ia64/xen-unstable

view tools/ioemu/hw/ide.c @ 8112:3c687c6905e7

Fix a race condition for multi-thread qemu dma, where vmx linux guests
show warning "dma interrupt lost" and dma becomes very slow.

root cause: In the time between set ide irq and set dma status, if guest
receive the irq and query the status, it will find the status is not
ready and therefore treat it as pseudo interrupt. Change the order of
set irq and set dma status fixes this issue.

Signed-off-by: Ke Yu <ke.yu@intel.com>
author kaf24@firebug.cl.cam.ac.uk
date Tue Nov 29 11:38:53 2005 +0100 (2005-11-29)
parents 602f7fc3e1b1
children 034af52f0df7
line source
1 /*
2 * QEMU IDE disk and CD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24 #include "vl.h"
25 #include <pthread.h>
27 /* debug IDE devices */
28 //#define DEBUG_IDE
29 //#define DEBUG_IDE_ATAPI
31 /* Bits of HD_STATUS */
32 #define ERR_STAT 0x01
33 #define INDEX_STAT 0x02
34 #define ECC_STAT 0x04 /* Corrected error */
35 #define DRQ_STAT 0x08
36 #define SEEK_STAT 0x10
37 #define SRV_STAT 0x10
38 #define WRERR_STAT 0x20
39 #define READY_STAT 0x40
40 #define BUSY_STAT 0x80
42 /* Bits for HD_ERROR */
43 #define MARK_ERR 0x01 /* Bad address mark */
44 #define TRK0_ERR 0x02 /* couldn't find track 0 */
45 #define ABRT_ERR 0x04 /* Command aborted */
46 #define MCR_ERR 0x08 /* media change request */
47 #define ID_ERR 0x10 /* ID field not found */
48 #define MC_ERR 0x20 /* media changed */
49 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
50 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
51 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
53 /* Bits of HD_NSECTOR */
54 #define CD 0x01
55 #define IO 0x02
56 #define REL 0x04
57 #define TAG_MASK 0xf8
59 #define IDE_CMD_RESET 0x04
60 #define IDE_CMD_DISABLE_IRQ 0x02
62 /* ATA/ATAPI Commands pre T13 Spec */
63 #define WIN_NOP 0x00
64 /*
65 * 0x01->0x02 Reserved
66 */
67 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
68 /*
69 * 0x04->0x07 Reserved
70 */
71 #define WIN_SRST 0x08 /* ATAPI soft reset command */
72 #define WIN_DEVICE_RESET 0x08
73 /*
74 * 0x09->0x0F Reserved
75 */
76 #define WIN_RECAL 0x10
77 #define WIN_RESTORE WIN_RECAL
78 /*
79 * 0x10->0x1F Reserved
80 */
81 #define WIN_READ 0x20 /* 28-Bit */
82 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
83 #define WIN_READ_LONG 0x22 /* 28-Bit */
84 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
85 #define WIN_READ_EXT 0x24 /* 48-Bit */
86 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
87 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
88 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
89 /*
90 * 0x28
91 */
92 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
93 /*
94 * 0x2A->0x2F Reserved
95 */
96 #define WIN_WRITE 0x30 /* 28-Bit */
97 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
98 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
99 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
100 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
101 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
102 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
103 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
104 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
105 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
106 /*
107 * 0x3A->0x3B Reserved
108 */
109 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
110 /*
111 * 0x3D->0x3F Reserved
112 */
113 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
114 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
115 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
116 /*
117 * 0x43->0x4F Reserved
118 */
119 #define WIN_FORMAT 0x50
120 /*
121 * 0x51->0x5F Reserved
122 */
123 #define WIN_INIT 0x60
124 /*
125 * 0x61->0x5F Reserved
126 */
127 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
128 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
129 #define WIN_DIAGNOSE 0x90
130 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
131 #define WIN_DOWNLOAD_MICROCODE 0x92
132 #define WIN_STANDBYNOW2 0x94
133 #define WIN_STANDBY2 0x96
134 #define WIN_SETIDLE2 0x97
135 #define WIN_CHECKPOWERMODE2 0x98
136 #define WIN_SLEEPNOW2 0x99
137 /*
138 * 0x9A VENDOR
139 */
140 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
141 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
142 #define WIN_QUEUED_SERVICE 0xA2
143 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
144 #define CFA_ERASE_SECTORS 0xC0
145 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
146 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
147 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
148 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
149 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
150 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
151 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
152 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
153 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
154 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
155 #define WIN_GETMEDIASTATUS 0xDA
156 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
157 #define WIN_POSTBOOT 0xDC
158 #define WIN_PREBOOT 0xDD
159 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
160 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
161 #define WIN_STANDBYNOW1 0xE0
162 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
163 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
164 #define WIN_SETIDLE1 0xE3
165 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
166 #define WIN_CHECKPOWERMODE1 0xE5
167 #define WIN_SLEEPNOW1 0xE6
168 #define WIN_FLUSH_CACHE 0xE7
169 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
170 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
171 /* SET_FEATURES 0x22 or 0xDD */
172 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
173 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
174 #define WIN_MEDIAEJECT 0xED
175 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
176 #define WIN_SETFEATURES 0xEF /* set special drive features */
177 #define EXABYTE_ENABLE_NEST 0xF0
178 #define WIN_SECURITY_SET_PASS 0xF1
179 #define WIN_SECURITY_UNLOCK 0xF2
180 #define WIN_SECURITY_ERASE_PREPARE 0xF3
181 #define WIN_SECURITY_ERASE_UNIT 0xF4
182 #define WIN_SECURITY_FREEZE_LOCK 0xF5
183 #define WIN_SECURITY_DISABLE 0xF6
184 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
185 #define WIN_SET_MAX 0xF9
186 #define DISABLE_SEAGATE 0xFB
188 /* set to 1 set disable mult support */
189 #define MAX_MULT_SECTORS 16
191 /* ATAPI defines */
193 #define ATAPI_PACKET_SIZE 12
195 /* The generic packet command opcodes for CD/DVD Logical Units,
196 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
197 #define GPCMD_BLANK 0xa1
198 #define GPCMD_CLOSE_TRACK 0x5b
199 #define GPCMD_FLUSH_CACHE 0x35
200 #define GPCMD_FORMAT_UNIT 0x04
201 #define GPCMD_GET_CONFIGURATION 0x46
202 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
203 #define GPCMD_GET_PERFORMANCE 0xac
204 #define GPCMD_INQUIRY 0x12
205 #define GPCMD_LOAD_UNLOAD 0xa6
206 #define GPCMD_MECHANISM_STATUS 0xbd
207 #define GPCMD_MODE_SELECT_10 0x55
208 #define GPCMD_MODE_SENSE_10 0x5a
209 #define GPCMD_PAUSE_RESUME 0x4b
210 #define GPCMD_PLAY_AUDIO_10 0x45
211 #define GPCMD_PLAY_AUDIO_MSF 0x47
212 #define GPCMD_PLAY_AUDIO_TI 0x48
213 #define GPCMD_PLAY_CD 0xbc
214 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
215 #define GPCMD_READ_10 0x28
216 #define GPCMD_READ_12 0xa8
217 #define GPCMD_READ_CDVD_CAPACITY 0x25
218 #define GPCMD_READ_CD 0xbe
219 #define GPCMD_READ_CD_MSF 0xb9
220 #define GPCMD_READ_DISC_INFO 0x51
221 #define GPCMD_READ_DVD_STRUCTURE 0xad
222 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
223 #define GPCMD_READ_HEADER 0x44
224 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
225 #define GPCMD_READ_SUBCHANNEL 0x42
226 #define GPCMD_READ_TOC_PMA_ATIP 0x43
227 #define GPCMD_REPAIR_RZONE_TRACK 0x58
228 #define GPCMD_REPORT_KEY 0xa4
229 #define GPCMD_REQUEST_SENSE 0x03
230 #define GPCMD_RESERVE_RZONE_TRACK 0x53
231 #define GPCMD_SCAN 0xba
232 #define GPCMD_SEEK 0x2b
233 #define GPCMD_SEND_DVD_STRUCTURE 0xad
234 #define GPCMD_SEND_EVENT 0xa2
235 #define GPCMD_SEND_KEY 0xa3
236 #define GPCMD_SEND_OPC 0x54
237 #define GPCMD_SET_READ_AHEAD 0xa7
238 #define GPCMD_SET_STREAMING 0xb6
239 #define GPCMD_START_STOP_UNIT 0x1b
240 #define GPCMD_STOP_PLAY_SCAN 0x4e
241 #define GPCMD_TEST_UNIT_READY 0x00
242 #define GPCMD_VERIFY_10 0x2f
243 #define GPCMD_WRITE_10 0x2a
244 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
245 /* This is listed as optional in ATAPI 2.6, but is (curiously)
246 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
247 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
248 * drives support it. */
249 #define GPCMD_SET_SPEED 0xbb
250 /* This seems to be a SCSI specific CD-ROM opcode
251 * to play data at track/index */
252 #define GPCMD_PLAYAUDIO_TI 0x48
253 /*
254 * From MS Media Status Notification Support Specification. For
255 * older drives only.
256 */
257 #define GPCMD_GET_MEDIA_STATUS 0xda
259 /* Mode page codes for mode sense/set */
260 #define GPMODE_R_W_ERROR_PAGE 0x01
261 #define GPMODE_WRITE_PARMS_PAGE 0x05
262 #define GPMODE_AUDIO_CTL_PAGE 0x0e
263 #define GPMODE_POWER_PAGE 0x1a
264 #define GPMODE_FAULT_FAIL_PAGE 0x1c
265 #define GPMODE_TO_PROTECT_PAGE 0x1d
266 #define GPMODE_CAPABILITIES_PAGE 0x2a
267 #define GPMODE_ALL_PAGES 0x3f
268 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
269 * of MODE_SENSE_POWER_PAGE */
270 #define GPMODE_CDROM_PAGE 0x0d
272 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
273 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
274 #define ATAPI_INT_REASON_REL 0x04
275 #define ATAPI_INT_REASON_TAG 0xf8
277 /* same constants as bochs */
278 #define ASC_ILLEGAL_OPCODE 0x20
279 #define ASC_LOGICAL_BLOCK_OOR 0x21
280 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
281 #define ASC_MEDIUM_NOT_PRESENT 0x3a
282 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
284 #define SENSE_NONE 0
285 #define SENSE_NOT_READY 2
286 #define SENSE_ILLEGAL_REQUEST 5
287 #define SENSE_UNIT_ATTENTION 6
289 struct IDEState;
291 typedef void EndTransferFunc(struct IDEState *);
293 /* NOTE: IDEState represents in fact one drive */
294 typedef struct IDEState {
295 /* ide config */
296 int is_cdrom;
297 int cylinders, heads, sectors;
298 int64_t nb_sectors;
299 int mult_sectors;
300 int irq;
301 openpic_t *openpic;
302 PCIDevice *pci_dev;
303 struct BMDMAState *bmdma;
304 int drive_serial;
305 /* ide regs */
306 uint8_t feature;
307 uint8_t error;
308 uint16_t nsector; /* 0 is 256 to ease computations */
309 uint8_t sector;
310 uint8_t lcyl;
311 uint8_t hcyl;
312 uint8_t select;
313 uint8_t status;
314 /* 0x3f6 command, only meaningful for drive 0 */
315 uint8_t cmd;
316 /* depends on bit 4 in select, only meaningful for drive 0 */
317 struct IDEState *cur_drive;
318 BlockDriverState *bs;
319 /* ATAPI specific */
320 uint8_t sense_key;
321 uint8_t asc;
322 int packet_transfer_size;
323 int elementary_transfer_size;
324 int io_buffer_index;
325 int lba;
326 int cd_sector_size;
327 int atapi_dma; /* true if dma is requested for the packet cmd */
328 /* ATA DMA state */
329 int io_buffer_size;
330 /* PIO transfer handling */
331 int req_nb_sectors; /* number of sectors per interrupt */
332 EndTransferFunc *end_transfer_func;
333 uint8_t *data_ptr;
334 uint8_t *data_end;
335 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
336 } IDEState;
338 #define BM_STATUS_DMAING 0x01
339 #define BM_STATUS_ERROR 0x02
340 #define BM_STATUS_INT 0x04
342 #define BM_CMD_START 0x01
343 #define BM_CMD_READ 0x08
345 typedef int IDEDMAFunc(IDEState *s,
346 target_phys_addr_t phys_addr,
347 int transfer_size1);
349 typedef struct BMDMAState {
350 uint8_t cmd;
351 uint8_t status;
352 uint32_t addr;
353 /* current transfer state */
354 IDEState *ide_if;
355 IDEDMAFunc *dma_cb;
356 } BMDMAState;
358 typedef struct PCIIDEState {
359 PCIDevice dev;
360 IDEState ide_if[4];
361 BMDMAState bmdma[2];
362 } PCIIDEState;
364 #define DMA_MULTI_THREAD
366 #ifdef DMA_MULTI_THREAD
368 static int file_pipes[2];
370 static void ide_dma_loop(BMDMAState *bm);
371 static void dma_thread_loop(BMDMAState *bm);
373 static void *dma_thread_func(void* opaque)
374 {
375 BMDMAState* req;
377 while (read(file_pipes[0], &req, sizeof(req))) {
378 dma_thread_loop(req);
379 }
381 return NULL;
382 }
384 static void dma_create_thread()
385 {
386 pthread_t tid;
387 int rt;
389 if (pipe(file_pipes) != 0){
390 fprintf(stderr, "create pipe failed\n");
391 exit(1);
392 }
394 if ( (rt = pthread_create(&tid, NULL, dma_thread_func, NULL)) ) {
395 fprintf(stderr, "Oops, dma thread creation failed, errno=%d\n", rt);
396 exit(1);
397 }
399 if ( (rt = pthread_detach(tid)) ) {
400 fprintf(stderr, "Oops, dma thread detachment failed, errno=%d\n", rt);
401 exit(1);
402 }
403 }
404 #endif //DMA_MULTI_THREAD
406 static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb);
408 static void padstr(char *str, const char *src, int len)
409 {
410 int i, v;
411 for(i = 0; i < len; i++) {
412 if (*src)
413 v = *src++;
414 else
415 v = ' ';
416 *(char *)((long)str ^ 1) = v;
417 str++;
418 }
419 }
421 static void padstr8(uint8_t *buf, int buf_size, const char *src)
422 {
423 int i;
424 for(i = 0; i < buf_size; i++) {
425 if (*src)
426 buf[i] = *src++;
427 else
428 buf[i] = ' ';
429 }
430 }
432 static void put_le16(uint16_t *p, unsigned int v)
433 {
434 *p = cpu_to_le16(v);
435 }
437 static void ide_identify(IDEState *s)
438 {
439 uint16_t *p;
440 unsigned int oldsize;
441 char buf[20];
443 memset(s->io_buffer, 0, 512);
444 p = (uint16_t *)s->io_buffer;
445 put_le16(p + 0, 0x0040);
446 put_le16(p + 1, s->cylinders);
447 put_le16(p + 3, s->heads);
448 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
449 put_le16(p + 5, 512); /* XXX: retired, remove ? */
450 put_le16(p + 6, s->sectors);
451 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
452 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
453 put_le16(p + 20, 3); /* XXX: retired, remove ? */
454 put_le16(p + 21, 512); /* cache size in sectors */
455 put_le16(p + 22, 4); /* ecc bytes */
456 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
457 padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
458 #if MAX_MULT_SECTORS > 1
459 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
460 #endif
461 put_le16(p + 48, 1); /* dword I/O */
462 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
463 put_le16(p + 51, 0x200); /* PIO transfer cycle */
464 put_le16(p + 52, 0x200); /* DMA transfer cycle */
465 put_le16(p + 53, 1 | 1 << 2); /* words 54-58,88 are valid */
466 put_le16(p + 54, s->cylinders);
467 put_le16(p + 55, s->heads);
468 put_le16(p + 56, s->sectors);
469 oldsize = s->cylinders * s->heads * s->sectors;
470 put_le16(p + 57, oldsize);
471 put_le16(p + 58, oldsize >> 16);
472 if (s->mult_sectors)
473 put_le16(p + 59, 0x100 | s->mult_sectors);
474 put_le16(p + 60, s->nb_sectors);
475 put_le16(p + 61, s->nb_sectors >> 16);
476 put_le16(p + 63, 0x07);
477 put_le16(p + 80, (1 << 1) | (1 << 2));
478 put_le16(p + 82, (1 << 14));
479 put_le16(p + 83, (1 << 14));
480 put_le16(p + 84, (1 << 14));
481 put_le16(p + 85, (1 << 14));
482 put_le16(p + 86, 0);
483 put_le16(p + 87, (1 << 14));
484 put_le16(p + 88, 0x1f | (1 << 13));
485 put_le16(p + 93, 1 | (1 << 14) | 0x2000 | 0x4000);
486 }
488 static void ide_atapi_identify(IDEState *s)
489 {
490 uint16_t *p;
491 char buf[20];
493 memset(s->io_buffer, 0, 512);
494 p = (uint16_t *)s->io_buffer;
495 /* Removable CDROM, 50us response, 12 byte packets */
496 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
497 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
498 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
499 put_le16(p + 20, 3); /* buffer type */
500 put_le16(p + 21, 512); /* cache size in sectors */
501 put_le16(p + 22, 4); /* ecc bytes */
502 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
503 padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
504 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
505 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
506 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
507 put_le16(p + 63, 0x07); /* Multi-word DMA mode 2 */
508 put_le16(p + 64, 1); /* PIO modes */
509 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
510 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
511 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
512 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
514 put_le16(p + 71, 30); /* in ns */
515 put_le16(p + 72, 30); /* in ns */
517 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
518 }
520 static void ide_set_signature(IDEState *s)
521 {
522 s->select &= 0xf0; /* clear head */
523 /* put signature */
524 s->nsector = 1;
525 s->sector = 1;
526 if (s->is_cdrom) {
527 s->lcyl = 0x14;
528 s->hcyl = 0xeb;
529 } else if (s->bs) {
530 s->lcyl = 0;
531 s->hcyl = 0;
532 } else {
533 s->lcyl = 0xff;
534 s->hcyl = 0xff;
535 }
536 }
538 static inline void ide_abort_command(IDEState *s)
539 {
540 s->status = READY_STAT | ERR_STAT;
541 s->error = ABRT_ERR;
542 }
544 static inline void ide_set_irq(IDEState *s)
545 {
546 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
547 #ifdef TARGET_PPC
548 if (s->openpic)
549 openpic_set_irq(s->openpic, s->irq, 1);
550 else
551 #endif
552 if (s->irq == 16)
553 pci_set_irq(s->pci_dev, 0, 1);
554 else
555 pic_set_irq(s->irq, 1);
556 }
557 }
559 /* prepare data transfer and tell what to do after */
560 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
561 EndTransferFunc *end_transfer_func)
562 {
563 s->end_transfer_func = end_transfer_func;
564 s->data_ptr = buf;
565 s->data_end = buf + size;
566 s->status |= DRQ_STAT;
567 }
569 static void ide_transfer_stop(IDEState *s)
570 {
571 s->end_transfer_func = ide_transfer_stop;
572 s->data_ptr = s->io_buffer;
573 s->data_end = s->io_buffer;
574 s->status &= ~DRQ_STAT;
575 }
577 static int64_t ide_get_sector(IDEState *s)
578 {
579 int64_t sector_num;
580 if (s->select & 0x40) {
581 /* lba */
582 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
583 (s->lcyl << 8) | s->sector;
584 } else {
585 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
586 (s->select & 0x0f) * s->sectors +
587 (s->sector - 1);
588 }
589 return sector_num;
590 }
592 static void ide_set_sector(IDEState *s, int64_t sector_num)
593 {
594 unsigned int cyl, r;
595 if (s->select & 0x40) {
596 s->select = (s->select & 0xf0) | (sector_num >> 24);
597 s->hcyl = (sector_num >> 16);
598 s->lcyl = (sector_num >> 8);
599 s->sector = (sector_num);
600 } else {
601 cyl = sector_num / (s->heads * s->sectors);
602 r = sector_num % (s->heads * s->sectors);
603 s->hcyl = cyl >> 8;
604 s->lcyl = cyl;
605 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
606 s->sector = (r % s->sectors) + 1;
607 }
608 }
610 static void ide_sector_read(IDEState *s)
611 {
612 int64_t sector_num;
613 int ret, n;
615 s->status = READY_STAT | SEEK_STAT;
616 s->error = 0; /* not needed by IDE spec, but needed by Windows */
617 sector_num = ide_get_sector(s);
618 n = s->nsector;
619 if (n == 0) {
620 /* no more sector to read from disk */
621 ide_transfer_stop(s);
622 } else {
623 #if defined(DEBUG_IDE)
624 printf("read sector=%Ld\n", sector_num);
625 #endif
626 if (n > s->req_nb_sectors)
627 n = s->req_nb_sectors;
628 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
629 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
630 ide_set_irq(s);
631 ide_set_sector(s, sector_num + n);
632 s->nsector -= n;
633 }
634 }
636 static int ide_read_dma_cb(IDEState *s,
637 target_phys_addr_t phys_addr,
638 int transfer_size1)
639 {
640 int len, transfer_size, n;
641 int64_t sector_num;
643 transfer_size = transfer_size1;
644 while (transfer_size > 0) {
645 len = s->io_buffer_size - s->io_buffer_index;
646 if (len <= 0) {
647 /* transfert next data */
648 n = s->nsector;
649 if (n == 0)
650 break;
651 if (n > MAX_MULT_SECTORS)
652 n = MAX_MULT_SECTORS;
653 sector_num = ide_get_sector(s);
654 bdrv_read(s->bs, sector_num, s->io_buffer, n);
655 s->io_buffer_index = 0;
656 s->io_buffer_size = n * 512;
657 len = s->io_buffer_size;
658 sector_num += n;
659 ide_set_sector(s, sector_num);
660 s->nsector -= n;
661 }
662 if (len > transfer_size)
663 len = transfer_size;
664 cpu_physical_memory_write(phys_addr,
665 s->io_buffer + s->io_buffer_index, len);
666 s->io_buffer_index += len;
667 transfer_size -= len;
668 phys_addr += len;
669 }
670 if (s->io_buffer_index >= s->io_buffer_size && s->nsector == 0) {
671 s->status = READY_STAT | SEEK_STAT;
672 s->bmdma->status &= ~BM_STATUS_DMAING;
673 s->bmdma->status |= BM_STATUS_INT;
674 ide_set_irq(s);
675 #ifdef DEBUG_IDE_ATAPI
676 printf("dma status=0x%x\n", s->status);
677 #endif
678 return 0;
679 }
680 return transfer_size1 - transfer_size;
681 }
683 static void ide_sector_read_dma(IDEState *s)
684 {
685 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
686 s->io_buffer_index = 0;
687 s->io_buffer_size = 0;
688 ide_dma_start(s, ide_read_dma_cb);
689 }
691 static void ide_sector_write(IDEState *s)
692 {
693 int64_t sector_num;
694 int ret, n, n1;
696 s->status = READY_STAT | SEEK_STAT;
697 sector_num = ide_get_sector(s);
698 #if defined(DEBUG_IDE)
699 printf("write sector=%Ld\n", sector_num);
700 #endif
701 n = s->nsector;
702 if (n > s->req_nb_sectors)
703 n = s->req_nb_sectors;
704 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
705 s->nsector -= n;
706 if (s->nsector == 0) {
707 /* no more sector to write */
708 ide_transfer_stop(s);
709 } else {
710 n1 = s->nsector;
711 if (n1 > s->req_nb_sectors)
712 n1 = s->req_nb_sectors;
713 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
714 }
715 ide_set_sector(s, sector_num + n);
716 ide_set_irq(s);
717 }
719 static int ide_write_dma_cb(IDEState *s,
720 target_phys_addr_t phys_addr,
721 int transfer_size1)
722 {
723 int len, transfer_size, n;
724 int64_t sector_num;
726 transfer_size = transfer_size1;
727 for(;;) {
728 len = s->io_buffer_size - s->io_buffer_index;
729 if (len == 0) {
730 n = s->io_buffer_size >> 9;
731 sector_num = ide_get_sector(s);
732 bdrv_write(s->bs, sector_num, s->io_buffer,
733 s->io_buffer_size >> 9);
734 sector_num += n;
735 ide_set_sector(s, sector_num);
736 s->nsector -= n;
737 n = s->nsector;
738 if (n == 0) {
739 /* end of transfer */
740 s->status = READY_STAT | SEEK_STAT;
741 s->bmdma->status &= ~BM_STATUS_DMAING;
742 s->bmdma->status |= BM_STATUS_INT;
743 ide_set_irq(s);
744 return 0;
745 }
746 if (n > MAX_MULT_SECTORS)
747 n = MAX_MULT_SECTORS;
748 s->io_buffer_index = 0;
749 s->io_buffer_size = n * 512;
750 len = s->io_buffer_size;
751 }
752 if (transfer_size <= 0)
753 break;
754 if (len > transfer_size)
755 len = transfer_size;
756 cpu_physical_memory_read(phys_addr,
757 s->io_buffer + s->io_buffer_index, len);
758 s->io_buffer_index += len;
759 transfer_size -= len;
760 phys_addr += len;
761 }
762 return transfer_size1 - transfer_size;
763 }
765 static void ide_sector_write_dma(IDEState *s)
766 {
767 int n;
768 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
769 n = s->nsector;
770 if (n > MAX_MULT_SECTORS)
771 n = MAX_MULT_SECTORS;
772 s->io_buffer_index = 0;
773 s->io_buffer_size = n * 512;
774 ide_dma_start(s, ide_write_dma_cb);
775 }
777 static void ide_atapi_cmd_ok(IDEState *s)
778 {
779 s->error = 0;
780 s->status = READY_STAT;
781 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
782 ide_set_irq(s);
783 }
785 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
786 {
787 #ifdef DEBUG_IDE_ATAPI
788 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
789 #endif
790 s->error = sense_key << 4;
791 s->status = READY_STAT | ERR_STAT;
792 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
793 s->sense_key = sense_key;
794 s->asc = asc;
795 ide_set_irq(s);
796 }
798 static inline void cpu_to_ube16(uint8_t *buf, int val)
799 {
800 buf[0] = val >> 8;
801 buf[1] = val;
802 }
804 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
805 {
806 buf[0] = val >> 24;
807 buf[1] = val >> 16;
808 buf[2] = val >> 8;
809 buf[3] = val;
810 }
812 static inline int ube16_to_cpu(const uint8_t *buf)
813 {
814 return (buf[0] << 8) | buf[1];
815 }
817 static inline int ube32_to_cpu(const uint8_t *buf)
818 {
819 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
820 }
822 static void lba_to_msf(uint8_t *buf, int lba)
823 {
824 lba += 150;
825 buf[0] = (lba / 75) / 60;
826 buf[1] = (lba / 75) % 60;
827 buf[2] = lba % 75;
828 }
830 static void cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
831 int sector_size)
832 {
833 switch(sector_size) {
834 case 2048:
835 bdrv_read(bs, (int64_t)lba << 2, buf, 4);
836 break;
837 case 2352:
838 /* sync bytes */
839 buf[0] = 0x00;
840 memset(buf + 1, 0xff, 11);
841 buf += 12;
842 /* MSF */
843 lba_to_msf(buf, lba);
844 buf[3] = 0x01; /* mode 1 data */
845 buf += 4;
846 /* data */
847 bdrv_read(bs, (int64_t)lba << 2, buf, 4);
848 buf += 2048;
849 /* ECC */
850 memset(buf, 0, 288);
851 break;
852 default:
853 break;
854 }
855 }
857 /* The whole ATAPI transfer logic is handled in this function */
858 static void ide_atapi_cmd_reply_end(IDEState *s)
859 {
860 int byte_count_limit, size;
861 #ifdef DEBUG_IDE_ATAPI
862 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
863 s->packet_transfer_size,
864 s->elementary_transfer_size,
865 s->io_buffer_index);
866 #endif
867 if (s->packet_transfer_size <= 0) {
868 /* end of transfer */
869 ide_transfer_stop(s);
870 s->status = READY_STAT;
871 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
872 ide_set_irq(s);
873 #ifdef DEBUG_IDE_ATAPI
874 printf("status=0x%x\n", s->status);
875 #endif
876 } else {
877 /* see if a new sector must be read */
878 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
879 cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
880 s->lba++;
881 s->io_buffer_index = 0;
882 }
883 if (s->elementary_transfer_size > 0) {
884 /* there are some data left to transmit in this elementary
885 transfer */
886 size = s->cd_sector_size - s->io_buffer_index;
887 if (size > s->elementary_transfer_size)
888 size = s->elementary_transfer_size;
889 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
890 size, ide_atapi_cmd_reply_end);
891 s->packet_transfer_size -= size;
892 s->elementary_transfer_size -= size;
893 s->io_buffer_index += size;
894 } else {
895 /* a new transfer is needed */
896 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
897 byte_count_limit = s->lcyl | (s->hcyl << 8);
898 #ifdef DEBUG_IDE_ATAPI
899 printf("byte_count_limit=%d\n", byte_count_limit);
900 #endif
901 if (byte_count_limit == 0xffff)
902 byte_count_limit--;
903 size = s->packet_transfer_size;
904 if (size > byte_count_limit) {
905 /* byte count limit must be even if this case */
906 if (byte_count_limit & 1)
907 byte_count_limit--;
908 size = byte_count_limit;
909 }
910 s->lcyl = size;
911 s->hcyl = size >> 8;
912 s->elementary_transfer_size = size;
913 /* we cannot transmit more than one sector at a time */
914 if (s->lba != -1) {
915 if (size > (s->cd_sector_size - s->io_buffer_index))
916 size = (s->cd_sector_size - s->io_buffer_index);
917 }
918 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
919 size, ide_atapi_cmd_reply_end);
920 s->packet_transfer_size -= size;
921 s->elementary_transfer_size -= size;
922 s->io_buffer_index += size;
923 ide_set_irq(s);
924 #ifdef DEBUG_IDE_ATAPI
925 printf("status=0x%x\n", s->status);
926 #endif
927 }
928 }
929 }
931 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
932 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
933 {
934 if (size > max_size)
935 size = max_size;
936 s->lba = -1; /* no sector read */
937 s->packet_transfer_size = size;
938 s->elementary_transfer_size = 0;
939 s->io_buffer_index = 0;
941 s->status = READY_STAT;
942 ide_atapi_cmd_reply_end(s);
943 }
945 /* start a CD-CDROM read command */
946 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
947 int sector_size)
948 {
949 s->lba = lba;
950 s->packet_transfer_size = nb_sectors * sector_size;
951 s->elementary_transfer_size = 0;
952 s->io_buffer_index = sector_size;
953 s->cd_sector_size = sector_size;
955 s->status = READY_STAT;
956 ide_atapi_cmd_reply_end(s);
957 }
959 /* ATAPI DMA support */
960 static int ide_atapi_cmd_read_dma_cb(IDEState *s,
961 target_phys_addr_t phys_addr,
962 int transfer_size1)
963 {
964 int len, transfer_size;
966 transfer_size = transfer_size1;
967 while (transfer_size > 0) {
968 if (s->packet_transfer_size <= 0)
969 break;
970 len = s->cd_sector_size - s->io_buffer_index;
971 if (len <= 0) {
972 /* transfert next data */
973 cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
974 s->lba++;
975 s->io_buffer_index = 0;
976 len = s->cd_sector_size;
977 }
978 if (len > transfer_size)
979 len = transfer_size;
980 cpu_physical_memory_write(phys_addr,
981 s->io_buffer + s->io_buffer_index, len);
982 s->packet_transfer_size -= len;
983 s->io_buffer_index += len;
984 transfer_size -= len;
985 phys_addr += len;
986 }
987 if (s->packet_transfer_size <= 0) {
988 s->status = READY_STAT;
989 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
990 s->bmdma->status &= ~BM_STATUS_DMAING;
991 s->bmdma->status |= BM_STATUS_INT;
992 ide_set_irq(s);
993 #ifdef DEBUG_IDE_ATAPI
994 printf("dma status=0x%x\n", s->status);
995 #endif
996 return 0;
997 }
998 return transfer_size1 - transfer_size;
999 }
1001 /* start a CD-CDROM read command with DMA */
1002 /* XXX: test if DMA is available */
1003 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1004 int sector_size)
1006 s->lba = lba;
1007 s->packet_transfer_size = nb_sectors * sector_size;
1008 s->io_buffer_index = sector_size;
1009 s->cd_sector_size = sector_size;
1011 s->status = READY_STAT | DRQ_STAT;
1012 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1015 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1016 int sector_size)
1018 #ifdef DEBUG_IDE_ATAPI
1019 printf("read: LBA=%d nb_sectors=%d\n", lba, nb_sectors);
1020 #endif
1021 if (s->atapi_dma) {
1022 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1023 } else {
1024 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1028 /* same toc as bochs. Return -1 if error or the toc length */
1029 /* XXX: check this */
1030 static int cdrom_read_toc(IDEState *s, uint8_t *buf, int msf, int start_track)
1032 uint8_t *q;
1033 int nb_sectors, len;
1035 if (start_track > 1 && start_track != 0xaa)
1036 return -1;
1037 q = buf + 2;
1038 *q++ = 1; /* first session */
1039 *q++ = 1; /* last session */
1040 if (start_track <= 1) {
1041 *q++ = 0; /* reserved */
1042 *q++ = 0x14; /* ADR, control */
1043 *q++ = 1; /* track number */
1044 *q++ = 0; /* reserved */
1045 if (msf) {
1046 *q++ = 0; /* reserved */
1047 *q++ = 0; /* minute */
1048 *q++ = 2; /* second */
1049 *q++ = 0; /* frame */
1050 } else {
1051 /* sector 0 */
1052 cpu_to_ube32(q, 0);
1053 q += 4;
1056 /* lead out track */
1057 *q++ = 0; /* reserved */
1058 *q++ = 0x16; /* ADR, control */
1059 *q++ = 0xaa; /* track number */
1060 *q++ = 0; /* reserved */
1061 nb_sectors = s->nb_sectors >> 2;
1062 if (msf) {
1063 *q++ = 0; /* reserved */
1064 lba_to_msf(q, nb_sectors);
1065 q += 3;
1066 } else {
1067 cpu_to_ube32(q, nb_sectors);
1068 q += 4;
1070 len = q - buf;
1071 cpu_to_ube16(buf, len - 2);
1072 return len;
1075 /* mostly same info as PearPc */
1076 static int cdrom_read_toc_raw(IDEState *s, uint8_t *buf, int msf,
1077 int session_num)
1079 uint8_t *q;
1080 int nb_sectors, len;
1082 q = buf + 2;
1083 *q++ = 1; /* first session */
1084 *q++ = 1; /* last session */
1086 *q++ = 1; /* session number */
1087 *q++ = 0x14; /* data track */
1088 *q++ = 0; /* track number */
1089 *q++ = 0xa0; /* lead-in */
1090 *q++ = 0; /* min */
1091 *q++ = 0; /* sec */
1092 *q++ = 0; /* frame */
1093 *q++ = 0;
1094 *q++ = 1; /* first track */
1095 *q++ = 0x00; /* disk type */
1096 *q++ = 0x00;
1098 *q++ = 1; /* session number */
1099 *q++ = 0x14; /* data track */
1100 *q++ = 0; /* track number */
1101 *q++ = 0xa1;
1102 *q++ = 0; /* min */
1103 *q++ = 0; /* sec */
1104 *q++ = 0; /* frame */
1105 *q++ = 0;
1106 *q++ = 1; /* last track */
1107 *q++ = 0x00;
1108 *q++ = 0x00;
1110 *q++ = 1; /* session number */
1111 *q++ = 0x14; /* data track */
1112 *q++ = 0; /* track number */
1113 *q++ = 0xa2; /* lead-out */
1114 *q++ = 0; /* min */
1115 *q++ = 0; /* sec */
1116 *q++ = 0; /* frame */
1117 nb_sectors = s->nb_sectors >> 2;
1118 if (msf) {
1119 *q++ = 0; /* reserved */
1120 lba_to_msf(q, nb_sectors);
1121 q += 3;
1122 } else {
1123 cpu_to_ube32(q, nb_sectors);
1124 q += 4;
1127 *q++ = 1; /* session number */
1128 *q++ = 0x14; /* ADR, control */
1129 *q++ = 0; /* track number */
1130 *q++ = 1; /* point */
1131 *q++ = 0; /* min */
1132 *q++ = 0; /* sec */
1133 *q++ = 0; /* frame */
1134 *q++ = 0;
1135 *q++ = 0;
1136 *q++ = 0;
1137 *q++ = 0;
1139 len = q - buf;
1140 cpu_to_ube16(buf, len - 2);
1141 return len;
1144 static void ide_atapi_cmd(IDEState *s)
1146 const uint8_t *packet;
1147 uint8_t *buf;
1148 int max_len;
1150 packet = s->io_buffer;
1151 buf = s->io_buffer;
1152 #ifdef DEBUG_IDE_ATAPI
1154 int i;
1155 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1156 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1157 printf(" %02x", packet[i]);
1159 printf("\n");
1161 #endif
1162 switch(s->io_buffer[0]) {
1163 case GPCMD_TEST_UNIT_READY:
1164 if (bdrv_is_inserted(s->bs)) {
1165 ide_atapi_cmd_ok(s);
1166 } else {
1167 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1168 ASC_MEDIUM_NOT_PRESENT);
1170 break;
1171 case GPCMD_MODE_SENSE_10:
1173 int action, code;
1174 max_len = ube16_to_cpu(packet + 7);
1175 action = packet[2] >> 6;
1176 code = packet[2] & 0x3f;
1177 switch(action) {
1178 case 0: /* current values */
1179 switch(code) {
1180 case 0x01: /* error recovery */
1181 cpu_to_ube16(&buf[0], 16 + 6);
1182 buf[2] = 0x70;
1183 buf[3] = 0;
1184 buf[4] = 0;
1185 buf[5] = 0;
1186 buf[6] = 0;
1187 buf[7] = 0;
1189 buf[8] = 0x01;
1190 buf[9] = 0x06;
1191 buf[10] = 0x00;
1192 buf[11] = 0x05;
1193 buf[12] = 0x00;
1194 buf[13] = 0x00;
1195 buf[14] = 0x00;
1196 buf[15] = 0x00;
1197 ide_atapi_cmd_reply(s, 16, max_len);
1198 break;
1199 case 0x2a:
1200 cpu_to_ube16(&buf[0], 28 + 6);
1201 buf[2] = 0x70;
1202 buf[3] = 0;
1203 buf[4] = 0;
1204 buf[5] = 0;
1205 buf[6] = 0;
1206 buf[7] = 0;
1208 buf[8] = 0x2a;
1209 buf[9] = 0x12;
1210 buf[10] = 0x00;
1211 buf[11] = 0x00;
1213 buf[12] = 0x70;
1214 buf[13] = 3 << 5;
1215 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1216 if (bdrv_is_locked(s->bs))
1217 buf[6] |= 1 << 1;
1218 buf[15] = 0x00;
1219 cpu_to_ube16(&buf[16], 706);
1220 buf[18] = 0;
1221 buf[19] = 2;
1222 cpu_to_ube16(&buf[20], 512);
1223 cpu_to_ube16(&buf[22], 706);
1224 buf[24] = 0;
1225 buf[25] = 0;
1226 buf[26] = 0;
1227 buf[27] = 0;
1228 ide_atapi_cmd_reply(s, 28, max_len);
1229 break;
1230 default:
1231 goto error_cmd;
1233 break;
1234 case 1: /* changeable values */
1235 goto error_cmd;
1236 case 2: /* default values */
1237 goto error_cmd;
1238 default:
1239 case 3: /* saved values */
1240 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1241 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1242 break;
1245 break;
1246 case GPCMD_REQUEST_SENSE:
1247 max_len = packet[4];
1248 memset(buf, 0, 18);
1249 buf[0] = 0x70 | (1 << 7);
1250 buf[2] = s->sense_key;
1251 buf[7] = 10;
1252 buf[12] = s->asc;
1253 ide_atapi_cmd_reply(s, 18, max_len);
1254 break;
1255 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1256 if (bdrv_is_inserted(s->bs)) {
1257 bdrv_set_locked(s->bs, packet[4] & 1);
1258 ide_atapi_cmd_ok(s);
1259 } else {
1260 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1261 ASC_MEDIUM_NOT_PRESENT);
1263 break;
1264 case GPCMD_READ_10:
1265 case GPCMD_READ_12:
1267 int nb_sectors, lba;
1269 if (!bdrv_is_inserted(s->bs)) {
1270 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1271 ASC_MEDIUM_NOT_PRESENT);
1272 break;
1274 if (packet[0] == GPCMD_READ_10)
1275 nb_sectors = ube16_to_cpu(packet + 7);
1276 else
1277 nb_sectors = ube32_to_cpu(packet + 6);
1278 lba = ube32_to_cpu(packet + 2);
1279 if (nb_sectors == 0) {
1280 ide_atapi_cmd_ok(s);
1281 break;
1283 if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
1284 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1285 ASC_LOGICAL_BLOCK_OOR);
1286 break;
1288 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1290 break;
1291 case GPCMD_READ_CD:
1293 int nb_sectors, lba, transfer_request;
1295 if (!bdrv_is_inserted(s->bs)) {
1296 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1297 ASC_MEDIUM_NOT_PRESENT);
1298 break;
1300 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1301 lba = ube32_to_cpu(packet + 2);
1302 if (nb_sectors == 0) {
1303 ide_atapi_cmd_ok(s);
1304 break;
1306 if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
1307 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1308 ASC_LOGICAL_BLOCK_OOR);
1309 break;
1311 transfer_request = packet[9];
1312 switch(transfer_request & 0xf8) {
1313 case 0x00:
1314 /* nothing */
1315 ide_atapi_cmd_ok(s);
1316 break;
1317 case 0x10:
1318 /* normal read */
1319 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1320 break;
1321 case 0xf8:
1322 /* read all data */
1323 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1324 break;
1325 default:
1326 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1327 ASC_INV_FIELD_IN_CMD_PACKET);
1328 break;
1331 break;
1332 case GPCMD_SEEK:
1334 int lba;
1335 if (!bdrv_is_inserted(s->bs)) {
1336 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1337 ASC_MEDIUM_NOT_PRESENT);
1338 break;
1340 lba = ube32_to_cpu(packet + 2);
1341 if (((int64_t)lba << 2) > s->nb_sectors) {
1342 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1343 ASC_LOGICAL_BLOCK_OOR);
1344 break;
1346 ide_atapi_cmd_ok(s);
1348 break;
1349 case GPCMD_START_STOP_UNIT:
1351 int start, eject;
1352 start = packet[4] & 1;
1353 eject = (packet[4] >> 1) & 1;
1355 if (eject && !start) {
1356 /* eject the disk */
1357 bdrv_close(s->bs);
1359 ide_atapi_cmd_ok(s);
1361 break;
1362 case GPCMD_MECHANISM_STATUS:
1364 max_len = ube16_to_cpu(packet + 8);
1365 cpu_to_ube16(buf, 0);
1366 /* no current LBA */
1367 buf[2] = 0;
1368 buf[3] = 0;
1369 buf[4] = 0;
1370 buf[5] = 1;
1371 cpu_to_ube16(buf + 6, 0);
1372 ide_atapi_cmd_reply(s, 8, max_len);
1374 break;
1375 case GPCMD_READ_TOC_PMA_ATIP:
1377 int format, msf, start_track, len;
1379 if (!bdrv_is_inserted(s->bs)) {
1380 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1381 ASC_MEDIUM_NOT_PRESENT);
1382 break;
1384 max_len = ube16_to_cpu(packet + 7);
1385 format = packet[9] >> 6;
1386 msf = (packet[1] >> 1) & 1;
1387 start_track = packet[6];
1388 switch(format) {
1389 case 0:
1390 len = cdrom_read_toc(s, buf, msf, start_track);
1391 if (len < 0)
1392 goto error_cmd;
1393 ide_atapi_cmd_reply(s, len, max_len);
1394 break;
1395 case 1:
1396 /* multi session : only a single session defined */
1397 memset(buf, 0, 12);
1398 buf[1] = 0x0a;
1399 buf[2] = 0x01;
1400 buf[3] = 0x01;
1401 ide_atapi_cmd_reply(s, 12, max_len);
1402 break;
1403 case 2:
1404 len = cdrom_read_toc_raw(s, buf, msf, start_track);
1405 if (len < 0)
1406 goto error_cmd;
1407 ide_atapi_cmd_reply(s, len, max_len);
1408 break;
1409 default:
1410 error_cmd:
1411 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1412 ASC_INV_FIELD_IN_CMD_PACKET);
1413 break;
1416 break;
1417 case GPCMD_READ_CDVD_CAPACITY:
1418 if (!bdrv_is_inserted(s->bs)) {
1419 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1420 ASC_MEDIUM_NOT_PRESENT);
1421 break;
1423 /* NOTE: it is really the number of sectors minus 1 */
1424 cpu_to_ube32(buf, (s->nb_sectors >> 2) - 1);
1425 cpu_to_ube32(buf + 4, 2048);
1426 ide_atapi_cmd_reply(s, 8, 8);
1427 break;
1428 case GPCMD_INQUIRY:
1429 max_len = packet[4];
1430 buf[0] = 0x05; /* CD-ROM */
1431 buf[1] = 0x80; /* removable */
1432 buf[2] = 0x00; /* ISO */
1433 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1434 buf[4] = 31; /* additionnal length */
1435 buf[5] = 0; /* reserved */
1436 buf[6] = 0; /* reserved */
1437 buf[7] = 0; /* reserved */
1438 padstr8(buf + 8, 8, "QEMU");
1439 padstr8(buf + 16, 16, "QEMU CD-ROM");
1440 padstr8(buf + 32, 4, QEMU_VERSION);
1441 ide_atapi_cmd_reply(s, 36, max_len);
1442 break;
1443 default:
1444 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1445 ASC_ILLEGAL_OPCODE);
1446 break;
1450 /* called when the inserted state of the media has changed */
1451 static void cdrom_change_cb(void *opaque)
1453 IDEState *s = opaque;
1454 int64_t nb_sectors;
1456 /* XXX: send interrupt too */
1457 bdrv_get_geometry(s->bs, &nb_sectors);
1458 s->nb_sectors = nb_sectors;
1461 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1463 IDEState *ide_if = opaque;
1464 IDEState *s;
1465 int unit, n;
1467 #ifdef DEBUG_IDE
1468 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1469 #endif
1470 addr &= 7;
1471 switch(addr) {
1472 case 0:
1473 break;
1474 case 1:
1475 /* NOTE: data is written to the two drives */
1476 ide_if[0].feature = val;
1477 ide_if[1].feature = val;
1478 break;
1479 case 2:
1480 if (val == 0)
1481 val = 256;
1482 ide_if[0].nsector = val;
1483 ide_if[1].nsector = val;
1484 break;
1485 case 3:
1486 ide_if[0].sector = val;
1487 ide_if[1].sector = val;
1488 break;
1489 case 4:
1490 ide_if[0].lcyl = val;
1491 ide_if[1].lcyl = val;
1492 break;
1493 case 5:
1494 ide_if[0].hcyl = val;
1495 ide_if[1].hcyl = val;
1496 break;
1497 case 6:
1498 ide_if[0].select = (val & ~0x10) | 0xa0;
1499 ide_if[1].select = (val | 0x10) | 0xa0;
1500 /* select drive */
1501 unit = (val >> 4) & 1;
1502 s = ide_if + unit;
1503 ide_if->cur_drive = s;
1504 break;
1505 default:
1506 case 7:
1507 /* command */
1508 #if defined(DEBUG_IDE)
1509 printf("ide: CMD=%02x\n", val);
1510 #endif
1511 s = ide_if->cur_drive;
1512 /* ignore commands to non existant slave */
1513 if (s != ide_if && !s->bs)
1514 break;
1515 switch(val) {
1516 case WIN_IDENTIFY:
1517 if (s->bs && !s->is_cdrom) {
1518 ide_identify(s);
1519 s->status = READY_STAT | SEEK_STAT;
1520 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1521 } else {
1522 if (s->is_cdrom) {
1523 ide_set_signature(s);
1525 ide_abort_command(s);
1527 ide_set_irq(s);
1528 break;
1529 case WIN_SPECIFY:
1530 case WIN_RECAL:
1531 s->error = 0;
1532 s->status = READY_STAT | SEEK_STAT;
1533 ide_set_irq(s);
1534 break;
1535 case WIN_SETMULT:
1536 if (s->nsector > MAX_MULT_SECTORS ||
1537 s->nsector == 0 ||
1538 (s->nsector & (s->nsector - 1)) != 0) {
1539 ide_abort_command(s);
1540 } else {
1541 s->mult_sectors = s->nsector;
1542 s->status = READY_STAT;
1544 ide_set_irq(s);
1545 break;
1546 case WIN_VERIFY:
1547 case WIN_VERIFY_ONCE:
1548 /* do sector number check ? */
1549 s->status = READY_STAT;
1550 ide_set_irq(s);
1551 break;
1552 case WIN_READ:
1553 case WIN_READ_ONCE:
1554 if (!s->bs)
1555 goto abort_cmd;
1556 s->req_nb_sectors = 1;
1557 ide_sector_read(s);
1558 break;
1559 case WIN_WRITE:
1560 case WIN_WRITE_ONCE:
1561 s->error = 0;
1562 s->status = SEEK_STAT | READY_STAT;
1563 s->req_nb_sectors = 1;
1564 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1565 break;
1566 case WIN_MULTREAD:
1567 if (!s->mult_sectors)
1568 goto abort_cmd;
1569 s->req_nb_sectors = s->mult_sectors;
1570 ide_sector_read(s);
1571 break;
1572 case WIN_MULTWRITE:
1573 if (!s->mult_sectors)
1574 goto abort_cmd;
1575 s->error = 0;
1576 s->status = SEEK_STAT | READY_STAT;
1577 s->req_nb_sectors = s->mult_sectors;
1578 n = s->nsector;
1579 if (n > s->req_nb_sectors)
1580 n = s->req_nb_sectors;
1581 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1582 break;
1583 case WIN_READDMA:
1584 case WIN_READDMA_ONCE:
1585 if (!s->bs)
1586 goto abort_cmd;
1587 ide_sector_read_dma(s);
1588 break;
1589 case WIN_WRITEDMA:
1590 case WIN_WRITEDMA_ONCE:
1591 if (!s->bs)
1592 goto abort_cmd;
1593 ide_sector_write_dma(s);
1594 break;
1595 case WIN_READ_NATIVE_MAX:
1596 ide_set_sector(s, s->nb_sectors - 1);
1597 s->status = READY_STAT;
1598 ide_set_irq(s);
1599 break;
1600 case WIN_CHECKPOWERMODE1:
1601 s->nsector = 0xff; /* device active or idle */
1602 s->status = READY_STAT;
1603 ide_set_irq(s);
1604 break;
1605 case WIN_SETFEATURES:
1606 if (!s->bs)
1607 goto abort_cmd;
1608 /* XXX: valid for CDROM ? */
1609 switch(s->feature) {
1610 case 0x02: /* write cache enable */
1611 case 0x03: /* set transfer mode */
1612 case 0x82: /* write cache disable */
1613 case 0xaa: /* read look-ahead enable */
1614 case 0x55: /* read look-ahead disable */
1615 s->status = READY_STAT | SEEK_STAT;
1616 ide_set_irq(s);
1617 break;
1618 default:
1619 goto abort_cmd;
1621 break;
1622 case WIN_STANDBYNOW1:
1623 s->status = READY_STAT;
1624 ide_set_irq(s);
1625 break;
1626 /* ATAPI commands */
1627 case WIN_PIDENTIFY:
1628 if (s->is_cdrom) {
1629 ide_atapi_identify(s);
1630 s->status = READY_STAT;
1631 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1632 } else {
1633 ide_abort_command(s);
1635 ide_set_irq(s);
1636 break;
1637 case WIN_SRST:
1638 if (!s->is_cdrom)
1639 goto abort_cmd;
1640 ide_set_signature(s);
1641 s->status = 0x00; /* NOTE: READY is _not_ set */
1642 s->error = 0x01;
1643 break;
1644 case WIN_PACKETCMD:
1645 if (!s->is_cdrom)
1646 goto abort_cmd;
1647 /* overlapping commands not supported */
1648 if (s->feature & 0x02)
1649 goto abort_cmd;
1650 s->atapi_dma = s->feature & 1;
1651 s->nsector = 1;
1652 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1653 ide_atapi_cmd);
1654 break;
1655 default:
1656 abort_cmd:
1657 ide_abort_command(s);
1658 ide_set_irq(s);
1659 break;
1664 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
1666 IDEState *ide_if = opaque;
1667 IDEState *s = ide_if->cur_drive;
1668 uint32_t addr;
1669 int ret;
1671 addr = addr1 & 7;
1672 switch(addr) {
1673 case 0:
1674 ret = 0xff;
1675 break;
1676 case 1:
1677 if (!ide_if[0].bs && !ide_if[1].bs)
1678 ret = 0;
1679 else
1680 ret = s->error;
1681 break;
1682 case 2:
1683 if (!ide_if[0].bs && !ide_if[1].bs)
1684 ret = 0;
1685 else
1686 ret = s->nsector & 0xff;
1687 break;
1688 case 3:
1689 if (!ide_if[0].bs && !ide_if[1].bs)
1690 ret = 0;
1691 else
1692 ret = s->sector;
1693 break;
1694 case 4:
1695 if (!ide_if[0].bs && !ide_if[1].bs)
1696 ret = 0;
1697 else
1698 ret = s->lcyl;
1699 break;
1700 case 5:
1701 if (!ide_if[0].bs && !ide_if[1].bs)
1702 ret = 0;
1703 else
1704 ret = s->hcyl;
1705 break;
1706 case 6:
1707 if (!ide_if[0].bs && !ide_if[1].bs)
1708 ret = 0;
1709 else
1710 ret = s->select;
1711 break;
1712 default:
1713 case 7:
1714 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1715 (s != ide_if && !s->bs))
1716 ret = 0;
1717 else
1718 ret = s->status;
1719 #ifdef TARGET_PPC
1720 if (s->openpic)
1721 openpic_set_irq(s->openpic, s->irq, 0);
1722 else
1723 #endif
1724 if (s->irq == 16)
1725 pci_set_irq(s->pci_dev, 0, 0);
1726 else
1727 pic_set_irq(s->irq, 0);
1728 break;
1730 #ifdef DEBUG_IDE
1731 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1732 #endif
1733 return ret;
1736 static uint32_t ide_status_read(void *opaque, uint32_t addr)
1738 IDEState *ide_if = opaque;
1739 IDEState *s = ide_if->cur_drive;
1740 int ret;
1742 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1743 (s != ide_if && !s->bs))
1744 ret = 0;
1745 else
1746 ret = s->status;
1747 #ifdef DEBUG_IDE
1748 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1749 #endif
1750 return ret;
1753 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
1755 IDEState *ide_if = opaque;
1756 IDEState *s;
1757 int i;
1759 #ifdef DEBUG_IDE
1760 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1761 #endif
1762 /* common for both drives */
1763 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
1764 (val & IDE_CMD_RESET)) {
1765 /* reset low to high */
1766 for(i = 0;i < 2; i++) {
1767 s = &ide_if[i];
1768 s->status = BUSY_STAT | SEEK_STAT;
1769 s->error = 0x01;
1771 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
1772 !(val & IDE_CMD_RESET)) {
1773 /* high to low */
1774 for(i = 0;i < 2; i++) {
1775 s = &ide_if[i];
1776 if (s->is_cdrom)
1777 s->status = 0x00; /* NOTE: READY is _not_ set */
1778 else
1779 s->status = READY_STAT | SEEK_STAT;
1780 ide_set_signature(s);
1784 ide_if[0].cmd = val;
1785 ide_if[1].cmd = val;
1788 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
1790 IDEState *s = ((IDEState *)opaque)->cur_drive;
1791 uint8_t *p;
1793 p = s->data_ptr;
1794 *(uint16_t *)p = le16_to_cpu(val);
1795 p += 2;
1796 s->data_ptr = p;
1797 if (p >= s->data_end)
1798 s->end_transfer_func(s);
1801 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
1803 IDEState *s = ((IDEState *)opaque)->cur_drive;
1804 uint8_t *p;
1805 int ret;
1806 p = s->data_ptr;
1807 ret = cpu_to_le16(*(uint16_t *)p);
1808 p += 2;
1809 s->data_ptr = p;
1810 if (p >= s->data_end)
1811 s->end_transfer_func(s);
1812 return ret;
1815 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
1817 IDEState *s = ((IDEState *)opaque)->cur_drive;
1818 uint8_t *p;
1820 p = s->data_ptr;
1821 *(uint32_t *)p = le32_to_cpu(val);
1822 p += 4;
1823 s->data_ptr = p;
1824 if (p >= s->data_end)
1825 s->end_transfer_func(s);
1828 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
1830 IDEState *s = ((IDEState *)opaque)->cur_drive;
1831 uint8_t *p;
1832 int ret;
1834 p = s->data_ptr;
1835 ret = cpu_to_le32(*(uint32_t *)p);
1836 p += 4;
1837 s->data_ptr = p;
1838 if (p >= s->data_end)
1839 s->end_transfer_func(s);
1840 return ret;
1843 static void ide_dummy_transfer_stop(IDEState *s)
1845 s->data_ptr = s->io_buffer;
1846 s->data_end = s->io_buffer;
1847 s->io_buffer[0] = 0xff;
1848 s->io_buffer[1] = 0xff;
1849 s->io_buffer[2] = 0xff;
1850 s->io_buffer[3] = 0xff;
1853 static void ide_reset(IDEState *s)
1855 s->mult_sectors = MAX_MULT_SECTORS;
1856 s->cur_drive = s;
1857 s->select = 0xa0;
1858 s->status = READY_STAT;
1859 ide_set_signature(s);
1860 /* init the transfer handler so that 0xffff is returned on data
1861 accesses */
1862 s->end_transfer_func = ide_dummy_transfer_stop;
1863 ide_dummy_transfer_stop(s);
1866 struct partition {
1867 uint8_t boot_ind; /* 0x80 - active */
1868 uint8_t head; /* starting head */
1869 uint8_t sector; /* starting sector */
1870 uint8_t cyl; /* starting cylinder */
1871 uint8_t sys_ind; /* What partition type */
1872 uint8_t end_head; /* end head */
1873 uint8_t end_sector; /* end sector */
1874 uint8_t end_cyl; /* end cylinder */
1875 uint32_t start_sect; /* starting sector counting from 0 */
1876 uint32_t nr_sects; /* nr of sectors in partition */
1877 } __attribute__((packed));
1879 /* try to guess the IDE geometry from the MSDOS partition table */
1880 static void ide_guess_geometry(IDEState *s)
1882 uint8_t buf[512];
1883 int ret, i;
1884 struct partition *p;
1885 uint32_t nr_sects;
1887 if (s->cylinders != 0)
1888 return;
1889 ret = bdrv_read(s->bs, 0, buf, 1);
1890 if (ret < 0)
1891 return;
1892 /* test msdos magic */
1893 if (buf[510] != 0x55 || buf[511] != 0xaa)
1894 return;
1895 for(i = 0; i < 4; i++) {
1896 p = ((struct partition *)(buf + 0x1be)) + i;
1897 nr_sects = le32_to_cpu(p->nr_sects);
1898 if (nr_sects && p->end_head) {
1899 /* We make the assumption that the partition terminates on
1900 a cylinder boundary */
1901 s->heads = p->end_head + 1;
1902 s->sectors = p->end_sector & 63;
1903 if (s->sectors == 0)
1904 continue;
1905 s->cylinders = s->nb_sectors / (s->heads * s->sectors);
1906 if (s->cylinders < 1 || s->cylinders > 16383)
1907 continue;
1908 #if 0
1909 printf("guessed partition: CHS=%d %d %d\n",
1910 s->cylinders, s->heads, s->sectors);
1911 #endif
1916 static void ide_init2(IDEState *ide_state, int irq,
1917 BlockDriverState *hd0, BlockDriverState *hd1)
1919 IDEState *s;
1920 static int drive_serial = 1;
1921 int i, cylinders, heads, secs;
1922 int64_t nb_sectors;
1924 for(i = 0; i < 2; i++) {
1925 s = ide_state + i;
1926 if (i == 0)
1927 s->bs = hd0;
1928 else
1929 s->bs = hd1;
1930 if (s->bs) {
1931 bdrv_get_geometry(s->bs, &nb_sectors);
1932 s->nb_sectors = nb_sectors;
1933 /* if a geometry hint is available, use it */
1934 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
1935 if (cylinders != 0) {
1936 s->cylinders = cylinders;
1937 s->heads = heads;
1938 s->sectors = secs;
1939 } else {
1940 ide_guess_geometry(s);
1942 /* if heads > 16, it means that a BIOS LBA
1943 translation was active, so the default
1944 hardware geometry is OK */
1945 if ((s->heads > 16) || (s->cylinders == 0)) {
1946 /* if no geometry, use a standard physical disk geometry */
1947 cylinders = nb_sectors / (16 * 63);
1948 if (cylinders > 16383)
1949 cylinders = 16383;
1950 else if (cylinders < 2)
1951 cylinders = 2;
1952 s->cylinders = cylinders;
1953 s->heads = 16;
1954 s->sectors = 63;
1956 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
1958 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
1959 s->is_cdrom = 1;
1960 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
1963 s->drive_serial = drive_serial++;
1964 s->irq = irq;
1965 ide_reset(s);
1969 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
1971 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
1972 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
1973 if (iobase2) {
1974 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
1975 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
1978 /* data ports */
1979 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
1980 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
1981 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
1982 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
1985 /***********************************************************/
1986 /* ISA IDE definitions */
1988 void isa_ide_init(int iobase, int iobase2, int irq,
1989 BlockDriverState *hd0, BlockDriverState *hd1)
1991 IDEState *ide_state;
1993 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
1994 if (!ide_state)
1995 return;
1997 ide_init2(ide_state, irq, hd0, hd1);
1998 ide_init_ioport(ide_state, iobase, iobase2);
2001 /***********************************************************/
2002 /* PCI IDE definitions */
2004 static void ide_map(PCIDevice *pci_dev, int region_num,
2005 uint32_t addr, uint32_t size, int type)
2007 PCIIDEState *d = (PCIIDEState *)pci_dev;
2008 IDEState *ide_state;
2010 if (region_num <= 3) {
2011 ide_state = &d->ide_if[(region_num >> 1) * 2];
2012 if (region_num & 1) {
2013 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2014 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2015 } else {
2016 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2017 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2019 /* data ports */
2020 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2021 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2022 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2023 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2028 /* XXX: full callback usage to prepare non blocking I/Os support -
2029 error handling */
2030 #ifdef DMA_MULTI_THREAD
2031 static void ide_dma_loop(BMDMAState *bm)
2033 write(file_pipes[1], &bm, sizeof(bm));
2035 static void dma_thread_loop(BMDMAState *bm)
2036 #else
2037 static void ide_dma_loop(BMDMAState *bm)
2038 #endif //DMA_MULTI_THREAD
2040 struct {
2041 uint32_t addr;
2042 uint32_t size;
2043 } prd;
2044 target_phys_addr_t cur_addr;
2045 int len, i, len1;
2047 cur_addr = bm->addr;
2048 /* at most one page to avoid hanging if erroneous parameters */
2049 for(i = 0; i < 512; i++) {
2050 cpu_physical_memory_read(cur_addr, (uint8_t *)&prd, 8);
2051 prd.addr = le32_to_cpu(prd.addr);
2052 prd.size = le32_to_cpu(prd.size);
2053 #ifdef DEBUG_IDE
2054 printf("ide: dma: prd: %08x: addr=0x%08x size=0x%08x\n",
2055 (int)cur_addr, prd.addr, prd.size);
2056 #endif
2057 len = prd.size & 0xfffe;
2058 if (len == 0)
2059 len = 0x10000;
2060 while (len > 0) {
2061 len1 = bm->dma_cb(bm->ide_if, prd.addr, len);
2062 if (len1 == 0)
2063 goto the_end;
2064 prd.addr += len1;
2065 len -= len1;
2067 /* end of transfer */
2068 if (prd.size & 0x80000000)
2069 break;
2070 cur_addr += 8;
2072 /* end of transfer */
2073 the_end:
2074 bm->dma_cb = NULL;
2075 bm->ide_if = NULL;
2078 static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb)
2080 BMDMAState *bm = s->bmdma;
2081 if(!bm)
2082 return;
2083 bm->ide_if = s;
2084 bm->dma_cb = dma_cb;
2085 if (bm->status & BM_STATUS_DMAING) {
2086 ide_dma_loop(bm);
2090 static uint32_t bmdma_cmd_readb(void *opaque, uint32_t addr)
2092 BMDMAState *bm = opaque;
2093 uint32_t val;
2094 val = bm->cmd;
2095 #ifdef DEBUG_IDE
2096 printf("%s: 0x%08x\n", __func__, val);
2097 #endif
2098 return val;
2101 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2103 BMDMAState *bm = opaque;
2104 #ifdef DEBUG_IDE
2105 printf("%s: 0x%08x\n", __func__, val);
2106 #endif
2107 if (!(val & BM_CMD_START)) {
2108 /* XXX: do it better */
2109 bm->status &= ~BM_STATUS_DMAING;
2110 bm->cmd = val & 0x09;
2111 } else {
2112 bm->status |= BM_STATUS_DMAING;
2113 bm->cmd = val & 0x09;
2114 /* start dma transfer if possible */
2115 if (bm->dma_cb)
2116 ide_dma_loop(bm);
2120 static uint32_t bmdma_status_readb(void *opaque, uint32_t addr)
2122 BMDMAState *bm = opaque;
2123 uint32_t val;
2124 val = bm->status;
2125 #ifdef DEBUG_IDE
2126 printf("%s: 0x%08x\n", __func__, val);
2127 #endif
2128 return val;
2131 static void bmdma_status_writeb(void *opaque, uint32_t addr, uint32_t val)
2133 BMDMAState *bm = opaque;
2134 #ifdef DEBUG_IDE
2135 printf("%s: 0x%08x\n", __func__, val);
2136 #endif
2137 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2140 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2142 BMDMAState *bm = opaque;
2143 uint32_t val;
2144 val = bm->addr;
2145 #ifdef DEBUG_IDE
2146 printf("%s: 0x%08x\n", __func__, val);
2147 #endif
2148 return val;
2151 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2153 BMDMAState *bm = opaque;
2154 #ifdef DEBUG_IDE
2155 printf("%s: 0x%08x\n", __func__, val);
2156 #endif
2157 bm->addr = val & ~3;
2160 static void bmdma_map(PCIDevice *pci_dev, int region_num,
2161 uint32_t addr, uint32_t size, int type)
2163 PCIIDEState *d = (PCIIDEState *)pci_dev;
2164 int i;
2166 for(i = 0;i < 2; i++) {
2167 BMDMAState *bm = &d->bmdma[i];
2168 d->ide_if[2 * i].bmdma = bm;
2169 d->ide_if[2 * i + 1].bmdma = bm;
2171 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2172 register_ioport_read(addr, 1, 1, bmdma_cmd_readb, bm);
2174 register_ioport_write(addr + 2, 1, 1, bmdma_status_writeb, bm);
2175 register_ioport_read(addr + 2, 1, 1, bmdma_status_readb, bm);
2177 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2178 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2179 addr += 8;
2183 /* hd_table must contain 4 block drivers */
2184 void pci_ide_init(PCIBus *bus, BlockDriverState **hd_table)
2186 PCIIDEState *d;
2187 uint8_t *pci_conf;
2188 int i;
2190 d = (PCIIDEState *)pci_register_device(bus, "IDE", sizeof(PCIIDEState),
2191 -1,
2192 NULL, NULL);
2193 pci_conf = d->dev.config;
2194 pci_conf[0x00] = 0x86; // Intel
2195 pci_conf[0x01] = 0x80;
2196 pci_conf[0x02] = 0x00; // fake
2197 pci_conf[0x03] = 0x01; // fake
2198 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2199 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2200 pci_conf[0x0e] = 0x80; // header_type = PCI_multifunction, generic
2202 pci_conf[0x2c] = 0x86; // subsys vendor
2203 pci_conf[0x2d] = 0x80; // subsys vendor
2204 pci_conf[0x2e] = 0x00; // fake
2205 pci_conf[0x2f] = 0x01; // fake
2207 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2208 PCI_ADDRESS_SPACE_IO, ide_map);
2209 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2210 PCI_ADDRESS_SPACE_IO, ide_map);
2211 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2212 PCI_ADDRESS_SPACE_IO, ide_map);
2213 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2214 PCI_ADDRESS_SPACE_IO, ide_map);
2215 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2216 PCI_ADDRESS_SPACE_IO, bmdma_map);
2218 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2220 for(i = 0; i < 4; i++)
2221 d->ide_if[i].pci_dev = (PCIDevice *)d;
2222 ide_init2(&d->ide_if[0], 16, hd_table[0], hd_table[1]);
2223 ide_init2(&d->ide_if[2], 16, hd_table[2], hd_table[3]);
2224 #ifdef DMA_MULTI_THREAD
2225 dma_create_thread();
2226 #endif //DMA_MULTI_THREAD
2229 /* hd_table must contain 4 block drivers */
2230 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
2231 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table)
2233 PCIIDEState *d;
2234 uint8_t *pci_conf;
2236 /* register a function 1 of PIIX3 */
2237 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2238 sizeof(PCIIDEState),
2239 ((PCIDevice *)piix3_state)->devfn + 1,
2240 NULL, NULL);
2241 pci_conf = d->dev.config;
2242 pci_conf[0x00] = 0x86; // Intel
2243 pci_conf[0x01] = 0x80;
2244 pci_conf[0x02] = 0x10;
2245 pci_conf[0x03] = 0x70;
2246 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2247 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2248 pci_conf[0x0e] = 0x00; // header_type
2250 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2251 PCI_ADDRESS_SPACE_IO, bmdma_map);
2253 ide_init2(&d->ide_if[0], 14, hd_table[0], hd_table[1]);
2254 ide_init2(&d->ide_if[2], 15, hd_table[2], hd_table[3]);
2255 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2256 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2257 #ifdef DMA_MULTI_THREAD
2258 dma_create_thread();
2259 #endif //DMA_MULTI_THREAD
2262 /***********************************************************/
2263 /* MacIO based PowerPC IDE */
2265 /* PowerMac IDE memory IO */
2266 static void pmac_ide_writeb (void *opaque,
2267 target_phys_addr_t addr, uint32_t val)
2269 addr = (addr & 0xFFF) >> 4;
2270 switch (addr) {
2271 case 1 ... 7:
2272 ide_ioport_write(opaque, addr, val);
2273 break;
2274 case 8:
2275 case 22:
2276 ide_cmd_write(opaque, 0, val);
2277 break;
2278 default:
2279 break;
2283 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
2285 uint8_t retval;
2287 addr = (addr & 0xFFF) >> 4;
2288 switch (addr) {
2289 case 1 ... 7:
2290 retval = ide_ioport_read(opaque, addr);
2291 break;
2292 case 8:
2293 case 22:
2294 retval = ide_status_read(opaque, 0);
2295 break;
2296 default:
2297 retval = 0xFF;
2298 break;
2300 return retval;
2303 static void pmac_ide_writew (void *opaque,
2304 target_phys_addr_t addr, uint32_t val)
2306 addr = (addr & 0xFFF) >> 4;
2307 #ifdef TARGET_WORDS_BIGENDIAN
2308 val = bswap16(val);
2309 #endif
2310 if (addr == 0) {
2311 ide_data_writew(opaque, 0, val);
2315 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
2317 uint16_t retval;
2319 addr = (addr & 0xFFF) >> 4;
2320 if (addr == 0) {
2321 retval = ide_data_readw(opaque, 0);
2322 } else {
2323 retval = 0xFFFF;
2325 #ifdef TARGET_WORDS_BIGENDIAN
2326 retval = bswap16(retval);
2327 #endif
2328 return retval;
2331 static void pmac_ide_writel (void *opaque,
2332 target_phys_addr_t addr, uint32_t val)
2334 addr = (addr & 0xFFF) >> 4;
2335 #ifdef TARGET_WORDS_BIGENDIAN
2336 val = bswap32(val);
2337 #endif
2338 if (addr == 0) {
2339 ide_data_writel(opaque, 0, val);
2343 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
2345 uint32_t retval;
2347 addr = (addr & 0xFFF) >> 4;
2348 if (addr == 0) {
2349 retval = ide_data_readl(opaque, 0);
2350 } else {
2351 retval = 0xFFFFFFFF;
2353 #ifdef TARGET_WORDS_BIGENDIAN
2354 retval = bswap32(retval);
2355 #endif
2356 return retval;
2359 static CPUWriteMemoryFunc *pmac_ide_write[] = {
2360 pmac_ide_writeb,
2361 pmac_ide_writew,
2362 pmac_ide_writel,
2363 };
2365 static CPUReadMemoryFunc *pmac_ide_read[] = {
2366 pmac_ide_readb,
2367 pmac_ide_readw,
2368 pmac_ide_readl,
2369 };
2371 /* hd_table must contain 4 block drivers */
2372 /* PowerMac uses memory mapped registers, not I/O. Return the memory
2373 I/O index to access the ide. */
2374 int pmac_ide_init (BlockDriverState **hd_table,
2375 openpic_t *openpic, int irq)
2377 IDEState *ide_if;
2378 int pmac_ide_memory;
2380 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
2381 ide_init2(&ide_if[0], irq, hd_table[0], hd_table[1]);
2382 ide_if[0].openpic = openpic;
2383 ide_if[1].openpic = openpic;
2385 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
2386 pmac_ide_write, &ide_if[0]);
2387 return pmac_ide_memory;