2 * QEMU IDE disk and CD/DVD-ROM Emulator
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
28 #include "scsi-disk.h"
31 #include "qemu-timer.h"
35 /* debug IDE devices */
37 //#define DEBUG_IDE_ATAPI
41 /* Bits of HD_STATUS */
43 #define INDEX_STAT 0x02
44 #define ECC_STAT 0x04 /* Corrected error */
46 #define SEEK_STAT 0x10
48 #define WRERR_STAT 0x20
49 #define READY_STAT 0x40
50 #define BUSY_STAT 0x80
52 /* Bits for HD_ERROR */
53 #define MARK_ERR 0x01 /* Bad address mark */
54 #define TRK0_ERR 0x02 /* couldn't find track 0 */
55 #define ABRT_ERR 0x04 /* Command aborted */
56 #define MCR_ERR 0x08 /* media change request */
57 #define ID_ERR 0x10 /* ID field not found */
58 #define MC_ERR 0x20 /* media changed */
59 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
60 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
61 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
63 /* Bits of HD_NSECTOR */
69 #define IDE_CMD_RESET 0x04
70 #define IDE_CMD_DISABLE_IRQ 0x02
72 /* ATA/ATAPI Commands pre T13 Spec */
77 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
81 #define WIN_SRST 0x08 /* ATAPI soft reset command */
82 #define WIN_DEVICE_RESET 0x08
86 #define WIN_RECAL 0x10
87 #define WIN_RESTORE WIN_RECAL
91 #define WIN_READ 0x20 /* 28-Bit */
92 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
93 #define WIN_READ_LONG 0x22 /* 28-Bit */
94 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
95 #define WIN_READ_EXT 0x24 /* 48-Bit */
96 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
97 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
98 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
102 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
104 * 0x2A->0x2F Reserved
106 #define WIN_WRITE 0x30 /* 28-Bit */
107 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
108 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
109 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
110 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
111 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
112 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
113 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
114 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
115 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
117 * 0x3A->0x3B Reserved
119 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
121 * 0x3D->0x3F Reserved
123 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
124 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
125 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
127 * 0x43->0x4F Reserved
129 #define WIN_FORMAT 0x50
131 * 0x51->0x5F Reserved
133 #define WIN_INIT 0x60
135 * 0x61->0x5F Reserved
137 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
138 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
139 #define WIN_DIAGNOSE 0x90
140 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
141 #define WIN_DOWNLOAD_MICROCODE 0x92
142 #define WIN_STANDBYNOW2 0x94
143 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
144 #define WIN_STANDBY2 0x96
145 #define WIN_SETIDLE2 0x97
146 #define WIN_CHECKPOWERMODE2 0x98
147 #define WIN_SLEEPNOW2 0x99
151 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
152 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
153 #define WIN_QUEUED_SERVICE 0xA2
154 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
155 #define CFA_ACCESS_METADATA_STORAGE 0xB8
156 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
157 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
158 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
159 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
160 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
161 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
162 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
163 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
164 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
165 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
166 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
167 #define WIN_GETMEDIASTATUS 0xDA
168 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
169 #define WIN_POSTBOOT 0xDC
170 #define WIN_PREBOOT 0xDD
171 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
172 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
173 #define WIN_STANDBYNOW1 0xE0
174 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
175 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
176 #define WIN_SETIDLE1 0xE3
177 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
178 #define WIN_CHECKPOWERMODE1 0xE5
179 #define WIN_SLEEPNOW1 0xE6
180 #define WIN_FLUSH_CACHE 0xE7
181 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
182 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
183 /* SET_FEATURES 0x22 or 0xDD */
184 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
185 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
186 #define WIN_MEDIAEJECT 0xED
187 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
188 #define WIN_SETFEATURES 0xEF /* set special drive features */
189 #define EXABYTE_ENABLE_NEST 0xF0
190 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
191 #define WIN_SECURITY_SET_PASS 0xF1
192 #define WIN_SECURITY_UNLOCK 0xF2
193 #define WIN_SECURITY_ERASE_PREPARE 0xF3
194 #define WIN_SECURITY_ERASE_UNIT 0xF4
195 #define WIN_SECURITY_FREEZE_LOCK 0xF5
196 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
197 #define WIN_SECURITY_DISABLE 0xF6
198 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
199 #define WIN_SET_MAX 0xF9
200 #define DISABLE_SEAGATE 0xFB
202 /* set to 1 set disable mult support */
203 #define MAX_MULT_SECTORS 16
205 #define IDE_DMA_BUF_SECTORS 256
207 #if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
208 #error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
213 #define ATAPI_PACKET_SIZE 12
215 /* The generic packet command opcodes for CD/DVD Logical Units,
216 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
217 #define GPCMD_BLANK 0xa1
218 #define GPCMD_CLOSE_TRACK 0x5b
219 #define GPCMD_FLUSH_CACHE 0x35
220 #define GPCMD_FORMAT_UNIT 0x04
221 #define GPCMD_GET_CONFIGURATION 0x46
222 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
223 #define GPCMD_GET_PERFORMANCE 0xac
224 #define GPCMD_INQUIRY 0x12
225 #define GPCMD_LOAD_UNLOAD 0xa6
226 #define GPCMD_MECHANISM_STATUS 0xbd
227 #define GPCMD_MODE_SELECT_10 0x55
228 #define GPCMD_MODE_SENSE_10 0x5a
229 #define GPCMD_PAUSE_RESUME 0x4b
230 #define GPCMD_PLAY_AUDIO_10 0x45
231 #define GPCMD_PLAY_AUDIO_MSF 0x47
232 #define GPCMD_PLAY_AUDIO_TI 0x48
233 #define GPCMD_PLAY_CD 0xbc
234 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
235 #define GPCMD_READ_10 0x28
236 #define GPCMD_READ_12 0xa8
237 #define GPCMD_READ_CDVD_CAPACITY 0x25
238 #define GPCMD_READ_CD 0xbe
239 #define GPCMD_READ_CD_MSF 0xb9
240 #define GPCMD_READ_DISC_INFO 0x51
241 #define GPCMD_READ_DVD_STRUCTURE 0xad
242 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
243 #define GPCMD_READ_HEADER 0x44
244 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
245 #define GPCMD_READ_SUBCHANNEL 0x42
246 #define GPCMD_READ_TOC_PMA_ATIP 0x43
247 #define GPCMD_REPAIR_RZONE_TRACK 0x58
248 #define GPCMD_REPORT_KEY 0xa4
249 #define GPCMD_REQUEST_SENSE 0x03
250 #define GPCMD_RESERVE_RZONE_TRACK 0x53
251 #define GPCMD_SCAN 0xba
252 #define GPCMD_SEEK 0x2b
253 #define GPCMD_SEND_DVD_STRUCTURE 0xad
254 #define GPCMD_SEND_EVENT 0xa2
255 #define GPCMD_SEND_KEY 0xa3
256 #define GPCMD_SEND_OPC 0x54
257 #define GPCMD_SET_READ_AHEAD 0xa7
258 #define GPCMD_SET_STREAMING 0xb6
259 #define GPCMD_START_STOP_UNIT 0x1b
260 #define GPCMD_STOP_PLAY_SCAN 0x4e
261 #define GPCMD_TEST_UNIT_READY 0x00
262 #define GPCMD_VERIFY_10 0x2f
263 #define GPCMD_WRITE_10 0x2a
264 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
265 /* This is listed as optional in ATAPI 2.6, but is (curiously)
266 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
267 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
268 * drives support it. */
269 #define GPCMD_SET_SPEED 0xbb
270 /* This seems to be a SCSI specific CD-ROM opcode
271 * to play data at track/index */
272 #define GPCMD_PLAYAUDIO_TI 0x48
274 * From MS Media Status Notification Support Specification. For
277 #define GPCMD_GET_MEDIA_STATUS 0xda
278 #define GPCMD_MODE_SENSE_6 0x1a
280 /* Mode page codes for mode sense/set */
281 #define GPMODE_R_W_ERROR_PAGE 0x01
282 #define GPMODE_WRITE_PARMS_PAGE 0x05
283 #define GPMODE_AUDIO_CTL_PAGE 0x0e
284 #define GPMODE_POWER_PAGE 0x1a
285 #define GPMODE_FAULT_FAIL_PAGE 0x1c
286 #define GPMODE_TO_PROTECT_PAGE 0x1d
287 #define GPMODE_CAPABILITIES_PAGE 0x2a
288 #define GPMODE_ALL_PAGES 0x3f
289 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
290 * of MODE_SENSE_POWER_PAGE */
291 #define GPMODE_CDROM_PAGE 0x0d
294 * Based on values from <linux/cdrom.h> but extending CD_MINS
295 * to the maximum common size allowed by the Orange's Book ATIP
297 * 90 and 99 min CDs are also available but using them as the
298 * upper limit reduces the effectiveness of the heuristic to
299 * detect DVDs burned to less than 25% of their maximum capacity
302 /* Some generally useful CD-ROM information */
303 #define CD_MINS 80 /* max. minutes per CD */
304 #define CD_SECS 60 /* seconds per minute */
305 #define CD_FRAMES 75 /* frames per second */
306 #define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
307 #define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
308 #define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
311 * The MMC values are not IDE specific and might need to be moved
312 * to a common header if they are also needed for the SCSI emulation
315 /* Profile list from MMC-6 revision 1 table 91 */
316 #define MMC_PROFILE_NONE 0x0000
317 #define MMC_PROFILE_CD_ROM 0x0008
318 #define MMC_PROFILE_CD_R 0x0009
319 #define MMC_PROFILE_CD_RW 0x000A
320 #define MMC_PROFILE_DVD_ROM 0x0010
321 #define MMC_PROFILE_DVD_R_SR 0x0011
322 #define MMC_PROFILE_DVD_RAM 0x0012
323 #define MMC_PROFILE_DVD_RW_RO 0x0013
324 #define MMC_PROFILE_DVD_RW_SR 0x0014
325 #define MMC_PROFILE_DVD_R_DL_SR 0x0015
326 #define MMC_PROFILE_DVD_R_DL_JR 0x0016
327 #define MMC_PROFILE_DVD_RW_DL 0x0017
328 #define MMC_PROFILE_DVD_DDR 0x0018
329 #define MMC_PROFILE_DVD_PLUS_RW 0x001A
330 #define MMC_PROFILE_DVD_PLUS_R 0x001B
331 #define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
332 #define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
333 #define MMC_PROFILE_BD_ROM 0x0040
334 #define MMC_PROFILE_BD_R_SRM 0x0041
335 #define MMC_PROFILE_BD_R_RRM 0x0042
336 #define MMC_PROFILE_BD_RE 0x0043
337 #define MMC_PROFILE_HDDVD_ROM 0x0050
338 #define MMC_PROFILE_HDDVD_R 0x0051
339 #define MMC_PROFILE_HDDVD_RAM 0x0052
340 #define MMC_PROFILE_HDDVD_RW 0x0053
341 #define MMC_PROFILE_HDDVD_R_DL 0x0058
342 #define MMC_PROFILE_HDDVD_RW_DL 0x005A
343 #define MMC_PROFILE_INVALID 0xFFFF
345 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
346 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
347 #define ATAPI_INT_REASON_REL 0x04
348 #define ATAPI_INT_REASON_TAG 0xf8
350 /* same constants as bochs */
351 #define ASC_ILLEGAL_OPCODE 0x20
352 #define ASC_LOGICAL_BLOCK_OOR 0x21
353 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
354 #define ASC_MEDIUM_NOT_PRESENT 0x3a
355 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
357 #define CFA_NO_ERROR 0x00
358 #define CFA_MISC_ERROR 0x09
359 #define CFA_INVALID_COMMAND 0x20
360 #define CFA_INVALID_ADDRESS 0x21
361 #define CFA_ADDRESS_OVERFLOW 0x2f
364 #define SENSE_NOT_READY 2
365 #define SENSE_ILLEGAL_REQUEST 5
366 #define SENSE_UNIT_ATTENTION 6
370 typedef void EndTransferFunc(struct IDEState *);
372 /* NOTE: IDEState represents in fact one drive */
373 typedef struct IDEState {
377 int cylinders, heads, sectors;
381 uint16_t identify_data[256];
384 struct BMDMAState *bmdma;
393 /* other part of tf for lba48 support */
403 /* 0x3f6 command, only meaningful for drive 0 */
405 /* set for lba48 access */
407 /* depends on bit 4 in select, only meaningful for drive 0 */
408 struct IDEState *cur_drive;
409 BlockDriverState *bs;
413 int packet_transfer_size;
414 int elementary_transfer_size;
418 int atapi_dma; /* true if dma is requested for the packet cmd */
421 /* PIO transfer handling */
422 int req_nb_sectors; /* number of sectors per interrupt */
423 EndTransferFunc *end_transfer_func;
427 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
428 uint32_t irq_count; /* counts IRQs when using win2k install hack */
429 /* CF-ATA extended error */
431 /* CF-ATA metadata storage */
433 uint8_t *mdata_storage;
437 #define BM_STATUS_DMAING 0x01
438 #define BM_STATUS_ERROR 0x02
439 #define BM_STATUS_INT 0x04
441 #define BM_CMD_START 0x01
442 #define BM_CMD_READ 0x08
444 #define IDE_TYPE_PIIX3 0
445 #define IDE_TYPE_CMD646 1
446 #define IDE_TYPE_PIIX4 2
448 /* CMD646 specific */
450 #define MRDMODE_INTR_CH0 0x04
451 #define MRDMODE_INTR_CH1 0x08
452 #define MRDMODE_BLK_CH0 0x10
453 #define MRDMODE_BLK_CH1 0x20
454 #define UDIDETCR0 0x73
455 #define UDIDETCR1 0x7B
457 typedef struct BMDMAState {
462 struct PCIIDEState *pci_dev;
463 /* current transfer state */
465 uint32_t cur_prd_last;
466 uint32_t cur_prd_addr;
467 uint32_t cur_prd_len;
469 BlockDriverCompletionFunc *dma_cb;
470 BlockDriverAIOCB *aiocb;
473 typedef struct PCIIDEState {
477 int type; /* see IDE_TYPE_xxx */
480 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
481 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
483 static void padstr(char *str, const char *src, int len)
486 for(i = 0; i < len; i++) {
495 static void padstr8(uint8_t *buf, int buf_size, const char *src)
498 for(i = 0; i < buf_size; i++) {
506 static void put_le16(uint16_t *p, unsigned int v)
511 static void ide_identify(IDEState *s)
514 unsigned int oldsize;
517 if (s->identify_set) {
518 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
522 memset(s->io_buffer, 0, 512);
523 p = (uint16_t *)s->io_buffer;
524 put_le16(p + 0, 0x0040);
525 put_le16(p + 1, s->cylinders);
526 put_le16(p + 3, s->heads);
527 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
528 put_le16(p + 5, 512); /* XXX: retired, remove ? */
529 put_le16(p + 6, s->sectors);
530 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
531 padstr((char *)(p + 10), buf, 20); /* serial number */
532 put_le16(p + 20, 3); /* XXX: retired, remove ? */
533 put_le16(p + 21, 512); /* cache size in sectors */
534 put_le16(p + 22, 4); /* ecc bytes */
535 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
536 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
537 #if MAX_MULT_SECTORS > 1
538 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
540 put_le16(p + 48, 1); /* dword I/O */
541 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
542 put_le16(p + 51, 0x200); /* PIO transfer cycle */
543 put_le16(p + 52, 0x200); /* DMA transfer cycle */
544 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
545 put_le16(p + 54, s->cylinders);
546 put_le16(p + 55, s->heads);
547 put_le16(p + 56, s->sectors);
548 oldsize = s->cylinders * s->heads * s->sectors;
549 put_le16(p + 57, oldsize);
550 put_le16(p + 58, oldsize >> 16);
552 put_le16(p + 59, 0x100 | s->mult_sectors);
553 put_le16(p + 60, s->nb_sectors);
554 put_le16(p + 61, s->nb_sectors >> 16);
555 put_le16(p + 63, 0x07); /* mdma0-2 supported */
556 put_le16(p + 65, 120);
557 put_le16(p + 66, 120);
558 put_le16(p + 67, 120);
559 put_le16(p + 68, 120);
560 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
561 put_le16(p + 81, 0x16); /* conforms to ata5 */
562 put_le16(p + 82, (1 << 14));
563 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
564 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
565 put_le16(p + 84, (1 << 14));
566 put_le16(p + 85, (1 << 14));
567 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
568 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
569 put_le16(p + 87, (1 << 14));
570 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
571 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
572 put_le16(p + 100, s->nb_sectors);
573 put_le16(p + 101, s->nb_sectors >> 16);
574 put_le16(p + 102, s->nb_sectors >> 32);
575 put_le16(p + 103, s->nb_sectors >> 48);
577 memcpy(s->identify_data, p, sizeof(s->identify_data));
581 static void ide_atapi_identify(IDEState *s)
586 if (s->identify_set) {
587 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
591 memset(s->io_buffer, 0, 512);
592 p = (uint16_t *)s->io_buffer;
593 /* Removable CDROM, 50us response, 12 byte packets */
594 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
595 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
596 padstr((char *)(p + 10), buf, 20); /* serial number */
597 put_le16(p + 20, 3); /* buffer type */
598 put_le16(p + 21, 512); /* cache size in sectors */
599 put_le16(p + 22, 4); /* ecc bytes */
600 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
601 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
602 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
604 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
605 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
606 put_le16(p + 63, 7); /* mdma0-2 supported */
607 put_le16(p + 64, 0x3f); /* PIO modes supported */
609 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
610 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
611 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
612 put_le16(p + 64, 1); /* PIO modes */
614 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
615 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
616 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
617 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
619 put_le16(p + 71, 30); /* in ns */
620 put_le16(p + 72, 30); /* in ns */
622 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
624 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
626 memcpy(s->identify_data, p, sizeof(s->identify_data));
630 static void ide_cfata_identify(IDEState *s)
636 p = (uint16_t *) s->identify_data;
640 memset(p, 0, sizeof(s->identify_data));
642 cur_sec = s->cylinders * s->heads * s->sectors;
644 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
645 put_le16(p + 1, s->cylinders); /* Default cylinders */
646 put_le16(p + 3, s->heads); /* Default heads */
647 put_le16(p + 6, s->sectors); /* Default sectors per track */
648 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
649 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
650 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
651 padstr((char *)(p + 10), buf, 20); /* Serial number in ASCII */
652 put_le16(p + 22, 0x0004); /* ECC bytes */
653 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
654 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
655 #if MAX_MULT_SECTORS > 1
656 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
658 put_le16(p + 47, 0x0000);
660 put_le16(p + 49, 0x0f00); /* Capabilities */
661 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
662 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
663 put_le16(p + 53, 0x0003); /* Translation params valid */
664 put_le16(p + 54, s->cylinders); /* Current cylinders */
665 put_le16(p + 55, s->heads); /* Current heads */
666 put_le16(p + 56, s->sectors); /* Current sectors */
667 put_le16(p + 57, cur_sec); /* Current capacity */
668 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
669 if (s->mult_sectors) /* Multiple sector setting */
670 put_le16(p + 59, 0x100 | s->mult_sectors);
671 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
672 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
673 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
674 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
675 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
676 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
677 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
678 put_le16(p + 82, 0x400c); /* Command Set supported */
679 put_le16(p + 83, 0x7068); /* Command Set supported */
680 put_le16(p + 84, 0x4000); /* Features supported */
681 put_le16(p + 85, 0x000c); /* Command Set enabled */
682 put_le16(p + 86, 0x7044); /* Command Set enabled */
683 put_le16(p + 87, 0x4000); /* Features enabled */
684 put_le16(p + 91, 0x4060); /* Current APM level */
685 put_le16(p + 129, 0x0002); /* Current features option */
686 put_le16(p + 130, 0x0005); /* Reassigned sectors */
687 put_le16(p + 131, 0x0001); /* Initial power mode */
688 put_le16(p + 132, 0x0000); /* User signature */
689 put_le16(p + 160, 0x8100); /* Power requirement */
690 put_le16(p + 161, 0x8001); /* CF command set */
695 memcpy(s->io_buffer, p, sizeof(s->identify_data));
698 static void ide_set_signature(IDEState *s)
700 s->select &= 0xf0; /* clear head */
716 static inline void ide_abort_command(IDEState *s)
718 s->status = READY_STAT | ERR_STAT;
722 static inline void ide_set_irq(IDEState *s)
724 BMDMAState *bm = s->bmdma;
725 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
727 bm->status |= BM_STATUS_INT;
729 qemu_irq_raise(s->irq);
733 /* prepare data transfer and tell what to do after */
734 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
735 EndTransferFunc *end_transfer_func)
737 s->end_transfer_func = end_transfer_func;
739 s->data_end = buf + size;
740 if (!(s->status & ERR_STAT))
741 s->status |= DRQ_STAT;
744 static void ide_transfer_stop(IDEState *s)
746 s->end_transfer_func = ide_transfer_stop;
747 s->data_ptr = s->io_buffer;
748 s->data_end = s->io_buffer;
749 s->status &= ~DRQ_STAT;
752 static int64_t ide_get_sector(IDEState *s)
755 if (s->select & 0x40) {
758 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
759 (s->lcyl << 8) | s->sector;
761 sector_num = ((int64_t)s->hob_hcyl << 40) |
762 ((int64_t) s->hob_lcyl << 32) |
763 ((int64_t) s->hob_sector << 24) |
764 ((int64_t) s->hcyl << 16) |
765 ((int64_t) s->lcyl << 8) | s->sector;
768 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
769 (s->select & 0x0f) * s->sectors + (s->sector - 1);
774 static void ide_set_sector(IDEState *s, int64_t sector_num)
777 if (s->select & 0x40) {
779 s->select = (s->select & 0xf0) | (sector_num >> 24);
780 s->hcyl = (sector_num >> 16);
781 s->lcyl = (sector_num >> 8);
782 s->sector = (sector_num);
784 s->sector = sector_num;
785 s->lcyl = sector_num >> 8;
786 s->hcyl = sector_num >> 16;
787 s->hob_sector = sector_num >> 24;
788 s->hob_lcyl = sector_num >> 32;
789 s->hob_hcyl = sector_num >> 40;
792 cyl = sector_num / (s->heads * s->sectors);
793 r = sector_num % (s->heads * s->sectors);
796 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
797 s->sector = (r % s->sectors) + 1;
801 static void ide_sector_read(IDEState *s)
806 s->status = READY_STAT | SEEK_STAT;
807 s->error = 0; /* not needed by IDE spec, but needed by Windows */
808 sector_num = ide_get_sector(s);
811 /* no more sector to read from disk */
812 ide_transfer_stop(s);
814 #if defined(DEBUG_IDE)
815 printf("read sector=%Ld\n", sector_num);
817 if (n > s->req_nb_sectors)
818 n = s->req_nb_sectors;
819 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
820 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
822 ide_set_sector(s, sector_num + n);
827 /* return 0 if buffer completed */
828 static int dma_buf_rw(BMDMAState *bm, int is_write)
830 IDEState *s = bm->ide_if;
838 l = s->io_buffer_size - s->io_buffer_index;
841 if (bm->cur_prd_len == 0) {
842 /* end of table (with a fail safe of one page) */
843 if (bm->cur_prd_last ||
844 (bm->cur_addr - bm->addr) >= 4096)
846 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
848 prd.addr = le32_to_cpu(prd.addr);
849 prd.size = le32_to_cpu(prd.size);
850 len = prd.size & 0xfffe;
853 bm->cur_prd_len = len;
854 bm->cur_prd_addr = prd.addr;
855 bm->cur_prd_last = (prd.size & 0x80000000);
857 if (l > bm->cur_prd_len)
861 cpu_physical_memory_write(bm->cur_prd_addr,
862 s->io_buffer + s->io_buffer_index, l);
864 cpu_physical_memory_read(bm->cur_prd_addr,
865 s->io_buffer + s->io_buffer_index, l);
867 bm->cur_prd_addr += l;
868 bm->cur_prd_len -= l;
869 s->io_buffer_index += l;
875 /* XXX: handle errors */
876 static void ide_read_dma_cb(void *opaque, int ret)
878 BMDMAState *bm = opaque;
879 IDEState *s = bm->ide_if;
883 n = s->io_buffer_size >> 9;
884 sector_num = ide_get_sector(s);
887 ide_set_sector(s, sector_num);
889 if (dma_buf_rw(bm, 1) == 0)
893 /* end of transfer ? */
894 if (s->nsector == 0) {
895 s->status = READY_STAT | SEEK_STAT;
898 bm->status &= ~BM_STATUS_DMAING;
899 bm->status |= BM_STATUS_INT;
906 /* launch next transfer */
908 if (n > IDE_DMA_BUF_SECTORS)
909 n = IDE_DMA_BUF_SECTORS;
910 s->io_buffer_index = 0;
911 s->io_buffer_size = n * 512;
913 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
915 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
916 ide_read_dma_cb, bm);
919 static void ide_sector_read_dma(IDEState *s)
921 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
922 s->io_buffer_index = 0;
923 s->io_buffer_size = 0;
924 ide_dma_start(s, ide_read_dma_cb);
927 static void ide_sector_write_timer_cb(void *opaque)
929 IDEState *s = opaque;
933 static void ide_sector_write(IDEState *s)
938 s->status = READY_STAT | SEEK_STAT;
939 sector_num = ide_get_sector(s);
940 #if defined(DEBUG_IDE)
941 printf("write sector=%Ld\n", sector_num);
944 if (n > s->req_nb_sectors)
945 n = s->req_nb_sectors;
946 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
948 if (s->nsector == 0) {
949 /* no more sectors to write */
950 ide_transfer_stop(s);
953 if (n1 > s->req_nb_sectors)
954 n1 = s->req_nb_sectors;
955 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
957 ide_set_sector(s, sector_num + n);
960 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
961 /* It seems there is a bug in the Windows 2000 installer HDD
962 IDE driver which fills the disk with empty logs when the
963 IDE write IRQ comes too early. This hack tries to correct
964 that at the expense of slower write performances. Use this
965 option _only_ to install Windows 2000. You must disable it
967 qemu_mod_timer(s->sector_write_timer,
968 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
976 /* XXX: handle errors */
977 static void ide_write_dma_cb(void *opaque, int ret)
979 BMDMAState *bm = opaque;
980 IDEState *s = bm->ide_if;
984 n = s->io_buffer_size >> 9;
985 sector_num = ide_get_sector(s);
988 ide_set_sector(s, sector_num);
992 /* end of transfer ? */
993 if (s->nsector == 0) {
994 s->status = READY_STAT | SEEK_STAT;
997 bm->status &= ~BM_STATUS_DMAING;
998 bm->status |= BM_STATUS_INT;
1005 /* launch next transfer */
1007 if (n > IDE_DMA_BUF_SECTORS)
1008 n = IDE_DMA_BUF_SECTORS;
1009 s->io_buffer_index = 0;
1010 s->io_buffer_size = n * 512;
1012 if (dma_buf_rw(bm, 0) == 0)
1015 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
1017 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
1018 ide_write_dma_cb, bm);
1021 static void ide_sector_write_dma(IDEState *s)
1023 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1024 s->io_buffer_index = 0;
1025 s->io_buffer_size = 0;
1026 ide_dma_start(s, ide_write_dma_cb);
1029 static void ide_atapi_cmd_ok(IDEState *s)
1032 s->status = READY_STAT;
1033 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1037 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1039 #ifdef DEBUG_IDE_ATAPI
1040 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1042 s->error = sense_key << 4;
1043 s->status = READY_STAT | ERR_STAT;
1044 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1045 s->sense_key = sense_key;
1050 static inline void cpu_to_ube16(uint8_t *buf, int val)
1056 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1064 static inline int ube16_to_cpu(const uint8_t *buf)
1066 return (buf[0] << 8) | buf[1];
1069 static inline int ube32_to_cpu(const uint8_t *buf)
1071 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1074 static void lba_to_msf(uint8_t *buf, int lba)
1077 buf[0] = (lba / 75) / 60;
1078 buf[1] = (lba / 75) % 60;
1082 static void cd_data_to_raw(uint8_t *buf, int lba)
1086 memset(buf + 1, 0xff, 10);
1090 lba_to_msf(buf, lba);
1091 buf[3] = 0x01; /* mode 1 data */
1095 /* XXX: ECC not computed */
1096 memset(buf, 0, 288);
1099 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
1104 switch(sector_size) {
1106 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1109 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1112 cd_data_to_raw(buf, lba);
1121 static void ide_atapi_io_error(IDEState *s, int ret)
1123 /* XXX: handle more errors */
1124 if (ret == -ENOMEDIUM) {
1125 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1126 ASC_MEDIUM_NOT_PRESENT);
1128 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1129 ASC_LOGICAL_BLOCK_OOR);
1133 /* The whole ATAPI transfer logic is handled in this function */
1134 static void ide_atapi_cmd_reply_end(IDEState *s)
1136 int byte_count_limit, size, ret;
1137 #ifdef DEBUG_IDE_ATAPI
1138 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1139 s->packet_transfer_size,
1140 s->elementary_transfer_size,
1141 s->io_buffer_index);
1143 if (s->packet_transfer_size <= 0) {
1144 /* end of transfer */
1145 ide_transfer_stop(s);
1146 s->status = READY_STAT;
1147 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1149 #ifdef DEBUG_IDE_ATAPI
1150 printf("status=0x%x\n", s->status);
1153 /* see if a new sector must be read */
1154 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1155 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1157 ide_transfer_stop(s);
1158 ide_atapi_io_error(s, ret);
1162 s->io_buffer_index = 0;
1164 if (s->elementary_transfer_size > 0) {
1165 /* there are some data left to transmit in this elementary
1167 size = s->cd_sector_size - s->io_buffer_index;
1168 if (size > s->elementary_transfer_size)
1169 size = s->elementary_transfer_size;
1170 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1171 size, ide_atapi_cmd_reply_end);
1172 s->packet_transfer_size -= size;
1173 s->elementary_transfer_size -= size;
1174 s->io_buffer_index += size;
1176 /* a new transfer is needed */
1177 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1178 byte_count_limit = s->lcyl | (s->hcyl << 8);
1179 #ifdef DEBUG_IDE_ATAPI
1180 printf("byte_count_limit=%d\n", byte_count_limit);
1182 if (byte_count_limit == 0xffff)
1184 size = s->packet_transfer_size;
1185 if (size > byte_count_limit) {
1186 /* byte count limit must be even if this case */
1187 if (byte_count_limit & 1)
1189 size = byte_count_limit;
1192 s->hcyl = size >> 8;
1193 s->elementary_transfer_size = size;
1194 /* we cannot transmit more than one sector at a time */
1196 if (size > (s->cd_sector_size - s->io_buffer_index))
1197 size = (s->cd_sector_size - s->io_buffer_index);
1199 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1200 size, ide_atapi_cmd_reply_end);
1201 s->packet_transfer_size -= size;
1202 s->elementary_transfer_size -= size;
1203 s->io_buffer_index += size;
1205 #ifdef DEBUG_IDE_ATAPI
1206 printf("status=0x%x\n", s->status);
1212 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1213 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1215 if (size > max_size)
1217 s->lba = -1; /* no sector read */
1218 s->packet_transfer_size = size;
1219 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1220 s->elementary_transfer_size = 0;
1221 s->io_buffer_index = 0;
1224 s->status = READY_STAT | DRQ_STAT;
1225 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1227 s->status = READY_STAT;
1228 ide_atapi_cmd_reply_end(s);
1232 /* start a CD-CDROM read command */
1233 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1237 s->packet_transfer_size = nb_sectors * sector_size;
1238 s->elementary_transfer_size = 0;
1239 s->io_buffer_index = sector_size;
1240 s->cd_sector_size = sector_size;
1242 s->status = READY_STAT;
1243 ide_atapi_cmd_reply_end(s);
1246 /* ATAPI DMA support */
1248 /* XXX: handle read errors */
1249 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1251 BMDMAState *bm = opaque;
1252 IDEState *s = bm->ide_if;
1256 ide_atapi_io_error(s, ret);
1260 if (s->io_buffer_size > 0) {
1262 * For a cdrom read sector command (s->lba != -1),
1263 * adjust the lba for the next s->io_buffer_size chunk
1264 * and dma the current chunk.
1265 * For a command != read (s->lba == -1), just transfer
1269 if (s->cd_sector_size == 2352) {
1271 cd_data_to_raw(s->io_buffer, s->lba);
1273 n = s->io_buffer_size >> 11;
1277 s->packet_transfer_size -= s->io_buffer_size;
1278 if (dma_buf_rw(bm, 1) == 0)
1282 if (s->packet_transfer_size <= 0) {
1283 s->status = READY_STAT;
1284 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1287 bm->status &= ~BM_STATUS_DMAING;
1288 bm->status |= BM_STATUS_INT;
1295 s->io_buffer_index = 0;
1296 if (s->cd_sector_size == 2352) {
1298 s->io_buffer_size = s->cd_sector_size;
1301 n = s->packet_transfer_size >> 11;
1302 if (n > (IDE_DMA_BUF_SECTORS / 4))
1303 n = (IDE_DMA_BUF_SECTORS / 4);
1304 s->io_buffer_size = n * 2048;
1308 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1310 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1311 s->io_buffer + data_offset, n * 4,
1312 ide_atapi_cmd_read_dma_cb, bm);
1314 /* Note: media not present is the most likely case */
1315 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1316 ASC_MEDIUM_NOT_PRESENT);
1321 /* start a CD-CDROM read command with DMA */
1322 /* XXX: test if DMA is available */
1323 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1327 s->packet_transfer_size = nb_sectors * sector_size;
1328 s->io_buffer_index = 0;
1329 s->io_buffer_size = 0;
1330 s->cd_sector_size = sector_size;
1332 /* XXX: check if BUSY_STAT should be set */
1333 s->status = READY_STAT | DRQ_STAT | BUSY_STAT;
1334 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1337 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1340 #ifdef DEBUG_IDE_ATAPI
1341 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1345 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1347 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1351 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1354 uint8_t *buf_profile = buf + 12; /* start of profiles */
1356 buf_profile += ((*index) * 4); /* start of indexed profile */
1357 cpu_to_ube16 (buf_profile, profile);
1358 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1360 /* each profile adds 4 bytes to the response */
1362 buf[11] += 4; /* Additional Length */
1367 static void ide_atapi_cmd(IDEState *s)
1369 const uint8_t *packet;
1373 packet = s->io_buffer;
1375 #ifdef DEBUG_IDE_ATAPI
1378 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1379 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1380 printf(" %02x", packet[i]);
1385 switch(s->io_buffer[0]) {
1386 case GPCMD_TEST_UNIT_READY:
1387 if (bdrv_is_inserted(s->bs)) {
1388 ide_atapi_cmd_ok(s);
1390 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1391 ASC_MEDIUM_NOT_PRESENT);
1394 case GPCMD_MODE_SENSE_6:
1395 case GPCMD_MODE_SENSE_10:
1398 if (packet[0] == GPCMD_MODE_SENSE_10)
1399 max_len = ube16_to_cpu(packet + 7);
1401 max_len = packet[4];
1402 action = packet[2] >> 6;
1403 code = packet[2] & 0x3f;
1405 case 0: /* current values */
1407 case 0x01: /* error recovery */
1408 cpu_to_ube16(&buf[0], 16 + 6);
1424 ide_atapi_cmd_reply(s, 16, max_len);
1427 cpu_to_ube16(&buf[0], 28 + 6);
1442 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1443 if (bdrv_is_locked(s->bs))
1446 cpu_to_ube16(&buf[16], 706);
1449 cpu_to_ube16(&buf[20], 512);
1450 cpu_to_ube16(&buf[22], 706);
1455 ide_atapi_cmd_reply(s, 28, max_len);
1461 case 1: /* changeable values */
1463 case 2: /* default values */
1466 case 3: /* saved values */
1467 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1468 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1473 case GPCMD_REQUEST_SENSE:
1474 max_len = packet[4];
1476 buf[0] = 0x70 | (1 << 7);
1477 buf[2] = s->sense_key;
1480 ide_atapi_cmd_reply(s, 18, max_len);
1482 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1483 if (bdrv_is_inserted(s->bs)) {
1484 bdrv_set_locked(s->bs, packet[4] & 1);
1485 ide_atapi_cmd_ok(s);
1487 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1488 ASC_MEDIUM_NOT_PRESENT);
1494 int nb_sectors, lba;
1496 if (packet[0] == GPCMD_READ_10)
1497 nb_sectors = ube16_to_cpu(packet + 7);
1499 nb_sectors = ube32_to_cpu(packet + 6);
1500 lba = ube32_to_cpu(packet + 2);
1501 if (nb_sectors == 0) {
1502 ide_atapi_cmd_ok(s);
1505 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1510 int nb_sectors, lba, transfer_request;
1512 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1513 lba = ube32_to_cpu(packet + 2);
1514 if (nb_sectors == 0) {
1515 ide_atapi_cmd_ok(s);
1518 transfer_request = packet[9];
1519 switch(transfer_request & 0xf8) {
1522 ide_atapi_cmd_ok(s);
1526 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1530 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1533 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1534 ASC_INV_FIELD_IN_CMD_PACKET);
1542 uint64_t total_sectors;
1544 bdrv_get_geometry(s->bs, &total_sectors);
1545 total_sectors >>= 2;
1546 if (total_sectors == 0) {
1547 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1548 ASC_MEDIUM_NOT_PRESENT);
1551 lba = ube32_to_cpu(packet + 2);
1552 if (lba >= total_sectors) {
1553 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1554 ASC_LOGICAL_BLOCK_OOR);
1557 ide_atapi_cmd_ok(s);
1560 case GPCMD_START_STOP_UNIT:
1563 start = packet[4] & 1;
1564 eject = (packet[4] >> 1) & 1;
1566 if (eject && !start) {
1567 /* eject the disk */
1568 bdrv_eject(s->bs, 1);
1569 } else if (eject && start) {
1570 /* close the tray */
1571 bdrv_eject(s->bs, 0);
1573 ide_atapi_cmd_ok(s);
1576 case GPCMD_MECHANISM_STATUS:
1578 max_len = ube16_to_cpu(packet + 8);
1579 cpu_to_ube16(buf, 0);
1580 /* no current LBA */
1585 cpu_to_ube16(buf + 6, 0);
1586 ide_atapi_cmd_reply(s, 8, max_len);
1589 case GPCMD_READ_TOC_PMA_ATIP:
1591 int format, msf, start_track, len;
1592 uint64_t total_sectors;
1594 bdrv_get_geometry(s->bs, &total_sectors);
1595 total_sectors >>= 2;
1596 if (total_sectors == 0) {
1597 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1598 ASC_MEDIUM_NOT_PRESENT);
1601 max_len = ube16_to_cpu(packet + 7);
1602 format = packet[9] >> 6;
1603 msf = (packet[1] >> 1) & 1;
1604 start_track = packet[6];
1607 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1610 ide_atapi_cmd_reply(s, len, max_len);
1613 /* multi session : only a single session defined */
1618 ide_atapi_cmd_reply(s, 12, max_len);
1621 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1624 ide_atapi_cmd_reply(s, len, max_len);
1628 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1629 ASC_INV_FIELD_IN_CMD_PACKET);
1634 case GPCMD_READ_CDVD_CAPACITY:
1636 uint64_t total_sectors;
1638 bdrv_get_geometry(s->bs, &total_sectors);
1639 total_sectors >>= 2;
1640 if (total_sectors == 0) {
1641 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1642 ASC_MEDIUM_NOT_PRESENT);
1645 /* NOTE: it is really the number of sectors minus 1 */
1646 cpu_to_ube32(buf, total_sectors - 1);
1647 cpu_to_ube32(buf + 4, 2048);
1648 ide_atapi_cmd_reply(s, 8, 8);
1651 case GPCMD_READ_DVD_STRUCTURE:
1653 int media = packet[1];
1654 int layer = packet[6];
1655 int format = packet[2];
1656 uint64_t total_sectors;
1658 if (media != 0 || layer != 0)
1660 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1661 ASC_INV_FIELD_IN_CMD_PACKET);
1666 bdrv_get_geometry(s->bs, &total_sectors);
1667 total_sectors >>= 2;
1668 if (total_sectors == 0) {
1669 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1670 ASC_MEDIUM_NOT_PRESENT);
1674 memset(buf, 0, 2052);
1676 buf[4] = 1; // DVD-ROM, part version 1
1677 buf[5] = 0xf; // 120mm disc, maximum rate unspecified
1678 buf[6] = 0; // one layer, embossed data
1681 cpu_to_ube32(buf + 8, 0);
1682 cpu_to_ube32(buf + 12, total_sectors - 1);
1683 cpu_to_ube32(buf + 16, total_sectors - 1);
1685 cpu_to_be16wu((uint16_t *)buf, 2048 + 4);
1687 ide_atapi_cmd_reply(s, 2048 + 3, 2048 + 4);
1691 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1692 ASC_INV_FIELD_IN_CMD_PACKET);
1697 case GPCMD_SET_SPEED:
1698 ide_atapi_cmd_ok(s);
1701 max_len = packet[4];
1702 buf[0] = 0x05; /* CD-ROM */
1703 buf[1] = 0x80; /* removable */
1704 buf[2] = 0x00; /* ISO */
1705 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1706 buf[4] = 31; /* additional length */
1707 buf[5] = 0; /* reserved */
1708 buf[6] = 0; /* reserved */
1709 buf[7] = 0; /* reserved */
1710 padstr8(buf + 8, 8, "QEMU");
1711 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1712 padstr8(buf + 32, 4, QEMU_VERSION);
1713 ide_atapi_cmd_reply(s, 36, max_len);
1715 case GPCMD_GET_CONFIGURATION:
1719 /* only feature 0 is supported */
1720 if (packet[2] != 0 || packet[3] != 0) {
1721 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1722 ASC_INV_FIELD_IN_CMD_PACKET);
1726 /* XXX: could result in alignment problems in some architectures */
1727 max_len = ube16_to_cpu(packet + 7);
1729 * XXX: avoid overflow for io_buffer if max_len is bigger than the
1730 * size of that buffer (dimensioned to max number of sectors
1731 * to transfer at once)
1733 * Only a problem if the feature/profiles grow exponentially.
1735 if (max_len > 512) /* XXX: assume 1 sector */
1738 memset(buf, 0, max_len);
1740 * the number of sectors from the media tells us which profile
1741 * to use as current. 0 means there is no media
1743 * XXX: fails to detect correctly DVDs with less data burned
1744 * than what a CD can hold
1746 if ((s -> nb_sectors)) {
1747 if ((s -> nb_sectors > CD_MAX_SECTORS))
1748 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1750 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1753 len = 8; /* header completed */
1754 if (max_len > len) {
1757 buf[10] = 0x02 | 0x01; /* persistent and current */
1758 len += 4; /* header */
1759 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1760 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1762 cpu_to_ube32(buf, len - 4); /* data length */
1764 ide_atapi_cmd_reply(s, len, max_len);
1768 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1769 ASC_ILLEGAL_OPCODE);
1774 static void ide_cfata_metadata_inquiry(IDEState *s)
1779 p = (uint16_t *) s->io_buffer;
1780 memset(p, 0, 0x200);
1781 spd = ((s->mdata_size - 1) >> 9) + 1;
1783 put_le16(p + 0, 0x0001); /* Data format revision */
1784 put_le16(p + 1, 0x0000); /* Media property: silicon */
1785 put_le16(p + 2, s->media_changed); /* Media status */
1786 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1787 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1788 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1789 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1792 static void ide_cfata_metadata_read(IDEState *s)
1796 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1797 s->status = ERR_STAT;
1798 s->error = ABRT_ERR;
1802 p = (uint16_t *) s->io_buffer;
1803 memset(p, 0, 0x200);
1805 put_le16(p + 0, s->media_changed); /* Media status */
1806 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1807 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1808 s->nsector << 9), 0x200 - 2));
1811 static void ide_cfata_metadata_write(IDEState *s)
1813 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1814 s->status = ERR_STAT;
1815 s->error = ABRT_ERR;
1819 s->media_changed = 0;
1821 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1823 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1824 s->nsector << 9), 0x200 - 2));
1827 /* called when the inserted state of the media has changed */
1828 static void cdrom_change_cb(void *opaque)
1830 IDEState *s = opaque;
1831 uint64_t nb_sectors;
1833 /* XXX: send interrupt too */
1834 bdrv_get_geometry(s->bs, &nb_sectors);
1835 s->nb_sectors = nb_sectors;
1838 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1842 /* handle the 'magic' 0 nsector count conversion here. to avoid
1843 * fiddling with the rest of the read logic, we just store the
1844 * full sector count in ->nsector and ignore ->hob_nsector from now
1850 if (!s->nsector && !s->hob_nsector)
1853 int lo = s->nsector;
1854 int hi = s->hob_nsector;
1856 s->nsector = (hi << 8) | lo;
1861 static void ide_clear_hob(IDEState *ide_if)
1863 /* any write clears HOB high bit of device control register */
1864 ide_if[0].select &= ~(1 << 7);
1865 ide_if[1].select &= ~(1 << 7);
1868 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1870 IDEState *ide_if = opaque;
1876 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1884 ide_clear_hob(ide_if);
1885 /* NOTE: data is written to the two drives */
1886 ide_if[0].hob_feature = ide_if[0].feature;
1887 ide_if[1].hob_feature = ide_if[1].feature;
1888 ide_if[0].feature = val;
1889 ide_if[1].feature = val;
1892 ide_clear_hob(ide_if);
1893 ide_if[0].hob_nsector = ide_if[0].nsector;
1894 ide_if[1].hob_nsector = ide_if[1].nsector;
1895 ide_if[0].nsector = val;
1896 ide_if[1].nsector = val;
1899 ide_clear_hob(ide_if);
1900 ide_if[0].hob_sector = ide_if[0].sector;
1901 ide_if[1].hob_sector = ide_if[1].sector;
1902 ide_if[0].sector = val;
1903 ide_if[1].sector = val;
1906 ide_clear_hob(ide_if);
1907 ide_if[0].hob_lcyl = ide_if[0].lcyl;
1908 ide_if[1].hob_lcyl = ide_if[1].lcyl;
1909 ide_if[0].lcyl = val;
1910 ide_if[1].lcyl = val;
1913 ide_clear_hob(ide_if);
1914 ide_if[0].hob_hcyl = ide_if[0].hcyl;
1915 ide_if[1].hob_hcyl = ide_if[1].hcyl;
1916 ide_if[0].hcyl = val;
1917 ide_if[1].hcyl = val;
1920 /* FIXME: HOB readback uses bit 7 */
1921 ide_if[0].select = (val & ~0x10) | 0xa0;
1922 ide_if[1].select = (val | 0x10) | 0xa0;
1924 unit = (val >> 4) & 1;
1926 ide_if->cur_drive = s;
1931 #if defined(DEBUG_IDE)
1932 printf("ide: CMD=%02x\n", val);
1934 s = ide_if->cur_drive;
1935 /* ignore commands to non existant slave */
1936 if (s != ide_if && !s->bs)
1941 if (s->bs && !s->is_cdrom) {
1945 ide_cfata_identify(s);
1946 s->status = READY_STAT | SEEK_STAT;
1947 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1950 ide_set_signature(s);
1952 ide_abort_command(s);
1959 s->status = READY_STAT | SEEK_STAT;
1963 if (s->is_cf && s->nsector == 0) {
1964 /* Disable Read and Write Multiple */
1965 s->mult_sectors = 0;
1966 s->status = READY_STAT;
1967 } else if ((s->nsector & 0xff) != 0 &&
1968 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1969 (s->nsector & (s->nsector - 1)) != 0)) {
1970 ide_abort_command(s);
1972 s->mult_sectors = s->nsector & 0xff;
1973 s->status = READY_STAT;
1977 case WIN_VERIFY_EXT:
1980 case WIN_VERIFY_ONCE:
1981 /* do sector number check ? */
1982 ide_cmd_lba48_transform(s, lba48);
1983 s->status = READY_STAT;
1992 ide_cmd_lba48_transform(s, lba48);
1993 s->req_nb_sectors = 1;
1999 case WIN_WRITE_ONCE:
2000 case CFA_WRITE_SECT_WO_ERASE:
2001 case WIN_WRITE_VERIFY:
2002 ide_cmd_lba48_transform(s, lba48);
2004 s->status = SEEK_STAT | READY_STAT;
2005 s->req_nb_sectors = 1;
2006 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
2007 s->media_changed = 1;
2009 case WIN_MULTREAD_EXT:
2012 if (!s->mult_sectors)
2014 ide_cmd_lba48_transform(s, lba48);
2015 s->req_nb_sectors = s->mult_sectors;
2018 case WIN_MULTWRITE_EXT:
2021 case CFA_WRITE_MULTI_WO_ERASE:
2022 if (!s->mult_sectors)
2024 ide_cmd_lba48_transform(s, lba48);
2026 s->status = SEEK_STAT | READY_STAT;
2027 s->req_nb_sectors = s->mult_sectors;
2029 if (n > s->req_nb_sectors)
2030 n = s->req_nb_sectors;
2031 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
2032 s->media_changed = 1;
2034 case WIN_READDMA_EXT:
2037 case WIN_READDMA_ONCE:
2040 ide_cmd_lba48_transform(s, lba48);
2041 ide_sector_read_dma(s);
2043 case WIN_WRITEDMA_EXT:
2046 case WIN_WRITEDMA_ONCE:
2049 ide_cmd_lba48_transform(s, lba48);
2050 ide_sector_write_dma(s);
2051 s->media_changed = 1;
2053 case WIN_READ_NATIVE_MAX_EXT:
2055 case WIN_READ_NATIVE_MAX:
2056 ide_cmd_lba48_transform(s, lba48);
2057 ide_set_sector(s, s->nb_sectors - 1);
2058 s->status = READY_STAT;
2061 case WIN_CHECKPOWERMODE1:
2062 case WIN_CHECKPOWERMODE2:
2063 s->nsector = 0xff; /* device active or idle */
2064 s->status = READY_STAT;
2067 case WIN_SETFEATURES:
2070 /* XXX: valid for CDROM ? */
2071 switch(s->feature) {
2072 case 0xcc: /* reverting to power-on defaults enable */
2073 case 0x66: /* reverting to power-on defaults disable */
2074 case 0x02: /* write cache enable */
2075 case 0x82: /* write cache disable */
2076 case 0xaa: /* read look-ahead enable */
2077 case 0x55: /* read look-ahead disable */
2078 case 0x05: /* set advanced power management mode */
2079 case 0x85: /* disable advanced power management mode */
2080 case 0x69: /* NOP */
2081 case 0x67: /* NOP */
2082 case 0x96: /* NOP */
2083 case 0x9a: /* NOP */
2084 case 0x42: /* enable Automatic Acoustic Mode */
2085 case 0xc2: /* disable Automatic Acoustic Mode */
2086 s->status = READY_STAT | SEEK_STAT;
2089 case 0x03: { /* set transfer mode */
2090 uint8_t val = s->nsector & 0x07;
2092 switch (s->nsector >> 3) {
2093 case 0x00: /* pio default */
2094 case 0x01: /* pio mode */
2095 put_le16(s->identify_data + 63,0x07);
2096 put_le16(s->identify_data + 88,0x3f);
2098 case 0x04: /* mdma mode */
2099 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
2100 put_le16(s->identify_data + 88,0x3f);
2102 case 0x08: /* udma mode */
2103 put_le16(s->identify_data + 63,0x07);
2104 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
2109 s->status = READY_STAT | SEEK_STAT;
2117 case WIN_FLUSH_CACHE:
2118 case WIN_FLUSH_CACHE_EXT:
2121 s->status = READY_STAT;
2126 case WIN_STANDBYNOW1:
2127 case WIN_STANDBYNOW2:
2128 case WIN_IDLEIMMEDIATE:
2129 case CFA_IDLEIMMEDIATE:
2134 s->status = READY_STAT;
2137 /* ATAPI commands */
2140 ide_atapi_identify(s);
2141 s->status = READY_STAT | SEEK_STAT;
2142 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2144 ide_abort_command(s);
2149 ide_set_signature(s);
2150 s->status = READY_STAT;
2157 ide_set_signature(s);
2158 s->status = 0x00; /* NOTE: READY is _not_ set */
2164 /* overlapping commands not supported */
2165 if (s->feature & 0x02)
2167 s->status = READY_STAT;
2168 s->atapi_dma = s->feature & 1;
2170 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2173 /* CF-ATA commands */
2174 case CFA_REQ_EXT_ERROR_CODE:
2177 s->error = 0x09; /* miscellaneous error */
2178 s->status = READY_STAT;
2181 case CFA_ERASE_SECTORS:
2182 case CFA_WEAR_LEVEL:
2185 if (val == CFA_WEAR_LEVEL)
2187 if (val == CFA_ERASE_SECTORS)
2188 s->media_changed = 1;
2190 s->status = READY_STAT;
2193 case CFA_TRANSLATE_SECTOR:
2197 s->status = READY_STAT;
2198 memset(s->io_buffer, 0, 0x200);
2199 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2200 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2201 s->io_buffer[0x02] = s->select; /* Head */
2202 s->io_buffer[0x03] = s->sector; /* Sector */
2203 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2204 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2205 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2206 s->io_buffer[0x13] = 0x00; /* Erase flag */
2207 s->io_buffer[0x18] = 0x00; /* Hot count */
2208 s->io_buffer[0x19] = 0x00; /* Hot count */
2209 s->io_buffer[0x1a] = 0x01; /* Hot count */
2210 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2213 case CFA_ACCESS_METADATA_STORAGE:
2216 switch (s->feature) {
2217 case 0x02: /* Inquiry Metadata Storage */
2218 ide_cfata_metadata_inquiry(s);
2220 case 0x03: /* Read Metadata Storage */
2221 ide_cfata_metadata_read(s);
2223 case 0x04: /* Write Metadata Storage */
2224 ide_cfata_metadata_write(s);
2229 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2230 s->status = 0x00; /* NOTE: READY is _not_ set */
2233 case IBM_SENSE_CONDITION:
2236 switch (s->feature) {
2237 case 0x01: /* sense temperature in device */
2238 s->nsector = 0x50; /* +20 C */
2243 s->status = READY_STAT;
2248 ide_abort_command(s);
2255 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2257 IDEState *ide_if = opaque;
2258 IDEState *s = ide_if->cur_drive;
2263 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2264 //hob = s->select & (1 << 7);
2271 if (!ide_if[0].bs && !ide_if[1].bs)
2276 ret = s->hob_feature;
2279 if (!ide_if[0].bs && !ide_if[1].bs)
2282 ret = s->nsector & 0xff;
2284 ret = s->hob_nsector;
2287 if (!ide_if[0].bs && !ide_if[1].bs)
2292 ret = s->hob_sector;
2295 if (!ide_if[0].bs && !ide_if[1].bs)
2303 if (!ide_if[0].bs && !ide_if[1].bs)
2311 if (!ide_if[0].bs && !ide_if[1].bs)
2318 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2319 (s != ide_if && !s->bs))
2323 qemu_irq_lower(s->irq);
2327 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2332 static uint32_t ide_status_read(void *opaque, uint32_t addr)
2334 IDEState *ide_if = opaque;
2335 IDEState *s = ide_if->cur_drive;
2338 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2339 (s != ide_if && !s->bs))
2344 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2349 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2351 IDEState *ide_if = opaque;
2356 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2358 /* common for both drives */
2359 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2360 (val & IDE_CMD_RESET)) {
2361 /* reset low to high */
2362 for(i = 0;i < 2; i++) {
2364 s->status = BUSY_STAT | SEEK_STAT;
2367 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2368 !(val & IDE_CMD_RESET)) {
2370 for(i = 0;i < 2; i++) {
2373 s->status = 0x00; /* NOTE: READY is _not_ set */
2375 s->status = READY_STAT | SEEK_STAT;
2376 ide_set_signature(s);
2380 ide_if[0].cmd = val;
2381 ide_if[1].cmd = val;
2384 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2386 IDEState *s = ((IDEState *)opaque)->cur_drive;
2390 *(uint16_t *)p = le16_to_cpu(val);
2393 if (p >= s->data_end)
2394 s->end_transfer_func(s);
2397 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2399 IDEState *s = ((IDEState *)opaque)->cur_drive;
2403 ret = cpu_to_le16(*(uint16_t *)p);
2406 if (p >= s->data_end)
2407 s->end_transfer_func(s);
2411 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2413 IDEState *s = ((IDEState *)opaque)->cur_drive;
2417 *(uint32_t *)p = le32_to_cpu(val);
2420 if (p >= s->data_end)
2421 s->end_transfer_func(s);
2424 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2426 IDEState *s = ((IDEState *)opaque)->cur_drive;
2431 ret = cpu_to_le32(*(uint32_t *)p);
2434 if (p >= s->data_end)
2435 s->end_transfer_func(s);
2439 static void ide_dummy_transfer_stop(IDEState *s)
2441 s->data_ptr = s->io_buffer;
2442 s->data_end = s->io_buffer;
2443 s->io_buffer[0] = 0xff;
2444 s->io_buffer[1] = 0xff;
2445 s->io_buffer[2] = 0xff;
2446 s->io_buffer[3] = 0xff;
2449 static void ide_reset(IDEState *s)
2452 s->mult_sectors = 0;
2454 s->mult_sectors = MAX_MULT_SECTORS;
2457 s->status = READY_STAT;
2458 ide_set_signature(s);
2459 /* init the transfer handler so that 0xffff is returned on data
2461 s->end_transfer_func = ide_dummy_transfer_stop;
2462 ide_dummy_transfer_stop(s);
2463 s->media_changed = 0;
2467 uint8_t boot_ind; /* 0x80 - active */
2468 uint8_t head; /* starting head */
2469 uint8_t sector; /* starting sector */
2470 uint8_t cyl; /* starting cylinder */
2471 uint8_t sys_ind; /* What partition type */
2472 uint8_t end_head; /* end head */
2473 uint8_t end_sector; /* end sector */
2474 uint8_t end_cyl; /* end cylinder */
2475 uint32_t start_sect; /* starting sector counting from 0 */
2476 uint32_t nr_sects; /* nr of sectors in partition */
2477 } __attribute__((packed));
2479 /* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
2480 static int guess_disk_lchs(IDEState *s,
2481 int *pcylinders, int *pheads, int *psectors)
2483 uint8_t *buf = s->io_buffer;
2484 int ret, i, heads, sectors, cylinders;
2485 struct partition *p;
2488 ret = bdrv_read(s->bs, 0, buf, 1);
2492 /* test msdos magic */
2493 if (buf[510] != 0x55 || buf[511] != 0xaa) {
2496 for(i = 0; i < 4; i++) {
2497 p = ((struct partition *)(buf + 0x1be)) + i;
2498 nr_sects = le32_to_cpu(p->nr_sects);
2499 if (nr_sects && p->end_head) {
2500 /* We make the assumption that the partition terminates on
2501 a cylinder boundary */
2502 heads = p->end_head + 1;
2503 sectors = p->end_sector & 63;
2506 cylinders = s->nb_sectors / (heads * sectors);
2507 if (cylinders < 1 || cylinders > 16383)
2510 *psectors = sectors;
2511 *pcylinders = cylinders;
2513 printf("guessed geometry: LCHS=%d %d %d\n",
2514 cylinders, heads, sectors);
2522 static void ide_init2(IDEState *ide_state,
2523 BlockDriverState *hd0, BlockDriverState *hd1,
2527 static int drive_serial = 1;
2528 int i, cylinders, heads, secs, translation, lba_detected = 0;
2529 uint64_t nb_sectors;
2531 for(i = 0; i < 2; i++) {
2533 s->io_buffer = qemu_memalign(512, IDE_DMA_BUF_SECTORS*512 + 4);
2539 bdrv_get_geometry(s->bs, &nb_sectors);
2540 s->nb_sectors = nb_sectors;
2541 /* if a geometry hint is available, use it */
2542 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
2543 translation = bdrv_get_translation_hint(s->bs);
2544 if (cylinders != 0) {
2545 s->cylinders = cylinders;
2549 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
2551 /* if heads > 16, it means that a BIOS LBA
2552 translation was active, so the default
2553 hardware geometry is OK */
2555 goto default_geometry;
2557 s->cylinders = cylinders;
2560 /* disable any translation to be in sync with
2561 the logical geometry */
2562 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
2563 bdrv_set_translation_hint(s->bs,
2564 BIOS_ATA_TRANSLATION_NONE);
2569 /* if no geometry, use a standard physical disk geometry */
2570 cylinders = nb_sectors / (16 * 63);
2571 if (cylinders > 16383)
2573 else if (cylinders < 2)
2575 s->cylinders = cylinders;
2578 if ((lba_detected == 1) && (translation == BIOS_ATA_TRANSLATION_AUTO)) {
2579 if ((s->cylinders * s->heads) <= 131072) {
2580 bdrv_set_translation_hint(s->bs,
2581 BIOS_ATA_TRANSLATION_LARGE);
2583 bdrv_set_translation_hint(s->bs,
2584 BIOS_ATA_TRANSLATION_LBA);
2588 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
2590 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2592 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2595 s->drive_serial = drive_serial++;
2597 s->sector_write_timer = qemu_new_timer(vm_clock,
2598 ide_sector_write_timer_cb, s);
2603 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2605 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2606 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2608 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2609 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2613 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2614 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2615 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2616 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2619 /* save per IDE drive data */
2620 static void ide_save(QEMUFile* f, IDEState *s)
2622 qemu_put_be32(f, s->mult_sectors);
2623 qemu_put_be32(f, s->identify_set);
2624 if (s->identify_set) {
2625 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2627 qemu_put_8s(f, &s->feature);
2628 qemu_put_8s(f, &s->error);
2629 qemu_put_be32s(f, &s->nsector);
2630 qemu_put_8s(f, &s->sector);
2631 qemu_put_8s(f, &s->lcyl);
2632 qemu_put_8s(f, &s->hcyl);
2633 qemu_put_8s(f, &s->hob_feature);
2634 qemu_put_8s(f, &s->hob_nsector);
2635 qemu_put_8s(f, &s->hob_sector);
2636 qemu_put_8s(f, &s->hob_lcyl);
2637 qemu_put_8s(f, &s->hob_hcyl);
2638 qemu_put_8s(f, &s->select);
2639 qemu_put_8s(f, &s->status);
2640 qemu_put_8s(f, &s->lba48);
2642 qemu_put_8s(f, &s->sense_key);
2643 qemu_put_8s(f, &s->asc);
2644 /* XXX: if a transfer is pending, we do not save it yet */
2647 /* load per IDE drive data */
2648 static void ide_load(QEMUFile* f, IDEState *s)
2650 s->mult_sectors=qemu_get_be32(f);
2651 s->identify_set=qemu_get_be32(f);
2652 if (s->identify_set) {
2653 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2655 qemu_get_8s(f, &s->feature);
2656 qemu_get_8s(f, &s->error);
2657 qemu_get_be32s(f, &s->nsector);
2658 qemu_get_8s(f, &s->sector);
2659 qemu_get_8s(f, &s->lcyl);
2660 qemu_get_8s(f, &s->hcyl);
2661 qemu_get_8s(f, &s->hob_feature);
2662 qemu_get_8s(f, &s->hob_nsector);
2663 qemu_get_8s(f, &s->hob_sector);
2664 qemu_get_8s(f, &s->hob_lcyl);
2665 qemu_get_8s(f, &s->hob_hcyl);
2666 qemu_get_8s(f, &s->select);
2667 qemu_get_8s(f, &s->status);
2668 qemu_get_8s(f, &s->lba48);
2670 qemu_get_8s(f, &s->sense_key);
2671 qemu_get_8s(f, &s->asc);
2672 /* XXX: if a transfer is pending, we do not save it yet */
2675 /***********************************************************/
2676 /* ISA IDE definitions */
2678 void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
2679 BlockDriverState *hd0, BlockDriverState *hd1)
2681 IDEState *ide_state;
2683 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2687 ide_init2(ide_state, hd0, hd1, irq);
2688 ide_init_ioport(ide_state, iobase, iobase2);
2691 /***********************************************************/
2692 /* PCI IDE definitions */
2694 static void cmd646_update_irq(PCIIDEState *d);
2696 static void ide_map(PCIDevice *pci_dev, int region_num,
2697 uint32_t addr, uint32_t size, int type)
2699 PCIIDEState *d = (PCIIDEState *)pci_dev;
2700 IDEState *ide_state;
2702 if (region_num <= 3) {
2703 ide_state = &d->ide_if[(region_num >> 1) * 2];
2704 if (region_num & 1) {
2705 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2706 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2708 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2709 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2712 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2713 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2714 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2715 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2720 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2722 BMDMAState *bm = s->bmdma;
2726 bm->dma_cb = dma_cb;
2727 bm->cur_prd_last = 0;
2728 bm->cur_prd_addr = 0;
2729 bm->cur_prd_len = 0;
2730 if (bm->status & BM_STATUS_DMAING) {
2735 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2737 BMDMAState *bm = opaque;
2739 printf("%s: 0x%08x\n", __func__, val);
2741 if (!(val & BM_CMD_START)) {
2742 /* XXX: do it better */
2743 if (bm->status & BM_STATUS_DMAING) {
2744 bm->status &= ~BM_STATUS_DMAING;
2745 /* cancel DMA request */
2750 printf("aio_cancel\n");
2752 bdrv_aio_cancel(bm->aiocb);
2756 bm->cmd = val & 0x09;
2758 if (!(bm->status & BM_STATUS_DMAING)) {
2759 bm->status |= BM_STATUS_DMAING;
2760 /* start dma transfer if possible */
2764 bm->cmd = val & 0x09;
2768 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2770 BMDMAState *bm = opaque;
2771 PCIIDEState *pci_dev;
2779 pci_dev = bm->pci_dev;
2780 if (pci_dev->type == IDE_TYPE_CMD646) {
2781 val = pci_dev->dev.config[MRDMODE];
2790 pci_dev = bm->pci_dev;
2791 if (pci_dev->type == IDE_TYPE_CMD646) {
2792 if (bm == &pci_dev->bmdma[0])
2793 val = pci_dev->dev.config[UDIDETCR0];
2795 val = pci_dev->dev.config[UDIDETCR1];
2805 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2810 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2812 BMDMAState *bm = opaque;
2813 PCIIDEState *pci_dev;
2815 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
2819 pci_dev = bm->pci_dev;
2820 if (pci_dev->type == IDE_TYPE_CMD646) {
2821 pci_dev->dev.config[MRDMODE] =
2822 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2823 cmd646_update_irq(pci_dev);
2827 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2830 pci_dev = bm->pci_dev;
2831 if (pci_dev->type == IDE_TYPE_CMD646) {
2832 if (bm == &pci_dev->bmdma[0])
2833 pci_dev->dev.config[UDIDETCR0] = val;
2835 pci_dev->dev.config[UDIDETCR1] = val;
2841 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2843 BMDMAState *bm = opaque;
2847 printf("%s: 0x%08x\n", __func__, val);
2852 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2854 BMDMAState *bm = opaque;
2856 printf("%s: 0x%08x\n", __func__, val);
2858 bm->addr = val & ~3;
2859 bm->cur_addr = bm->addr;
2862 static void bmdma_map(PCIDevice *pci_dev, int region_num,
2863 uint32_t addr, uint32_t size, int type)
2865 PCIIDEState *d = (PCIIDEState *)pci_dev;
2868 for(i = 0;i < 2; i++) {
2869 BMDMAState *bm = &d->bmdma[i];
2870 d->ide_if[2 * i].bmdma = bm;
2871 d->ide_if[2 * i + 1].bmdma = bm;
2872 bm->pci_dev = (PCIIDEState *)pci_dev;
2874 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2876 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
2877 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
2879 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2880 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2885 /* XXX: call it also when the MRDMODE is changed from the PCI config
2887 static void cmd646_update_irq(PCIIDEState *d)
2890 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
2891 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
2892 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
2893 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
2894 qemu_set_irq(d->dev.irq[0], pci_level);
2897 /* the PCI irq level is the logical OR of the two channels */
2898 static void cmd646_set_irq(void *opaque, int channel, int level)
2900 PCIIDEState *d = opaque;
2903 irq_mask = MRDMODE_INTR_CH0 << channel;
2905 d->dev.config[MRDMODE] |= irq_mask;
2907 d->dev.config[MRDMODE] &= ~irq_mask;
2908 cmd646_update_irq(d);
2911 /* CMD646 PCI IDE controller */
2912 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
2913 int secondary_ide_enabled)
2920 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
2921 sizeof(PCIIDEState),
2924 d->type = IDE_TYPE_CMD646;
2925 pci_conf = d->dev.config;
2926 pci_conf[0x00] = 0x95; // CMD646
2927 pci_conf[0x01] = 0x10;
2928 pci_conf[0x02] = 0x46;
2929 pci_conf[0x03] = 0x06;
2931 pci_conf[0x08] = 0x07; // IDE controller revision
2932 pci_conf[0x09] = 0x8f;
2934 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2935 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2936 pci_conf[0x0e] = 0x00; // header_type
2938 if (secondary_ide_enabled) {
2939 /* XXX: if not enabled, really disable the seconday IDE controller */
2940 pci_conf[0x51] = 0x80; /* enable IDE1 */
2943 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2944 PCI_ADDRESS_SPACE_IO, ide_map);
2945 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2946 PCI_ADDRESS_SPACE_IO, ide_map);
2947 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2948 PCI_ADDRESS_SPACE_IO, ide_map);
2949 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2950 PCI_ADDRESS_SPACE_IO, ide_map);
2951 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2952 PCI_ADDRESS_SPACE_IO, bmdma_map);
2954 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2956 for(i = 0; i < 4; i++)
2957 d->ide_if[i].pci_dev = (PCIDevice *)d;
2959 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
2960 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
2961 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
2964 static void pci_ide_save(QEMUFile* f, void *opaque)
2966 PCIIDEState *d = opaque;
2969 pci_device_save(&d->dev, f);
2971 for(i = 0; i < 2; i++) {
2972 BMDMAState *bm = &d->bmdma[i];
2973 qemu_put_8s(f, &bm->cmd);
2974 qemu_put_8s(f, &bm->status);
2975 qemu_put_be32s(f, &bm->addr);
2976 /* XXX: if a transfer is pending, we do not save it yet */
2979 /* per IDE interface data */
2980 for(i = 0; i < 2; i++) {
2981 IDEState *s = &d->ide_if[i * 2];
2982 uint8_t drive1_selected;
2983 qemu_put_8s(f, &s->cmd);
2984 drive1_selected = (s->cur_drive != s);
2985 qemu_put_8s(f, &drive1_selected);
2988 /* per IDE drive data */
2989 for(i = 0; i < 4; i++) {
2990 ide_save(f, &d->ide_if[i]);
2994 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
2996 PCIIDEState *d = opaque;
2999 if (version_id != 1)
3001 ret = pci_device_load(&d->dev, f);
3005 for(i = 0; i < 2; i++) {
3006 BMDMAState *bm = &d->bmdma[i];
3007 qemu_get_8s(f, &bm->cmd);
3008 qemu_get_8s(f, &bm->status);
3009 qemu_get_be32s(f, &bm->addr);
3010 /* XXX: if a transfer is pending, we do not save it yet */
3013 /* per IDE interface data */
3014 for(i = 0; i < 2; i++) {
3015 IDEState *s = &d->ide_if[i * 2];
3016 uint8_t drive1_selected;
3017 qemu_get_8s(f, &s->cmd);
3018 qemu_get_8s(f, &drive1_selected);
3019 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
3022 /* per IDE drive data */
3023 for(i = 0; i < 4; i++) {
3024 ide_load(f, &d->ide_if[i]);
3029 static void piix3_reset(PCIIDEState *d)
3031 uint8_t *pci_conf = d->dev.config;
3033 pci_conf[0x04] = 0x00;
3034 pci_conf[0x05] = 0x00;
3035 pci_conf[0x06] = 0x80; /* FBC */
3036 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
3037 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
3040 /* hd_table must contain 4 block drivers */
3041 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
3042 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3048 /* register a function 1 of PIIX3 */
3049 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
3050 sizeof(PCIIDEState),
3053 d->type = IDE_TYPE_PIIX3;
3055 pci_conf = d->dev.config;
3056 pci_conf[0x00] = 0x86; // Intel
3057 pci_conf[0x01] = 0x80;
3058 pci_conf[0x02] = 0x10;
3059 pci_conf[0x03] = 0x70;
3060 pci_conf[0x09] = 0x80; // legacy ATA mode
3061 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3062 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3063 pci_conf[0x0e] = 0x00; // header_type
3067 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3068 PCI_ADDRESS_SPACE_IO, bmdma_map);
3070 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3071 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3072 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3073 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3075 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3078 /* hd_table must contain 4 block drivers */
3079 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3080 void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3086 /* register a function 1 of PIIX4 */
3087 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
3088 sizeof(PCIIDEState),
3091 d->type = IDE_TYPE_PIIX4;
3093 pci_conf = d->dev.config;
3094 pci_conf[0x00] = 0x86; // Intel
3095 pci_conf[0x01] = 0x80;
3096 pci_conf[0x02] = 0x11;
3097 pci_conf[0x03] = 0x71;
3098 pci_conf[0x09] = 0x80; // legacy ATA mode
3099 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3100 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3101 pci_conf[0x0e] = 0x00; // header_type
3105 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3106 PCI_ADDRESS_SPACE_IO, bmdma_map);
3108 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3109 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3110 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3111 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3113 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3116 /***********************************************************/
3117 /* MacIO based PowerPC IDE */
3119 /* PowerMac IDE memory IO */
3120 static void pmac_ide_writeb (void *opaque,
3121 target_phys_addr_t addr, uint32_t val)
3123 addr = (addr & 0xFFF) >> 4;
3126 ide_ioport_write(opaque, addr, val);
3130 ide_cmd_write(opaque, 0, val);
3137 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3141 addr = (addr & 0xFFF) >> 4;
3144 retval = ide_ioport_read(opaque, addr);
3148 retval = ide_status_read(opaque, 0);
3157 static void pmac_ide_writew (void *opaque,
3158 target_phys_addr_t addr, uint32_t val)
3160 addr = (addr & 0xFFF) >> 4;
3161 #ifdef TARGET_WORDS_BIGENDIAN
3165 ide_data_writew(opaque, 0, val);
3169 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3173 addr = (addr & 0xFFF) >> 4;
3175 retval = ide_data_readw(opaque, 0);
3179 #ifdef TARGET_WORDS_BIGENDIAN
3180 retval = bswap16(retval);
3185 static void pmac_ide_writel (void *opaque,
3186 target_phys_addr_t addr, uint32_t val)
3188 addr = (addr & 0xFFF) >> 4;
3189 #ifdef TARGET_WORDS_BIGENDIAN
3193 ide_data_writel(opaque, 0, val);
3197 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3201 addr = (addr & 0xFFF) >> 4;
3203 retval = ide_data_readl(opaque, 0);
3205 retval = 0xFFFFFFFF;
3207 #ifdef TARGET_WORDS_BIGENDIAN
3208 retval = bswap32(retval);
3213 static CPUWriteMemoryFunc *pmac_ide_write[] = {
3219 static CPUReadMemoryFunc *pmac_ide_read[] = {
3225 /* hd_table must contain 4 block drivers */
3226 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3227 I/O index to access the ide. */
3228 int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
3231 int pmac_ide_memory;
3233 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
3234 ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3236 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3237 pmac_ide_write, &ide_if[0]);
3238 return pmac_ide_memory;
3241 /***********************************************************/
3242 /* CF-ATA Microdrive */
3244 #define METADATA_SIZE 0x20
3246 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3249 struct pcmcia_card_s card;
3263 /* Register bitfields */
3266 OPT_MODE_IOMAP16 = 1,
3267 OPT_MODE_IOMAP1 = 2,
3268 OPT_MODE_IOMAP2 = 3,
3279 STAT_CHANGED = 0x80,
3290 static inline void md_interrupt_update(struct md_s *s)
3295 qemu_set_irq(s->card.slot->irq,
3296 !(s->stat & STAT_INT) && /* Inverted */
3297 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3298 !(s->opt & OPT_SRESET));
3301 static void md_set_irq(void *opaque, int irq, int level)
3303 struct md_s *s = (struct md_s *) opaque;
3305 s->stat |= STAT_INT;
3307 s->stat &= ~STAT_INT;
3309 md_interrupt_update(s);
3312 static void md_reset(struct md_s *s)
3314 s->opt = OPT_MODE_MMAP;
3322 static uint8_t md_attr_read(void *opaque, uint32_t at)
3324 struct md_s *s = (struct md_s *) opaque;
3325 if (at < s->attr_base) {
3326 if (at < s->card.cis_len)
3327 return s->card.cis[at];
3335 case 0x00: /* Configuration Option Register */
3337 case 0x02: /* Card Configuration Status Register */
3338 if (s->ctrl & CTRL_IEN)
3339 return s->stat & ~STAT_INT;
3342 case 0x04: /* Pin Replacement Register */
3343 return (s->pins & PINS_CRDY) | 0x0c;
3344 case 0x06: /* Socket and Copy Register */
3348 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3355 static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
3357 struct md_s *s = (struct md_s *) opaque;
3361 case 0x00: /* Configuration Option Register */
3362 s->opt = value & 0xcf;
3363 if (value & OPT_SRESET)
3365 md_interrupt_update(s);
3367 case 0x02: /* Card Configuration Status Register */
3368 if ((s->stat ^ value) & STAT_PWRDWN)
3369 s->pins |= PINS_CRDY;
3371 s->stat |= value & 0x74;
3372 md_interrupt_update(s);
3373 /* Word 170 in Identify Device must be equal to STAT_XE */
3375 case 0x04: /* Pin Replacement Register */
3376 s->pins &= PINS_CRDY;
3377 s->pins |= value & PINS_MRDY;
3379 case 0x06: /* Socket and Copy Register */
3382 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3386 static uint16_t md_common_read(void *opaque, uint32_t at)
3388 struct md_s *s = (struct md_s *) opaque;
3392 switch (s->opt & OPT_MODE) {
3394 if ((at & ~0x3ff) == 0x400)
3397 case OPT_MODE_IOMAP16:
3400 case OPT_MODE_IOMAP1:
3401 if ((at & ~0xf) == 0x3f0)
3403 else if ((at & ~0xf) == 0x1f0)
3406 case OPT_MODE_IOMAP2:
3407 if ((at & ~0xf) == 0x370)
3409 else if ((at & ~0xf) == 0x170)
3414 case 0x0: /* Even RD Data */
3416 return ide_data_readw(s->ide, 0);
3418 /* TODO: 8-bit accesses */
3422 s->io = ide_data_readw(s->ide, 0);
3425 s->cycle = !s->cycle;
3427 case 0x9: /* Odd RD Data */
3429 case 0xd: /* Error */
3430 return ide_ioport_read(s->ide, 0x1);
3431 case 0xe: /* Alternate Status */
3432 if (s->ide->cur_drive->bs)
3433 return s->ide->cur_drive->status;
3436 case 0xf: /* Device Address */
3437 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
3439 return ide_ioport_read(s->ide, at);
3445 static void md_common_write(void *opaque, uint32_t at, uint16_t value)
3447 struct md_s *s = (struct md_s *) opaque;
3450 switch (s->opt & OPT_MODE) {
3452 if ((at & ~0x3ff) == 0x400)
3455 case OPT_MODE_IOMAP16:
3458 case OPT_MODE_IOMAP1:
3459 if ((at & ~0xf) == 0x3f0)
3461 else if ((at & ~0xf) == 0x1f0)
3464 case OPT_MODE_IOMAP2:
3465 if ((at & ~0xf) == 0x370)
3467 else if ((at & ~0xf) == 0x170)
3472 case 0x0: /* Even WR Data */
3474 ide_data_writew(s->ide, 0, value);
3477 /* TODO: 8-bit accesses */
3479 ide_data_writew(s->ide, 0, s->io | (value << 8));
3481 s->io = value & 0xff;
3482 s->cycle = !s->cycle;
3485 s->io = value & 0xff;
3486 s->cycle = !s->cycle;
3488 case 0xd: /* Features */
3489 ide_ioport_write(s->ide, 0x1, value);
3491 case 0xe: /* Device Control */
3493 if (value & CTRL_SRST)
3495 md_interrupt_update(s);
3498 if (s->stat & STAT_PWRDWN) {
3499 s->pins |= PINS_CRDY;
3500 s->stat &= ~STAT_PWRDWN;
3502 ide_ioport_write(s->ide, at, value);
3506 static void md_save(QEMUFile *f, void *opaque)
3508 struct md_s *s = (struct md_s *) opaque;
3510 uint8_t drive1_selected;
3512 qemu_put_8s(f, &s->opt);
3513 qemu_put_8s(f, &s->stat);
3514 qemu_put_8s(f, &s->pins);
3516 qemu_put_8s(f, &s->ctrl);
3517 qemu_put_be16s(f, &s->io);
3518 qemu_put_byte(f, s->cycle);
3520 drive1_selected = (s->ide->cur_drive != s->ide);
3521 qemu_put_8s(f, &s->ide->cmd);
3522 qemu_put_8s(f, &drive1_selected);
3524 for (i = 0; i < 2; i ++)
3525 ide_save(f, &s->ide[i]);
3528 static int md_load(QEMUFile *f, void *opaque, int version_id)
3530 struct md_s *s = (struct md_s *) opaque;
3532 uint8_t drive1_selected;
3534 qemu_get_8s(f, &s->opt);
3535 qemu_get_8s(f, &s->stat);
3536 qemu_get_8s(f, &s->pins);
3538 qemu_get_8s(f, &s->ctrl);
3539 qemu_get_be16s(f, &s->io);
3540 s->cycle = qemu_get_byte(f);
3542 qemu_get_8s(f, &s->ide->cmd);
3543 qemu_get_8s(f, &drive1_selected);
3544 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3546 for (i = 0; i < 2; i ++)
3547 ide_load(f, &s->ide[i]);
3552 static int md_iid = 0;
3554 static const uint8_t dscm1xxxx_cis[0x14a] = {
3555 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3556 [0x002] = 0x03, /* Tuple length = 4 bytes */
3557 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3558 [0x006] = 0x01, /* Size = 2K bytes */
3559 [0x008] = CISTPL_ENDMARK,
3561 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3562 [0x00c] = 0x04, /* Tuple length = 4 byest */
3563 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3564 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3565 [0x012] = 0x01, /* Size = 2K bytes */
3566 [0x014] = CISTPL_ENDMARK,
3568 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3569 [0x018] = 0x02, /* Tuple length = 2 bytes */
3570 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3573 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3574 [0x020] = 0x04, /* Tuple length = 4 bytes */
3575 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3577 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3580 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3581 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3582 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3583 [0x030] = 0x01, /* Minor Version = 1 */
3599 [0x050] = CISTPL_ENDMARK,
3601 [0x052] = CISTPL_FUNCID, /* Function ID */
3602 [0x054] = 0x02, /* Tuple length = 2 bytes */
3603 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3604 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3606 [0x05a] = CISTPL_FUNCE, /* Function Extension */
3607 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3608 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3609 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3611 [0x062] = CISTPL_FUNCE, /* Function Extension */
3612 [0x064] = 0x03, /* Tuple length = 3 bytes */
3613 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3614 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3615 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3617 [0x06c] = CISTPL_CONFIG, /* Configuration */
3618 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3619 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3620 [0x072] = 0x07, /* TPCC_LAST = 7 */
3621 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3623 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3625 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3626 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3627 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3628 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3629 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3630 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3631 [0x086] = 0x55, /* NomV: 5.0 V */
3632 [0x088] = 0x4d, /* MinV: 4.5 V */
3633 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3634 [0x08c] = 0x4e, /* Peakl: 450 mA */
3635 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3636 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3637 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3639 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3640 [0x096] = 0x06, /* Tuple length = 6 bytes */
3641 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3642 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3643 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3644 [0x09e] = 0xb5, /* NomV: 3.3 V */
3646 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3648 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3649 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3650 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3651 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3652 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3653 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3654 [0x0b0] = 0x55, /* NomV: 5.0 V */
3655 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3656 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3657 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3658 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3659 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3660 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3661 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3662 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3664 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3665 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3666 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3667 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3668 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3669 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3671 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3673 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3674 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3675 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3676 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3677 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3678 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3679 [0x0de] = 0x55, /* NomV: 5.0 V */
3680 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3681 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3682 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3683 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3684 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3685 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3687 [0x0ee] = 0x07, /* Address block length = 8 */
3688 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3690 [0x0f4] = 0x01, /* Address block length = 2 */
3691 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3692 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3694 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3695 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3696 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3697 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3698 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3699 [0x104] = 0xb5, /* NomV: 3.3 V */
3701 [0x108] = 0x3e, /* Peakl: 350 mA */
3703 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3704 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3705 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3706 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3707 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3708 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3709 [0x116] = 0x55, /* NomV: 5.0 V */
3710 [0x118] = 0x4d, /* MinV: 4.5 V */
3711 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3712 [0x11c] = 0x4e, /* Peakl: 450 mA */
3713 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3714 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3715 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3717 [0x126] = 0x07, /* Address block length = 8 */
3718 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3720 [0x12c] = 0x01, /* Address block length = 2 */
3721 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3722 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3724 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3725 [0x134] = 0x06, /* Tuple length = 6 bytes */
3726 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3727 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3728 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3729 [0x13c] = 0xb5, /* NomV: 3.3 V */
3731 [0x140] = 0x3e, /* Peakl: 350 mA */
3733 [0x142] = CISTPL_NO_LINK, /* No Link */
3734 [0x144] = 0x00, /* Tuple length = 0 bytes */
3736 [0x146] = CISTPL_END, /* Tuple End */
3739 static int dscm1xxxx_attach(void *opaque)
3741 struct md_s *md = (struct md_s *) opaque;
3742 md->card.attr_read = md_attr_read;
3743 md->card.attr_write = md_attr_write;
3744 md->card.common_read = md_common_read;
3745 md->card.common_write = md_common_write;
3746 md->card.io_read = md_common_read;
3747 md->card.io_write = md_common_write;
3749 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
3753 md_interrupt_update(md);
3755 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
3759 static int dscm1xxxx_detach(void *opaque)
3761 struct md_s *md = (struct md_s *) opaque;
3766 struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
3768 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
3769 md->card.state = md;
3770 md->card.attach = dscm1xxxx_attach;
3771 md->card.detach = dscm1xxxx_detach;
3772 md->card.cis = dscm1xxxx_cis;
3773 md->card.cis_len = sizeof(dscm1xxxx_cis);
3775 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
3777 md->ide->mdata_size = METADATA_SIZE;
3778 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
3780 register_savevm("microdrive", md_iid ++, 0, md_save, md_load, md);
projects / qemu.git / blob