debuggers.hg

view tools/ioemu/hw/ide.c @ 10959:4c2fab8f8c34

[qemu] Use xenstore to configure ioemu block devices.
- read ioemu block device config from xenstore
- don't require the ioemu: prefix on block devices any longer
- allow change of media associated with cdrom drives
- replace cdrom= option by :cdrom suffix on regular block device config:
'file:/root/mytest.iso,hdc:cdrom,r'
- don't create default cdrom drive anymore - to create default empty
cdrom drive use: ',hdc:cdrom,r'

Signed-off-by: Christian Limpach <Christian.Limpach@xensource.com>
author chris@kneesaa.uk.xensource.com
date Thu Aug 03 18:28:29 2006 +0100 (2006-08-03)
parents b450f21472a0
children 08a11694b109
line source
1 /*
2 * QEMU IDE disk and CD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24 #include "vl.h"
25 #include <pthread.h>
27 /* debug IDE devices */
28 //#define DEBUG_IDE
29 //#define DEBUG_IDE_ATAPI
31 /* Bits of HD_STATUS */
32 #define ERR_STAT 0x01
33 #define INDEX_STAT 0x02
34 #define ECC_STAT 0x04 /* Corrected error */
35 #define DRQ_STAT 0x08
36 #define SEEK_STAT 0x10
37 #define SRV_STAT 0x10
38 #define WRERR_STAT 0x20
39 #define READY_STAT 0x40
40 #define BUSY_STAT 0x80
42 /* Bits for HD_ERROR */
43 #define MARK_ERR 0x01 /* Bad address mark */
44 #define TRK0_ERR 0x02 /* couldn't find track 0 */
45 #define ABRT_ERR 0x04 /* Command aborted */
46 #define MCR_ERR 0x08 /* media change request */
47 #define ID_ERR 0x10 /* ID field not found */
48 #define MC_ERR 0x20 /* media changed */
49 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
50 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
51 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
53 /* Bits of HD_NSECTOR */
54 #define CD 0x01
55 #define IO 0x02
56 #define REL 0x04
57 #define TAG_MASK 0xf8
59 #define IDE_CMD_RESET 0x04
60 #define IDE_CMD_DISABLE_IRQ 0x02
62 /* ATA/ATAPI Commands pre T13 Spec */
63 #define WIN_NOP 0x00
64 /*
65 * 0x01->0x02 Reserved
66 */
67 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
68 /*
69 * 0x04->0x07 Reserved
70 */
71 #define WIN_SRST 0x08 /* ATAPI soft reset command */
72 #define WIN_DEVICE_RESET 0x08
73 /*
74 * 0x09->0x0F Reserved
75 */
76 #define WIN_RECAL 0x10
77 #define WIN_RESTORE WIN_RECAL
78 /*
79 * 0x10->0x1F Reserved
80 */
81 #define WIN_READ 0x20 /* 28-Bit */
82 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
83 #define WIN_READ_LONG 0x22 /* 28-Bit */
84 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
85 #define WIN_READ_EXT 0x24 /* 48-Bit */
86 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
87 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
88 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
89 /*
90 * 0x28
91 */
92 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
93 /*
94 * 0x2A->0x2F Reserved
95 */
96 #define WIN_WRITE 0x30 /* 28-Bit */
97 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
98 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
99 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
100 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
101 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
102 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
103 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
104 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
105 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
106 /*
107 * 0x3A->0x3B Reserved
108 */
109 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
110 /*
111 * 0x3D->0x3F Reserved
112 */
113 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
114 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
115 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
116 /*
117 * 0x43->0x4F Reserved
118 */
119 #define WIN_FORMAT 0x50
120 /*
121 * 0x51->0x5F Reserved
122 */
123 #define WIN_INIT 0x60
124 /*
125 * 0x61->0x5F Reserved
126 */
127 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
128 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
129 #define WIN_DIAGNOSE 0x90
130 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
131 #define WIN_DOWNLOAD_MICROCODE 0x92
132 #define WIN_STANDBYNOW2 0x94
133 #define WIN_STANDBY2 0x96
134 #define WIN_SETIDLE2 0x97
135 #define WIN_CHECKPOWERMODE2 0x98
136 #define WIN_SLEEPNOW2 0x99
137 /*
138 * 0x9A VENDOR
139 */
140 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
141 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
142 #define WIN_QUEUED_SERVICE 0xA2
143 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
144 #define CFA_ERASE_SECTORS 0xC0
145 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
146 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
147 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
148 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
149 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
150 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
151 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
152 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
153 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
154 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
155 #define WIN_GETMEDIASTATUS 0xDA
156 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
157 #define WIN_POSTBOOT 0xDC
158 #define WIN_PREBOOT 0xDD
159 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
160 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
161 #define WIN_STANDBYNOW1 0xE0
162 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
163 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
164 #define WIN_SETIDLE1 0xE3
165 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
166 #define WIN_CHECKPOWERMODE1 0xE5
167 #define WIN_SLEEPNOW1 0xE6
168 #define WIN_FLUSH_CACHE 0xE7
169 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
170 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
171 /* SET_FEATURES 0x22 or 0xDD */
172 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
173 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
174 #define WIN_MEDIAEJECT 0xED
175 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
176 #define WIN_SETFEATURES 0xEF /* set special drive features */
177 #define EXABYTE_ENABLE_NEST 0xF0
178 #define WIN_SECURITY_SET_PASS 0xF1
179 #define WIN_SECURITY_UNLOCK 0xF2
180 #define WIN_SECURITY_ERASE_PREPARE 0xF3
181 #define WIN_SECURITY_ERASE_UNIT 0xF4
182 #define WIN_SECURITY_FREEZE_LOCK 0xF5
183 #define WIN_SECURITY_DISABLE 0xF6
184 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
185 #define WIN_SET_MAX 0xF9
186 #define DISABLE_SEAGATE 0xFB
188 /* set to 1 set disable mult support */
189 #define MAX_MULT_SECTORS 16
191 /* ATAPI defines */
193 #define ATAPI_PACKET_SIZE 12
195 /* The generic packet command opcodes for CD/DVD Logical Units,
196 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
197 #define GPCMD_BLANK 0xa1
198 #define GPCMD_CLOSE_TRACK 0x5b
199 #define GPCMD_FLUSH_CACHE 0x35
200 #define GPCMD_FORMAT_UNIT 0x04
201 #define GPCMD_GET_CONFIGURATION 0x46
202 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
203 #define GPCMD_GET_PERFORMANCE 0xac
204 #define GPCMD_INQUIRY 0x12
205 #define GPCMD_LOAD_UNLOAD 0xa6
206 #define GPCMD_MECHANISM_STATUS 0xbd
207 #define GPCMD_MODE_SELECT_10 0x55
208 #define GPCMD_MODE_SENSE_10 0x5a
209 #define GPCMD_PAUSE_RESUME 0x4b
210 #define GPCMD_PLAY_AUDIO_10 0x45
211 #define GPCMD_PLAY_AUDIO_MSF 0x47
212 #define GPCMD_PLAY_AUDIO_TI 0x48
213 #define GPCMD_PLAY_CD 0xbc
214 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
215 #define GPCMD_READ_10 0x28
216 #define GPCMD_READ_12 0xa8
217 #define GPCMD_READ_CDVD_CAPACITY 0x25
218 #define GPCMD_READ_CD 0xbe
219 #define GPCMD_READ_CD_MSF 0xb9
220 #define GPCMD_READ_DISC_INFO 0x51
221 #define GPCMD_READ_DVD_STRUCTURE 0xad
222 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
223 #define GPCMD_READ_HEADER 0x44
224 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
225 #define GPCMD_READ_SUBCHANNEL 0x42
226 #define GPCMD_READ_TOC_PMA_ATIP 0x43
227 #define GPCMD_REPAIR_RZONE_TRACK 0x58
228 #define GPCMD_REPORT_KEY 0xa4
229 #define GPCMD_REQUEST_SENSE 0x03
230 #define GPCMD_RESERVE_RZONE_TRACK 0x53
231 #define GPCMD_SCAN 0xba
232 #define GPCMD_SEEK 0x2b
233 #define GPCMD_SEND_DVD_STRUCTURE 0xad
234 #define GPCMD_SEND_EVENT 0xa2
235 #define GPCMD_SEND_KEY 0xa3
236 #define GPCMD_SEND_OPC 0x54
237 #define GPCMD_SET_READ_AHEAD 0xa7
238 #define GPCMD_SET_STREAMING 0xb6
239 #define GPCMD_START_STOP_UNIT 0x1b
240 #define GPCMD_STOP_PLAY_SCAN 0x4e
241 #define GPCMD_TEST_UNIT_READY 0x00
242 #define GPCMD_VERIFY_10 0x2f
243 #define GPCMD_WRITE_10 0x2a
244 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
245 /* This is listed as optional in ATAPI 2.6, but is (curiously)
246 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
247 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
248 * drives support it. */
249 #define GPCMD_SET_SPEED 0xbb
250 /* This seems to be a SCSI specific CD-ROM opcode
251 * to play data at track/index */
252 #define GPCMD_PLAYAUDIO_TI 0x48
253 /*
254 * From MS Media Status Notification Support Specification. For
255 * older drives only.
256 */
257 #define GPCMD_GET_MEDIA_STATUS 0xda
259 /* Mode page codes for mode sense/set */
260 #define GPMODE_R_W_ERROR_PAGE 0x01
261 #define GPMODE_WRITE_PARMS_PAGE 0x05
262 #define GPMODE_AUDIO_CTL_PAGE 0x0e
263 #define GPMODE_POWER_PAGE 0x1a
264 #define GPMODE_FAULT_FAIL_PAGE 0x1c
265 #define GPMODE_TO_PROTECT_PAGE 0x1d
266 #define GPMODE_CAPABILITIES_PAGE 0x2a
267 #define GPMODE_ALL_PAGES 0x3f
268 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
269 * of MODE_SENSE_POWER_PAGE */
270 #define GPMODE_CDROM_PAGE 0x0d
272 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
273 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
274 #define ATAPI_INT_REASON_REL 0x04
275 #define ATAPI_INT_REASON_TAG 0xf8
277 /* same constants as bochs */
278 #define ASC_ILLEGAL_OPCODE 0x20
279 #define ASC_LOGICAL_BLOCK_OOR 0x21
280 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
281 #define ASC_MEDIUM_NOT_PRESENT 0x3a
282 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
284 #define SENSE_NONE 0
285 #define SENSE_NOT_READY 2
286 #define SENSE_ILLEGAL_REQUEST 5
287 #define SENSE_UNIT_ATTENTION 6
289 struct IDEState;
291 typedef void EndTransferFunc(struct IDEState *);
293 /* NOTE: IDEState represents in fact one drive */
294 typedef struct IDEState {
295 /* ide config */
296 int is_cdrom;
297 int cylinders, heads, sectors;
298 int64_t nb_sectors;
299 int mult_sectors;
300 int identify_set;
301 uint16_t identify_data[256];
302 SetIRQFunc *set_irq;
303 void *irq_opaque;
304 int irq;
305 PCIDevice *pci_dev;
306 struct BMDMAState *bmdma;
307 int drive_serial;
308 /* ide regs */
309 uint8_t feature;
310 uint8_t error;
311 uint32_t nsector;
312 uint8_t sector;
313 uint8_t lcyl;
314 uint8_t hcyl;
315 /* other part of tf for lba48 support */
316 uint8_t hob_feature;
317 uint8_t hob_nsector;
318 uint8_t hob_sector;
319 uint8_t hob_lcyl;
320 uint8_t hob_hcyl;
322 uint8_t select;
323 uint8_t status;
325 /* 0x3f6 command, only meaningful for drive 0 */
326 uint8_t cmd;
327 /* set for lba48 access */
328 uint8_t lba48;
329 /* depends on bit 4 in select, only meaningful for drive 0 */
330 struct IDEState *cur_drive;
331 BlockDriverState *bs;
332 /* ATAPI specific */
333 uint8_t sense_key;
334 uint8_t asc;
335 int packet_transfer_size;
336 int elementary_transfer_size;
337 int io_buffer_index;
338 int lba;
339 int cd_sector_size;
340 int atapi_dma; /* true if dma is requested for the packet cmd */
341 /* ATA DMA state */
342 int io_buffer_size;
343 /* PIO transfer handling */
344 int req_nb_sectors; /* number of sectors per interrupt */
345 EndTransferFunc *end_transfer_func;
346 uint8_t *data_ptr;
347 uint8_t *data_end;
348 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
349 QEMUTimer *sector_write_timer; /* only used for win2k instal hack */
350 uint32_t irq_count; /* counts IRQs when using win2k install hack */
351 } IDEState;
353 #define BM_STATUS_DMAING 0x01
354 #define BM_STATUS_ERROR 0x02
355 #define BM_STATUS_INT 0x04
357 #define BM_CMD_START 0x01
358 #define BM_CMD_READ 0x08
360 #define IDE_TYPE_PIIX3 0
361 #define IDE_TYPE_CMD646 1
363 /* CMD646 specific */
364 #define MRDMODE 0x71
365 #define MRDMODE_INTR_CH0 0x04
366 #define MRDMODE_INTR_CH1 0x08
367 #define MRDMODE_BLK_CH0 0x10
368 #define MRDMODE_BLK_CH1 0x20
369 #define UDIDETCR0 0x73
370 #define UDIDETCR1 0x7B
372 typedef int IDEDMAFunc(IDEState *s,
373 target_phys_addr_t phys_addr,
374 int transfer_size1);
376 typedef struct BMDMAState {
377 uint8_t cmd;
378 uint8_t status;
379 uint32_t addr;
381 struct PCIIDEState *pci_dev;
382 /* current transfer state */
383 IDEState *ide_if;
384 IDEDMAFunc *dma_cb;
385 } BMDMAState;
387 typedef struct PCIIDEState {
388 PCIDevice dev;
389 IDEState ide_if[4];
390 BMDMAState bmdma[2];
391 int type; /* see IDE_TYPE_xxx */
392 } PCIIDEState;
394 #define DMA_MULTI_THREAD
396 #ifdef DMA_MULTI_THREAD
398 static int file_pipes[2];
400 static void ide_dma_loop(BMDMAState *bm);
401 static void dma_thread_loop(BMDMAState *bm);
403 static void *dma_thread_func(void* opaque)
404 {
405 BMDMAState* req;
407 while (read(file_pipes[0], &req, sizeof(req))) {
408 dma_thread_loop(req);
409 }
411 return NULL;
412 }
414 static void dma_create_thread(void)
415 {
416 pthread_t tid;
417 int rt;
419 if (pipe(file_pipes) != 0) {
420 fprintf(stderr, "create pipe failed\n");
421 exit(1);
422 }
424 if ((rt = pthread_create(&tid, NULL, dma_thread_func, NULL))) {
425 fprintf(stderr, "Oops, dma thread creation failed, errno=%d\n", rt);
426 exit(1);
427 }
429 if ((rt = pthread_detach(tid))) {
430 fprintf(stderr, "Oops, dma thread detachment failed, errno=%d\n", rt);
431 exit(1);
432 }
433 }
434 #endif /* DMA_MULTI_THREAD */
436 static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb);
438 static void padstr(char *str, const char *src, int len)
439 {
440 int i, v;
441 for(i = 0; i < len; i++) {
442 if (*src)
443 v = *src++;
444 else
445 v = ' ';
446 *(char *)((long)str ^ 1) = v;
447 str++;
448 }
449 }
451 static void padstr8(uint8_t *buf, int buf_size, const char *src)
452 {
453 int i;
454 for(i = 0; i < buf_size; i++) {
455 if (*src)
456 buf[i] = *src++;
457 else
458 buf[i] = ' ';
459 }
460 }
462 static void put_le16(uint16_t *p, unsigned int v)
463 {
464 *p = cpu_to_le16(v);
465 }
467 static void ide_identify(IDEState *s)
468 {
469 uint16_t *p;
470 unsigned int oldsize;
471 char buf[20];
473 if (s->identify_set) {
474 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
475 return;
476 }
478 memset(s->io_buffer, 0, 512);
479 p = (uint16_t *)s->io_buffer;
480 put_le16(p + 0, 0x0040);
481 put_le16(p + 1, s->cylinders);
482 put_le16(p + 3, s->heads);
483 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
484 put_le16(p + 5, 512); /* XXX: retired, remove ? */
485 put_le16(p + 6, s->sectors);
486 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
487 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
488 put_le16(p + 20, 3); /* XXX: retired, remove ? */
489 put_le16(p + 21, 512); /* cache size in sectors */
490 put_le16(p + 22, 4); /* ecc bytes */
491 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
492 padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
493 #if MAX_MULT_SECTORS > 1
494 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
495 #endif
496 put_le16(p + 48, 1); /* dword I/O */
497 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
498 put_le16(p + 51, 0x200); /* PIO transfer cycle */
499 put_le16(p + 52, 0x200); /* DMA transfer cycle */
500 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
501 put_le16(p + 54, s->cylinders);
502 put_le16(p + 55, s->heads);
503 put_le16(p + 56, s->sectors);
504 oldsize = s->cylinders * s->heads * s->sectors;
505 put_le16(p + 57, oldsize);
506 put_le16(p + 58, oldsize >> 16);
507 if (s->mult_sectors)
508 put_le16(p + 59, 0x100 | s->mult_sectors);
509 put_le16(p + 60, s->nb_sectors);
510 put_le16(p + 61, s->nb_sectors >> 16);
511 put_le16(p + 63, 0x07); /* mdma0-2 supported */
512 put_le16(p + 65, 120);
513 put_le16(p + 66, 120);
514 put_le16(p + 67, 120);
515 put_le16(p + 68, 120);
516 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
517 put_le16(p + 81, 0x16); /* conforms to ata5 */
518 put_le16(p + 82, (1 << 14));
519 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
520 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
521 put_le16(p + 84, (1 << 14));
522 put_le16(p + 85, (1 << 14));
523 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
524 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
525 put_le16(p + 87, (1 << 14));
526 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
527 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
528 put_le16(p + 100, s->nb_sectors);
529 put_le16(p + 101, s->nb_sectors >> 16);
530 put_le16(p + 102, s->nb_sectors >> 32);
531 put_le16(p + 103, s->nb_sectors >> 48);
533 memcpy(s->identify_data, p, sizeof(s->identify_data));
534 s->identify_set = 1;
535 }
537 static void ide_atapi_identify(IDEState *s)
538 {
539 uint16_t *p;
540 char buf[20];
542 if (s->identify_set) {
543 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
544 return;
545 }
547 memset(s->io_buffer, 0, 512);
548 p = (uint16_t *)s->io_buffer;
549 /* Removable CDROM, 50us response, 12 byte packets */
550 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
551 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
552 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
553 put_le16(p + 20, 3); /* buffer type */
554 put_le16(p + 21, 512); /* cache size in sectors */
555 put_le16(p + 22, 4); /* ecc bytes */
556 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
557 padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
558 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
559 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
560 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
561 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
562 put_le16(p + 64, 1); /* PIO modes */
563 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
564 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
565 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
566 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
568 put_le16(p + 71, 30); /* in ns */
569 put_le16(p + 72, 30); /* in ns */
571 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
573 memcpy(s->identify_data, p, sizeof(s->identify_data));
574 s->identify_set = 1;
575 }
577 static void ide_set_signature(IDEState *s)
578 {
579 s->select &= 0xf0; /* clear head */
580 /* put signature */
581 s->nsector = 1;
582 s->sector = 1;
583 if (s->is_cdrom) {
584 s->lcyl = 0x14;
585 s->hcyl = 0xeb;
586 } else if (s->bs) {
587 s->lcyl = 0;
588 s->hcyl = 0;
589 } else {
590 s->lcyl = 0xff;
591 s->hcyl = 0xff;
592 }
593 }
595 static inline void ide_abort_command(IDEState *s)
596 {
597 s->status = READY_STAT | ERR_STAT;
598 s->error = ABRT_ERR;
599 }
601 static inline void ide_set_irq(IDEState *s)
602 {
603 BMDMAState *bm = s->bmdma;
604 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
605 if (bm) {
606 bm->status |= BM_STATUS_INT;
607 }
608 s->set_irq(s->irq_opaque, s->irq, 1);
609 }
610 }
612 /* prepare data transfer and tell what to do after */
613 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
614 EndTransferFunc *end_transfer_func)
615 {
616 s->end_transfer_func = end_transfer_func;
617 s->data_ptr = buf;
618 s->data_end = buf + size;
619 s->status |= DRQ_STAT;
620 }
622 static void ide_transfer_stop(IDEState *s)
623 {
624 s->end_transfer_func = ide_transfer_stop;
625 s->data_ptr = s->io_buffer;
626 s->data_end = s->io_buffer;
627 s->status &= ~DRQ_STAT;
628 }
630 static int64_t ide_get_sector(IDEState *s)
631 {
632 int64_t sector_num;
633 if (s->select & 0x40) {
634 /* lba */
635 if (!s->lba48) {
636 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
637 (s->lcyl << 8) | s->sector;
638 } else {
639 sector_num = ((int64_t)s->hob_hcyl << 40) |
640 ((int64_t) s->hob_lcyl << 32) |
641 ((int64_t) s->hob_sector << 24) |
642 ((int64_t) s->hcyl << 16) |
643 ((int64_t) s->lcyl << 8) | s->sector;
644 }
645 } else {
646 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
647 (s->select & 0x0f) * s->sectors + (s->sector - 1);
648 }
649 return sector_num;
650 }
652 static void ide_set_sector(IDEState *s, int64_t sector_num)
653 {
654 unsigned int cyl, r;
655 if (s->select & 0x40) {
656 if (!s->lba48) {
657 s->select = (s->select & 0xf0) | (sector_num >> 24);
658 s->hcyl = (sector_num >> 16);
659 s->lcyl = (sector_num >> 8);
660 s->sector = (sector_num);
661 } else {
662 s->sector = sector_num;
663 s->lcyl = sector_num >> 8;
664 s->hcyl = sector_num >> 16;
665 s->hob_sector = sector_num >> 24;
666 s->hob_lcyl = sector_num >> 32;
667 s->hob_hcyl = sector_num >> 40;
668 }
669 } else {
670 cyl = sector_num / (s->heads * s->sectors);
671 r = sector_num % (s->heads * s->sectors);
672 s->hcyl = cyl >> 8;
673 s->lcyl = cyl;
674 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
675 s->sector = (r % s->sectors) + 1;
676 }
677 }
679 static void ide_sector_read(IDEState *s)
680 {
681 int64_t sector_num;
682 int ret, n;
684 s->status = READY_STAT | SEEK_STAT;
685 s->error = 0; /* not needed by IDE spec, but needed by Windows */
686 sector_num = ide_get_sector(s);
687 n = s->nsector;
688 if (n == 0) {
689 /* no more sector to read from disk */
690 ide_transfer_stop(s);
691 } else {
692 #if defined(DEBUG_IDE)
693 printf("read sector=%Ld\n", sector_num);
694 #endif
695 if (n > s->req_nb_sectors)
696 n = s->req_nb_sectors;
697 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
698 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
699 ide_set_irq(s);
700 ide_set_sector(s, sector_num + n);
701 s->nsector -= n;
702 }
703 }
705 static int ide_read_dma_cb(IDEState *s,
706 target_phys_addr_t phys_addr,
707 int transfer_size1)
708 {
709 int len, transfer_size, n;
710 int64_t sector_num;
712 transfer_size = transfer_size1;
713 while (transfer_size > 0) {
714 len = s->io_buffer_size - s->io_buffer_index;
715 if (len <= 0) {
716 /* transfert next data */
717 n = s->nsector;
718 if (n == 0)
719 break;
720 if (n > MAX_MULT_SECTORS)
721 n = MAX_MULT_SECTORS;
722 sector_num = ide_get_sector(s);
723 bdrv_read(s->bs, sector_num, s->io_buffer, n);
724 s->io_buffer_index = 0;
725 s->io_buffer_size = n * 512;
726 len = s->io_buffer_size;
727 sector_num += n;
728 ide_set_sector(s, sector_num);
729 s->nsector -= n;
730 }
731 if (len > transfer_size)
732 len = transfer_size;
733 cpu_physical_memory_write(phys_addr,
734 s->io_buffer + s->io_buffer_index, len);
735 s->io_buffer_index += len;
736 transfer_size -= len;
737 phys_addr += len;
738 }
739 if (s->io_buffer_index >= s->io_buffer_size && s->nsector == 0) {
740 s->status = READY_STAT | SEEK_STAT;
741 #ifndef DMA_MULTI_THREAD
742 ide_set_irq(s);
743 #endif /* !DMA_MULTI_THREAD */
744 #ifdef DEBUG_IDE_ATAPI
745 printf("dma status=0x%x\n", s->status);
746 #endif
747 return 0;
748 }
749 return transfer_size1 - transfer_size;
750 }
752 static void ide_sector_read_dma(IDEState *s)
753 {
754 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
755 s->io_buffer_index = 0;
756 s->io_buffer_size = 0;
757 ide_dma_start(s, ide_read_dma_cb);
758 }
760 static void ide_sector_write_timer_cb(void *opaque)
761 {
762 IDEState *s = opaque;
763 ide_set_irq(s);
764 }
766 static void ide_sector_write(IDEState *s)
767 {
768 int64_t sector_num;
769 int ret, n, n1;
771 s->status = READY_STAT | SEEK_STAT;
772 sector_num = ide_get_sector(s);
773 #if defined(DEBUG_IDE)
774 printf("write sector=%Ld\n", sector_num);
775 #endif
776 n = s->nsector;
777 if (n > s->req_nb_sectors)
778 n = s->req_nb_sectors;
779 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
780 s->nsector -= n;
781 if (s->nsector == 0) {
782 /* no more sector to write */
783 ide_transfer_stop(s);
784 } else {
785 n1 = s->nsector;
786 if (n1 > s->req_nb_sectors)
787 n1 = s->req_nb_sectors;
788 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
789 }
790 ide_set_sector(s, sector_num + n);
792 #ifdef TARGET_I386
793 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
794 /* It seems there is a bug in the Windows 2000 installer HDD
795 IDE driver which fills the disk with empty logs when the
796 IDE write IRQ comes too early. This hack tries to correct
797 that at the expense of slower write performances. Use this
798 option _only_ to install Windows 2000. You must disable it
799 for normal use. */
800 qemu_mod_timer(s->sector_write_timer,
801 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
802 } else
803 #endif
804 {
805 ide_set_irq(s);
806 }
807 }
809 static int ide_write_dma_cb(IDEState *s,
810 target_phys_addr_t phys_addr,
811 int transfer_size1)
812 {
813 int len, transfer_size, n;
814 int64_t sector_num;
816 transfer_size = transfer_size1;
817 for(;;) {
818 len = s->io_buffer_size - s->io_buffer_index;
819 if (len == 0) {
820 n = s->io_buffer_size >> 9;
821 sector_num = ide_get_sector(s);
822 bdrv_write(s->bs, sector_num, s->io_buffer,
823 s->io_buffer_size >> 9);
824 sector_num += n;
825 ide_set_sector(s, sector_num);
826 s->nsector -= n;
827 n = s->nsector;
828 if (n == 0) {
829 /* end of transfer */
830 s->status = READY_STAT | SEEK_STAT;
831 #ifdef TARGET_I386
832 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
833 /* It seems there is a bug in the Windows 2000 installer
834 HDD IDE driver which fills the disk with empty logs
835 when the IDE write IRQ comes too early. This hack tries
836 to correct that at the expense of slower write
837 performances. Use this option _only_ to install Windows
838 2000. You must disable it for normal use. */
839 qemu_mod_timer(s->sector_write_timer,
840 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
841 } else
842 #endif
843 #ifndef DMA_MULTI_THREAD
844 ide_set_irq(s);
845 #else /* !DMA_MULTI_THREAD */
846 ;
847 #endif /* DMA_MULTI_THREAD */
848 return 0;
849 }
850 if (n > MAX_MULT_SECTORS)
851 n = MAX_MULT_SECTORS;
852 s->io_buffer_index = 0;
853 s->io_buffer_size = n * 512;
854 len = s->io_buffer_size;
855 }
856 if (transfer_size <= 0)
857 break;
858 if (len > transfer_size)
859 len = transfer_size;
860 cpu_physical_memory_read(phys_addr,
861 s->io_buffer + s->io_buffer_index, len);
862 s->io_buffer_index += len;
863 transfer_size -= len;
864 phys_addr += len;
865 }
866 return transfer_size1 - transfer_size;
867 }
869 static void ide_sector_write_dma(IDEState *s)
870 {
871 int n;
872 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
873 n = s->nsector;
874 if (n > MAX_MULT_SECTORS)
875 n = MAX_MULT_SECTORS;
876 s->io_buffer_index = 0;
877 s->io_buffer_size = n * 512;
878 ide_dma_start(s, ide_write_dma_cb);
879 }
881 static void ide_atapi_cmd_ok(IDEState *s)
882 {
883 s->error = 0;
884 s->status = READY_STAT;
885 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
886 ide_set_irq(s);
887 }
889 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
890 {
891 #ifdef DEBUG_IDE_ATAPI
892 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
893 #endif
894 s->error = sense_key << 4;
895 s->status = READY_STAT | ERR_STAT;
896 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
897 s->sense_key = sense_key;
898 s->asc = asc;
899 ide_set_irq(s);
900 }
902 static inline void cpu_to_ube16(uint8_t *buf, int val)
903 {
904 buf[0] = val >> 8;
905 buf[1] = val;
906 }
908 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
909 {
910 buf[0] = val >> 24;
911 buf[1] = val >> 16;
912 buf[2] = val >> 8;
913 buf[3] = val;
914 }
916 static inline int ube16_to_cpu(const uint8_t *buf)
917 {
918 return (buf[0] << 8) | buf[1];
919 }
921 static inline int ube32_to_cpu(const uint8_t *buf)
922 {
923 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
924 }
926 static void lba_to_msf(uint8_t *buf, int lba)
927 {
928 lba += 150;
929 buf[0] = (lba / 75) / 60;
930 buf[1] = (lba / 75) % 60;
931 buf[2] = lba % 75;
932 }
934 static void cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
935 int sector_size)
936 {
937 switch(sector_size) {
938 case 2048:
939 bdrv_read(bs, (int64_t)lba << 2, buf, 4);
940 break;
941 case 2352:
942 /* sync bytes */
943 buf[0] = 0x00;
944 memset(buf + 1, 0xff, 10);
945 buf[11] = 0x00;
946 buf += 12;
947 /* MSF */
948 lba_to_msf(buf, lba);
949 buf[3] = 0x01; /* mode 1 data */
950 buf += 4;
951 /* data */
952 bdrv_read(bs, (int64_t)lba << 2, buf, 4);
953 buf += 2048;
954 /* ECC */
955 memset(buf, 0, 288);
956 break;
957 default:
958 break;
959 }
960 }
962 /* The whole ATAPI transfer logic is handled in this function */
963 static void ide_atapi_cmd_reply_end(IDEState *s)
964 {
965 int byte_count_limit, size;
966 #ifdef DEBUG_IDE_ATAPI
967 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
968 s->packet_transfer_size,
969 s->elementary_transfer_size,
970 s->io_buffer_index);
971 #endif
972 if (s->packet_transfer_size <= 0) {
973 /* end of transfer */
974 ide_transfer_stop(s);
975 s->status = READY_STAT;
976 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
977 ide_set_irq(s);
978 #ifdef DEBUG_IDE_ATAPI
979 printf("status=0x%x\n", s->status);
980 #endif
981 } else {
982 /* see if a new sector must be read */
983 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
984 cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
985 s->lba++;
986 s->io_buffer_index = 0;
987 }
988 if (s->elementary_transfer_size > 0) {
989 /* there are some data left to transmit in this elementary
990 transfer */
991 size = s->cd_sector_size - s->io_buffer_index;
992 if (size > s->elementary_transfer_size)
993 size = s->elementary_transfer_size;
994 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
995 size, ide_atapi_cmd_reply_end);
996 s->packet_transfer_size -= size;
997 s->elementary_transfer_size -= size;
998 s->io_buffer_index += size;
999 } else {
1000 /* a new transfer is needed */
1001 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1002 byte_count_limit = s->lcyl | (s->hcyl << 8);
1003 #ifdef DEBUG_IDE_ATAPI
1004 printf("byte_count_limit=%d\n", byte_count_limit);
1005 #endif
1006 if (byte_count_limit == 0xffff)
1007 byte_count_limit--;
1008 size = s->packet_transfer_size;
1009 if (size > byte_count_limit) {
1010 /* byte count limit must be even if this case */
1011 if (byte_count_limit & 1)
1012 byte_count_limit--;
1013 size = byte_count_limit;
1015 s->lcyl = size;
1016 s->hcyl = size >> 8;
1017 s->elementary_transfer_size = size;
1018 /* we cannot transmit more than one sector at a time */
1019 if (s->lba != -1) {
1020 if (size > (s->cd_sector_size - s->io_buffer_index))
1021 size = (s->cd_sector_size - s->io_buffer_index);
1023 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1024 size, ide_atapi_cmd_reply_end);
1025 s->packet_transfer_size -= size;
1026 s->elementary_transfer_size -= size;
1027 s->io_buffer_index += size;
1028 ide_set_irq(s);
1029 #ifdef DEBUG_IDE_ATAPI
1030 printf("status=0x%x\n", s->status);
1031 #endif
1036 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1037 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1039 if (size > max_size)
1040 size = max_size;
1041 s->lba = -1; /* no sector read */
1042 s->packet_transfer_size = size;
1043 s->elementary_transfer_size = 0;
1044 s->io_buffer_index = 0;
1046 s->status = READY_STAT;
1047 ide_atapi_cmd_reply_end(s);
1050 /* start a CD-CDROM read command */
1051 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1052 int sector_size)
1054 s->lba = lba;
1055 s->packet_transfer_size = nb_sectors * sector_size;
1056 s->elementary_transfer_size = 0;
1057 s->io_buffer_index = sector_size;
1058 s->cd_sector_size = sector_size;
1060 s->status = READY_STAT;
1061 ide_atapi_cmd_reply_end(s);
1064 /* ATAPI DMA support */
1065 static int ide_atapi_cmd_read_dma_cb(IDEState *s,
1066 target_phys_addr_t phys_addr,
1067 int transfer_size1)
1069 int len, transfer_size;
1071 transfer_size = transfer_size1;
1072 while (transfer_size > 0) {
1073 #ifdef DEBUG_IDE_ATAPI
1074 printf("transfer_size: %d phys_addr=%08x\n", transfer_size, phys_addr);
1075 #endif
1076 if (s->packet_transfer_size <= 0)
1077 break;
1078 len = s->cd_sector_size - s->io_buffer_index;
1079 if (len <= 0) {
1080 /* transfert next data */
1081 cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1082 s->lba++;
1083 s->io_buffer_index = 0;
1084 len = s->cd_sector_size;
1086 if (len > transfer_size)
1087 len = transfer_size;
1088 cpu_physical_memory_write(phys_addr,
1089 s->io_buffer + s->io_buffer_index, len);
1090 s->packet_transfer_size -= len;
1091 s->io_buffer_index += len;
1092 transfer_size -= len;
1093 phys_addr += len;
1095 if (s->packet_transfer_size <= 0) {
1096 s->status = READY_STAT;
1097 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1098 #ifndef DMA_MULTI_THREAD
1099 ide_set_irq(s);
1100 #endif /* !DMA_MULTI_THREAD */
1101 #ifdef DEBUG_IDE_ATAPI
1102 printf("dma status=0x%x\n", s->status);
1103 #endif
1104 return 0;
1106 return transfer_size1 - transfer_size;
1109 /* start a CD-CDROM read command with DMA */
1110 /* XXX: test if DMA is available */
1111 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1112 int sector_size)
1114 s->lba = lba;
1115 s->packet_transfer_size = nb_sectors * sector_size;
1116 s->io_buffer_index = sector_size;
1117 s->cd_sector_size = sector_size;
1119 s->status = READY_STAT | DRQ_STAT;
1120 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1123 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1124 int sector_size)
1126 #ifdef DEBUG_IDE_ATAPI
1127 printf("read: LBA=%d nb_sectors=%d\n", lba, nb_sectors);
1128 #endif
1129 if (s->atapi_dma) {
1130 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1131 } else {
1132 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1136 /* same toc as bochs. Return -1 if error or the toc length */
1137 /* XXX: check this */
1138 static int cdrom_read_toc(IDEState *s, uint8_t *buf, int msf, int start_track)
1140 uint8_t *q;
1141 int nb_sectors, len;
1143 if (start_track > 1 && start_track != 0xaa)
1144 return -1;
1145 q = buf + 2;
1146 *q++ = 1; /* first session */
1147 *q++ = 1; /* last session */
1148 if (start_track <= 1) {
1149 *q++ = 0; /* reserved */
1150 *q++ = 0x14; /* ADR, control */
1151 *q++ = 1; /* track number */
1152 *q++ = 0; /* reserved */
1153 if (msf) {
1154 *q++ = 0; /* reserved */
1155 lba_to_msf(q, 0);
1156 q += 3;
1157 } else {
1158 /* sector 0 */
1159 cpu_to_ube32(q, 0);
1160 q += 4;
1163 /* lead out track */
1164 *q++ = 0; /* reserved */
1165 *q++ = 0x16; /* ADR, control */
1166 *q++ = 0xaa; /* track number */
1167 *q++ = 0; /* reserved */
1168 nb_sectors = s->nb_sectors >> 2;
1169 if (msf) {
1170 *q++ = 0; /* reserved */
1171 lba_to_msf(q, nb_sectors);
1172 q += 3;
1173 } else {
1174 cpu_to_ube32(q, nb_sectors);
1175 q += 4;
1177 len = q - buf;
1178 cpu_to_ube16(buf, len - 2);
1179 return len;
1182 /* mostly same info as PearPc */
1183 static int cdrom_read_toc_raw(IDEState *s, uint8_t *buf, int msf,
1184 int session_num)
1186 uint8_t *q;
1187 int nb_sectors, len;
1189 q = buf + 2;
1190 *q++ = 1; /* first session */
1191 *q++ = 1; /* last session */
1193 *q++ = 1; /* session number */
1194 *q++ = 0x14; /* data track */
1195 *q++ = 0; /* track number */
1196 *q++ = 0xa0; /* lead-in */
1197 *q++ = 0; /* min */
1198 *q++ = 0; /* sec */
1199 *q++ = 0; /* frame */
1200 *q++ = 0;
1201 *q++ = 1; /* first track */
1202 *q++ = 0x00; /* disk type */
1203 *q++ = 0x00;
1205 *q++ = 1; /* session number */
1206 *q++ = 0x14; /* data track */
1207 *q++ = 0; /* track number */
1208 *q++ = 0xa1;
1209 *q++ = 0; /* min */
1210 *q++ = 0; /* sec */
1211 *q++ = 0; /* frame */
1212 *q++ = 0;
1213 *q++ = 1; /* last track */
1214 *q++ = 0x00;
1215 *q++ = 0x00;
1217 *q++ = 1; /* session number */
1218 *q++ = 0x14; /* data track */
1219 *q++ = 0; /* track number */
1220 *q++ = 0xa2; /* lead-out */
1221 *q++ = 0; /* min */
1222 *q++ = 0; /* sec */
1223 *q++ = 0; /* frame */
1224 nb_sectors = s->nb_sectors >> 2;
1225 if (msf) {
1226 *q++ = 0; /* reserved */
1227 lba_to_msf(q, nb_sectors);
1228 q += 3;
1229 } else {
1230 cpu_to_ube32(q, nb_sectors);
1231 q += 4;
1234 *q++ = 1; /* session number */
1235 *q++ = 0x14; /* ADR, control */
1236 *q++ = 0; /* track number */
1237 *q++ = 1; /* point */
1238 *q++ = 0; /* min */
1239 *q++ = 0; /* sec */
1240 *q++ = 0; /* frame */
1241 if (msf) {
1242 *q++ = 0;
1243 lba_to_msf(q, 0);
1244 q += 3;
1245 } else {
1246 *q++ = 0;
1247 *q++ = 0;
1248 *q++ = 0;
1249 *q++ = 0;
1252 len = q - buf;
1253 cpu_to_ube16(buf, len - 2);
1254 return len;
1257 static void ide_atapi_cmd(IDEState *s)
1259 const uint8_t *packet;
1260 uint8_t *buf;
1261 int max_len;
1263 packet = s->io_buffer;
1264 buf = s->io_buffer;
1265 #ifdef DEBUG_IDE_ATAPI
1267 int i;
1268 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1269 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1270 printf(" %02x", packet[i]);
1272 printf("\n");
1274 #endif
1275 switch(s->io_buffer[0]) {
1276 case GPCMD_TEST_UNIT_READY:
1277 if (bdrv_is_inserted(s->bs)) {
1278 ide_atapi_cmd_ok(s);
1279 } else {
1280 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1281 ASC_MEDIUM_NOT_PRESENT);
1282 xenstore_check_new_media_present(1000);
1284 break;
1285 case GPCMD_MODE_SENSE_10:
1287 int action, code;
1288 max_len = ube16_to_cpu(packet + 7);
1289 action = packet[2] >> 6;
1290 code = packet[2] & 0x3f;
1291 switch(action) {
1292 case 0: /* current values */
1293 switch(code) {
1294 case 0x01: /* error recovery */
1295 cpu_to_ube16(&buf[0], 16 + 6);
1296 buf[2] = 0x70;
1297 buf[3] = 0;
1298 buf[4] = 0;
1299 buf[5] = 0;
1300 buf[6] = 0;
1301 buf[7] = 0;
1303 buf[8] = 0x01;
1304 buf[9] = 0x06;
1305 buf[10] = 0x00;
1306 buf[11] = 0x05;
1307 buf[12] = 0x00;
1308 buf[13] = 0x00;
1309 buf[14] = 0x00;
1310 buf[15] = 0x00;
1311 ide_atapi_cmd_reply(s, 16, max_len);
1312 break;
1313 case 0x2a:
1314 cpu_to_ube16(&buf[0], 28 + 6);
1315 buf[2] = 0x70;
1316 buf[3] = 0;
1317 buf[4] = 0;
1318 buf[5] = 0;
1319 buf[6] = 0;
1320 buf[7] = 0;
1322 buf[8] = 0x2a;
1323 buf[9] = 0x12;
1324 buf[10] = 0x00;
1325 buf[11] = 0x00;
1327 buf[12] = 0x70;
1328 buf[13] = 3 << 5;
1329 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1330 if (bdrv_is_locked(s->bs))
1331 buf[6] |= 1 << 1;
1332 buf[15] = 0x00;
1333 cpu_to_ube16(&buf[16], 706);
1334 buf[18] = 0;
1335 buf[19] = 2;
1336 cpu_to_ube16(&buf[20], 512);
1337 cpu_to_ube16(&buf[22], 706);
1338 buf[24] = 0;
1339 buf[25] = 0;
1340 buf[26] = 0;
1341 buf[27] = 0;
1342 ide_atapi_cmd_reply(s, 28, max_len);
1343 break;
1344 default:
1345 goto error_cmd;
1347 break;
1348 case 1: /* changeable values */
1349 goto error_cmd;
1350 case 2: /* default values */
1351 goto error_cmd;
1352 default:
1353 case 3: /* saved values */
1354 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1355 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1356 break;
1359 break;
1360 case GPCMD_REQUEST_SENSE:
1361 max_len = packet[4];
1362 memset(buf, 0, 18);
1363 buf[0] = 0x70 | (1 << 7);
1364 buf[2] = s->sense_key;
1365 buf[7] = 10;
1366 buf[12] = s->asc;
1367 ide_atapi_cmd_reply(s, 18, max_len);
1368 break;
1369 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1370 if (bdrv_is_inserted(s->bs)) {
1371 bdrv_set_locked(s->bs, packet[4] & 1);
1372 ide_atapi_cmd_ok(s);
1373 } else {
1374 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1375 ASC_MEDIUM_NOT_PRESENT);
1377 break;
1378 case GPCMD_READ_10:
1379 case GPCMD_READ_12:
1381 int nb_sectors, lba;
1383 if (!bdrv_is_inserted(s->bs)) {
1384 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1385 ASC_MEDIUM_NOT_PRESENT);
1386 break;
1388 if (packet[0] == GPCMD_READ_10)
1389 nb_sectors = ube16_to_cpu(packet + 7);
1390 else
1391 nb_sectors = ube32_to_cpu(packet + 6);
1392 lba = ube32_to_cpu(packet + 2);
1393 if (nb_sectors == 0) {
1394 ide_atapi_cmd_ok(s);
1395 break;
1397 if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
1398 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1399 ASC_LOGICAL_BLOCK_OOR);
1400 break;
1402 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1404 break;
1405 case GPCMD_READ_CD:
1407 int nb_sectors, lba, transfer_request;
1409 if (!bdrv_is_inserted(s->bs)) {
1410 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1411 ASC_MEDIUM_NOT_PRESENT);
1412 break;
1414 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1415 lba = ube32_to_cpu(packet + 2);
1416 if (nb_sectors == 0) {
1417 ide_atapi_cmd_ok(s);
1418 break;
1420 if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
1421 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1422 ASC_LOGICAL_BLOCK_OOR);
1423 break;
1425 transfer_request = packet[9];
1426 switch(transfer_request & 0xf8) {
1427 case 0x00:
1428 /* nothing */
1429 ide_atapi_cmd_ok(s);
1430 break;
1431 case 0x10:
1432 /* normal read */
1433 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1434 break;
1435 case 0xf8:
1436 /* read all data */
1437 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1438 break;
1439 default:
1440 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1441 ASC_INV_FIELD_IN_CMD_PACKET);
1442 break;
1445 break;
1446 case GPCMD_SEEK:
1448 int lba;
1449 if (!bdrv_is_inserted(s->bs)) {
1450 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1451 ASC_MEDIUM_NOT_PRESENT);
1452 break;
1454 lba = ube32_to_cpu(packet + 2);
1455 if (((int64_t)lba << 2) > s->nb_sectors) {
1456 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1457 ASC_LOGICAL_BLOCK_OOR);
1458 break;
1460 ide_atapi_cmd_ok(s);
1462 break;
1463 case GPCMD_START_STOP_UNIT:
1465 int start, eject;
1466 start = packet[4] & 1;
1467 eject = (packet[4] >> 1) & 1;
1469 if (eject && !start) {
1470 /* eject the disk */
1471 bdrv_close(s->bs);
1473 ide_atapi_cmd_ok(s);
1475 break;
1476 case GPCMD_MECHANISM_STATUS:
1478 max_len = ube16_to_cpu(packet + 8);
1479 cpu_to_ube16(buf, 0);
1480 /* no current LBA */
1481 buf[2] = 0;
1482 buf[3] = 0;
1483 buf[4] = 0;
1484 buf[5] = 1;
1485 cpu_to_ube16(buf + 6, 0);
1486 ide_atapi_cmd_reply(s, 8, max_len);
1488 break;
1489 case GPCMD_READ_TOC_PMA_ATIP:
1491 int format, msf, start_track, len;
1493 if (!bdrv_is_inserted(s->bs)) {
1494 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1495 ASC_MEDIUM_NOT_PRESENT);
1496 break;
1498 max_len = ube16_to_cpu(packet + 7);
1499 format = packet[9] >> 6;
1500 msf = (packet[1] >> 1) & 1;
1501 start_track = packet[6];
1502 switch(format) {
1503 case 0:
1504 len = cdrom_read_toc(s, buf, msf, start_track);
1505 if (len < 0)
1506 goto error_cmd;
1507 ide_atapi_cmd_reply(s, len, max_len);
1508 break;
1509 case 1:
1510 /* multi session : only a single session defined */
1511 memset(buf, 0, 12);
1512 buf[1] = 0x0a;
1513 buf[2] = 0x01;
1514 buf[3] = 0x01;
1515 ide_atapi_cmd_reply(s, 12, max_len);
1516 break;
1517 case 2:
1518 len = cdrom_read_toc_raw(s, buf, msf, start_track);
1519 if (len < 0)
1520 goto error_cmd;
1521 ide_atapi_cmd_reply(s, len, max_len);
1522 break;
1523 default:
1524 error_cmd:
1525 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1526 ASC_INV_FIELD_IN_CMD_PACKET);
1527 break;
1530 break;
1531 case GPCMD_READ_CDVD_CAPACITY:
1532 if (!bdrv_is_inserted(s->bs)) {
1533 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1534 ASC_MEDIUM_NOT_PRESENT);
1535 break;
1537 /* NOTE: it is really the number of sectors minus 1 */
1538 cpu_to_ube32(buf, (s->nb_sectors >> 2) - 1);
1539 cpu_to_ube32(buf + 4, 2048);
1540 ide_atapi_cmd_reply(s, 8, 8);
1541 break;
1542 case GPCMD_INQUIRY:
1543 max_len = packet[4];
1544 buf[0] = 0x05; /* CD-ROM */
1545 buf[1] = 0x80; /* removable */
1546 buf[2] = 0x00; /* ISO */
1547 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1548 buf[4] = 31; /* additionnal length */
1549 buf[5] = 0; /* reserved */
1550 buf[6] = 0; /* reserved */
1551 buf[7] = 0; /* reserved */
1552 padstr8(buf + 8, 8, "QEMU");
1553 padstr8(buf + 16, 16, "QEMU CD-ROM");
1554 padstr8(buf + 32, 4, QEMU_VERSION);
1555 ide_atapi_cmd_reply(s, 36, max_len);
1556 break;
1557 default:
1558 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1559 ASC_ILLEGAL_OPCODE);
1560 break;
1564 /* called when the inserted state of the media has changed */
1565 static void cdrom_change_cb(void *opaque)
1567 IDEState *s = opaque;
1568 int64_t nb_sectors;
1570 /* XXX: send interrupt too */
1571 bdrv_get_geometry(s->bs, &nb_sectors);
1572 s->nb_sectors = nb_sectors;
1575 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1577 s->lba48 = lba48;
1579 /* handle the 'magic' 0 nsector count conversion here. to avoid
1580 * fiddling with the rest of the read logic, we just store the
1581 * full sector count in ->nsector and ignore ->hob_nsector from now
1582 */
1583 if (!s->lba48) {
1584 if (!s->nsector)
1585 s->nsector = 256;
1586 } else {
1587 if (!s->nsector && !s->hob_nsector)
1588 s->nsector = 65536;
1589 else {
1590 int lo = s->nsector;
1591 int hi = s->hob_nsector;
1593 s->nsector = (hi << 8) | lo;
1598 static void ide_clear_hob(IDEState *ide_if)
1600 /* any write clears HOB high bit of device control register */
1601 ide_if[0].select &= ~(1 << 7);
1602 ide_if[1].select &= ~(1 << 7);
1605 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1607 IDEState *ide_if = opaque;
1608 IDEState *s;
1609 int unit, n;
1610 int lba48 = 0;
1612 #ifdef DEBUG_IDE
1613 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1614 #endif
1616 addr &= 7;
1617 switch(addr) {
1618 case 0:
1619 break;
1620 case 1:
1621 ide_clear_hob(ide_if);
1622 /* NOTE: data is written to the two drives */
1623 ide_if[0].hob_feature = ide_if[0].feature;
1624 ide_if[1].hob_feature = ide_if[1].feature;
1625 ide_if[0].feature = val;
1626 ide_if[1].feature = val;
1627 break;
1628 case 2:
1629 ide_clear_hob(ide_if);
1630 ide_if[0].hob_nsector = ide_if[0].nsector;
1631 ide_if[1].hob_nsector = ide_if[1].nsector;
1632 ide_if[0].nsector = val;
1633 ide_if[1].nsector = val;
1634 break;
1635 case 3:
1636 ide_clear_hob(ide_if);
1637 ide_if[0].hob_sector = ide_if[0].sector;
1638 ide_if[1].hob_sector = ide_if[1].sector;
1639 ide_if[0].sector = val;
1640 ide_if[1].sector = val;
1641 break;
1642 case 4:
1643 ide_clear_hob(ide_if);
1644 ide_if[0].hob_lcyl = ide_if[0].lcyl;
1645 ide_if[1].hob_lcyl = ide_if[1].lcyl;
1646 ide_if[0].lcyl = val;
1647 ide_if[1].lcyl = val;
1648 break;
1649 case 5:
1650 ide_clear_hob(ide_if);
1651 ide_if[0].hob_hcyl = ide_if[0].hcyl;
1652 ide_if[1].hob_hcyl = ide_if[1].hcyl;
1653 ide_if[0].hcyl = val;
1654 ide_if[1].hcyl = val;
1655 break;
1656 case 6:
1657 /* FIXME: HOB readback uses bit 7 */
1658 ide_if[0].select = (val & ~0x10) | 0xa0;
1659 ide_if[1].select = (val | 0x10) | 0xa0;
1660 /* select drive */
1661 unit = (val >> 4) & 1;
1662 s = ide_if + unit;
1663 ide_if->cur_drive = s;
1664 break;
1665 default:
1666 case 7:
1667 /* command */
1668 #if defined(DEBUG_IDE)
1669 printf("ide: CMD=%02x\n", val);
1670 #endif
1671 s = ide_if->cur_drive;
1672 /* ignore commands to non existant slave */
1673 if (s != ide_if && !s->bs)
1674 break;
1676 switch(val) {
1677 case WIN_IDENTIFY:
1678 if (s->bs && !s->is_cdrom) {
1679 ide_identify(s);
1680 s->status = READY_STAT | SEEK_STAT;
1681 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1682 } else {
1683 if (s->is_cdrom) {
1684 ide_set_signature(s);
1686 ide_abort_command(s);
1688 ide_set_irq(s);
1689 break;
1690 case WIN_SPECIFY:
1691 case WIN_RECAL:
1692 s->error = 0;
1693 s->status = READY_STAT | SEEK_STAT;
1694 ide_set_irq(s);
1695 break;
1696 case WIN_SETMULT:
1697 if (s->nsector > MAX_MULT_SECTORS ||
1698 s->nsector == 0 ||
1699 (s->nsector & (s->nsector - 1)) != 0) {
1700 ide_abort_command(s);
1701 } else {
1702 s->mult_sectors = s->nsector;
1703 s->status = READY_STAT;
1705 ide_set_irq(s);
1706 break;
1707 case WIN_VERIFY_EXT:
1708 lba48 = 1;
1709 case WIN_VERIFY:
1710 case WIN_VERIFY_ONCE:
1711 /* do sector number check ? */
1712 ide_cmd_lba48_transform(s, lba48);
1713 s->status = READY_STAT;
1714 ide_set_irq(s);
1715 break;
1716 case WIN_READ_EXT:
1717 lba48 = 1;
1718 case WIN_READ:
1719 case WIN_READ_ONCE:
1720 if (!s->bs)
1721 goto abort_cmd;
1722 ide_cmd_lba48_transform(s, lba48);
1723 s->req_nb_sectors = 1;
1724 ide_sector_read(s);
1725 break;
1726 case WIN_WRITE_EXT:
1727 lba48 = 1;
1728 case WIN_WRITE:
1729 case WIN_WRITE_ONCE:
1730 ide_cmd_lba48_transform(s, lba48);
1731 s->error = 0;
1732 s->status = SEEK_STAT | READY_STAT;
1733 s->req_nb_sectors = 1;
1734 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1735 break;
1736 case WIN_MULTREAD_EXT:
1737 lba48 = 1;
1738 case WIN_MULTREAD:
1739 if (!s->mult_sectors)
1740 goto abort_cmd;
1741 ide_cmd_lba48_transform(s, lba48);
1742 s->req_nb_sectors = s->mult_sectors;
1743 ide_sector_read(s);
1744 break;
1745 case WIN_MULTWRITE_EXT:
1746 lba48 = 1;
1747 case WIN_MULTWRITE:
1748 if (!s->mult_sectors)
1749 goto abort_cmd;
1750 ide_cmd_lba48_transform(s, lba48);
1751 s->error = 0;
1752 s->status = SEEK_STAT | READY_STAT;
1753 s->req_nb_sectors = s->mult_sectors;
1754 n = s->nsector;
1755 if (n > s->req_nb_sectors)
1756 n = s->req_nb_sectors;
1757 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1758 break;
1759 case WIN_READDMA_EXT:
1760 lba48 = 1;
1761 case WIN_READDMA:
1762 case WIN_READDMA_ONCE:
1763 if (!s->bs)
1764 goto abort_cmd;
1765 ide_cmd_lba48_transform(s, lba48);
1766 ide_sector_read_dma(s);
1767 break;
1768 case WIN_WRITEDMA_EXT:
1769 lba48 = 1;
1770 case WIN_WRITEDMA:
1771 case WIN_WRITEDMA_ONCE:
1772 if (!s->bs)
1773 goto abort_cmd;
1774 ide_cmd_lba48_transform(s, lba48);
1775 ide_sector_write_dma(s);
1776 break;
1777 case WIN_READ_NATIVE_MAX_EXT:
1778 lba48 = 1;
1779 case WIN_READ_NATIVE_MAX:
1780 ide_cmd_lba48_transform(s, lba48);
1781 ide_set_sector(s, s->nb_sectors - 1);
1782 s->status = READY_STAT;
1783 ide_set_irq(s);
1784 break;
1785 case WIN_CHECKPOWERMODE1:
1786 s->nsector = 0xff; /* device active or idle */
1787 s->status = READY_STAT;
1788 ide_set_irq(s);
1789 break;
1790 case WIN_SETFEATURES:
1791 if (!s->bs)
1792 goto abort_cmd;
1793 /* XXX: valid for CDROM ? */
1794 switch(s->feature) {
1795 case 0x02: /* write cache enable */
1796 case 0x82: /* write cache disable */
1797 case 0xaa: /* read look-ahead enable */
1798 case 0x55: /* read look-ahead disable */
1799 s->status = READY_STAT | SEEK_STAT;
1800 ide_set_irq(s);
1801 break;
1802 case 0x03: { /* set transfer mode */
1803 uint8_t val = s->nsector & 0x07;
1805 switch (s->nsector >> 3) {
1806 case 0x00: /* pio default */
1807 case 0x01: /* pio mode */
1808 put_le16(s->identify_data + 63,0x07);
1809 put_le16(s->identify_data + 88,0x3f);
1810 break;
1811 case 0x04: /* mdma mode */
1812 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
1813 put_le16(s->identify_data + 88,0x3f);
1814 break;
1815 case 0x08: /* udma mode */
1816 put_le16(s->identify_data + 63,0x07);
1817 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
1818 break;
1819 default:
1820 goto abort_cmd;
1822 s->status = READY_STAT | SEEK_STAT;
1823 ide_set_irq(s);
1824 break;
1826 default:
1827 goto abort_cmd;
1829 break;
1830 case WIN_FLUSH_CACHE:
1831 case WIN_FLUSH_CACHE_EXT:
1832 case WIN_STANDBYNOW1:
1833 case WIN_IDLEIMMEDIATE:
1834 s->status = READY_STAT;
1835 ide_set_irq(s);
1836 break;
1837 /* ATAPI commands */
1838 case WIN_PIDENTIFY:
1839 if (s->is_cdrom) {
1840 ide_atapi_identify(s);
1841 s->status = READY_STAT | SEEK_STAT;
1842 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1843 } else {
1844 ide_abort_command(s);
1846 ide_set_irq(s);
1847 break;
1848 case WIN_DIAGNOSE:
1849 ide_set_signature(s);
1850 s->status = 0x00; /* NOTE: READY is _not_ set */
1851 s->error = 0x01;
1852 break;
1853 case WIN_SRST:
1854 if (!s->is_cdrom)
1855 goto abort_cmd;
1856 ide_set_signature(s);
1857 s->status = 0x00; /* NOTE: READY is _not_ set */
1858 s->error = 0x01;
1859 break;
1860 case WIN_PACKETCMD:
1861 if (!s->is_cdrom)
1862 goto abort_cmd;
1863 /* overlapping commands not supported */
1864 if (s->feature & 0x02)
1865 goto abort_cmd;
1866 s->atapi_dma = s->feature & 1;
1867 s->nsector = 1;
1868 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1869 ide_atapi_cmd);
1870 break;
1871 default:
1872 abort_cmd:
1873 ide_abort_command(s);
1874 ide_set_irq(s);
1875 break;
1880 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
1882 IDEState *ide_if = opaque;
1883 IDEState *s = ide_if->cur_drive;
1884 uint32_t addr;
1885 int ret, hob;
1887 addr = addr1 & 7;
1888 /* FIXME: HOB readback uses bit 7, but it's always set right now */
1889 //hob = s->select & (1 << 7);
1890 hob = 0;
1891 switch(addr) {
1892 case 0:
1893 ret = 0xff;
1894 break;
1895 case 1:
1896 if (!ide_if[0].bs && !ide_if[1].bs)
1897 ret = 0;
1898 else if (!hob)
1899 ret = s->error;
1900 else
1901 ret = s->hob_feature;
1902 break;
1903 case 2:
1904 if (!ide_if[0].bs && !ide_if[1].bs)
1905 ret = 0;
1906 else if (!hob)
1907 ret = s->nsector & 0xff;
1908 else
1909 ret = s->hob_nsector;
1910 break;
1911 case 3:
1912 if (!ide_if[0].bs && !ide_if[1].bs)
1913 ret = 0;
1914 else if (!hob)
1915 ret = s->sector;
1916 else
1917 ret = s->hob_sector;
1918 break;
1919 case 4:
1920 if (!ide_if[0].bs && !ide_if[1].bs)
1921 ret = 0;
1922 else if (!hob)
1923 ret = s->lcyl;
1924 else
1925 ret = s->hob_lcyl;
1926 break;
1927 case 5:
1928 if (!ide_if[0].bs && !ide_if[1].bs)
1929 ret = 0;
1930 else if (!hob)
1931 ret = s->hcyl;
1932 else
1933 ret = s->hob_hcyl;
1934 break;
1935 case 6:
1936 if (!ide_if[0].bs && !ide_if[1].bs)
1937 ret = 0;
1938 else
1939 ret = s->select;
1940 break;
1941 default:
1942 case 7:
1943 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1944 (s != ide_if && !s->bs))
1945 ret = 0;
1946 else
1947 ret = s->status;
1948 s->set_irq(s->irq_opaque, s->irq, 0);
1949 break;
1951 #ifdef DEBUG_IDE
1952 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1953 #endif
1954 return ret;
1957 static uint32_t ide_status_read(void *opaque, uint32_t addr)
1959 IDEState *ide_if = opaque;
1960 IDEState *s = ide_if->cur_drive;
1961 int ret;
1963 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1964 (s != ide_if && !s->bs))
1965 ret = 0;
1966 else
1967 ret = s->status;
1968 #ifdef DEBUG_IDE
1969 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1970 #endif
1971 return ret;
1974 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
1976 IDEState *ide_if = opaque;
1977 IDEState *s;
1978 int i;
1980 #ifdef DEBUG_IDE
1981 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1982 #endif
1983 /* common for both drives */
1984 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
1985 (val & IDE_CMD_RESET)) {
1986 /* reset low to high */
1987 for(i = 0;i < 2; i++) {
1988 s = &ide_if[i];
1989 s->status = BUSY_STAT | SEEK_STAT;
1990 s->error = 0x01;
1992 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
1993 !(val & IDE_CMD_RESET)) {
1994 /* high to low */
1995 for(i = 0;i < 2; i++) {
1996 s = &ide_if[i];
1997 if (s->is_cdrom)
1998 s->status = 0x00; /* NOTE: READY is _not_ set */
1999 else
2000 s->status = READY_STAT | SEEK_STAT;
2001 ide_set_signature(s);
2005 ide_if[0].cmd = val;
2006 ide_if[1].cmd = val;
2009 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2011 IDEState *s = ((IDEState *)opaque)->cur_drive;
2012 uint8_t *p;
2014 p = s->data_ptr;
2015 *(uint16_t *)p = le16_to_cpu(val);
2016 p += 2;
2017 s->data_ptr = p;
2018 if (p >= s->data_end)
2019 s->end_transfer_func(s);
2022 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2024 IDEState *s = ((IDEState *)opaque)->cur_drive;
2025 uint8_t *p;
2026 int ret;
2027 p = s->data_ptr;
2028 ret = cpu_to_le16(*(uint16_t *)p);
2029 p += 2;
2030 s->data_ptr = p;
2031 if (p >= s->data_end)
2032 s->end_transfer_func(s);
2033 return ret;
2036 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2038 IDEState *s = ((IDEState *)opaque)->cur_drive;
2039 uint8_t *p;
2041 p = s->data_ptr;
2042 *(uint32_t *)p = le32_to_cpu(val);
2043 p += 4;
2044 s->data_ptr = p;
2045 if (p >= s->data_end)
2046 s->end_transfer_func(s);
2049 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2051 IDEState *s = ((IDEState *)opaque)->cur_drive;
2052 uint8_t *p;
2053 int ret;
2055 p = s->data_ptr;
2056 ret = cpu_to_le32(*(uint32_t *)p);
2057 p += 4;
2058 s->data_ptr = p;
2059 if (p >= s->data_end)
2060 s->end_transfer_func(s);
2061 return ret;
2064 static void ide_dummy_transfer_stop(IDEState *s)
2066 s->data_ptr = s->io_buffer;
2067 s->data_end = s->io_buffer;
2068 s->io_buffer[0] = 0xff;
2069 s->io_buffer[1] = 0xff;
2070 s->io_buffer[2] = 0xff;
2071 s->io_buffer[3] = 0xff;
2074 static void ide_reset(IDEState *s)
2076 s->mult_sectors = MAX_MULT_SECTORS;
2077 s->cur_drive = s;
2078 s->select = 0xa0;
2079 s->status = READY_STAT;
2080 ide_set_signature(s);
2081 /* init the transfer handler so that 0xffff is returned on data
2082 accesses */
2083 s->end_transfer_func = ide_dummy_transfer_stop;
2084 ide_dummy_transfer_stop(s);
2087 struct partition {
2088 uint8_t boot_ind; /* 0x80 - active */
2089 uint8_t head; /* starting head */
2090 uint8_t sector; /* starting sector */
2091 uint8_t cyl; /* starting cylinder */
2092 uint8_t sys_ind; /* What partition type */
2093 uint8_t end_head; /* end head */
2094 uint8_t end_sector; /* end sector */
2095 uint8_t end_cyl; /* end cylinder */
2096 uint32_t start_sect; /* starting sector counting from 0 */
2097 uint32_t nr_sects; /* nr of sectors in partition */
2098 } __attribute__((packed));
2100 /* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
2101 static int guess_disk_lchs(IDEState *s,
2102 int *pcylinders, int *pheads, int *psectors)
2104 uint8_t buf[512];
2105 int ret, i, heads, sectors, cylinders;
2106 struct partition *p;
2107 uint32_t nr_sects;
2109 ret = bdrv_read(s->bs, 0, buf, 1);
2110 if (ret < 0)
2111 return -1;
2112 /* test msdos magic */
2113 if (buf[510] != 0x55 || buf[511] != 0xaa)
2114 return -1;
2115 for(i = 0; i < 4; i++) {
2116 p = ((struct partition *)(buf + 0x1be)) + i;
2117 nr_sects = le32_to_cpu(p->nr_sects);
2118 if (nr_sects && p->end_head) {
2119 /* We make the assumption that the partition terminates on
2120 a cylinder boundary */
2121 heads = p->end_head + 1;
2122 sectors = p->end_sector & 63;
2123 if (sectors == 0)
2124 continue;
2125 cylinders = s->nb_sectors / (heads * sectors);
2126 if (cylinders < 1 || cylinders > 16383)
2127 continue;
2128 *pheads = heads;
2129 *psectors = sectors;
2130 *pcylinders = cylinders;
2131 #if 0
2132 printf("guessed geometry: LCHS=%d %d %d\n",
2133 cylinders, heads, sectors);
2134 #endif
2135 return 0;
2138 return -1;
2141 static void ide_init2(IDEState *ide_state,
2142 BlockDriverState *hd0, BlockDriverState *hd1,
2143 SetIRQFunc *set_irq, void *irq_opaque, int irq)
2145 IDEState *s;
2146 static int drive_serial = 1;
2147 int i, cylinders, heads, secs, translation;
2148 int64_t nb_sectors;
2150 for(i = 0; i < 2; i++) {
2151 s = ide_state + i;
2152 if (i == 0)
2153 s->bs = hd0;
2154 else
2155 s->bs = hd1;
2156 if (s->bs) {
2157 bdrv_get_geometry(s->bs, &nb_sectors);
2158 s->nb_sectors = nb_sectors;
2159 /* if a geometry hint is available, use it */
2160 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
2161 if (cylinders != 0) {
2162 s->cylinders = cylinders;
2163 s->heads = heads;
2164 s->sectors = secs;
2165 } else {
2166 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
2167 if (heads > 16) {
2168 /* if heads > 16, it means that a BIOS LBA
2169 translation was active, so the default
2170 hardware geometry is OK */
2171 goto default_geometry;
2172 } else {
2173 s->cylinders = cylinders;
2174 s->heads = heads;
2175 s->sectors = secs;
2176 /* disable any translation to be in sync with
2177 the logical geometry */
2178 translation = bdrv_get_translation_hint(s->bs);
2179 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
2180 bdrv_set_translation_hint(s->bs,
2181 BIOS_ATA_TRANSLATION_NONE);
2184 } else {
2185 default_geometry:
2186 /* if no geometry, use a standard physical disk geometry */
2187 cylinders = nb_sectors / (16 * 63);
2188 if (cylinders > 16383)
2189 cylinders = 16383;
2190 else if (cylinders < 2)
2191 cylinders = 2;
2192 s->cylinders = cylinders;
2193 s->heads = 16;
2194 s->sectors = 63;
2196 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
2198 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2199 s->is_cdrom = 1;
2200 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2203 s->drive_serial = drive_serial++;
2204 s->set_irq = set_irq;
2205 s->irq_opaque = irq_opaque;
2206 s->irq = irq;
2207 s->sector_write_timer = qemu_new_timer(vm_clock,
2208 ide_sector_write_timer_cb, s);
2209 ide_reset(s);
2213 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2215 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2216 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2217 if (iobase2) {
2218 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2219 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2222 /* data ports */
2223 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2224 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2225 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2226 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2229 /***********************************************************/
2230 /* ISA IDE definitions */
2232 void isa_ide_init(int iobase, int iobase2, int irq,
2233 BlockDriverState *hd0, BlockDriverState *hd1)
2235 IDEState *ide_state;
2237 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2238 if (!ide_state)
2239 return;
2241 ide_init2(ide_state, hd0, hd1, pic_set_irq_new, isa_pic, irq);
2242 ide_init_ioport(ide_state, iobase, iobase2);
2245 /***********************************************************/
2246 /* PCI IDE definitions */
2248 static void cmd646_update_irq(PCIIDEState *d);
2250 static void ide_map(PCIDevice *pci_dev, int region_num,
2251 uint32_t addr, uint32_t size, int type)
2253 PCIIDEState *d = (PCIIDEState *)pci_dev;
2254 IDEState *ide_state;
2256 if (region_num <= 3) {
2257 ide_state = &d->ide_if[(region_num >> 1) * 2];
2258 if (region_num & 1) {
2259 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2260 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2261 } else {
2262 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2263 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2265 /* data ports */
2266 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2267 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2268 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2269 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2274 static void ide_dma_finish(BMDMAState *bm)
2276 IDEState *s = bm->ide_if;
2278 bm->status &= ~BM_STATUS_DMAING;
2279 bm->status |= BM_STATUS_INT;
2280 bm->dma_cb = NULL;
2281 bm->ide_if = NULL;
2282 #ifdef DMA_MULTI_THREAD
2283 ide_set_irq(s);
2284 #endif /* DMA_MULTI_THREAD */
2287 /* XXX: full callback usage to prepare non blocking I/Os support -
2288 error handling */
2289 #ifdef DMA_MULTI_THREAD
2290 static void ide_dma_loop(BMDMAState *bm)
2292 write(file_pipes[1], &bm, sizeof(bm));
2294 static void dma_thread_loop(BMDMAState *bm)
2295 #else /* DMA_MULTI_THREAD */
2296 static void ide_dma_loop(BMDMAState *bm)
2297 #endif /* !DMA_MULTI_THREAD */
2299 struct {
2300 uint32_t addr;
2301 uint32_t size;
2302 } prd;
2303 target_phys_addr_t cur_addr;
2304 int len, i, len1;
2306 cur_addr = bm->addr;
2307 /* at most one page to avoid hanging if erroneous parameters */
2308 for(i = 0; i < 512; i++) {
2309 cpu_physical_memory_read(cur_addr, (uint8_t *)&prd, 8);
2310 prd.addr = le32_to_cpu(prd.addr);
2311 prd.size = le32_to_cpu(prd.size);
2312 #ifdef DEBUG_IDE
2313 printf("ide: dma: prd: %08x: addr=0x%08x size=0x%08x\n",
2314 (int)cur_addr, prd.addr, prd.size);
2315 #endif
2316 len = prd.size & 0xfffe;
2317 if (len == 0)
2318 len = 0x10000;
2319 while (len > 0) {
2320 len1 = bm->dma_cb(bm->ide_if, prd.addr, len);
2321 if (len1 == 0)
2322 goto the_end;
2323 prd.addr += len1;
2324 len -= len1;
2326 /* end of transfer */
2327 if (prd.size & 0x80000000)
2328 break;
2329 cur_addr += 8;
2331 /* end of transfer */
2332 the_end:
2333 ide_dma_finish(bm);
2336 static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb)
2338 BMDMAState *bm = s->bmdma;
2339 if(!bm)
2340 return;
2341 bm->ide_if = s;
2342 bm->dma_cb = dma_cb;
2343 if (bm->status & BM_STATUS_DMAING) {
2344 ide_dma_loop(bm);
2348 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2350 BMDMAState *bm = opaque;
2351 #ifdef DEBUG_IDE
2352 printf("%s: 0x%08x\n", __func__, val);
2353 #endif
2354 if (!(val & BM_CMD_START)) {
2355 /* XXX: do it better */
2356 bm->status &= ~BM_STATUS_DMAING;
2357 bm->cmd = val & 0x09;
2358 } else {
2359 bm->status |= BM_STATUS_DMAING;
2360 bm->cmd = val & 0x09;
2361 /* start dma transfer if possible */
2362 if (bm->dma_cb)
2363 ide_dma_loop(bm);
2367 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2369 BMDMAState *bm = opaque;
2370 PCIIDEState *pci_dev;
2371 uint32_t val;
2373 switch(addr & 3) {
2374 case 0:
2375 val = bm->cmd;
2376 break;
2377 case 1:
2378 pci_dev = bm->pci_dev;
2379 if (pci_dev->type == IDE_TYPE_CMD646) {
2380 val = pci_dev->dev.config[MRDMODE];
2381 } else {
2382 val = 0xff;
2384 break;
2385 case 2:
2386 val = bm->status;
2387 break;
2388 case 3:
2389 pci_dev = bm->pci_dev;
2390 if (pci_dev->type == IDE_TYPE_CMD646) {
2391 if (bm == &pci_dev->bmdma[0])
2392 val = pci_dev->dev.config[UDIDETCR0];
2393 else
2394 val = pci_dev->dev.config[UDIDETCR1];
2395 } else {
2396 val = 0xff;
2398 break;
2399 default:
2400 val = 0xff;
2401 break;
2403 #ifdef DEBUG_IDE
2404 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2405 #endif
2406 return val;
2409 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2411 BMDMAState *bm = opaque;
2412 PCIIDEState *pci_dev;
2413 #ifdef DEBUG_IDE
2414 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
2415 #endif
2416 switch(addr & 3) {
2417 case 1:
2418 pci_dev = bm->pci_dev;
2419 if (pci_dev->type == IDE_TYPE_CMD646) {
2420 pci_dev->dev.config[MRDMODE] =
2421 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2422 cmd646_update_irq(pci_dev);
2424 break;
2425 case 2:
2426 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2427 break;
2428 case 3:
2429 pci_dev = bm->pci_dev;
2430 if (pci_dev->type == IDE_TYPE_CMD646) {
2431 if (bm == &pci_dev->bmdma[0])
2432 pci_dev->dev.config[UDIDETCR0] = val;
2433 else
2434 pci_dev->dev.config[UDIDETCR1] = val;
2436 break;
2440 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2442 BMDMAState *bm = opaque;
2443 uint32_t val;
2444 val = bm->addr;
2445 #ifdef DEBUG_IDE
2446 printf("%s: 0x%08x\n", __func__, val);
2447 #endif
2448 return val;
2451 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2453 BMDMAState *bm = opaque;
2454 #ifdef DEBUG_IDE
2455 printf("%s: 0x%08x\n", __func__, val);
2456 #endif
2457 bm->addr = val & ~3;
2460 static void bmdma_map(PCIDevice *pci_dev, int region_num,
2461 uint32_t addr, uint32_t size, int type)
2463 PCIIDEState *d = (PCIIDEState *)pci_dev;
2464 int i;
2466 for(i = 0;i < 2; i++) {
2467 BMDMAState *bm = &d->bmdma[i];
2468 d->ide_if[2 * i].bmdma = bm;
2469 d->ide_if[2 * i + 1].bmdma = bm;
2470 bm->pci_dev = (PCIIDEState *)pci_dev;
2472 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2474 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
2475 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
2477 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2478 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2479 addr += 8;
2483 /* XXX: call it also when the MRDMODE is changed from the PCI config
2484 registers */
2485 static void cmd646_update_irq(PCIIDEState *d)
2487 int pci_level;
2488 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
2489 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
2490 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
2491 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
2492 pci_set_irq((PCIDevice *)d, 0, pci_level);
2495 /* the PCI irq level is the logical OR of the two channels */
2496 static void cmd646_set_irq(void *opaque, int channel, int level)
2498 PCIIDEState *d = opaque;
2499 int irq_mask;
2501 irq_mask = MRDMODE_INTR_CH0 << channel;
2502 if (level)
2503 d->dev.config[MRDMODE] |= irq_mask;
2504 else
2505 d->dev.config[MRDMODE] &= ~irq_mask;
2506 cmd646_update_irq(d);
2509 /* CMD646 PCI IDE controller */
2510 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
2511 int secondary_ide_enabled)
2513 PCIIDEState *d;
2514 uint8_t *pci_conf;
2515 int i;
2517 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
2518 sizeof(PCIIDEState),
2519 -1,
2520 NULL, NULL);
2521 d->type = IDE_TYPE_CMD646;
2522 pci_conf = d->dev.config;
2523 pci_conf[0x00] = 0x95; // CMD646
2524 pci_conf[0x01] = 0x10;
2525 pci_conf[0x02] = 0x46;
2526 pci_conf[0x03] = 0x06;
2528 pci_conf[0x08] = 0x07; // IDE controller revision
2529 pci_conf[0x09] = 0x8f;
2531 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2532 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2533 pci_conf[0x0e] = 0x00; // header_type
2535 if (secondary_ide_enabled) {
2536 /* XXX: if not enabled, really disable the seconday IDE controller */
2537 pci_conf[0x51] = 0x80; /* enable IDE1 */
2540 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2541 PCI_ADDRESS_SPACE_IO, ide_map);
2542 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2543 PCI_ADDRESS_SPACE_IO, ide_map);
2544 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2545 PCI_ADDRESS_SPACE_IO, ide_map);
2546 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2547 PCI_ADDRESS_SPACE_IO, ide_map);
2548 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2549 PCI_ADDRESS_SPACE_IO, bmdma_map);
2551 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2553 for(i = 0; i < 4; i++)
2554 d->ide_if[i].pci_dev = (PCIDevice *)d;
2555 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1],
2556 cmd646_set_irq, d, 0);
2557 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3],
2558 cmd646_set_irq, d, 1);
2559 #ifdef DMA_MULTI_THREAD
2560 dma_create_thread();
2561 #endif /* DMA_MULTI_THREAD */
2564 /* hd_table must contain 4 block drivers */
2565 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
2566 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table)
2568 PCIIDEState *d;
2569 uint8_t *pci_conf;
2571 /* register a function 1 of PIIX3 */
2572 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2573 sizeof(PCIIDEState),
2574 ((PCIDevice *)piix3_state)->devfn + 1,
2575 NULL, NULL);
2576 d->type = IDE_TYPE_PIIX3;
2578 pci_conf = d->dev.config;
2579 pci_conf[0x00] = 0x86; // Intel
2580 pci_conf[0x01] = 0x80;
2581 pci_conf[0x02] = 0x10;
2582 pci_conf[0x03] = 0x70;
2583 pci_conf[0x09] = 0x80; // legacy ATA mode
2584 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2585 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2586 pci_conf[0x0e] = 0x00; // header_type
2588 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2589 PCI_ADDRESS_SPACE_IO, bmdma_map);
2591 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1],
2592 pic_set_irq_new, isa_pic, 14);
2593 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3],
2594 pic_set_irq_new, isa_pic, 15);
2595 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2596 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2597 #ifdef DMA_MULTI_THREAD
2598 dma_create_thread();
2599 #endif //DMA_MULTI_THREAD
2602 /***********************************************************/
2603 /* MacIO based PowerPC IDE */
2605 /* PowerMac IDE memory IO */
2606 static void pmac_ide_writeb (void *opaque,
2607 target_phys_addr_t addr, uint32_t val)
2609 addr = (addr & 0xFFF) >> 4;
2610 switch (addr) {
2611 case 1 ... 7:
2612 ide_ioport_write(opaque, addr, val);
2613 break;
2614 case 8:
2615 case 22:
2616 ide_cmd_write(opaque, 0, val);
2617 break;
2618 default:
2619 break;
2623 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
2625 uint8_t retval;
2627 addr = (addr & 0xFFF) >> 4;
2628 switch (addr) {
2629 case 1 ... 7:
2630 retval = ide_ioport_read(opaque, addr);
2631 break;
2632 case 8:
2633 case 22:
2634 retval = ide_status_read(opaque, 0);
2635 break;
2636 default:
2637 retval = 0xFF;
2638 break;
2640 return retval;
2643 static void pmac_ide_writew (void *opaque,
2644 target_phys_addr_t addr, uint32_t val)
2646 addr = (addr & 0xFFF) >> 4;
2647 #ifdef TARGET_WORDS_BIGENDIAN
2648 val = bswap16(val);
2649 #endif
2650 if (addr == 0) {
2651 ide_data_writew(opaque, 0, val);
2655 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
2657 uint16_t retval;
2659 addr = (addr & 0xFFF) >> 4;
2660 if (addr == 0) {
2661 retval = ide_data_readw(opaque, 0);
2662 } else {
2663 retval = 0xFFFF;
2665 #ifdef TARGET_WORDS_BIGENDIAN
2666 retval = bswap16(retval);
2667 #endif
2668 return retval;
2671 static void pmac_ide_writel (void *opaque,
2672 target_phys_addr_t addr, uint32_t val)
2674 addr = (addr & 0xFFF) >> 4;
2675 #ifdef TARGET_WORDS_BIGENDIAN
2676 val = bswap32(val);
2677 #endif
2678 if (addr == 0) {
2679 ide_data_writel(opaque, 0, val);
2683 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
2685 uint32_t retval;
2687 addr = (addr & 0xFFF) >> 4;
2688 if (addr == 0) {
2689 retval = ide_data_readl(opaque, 0);
2690 } else {
2691 retval = 0xFFFFFFFF;
2693 #ifdef TARGET_WORDS_BIGENDIAN
2694 retval = bswap32(retval);
2695 #endif
2696 return retval;
2699 static CPUWriteMemoryFunc *pmac_ide_write[] = {
2700 pmac_ide_writeb,
2701 pmac_ide_writew,
2702 pmac_ide_writel,
2703 };
2705 static CPUReadMemoryFunc *pmac_ide_read[] = {
2706 pmac_ide_readb,
2707 pmac_ide_readw,
2708 pmac_ide_readl,
2709 };
2711 /* hd_table must contain 4 block drivers */
2712 /* PowerMac uses memory mapped registers, not I/O. Return the memory
2713 I/O index to access the ide. */
2714 int pmac_ide_init (BlockDriverState **hd_table,
2715 SetIRQFunc *set_irq, void *irq_opaque, int irq)
2717 IDEState *ide_if;
2718 int pmac_ide_memory;
2720 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
2721 ide_init2(&ide_if[0], hd_table[0], hd_table[1],
2722 set_irq, irq_opaque, irq);
2724 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
2725 pmac_ide_write, &ide_if[0]);
2726 return pmac_ide_memory;