ia64/xen-unstable

view tools/ioemu/hw/ide.c @ 15809:d032a17aced2

qemu: Allow more IDE power management.

Made the QEMU IDE disk tolerate more power-mgmt commands, specifically:
WIN_SETFEATURE(EN_AAM) - enable automatic acoustic mgmt
WIN_SETFEATURE(DIS_AAM) - disable automatic acoustic mgmt
WIN_SETFEATURE(DIS_APM) - disable automatic power mgmt
WIN_STANDBY
WIN_SETIDLE1
WIN_SLEEPNOW1
WIN_STANDBY2
WIN_SETIDLE2
WIN_SLEEPNOW2
WIN_STANDBYNOW2
These are all essentially no-ops, like existing support for EN_RLA
(enable read lookahead) and WIN_STANDBYNOW1.

This fixes a crash in the SLES9-SP3 64bit kernel when the powersaved
was started (with ACPI or ACM). This guest really only needs EN_AAM,
DIS_APM, and WIN_SETIDLE1 support, but the others seemed sensible to
include.

I've excluded EN_APM since I'm unsure of what that's agreeing to do.
It's probably ok to include.

Signed-off-by: Ben Guthro <bguthro@virtualiron.com>
Signed-off-by: David Lively <dlively@virtualiron.com>
author kfraser@localhost.localdomain
date Thu Aug 30 16:41:57 2007 +0100 (2007-08-30)
parents 637ff26be6ff
children c44d82f36665
line source
1 /*
2 * QEMU IDE disk and CD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24 #include "vl.h"
26 /* debug IDE devices */
27 //#define DEBUG_IDE
28 //#define DEBUG_IDE_ATAPI
29 //#define DEBUG_AIO
30 #define USE_DMA_CDROM
32 /* Bits of HD_STATUS */
33 #define ERR_STAT 0x01
34 #define INDEX_STAT 0x02
35 #define ECC_STAT 0x04 /* Corrected error */
36 #define DRQ_STAT 0x08
37 #define SEEK_STAT 0x10
38 #define SRV_STAT 0x10
39 #define WRERR_STAT 0x20
40 #define READY_STAT 0x40
41 #define BUSY_STAT 0x80
43 /* Bits for HD_ERROR */
44 #define MARK_ERR 0x01 /* Bad address mark */
45 #define TRK0_ERR 0x02 /* couldn't find track 0 */
46 #define ABRT_ERR 0x04 /* Command aborted */
47 #define MCR_ERR 0x08 /* media change request */
48 #define ID_ERR 0x10 /* ID field not found */
49 #define MC_ERR 0x20 /* media changed */
50 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
51 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
52 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
54 /* Bits of HD_NSECTOR */
55 #define CD 0x01
56 #define IO 0x02
57 #define REL 0x04
58 #define TAG_MASK 0xf8
60 #define IDE_CMD_RESET 0x04
61 #define IDE_CMD_DISABLE_IRQ 0x02
63 /* ATA/ATAPI Commands pre T13 Spec */
64 #define WIN_NOP 0x00
65 /*
66 * 0x01->0x02 Reserved
67 */
68 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
69 /*
70 * 0x04->0x07 Reserved
71 */
72 #define WIN_SRST 0x08 /* ATAPI soft reset command */
73 #define WIN_DEVICE_RESET 0x08
74 /*
75 * 0x09->0x0F Reserved
76 */
77 #define WIN_RECAL 0x10
78 #define WIN_RESTORE WIN_RECAL
79 /*
80 * 0x10->0x1F Reserved
81 */
82 #define WIN_READ 0x20 /* 28-Bit */
83 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
84 #define WIN_READ_LONG 0x22 /* 28-Bit */
85 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
86 #define WIN_READ_EXT 0x24 /* 48-Bit */
87 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
88 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
89 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
90 /*
91 * 0x28
92 */
93 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
94 /*
95 * 0x2A->0x2F Reserved
96 */
97 #define WIN_WRITE 0x30 /* 28-Bit */
98 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
99 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
100 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
101 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
102 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
103 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
104 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
105 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
106 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
107 /*
108 * 0x3A->0x3B Reserved
109 */
110 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
111 /*
112 * 0x3D->0x3F Reserved
113 */
114 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
115 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
116 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
117 /*
118 * 0x43->0x4F Reserved
119 */
120 #define WIN_FORMAT 0x50
121 /*
122 * 0x51->0x5F Reserved
123 */
124 #define WIN_INIT 0x60
125 /*
126 * 0x61->0x5F Reserved
127 */
128 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
129 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
130 #define WIN_DIAGNOSE 0x90
131 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
132 #define WIN_DOWNLOAD_MICROCODE 0x92
133 #define WIN_STANDBYNOW2 0x94
134 #define WIN_STANDBY2 0x96
135 #define WIN_SETIDLE2 0x97
136 #define WIN_CHECKPOWERMODE2 0x98
137 #define WIN_SLEEPNOW2 0x99
138 /*
139 * 0x9A VENDOR
140 */
141 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
142 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
143 #define WIN_QUEUED_SERVICE 0xA2
144 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
145 #define CFA_ERASE_SECTORS 0xC0
146 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
147 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
148 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
149 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
150 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
151 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
152 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
153 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
154 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
155 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
156 #define WIN_GETMEDIASTATUS 0xDA
157 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
158 #define WIN_POSTBOOT 0xDC
159 #define WIN_PREBOOT 0xDD
160 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
161 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
162 #define WIN_STANDBYNOW1 0xE0
163 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
164 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
165 #define WIN_SETIDLE1 0xE3
166 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
167 #define WIN_CHECKPOWERMODE1 0xE5
168 #define WIN_SLEEPNOW1 0xE6
169 #define WIN_FLUSH_CACHE 0xE7
170 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
171 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
172 /* SET_FEATURES 0x22 or 0xDD */
173 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
174 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
175 #define WIN_MEDIAEJECT 0xED
176 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
177 #define WIN_SETFEATURES 0xEF /* set special drive features */
178 #define EXABYTE_ENABLE_NEST 0xF0
179 #define WIN_SECURITY_SET_PASS 0xF1
180 #define WIN_SECURITY_UNLOCK 0xF2
181 #define WIN_SECURITY_ERASE_PREPARE 0xF3
182 #define WIN_SECURITY_ERASE_UNIT 0xF4
183 #define WIN_SECURITY_FREEZE_LOCK 0xF5
184 #define WIN_SECURITY_DISABLE 0xF6
185 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
186 #define WIN_SET_MAX 0xF9
187 #define DISABLE_SEAGATE 0xFB
189 /* set to 1 set disable mult support */
190 #define MAX_MULT_SECTORS 16
192 /* ATAPI defines */
194 #define ATAPI_PACKET_SIZE 12
196 /* The generic packet command opcodes for CD/DVD Logical Units,
197 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
198 #define GPCMD_BLANK 0xa1
199 #define GPCMD_CLOSE_TRACK 0x5b
200 #define GPCMD_FLUSH_CACHE 0x35
201 #define GPCMD_FORMAT_UNIT 0x04
202 #define GPCMD_GET_CONFIGURATION 0x46
203 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
204 #define GPCMD_GET_PERFORMANCE 0xac
205 #define GPCMD_INQUIRY 0x12
206 #define GPCMD_LOAD_UNLOAD 0xa6
207 #define GPCMD_MECHANISM_STATUS 0xbd
208 #define GPCMD_MODE_SELECT_10 0x55
209 #define GPCMD_MODE_SENSE_10 0x5a
210 #define GPCMD_PAUSE_RESUME 0x4b
211 #define GPCMD_PLAY_AUDIO_10 0x45
212 #define GPCMD_PLAY_AUDIO_MSF 0x47
213 #define GPCMD_PLAY_AUDIO_TI 0x48
214 #define GPCMD_PLAY_CD 0xbc
215 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
216 #define GPCMD_READ_10 0x28
217 #define GPCMD_READ_12 0xa8
218 #define GPCMD_READ_CDVD_CAPACITY 0x25
219 #define GPCMD_READ_CD 0xbe
220 #define GPCMD_READ_CD_MSF 0xb9
221 #define GPCMD_READ_DISC_INFO 0x51
222 #define GPCMD_READ_DVD_STRUCTURE 0xad
223 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
224 #define GPCMD_READ_HEADER 0x44
225 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
226 #define GPCMD_READ_SUBCHANNEL 0x42
227 #define GPCMD_READ_TOC_PMA_ATIP 0x43
228 #define GPCMD_REPAIR_RZONE_TRACK 0x58
229 #define GPCMD_REPORT_KEY 0xa4
230 #define GPCMD_REQUEST_SENSE 0x03
231 #define GPCMD_RESERVE_RZONE_TRACK 0x53
232 #define GPCMD_SCAN 0xba
233 #define GPCMD_SEEK 0x2b
234 #define GPCMD_SEND_DVD_STRUCTURE 0xad
235 #define GPCMD_SEND_EVENT 0xa2
236 #define GPCMD_SEND_KEY 0xa3
237 #define GPCMD_SEND_OPC 0x54
238 #define GPCMD_SET_READ_AHEAD 0xa7
239 #define GPCMD_SET_STREAMING 0xb6
240 #define GPCMD_START_STOP_UNIT 0x1b
241 #define GPCMD_STOP_PLAY_SCAN 0x4e
242 #define GPCMD_TEST_UNIT_READY 0x00
243 #define GPCMD_VERIFY_10 0x2f
244 #define GPCMD_WRITE_10 0x2a
245 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
246 /* This is listed as optional in ATAPI 2.6, but is (curiously)
247 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
248 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
249 * drives support it. */
250 #define GPCMD_SET_SPEED 0xbb
251 /* This seems to be a SCSI specific CD-ROM opcode
252 * to play data at track/index */
253 #define GPCMD_PLAYAUDIO_TI 0x48
254 /*
255 * From MS Media Status Notification Support Specification. For
256 * older drives only.
257 */
258 #define GPCMD_GET_MEDIA_STATUS 0xda
260 /* Mode page codes for mode sense/set */
261 #define GPMODE_R_W_ERROR_PAGE 0x01
262 #define GPMODE_WRITE_PARMS_PAGE 0x05
263 #define GPMODE_AUDIO_CTL_PAGE 0x0e
264 #define GPMODE_POWER_PAGE 0x1a
265 #define GPMODE_FAULT_FAIL_PAGE 0x1c
266 #define GPMODE_TO_PROTECT_PAGE 0x1d
267 #define GPMODE_CAPABILITIES_PAGE 0x2a
268 #define GPMODE_ALL_PAGES 0x3f
269 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
270 * of MODE_SENSE_POWER_PAGE */
271 #define GPMODE_CDROM_PAGE 0x0d
273 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
274 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
275 #define ATAPI_INT_REASON_REL 0x04
276 #define ATAPI_INT_REASON_TAG 0xf8
278 /* same constants as bochs */
279 #define ASC_ILLEGAL_OPCODE 0x20
280 #define ASC_LOGICAL_BLOCK_OOR 0x21
281 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
282 #define ASC_MEDIUM_NOT_PRESENT 0x3a
283 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
285 #define SENSE_NONE 0
286 #define SENSE_NOT_READY 2
287 #define SENSE_ILLEGAL_REQUEST 5
288 #define SENSE_UNIT_ATTENTION 6
290 struct IDEState;
292 typedef void EndTransferFunc(struct IDEState *);
294 /* NOTE: IDEState represents in fact one drive */
295 typedef struct IDEState {
296 /* ide config */
297 int is_cdrom;
298 int cylinders, heads, sectors;
299 int64_t nb_sectors;
300 int mult_sectors;
301 int identify_set;
302 uint16_t identify_data[256];
303 SetIRQFunc *set_irq;
304 void *irq_opaque;
305 int irq;
306 PCIDevice *pci_dev;
307 struct BMDMAState *bmdma;
308 int drive_serial;
309 int write_cache;
310 /* ide regs */
311 uint8_t feature;
312 uint8_t error;
313 uint32_t nsector;
314 uint8_t sector;
315 uint8_t lcyl;
316 uint8_t hcyl;
317 /* other part of tf for lba48 support */
318 uint8_t hob_feature;
319 uint8_t hob_nsector;
320 uint8_t hob_sector;
321 uint8_t hob_lcyl;
322 uint8_t hob_hcyl;
324 uint8_t select;
325 uint8_t status;
327 /* 0x3f6 command, only meaningful for drive 0 */
328 uint8_t cmd;
329 /* set for lba48 access */
330 uint8_t lba48;
331 /* depends on bit 4 in select, only meaningful for drive 0 */
332 struct IDEState *cur_drive;
333 BlockDriverState *bs;
334 /* ATAPI specific */
335 uint8_t sense_key;
336 uint8_t asc;
337 int packet_transfer_size;
338 int elementary_transfer_size;
339 int io_buffer_index;
340 int lba;
341 int cd_sector_size;
342 int atapi_dma; /* true if dma is requested for the packet cmd */
343 /* ATA DMA state */
344 int io_buffer_size;
345 /* PIO transfer handling */
346 int req_nb_sectors; /* number of sectors per interrupt */
347 EndTransferFunc *end_transfer_func;
348 uint8_t *data_ptr;
349 uint8_t *data_end;
350 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
351 QEMUTimer *sector_write_timer; /* only used for win2k instal hack */
352 uint32_t irq_count; /* counts IRQs when using win2k install hack */
353 } IDEState;
355 #define BM_STATUS_DMAING 0x01
356 #define BM_STATUS_ERROR 0x02
357 #define BM_STATUS_INT 0x04
359 #define BM_CMD_START 0x01
360 #define BM_CMD_READ 0x08
362 #define IDE_TYPE_PIIX3 0
363 #define IDE_TYPE_CMD646 1
365 /* CMD646 specific */
366 #define MRDMODE 0x71
367 #define MRDMODE_INTR_CH0 0x04
368 #define MRDMODE_INTR_CH1 0x08
369 #define MRDMODE_BLK_CH0 0x10
370 #define MRDMODE_BLK_CH1 0x20
371 #define UDIDETCR0 0x73
372 #define UDIDETCR1 0x7B
374 typedef struct BMDMAState {
375 uint8_t cmd;
376 uint8_t status;
377 uint32_t addr;
379 struct PCIIDEState *pci_dev;
380 /* current transfer state */
381 uint32_t cur_addr;
382 uint32_t cur_prd_last;
383 uint32_t cur_prd_addr;
384 uint32_t cur_prd_len;
385 IDEState *ide_if;
386 BlockDriverCompletionFunc *dma_cb;
387 BlockDriverAIOCB *aiocb;
388 } BMDMAState;
390 typedef struct PCIIDEState {
391 PCIDevice dev;
392 IDEState ide_if[4];
393 BMDMAState bmdma[2];
394 int type; /* see IDE_TYPE_xxx */
395 } PCIIDEState;
397 #if defined(__ia64__)
398 #include <xen/hvm/ioreq.h>
400 struct buffered_piopage *buffered_pio_page;
402 static inline struct pio_buffer *
403 piobuf_by_addr(uint32_t addr)
404 {
405 if (addr == 0x1F0)
406 return &buffered_pio_page->pio[PIO_BUFFER_IDE_PRIMARY];
407 if (addr == 0x170)
408 return &buffered_pio_page->pio[PIO_BUFFER_IDE_SECONDARY];
409 return NULL;
410 }
412 static void
413 buffered_pio_init(void)
414 {
415 struct pio_buffer *p1, *p2;
416 uint32_t off1, off2;
418 if (!buffered_pio_page)
419 return;
421 p1 = &buffered_pio_page->pio[PIO_BUFFER_IDE_PRIMARY];
422 p2 = &buffered_pio_page->pio[PIO_BUFFER_IDE_SECONDARY];
423 off1 = offsetof(struct buffered_piopage, buffer);
424 off2 = (off1 + TARGET_PAGE_SIZE)/2;
426 p1->buf_size = off2 - off1;
427 p1->page_offset = off1;
429 p2->buf_size = TARGET_PAGE_SIZE - off2;
430 p2->page_offset = off2;
431 }
433 static inline void
434 buffered_pio_flush(struct pio_buffer *piobuf)
435 {
436 IDEState *s = piobuf->opaque;
437 uint32_t pointer = piobuf->pointer;
439 if (s != NULL && pointer > 0) {
440 uint8_t *buf = (uint8_t *)buffered_pio_page + piobuf->page_offset;
441 memcpy(s->data_ptr, buf, pointer);
442 s->data_ptr += pointer;
443 }
444 }
446 static inline void
447 buffered_pio_reset(IDEState *s)
448 {
449 struct pio_buffer *piobuf;
451 if ((unsigned)s->drive_serial - 1 < 2) /* 1,2 */
452 piobuf = &buffered_pio_page->pio[PIO_BUFFER_IDE_PRIMARY];
453 else if ((unsigned)s->drive_serial - 3 < 2) /* 3,4 */
454 piobuf = &buffered_pio_page->pio[PIO_BUFFER_IDE_SECONDARY];
455 else
456 return;
457 buffered_pio_flush(piobuf);
458 piobuf->pointer = 0;
459 piobuf->data_end = 0;
460 piobuf->opaque = NULL;
461 }
463 static inline void
464 buffered_pio_write(IDEState *s, uint32_t addr, int size)
465 {
466 struct pio_buffer *piobuf = piobuf_by_addr(addr);
467 int data_end;
469 if (!piobuf)
470 return;
471 buffered_pio_flush(piobuf);
472 data_end = s->data_end - s->data_ptr - size;
473 if (data_end <= 0)
474 data_end = 0;
475 else if (data_end > piobuf->buf_size)
476 data_end = piobuf->buf_size;
477 piobuf->pointer = 0;
478 piobuf->data_end = data_end;
479 piobuf->opaque = s;
480 }
482 static inline void
483 buffered_pio_read(IDEState *s, uint32_t addr, int size)
484 {
485 struct pio_buffer *piobuf = piobuf_by_addr(addr);
486 int data_end;
488 if (!piobuf)
489 return;
490 s->data_ptr += piobuf->pointer;
491 data_end = s->data_end - s->data_ptr - size;
492 if (data_end <= 0) {
493 data_end = 0;
494 } else {
495 uint8_t *buf = (uint8_t *)buffered_pio_page + piobuf->page_offset;
496 if (data_end > piobuf->buf_size)
497 data_end = piobuf->buf_size;
498 memcpy(buf, s->data_ptr + size, data_end);
499 }
500 piobuf->pointer = 0;
501 piobuf->data_end = data_end;
502 piobuf->opaque = NULL;
503 }
505 #else /* !__ia64__ */
506 #define buffered_pio_init() do {} while (0)
507 #define buffered_pio_reset(I) do {} while (0)
508 #define buffered_pio_write(I,A,S) do {} while (0)
509 #define buffered_pio_read(I,A,S) do {} while (0)
510 #endif
512 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
513 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
515 static void padstr(char *str, const char *src, int len)
516 {
517 int i, v;
518 for(i = 0; i < len; i++) {
519 if (*src)
520 v = *src++;
521 else
522 v = ' ';
523 *(char *)((long)str ^ 1) = v;
524 str++;
525 }
526 }
528 static void padstr8(uint8_t *buf, int buf_size, const char *src)
529 {
530 int i;
531 for(i = 0; i < buf_size; i++) {
532 if (*src)
533 buf[i] = *src++;
534 else
535 buf[i] = ' ';
536 }
537 }
539 static void put_le16(uint16_t *p, unsigned int v)
540 {
541 *p = cpu_to_le16(v);
542 }
544 static void ide_identify(IDEState *s)
545 {
546 uint16_t *p;
547 unsigned int oldsize;
548 char buf[20];
550 if (s->identify_set) {
551 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
552 return;
553 }
555 memset(s->io_buffer, 0, 512);
556 p = (uint16_t *)s->io_buffer;
557 put_le16(p + 0, 0x0040);
558 put_le16(p + 1, s->cylinders);
559 put_le16(p + 3, s->heads);
560 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
561 put_le16(p + 5, 512); /* XXX: retired, remove ? */
562 put_le16(p + 6, s->sectors);
563 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
564 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
565 put_le16(p + 20, 3); /* XXX: retired, remove ? */
566 put_le16(p + 21, 512); /* cache size in sectors */
567 put_le16(p + 22, 4); /* ecc bytes */
568 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
569 padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
570 #if MAX_MULT_SECTORS > 1
571 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
572 #endif
573 put_le16(p + 48, 1); /* dword I/O */
574 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
575 put_le16(p + 51, 0x200); /* PIO transfer cycle */
576 put_le16(p + 52, 0x200); /* DMA transfer cycle */
577 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
578 put_le16(p + 54, s->cylinders);
579 put_le16(p + 55, s->heads);
580 put_le16(p + 56, s->sectors);
581 oldsize = s->cylinders * s->heads * s->sectors;
582 put_le16(p + 57, oldsize);
583 put_le16(p + 58, oldsize >> 16);
584 if (s->mult_sectors)
585 put_le16(p + 59, 0x100 | s->mult_sectors);
586 put_le16(p + 60, s->nb_sectors);
587 put_le16(p + 61, s->nb_sectors >> 16);
588 put_le16(p + 63, 0x07); /* mdma0-2 supported */
589 put_le16(p + 65, 120);
590 put_le16(p + 66, 120);
591 put_le16(p + 67, 120);
592 put_le16(p + 68, 120);
593 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
594 put_le16(p + 81, 0x16); /* conforms to ata5 */
595 put_le16(p + 82, (1 << 14));
596 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
597 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
598 put_le16(p + 84, (1 << 14));
599 /* 14=nop 5=write_cache */
600 put_le16(p + 85, (1 << 14) | (1 << 5));
601 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
602 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
603 put_le16(p + 87, (1 << 14));
604 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
605 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
606 put_le16(p + 100, s->nb_sectors);
607 put_le16(p + 101, s->nb_sectors >> 16);
608 put_le16(p + 102, s->nb_sectors >> 32);
609 put_le16(p + 103, s->nb_sectors >> 48);
611 memcpy(s->identify_data, p, sizeof(s->identify_data));
612 s->identify_set = 1;
613 }
615 static void ide_atapi_identify(IDEState *s)
616 {
617 uint16_t *p;
618 char buf[20];
620 if (s->identify_set) {
621 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
622 return;
623 }
625 memset(s->io_buffer, 0, 512);
626 p = (uint16_t *)s->io_buffer;
627 /* Removable CDROM, 50us response, 12 byte packets */
628 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
629 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
630 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
631 put_le16(p + 20, 3); /* buffer type */
632 put_le16(p + 21, 512); /* cache size in sectors */
633 put_le16(p + 22, 4); /* ecc bytes */
634 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
635 padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
636 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
637 #ifdef USE_DMA_CDROM
638 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
639 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
640 put_le16(p + 63, 7); /* mdma0-2 supported */
641 put_le16(p + 64, 0x3f); /* PIO modes supported */
642 #else
643 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
644 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
645 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
646 put_le16(p + 64, 1); /* PIO modes */
647 #endif
648 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
649 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
650 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
651 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
653 put_le16(p + 71, 30); /* in ns */
654 put_le16(p + 72, 30); /* in ns */
656 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
657 #ifdef USE_DMA_CDROM
658 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
659 #endif
660 memcpy(s->identify_data, p, sizeof(s->identify_data));
661 s->identify_set = 1;
662 }
664 static void ide_set_signature(IDEState *s)
665 {
666 s->select &= 0xf0; /* clear head */
667 /* put signature */
668 s->nsector = 1;
669 s->sector = 1;
670 if (s->is_cdrom) {
671 s->lcyl = 0x14;
672 s->hcyl = 0xeb;
673 } else if (s->bs) {
674 s->lcyl = 0;
675 s->hcyl = 0;
676 } else {
677 s->lcyl = 0xff;
678 s->hcyl = 0xff;
679 }
680 }
682 static inline void ide_abort_command(IDEState *s)
683 {
684 s->status = READY_STAT | ERR_STAT;
685 s->error = ABRT_ERR;
686 }
688 static inline void ide_set_irq(IDEState *s)
689 {
690 BMDMAState *bm = s->bmdma;
691 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
692 if (bm) {
693 bm->status |= BM_STATUS_INT;
694 }
695 s->set_irq(s->irq_opaque, s->irq, 1);
696 }
697 }
699 /* prepare data transfer and tell what to do after */
700 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
701 EndTransferFunc *end_transfer_func)
702 {
703 s->end_transfer_func = end_transfer_func;
704 s->data_ptr = buf;
705 s->data_end = buf + size;
706 s->status |= DRQ_STAT;
707 buffered_pio_reset(s);
708 }
710 static void ide_transfer_stop(IDEState *s)
711 {
712 s->end_transfer_func = ide_transfer_stop;
713 s->data_ptr = s->io_buffer;
714 s->data_end = s->io_buffer;
715 s->status &= ~DRQ_STAT;
716 buffered_pio_reset(s);
717 }
719 static int64_t ide_get_sector(IDEState *s)
720 {
721 int64_t sector_num;
722 if (s->select & 0x40) {
723 /* lba */
724 if (!s->lba48) {
725 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
726 (s->lcyl << 8) | s->sector;
727 } else {
728 sector_num = ((int64_t)s->hob_hcyl << 40) |
729 ((int64_t) s->hob_lcyl << 32) |
730 ((int64_t) s->hob_sector << 24) |
731 ((int64_t) s->hcyl << 16) |
732 ((int64_t) s->lcyl << 8) | s->sector;
733 }
734 } else {
735 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
736 (s->select & 0x0f) * s->sectors + (s->sector - 1);
737 }
738 return sector_num;
739 }
741 static void ide_set_sector(IDEState *s, int64_t sector_num)
742 {
743 unsigned int cyl, r;
744 if (s->select & 0x40) {
745 if (!s->lba48) {
746 s->select = (s->select & 0xf0) | (sector_num >> 24);
747 s->hcyl = (sector_num >> 16);
748 s->lcyl = (sector_num >> 8);
749 s->sector = (sector_num);
750 } else {
751 s->sector = sector_num;
752 s->lcyl = sector_num >> 8;
753 s->hcyl = sector_num >> 16;
754 s->hob_sector = sector_num >> 24;
755 s->hob_lcyl = sector_num >> 32;
756 s->hob_hcyl = sector_num >> 40;
757 }
758 } else {
759 cyl = sector_num / (s->heads * s->sectors);
760 r = sector_num % (s->heads * s->sectors);
761 s->hcyl = cyl >> 8;
762 s->lcyl = cyl;
763 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
764 s->sector = (r % s->sectors) + 1;
765 }
766 }
768 static void ide_sector_read(IDEState *s)
769 {
770 int64_t sector_num;
771 int n;
773 s->status = READY_STAT | SEEK_STAT;
774 s->error = 0; /* not needed by IDE spec, but needed by Windows */
775 sector_num = ide_get_sector(s);
776 n = s->nsector;
777 if (n == 0) {
778 /* no more sector to read from disk */
779 ide_transfer_stop(s);
780 } else {
781 #if defined(DEBUG_IDE)
782 printf("read sector=%Ld\n", sector_num);
783 #endif
784 if (n > s->req_nb_sectors)
785 n = s->req_nb_sectors;
786 if (bdrv_read(s->bs, sector_num, s->io_buffer, n) != 0) {
787 ide_abort_command(s);
788 ide_set_irq(s);
789 return;
790 }
791 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
792 ide_set_irq(s);
793 ide_set_sector(s, sector_num + n);
794 s->nsector -= n;
795 }
796 }
798 /* return 0 if buffer completed */
799 static int dma_buf_rw(BMDMAState *bm, int is_write)
800 {
801 IDEState *s = bm->ide_if;
802 struct {
803 uint32_t addr;
804 uint32_t size;
805 } prd;
806 int l, len;
808 for(;;) {
809 l = s->io_buffer_size - s->io_buffer_index;
810 if (l <= 0)
811 break;
812 if (bm->cur_prd_len == 0) {
813 /* end of table (with a fail safe of one page) */
814 if (bm->cur_prd_last ||
815 (bm->cur_addr - bm->addr) >= 4096)
816 return 0;
817 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
818 bm->cur_addr += 8;
819 prd.addr = le32_to_cpu(prd.addr);
820 prd.size = le32_to_cpu(prd.size);
821 len = prd.size & 0xfffe;
822 if (len == 0)
823 len = 0x10000;
824 bm->cur_prd_len = len;
825 bm->cur_prd_addr = prd.addr;
826 bm->cur_prd_last = (prd.size & 0x80000000);
827 }
828 if (l > bm->cur_prd_len)
829 l = bm->cur_prd_len;
830 if (l > 0) {
831 if (is_write) {
832 cpu_physical_memory_write(bm->cur_prd_addr,
833 s->io_buffer + s->io_buffer_index, l);
834 } else {
835 cpu_physical_memory_read(bm->cur_prd_addr,
836 s->io_buffer + s->io_buffer_index, l);
837 }
838 bm->cur_prd_addr += l;
839 bm->cur_prd_len -= l;
840 s->io_buffer_index += l;
841 }
842 }
843 return 1;
844 }
846 /* XXX: handle errors */
847 static void ide_read_dma_cb(void *opaque, int ret)
848 {
849 BMDMAState *bm = opaque;
850 IDEState *s = bm->ide_if;
851 int n;
852 int64_t sector_num;
854 n = s->io_buffer_size >> 9;
855 sector_num = ide_get_sector(s);
856 if (n > 0) {
857 sector_num += n;
858 ide_set_sector(s, sector_num);
859 s->nsector -= n;
860 if (dma_buf_rw(bm, 1) == 0)
861 goto eot;
862 }
864 /* end of transfer ? */
865 if (s->nsector == 0) {
866 s->status = READY_STAT | SEEK_STAT;
867 ide_set_irq(s);
868 eot:
869 bm->status &= ~BM_STATUS_DMAING;
870 bm->status |= BM_STATUS_INT;
871 bm->dma_cb = NULL;
872 bm->ide_if = NULL;
873 bm->aiocb = NULL;
874 return;
875 }
877 /* launch next transfer */
878 n = s->nsector;
879 if (n > MAX_MULT_SECTORS)
880 n = MAX_MULT_SECTORS;
881 s->io_buffer_index = 0;
882 s->io_buffer_size = n * 512;
883 #ifdef DEBUG_AIO
884 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
885 #endif
886 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
887 ide_read_dma_cb, bm);
888 }
890 static void ide_sector_read_dma(IDEState *s)
891 {
892 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
893 s->io_buffer_index = 0;
894 s->io_buffer_size = 0;
895 ide_dma_start(s, ide_read_dma_cb);
896 }
898 static void ide_sector_write_timer_cb(void *opaque)
899 {
900 IDEState *s = opaque;
901 ide_set_irq(s);
902 }
904 static void ide_sector_write(IDEState *s)
905 {
906 int64_t sector_num;
907 int n, n1;
909 s->status = READY_STAT | SEEK_STAT;
910 sector_num = ide_get_sector(s);
911 #if defined(DEBUG_IDE)
912 printf("write sector=%Ld\n", sector_num);
913 #endif
914 n = s->nsector;
915 if (n > s->req_nb_sectors)
916 n = s->req_nb_sectors;
917 if (bdrv_write(s->bs, sector_num, s->io_buffer, n) != 0) {
918 ide_abort_command(s);
919 ide_set_irq(s);
920 return;
921 }
922 s->nsector -= n;
923 if (s->nsector == 0) {
924 /* no more sector to write */
925 ide_transfer_stop(s);
926 } else {
927 n1 = s->nsector;
928 if (n1 > s->req_nb_sectors)
929 n1 = s->req_nb_sectors;
930 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
931 }
932 ide_set_sector(s, sector_num + n);
934 if (!s->write_cache)
935 bdrv_flush(s->bs);
937 #ifdef TARGET_I386
938 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
939 /* It seems there is a bug in the Windows 2000 installer HDD
940 IDE driver which fills the disk with empty logs when the
941 IDE write IRQ comes too early. This hack tries to correct
942 that at the expense of slower write performances. Use this
943 option _only_ to install Windows 2000. You must disable it
944 for normal use. */
945 qemu_mod_timer(s->sector_write_timer,
946 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
947 } else
948 #endif
949 {
950 ide_set_irq(s);
951 }
952 }
954 /* XXX: handle errors */
955 static void ide_write_dma_cb(void *opaque, int ret)
956 {
957 BMDMAState *bm = opaque;
958 IDEState *s = bm->ide_if;
959 int n;
960 int64_t sector_num;
962 n = s->io_buffer_size >> 9;
963 sector_num = ide_get_sector(s);
964 if (n > 0) {
965 sector_num += n;
966 ide_set_sector(s, sector_num);
967 s->nsector -= n;
968 }
970 /* end of transfer ? */
971 if (s->nsector == 0) {
972 /* Ensure the data hit disk before telling the guest OS so. */
973 if (!s->write_cache)
974 bdrv_flush(s->bs);
975 s->status = READY_STAT | SEEK_STAT;
976 ide_set_irq(s);
977 eot:
978 bm->status &= ~BM_STATUS_DMAING;
979 bm->status |= BM_STATUS_INT;
980 bm->dma_cb = NULL;
981 bm->ide_if = NULL;
982 bm->aiocb = NULL;
983 return;
984 }
986 /* launch next transfer */
987 n = s->nsector;
988 if (n > MAX_MULT_SECTORS)
989 n = MAX_MULT_SECTORS;
990 s->io_buffer_index = 0;
991 s->io_buffer_size = n * 512;
993 if (dma_buf_rw(bm, 0) == 0)
994 goto eot;
995 #ifdef DEBUG_AIO
996 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
997 #endif
998 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
999 ide_write_dma_cb, bm);
1002 static void ide_sector_write_dma(IDEState *s)
1004 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1005 s->io_buffer_index = 0;
1006 s->io_buffer_size = 0;
1007 ide_dma_start(s, ide_write_dma_cb);
1010 static void ide_atapi_cmd_ok(IDEState *s)
1012 s->error = 0;
1013 s->status = READY_STAT;
1014 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1015 ide_set_irq(s);
1018 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1020 #ifdef DEBUG_IDE_ATAPI
1021 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1022 #endif
1023 s->error = sense_key << 4;
1024 s->status = READY_STAT | ERR_STAT;
1025 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1026 s->sense_key = sense_key;
1027 s->asc = asc;
1028 ide_set_irq(s);
1031 static inline void cpu_to_ube16(uint8_t *buf, int val)
1033 buf[0] = val >> 8;
1034 buf[1] = val;
1037 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1039 buf[0] = val >> 24;
1040 buf[1] = val >> 16;
1041 buf[2] = val >> 8;
1042 buf[3] = val;
1045 static inline int ube16_to_cpu(const uint8_t *buf)
1047 return (buf[0] << 8) | buf[1];
1050 static inline int ube32_to_cpu(const uint8_t *buf)
1052 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1055 static void lba_to_msf(uint8_t *buf, int lba)
1057 lba += 150;
1058 buf[0] = (lba / 75) / 60;
1059 buf[1] = (lba / 75) % 60;
1060 buf[2] = lba % 75;
1063 static void cd_data_to_raw(uint8_t *buf, int lba)
1065 /* sync bytes */
1066 buf[0] = 0x00;
1067 memset(buf + 1, 0xff, 10);
1068 buf[11] = 0x00;
1069 buf += 12;
1070 /* MSF */
1071 lba_to_msf(buf, lba);
1072 buf[3] = 0x01; /* mode 1 data */
1073 buf += 4;
1074 /* data */
1075 buf += 2048;
1076 /* XXX: ECC not computed */
1077 memset(buf, 0, 288);
1080 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
1081 int sector_size)
1083 int ret;
1085 switch(sector_size) {
1086 case 2048:
1087 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1088 break;
1089 case 2352:
1090 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1091 if (ret < 0)
1092 return ret;
1093 cd_data_to_raw(buf, lba);
1094 break;
1095 default:
1096 ret = -EIO;
1097 break;
1099 return ret;
1102 static void ide_atapi_io_error(IDEState *s, int ret)
1104 /* XXX: handle more errors */
1105 if (ret == -ENOMEDIUM) {
1106 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1107 ASC_MEDIUM_NOT_PRESENT);
1108 } else {
1109 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1110 ASC_LOGICAL_BLOCK_OOR);
1114 /* The whole ATAPI transfer logic is handled in this function */
1115 static void ide_atapi_cmd_reply_end(IDEState *s)
1117 int byte_count_limit, size, ret;
1118 #ifdef DEBUG_IDE_ATAPI
1119 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1120 s->packet_transfer_size,
1121 s->elementary_transfer_size,
1122 s->io_buffer_index);
1123 #endif
1124 if (s->packet_transfer_size <= 0) {
1125 /* end of transfer */
1126 ide_transfer_stop(s);
1127 s->status = READY_STAT;
1128 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1129 ide_set_irq(s);
1130 #ifdef DEBUG_IDE_ATAPI
1131 printf("status=0x%x\n", s->status);
1132 #endif
1133 } else {
1134 /* see if a new sector must be read */
1135 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1136 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1137 if (ret < 0) {
1138 ide_transfer_stop(s);
1139 ide_atapi_io_error(s, ret);
1140 return;
1142 s->lba++;
1143 s->io_buffer_index = 0;
1145 if (s->elementary_transfer_size > 0) {
1146 /* there are some data left to transmit in this elementary
1147 transfer */
1148 size = s->cd_sector_size - s->io_buffer_index;
1149 if (size > s->elementary_transfer_size)
1150 size = s->elementary_transfer_size;
1151 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1152 size, ide_atapi_cmd_reply_end);
1153 s->packet_transfer_size -= size;
1154 s->elementary_transfer_size -= size;
1155 s->io_buffer_index += size;
1156 } else {
1157 /* a new transfer is needed */
1158 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1159 byte_count_limit = s->lcyl | (s->hcyl << 8);
1160 #ifdef DEBUG_IDE_ATAPI
1161 printf("byte_count_limit=%d\n", byte_count_limit);
1162 #endif
1163 if (byte_count_limit == 0xffff)
1164 byte_count_limit--;
1165 size = s->packet_transfer_size;
1166 if (size > byte_count_limit) {
1167 /* byte count limit must be even if this case */
1168 if (byte_count_limit & 1)
1169 byte_count_limit--;
1170 size = byte_count_limit;
1172 s->lcyl = size;
1173 s->hcyl = size >> 8;
1174 s->elementary_transfer_size = size;
1175 /* we cannot transmit more than one sector at a time */
1176 if (s->lba != -1) {
1177 if (size > (s->cd_sector_size - s->io_buffer_index))
1178 size = (s->cd_sector_size - s->io_buffer_index);
1180 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1181 size, ide_atapi_cmd_reply_end);
1182 s->packet_transfer_size -= size;
1183 s->elementary_transfer_size -= size;
1184 s->io_buffer_index += size;
1185 ide_set_irq(s);
1186 #ifdef DEBUG_IDE_ATAPI
1187 printf("status=0x%x\n", s->status);
1188 #endif
1193 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1194 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1196 if (size > max_size)
1197 size = max_size;
1198 s->lba = -1; /* no sector read */
1199 s->packet_transfer_size = size;
1200 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1201 s->elementary_transfer_size = 0;
1202 s->io_buffer_index = 0;
1204 if (s->atapi_dma) {
1205 s->status = READY_STAT | DRQ_STAT;
1206 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1207 } else {
1208 s->status = READY_STAT;
1209 ide_atapi_cmd_reply_end(s);
1213 /* start a CD-CDROM read command */
1214 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1215 int sector_size)
1217 s->lba = lba;
1218 s->packet_transfer_size = nb_sectors * sector_size;
1219 s->elementary_transfer_size = 0;
1220 s->io_buffer_index = sector_size;
1221 s->cd_sector_size = sector_size;
1223 s->status = READY_STAT;
1224 ide_atapi_cmd_reply_end(s);
1227 /* ATAPI DMA support */
1229 /* XXX: handle read errors */
1230 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1232 BMDMAState *bm = opaque;
1233 IDEState *s = bm->ide_if;
1234 int data_offset, n;
1236 if (ret < 0) {
1237 ide_atapi_io_error(s, ret);
1238 goto eot;
1241 if (s->io_buffer_size > 0) {
1242 /*
1243 * For a cdrom read sector command (s->lba != -1),
1244 * adjust the lba for the next s->io_buffer_size chunk
1245 * and dma the current chunk.
1246 * For a command != read (s->lba == -1), just transfer
1247 * the reply data.
1248 */
1249 if (s->lba != -1) {
1250 if (s->cd_sector_size == 2352) {
1251 n = 1;
1252 cd_data_to_raw(s->io_buffer, s->lba);
1253 } else {
1254 n = s->io_buffer_size >> 11;
1256 s->lba += n;
1258 s->packet_transfer_size -= s->io_buffer_size;
1259 if (dma_buf_rw(bm, 1) == 0)
1260 goto eot;
1263 if (s->packet_transfer_size <= 0) {
1264 s->status = READY_STAT;
1265 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1266 ide_set_irq(s);
1267 eot:
1268 bm->status &= ~BM_STATUS_DMAING;
1269 bm->status |= BM_STATUS_INT;
1270 bm->dma_cb = NULL;
1271 bm->ide_if = NULL;
1272 bm->aiocb = NULL;
1273 return;
1276 s->io_buffer_index = 0;
1277 if (s->cd_sector_size == 2352) {
1278 n = 1;
1279 s->io_buffer_size = s->cd_sector_size;
1280 data_offset = 16;
1281 } else {
1282 n = s->packet_transfer_size >> 11;
1283 if (n > (MAX_MULT_SECTORS / 4))
1284 n = (MAX_MULT_SECTORS / 4);
1285 s->io_buffer_size = n * 2048;
1286 data_offset = 0;
1288 #ifdef DEBUG_AIO
1289 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1290 #endif
1291 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1292 s->io_buffer + data_offset, n * 4,
1293 ide_atapi_cmd_read_dma_cb, bm);
1294 if (!bm->aiocb) {
1295 /* Note: media not present is the most likely case */
1296 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1297 ASC_MEDIUM_NOT_PRESENT);
1298 goto eot;
1302 /* start a CD-CDROM read command with DMA */
1303 /* XXX: test if DMA is available */
1304 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1305 int sector_size)
1307 s->lba = lba;
1308 s->packet_transfer_size = nb_sectors * sector_size;
1309 s->io_buffer_index = 0;
1310 s->io_buffer_size = 0;
1311 s->cd_sector_size = sector_size;
1313 /* XXX: check if BUSY_STAT should be set */
1314 s->status = READY_STAT | DRQ_STAT | BUSY_STAT;
1315 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1318 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1319 int sector_size)
1321 #ifdef DEBUG_IDE_ATAPI
1322 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1323 lba, nb_sectors);
1324 #endif
1325 if (s->atapi_dma) {
1326 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1327 } else {
1328 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1332 static void ide_atapi_cmd(IDEState *s)
1334 const uint8_t *packet;
1335 uint8_t *buf;
1336 int max_len;
1338 packet = s->io_buffer;
1339 buf = s->io_buffer;
1340 #ifdef DEBUG_IDE_ATAPI
1342 int i;
1343 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1344 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1345 printf(" %02x", packet[i]);
1347 printf("\n");
1349 #endif
1350 switch(s->io_buffer[0]) {
1351 case GPCMD_TEST_UNIT_READY:
1352 if (bdrv_is_inserted(s->bs)) {
1353 ide_atapi_cmd_ok(s);
1354 } else {
1355 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1356 ASC_MEDIUM_NOT_PRESENT);
1357 xenstore_check_new_media_present(1000);
1359 break;
1360 case GPCMD_MODE_SENSE_10:
1362 int action, code;
1363 max_len = ube16_to_cpu(packet + 7);
1364 action = packet[2] >> 6;
1365 code = packet[2] & 0x3f;
1366 switch(action) {
1367 case 0: /* current values */
1368 switch(code) {
1369 case 0x01: /* error recovery */
1370 cpu_to_ube16(&buf[0], 16 + 6);
1371 buf[2] = 0x70;
1372 buf[3] = 0;
1373 buf[4] = 0;
1374 buf[5] = 0;
1375 buf[6] = 0;
1376 buf[7] = 0;
1378 buf[8] = 0x01;
1379 buf[9] = 0x06;
1380 buf[10] = 0x00;
1381 buf[11] = 0x05;
1382 buf[12] = 0x00;
1383 buf[13] = 0x00;
1384 buf[14] = 0x00;
1385 buf[15] = 0x00;
1386 ide_atapi_cmd_reply(s, 16, max_len);
1387 break;
1388 case 0x2a:
1389 cpu_to_ube16(&buf[0], 28 + 6);
1390 buf[2] = 0x70;
1391 buf[3] = 0;
1392 buf[4] = 0;
1393 buf[5] = 0;
1394 buf[6] = 0;
1395 buf[7] = 0;
1397 buf[8] = 0x2a;
1398 buf[9] = 0x12;
1399 buf[10] = 0x00;
1400 buf[11] = 0x00;
1402 buf[12] = 0x70;
1403 buf[13] = 3 << 5;
1404 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1405 if (bdrv_is_locked(s->bs))
1406 buf[6] |= 1 << 1;
1407 buf[15] = 0x00;
1408 cpu_to_ube16(&buf[16], 706);
1409 buf[18] = 0;
1410 buf[19] = 2;
1411 cpu_to_ube16(&buf[20], 512);
1412 cpu_to_ube16(&buf[22], 706);
1413 buf[24] = 0;
1414 buf[25] = 0;
1415 buf[26] = 0;
1416 buf[27] = 0;
1417 ide_atapi_cmd_reply(s, 28, max_len);
1418 break;
1419 default:
1420 goto error_cmd;
1422 break;
1423 case 1: /* changeable values */
1424 goto error_cmd;
1425 case 2: /* default values */
1426 goto error_cmd;
1427 default:
1428 case 3: /* saved values */
1429 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1430 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1431 break;
1434 break;
1435 case GPCMD_REQUEST_SENSE:
1436 max_len = packet[4];
1437 memset(buf, 0, 18);
1438 buf[0] = 0x70 | (1 << 7);
1439 buf[2] = s->sense_key;
1440 buf[7] = 10;
1441 buf[12] = s->asc;
1442 ide_atapi_cmd_reply(s, 18, max_len);
1443 break;
1444 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1445 if (bdrv_is_inserted(s->bs)) {
1446 bdrv_set_locked(s->bs, packet[4] & 1);
1447 ide_atapi_cmd_ok(s);
1448 } else {
1449 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1450 ASC_MEDIUM_NOT_PRESENT);
1452 break;
1453 case GPCMD_READ_10:
1454 case GPCMD_READ_12:
1456 int nb_sectors, lba;
1458 if (packet[0] == GPCMD_READ_10)
1459 nb_sectors = ube16_to_cpu(packet + 7);
1460 else
1461 nb_sectors = ube32_to_cpu(packet + 6);
1462 lba = ube32_to_cpu(packet + 2);
1463 if (nb_sectors == 0) {
1464 ide_atapi_cmd_ok(s);
1465 break;
1467 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1469 break;
1470 case GPCMD_READ_CD:
1472 int nb_sectors, lba, transfer_request;
1474 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1475 lba = ube32_to_cpu(packet + 2);
1476 if (nb_sectors == 0) {
1477 ide_atapi_cmd_ok(s);
1478 break;
1480 transfer_request = packet[9];
1481 switch(transfer_request & 0xf8) {
1482 case 0x00:
1483 /* nothing */
1484 ide_atapi_cmd_ok(s);
1485 break;
1486 case 0x10:
1487 /* normal read */
1488 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1489 break;
1490 case 0xf8:
1491 /* read all data */
1492 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1493 break;
1494 default:
1495 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1496 ASC_INV_FIELD_IN_CMD_PACKET);
1497 break;
1500 break;
1501 case GPCMD_SEEK:
1503 int lba;
1504 int64_t total_sectors;
1506 bdrv_get_geometry(s->bs, &total_sectors);
1507 total_sectors >>= 2;
1508 if (total_sectors <= 0) {
1509 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1510 ASC_MEDIUM_NOT_PRESENT);
1511 break;
1513 lba = ube32_to_cpu(packet + 2);
1514 if (lba >= total_sectors) {
1515 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1516 ASC_LOGICAL_BLOCK_OOR);
1517 break;
1519 ide_atapi_cmd_ok(s);
1521 break;
1522 case GPCMD_START_STOP_UNIT:
1524 int start, eject;
1525 start = packet[4] & 1;
1526 eject = (packet[4] >> 1) & 1;
1528 if (eject && !start) {
1529 /* eject the disk */
1530 bdrv_eject(s->bs, 1);
1531 } else if (eject && start) {
1532 /* close the tray */
1533 bdrv_eject(s->bs, 0);
1535 ide_atapi_cmd_ok(s);
1537 break;
1538 case GPCMD_MECHANISM_STATUS:
1540 max_len = ube16_to_cpu(packet + 8);
1541 cpu_to_ube16(buf, 0);
1542 /* no current LBA */
1543 buf[2] = 0;
1544 buf[3] = 0;
1545 buf[4] = 0;
1546 buf[5] = 1;
1547 cpu_to_ube16(buf + 6, 0);
1548 ide_atapi_cmd_reply(s, 8, max_len);
1550 break;
1551 case GPCMD_READ_TOC_PMA_ATIP:
1553 int format, msf, start_track, len;
1554 int64_t total_sectors;
1556 bdrv_get_geometry(s->bs, &total_sectors);
1557 total_sectors >>= 2;
1558 if (total_sectors <= 0) {
1559 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1560 ASC_MEDIUM_NOT_PRESENT);
1561 break;
1563 max_len = ube16_to_cpu(packet + 7);
1564 format = packet[9] >> 6;
1565 msf = (packet[1] >> 1) & 1;
1566 start_track = packet[6];
1567 switch(format) {
1568 case 0:
1569 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1570 if (len < 0)
1571 goto error_cmd;
1572 ide_atapi_cmd_reply(s, len, max_len);
1573 break;
1574 case 1:
1575 /* multi session : only a single session defined */
1576 memset(buf, 0, 12);
1577 buf[1] = 0x0a;
1578 buf[2] = 0x01;
1579 buf[3] = 0x01;
1580 ide_atapi_cmd_reply(s, 12, max_len);
1581 break;
1582 case 2:
1583 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1584 if (len < 0)
1585 goto error_cmd;
1586 ide_atapi_cmd_reply(s, len, max_len);
1587 break;
1588 default:
1589 error_cmd:
1590 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1591 ASC_INV_FIELD_IN_CMD_PACKET);
1592 break;
1595 break;
1596 case GPCMD_READ_CDVD_CAPACITY:
1598 int64_t total_sectors;
1600 bdrv_get_geometry(s->bs, &total_sectors);
1601 total_sectors >>= 2;
1602 if (total_sectors <= 0) {
1603 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1604 ASC_MEDIUM_NOT_PRESENT);
1605 break;
1607 /* NOTE: it is really the number of sectors minus 1 */
1608 cpu_to_ube32(buf, total_sectors - 1);
1609 cpu_to_ube32(buf + 4, 2048);
1610 ide_atapi_cmd_reply(s, 8, 8);
1612 break;
1613 case GPCMD_INQUIRY:
1614 max_len = packet[4];
1615 buf[0] = 0x05; /* CD-ROM */
1616 buf[1] = 0x80; /* removable */
1617 buf[2] = 0x00; /* ISO */
1618 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1619 buf[4] = 31; /* additionnal length */
1620 buf[5] = 0; /* reserved */
1621 buf[6] = 0; /* reserved */
1622 buf[7] = 0; /* reserved */
1623 padstr8(buf + 8, 8, "QEMU");
1624 padstr8(buf + 16, 16, "QEMU CD-ROM");
1625 padstr8(buf + 32, 4, QEMU_VERSION);
1626 ide_atapi_cmd_reply(s, 36, max_len);
1627 break;
1628 default:
1629 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1630 ASC_ILLEGAL_OPCODE);
1631 break;
1635 /* called when the inserted state of the media has changed */
1636 static void cdrom_change_cb(void *opaque)
1638 IDEState *s = opaque;
1639 int64_t nb_sectors;
1641 /* XXX: send interrupt too */
1642 bdrv_get_geometry(s->bs, &nb_sectors);
1643 s->nb_sectors = nb_sectors;
1646 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1648 s->lba48 = lba48;
1650 /* handle the 'magic' 0 nsector count conversion here. to avoid
1651 * fiddling with the rest of the read logic, we just store the
1652 * full sector count in ->nsector and ignore ->hob_nsector from now
1653 */
1654 if (!s->lba48) {
1655 if (!s->nsector)
1656 s->nsector = 256;
1657 } else {
1658 if (!s->nsector && !s->hob_nsector)
1659 s->nsector = 65536;
1660 else {
1661 int lo = s->nsector;
1662 int hi = s->hob_nsector;
1664 s->nsector = (hi << 8) | lo;
1669 static void ide_clear_hob(IDEState *ide_if)
1671 /* any write clears HOB high bit of device control register */
1672 ide_if[0].select &= ~(1 << 7);
1673 ide_if[1].select &= ~(1 << 7);
1676 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1678 IDEState *ide_if = opaque;
1679 IDEState *s;
1680 int unit, n;
1681 int lba48 = 0;
1683 #ifdef DEBUG_IDE
1684 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1685 #endif
1687 addr &= 7;
1688 switch(addr) {
1689 case 0:
1690 break;
1691 case 1:
1692 ide_clear_hob(ide_if);
1693 /* NOTE: data is written to the two drives */
1694 ide_if[0].hob_feature = ide_if[0].feature;
1695 ide_if[1].hob_feature = ide_if[1].feature;
1696 ide_if[0].feature = val;
1697 ide_if[1].feature = val;
1698 break;
1699 case 2:
1700 ide_clear_hob(ide_if);
1701 ide_if[0].hob_nsector = ide_if[0].nsector;
1702 ide_if[1].hob_nsector = ide_if[1].nsector;
1703 ide_if[0].nsector = val;
1704 ide_if[1].nsector = val;
1705 break;
1706 case 3:
1707 ide_clear_hob(ide_if);
1708 ide_if[0].hob_sector = ide_if[0].sector;
1709 ide_if[1].hob_sector = ide_if[1].sector;
1710 ide_if[0].sector = val;
1711 ide_if[1].sector = val;
1712 break;
1713 case 4:
1714 ide_clear_hob(ide_if);
1715 ide_if[0].hob_lcyl = ide_if[0].lcyl;
1716 ide_if[1].hob_lcyl = ide_if[1].lcyl;
1717 ide_if[0].lcyl = val;
1718 ide_if[1].lcyl = val;
1719 break;
1720 case 5:
1721 ide_clear_hob(ide_if);
1722 ide_if[0].hob_hcyl = ide_if[0].hcyl;
1723 ide_if[1].hob_hcyl = ide_if[1].hcyl;
1724 ide_if[0].hcyl = val;
1725 ide_if[1].hcyl = val;
1726 break;
1727 case 6:
1728 /* FIXME: HOB readback uses bit 7 */
1729 ide_if[0].select = (val & ~0x10) | 0xa0;
1730 ide_if[1].select = (val | 0x10) | 0xa0;
1731 /* select drive */
1732 buffered_pio_reset(ide_if->cur_drive);
1733 unit = (val >> 4) & 1;
1734 s = ide_if + unit;
1735 ide_if->cur_drive = s;
1736 break;
1737 default:
1738 case 7:
1739 /* command */
1740 #if defined(DEBUG_IDE)
1741 printf("ide: CMD=%02x\n", val);
1742 #endif
1743 s = ide_if->cur_drive;
1744 /* ignore commands to non existant slave */
1745 if (s != ide_if && !s->bs)
1746 break;
1748 switch(val) {
1749 case WIN_IDENTIFY:
1750 if (s->bs && !s->is_cdrom) {
1751 ide_identify(s);
1752 s->status = READY_STAT | SEEK_STAT;
1753 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1754 } else {
1755 if (s->is_cdrom) {
1756 ide_set_signature(s);
1758 ide_abort_command(s);
1760 ide_set_irq(s);
1761 break;
1762 case WIN_SPECIFY:
1763 case WIN_RECAL:
1764 s->error = 0;
1765 s->status = READY_STAT | SEEK_STAT;
1766 ide_set_irq(s);
1767 break;
1768 case WIN_SETMULT:
1769 if (s->nsector > MAX_MULT_SECTORS ||
1770 s->nsector == 0 ||
1771 (s->nsector & (s->nsector - 1)) != 0) {
1772 ide_abort_command(s);
1773 } else {
1774 s->mult_sectors = s->nsector;
1775 s->status = READY_STAT;
1777 ide_set_irq(s);
1778 break;
1779 case WIN_VERIFY_EXT:
1780 lba48 = 1;
1781 case WIN_VERIFY:
1782 case WIN_VERIFY_ONCE:
1783 /* do sector number check ? */
1784 ide_cmd_lba48_transform(s, lba48);
1785 s->status = READY_STAT;
1786 ide_set_irq(s);
1787 break;
1788 case WIN_READ_EXT:
1789 lba48 = 1;
1790 case WIN_READ:
1791 case WIN_READ_ONCE:
1792 if (!s->bs)
1793 goto abort_cmd;
1794 ide_cmd_lba48_transform(s, lba48);
1795 s->req_nb_sectors = 1;
1796 ide_sector_read(s);
1797 break;
1798 case WIN_WRITE_EXT:
1799 lba48 = 1;
1800 case WIN_WRITE:
1801 case WIN_WRITE_ONCE:
1802 ide_cmd_lba48_transform(s, lba48);
1803 s->error = 0;
1804 s->status = SEEK_STAT | READY_STAT;
1805 s->req_nb_sectors = 1;
1806 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1807 break;
1808 case WIN_MULTREAD_EXT:
1809 lba48 = 1;
1810 case WIN_MULTREAD:
1811 if (!s->mult_sectors)
1812 goto abort_cmd;
1813 ide_cmd_lba48_transform(s, lba48);
1814 s->req_nb_sectors = s->mult_sectors;
1815 ide_sector_read(s);
1816 break;
1817 case WIN_MULTWRITE_EXT:
1818 lba48 = 1;
1819 case WIN_MULTWRITE:
1820 if (!s->mult_sectors)
1821 goto abort_cmd;
1822 ide_cmd_lba48_transform(s, lba48);
1823 s->error = 0;
1824 s->status = SEEK_STAT | READY_STAT;
1825 s->req_nb_sectors = s->mult_sectors;
1826 n = s->nsector;
1827 if (n > s->req_nb_sectors)
1828 n = s->req_nb_sectors;
1829 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1830 break;
1831 case WIN_READDMA_EXT:
1832 lba48 = 1;
1833 case WIN_READDMA:
1834 case WIN_READDMA_ONCE:
1835 if (!s->bs)
1836 goto abort_cmd;
1837 ide_cmd_lba48_transform(s, lba48);
1838 ide_sector_read_dma(s);
1839 break;
1840 case WIN_WRITEDMA_EXT:
1841 lba48 = 1;
1842 case WIN_WRITEDMA:
1843 case WIN_WRITEDMA_ONCE:
1844 if (!s->bs)
1845 goto abort_cmd;
1846 ide_cmd_lba48_transform(s, lba48);
1847 ide_sector_write_dma(s);
1848 break;
1849 case WIN_READ_NATIVE_MAX_EXT:
1850 lba48 = 1;
1851 case WIN_READ_NATIVE_MAX:
1852 ide_cmd_lba48_transform(s, lba48);
1853 ide_set_sector(s, s->nb_sectors - 1);
1854 s->status = READY_STAT;
1855 ide_set_irq(s);
1856 break;
1857 case WIN_CHECKPOWERMODE1:
1858 s->nsector = 0xff; /* device active or idle */
1859 s->status = READY_STAT;
1860 ide_set_irq(s);
1861 break;
1862 case WIN_SETFEATURES:
1863 if (!s->bs)
1864 goto abort_cmd;
1865 /* XXX: valid for CDROM ? */
1866 switch(s->feature) {
1867 case 0x02: /* write cache enable */
1868 s->write_cache = 1;
1869 s->status = READY_STAT | SEEK_STAT;
1870 ide_set_irq(s);
1871 break;
1872 case 0x82: /* write cache disable */
1873 s->write_cache = 0;
1874 s->status = READY_STAT | SEEK_STAT;
1875 ide_set_irq(s);
1876 break;
1877 case 0xaa: /* read look-ahead enable */
1878 case 0x55: /* read look-ahead disable */
1879 case 0x42: /* EN_AAM: enable Automatic Acoustic Mode */
1880 case 0xc2: /* DIS_AAM: disable Automatic Acoustic Mode */
1881 case 0x85: /* DIS_APM: disable APM */
1882 s->status = READY_STAT | SEEK_STAT;
1883 ide_set_irq(s);
1884 break;
1885 case 0x03: { /* set transfer mode */
1886 uint8_t val = s->nsector & 0x07;
1888 switch (s->nsector >> 3) {
1889 case 0x00: /* pio default */
1890 case 0x01: /* pio mode */
1891 put_le16(s->identify_data + 63,0x07);
1892 put_le16(s->identify_data + 88,0x3f);
1893 break;
1894 case 0x04: /* mdma mode */
1895 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
1896 put_le16(s->identify_data + 88,0x3f);
1897 break;
1898 case 0x08: /* udma mode */
1899 put_le16(s->identify_data + 63,0x07);
1900 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
1901 break;
1902 default:
1903 goto abort_cmd;
1905 s->status = READY_STAT | SEEK_STAT;
1906 ide_set_irq(s);
1907 break;
1909 default:
1910 goto abort_cmd;
1912 break;
1913 case WIN_FLUSH_CACHE:
1914 case WIN_FLUSH_CACHE_EXT:
1915 if (s->bs)
1916 bdrv_flush(s->bs);
1917 s->status = READY_STAT;
1918 ide_set_irq(s);
1919 break;
1920 case WIN_IDLEIMMEDIATE:
1921 case WIN_STANDBY:
1922 case WIN_SETIDLE1:
1923 case WIN_STANDBYNOW1:
1924 case WIN_SLEEPNOW1:
1925 case WIN_STANDBY2:
1926 case WIN_SETIDLE2:
1927 case WIN_STANDBYNOW2:
1928 case WIN_SLEEPNOW2:
1929 s->status = READY_STAT;
1930 ide_set_irq(s);
1931 break;
1932 /* ATAPI commands */
1933 case WIN_PIDENTIFY:
1934 if (s->is_cdrom) {
1935 ide_atapi_identify(s);
1936 s->status = READY_STAT | SEEK_STAT;
1937 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1938 } else {
1939 ide_abort_command(s);
1941 ide_set_irq(s);
1942 break;
1943 case WIN_DIAGNOSE:
1944 ide_set_signature(s);
1945 s->status = 0x00; /* NOTE: READY is _not_ set */
1946 s->error = 0x01;
1947 break;
1948 case WIN_SRST:
1949 if (!s->is_cdrom)
1950 goto abort_cmd;
1951 ide_set_signature(s);
1952 s->status = 0x00; /* NOTE: READY is _not_ set */
1953 s->error = 0x01;
1954 break;
1955 case WIN_PACKETCMD:
1956 if (!s->is_cdrom)
1957 goto abort_cmd;
1958 /* overlapping commands not supported */
1959 if (s->feature & 0x02)
1960 goto abort_cmd;
1961 s->atapi_dma = s->feature & 1;
1962 s->nsector = 1;
1963 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1964 ide_atapi_cmd);
1965 break;
1966 default:
1967 abort_cmd:
1968 ide_abort_command(s);
1969 ide_set_irq(s);
1970 break;
1975 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
1977 IDEState *ide_if = opaque;
1978 IDEState *s = ide_if->cur_drive;
1979 uint32_t addr;
1980 int ret, hob;
1982 addr = addr1 & 7;
1983 /* FIXME: HOB readback uses bit 7, but it's always set right now */
1984 //hob = s->select & (1 << 7);
1985 hob = 0;
1986 switch(addr) {
1987 case 0:
1988 ret = 0xff;
1989 break;
1990 case 1:
1991 if (!ide_if[0].bs && !ide_if[1].bs)
1992 ret = 0;
1993 else if (!hob)
1994 ret = s->error;
1995 else
1996 ret = s->hob_feature;
1997 break;
1998 case 2:
1999 if (!ide_if[0].bs && !ide_if[1].bs)
2000 ret = 0;
2001 else if (!hob)
2002 ret = s->nsector & 0xff;
2003 else
2004 ret = s->hob_nsector;
2005 break;
2006 case 3:
2007 if (!ide_if[0].bs && !ide_if[1].bs)
2008 ret = 0;
2009 else if (!hob)
2010 ret = s->sector;
2011 else
2012 ret = s->hob_sector;
2013 break;
2014 case 4:
2015 if (!ide_if[0].bs && !ide_if[1].bs)
2016 ret = 0;
2017 else if (!hob)
2018 ret = s->lcyl;
2019 else
2020 ret = s->hob_lcyl;
2021 break;
2022 case 5:
2023 if (!ide_if[0].bs && !ide_if[1].bs)
2024 ret = 0;
2025 else if (!hob)
2026 ret = s->hcyl;
2027 else
2028 ret = s->hob_hcyl;
2029 break;
2030 case 6:
2031 if (!ide_if[0].bs && !ide_if[1].bs)
2032 ret = 0;
2033 else
2034 ret = s->select;
2035 break;
2036 default:
2037 case 7:
2038 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2039 (s != ide_if && !s->bs))
2040 ret = 0;
2041 else
2042 ret = s->status;
2043 s->set_irq(s->irq_opaque, s->irq, 0);
2044 break;
2046 #ifdef DEBUG_IDE
2047 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2048 #endif
2049 return ret;
2052 static uint32_t ide_status_read(void *opaque, uint32_t addr)
2054 IDEState *ide_if = opaque;
2055 IDEState *s = ide_if->cur_drive;
2056 int ret;
2058 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2059 (s != ide_if && !s->bs))
2060 ret = 0;
2061 else
2062 ret = s->status;
2063 #ifdef DEBUG_IDE
2064 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2065 #endif
2066 return ret;
2069 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2071 IDEState *ide_if = opaque;
2072 IDEState *s;
2073 int i;
2075 #ifdef DEBUG_IDE
2076 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2077 #endif
2078 /* common for both drives */
2079 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2080 (val & IDE_CMD_RESET)) {
2081 /* reset low to high */
2082 for(i = 0;i < 2; i++) {
2083 s = &ide_if[i];
2084 s->status = BUSY_STAT | SEEK_STAT;
2085 s->error = 0x01;
2087 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2088 !(val & IDE_CMD_RESET)) {
2089 /* high to low */
2090 for(i = 0;i < 2; i++) {
2091 s = &ide_if[i];
2092 if (s->is_cdrom)
2093 s->status = 0x00; /* NOTE: READY is _not_ set */
2094 else
2095 s->status = READY_STAT | SEEK_STAT;
2096 ide_set_signature(s);
2100 ide_if[0].cmd = val;
2101 ide_if[1].cmd = val;
2104 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2106 IDEState *s = ((IDEState *)opaque)->cur_drive;
2107 uint8_t *p;
2109 buffered_pio_write(s, addr, 2);
2110 p = s->data_ptr;
2111 *(uint16_t *)p = le16_to_cpu(val);
2112 p += 2;
2113 s->data_ptr = p;
2114 if (p >= s->data_end)
2115 s->end_transfer_func(s);
2118 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2120 IDEState *s = ((IDEState *)opaque)->cur_drive;
2121 uint8_t *p;
2122 int ret;
2124 buffered_pio_read(s, addr, 2);
2125 p = s->data_ptr;
2126 ret = cpu_to_le16(*(uint16_t *)p);
2127 p += 2;
2128 s->data_ptr = p;
2129 if (p >= s->data_end)
2130 s->end_transfer_func(s);
2131 return ret;
2134 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2136 IDEState *s = ((IDEState *)opaque)->cur_drive;
2137 uint8_t *p;
2139 buffered_pio_write(s, addr, 4);
2140 p = s->data_ptr;
2141 *(uint32_t *)p = le32_to_cpu(val);
2142 p += 4;
2143 s->data_ptr = p;
2144 if (p >= s->data_end)
2145 s->end_transfer_func(s);
2148 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2150 IDEState *s = ((IDEState *)opaque)->cur_drive;
2151 uint8_t *p;
2152 int ret;
2154 buffered_pio_read(s, addr, 4);
2155 p = s->data_ptr;
2156 ret = cpu_to_le32(*(uint32_t *)p);
2157 p += 4;
2158 s->data_ptr = p;
2159 if (p >= s->data_end)
2160 s->end_transfer_func(s);
2161 return ret;
2164 static void ide_dummy_transfer_stop(IDEState *s)
2166 s->data_ptr = s->io_buffer;
2167 s->data_end = s->io_buffer;
2168 s->io_buffer[0] = 0xff;
2169 s->io_buffer[1] = 0xff;
2170 s->io_buffer[2] = 0xff;
2171 s->io_buffer[3] = 0xff;
2174 static void ide_reset(IDEState *s)
2176 s->mult_sectors = MAX_MULT_SECTORS;
2177 s->cur_drive = s;
2178 s->select = 0xa0;
2179 s->status = READY_STAT;
2180 ide_set_signature(s);
2181 /* init the transfer handler so that 0xffff is returned on data
2182 accesses */
2183 s->end_transfer_func = ide_dummy_transfer_stop;
2184 ide_dummy_transfer_stop(s);
2187 struct partition {
2188 uint8_t boot_ind; /* 0x80 - active */
2189 uint8_t head; /* starting head */
2190 uint8_t sector; /* starting sector */
2191 uint8_t cyl; /* starting cylinder */
2192 uint8_t sys_ind; /* What partition type */
2193 uint8_t end_head; /* end head */
2194 uint8_t end_sector; /* end sector */
2195 uint8_t end_cyl; /* end cylinder */
2196 uint32_t start_sect; /* starting sector counting from 0 */
2197 uint32_t nr_sects; /* nr of sectors in partition */
2198 } __attribute__((packed));
2200 /* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
2201 static int guess_disk_lchs(IDEState *s,
2202 int *pcylinders, int *pheads, int *psectors)
2204 uint8_t buf[512];
2205 int ret, i, heads, sectors, cylinders;
2206 struct partition *p;
2207 uint32_t nr_sects;
2209 ret = bdrv_read(s->bs, 0, buf, 1);
2210 if (ret < 0)
2211 return -1;
2212 /* test msdos magic */
2213 if (buf[510] != 0x55 || buf[511] != 0xaa)
2214 return -1;
2215 for(i = 0; i < 4; i++) {
2216 p = ((struct partition *)(buf + 0x1be)) + i;
2217 nr_sects = le32_to_cpu(p->nr_sects);
2218 if (nr_sects && p->end_head) {
2219 /* We make the assumption that the partition terminates on
2220 a cylinder boundary */
2221 heads = p->end_head + 1;
2222 sectors = p->end_sector & 63;
2223 if (sectors == 0)
2224 continue;
2225 cylinders = s->nb_sectors / (heads * sectors);
2226 if (cylinders < 1 || cylinders > 16383)
2227 continue;
2228 *pheads = heads;
2229 *psectors = sectors;
2230 *pcylinders = cylinders;
2231 #if 0
2232 printf("guessed geometry: LCHS=%d %d %d\n",
2233 cylinders, heads, sectors);
2234 #endif
2235 return 0;
2238 return -1;
2241 static void ide_init2(IDEState *ide_state,
2242 BlockDriverState *hd0, BlockDriverState *hd1,
2243 SetIRQFunc *set_irq, void *irq_opaque, int irq)
2245 IDEState *s;
2246 static int drive_serial = 1;
2247 int i, cylinders, heads, secs, translation, lba_detected = 0;
2248 int64_t nb_sectors;
2250 for(i = 0; i < 2; i++) {
2251 s = ide_state + i;
2252 if (i == 0)
2253 s->bs = hd0;
2254 else
2255 s->bs = hd1;
2256 if (s->bs) {
2257 bdrv_get_geometry(s->bs, &nb_sectors);
2258 s->nb_sectors = nb_sectors;
2259 /* if a geometry hint is available, use it */
2260 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
2261 translation = bdrv_get_translation_hint(s->bs);
2262 if (cylinders != 0) {
2263 s->cylinders = cylinders;
2264 s->heads = heads;
2265 s->sectors = secs;
2266 } else {
2267 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
2268 if (heads > 16) {
2269 /* if heads > 16, it means that a BIOS LBA
2270 translation was active, so the default
2271 hardware geometry is OK */
2272 lba_detected = 1;
2273 goto default_geometry;
2274 } else {
2275 s->cylinders = cylinders;
2276 s->heads = heads;
2277 s->sectors = secs;
2278 /* disable any translation to be in sync with
2279 the logical geometry */
2280 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
2281 bdrv_set_translation_hint(s->bs,
2282 BIOS_ATA_TRANSLATION_NONE);
2285 } else {
2286 default_geometry:
2287 /* if no geometry, use a standard physical disk geometry */
2288 cylinders = nb_sectors / (16 * 63);
2289 if (cylinders > 16383)
2290 cylinders = 16383;
2291 else if (cylinders < 2)
2292 cylinders = 2;
2293 s->cylinders = cylinders;
2294 s->heads = 16;
2295 s->sectors = 63;
2296 if ((lba_detected == 1) && (translation == BIOS_ATA_TRANSLATION_AUTO)) {
2297 if ((s->cylinders * s->heads) <= 131072) {
2298 bdrv_set_translation_hint(s->bs,
2299 BIOS_ATA_TRANSLATION_LARGE);
2300 } else {
2301 bdrv_set_translation_hint(s->bs,
2302 BIOS_ATA_TRANSLATION_LBA);
2306 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
2308 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2309 s->is_cdrom = 1;
2310 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2313 s->drive_serial = drive_serial++;
2314 s->set_irq = set_irq;
2315 s->irq_opaque = irq_opaque;
2316 s->irq = irq;
2317 s->sector_write_timer = qemu_new_timer(vm_clock,
2318 ide_sector_write_timer_cb, s);
2319 s->write_cache = 0;
2320 ide_reset(s);
2324 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2326 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2327 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2328 if (iobase2) {
2329 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2330 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2333 /* data ports */
2334 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2335 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2336 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2337 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2340 /***********************************************************/
2341 /* ISA IDE definitions */
2343 void isa_ide_init(int iobase, int iobase2, int irq,
2344 BlockDriverState *hd0, BlockDriverState *hd1)
2346 IDEState *ide_state;
2348 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2349 if (!ide_state)
2350 return;
2352 ide_init2(ide_state, hd0, hd1, pic_set_irq_new, isa_pic, irq);
2353 ide_init_ioport(ide_state, iobase, iobase2);
2356 /***********************************************************/
2357 /* PCI IDE definitions */
2359 static void cmd646_update_irq(PCIIDEState *d);
2361 static void ide_map(PCIDevice *pci_dev, int region_num,
2362 uint32_t addr, uint32_t size, int type)
2364 PCIIDEState *d = (PCIIDEState *)pci_dev;
2365 IDEState *ide_state;
2367 if (region_num <= 3) {
2368 ide_state = &d->ide_if[(region_num >> 1) * 2];
2369 if (region_num & 1) {
2370 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2371 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2372 } else {
2373 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2374 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2376 /* data ports */
2377 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2378 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2379 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2380 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2385 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2387 BMDMAState *bm = s->bmdma;
2388 if(!bm)
2389 return;
2390 bm->ide_if = s;
2391 bm->dma_cb = dma_cb;
2392 bm->cur_prd_last = 0;
2393 bm->cur_prd_addr = 0;
2394 bm->cur_prd_len = 0;
2395 if (bm->status & BM_STATUS_DMAING) {
2396 bm->dma_cb(bm, 0);
2400 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2402 BMDMAState *bm = opaque;
2403 #ifdef DEBUG_IDE
2404 printf("%s: 0x%08x\n", __func__, val);
2405 #endif
2406 if (!(val & BM_CMD_START)) {
2407 /* XXX: do it better */
2408 if (bm->status & BM_STATUS_DMAING) {
2409 bm->status &= ~BM_STATUS_DMAING;
2410 /* cancel DMA request */
2411 bm->ide_if = NULL;
2412 bm->dma_cb = NULL;
2413 if (bm->aiocb) {
2414 #ifdef DEBUG_AIO
2415 printf("aio_cancel\n");
2416 #endif
2417 bdrv_aio_cancel(bm->aiocb);
2418 bm->aiocb = NULL;
2421 bm->cmd = val & 0x09;
2422 } else {
2423 if (!(bm->status & BM_STATUS_DMAING)) {
2424 bm->status |= BM_STATUS_DMAING;
2425 /* start dma transfer if possible */
2426 if (bm->dma_cb)
2427 bm->dma_cb(bm, 0);
2429 bm->cmd = val & 0x09;
2433 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2435 BMDMAState *bm = opaque;
2436 PCIIDEState *pci_dev;
2437 uint32_t val;
2439 switch(addr & 3) {
2440 case 0:
2441 val = bm->cmd;
2442 break;
2443 case 1:
2444 pci_dev = bm->pci_dev;
2445 if (pci_dev->type == IDE_TYPE_CMD646) {
2446 val = pci_dev->dev.config[MRDMODE];
2447 } else {
2448 val = 0xff;
2450 break;
2451 case 2:
2452 val = bm->status;
2453 break;
2454 case 3:
2455 pci_dev = bm->pci_dev;
2456 if (pci_dev->type == IDE_TYPE_CMD646) {
2457 if (bm == &pci_dev->bmdma[0])
2458 val = pci_dev->dev.config[UDIDETCR0];
2459 else
2460 val = pci_dev->dev.config[UDIDETCR1];
2461 } else {
2462 val = 0xff;
2464 break;
2465 default:
2466 val = 0xff;
2467 break;
2469 #ifdef DEBUG_IDE
2470 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2471 #endif
2472 return val;
2475 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2477 BMDMAState *bm = opaque;
2478 PCIIDEState *pci_dev;
2479 #ifdef DEBUG_IDE
2480 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
2481 #endif
2482 switch(addr & 3) {
2483 case 1:
2484 pci_dev = bm->pci_dev;
2485 if (pci_dev->type == IDE_TYPE_CMD646) {
2486 pci_dev->dev.config[MRDMODE] =
2487 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2488 cmd646_update_irq(pci_dev);
2490 break;
2491 case 2:
2492 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2493 break;
2494 case 3:
2495 pci_dev = bm->pci_dev;
2496 if (pci_dev->type == IDE_TYPE_CMD646) {
2497 if (bm == &pci_dev->bmdma[0])
2498 pci_dev->dev.config[UDIDETCR0] = val;
2499 else
2500 pci_dev->dev.config[UDIDETCR1] = val;
2502 break;
2506 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2508 BMDMAState *bm = opaque;
2509 uint32_t val;
2510 val = bm->addr;
2511 #ifdef DEBUG_IDE
2512 printf("%s: 0x%08x\n", __func__, val);
2513 #endif
2514 return val;
2517 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2519 BMDMAState *bm = opaque;
2520 #ifdef DEBUG_IDE
2521 printf("%s: 0x%08x\n", __func__, val);
2522 #endif
2523 bm->addr = val & ~3;
2524 bm->cur_addr = bm->addr;
2527 static void bmdma_map(PCIDevice *pci_dev, int region_num,
2528 uint32_t addr, uint32_t size, int type)
2530 PCIIDEState *d = (PCIIDEState *)pci_dev;
2531 int i;
2533 for(i = 0;i < 2; i++) {
2534 BMDMAState *bm = &d->bmdma[i];
2535 d->ide_if[2 * i].bmdma = bm;
2536 d->ide_if[2 * i + 1].bmdma = bm;
2537 bm->pci_dev = (PCIIDEState *)pci_dev;
2539 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2541 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
2542 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
2544 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2545 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2546 addr += 8;
2550 /* XXX: call it also when the MRDMODE is changed from the PCI config
2551 registers */
2552 static void cmd646_update_irq(PCIIDEState *d)
2554 int pci_level;
2555 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
2556 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
2557 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
2558 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
2559 pci_set_irq((PCIDevice *)d, 0, pci_level);
2562 /* the PCI irq level is the logical OR of the two channels */
2563 static void cmd646_set_irq(void *opaque, int channel, int level)
2565 PCIIDEState *d = opaque;
2566 int irq_mask;
2568 irq_mask = MRDMODE_INTR_CH0 << channel;
2569 if (level)
2570 d->dev.config[MRDMODE] |= irq_mask;
2571 else
2572 d->dev.config[MRDMODE] &= ~irq_mask;
2573 cmd646_update_irq(d);
2576 /* CMD646 PCI IDE controller */
2577 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
2578 int secondary_ide_enabled)
2580 PCIIDEState *d;
2581 uint8_t *pci_conf;
2582 int i;
2584 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
2585 sizeof(PCIIDEState),
2586 -1,
2587 NULL, NULL);
2588 d->type = IDE_TYPE_CMD646;
2589 pci_conf = d->dev.config;
2590 pci_conf[0x00] = 0x95; // CMD646
2591 pci_conf[0x01] = 0x10;
2592 pci_conf[0x02] = 0x46;
2593 pci_conf[0x03] = 0x06;
2595 pci_conf[0x08] = 0x07; // IDE controller revision
2596 pci_conf[0x09] = 0x8f;
2598 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2599 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2600 pci_conf[0x0e] = 0x00; // header_type
2602 if (secondary_ide_enabled) {
2603 /* XXX: if not enabled, really disable the seconday IDE controller */
2604 pci_conf[0x51] = 0x80; /* enable IDE1 */
2607 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2608 PCI_ADDRESS_SPACE_IO, ide_map);
2609 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2610 PCI_ADDRESS_SPACE_IO, ide_map);
2611 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2612 PCI_ADDRESS_SPACE_IO, ide_map);
2613 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2614 PCI_ADDRESS_SPACE_IO, ide_map);
2615 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2616 PCI_ADDRESS_SPACE_IO, bmdma_map);
2618 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2620 for(i = 0; i < 4; i++)
2621 d->ide_if[i].pci_dev = (PCIDevice *)d;
2622 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1],
2623 cmd646_set_irq, d, 0);
2624 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3],
2625 cmd646_set_irq, d, 1);
2628 static void pci_ide_save(QEMUFile* f, void *opaque)
2630 PCIIDEState *d = opaque;
2631 int i;
2633 pci_device_save(&d->dev, f);
2635 for(i = 0; i < 2; i++) {
2636 BMDMAState *bm = &d->bmdma[i];
2637 qemu_put_8s(f, &bm->cmd);
2638 qemu_put_8s(f, &bm->status);
2639 qemu_put_be32s(f, &bm->addr);
2640 /* XXX: if a transfer is pending, we do not save it yet */
2643 /* per IDE interface data */
2644 for(i = 0; i < 2; i++) {
2645 IDEState *s = &d->ide_if[i * 2];
2646 uint8_t drive1_selected;
2647 qemu_put_8s(f, &s->cmd);
2648 drive1_selected = (s->cur_drive != s);
2649 qemu_put_8s(f, &drive1_selected);
2652 /* per IDE drive data */
2653 for(i = 0; i < 4; i++) {
2654 IDEState *s = &d->ide_if[i];
2655 qemu_put_be32s(f, &s->mult_sectors);
2656 qemu_put_be32s(f, &s->identify_set);
2657 if (s->identify_set) {
2658 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2660 qemu_put_8s(f, &s->feature);
2661 qemu_put_8s(f, &s->error);
2662 qemu_put_be32s(f, &s->nsector);
2663 qemu_put_8s(f, &s->sector);
2664 qemu_put_8s(f, &s->lcyl);
2665 qemu_put_8s(f, &s->hcyl);
2666 qemu_put_8s(f, &s->hob_feature);
2667 qemu_put_8s(f, &s->hob_nsector);
2668 qemu_put_8s(f, &s->hob_sector);
2669 qemu_put_8s(f, &s->hob_lcyl);
2670 qemu_put_8s(f, &s->hob_hcyl);
2671 qemu_put_8s(f, &s->select);
2672 qemu_put_8s(f, &s->status);
2673 qemu_put_8s(f, &s->lba48);
2675 qemu_put_8s(f, &s->sense_key);
2676 qemu_put_8s(f, &s->asc);
2677 /* XXX: if a transfer is pending, we do not save it yet */
2681 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
2683 PCIIDEState *d = opaque;
2684 int ret, i;
2686 if (version_id != 1)
2687 return -EINVAL;
2688 ret = pci_device_load(&d->dev, f);
2689 if (ret < 0)
2690 return ret;
2692 for(i = 0; i < 2; i++) {
2693 BMDMAState *bm = &d->bmdma[i];
2694 qemu_get_8s(f, &bm->cmd);
2695 qemu_get_8s(f, &bm->status);
2696 qemu_get_be32s(f, &bm->addr);
2697 /* XXX: if a transfer is pending, we do not save it yet */
2700 /* per IDE interface data */
2701 for(i = 0; i < 2; i++) {
2702 IDEState *s = &d->ide_if[i * 2];
2703 uint8_t drive1_selected;
2704 qemu_get_8s(f, &s->cmd);
2705 qemu_get_8s(f, &drive1_selected);
2706 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
2709 /* per IDE drive data */
2710 for(i = 0; i < 4; i++) {
2711 IDEState *s = &d->ide_if[i];
2712 qemu_get_be32s(f, &s->mult_sectors);
2713 qemu_get_be32s(f, &s->identify_set);
2714 if (s->identify_set) {
2715 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2717 qemu_get_8s(f, &s->feature);
2718 qemu_get_8s(f, &s->error);
2719 qemu_get_be32s(f, &s->nsector);
2720 qemu_get_8s(f, &s->sector);
2721 qemu_get_8s(f, &s->lcyl);
2722 qemu_get_8s(f, &s->hcyl);
2723 qemu_get_8s(f, &s->hob_feature);
2724 qemu_get_8s(f, &s->hob_nsector);
2725 qemu_get_8s(f, &s->hob_sector);
2726 qemu_get_8s(f, &s->hob_lcyl);
2727 qemu_get_8s(f, &s->hob_hcyl);
2728 qemu_get_8s(f, &s->select);
2729 qemu_get_8s(f, &s->status);
2730 qemu_get_8s(f, &s->lba48);
2732 qemu_get_8s(f, &s->sense_key);
2733 qemu_get_8s(f, &s->asc);
2734 /* XXX: if a transfer is pending, we do not save it yet */
2736 return 0;
2739 static void piix3_reset(PCIIDEState *d)
2741 uint8_t *pci_conf = d->dev.config;
2743 pci_conf[0x04] = 0x00;
2744 pci_conf[0x05] = 0x00;
2745 pci_conf[0x06] = 0x80; /* FBC */
2746 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
2747 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
2750 void pci_piix_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn)
2752 PCIIDEState *d;
2753 uint8_t *pci_conf;
2755 /* register a function 1 of PIIX */
2756 d = (PCIIDEState *)pci_register_device(bus, "PIIX IDE",
2757 sizeof(PCIIDEState),
2758 devfn,
2759 NULL, NULL);
2760 d->type = IDE_TYPE_PIIX3;
2762 pci_conf = d->dev.config;
2763 pci_conf[0x00] = 0x86; // Intel
2764 pci_conf[0x01] = 0x80;
2765 pci_conf[0x02] = 0x30;
2766 pci_conf[0x03] = 0x12;
2767 pci_conf[0x08] = 0x02; // Step A1
2768 pci_conf[0x09] = 0x80; // legacy ATA mode
2769 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2770 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2771 pci_conf[0x0e] = 0x00; // header_type
2772 pci_conf[0x2c] = 0x53; /* subsystem vendor: XenSource */
2773 pci_conf[0x2d] = 0x58;
2774 pci_conf[0x2e] = 0x01; /* subsystem device */
2775 pci_conf[0x2f] = 0x00;
2777 piix3_reset(d);
2779 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2780 PCI_ADDRESS_SPACE_IO, bmdma_map);
2782 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1],
2783 pic_set_irq_new, isa_pic, 14);
2784 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3],
2785 pic_set_irq_new, isa_pic, 15);
2786 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2787 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2789 buffered_pio_init();
2791 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
2794 /* hd_table must contain 4 block drivers */
2795 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
2796 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn)
2798 PCIIDEState *d;
2799 uint8_t *pci_conf;
2801 /* register a function 1 of PIIX3 */
2802 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2803 sizeof(PCIIDEState),
2804 devfn,
2805 NULL, NULL);
2806 d->type = IDE_TYPE_PIIX3;
2808 pci_conf = d->dev.config;
2809 pci_conf[0x00] = 0x86; // Intel
2810 pci_conf[0x01] = 0x80;
2811 pci_conf[0x02] = 0x10;
2812 pci_conf[0x03] = 0x70;
2813 pci_conf[0x09] = 0x80; // legacy ATA mode
2814 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2815 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2816 pci_conf[0x0e] = 0x00; // header_type
2818 piix3_reset(d);
2820 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2821 PCI_ADDRESS_SPACE_IO, bmdma_map);
2823 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1],
2824 pic_set_irq_new, isa_pic, 14);
2825 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3],
2826 pic_set_irq_new, isa_pic, 15);
2827 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2828 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2830 buffered_pio_init();
2832 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
2835 /***********************************************************/
2836 /* MacIO based PowerPC IDE */
2838 /* PowerMac IDE memory IO */
2839 static void pmac_ide_writeb (void *opaque,
2840 target_phys_addr_t addr, uint32_t val)
2842 addr = (addr & 0xFFF) >> 4;
2843 switch (addr) {
2844 case 1 ... 7:
2845 ide_ioport_write(opaque, addr, val);
2846 break;
2847 case 8:
2848 case 22:
2849 ide_cmd_write(opaque, 0, val);
2850 break;
2851 default:
2852 break;
2856 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
2858 uint8_t retval;
2860 addr = (addr & 0xFFF) >> 4;
2861 switch (addr) {
2862 case 1 ... 7:
2863 retval = ide_ioport_read(opaque, addr);
2864 break;
2865 case 8:
2866 case 22:
2867 retval = ide_status_read(opaque, 0);
2868 break;
2869 default:
2870 retval = 0xFF;
2871 break;
2873 return retval;
2876 static void pmac_ide_writew (void *opaque,
2877 target_phys_addr_t addr, uint32_t val)
2879 addr = (addr & 0xFFF) >> 4;
2880 #ifdef TARGET_WORDS_BIGENDIAN
2881 val = bswap16(val);
2882 #endif
2883 if (addr == 0) {
2884 ide_data_writew(opaque, 0, val);
2888 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
2890 uint16_t retval;
2892 addr = (addr & 0xFFF) >> 4;
2893 if (addr == 0) {
2894 retval = ide_data_readw(opaque, 0);
2895 } else {
2896 retval = 0xFFFF;
2898 #ifdef TARGET_WORDS_BIGENDIAN
2899 retval = bswap16(retval);
2900 #endif
2901 return retval;
2904 static void pmac_ide_writel (void *opaque,
2905 target_phys_addr_t addr, uint32_t val)
2907 addr = (addr & 0xFFF) >> 4;
2908 #ifdef TARGET_WORDS_BIGENDIAN
2909 val = bswap32(val);
2910 #endif
2911 if (addr == 0) {
2912 ide_data_writel(opaque, 0, val);
2916 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
2918 uint32_t retval;
2920 addr = (addr & 0xFFF) >> 4;
2921 if (addr == 0) {
2922 retval = ide_data_readl(opaque, 0);
2923 } else {
2924 retval = 0xFFFFFFFF;
2926 #ifdef TARGET_WORDS_BIGENDIAN
2927 retval = bswap32(retval);
2928 #endif
2929 return retval;
2932 static CPUWriteMemoryFunc *pmac_ide_write[] = {
2933 pmac_ide_writeb,
2934 pmac_ide_writew,
2935 pmac_ide_writel,
2936 };
2938 static CPUReadMemoryFunc *pmac_ide_read[] = {
2939 pmac_ide_readb,
2940 pmac_ide_readw,
2941 pmac_ide_readl,
2942 };
2944 /* hd_table must contain 4 block drivers */
2945 /* PowerMac uses memory mapped registers, not I/O. Return the memory
2946 I/O index to access the ide. */
2947 int pmac_ide_init (BlockDriverState **hd_table,
2948 SetIRQFunc *set_irq, void *irq_opaque, int irq)
2950 IDEState *ide_if;
2951 int pmac_ide_memory;
2953 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
2954 ide_init2(&ide_if[0], hd_table[0], hd_table[1],
2955 set_irq, irq_opaque, irq);
2957 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
2958 pmac_ide_write, &ide_if[0]);
2959 return pmac_ide_memory;