2 * QEMU IDE disk and CD-ROM Emulator
4 * Copyright (c) 2003 Fabrice Bellard
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
41 #include <netinet/in.h>
43 #define NO_THUNK_TYPE_SIZE
51 /* debug IDE devices */
53 //#define DEBUG_IDE_ATAPI
55 /* Bits of HD_STATUS */
57 #define INDEX_STAT 0x02
58 #define ECC_STAT 0x04 /* Corrected error */
60 #define SEEK_STAT 0x10
62 #define WRERR_STAT 0x20
63 #define READY_STAT 0x40
64 #define BUSY_STAT 0x80
66 /* Bits for HD_ERROR */
67 #define MARK_ERR 0x01 /* Bad address mark */
68 #define TRK0_ERR 0x02 /* couldn't find track 0 */
69 #define ABRT_ERR 0x04 /* Command aborted */
70 #define MCR_ERR 0x08 /* media change request */
71 #define ID_ERR 0x10 /* ID field not found */
72 #define MC_ERR 0x20 /* media changed */
73 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
74 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
75 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
77 /* Bits of HD_NSECTOR */
83 #define IDE_CMD_RESET 0x04
84 #define IDE_CMD_DISABLE_IRQ 0x02
86 /* ATA/ATAPI Commands pre T13 Spec */
91 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
95 #define WIN_SRST 0x08 /* ATAPI soft reset command */
96 #define WIN_DEVICE_RESET 0x08
100 #define WIN_RECAL 0x10
101 #define WIN_RESTORE WIN_RECAL
103 * 0x10->0x1F Reserved
105 #define WIN_READ 0x20 /* 28-Bit */
106 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
107 #define WIN_READ_LONG 0x22 /* 28-Bit */
108 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
109 #define WIN_READ_EXT 0x24 /* 48-Bit */
110 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
111 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
112 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
116 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
118 * 0x2A->0x2F Reserved
120 #define WIN_WRITE 0x30 /* 28-Bit */
121 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
122 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
123 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
124 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
125 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
126 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
127 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
128 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
129 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
131 * 0x3A->0x3B Reserved
133 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
135 * 0x3D->0x3F Reserved
137 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
138 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
139 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
141 * 0x43->0x4F Reserved
143 #define WIN_FORMAT 0x50
145 * 0x51->0x5F Reserved
147 #define WIN_INIT 0x60
149 * 0x61->0x5F Reserved
151 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
152 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
153 #define WIN_DIAGNOSE 0x90
154 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
155 #define WIN_DOWNLOAD_MICROCODE 0x92
156 #define WIN_STANDBYNOW2 0x94
157 #define WIN_STANDBY2 0x96
158 #define WIN_SETIDLE2 0x97
159 #define WIN_CHECKPOWERMODE2 0x98
160 #define WIN_SLEEPNOW2 0x99
164 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
165 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
166 #define WIN_QUEUED_SERVICE 0xA2
167 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
168 #define CFA_ERASE_SECTORS 0xC0
169 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
170 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
171 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
172 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
173 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
174 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
175 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
176 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
177 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
178 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
179 #define WIN_GETMEDIASTATUS 0xDA
180 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
181 #define WIN_POSTBOOT 0xDC
182 #define WIN_PREBOOT 0xDD
183 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
184 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
185 #define WIN_STANDBYNOW1 0xE0
186 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
187 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
188 #define WIN_SETIDLE1 0xE3
189 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
190 #define WIN_CHECKPOWERMODE1 0xE5
191 #define WIN_SLEEPNOW1 0xE6
192 #define WIN_FLUSH_CACHE 0xE7
193 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
194 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
195 /* SET_FEATURES 0x22 or 0xDD */
196 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
197 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
198 #define WIN_MEDIAEJECT 0xED
199 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
200 #define WIN_SETFEATURES 0xEF /* set special drive features */
201 #define EXABYTE_ENABLE_NEST 0xF0
202 #define WIN_SECURITY_SET_PASS 0xF1
203 #define WIN_SECURITY_UNLOCK 0xF2
204 #define WIN_SECURITY_ERASE_PREPARE 0xF3
205 #define WIN_SECURITY_ERASE_UNIT 0xF4
206 #define WIN_SECURITY_FREEZE_LOCK 0xF5
207 #define WIN_SECURITY_DISABLE 0xF6
208 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
209 #define WIN_SET_MAX 0xF9
210 #define DISABLE_SEAGATE 0xFB
212 /* set to 1 set disable mult support */
213 #define MAX_MULT_SECTORS 8
217 #define ATAPI_PACKET_SIZE 12
219 /* The generic packet command opcodes for CD/DVD Logical Units,
220 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
221 #define GPCMD_BLANK 0xa1
222 #define GPCMD_CLOSE_TRACK 0x5b
223 #define GPCMD_FLUSH_CACHE 0x35
224 #define GPCMD_FORMAT_UNIT 0x04
225 #define GPCMD_GET_CONFIGURATION 0x46
226 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
227 #define GPCMD_GET_PERFORMANCE 0xac
228 #define GPCMD_INQUIRY 0x12
229 #define GPCMD_LOAD_UNLOAD 0xa6
230 #define GPCMD_MECHANISM_STATUS 0xbd
231 #define GPCMD_MODE_SELECT_10 0x55
232 #define GPCMD_MODE_SENSE_10 0x5a
233 #define GPCMD_PAUSE_RESUME 0x4b
234 #define GPCMD_PLAY_AUDIO_10 0x45
235 #define GPCMD_PLAY_AUDIO_MSF 0x47
236 #define GPCMD_PLAY_AUDIO_TI 0x48
237 #define GPCMD_PLAY_CD 0xbc
238 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
239 #define GPCMD_READ_10 0x28
240 #define GPCMD_READ_12 0xa8
241 #define GPCMD_READ_CDVD_CAPACITY 0x25
242 #define GPCMD_READ_CD 0xbe
243 #define GPCMD_READ_CD_MSF 0xb9
244 #define GPCMD_READ_DISC_INFO 0x51
245 #define GPCMD_READ_DVD_STRUCTURE 0xad
246 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
247 #define GPCMD_READ_HEADER 0x44
248 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
249 #define GPCMD_READ_SUBCHANNEL 0x42
250 #define GPCMD_READ_TOC_PMA_ATIP 0x43
251 #define GPCMD_REPAIR_RZONE_TRACK 0x58
252 #define GPCMD_REPORT_KEY 0xa4
253 #define GPCMD_REQUEST_SENSE 0x03
254 #define GPCMD_RESERVE_RZONE_TRACK 0x53
255 #define GPCMD_SCAN 0xba
256 #define GPCMD_SEEK 0x2b
257 #define GPCMD_SEND_DVD_STRUCTURE 0xad
258 #define GPCMD_SEND_EVENT 0xa2
259 #define GPCMD_SEND_KEY 0xa3
260 #define GPCMD_SEND_OPC 0x54
261 #define GPCMD_SET_READ_AHEAD 0xa7
262 #define GPCMD_SET_STREAMING 0xb6
263 #define GPCMD_START_STOP_UNIT 0x1b
264 #define GPCMD_STOP_PLAY_SCAN 0x4e
265 #define GPCMD_TEST_UNIT_READY 0x00
266 #define GPCMD_VERIFY_10 0x2f
267 #define GPCMD_WRITE_10 0x2a
268 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
269 /* This is listed as optional in ATAPI 2.6, but is (curiously)
270 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
271 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
272 * drives support it. */
273 #define GPCMD_SET_SPEED 0xbb
274 /* This seems to be a SCSI specific CD-ROM opcode
275 * to play data at track/index */
276 #define GPCMD_PLAYAUDIO_TI 0x48
278 * From MS Media Status Notification Support Specification. For
281 #define GPCMD_GET_MEDIA_STATUS 0xda
283 /* Mode page codes for mode sense/set */
284 #define GPMODE_R_W_ERROR_PAGE 0x01
285 #define GPMODE_WRITE_PARMS_PAGE 0x05
286 #define GPMODE_AUDIO_CTL_PAGE 0x0e
287 #define GPMODE_POWER_PAGE 0x1a
288 #define GPMODE_FAULT_FAIL_PAGE 0x1c
289 #define GPMODE_TO_PROTECT_PAGE 0x1d
290 #define GPMODE_CAPABILITIES_PAGE 0x2a
291 #define GPMODE_ALL_PAGES 0x3f
292 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
293 * of MODE_SENSE_POWER_PAGE */
294 #define GPMODE_CDROM_PAGE 0x0d
296 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
297 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
298 #define ATAPI_INT_REASON_REL 0x04
299 #define ATAPI_INT_REASON_TAG 0xf8
301 /* same constants as bochs */
302 #define ASC_ILLEGAL_OPCODE 0x20
303 #define ASC_LOGICAL_BLOCK_OOR 0x21
304 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
305 #define ASC_MEDIUM_NOT_PRESENT 0x3a
306 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
309 #define SENSE_NOT_READY 2
310 #define SENSE_ILLEGAL_REQUEST 5
311 #define SENSE_UNIT_ATTENTION 6
315 typedef void EndTransferFunc(struct IDEState *);
317 /* NOTE: IDEState represents in fact one drive */
318 typedef struct IDEState {
321 int cylinders, heads, sectors;
328 uint16_t nsector; /* 0 is 256 to ease computations */
334 /* 0x3f6 command, only meaningful for drive 0 */
336 /* depends on bit 4 in select, only meaningful for drive 0 */
337 struct IDEState *cur_drive;
338 BlockDriverState *bs;
342 int packet_transfer_size;
343 int elementary_transfer_size;
346 /* transfer handling */
347 int req_nb_sectors; /* number of sectors per interrupt */
348 EndTransferFunc *end_transfer_func;
351 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
354 static void padstr(char *str, const char *src, int len)
357 for(i = 0; i < len; i++) {
362 *(char *)((long)str ^ 1) = v;
367 static void padstr8(uint8_t *buf, int buf_size, const char *src)
370 for(i = 0; i < buf_size; i++) {
378 static void ide_identify(IDEState *s)
381 unsigned int oldsize;
383 memset(s->io_buffer, 0, 512);
384 p = (uint16_t *)s->io_buffer;
385 stw_raw(p + 0, 0x0040);
386 stw_raw(p + 1, s->cylinders);
387 stw_raw(p + 3, s->heads);
388 stw_raw(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
389 stw_raw(p + 5, 512); /* XXX: retired, remove ? */
390 stw_raw(p + 6, s->sectors);
391 padstr((uint8_t *)(p + 10), "QM00001", 20); /* serial number */
392 stw_raw(p + 20, 3); /* XXX: retired, remove ? */
393 stw_raw(p + 21, 512); /* cache size in sectors */
394 stw_raw(p + 22, 4); /* ecc bytes */
395 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
396 padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
397 #if MAX_MULT_SECTORS > 1
398 stw_raw(p + 47, 0x8000 | MAX_MULT_SECTORS);
400 stw_raw(p + 48, 1); /* dword I/O */
401 stw_raw(p + 49, 1 << 9); /* LBA supported, no DMA */
402 stw_raw(p + 51, 0x200); /* PIO transfer cycle */
403 stw_raw(p + 52, 0x200); /* DMA transfer cycle */
404 stw_raw(p + 53, 1); /* words 54-58 are valid */
405 stw_raw(p + 54, s->cylinders);
406 stw_raw(p + 55, s->heads);
407 stw_raw(p + 56, s->sectors);
408 oldsize = s->cylinders * s->heads * s->sectors;
409 stw_raw(p + 57, oldsize);
410 stw_raw(p + 58, oldsize >> 16);
412 stw_raw(p + 59, 0x100 | s->mult_sectors);
413 stw_raw(p + 60, s->nb_sectors);
414 stw_raw(p + 61, s->nb_sectors >> 16);
415 stw_raw(p + 80, (1 << 1) | (1 << 2));
416 stw_raw(p + 82, (1 << 14));
417 stw_raw(p + 83, (1 << 14));
418 stw_raw(p + 84, (1 << 14));
419 stw_raw(p + 85, (1 << 14));
421 stw_raw(p + 87, (1 << 14));
424 static void ide_atapi_identify(IDEState *s)
428 memset(s->io_buffer, 0, 512);
429 p = (uint16_t *)s->io_buffer;
430 /* Removable CDROM, 50us response, 12 byte packets */
431 stw_raw(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
432 stw_raw(p + 1, s->cylinders);
433 stw_raw(p + 3, s->heads);
434 stw_raw(p + 4, 512 * s->sectors); /* sectors */
435 stw_raw(p + 5, 512); /* sector size */
436 stw_raw(p + 6, s->sectors);
437 padstr((uint8_t *)(p + 10), "QM00001", 20); /* serial number */
438 stw_raw(p + 20, 3); /* buffer type */
439 stw_raw(p + 21, 512); /* cache size in sectors */
440 stw_raw(p + 22, 4); /* ecc bytes */
441 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
442 padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
443 stw_raw(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
444 stw_raw(p + 49, 1 << 9); /* LBA supported, no DMA */
445 stw_raw(p + 53, 3); /* words 64-70, 54-58 valid */
446 stw_raw(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
447 stw_raw(p + 64, 1); /* PIO modes */
448 stw_raw(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
449 stw_raw(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
450 stw_raw(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
451 stw_raw(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
453 stw_raw(p + 71, 30); /* in ns */
454 stw_raw(p + 72, 30); /* in ns */
456 stw_raw(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
459 static void ide_set_signature(IDEState *s)
461 s->select &= 0xf0; /* clear head */
477 static inline void ide_abort_command(IDEState *s)
479 s->status = READY_STAT | ERR_STAT;
483 static inline void ide_set_irq(IDEState *s)
485 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
486 pic_set_irq(s->irq, 1);
490 /* prepare data transfer and tell what to do after */
491 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
492 EndTransferFunc *end_transfer_func)
494 s->end_transfer_func = end_transfer_func;
496 s->data_end = buf + size;
497 s->status |= DRQ_STAT;
500 static void ide_transfer_stop(IDEState *s)
502 s->end_transfer_func = ide_transfer_stop;
503 s->data_ptr = s->io_buffer;
504 s->data_end = s->io_buffer;
505 s->status &= ~DRQ_STAT;
508 static int64_t ide_get_sector(IDEState *s)
511 if (s->select & 0x40) {
513 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
514 (s->lcyl << 8) | s->sector;
516 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
517 (s->select & 0x0f) * s->sectors +
523 static void ide_set_sector(IDEState *s, int64_t sector_num)
526 if (s->select & 0x40) {
527 s->select = (s->select & 0xf0) | (sector_num >> 24);
528 s->hcyl = (sector_num >> 16);
529 s->lcyl = (sector_num >> 8);
530 s->sector = (sector_num);
532 cyl = sector_num / (s->heads * s->sectors);
533 r = sector_num % (s->heads * s->sectors);
536 s->select = (s->select & 0xf0) | (r / s->sectors);
537 s->sector = (r % s->sectors) + 1;
541 static void ide_sector_read(IDEState *s)
546 s->status = READY_STAT | SEEK_STAT;
547 s->error = 0; /* not needed by IDE spec, but needed by Windows */
548 sector_num = ide_get_sector(s);
551 /* no more sector to read from disk */
552 ide_transfer_stop(s);
554 #if defined(DEBUG_IDE)
555 printf("read sector=%Ld\n", sector_num);
557 if (n > s->req_nb_sectors)
558 n = s->req_nb_sectors;
559 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
560 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
562 ide_set_sector(s, sector_num + n);
567 static void ide_sector_write(IDEState *s)
572 s->status = READY_STAT | SEEK_STAT;
573 sector_num = ide_get_sector(s);
574 #if defined(DEBUG_IDE)
575 printf("write sector=%Ld\n", sector_num);
578 if (n > s->req_nb_sectors)
579 n = s->req_nb_sectors;
580 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
582 if (s->nsector == 0) {
583 /* no more sector to write */
584 ide_transfer_stop(s);
587 if (n1 > s->req_nb_sectors)
588 n1 = s->req_nb_sectors;
589 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
591 ide_set_sector(s, sector_num + n);
595 static void ide_atapi_cmd_ok(IDEState *s)
598 s->status = READY_STAT;
599 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
603 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
605 #ifdef DEBUG_IDE_ATAPI
606 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
608 s->error = sense_key << 4;
609 s->status = READY_STAT | ERR_STAT;
610 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
611 s->sense_key = sense_key;
616 static inline void cpu_to_ube16(uint8_t *buf, int val)
622 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
630 static inline int ube16_to_cpu(const uint8_t *buf)
632 return (buf[0] << 8) | buf[1];
635 static inline int ube32_to_cpu(const uint8_t *buf)
637 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
640 /* The whole ATAPI transfer logic is handled in this function */
641 static void ide_atapi_cmd_reply_end(IDEState *s)
643 int byte_count_limit, size;
644 #ifdef DEBUG_IDE_ATAPI
645 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
646 s->packet_transfer_size,
647 s->elementary_transfer_size,
650 if (s->packet_transfer_size <= 0) {
651 /* end of transfer */
652 ide_transfer_stop(s);
653 s->status = READY_STAT;
654 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
656 #ifdef DEBUG_IDE_ATAPI
657 printf("status=0x%x\n", s->status);
660 /* see if a new sector must be read */
661 if (s->lba != -1 && s->io_buffer_index >= 2048) {
662 bdrv_read(s->bs, (int64_t)s->lba << 2, s->io_buffer, 4);
664 s->io_buffer_index = 0;
666 if (s->elementary_transfer_size > 0) {
667 /* there are some data left to transmit in this elementary
669 size = 2048 - s->io_buffer_index;
670 if (size > s->elementary_transfer_size)
671 size = s->elementary_transfer_size;
672 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
673 size, ide_atapi_cmd_reply_end);
674 s->packet_transfer_size -= size;
675 s->elementary_transfer_size -= size;
676 s->io_buffer_index += size;
678 /* a new transfer is needed */
679 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
680 byte_count_limit = s->lcyl | (s->hcyl << 8);
681 #ifdef DEBUG_IDE_ATAPI
682 printf("byte_count_limit=%d\n", byte_count_limit);
684 if (byte_count_limit == 0xffff)
686 size = s->packet_transfer_size;
687 if (size > byte_count_limit) {
688 /* byte count limit must be even if this case */
689 if (byte_count_limit & 1)
691 size = byte_count_limit;
695 s->elementary_transfer_size = size;
696 /* we cannot transmit more than one sector at a time */
698 if (size > (2048 - s->io_buffer_index))
699 size = (2048 - s->io_buffer_index);
701 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
702 size, ide_atapi_cmd_reply_end);
703 s->packet_transfer_size -= size;
704 s->elementary_transfer_size -= size;
705 s->io_buffer_index += size;
707 #ifdef DEBUG_IDE_ATAPI
708 printf("status=0x%x\n", s->status);
714 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
715 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
719 s->lba = -1; /* no sector read */
720 s->packet_transfer_size = size;
721 s->elementary_transfer_size = 0;
722 s->io_buffer_index = 0;
724 s->status = READY_STAT;
725 ide_atapi_cmd_reply_end(s);
728 /* start a CD-CDROM read command */
729 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors)
731 #ifdef DEBUG_IDE_ATAPI
732 printf("read: LBA=%d nb_sectors=%d\n", lba, nb_sectors);
735 s->packet_transfer_size = nb_sectors * 2048;
736 s->elementary_transfer_size = 0;
737 s->io_buffer_index = 2048;
739 s->status = READY_STAT;
740 ide_atapi_cmd_reply_end(s);
743 /* same toc as bochs. Return -1 if error or the toc length */
744 static int cdrom_read_toc(IDEState *s, uint8_t *buf, int msf, int start_track)
749 if (start_track > 1 && start_track != 0xaa)
754 if (start_track <= 1) {
755 *q++ = 0; /* reserved */
756 *q++ = 0x14; /* ADR, control */
757 *q++ = 1; /* track number */
758 *q++ = 0; /* reserved */
760 *q++ = 0; /* reserved */
761 *q++ = 0; /* minute */
762 *q++ = 2; /* second */
763 *q++ = 0; /* frame */
771 *q++ = 0; /* reserved */
772 *q++ = 0x16; /* ADR, control */
773 *q++ = 0xaa; /* track number */
774 *q++ = 0; /* reserved */
775 nb_sectors = s->nb_sectors >> 2;
777 *q++ = 0; /* reserved */
778 *q++ = ((nb_sectors + 150) / 75) / 60;
779 *q++ = ((nb_sectors + 150) / 75) % 60;
780 *q++ = (nb_sectors + 150) % 75;
782 cpu_to_ube32(q, nb_sectors);
786 cpu_to_ube16(buf, len - 2);
790 static void ide_atapi_cmd(IDEState *s)
792 const uint8_t *packet;
796 packet = s->io_buffer;
798 #ifdef DEBUG_IDE_ATAPI
801 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
802 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
803 printf(" %02x", packet[i]);
808 switch(s->io_buffer[0]) {
809 case GPCMD_TEST_UNIT_READY:
810 if (bdrv_is_inserted(s->bs)) {
813 ide_atapi_cmd_error(s, SENSE_NOT_READY,
814 ASC_MEDIUM_NOT_PRESENT);
817 case GPCMD_MODE_SENSE_10:
820 max_len = ube16_to_cpu(packet + 7);
821 action = packet[2] >> 6;
822 code = packet[2] & 0x3f;
824 case 0: /* current values */
826 case 0x01: /* error recovery */
827 cpu_to_ube16(&buf[0], 16 + 6);
843 ide_atapi_cmd_reply(s, 16, max_len);
846 cpu_to_ube16(&buf[0], 28 + 6);
861 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
862 if (bdrv_is_locked(s->bs))
865 cpu_to_ube16(&buf[16], 706);
868 cpu_to_ube16(&buf[20], 512);
869 cpu_to_ube16(&buf[22], 706);
874 ide_atapi_cmd_reply(s, 28, max_len);
880 case 1: /* changeable values */
882 case 2: /* default values */
885 case 3: /* saved values */
886 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
887 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
892 case GPCMD_REQUEST_SENSE:
895 buf[0] = 0x70 | (1 << 7);
896 buf[2] = s->sense_key;
899 ide_atapi_cmd_reply(s, 18, max_len);
901 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
902 if (bdrv_is_inserted(s->bs)) {
903 bdrv_set_locked(s->bs, packet[4] & 1);
906 ide_atapi_cmd_error(s, SENSE_NOT_READY,
907 ASC_MEDIUM_NOT_PRESENT);
915 if (!bdrv_is_inserted(s->bs)) {
916 ide_atapi_cmd_error(s, SENSE_NOT_READY,
917 ASC_MEDIUM_NOT_PRESENT);
920 if (packet[0] == GPCMD_READ_10)
921 nb_sectors = ube16_to_cpu(packet + 7);
923 nb_sectors = ube32_to_cpu(packet + 6);
924 lba = ube32_to_cpu(packet + 2);
925 if (nb_sectors == 0) {
929 if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
930 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
931 ASC_LOGICAL_BLOCK_OOR);
934 ide_atapi_cmd_read(s, lba, nb_sectors);
940 if (!bdrv_is_inserted(s->bs)) {
941 ide_atapi_cmd_error(s, SENSE_NOT_READY,
942 ASC_MEDIUM_NOT_PRESENT);
945 lba = ube32_to_cpu(packet + 2);
946 if (((int64_t)lba << 2) > s->nb_sectors) {
947 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
948 ASC_LOGICAL_BLOCK_OOR);
954 case GPCMD_START_STOP_UNIT:
957 start = packet[4] & 1;
958 eject = (packet[4] >> 1) & 1;
960 if (eject && !start) {
967 case GPCMD_MECHANISM_STATUS:
969 max_len = ube16_to_cpu(packet + 8);
970 cpu_to_ube16(buf, 0);
976 cpu_to_ube16(buf + 6, 0);
977 ide_atapi_cmd_reply(s, 8, max_len);
980 case GPCMD_READ_TOC_PMA_ATIP:
982 int format, msf, start_track, len;
984 if (!bdrv_is_inserted(s->bs)) {
985 ide_atapi_cmd_error(s, SENSE_NOT_READY,
986 ASC_MEDIUM_NOT_PRESENT);
989 max_len = ube16_to_cpu(packet + 7);
990 format = packet[9] >> 6;
991 msf = (packet[1] >> 1) & 1;
992 start_track = packet[6];
995 len = cdrom_read_toc(s, buf, msf, start_track);
998 ide_atapi_cmd_reply(s, len, max_len);
1001 /* multi session : only a single session defined */
1006 ide_atapi_cmd_reply(s, 12, max_len);
1010 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1011 ASC_INV_FIELD_IN_CMD_PACKET);
1016 case GPCMD_READ_CDVD_CAPACITY:
1017 if (!bdrv_is_inserted(s->bs)) {
1018 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1019 ASC_MEDIUM_NOT_PRESENT);
1022 /* NOTE: it is really the number of sectors minus 1 */
1023 cpu_to_ube32(buf, (s->nb_sectors >> 2) - 1);
1024 cpu_to_ube32(buf + 4, 2048);
1025 ide_atapi_cmd_reply(s, 8, 8);
1028 max_len = packet[4];
1029 buf[0] = 0x05; /* CD-ROM */
1030 buf[1] = 0x80; /* removable */
1031 buf[2] = 0x00; /* ISO */
1032 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1033 buf[4] = 31; /* additionnal length */
1034 buf[5] = 0; /* reserved */
1035 buf[6] = 0; /* reserved */
1036 buf[7] = 0; /* reserved */
1037 padstr8(buf + 8, 8, "QEMU");
1038 padstr8(buf + 16, 16, "QEMU CD-ROM");
1039 padstr8(buf + 32, 4, QEMU_VERSION);
1040 ide_atapi_cmd_reply(s, 36, max_len);
1043 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1044 ASC_ILLEGAL_OPCODE);
1049 /* called when the inserted state of the media has changed */
1050 static void cdrom_change_cb(void *opaque)
1052 IDEState *s = opaque;
1055 /* XXX: send interrupt too */
1056 bdrv_get_geometry(s->bs, &nb_sectors);
1057 s->nb_sectors = nb_sectors;
1060 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1062 IDEState *ide_if = opaque;
1067 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1074 /* NOTE: data is written to the two drives */
1075 ide_if[0].feature = val;
1076 ide_if[1].feature = val;
1081 ide_if[0].nsector = val;
1082 ide_if[1].nsector = val;
1085 ide_if[0].sector = val;
1086 ide_if[1].sector = val;
1089 ide_if[0].lcyl = val;
1090 ide_if[1].lcyl = val;
1093 ide_if[0].hcyl = val;
1094 ide_if[1].hcyl = val;
1097 ide_if[0].select = val & 0x4f;
1098 ide_if[1].select = val & 0x4f;
1100 unit = (val >> 4) & 1;
1102 ide_if->cur_drive = s;
1107 #if defined(DEBUG_IDE)
1108 printf("ide: CMD=%02x\n", val);
1110 s = ide_if->cur_drive;
1113 if (s->bs && !s->is_cdrom) {
1115 s->status = READY_STAT;
1116 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1119 ide_set_signature(s);
1121 ide_abort_command(s);
1128 s->status = READY_STAT;
1132 if (s->nsector > MAX_MULT_SECTORS ||
1134 (s->nsector & (s->nsector - 1)) != 0) {
1135 ide_abort_command(s);
1137 s->mult_sectors = s->nsector;
1138 s->status = READY_STAT;
1143 case WIN_VERIFY_ONCE:
1144 /* do sector number check ? */
1145 s->status = READY_STAT;
1152 s->req_nb_sectors = 1;
1156 case WIN_WRITE_ONCE:
1158 s->status = SEEK_STAT;
1159 s->req_nb_sectors = 1;
1160 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1163 if (!s->mult_sectors)
1165 s->req_nb_sectors = s->mult_sectors;
1169 if (!s->mult_sectors)
1172 s->status = SEEK_STAT;
1173 s->req_nb_sectors = s->mult_sectors;
1175 if (n > s->req_nb_sectors)
1176 n = s->req_nb_sectors;
1177 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1179 case WIN_READ_NATIVE_MAX:
1180 ide_set_sector(s, s->nb_sectors - 1);
1181 s->status = READY_STAT;
1184 case WIN_CHECKPOWERMODE1:
1185 s->nsector = 0xff; /* device active or idle */
1186 s->status = READY_STAT;
1190 /* ATAPI commands */
1193 ide_atapi_identify(s);
1194 s->status = READY_STAT;
1195 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1197 ide_abort_command(s);
1204 ide_set_signature(s);
1205 s->status = 0x00; /* NOTE: READY is _not_ set */
1211 /* DMA or overlapping commands not supported */
1212 if ((s->feature & 0x03) != 0)
1215 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1220 ide_abort_command(s);
1227 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
1229 IDEState *s = ((IDEState *)opaque)->cur_drive;
1248 ret = s->nsector & 0xff;
1272 ret = s->select | 0xa0;
1280 pic_set_irq(s->irq, 0);
1284 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1289 static uint32_t ide_status_read(void *opaque, uint32_t addr)
1291 IDEState *s = ((IDEState *)opaque)->cur_drive;
1295 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1300 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
1302 IDEState *ide_if = opaque;
1307 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1309 /* common for both drives */
1310 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
1311 (val & IDE_CMD_RESET)) {
1312 /* reset low to high */
1313 for(i = 0;i < 2; i++) {
1315 s->status = BUSY_STAT | SEEK_STAT;
1318 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
1319 !(val & IDE_CMD_RESET)) {
1321 for(i = 0;i < 2; i++) {
1324 s->status = 0x00; /* NOTE: READY is _not_ set */
1326 s->status = READY_STAT | SEEK_STAT;
1327 ide_set_signature(s);
1331 ide_if[0].cmd = val;
1332 ide_if[1].cmd = val;
1335 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
1337 IDEState *s = ((IDEState *)opaque)->cur_drive;
1341 *(uint16_t *)p = tswap16(val);
1344 if (p >= s->data_end)
1345 s->end_transfer_func(s);
1348 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
1350 IDEState *s = ((IDEState *)opaque)->cur_drive;
1354 ret = tswap16(*(uint16_t *)p);
1357 if (p >= s->data_end)
1358 s->end_transfer_func(s);
1362 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
1364 IDEState *s = ((IDEState *)opaque)->cur_drive;
1368 *(uint32_t *)p = tswap32(val);
1371 if (p >= s->data_end)
1372 s->end_transfer_func(s);
1375 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
1377 IDEState *s = ((IDEState *)opaque)->cur_drive;
1382 ret = tswap32(*(uint32_t *)p);
1385 if (p >= s->data_end)
1386 s->end_transfer_func(s);
1390 static void ide_reset(IDEState *s)
1392 s->mult_sectors = MAX_MULT_SECTORS;
1395 s->status = READY_STAT;
1396 ide_set_signature(s);
1400 uint8_t boot_ind; /* 0x80 - active */
1401 uint8_t head; /* starting head */
1402 uint8_t sector; /* starting sector */
1403 uint8_t cyl; /* starting cylinder */
1404 uint8_t sys_ind; /* What partition type */
1405 uint8_t end_head; /* end head */
1406 uint8_t end_sector; /* end sector */
1407 uint8_t end_cyl; /* end cylinder */
1408 uint32_t start_sect; /* starting sector counting from 0 */
1409 uint32_t nr_sects; /* nr of sectors in partition */
1410 } __attribute__((packed));
1412 /* try to guess the IDE geometry from the MSDOS partition table */
1413 static void ide_guess_geometry(IDEState *s)
1417 struct partition *p;
1420 if (s->cylinders != 0)
1422 ret = bdrv_read(s->bs, 0, buf, 1);
1425 /* test msdos magic */
1426 if (buf[510] != 0x55 || buf[511] != 0xaa)
1428 for(i = 0; i < 4; i++) {
1429 p = ((struct partition *)(buf + 0x1be)) + i;
1430 nr_sects = tswap32(p->nr_sects);
1431 if (nr_sects && p->end_head) {
1432 /* We make the assumption that the partition terminates on
1433 a cylinder boundary */
1434 s->heads = p->end_head + 1;
1435 s->sectors = p->end_sector & 63;
1436 s->cylinders = s->nb_sectors / (s->heads * s->sectors);
1438 printf("guessed partition: CHS=%d %d %d\n",
1439 s->cylinders, s->heads, s->sectors);
1445 void ide_init(int iobase, int iobase2, int irq,
1446 BlockDriverState *hd0, BlockDriverState *hd1)
1448 IDEState *s, *ide_state;
1449 int i, cylinders, heads, secs;
1452 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
1456 for(i = 0; i < 2; i++) {
1463 bdrv_get_geometry(s->bs, &nb_sectors);
1464 s->nb_sectors = nb_sectors;
1465 /* if a geometry hint is available, use it */
1466 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
1467 if (cylinders != 0) {
1468 s->cylinders = cylinders;
1472 ide_guess_geometry(s);
1473 if (s->cylinders == 0) {
1474 /* if no geometry, use a LBA compatible one */
1475 cylinders = nb_sectors / (16 * 63);
1476 if (cylinders > 16383)
1478 else if (cylinders < 2)
1480 s->cylinders = cylinders;
1485 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
1487 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
1493 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
1494 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
1496 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
1497 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
1501 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
1502 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
1503 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
1504 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
projects / qemu.git / blob