl;
c2ff060f
FB		 401 /* other part of tf for lba48 support */
402 uint8_t hob_feature;
403 uint8_t hob_nsector;
404 uint8_t hob_sector;
405 uint8_t hob_lcyl;
406 uint8_t hob_hcyl;
407
5391d806
FB		 408 uint8_t select;
409 uint8_t status;
c2ff060f 410
5391d806
FB		 411 /* 0x3f6 command, only meaningful for drive 0 */
412 uint8_t cmd;
c2ff060f
FB		 413 /* set for lba48 access */
414 uint8_t lba48;
5391d806 415 /* depends on bit 4 in select, only meaningful for drive 0 */
5fafdf24 416 struct IDEState *cur_drive;
5391d806
FB		 417 BlockDriverState *bs;
418 /* ATAPI specific */
419 uint8_t sense_key;
420 uint8_t asc;
421 int packet_transfer_size;
422 int elementary_transfer_size;
423 int io_buffer_index;
424 int lba;
98087450
FB		 425 int cd_sector_size;
426 int atapi_dma; /* true if dma is requested for the packet cmd */
427 /* ATA DMA state */
428 int io_buffer_size;
1fb8648d 429 QEMUSGList sg;
98087450 430 /* PIO transfer handling */
5391d806
FB		 431 int req_nb_sectors; /* number of sectors per interrupt */
432 EndTransferFunc *end_transfer_func;
433 uint8_t *data_ptr;
434 uint8_t *data_end;
33f00271 435 uint8_t *io_buffer;
31c2a146 436 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
e774a278 437 uint32_t irq_count; /* counts IRQs when using win2k install hack */
201a51fc
AZ		 438 /* CF-ATA extended error */
439 uint8_t ext_error;
440 /* CF-ATA metadata storage */
441 uint32_t mdata_size;
442 uint8_t *mdata_storage;
443 int media_changed;
e3007e66
AJ		 444 /* for pmac */
445 int is_read;
5391d806
FB		 446} IDEState;
447
8114e9e8
TS		 448/* XXX: DVDs that could fit on a CD will be reported as a CD */
449static inline int media_present(IDEState *s)
450{
451 return (s->nb_sectors > 0);
452}
453
454static inline int media_is_dvd(IDEState *s)
455{
456 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
457}
458
459static inline int media_is_cd(IDEState *s)
460{
461 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
462}
463
98087450
FB		 464#define BM_STATUS_DMAING 0x01
465#define BM_STATUS_ERROR 0x02
466#define BM_STATUS_INT 0x04
428c5705
AL		 467#define BM_STATUS_DMA_RETRY 0x08
468#define BM_STATUS_PIO_RETRY 0x10
98087450
FB		 469
470#define BM_CMD_START 0x01
471#define BM_CMD_READ 0x08
472
5457c8ce
FB		 473#define IDE_TYPE_PIIX3 0
474#define IDE_TYPE_CMD646 1
afcc3cdf 475#define IDE_TYPE_PIIX4 2
5457c8ce
FB		 476
477/* CMD646 specific */
478#define MRDMODE 0x71
479#define MRDMODE_INTR_CH0 0x04
480#define MRDMODE_INTR_CH1 0x08
481#define MRDMODE_BLK_CH0 0x10
482#define MRDMODE_BLK_CH1 0x20
483#define UDIDETCR0 0x73
484#define UDIDETCR1 0x7B
485
98087450
FB		 486typedef struct BMDMAState {
487 uint8_t cmd;
488 uint8_t status;
489 uint32_t addr;
3b46e624 490
5457c8ce 491 struct PCIIDEState *pci_dev;
98087450 492 /* current transfer state */
8ccad811
FB		 493 uint32_t cur_addr;
494 uint32_t cur_prd_last;
495 uint32_t cur_prd_addr;
496 uint32_t cur_prd_len;
98087450 497 IDEState *ide_if;
8ccad811
FB		 498 BlockDriverCompletionFunc *dma_cb;
499 BlockDriverAIOCB *aiocb;
c87c0672
AL		 500 struct iovec iov;
501 QEMUIOVector qiov;
428c5705
AL		 502 int64_t sector_num;
503 uint32_t nsector;
98087450
FB		 504} BMDMAState;
505
506typedef struct PCIIDEState {
507 PCIDevice dev;
508 IDEState ide_if[4];
509 BMDMAState bmdma[2];
5457c8ce 510 int type; /* see IDE_TYPE_xxx */
98087450
FB		 511} PCIIDEState;
512
8ccad811 513static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
428c5705 514static void ide_dma_restart(IDEState *s);
5f12ab4b 515static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
98087450 516
5391d806
FB		 517static void padstr(char *str, const char *src, int len)
518{
519 int i, v;
520 for(i = 0; i < len; i++) {
521 if (*src)
522 v = *src++;
523 else
524 v = ' ';
69b34976 525 str[i^1] = v;
5391d806
FB		 526 }
527}
528
bd0d90b2
FB		 529static void padstr8(uint8_t *buf, int buf_size, const char *src)
530{
531 int i;
532 for(i = 0; i < buf_size; i++) {
533 if (*src)
534 buf[i] = *src++;
535 else
536 buf[i] = ' ';
537 }
538}
539
67b915a5
FB		 540static void put_le16(uint16_t *p, unsigned int v)
541{
0c4ad8dc 542 *p = cpu_to_le16(v);
67b915a5
FB		 543}
544
5391d806
FB		 545static void ide_identify(IDEState *s)
546{
547 uint16_t *p;
548 unsigned int oldsize;
549
94458802
FB		 550 if (s->identify_set) {
551 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
552 return;
553 }
554
5391d806
FB		 555 memset(s->io_buffer, 0, 512);
556 p = (uint16_t *)s->io_buffer;
67b915a5 557 put_le16(p + 0, 0x0040);
5fafdf24 558 put_le16(p + 1, s->cylinders);
67b915a5
FB		 559 put_le16(p + 3, s->heads);
560 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
561 put_le16(p + 5, 512); /* XXX: retired, remove ? */
5fafdf24 562 put_le16(p + 6, s->sectors);
fa879c64 563 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
67b915a5
FB		 564 put_le16(p + 20, 3); /* XXX: retired, remove ? */
565 put_le16(p + 21, 512); /* cache size in sectors */
566 put_le16(p + 22, 4); /* ecc bytes */
60fe76f3
TS		 567 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
568 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
3b46e624 569#if MAX_MULT_SECTORS > 1
67b915a5 570 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
5391d806 571#endif
67b915a5 572 put_le16(p + 48, 1); /* dword I/O */
94458802 573 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
67b915a5
FB		 574 put_le16(p + 51, 0x200); /* PIO transfer cycle */
575 put_le16(p + 52, 0x200); /* DMA transfer cycle */
94458802 576 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
67b915a5
FB		 577 put_le16(p + 54, s->cylinders);
578 put_le16(p + 55, s->heads);
579 put_le16(p + 56, s->sectors);
5391d806 580 oldsize = s->cylinders * s->heads * s->sectors;
67b915a5
FB		 581 put_le16(p + 57, oldsize);
582 put_le16(p + 58, oldsize >> 16);
5391d806 583 if (s->mult_sectors)
67b915a5
FB		 584 put_le16(p + 59, 0x100 | s->mult_sectors);
585 put_le16(p + 60, s->nb_sectors);
586 put_le16(p + 61, s->nb_sectors >> 16);
d1b5c20d 587 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
94458802
FB		 588 put_le16(p + 63, 0x07); /* mdma0-2 supported */
589 put_le16(p + 65, 120);
590 put_le16(p + 66, 120);
591 put_le16(p + 67, 120);
592 put_le16(p + 68, 120);
593 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
594 put_le16(p + 81, 0x16); /* conforms to ata5 */
67b915a5 595 put_le16(p + 82, (1 << 14));
c2ff060f
FB		 596 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
597 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
67b915a5
FB		 598 put_le16(p + 84, (1 << 14));
599 put_le16(p + 85, (1 << 14));
c2ff060f
FB		 600 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
601 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
67b915a5 602 put_le16(p + 87, (1 << 14));
94458802
FB		 603 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
604 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
c2ff060f
FB		 605 put_le16(p + 100, s->nb_sectors);
606 put_le16(p + 101, s->nb_sectors >> 16);
607 put_le16(p + 102, s->nb_sectors >> 32);
608 put_le16(p + 103, s->nb_sectors >> 48);
94458802
FB		 609
610 memcpy(s->identify_data, p, sizeof(s->identify_data));
611 s->identify_set = 1;
5391d806
FB		 612}
613
614static void ide_atapi_identify(IDEState *s)
615{
616 uint16_t *p;
617
94458802
FB		 618 if (s->identify_set) {
619 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
620 return;
621 }
622
5391d806
FB		 623 memset(s->io_buffer, 0, 512);
624 p = (uint16_t *)s->io_buffer;
625 /* Removable CDROM, 50us response, 12 byte packets */
67b915a5 626 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
fa879c64 627 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
67b915a5
FB		 628 put_le16(p + 20, 3); /* buffer type */
629 put_le16(p + 21, 512); /* cache size in sectors */
630 put_le16(p + 22, 4); /* ecc bytes */
60fe76f3 631 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
38cdea7c 632 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
67b915a5 633 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
8ccad811
FB		 634#ifdef USE_DMA_CDROM
635 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
636 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
d1b5c20d 637 put_le16(p + 62, 7); /* single word dma0-2 supported */
8ccad811
FB		 638 put_le16(p + 63, 7); /* mdma0-2 supported */
639 put_le16(p + 64, 0x3f); /* PIO modes supported */
640#else
67b915a5
FB		 641 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
642 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
643 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
644 put_le16(p + 64, 1); /* PIO modes */
8ccad811 645#endif
67b915a5
FB		 646 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
647 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
648 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
649 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
94458802 650
67b915a5
FB		 651 put_le16(p + 71, 30); /* in ns */
652 put_le16(p + 72, 30); /* in ns */
5391d806 653
67b915a5 654 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
8ccad811
FB		 655#ifdef USE_DMA_CDROM
656 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
657#endif
94458802
FB		 658 memcpy(s->identify_data, p, sizeof(s->identify_data));
659 s->identify_set = 1;
5391d806
FB		 660}
661
201a51fc
AZ		 662static void ide_cfata_identify(IDEState *s)
663{
664 uint16_t *p;
665 uint32_t cur_sec;
201a51fc
AZ		 666
667 p = (uint16_t *) s->identify_data;
668 if (s->identify_set)
669 goto fill_buffer;
670
671 memset(p, 0, sizeof(s->identify_data));
672
673 cur_sec = s->cylinders * s->heads * s->sectors;
674
675 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
676 put_le16(p + 1, s->cylinders); /* Default cylinders */
677 put_le16(p + 3, s->heads); /* Default heads */
678 put_le16(p + 6, s->sectors); /* Default sectors per track */
679 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
680 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
fa879c64 681 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
201a51fc 682 put_le16(p + 22, 0x0004); /* ECC bytes */
60fe76f3
TS		 683 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
684 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
201a51fc
AZ		 685#if MAX_MULT_SECTORS > 1
686 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
687#else
688 put_le16(p + 47, 0x0000);
689#endif
690 put_le16(p + 49, 0x0f00); /* Capabilities */
691 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
692 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
693 put_le16(p + 53, 0x0003); /* Translation params valid */
694 put_le16(p + 54, s->cylinders); /* Current cylinders */
695 put_le16(p + 55, s->heads); /* Current heads */
696 put_le16(p + 56, s->sectors); /* Current sectors */
697 put_le16(p + 57, cur_sec); /* Current capacity */
698 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
699 if (s->mult_sectors) /* Multiple sector setting */
700 put_le16(p + 59, 0x100 | s->mult_sectors);
701 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
702 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
703 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
704 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
705 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
706 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
707 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
708 put_le16(p + 82, 0x400c); /* Command Set supported */
709 put_le16(p + 83, 0x7068); /* Command Set supported */
710 put_le16(p + 84, 0x4000); /* Features supported */
711 put_le16(p + 85, 0x000c); /* Command Set enabled */
712 put_le16(p + 86, 0x7044); /* Command Set enabled */
713 put_le16(p + 87, 0x4000); /* Features enabled */
714 put_le16(p + 91, 0x4060); /* Current APM level */
715 put_le16(p + 129, 0x0002); /* Current features option */
716 put_le16(p + 130, 0x0005); /* Reassigned sectors */
717 put_le16(p + 131, 0x0001); /* Initial power mode */
718 put_le16(p + 132, 0x0000); /* User signature */
719 put_le16(p + 160, 0x8100); /* Power requirement */
720 put_le16(p + 161, 0x8001); /* CF command set */
721
722 s->identify_set = 1;
723
724fill_buffer:
725 memcpy(s->io_buffer, p, sizeof(s->identify_data));
726}
727
5391d806
FB		 728static void ide_set_signature(IDEState *s)
729{
730 s->select &= 0xf0; /* clear head */
731 /* put signature */
732 s->nsector = 1;
733 s->sector = 1;
734 if (s->is_cdrom) {
735 s->lcyl = 0x14;
736 s->hcyl = 0xeb;
737 } else if (s->bs) {
738 s->lcyl = 0;
739 s->hcyl = 0;
740 } else {
741 s->lcyl = 0xff;
742 s->hcyl = 0xff;
743 }
744}
745
746static inline void ide_abort_command(IDEState *s)
747{
748 s->status = READY_STAT | ERR_STAT;
749 s->error = ABRT_ERR;
750}
751
5604e090
AZ		 752static inline void ide_dma_submit_check(IDEState *s,
753 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
754{
755 if (bm->aiocb)
756 return;
757 dma_cb(bm, -1);
758}
759
5391d806
FB		 760static inline void ide_set_irq(IDEState *s)
761{
98ff7d30 762 BMDMAState *bm = s->bmdma;
5391d806 763 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
5457c8ce 764 if (bm) {
98ff7d30 765 bm->status |= BM_STATUS_INT;
5457c8ce 766 }
d537cf6c 767 qemu_irq_raise(s->irq);
5391d806
FB		 768 }
769}
770
771/* prepare data transfer and tell what to do after */
5fafdf24 772static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
5391d806
FB		 773 EndTransferFunc *end_transfer_func)
774{
775 s->end_transfer_func = end_transfer_func;
776 s->data_ptr = buf;
777 s->data_end = buf + size;
7603d156
TS		 778 if (!(s->status & ERR_STAT))
779 s->status |= DRQ_STAT;
5391d806
FB		 780}
781
782static void ide_transfer_stop(IDEState *s)
783{
784 s->end_transfer_func = ide_transfer_stop;
785 s->data_ptr = s->io_buffer;
786 s->data_end = s->io_buffer;
787 s->status &= ~DRQ_STAT;
788}
789
790static int64_t ide_get_sector(IDEState *s)
791{
792 int64_t sector_num;
793 if (s->select & 0x40) {
794 /* lba */
c2ff060f
FB		 795 if (!s->lba48) {
796 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
797 (s->lcyl << 8) | s->sector;
798 } else {
799 sector_num = ((int64_t)s->hob_hcyl << 40) |
800 ((int64_t) s->hob_lcyl << 32) |
801 ((int64_t) s->hob_sector << 24) |
802 ((int64_t) s->hcyl << 16) |
803 ((int64_t) s->lcyl << 8) | s->sector;
804 }
5391d806
FB		 805 } else {
806 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
c2ff060f 807 (s->select & 0x0f) * s->sectors + (s->sector - 1);
5391d806
FB		 808 }
809 return sector_num;
810}
811
812static void ide_set_sector(IDEState *s, int64_t sector_num)
813{
814 unsigned int cyl, r;
815 if (s->select & 0x40) {
c2ff060f
FB		 816 if (!s->lba48) {
817 s->select = (s->select & 0xf0) | (sector_num >> 24);
818 s->hcyl = (sector_num >> 16);
819 s->lcyl = (sector_num >> 8);
820 s->sector = (sector_num);
821 } else {
822 s->sector = sector_num;
823 s->lcyl = sector_num >> 8;
824 s->hcyl = sector_num >> 16;
825 s->hob_sector = sector_num >> 24;
826 s->hob_lcyl = sector_num >> 32;
827 s->hob_hcyl = sector_num >> 40;
828 }
5391d806
FB		 829 } else {
830 cyl = sector_num / (s->heads * s->sectors);
831 r = sector_num % (s->heads * s->sectors);
832 s->hcyl = cyl >> 8;
833 s->lcyl = cyl;
1b8eb456 834 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
5391d806
FB		 835 s->sector = (r % s->sectors) + 1;
836 }
837}
838
e162cfb0
AZ		 839static void ide_rw_error(IDEState *s) {
840 ide_abort_command(s);
841 ide_set_irq(s);
842}
843
5391d806
FB		 844static void ide_sector_read(IDEState *s)
845{
846 int64_t sector_num;
847 int ret, n;
848
849 s->status = READY_STAT | SEEK_STAT;
a136e5a8 850 s->error = 0; /* not needed by IDE spec, but needed by Windows */
5391d806
FB		 851 sector_num = ide_get_sector(s);
852 n = s->nsector;
853 if (n == 0) {
854 /* no more sector to read from disk */
855 ide_transfer_stop(s);
856 } else {
857#if defined(DEBUG_IDE)
18c5f8ea 858 printf("read sector=%" PRId64 "\n", sector_num);
5391d806
FB		 859#endif
860 if (n > s->req_nb_sectors)
861 n = s->req_nb_sectors;
862 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
e162cfb0
AZ		 863 if (ret != 0) {
864 ide_rw_error(s);
865 return;
866 }
5391d806
FB		 867 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
868 ide_set_irq(s);
869 ide_set_sector(s, sector_num + n);
870 s->nsector -= n;
871 }
872}
873
7aea4412
AL		 874
875/* return 0 if buffer completed */
876static int dma_buf_prepare(BMDMAState *bm, int is_write)
877{
878 IDEState *s = bm->ide_if;
879 struct {
880 uint32_t addr;
881 uint32_t size;
882 } prd;
883 int l, len;
7aea4412 884
1fb8648d 885 qemu_sglist_init(&s->sg, s->nsector / (TARGET_PAGE_SIZE/512) + 1);
7aea4412
AL		 886 s->io_buffer_size = 0;
887 for(;;) {
888 if (bm->cur_prd_len == 0) {
889 /* end of table (with a fail safe of one page) */
890 if (bm->cur_prd_last ||
891 (bm->cur_addr - bm->addr) >= 4096)
892 return s->io_buffer_size != 0;
893 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
894 bm->cur_addr += 8;
895 prd.addr = le32_to_cpu(prd.addr);
896 prd.size = le32_to_cpu(prd.size);
897 len = prd.size & 0xfffe;
898 if (len == 0)
899 len = 0x10000;
900 bm->cur_prd_len = len;
901 bm->cur_prd_addr = prd.addr;
902 bm->cur_prd_last = (prd.size & 0x80000000);
903 }
904 l = bm->cur_prd_len;
905 if (l > 0) {
1fb8648d
AL		 906 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l);
907 bm->cur_prd_addr += l;
908 bm->cur_prd_len -= l;
909 s->io_buffer_size += l;
7aea4412
AL		 910 }
911 }
912 return 1;
913}
914
915static void dma_buf_commit(IDEState *s, int is_write)
916{
1fb8648d 917 qemu_sglist_destroy(&s->sg);
7aea4412
AL		 918}
919
e162cfb0
AZ		 920static void ide_dma_error(IDEState *s)
921{
922 ide_transfer_stop(s);
923 s->error = ABRT_ERR;
924 s->status = READY_STAT | ERR_STAT;
925 ide_set_irq(s);
926}
927
428c5705
AL		 928static int ide_handle_write_error(IDEState *s, int error, int op)
929{
930 BlockInterfaceErrorAction action = drive_get_onerror(s->bs);
931
932 if (action == BLOCK_ERR_IGNORE)
933 return 0;
934
935 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
936 || action == BLOCK_ERR_STOP_ANY) {
937 s->bmdma->ide_if = s;
938 s->bmdma->status |= op;
939 vm_stop(0);
940 } else {
7aea4412
AL		 941 if (op == BM_STATUS_DMA_RETRY) {
942 dma_buf_commit(s, 0);
428c5705 943 ide_dma_error(s);
7aea4412 944 } else {
428c5705 945 ide_rw_error(s);
7aea4412 946 }
428c5705
AL		 947 }
948
949 return 1;
950}
951
8ccad811
FB		 952/* return 0 if buffer completed */
953static int dma_buf_rw(BMDMAState *bm, int is_write)
98087450 954{
8ccad811
FB		 955 IDEState *s = bm->ide_if;
956 struct {
957 uint32_t addr;
958 uint32_t size;
959 } prd;
960 int l, len;
98087450 961
8ccad811
FB		 962 for(;;) {
963 l = s->io_buffer_size - s->io_buffer_index;
5fafdf24 964 if (l <= 0)
8ccad811
FB		 965 break;
966 if (bm->cur_prd_len == 0) {
967 /* end of table (with a fail safe of one page) */
968 if (bm->cur_prd_last ||
969 (bm->cur_addr - bm->addr) >= 4096)
970 return 0;
971 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
972 bm->cur_addr += 8;
973 prd.addr = le32_to_cpu(prd.addr);
974 prd.size = le32_to_cpu(prd.size);
975 len = prd.size & 0xfffe;
976 if (len == 0)
977 len = 0x10000;
978 bm->cur_prd_len = len;
979 bm->cur_prd_addr = prd.addr;
980 bm->cur_prd_last = (prd.size & 0x80000000);
981 }
982 if (l > bm->cur_prd_len)
983 l = bm->cur_prd_len;
984 if (l > 0) {
985 if (is_write) {
5fafdf24 986 cpu_physical_memory_write(bm->cur_prd_addr,
8ccad811
FB		 987 s->io_buffer + s->io_buffer_index, l);
988 } else {
5fafdf24 989 cpu_physical_memory_read(bm->cur_prd_addr,
8ccad811
FB		 990 s->io_buffer + s->io_buffer_index, l);
991 }
992 bm->cur_prd_addr += l;
993 bm->cur_prd_len -= l;
994 s->io_buffer_index += l;
98087450 995 }
98087450 996 }
8ccad811
FB		 997 return 1;
998}
999
8ccad811
FB		 1000static void ide_read_dma_cb(void *opaque, int ret)
1001{
1002 BMDMAState *bm = opaque;
1003 IDEState *s = bm->ide_if;
1004 int n;
1005 int64_t sector_num;
1006
e162cfb0 1007 if (ret < 0) {
7aea4412 1008 dma_buf_commit(s, 1);
e162cfb0
AZ		 1009 ide_dma_error(s);
1010 return;
1011 }
1012
8ccad811
FB		 1013 n = s->io_buffer_size >> 9;
1014 sector_num = ide_get_sector(s);
1015 if (n > 0) {
7aea4412 1016 dma_buf_commit(s, 1);
8ccad811
FB		 1017 sector_num += n;
1018 ide_set_sector(s, sector_num);
1019 s->nsector -= n;
8ccad811
FB		 1020 }
1021
1022 /* end of transfer ? */
1023 if (s->nsector == 0) {
98087450
FB		 1024 s->status = READY_STAT | SEEK_STAT;
1025 ide_set_irq(s);
8ccad811
FB		 1026 eot:
1027 bm->status &= ~BM_STATUS_DMAING;
1028 bm->status |= BM_STATUS_INT;
1029 bm->dma_cb = NULL;
1030 bm->ide_if = NULL;
1031 bm->aiocb = NULL;
1032 return;
98087450 1033 }
8ccad811
FB		 1034
1035 /* launch next transfer */
1036 n = s->nsector;
8ccad811
FB		 1037 s->io_buffer_index = 0;
1038 s->io_buffer_size = n * 512;
7aea4412
AL		 1039 if (dma_buf_prepare(bm, 1) == 0)
1040 goto eot;
8ccad811 1041#ifdef DEBUG_AIO
5df23f53 1042 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n);
8ccad811 1043#endif
1fb8648d 1044 bm->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_read_dma_cb, bm);
5604e090 1045 ide_dma_submit_check(s, ide_read_dma_cb, bm);
98087450
FB		 1046}
1047
1048static void ide_sector_read_dma(IDEState *s)
1049{
8ccad811 1050 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
98087450
FB		 1051 s->io_buffer_index = 0;
1052 s->io_buffer_size = 0;
e3007e66 1053 s->is_read = 1;
98087450
FB		 1054 ide_dma_start(s, ide_read_dma_cb);
1055}
1056
a09db21f
FB		 1057static void ide_sector_write_timer_cb(void *opaque)
1058{
1059 IDEState *s = opaque;
1060 ide_set_irq(s);
1061}
1062
5391d806
FB		 1063static void ide_sector_write(IDEState *s)
1064{
1065 int64_t sector_num;
31c2a146 1066 int ret, n, n1;
5391d806
FB		 1067
1068 s->status = READY_STAT | SEEK_STAT;
1069 sector_num = ide_get_sector(s);
1070#if defined(DEBUG_IDE)
18c5f8ea 1071 printf("write sector=%" PRId64 "\n", sector_num);
5391d806
FB		 1072#endif
1073 n = s->nsector;
1074 if (n > s->req_nb_sectors)
1075 n = s->req_nb_sectors;
31c2a146 1076 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
428c5705 1077
e162cfb0 1078 if (ret != 0) {
428c5705
AL		 1079 if (ide_handle_write_error(s, -ret, BM_STATUS_PIO_RETRY))
1080 return;
e162cfb0
AZ		 1081 }
1082
5391d806
FB		 1083 s->nsector -= n;
1084 if (s->nsector == 0) {
292eef5a 1085 /* no more sectors to write */
5391d806
FB		 1086 ide_transfer_stop(s);
1087 } else {
1088 n1 = s->nsector;
1089 if (n1 > s->req_nb_sectors)
1090 n1 = s->req_nb_sectors;
1091 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
1092 }
1093 ide_set_sector(s, sector_num + n);
3b46e624 1094
31c2a146
TS		 1095#ifdef TARGET_I386
1096 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
1097 /* It seems there is a bug in the Windows 2000 installer HDD
1098 IDE driver which fills the disk with empty logs when the
1099 IDE write IRQ comes too early. This hack tries to correct
1100 that at the expense of slower write performances. Use this
1101 option _only_ to install Windows 2000. You must disable it
1102 for normal use. */
1103 qemu_mod_timer(s->sector_write_timer,
1104 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
1105 } else
1106#endif
1107 {
1108 ide_set_irq(s);
1109 }
5391d806
FB		 1110}
1111
f18be901 1112static void ide_dma_restart_cb(void *opaque, int running, int reason)
428c5705
AL		 1113{
1114 BMDMAState *bm = opaque;
1115 if (!running)
1116 return;
1117 if (bm->status & BM_STATUS_DMA_RETRY) {
1118 bm->status &= ~BM_STATUS_DMA_RETRY;
1119 ide_dma_restart(bm->ide_if);
1120 } else if (bm->status & BM_STATUS_PIO_RETRY) {
1121 bm->status &= ~BM_STATUS_PIO_RETRY;
1122 ide_sector_write(bm->ide_if);
1123 }
1124}
1125
8ccad811 1126static void ide_write_dma_cb(void *opaque, int ret)
98087450 1127{
8ccad811
FB		 1128 BMDMAState *bm = opaque;
1129 IDEState *s = bm->ide_if;
1130 int n;
98087450
FB		 1131 int64_t sector_num;
1132
e162cfb0 1133 if (ret < 0) {
428c5705
AL		 1134 if (ide_handle_write_error(s, -ret, BM_STATUS_DMA_RETRY))
1135 return;
e162cfb0
AZ		 1136 }
1137
8ccad811
FB		 1138 n = s->io_buffer_size >> 9;
1139 sector_num = ide_get_sector(s);
1140 if (n > 0) {
7aea4412 1141 dma_buf_commit(s, 0);
8ccad811
FB		 1142 sector_num += n;
1143 ide_set_sector(s, sector_num);
1144 s->nsector -= n;
98087450 1145 }
98087450 1146
8ccad811
FB		 1147 /* end of transfer ? */
1148 if (s->nsector == 0) {
1149 s->status = READY_STAT | SEEK_STAT;
1150 ide_set_irq(s);
1151 eot:
1152 bm->status &= ~BM_STATUS_DMAING;
1153 bm->status |= BM_STATUS_INT;
1154 bm->dma_cb = NULL;
1155 bm->ide_if = NULL;
1156 bm->aiocb = NULL;
1157 return;
1158 }
1159
98087450 1160 n = s->nsector;
98087450 1161 s->io_buffer_size = n * 512;
7aea4412
AL		 1162 /* launch next transfer */
1163 if (dma_buf_prepare(bm, 0) == 0)
8ccad811
FB		 1164 goto eot;
1165#ifdef DEBUG_AIO
5df23f53 1166 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n);
8ccad811 1167#endif
1fb8648d 1168 bm->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_write_dma_cb, bm);
5604e090 1169 ide_dma_submit_check(s, ide_write_dma_cb, bm);
8ccad811
FB		 1170}
1171
1172static void ide_sector_write_dma(IDEState *s)
1173{
1174 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1175 s->io_buffer_index = 0;
1176 s->io_buffer_size = 0;
e3007e66 1177 s->is_read = 0;
98087450
FB		 1178 ide_dma_start(s, ide_write_dma_cb);
1179}
1180
5391d806
FB		 1181static void ide_atapi_cmd_ok(IDEState *s)
1182{
1183 s->error = 0;
41a2b959 1184 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1185 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1186 ide_set_irq(s);
1187}
1188
1189static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1190{
1191#ifdef DEBUG_IDE_ATAPI
1192 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1193#endif
1194 s->error = sense_key << 4;
1195 s->status = READY_STAT | ERR_STAT;
1196 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1197 s->sense_key = sense_key;
1198 s->asc = asc;
1199 ide_set_irq(s);
1200}
1201
9118e7f0
AL		 1202static void ide_atapi_cmd_check_status(IDEState *s)
1203{
1204#ifdef DEBUG_IDE_ATAPI
1205 printf("atapi_cmd_check_status\n");
1206#endif
1207 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
1208 s->status = ERR_STAT;
1209 s->nsector = 0;
1210 ide_set_irq(s);
1211}
1212
5391d806
FB		 1213static inline void cpu_to_ube16(uint8_t *buf, int val)
1214{
1215 buf[0] = val >> 8;
9e622b15 1216 buf[1] = val & 0xff;
5391d806
FB		 1217}
1218
1219static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1220{
1221 buf[0] = val >> 24;
1222 buf[1] = val >> 16;
1223 buf[2] = val >> 8;
9e622b15 1224 buf[3] = val & 0xff;
5391d806
FB		 1225}
1226
1227static inline int ube16_to_cpu(const uint8_t *buf)
1228{
1229 return (buf[0] << 8) | buf[1];
1230}
1231
1232static inline int ube32_to_cpu(const uint8_t *buf)
1233{
1234 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1235}
1236
98087450
FB		 1237static void lba_to_msf(uint8_t *buf, int lba)
1238{
1239 lba += 150;
1240 buf[0] = (lba / 75) / 60;
1241 buf[1] = (lba / 75) % 60;
1242 buf[2] = lba % 75;
1243}
1244
8ccad811
FB		 1245static void cd_data_to_raw(uint8_t *buf, int lba)
1246{
1247 /* sync bytes */
1248 buf[0] = 0x00;
1249 memset(buf + 1, 0xff, 10);
1250 buf[11] = 0x00;
1251 buf += 12;
1252 /* MSF */
1253 lba_to_msf(buf, lba);
1254 buf[3] = 0x01; /* mode 1 data */
1255 buf += 4;
1256 /* data */
1257 buf += 2048;
1258 /* XXX: ECC not computed */
1259 memset(buf, 0, 288);
1260}
1261
5fafdf24 1262static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
98087450
FB		 1263 int sector_size)
1264{
66c6ef76
FB		 1265 int ret;
1266
98087450
FB		 1267 switch(sector_size) {
1268 case 2048:
66c6ef76 1269 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
98087450
FB		 1270 break;
1271 case 2352:
66c6ef76
FB		 1272 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1273 if (ret < 0)
1274 return ret;
8ccad811 1275 cd_data_to_raw(buf, lba);
98087450
FB		 1276 break;
1277 default:
66c6ef76 1278 ret = -EIO;
98087450
FB		 1279 break;
1280 }
66c6ef76
FB		 1281 return ret;
1282}
1283
1284static void ide_atapi_io_error(IDEState *s, int ret)
1285{
1286 /* XXX: handle more errors */
1287 if (ret == -ENOMEDIUM) {
5fafdf24 1288 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 1289 ASC_MEDIUM_NOT_PRESENT);
1290 } else {
5fafdf24 1291 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
66c6ef76
FB		 1292 ASC_LOGICAL_BLOCK_OOR);
1293 }
98087450
FB		 1294}
1295
5391d806
FB		 1296/* The whole ATAPI transfer logic is handled in this function */
1297static void ide_atapi_cmd_reply_end(IDEState *s)
1298{
66c6ef76 1299 int byte_count_limit, size, ret;
5391d806 1300#ifdef DEBUG_IDE_ATAPI
5fafdf24 1301 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
5391d806
FB		 1302 s->packet_transfer_size,
1303 s->elementary_transfer_size,
1304 s->io_buffer_index);
1305#endif
1306 if (s->packet_transfer_size <= 0) {
1307 /* end of transfer */
1308 ide_transfer_stop(s);
41a2b959 1309 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1310 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1311 ide_set_irq(s);
1312#ifdef DEBUG_IDE_ATAPI
1313 printf("status=0x%x\n", s->status);
1314#endif
1315 } else {
1316 /* see if a new sector must be read */
98087450 1317 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
66c6ef76
FB		 1318 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1319 if (ret < 0) {
1320 ide_transfer_stop(s);
1321 ide_atapi_io_error(s, ret);
1322 return;
1323 }
5391d806
FB		 1324 s->lba++;
1325 s->io_buffer_index = 0;
1326 }
1327 if (s->elementary_transfer_size > 0) {
1328 /* there are some data left to transmit in this elementary
1329 transfer */
98087450 1330 size = s->cd_sector_size - s->io_buffer_index;
5391d806
FB		 1331 if (size > s->elementary_transfer_size)
1332 size = s->elementary_transfer_size;
5fafdf24 1333 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
5391d806
FB		 1334 size, ide_atapi_cmd_reply_end);
1335 s->packet_transfer_size -= size;
1336 s->elementary_transfer_size -= size;
1337 s->io_buffer_index += size;
1338 } else {
1339 /* a new transfer is needed */
1340 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1341 byte_count_limit = s->lcyl | (s->hcyl << 8);
1342#ifdef DEBUG_IDE_ATAPI
1343 printf("byte_count_limit=%d\n", byte_count_limit);
1344#endif
1345 if (byte_count_limit == 0xffff)
1346 byte_count_limit--;
1347 size = s->packet_transfer_size;
1348 if (size > byte_count_limit) {
1349 /* byte count limit must be even if this case */
1350 if (byte_count_limit & 1)
1351 byte_count_limit--;
1352 size = byte_count_limit;
5391d806 1353 }
a136e5a8
FB		 1354 s->lcyl = size;
1355 s->hcyl = size >> 8;
5391d806
FB		 1356 s->elementary_transfer_size = size;
1357 /* we cannot transmit more than one sector at a time */
1358 if (s->lba != -1) {
98087450
FB		 1359 if (size > (s->cd_sector_size - s->io_buffer_index))
1360 size = (s->cd_sector_size - s->io_buffer_index);
5391d806 1361 }
5fafdf24 1362 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
5391d806
FB		 1363 size, ide_atapi_cmd_reply_end);
1364 s->packet_transfer_size -= size;
1365 s->elementary_transfer_size -= size;
1366 s->io_buffer_index += size;
1367 ide_set_irq(s);
1368#ifdef DEBUG_IDE_ATAPI
1369 printf("status=0x%x\n", s->status);
1370#endif
1371 }
1372 }
1373}
1374
1375/* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1376static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1377{
1378 if (size > max_size)
1379 size = max_size;
1380 s->lba = -1; /* no sector read */
1381 s->packet_transfer_size = size;
5f12ab4b 1382 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
5391d806
FB		 1383 s->elementary_transfer_size = 0;
1384 s->io_buffer_index = 0;
1385
5f12ab4b 1386 if (s->atapi_dma) {
41a2b959 1387 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
5f12ab4b
TS		 1388 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1389 } else {
41a2b959 1390 s->status = READY_STAT | SEEK_STAT;
5f12ab4b
TS		 1391 ide_atapi_cmd_reply_end(s);
1392 }
5391d806
FB		 1393}
1394
1395/* start a CD-CDROM read command */
98087450
FB		 1396static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1397 int sector_size)
5391d806 1398{
5391d806 1399 s->lba = lba;
98087450 1400 s->packet_transfer_size = nb_sectors * sector_size;
5391d806 1401 s->elementary_transfer_size = 0;
98087450
FB		 1402 s->io_buffer_index = sector_size;
1403 s->cd_sector_size = sector_size;
5391d806 1404
41a2b959 1405 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1406 ide_atapi_cmd_reply_end(s);
1407}
1408
98087450 1409/* ATAPI DMA support */
8ccad811
FB		 1410
1411/* XXX: handle read errors */
1412static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
98087450 1413{
8ccad811
FB		 1414 BMDMAState *bm = opaque;
1415 IDEState *s = bm->ide_if;
1416 int data_offset, n;
1417
66c6ef76
FB		 1418 if (ret < 0) {
1419 ide_atapi_io_error(s, ret);
1420 goto eot;
1421 }
1422
8ccad811 1423 if (s->io_buffer_size > 0) {
5f12ab4b
TS		 1424 /*
1425 * For a cdrom read sector command (s->lba != -1),
1426 * adjust the lba for the next s->io_buffer_size chunk
1427 * and dma the current chunk.
1428 * For a command != read (s->lba == -1), just transfer
1429 * the reply data.
1430 */
1431 if (s->lba != -1) {
1432 if (s->cd_sector_size == 2352) {
1433 n = 1;
1434 cd_data_to_raw(s->io_buffer, s->lba);
1435 } else {
1436 n = s->io_buffer_size >> 11;
1437 }
1438 s->lba += n;
1439 }
8ccad811 1440 s->packet_transfer_size -= s->io_buffer_size;
8ccad811
FB		 1441 if (dma_buf_rw(bm, 1) == 0)
1442 goto eot;
98087450 1443 }
8ccad811 1444
98087450 1445 if (s->packet_transfer_size <= 0) {
41a2b959 1446 s->status = READY_STAT | SEEK_STAT;
98087450
FB		 1447 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1448 ide_set_irq(s);
8ccad811
FB		 1449 eot:
1450 bm->status &= ~BM_STATUS_DMAING;
1451 bm->status |= BM_STATUS_INT;
1452 bm->dma_cb = NULL;
1453 bm->ide_if = NULL;
1454 bm->aiocb = NULL;
1455 return;
1456 }
3b46e624 1457
8ccad811
FB		 1458 s->io_buffer_index = 0;
1459 if (s->cd_sector_size == 2352) {
1460 n = 1;
1461 s->io_buffer_size = s->cd_sector_size;
1462 data_offset = 16;
1463 } else {
1464 n = s->packet_transfer_size >> 11;
1d8cde5b
AJ		 1465 if (n > (IDE_DMA_BUF_SECTORS / 4))
1466 n = (IDE_DMA_BUF_SECTORS / 4);
8ccad811
FB		 1467 s->io_buffer_size = n * 2048;
1468 data_offset = 0;
98087450 1469 }
8ccad811
FB		 1470#ifdef DEBUG_AIO
1471 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1472#endif
3f4cb3d3 1473 bm->iov.iov_base = (void *)(s->io_buffer + data_offset);
c87c0672
AL		 1474 bm->iov.iov_len = n * 4 * 512;
1475 qemu_iovec_init_external(&bm->qiov, &bm->iov, 1);
1476 bm->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2, &bm->qiov,
1477 n * 4, ide_atapi_cmd_read_dma_cb, bm);
66c6ef76
FB		 1478 if (!bm->aiocb) {
1479 /* Note: media not present is the most likely case */
5fafdf24 1480 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 1481 ASC_MEDIUM_NOT_PRESENT);
1482 goto eot;
1483 }
98087450
FB		 1484}
1485
1486/* start a CD-CDROM read command with DMA */
1487/* XXX: test if DMA is available */
1488static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1489 int sector_size)
1490{
1491 s->lba = lba;
1492 s->packet_transfer_size = nb_sectors * sector_size;
8ccad811
FB		 1493 s->io_buffer_index = 0;
1494 s->io_buffer_size = 0;
98087450
FB		 1495 s->cd_sector_size = sector_size;
1496
8ccad811 1497 /* XXX: check if BUSY_STAT should be set */
41a2b959 1498 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
98087450
FB		 1499 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1500}
1501
5fafdf24 1502static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
98087450
FB		 1503 int sector_size)
1504{
1505#ifdef DEBUG_IDE_ATAPI
5f12ab4b
TS		 1506 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1507 lba, nb_sectors);
98087450
FB		 1508#endif
1509 if (s->atapi_dma) {
1510 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1511 } else {
1512 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1513 }
1514}
1515
38cdea7c
AZ		 1516static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1517 uint16_t profile)
1518{
1519 uint8_t *buf_profile = buf + 12; /* start of profiles */
1520
1521 buf_profile += ((*index) * 4); /* start of indexed profile */
1522 cpu_to_ube16 (buf_profile, profile);
1523 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1524
1525 /* each profile adds 4 bytes to the response */
1526 (*index)++;
1527 buf[11] += 4; /* Additional Length */
1528
1529 return 4;
1530}
1531
8114e9e8
TS		 1532static int ide_dvd_read_structure(IDEState *s, int format,
1533 const uint8_t *packet, uint8_t *buf)
1534{
1535 switch (format) {
1536 case 0x0: /* Physical format information */
1537 {
1538 int layer = packet[6];
1539 uint64_t total_sectors;
1540
1541 if (layer != 0)
1542 return -ASC_INV_FIELD_IN_CMD_PACKET;
1543
1544 bdrv_get_geometry(s->bs, &total_sectors);
1545 total_sectors >>= 2;
1546 if (total_sectors == 0)
1547 return -ASC_MEDIUM_NOT_PRESENT;
1548
1549 buf[4] = 1; /* DVD-ROM, part version 1 */
1550 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1551 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1552 buf[7] = 0; /* default densities */
1553
1554 /* FIXME: 0x30000 per spec? */
1555 cpu_to_ube32(buf + 8, 0); /* start sector */
1556 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1557 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1558
1559 /* Size of buffer, not including 2 byte size field */
1560 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1561
1562 /* 2k data + 4 byte header */
1563 return (2048 + 4);
1564 }
1565
1566 case 0x01: /* DVD copyright information */
1567 buf[4] = 0; /* no copyright data */
1568 buf[5] = 0; /* no region restrictions */
1569
1570 /* Size of buffer, not including 2 byte size field */
1571 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1572
1573 /* 4 byte header + 4 byte data */
1574 return (4 + 4);
1575
1576 case 0x03: /* BCA information - invalid field for no BCA info */
1577 return -ASC_INV_FIELD_IN_CMD_PACKET;
1578
1579 case 0x04: /* DVD disc manufacturing information */
1580 /* Size of buffer, not including 2 byte size field */
1581 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1582
1583 /* 2k data + 4 byte header */
1584 return (2048 + 4);
1585
1586 case 0xff:
1587 /*
1588 * This lists all the command capabilities above. Add new ones
1589 * in order and update the length and buffer return values.
1590 */
1591
1592 buf[4] = 0x00; /* Physical format */
1593 buf[5] = 0x40; /* Not writable, is readable */
1594 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1595
1596 buf[8] = 0x01; /* Copyright info */
1597 buf[9] = 0x40; /* Not writable, is readable */
1598 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1599
1600 buf[12] = 0x03; /* BCA info */
1601 buf[13] = 0x40; /* Not writable, is readable */
1602 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1603
1604 buf[16] = 0x04; /* Manufacturing info */
1605 buf[17] = 0x40; /* Not writable, is readable */
1606 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1607
1608 /* Size of buffer, not including 2 byte size field */
1609 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1610
1611 /* data written + 4 byte header */
1612 return (16 + 4);
1613
1614 default: /* TODO: formats beyond DVD-ROM requires */
1615 return -ASC_INV_FIELD_IN_CMD_PACKET;
1616 }
1617}
1618
5391d806
FB		 1619static void ide_atapi_cmd(IDEState *s)
1620{
1621 const uint8_t *packet;
1622 uint8_t *buf;
1623 int max_len;
1624
1625 packet = s->io_buffer;
1626 buf = s->io_buffer;
1627#ifdef DEBUG_IDE_ATAPI
1628 {
1629 int i;
1630 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1631 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1632 printf(" %02x", packet[i]);
1633 }
1634 printf("\n");
1635 }
1636#endif
9118e7f0
AL		 1637 /* If there's a UNIT_ATTENTION condition pending, only
1638 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1639 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1640 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1641 s->io_buffer[0] != GPCMD_INQUIRY) {
1642 ide_atapi_cmd_check_status(s);
1643 return;
1644 }
5391d806
FB		 1645 switch(s->io_buffer[0]) {
1646 case GPCMD_TEST_UNIT_READY:
caed8802 1647 if (bdrv_is_inserted(s->bs)) {
5391d806
FB		 1648 ide_atapi_cmd_ok(s);
1649 } else {
5fafdf24 1650 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1651 ASC_MEDIUM_NOT_PRESENT);
1652 }
1653 break;
d14049ea 1654 case GPCMD_MODE_SENSE_6:
5391d806
FB		 1655 case GPCMD_MODE_SENSE_10:
1656 {
1657 int action, code;
d14049ea
TS		 1658 if (packet[0] == GPCMD_MODE_SENSE_10)
1659 max_len = ube16_to_cpu(packet + 7);
1660 else
1661 max_len = packet[4];
5391d806
FB		 1662 action = packet[2] >> 6;
1663 code = packet[2] & 0x3f;
1664 switch(action) {
1665 case 0: /* current values */
1666 switch(code) {
1667 case 0x01: /* error recovery */
1668 cpu_to_ube16(&buf[0], 16 + 6);
1669 buf[2] = 0x70;
1670 buf[3] = 0;
1671 buf[4] = 0;
1672 buf[5] = 0;
1673 buf[6] = 0;
1674 buf[7] = 0;
1675
1676 buf[8] = 0x01;
1677 buf[9] = 0x06;
1678 buf[10] = 0x00;
1679 buf[11] = 0x05;
1680 buf[12] = 0x00;
1681 buf[13] = 0x00;
1682 buf[14] = 0x00;
1683 buf[15] = 0x00;
1684 ide_atapi_cmd_reply(s, 16, max_len);
1685 break;
1686 case 0x2a:
1687 cpu_to_ube16(&buf[0], 28 + 6);
1688 buf[2] = 0x70;
1689 buf[3] = 0;
1690 buf[4] = 0;
1691 buf[5] = 0;
1692 buf[6] = 0;
1693 buf[7] = 0;
1694
1695 buf[8] = 0x2a;
1696 buf[9] = 0x12;
0d4a05a1 1697 buf[10] = 0x00;
5391d806 1698 buf[11] = 0x00;
3b46e624 1699
d5b4eb40
AL		 1700 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1701 code checks for this to automount media. */
1702 buf[12] = 0x71;
5391d806
FB		 1703 buf[13] = 3 << 5;
1704 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
caed8802 1705 if (bdrv_is_locked(s->bs))
5391d806
FB		 1706 buf[6] |= 1 << 1;
1707 buf[15] = 0x00;
1708 cpu_to_ube16(&buf[16], 706);
1709 buf[18] = 0;
1710 buf[19] = 2;
1711 cpu_to_ube16(&buf[20], 512);
1712 cpu_to_ube16(&buf[22], 706);
1713 buf[24] = 0;
1714 buf[25] = 0;
1715 buf[26] = 0;
1716 buf[27] = 0;
1717 ide_atapi_cmd_reply(s, 28, max_len);
1718 break;
1719 default:
1720 goto error_cmd;
1721 }
1722 break;
1723 case 1: /* changeable values */
1724 goto error_cmd;
1725 case 2: /* default values */
1726 goto error_cmd;
1727 default:
1728 case 3: /* saved values */
5fafdf24 1729 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
5391d806
FB		 1730 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1731 break;
1732 }
1733 }
1734 break;
1735 case GPCMD_REQUEST_SENSE:
1736 max_len = packet[4];
1737 memset(buf, 0, 18);
1738 buf[0] = 0x70 | (1 << 7);
1739 buf[2] = s->sense_key;
1740 buf[7] = 10;
1741 buf[12] = s->asc;
9118e7f0
AL		 1742 if (s->sense_key == SENSE_UNIT_ATTENTION)
1743 s->sense_key = SENSE_NONE;
5391d806
FB		 1744 ide_atapi_cmd_reply(s, 18, max_len);
1745 break;
1746 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
caed8802
FB		 1747 if (bdrv_is_inserted(s->bs)) {
1748 bdrv_set_locked(s->bs, packet[4] & 1);
5391d806
FB		 1749 ide_atapi_cmd_ok(s);
1750 } else {
5fafdf24 1751 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1752 ASC_MEDIUM_NOT_PRESENT);
1753 }
1754 break;
1755 case GPCMD_READ_10:
1756 case GPCMD_READ_12:
1757 {
1758 int nb_sectors, lba;
1759
5391d806
FB		 1760 if (packet[0] == GPCMD_READ_10)
1761 nb_sectors = ube16_to_cpu(packet + 7);
1762 else
1763 nb_sectors = ube32_to_cpu(packet + 6);
1764 lba = ube32_to_cpu(packet + 2);
1765 if (nb_sectors == 0) {
1766 ide_atapi_cmd_ok(s);
1767 break;
1768 }
98087450
FB		 1769 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1770 }
1771 break;
1772 case GPCMD_READ_CD:
1773 {
1774 int nb_sectors, lba, transfer_request;
1775
98087450
FB		 1776 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1777 lba = ube32_to_cpu(packet + 2);
1778 if (nb_sectors == 0) {
1779 ide_atapi_cmd_ok(s);
1780 break;
1781 }
98087450
FB		 1782 transfer_request = packet[9];
1783 switch(transfer_request & 0xf8) {
1784 case 0x00:
1785 /* nothing */
1786 ide_atapi_cmd_ok(s);
1787 break;
1788 case 0x10:
1789 /* normal read */
1790 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1791 break;
1792 case 0xf8:
1793 /* read all data */
1794 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1795 break;
1796 default:
5fafdf24 1797 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
98087450
FB		 1798 ASC_INV_FIELD_IN_CMD_PACKET);
1799 break;
1800 }
5391d806
FB		 1801 }
1802 break;
1803 case GPCMD_SEEK:
1804 {
96b8f136
TS		 1805 unsigned int lba;
1806 uint64_t total_sectors;
66c6ef76
FB		 1807
1808 bdrv_get_geometry(s->bs, &total_sectors);
1809 total_sectors >>= 2;
96b8f136 1810 if (total_sectors == 0) {
5fafdf24 1811 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1812 ASC_MEDIUM_NOT_PRESENT);
1813 break;
1814 }
1815 lba = ube32_to_cpu(packet + 2);
66c6ef76 1816 if (lba >= total_sectors) {
5fafdf24 1817 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
5391d806
FB		 1818 ASC_LOGICAL_BLOCK_OOR);
1819 break;
1820 }
1821 ide_atapi_cmd_ok(s);
1822 }
1823 break;
1824 case GPCMD_START_STOP_UNIT:
1825 {
aea2a33c 1826 int start, eject, err = 0;
5391d806
FB		 1827 start = packet[4] & 1;
1828 eject = (packet[4] >> 1) & 1;
3b46e624 1829
aea2a33c
MM		 1830 if (eject) {
1831 err = bdrv_eject(s->bs, !start);
1832 }
1833
1834 switch (err) {
1835 case 0:
1836 ide_atapi_cmd_ok(s);
1837 break;
1838 case -EBUSY:
1839 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1840 ASC_MEDIA_REMOVAL_PREVENTED);
1841 break;
1842 default:
1843 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1844 ASC_MEDIUM_NOT_PRESENT);
1845 break;
caed8802 1846 }
5391d806
FB		 1847 }
1848 break;
1849 case GPCMD_MECHANISM_STATUS:
1850 {
1851 max_len = ube16_to_cpu(packet + 8);
1852 cpu_to_ube16(buf, 0);
1853 /* no current LBA */
1854 buf[2] = 0;
1855 buf[3] = 0;
1856 buf[4] = 0;
1857 buf[5] = 1;
1858 cpu_to_ube16(buf + 6, 0);
1859 ide_atapi_cmd_reply(s, 8, max_len);
1860 }
1861 break;
1862 case GPCMD_READ_TOC_PMA_ATIP:
1863 {
1864 int format, msf, start_track, len;
96b8f136 1865 uint64_t total_sectors;
5391d806 1866
66c6ef76
FB		 1867 bdrv_get_geometry(s->bs, &total_sectors);
1868 total_sectors >>= 2;
96b8f136 1869 if (total_sectors == 0) {
5fafdf24 1870 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1871 ASC_MEDIUM_NOT_PRESENT);
1872 break;
1873 }
1874 max_len = ube16_to_cpu(packet + 7);
1875 format = packet[9] >> 6;
1876 msf = (packet[1] >> 1) & 1;
1877 start_track = packet[6];
1878 switch(format) {
1879 case 0:
66c6ef76 1880 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
5391d806
FB		 1881 if (len < 0)
1882 goto error_cmd;
1883 ide_atapi_cmd_reply(s, len, max_len);
1884 break;
1885 case 1:
1886 /* multi session : only a single session defined */
1887 memset(buf, 0, 12);
1888 buf[1] = 0x0a;
1889 buf[2] = 0x01;
1890 buf[3] = 0x01;
1891 ide_atapi_cmd_reply(s, 12, max_len);
1892 break;
98087450 1893 case 2:
66c6ef76 1894 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
98087450
FB		 1895 if (len < 0)
1896 goto error_cmd;
1897 ide_atapi_cmd_reply(s, len, max_len);
1898 break;
5391d806 1899 default:
7f777bf3 1900 error_cmd:
5fafdf24 1901 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
7f777bf3
FB		 1902 ASC_INV_FIELD_IN_CMD_PACKET);
1903 break;
5391d806
FB		 1904 }
1905 }
1906 break;
1907 case GPCMD_READ_CDVD_CAPACITY:
66c6ef76 1908 {
96b8f136 1909 uint64_t total_sectors;
66c6ef76
FB		 1910
1911 bdrv_get_geometry(s->bs, &total_sectors);
1912 total_sectors >>= 2;
96b8f136 1913 if (total_sectors == 0) {
5fafdf24 1914 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 1915 ASC_MEDIUM_NOT_PRESENT);
1916 break;
1917 }
1918 /* NOTE: it is really the number of sectors minus 1 */
1919 cpu_to_ube32(buf, total_sectors - 1);
1920 cpu_to_ube32(buf + 4, 2048);
1921 ide_atapi_cmd_reply(s, 8, 8);
5391d806 1922 }
5391d806 1923 break;
d14049ea
TS		 1924 case GPCMD_READ_DVD_STRUCTURE:
1925 {
1926 int media = packet[1];
8114e9e8
TS		 1927 int format = packet[7];
1928 int ret;
d14049ea 1929
8114e9e8 1930 max_len = ube16_to_cpu(packet + 8);
d14049ea 1931
8114e9e8
TS		 1932 if (format < 0xff) {
1933 if (media_is_cd(s)) {
1934 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1935 ASC_INCOMPATIBLE_FORMAT);
1936 break;
1937 } else if (!media_present(s)) {
1938 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1939 ASC_INV_FIELD_IN_CMD_PACKET);
1940 break;
1941 }
1942 }
d14049ea 1943
8114e9e8
TS		 1944 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1945 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
d14049ea 1946
8114e9e8
TS		 1947 switch (format) {
1948 case 0x00 ... 0x7f:
1949 case 0xff:
1950 if (media == 0) {
1951 ret = ide_dvd_read_structure(s, format, packet, buf);
d14049ea 1952
8114e9e8
TS		 1953 if (ret < 0)
1954 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1955 else
1956 ide_atapi_cmd_reply(s, ret, max_len);
d14049ea 1957
8114e9e8
TS		 1958 break;
1959 }
1960 /* TODO: BD support, fall through for now */
1961
1962 /* Generic disk structures */
1963 case 0x80: /* TODO: AACS volume identifier */
1964 case 0x81: /* TODO: AACS media serial number */
1965 case 0x82: /* TODO: AACS media identifier */
1966 case 0x83: /* TODO: AACS media key block */
1967 case 0x90: /* TODO: List of recognized format layers */
1968 case 0xc0: /* TODO: Write protection status */
d14049ea
TS		 1969 default:
1970 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1971 ASC_INV_FIELD_IN_CMD_PACKET);
1972 break;
1973 }
1974 }
1975 break;
1976 case GPCMD_SET_SPEED:
1977 ide_atapi_cmd_ok(s);
1978 break;
bd0d90b2
FB		 1979 case GPCMD_INQUIRY:
1980 max_len = packet[4];
1981 buf[0] = 0x05; /* CD-ROM */
1982 buf[1] = 0x80; /* removable */
1983 buf[2] = 0x00; /* ISO */
1984 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
aa1f17c1 1985 buf[4] = 31; /* additional length */
bd0d90b2
FB		 1986 buf[5] = 0; /* reserved */
1987 buf[6] = 0; /* reserved */
1988 buf[7] = 0; /* reserved */
1989 padstr8(buf + 8, 8, "QEMU");
38cdea7c 1990 padstr8(buf + 16, 16, "QEMU DVD-ROM");
bd0d90b2
FB		 1991 padstr8(buf + 32, 4, QEMU_VERSION);
1992 ide_atapi_cmd_reply(s, 36, max_len);
1993 break;
d14049ea
TS		 1994 case GPCMD_GET_CONFIGURATION:
1995 {
38cdea7c 1996 uint32_t len;
091d055b 1997 uint8_t index = 0;
d14049ea
TS		 1998
1999 /* only feature 0 is supported */
2000 if (packet[2] != 0 || packet[3] != 0) {
2001 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
2002 ASC_INV_FIELD_IN_CMD_PACKET);
2003 break;
2004 }
38cdea7c
AZ		 2005
2006 /* XXX: could result in alignment problems in some architectures */
2007 max_len = ube16_to_cpu(packet + 7);
091d055b 2008
38cdea7c 2009 /*
091d055b
AZ		 2010 * XXX: avoid overflow for io_buffer if max_len is bigger than
2011 * the size of that buffer (dimensioned to max number of
2012 * sectors to transfer at once)
38cdea7c 2013 *
091d055b 2014 * Only a problem if the feature/profiles grow.
38cdea7c
AZ		 2015 */
2016 if (max_len > 512) /* XXX: assume 1 sector */
2017 max_len = 512;
2018
2019 memset(buf, 0, max_len);
2020 /*
2021 * the number of sectors from the media tells us which profile
2022 * to use as current. 0 means there is no media
38cdea7c 2023 */
8114e9e8
TS		 2024 if (media_is_dvd(s))
2025 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
2026 else if (media_is_cd(s))
2027 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
38cdea7c 2028
091d055b
AZ		 2029 buf[10] = 0x02 | 0x01; /* persistent and current */
2030 len = 12; /* headers: 8 + 4 */
2031 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
2032 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
38cdea7c
AZ		 2033 cpu_to_ube32(buf, len - 4); /* data length */
2034
2035 ide_atapi_cmd_reply(s, len, max_len);
d14049ea
TS		 2036 break;
2037 }
5391d806 2038 default:
5fafdf24 2039 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
7f777bf3 2040 ASC_ILLEGAL_OPCODE);
5391d806
FB		 2041 break;
2042 }
2043}
2044
201a51fc
AZ		 2045static void ide_cfata_metadata_inquiry(IDEState *s)
2046{
2047 uint16_t *p;
2048 uint32_t spd;
2049
2050 p = (uint16_t *) s->io_buffer;
2051 memset(p, 0, 0x200);
2052 spd = ((s->mdata_size - 1) >> 9) + 1;
2053
2054 put_le16(p + 0, 0x0001); /* Data format revision */
2055 put_le16(p + 1, 0x0000); /* Media property: silicon */
2056 put_le16(p + 2, s->media_changed); /* Media status */
2057 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
2058 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
2059 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
2060 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
2061}
2062
2063static void ide_cfata_metadata_read(IDEState *s)
2064{
2065 uint16_t *p;
2066
2067 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
2068 s->status = ERR_STAT;
2069 s->error = ABRT_ERR;
2070 return;
2071 }
2072
2073 p = (uint16_t *) s->io_buffer;
2074 memset(p, 0, 0x200);
2075
2076 put_le16(p + 0, s->media_changed); /* Media status */
2077 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
2078 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
2079 s->nsector << 9), 0x200 - 2));
2080}
2081
2082static void ide_cfata_metadata_write(IDEState *s)
2083{
2084 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
2085 s->status = ERR_STAT;
2086 s->error = ABRT_ERR;
2087 return;
2088 }
2089
2090 s->media_changed = 0;
2091
2092 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
2093 s->io_buffer + 2,
2094 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
2095 s->nsector << 9), 0x200 - 2));
2096}
2097
bd491d6a
TS		 2098/* called when the inserted state of the media has changed */
2099static void cdrom_change_cb(void *opaque)
2100{
2101 IDEState *s = opaque;
96b8f136 2102 uint64_t nb_sectors;
bd491d6a 2103
bd491d6a
TS		 2104 bdrv_get_geometry(s->bs, &nb_sectors);
2105 s->nb_sectors = nb_sectors;
9118e7f0
AL		 2106
2107 s->sense_key = SENSE_UNIT_ATTENTION;
2108 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
2109
2110 ide_set_irq(s);
bd491d6a
TS		 2111}
2112
c2ff060f
FB		 2113static void ide_cmd_lba48_transform(IDEState *s, int lba48)
2114{
2115 s->lba48 = lba48;
2116
2117 /* handle the 'magic' 0 nsector count conversion here. to avoid
2118 * fiddling with the rest of the read logic, we just store the
2119 * full sector count in ->nsector and ignore ->hob_nsector from now
2120 */
2121 if (!s->lba48) {
2122 if (!s->nsector)
2123 s->nsector = 256;
2124 } else {
2125 if (!s->nsector && !s->hob_nsector)
2126 s->nsector = 65536;
2127 else {
2128 int lo = s->nsector;
2129 int hi = s->hob_nsector;
2130
2131 s->nsector = (hi << 8) | lo;
2132 }
2133 }
2134}
2135
2136static void ide_clear_hob(IDEState *ide_if)
2137{
2138 /* any write clears HOB high bit of device control register */
2139 ide_if[0].select &= ~(1 << 7);
2140 ide_if[1].select &= ~(1 << 7);
2141}
2142
caed8802
FB		 2143static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
2144{
2145 IDEState *ide_if = opaque;
c45c3d00 2146 IDEState *s;
5391d806 2147 int unit, n;
c2ff060f 2148 int lba48 = 0;
5391d806
FB		 2149
2150#ifdef DEBUG_IDE
2151 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
2152#endif
c2ff060f 2153
5391d806 2154 addr &= 7;
fcdd25ab
AL		 2155
2156 /* ignore writes to command block while busy with previous command */
2157 if (addr != 7 && (ide_if->cur_drive->status & (BUSY_STAT|DRQ_STAT)))
2158 return;
2159
5391d806
FB		 2160 switch(addr) {
2161 case 0:
2162 break;
2163 case 1:
c2ff060f 2164 ide_clear_hob(ide_if);
c45c3d00 2165 /* NOTE: data is written to the two drives */
c2ff060f
FB		 2166 ide_if[0].hob_feature = ide_if[0].feature;
2167 ide_if[1].hob_feature = ide_if[1].feature;
c45c3d00
FB		 2168 ide_if[0].feature = val;
2169 ide_if[1].feature = val;
5391d806
FB		 2170 break;
2171 case 2:
c2ff060f
FB		 2172 ide_clear_hob(ide_if);
2173 ide_if[0].hob_nsector = ide_if[0].nsector;
2174 ide_if[1].hob_nsector = ide_if[1].nsector;
c45c3d00
FB		 2175 ide_if[0].nsector = val;
2176 ide_if[1].nsector = val;
5391d806
FB		 2177 break;
2178 case 3:
c2ff060f
FB		 2179 ide_clear_hob(ide_if);
2180 ide_if[0].hob_sector = ide_if[0].sector;
2181 ide_if[1].hob_sector = ide_if[1].sector;
c45c3d00
FB		 2182 ide_if[0].sector = val;
2183 ide_if[1].sector = val;
5391d806
FB		 2184 break;
2185 case 4:
c2ff060f
FB		 2186 ide_clear_hob(ide_if);
2187 ide_if[0].hob_lcyl = ide_if[0].lcyl;
2188 ide_if[1].hob_lcyl = ide_if[1].lcyl;
c45c3d00
FB		 2189 ide_if[0].lcyl = val;
2190 ide_if[1].lcyl = val;
5391d806
FB		 2191 break;
2192 case 5:
c2ff060f
FB		 2193 ide_clear_hob(ide_if);
2194 ide_if[0].hob_hcyl = ide_if[0].hcyl;
2195 ide_if[1].hob_hcyl = ide_if[1].hcyl;
c45c3d00
FB		 2196 ide_if[0].hcyl = val;
2197 ide_if[1].hcyl = val;
5391d806
FB		 2198 break;
2199 case 6:
c2ff060f 2200 /* FIXME: HOB readback uses bit 7 */
7ae98627
FB		 2201 ide_if[0].select = (val & ~0x10) | 0xa0;
2202 ide_if[1].select = (val | 0x10) | 0xa0;
5391d806
FB		 2203 /* select drive */
2204 unit = (val >> 4) & 1;
2205 s = ide_if + unit;
2206 ide_if->cur_drive = s;
5391d806
FB		 2207 break;
2208 default:
2209 case 7:
2210 /* command */
2211#if defined(DEBUG_IDE)
2212 printf("ide: CMD=%02x\n", val);
2213#endif
c45c3d00 2214 s = ide_if->cur_drive;
66201e2d 2215 /* ignore commands to non existant slave */
5fafdf24 2216 if (s != ide_if && !s->bs)
66201e2d 2217 break;
c2ff060f 2218
fcdd25ab
AL		 2219 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
2220 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
2221 break;
2222
5391d806
FB		 2223 switch(val) {
2224 case WIN_IDENTIFY:
2225 if (s->bs && !s->is_cdrom) {
201a51fc
AZ		 2226 if (!s->is_cf)
2227 ide_identify(s);
2228 else
2229 ide_cfata_identify(s);
2a282056 2230 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2231 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2232 } else {
2233 if (s->is_cdrom) {
2234 ide_set_signature(s);
2235 }
2236 ide_abort_command(s);
2237 }
2238 ide_set_irq(s);
2239 break;
2240 case WIN_SPECIFY:
2241 case WIN_RECAL:
a136e5a8 2242 s->error = 0;
769bec72 2243 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2244 ide_set_irq(s);
2245 break;
2246 case WIN_SETMULT:
201a51fc
AZ		 2247 if (s->is_cf && s->nsector == 0) {
2248 /* Disable Read and Write Multiple */
2249 s->mult_sectors = 0;
41a2b959 2250 s->status = READY_STAT | SEEK_STAT;
201a51fc 2251 } else if ((s->nsector & 0xff) != 0 &&
39dfc926
TS		 2252 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
2253 (s->nsector & (s->nsector - 1)) != 0)) {
5391d806
FB		 2254 ide_abort_command(s);
2255 } else {
292eef5a 2256 s->mult_sectors = s->nsector & 0xff;
41a2b959 2257 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2258 }
2259 ide_set_irq(s);
2260 break;
c2ff060f
FB		 2261 case WIN_VERIFY_EXT:
2262 lba48 = 1;
4ce900b4
FB		 2263 case WIN_VERIFY:
2264 case WIN_VERIFY_ONCE:
2265 /* do sector number check ? */
c2ff060f 2266 ide_cmd_lba48_transform(s, lba48);
41a2b959 2267 s->status = READY_STAT | SEEK_STAT;
4ce900b4
FB		 2268 ide_set_irq(s);
2269 break;
c2ff060f
FB		 2270 case WIN_READ_EXT:
2271 lba48 = 1;
5391d806
FB		 2272 case WIN_READ:
2273 case WIN_READ_ONCE:
5fafdf24 2274 if (!s->bs)
6b136f9e 2275 goto abort_cmd;
c2ff060f 2276 ide_cmd_lba48_transform(s, lba48);
5391d806
FB		 2277 s->req_nb_sectors = 1;
2278 ide_sector_read(s);
2279 break;
c2ff060f
FB		 2280 case WIN_WRITE_EXT:
2281 lba48 = 1;
5391d806
FB		 2282 case WIN_WRITE:
2283 case WIN_WRITE_ONCE:
201a51fc
AZ		 2284 case CFA_WRITE_SECT_WO_ERASE:
2285 case WIN_WRITE_VERIFY:
c2ff060f 2286 ide_cmd_lba48_transform(s, lba48);
a136e5a8 2287 s->error = 0;
f66723fa 2288 s->status = SEEK_STAT | READY_STAT;
5391d806
FB		 2289 s->req_nb_sectors = 1;
2290 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
201a51fc 2291 s->media_changed = 1;
5391d806 2292 break;
c2ff060f
FB		 2293 case WIN_MULTREAD_EXT:
2294 lba48 = 1;
5391d806
FB		 2295 case WIN_MULTREAD:
2296 if (!s->mult_sectors)
2297 goto abort_cmd;
c2ff060f 2298 ide_cmd_lba48_transform(s, lba48);
5391d806
FB		 2299 s->req_nb_sectors = s->mult_sectors;
2300 ide_sector_read(s);
2301 break;
c2ff060f
FB		 2302 case WIN_MULTWRITE_EXT:
2303 lba48 = 1;
5391d806 2304 case WIN_MULTWRITE:
201a51fc 2305 case CFA_WRITE_MULTI_WO_ERASE:
5391d806
FB		 2306 if (!s->mult_sectors)
2307 goto abort_cmd;
c2ff060f 2308 ide_cmd_lba48_transform(s, lba48);
a136e5a8 2309 s->error = 0;
f66723fa 2310 s->status = SEEK_STAT | READY_STAT;
5391d806
FB		 2311 s->req_nb_sectors = s->mult_sectors;
2312 n = s->nsector;
2313 if (n > s->req_nb_sectors)
2314 n = s->req_nb_sectors;
2315 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
201a51fc 2316 s->media_changed = 1;
5391d806 2317 break;
c2ff060f
FB		 2318 case WIN_READDMA_EXT:
2319 lba48 = 1;
98087450
FB		 2320 case WIN_READDMA:
2321 case WIN_READDMA_ONCE:
5fafdf24 2322 if (!s->bs)
98087450 2323 goto abort_cmd;
c2ff060f 2324 ide_cmd_lba48_transform(s, lba48);
98087450
FB		 2325 ide_sector_read_dma(s);
2326 break;
c2ff060f
FB		 2327 case WIN_WRITEDMA_EXT:
2328 lba48 = 1;
98087450
FB		 2329 case WIN_WRITEDMA:
2330 case WIN_WRITEDMA_ONCE:
5fafdf24 2331 if (!s->bs)
98087450 2332 goto abort_cmd;
c2ff060f 2333 ide_cmd_lba48_transform(s, lba48);
98087450 2334 ide_sector_write_dma(s);
201a51fc 2335 s->media_changed = 1;
98087450 2336 break;
c2ff060f
FB		 2337 case WIN_READ_NATIVE_MAX_EXT:
2338 lba48 = 1;
5391d806 2339 case WIN_READ_NATIVE_MAX:
c2ff060f 2340 ide_cmd_lba48_transform(s, lba48);
5391d806 2341 ide_set_sector(s, s->nb_sectors - 1);
41a2b959 2342 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2343 ide_set_irq(s);
2344 break;
a136e5a8 2345 case WIN_CHECKPOWERMODE1:
201a51fc 2346 case WIN_CHECKPOWERMODE2:
a136e5a8 2347 s->nsector = 0xff; /* device active or idle */
41a2b959 2348 s->status = READY_STAT | SEEK_STAT;
a136e5a8
FB		 2349 ide_set_irq(s);
2350 break;
34e538ae
FB		 2351 case WIN_SETFEATURES:
2352 if (!s->bs)
2353 goto abort_cmd;
2354 /* XXX: valid for CDROM ? */
2355 switch(s->feature) {
e1f63470
TS		 2356 case 0xcc: /* reverting to power-on defaults enable */
2357 case 0x66: /* reverting to power-on defaults disable */
34e538ae
FB		 2358 case 0x02: /* write cache enable */
2359 case 0x82: /* write cache disable */
2360 case 0xaa: /* read look-ahead enable */
2361 case 0x55: /* read look-ahead disable */
201a51fc
AZ		 2362 case 0x05: /* set advanced power management mode */
2363 case 0x85: /* disable advanced power management mode */
2364 case 0x69: /* NOP */
2365 case 0x67: /* NOP */
2366 case 0x96: /* NOP */
2367 case 0x9a: /* NOP */
c3e88d8c
TS		 2368 case 0x42: /* enable Automatic Acoustic Mode */
2369 case 0xc2: /* disable Automatic Acoustic Mode */
e0fe67aa 2370 s->status = READY_STAT | SEEK_STAT;
34e538ae
FB		 2371 ide_set_irq(s);
2372 break;
94458802
FB		 2373 case 0x03: { /* set transfer mode */
2374 uint8_t val = s->nsector & 0x07;
2375
2376 switch (s->nsector >> 3) {
2377 case 0x00: /* pio default */
2378 case 0x01: /* pio mode */
d1b5c20d
TS		 2379 put_le16(s->identify_data + 62,0x07);
2380 put_le16(s->identify_data + 63,0x07);
2381 put_le16(s->identify_data + 88,0x3f);
2382 break;
2383 case 0x02: /* sigle word dma mode*/
2384 put_le16(s->identify_data + 62,0x07 | (1 << (val + 8)));
94458802
FB		 2385 put_le16(s->identify_data + 63,0x07);
2386 put_le16(s->identify_data + 88,0x3f);
2387 break;
2388 case 0x04: /* mdma mode */
d1b5c20d 2389 put_le16(s->identify_data + 62,0x07);
94458802
FB		 2390 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
2391 put_le16(s->identify_data + 88,0x3f);
2392 break;
2393 case 0x08: /* udma mode */
d1b5c20d 2394 put_le16(s->identify_data + 62,0x07);
94458802
FB		 2395 put_le16(s->identify_data + 63,0x07);
2396 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
2397 break;
2398 default:
2399 goto abort_cmd;
2400 }
2401 s->status = READY_STAT | SEEK_STAT;
2402 ide_set_irq(s);
2403 break;
2404 }
34e538ae
FB		 2405 default:
2406 goto abort_cmd;
2407 }
2408 break;
c2ff060f
FB		 2409 case WIN_FLUSH_CACHE:
2410 case WIN_FLUSH_CACHE_EXT:
7a6cba61
PB		 2411 if (s->bs)
2412 bdrv_flush(s->bs);
41a2b959 2413 s->status = READY_STAT | SEEK_STAT;
7a6cba61
PB		 2414 ide_set_irq(s);
2415 break;
c3e88d8c
TS		 2416 case WIN_STANDBY:
2417 case WIN_STANDBY2:
2418 case WIN_STANDBYNOW1:
201a51fc 2419 case WIN_STANDBYNOW2:
c451ee71 2420 case WIN_IDLEIMMEDIATE:
201a51fc
AZ		 2421 case CFA_IDLEIMMEDIATE:
2422 case WIN_SETIDLE1:
2423 case WIN_SETIDLE2:
c3e88d8c
TS		 2424 case WIN_SLEEPNOW1:
2425 case WIN_SLEEPNOW2:
2426 s->status = READY_STAT;
a7dfe172
FB		 2427 ide_set_irq(s);
2428 break;
4fbfcd6d
AJ		 2429 case WIN_SEEK:
2430 if(s->is_cdrom)
2431 goto abort_cmd;
2432 /* XXX: Check that seek is within bounds */
2433 s->status = READY_STAT | SEEK_STAT;
2434 ide_set_irq(s);
2435 break;
5391d806
FB		 2436 /* ATAPI commands */
2437 case WIN_PIDENTIFY:
2438 if (s->is_cdrom) {
2439 ide_atapi_identify(s);
1298fe63 2440 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2441 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2442 } else {
2443 ide_abort_command(s);
2444 }
2445 ide_set_irq(s);
2446 break;
c451ee71
FB		 2447 case WIN_DIAGNOSE:
2448 ide_set_signature(s);
33256a25
AL		 2449 if (s->is_cdrom)
2450 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2451 * devices to return a clear status register
2452 * with READY_STAT *not* set. */
2453 else
2454 s->status = READY_STAT | SEEK_STAT;
2455 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2456 * present.
2457 */
f5fdd0a8 2458 ide_set_irq(s);
c451ee71 2459 break;
5391d806
FB		 2460 case WIN_SRST:
2461 if (!s->is_cdrom)
2462 goto abort_cmd;
2463 ide_set_signature(s);
6b136f9e 2464 s->status = 0x00; /* NOTE: READY is _not_ set */
5391d806
FB		 2465 s->error = 0x01;
2466 break;
2467 case WIN_PACKETCMD:
2468 if (!s->is_cdrom)
2469 goto abort_cmd;
98087450
FB		 2470 /* overlapping commands not supported */
2471 if (s->feature & 0x02)
5391d806 2472 goto abort_cmd;
41a2b959 2473 s->status = READY_STAT | SEEK_STAT;
98087450 2474 s->atapi_dma = s->feature & 1;
5391d806 2475 s->nsector = 1;
5fafdf24 2476 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
5391d806
FB		 2477 ide_atapi_cmd);
2478 break;
201a51fc
AZ		 2479 /* CF-ATA commands */
2480 case CFA_REQ_EXT_ERROR_CODE:
2481 if (!s->is_cf)
2482 goto abort_cmd;
2483 s->error = 0x09; /* miscellaneous error */
41a2b959 2484 s->status = READY_STAT | SEEK_STAT;
201a51fc
AZ		 2485 ide_set_irq(s);
2486 break;
2487 case CFA_ERASE_SECTORS:
2488 case CFA_WEAR_LEVEL:
2489 if (!s->is_cf)
2490 goto abort_cmd;
2491 if (val == CFA_WEAR_LEVEL)
2492 s->nsector = 0;
2493 if (val == CFA_ERASE_SECTORS)
2494 s->media_changed = 1;
2495 s->error = 0x00;
41a2b959 2496 s->status = READY_STAT | SEEK_STAT;
201a51fc
AZ		 2497 ide_set_irq(s);
2498 break;
2499 case CFA_TRANSLATE_SECTOR:
2500 if (!s->is_cf)
2501 goto abort_cmd;
2502 s->error = 0x00;
41a2b959 2503 s->status = READY_STAT | SEEK_STAT;
201a51fc
AZ		 2504 memset(s->io_buffer, 0, 0x200);
2505 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2506 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2507 s->io_buffer[0x02] = s->select; /* Head */
2508 s->io_buffer[0x03] = s->sector; /* Sector */
2509 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2510 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2511 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2512 s->io_buffer[0x13] = 0x00; /* Erase flag */
2513 s->io_buffer[0x18] = 0x00; /* Hot count */
2514 s->io_buffer[0x19] = 0x00; /* Hot count */
2515 s->io_buffer[0x1a] = 0x01; /* Hot count */
2516 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2517 ide_set_irq(s);
2518 break;
2519 case CFA_ACCESS_METADATA_STORAGE:
2520 if (!s->is_cf)
2521 goto abort_cmd;
2522 switch (s->feature) {
2523 case 0x02: /* Inquiry Metadata Storage */
2524 ide_cfata_metadata_inquiry(s);
2525 break;
2526 case 0x03: /* Read Metadata Storage */
2527 ide_cfata_metadata_read(s);
2528 break;
2529 case 0x04: /* Write Metadata Storage */
2530 ide_cfata_metadata_write(s);
2531 break;
2532 default:
2533 goto abort_cmd;
2534 }
2535 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2536 s->status = 0x00; /* NOTE: READY is _not_ set */
2537 ide_set_irq(s);
2538 break;
2539 case IBM_SENSE_CONDITION:
2540 if (!s->is_cf)
2541 goto abort_cmd;
2542 switch (s->feature) {
2543 case 0x01: /* sense temperature in device */
2544 s->nsector = 0x50; /* +20 C */
2545 break;
2546 default:
2547 goto abort_cmd;
2548 }
41a2b959 2549 s->status = READY_STAT | SEEK_STAT;
201a51fc
AZ		 2550 ide_set_irq(s);
2551 break;
5391d806
FB		 2552 default:
2553 abort_cmd:
2554 ide_abort_command(s);
2555 ide_set_irq(s);
2556 break;
2557 }
2558 }
2559}
2560
caed8802 2561static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
5391d806 2562{
7ae98627
FB		 2563 IDEState *ide_if = opaque;
2564 IDEState *s = ide_if->cur_drive;
5391d806 2565 uint32_t addr;
c2ff060f 2566 int ret, hob;
5391d806
FB		 2567
2568 addr = addr1 & 7;
c2ff060f
FB		 2569 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2570 //hob = s->select & (1 << 7);
2571 hob = 0;
5391d806
FB		 2572 switch(addr) {
2573 case 0:
2574 ret = 0xff;
2575 break;
2576 case 1:
c45ca54f
AL		 2577 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2578 (s != ide_if && !s->bs))
c45c3d00 2579 ret = 0;
c2ff060f 2580 else if (!hob)
c45c3d00 2581 ret = s->error;
c2ff060f
FB		 2582 else
2583 ret = s->hob_feature;
5391d806
FB		 2584 break;
2585 case 2:
7ae98627 2586 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2587 ret = 0;
c2ff060f 2588 else if (!hob)
c45c3d00 2589 ret = s->nsector & 0xff;
c2ff060f
FB		 2590 else
2591 ret = s->hob_nsector;
5391d806
FB		 2592 break;
2593 case 3:
7ae98627 2594 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2595 ret = 0;
c2ff060f 2596 else if (!hob)
c45c3d00 2597 ret = s->sector;
c2ff060f
FB		 2598 else
2599 ret = s->hob_sector;
5391d806
FB		 2600 break;
2601 case 4:
7ae98627 2602 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2603 ret = 0;
c2ff060f 2604 else if (!hob)
c45c3d00 2605 ret = s->lcyl;
c2ff060f
FB		 2606 else
2607 ret = s->hob_lcyl;
5391d806
FB		 2608 break;
2609 case 5:
7ae98627 2610 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2611 ret = 0;
c2ff060f 2612 else if (!hob)
c45c3d00 2613 ret = s->hcyl;
c2ff060f
FB		 2614 else
2615 ret = s->hob_hcyl;
5391d806
FB		 2616 break;
2617 case 6:
7ae98627 2618 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 2619 ret = 0;
2620 else
7ae98627 2621 ret = s->select;
5391d806
FB		 2622 break;
2623 default:
2624 case 7:
66201e2d
FB		 2625 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2626 (s != ide_if && !s->bs))
c45c3d00
FB		 2627 ret = 0;
2628 else
2629 ret = s->status;
d537cf6c 2630 qemu_irq_lower(s->irq);
5391d806
FB		 2631 break;
2632 }
2633#ifdef DEBUG_IDE
2634 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2635#endif
2636 return ret;
2637}
2638
caed8802 2639static uint32_t ide_status_read(void *opaque, uint32_t addr)
5391d806 2640{
7ae98627
FB		 2641 IDEState *ide_if = opaque;
2642 IDEState *s = ide_if->cur_drive;
5391d806 2643 int ret;
7ae98627 2644
66201e2d
FB		 2645 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2646 (s != ide_if && !s->bs))
7ae98627
FB		 2647 ret = 0;
2648 else
2649 ret = s->status;
5391d806
FB		 2650#ifdef DEBUG_IDE
2651 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2652#endif
2653 return ret;
2654}
2655
caed8802 2656static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
5391d806 2657{
caed8802 2658 IDEState *ide_if = opaque;
5391d806
FB		 2659 IDEState *s;
2660 int i;
2661
2662#ifdef DEBUG_IDE
2663 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2664#endif
2665 /* common for both drives */
2666 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2667 (val & IDE_CMD_RESET)) {
2668 /* reset low to high */
2669 for(i = 0;i < 2; i++) {
2670 s = &ide_if[i];
2671 s->status = BUSY_STAT | SEEK_STAT;
2672 s->error = 0x01;
2673 }
2674 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2675 !(val & IDE_CMD_RESET)) {
2676 /* high to low */
2677 for(i = 0;i < 2; i++) {
2678 s = &ide_if[i];
6b136f9e
FB		 2679 if (s->is_cdrom)
2680 s->status = 0x00; /* NOTE: READY is _not_ set */
2681 else
56bf1d37 2682 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2683 ide_set_signature(s);
2684 }
2685 }
2686
2687 ide_if[0].cmd = val;
2688 ide_if[1].cmd = val;
2689}
2690
caed8802 2691static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
5391d806 2692{
caed8802 2693 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2694 uint8_t *p;
2695
fcdd25ab
AL		 2696 /* PIO data access allowed only when DRQ bit is set */
2697 if (!(s->status & DRQ_STAT))
2698 return;
2699
5391d806 2700 p = s->data_ptr;
0c4ad8dc 2701 *(uint16_t *)p = le16_to_cpu(val);
5391d806
FB		 2702 p += 2;
2703 s->data_ptr = p;
2704 if (p >= s->data_end)
2705 s->end_transfer_func(s);
2706}
2707
caed8802 2708static uint32_t ide_data_readw(void *opaque, uint32_t addr)
5391d806 2709{
caed8802 2710 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2711 uint8_t *p;
2712 int ret;
fcdd25ab
AL		 2713
2714 /* PIO data access allowed only when DRQ bit is set */
2715 if (!(s->status & DRQ_STAT))
2716 return 0;
2717
5391d806 2718 p = s->data_ptr;
0c4ad8dc 2719 ret = cpu_to_le16(*(uint16_t *)p);
5391d806
FB		 2720 p += 2;
2721 s->data_ptr = p;
2722 if (p >= s->data_end)
2723 s->end_transfer_func(s);
2724 return ret;
2725}
2726
caed8802 2727static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
5391d806 2728{
caed8802 2729 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2730 uint8_t *p;
2731
fcdd25ab
AL		 2732 /* PIO data access allowed only when DRQ bit is set */
2733 if (!(s->status & DRQ_STAT))
2734 return;
2735
5391d806 2736 p = s->data_ptr;
0c4ad8dc 2737 *(uint32_t *)p = le32_to_cpu(val);
5391d806
FB		 2738 p += 4;
2739 s->data_ptr = p;
2740 if (p >= s->data_end)
2741 s->end_transfer_func(s);
2742}
2743
caed8802 2744static uint32_t ide_data_readl(void *opaque, uint32_t addr)
5391d806 2745{
caed8802 2746 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2747 uint8_t *p;
2748 int ret;
3b46e624 2749
fcdd25ab
AL		 2750 /* PIO data access allowed only when DRQ bit is set */
2751 if (!(s->status & DRQ_STAT))
2752 return 0;
2753
5391d806 2754 p = s->data_ptr;
0c4ad8dc 2755 ret = cpu_to_le32(*(uint32_t *)p);
5391d806
FB		 2756 p += 4;
2757 s->data_ptr = p;
2758 if (p >= s->data_end)
2759 s->end_transfer_func(s);
2760 return ret;
2761}
2762
a7dfe172
FB		 2763static void ide_dummy_transfer_stop(IDEState *s)
2764{
2765 s->data_ptr = s->io_buffer;
2766 s->data_end = s->io_buffer;
2767 s->io_buffer[0] = 0xff;
2768 s->io_buffer[1] = 0xff;
2769 s->io_buffer[2] = 0xff;
2770 s->io_buffer[3] = 0xff;
2771}
2772
5391d806
FB		 2773static void ide_reset(IDEState *s)
2774{
201a51fc
AZ		 2775 if (s->is_cf)
2776 s->mult_sectors = 0;
2777 else
2778 s->mult_sectors = MAX_MULT_SECTORS;
5391d806
FB		 2779 s->cur_drive = s;
2780 s->select = 0xa0;
41a2b959 2781 s->status = READY_STAT | SEEK_STAT;
5391d806 2782 ide_set_signature(s);
a7dfe172
FB		 2783 /* init the transfer handler so that 0xffff is returned on data
2784 accesses */
2785 s->end_transfer_func = ide_dummy_transfer_stop;
2786 ide_dummy_transfer_stop(s);
201a51fc 2787 s->media_changed = 0;
5391d806
FB		 2788}
2789
5457c8ce
FB		 2790static void ide_init2(IDEState *ide_state,
2791 BlockDriverState *hd0, BlockDriverState *hd1,
d537cf6c 2792 qemu_irq irq)
5391d806 2793{
69b91039 2794 IDEState *s;
aedf5382 2795 static int drive_serial = 1;
f3d54fc4 2796 int i, cylinders, heads, secs;
96b8f136 2797 uint64_t nb_sectors;
5391d806 2798
caed8802
FB		 2799 for(i = 0; i < 2; i++) {
2800 s = ide_state + i;
2801 if (i == 0)
2802 s->bs = hd0;
2803 else
2804 s->bs = hd1;
e268ca52 2805 s->io_buffer = qemu_blockalign(s->bs, IDE_DMA_BUF_SECTORS*512 + 4);
5391d806
FB		 2806 if (s->bs) {
2807 bdrv_get_geometry(s->bs, &nb_sectors);
f3d54fc4
AL		 2808 bdrv_guess_geometry(s->bs, &cylinders, &heads, &secs);
2809 s->cylinders = cylinders;
2810 s->heads = heads;
2811 s->sectors = secs;
5391d806 2812 s->nb_sectors = nb_sectors;
f3d54fc4 2813
caed8802
FB		 2814 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2815 s->is_cdrom = 1;
bd491d6a 2816 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
5391d806
FB		 2817 }
2818 }
aedf5382 2819 s->drive_serial = drive_serial++;
fa879c64
AL		 2820 strncpy(s->drive_serial_str, drive_get_serial(s->bs),
2821 sizeof(s->drive_serial_str));
2822 if (strlen(s->drive_serial_str) == 0)
2823 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2824 "QM%05d", s->drive_serial);
caed8802 2825 s->irq = irq;
5fafdf24 2826 s->sector_write_timer = qemu_new_timer(vm_clock,
a09db21f 2827 ide_sector_write_timer_cb, s);
5391d806
FB		 2828 ide_reset(s);
2829 }
69b91039
FB		 2830}
2831
34e538ae 2832static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
69b91039 2833{
caed8802
FB		 2834 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2835 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2836 if (iobase2) {
2837 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2838 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
5391d806 2839 }
3b46e624 2840
caed8802
FB		 2841 /* data ports */
2842 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2843 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2844 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2845 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
5391d806 2846}
69b91039 2847
aa941b94
AZ		 2848/* save per IDE drive data */
2849static void ide_save(QEMUFile* f, IDEState *s)
2850{
bee8d684
TS		 2851 qemu_put_be32(f, s->mult_sectors);
2852 qemu_put_be32(f, s->identify_set);
aa941b94
AZ		 2853 if (s->identify_set) {
2854 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2855 }
2856 qemu_put_8s(f, &s->feature);
2857 qemu_put_8s(f, &s->error);
2858 qemu_put_be32s(f, &s->nsector);
2859 qemu_put_8s(f, &s->sector);
2860 qemu_put_8s(f, &s->lcyl);
2861 qemu_put_8s(f, &s->hcyl);
2862 qemu_put_8s(f, &s->hob_feature);
2863 qemu_put_8s(f, &s->hob_nsector);
2864 qemu_put_8s(f, &s->hob_sector);
2865 qemu_put_8s(f, &s->hob_lcyl);
2866 qemu_put_8s(f, &s->hob_hcyl);
2867 qemu_put_8s(f, &s->select);
2868 qemu_put_8s(f, &s->status);
2869 qemu_put_8s(f, &s->lba48);
2870
2871 qemu_put_8s(f, &s->sense_key);
2872 qemu_put_8s(f, &s->asc);
2873 /* XXX: if a transfer is pending, we do not save it yet */
2874}
2875
2876/* load per IDE drive data */
2877static void ide_load(QEMUFile* f, IDEState *s)
2878{
bee8d684
TS		 2879 s->mult_sectors=qemu_get_be32(f);
2880 s->identify_set=qemu_get_be32(f);
aa941b94
AZ		 2881 if (s->identify_set) {
2882 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2883 }
2884 qemu_get_8s(f, &s->feature);
2885 qemu_get_8s(f, &s->error);
2886 qemu_get_be32s(f, &s->nsector);
2887 qemu_get_8s(f, &s->sector);
2888 qemu_get_8s(f, &s->lcyl);
2889 qemu_get_8s(f, &s->hcyl);
2890 qemu_get_8s(f, &s->hob_feature);
2891 qemu_get_8s(f, &s->hob_nsector);
2892 qemu_get_8s(f, &s->hob_sector);
2893 qemu_get_8s(f, &s->hob_lcyl);
2894 qemu_get_8s(f, &s->hob_hcyl);
2895 qemu_get_8s(f, &s->select);
2896 qemu_get_8s(f, &s->status);
2897 qemu_get_8s(f, &s->lba48);
2898
2899 qemu_get_8s(f, &s->sense_key);
2900 qemu_get_8s(f, &s->asc);
2901 /* XXX: if a transfer is pending, we do not save it yet */
2902}
2903
34e538ae
FB		 2904/***********************************************************/
2905/* ISA IDE definitions */
2906
d537cf6c 2907void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
34e538ae
FB		 2908 BlockDriverState *hd0, BlockDriverState *hd1)
2909{
2910 IDEState *ide_state;
2911
2912 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
3b46e624 2913
d537cf6c 2914 ide_init2(ide_state, hd0, hd1, irq);
34e538ae
FB		 2915 ide_init_ioport(ide_state, iobase, iobase2);
2916}
2917
69b91039
FB		 2918/***********************************************************/
2919/* PCI IDE definitions */
2920
5457c8ce
FB		 2921static void cmd646_update_irq(PCIIDEState *d);
2922
5fafdf24 2923static void ide_map(PCIDevice *pci_dev, int region_num,
69b91039
FB		 2924 uint32_t addr, uint32_t size, int type)
2925{
2926 PCIIDEState *d = (PCIIDEState *)pci_dev;
2927 IDEState *ide_state;
2928
2929 if (region_num <= 3) {
2930 ide_state = &d->ide_if[(region_num >> 1) * 2];
2931 if (region_num & 1) {
2932 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2933 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2934 } else {
2935 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2936 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2937
2938 /* data ports */
2939 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2940 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2941 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2942 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2943 }
2944 }
2945}
2946
8ccad811 2947static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
98087450
FB		 2948{
2949 BMDMAState *bm = s->bmdma;
2950 if(!bm)
2951 return;
2952 bm->ide_if = s;
2953 bm->dma_cb = dma_cb;
8ccad811
FB		 2954 bm->cur_prd_last = 0;
2955 bm->cur_prd_addr = 0;
2956 bm->cur_prd_len = 0;
428c5705
AL		 2957 bm->sector_num = ide_get_sector(s);
2958 bm->nsector = s->nsector;
98087450 2959 if (bm->status & BM_STATUS_DMAING) {
8ccad811 2960 bm->dma_cb(bm, 0);
98087450
FB		 2961 }
2962}
2963
428c5705
AL		 2964static void ide_dma_restart(IDEState *s)
2965{
2966 BMDMAState *bm = s->bmdma;
2967 ide_set_sector(s, bm->sector_num);
2968 s->io_buffer_index = 0;
2969 s->io_buffer_size = 0;
2970 s->nsector = bm->nsector;
2971 bm->cur_addr = bm->addr;
2972 bm->dma_cb = ide_write_dma_cb;
2973 ide_dma_start(s, bm->dma_cb);
2974}
2975
72c7b06c
AL		 2976static void ide_dma_cancel(BMDMAState *bm)
2977{
2978 if (bm->status & BM_STATUS_DMAING) {
2979 bm->status &= ~BM_STATUS_DMAING;
2980 /* cancel DMA request */
2981 bm->ide_if = NULL;
2982 bm->dma_cb = NULL;
2983 if (bm->aiocb) {
2984#ifdef DEBUG_AIO
2985 printf("aio_cancel\n");
2986#endif
2987 bdrv_aio_cancel(bm->aiocb);
2988 bm->aiocb = NULL;
2989 }
2990 }
2991}
2992
98087450
FB		 2993static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2994{
2995 BMDMAState *bm = opaque;
2996#ifdef DEBUG_IDE
2997 printf("%s: 0x%08x\n", __func__, val);
2998#endif
2999 if (!(val & BM_CMD_START)) {
3000 /* XXX: do it better */
72c7b06c 3001 ide_dma_cancel(bm);
98087450
FB		 3002 bm->cmd = val & 0x09;
3003 } else {
8ccad811
FB		 3004 if (!(bm->status & BM_STATUS_DMAING)) {
3005 bm->status |= BM_STATUS_DMAING;
3006 /* start dma transfer if possible */
3007 if (bm->dma_cb)
3008 bm->dma_cb(bm, 0);
3009 }
98087450 3010 bm->cmd = val & 0x09;
98087450
FB		 3011 }
3012}
3013
5457c8ce 3014static uint32_t bmdma_readb(void *opaque, uint32_t addr)
98087450
FB		 3015{
3016 BMDMAState *bm = opaque;
5457c8ce 3017 PCIIDEState *pci_dev;
98087450 3018 uint32_t val;
3b46e624 3019
5457c8ce 3020 switch(addr & 3) {
5fafdf24 3021 case 0:
5457c8ce
FB		 3022 val = bm->cmd;
3023 break;
3024 case 1:
3025 pci_dev = bm->pci_dev;
3026 if (pci_dev->type == IDE_TYPE_CMD646) {
3027 val = pci_dev->dev.config[MRDMODE];
3028 } else {
3029 val = 0xff;
3030 }
3031 break;
3032 case 2:
3033 val = bm->status;
3034 break;
3035 case 3:
3036 pci_dev = bm->pci_dev;
3037 if (pci_dev->type == IDE_TYPE_CMD646) {
3038 if (bm == &pci_dev->bmdma[0])
3039 val = pci_dev->dev.config[UDIDETCR0];
3040 else
3041 val = pci_dev->dev.config[UDIDETCR1];
3042 } else {
3043 val = 0xff;
3044 }
3045 break;
3046 default:
3047 val = 0xff;
3048 break;
3049 }
98087450 3050#ifdef DEBUG_IDE
5457c8ce 3051 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
98087450
FB		 3052#endif
3053 return val;
3054}
3055
5457c8ce 3056static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
98087450
FB		 3057{
3058 BMDMAState *bm = opaque;
5457c8ce 3059 PCIIDEState *pci_dev;
98087450 3060#ifdef DEBUG_IDE
5457c8ce 3061 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
98087450 3062#endif
5457c8ce
FB		 3063 switch(addr & 3) {
3064 case 1:
3065 pci_dev = bm->pci_dev;
3066 if (pci_dev->type == IDE_TYPE_CMD646) {
5fafdf24 3067 pci_dev->dev.config[MRDMODE] =
5457c8ce
FB		 3068 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
3069 cmd646_update_irq(pci_dev);
3070 }
3071 break;
3072 case 2:
3073 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
3074 break;
3075 case 3:
3076 pci_dev = bm->pci_dev;
3077 if (pci_dev->type == IDE_TYPE_CMD646) {
3078 if (bm == &pci_dev->bmdma[0])
3079 pci_dev->dev.config[UDIDETCR0] = val;
3080 else
3081 pci_dev->dev.config[UDIDETCR1] = val;
3082 }
3083 break;
3084 }
98087450
FB		 3085}
3086
5b9a1293
AJ		 3087static uint32_t bmdma_addr_readb(void *opaque, uint32_t addr)
3088{
3089 BMDMAState *bm = opaque;
3090 uint32_t val;
3091 val = (bm->addr >> ((addr & 3) * 8)) & 0xff;
3092#ifdef DEBUG_IDE
3093 printf("%s: 0x%08x\n", __func__, val);
3094#endif
3095 return val;
3096}
3097
3098static void bmdma_addr_writeb(void *opaque, uint32_t addr, uint32_t val)
3099{
3100 BMDMAState *bm = opaque;
3101 int shift = (addr & 3) * 8;
3102#ifdef DEBUG_IDE
3103 printf("%s: 0x%08x\n", __func__, val);
3104#endif
3105 bm->addr &= ~(0xFF << shift);
3106 bm->addr |= ((val & 0xFF) << shift) & ~3;
3107 bm->cur_addr = bm->addr;
3108}
3109
3110static uint32_t bmdma_addr_readw(void *opaque, uint32_t addr)
3111{
3112 BMDMAState *bm = opaque;
3113 uint32_t val;
3114 val = (bm->addr >> ((addr & 3) * 8)) & 0xffff;
3115#ifdef DEBUG_IDE
3116 printf("%s: 0x%08x\n", __func__, val);
3117#endif
3118 return val;
3119}
3120
3121static void bmdma_addr_writew(void *opaque, uint32_t addr, uint32_t val)
3122{
3123 BMDMAState *bm = opaque;
3124 int shift = (addr & 3) * 8;
3125#ifdef DEBUG_IDE
3126 printf("%s: 0x%08x\n", __func__, val);
3127#endif
3128 bm->addr &= ~(0xFFFF << shift);
3129 bm->addr |= ((val & 0xFFFF) << shift) & ~3;
3130 bm->cur_addr = bm->addr;
3131}
3132
98087450
FB		 3133static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
3134{
3135 BMDMAState *bm = opaque;
3136 uint32_t val;
3137 val = bm->addr;
3138#ifdef DEBUG_IDE
3139 printf("%s: 0x%08x\n", __func__, val);
3140#endif
3141 return val;
3142}
3143
3144static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
3145{
3146 BMDMAState *bm = opaque;
3147#ifdef DEBUG_IDE
3148 printf("%s: 0x%08x\n", __func__, val);
3149#endif
3150 bm->addr = val & ~3;
30c4bbac 3151 bm->cur_addr = bm->addr;
98087450
FB		 3152}
3153
5fafdf24 3154static void bmdma_map(PCIDevice *pci_dev, int region_num,
98087450
FB		 3155 uint32_t addr, uint32_t size, int type)
3156{
3157 PCIIDEState *d = (PCIIDEState *)pci_dev;
3158 int i;
3159
3160 for(i = 0;i < 2; i++) {
3161 BMDMAState *bm = &d->bmdma[i];
3162 d->ide_if[2 * i].bmdma = bm;
3163 d->ide_if[2 * i + 1].bmdma = bm;
5457c8ce 3164 bm->pci_dev = (PCIIDEState *)pci_dev;
428c5705 3165 qemu_add_vm_change_state_handler(ide_dma_restart_cb, bm);
5457c8ce 3166
98087450 3167 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
98087450 3168
5457c8ce
FB		 3169 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
3170 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
98087450 3171
5b9a1293
AJ		 3172 register_ioport_write(addr + 4, 4, 1, bmdma_addr_writeb, bm);
3173 register_ioport_read(addr + 4, 4, 1, bmdma_addr_readb, bm);
3174 register_ioport_write(addr + 4, 4, 2, bmdma_addr_writew, bm);
3175 register_ioport_read(addr + 4, 4, 2, bmdma_addr_readw, bm);
98087450
FB		 3176 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
3177 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
3178 addr += 8;
3179 }
3180}
3181
9b64997f
BS		 3182static void pci_ide_save(QEMUFile* f, void *opaque)
3183{
3184 PCIIDEState *d = opaque;
3185 int i;
3186
3187 pci_device_save(&d->dev, f);
3188
3189 for(i = 0; i < 2; i++) {
3190 BMDMAState *bm = &d->bmdma[i];
428c5705 3191 uint8_t ifidx;
9b64997f
BS		 3192 qemu_put_8s(f, &bm->cmd);
3193 qemu_put_8s(f, &bm->status);
3194 qemu_put_be32s(f, &bm->addr);
428c5705
AL		 3195 qemu_put_sbe64s(f, &bm->sector_num);
3196 qemu_put_be32s(f, &bm->nsector);
3197 ifidx = bm->ide_if ? bm->ide_if - d->ide_if : 0;
3198 qemu_put_8s(f, &ifidx);
9b64997f
BS		 3199 /* XXX: if a transfer is pending, we do not save it yet */
3200 }
3201
3202 /* per IDE interface data */
3203 for(i = 0; i < 2; i++) {
3204 IDEState *s = &d->ide_if[i * 2];
3205 uint8_t drive1_selected;
3206 qemu_put_8s(f, &s->cmd);
3207 drive1_selected = (s->cur_drive != s);
3208 qemu_put_8s(f, &drive1_selected);
3209 }
3210
3211 /* per IDE drive data */
3212 for(i = 0; i < 4; i++) {
3213 ide_save(f, &d->ide_if[i]);
3214 }
3215}
3216
3217static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
3218{
3219 PCIIDEState *d = opaque;
3220 int ret, i;
3221
428c5705 3222 if (version_id != 2)
9b64997f
BS		 3223 return -EINVAL;
3224 ret = pci_device_load(&d->dev, f);
3225 if (ret < 0)
3226 return ret;
3227
3228 for(i = 0; i < 2; i++) {
3229 BMDMAState *bm = &d->bmdma[i];
428c5705 3230 uint8_t ifidx;
9b64997f
BS		 3231 qemu_get_8s(f, &bm->cmd);
3232 qemu_get_8s(f, &bm->status);
3233 qemu_get_be32s(f, &bm->addr);
428c5705
AL		 3234 qemu_get_sbe64s(f, &bm->sector_num);
3235 qemu_get_be32s(f, &bm->nsector);
3236 qemu_get_8s(f, &ifidx);
3237 bm->ide_if = &d->ide_if[ifidx];
9b64997f
BS		 3238 /* XXX: if a transfer is pending, we do not save it yet */
3239 }
3240
3241 /* per IDE interface data */
3242 for(i = 0; i < 2; i++) {
3243 IDEState *s = &d->ide_if[i * 2];
3244 uint8_t drive1_selected;
3245 qemu_get_8s(f, &s->cmd);
3246 qemu_get_8s(f, &drive1_selected);
3247 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
3248 }
3249
3250 /* per IDE drive data */
3251 for(i = 0; i < 4; i++) {
3252 ide_load(f, &d->ide_if[i]);
3253 }
3254 return 0;
3255}
3256
5457c8ce
FB		 3257/* XXX: call it also when the MRDMODE is changed from the PCI config
3258 registers */
3259static void cmd646_update_irq(PCIIDEState *d)
3260{
3261 int pci_level;
3262 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
3263 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
3264 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
3265 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
d537cf6c 3266 qemu_set_irq(d->dev.irq[0], pci_level);
5457c8ce
FB		 3267}
3268
3269/* the PCI irq level is the logical OR of the two channels */
3270static void cmd646_set_irq(void *opaque, int channel, int level)
3271{
3272 PCIIDEState *d = opaque;
3273 int irq_mask;
3274
3275 irq_mask = MRDMODE_INTR_CH0 << channel;
3276 if (level)
3277 d->dev.config[MRDMODE] |= irq_mask;
3278 else
3279 d->dev.config[MRDMODE] &= ~irq_mask;
3280 cmd646_update_irq(d);
3281}
3282
6e6b7363
BS		 3283static void cmd646_reset(void *opaque)
3284{
3285 PCIIDEState *d = opaque;
3286 unsigned int i;
3287
3288 for (i = 0; i < 2; i++)
3289 ide_dma_cancel(&d->bmdma[i]);
3290}
3291
5457c8ce
FB		 3292/* CMD646 PCI IDE controller */
3293void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
3294 int secondary_ide_enabled)
69b91039
FB		 3295{
3296 PCIIDEState *d;
3297 uint8_t *pci_conf;
34e538ae 3298 int i;
d537cf6c 3299 qemu_irq *irq;
34e538ae 3300
5fafdf24 3301 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
5457c8ce 3302 sizeof(PCIIDEState),
5fafdf24 3303 -1,
73c11f63 3304 NULL, NULL);
5457c8ce 3305 d->type = IDE_TYPE_CMD646;
69b91039 3306 pci_conf = d->dev.config;
deb54399
AL		 3307 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_CMD);
3308 pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_CMD_646);
5457c8ce
FB		 3309
3310 pci_conf[0x08] = 0x07; // IDE controller revision
5fafdf24 3311 pci_conf[0x09] = 0x8f;
5457c8ce 3312
173a543b 3313 pci_config_set_class(pci_conf, PCI_CLASS_STORAGE_IDE);
6407f373 3314 pci_conf[PCI_HEADER_TYPE] = PCI_HEADER_TYPE_NORMAL; // header_type
3b46e624 3315
0516ede0 3316 pci_conf[0x51] = 0x04; // enable IDE0
5457c8ce
FB		 3317 if (secondary_ide_enabled) {
3318 /* XXX: if not enabled, really disable the seconday IDE controller */
0516ede0 3319 pci_conf[0x51] |= 0x08; /* enable IDE1 */
5457c8ce 3320 }
69b91039 3321
28c2c264 3322 pci_register_bar((PCIDevice *)d, 0, 0x8,
69b91039 3323 PCI_ADDRESS_SPACE_IO, ide_map);
28c2c264 3324 pci_register_bar((PCIDevice *)d, 1, 0x4,
69b91039 3325 PCI_ADDRESS_SPACE_IO, ide_map);
28c2c264 3326 pci_register_bar((PCIDevice *)d, 2, 0x8,
69b91039 3327 PCI_ADDRESS_SPACE_IO, ide_map);
28c2c264 3328 pci_register_bar((PCIDevice *)d, 3, 0x4,
69b91039 3329 PCI_ADDRESS_SPACE_IO, ide_map);
28c2c264 3330 pci_register_bar((PCIDevice *)d, 4, 0x10,
98087450 3331 PCI_ADDRESS_SPACE_IO, bmdma_map);
69b91039 3332
34e538ae 3333 pci_conf[0x3d] = 0x01; // interrupt on pin 1
3b46e624 3334
34e538ae
FB		 3335 for(i = 0; i < 4; i++)
3336 d->ide_if[i].pci_dev = (PCIDevice *)d;
d537cf6c
PB		 3337
3338 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
3339 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
3340 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
6e6b7363 3341
428c5705 3342 register_savevm("ide", 0, 2, pci_ide_save, pci_ide_load, d);
a08d4367 3343 qemu_register_reset(cmd646_reset, d);
6e6b7363 3344 cmd646_reset(d);
34e538ae
FB		 3345}
3346
72c7b06c 3347static void piix3_reset(void *opaque)
e6a71ae3 3348{
72c7b06c 3349 PCIIDEState *d = opaque;
e6a71ae3 3350 uint8_t *pci_conf = d->dev.config;
72c7b06c
AL		 3351 int i;
3352
3353 for (i = 0; i < 2; i++)
3354 ide_dma_cancel(&d->bmdma[i]);
e6a71ae3
TS		 3355
3356 pci_conf[0x04] = 0x00;
3357 pci_conf[0x05] = 0x00;
3358 pci_conf[0x06] = 0x80; /* FBC */
3359 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
3360 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
3361}
3362
34e538ae
FB		 3363/* hd_table must contain 4 block drivers */
3364/* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
d537cf6c
PB		 3365void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3366 qemu_irq *pic)
34e538ae
FB		 3367{
3368 PCIIDEState *d;
3369 uint8_t *pci_conf;
b0a7b120 3370 int i;
3b46e624 3371
34e538ae 3372 /* register a function 1 of PIIX3 */
5fafdf24 3373 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
46e50e9d 3374 sizeof(PCIIDEState),
502a5395 3375 devfn,
34e538ae 3376 NULL, NULL);
5457c8ce
FB		 3377 d->type = IDE_TYPE_PIIX3;
3378
34e538ae 3379 pci_conf = d->dev.config;
deb54399
AL		 3380 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
3381 pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_INTEL_82371SB_1);
92510b8c 3382 pci_conf[0x09] = 0x80; // legacy ATA mode
173a543b 3383 pci_config_set_class(pci_conf, PCI_CLASS_STORAGE_IDE);
6407f373 3384 pci_conf[PCI_HEADER_TYPE] = PCI_HEADER_TYPE_NORMAL; // header_type
34e538ae 3385
a08d4367 3386 qemu_register_reset(piix3_reset, d);
e6a71ae3
TS		 3387 piix3_reset(d);
3388
28c2c264 3389 pci_register_bar((PCIDevice *)d, 4, 0x10,
98087450 3390 PCI_ADDRESS_SPACE_IO, bmdma_map);
34e538ae 3391
d537cf6c
PB		 3392 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3393 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
34e538ae
FB		 3394 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3395 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
c3d78997 3396
b0a7b120
AL		 3397 for (i = 0; i < 4; i++)
3398 if (hd_table[i])
3399 hd_table[i]->private = &d->dev;
3400
428c5705 3401 register_savevm("ide", 0, 2, pci_ide_save, pci_ide_load, d);
69b91039 3402}
1ade1de2 3403
afcc3cdf
TS		 3404/* hd_table must contain 4 block drivers */
3405/* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3406void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3407 qemu_irq *pic)
3408{
3409 PCIIDEState *d;
3410 uint8_t *pci_conf;
3411
3412 /* register a function 1 of PIIX4 */
3413 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
3414 sizeof(PCIIDEState),
3415 devfn,
3416 NULL, NULL);
3417 d->type = IDE_TYPE_PIIX4;
3418
3419 pci_conf = d->dev.config;
deb54399
AL		 3420 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
3421 pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_INTEL_82371AB);
afcc3cdf 3422 pci_conf[0x09] = 0x80; // legacy ATA mode
173a543b 3423 pci_config_set_class(pci_conf, PCI_CLASS_STORAGE_IDE);
6407f373 3424 pci_conf[PCI_HEADER_TYPE] = PCI_HEADER_TYPE_NORMAL; // header_type
afcc3cdf 3425
a08d4367 3426 qemu_register_reset(piix3_reset, d);
afcc3cdf
TS		 3427 piix3_reset(d);
3428
28c2c264 3429 pci_register_bar((PCIDevice *)d, 4, 0x10,
afcc3cdf
TS		 3430 PCI_ADDRESS_SPACE_IO, bmdma_map);
3431
3432 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3433 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3434 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3435 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3436
428c5705 3437 register_savevm("ide", 0, 2, pci_ide_save, pci_ide_load, d);
afcc3cdf
TS		 3438}
3439
e3007e66 3440#if defined(TARGET_PPC)
1ade1de2
FB		 3441/***********************************************************/
3442/* MacIO based PowerPC IDE */
3443
e3007e66
AJ		 3444typedef struct MACIOIDEState {
3445 IDEState ide_if[2];
862c9280 3446 BlockDriverAIOCB *aiocb;
e3007e66
AJ		 3447} MACIOIDEState;
3448
862c9280 3449static void pmac_ide_atapi_transfer_cb(void *opaque, int ret)
e3007e66 3450{
862c9280 3451 DBDMA_io *io = opaque;
b42ec42d 3452 MACIOIDEState *m = io->opaque;
e3007e66 3453 IDEState *s = m->ide_if->cur_drive;
e3007e66 3454
862c9280
AJ		 3455 if (ret < 0) {
3456 m->aiocb = NULL;
3457 qemu_sglist_destroy(&s->sg);
3458 ide_atapi_io_error(s, ret);
3459 io->dma_end(opaque);
3460 return;
3461 }
e3007e66 3462
862c9280
AJ		 3463 if (s->io_buffer_size > 0) {
3464 m->aiocb = NULL;
3465 qemu_sglist_destroy(&s->sg);
e3007e66 3466
862c9280 3467 s->packet_transfer_size -= s->io_buffer_size;
e3007e66 3468
862c9280
AJ		 3469 s->io_buffer_index += s->io_buffer_size;
3470 s->lba += s->io_buffer_index >> 11;
3471 s->io_buffer_index &= 0x7ff;
3472 }
e3007e66 3473
862c9280
AJ		 3474 if (s->packet_transfer_size <= 0)
3475 ide_atapi_cmd_ok(s);
e3007e66 3476
862c9280
AJ		 3477 if (io->len == 0) {
3478 io->dma_end(opaque);
3479 return;
e3007e66 3480 }
b42ec42d 3481
862c9280 3482 /* launch next transfer */
b42ec42d 3483
862c9280
AJ		 3484 s->io_buffer_size = io->len;
3485
3486 qemu_sglist_init(&s->sg, io->len / TARGET_PAGE_SIZE + 1);
3487 qemu_sglist_add(&s->sg, io->addr, io->len);
3488 io->addr += io->len;
3489 io->len = 0;
3490
3491 m->aiocb = dma_bdrv_read(s->bs, &s->sg,
3492 (int64_t)(s->lba << 2) + (s->io_buffer_index >> 9),
3493 pmac_ide_atapi_transfer_cb, io);
3494 if (!m->aiocb) {
3495 qemu_sglist_destroy(&s->sg);
3496 /* Note: media not present is the most likely case */
3497 ide_atapi_cmd_error(s, SENSE_NOT_READY,
3498 ASC_MEDIUM_NOT_PRESENT);
3499 io->dma_end(opaque);
3500 return;
e3007e66 3501 }
e3007e66
AJ		 3502}
3503
862c9280 3504static void pmac_ide_transfer_cb(void *opaque, int ret)
e3007e66 3505{
862c9280 3506 DBDMA_io *io = opaque;
b42ec42d 3507 MACIOIDEState *m = io->opaque;
e3007e66 3508 IDEState *s = m->ide_if->cur_drive;
862c9280 3509 int n;
e3007e66 3510 int64_t sector_num;
e3007e66 3511
862c9280
AJ		 3512 if (ret < 0) {
3513 m->aiocb = NULL;
3514 qemu_sglist_destroy(&s->sg);
3515 ide_dma_error(s);
3516 io->dma_end(io);
b42ec42d
AJ		 3517 return;
3518 }
e3007e66 3519
862c9280
AJ		 3520 sector_num = ide_get_sector(s);
3521 if (s->io_buffer_size > 0) {
3522 m->aiocb = NULL;
3523 qemu_sglist_destroy(&s->sg);
3524 n = (s->io_buffer_size + 0x1ff) >> 9;
3525 sector_num += n;
3526 ide_set_sector(s, sector_num);
3527 s->nsector -= n;
3528 }
3529
3530 /* end of transfer ? */
3531 if (s->nsector == 0) {
3532 s->status = READY_STAT | SEEK_STAT;
3533 ide_set_irq(s);
3534 }
e3007e66 3535
862c9280 3536 /* end of DMA ? */
e3007e66 3537
862c9280
AJ		 3538 if (io->len == 0) {
3539 io->dma_end(io);
3540 return;
3541 }
e3007e66 3542
862c9280 3543 /* launch next transfer */
e3007e66 3544
862c9280
AJ		 3545 s->io_buffer_index = 0;
3546 s->io_buffer_size = io->len;
e3007e66 3547
862c9280
AJ		 3548 qemu_sglist_init(&s->sg, io->len / TARGET_PAGE_SIZE + 1);
3549 qemu_sglist_add(&s->sg, io->addr, io->len);
3550 io->addr += io->len;
3551 io->len = 0;
e3007e66 3552
862c9280
AJ		 3553 if (s->is_read)
3554 m->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num,
3555 pmac_ide_transfer_cb, io);
3556 else
3557 m->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num,
3558 pmac_ide_transfer_cb, io);
3559 if (!m->aiocb)
3560 pmac_ide_transfer_cb(io, -1);
3561}
e3007e66 3562
862c9280
AJ		 3563static void pmac_ide_transfer(DBDMA_io *io)
3564{
3565 MACIOIDEState *m = io->opaque;
3566 IDEState *s = m->ide_if->cur_drive;
b42ec42d 3567
862c9280
AJ		 3568 s->io_buffer_size = 0;
3569 if (s->is_cdrom) {
3570 pmac_ide_atapi_transfer_cb(io, 0);
3571 return;
e3007e66
AJ		 3572 }
3573
862c9280
AJ		 3574 pmac_ide_transfer_cb(io, 0);
3575}
3576
3577static void pmac_ide_flush(DBDMA_io *io)
3578{
3579 MACIOIDEState *m = io->opaque;
3580
3581 if (m->aiocb)
3582 qemu_aio_flush();
e3007e66
AJ		 3583}
3584
1ade1de2
FB		 3585/* PowerMac IDE memory IO */
3586static void pmac_ide_writeb (void *opaque,
3587 target_phys_addr_t addr, uint32_t val)
3588{
e3007e66
AJ		 3589 MACIOIDEState *d = opaque;
3590
5fafdf24 3591 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3592 switch (addr) {
3593 case 1 ... 7:
e3007e66 3594 ide_ioport_write(d->ide_if, addr, val);
1ade1de2
FB		 3595 break;
3596 case 8:
3597 case 22:
e3007e66 3598 ide_cmd_write(d->ide_if, 0, val);
1ade1de2
FB		 3599 break;
3600 default:
3601 break;
3602 }
3603}
3604
3605static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3606{
3607 uint8_t retval;
e3007e66 3608 MACIOIDEState *d = opaque;
1ade1de2
FB		 3609
3610 addr = (addr & 0xFFF) >> 4;
3611 switch (addr) {
3612 case 1 ... 7:
e3007e66 3613 retval = ide_ioport_read(d->ide_if, addr);
1ade1de2
FB		 3614 break;
3615 case 8:
3616 case 22:
e3007e66 3617 retval = ide_status_read(d->ide_if, 0);
1ade1de2
FB		 3618 break;
3619 default:
3620 retval = 0xFF;
3621 break;
3622 }
3623 return retval;
3624}
3625
3626static void pmac_ide_writew (void *opaque,
3627 target_phys_addr_t addr, uint32_t val)
3628{
e3007e66
AJ		 3629 MACIOIDEState *d = opaque;
3630
5fafdf24 3631 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3632#ifdef TARGET_WORDS_BIGENDIAN
3633 val = bswap16(val);
3634#endif
3635 if (addr == 0) {
e3007e66 3636 ide_data_writew(d->ide_if, 0, val);
1ade1de2
FB		 3637 }
3638}
3639
3640static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3641{
3642 uint16_t retval;
e3007e66 3643 MACIOIDEState *d = opaque;
1ade1de2 3644
5fafdf24 3645 addr = (addr & 0xFFF) >> 4;
1ade1de2 3646 if (addr == 0) {
e3007e66 3647 retval = ide_data_readw(d->ide_if, 0);
1ade1de2
FB		 3648 } else {
3649 retval = 0xFFFF;
3650 }
3651#ifdef TARGET_WORDS_BIGENDIAN
3652 retval = bswap16(retval);
3653#endif
3654 return retval;
3655}
3656
3657static void pmac_ide_writel (void *opaque,
3658 target_phys_addr_t addr, uint32_t val)
3659{
e3007e66
AJ		 3660 MACIOIDEState *d = opaque;
3661
5fafdf24 3662 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3663#ifdef TARGET_WORDS_BIGENDIAN
3664 val = bswap32(val);
3665#endif
3666 if (addr == 0) {
e3007e66 3667 ide_data_writel(d->ide_if, 0, val);
1ade1de2
FB		 3668 }
3669}
3670
3671static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3672{
3673 uint32_t retval;
e3007e66 3674 MACIOIDEState *d = opaque;
1ade1de2 3675
5fafdf24 3676 addr = (addr & 0xFFF) >> 4;
1ade1de2 3677 if (addr == 0) {
e3007e66 3678 retval = ide_data_readl(d->ide_if, 0);
1ade1de2
FB		 3679 } else {
3680 retval = 0xFFFFFFFF;
3681 }
3682#ifdef TARGET_WORDS_BIGENDIAN
3683 retval = bswap32(retval);
3684#endif
3685 return retval;
3686}
3687
3688static CPUWriteMemoryFunc *pmac_ide_write[] = {
3689 pmac_ide_writeb,
3690 pmac_ide_writew,
3691 pmac_ide_writel,
3692};
3693
3694static CPUReadMemoryFunc *pmac_ide_read[] = {
3695 pmac_ide_readb,
3696 pmac_ide_readw,
3697 pmac_ide_readl,
3698};
3699
9b64997f
BS		 3700static void pmac_ide_save(QEMUFile *f, void *opaque)
3701{
e3007e66
AJ		 3702 MACIOIDEState *d = opaque;
3703 IDEState *s = d->ide_if;
9b64997f
BS		 3704 uint8_t drive1_selected;
3705 unsigned int i;
3706
3707 /* per IDE interface data */
3708 qemu_put_8s(f, &s->cmd);
3709 drive1_selected = (s->cur_drive != s);
3710 qemu_put_8s(f, &drive1_selected);
3711
3712 /* per IDE drive data */
3713 for(i = 0; i < 2; i++) {
3714 ide_save(f, &s[i]);
3715 }
3716}
3717
3718static int pmac_ide_load(QEMUFile *f, void *opaque, int version_id)
3719{
e3007e66
AJ		 3720 MACIOIDEState *d = opaque;
3721 IDEState *s = d->ide_if;
9b64997f
BS		 3722 uint8_t drive1_selected;
3723 unsigned int i;
3724
3725 if (version_id != 1)
3726 return -EINVAL;
3727
3728 /* per IDE interface data */
3729 qemu_get_8s(f, &s->cmd);
3730 qemu_get_8s(f, &drive1_selected);
3731 s->cur_drive = &s[(drive1_selected != 0)];
3732
3733 /* per IDE drive data */
3734 for(i = 0; i < 2; i++) {
3735 ide_load(f, &s[i]);
3736 }
3737 return 0;
3738}
3739
6e6b7363
BS		 3740static void pmac_ide_reset(void *opaque)
3741{
e3007e66
AJ		 3742 MACIOIDEState *d = opaque;
3743 IDEState *s = d->ide_if;
6e6b7363
BS		 3744
3745 ide_reset(&s[0]);
3746 ide_reset(&s[1]);
3747}
3748
1ade1de2
FB		 3749/* hd_table must contain 4 block drivers */
3750/* PowerMac uses memory mapped registers, not I/O. Return the memory
3751 I/O index to access the ide. */
e3007e66
AJ		 3752int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq,
3753 void *dbdma, int channel, qemu_irq dma_irq)
1ade1de2 3754{
e3007e66 3755 MACIOIDEState *d;
1ade1de2
FB		 3756 int pmac_ide_memory;
3757
e3007e66
AJ		 3758 d = qemu_mallocz(sizeof(MACIOIDEState));
3759 ide_init2(d->ide_if, hd_table[0], hd_table[1], irq);
3760
b42ec42d 3761 if (dbdma)
862c9280 3762 DBDMA_register_channel(dbdma, channel, dma_irq, pmac_ide_transfer, pmac_ide_flush, d);
3b46e624 3763
1eed09cb 3764 pmac_ide_memory = cpu_register_io_memory(pmac_ide_read,
e3007e66
AJ		 3765 pmac_ide_write, d);
3766 register_savevm("ide", 0, 1, pmac_ide_save, pmac_ide_load, d);
a08d4367 3767 qemu_register_reset(pmac_ide_reset, d);
e3007e66
AJ		 3768 pmac_ide_reset(d);
3769
1ade1de2
FB		 3770 return pmac_ide_memory;
3771}
e3007e66 3772#endif /* TARGET_PPC */
201a51fc 3773
a4a771c0
AZ		 3774/***********************************************************/
3775/* MMIO based ide port
3776 * This emulates IDE device connected directly to the CPU bus without
3777 * dedicated ide controller, which is often seen on embedded boards.
3778 */
3779
3780typedef struct {
3781 void *dev;
3782 int shift;
3783} MMIOState;
3784
3785static uint32_t mmio_ide_read (void *opaque, target_phys_addr_t addr)
3786{
3787 MMIOState *s = (MMIOState*)opaque;
3788 IDEState *ide = (IDEState*)s->dev;
3789 addr >>= s->shift;
3790 if (addr & 7)
3791 return ide_ioport_read(ide, addr);
3792 else
3793 return ide_data_readw(ide, 0);
3794}
3795
3796static void mmio_ide_write (void *opaque, target_phys_addr_t addr,
3797 uint32_t val)
3798{
3799 MMIOState *s = (MMIOState*)opaque;
3800 IDEState *ide = (IDEState*)s->dev;
3801 addr >>= s->shift;
3802 if (addr & 7)
3803 ide_ioport_write(ide, addr, val);
3804 else
3805 ide_data_writew(ide, 0, val);
3806}
3807
3808static CPUReadMemoryFunc *mmio_ide_reads[] = {
3809 mmio_ide_read,
3810 mmio_ide_read,
3811 mmio_ide_read,
3812};
3813
3814static CPUWriteMemoryFunc *mmio_ide_writes[] = {
3815 mmio_ide_write,
3816 mmio_ide_write,
3817 mmio_ide_write,
3818};
3819
3820static uint32_t mmio_ide_status_read (void *opaque, target_phys_addr_t addr)
3821{
3822 MMIOState *s= (MMIOState*)opaque;
3823 IDEState *ide = (IDEState*)s->dev;
3824 return ide_status_read(ide, 0);
3825}
3826
3827static void mmio_ide_cmd_write (void *opaque, target_phys_addr_t addr,
3828 uint32_t val)
3829{
3830 MMIOState *s = (MMIOState*)opaque;
3831 IDEState *ide = (IDEState*)s->dev;
3832 ide_cmd_write(ide, 0, val);
3833}
3834
3835static CPUReadMemoryFunc *mmio_ide_status[] = {
3836 mmio_ide_status_read,
3837 mmio_ide_status_read,
3838 mmio_ide_status_read,
3839};
3840
3841static CPUWriteMemoryFunc *mmio_ide_cmd[] = {
3842 mmio_ide_cmd_write,
3843 mmio_ide_cmd_write,
3844 mmio_ide_cmd_write,
3845};
3846
3847void mmio_ide_init (target_phys_addr_t membase, target_phys_addr_t membase2,
3848 qemu_irq irq, int shift,
3849 BlockDriverState *hd0, BlockDriverState *hd1)
3850{
3851 MMIOState *s = qemu_mallocz(sizeof(MMIOState));
3852 IDEState *ide = qemu_mallocz(sizeof(IDEState) * 2);
3853 int mem1, mem2;
3854
3855 ide_init2(ide, hd0, hd1, irq);
3856
3857 s->dev = ide;
3858 s->shift = shift;
3859
1eed09cb
AK		 3860 mem1 = cpu_register_io_memory(mmio_ide_reads, mmio_ide_writes, s);
3861 mem2 = cpu_register_io_memory(mmio_ide_status, mmio_ide_cmd, s);
a4a771c0
AZ		 3862 cpu_register_physical_memory(membase, 16 << shift, mem1);
3863 cpu_register_physical_memory(membase2, 2 << shift, mem2);
3864}
3865
201a51fc
AZ		 3866/***********************************************************/
3867/* CF-ATA Microdrive */
3868
3869#define METADATA_SIZE 0x20
3870
3871/* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
bc24a225 3872typedef struct {
201a51fc 3873 IDEState ide[2];
bc24a225 3874 PCMCIACardState card;
201a51fc
AZ		 3875 uint32_t attr_base;
3876 uint32_t io_base;
3877
3878 /* Card state */
3879 uint8_t opt;
3880 uint8_t stat;
3881 uint8_t pins;
3882
3883 uint8_t ctrl;
3884 uint16_t io;
3885 int cycle;
bc24a225 3886} MicroDriveState;
201a51fc
AZ		 3887
3888/* Register bitfields */
3889enum md_opt {
3890 OPT_MODE_MMAP = 0,
3891 OPT_MODE_IOMAP16 = 1,
3892 OPT_MODE_IOMAP1 = 2,
3893 OPT_MODE_IOMAP2 = 3,
3894 OPT_MODE = 0x3f,
3895 OPT_LEVIREQ = 0x40,
3896 OPT_SRESET = 0x80,
3897};
3898enum md_cstat {
3899 STAT_INT = 0x02,
3900 STAT_PWRDWN = 0x04,
3901 STAT_XE = 0x10,
3902 STAT_IOIS8 = 0x20,
3903 STAT_SIGCHG = 0x40,
3904 STAT_CHANGED = 0x80,
3905};
3906enum md_pins {
3907 PINS_MRDY = 0x02,
3908 PINS_CRDY = 0x20,
3909};
3910enum md_ctrl {
3911 CTRL_IEN = 0x02,
3912 CTRL_SRST = 0x04,
3913};
3914
bc24a225 3915static inline void md_interrupt_update(MicroDriveState *s)
201a51fc
AZ		 3916{
3917 if (!s->card.slot)
3918 return;
3919
3920 qemu_set_irq(s->card.slot->irq,
3921 !(s->stat & STAT_INT) && /* Inverted */
3922 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3923 !(s->opt & OPT_SRESET));
3924}
3925
3926static void md_set_irq(void *opaque, int irq, int level)
3927{
bc24a225 3928 MicroDriveState *s = (MicroDriveState *) opaque;
201a51fc
AZ		 3929 if (level)
3930 s->stat |= STAT_INT;
3931 else
3932 s->stat &= ~STAT_INT;
3933
3934 md_interrupt_update(s);
3935}
3936
bc24a225 3937static void md_reset(MicroDriveState *s)
201a51fc
AZ		 3938{
3939 s->opt = OPT_MODE_MMAP;
3940 s->stat = 0;
3941 s->pins = 0;
3942 s->cycle = 0;
3943 s->ctrl = 0;
3944 ide_reset(s->ide);
3945}
3946
9e315fa9 3947static uint8_t md_attr_read(void *opaque, uint32_t at)
201a51fc 3948{
bc24a225 3949 MicroDriveState *s = (MicroDriveState *) opaque;
201a51fc
AZ		 3950 if (at < s->attr_base) {
3951 if (at < s->card.cis_len)
3952 return s->card.cis[at];
3953 else
3954 return 0x00;
3955 }
3956
3957 at -= s->attr_base;
3958
3959 switch (at) {
3960 case 0x00: /* Configuration Option Register */
3961 return s->opt;
3962 case 0x02: /* Card Configuration Status Register */
3963 if (s->ctrl & CTRL_IEN)
3964 return s->stat & ~STAT_INT;
3965 else
3966 return s->stat;
3967 case 0x04: /* Pin Replacement Register */
3968 return (s->pins & PINS_CRDY) | 0x0c;
3969 case 0x06: /* Socket and Copy Register */
3970 return 0x00;
3971#ifdef VERBOSE
3972 default:
3973 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3974#endif
3975 }
3976
3977 return 0;
3978}
3979
9e315fa9 3980static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
201a51fc 3981{
bc24a225 3982 MicroDriveState *s = (MicroDriveState *) opaque;
201a51fc
AZ		 3983 at -= s->attr_base;
3984
3985 switch (at) {
3986 case 0x00: /* Configuration Option Register */
3987 s->opt = value & 0xcf;
3988 if (value & OPT_SRESET)
3989 md_reset(s);
3990 md_interrupt_update(s);
3991 break;
3992 case 0x02: /* Card Configuration Status Register */
3993 if ((s->stat ^ value) & STAT_PWRDWN)
3994 s->pins |= PINS_CRDY;
3995 s->stat &= 0x82;
3996 s->stat |= value & 0x74;
3997 md_interrupt_update(s);
3998 /* Word 170 in Identify Device must be equal to STAT_XE */
3999 break;
4000 case 0x04: /* Pin Replacement Register */
4001 s->pins &= PINS_CRDY;
4002 s->pins |= value & PINS_MRDY;
4003 break;
4004 case 0x06: /* Socket and Copy Register */
4005 break;
4006 default:
4007 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
4008 }
4009}
4010
9e315fa9 4011static uint16_t md_common_read(void *opaque, uint32_t at)
201a51fc 4012{
bc24a225 4013 MicroDriveState *s = (MicroDriveState *) opaque;
201a51fc
AZ		 4014 uint16_t ret;
4015 at -= s->io_base;
4016
4017 switch (s->opt & OPT_MODE) {
4018 case OPT_MODE_MMAP:
4019 if ((at & ~0x3ff) == 0x400)
4020 at = 0;
4021 break;
4022 case OPT_MODE_IOMAP16:
4023 at &= 0xf;
4024 break;
4025 case OPT_MODE_IOMAP1:
4026 if ((at & ~0xf) == 0x3f0)
4027 at -= 0x3e8;
4028 else if ((at & ~0xf) == 0x1f0)
4029 at -= 0x1f0;
4030 break;
4031 case OPT_MODE_IOMAP2:
4032 if ((at & ~0xf) == 0x370)
4033 at -= 0x368;
4034 else if ((at & ~0xf) == 0x170)
4035 at -= 0x170;
4036 }
4037
4038 switch (at) {
4039 case 0x0: /* Even RD Data */
4040 case 0x8:
4041 return ide_data_readw(s->ide, 0);
4042
4043 /* TODO: 8-bit accesses */
4044 if (s->cycle)
4045 ret = s->io >> 8;
4046 else {
4047 s->io = ide_data_readw(s->ide, 0);
4048 ret = s->io & 0xff;
4049 }
4050 s->cycle = !s->cycle;
4051 return ret;
4052 case 0x9: /* Odd RD Data */
4053 return s->io >> 8;
4054 case 0xd: /* Error */
4055 return ide_ioport_read(s->ide, 0x1);
4056 case 0xe: /* Alternate Status */
4057 if (s->ide->cur_drive->bs)
4058 return s->ide->cur_drive->status;
4059 else
4060 return 0;
4061 case 0xf: /* Device Address */
4062 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
4063 default:
4064 return ide_ioport_read(s->ide, at);
4065 }
4066
4067 return 0;
4068}
4069
9e315fa9 4070static void md_common_write(void *opaque, uint32_t at, uint16_t value)
201a51fc 4071{
bc24a225 4072 MicroDriveState *s = (MicroDriveState *) opaque;
201a51fc
AZ		 4073 at -= s->io_base;
4074
4075 switch (s->opt & OPT_MODE) {
4076 case OPT_MODE_MMAP:
4077 if ((at & ~0x3ff) == 0x400)
4078 at = 0;
4079 break;
4080 case OPT_MODE_IOMAP16:
4081 at &= 0xf;
4082 break;
4083 case OPT_MODE_IOMAP1:
4084 if ((at & ~0xf) == 0x3f0)
4085 at -= 0x3e8;
4086 else if ((at & ~0xf) == 0x1f0)
4087 at -= 0x1f0;
4088 break;
4089 case OPT_MODE_IOMAP2:
4090 if ((at & ~0xf) == 0x370)
4091 at -= 0x368;
4092 else if ((at & ~0xf) == 0x170)
4093 at -= 0x170;
4094 }
4095
4096 switch (at) {
4097 case 0x0: /* Even WR Data */
4098 case 0x8:
4099 ide_data_writew(s->ide, 0, value);
4100 break;
4101
4102 /* TODO: 8-bit accesses */
4103 if (s->cycle)
4104 ide_data_writew(s->ide, 0, s->io | (value << 8));
4105 else
4106 s->io = value & 0xff;
4107 s->cycle = !s->cycle;
4108 break;
4109 case 0x9:
4110 s->io = value & 0xff;
4111 s->cycle = !s->cycle;
4112 break;
4113 case 0xd: /* Features */
4114 ide_ioport_write(s->ide, 0x1, value);
4115 break;
4116 case 0xe: /* Device Control */
4117 s->ctrl = value;
4118 if (value & CTRL_SRST)
4119 md_reset(s);
4120 md_interrupt_update(s);
4121 break;
4122 default:
4123 if (s->stat & STAT_PWRDWN) {
4124 s->pins |= PINS_CRDY;
4125 s->stat &= ~STAT_PWRDWN;
4126 }
4127 ide_ioport_write(s->ide, at, value);
4128 }
4129}
4130
aa941b94
AZ		 4131static void md_save(QEMUFile *f, void *opaque)
4132{
bc24a225 4133 MicroDriveState *s = (MicroDriveState *) opaque;
aa941b94
AZ		 4134 int i;
4135 uint8_t drive1_selected;
4136
4137 qemu_put_8s(f, &s->opt);
4138 qemu_put_8s(f, &s->stat);
4139 qemu_put_8s(f, &s->pins);
4140
4141 qemu_put_8s(f, &s->ctrl);
4142 qemu_put_be16s(f, &s->io);
4143 qemu_put_byte(f, s->cycle);
4144
4145 drive1_selected = (s->ide->cur_drive != s->ide);
4146 qemu_put_8s(f, &s->ide->cmd);
4147 qemu_put_8s(f, &drive1_selected);
4148
4149 for (i = 0; i < 2; i ++)
4150 ide_save(f, &s->ide[i]);
4151}
4152
4153static int md_load(QEMUFile *f, void *opaque, int version_id)
4154{
bc24a225 4155 MicroDriveState *s = (MicroDriveState *) opaque;
aa941b94
AZ		 4156 int i;
4157 uint8_t drive1_selected;
4158
4159 qemu_get_8s(f, &s->opt);
4160 qemu_get_8s(f, &s->stat);
4161 qemu_get_8s(f, &s->pins);
4162
4163 qemu_get_8s(f, &s->ctrl);
4164 qemu_get_be16s(f, &s->io);
4165 s->cycle = qemu_get_byte(f);
4166
4167 qemu_get_8s(f, &s->ide->cmd);
4168 qemu_get_8s(f, &drive1_selected);
4169 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
4170
4171 for (i = 0; i < 2; i ++)
4172 ide_load(f, &s->ide[i]);
4173
4174 return 0;
4175}
4176
201a51fc
AZ		 4177static const uint8_t dscm1xxxx_cis[0x14a] = {
4178 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
4179 [0x002] = 0x03, /* Tuple length = 4 bytes */
4180 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
4181 [0x006] = 0x01, /* Size = 2K bytes */
4182 [0x008] = CISTPL_ENDMARK,
4183
4184 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
4185 [0x00c] = 0x04, /* Tuple length = 4 byest */
4186 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
4187 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
4188 [0x012] = 0x01, /* Size = 2K bytes */
4189 [0x014] = CISTPL_ENDMARK,
4190
4191 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
4192 [0x018] = 0x02, /* Tuple length = 2 bytes */
4193 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
4194 [0x01c] = 0x01,
4195
4196 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
4197 [0x020] = 0x04, /* Tuple length = 4 bytes */
4198 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
4199 [0x024] = 0x00,
4200 [0x026] = 0x00, /* PLMID_CARD = 0000 */
4201 [0x028] = 0x00,
4202
4203 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
4204 [0x02c] = 0x12, /* Tuple length = 23 bytes */
4205 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
4206 [0x030] = 0x01, /* Minor Version = 1 */
4207 [0x032] = 'I',
4208 [0x034] = 'B',
4209 [0x036] = 'M',
4210 [0x038] = 0x00,
4211 [0x03a] = 'm',
4212 [0x03c] = 'i',
4213 [0x03e] = 'c',
4214 [0x040] = 'r',
4215 [0x042] = 'o',
4216 [0x044] = 'd',
4217 [0x046] = 'r',
4218 [0x048] = 'i',
4219 [0x04a] = 'v',
4220 [0x04c] = 'e',
4221 [0x04e] = 0x00,
4222 [0x050] = CISTPL_ENDMARK,
4223
4224 [0x052] = CISTPL_FUNCID, /* Function ID */
4225 [0x054] = 0x02, /* Tuple length = 2 bytes */
4226 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
4227 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
4228
4229 [0x05a] = CISTPL_FUNCE, /* Function Extension */
4230 [0x05c] = 0x02, /* Tuple length = 2 bytes */
4231 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
4232 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
4233
4234 [0x062] = CISTPL_FUNCE, /* Function Extension */
4235 [0x064] = 0x03, /* Tuple length = 3 bytes */
4236 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
4237 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
4238 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
4239
4240 [0x06c] = CISTPL_CONFIG, /* Configuration */
4241 [0x06e] = 0x05, /* Tuple length = 5 bytes */
4242 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
4243 [0x072] = 0x07, /* TPCC_LAST = 7 */
4244 [0x074] = 0x00, /* TPCC_RADR = 0200 */
4245 [0x076] = 0x02,
4246 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
4247
4248 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4249 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
4250 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
4251 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
4252 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
4253 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4254 [0x086] = 0x55, /* NomV: 5.0 V */
4255 [0x088] = 0x4d, /* MinV: 4.5 V */
4256 [0x08a] = 0x5d, /* MaxV: 5.5 V */
4257 [0x08c] = 0x4e, /* Peakl: 450 mA */
4258 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
4259 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
4260 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
4261
4262 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4263 [0x096] = 0x06, /* Tuple length = 6 bytes */
4264 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
4265 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4266 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4267 [0x09e] = 0xb5, /* NomV: 3.3 V */
4268 [0x0a0] = 0x1e,
4269 [0x0a2] = 0x3e, /* Peakl: 350 mA */
4270
4271 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4272 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
4273 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
4274 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4275 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4276 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4277 [0x0b0] = 0x55, /* NomV: 5.0 V */
4278 [0x0b2] = 0x4d, /* MinV: 4.5 V */
4279 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
4280 [0x0b6] = 0x4e, /* Peakl: 450 mA */
4281 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
4282 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
4283 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
4284 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
4285 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
4286
4287 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4288 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
4289 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
4290 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4291 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4292 [0x0cc] = 0xb5, /* NomV: 3.3 V */
4293 [0x0ce] = 0x1e,
4294 [0x0d0] = 0x3e, /* Peakl: 350 mA */
4295
4296 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4297 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
4298 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
4299 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4300 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4301 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4302 [0x0de] = 0x55, /* NomV: 5.0 V */
4303 [0x0e0] = 0x4d, /* MinV: 4.5 V */
4304 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
4305 [0x0e4] = 0x4e, /* Peakl: 450 mA */
4306 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
4307 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
4308 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
4309 [0x0ec] = 0x01,
4310 [0x0ee] = 0x07, /* Address block length = 8 */
4311 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
4312 [0x0f2] = 0x03,
4313 [0x0f4] = 0x01, /* Address block length = 2 */
4314 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
4315 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
4316
4317 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4318 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
4319 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
4320 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4321 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4322 [0x104] = 0xb5, /* NomV: 3.3 V */
4323 [0x106] = 0x1e,
4324 [0x108] = 0x3e, /* Peakl: 350 mA */
4325
4326 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4327 [0x10c] = 0x12, /* Tuple length = 18 bytes */
4328 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
4329 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4330 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4331 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4332 [0x116] = 0x55, /* NomV: 5.0 V */
4333 [0x118] = 0x4d, /* MinV: 4.5 V */
4334 [0x11a] = 0x5d, /* MaxV: 5.5 V */
4335 [0x11c] = 0x4e, /* Peakl: 450 mA */
4336 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
4337 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
4338 [0x122] = 0x70, /* Field 1 address = 0x0170 */
4339 [0x124] = 0x01,
4340 [0x126] = 0x07, /* Address block length = 8 */
4341 [0x128] = 0x76, /* Field 2 address = 0x0376 */
4342 [0x12a] = 0x03,
4343 [0x12c] = 0x01, /* Address block length = 2 */
4344 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
4345 [0x130] = 0x20, /* TPCE_MI = support power down mode */
4346
4347 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4348 [0x134] = 0x06, /* Tuple length = 6 bytes */
4349 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
4350 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4351 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4352 [0x13c] = 0xb5, /* NomV: 3.3 V */
4353 [0x13e] = 0x1e,
4354 [0x140] = 0x3e, /* Peakl: 350 mA */
4355
4356 [0x142] = CISTPL_NO_LINK, /* No Link */
4357 [0x144] = 0x00, /* Tuple length = 0 bytes */
4358
4359 [0x146] = CISTPL_END, /* Tuple End */
4360};
4361
4362static int dscm1xxxx_attach(void *opaque)
4363{
bc24a225 4364 MicroDriveState *md = (MicroDriveState *) opaque;
201a51fc
AZ		 4365 md->card.attr_read = md_attr_read;
4366 md->card.attr_write = md_attr_write;
4367 md->card.common_read = md_common_read;
4368 md->card.common_write = md_common_write;
4369 md->card.io_read = md_common_read;
4370 md->card.io_write = md_common_write;
4371
4372 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
4373 md->io_base = 0x0;
4374
4375 md_reset(md);
4376 md_interrupt_update(md);
4377
4378 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
4379 return 0;
4380}
4381
4382static int dscm1xxxx_detach(void *opaque)
4383{
bc24a225 4384 MicroDriveState *md = (MicroDriveState *) opaque;
201a51fc
AZ		 4385 md_reset(md);
4386 return 0;
4387}
4388
bc24a225 4389PCMCIACardState *dscm1xxxx_init(BlockDriverState *bdrv)
201a51fc 4390{
bc24a225 4391 MicroDriveState *md = (MicroDriveState *) qemu_mallocz(sizeof(MicroDriveState));
201a51fc
AZ		 4392 md->card.state = md;
4393 md->card.attach = dscm1xxxx_attach;
4394 md->card.detach = dscm1xxxx_detach;
4395 md->card.cis = dscm1xxxx_cis;
4396 md->card.cis_len = sizeof(dscm1xxxx_cis);
4397
4398 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
4399 md->ide->is_cf = 1;
4400 md->ide->mdata_size = METADATA_SIZE;
4401 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
aa941b94 4402
18be5187 4403 register_savevm("microdrive", -1, 0, md_save, md_load, md);
aa941b94 4404
201a51fc
AZ		 4405 return &md->card;
4406}
Empty description
This page took 0.906702 seconds and 4 git commands to generate.