/hw/ide.c - Annotate - qemu - Greek Research and Technology Network's projects

root / hw / ide.c @ 1ea879e5

History | View | Annotate | Download (119.8 kB)

1	5391d806	bellard	/*
2	38cdea7c	balrog	* QEMU IDE disk and CD/DVD-ROM Emulator
3	5fafdf24	ths	*
4	5391d806	bellard	* Copyright (c) 2003 Fabrice Bellard
5	201a51fc	balrog	* Copyright (c) 2006 Openedhand Ltd.
6	5fafdf24	ths	*
7	5391d806	bellard	* Permission is hereby granted, free of charge, to any person obtaining a copy
8	5391d806	bellard	* of this software and associated documentation files (the "Software"), to deal
9	5391d806	bellard	* in the Software without restriction, including without limitation the rights
10	5391d806	bellard	* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11	5391d806	bellard	* copies of the Software, and to permit persons to whom the Software is
12	5391d806	bellard	* furnished to do so, subject to the following conditions:
13	5391d806	bellard	*
14	5391d806	bellard	* The above copyright notice and this permission notice shall be included in
15	5391d806	bellard	* all copies or substantial portions of the Software.
16	5391d806	bellard	*
17	5391d806	bellard	* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18	5391d806	bellard	* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19	5391d806	bellard	* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20	5391d806	bellard	* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21	5391d806	bellard	* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22	5391d806	bellard	* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23	5391d806	bellard	* THE SOFTWARE.
24	5391d806	bellard	*/
25	87ecb68b	pbrook	#include "hw.h"
26	87ecb68b	pbrook	#include "pc.h"
27	87ecb68b	pbrook	#include "pci.h"
28	87ecb68b	pbrook	#include "scsi-disk.h"
29	87ecb68b	pbrook	#include "pcmcia.h"
30	87ecb68b	pbrook	#include "block.h"
31	87ecb68b	pbrook	#include "qemu-timer.h"
32	87ecb68b	pbrook	#include "sysemu.h"
33	9596ebb7	pbrook	#include "ppc_mac.h"
34	5391d806	bellard
35	5391d806	bellard	/* debug IDE devices */
36	5391d806	bellard	//#define DEBUG_IDE
37	5391d806	bellard	//#define DEBUG_IDE_ATAPI
38	8ccad811	bellard	//#define DEBUG_AIO
39	8ccad811	bellard	#define USE_DMA_CDROM
40	5391d806	bellard
41	5391d806	bellard	/* Bits of HD_STATUS */
42	5391d806	bellard	#define ERR_STAT 0x01
43	5391d806	bellard	#define INDEX_STAT 0x02
44	5391d806	bellard	#define ECC_STAT 0x04 /* Corrected error */
45	5391d806	bellard	#define DRQ_STAT 0x08
46	5391d806	bellard	#define SEEK_STAT 0x10
47	5391d806	bellard	#define SRV_STAT 0x10
48	5391d806	bellard	#define WRERR_STAT 0x20
49	5391d806	bellard	#define READY_STAT 0x40
50	5391d806	bellard	#define BUSY_STAT 0x80
51	5391d806	bellard
52	5391d806	bellard	/* Bits for HD_ERROR */
53	5391d806	bellard	#define MARK_ERR 0x01 /* Bad address mark */
54	5391d806	bellard	#define TRK0_ERR 0x02 /* couldn't find track 0 */
55	5391d806	bellard	#define ABRT_ERR 0x04 /* Command aborted */
56	5391d806	bellard	#define MCR_ERR 0x08 /* media change request */
57	5391d806	bellard	#define ID_ERR 0x10 /* ID field not found */
58	5391d806	bellard	#define MC_ERR 0x20 /* media changed */
59	5391d806	bellard	#define ECC_ERR 0x40 /* Uncorrectable ECC error */
60	5391d806	bellard	#define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
61	5391d806	bellard	#define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
62	5391d806	bellard
63	5391d806	bellard	/* Bits of HD_NSECTOR */
64	5391d806	bellard	#define CD 0x01
65	5391d806	bellard	#define IO 0x02
66	5391d806	bellard	#define REL 0x04
67	5391d806	bellard	#define TAG_MASK 0xf8
68	5391d806	bellard
69	5391d806	bellard	#define IDE_CMD_RESET 0x04
70	5391d806	bellard	#define IDE_CMD_DISABLE_IRQ 0x02
71	5391d806	bellard
72	5391d806	bellard	/* ATA/ATAPI Commands pre T13 Spec */
73	5391d806	bellard	#define WIN_NOP 0x00
74	5391d806	bellard	/*
75	5391d806	bellard	* 0x01->0x02 Reserved
76	5391d806	bellard	*/
77	5391d806	bellard	#define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
78	5391d806	bellard	/*
79	5391d806	bellard	* 0x04->0x07 Reserved
80	5391d806	bellard	*/
81	5391d806	bellard	#define WIN_SRST 0x08 /* ATAPI soft reset command */
82	5391d806	bellard	#define WIN_DEVICE_RESET 0x08
83	5391d806	bellard	/*
84	5391d806	bellard	* 0x09->0x0F Reserved
85	5391d806	bellard	*/
86	5391d806	bellard	#define WIN_RECAL 0x10
87	5391d806	bellard	#define WIN_RESTORE WIN_RECAL
88	5391d806	bellard	/*
89	5391d806	bellard	* 0x10->0x1F Reserved
90	5391d806	bellard	*/
91	5391d806	bellard	#define WIN_READ 0x20 /* 28-Bit */
92	5391d806	bellard	#define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
93	5391d806	bellard	#define WIN_READ_LONG 0x22 /* 28-Bit */
94	5391d806	bellard	#define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
95	5391d806	bellard	#define WIN_READ_EXT 0x24 /* 48-Bit */
96	5391d806	bellard	#define WIN_READDMA_EXT 0x25 /* 48-Bit */
97	5391d806	bellard	#define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
98	5391d806	bellard	#define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
99	5391d806	bellard	/*
100	5391d806	bellard	* 0x28
101	5391d806	bellard	*/
102	5391d806	bellard	#define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
103	5391d806	bellard	/*
104	5391d806	bellard	* 0x2A->0x2F Reserved
105	5391d806	bellard	*/
106	5391d806	bellard	#define WIN_WRITE 0x30 /* 28-Bit */
107	5391d806	bellard	#define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
108	5391d806	bellard	#define WIN_WRITE_LONG 0x32 /* 28-Bit */
109	5391d806	bellard	#define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
110	5391d806	bellard	#define WIN_WRITE_EXT 0x34 /* 48-Bit */
111	5391d806	bellard	#define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
112	5391d806	bellard	#define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
113	5391d806	bellard	#define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
114	5391d806	bellard	#define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
115	5391d806	bellard	#define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
116	5391d806	bellard	/*
117	5391d806	bellard	* 0x3A->0x3B Reserved
118	5391d806	bellard	*/
119	5391d806	bellard	#define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
120	5391d806	bellard	/*
121	5391d806	bellard	* 0x3D->0x3F Reserved
122	5391d806	bellard	*/
123	5391d806	bellard	#define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
124	5391d806	bellard	#define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
125	5391d806	bellard	#define WIN_VERIFY_EXT 0x42 /* 48-Bit */
126	5391d806	bellard	/*
127	5391d806	bellard	* 0x43->0x4F Reserved
128	5391d806	bellard	*/
129	5391d806	bellard	#define WIN_FORMAT 0x50
130	5391d806	bellard	/*
131	5391d806	bellard	* 0x51->0x5F Reserved
132	5391d806	bellard	*/
133	5391d806	bellard	#define WIN_INIT 0x60
134	5391d806	bellard	/*
135	5391d806	bellard	* 0x61->0x5F Reserved
136	5391d806	bellard	*/
137	5391d806	bellard	#define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
138	5391d806	bellard	#define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
139	5391d806	bellard	#define WIN_DIAGNOSE 0x90
140	5391d806	bellard	#define WIN_SPECIFY 0x91 /* set drive geometry translation */
141	5391d806	bellard	#define WIN_DOWNLOAD_MICROCODE 0x92
142	5391d806	bellard	#define WIN_STANDBYNOW2 0x94
143	201a51fc	balrog	#define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
144	5391d806	bellard	#define WIN_STANDBY2 0x96
145	5391d806	bellard	#define WIN_SETIDLE2 0x97
146	5391d806	bellard	#define WIN_CHECKPOWERMODE2 0x98
147	5391d806	bellard	#define WIN_SLEEPNOW2 0x99
148	5391d806	bellard	/*
149	5391d806	bellard	* 0x9A VENDOR
150	5391d806	bellard	*/
151	5391d806	bellard	#define WIN_PACKETCMD 0xA0 /* Send a packet command. */
152	5391d806	bellard	#define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
153	5391d806	bellard	#define WIN_QUEUED_SERVICE 0xA2
154	5391d806	bellard	#define WIN_SMART 0xB0 /* self-monitoring and reporting */
155	201a51fc	balrog	#define CFA_ACCESS_METADATA_STORAGE 0xB8
156	201a51fc	balrog	#define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
157	5391d806	bellard	#define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
158	5391d806	bellard	#define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
159	5391d806	bellard	#define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
160	5391d806	bellard	#define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
161	5391d806	bellard	#define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
162	5391d806	bellard	#define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
163	5391d806	bellard	#define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
164	5391d806	bellard	#define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
165	5391d806	bellard	#define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
166	5391d806	bellard	#define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
167	5fafdf24	ths	#define WIN_GETMEDIASTATUS 0xDA
168	5391d806	bellard	#define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
169	5391d806	bellard	#define WIN_POSTBOOT 0xDC
170	5391d806	bellard	#define WIN_PREBOOT 0xDD
171	5391d806	bellard	#define WIN_DOORLOCK 0xDE /* lock door on removable drives */
172	5391d806	bellard	#define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
173	5391d806	bellard	#define WIN_STANDBYNOW1 0xE0
174	5391d806	bellard	#define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
175	5391d806	bellard	#define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
176	5391d806	bellard	#define WIN_SETIDLE1 0xE3
177	5391d806	bellard	#define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
178	5391d806	bellard	#define WIN_CHECKPOWERMODE1 0xE5
179	5391d806	bellard	#define WIN_SLEEPNOW1 0xE6
180	5391d806	bellard	#define WIN_FLUSH_CACHE 0xE7
181	5391d806	bellard	#define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
182	5391d806	bellard	#define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
183	5391d806	bellard	/* SET_FEATURES 0x22 or 0xDD */
184	5391d806	bellard	#define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
185	5391d806	bellard	#define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
186	5391d806	bellard	#define WIN_MEDIAEJECT 0xED
187	5391d806	bellard	#define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
188	5391d806	bellard	#define WIN_SETFEATURES 0xEF /* set special drive features */
189	5391d806	bellard	#define EXABYTE_ENABLE_NEST 0xF0
190	201a51fc	balrog	#define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
191	5391d806	bellard	#define WIN_SECURITY_SET_PASS 0xF1
192	5391d806	bellard	#define WIN_SECURITY_UNLOCK 0xF2
193	5391d806	bellard	#define WIN_SECURITY_ERASE_PREPARE 0xF3
194	5391d806	bellard	#define WIN_SECURITY_ERASE_UNIT 0xF4
195	5391d806	bellard	#define WIN_SECURITY_FREEZE_LOCK 0xF5
196	201a51fc	balrog	#define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
197	5391d806	bellard	#define WIN_SECURITY_DISABLE 0xF6
198	5391d806	bellard	#define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
199	5391d806	bellard	#define WIN_SET_MAX 0xF9
200	5391d806	bellard	#define DISABLE_SEAGATE 0xFB
201	5391d806	bellard
202	5391d806	bellard	/* set to 1 set disable mult support */
203	f66723fa	bellard	#define MAX_MULT_SECTORS 16
204	5391d806	bellard
205	1d8cde5b	aurel32	#define IDE_DMA_BUF_SECTORS 256
206	1d8cde5b	aurel32
207	1d8cde5b	aurel32	#if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
208	1d8cde5b	aurel32	#error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
209	1d8cde5b	aurel32	#endif
210	1d8cde5b	aurel32
211	5391d806	bellard	/* ATAPI defines */
212	5391d806	bellard
213	5391d806	bellard	#define ATAPI_PACKET_SIZE 12
214	5391d806	bellard
215	5391d806	bellard	/* The generic packet command opcodes for CD/DVD Logical Units,
216	5391d806	bellard	* From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
217	5391d806	bellard	#define GPCMD_BLANK 0xa1
218	5391d806	bellard	#define GPCMD_CLOSE_TRACK 0x5b
219	5391d806	bellard	#define GPCMD_FLUSH_CACHE 0x35
220	5391d806	bellard	#define GPCMD_FORMAT_UNIT 0x04
221	5391d806	bellard	#define GPCMD_GET_CONFIGURATION 0x46
222	5391d806	bellard	#define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
223	5391d806	bellard	#define GPCMD_GET_PERFORMANCE 0xac
224	5391d806	bellard	#define GPCMD_INQUIRY 0x12
225	5391d806	bellard	#define GPCMD_LOAD_UNLOAD 0xa6
226	5391d806	bellard	#define GPCMD_MECHANISM_STATUS 0xbd
227	5391d806	bellard	#define GPCMD_MODE_SELECT_10 0x55
228	5391d806	bellard	#define GPCMD_MODE_SENSE_10 0x5a
229	5391d806	bellard	#define GPCMD_PAUSE_RESUME 0x4b
230	5391d806	bellard	#define GPCMD_PLAY_AUDIO_10 0x45
231	5391d806	bellard	#define GPCMD_PLAY_AUDIO_MSF 0x47
232	5391d806	bellard	#define GPCMD_PLAY_AUDIO_TI 0x48
233	5391d806	bellard	#define GPCMD_PLAY_CD 0xbc
234	5391d806	bellard	#define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
235	5391d806	bellard	#define GPCMD_READ_10 0x28
236	5391d806	bellard	#define GPCMD_READ_12 0xa8
237	5391d806	bellard	#define GPCMD_READ_CDVD_CAPACITY 0x25
238	5391d806	bellard	#define GPCMD_READ_CD 0xbe
239	5391d806	bellard	#define GPCMD_READ_CD_MSF 0xb9
240	5391d806	bellard	#define GPCMD_READ_DISC_INFO 0x51
241	5391d806	bellard	#define GPCMD_READ_DVD_STRUCTURE 0xad
242	5391d806	bellard	#define GPCMD_READ_FORMAT_CAPACITIES 0x23
243	5391d806	bellard	#define GPCMD_READ_HEADER 0x44
244	5391d806	bellard	#define GPCMD_READ_TRACK_RZONE_INFO 0x52
245	5391d806	bellard	#define GPCMD_READ_SUBCHANNEL 0x42
246	5391d806	bellard	#define GPCMD_READ_TOC_PMA_ATIP 0x43
247	5391d806	bellard	#define GPCMD_REPAIR_RZONE_TRACK 0x58
248	5391d806	bellard	#define GPCMD_REPORT_KEY 0xa4
249	5391d806	bellard	#define GPCMD_REQUEST_SENSE 0x03
250	5391d806	bellard	#define GPCMD_RESERVE_RZONE_TRACK 0x53
251	5391d806	bellard	#define GPCMD_SCAN 0xba
252	5391d806	bellard	#define GPCMD_SEEK 0x2b
253	5391d806	bellard	#define GPCMD_SEND_DVD_STRUCTURE 0xad
254	5391d806	bellard	#define GPCMD_SEND_EVENT 0xa2
255	5391d806	bellard	#define GPCMD_SEND_KEY 0xa3
256	5391d806	bellard	#define GPCMD_SEND_OPC 0x54
257	5391d806	bellard	#define GPCMD_SET_READ_AHEAD 0xa7
258	5391d806	bellard	#define GPCMD_SET_STREAMING 0xb6
259	5391d806	bellard	#define GPCMD_START_STOP_UNIT 0x1b
260	5391d806	bellard	#define GPCMD_STOP_PLAY_SCAN 0x4e
261	5391d806	bellard	#define GPCMD_TEST_UNIT_READY 0x00
262	5391d806	bellard	#define GPCMD_VERIFY_10 0x2f
263	5391d806	bellard	#define GPCMD_WRITE_10 0x2a
264	5391d806	bellard	#define GPCMD_WRITE_AND_VERIFY_10 0x2e
265	5fafdf24	ths	/* This is listed as optional in ATAPI 2.6, but is (curiously)
266	5391d806	bellard	* missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
267	5391d806	bellard	* Table 377 as an MMC command for SCSi devices though... Most ATAPI
268	5391d806	bellard	* drives support it. */
269	5391d806	bellard	#define GPCMD_SET_SPEED 0xbb
270	5fafdf24	ths	/* This seems to be a SCSI specific CD-ROM opcode
271	5391d806	bellard	* to play data at track/index */
272	5391d806	bellard	#define GPCMD_PLAYAUDIO_TI 0x48
273	5391d806	bellard	/*
274	5391d806	bellard	* From MS Media Status Notification Support Specification. For
275	5391d806	bellard	* older drives only.
276	5391d806	bellard	*/
277	5391d806	bellard	#define GPCMD_GET_MEDIA_STATUS 0xda
278	d14049ea	ths	#define GPCMD_MODE_SENSE_6 0x1a
279	5391d806	bellard
280	5391d806	bellard	/* Mode page codes for mode sense/set */
281	5391d806	bellard	#define GPMODE_R_W_ERROR_PAGE 0x01
282	5391d806	bellard	#define GPMODE_WRITE_PARMS_PAGE 0x05
283	5391d806	bellard	#define GPMODE_AUDIO_CTL_PAGE 0x0e
284	5391d806	bellard	#define GPMODE_POWER_PAGE 0x1a
285	5391d806	bellard	#define GPMODE_FAULT_FAIL_PAGE 0x1c
286	5391d806	bellard	#define GPMODE_TO_PROTECT_PAGE 0x1d
287	5391d806	bellard	#define GPMODE_CAPABILITIES_PAGE 0x2a
288	5391d806	bellard	#define GPMODE_ALL_PAGES 0x3f
289	5391d806	bellard	/* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
290	5391d806	bellard	* of MODE_SENSE_POWER_PAGE */
291	5391d806	bellard	#define GPMODE_CDROM_PAGE 0x0d
292	5391d806	bellard
293	38cdea7c	balrog	/*
294	38cdea7c	balrog	* Based on values from <linux/cdrom.h> but extending CD_MINS
295	38cdea7c	balrog	* to the maximum common size allowed by the Orange's Book ATIP
296	38cdea7c	balrog	*
297	38cdea7c	balrog	* 90 and 99 min CDs are also available but using them as the
298	38cdea7c	balrog	* upper limit reduces the effectiveness of the heuristic to
299	38cdea7c	balrog	* detect DVDs burned to less than 25% of their maximum capacity
300	38cdea7c	balrog	*/
301	38cdea7c	balrog
302	38cdea7c	balrog	/* Some generally useful CD-ROM information */
303	38cdea7c	balrog	#define CD_MINS 80 /* max. minutes per CD */
304	38cdea7c	balrog	#define CD_SECS 60 /* seconds per minute */
305	38cdea7c	balrog	#define CD_FRAMES 75 /* frames per second */
306	38cdea7c	balrog	#define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
307	38cdea7c	balrog	#define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
308	38cdea7c	balrog	#define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
309	38cdea7c	balrog
310	38cdea7c	balrog	/*
311	38cdea7c	balrog	* The MMC values are not IDE specific and might need to be moved
312	38cdea7c	balrog	* to a common header if they are also needed for the SCSI emulation
313	38cdea7c	balrog	*/
314	38cdea7c	balrog
315	38cdea7c	balrog	/* Profile list from MMC-6 revision 1 table 91 */
316	38cdea7c	balrog	#define MMC_PROFILE_NONE 0x0000
317	38cdea7c	balrog	#define MMC_PROFILE_CD_ROM 0x0008
318	38cdea7c	balrog	#define MMC_PROFILE_CD_R 0x0009
319	38cdea7c	balrog	#define MMC_PROFILE_CD_RW 0x000A
320	38cdea7c	balrog	#define MMC_PROFILE_DVD_ROM 0x0010
321	38cdea7c	balrog	#define MMC_PROFILE_DVD_R_SR 0x0011
322	38cdea7c	balrog	#define MMC_PROFILE_DVD_RAM 0x0012
323	38cdea7c	balrog	#define MMC_PROFILE_DVD_RW_RO 0x0013
324	38cdea7c	balrog	#define MMC_PROFILE_DVD_RW_SR 0x0014
325	38cdea7c	balrog	#define MMC_PROFILE_DVD_R_DL_SR 0x0015
326	38cdea7c	balrog	#define MMC_PROFILE_DVD_R_DL_JR 0x0016
327	38cdea7c	balrog	#define MMC_PROFILE_DVD_RW_DL 0x0017
328	38cdea7c	balrog	#define MMC_PROFILE_DVD_DDR 0x0018
329	38cdea7c	balrog	#define MMC_PROFILE_DVD_PLUS_RW 0x001A
330	38cdea7c	balrog	#define MMC_PROFILE_DVD_PLUS_R 0x001B
331	38cdea7c	balrog	#define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
332	38cdea7c	balrog	#define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
333	38cdea7c	balrog	#define MMC_PROFILE_BD_ROM 0x0040
334	38cdea7c	balrog	#define MMC_PROFILE_BD_R_SRM 0x0041
335	38cdea7c	balrog	#define MMC_PROFILE_BD_R_RRM 0x0042
336	38cdea7c	balrog	#define MMC_PROFILE_BD_RE 0x0043
337	38cdea7c	balrog	#define MMC_PROFILE_HDDVD_ROM 0x0050
338	38cdea7c	balrog	#define MMC_PROFILE_HDDVD_R 0x0051
339	38cdea7c	balrog	#define MMC_PROFILE_HDDVD_RAM 0x0052
340	38cdea7c	balrog	#define MMC_PROFILE_HDDVD_RW 0x0053
341	38cdea7c	balrog	#define MMC_PROFILE_HDDVD_R_DL 0x0058
342	38cdea7c	balrog	#define MMC_PROFILE_HDDVD_RW_DL 0x005A
343	38cdea7c	balrog	#define MMC_PROFILE_INVALID 0xFFFF
344	38cdea7c	balrog
345	5391d806	bellard	#define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
346	5391d806	bellard	#define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
347	5391d806	bellard	#define ATAPI_INT_REASON_REL 0x04
348	5391d806	bellard	#define ATAPI_INT_REASON_TAG 0xf8
349	5391d806	bellard
350	5391d806	bellard	/* same constants as bochs */
351	7f777bf3	bellard	#define ASC_ILLEGAL_OPCODE 0x20
352	5391d806	bellard	#define ASC_LOGICAL_BLOCK_OOR 0x21
353	5391d806	bellard	#define ASC_INV_FIELD_IN_CMD_PACKET 0x24
354	9118e7f0	aliguori	#define ASC_MEDIUM_MAY_HAVE_CHANGED 0x28
355	8114e9e8	ths	#define ASC_INCOMPATIBLE_FORMAT 0x30
356	5391d806	bellard	#define ASC_MEDIUM_NOT_PRESENT 0x3a
357	5391d806	bellard	#define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
358	5391d806	bellard
359	201a51fc	balrog	#define CFA_NO_ERROR 0x00
360	201a51fc	balrog	#define CFA_MISC_ERROR 0x09
361	201a51fc	balrog	#define CFA_INVALID_COMMAND 0x20
362	201a51fc	balrog	#define CFA_INVALID_ADDRESS 0x21
363	201a51fc	balrog	#define CFA_ADDRESS_OVERFLOW 0x2f
364	201a51fc	balrog
365	5391d806	bellard	#define SENSE_NONE 0
366	5391d806	bellard	#define SENSE_NOT_READY 2
367	5391d806	bellard	#define SENSE_ILLEGAL_REQUEST 5
368	5391d806	bellard	#define SENSE_UNIT_ATTENTION 6
369	5391d806	bellard
370	5391d806	bellard	struct IDEState;
371	5391d806	bellard
372	5391d806	bellard	typedef void EndTransferFunc(struct IDEState *);
373	5391d806	bellard
374	caed8802	bellard	/* NOTE: IDEState represents in fact one drive */
375	5391d806	bellard	typedef struct IDEState {
376	5391d806	bellard	/* ide config */
377	5391d806	bellard	int is_cdrom;
378	201a51fc	balrog	int is_cf;
379	5391d806	bellard	int cylinders, heads, sectors;
380	5391d806	bellard	int64_t nb_sectors;
381	5391d806	bellard	int mult_sectors;
382	94458802	bellard	int identify_set;
383	94458802	bellard	uint16_t identify_data[256];
384	d537cf6c	pbrook	qemu_irq irq;
385	34e538ae	bellard	PCIDevice *pci_dev;
386	98087450	bellard	struct BMDMAState *bmdma;
387	aedf5382	bellard	int drive_serial;
388	5391d806	bellard	/* ide regs */
389	5391d806	bellard	uint8_t feature;
390	5391d806	bellard	uint8_t error;
391	c2ff060f	bellard	uint32_t nsector;
392	5391d806	bellard	uint8_t sector;
393	5391d806	bellard	uint8_t lcyl;
394	5391d806	bellard	uint8_t hcyl;
395	c2ff060f	bellard	/* other part of tf for lba48 support */
396	c2ff060f	bellard	uint8_t hob_feature;
397	c2ff060f	bellard	uint8_t hob_nsector;
398	c2ff060f	bellard	uint8_t hob_sector;
399	c2ff060f	bellard	uint8_t hob_lcyl;
400	c2ff060f	bellard	uint8_t hob_hcyl;
401	c2ff060f	bellard
402	5391d806	bellard	uint8_t select;
403	5391d806	bellard	uint8_t status;
404	c2ff060f	bellard
405	5391d806	bellard	/* 0x3f6 command, only meaningful for drive 0 */
406	5391d806	bellard	uint8_t cmd;
407	c2ff060f	bellard	/* set for lba48 access */
408	c2ff060f	bellard	uint8_t lba48;
409	5391d806	bellard	/* depends on bit 4 in select, only meaningful for drive 0 */
410	5fafdf24	ths	struct IDEState *cur_drive;
411	5391d806	bellard	BlockDriverState *bs;
412	5391d806	bellard	/* ATAPI specific */
413	5391d806	bellard	uint8_t sense_key;
414	5391d806	bellard	uint8_t asc;
415	5391d806	bellard	int packet_transfer_size;
416	5391d806	bellard	int elementary_transfer_size;
417	5391d806	bellard	int io_buffer_index;
418	5391d806	bellard	int lba;
419	98087450	bellard	int cd_sector_size;
420	98087450	bellard	int atapi_dma; /* true if dma is requested for the packet cmd */
421	98087450	bellard	/* ATA DMA state */
422	98087450	bellard	int io_buffer_size;
423	98087450	bellard	/* PIO transfer handling */
424	5391d806	bellard	int req_nb_sectors; /* number of sectors per interrupt */
425	5391d806	bellard	EndTransferFunc *end_transfer_func;
426	5391d806	bellard	uint8_t *data_ptr;
427	5391d806	bellard	uint8_t *data_end;
428	33f00271	balrog	uint8_t *io_buffer;
429	31c2a146	ths	QEMUTimer sector_write_timer; / only used for win2k install hack */
430	e774a278	bellard	uint32_t irq_count; /* counts IRQs when using win2k install hack */
431	201a51fc	balrog	/* CF-ATA extended error */
432	201a51fc	balrog	uint8_t ext_error;
433	201a51fc	balrog	/* CF-ATA metadata storage */
434	201a51fc	balrog	uint32_t mdata_size;
435	201a51fc	balrog	uint8_t *mdata_storage;
436	201a51fc	balrog	int media_changed;
437	5391d806	bellard	} IDEState;
438	5391d806	bellard
439	8114e9e8	ths	/* XXX: DVDs that could fit on a CD will be reported as a CD */
440	8114e9e8	ths	static inline int media_present(IDEState *s)
441	8114e9e8	ths	{
442	8114e9e8	ths	return (s->nb_sectors > 0);
443	8114e9e8	ths	}
444	8114e9e8	ths
445	8114e9e8	ths	static inline int media_is_dvd(IDEState *s)
446	8114e9e8	ths	{
447	8114e9e8	ths	return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
448	8114e9e8	ths	}
449	8114e9e8	ths
450	8114e9e8	ths	static inline int media_is_cd(IDEState *s)
451	8114e9e8	ths	{
452	8114e9e8	ths	return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
453	8114e9e8	ths	}
454	8114e9e8	ths
455	98087450	bellard	#define BM_STATUS_DMAING 0x01
456	98087450	bellard	#define BM_STATUS_ERROR 0x02
457	98087450	bellard	#define BM_STATUS_INT 0x04
458	98087450	bellard
459	98087450	bellard	#define BM_CMD_START 0x01
460	98087450	bellard	#define BM_CMD_READ 0x08
461	98087450	bellard
462	5457c8ce	bellard	#define IDE_TYPE_PIIX3 0
463	5457c8ce	bellard	#define IDE_TYPE_CMD646 1
464	afcc3cdf	ths	#define IDE_TYPE_PIIX4 2
465	5457c8ce	bellard
466	5457c8ce	bellard	/* CMD646 specific */
467	5457c8ce	bellard	#define MRDMODE 0x71
468	5457c8ce	bellard	#define MRDMODE_INTR_CH0 0x04
469	5457c8ce	bellard	#define MRDMODE_INTR_CH1 0x08
470	5457c8ce	bellard	#define MRDMODE_BLK_CH0 0x10
471	5457c8ce	bellard	#define MRDMODE_BLK_CH1 0x20
472	5457c8ce	bellard	#define UDIDETCR0 0x73
473	5457c8ce	bellard	#define UDIDETCR1 0x7B
474	5457c8ce	bellard
475	98087450	bellard	typedef struct BMDMAState {
476	98087450	bellard	uint8_t cmd;
477	98087450	bellard	uint8_t status;
478	98087450	bellard	uint32_t addr;
479	3b46e624	ths
480	5457c8ce	bellard	struct PCIIDEState *pci_dev;
481	98087450	bellard	/* current transfer state */
482	8ccad811	bellard	uint32_t cur_addr;
483	8ccad811	bellard	uint32_t cur_prd_last;
484	8ccad811	bellard	uint32_t cur_prd_addr;
485	8ccad811	bellard	uint32_t cur_prd_len;
486	98087450	bellard	IDEState *ide_if;
487	8ccad811	bellard	BlockDriverCompletionFunc *dma_cb;
488	8ccad811	bellard	BlockDriverAIOCB *aiocb;
489	98087450	bellard	} BMDMAState;
490	98087450	bellard
491	98087450	bellard	typedef struct PCIIDEState {
492	98087450	bellard	PCIDevice dev;
493	98087450	bellard	IDEState ide_if[4];
494	98087450	bellard	BMDMAState bmdma[2];
495	5457c8ce	bellard	int type; /* see IDE_TYPE_xxx */
496	98087450	bellard	} PCIIDEState;
497	98087450	bellard
498	8ccad811	bellard	static void ide_dma_start(IDEState s, BlockDriverCompletionFunc dma_cb);
499	5f12ab4b	ths	static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
500	98087450	bellard
501	5391d806	bellard	static void padstr(char str, const char src, int len)
502	5391d806	bellard	{
503	5391d806	bellard	int i, v;
504	5391d806	bellard	for(i = 0; i < len; i++) {
505	5391d806	bellard	if (*src)
506	5391d806	bellard	v = *src++;
507	5391d806	bellard	else
508	5391d806	bellard	v = ' ';
509	69b34976	ths	str[i^1] = v;
510	5391d806	bellard	}
511	5391d806	bellard	}
512	5391d806	bellard
513	bd0d90b2	bellard	static void padstr8(uint8_t buf, int buf_size, const char src)
514	bd0d90b2	bellard	{
515	bd0d90b2	bellard	int i;
516	bd0d90b2	bellard	for(i = 0; i < buf_size; i++) {
517	bd0d90b2	bellard	if (*src)
518	bd0d90b2	bellard	buf[i] = *src++;
519	bd0d90b2	bellard	else
520	bd0d90b2	bellard	buf[i] = ' ';
521	bd0d90b2	bellard	}
522	bd0d90b2	bellard	}
523	bd0d90b2	bellard
524	67b915a5	bellard	static void put_le16(uint16_t *p, unsigned int v)
525	67b915a5	bellard	{
526	0c4ad8dc	bellard	*p = cpu_to_le16(v);
527	67b915a5	bellard	}
528	67b915a5	bellard
529	5391d806	bellard	static void ide_identify(IDEState *s)
530	5391d806	bellard	{
531	5391d806	bellard	uint16_t *p;
532	5391d806	bellard	unsigned int oldsize;
533	aedf5382	bellard	char buf[20];
534	5391d806	bellard
535	94458802	bellard	if (s->identify_set) {
536	94458802	bellard	memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
537	94458802	bellard	return;
538	94458802	bellard	}
539	94458802	bellard
540	5391d806	bellard	memset(s->io_buffer, 0, 512);
541	5391d806	bellard	p = (uint16_t *)s->io_buffer;
542	67b915a5	bellard	put_le16(p + 0, 0x0040);
543	5fafdf24	ths	put_le16(p + 1, s->cylinders);
544	67b915a5	bellard	put_le16(p + 3, s->heads);
545	67b915a5	bellard	put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
546	67b915a5	bellard	put_le16(p + 5, 512); /* XXX: retired, remove ? */
547	5fafdf24	ths	put_le16(p + 6, s->sectors);
548	aedf5382	bellard	snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
549	60fe76f3	ths	padstr((char )(p + 10), buf, 20); / serial number */
550	67b915a5	bellard	put_le16(p + 20, 3); /* XXX: retired, remove ? */
551	67b915a5	bellard	put_le16(p + 21, 512); /* cache size in sectors */
552	67b915a5	bellard	put_le16(p + 22, 4); /* ecc bytes */
553	60fe76f3	ths	padstr((char )(p + 23), QEMU_VERSION, 8); / firmware version */
554	60fe76f3	ths	padstr((char )(p + 27), "QEMU HARDDISK", 40); / model */
555	3b46e624	ths	#if MAX_MULT_SECTORS > 1
556	67b915a5	bellard	put_le16(p + 47, 0x8000 \| MAX_MULT_SECTORS);
557	5391d806	bellard	#endif
558	67b915a5	bellard	put_le16(p + 48, 1); /* dword I/O */
559	94458802	bellard	put_le16(p + 49, (1 << 11) \| (1 << 9) \| (1 << 8)); /* DMA and LBA supported */
560	67b915a5	bellard	put_le16(p + 51, 0x200); /* PIO transfer cycle */
561	67b915a5	bellard	put_le16(p + 52, 0x200); /* DMA transfer cycle */
562	94458802	bellard	put_le16(p + 53, 1 \| (1 << 1) \| (1 << 2)); /* words 54-58,64-70,88 are valid */
563	67b915a5	bellard	put_le16(p + 54, s->cylinders);
564	67b915a5	bellard	put_le16(p + 55, s->heads);
565	67b915a5	bellard	put_le16(p + 56, s->sectors);
566	5391d806	bellard	oldsize = s->cylinders * s->heads * s->sectors;
567	67b915a5	bellard	put_le16(p + 57, oldsize);
568	67b915a5	bellard	put_le16(p + 58, oldsize >> 16);
569	5391d806	bellard	if (s->mult_sectors)
570	67b915a5	bellard	put_le16(p + 59, 0x100 \| s->mult_sectors);
571	67b915a5	bellard	put_le16(p + 60, s->nb_sectors);
572	67b915a5	bellard	put_le16(p + 61, s->nb_sectors >> 16);
573	d1b5c20d	ths	put_le16(p + 62, 0x07); /* single word dma0-2 supported */
574	94458802	bellard	put_le16(p + 63, 0x07); /* mdma0-2 supported */
575	94458802	bellard	put_le16(p + 65, 120);
576	94458802	bellard	put_le16(p + 66, 120);
577	94458802	bellard	put_le16(p + 67, 120);
578	94458802	bellard	put_le16(p + 68, 120);
579	94458802	bellard	put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
580	94458802	bellard	put_le16(p + 81, 0x16); /* conforms to ata5 */
581	67b915a5	bellard	put_le16(p + 82, (1 << 14));
582	c2ff060f	bellard	/* 13=flush_cache_ext,12=flush_cache,10=lba48 */
583	c2ff060f	bellard	put_le16(p + 83, (1 << 14) \| (1 << 13) \| (1 <<12) \| (1 << 10));
584	67b915a5	bellard	put_le16(p + 84, (1 << 14));
585	67b915a5	bellard	put_le16(p + 85, (1 << 14));
586	c2ff060f	bellard	/* 13=flush_cache_ext,12=flush_cache,10=lba48 */
587	c2ff060f	bellard	put_le16(p + 86, (1 << 14) \| (1 << 13) \| (1 <<12) \| (1 << 10));
588	67b915a5	bellard	put_le16(p + 87, (1 << 14));
589	94458802	bellard	put_le16(p + 88, 0x3f \| (1 << 13)); /* udma5 set and supported */
590	94458802	bellard	put_le16(p + 93, 1 \| (1 << 14) \| 0x2000);
591	c2ff060f	bellard	put_le16(p + 100, s->nb_sectors);
592	c2ff060f	bellard	put_le16(p + 101, s->nb_sectors >> 16);
593	c2ff060f	bellard	put_le16(p + 102, s->nb_sectors >> 32);
594	c2ff060f	bellard	put_le16(p + 103, s->nb_sectors >> 48);
595	94458802	bellard
596	94458802	bellard	memcpy(s->identify_data, p, sizeof(s->identify_data));
597	94458802	bellard	s->identify_set = 1;
598	5391d806	bellard	}
599	5391d806	bellard
600	5391d806	bellard	static void ide_atapi_identify(IDEState *s)
601	5391d806	bellard	{
602	5391d806	bellard	uint16_t *p;
603	aedf5382	bellard	char buf[20];
604	5391d806	bellard
605	94458802	bellard	if (s->identify_set) {
606	94458802	bellard	memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
607	94458802	bellard	return;
608	94458802	bellard	}
609	94458802	bellard
610	5391d806	bellard	memset(s->io_buffer, 0, 512);
611	5391d806	bellard	p = (uint16_t *)s->io_buffer;
612	5391d806	bellard	/* Removable CDROM, 50us response, 12 byte packets */
613	67b915a5	bellard	put_le16(p + 0, (2 << 14) \| (5 << 8) \| (1 << 7) \| (2 << 5) \| (0 << 0));
614	aedf5382	bellard	snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
615	60fe76f3	ths	padstr((char )(p + 10), buf, 20); / serial number */
616	67b915a5	bellard	put_le16(p + 20, 3); /* buffer type */
617	67b915a5	bellard	put_le16(p + 21, 512); /* cache size in sectors */
618	67b915a5	bellard	put_le16(p + 22, 4); /* ecc bytes */
619	60fe76f3	ths	padstr((char )(p + 23), QEMU_VERSION, 8); / firmware version */
620	38cdea7c	balrog	padstr((char )(p + 27), "QEMU DVD-ROM", 40); / model */
621	67b915a5	bellard	put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
622	8ccad811	bellard	#ifdef USE_DMA_CDROM
623	8ccad811	bellard	put_le16(p + 49, 1 << 9 \| 1 << 8); /* DMA and LBA supported */
624	8ccad811	bellard	put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
625	d1b5c20d	ths	put_le16(p + 62, 7); /* single word dma0-2 supported */
626	8ccad811	bellard	put_le16(p + 63, 7); /* mdma0-2 supported */
627	8ccad811	bellard	put_le16(p + 64, 0x3f); /* PIO modes supported */
628	8ccad811	bellard	#else
629	67b915a5	bellard	put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
630	67b915a5	bellard	put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
631	67b915a5	bellard	put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
632	67b915a5	bellard	put_le16(p + 64, 1); /* PIO modes */
633	8ccad811	bellard	#endif
634	67b915a5	bellard	put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
635	67b915a5	bellard	put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
636	67b915a5	bellard	put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
637	67b915a5	bellard	put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
638	94458802	bellard
639	67b915a5	bellard	put_le16(p + 71, 30); /* in ns */
640	67b915a5	bellard	put_le16(p + 72, 30); /* in ns */
641	5391d806	bellard
642	67b915a5	bellard	put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
643	8ccad811	bellard	#ifdef USE_DMA_CDROM
644	8ccad811	bellard	put_le16(p + 88, 0x3f \| (1 << 13)); /* udma5 set and supported */
645	8ccad811	bellard	#endif
646	94458802	bellard	memcpy(s->identify_data, p, sizeof(s->identify_data));
647	94458802	bellard	s->identify_set = 1;
648	5391d806	bellard	}
649	5391d806	bellard
650	201a51fc	balrog	static void ide_cfata_identify(IDEState *s)
651	201a51fc	balrog	{
652	201a51fc	balrog	uint16_t *p;
653	201a51fc	balrog	uint32_t cur_sec;
654	201a51fc	balrog	char buf[20];
655	201a51fc	balrog
656	201a51fc	balrog	p = (uint16_t *) s->identify_data;
657	201a51fc	balrog	if (s->identify_set)
658	201a51fc	balrog	goto fill_buffer;
659	201a51fc	balrog
660	201a51fc	balrog	memset(p, 0, sizeof(s->identify_data));
661	201a51fc	balrog
662	201a51fc	balrog	cur_sec = s->cylinders * s->heads * s->sectors;
663	201a51fc	balrog
664	201a51fc	balrog	put_le16(p + 0, 0x848a); /* CF Storage Card signature */
665	201a51fc	balrog	put_le16(p + 1, s->cylinders); /* Default cylinders */
666	201a51fc	balrog	put_le16(p + 3, s->heads); /* Default heads */
667	201a51fc	balrog	put_le16(p + 6, s->sectors); /* Default sectors per track */
668	201a51fc	balrog	put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
669	201a51fc	balrog	put_le16(p + 8, s->nb_sectors); /* Sectors per card */
670	201a51fc	balrog	snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
671	60fe76f3	ths	padstr((char )(p + 10), buf, 20); / Serial number in ASCII */
672	201a51fc	balrog	put_le16(p + 22, 0x0004); /* ECC bytes */
673	60fe76f3	ths	padstr((char ) (p + 23), QEMU_VERSION, 8); / Firmware Revision */
674	60fe76f3	ths	padstr((char ) (p + 27), "QEMU MICRODRIVE", 40);/ Model number */
675	201a51fc	balrog	#if MAX_MULT_SECTORS > 1
676	201a51fc	balrog	put_le16(p + 47, 0x8000 \| MAX_MULT_SECTORS);
677	201a51fc	balrog	#else
678	201a51fc	balrog	put_le16(p + 47, 0x0000);
679	201a51fc	balrog	#endif
680	201a51fc	balrog	put_le16(p + 49, 0x0f00); /* Capabilities */
681	201a51fc	balrog	put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
682	201a51fc	balrog	put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
683	201a51fc	balrog	put_le16(p + 53, 0x0003); /* Translation params valid */
684	201a51fc	balrog	put_le16(p + 54, s->cylinders); /* Current cylinders */
685	201a51fc	balrog	put_le16(p + 55, s->heads); /* Current heads */
686	201a51fc	balrog	put_le16(p + 56, s->sectors); /* Current sectors */
687	201a51fc	balrog	put_le16(p + 57, cur_sec); /* Current capacity */
688	201a51fc	balrog	put_le16(p + 58, cur_sec >> 16); /* Current capacity */
689	201a51fc	balrog	if (s->mult_sectors) /* Multiple sector setting */
690	201a51fc	balrog	put_le16(p + 59, 0x100 \| s->mult_sectors);
691	201a51fc	balrog	put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
692	201a51fc	balrog	put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
693	201a51fc	balrog	put_le16(p + 63, 0x0203); /* Multiword DMA capability */
694	201a51fc	balrog	put_le16(p + 64, 0x0001); /* Flow Control PIO support */
695	201a51fc	balrog	put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
696	201a51fc	balrog	put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
697	201a51fc	balrog	put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
698	201a51fc	balrog	put_le16(p + 82, 0x400c); /* Command Set supported */
699	201a51fc	balrog	put_le16(p + 83, 0x7068); /* Command Set supported */
700	201a51fc	balrog	put_le16(p + 84, 0x4000); /* Features supported */
701	201a51fc	balrog	put_le16(p + 85, 0x000c); /* Command Set enabled */
702	201a51fc	balrog	put_le16(p + 86, 0x7044); /* Command Set enabled */
703	201a51fc	balrog	put_le16(p + 87, 0x4000); /* Features enabled */
704	201a51fc	balrog	put_le16(p + 91, 0x4060); /* Current APM level */
705	201a51fc	balrog	put_le16(p + 129, 0x0002); /* Current features option */
706	201a51fc	balrog	put_le16(p + 130, 0x0005); /* Reassigned sectors */
707	201a51fc	balrog	put_le16(p + 131, 0x0001); /* Initial power mode */
708	201a51fc	balrog	put_le16(p + 132, 0x0000); /* User signature */
709	201a51fc	balrog	put_le16(p + 160, 0x8100); /* Power requirement */
710	201a51fc	balrog	put_le16(p + 161, 0x8001); /* CF command set */
711	201a51fc	balrog
712	201a51fc	balrog	s->identify_set = 1;
713	201a51fc	balrog
714	201a51fc	balrog	fill_buffer:
715	201a51fc	balrog	memcpy(s->io_buffer, p, sizeof(s->identify_data));
716	201a51fc	balrog	}
717	201a51fc	balrog
718	5391d806	bellard	static void ide_set_signature(IDEState *s)
719	5391d806	bellard	{
720	5391d806	bellard	s->select &= 0xf0; /* clear head */
721	5391d806	bellard	/* put signature */
722	5391d806	bellard	s->nsector = 1;
723	5391d806	bellard	s->sector = 1;
724	5391d806	bellard	if (s->is_cdrom) {
725	5391d806	bellard	s->lcyl = 0x14;
726	5391d806	bellard	s->hcyl = 0xeb;
727	5391d806	bellard	} else if (s->bs) {
728	5391d806	bellard	s->lcyl = 0;
729	5391d806	bellard	s->hcyl = 0;
730	5391d806	bellard	} else {
731	5391d806	bellard	s->lcyl = 0xff;
732	5391d806	bellard	s->hcyl = 0xff;
733	5391d806	bellard	}
734	5391d806	bellard	}
735	5391d806	bellard
736	5391d806	bellard	static inline void ide_abort_command(IDEState *s)
737	5391d806	bellard	{
738	5391d806	bellard	s->status = READY_STAT \| ERR_STAT;
739	5391d806	bellard	s->error = ABRT_ERR;
740	5391d806	bellard	}
741	5391d806	bellard
742	5604e090	balrog	static inline void ide_dma_submit_check(IDEState *s,
743	5604e090	balrog	BlockDriverCompletionFunc dma_cb, BMDMAState bm)
744	5604e090	balrog	{
745	5604e090	balrog	if (bm->aiocb)
746	5604e090	balrog	return;
747	5604e090	balrog	dma_cb(bm, -1);
748	5604e090	balrog	}
749	5604e090	balrog
750	5391d806	bellard	static inline void ide_set_irq(IDEState *s)
751	5391d806	bellard	{
752	98ff7d30	bellard	BMDMAState *bm = s->bmdma;
753	5391d806	bellard	if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
754	5457c8ce	bellard	if (bm) {
755	98ff7d30	bellard	bm->status \|= BM_STATUS_INT;
756	5457c8ce	bellard	}
757	d537cf6c	pbrook	qemu_irq_raise(s->irq);
758	5391d806	bellard	}
759	5391d806	bellard	}
760	5391d806	bellard
761	5391d806	bellard	/* prepare data transfer and tell what to do after */
762	5fafdf24	ths	static void ide_transfer_start(IDEState s, uint8_t buf, int size,
763	5391d806	bellard	EndTransferFunc *end_transfer_func)
764	5391d806	bellard	{
765	5391d806	bellard	s->end_transfer_func = end_transfer_func;
766	5391d806	bellard	s->data_ptr = buf;
767	5391d806	bellard	s->data_end = buf + size;
768	7603d156	ths	if (!(s->status & ERR_STAT))
769	7603d156	ths	s->status \|= DRQ_STAT;
770	5391d806	bellard	}
771	5391d806	bellard
772	5391d806	bellard	static void ide_transfer_stop(IDEState *s)
773	5391d806	bellard	{
774	5391d806	bellard	s->end_transfer_func = ide_transfer_stop;
775	5391d806	bellard	s->data_ptr = s->io_buffer;
776	5391d806	bellard	s->data_end = s->io_buffer;
777	5391d806	bellard	s->status &= ~DRQ_STAT;
778	5391d806	bellard	}
779	5391d806	bellard
780	5391d806	bellard	static int64_t ide_get_sector(IDEState *s)
781	5391d806	bellard	{
782	5391d806	bellard	int64_t sector_num;
783	5391d806	bellard	if (s->select & 0x40) {
784	5391d806	bellard	/* lba */
785	c2ff060f	bellard	if (!s->lba48) {
786	c2ff060f	bellard	sector_num = ((s->select & 0x0f) << 24) \| (s->hcyl << 16) \|
787	c2ff060f	bellard	(s->lcyl << 8) \| s->sector;
788	c2ff060f	bellard	} else {
789	c2ff060f	bellard	sector_num = ((int64_t)s->hob_hcyl << 40) \|
790	c2ff060f	bellard	((int64_t) s->hob_lcyl << 32) \|
791	c2ff060f	bellard	((int64_t) s->hob_sector << 24) \|
792	c2ff060f	bellard	((int64_t) s->hcyl << 16) \|
793	c2ff060f	bellard	((int64_t) s->lcyl << 8) \| s->sector;
794	c2ff060f	bellard	}
795	5391d806	bellard	} else {
796	5391d806	bellard	sector_num = ((s->hcyl << 8) \| s->lcyl) * s->heads * s->sectors +
797	c2ff060f	bellard	(s->select & 0x0f) * s->sectors + (s->sector - 1);
798	5391d806	bellard	}
799	5391d806	bellard	return sector_num;
800	5391d806	bellard	}
801	5391d806	bellard
802	5391d806	bellard	static void ide_set_sector(IDEState *s, int64_t sector_num)
803	5391d806	bellard	{
804	5391d806	bellard	unsigned int cyl, r;
805	5391d806	bellard	if (s->select & 0x40) {
806	c2ff060f	bellard	if (!s->lba48) {
807	c2ff060f	bellard	s->select = (s->select & 0xf0) \| (sector_num >> 24);
808	c2ff060f	bellard	s->hcyl = (sector_num >> 16);
809	c2ff060f	bellard	s->lcyl = (sector_num >> 8);
810	c2ff060f	bellard	s->sector = (sector_num);
811	c2ff060f	bellard	} else {
812	c2ff060f	bellard	s->sector = sector_num;
813	c2ff060f	bellard	s->lcyl = sector_num >> 8;
814	c2ff060f	bellard	s->hcyl = sector_num >> 16;
815	c2ff060f	bellard	s->hob_sector = sector_num >> 24;
816	c2ff060f	bellard	s->hob_lcyl = sector_num >> 32;
817	c2ff060f	bellard	s->hob_hcyl = sector_num >> 40;
818	c2ff060f	bellard	}
819	5391d806	bellard	} else {
820	5391d806	bellard	cyl = sector_num / (s->heads * s->sectors);
821	5391d806	bellard	r = sector_num % (s->heads * s->sectors);
822	5391d806	bellard	s->hcyl = cyl >> 8;
823	5391d806	bellard	s->lcyl = cyl;
824	1b8eb456	bellard	s->select = (s->select & 0xf0) \| ((r / s->sectors) & 0x0f);
825	5391d806	bellard	s->sector = (r % s->sectors) + 1;
826	5391d806	bellard	}
827	5391d806	bellard	}
828	5391d806	bellard
829	e162cfb0	balrog	static void ide_rw_error(IDEState *s) {
830	e162cfb0	balrog	ide_abort_command(s);
831	e162cfb0	balrog	ide_set_irq(s);
832	e162cfb0	balrog	}
833	e162cfb0	balrog
834	5391d806	bellard	static void ide_sector_read(IDEState *s)
835	5391d806	bellard	{
836	5391d806	bellard	int64_t sector_num;
837	5391d806	bellard	int ret, n;
838	5391d806	bellard
839	5391d806	bellard	s->status = READY_STAT \| SEEK_STAT;
840	a136e5a8	bellard	s->error = 0; /* not needed by IDE spec, but needed by Windows */
841	5391d806	bellard	sector_num = ide_get_sector(s);
842	5391d806	bellard	n = s->nsector;
843	5391d806	bellard	if (n == 0) {
844	5391d806	bellard	/* no more sector to read from disk */
845	5391d806	bellard	ide_transfer_stop(s);
846	5391d806	bellard	} else {
847	5391d806	bellard	#if defined(DEBUG_IDE)
848	18c5f8ea	balrog	printf("read sector=%" PRId64 "\n", sector_num);
849	5391d806	bellard	#endif
850	5391d806	bellard	if (n > s->req_nb_sectors)
851	5391d806	bellard	n = s->req_nb_sectors;
852	5391d806	bellard	ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
853	e162cfb0	balrog	if (ret != 0) {
854	e162cfb0	balrog	ide_rw_error(s);
855	e162cfb0	balrog	return;
856	e162cfb0	balrog	}
857	5391d806	bellard	ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
858	5391d806	bellard	ide_set_irq(s);
859	5391d806	bellard	ide_set_sector(s, sector_num + n);
860	5391d806	bellard	s->nsector -= n;
861	5391d806	bellard	}
862	5391d806	bellard	}
863	5391d806	bellard
864	e162cfb0	balrog	static void ide_dma_error(IDEState *s)
865	e162cfb0	balrog	{
866	e162cfb0	balrog	ide_transfer_stop(s);
867	e162cfb0	balrog	s->error = ABRT_ERR;
868	e162cfb0	balrog	s->status = READY_STAT \| ERR_STAT;
869	e162cfb0	balrog	ide_set_irq(s);
870	e162cfb0	balrog	}
871	e162cfb0	balrog
872	8ccad811	bellard	/* return 0 if buffer completed */
873	8ccad811	bellard	static int dma_buf_rw(BMDMAState *bm, int is_write)
874	98087450	bellard	{
875	8ccad811	bellard	IDEState *s = bm->ide_if;
876	8ccad811	bellard	struct {
877	8ccad811	bellard	uint32_t addr;
878	8ccad811	bellard	uint32_t size;
879	8ccad811	bellard	} prd;
880	8ccad811	bellard	int l, len;
881	98087450	bellard
882	8ccad811	bellard	for(;;) {
883	8ccad811	bellard	l = s->io_buffer_size - s->io_buffer_index;
884	5fafdf24	ths	if (l <= 0)
885	8ccad811	bellard	break;
886	8ccad811	bellard	if (bm->cur_prd_len == 0) {
887	8ccad811	bellard	/* end of table (with a fail safe of one page) */
888	8ccad811	bellard	if (bm->cur_prd_last \|\|
889	8ccad811	bellard	(bm->cur_addr - bm->addr) >= 4096)
890	8ccad811	bellard	return 0;
891	8ccad811	bellard	cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
892	8ccad811	bellard	bm->cur_addr += 8;
893	8ccad811	bellard	prd.addr = le32_to_cpu(prd.addr);
894	8ccad811	bellard	prd.size = le32_to_cpu(prd.size);
895	8ccad811	bellard	len = prd.size & 0xfffe;
896	8ccad811	bellard	if (len == 0)
897	8ccad811	bellard	len = 0x10000;
898	8ccad811	bellard	bm->cur_prd_len = len;
899	8ccad811	bellard	bm->cur_prd_addr = prd.addr;
900	8ccad811	bellard	bm->cur_prd_last = (prd.size & 0x80000000);
901	8ccad811	bellard	}
902	8ccad811	bellard	if (l > bm->cur_prd_len)
903	8ccad811	bellard	l = bm->cur_prd_len;
904	8ccad811	bellard	if (l > 0) {
905	8ccad811	bellard	if (is_write) {
906	5fafdf24	ths	cpu_physical_memory_write(bm->cur_prd_addr,
907	8ccad811	bellard	s->io_buffer + s->io_buffer_index, l);
908	8ccad811	bellard	} else {
909	5fafdf24	ths	cpu_physical_memory_read(bm->cur_prd_addr,
910	8ccad811	bellard	s->io_buffer + s->io_buffer_index, l);
911	8ccad811	bellard	}
912	8ccad811	bellard	bm->cur_prd_addr += l;
913	8ccad811	bellard	bm->cur_prd_len -= l;
914	8ccad811	bellard	s->io_buffer_index += l;
915	98087450	bellard	}
916	98087450	bellard	}
917	8ccad811	bellard	return 1;
918	8ccad811	bellard	}
919	8ccad811	bellard
920	8ccad811	bellard	static void ide_read_dma_cb(void *opaque, int ret)
921	8ccad811	bellard	{
922	8ccad811	bellard	BMDMAState *bm = opaque;
923	8ccad811	bellard	IDEState *s = bm->ide_if;
924	8ccad811	bellard	int n;
925	8ccad811	bellard	int64_t sector_num;
926	8ccad811	bellard
927	e162cfb0	balrog	if (ret < 0) {
928	e162cfb0	balrog	ide_dma_error(s);
929	e162cfb0	balrog	return;
930	e162cfb0	balrog	}
931	e162cfb0	balrog
932	8ccad811	bellard	n = s->io_buffer_size >> 9;
933	8ccad811	bellard	sector_num = ide_get_sector(s);
934	8ccad811	bellard	if (n > 0) {
935	8ccad811	bellard	sector_num += n;
936	8ccad811	bellard	ide_set_sector(s, sector_num);
937	8ccad811	bellard	s->nsector -= n;
938	8ccad811	bellard	if (dma_buf_rw(bm, 1) == 0)
939	8ccad811	bellard	goto eot;
940	8ccad811	bellard	}
941	8ccad811	bellard
942	8ccad811	bellard	/* end of transfer ? */
943	8ccad811	bellard	if (s->nsector == 0) {
944	98087450	bellard	s->status = READY_STAT \| SEEK_STAT;
945	98087450	bellard	ide_set_irq(s);
946	8ccad811	bellard	eot:
947	8ccad811	bellard	bm->status &= ~BM_STATUS_DMAING;
948	8ccad811	bellard	bm->status \|= BM_STATUS_INT;
949	8ccad811	bellard	bm->dma_cb = NULL;
950	8ccad811	bellard	bm->ide_if = NULL;
951	8ccad811	bellard	bm->aiocb = NULL;
952	8ccad811	bellard	return;
953	98087450	bellard	}
954	8ccad811	bellard
955	8ccad811	bellard	/* launch next transfer */
956	8ccad811	bellard	n = s->nsector;
957	1d8cde5b	aurel32	if (n > IDE_DMA_BUF_SECTORS)
958	1d8cde5b	aurel32	n = IDE_DMA_BUF_SECTORS;
959	8ccad811	bellard	s->io_buffer_index = 0;
960	8ccad811	bellard	s->io_buffer_size = n * 512;
961	8ccad811	bellard	#ifdef DEBUG_AIO
962	8ccad811	bellard	printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
963	8ccad811	bellard	#endif
964	5fafdf24	ths	bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
965	8ccad811	bellard	ide_read_dma_cb, bm);
966	5604e090	balrog	ide_dma_submit_check(s, ide_read_dma_cb, bm);
967	98087450	bellard	}
968	98087450	bellard
969	98087450	bellard	static void ide_sector_read_dma(IDEState *s)
970	98087450	bellard	{
971	8ccad811	bellard	s->status = READY_STAT \| SEEK_STAT \| DRQ_STAT \| BUSY_STAT;
972	98087450	bellard	s->io_buffer_index = 0;
973	98087450	bellard	s->io_buffer_size = 0;
974	98087450	bellard	ide_dma_start(s, ide_read_dma_cb);
975	98087450	bellard	}
976	98087450	bellard
977	a09db21f	bellard	static void ide_sector_write_timer_cb(void *opaque)
978	a09db21f	bellard	{
979	a09db21f	bellard	IDEState *s = opaque;
980	a09db21f	bellard	ide_set_irq(s);
981	a09db21f	bellard	}
982	a09db21f	bellard
983	5391d806	bellard	static void ide_sector_write(IDEState *s)
984	5391d806	bellard	{
985	5391d806	bellard	int64_t sector_num;
986	31c2a146	ths	int ret, n, n1;
987	5391d806	bellard
988	5391d806	bellard	s->status = READY_STAT \| SEEK_STAT;
989	5391d806	bellard	sector_num = ide_get_sector(s);
990	5391d806	bellard	#if defined(DEBUG_IDE)
991	18c5f8ea	balrog	printf("write sector=%" PRId64 "\n", sector_num);
992	5391d806	bellard	#endif
993	5391d806	bellard	n = s->nsector;
994	5391d806	bellard	if (n > s->req_nb_sectors)
995	5391d806	bellard	n = s->req_nb_sectors;
996	31c2a146	ths	ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
997	e162cfb0	balrog	if (ret != 0) {
998	e162cfb0	balrog	ide_rw_error(s);
999	e162cfb0	balrog	return;
1000	e162cfb0	balrog	}
1001	e162cfb0	balrog
1002	5391d806	bellard	s->nsector -= n;
1003	5391d806	bellard	if (s->nsector == 0) {
1004	292eef5a	ths	/* no more sectors to write */
1005	5391d806	bellard	ide_transfer_stop(s);
1006	5391d806	bellard	} else {
1007	5391d806	bellard	n1 = s->nsector;
1008	5391d806	bellard	if (n1 > s->req_nb_sectors)
1009	5391d806	bellard	n1 = s->req_nb_sectors;
1010	5391d806	bellard	ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
1011	5391d806	bellard	}
1012	5391d806	bellard	ide_set_sector(s, sector_num + n);
1013	3b46e624	ths
1014	31c2a146	ths	#ifdef TARGET_I386
1015	31c2a146	ths	if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
1016	31c2a146	ths	/* It seems there is a bug in the Windows 2000 installer HDD
1017	31c2a146	ths	IDE driver which fills the disk with empty logs when the
1018	31c2a146	ths	IDE write IRQ comes too early. This hack tries to correct
1019	31c2a146	ths	that at the expense of slower write performances. Use this
1020	31c2a146	ths	option _only_ to install Windows 2000. You must disable it
1021	31c2a146	ths	for normal use. */
1022	31c2a146	ths	qemu_mod_timer(s->sector_write_timer,
1023	31c2a146	ths	qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
1024	31c2a146	ths	} else
1025	31c2a146	ths	#endif
1026	31c2a146	ths	{
1027	31c2a146	ths	ide_set_irq(s);
1028	31c2a146	ths	}
1029	5391d806	bellard	}
1030	5391d806	bellard
1031	8ccad811	bellard	static void ide_write_dma_cb(void *opaque, int ret)
1032	98087450	bellard	{
1033	8ccad811	bellard	BMDMAState *bm = opaque;
1034	8ccad811	bellard	IDEState *s = bm->ide_if;
1035	8ccad811	bellard	int n;
1036	98087450	bellard	int64_t sector_num;
1037	98087450	bellard
1038	e162cfb0	balrog	if (ret < 0) {
1039	e162cfb0	balrog	ide_dma_error(s);
1040	e162cfb0	balrog	return;
1041	e162cfb0	balrog	}
1042	e162cfb0	balrog
1043	8ccad811	bellard	n = s->io_buffer_size >> 9;
1044	8ccad811	bellard	sector_num = ide_get_sector(s);
1045	8ccad811	bellard	if (n > 0) {
1046	8ccad811	bellard	sector_num += n;
1047	8ccad811	bellard	ide_set_sector(s, sector_num);
1048	8ccad811	bellard	s->nsector -= n;
1049	98087450	bellard	}
1050	98087450	bellard
1051	8ccad811	bellard	/* end of transfer ? */
1052	8ccad811	bellard	if (s->nsector == 0) {
1053	8ccad811	bellard	s->status = READY_STAT \| SEEK_STAT;
1054	8ccad811	bellard	ide_set_irq(s);
1055	8ccad811	bellard	eot:
1056	8ccad811	bellard	bm->status &= ~BM_STATUS_DMAING;
1057	8ccad811	bellard	bm->status \|= BM_STATUS_INT;
1058	8ccad811	bellard	bm->dma_cb = NULL;
1059	8ccad811	bellard	bm->ide_if = NULL;
1060	8ccad811	bellard	bm->aiocb = NULL;
1061	8ccad811	bellard	return;
1062	8ccad811	bellard	}
1063	8ccad811	bellard
1064	8ccad811	bellard	/* launch next transfer */
1065	98087450	bellard	n = s->nsector;
1066	1d8cde5b	aurel32	if (n > IDE_DMA_BUF_SECTORS)
1067	1d8cde5b	aurel32	n = IDE_DMA_BUF_SECTORS;
1068	98087450	bellard	s->io_buffer_index = 0;
1069	98087450	bellard	s->io_buffer_size = n * 512;
1070	8ccad811	bellard
1071	8ccad811	bellard	if (dma_buf_rw(bm, 0) == 0)
1072	8ccad811	bellard	goto eot;
1073	8ccad811	bellard	#ifdef DEBUG_AIO
1074	8ccad811	bellard	printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
1075	8ccad811	bellard	#endif
1076	5fafdf24	ths	bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
1077	8ccad811	bellard	ide_write_dma_cb, bm);
1078	5604e090	balrog	ide_dma_submit_check(s, ide_write_dma_cb, bm);
1079	8ccad811	bellard	}
1080	8ccad811	bellard
1081	8ccad811	bellard	static void ide_sector_write_dma(IDEState *s)
1082	8ccad811	bellard	{
1083	8ccad811	bellard	s->status = READY_STAT \| SEEK_STAT \| DRQ_STAT \| BUSY_STAT;
1084	8ccad811	bellard	s->io_buffer_index = 0;
1085	8ccad811	bellard	s->io_buffer_size = 0;
1086	98087450	bellard	ide_dma_start(s, ide_write_dma_cb);
1087	98087450	bellard	}
1088	98087450	bellard
1089	5391d806	bellard	static void ide_atapi_cmd_ok(IDEState *s)
1090	5391d806	bellard	{
1091	5391d806	bellard	s->error = 0;
1092	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
1093	5391d806	bellard	s->nsector = (s->nsector & ~7) \| ATAPI_INT_REASON_IO \| ATAPI_INT_REASON_CD;
1094	5391d806	bellard	ide_set_irq(s);
1095	5391d806	bellard	}
1096	5391d806	bellard
1097	5391d806	bellard	static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1098	5391d806	bellard	{
1099	5391d806	bellard	#ifdef DEBUG_IDE_ATAPI
1100	5391d806	bellard	printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1101	5391d806	bellard	#endif
1102	5391d806	bellard	s->error = sense_key << 4;
1103	5391d806	bellard	s->status = READY_STAT \| ERR_STAT;
1104	5391d806	bellard	s->nsector = (s->nsector & ~7) \| ATAPI_INT_REASON_IO \| ATAPI_INT_REASON_CD;
1105	5391d806	bellard	s->sense_key = sense_key;
1106	5391d806	bellard	s->asc = asc;
1107	5391d806	bellard	ide_set_irq(s);
1108	5391d806	bellard	}
1109	5391d806	bellard
1110	9118e7f0	aliguori	static void ide_atapi_cmd_check_status(IDEState *s)
1111	9118e7f0	aliguori	{
1112	9118e7f0	aliguori	#ifdef DEBUG_IDE_ATAPI
1113	9118e7f0	aliguori	printf("atapi_cmd_check_status\n");
1114	9118e7f0	aliguori	#endif
1115	9118e7f0	aliguori	s->error = MC_ERR \| (SENSE_UNIT_ATTENTION << 4);
1116	9118e7f0	aliguori	s->status = ERR_STAT;
1117	9118e7f0	aliguori	s->nsector = 0;
1118	9118e7f0	aliguori	ide_set_irq(s);
1119	9118e7f0	aliguori	}
1120	9118e7f0	aliguori
1121	5391d806	bellard	static inline void cpu_to_ube16(uint8_t *buf, int val)
1122	5391d806	bellard	{
1123	5391d806	bellard	buf[0] = val >> 8;
1124	5391d806	bellard	buf[1] = val;
1125	5391d806	bellard	}
1126	5391d806	bellard
1127	5391d806	bellard	static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1128	5391d806	bellard	{
1129	5391d806	bellard	buf[0] = val >> 24;
1130	5391d806	bellard	buf[1] = val >> 16;
1131	5391d806	bellard	buf[2] = val >> 8;
1132	5391d806	bellard	buf[3] = val;
1133	5391d806	bellard	}
1134	5391d806	bellard
1135	5391d806	bellard	static inline int ube16_to_cpu(const uint8_t *buf)
1136	5391d806	bellard	{
1137	5391d806	bellard	return (buf[0] << 8) \| buf[1];
1138	5391d806	bellard	}
1139	5391d806	bellard
1140	5391d806	bellard	static inline int ube32_to_cpu(const uint8_t *buf)
1141	5391d806	bellard	{
1142	5391d806	bellard	return (buf[0] << 24) \| (buf[1] << 16) \| (buf[2] << 8) \| buf[3];
1143	5391d806	bellard	}
1144	5391d806	bellard
1145	98087450	bellard	static void lba_to_msf(uint8_t *buf, int lba)
1146	98087450	bellard	{
1147	98087450	bellard	lba += 150;
1148	98087450	bellard	buf[0] = (lba / 75) / 60;
1149	98087450	bellard	buf[1] = (lba / 75) % 60;
1150	98087450	bellard	buf[2] = lba % 75;
1151	98087450	bellard	}
1152	98087450	bellard
1153	8ccad811	bellard	static void cd_data_to_raw(uint8_t *buf, int lba)
1154	8ccad811	bellard	{
1155	8ccad811	bellard	/* sync bytes */
1156	8ccad811	bellard	buf[0] = 0x00;
1157	8ccad811	bellard	memset(buf + 1, 0xff, 10);
1158	8ccad811	bellard	buf[11] = 0x00;
1159	8ccad811	bellard	buf += 12;
1160	8ccad811	bellard	/* MSF */
1161	8ccad811	bellard	lba_to_msf(buf, lba);
1162	8ccad811	bellard	buf[3] = 0x01; /* mode 1 data */
1163	8ccad811	bellard	buf += 4;
1164	8ccad811	bellard	/* data */
1165	8ccad811	bellard	buf += 2048;
1166	8ccad811	bellard	/* XXX: ECC not computed */
1167	8ccad811	bellard	memset(buf, 0, 288);
1168	8ccad811	bellard	}
1169	8ccad811	bellard
1170	5fafdf24	ths	static int cd_read_sector(BlockDriverState bs, int lba, uint8_t buf,
1171	98087450	bellard	int sector_size)
1172	98087450	bellard	{
1173	66c6ef76	bellard	int ret;
1174	66c6ef76	bellard
1175	98087450	bellard	switch(sector_size) {
1176	98087450	bellard	case 2048:
1177	66c6ef76	bellard	ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1178	98087450	bellard	break;
1179	98087450	bellard	case 2352:
1180	66c6ef76	bellard	ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1181	66c6ef76	bellard	if (ret < 0)
1182	66c6ef76	bellard	return ret;
1183	8ccad811	bellard	cd_data_to_raw(buf, lba);
1184	98087450	bellard	break;
1185	98087450	bellard	default:
1186	66c6ef76	bellard	ret = -EIO;
1187	98087450	bellard	break;
1188	98087450	bellard	}
1189	66c6ef76	bellard	return ret;
1190	66c6ef76	bellard	}
1191	66c6ef76	bellard
1192	66c6ef76	bellard	static void ide_atapi_io_error(IDEState *s, int ret)
1193	66c6ef76	bellard	{
1194	66c6ef76	bellard	/* XXX: handle more errors */
1195	66c6ef76	bellard	if (ret == -ENOMEDIUM) {
1196	5fafdf24	ths	ide_atapi_cmd_error(s, SENSE_NOT_READY,
1197	66c6ef76	bellard	ASC_MEDIUM_NOT_PRESENT);
1198	66c6ef76	bellard	} else {
1199	5fafdf24	ths	ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1200	66c6ef76	bellard	ASC_LOGICAL_BLOCK_OOR);
1201	66c6ef76	bellard	}
1202	98087450	bellard	}
1203	98087450	bellard
1204	5391d806	bellard	/* The whole ATAPI transfer logic is handled in this function */
1205	5391d806	bellard	static void ide_atapi_cmd_reply_end(IDEState *s)
1206	5391d806	bellard	{
1207	66c6ef76	bellard	int byte_count_limit, size, ret;
1208	5391d806	bellard	#ifdef DEBUG_IDE_ATAPI
1209	5fafdf24	ths	printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1210	5391d806	bellard	s->packet_transfer_size,
1211	5391d806	bellard	s->elementary_transfer_size,
1212	5391d806	bellard	s->io_buffer_index);
1213	5391d806	bellard	#endif
1214	5391d806	bellard	if (s->packet_transfer_size <= 0) {
1215	5391d806	bellard	/* end of transfer */
1216	5391d806	bellard	ide_transfer_stop(s);
1217	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
1218	5391d806	bellard	s->nsector = (s->nsector & ~7) \| ATAPI_INT_REASON_IO \| ATAPI_INT_REASON_CD;
1219	5391d806	bellard	ide_set_irq(s);
1220	5391d806	bellard	#ifdef DEBUG_IDE_ATAPI
1221	5391d806	bellard	printf("status=0x%x\n", s->status);
1222	5391d806	bellard	#endif
1223	5391d806	bellard	} else {
1224	5391d806	bellard	/* see if a new sector must be read */
1225	98087450	bellard	if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1226	66c6ef76	bellard	ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1227	66c6ef76	bellard	if (ret < 0) {
1228	66c6ef76	bellard	ide_transfer_stop(s);
1229	66c6ef76	bellard	ide_atapi_io_error(s, ret);
1230	66c6ef76	bellard	return;
1231	66c6ef76	bellard	}
1232	5391d806	bellard	s->lba++;
1233	5391d806	bellard	s->io_buffer_index = 0;
1234	5391d806	bellard	}
1235	5391d806	bellard	if (s->elementary_transfer_size > 0) {
1236	5391d806	bellard	/* there are some data left to transmit in this elementary
1237	5391d806	bellard	transfer */
1238	98087450	bellard	size = s->cd_sector_size - s->io_buffer_index;
1239	5391d806	bellard	if (size > s->elementary_transfer_size)
1240	5391d806	bellard	size = s->elementary_transfer_size;
1241	5fafdf24	ths	ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1242	5391d806	bellard	size, ide_atapi_cmd_reply_end);
1243	5391d806	bellard	s->packet_transfer_size -= size;
1244	5391d806	bellard	s->elementary_transfer_size -= size;
1245	5391d806	bellard	s->io_buffer_index += size;
1246	5391d806	bellard	} else {
1247	5391d806	bellard	/* a new transfer is needed */
1248	5391d806	bellard	s->nsector = (s->nsector & ~7) \| ATAPI_INT_REASON_IO;
1249	5391d806	bellard	byte_count_limit = s->lcyl \| (s->hcyl << 8);
1250	5391d806	bellard	#ifdef DEBUG_IDE_ATAPI
1251	5391d806	bellard	printf("byte_count_limit=%d\n", byte_count_limit);
1252	5391d806	bellard	#endif
1253	5391d806	bellard	if (byte_count_limit == 0xffff)
1254	5391d806	bellard	byte_count_limit--;
1255	5391d806	bellard	size = s->packet_transfer_size;
1256	5391d806	bellard	if (size > byte_count_limit) {
1257	5391d806	bellard	/* byte count limit must be even if this case */
1258	5391d806	bellard	if (byte_count_limit & 1)
1259	5391d806	bellard	byte_count_limit--;
1260	5391d806	bellard	size = byte_count_limit;
1261	5391d806	bellard	}
1262	a136e5a8	bellard	s->lcyl = size;
1263	a136e5a8	bellard	s->hcyl = size >> 8;
1264	5391d806	bellard	s->elementary_transfer_size = size;
1265	5391d806	bellard	/* we cannot transmit more than one sector at a time */
1266	5391d806	bellard	if (s->lba != -1) {
1267	98087450	bellard	if (size > (s->cd_sector_size - s->io_buffer_index))
1268	98087450	bellard	size = (s->cd_sector_size - s->io_buffer_index);
1269	5391d806	bellard	}
1270	5fafdf24	ths	ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1271	5391d806	bellard	size, ide_atapi_cmd_reply_end);
1272	5391d806	bellard	s->packet_transfer_size -= size;
1273	5391d806	bellard	s->elementary_transfer_size -= size;
1274	5391d806	bellard	s->io_buffer_index += size;
1275	5391d806	bellard	ide_set_irq(s);
1276	5391d806	bellard	#ifdef DEBUG_IDE_ATAPI
1277	5391d806	bellard	printf("status=0x%x\n", s->status);
1278	5391d806	bellard	#endif
1279	5391d806	bellard	}
1280	5391d806	bellard	}
1281	5391d806	bellard	}
1282	5391d806	bellard
1283	5391d806	bellard	/* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1284	5391d806	bellard	static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1285	5391d806	bellard	{
1286	5391d806	bellard	if (size > max_size)
1287	5391d806	bellard	size = max_size;
1288	5391d806	bellard	s->lba = -1; /* no sector read */
1289	5391d806	bellard	s->packet_transfer_size = size;
1290	5f12ab4b	ths	s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1291	5391d806	bellard	s->elementary_transfer_size = 0;
1292	5391d806	bellard	s->io_buffer_index = 0;
1293	5391d806	bellard
1294	5f12ab4b	ths	if (s->atapi_dma) {
1295	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT \| DRQ_STAT;
1296	5f12ab4b	ths	ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1297	5f12ab4b	ths	} else {
1298	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
1299	5f12ab4b	ths	ide_atapi_cmd_reply_end(s);
1300	5f12ab4b	ths	}
1301	5391d806	bellard	}
1302	5391d806	bellard
1303	5391d806	bellard	/* start a CD-CDROM read command */
1304	98087450	bellard	static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1305	98087450	bellard	int sector_size)
1306	5391d806	bellard	{
1307	5391d806	bellard	s->lba = lba;
1308	98087450	bellard	s->packet_transfer_size = nb_sectors * sector_size;
1309	5391d806	bellard	s->elementary_transfer_size = 0;
1310	98087450	bellard	s->io_buffer_index = sector_size;
1311	98087450	bellard	s->cd_sector_size = sector_size;
1312	5391d806	bellard
1313	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
1314	5391d806	bellard	ide_atapi_cmd_reply_end(s);
1315	5391d806	bellard	}
1316	5391d806	bellard
1317	98087450	bellard	/* ATAPI DMA support */
1318	8ccad811	bellard
1319	8ccad811	bellard	/* XXX: handle read errors */
1320	8ccad811	bellard	static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1321	98087450	bellard	{
1322	8ccad811	bellard	BMDMAState *bm = opaque;
1323	8ccad811	bellard	IDEState *s = bm->ide_if;
1324	8ccad811	bellard	int data_offset, n;
1325	8ccad811	bellard
1326	66c6ef76	bellard	if (ret < 0) {
1327	66c6ef76	bellard	ide_atapi_io_error(s, ret);
1328	66c6ef76	bellard	goto eot;
1329	66c6ef76	bellard	}
1330	66c6ef76	bellard
1331	8ccad811	bellard	if (s->io_buffer_size > 0) {
1332	5f12ab4b	ths	/*
1333	5f12ab4b	ths	* For a cdrom read sector command (s->lba != -1),
1334	5f12ab4b	ths	* adjust the lba for the next s->io_buffer_size chunk
1335	5f12ab4b	ths	* and dma the current chunk.
1336	5f12ab4b	ths	* For a command != read (s->lba == -1), just transfer
1337	5f12ab4b	ths	* the reply data.
1338	5f12ab4b	ths	*/
1339	5f12ab4b	ths	if (s->lba != -1) {
1340	5f12ab4b	ths	if (s->cd_sector_size == 2352) {
1341	5f12ab4b	ths	n = 1;
1342	5f12ab4b	ths	cd_data_to_raw(s->io_buffer, s->lba);
1343	5f12ab4b	ths	} else {
1344	5f12ab4b	ths	n = s->io_buffer_size >> 11;
1345	5f12ab4b	ths	}
1346	5f12ab4b	ths	s->lba += n;
1347	5f12ab4b	ths	}
1348	8ccad811	bellard	s->packet_transfer_size -= s->io_buffer_size;
1349	8ccad811	bellard	if (dma_buf_rw(bm, 1) == 0)
1350	8ccad811	bellard	goto eot;
1351	98087450	bellard	}
1352	8ccad811	bellard
1353	98087450	bellard	if (s->packet_transfer_size <= 0) {
1354	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
1355	98087450	bellard	s->nsector = (s->nsector & ~7) \| ATAPI_INT_REASON_IO \| ATAPI_INT_REASON_CD;
1356	98087450	bellard	ide_set_irq(s);
1357	8ccad811	bellard	eot:
1358	8ccad811	bellard	bm->status &= ~BM_STATUS_DMAING;
1359	8ccad811	bellard	bm->status \|= BM_STATUS_INT;
1360	8ccad811	bellard	bm->dma_cb = NULL;
1361	8ccad811	bellard	bm->ide_if = NULL;
1362	8ccad811	bellard	bm->aiocb = NULL;
1363	8ccad811	bellard	return;
1364	8ccad811	bellard	}
1365	3b46e624	ths
1366	8ccad811	bellard	s->io_buffer_index = 0;
1367	8ccad811	bellard	if (s->cd_sector_size == 2352) {
1368	8ccad811	bellard	n = 1;
1369	8ccad811	bellard	s->io_buffer_size = s->cd_sector_size;
1370	8ccad811	bellard	data_offset = 16;
1371	8ccad811	bellard	} else {
1372	8ccad811	bellard	n = s->packet_transfer_size >> 11;
1373	1d8cde5b	aurel32	if (n > (IDE_DMA_BUF_SECTORS / 4))
1374	1d8cde5b	aurel32	n = (IDE_DMA_BUF_SECTORS / 4);
1375	8ccad811	bellard	s->io_buffer_size = n * 2048;
1376	8ccad811	bellard	data_offset = 0;
1377	98087450	bellard	}
1378	8ccad811	bellard	#ifdef DEBUG_AIO
1379	8ccad811	bellard	printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1380	8ccad811	bellard	#endif
1381	5fafdf24	ths	bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1382	5fafdf24	ths	s->io_buffer + data_offset, n * 4,
1383	8ccad811	bellard	ide_atapi_cmd_read_dma_cb, bm);
1384	66c6ef76	bellard	if (!bm->aiocb) {
1385	66c6ef76	bellard	/* Note: media not present is the most likely case */
1386	5fafdf24	ths	ide_atapi_cmd_error(s, SENSE_NOT_READY,
1387	66c6ef76	bellard	ASC_MEDIUM_NOT_PRESENT);
1388	66c6ef76	bellard	goto eot;
1389	66c6ef76	bellard	}
1390	98087450	bellard	}
1391	98087450	bellard
1392	98087450	bellard	/* start a CD-CDROM read command with DMA */
1393	98087450	bellard	/* XXX: test if DMA is available */
1394	98087450	bellard	static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1395	98087450	bellard	int sector_size)
1396	98087450	bellard	{
1397	98087450	bellard	s->lba = lba;
1398	98087450	bellard	s->packet_transfer_size = nb_sectors * sector_size;
1399	8ccad811	bellard	s->io_buffer_index = 0;
1400	8ccad811	bellard	s->io_buffer_size = 0;
1401	98087450	bellard	s->cd_sector_size = sector_size;
1402	98087450	bellard
1403	8ccad811	bellard	/* XXX: check if BUSY_STAT should be set */
1404	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT \| DRQ_STAT \| BUSY_STAT;
1405	98087450	bellard	ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1406	98087450	bellard	}
1407	98087450	bellard
1408	5fafdf24	ths	static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1409	98087450	bellard	int sector_size)
1410	98087450	bellard	{
1411	98087450	bellard	#ifdef DEBUG_IDE_ATAPI
1412	5f12ab4b	ths	printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1413	5f12ab4b	ths	lba, nb_sectors);
1414	98087450	bellard	#endif
1415	98087450	bellard	if (s->atapi_dma) {
1416	98087450	bellard	ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1417	98087450	bellard	} else {
1418	98087450	bellard	ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1419	98087450	bellard	}
1420	98087450	bellard	}
1421	98087450	bellard
1422	38cdea7c	balrog	static inline uint8_t ide_atapi_set_profile(uint8_t buf, uint8_t index,
1423	38cdea7c	balrog	uint16_t profile)
1424	38cdea7c	balrog	{
1425	38cdea7c	balrog	uint8_t buf_profile = buf + 12; / start of profiles */
1426	38cdea7c	balrog
1427	38cdea7c	balrog	buf_profile += ((index) 4); /* start of indexed profile */
1428	38cdea7c	balrog	cpu_to_ube16 (buf_profile, profile);
1429	38cdea7c	balrog	buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1430	38cdea7c	balrog
1431	38cdea7c	balrog	/* each profile adds 4 bytes to the response */
1432	38cdea7c	balrog	(*index)++;
1433	38cdea7c	balrog	buf[11] += 4; /* Additional Length */
1434	38cdea7c	balrog
1435	38cdea7c	balrog	return 4;
1436	38cdea7c	balrog	}
1437	38cdea7c	balrog
1438	8114e9e8	ths	static int ide_dvd_read_structure(IDEState *s, int format,
1439	8114e9e8	ths	const uint8_t packet, uint8_t buf)
1440	8114e9e8	ths	{
1441	8114e9e8	ths	switch (format) {
1442	8114e9e8	ths	case 0x0: /* Physical format information */
1443	8114e9e8	ths	{
1444	8114e9e8	ths	int layer = packet[6];
1445	8114e9e8	ths	uint64_t total_sectors;
1446	8114e9e8	ths
1447	8114e9e8	ths	if (layer != 0)
1448	8114e9e8	ths	return -ASC_INV_FIELD_IN_CMD_PACKET;
1449	8114e9e8	ths
1450	8114e9e8	ths	bdrv_get_geometry(s->bs, &total_sectors);
1451	8114e9e8	ths	total_sectors >>= 2;
1452	8114e9e8	ths	if (total_sectors == 0)
1453	8114e9e8	ths	return -ASC_MEDIUM_NOT_PRESENT;
1454	8114e9e8	ths
1455	8114e9e8	ths	buf[4] = 1; /* DVD-ROM, part version 1 */
1456	8114e9e8	ths	buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1457	8114e9e8	ths	buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1458	8114e9e8	ths	buf[7] = 0; /* default densities */
1459	8114e9e8	ths
1460	8114e9e8	ths	/* FIXME: 0x30000 per spec? */
1461	8114e9e8	ths	cpu_to_ube32(buf + 8, 0); /* start sector */
1462	8114e9e8	ths	cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1463	8114e9e8	ths	cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1464	8114e9e8	ths
1465	8114e9e8	ths	/* Size of buffer, not including 2 byte size field */
1466	8114e9e8	ths	cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1467	8114e9e8	ths
1468	8114e9e8	ths	/* 2k data + 4 byte header */
1469	8114e9e8	ths	return (2048 + 4);
1470	8114e9e8	ths	}
1471	8114e9e8	ths
1472	8114e9e8	ths	case 0x01: /* DVD copyright information */
1473	8114e9e8	ths	buf[4] = 0; /* no copyright data */
1474	8114e9e8	ths	buf[5] = 0; /* no region restrictions */
1475	8114e9e8	ths
1476	8114e9e8	ths	/* Size of buffer, not including 2 byte size field */
1477	8114e9e8	ths	cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1478	8114e9e8	ths
1479	8114e9e8	ths	/* 4 byte header + 4 byte data */
1480	8114e9e8	ths	return (4 + 4);
1481	8114e9e8	ths
1482	8114e9e8	ths	case 0x03: /* BCA information - invalid field for no BCA info */
1483	8114e9e8	ths	return -ASC_INV_FIELD_IN_CMD_PACKET;
1484	8114e9e8	ths
1485	8114e9e8	ths	case 0x04: /* DVD disc manufacturing information */
1486	8114e9e8	ths	/* Size of buffer, not including 2 byte size field */
1487	8114e9e8	ths	cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1488	8114e9e8	ths
1489	8114e9e8	ths	/* 2k data + 4 byte header */
1490	8114e9e8	ths	return (2048 + 4);
1491	8114e9e8	ths
1492	8114e9e8	ths	case 0xff:
1493	8114e9e8	ths	/*
1494	8114e9e8	ths	* This lists all the command capabilities above. Add new ones
1495	8114e9e8	ths	* in order and update the length and buffer return values.
1496	8114e9e8	ths	*/
1497	8114e9e8	ths
1498	8114e9e8	ths	buf[4] = 0x00; /* Physical format */
1499	8114e9e8	ths	buf[5] = 0x40; /* Not writable, is readable */
1500	8114e9e8	ths	cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1501	8114e9e8	ths
1502	8114e9e8	ths	buf[8] = 0x01; /* Copyright info */
1503	8114e9e8	ths	buf[9] = 0x40; /* Not writable, is readable */
1504	8114e9e8	ths	cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1505	8114e9e8	ths
1506	8114e9e8	ths	buf[12] = 0x03; /* BCA info */
1507	8114e9e8	ths	buf[13] = 0x40; /* Not writable, is readable */
1508	8114e9e8	ths	cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1509	8114e9e8	ths
1510	8114e9e8	ths	buf[16] = 0x04; /* Manufacturing info */
1511	8114e9e8	ths	buf[17] = 0x40; /* Not writable, is readable */
1512	8114e9e8	ths	cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1513	8114e9e8	ths
1514	8114e9e8	ths	/* Size of buffer, not including 2 byte size field */
1515	8114e9e8	ths	cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1516	8114e9e8	ths
1517	8114e9e8	ths	/* data written + 4 byte header */
1518	8114e9e8	ths	return (16 + 4);
1519	8114e9e8	ths
1520	8114e9e8	ths	default: /* TODO: formats beyond DVD-ROM requires */
1521	8114e9e8	ths	return -ASC_INV_FIELD_IN_CMD_PACKET;
1522	8114e9e8	ths	}
1523	8114e9e8	ths	}
1524	8114e9e8	ths
1525	5391d806	bellard	static void ide_atapi_cmd(IDEState *s)
1526	5391d806	bellard	{
1527	5391d806	bellard	const uint8_t *packet;
1528	5391d806	bellard	uint8_t *buf;
1529	5391d806	bellard	int max_len;
1530	5391d806	bellard
1531	5391d806	bellard	packet = s->io_buffer;
1532	5391d806	bellard	buf = s->io_buffer;
1533	5391d806	bellard	#ifdef DEBUG_IDE_ATAPI
1534	5391d806	bellard	{
1535	5391d806	bellard	int i;
1536	5391d806	bellard	printf("ATAPI limit=0x%x packet:", s->lcyl \| (s->hcyl << 8));
1537	5391d806	bellard	for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1538	5391d806	bellard	printf(" %02x", packet[i]);
1539	5391d806	bellard	}
1540	5391d806	bellard	printf("\n");
1541	5391d806	bellard	}
1542	5391d806	bellard	#endif
1543	9118e7f0	aliguori	/* If there's a UNIT_ATTENTION condition pending, only
1544	9118e7f0	aliguori	REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1545	9118e7f0	aliguori	if (s->sense_key == SENSE_UNIT_ATTENTION &&
1546	9118e7f0	aliguori	s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1547	9118e7f0	aliguori	s->io_buffer[0] != GPCMD_INQUIRY) {
1548	9118e7f0	aliguori	ide_atapi_cmd_check_status(s);
1549	9118e7f0	aliguori	return;
1550	9118e7f0	aliguori	}
1551	5391d806	bellard	switch(s->io_buffer[0]) {
1552	5391d806	bellard	case GPCMD_TEST_UNIT_READY:
1553	caed8802	bellard	if (bdrv_is_inserted(s->bs)) {
1554	5391d806	bellard	ide_atapi_cmd_ok(s);
1555	5391d806	bellard	} else {
1556	5fafdf24	ths	ide_atapi_cmd_error(s, SENSE_NOT_READY,
1557	5391d806	bellard	ASC_MEDIUM_NOT_PRESENT);
1558	5391d806	bellard	}
1559	5391d806	bellard	break;
1560	d14049ea	ths	case GPCMD_MODE_SENSE_6:
1561	5391d806	bellard	case GPCMD_MODE_SENSE_10:
1562	5391d806	bellard	{
1563	5391d806	bellard	int action, code;
1564	d14049ea	ths	if (packet[0] == GPCMD_MODE_SENSE_10)
1565	d14049ea	ths	max_len = ube16_to_cpu(packet + 7);
1566	d14049ea	ths	else
1567	d14049ea	ths	max_len = packet[4];
1568	5391d806	bellard	action = packet[2] >> 6;
1569	5391d806	bellard	code = packet[2] & 0x3f;
1570	5391d806	bellard	switch(action) {
1571	5391d806	bellard	case 0: /* current values */
1572	5391d806	bellard	switch(code) {
1573	5391d806	bellard	case 0x01: /* error recovery */
1574	5391d806	bellard	cpu_to_ube16(&buf[0], 16 + 6);
1575	5391d806	bellard	buf[2] = 0x70;
1576	5391d806	bellard	buf[3] = 0;
1577	5391d806	bellard	buf[4] = 0;
1578	5391d806	bellard	buf[5] = 0;
1579	5391d806	bellard	buf[6] = 0;
1580	5391d806	bellard	buf[7] = 0;
1581	5391d806	bellard
1582	5391d806	bellard	buf[8] = 0x01;
1583	5391d806	bellard	buf[9] = 0x06;
1584	5391d806	bellard	buf[10] = 0x00;
1585	5391d806	bellard	buf[11] = 0x05;
1586	5391d806	bellard	buf[12] = 0x00;
1587	5391d806	bellard	buf[13] = 0x00;
1588	5391d806	bellard	buf[14] = 0x00;
1589	5391d806	bellard	buf[15] = 0x00;
1590	5391d806	bellard	ide_atapi_cmd_reply(s, 16, max_len);
1591	5391d806	bellard	break;
1592	5391d806	bellard	case 0x2a:
1593	5391d806	bellard	cpu_to_ube16(&buf[0], 28 + 6);
1594	5391d806	bellard	buf[2] = 0x70;
1595	5391d806	bellard	buf[3] = 0;
1596	5391d806	bellard	buf[4] = 0;
1597	5391d806	bellard	buf[5] = 0;
1598	5391d806	bellard	buf[6] = 0;
1599	5391d806	bellard	buf[7] = 0;
1600	5391d806	bellard
1601	5391d806	bellard	buf[8] = 0x2a;
1602	5391d806	bellard	buf[9] = 0x12;
1603	0d4a05a1	ths	buf[10] = 0x00;
1604	5391d806	bellard	buf[11] = 0x00;
1605	3b46e624	ths
1606	d5b4eb40	aliguori	/* Claim PLAY_AUDIO capability (0x01) since some Linux
1607	d5b4eb40	aliguori	code checks for this to automount media. */
1608	d5b4eb40	aliguori	buf[12] = 0x71;
1609	5391d806	bellard	buf[13] = 3 << 5;
1610	5391d806	bellard	buf[14] = (1 << 0) \| (1 << 3) \| (1 << 5);
1611	caed8802	bellard	if (bdrv_is_locked(s->bs))
1612	5391d806	bellard	buf[6] \|= 1 << 1;
1613	5391d806	bellard	buf[15] = 0x00;
1614	5391d806	bellard	cpu_to_ube16(&buf[16], 706);
1615	5391d806	bellard	buf[18] = 0;
1616	5391d806	bellard	buf[19] = 2;
1617	5391d806	bellard	cpu_to_ube16(&buf[20], 512);
1618	5391d806	bellard	cpu_to_ube16(&buf[22], 706);
1619	5391d806	bellard	buf[24] = 0;
1620	5391d806	bellard	buf[25] = 0;
1621	5391d806	bellard	buf[26] = 0;
1622	5391d806	bellard	buf[27] = 0;
1623	5391d806	bellard	ide_atapi_cmd_reply(s, 28, max_len);
1624	5391d806	bellard	break;
1625	5391d806	bellard	default:
1626	5391d806	bellard	goto error_cmd;
1627	5391d806	bellard	}
1628	5391d806	bellard	break;
1629	5391d806	bellard	case 1: /* changeable values */
1630	5391d806	bellard	goto error_cmd;
1631	5391d806	bellard	case 2: /* default values */
1632	5391d806	bellard	goto error_cmd;
1633	5391d806	bellard	default:
1634	5391d806	bellard	case 3: /* saved values */
1635	5fafdf24	ths	ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1636	5391d806	bellard	ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1637	5391d806	bellard	break;
1638	5391d806	bellard	}
1639	5391d806	bellard	}
1640	5391d806	bellard	break;
1641	5391d806	bellard	case GPCMD_REQUEST_SENSE:
1642	5391d806	bellard	max_len = packet[4];
1643	5391d806	bellard	memset(buf, 0, 18);
1644	5391d806	bellard	buf[0] = 0x70 \| (1 << 7);
1645	5391d806	bellard	buf[2] = s->sense_key;
1646	5391d806	bellard	buf[7] = 10;
1647	5391d806	bellard	buf[12] = s->asc;
1648	9118e7f0	aliguori	if (s->sense_key == SENSE_UNIT_ATTENTION)
1649	9118e7f0	aliguori	s->sense_key = SENSE_NONE;
1650	5391d806	bellard	ide_atapi_cmd_reply(s, 18, max_len);
1651	5391d806	bellard	break;
1652	5391d806	bellard	case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1653	caed8802	bellard	if (bdrv_is_inserted(s->bs)) {
1654	caed8802	bellard	bdrv_set_locked(s->bs, packet[4] & 1);
1655	5391d806	bellard	ide_atapi_cmd_ok(s);
1656	5391d806	bellard	} else {
1657	5fafdf24	ths	ide_atapi_cmd_error(s, SENSE_NOT_READY,
1658	5391d806	bellard	ASC_MEDIUM_NOT_PRESENT);
1659	5391d806	bellard	}
1660	5391d806	bellard	break;
1661	5391d806	bellard	case GPCMD_READ_10:
1662	5391d806	bellard	case GPCMD_READ_12:
1663	5391d806	bellard	{
1664	5391d806	bellard	int nb_sectors, lba;
1665	5391d806	bellard
1666	5391d806	bellard	if (packet[0] == GPCMD_READ_10)
1667	5391d806	bellard	nb_sectors = ube16_to_cpu(packet + 7);
1668	5391d806	bellard	else
1669	5391d806	bellard	nb_sectors = ube32_to_cpu(packet + 6);
1670	5391d806	bellard	lba = ube32_to_cpu(packet + 2);
1671	5391d806	bellard	if (nb_sectors == 0) {
1672	5391d806	bellard	ide_atapi_cmd_ok(s);
1673	5391d806	bellard	break;
1674	5391d806	bellard	}
1675	98087450	bellard	ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1676	98087450	bellard	}
1677	98087450	bellard	break;
1678	98087450	bellard	case GPCMD_READ_CD:
1679	98087450	bellard	{
1680	98087450	bellard	int nb_sectors, lba, transfer_request;
1681	98087450	bellard
1682	98087450	bellard	nb_sectors = (packet[6] << 16) \| (packet[7] << 8) \| packet[8];
1683	98087450	bellard	lba = ube32_to_cpu(packet + 2);
1684	98087450	bellard	if (nb_sectors == 0) {
1685	98087450	bellard	ide_atapi_cmd_ok(s);
1686	98087450	bellard	break;
1687	98087450	bellard	}
1688	98087450	bellard	transfer_request = packet[9];
1689	98087450	bellard	switch(transfer_request & 0xf8) {
1690	98087450	bellard	case 0x00:
1691	98087450	bellard	/* nothing */
1692	98087450	bellard	ide_atapi_cmd_ok(s);
1693	98087450	bellard	break;
1694	98087450	bellard	case 0x10:
1695	98087450	bellard	/* normal read */
1696	98087450	bellard	ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1697	98087450	bellard	break;
1698	98087450	bellard	case 0xf8:
1699	98087450	bellard	/* read all data */
1700	98087450	bellard	ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1701	98087450	bellard	break;
1702	98087450	bellard	default:
1703	5fafdf24	ths	ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1704	98087450	bellard	ASC_INV_FIELD_IN_CMD_PACKET);
1705	98087450	bellard	break;
1706	98087450	bellard	}
1707	5391d806	bellard	}
1708	5391d806	bellard	break;
1709	5391d806	bellard	case GPCMD_SEEK:
1710	5391d806	bellard	{
1711	96b8f136	ths	unsigned int lba;
1712	96b8f136	ths	uint64_t total_sectors;
1713	66c6ef76	bellard
1714	66c6ef76	bellard	bdrv_get_geometry(s->bs, &total_sectors);
1715	66c6ef76	bellard	total_sectors >>= 2;
1716	96b8f136	ths	if (total_sectors == 0) {
1717	5fafdf24	ths	ide_atapi_cmd_error(s, SENSE_NOT_READY,
1718	5391d806	bellard	ASC_MEDIUM_NOT_PRESENT);
1719	5391d806	bellard	break;
1720	5391d806	bellard	}
1721	5391d806	bellard	lba = ube32_to_cpu(packet + 2);
1722	66c6ef76	bellard	if (lba >= total_sectors) {
1723	5fafdf24	ths	ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1724	5391d806	bellard	ASC_LOGICAL_BLOCK_OOR);
1725	5391d806	bellard	break;
1726	5391d806	bellard	}
1727	5391d806	bellard	ide_atapi_cmd_ok(s);
1728	5391d806	bellard	}
1729	5391d806	bellard	break;
1730	5391d806	bellard	case GPCMD_START_STOP_UNIT:
1731	5391d806	bellard	{
1732	5391d806	bellard	int start, eject;
1733	5391d806	bellard	start = packet[4] & 1;
1734	5391d806	bellard	eject = (packet[4] >> 1) & 1;
1735	3b46e624	ths
1736	caed8802	bellard	if (eject && !start) {
1737	caed8802	bellard	/* eject the disk */
1738	66c6ef76	bellard	bdrv_eject(s->bs, 1);
1739	66c6ef76	bellard	} else if (eject && start) {
1740	66c6ef76	bellard	/* close the tray */
1741	66c6ef76	bellard	bdrv_eject(s->bs, 0);
1742	caed8802	bellard	}
1743	5391d806	bellard	ide_atapi_cmd_ok(s);
1744	5391d806	bellard	}
1745	5391d806	bellard	break;
1746	5391d806	bellard	case GPCMD_MECHANISM_STATUS:
1747	5391d806	bellard	{
1748	5391d806	bellard	max_len = ube16_to_cpu(packet + 8);
1749	5391d806	bellard	cpu_to_ube16(buf, 0);
1750	5391d806	bellard	/* no current LBA */
1751	5391d806	bellard	buf[2] = 0;
1752	5391d806	bellard	buf[3] = 0;
1753	5391d806	bellard	buf[4] = 0;
1754	5391d806	bellard	buf[5] = 1;
1755	5391d806	bellard	cpu_to_ube16(buf + 6, 0);
1756	5391d806	bellard	ide_atapi_cmd_reply(s, 8, max_len);
1757	5391d806	bellard	}
1758	5391d806	bellard	break;
1759	5391d806	bellard	case GPCMD_READ_TOC_PMA_ATIP:
1760	5391d806	bellard	{
1761	5391d806	bellard	int format, msf, start_track, len;
1762	96b8f136	ths	uint64_t total_sectors;
1763	5391d806	bellard
1764	66c6ef76	bellard	bdrv_get_geometry(s->bs, &total_sectors);
1765	66c6ef76	bellard	total_sectors >>= 2;
1766	96b8f136	ths	if (total_sectors == 0) {
1767	5fafdf24	ths	ide_atapi_cmd_error(s, SENSE_NOT_READY,
1768	5391d806	bellard	ASC_MEDIUM_NOT_PRESENT);
1769	5391d806	bellard	break;
1770	5391d806	bellard	}
1771	5391d806	bellard	max_len = ube16_to_cpu(packet + 7);
1772	5391d806	bellard	format = packet[9] >> 6;
1773	5391d806	bellard	msf = (packet[1] >> 1) & 1;
1774	5391d806	bellard	start_track = packet[6];
1775	5391d806	bellard	switch(format) {
1776	5391d806	bellard	case 0:
1777	66c6ef76	bellard	len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1778	5391d806	bellard	if (len < 0)
1779	5391d806	bellard	goto error_cmd;
1780	5391d806	bellard	ide_atapi_cmd_reply(s, len, max_len);
1781	5391d806	bellard	break;
1782	5391d806	bellard	case 1:
1783	5391d806	bellard	/* multi session : only a single session defined */
1784	5391d806	bellard	memset(buf, 0, 12);
1785	5391d806	bellard	buf[1] = 0x0a;
1786	5391d806	bellard	buf[2] = 0x01;
1787	5391d806	bellard	buf[3] = 0x01;
1788	5391d806	bellard	ide_atapi_cmd_reply(s, 12, max_len);
1789	5391d806	bellard	break;
1790	98087450	bellard	case 2:
1791	66c6ef76	bellard	len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1792	98087450	bellard	if (len < 0)
1793	98087450	bellard	goto error_cmd;
1794	98087450	bellard	ide_atapi_cmd_reply(s, len, max_len);
1795	98087450	bellard	break;
1796	5391d806	bellard	default:
1797	7f777bf3	bellard	error_cmd:
1798	5fafdf24	ths	ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1799	7f777bf3	bellard	ASC_INV_FIELD_IN_CMD_PACKET);
1800	7f777bf3	bellard	break;
1801	5391d806	bellard	}
1802	5391d806	bellard	}
1803	5391d806	bellard	break;
1804	5391d806	bellard	case GPCMD_READ_CDVD_CAPACITY:
1805	66c6ef76	bellard	{
1806	96b8f136	ths	uint64_t total_sectors;
1807	66c6ef76	bellard
1808	66c6ef76	bellard	bdrv_get_geometry(s->bs, &total_sectors);
1809	66c6ef76	bellard	total_sectors >>= 2;
1810	96b8f136	ths	if (total_sectors == 0) {
1811	5fafdf24	ths	ide_atapi_cmd_error(s, SENSE_NOT_READY,
1812	66c6ef76	bellard	ASC_MEDIUM_NOT_PRESENT);
1813	66c6ef76	bellard	break;
1814	66c6ef76	bellard	}
1815	66c6ef76	bellard	/* NOTE: it is really the number of sectors minus 1 */
1816	66c6ef76	bellard	cpu_to_ube32(buf, total_sectors - 1);
1817	66c6ef76	bellard	cpu_to_ube32(buf + 4, 2048);
1818	66c6ef76	bellard	ide_atapi_cmd_reply(s, 8, 8);
1819	5391d806	bellard	}
1820	5391d806	bellard	break;
1821	d14049ea	ths	case GPCMD_READ_DVD_STRUCTURE:
1822	d14049ea	ths	{
1823	d14049ea	ths	int media = packet[1];
1824	8114e9e8	ths	int format = packet[7];
1825	8114e9e8	ths	int ret;
1826	d14049ea	ths
1827	8114e9e8	ths	max_len = ube16_to_cpu(packet + 8);
1828	d14049ea	ths
1829	8114e9e8	ths	if (format < 0xff) {
1830	8114e9e8	ths	if (media_is_cd(s)) {
1831	8114e9e8	ths	ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1832	8114e9e8	ths	ASC_INCOMPATIBLE_FORMAT);
1833	8114e9e8	ths	break;
1834	8114e9e8	ths	} else if (!media_present(s)) {
1835	8114e9e8	ths	ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1836	8114e9e8	ths	ASC_INV_FIELD_IN_CMD_PACKET);
1837	8114e9e8	ths	break;
1838	8114e9e8	ths	}
1839	8114e9e8	ths	}
1840	d14049ea	ths
1841	8114e9e8	ths	memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1842	8114e9e8	ths	IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1843	d14049ea	ths
1844	8114e9e8	ths	switch (format) {
1845	8114e9e8	ths	case 0x00 ... 0x7f:
1846	8114e9e8	ths	case 0xff:
1847	8114e9e8	ths	if (media == 0) {
1848	8114e9e8	ths	ret = ide_dvd_read_structure(s, format, packet, buf);
1849	d14049ea	ths
1850	8114e9e8	ths	if (ret < 0)
1851	8114e9e8	ths	ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1852	8114e9e8	ths	else
1853	8114e9e8	ths	ide_atapi_cmd_reply(s, ret, max_len);
1854	d14049ea	ths
1855	8114e9e8	ths	break;
1856	8114e9e8	ths	}
1857	8114e9e8	ths	/* TODO: BD support, fall through for now */
1858	8114e9e8	ths
1859	8114e9e8	ths	/* Generic disk structures */
1860	8114e9e8	ths	case 0x80: /* TODO: AACS volume identifier */
1861	8114e9e8	ths	case 0x81: /* TODO: AACS media serial number */
1862	8114e9e8	ths	case 0x82: /* TODO: AACS media identifier */
1863	8114e9e8	ths	case 0x83: /* TODO: AACS media key block */
1864	8114e9e8	ths	case 0x90: /* TODO: List of recognized format layers */
1865	8114e9e8	ths	case 0xc0: /* TODO: Write protection status */
1866	d14049ea	ths	default:
1867	d14049ea	ths	ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1868	d14049ea	ths	ASC_INV_FIELD_IN_CMD_PACKET);
1869	d14049ea	ths	break;
1870	d14049ea	ths	}
1871	d14049ea	ths	}
1872	d14049ea	ths	break;
1873	d14049ea	ths	case GPCMD_SET_SPEED:
1874	d14049ea	ths	ide_atapi_cmd_ok(s);
1875	d14049ea	ths	break;
1876	bd0d90b2	bellard	case GPCMD_INQUIRY:
1877	bd0d90b2	bellard	max_len = packet[4];
1878	bd0d90b2	bellard	buf[0] = 0x05; /* CD-ROM */
1879	bd0d90b2	bellard	buf[1] = 0x80; /* removable */
1880	bd0d90b2	bellard	buf[2] = 0x00; /* ISO */
1881	bd0d90b2	bellard	buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1882	aa1f17c1	ths	buf[4] = 31; /* additional length */
1883	bd0d90b2	bellard	buf[5] = 0; /* reserved */
1884	bd0d90b2	bellard	buf[6] = 0; /* reserved */
1885	bd0d90b2	bellard	buf[7] = 0; /* reserved */
1886	bd0d90b2	bellard	padstr8(buf + 8, 8, "QEMU");
1887	38cdea7c	balrog	padstr8(buf + 16, 16, "QEMU DVD-ROM");
1888	bd0d90b2	bellard	padstr8(buf + 32, 4, QEMU_VERSION);
1889	bd0d90b2	bellard	ide_atapi_cmd_reply(s, 36, max_len);
1890	bd0d90b2	bellard	break;
1891	d14049ea	ths	case GPCMD_GET_CONFIGURATION:
1892	d14049ea	ths	{
1893	38cdea7c	balrog	uint32_t len;
1894	091d055b	balrog	uint8_t index = 0;
1895	d14049ea	ths
1896	d14049ea	ths	/* only feature 0 is supported */
1897	d14049ea	ths	if (packet[2] != 0 \|\| packet[3] != 0) {
1898	d14049ea	ths	ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1899	d14049ea	ths	ASC_INV_FIELD_IN_CMD_PACKET);
1900	d14049ea	ths	break;
1901	d14049ea	ths	}
1902	38cdea7c	balrog
1903	38cdea7c	balrog	/* XXX: could result in alignment problems in some architectures */
1904	38cdea7c	balrog	max_len = ube16_to_cpu(packet + 7);
1905	091d055b	balrog
1906	38cdea7c	balrog	/*
1907	091d055b	balrog	* XXX: avoid overflow for io_buffer if max_len is bigger than
1908	091d055b	balrog	* the size of that buffer (dimensioned to max number of
1909	091d055b	balrog	* sectors to transfer at once)
1910	38cdea7c	balrog	*
1911	091d055b	balrog	* Only a problem if the feature/profiles grow.
1912	38cdea7c	balrog	*/
1913	38cdea7c	balrog	if (max_len > 512) /* XXX: assume 1 sector */
1914	38cdea7c	balrog	max_len = 512;
1915	38cdea7c	balrog
1916	38cdea7c	balrog	memset(buf, 0, max_len);
1917	38cdea7c	balrog	/*
1918	38cdea7c	balrog	* the number of sectors from the media tells us which profile
1919	38cdea7c	balrog	* to use as current. 0 means there is no media
1920	38cdea7c	balrog	*/
1921	8114e9e8	ths	if (media_is_dvd(s))
1922	8114e9e8	ths	cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1923	8114e9e8	ths	else if (media_is_cd(s))
1924	8114e9e8	ths	cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1925	38cdea7c	balrog
1926	091d055b	balrog	buf[10] = 0x02 \| 0x01; /* persistent and current */
1927	091d055b	balrog	len = 12; /* headers: 8 + 4 */
1928	091d055b	balrog	len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1929	091d055b	balrog	len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1930	38cdea7c	balrog	cpu_to_ube32(buf, len - 4); /* data length */
1931	38cdea7c	balrog
1932	38cdea7c	balrog	ide_atapi_cmd_reply(s, len, max_len);
1933	d14049ea	ths	break;
1934	d14049ea	ths	}
1935	5391d806	bellard	default:
1936	5fafdf24	ths	ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1937	7f777bf3	bellard	ASC_ILLEGAL_OPCODE);
1938	5391d806	bellard	break;
1939	5391d806	bellard	}
1940	5391d806	bellard	}
1941	5391d806	bellard
1942	201a51fc	balrog	static void ide_cfata_metadata_inquiry(IDEState *s)
1943	201a51fc	balrog	{
1944	201a51fc	balrog	uint16_t *p;
1945	201a51fc	balrog	uint32_t spd;
1946	201a51fc	balrog
1947	201a51fc	balrog	p = (uint16_t *) s->io_buffer;
1948	201a51fc	balrog	memset(p, 0, 0x200);
1949	201a51fc	balrog	spd = ((s->mdata_size - 1) >> 9) + 1;
1950	201a51fc	balrog
1951	201a51fc	balrog	put_le16(p + 0, 0x0001); /* Data format revision */
1952	201a51fc	balrog	put_le16(p + 1, 0x0000); /* Media property: silicon */
1953	201a51fc	balrog	put_le16(p + 2, s->media_changed); /* Media status */
1954	201a51fc	balrog	put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1955	201a51fc	balrog	put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1956	201a51fc	balrog	put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1957	201a51fc	balrog	put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1958	201a51fc	balrog	}
1959	201a51fc	balrog
1960	201a51fc	balrog	static void ide_cfata_metadata_read(IDEState *s)
1961	201a51fc	balrog	{
1962	201a51fc	balrog	uint16_t *p;
1963	201a51fc	balrog
1964	201a51fc	balrog	if (((s->hcyl << 16) \| s->lcyl) << 9 > s->mdata_size + 2) {
1965	201a51fc	balrog	s->status = ERR_STAT;
1966	201a51fc	balrog	s->error = ABRT_ERR;
1967	201a51fc	balrog	return;
1968	201a51fc	balrog	}
1969	201a51fc	balrog
1970	201a51fc	balrog	p = (uint16_t *) s->io_buffer;
1971	201a51fc	balrog	memset(p, 0, 0x200);
1972	201a51fc	balrog
1973	201a51fc	balrog	put_le16(p + 0, s->media_changed); /* Media status */
1974	201a51fc	balrog	memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) \| s->lcyl) << 9),
1975	201a51fc	balrog	MIN(MIN(s->mdata_size - (((s->hcyl << 16) \| s->lcyl) << 9),
1976	201a51fc	balrog	s->nsector << 9), 0x200 - 2));
1977	201a51fc	balrog	}
1978	201a51fc	balrog
1979	201a51fc	balrog	static void ide_cfata_metadata_write(IDEState *s)
1980	201a51fc	balrog	{
1981	201a51fc	balrog	if (((s->hcyl << 16) \| s->lcyl) << 9 > s->mdata_size + 2) {
1982	201a51fc	balrog	s->status = ERR_STAT;
1983	201a51fc	balrog	s->error = ABRT_ERR;
1984	201a51fc	balrog	return;
1985	201a51fc	balrog	}
1986	201a51fc	balrog
1987	201a51fc	balrog	s->media_changed = 0;
1988	201a51fc	balrog
1989	201a51fc	balrog	memcpy(s->mdata_storage + (((s->hcyl << 16) \| s->lcyl) << 9),
1990	201a51fc	balrog	s->io_buffer + 2,
1991	201a51fc	balrog	MIN(MIN(s->mdata_size - (((s->hcyl << 16) \| s->lcyl) << 9),
1992	201a51fc	balrog	s->nsector << 9), 0x200 - 2));
1993	201a51fc	balrog	}
1994	201a51fc	balrog
1995	bd491d6a	ths	/* called when the inserted state of the media has changed */
1996	bd491d6a	ths	static void cdrom_change_cb(void *opaque)
1997	bd491d6a	ths	{
1998	bd491d6a	ths	IDEState *s = opaque;
1999	96b8f136	ths	uint64_t nb_sectors;
2000	bd491d6a	ths
2001	bd491d6a	ths	bdrv_get_geometry(s->bs, &nb_sectors);
2002	bd491d6a	ths	s->nb_sectors = nb_sectors;
2003	9118e7f0	aliguori
2004	9118e7f0	aliguori	s->sense_key = SENSE_UNIT_ATTENTION;
2005	9118e7f0	aliguori	s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
2006	9118e7f0	aliguori
2007	9118e7f0	aliguori	ide_set_irq(s);
2008	bd491d6a	ths	}
2009	bd491d6a	ths
2010	c2ff060f	bellard	static void ide_cmd_lba48_transform(IDEState *s, int lba48)
2011	c2ff060f	bellard	{
2012	c2ff060f	bellard	s->lba48 = lba48;
2013	c2ff060f	bellard
2014	c2ff060f	bellard	/* handle the 'magic' 0 nsector count conversion here. to avoid
2015	c2ff060f	bellard	* fiddling with the rest of the read logic, we just store the
2016	c2ff060f	bellard	* full sector count in ->nsector and ignore ->hob_nsector from now
2017	c2ff060f	bellard	*/
2018	c2ff060f	bellard	if (!s->lba48) {
2019	c2ff060f	bellard	if (!s->nsector)
2020	c2ff060f	bellard	s->nsector = 256;
2021	c2ff060f	bellard	} else {
2022	c2ff060f	bellard	if (!s->nsector && !s->hob_nsector)
2023	c2ff060f	bellard	s->nsector = 65536;
2024	c2ff060f	bellard	else {
2025	c2ff060f	bellard	int lo = s->nsector;
2026	c2ff060f	bellard	int hi = s->hob_nsector;
2027	c2ff060f	bellard
2028	c2ff060f	bellard	s->nsector = (hi << 8) \| lo;
2029	c2ff060f	bellard	}
2030	c2ff060f	bellard	}
2031	c2ff060f	bellard	}
2032	c2ff060f	bellard
2033	c2ff060f	bellard	static void ide_clear_hob(IDEState *ide_if)
2034	c2ff060f	bellard	{
2035	c2ff060f	bellard	/* any write clears HOB high bit of device control register */
2036	c2ff060f	bellard	ide_if[0].select &= ~(1 << 7);
2037	c2ff060f	bellard	ide_if[1].select &= ~(1 << 7);
2038	c2ff060f	bellard	}
2039	c2ff060f	bellard
2040	caed8802	bellard	static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
2041	caed8802	bellard	{
2042	caed8802	bellard	IDEState *ide_if = opaque;
2043	c45c3d00	bellard	IDEState *s;
2044	5391d806	bellard	int unit, n;
2045	c2ff060f	bellard	int lba48 = 0;
2046	5391d806	bellard
2047	5391d806	bellard	#ifdef DEBUG_IDE
2048	5391d806	bellard	printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
2049	5391d806	bellard	#endif
2050	c2ff060f	bellard
2051	5391d806	bellard	addr &= 7;
2052	fcdd25ab	aliguori
2053	fcdd25ab	aliguori	/* ignore writes to command block while busy with previous command */
2054	fcdd25ab	aliguori	if (addr != 7 && (ide_if->cur_drive->status & (BUSY_STAT\|DRQ_STAT)))
2055	fcdd25ab	aliguori	return;
2056	fcdd25ab	aliguori
2057	5391d806	bellard	switch(addr) {
2058	5391d806	bellard	case 0:
2059	5391d806	bellard	break;
2060	5391d806	bellard	case 1:
2061	c2ff060f	bellard	ide_clear_hob(ide_if);
2062	c45c3d00	bellard	/* NOTE: data is written to the two drives */
2063	c2ff060f	bellard	ide_if[0].hob_feature = ide_if[0].feature;
2064	c2ff060f	bellard	ide_if[1].hob_feature = ide_if[1].feature;
2065	c45c3d00	bellard	ide_if[0].feature = val;
2066	c45c3d00	bellard	ide_if[1].feature = val;
2067	5391d806	bellard	break;
2068	5391d806	bellard	case 2:
2069	c2ff060f	bellard	ide_clear_hob(ide_if);
2070	c2ff060f	bellard	ide_if[0].hob_nsector = ide_if[0].nsector;
2071	c2ff060f	bellard	ide_if[1].hob_nsector = ide_if[1].nsector;
2072	c45c3d00	bellard	ide_if[0].nsector = val;
2073	c45c3d00	bellard	ide_if[1].nsector = val;
2074	5391d806	bellard	break;
2075	5391d806	bellard	case 3:
2076	c2ff060f	bellard	ide_clear_hob(ide_if);
2077	c2ff060f	bellard	ide_if[0].hob_sector = ide_if[0].sector;
2078	c2ff060f	bellard	ide_if[1].hob_sector = ide_if[1].sector;
2079	c45c3d00	bellard	ide_if[0].sector = val;
2080	c45c3d00	bellard	ide_if[1].sector = val;
2081	5391d806	bellard	break;
2082	5391d806	bellard	case 4:
2083	c2ff060f	bellard	ide_clear_hob(ide_if);
2084	c2ff060f	bellard	ide_if[0].hob_lcyl = ide_if[0].lcyl;
2085	c2ff060f	bellard	ide_if[1].hob_lcyl = ide_if[1].lcyl;
2086	c45c3d00	bellard	ide_if[0].lcyl = val;
2087	c45c3d00	bellard	ide_if[1].lcyl = val;
2088	5391d806	bellard	break;
2089	5391d806	bellard	case 5:
2090	c2ff060f	bellard	ide_clear_hob(ide_if);
2091	c2ff060f	bellard	ide_if[0].hob_hcyl = ide_if[0].hcyl;
2092	c2ff060f	bellard	ide_if[1].hob_hcyl = ide_if[1].hcyl;
2093	c45c3d00	bellard	ide_if[0].hcyl = val;
2094	c45c3d00	bellard	ide_if[1].hcyl = val;
2095	5391d806	bellard	break;
2096	5391d806	bellard	case 6:
2097	c2ff060f	bellard	/* FIXME: HOB readback uses bit 7 */
2098	7ae98627	bellard	ide_if[0].select = (val & ~0x10) \| 0xa0;
2099	7ae98627	bellard	ide_if[1].select = (val \| 0x10) \| 0xa0;
2100	5391d806	bellard	/* select drive */
2101	5391d806	bellard	unit = (val >> 4) & 1;
2102	5391d806	bellard	s = ide_if + unit;
2103	5391d806	bellard	ide_if->cur_drive = s;
2104	5391d806	bellard	break;
2105	5391d806	bellard	default:
2106	5391d806	bellard	case 7:
2107	5391d806	bellard	/* command */
2108	5391d806	bellard	#if defined(DEBUG_IDE)
2109	5391d806	bellard	printf("ide: CMD=%02x\n", val);
2110	5391d806	bellard	#endif
2111	c45c3d00	bellard	s = ide_if->cur_drive;
2112	66201e2d	bellard	/* ignore commands to non existant slave */
2113	5fafdf24	ths	if (s != ide_if && !s->bs)
2114	66201e2d	bellard	break;
2115	c2ff060f	bellard
2116	fcdd25ab	aliguori	/* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
2117	fcdd25ab	aliguori	if ((s->status & (BUSY_STAT\|DRQ_STAT)) && val != WIN_DEVICE_RESET)
2118	fcdd25ab	aliguori	break;
2119	fcdd25ab	aliguori
2120	5391d806	bellard	switch(val) {
2121	5391d806	bellard	case WIN_IDENTIFY:
2122	5391d806	bellard	if (s->bs && !s->is_cdrom) {
2123	201a51fc	balrog	if (!s->is_cf)
2124	201a51fc	balrog	ide_identify(s);
2125	201a51fc	balrog	else
2126	201a51fc	balrog	ide_cfata_identify(s);
2127	2a282056	bellard	s->status = READY_STAT \| SEEK_STAT;
2128	5391d806	bellard	ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2129	5391d806	bellard	} else {
2130	5391d806	bellard	if (s->is_cdrom) {
2131	5391d806	bellard	ide_set_signature(s);
2132	5391d806	bellard	}
2133	5391d806	bellard	ide_abort_command(s);
2134	5391d806	bellard	}
2135	5391d806	bellard	ide_set_irq(s);
2136	5391d806	bellard	break;
2137	5391d806	bellard	case WIN_SPECIFY:
2138	5391d806	bellard	case WIN_RECAL:
2139	a136e5a8	bellard	s->error = 0;
2140	769bec72	bellard	s->status = READY_STAT \| SEEK_STAT;
2141	5391d806	bellard	ide_set_irq(s);
2142	5391d806	bellard	break;
2143	5391d806	bellard	case WIN_SETMULT:
2144	201a51fc	balrog	if (s->is_cf && s->nsector == 0) {
2145	201a51fc	balrog	/* Disable Read and Write Multiple */
2146	201a51fc	balrog	s->mult_sectors = 0;
2147	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
2148	201a51fc	balrog	} else if ((s->nsector & 0xff) != 0 &&
2149	39dfc926	ths	((s->nsector & 0xff) > MAX_MULT_SECTORS \|\|
2150	39dfc926	ths	(s->nsector & (s->nsector - 1)) != 0)) {
2151	5391d806	bellard	ide_abort_command(s);
2152	5391d806	bellard	} else {
2153	292eef5a	ths	s->mult_sectors = s->nsector & 0xff;
2154	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
2155	5391d806	bellard	}
2156	5391d806	bellard	ide_set_irq(s);
2157	5391d806	bellard	break;
2158	c2ff060f	bellard	case WIN_VERIFY_EXT:
2159	c2ff060f	bellard	lba48 = 1;
2160	4ce900b4	bellard	case WIN_VERIFY:
2161	4ce900b4	bellard	case WIN_VERIFY_ONCE:
2162	4ce900b4	bellard	/* do sector number check ? */
2163	c2ff060f	bellard	ide_cmd_lba48_transform(s, lba48);
2164	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
2165	4ce900b4	bellard	ide_set_irq(s);
2166	4ce900b4	bellard	break;
2167	c2ff060f	bellard	case WIN_READ_EXT:
2168	c2ff060f	bellard	lba48 = 1;
2169	5391d806	bellard	case WIN_READ:
2170	5391d806	bellard	case WIN_READ_ONCE:
2171	5fafdf24	ths	if (!s->bs)
2172	6b136f9e	bellard	goto abort_cmd;
2173	c2ff060f	bellard	ide_cmd_lba48_transform(s, lba48);
2174	5391d806	bellard	s->req_nb_sectors = 1;
2175	5391d806	bellard	ide_sector_read(s);
2176	5391d806	bellard	break;
2177	c2ff060f	bellard	case WIN_WRITE_EXT:
2178	c2ff060f	bellard	lba48 = 1;
2179	5391d806	bellard	case WIN_WRITE:
2180	5391d806	bellard	case WIN_WRITE_ONCE:
2181	201a51fc	balrog	case CFA_WRITE_SECT_WO_ERASE:
2182	201a51fc	balrog	case WIN_WRITE_VERIFY:
2183	c2ff060f	bellard	ide_cmd_lba48_transform(s, lba48);
2184	a136e5a8	bellard	s->error = 0;
2185	f66723fa	bellard	s->status = SEEK_STAT \| READY_STAT;
2186	5391d806	bellard	s->req_nb_sectors = 1;
2187	5391d806	bellard	ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
2188	201a51fc	balrog	s->media_changed = 1;
2189	5391d806	bellard	break;
2190	c2ff060f	bellard	case WIN_MULTREAD_EXT:
2191	c2ff060f	bellard	lba48 = 1;
2192	5391d806	bellard	case WIN_MULTREAD:
2193	5391d806	bellard	if (!s->mult_sectors)
2194	5391d806	bellard	goto abort_cmd;
2195	c2ff060f	bellard	ide_cmd_lba48_transform(s, lba48);
2196	5391d806	bellard	s->req_nb_sectors = s->mult_sectors;
2197	5391d806	bellard	ide_sector_read(s);
2198	5391d806	bellard	break;
2199	c2ff060f	bellard	case WIN_MULTWRITE_EXT:
2200	c2ff060f	bellard	lba48 = 1;
2201	5391d806	bellard	case WIN_MULTWRITE:
2202	201a51fc	balrog	case CFA_WRITE_MULTI_WO_ERASE:
2203	5391d806	bellard	if (!s->mult_sectors)
2204	5391d806	bellard	goto abort_cmd;
2205	c2ff060f	bellard	ide_cmd_lba48_transform(s, lba48);
2206	a136e5a8	bellard	s->error = 0;
2207	f66723fa	bellard	s->status = SEEK_STAT \| READY_STAT;
2208	5391d806	bellard	s->req_nb_sectors = s->mult_sectors;
2209	5391d806	bellard	n = s->nsector;
2210	5391d806	bellard	if (n > s->req_nb_sectors)
2211	5391d806	bellard	n = s->req_nb_sectors;
2212	5391d806	bellard	ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
2213	201a51fc	balrog	s->media_changed = 1;
2214	5391d806	bellard	break;
2215	c2ff060f	bellard	case WIN_READDMA_EXT:
2216	c2ff060f	bellard	lba48 = 1;
2217	98087450	bellard	case WIN_READDMA:
2218	98087450	bellard	case WIN_READDMA_ONCE:
2219	5fafdf24	ths	if (!s->bs)
2220	98087450	bellard	goto abort_cmd;
2221	c2ff060f	bellard	ide_cmd_lba48_transform(s, lba48);
2222	98087450	bellard	ide_sector_read_dma(s);
2223	98087450	bellard	break;
2224	c2ff060f	bellard	case WIN_WRITEDMA_EXT:
2225	c2ff060f	bellard	lba48 = 1;
2226	98087450	bellard	case WIN_WRITEDMA:
2227	98087450	bellard	case WIN_WRITEDMA_ONCE:
2228	5fafdf24	ths	if (!s->bs)
2229	98087450	bellard	goto abort_cmd;
2230	c2ff060f	bellard	ide_cmd_lba48_transform(s, lba48);
2231	98087450	bellard	ide_sector_write_dma(s);
2232	201a51fc	balrog	s->media_changed = 1;
2233	98087450	bellard	break;
2234	c2ff060f	bellard	case WIN_READ_NATIVE_MAX_EXT:
2235	c2ff060f	bellard	lba48 = 1;
2236	5391d806	bellard	case WIN_READ_NATIVE_MAX:
2237	c2ff060f	bellard	ide_cmd_lba48_transform(s, lba48);
2238	5391d806	bellard	ide_set_sector(s, s->nb_sectors - 1);
2239	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
2240	5391d806	bellard	ide_set_irq(s);
2241	5391d806	bellard	break;
2242	a136e5a8	bellard	case WIN_CHECKPOWERMODE1:
2243	201a51fc	balrog	case WIN_CHECKPOWERMODE2:
2244	a136e5a8	bellard	s->nsector = 0xff; /* device active or idle */
2245	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
2246	a136e5a8	bellard	ide_set_irq(s);
2247	a136e5a8	bellard	break;
2248	34e538ae	bellard	case WIN_SETFEATURES:
2249	34e538ae	bellard	if (!s->bs)
2250	34e538ae	bellard	goto abort_cmd;
2251	34e538ae	bellard	/* XXX: valid for CDROM ? */
2252	34e538ae	bellard	switch(s->feature) {
2253	e1f63470	ths	case 0xcc: /* reverting to power-on defaults enable */
2254	e1f63470	ths	case 0x66: /* reverting to power-on defaults disable */
2255	34e538ae	bellard	case 0x02: /* write cache enable */
2256	34e538ae	bellard	case 0x82: /* write cache disable */
2257	34e538ae	bellard	case 0xaa: /* read look-ahead enable */
2258	34e538ae	bellard	case 0x55: /* read look-ahead disable */
2259	201a51fc	balrog	case 0x05: /* set advanced power management mode */
2260	201a51fc	balrog	case 0x85: /* disable advanced power management mode */
2261	201a51fc	balrog	case 0x69: /* NOP */
2262	201a51fc	balrog	case 0x67: /* NOP */
2263	201a51fc	balrog	case 0x96: /* NOP */
2264	201a51fc	balrog	case 0x9a: /* NOP */
2265	c3e88d8c	ths	case 0x42: /* enable Automatic Acoustic Mode */
2266	c3e88d8c	ths	case 0xc2: /* disable Automatic Acoustic Mode */
2267	e0fe67aa	bellard	s->status = READY_STAT \| SEEK_STAT;
2268	34e538ae	bellard	ide_set_irq(s);
2269	34e538ae	bellard	break;
2270	94458802	bellard	case 0x03: { /* set transfer mode */
2271	94458802	bellard	uint8_t val = s->nsector & 0x07;
2272	94458802	bellard
2273	94458802	bellard	switch (s->nsector >> 3) {
2274	94458802	bellard	case 0x00: /* pio default */
2275	94458802	bellard	case 0x01: /* pio mode */
2276	d1b5c20d	ths	put_le16(s->identify_data + 62,0x07);
2277	d1b5c20d	ths	put_le16(s->identify_data + 63,0x07);
2278	d1b5c20d	ths	put_le16(s->identify_data + 88,0x3f);
2279	d1b5c20d	ths	break;
2280	d1b5c20d	ths	case 0x02: /* sigle word dma mode*/
2281	d1b5c20d	ths	put_le16(s->identify_data + 62,0x07 \| (1 << (val + 8)));
2282	94458802	bellard	put_le16(s->identify_data + 63,0x07);
2283	94458802	bellard	put_le16(s->identify_data + 88,0x3f);
2284	94458802	bellard	break;
2285	94458802	bellard	case 0x04: /* mdma mode */
2286	d1b5c20d	ths	put_le16(s->identify_data + 62,0x07);
2287	94458802	bellard	put_le16(s->identify_data + 63,0x07 \| (1 << (val + 8)));
2288	94458802	bellard	put_le16(s->identify_data + 88,0x3f);
2289	94458802	bellard	break;
2290	94458802	bellard	case 0x08: /* udma mode */
2291	d1b5c20d	ths	put_le16(s->identify_data + 62,0x07);
2292	94458802	bellard	put_le16(s->identify_data + 63,0x07);
2293	94458802	bellard	put_le16(s->identify_data + 88,0x3f \| (1 << (val + 8)));
2294	94458802	bellard	break;
2295	94458802	bellard	default:
2296	94458802	bellard	goto abort_cmd;
2297	94458802	bellard	}
2298	94458802	bellard	s->status = READY_STAT \| SEEK_STAT;
2299	94458802	bellard	ide_set_irq(s);
2300	94458802	bellard	break;
2301	94458802	bellard	}
2302	34e538ae	bellard	default:
2303	34e538ae	bellard	goto abort_cmd;
2304	34e538ae	bellard	}
2305	34e538ae	bellard	break;
2306	c2ff060f	bellard	case WIN_FLUSH_CACHE:
2307	c2ff060f	bellard	case WIN_FLUSH_CACHE_EXT:
2308	7a6cba61	pbrook	if (s->bs)
2309	7a6cba61	pbrook	bdrv_flush(s->bs);
2310	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
2311	7a6cba61	pbrook	ide_set_irq(s);
2312	7a6cba61	pbrook	break;
2313	c3e88d8c	ths	case WIN_STANDBY:
2314	c3e88d8c	ths	case WIN_STANDBY2:
2315	c3e88d8c	ths	case WIN_STANDBYNOW1:
2316	201a51fc	balrog	case WIN_STANDBYNOW2:
2317	c451ee71	bellard	case WIN_IDLEIMMEDIATE:
2318	201a51fc	balrog	case CFA_IDLEIMMEDIATE:
2319	201a51fc	balrog	case WIN_SETIDLE1:
2320	201a51fc	balrog	case WIN_SETIDLE2:
2321	c3e88d8c	ths	case WIN_SLEEPNOW1:
2322	c3e88d8c	ths	case WIN_SLEEPNOW2:
2323	c3e88d8c	ths	s->status = READY_STAT;
2324	a7dfe172	bellard	ide_set_irq(s);
2325	a7dfe172	bellard	break;
2326	5391d806	bellard	/* ATAPI commands */
2327	5391d806	bellard	case WIN_PIDENTIFY:
2328	5391d806	bellard	if (s->is_cdrom) {
2329	5391d806	bellard	ide_atapi_identify(s);
2330	1298fe63	bellard	s->status = READY_STAT \| SEEK_STAT;
2331	5391d806	bellard	ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2332	5391d806	bellard	} else {
2333	5391d806	bellard	ide_abort_command(s);
2334	5391d806	bellard	}
2335	5391d806	bellard	ide_set_irq(s);
2336	5391d806	bellard	break;
2337	c451ee71	bellard	case WIN_DIAGNOSE:
2338	c451ee71	bellard	ide_set_signature(s);
2339	33256a25	aliguori	if (s->is_cdrom)
2340	33256a25	aliguori	s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2341	33256a25	aliguori	* devices to return a clear status register
2342	33256a25	aliguori	* with READY_STAT not set. */
2343	33256a25	aliguori	else
2344	33256a25	aliguori	s->status = READY_STAT \| SEEK_STAT;
2345	33256a25	aliguori	s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2346	33256a25	aliguori	* present.
2347	33256a25	aliguori	*/
2348	f5fdd0a8	balrog	ide_set_irq(s);
2349	c451ee71	bellard	break;
2350	5391d806	bellard	case WIN_SRST:
2351	5391d806	bellard	if (!s->is_cdrom)
2352	5391d806	bellard	goto abort_cmd;
2353	5391d806	bellard	ide_set_signature(s);
2354	6b136f9e	bellard	s->status = 0x00; /* NOTE: READY is _not_ set */
2355	5391d806	bellard	s->error = 0x01;
2356	5391d806	bellard	break;
2357	5391d806	bellard	case WIN_PACKETCMD:
2358	5391d806	bellard	if (!s->is_cdrom)
2359	5391d806	bellard	goto abort_cmd;
2360	98087450	bellard	/* overlapping commands not supported */
2361	98087450	bellard	if (s->feature & 0x02)
2362	5391d806	bellard	goto abort_cmd;
2363	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
2364	98087450	bellard	s->atapi_dma = s->feature & 1;
2365	5391d806	bellard	s->nsector = 1;
2366	5fafdf24	ths	ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2367	5391d806	bellard	ide_atapi_cmd);
2368	5391d806	bellard	break;
2369	201a51fc	balrog	/* CF-ATA commands */
2370	201a51fc	balrog	case CFA_REQ_EXT_ERROR_CODE:
2371	201a51fc	balrog	if (!s->is_cf)
2372	201a51fc	balrog	goto abort_cmd;
2373	201a51fc	balrog	s->error = 0x09; /* miscellaneous error */
2374	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
2375	201a51fc	balrog	ide_set_irq(s);
2376	201a51fc	balrog	break;
2377	201a51fc	balrog	case CFA_ERASE_SECTORS:
2378	201a51fc	balrog	case CFA_WEAR_LEVEL:
2379	201a51fc	balrog	if (!s->is_cf)
2380	201a51fc	balrog	goto abort_cmd;
2381	201a51fc	balrog	if (val == CFA_WEAR_LEVEL)
2382	201a51fc	balrog	s->nsector = 0;
2383	201a51fc	balrog	if (val == CFA_ERASE_SECTORS)
2384	201a51fc	balrog	s->media_changed = 1;
2385	201a51fc	balrog	s->error = 0x00;
2386	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
2387	201a51fc	balrog	ide_set_irq(s);
2388	201a51fc	balrog	break;
2389	201a51fc	balrog	case CFA_TRANSLATE_SECTOR:
2390	201a51fc	balrog	if (!s->is_cf)
2391	201a51fc	balrog	goto abort_cmd;
2392	201a51fc	balrog	s->error = 0x00;
2393	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
2394	201a51fc	balrog	memset(s->io_buffer, 0, 0x200);
2395	201a51fc	balrog	s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2396	201a51fc	balrog	s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2397	201a51fc	balrog	s->io_buffer[0x02] = s->select; /* Head */
2398	201a51fc	balrog	s->io_buffer[0x03] = s->sector; /* Sector */
2399	201a51fc	balrog	s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2400	201a51fc	balrog	s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2401	201a51fc	balrog	s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2402	201a51fc	balrog	s->io_buffer[0x13] = 0x00; /* Erase flag */
2403	201a51fc	balrog	s->io_buffer[0x18] = 0x00; /* Hot count */
2404	201a51fc	balrog	s->io_buffer[0x19] = 0x00; /* Hot count */
2405	201a51fc	balrog	s->io_buffer[0x1a] = 0x01; /* Hot count */
2406	201a51fc	balrog	ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2407	201a51fc	balrog	ide_set_irq(s);
2408	201a51fc	balrog	break;
2409	201a51fc	balrog	case CFA_ACCESS_METADATA_STORAGE:
2410	201a51fc	balrog	if (!s->is_cf)
2411	201a51fc	balrog	goto abort_cmd;
2412	201a51fc	balrog	switch (s->feature) {
2413	201a51fc	balrog	case 0x02: /* Inquiry Metadata Storage */
2414	201a51fc	balrog	ide_cfata_metadata_inquiry(s);
2415	201a51fc	balrog	break;
2416	201a51fc	balrog	case 0x03: /* Read Metadata Storage */
2417	201a51fc	balrog	ide_cfata_metadata_read(s);
2418	201a51fc	balrog	break;
2419	201a51fc	balrog	case 0x04: /* Write Metadata Storage */
2420	201a51fc	balrog	ide_cfata_metadata_write(s);
2421	201a51fc	balrog	break;
2422	201a51fc	balrog	default:
2423	201a51fc	balrog	goto abort_cmd;
2424	201a51fc	balrog	}
2425	201a51fc	balrog	ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2426	201a51fc	balrog	s->status = 0x00; /* NOTE: READY is _not_ set */
2427	201a51fc	balrog	ide_set_irq(s);
2428	201a51fc	balrog	break;
2429	201a51fc	balrog	case IBM_SENSE_CONDITION:
2430	201a51fc	balrog	if (!s->is_cf)
2431	201a51fc	balrog	goto abort_cmd;
2432	201a51fc	balrog	switch (s->feature) {
2433	201a51fc	balrog	case 0x01: /* sense temperature in device */
2434	201a51fc	balrog	s->nsector = 0x50; /* +20 C */
2435	201a51fc	balrog	break;
2436	201a51fc	balrog	default:
2437	201a51fc	balrog	goto abort_cmd;
2438	201a51fc	balrog	}
2439	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
2440	201a51fc	balrog	ide_set_irq(s);
2441	201a51fc	balrog	break;
2442	5391d806	bellard	default:
2443	5391d806	bellard	abort_cmd:
2444	5391d806	bellard	ide_abort_command(s);
2445	5391d806	bellard	ide_set_irq(s);
2446	5391d806	bellard	break;
2447	5391d806	bellard	}
2448	5391d806	bellard	}
2449	5391d806	bellard	}
2450	5391d806	bellard
2451	caed8802	bellard	static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2452	5391d806	bellard	{
2453	7ae98627	bellard	IDEState *ide_if = opaque;
2454	7ae98627	bellard	IDEState *s = ide_if->cur_drive;
2455	5391d806	bellard	uint32_t addr;
2456	c2ff060f	bellard	int ret, hob;
2457	5391d806	bellard
2458	5391d806	bellard	addr = addr1 & 7;
2459	c2ff060f	bellard	/* FIXME: HOB readback uses bit 7, but it's always set right now */
2460	c2ff060f	bellard	//hob = s->select & (1 << 7);
2461	c2ff060f	bellard	hob = 0;
2462	5391d806	bellard	switch(addr) {
2463	5391d806	bellard	case 0:
2464	5391d806	bellard	ret = 0xff;
2465	5391d806	bellard	break;
2466	5391d806	bellard	case 1:
2467	7ae98627	bellard	if (!ide_if[0].bs && !ide_if[1].bs)
2468	c45c3d00	bellard	ret = 0;
2469	c2ff060f	bellard	else if (!hob)
2470	c45c3d00	bellard	ret = s->error;
2471	c2ff060f	bellard	else
2472	c2ff060f	bellard	ret = s->hob_feature;
2473	5391d806	bellard	break;
2474	5391d806	bellard	case 2:
2475	7ae98627	bellard	if (!ide_if[0].bs && !ide_if[1].bs)
2476	c45c3d00	bellard	ret = 0;
2477	c2ff060f	bellard	else if (!hob)
2478	c45c3d00	bellard	ret = s->nsector & 0xff;
2479	c2ff060f	bellard	else
2480	c2ff060f	bellard	ret = s->hob_nsector;
2481	5391d806	bellard	break;
2482	5391d806	bellard	case 3:
2483	7ae98627	bellard	if (!ide_if[0].bs && !ide_if[1].bs)
2484	c45c3d00	bellard	ret = 0;
2485	c2ff060f	bellard	else if (!hob)
2486	c45c3d00	bellard	ret = s->sector;
2487	c2ff060f	bellard	else
2488	c2ff060f	bellard	ret = s->hob_sector;
2489	5391d806	bellard	break;
2490	5391d806	bellard	case 4:
2491	7ae98627	bellard	if (!ide_if[0].bs && !ide_if[1].bs)
2492	c45c3d00	bellard	ret = 0;
2493	c2ff060f	bellard	else if (!hob)
2494	c45c3d00	bellard	ret = s->lcyl;
2495	c2ff060f	bellard	else
2496	c2ff060f	bellard	ret = s->hob_lcyl;
2497	5391d806	bellard	break;
2498	5391d806	bellard	case 5:
2499	7ae98627	bellard	if (!ide_if[0].bs && !ide_if[1].bs)
2500	c45c3d00	bellard	ret = 0;
2501	c2ff060f	bellard	else if (!hob)
2502	c45c3d00	bellard	ret = s->hcyl;
2503	c2ff060f	bellard	else
2504	c2ff060f	bellard	ret = s->hob_hcyl;
2505	5391d806	bellard	break;
2506	5391d806	bellard	case 6:
2507	7ae98627	bellard	if (!ide_if[0].bs && !ide_if[1].bs)
2508	c45c3d00	bellard	ret = 0;
2509	c45c3d00	bellard	else
2510	7ae98627	bellard	ret = s->select;
2511	5391d806	bellard	break;
2512	5391d806	bellard	default:
2513	5391d806	bellard	case 7:
2514	66201e2d	bellard	if ((!ide_if[0].bs && !ide_if[1].bs) \|\|
2515	66201e2d	bellard	(s != ide_if && !s->bs))
2516	c45c3d00	bellard	ret = 0;
2517	c45c3d00	bellard	else
2518	c45c3d00	bellard	ret = s->status;
2519	d537cf6c	pbrook	qemu_irq_lower(s->irq);
2520	5391d806	bellard	break;
2521	5391d806	bellard	}
2522	5391d806	bellard	#ifdef DEBUG_IDE
2523	5391d806	bellard	printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2524	5391d806	bellard	#endif
2525	5391d806	bellard	return ret;
2526	5391d806	bellard	}
2527	5391d806	bellard
2528	caed8802	bellard	static uint32_t ide_status_read(void *opaque, uint32_t addr)
2529	5391d806	bellard	{
2530	7ae98627	bellard	IDEState *ide_if = opaque;
2531	7ae98627	bellard	IDEState *s = ide_if->cur_drive;
2532	5391d806	bellard	int ret;
2533	7ae98627	bellard
2534	66201e2d	bellard	if ((!ide_if[0].bs && !ide_if[1].bs) \|\|
2535	66201e2d	bellard	(s != ide_if && !s->bs))
2536	7ae98627	bellard	ret = 0;
2537	7ae98627	bellard	else
2538	7ae98627	bellard	ret = s->status;
2539	5391d806	bellard	#ifdef DEBUG_IDE
2540	5391d806	bellard	printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2541	5391d806	bellard	#endif
2542	5391d806	bellard	return ret;
2543	5391d806	bellard	}
2544	5391d806	bellard
2545	caed8802	bellard	static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2546	5391d806	bellard	{
2547	caed8802	bellard	IDEState *ide_if = opaque;
2548	5391d806	bellard	IDEState *s;
2549	5391d806	bellard	int i;
2550	5391d806	bellard
2551	5391d806	bellard	#ifdef DEBUG_IDE
2552	5391d806	bellard	printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2553	5391d806	bellard	#endif
2554	5391d806	bellard	/* common for both drives */
2555	5391d806	bellard	if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2556	5391d806	bellard	(val & IDE_CMD_RESET)) {
2557	5391d806	bellard	/* reset low to high */
2558	5391d806	bellard	for(i = 0;i < 2; i++) {
2559	5391d806	bellard	s = &ide_if[i];
2560	5391d806	bellard	s->status = BUSY_STAT \| SEEK_STAT;
2561	5391d806	bellard	s->error = 0x01;
2562	5391d806	bellard	}
2563	5391d806	bellard	} else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2564	5391d806	bellard	!(val & IDE_CMD_RESET)) {
2565	5391d806	bellard	/* high to low */
2566	5391d806	bellard	for(i = 0;i < 2; i++) {
2567	5391d806	bellard	s = &ide_if[i];
2568	6b136f9e	bellard	if (s->is_cdrom)
2569	6b136f9e	bellard	s->status = 0x00; /* NOTE: READY is _not_ set */
2570	6b136f9e	bellard	else
2571	56bf1d37	bellard	s->status = READY_STAT \| SEEK_STAT;
2572	5391d806	bellard	ide_set_signature(s);
2573	5391d806	bellard	}
2574	5391d806	bellard	}
2575	5391d806	bellard
2576	5391d806	bellard	ide_if[0].cmd = val;
2577	5391d806	bellard	ide_if[1].cmd = val;
2578	5391d806	bellard	}
2579	5391d806	bellard
2580	caed8802	bellard	static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2581	5391d806	bellard	{
2582	caed8802	bellard	IDEState s = ((IDEState )opaque)->cur_drive;
2583	5391d806	bellard	uint8_t *p;
2584	5391d806	bellard
2585	fcdd25ab	aliguori	/* PIO data access allowed only when DRQ bit is set */
2586	fcdd25ab	aliguori	if (!(s->status & DRQ_STAT))
2587	fcdd25ab	aliguori	return;
2588	fcdd25ab	aliguori
2589	5391d806	bellard	p = s->data_ptr;
2590	0c4ad8dc	bellard	(uint16_t )p = le16_to_cpu(val);
2591	5391d806	bellard	p += 2;
2592	5391d806	bellard	s->data_ptr = p;
2593	5391d806	bellard	if (p >= s->data_end)
2594	5391d806	bellard	s->end_transfer_func(s);
2595	5391d806	bellard	}
2596	5391d806	bellard
2597	caed8802	bellard	static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2598	5391d806	bellard	{
2599	caed8802	bellard	IDEState s = ((IDEState )opaque)->cur_drive;
2600	5391d806	bellard	uint8_t *p;
2601	5391d806	bellard	int ret;
2602	fcdd25ab	aliguori
2603	fcdd25ab	aliguori	/* PIO data access allowed only when DRQ bit is set */
2604	fcdd25ab	aliguori	if (!(s->status & DRQ_STAT))
2605	fcdd25ab	aliguori	return 0;
2606	fcdd25ab	aliguori
2607	5391d806	bellard	p = s->data_ptr;
2608	0c4ad8dc	bellard	ret = cpu_to_le16((uint16_t )p);
2609	5391d806	bellard	p += 2;
2610	5391d806	bellard	s->data_ptr = p;
2611	5391d806	bellard	if (p >= s->data_end)
2612	5391d806	bellard	s->end_transfer_func(s);
2613	5391d806	bellard	return ret;
2614	5391d806	bellard	}
2615	5391d806	bellard
2616	caed8802	bellard	static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2617	5391d806	bellard	{
2618	caed8802	bellard	IDEState s = ((IDEState )opaque)->cur_drive;
2619	5391d806	bellard	uint8_t *p;
2620	5391d806	bellard
2621	fcdd25ab	aliguori	/* PIO data access allowed only when DRQ bit is set */
2622	fcdd25ab	aliguori	if (!(s->status & DRQ_STAT))
2623	fcdd25ab	aliguori	return;
2624	fcdd25ab	aliguori
2625	5391d806	bellard	p = s->data_ptr;
2626	0c4ad8dc	bellard	(uint32_t )p = le32_to_cpu(val);
2627	5391d806	bellard	p += 4;
2628	5391d806	bellard	s->data_ptr = p;
2629	5391d806	bellard	if (p >= s->data_end)
2630	5391d806	bellard	s->end_transfer_func(s);
2631	5391d806	bellard	}
2632	5391d806	bellard
2633	caed8802	bellard	static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2634	5391d806	bellard	{
2635	caed8802	bellard	IDEState s = ((IDEState )opaque)->cur_drive;
2636	5391d806	bellard	uint8_t *p;
2637	5391d806	bellard	int ret;
2638	3b46e624	ths
2639	fcdd25ab	aliguori	/* PIO data access allowed only when DRQ bit is set */
2640	fcdd25ab	aliguori	if (!(s->status & DRQ_STAT))
2641	fcdd25ab	aliguori	return 0;
2642	fcdd25ab	aliguori
2643	5391d806	bellard	p = s->data_ptr;
2644	0c4ad8dc	bellard	ret = cpu_to_le32((uint32_t )p);
2645	5391d806	bellard	p += 4;
2646	5391d806	bellard	s->data_ptr = p;
2647	5391d806	bellard	if (p >= s->data_end)
2648	5391d806	bellard	s->end_transfer_func(s);
2649	5391d806	bellard	return ret;
2650	5391d806	bellard	}
2651	5391d806	bellard
2652	a7dfe172	bellard	static void ide_dummy_transfer_stop(IDEState *s)
2653	a7dfe172	bellard	{
2654	a7dfe172	bellard	s->data_ptr = s->io_buffer;
2655	a7dfe172	bellard	s->data_end = s->io_buffer;
2656	a7dfe172	bellard	s->io_buffer[0] = 0xff;
2657	a7dfe172	bellard	s->io_buffer[1] = 0xff;
2658	a7dfe172	bellard	s->io_buffer[2] = 0xff;
2659	a7dfe172	bellard	s->io_buffer[3] = 0xff;
2660	a7dfe172	bellard	}
2661	a7dfe172	bellard
2662	5391d806	bellard	static void ide_reset(IDEState *s)
2663	5391d806	bellard	{
2664	201a51fc	balrog	if (s->is_cf)
2665	201a51fc	balrog	s->mult_sectors = 0;
2666	201a51fc	balrog	else
2667	201a51fc	balrog	s->mult_sectors = MAX_MULT_SECTORS;
2668	5391d806	bellard	s->cur_drive = s;
2669	5391d806	bellard	s->select = 0xa0;
2670	41a2b959	aliguori	s->status = READY_STAT \| SEEK_STAT;
2671	5391d806	bellard	ide_set_signature(s);
2672	a7dfe172	bellard	/* init the transfer handler so that 0xffff is returned on data
2673	a7dfe172	bellard	accesses */
2674	a7dfe172	bellard	s->end_transfer_func = ide_dummy_transfer_stop;
2675	a7dfe172	bellard	ide_dummy_transfer_stop(s);
2676	201a51fc	balrog	s->media_changed = 0;
2677	5391d806	bellard	}
2678	5391d806	bellard
2679	5457c8ce	bellard	static void ide_init2(IDEState *ide_state,
2680	5457c8ce	bellard	BlockDriverState hd0, BlockDriverState hd1,
2681	d537cf6c	pbrook	qemu_irq irq)
2682	5391d806	bellard	{
2683	69b91039	bellard	IDEState *s;
2684	aedf5382	bellard	static int drive_serial = 1;
2685	f3d54fc4	aliguori	int i, cylinders, heads, secs;
2686	96b8f136	ths	uint64_t nb_sectors;
2687	5391d806	bellard
2688	caed8802	bellard	for(i = 0; i < 2; i++) {
2689	caed8802	bellard	s = ide_state + i;
2690	1d8cde5b	aurel32	s->io_buffer = qemu_memalign(512, IDE_DMA_BUF_SECTORS*512 + 4);
2691	caed8802	bellard	if (i == 0)
2692	caed8802	bellard	s->bs = hd0;
2693	caed8802	bellard	else
2694	caed8802	bellard	s->bs = hd1;
2695	5391d806	bellard	if (s->bs) {
2696	5391d806	bellard	bdrv_get_geometry(s->bs, &nb_sectors);
2697	f3d54fc4	aliguori	bdrv_guess_geometry(s->bs, &cylinders, &heads, &secs);
2698	f3d54fc4	aliguori	s->cylinders = cylinders;
2699	f3d54fc4	aliguori	s->heads = heads;
2700	f3d54fc4	aliguori	s->sectors = secs;
2701	5391d806	bellard	s->nb_sectors = nb_sectors;
2702	f3d54fc4	aliguori
2703	caed8802	bellard	if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2704	caed8802	bellard	s->is_cdrom = 1;
2705	bd491d6a	ths	bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2706	5391d806	bellard	}
2707	5391d806	bellard	}
2708	aedf5382	bellard	s->drive_serial = drive_serial++;
2709	caed8802	bellard	s->irq = irq;
2710	5fafdf24	ths	s->sector_write_timer = qemu_new_timer(vm_clock,
2711	a09db21f	bellard	ide_sector_write_timer_cb, s);
2712	5391d806	bellard	ide_reset(s);
2713	5391d806	bellard	}
2714	69b91039	bellard	}
2715	69b91039	bellard
2716	34e538ae	bellard	static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2717	69b91039	bellard	{
2718	caed8802	bellard	register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2719	caed8802	bellard	register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2720	caed8802	bellard	if (iobase2) {
2721	caed8802	bellard	register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2722	caed8802	bellard	register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2723	5391d806	bellard	}
2724	3b46e624	ths
2725	caed8802	bellard	/* data ports */
2726	caed8802	bellard	register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2727	caed8802	bellard	register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2728	caed8802	bellard	register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2729	caed8802	bellard	register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2730	5391d806	bellard	}
2731	69b91039	bellard
2732	aa941b94	balrog	/* save per IDE drive data */
2733	aa941b94	balrog	static void ide_save(QEMUFile* f, IDEState *s)
2734	aa941b94	balrog	{
2735	bee8d684	ths	qemu_put_be32(f, s->mult_sectors);
2736	bee8d684	ths	qemu_put_be32(f, s->identify_set);
2737	aa941b94	balrog	if (s->identify_set) {
2738	aa941b94	balrog	qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2739	aa941b94	balrog	}
2740	aa941b94	balrog	qemu_put_8s(f, &s->feature);
2741	aa941b94	balrog	qemu_put_8s(f, &s->error);
2742	aa941b94	balrog	qemu_put_be32s(f, &s->nsector);
2743	aa941b94	balrog	qemu_put_8s(f, &s->sector);
2744	aa941b94	balrog	qemu_put_8s(f, &s->lcyl);
2745	aa941b94	balrog	qemu_put_8s(f, &s->hcyl);
2746	aa941b94	balrog	qemu_put_8s(f, &s->hob_feature);
2747	aa941b94	balrog	qemu_put_8s(f, &s->hob_nsector);
2748	aa941b94	balrog	qemu_put_8s(f, &s->hob_sector);
2749	aa941b94	balrog	qemu_put_8s(f, &s->hob_lcyl);
2750	aa941b94	balrog	qemu_put_8s(f, &s->hob_hcyl);
2751	aa941b94	balrog	qemu_put_8s(f, &s->select);
2752	aa941b94	balrog	qemu_put_8s(f, &s->status);
2753	aa941b94	balrog	qemu_put_8s(f, &s->lba48);
2754	aa941b94	balrog
2755	aa941b94	balrog	qemu_put_8s(f, &s->sense_key);
2756	aa941b94	balrog	qemu_put_8s(f, &s->asc);
2757	aa941b94	balrog	/* XXX: if a transfer is pending, we do not save it yet */
2758	aa941b94	balrog	}
2759	aa941b94	balrog
2760	aa941b94	balrog	/* load per IDE drive data */
2761	aa941b94	balrog	static void ide_load(QEMUFile* f, IDEState *s)
2762	aa941b94	balrog	{
2763	bee8d684	ths	s->mult_sectors=qemu_get_be32(f);
2764	bee8d684	ths	s->identify_set=qemu_get_be32(f);
2765	aa941b94	balrog	if (s->identify_set) {
2766	aa941b94	balrog	qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2767	aa941b94	balrog	}
2768	aa941b94	balrog	qemu_get_8s(f, &s->feature);
2769	aa941b94	balrog	qemu_get_8s(f, &s->error);
2770	aa941b94	balrog	qemu_get_be32s(f, &s->nsector);
2771	aa941b94	balrog	qemu_get_8s(f, &s->sector);
2772	aa941b94	balrog	qemu_get_8s(f, &s->lcyl);
2773	aa941b94	balrog	qemu_get_8s(f, &s->hcyl);
2774	aa941b94	balrog	qemu_get_8s(f, &s->hob_feature);
2775	aa941b94	balrog	qemu_get_8s(f, &s->hob_nsector);
2776	aa941b94	balrog	qemu_get_8s(f, &s->hob_sector);
2777	aa941b94	balrog	qemu_get_8s(f, &s->hob_lcyl);
2778	aa941b94	balrog	qemu_get_8s(f, &s->hob_hcyl);
2779	aa941b94	balrog	qemu_get_8s(f, &s->select);
2780	aa941b94	balrog	qemu_get_8s(f, &s->status);
2781	aa941b94	balrog	qemu_get_8s(f, &s->lba48);
2782	aa941b94	balrog
2783	aa941b94	balrog	qemu_get_8s(f, &s->sense_key);
2784	aa941b94	balrog	qemu_get_8s(f, &s->asc);
2785	aa941b94	balrog	/* XXX: if a transfer is pending, we do not save it yet */
2786	aa941b94	balrog	}
2787	aa941b94	balrog
2788	69b91039	bellard	/***********************************************************/
2789	34e538ae	bellard	/* ISA IDE definitions */
2790	34e538ae	bellard
2791	d537cf6c	pbrook	void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
2792	34e538ae	bellard	BlockDriverState hd0, BlockDriverState hd1)
2793	34e538ae	bellard	{
2794	34e538ae	bellard	IDEState *ide_state;
2795	34e538ae	bellard
2796	34e538ae	bellard	ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2797	34e538ae	bellard	if (!ide_state)
2798	34e538ae	bellard	return;
2799	3b46e624	ths
2800	d537cf6c	pbrook	ide_init2(ide_state, hd0, hd1, irq);
2801	34e538ae	bellard	ide_init_ioport(ide_state, iobase, iobase2);
2802	34e538ae	bellard	}
2803	34e538ae	bellard
2804	34e538ae	bellard	/***********************************************************/
2805	69b91039	bellard	/* PCI IDE definitions */
2806	69b91039	bellard
2807	5457c8ce	bellard	static void cmd646_update_irq(PCIIDEState *d);
2808	5457c8ce	bellard
2809	5fafdf24	ths	static void ide_map(PCIDevice *pci_dev, int region_num,
2810	69b91039	bellard	uint32_t addr, uint32_t size, int type)
2811	69b91039	bellard	{
2812	69b91039	bellard	PCIIDEState d = (PCIIDEState )pci_dev;
2813	69b91039	bellard	IDEState *ide_state;
2814	69b91039	bellard
2815	69b91039	bellard	if (region_num <= 3) {
2816	69b91039	bellard	ide_state = &d->ide_if[(region_num >> 1) * 2];
2817	69b91039	bellard	if (region_num & 1) {
2818	69b91039	bellard	register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2819	69b91039	bellard	register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2820	69b91039	bellard	} else {
2821	69b91039	bellard	register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2822	69b91039	bellard	register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2823	69b91039	bellard
2824	69b91039	bellard	/* data ports */
2825	69b91039	bellard	register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2826	69b91039	bellard	register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2827	69b91039	bellard	register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2828	69b91039	bellard	register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2829	69b91039	bellard	}
2830	69b91039	bellard	}
2831	69b91039	bellard	}
2832	69b91039	bellard
2833	8ccad811	bellard	static void ide_dma_start(IDEState s, BlockDriverCompletionFunc dma_cb)
2834	98087450	bellard	{
2835	98087450	bellard	BMDMAState *bm = s->bmdma;
2836	98087450	bellard	if(!bm)
2837	98087450	bellard	return;
2838	98087450	bellard	bm->ide_if = s;
2839	98087450	bellard	bm->dma_cb = dma_cb;
2840	8ccad811	bellard	bm->cur_prd_last = 0;
2841	8ccad811	bellard	bm->cur_prd_addr = 0;
2842	8ccad811	bellard	bm->cur_prd_len = 0;
2843	98087450	bellard	if (bm->status & BM_STATUS_DMAING) {
2844	8ccad811	bellard	bm->dma_cb(bm, 0);
2845	98087450	bellard	}
2846	98087450	bellard	}
2847	98087450	bellard
2848	72c7b06c	aliguori	static void ide_dma_cancel(BMDMAState *bm)
2849	72c7b06c	aliguori	{
2850	72c7b06c	aliguori	if (bm->status & BM_STATUS_DMAING) {
2851	72c7b06c	aliguori	bm->status &= ~BM_STATUS_DMAING;
2852	72c7b06c	aliguori	/* cancel DMA request */
2853	72c7b06c	aliguori	bm->ide_if = NULL;
2854	72c7b06c	aliguori	bm->dma_cb = NULL;
2855	72c7b06c	aliguori	if (bm->aiocb) {
2856	72c7b06c	aliguori	#ifdef DEBUG_AIO
2857	72c7b06c	aliguori	printf("aio_cancel\n");
2858	72c7b06c	aliguori	#endif
2859	72c7b06c	aliguori	bdrv_aio_cancel(bm->aiocb);
2860	72c7b06c	aliguori	bm->aiocb = NULL;
2861	72c7b06c	aliguori	}
2862	72c7b06c	aliguori	}
2863	72c7b06c	aliguori	}
2864	72c7b06c	aliguori
2865	98087450	bellard	static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2866	98087450	bellard	{
2867	98087450	bellard	BMDMAState *bm = opaque;
2868	98087450	bellard	#ifdef DEBUG_IDE
2869	98087450	bellard	printf("%s: 0x%08x\n", __func__, val);
2870	98087450	bellard	#endif
2871	98087450	bellard	if (!(val & BM_CMD_START)) {
2872	98087450	bellard	/* XXX: do it better */
2873	72c7b06c	aliguori	ide_dma_cancel(bm);
2874	98087450	bellard	bm->cmd = val & 0x09;
2875	98087450	bellard	} else {
2876	8ccad811	bellard	if (!(bm->status & BM_STATUS_DMAING)) {
2877	8ccad811	bellard	bm->status \|= BM_STATUS_DMAING;
2878	8ccad811	bellard	/* start dma transfer if possible */
2879	8ccad811	bellard	if (bm->dma_cb)
2880	8ccad811	bellard	bm->dma_cb(bm, 0);
2881	8ccad811	bellard	}
2882	98087450	bellard	bm->cmd = val & 0x09;
2883	98087450	bellard	}
2884	98087450	bellard	}
2885	98087450	bellard
2886	5457c8ce	bellard	static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2887	98087450	bellard	{
2888	98087450	bellard	BMDMAState *bm = opaque;
2889	5457c8ce	bellard	PCIIDEState *pci_dev;
2890	98087450	bellard	uint32_t val;
2891	3b46e624	ths
2892	5457c8ce	bellard	switch(addr & 3) {
2893	5fafdf24	ths	case 0:
2894	5457c8ce	bellard	val = bm->cmd;
2895	5457c8ce	bellard	break;
2896	5457c8ce	bellard	case 1:
2897	5457c8ce	bellard	pci_dev = bm->pci_dev;
2898	5457c8ce	bellard	if (pci_dev->type == IDE_TYPE_CMD646) {
2899	5457c8ce	bellard	val = pci_dev->dev.config[MRDMODE];
2900	5457c8ce	bellard	} else {
2901	5457c8ce	bellard	val = 0xff;
2902	5457c8ce	bellard	}
2903	5457c8ce	bellard	break;
2904	5457c8ce	bellard	case 2:
2905	5457c8ce	bellard	val = bm->status;
2906	5457c8ce	bellard	break;
2907	5457c8ce	bellard	case 3:
2908	5457c8ce	bellard	pci_dev = bm->pci_dev;
2909	5457c8ce	bellard	if (pci_dev->type == IDE_TYPE_CMD646) {
2910	5457c8ce	bellard	if (bm == &pci_dev->bmdma[0])
2911	5457c8ce	bellard	val = pci_dev->dev.config[UDIDETCR0];
2912	5457c8ce	bellard	else
2913	5457c8ce	bellard	val = pci_dev->dev.config[UDIDETCR1];
2914	5457c8ce	bellard	} else {
2915	5457c8ce	bellard	val = 0xff;
2916	5457c8ce	bellard	}
2917	5457c8ce	bellard	break;
2918	5457c8ce	bellard	default:
2919	5457c8ce	bellard	val = 0xff;
2920	5457c8ce	bellard	break;
2921	5457c8ce	bellard	}
2922	98087450	bellard	#ifdef DEBUG_IDE
2923	5457c8ce	bellard	printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2924	98087450	bellard	#endif
2925	98087450	bellard	return val;
2926	98087450	bellard	}
2927	98087450	bellard
2928	5457c8ce	bellard	static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2929	98087450	bellard	{
2930	98087450	bellard	BMDMAState *bm = opaque;
2931	5457c8ce	bellard	PCIIDEState *pci_dev;
2932	98087450	bellard	#ifdef DEBUG_IDE
2933	5457c8ce	bellard	printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
2934	98087450	bellard	#endif
2935	5457c8ce	bellard	switch(addr & 3) {
2936	5457c8ce	bellard	case 1:
2937	5457c8ce	bellard	pci_dev = bm->pci_dev;
2938	5457c8ce	bellard	if (pci_dev->type == IDE_TYPE_CMD646) {
2939	5fafdf24	ths	pci_dev->dev.config[MRDMODE] =
2940	5457c8ce	bellard	(pci_dev->dev.config[MRDMODE] & ~0x30) \| (val & 0x30);
2941	5457c8ce	bellard	cmd646_update_irq(pci_dev);
2942	5457c8ce	bellard	}
2943	5457c8ce	bellard	break;
2944	5457c8ce	bellard	case 2:
2945	5457c8ce	bellard	bm->status = (val & 0x60) \| (bm->status & 1) \| (bm->status & ~val & 0x06);
2946	5457c8ce	bellard	break;
2947	5457c8ce	bellard	case 3:
2948	5457c8ce	bellard	pci_dev = bm->pci_dev;
2949	5457c8ce	bellard	if (pci_dev->type == IDE_TYPE_CMD646) {
2950	5457c8ce	bellard	if (bm == &pci_dev->bmdma[0])
2951	5457c8ce	bellard	pci_dev->dev.config[UDIDETCR0] = val;
2952	5457c8ce	bellard	else
2953	5457c8ce	bellard	pci_dev->dev.config[UDIDETCR1] = val;
2954	5457c8ce	bellard	}
2955	5457c8ce	bellard	break;
2956	5457c8ce	bellard	}
2957	98087450	bellard	}
2958	98087450	bellard
2959	5b9a1293	aurel32	static uint32_t bmdma_addr_readb(void *opaque, uint32_t addr)
2960	5b9a1293	aurel32	{
2961	5b9a1293	aurel32	BMDMAState *bm = opaque;
2962	5b9a1293	aurel32	uint32_t val;
2963	5b9a1293	aurel32	val = (bm->addr >> ((addr & 3) * 8)) & 0xff;
2964	5b9a1293	aurel32	#ifdef DEBUG_IDE
2965	5b9a1293	aurel32	printf("%s: 0x%08x\n", __func__, val);
2966	5b9a1293	aurel32	#endif
2967	5b9a1293	aurel32	return val;
2968	5b9a1293	aurel32	}
2969	5b9a1293	aurel32
2970	5b9a1293	aurel32	static void bmdma_addr_writeb(void *opaque, uint32_t addr, uint32_t val)
2971	5b9a1293	aurel32	{
2972	5b9a1293	aurel32	BMDMAState *bm = opaque;
2973	5b9a1293	aurel32	int shift = (addr & 3) * 8;
2974	5b9a1293	aurel32	#ifdef DEBUG_IDE
2975	5b9a1293	aurel32	printf("%s: 0x%08x\n", __func__, val);
2976	5b9a1293	aurel32	#endif
2977	5b9a1293	aurel32	bm->addr &= ~(0xFF << shift);
2978	5b9a1293	aurel32	bm->addr \|= ((val & 0xFF) << shift) & ~3;
2979	5b9a1293	aurel32	bm->cur_addr = bm->addr;
2980	5b9a1293	aurel32	}
2981	5b9a1293	aurel32
2982	5b9a1293	aurel32	static uint32_t bmdma_addr_readw(void *opaque, uint32_t addr)
2983	5b9a1293	aurel32	{
2984	5b9a1293	aurel32	BMDMAState *bm = opaque;
2985	5b9a1293	aurel32	uint32_t val;
2986	5b9a1293	aurel32	val = (bm->addr >> ((addr & 3) * 8)) & 0xffff;
2987	5b9a1293	aurel32	#ifdef DEBUG_IDE
2988	5b9a1293	aurel32	printf("%s: 0x%08x\n", __func__, val);
2989	5b9a1293	aurel32	#endif
2990	5b9a1293	aurel32	return val;
2991	5b9a1293	aurel32	}
2992	5b9a1293	aurel32
2993	5b9a1293	aurel32	static void bmdma_addr_writew(void *opaque, uint32_t addr, uint32_t val)
2994	5b9a1293	aurel32	{
2995	5b9a1293	aurel32	BMDMAState *bm = opaque;
2996	5b9a1293	aurel32	int shift = (addr & 3) * 8;
2997	5b9a1293	aurel32	#ifdef DEBUG_IDE
2998	5b9a1293	aurel32	printf("%s: 0x%08x\n", __func__, val);
2999	5b9a1293	aurel32	#endif
3000	5b9a1293	aurel32	bm->addr &= ~(0xFFFF << shift);
3001	5b9a1293	aurel32	bm->addr \|= ((val & 0xFFFF) << shift) & ~3;
3002	5b9a1293	aurel32	bm->cur_addr = bm->addr;
3003	5b9a1293	aurel32	}
3004	5b9a1293	aurel32
3005	98087450	bellard	static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
3006	98087450	bellard	{
3007	98087450	bellard	BMDMAState *bm = opaque;
3008	98087450	bellard	uint32_t val;
3009	98087450	bellard	val = bm->addr;
3010	98087450	bellard	#ifdef DEBUG_IDE
3011	98087450	bellard	printf("%s: 0x%08x\n", __func__, val);
3012	98087450	bellard	#endif
3013	98087450	bellard	return val;
3014	98087450	bellard	}
3015	98087450	bellard
3016	98087450	bellard	static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
3017	98087450	bellard	{
3018	98087450	bellard	BMDMAState *bm = opaque;
3019	98087450	bellard	#ifdef DEBUG_IDE
3020	98087450	bellard	printf("%s: 0x%08x\n", __func__, val);
3021	98087450	bellard	#endif
3022	98087450	bellard	bm->addr = val & ~3;
3023	30c4bbac	ths	bm->cur_addr = bm->addr;
3024	98087450	bellard	}
3025	98087450	bellard
3026	5fafdf24	ths	static void bmdma_map(PCIDevice *pci_dev, int region_num,
3027	98087450	bellard	uint32_t addr, uint32_t size, int type)
3028	98087450	bellard	{
3029	98087450	bellard	PCIIDEState d = (PCIIDEState )pci_dev;
3030	98087450	bellard	int i;
3031	98087450	bellard
3032	98087450	bellard	for(i = 0;i < 2; i++) {
3033	98087450	bellard	BMDMAState *bm = &d->bmdma[i];
3034	98087450	bellard	d->ide_if[2 * i].bmdma = bm;
3035	98087450	bellard	d->ide_if[2 * i + 1].bmdma = bm;
3036	5457c8ce	bellard	bm->pci_dev = (PCIIDEState *)pci_dev;
3037	5457c8ce	bellard
3038	98087450	bellard	register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
3039	98087450	bellard
3040	5457c8ce	bellard	register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
3041	5457c8ce	bellard	register_ioport_read(addr, 4, 1, bmdma_readb, bm);
3042	98087450	bellard
3043	5b9a1293	aurel32	register_ioport_write(addr + 4, 4, 1, bmdma_addr_writeb, bm);
3044	5b9a1293	aurel32	register_ioport_read(addr + 4, 4, 1, bmdma_addr_readb, bm);
3045	5b9a1293	aurel32	register_ioport_write(addr + 4, 4, 2, bmdma_addr_writew, bm);
3046	5b9a1293	aurel32	register_ioport_read(addr + 4, 4, 2, bmdma_addr_readw, bm);
3047	98087450	bellard	register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
3048	98087450	bellard	register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
3049	98087450	bellard	addr += 8;
3050	98087450	bellard	}
3051	98087450	bellard	}
3052	98087450	bellard
3053	5457c8ce	bellard	/* XXX: call it also when the MRDMODE is changed from the PCI config
3054	5457c8ce	bellard	registers */
3055	5457c8ce	bellard	static void cmd646_update_irq(PCIIDEState *d)
3056	5457c8ce	bellard	{
3057	5457c8ce	bellard	int pci_level;
3058	5457c8ce	bellard	pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
3059	5457c8ce	bellard	!(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) \|\|
3060	5457c8ce	bellard	((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
3061	5457c8ce	bellard	!(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
3062	d537cf6c	pbrook	qemu_set_irq(d->dev.irq[0], pci_level);
3063	5457c8ce	bellard	}
3064	5457c8ce	bellard
3065	5457c8ce	bellard	/* the PCI irq level is the logical OR of the two channels */
3066	5457c8ce	bellard	static void cmd646_set_irq(void *opaque, int channel, int level)
3067	5457c8ce	bellard	{
3068	5457c8ce	bellard	PCIIDEState *d = opaque;
3069	5457c8ce	bellard	int irq_mask;
3070	5457c8ce	bellard
3071	5457c8ce	bellard	irq_mask = MRDMODE_INTR_CH0 << channel;
3072	5457c8ce	bellard	if (level)
3073	5457c8ce	bellard	d->dev.config[MRDMODE] \|= irq_mask;
3074	5457c8ce	bellard	else
3075	5457c8ce	bellard	d->dev.config[MRDMODE] &= ~irq_mask;
3076	5457c8ce	bellard	cmd646_update_irq(d);
3077	5457c8ce	bellard	}
3078	5457c8ce	bellard
3079	5457c8ce	bellard	/* CMD646 PCI IDE controller */
3080	5457c8ce	bellard	void pci_cmd646_ide_init(PCIBus bus, BlockDriverState *hd_table,
3081	5457c8ce	bellard	int secondary_ide_enabled)
3082	69b91039	bellard	{
3083	69b91039	bellard	PCIIDEState *d;
3084	69b91039	bellard	uint8_t *pci_conf;
3085	34e538ae	bellard	int i;
3086	d537cf6c	pbrook	qemu_irq *irq;
3087	34e538ae	bellard
3088	5fafdf24	ths	d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
3089	5457c8ce	bellard	sizeof(PCIIDEState),
3090	5fafdf24	ths	-1,
3091	73c11f63	bellard	NULL, NULL);
3092	5457c8ce	bellard	d->type = IDE_TYPE_CMD646;
3093	69b91039	bellard	pci_conf = d->dev.config;
3094	5457c8ce	bellard	pci_conf[0x00] = 0x95; // CMD646
3095	5457c8ce	bellard	pci_conf[0x01] = 0x10;
3096	5457c8ce	bellard	pci_conf[0x02] = 0x46;
3097	5457c8ce	bellard	pci_conf[0x03] = 0x06;
3098	5457c8ce	bellard
3099	5457c8ce	bellard	pci_conf[0x08] = 0x07; // IDE controller revision
3100	5fafdf24	ths	pci_conf[0x09] = 0x8f;
3101	5457c8ce	bellard
3102	69b91039	bellard	pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3103	69b91039	bellard	pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3104	5457c8ce	bellard	pci_conf[0x0e] = 0x00; // header_type
3105	3b46e624	ths
3106	5457c8ce	bellard	if (secondary_ide_enabled) {
3107	5457c8ce	bellard	/* XXX: if not enabled, really disable the seconday IDE controller */
3108	5457c8ce	bellard	pci_conf[0x51] = 0x80; /* enable IDE1 */
3109	5457c8ce	bellard	}
3110	69b91039	bellard
3111	5fafdf24	ths	pci_register_io_region((PCIDevice *)d, 0, 0x8,
3112	69b91039	bellard	PCI_ADDRESS_SPACE_IO, ide_map);
3113	5fafdf24	ths	pci_register_io_region((PCIDevice *)d, 1, 0x4,
3114	69b91039	bellard	PCI_ADDRESS_SPACE_IO, ide_map);
3115	5fafdf24	ths	pci_register_io_region((PCIDevice *)d, 2, 0x8,
3116	69b91039	bellard	PCI_ADDRESS_SPACE_IO, ide_map);
3117	5fafdf24	ths	pci_register_io_region((PCIDevice *)d, 3, 0x4,
3118	69b91039	bellard	PCI_ADDRESS_SPACE_IO, ide_map);
3119	5fafdf24	ths	pci_register_io_region((PCIDevice *)d, 4, 0x10,
3120	98087450	bellard	PCI_ADDRESS_SPACE_IO, bmdma_map);
3121	69b91039	bellard
3122	34e538ae	bellard	pci_conf[0x3d] = 0x01; // interrupt on pin 1
3123	3b46e624	ths
3124	34e538ae	bellard	for(i = 0; i < 4; i++)
3125	34e538ae	bellard	d->ide_if[i].pci_dev = (PCIDevice *)d;
3126	d537cf6c	pbrook
3127	d537cf6c	pbrook	irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
3128	d537cf6c	pbrook	ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
3129	d537cf6c	pbrook	ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
3130	34e538ae	bellard	}
3131	34e538ae	bellard
3132	c3d78997	bellard	static void pci_ide_save(QEMUFile* f, void *opaque)
3133	c3d78997	bellard	{
3134	c3d78997	bellard	PCIIDEState *d = opaque;
3135	c3d78997	bellard	int i;
3136	c3d78997	bellard
3137	c3d78997	bellard	pci_device_save(&d->dev, f);
3138	c3d78997	bellard
3139	c3d78997	bellard	for(i = 0; i < 2; i++) {
3140	c3d78997	bellard	BMDMAState *bm = &d->bmdma[i];
3141	c3d78997	bellard	qemu_put_8s(f, &bm->cmd);
3142	c3d78997	bellard	qemu_put_8s(f, &bm->status);
3143	c3d78997	bellard	qemu_put_be32s(f, &bm->addr);
3144	c3d78997	bellard	/* XXX: if a transfer is pending, we do not save it yet */
3145	c3d78997	bellard	}
3146	c3d78997	bellard
3147	c3d78997	bellard	/* per IDE interface data */
3148	c3d78997	bellard	for(i = 0; i < 2; i++) {
3149	c3d78997	bellard	IDEState s = &d->ide_if[i 2];
3150	c3d78997	bellard	uint8_t drive1_selected;
3151	c3d78997	bellard	qemu_put_8s(f, &s->cmd);
3152	c3d78997	bellard	drive1_selected = (s->cur_drive != s);
3153	c3d78997	bellard	qemu_put_8s(f, &drive1_selected);
3154	c3d78997	bellard	}
3155	c3d78997	bellard
3156	c3d78997	bellard	/* per IDE drive data */
3157	c3d78997	bellard	for(i = 0; i < 4; i++) {
3158	aa941b94	balrog	ide_save(f, &d->ide_if[i]);
3159	c3d78997	bellard	}
3160	c3d78997	bellard	}
3161	c3d78997	bellard
3162	c3d78997	bellard	static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
3163	c3d78997	bellard	{
3164	c3d78997	bellard	PCIIDEState *d = opaque;
3165	c3d78997	bellard	int ret, i;
3166	c3d78997	bellard
3167	c3d78997	bellard	if (version_id != 1)
3168	c3d78997	bellard	return -EINVAL;
3169	c3d78997	bellard	ret = pci_device_load(&d->dev, f);
3170	c3d78997	bellard	if (ret < 0)
3171	c3d78997	bellard	return ret;
3172	c3d78997	bellard
3173	c3d78997	bellard	for(i = 0; i < 2; i++) {
3174	c3d78997	bellard	BMDMAState *bm = &d->bmdma[i];
3175	c3d78997	bellard	qemu_get_8s(f, &bm->cmd);
3176	c3d78997	bellard	qemu_get_8s(f, &bm->status);
3177	c3d78997	bellard	qemu_get_be32s(f, &bm->addr);
3178	c3d78997	bellard	/* XXX: if a transfer is pending, we do not save it yet */
3179	c3d78997	bellard	}
3180	c3d78997	bellard
3181	c3d78997	bellard	/* per IDE interface data */
3182	c3d78997	bellard	for(i = 0; i < 2; i++) {
3183	c3d78997	bellard	IDEState s = &d->ide_if[i 2];
3184	c3d78997	bellard	uint8_t drive1_selected;
3185	c3d78997	bellard	qemu_get_8s(f, &s->cmd);
3186	c3d78997	bellard	qemu_get_8s(f, &drive1_selected);
3187	c3d78997	bellard	s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
3188	c3d78997	bellard	}
3189	c3d78997	bellard
3190	c3d78997	bellard	/* per IDE drive data */
3191	c3d78997	bellard	for(i = 0; i < 4; i++) {
3192	aa941b94	balrog	ide_load(f, &d->ide_if[i]);
3193	c3d78997	bellard	}
3194	c3d78997	bellard	return 0;
3195	c3d78997	bellard	}
3196	c3d78997	bellard
3197	72c7b06c	aliguori	static void piix3_reset(void *opaque)
3198	e6a71ae3	ths	{
3199	72c7b06c	aliguori	PCIIDEState *d = opaque;
3200	e6a71ae3	ths	uint8_t *pci_conf = d->dev.config;
3201	72c7b06c	aliguori	int i;
3202	72c7b06c	aliguori
3203	72c7b06c	aliguori	for (i = 0; i < 2; i++)
3204	72c7b06c	aliguori	ide_dma_cancel(&d->bmdma[i]);
3205	e6a71ae3	ths
3206	e6a71ae3	ths	pci_conf[0x04] = 0x00;
3207	e6a71ae3	ths	pci_conf[0x05] = 0x00;
3208	e6a71ae3	ths	pci_conf[0x06] = 0x80; /* FBC */
3209	e6a71ae3	ths	pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
3210	e6a71ae3	ths	pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
3211	e6a71ae3	ths	}
3212	e6a71ae3	ths
3213	34e538ae	bellard	/* hd_table must contain 4 block drivers */
3214	34e538ae	bellard	/* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
3215	d537cf6c	pbrook	void pci_piix3_ide_init(PCIBus bus, BlockDriverState *hd_table, int devfn,
3216	d537cf6c	pbrook	qemu_irq *pic)
3217	34e538ae	bellard	{
3218	34e538ae	bellard	PCIIDEState *d;
3219	34e538ae	bellard	uint8_t *pci_conf;
3220	3b46e624	ths
3221	34e538ae	bellard	/* register a function 1 of PIIX3 */
3222	5fafdf24	ths	d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
3223	46e50e9d	bellard	sizeof(PCIIDEState),
3224	502a5395	pbrook	devfn,
3225	34e538ae	bellard	NULL, NULL);
3226	5457c8ce	bellard	d->type = IDE_TYPE_PIIX3;
3227	5457c8ce	bellard
3228	34e538ae	bellard	pci_conf = d->dev.config;
3229	34e538ae	bellard	pci_conf[0x00] = 0x86; // Intel
3230	34e538ae	bellard	pci_conf[0x01] = 0x80;
3231	34e538ae	bellard	pci_conf[0x02] = 0x10;
3232	34e538ae	bellard	pci_conf[0x03] = 0x70;
3233	92510b8c	bellard	pci_conf[0x09] = 0x80; // legacy ATA mode
3234	34e538ae	bellard	pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3235	34e538ae	bellard	pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3236	34e538ae	bellard	pci_conf[0x0e] = 0x00; // header_type
3237	34e538ae	bellard
3238	72c7b06c	aliguori	qemu_register_reset(piix3_reset, d);
3239	e6a71ae3	ths	piix3_reset(d);
3240	e6a71ae3	ths
3241	5fafdf24	ths	pci_register_io_region((PCIDevice *)d, 4, 0x10,
3242	98087450	bellard	PCI_ADDRESS_SPACE_IO, bmdma_map);
3243	34e538ae	bellard
3244	d537cf6c	pbrook	ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3245	d537cf6c	pbrook	ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3246	34e538ae	bellard	ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3247	34e538ae	bellard	ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3248	c3d78997	bellard
3249	c3d78997	bellard	register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3250	69b91039	bellard	}
3251	1ade1de2	bellard
3252	afcc3cdf	ths	/* hd_table must contain 4 block drivers */
3253	afcc3cdf	ths	/* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3254	afcc3cdf	ths	void pci_piix4_ide_init(PCIBus bus, BlockDriverState *hd_table, int devfn,
3255	afcc3cdf	ths	qemu_irq *pic)
3256	afcc3cdf	ths	{
3257	afcc3cdf	ths	PCIIDEState *d;
3258	afcc3cdf	ths	uint8_t *pci_conf;
3259	afcc3cdf	ths
3260	afcc3cdf	ths	/* register a function 1 of PIIX4 */
3261	afcc3cdf	ths	d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
3262	afcc3cdf	ths	sizeof(PCIIDEState),
3263	afcc3cdf	ths	devfn,
3264	afcc3cdf	ths	NULL, NULL);
3265	afcc3cdf	ths	d->type = IDE_TYPE_PIIX4;
3266	afcc3cdf	ths
3267	afcc3cdf	ths	pci_conf = d->dev.config;
3268	afcc3cdf	ths	pci_conf[0x00] = 0x86; // Intel
3269	afcc3cdf	ths	pci_conf[0x01] = 0x80;
3270	afcc3cdf	ths	pci_conf[0x02] = 0x11;
3271	afcc3cdf	ths	pci_conf[0x03] = 0x71;
3272	afcc3cdf	ths	pci_conf[0x09] = 0x80; // legacy ATA mode
3273	afcc3cdf	ths	pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3274	afcc3cdf	ths	pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3275	afcc3cdf	ths	pci_conf[0x0e] = 0x00; // header_type
3276	afcc3cdf	ths
3277	72c7b06c	aliguori	qemu_register_reset(piix3_reset, d);
3278	afcc3cdf	ths	piix3_reset(d);
3279	afcc3cdf	ths
3280	afcc3cdf	ths	pci_register_io_region((PCIDevice *)d, 4, 0x10,
3281	afcc3cdf	ths	PCI_ADDRESS_SPACE_IO, bmdma_map);
3282	afcc3cdf	ths
3283	afcc3cdf	ths	ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3284	afcc3cdf	ths	ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3285	afcc3cdf	ths	ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3286	afcc3cdf	ths	ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3287	afcc3cdf	ths
3288	afcc3cdf	ths	register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3289	afcc3cdf	ths	}
3290	afcc3cdf	ths
3291	1ade1de2	bellard	/***********************************************************/
3292	1ade1de2	bellard	/* MacIO based PowerPC IDE */
3293	1ade1de2	bellard
3294	1ade1de2	bellard	/* PowerMac IDE memory IO */
3295	1ade1de2	bellard	static void pmac_ide_writeb (void *opaque,
3296	1ade1de2	bellard	target_phys_addr_t addr, uint32_t val)
3297	1ade1de2	bellard	{
3298	5fafdf24	ths	addr = (addr & 0xFFF) >> 4;
3299	1ade1de2	bellard	switch (addr) {
3300	1ade1de2	bellard	case 1 ... 7:
3301	1ade1de2	bellard	ide_ioport_write(opaque, addr, val);
3302	1ade1de2	bellard	break;
3303	1ade1de2	bellard	case 8:
3304	1ade1de2	bellard	case 22:
3305	1ade1de2	bellard	ide_cmd_write(opaque, 0, val);
3306	1ade1de2	bellard	break;
3307	1ade1de2	bellard	default:
3308	1ade1de2	bellard	break;
3309	1ade1de2	bellard	}
3310	1ade1de2	bellard	}
3311	1ade1de2	bellard
3312	1ade1de2	bellard	static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3313	1ade1de2	bellard	{
3314	1ade1de2	bellard	uint8_t retval;
3315	1ade1de2	bellard
3316	1ade1de2	bellard	addr = (addr & 0xFFF) >> 4;
3317	1ade1de2	bellard	switch (addr) {
3318	1ade1de2	bellard	case 1 ... 7:
3319	1ade1de2	bellard	retval = ide_ioport_read(opaque, addr);
3320	1ade1de2	bellard	break;
3321	1ade1de2	bellard	case 8:
3322	1ade1de2	bellard	case 22:
3323	1ade1de2	bellard	retval = ide_status_read(opaque, 0);
3324	1ade1de2	bellard	break;
3325	1ade1de2	bellard	default:
3326	1ade1de2	bellard	retval = 0xFF;
3327	1ade1de2	bellard	break;
3328	1ade1de2	bellard	}
3329	1ade1de2	bellard	return retval;
3330	1ade1de2	bellard	}
3331	1ade1de2	bellard
3332	1ade1de2	bellard	static void pmac_ide_writew (void *opaque,
3333	1ade1de2	bellard	target_phys_addr_t addr, uint32_t val)
3334	1ade1de2	bellard	{
3335	5fafdf24	ths	addr = (addr & 0xFFF) >> 4;
3336	1ade1de2	bellard	#ifdef TARGET_WORDS_BIGENDIAN
3337	1ade1de2	bellard	val = bswap16(val);
3338	1ade1de2	bellard	#endif
3339	1ade1de2	bellard	if (addr == 0) {
3340	1ade1de2	bellard	ide_data_writew(opaque, 0, val);
3341	1ade1de2	bellard	}
3342	1ade1de2	bellard	}
3343	1ade1de2	bellard
3344	1ade1de2	bellard	static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3345	1ade1de2	bellard	{
3346	1ade1de2	bellard	uint16_t retval;
3347	1ade1de2	bellard
3348	5fafdf24	ths	addr = (addr & 0xFFF) >> 4;
3349	1ade1de2	bellard	if (addr == 0) {
3350	1ade1de2	bellard	retval = ide_data_readw(opaque, 0);
3351	1ade1de2	bellard	} else {
3352	1ade1de2	bellard	retval = 0xFFFF;
3353	1ade1de2	bellard	}
3354	1ade1de2	bellard	#ifdef TARGET_WORDS_BIGENDIAN
3355	1ade1de2	bellard	retval = bswap16(retval);
3356	1ade1de2	bellard	#endif
3357	1ade1de2	bellard	return retval;
3358	1ade1de2	bellard	}
3359	1ade1de2	bellard
3360	1ade1de2	bellard	static void pmac_ide_writel (void *opaque,
3361	1ade1de2	bellard	target_phys_addr_t addr, uint32_t val)
3362	1ade1de2	bellard	{
3363	5fafdf24	ths	addr = (addr & 0xFFF) >> 4;
3364	1ade1de2	bellard	#ifdef TARGET_WORDS_BIGENDIAN
3365	1ade1de2	bellard	val = bswap32(val);
3366	1ade1de2	bellard	#endif
3367	1ade1de2	bellard	if (addr == 0) {
3368	1ade1de2	bellard	ide_data_writel(opaque, 0, val);
3369	1ade1de2	bellard	}
3370	1ade1de2	bellard	}
3371	1ade1de2	bellard
3372	1ade1de2	bellard	static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3373	1ade1de2	bellard	{
3374	1ade1de2	bellard	uint32_t retval;
3375	1ade1de2	bellard
3376	5fafdf24	ths	addr = (addr & 0xFFF) >> 4;
3377	1ade1de2	bellard	if (addr == 0) {
3378	1ade1de2	bellard	retval = ide_data_readl(opaque, 0);
3379	1ade1de2	bellard	} else {
3380	1ade1de2	bellard	retval = 0xFFFFFFFF;
3381	1ade1de2	bellard	}
3382	1ade1de2	bellard	#ifdef TARGET_WORDS_BIGENDIAN
3383	1ade1de2	bellard	retval = bswap32(retval);
3384	1ade1de2	bellard	#endif
3385	1ade1de2	bellard	return retval;
3386	1ade1de2	bellard	}
3387	1ade1de2	bellard
3388	1ade1de2	bellard	static CPUWriteMemoryFunc *pmac_ide_write[] = {
3389	1ade1de2	bellard	pmac_ide_writeb,
3390	1ade1de2	bellard	pmac_ide_writew,
3391	1ade1de2	bellard	pmac_ide_writel,
3392	1ade1de2	bellard	};
3393	1ade1de2	bellard
3394	1ade1de2	bellard	static CPUReadMemoryFunc *pmac_ide_read[] = {
3395	1ade1de2	bellard	pmac_ide_readb,
3396	1ade1de2	bellard	pmac_ide_readw,
3397	1ade1de2	bellard	pmac_ide_readl,
3398	1ade1de2	bellard	};
3399	1ade1de2	bellard
3400	1ade1de2	bellard	/* hd_table must contain 4 block drivers */
3401	1ade1de2	bellard	/* PowerMac uses memory mapped registers, not I/O. Return the memory
3402	1ade1de2	bellard	I/O index to access the ide. */
3403	d537cf6c	pbrook	int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
3404	1ade1de2	bellard	{
3405	1ade1de2	bellard	IDEState *ide_if;
3406	1ade1de2	bellard	int pmac_ide_memory;
3407	1ade1de2	bellard
3408	1ade1de2	bellard	ide_if = qemu_mallocz(sizeof(IDEState) * 2);
3409	d537cf6c	pbrook	ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3410	3b46e624	ths
3411	1ade1de2	bellard	pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3412	1ade1de2	bellard	pmac_ide_write, &ide_if[0]);
3413	1ade1de2	bellard	return pmac_ide_memory;
3414	1ade1de2	bellard	}
3415	201a51fc	balrog
3416	201a51fc	balrog	/***********************************************************/
3417	201a51fc	balrog	/* CF-ATA Microdrive */
3418	201a51fc	balrog
3419	201a51fc	balrog	#define METADATA_SIZE 0x20
3420	201a51fc	balrog
3421	201a51fc	balrog	/* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3422	201a51fc	balrog	struct md_s {
3423	201a51fc	balrog	IDEState ide[2];
3424	201a51fc	balrog	struct pcmcia_card_s card;
3425	201a51fc	balrog	uint32_t attr_base;
3426	201a51fc	balrog	uint32_t io_base;
3427	201a51fc	balrog
3428	201a51fc	balrog	/* Card state */
3429	201a51fc	balrog	uint8_t opt;
3430	201a51fc	balrog	uint8_t stat;
3431	201a51fc	balrog	uint8_t pins;
3432	201a51fc	balrog
3433	201a51fc	balrog	uint8_t ctrl;
3434	201a51fc	balrog	uint16_t io;
3435	201a51fc	balrog	int cycle;
3436	201a51fc	balrog	};
3437	201a51fc	balrog
3438	201a51fc	balrog	/* Register bitfields */
3439	201a51fc	balrog	enum md_opt {
3440	201a51fc	balrog	OPT_MODE_MMAP = 0,
3441	201a51fc	balrog	OPT_MODE_IOMAP16 = 1,
3442	201a51fc	balrog	OPT_MODE_IOMAP1 = 2,
3443	201a51fc	balrog	OPT_MODE_IOMAP2 = 3,
3444	201a51fc	balrog	OPT_MODE = 0x3f,
3445	201a51fc	balrog	OPT_LEVIREQ = 0x40,
3446	201a51fc	balrog	OPT_SRESET = 0x80,
3447	201a51fc	balrog	};
3448	201a51fc	balrog	enum md_cstat {
3449	201a51fc	balrog	STAT_INT = 0x02,
3450	201a51fc	balrog	STAT_PWRDWN = 0x04,
3451	201a51fc	balrog	STAT_XE = 0x10,
3452	201a51fc	balrog	STAT_IOIS8 = 0x20,
3453	201a51fc	balrog	STAT_SIGCHG = 0x40,
3454	201a51fc	balrog	STAT_CHANGED = 0x80,
3455	201a51fc	balrog	};
3456	201a51fc	balrog	enum md_pins {
3457	201a51fc	balrog	PINS_MRDY = 0x02,
3458	201a51fc	balrog	PINS_CRDY = 0x20,
3459	201a51fc	balrog	};
3460	201a51fc	balrog	enum md_ctrl {
3461	201a51fc	balrog	CTRL_IEN = 0x02,
3462	201a51fc	balrog	CTRL_SRST = 0x04,
3463	201a51fc	balrog	};
3464	201a51fc	balrog
3465	201a51fc	balrog	static inline void md_interrupt_update(struct md_s *s)
3466	201a51fc	balrog	{
3467	201a51fc	balrog	if (!s->card.slot)
3468	201a51fc	balrog	return;
3469	201a51fc	balrog
3470	201a51fc	balrog	qemu_set_irq(s->card.slot->irq,
3471	201a51fc	balrog	!(s->stat & STAT_INT) && /* Inverted */
3472	201a51fc	balrog	!(s->ctrl & (CTRL_IEN \| CTRL_SRST)) &&
3473	201a51fc	balrog	!(s->opt & OPT_SRESET));
3474	201a51fc	balrog	}
3475	201a51fc	balrog
3476	201a51fc	balrog	static void md_set_irq(void *opaque, int irq, int level)
3477	201a51fc	balrog	{
3478	201a51fc	balrog	struct md_s s = (struct md_s ) opaque;
3479	201a51fc	balrog	if (level)
3480	201a51fc	balrog	s->stat \|= STAT_INT;
3481	201a51fc	balrog	else
3482	201a51fc	balrog	s->stat &= ~STAT_INT;
3483	201a51fc	balrog
3484	201a51fc	balrog	md_interrupt_update(s);
3485	201a51fc	balrog	}
3486	201a51fc	balrog
3487	201a51fc	balrog	static void md_reset(struct md_s *s)
3488	201a51fc	balrog	{
3489	201a51fc	balrog	s->opt = OPT_MODE_MMAP;
3490	201a51fc	balrog	s->stat = 0;
3491	201a51fc	balrog	s->pins = 0;
3492	201a51fc	balrog	s->cycle = 0;
3493	201a51fc	balrog	s->ctrl = 0;
3494	201a51fc	balrog	ide_reset(s->ide);
3495	201a51fc	balrog	}
3496	201a51fc	balrog
3497	9e315fa9	balrog	static uint8_t md_attr_read(void *opaque, uint32_t at)
3498	201a51fc	balrog	{
3499	201a51fc	balrog	struct md_s s = (struct md_s ) opaque;
3500	201a51fc	balrog	if (at < s->attr_base) {
3501	201a51fc	balrog	if (at < s->card.cis_len)
3502	201a51fc	balrog	return s->card.cis[at];
3503	201a51fc	balrog	else
3504	201a51fc	balrog	return 0x00;
3505	201a51fc	balrog	}
3506	201a51fc	balrog
3507	201a51fc	balrog	at -= s->attr_base;
3508	201a51fc	balrog
3509	201a51fc	balrog	switch (at) {
3510	201a51fc	balrog	case 0x00: /* Configuration Option Register */
3511	201a51fc	balrog	return s->opt;
3512	201a51fc	balrog	case 0x02: /* Card Configuration Status Register */
3513	201a51fc	balrog	if (s->ctrl & CTRL_IEN)
3514	201a51fc	balrog	return s->stat & ~STAT_INT;
3515	201a51fc	balrog	else
3516	201a51fc	balrog	return s->stat;
3517	201a51fc	balrog	case 0x04: /* Pin Replacement Register */
3518	201a51fc	balrog	return (s->pins & PINS_CRDY) \| 0x0c;
3519	201a51fc	balrog	case 0x06: /* Socket and Copy Register */
3520	201a51fc	balrog	return 0x00;
3521	201a51fc	balrog	#ifdef VERBOSE
3522	201a51fc	balrog	default:
3523	201a51fc	balrog	printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3524	201a51fc	balrog	#endif
3525	201a51fc	balrog	}
3526	201a51fc	balrog
3527	201a51fc	balrog	return 0;
3528	201a51fc	balrog	}
3529	201a51fc	balrog
3530	9e315fa9	balrog	static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
3531	201a51fc	balrog	{
3532	201a51fc	balrog	struct md_s s = (struct md_s ) opaque;
3533	201a51fc	balrog	at -= s->attr_base;
3534	201a51fc	balrog
3535	201a51fc	balrog	switch (at) {
3536	201a51fc	balrog	case 0x00: /* Configuration Option Register */
3537	201a51fc	balrog	s->opt = value & 0xcf;
3538	201a51fc	balrog	if (value & OPT_SRESET)
3539	201a51fc	balrog	md_reset(s);
3540	201a51fc	balrog	md_interrupt_update(s);
3541	201a51fc	balrog	break;
3542	201a51fc	balrog	case 0x02: /* Card Configuration Status Register */
3543	201a51fc	balrog	if ((s->stat ^ value) & STAT_PWRDWN)
3544	201a51fc	balrog	s->pins \|= PINS_CRDY;
3545	201a51fc	balrog	s->stat &= 0x82;
3546	201a51fc	balrog	s->stat \|= value & 0x74;
3547	201a51fc	balrog	md_interrupt_update(s);
3548	201a51fc	balrog	/* Word 170 in Identify Device must be equal to STAT_XE */
3549	201a51fc	balrog	break;
3550	201a51fc	balrog	case 0x04: /* Pin Replacement Register */
3551	201a51fc	balrog	s->pins &= PINS_CRDY;
3552	201a51fc	balrog	s->pins \|= value & PINS_MRDY;
3553	201a51fc	balrog	break;
3554	201a51fc	balrog	case 0x06: /* Socket and Copy Register */
3555	201a51fc	balrog	break;
3556	201a51fc	balrog	default:
3557	201a51fc	balrog	printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3558	201a51fc	balrog	}
3559	201a51fc	balrog	}
3560	201a51fc	balrog
3561	9e315fa9	balrog	static uint16_t md_common_read(void *opaque, uint32_t at)
3562	201a51fc	balrog	{
3563	201a51fc	balrog	struct md_s s = (struct md_s ) opaque;
3564	201a51fc	balrog	uint16_t ret;
3565	201a51fc	balrog	at -= s->io_base;
3566	201a51fc	balrog
3567	201a51fc	balrog	switch (s->opt & OPT_MODE) {
3568	201a51fc	balrog	case OPT_MODE_MMAP:
3569	201a51fc	balrog	if ((at & ~0x3ff) == 0x400)
3570	201a51fc	balrog	at = 0;
3571	201a51fc	balrog	break;
3572	201a51fc	balrog	case OPT_MODE_IOMAP16:
3573	201a51fc	balrog	at &= 0xf;
3574	201a51fc	balrog	break;
3575	201a51fc	balrog	case OPT_MODE_IOMAP1:
3576	201a51fc	balrog	if ((at & ~0xf) == 0x3f0)
3577	201a51fc	balrog	at -= 0x3e8;
3578	201a51fc	balrog	else if ((at & ~0xf) == 0x1f0)
3579	201a51fc	balrog	at -= 0x1f0;
3580	201a51fc	balrog	break;
3581	201a51fc	balrog	case OPT_MODE_IOMAP2:
3582	201a51fc	balrog	if ((at & ~0xf) == 0x370)
3583	201a51fc	balrog	at -= 0x368;
3584	201a51fc	balrog	else if ((at & ~0xf) == 0x170)
3585	201a51fc	balrog	at -= 0x170;
3586	201a51fc	balrog	}
3587	201a51fc	balrog
3588	201a51fc	balrog	switch (at) {
3589	201a51fc	balrog	case 0x0: /* Even RD Data */
3590	201a51fc	balrog	case 0x8:
3591	201a51fc	balrog	return ide_data_readw(s->ide, 0);
3592	201a51fc	balrog
3593	201a51fc	balrog	/* TODO: 8-bit accesses */
3594	201a51fc	balrog	if (s->cycle)
3595	201a51fc	balrog	ret = s->io >> 8;
3596	201a51fc	balrog	else {
3597	201a51fc	balrog	s->io = ide_data_readw(s->ide, 0);
3598	201a51fc	balrog	ret = s->io & 0xff;
3599	201a51fc	balrog	}
3600	201a51fc	balrog	s->cycle = !s->cycle;
3601	201a51fc	balrog	return ret;
3602	201a51fc	balrog	case 0x9: /* Odd RD Data */
3603	201a51fc	balrog	return s->io >> 8;
3604	201a51fc	balrog	case 0xd: /* Error */
3605	201a51fc	balrog	return ide_ioport_read(s->ide, 0x1);
3606	201a51fc	balrog	case 0xe: /* Alternate Status */
3607	201a51fc	balrog	if (s->ide->cur_drive->bs)
3608	201a51fc	balrog	return s->ide->cur_drive->status;
3609	201a51fc	balrog	else
3610	201a51fc	balrog	return 0;
3611	201a51fc	balrog	case 0xf: /* Device Address */
3612	201a51fc	balrog	return 0xc2 \| ((~s->ide->select << 2) & 0x3c);
3613	201a51fc	balrog	default:
3614	201a51fc	balrog	return ide_ioport_read(s->ide, at);
3615	201a51fc	balrog	}
3616	201a51fc	balrog
3617	201a51fc	balrog	return 0;
3618	201a51fc	balrog	}
3619	201a51fc	balrog
3620	9e315fa9	balrog	static void md_common_write(void *opaque, uint32_t at, uint16_t value)
3621	201a51fc	balrog	{
3622	201a51fc	balrog	struct md_s s = (struct md_s ) opaque;
3623	201a51fc	balrog	at -= s->io_base;
3624	201a51fc	balrog
3625	201a51fc	balrog	switch (s->opt & OPT_MODE) {
3626	201a51fc	balrog	case OPT_MODE_MMAP:
3627	201a51fc	balrog	if ((at & ~0x3ff) == 0x400)
3628	201a51fc	balrog	at = 0;
3629	201a51fc	balrog	break;
3630	201a51fc	balrog	case OPT_MODE_IOMAP16:
3631	201a51fc	balrog	at &= 0xf;
3632	201a51fc	balrog	break;
3633	201a51fc	balrog	case OPT_MODE_IOMAP1:
3634	201a51fc	balrog	if ((at & ~0xf) == 0x3f0)
3635	201a51fc	balrog	at -= 0x3e8;
3636	201a51fc	balrog	else if ((at & ~0xf) == 0x1f0)
3637	201a51fc	balrog	at -= 0x1f0;
3638	201a51fc	balrog	break;
3639	201a51fc	balrog	case OPT_MODE_IOMAP2:
3640	201a51fc	balrog	if ((at & ~0xf) == 0x370)
3641	201a51fc	balrog	at -= 0x368;
3642	201a51fc	balrog	else if ((at & ~0xf) == 0x170)
3643	201a51fc	balrog	at -= 0x170;
3644	201a51fc	balrog	}
3645	201a51fc	balrog
3646	201a51fc	balrog	switch (at) {
3647	201a51fc	balrog	case 0x0: /* Even WR Data */
3648	201a51fc	balrog	case 0x8:
3649	201a51fc	balrog	ide_data_writew(s->ide, 0, value);
3650	201a51fc	balrog	break;
3651	201a51fc	balrog
3652	201a51fc	balrog	/* TODO: 8-bit accesses */
3653	201a51fc	balrog	if (s->cycle)
3654	201a51fc	balrog	ide_data_writew(s->ide, 0, s->io \| (value << 8));
3655	201a51fc	balrog	else
3656	201a51fc	balrog	s->io = value & 0xff;
3657	201a51fc	balrog	s->cycle = !s->cycle;
3658	201a51fc	balrog	break;
3659	201a51fc	balrog	case 0x9:
3660	201a51fc	balrog	s->io = value & 0xff;
3661	201a51fc	balrog	s->cycle = !s->cycle;
3662	201a51fc	balrog	break;
3663	201a51fc	balrog	case 0xd: /* Features */
3664	201a51fc	balrog	ide_ioport_write(s->ide, 0x1, value);
3665	201a51fc	balrog	break;
3666	201a51fc	balrog	case 0xe: /* Device Control */
3667	201a51fc	balrog	s->ctrl = value;
3668	201a51fc	balrog	if (value & CTRL_SRST)
3669	201a51fc	balrog	md_reset(s);
3670	201a51fc	balrog	md_interrupt_update(s);
3671	201a51fc	balrog	break;
3672	201a51fc	balrog	default:
3673	201a51fc	balrog	if (s->stat & STAT_PWRDWN) {
3674	201a51fc	balrog	s->pins \|= PINS_CRDY;
3675	201a51fc	balrog	s->stat &= ~STAT_PWRDWN;
3676	201a51fc	balrog	}
3677	201a51fc	balrog	ide_ioport_write(s->ide, at, value);
3678	201a51fc	balrog	}
3679	201a51fc	balrog	}
3680	201a51fc	balrog
3681	aa941b94	balrog	static void md_save(QEMUFile f, void opaque)
3682	aa941b94	balrog	{
3683	aa941b94	balrog	struct md_s s = (struct md_s ) opaque;
3684	aa941b94	balrog	int i;
3685	aa941b94	balrog	uint8_t drive1_selected;
3686	aa941b94	balrog
3687	aa941b94	balrog	qemu_put_8s(f, &s->opt);
3688	aa941b94	balrog	qemu_put_8s(f, &s->stat);
3689	aa941b94	balrog	qemu_put_8s(f, &s->pins);
3690	aa941b94	balrog
3691	aa941b94	balrog	qemu_put_8s(f, &s->ctrl);
3692	aa941b94	balrog	qemu_put_be16s(f, &s->io);
3693	aa941b94	balrog	qemu_put_byte(f, s->cycle);
3694	aa941b94	balrog
3695	aa941b94	balrog	drive1_selected = (s->ide->cur_drive != s->ide);
3696	aa941b94	balrog	qemu_put_8s(f, &s->ide->cmd);
3697	aa941b94	balrog	qemu_put_8s(f, &drive1_selected);
3698	aa941b94	balrog
3699	aa941b94	balrog	for (i = 0; i < 2; i ++)
3700	aa941b94	balrog	ide_save(f, &s->ide[i]);
3701	aa941b94	balrog	}
3702	aa941b94	balrog
3703	aa941b94	balrog	static int md_load(QEMUFile f, void opaque, int version_id)
3704	aa941b94	balrog	{
3705	aa941b94	balrog	struct md_s s = (struct md_s ) opaque;
3706	aa941b94	balrog	int i;
3707	aa941b94	balrog	uint8_t drive1_selected;
3708	aa941b94	balrog
3709	aa941b94	balrog	qemu_get_8s(f, &s->opt);
3710	aa941b94	balrog	qemu_get_8s(f, &s->stat);
3711	aa941b94	balrog	qemu_get_8s(f, &s->pins);
3712	aa941b94	balrog
3713	aa941b94	balrog	qemu_get_8s(f, &s->ctrl);
3714	aa941b94	balrog	qemu_get_be16s(f, &s->io);
3715	aa941b94	balrog	s->cycle = qemu_get_byte(f);
3716	aa941b94	balrog
3717	aa941b94	balrog	qemu_get_8s(f, &s->ide->cmd);
3718	aa941b94	balrog	qemu_get_8s(f, &drive1_selected);
3719	aa941b94	balrog	s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3720	aa941b94	balrog
3721	aa941b94	balrog	for (i = 0; i < 2; i ++)
3722	aa941b94	balrog	ide_load(f, &s->ide[i]);
3723	aa941b94	balrog
3724	aa941b94	balrog	return 0;
3725	aa941b94	balrog	}
3726	aa941b94	balrog
3727	201a51fc	balrog	static const uint8_t dscm1xxxx_cis[0x14a] = {
3728	201a51fc	balrog	[0x000] = CISTPL_DEVICE, /* 5V Device Information */
3729	201a51fc	balrog	[0x002] = 0x03, /* Tuple length = 4 bytes */
3730	201a51fc	balrog	[0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3731	201a51fc	balrog	[0x006] = 0x01, /* Size = 2K bytes */
3732	201a51fc	balrog	[0x008] = CISTPL_ENDMARK,
3733	201a51fc	balrog
3734	201a51fc	balrog	[0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3735	201a51fc	balrog	[0x00c] = 0x04, /* Tuple length = 4 byest */
3736	201a51fc	balrog	[0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3737	201a51fc	balrog	[0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3738	201a51fc	balrog	[0x012] = 0x01, /* Size = 2K bytes */
3739	201a51fc	balrog	[0x014] = CISTPL_ENDMARK,
3740	201a51fc	balrog
3741	201a51fc	balrog	[0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3742	201a51fc	balrog	[0x018] = 0x02, /* Tuple length = 2 bytes */
3743	201a51fc	balrog	[0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3744	201a51fc	balrog	[0x01c] = 0x01,
3745	201a51fc	balrog
3746	201a51fc	balrog	[0x01e] = CISTPL_MANFID, /* Manufacture ID */
3747	201a51fc	balrog	[0x020] = 0x04, /* Tuple length = 4 bytes */
3748	201a51fc	balrog	[0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3749	201a51fc	balrog	[0x024] = 0x00,
3750	201a51fc	balrog	[0x026] = 0x00, /* PLMID_CARD = 0000 */
3751	201a51fc	balrog	[0x028] = 0x00,
3752	201a51fc	balrog
3753	201a51fc	balrog	[0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3754	201a51fc	balrog	[0x02c] = 0x12, /* Tuple length = 23 bytes */
3755	201a51fc	balrog	[0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3756	201a51fc	balrog	[0x030] = 0x01, /* Minor Version = 1 */
3757	201a51fc	balrog	[0x032] = 'I',
3758	201a51fc	balrog	[0x034] = 'B',
3759	201a51fc	balrog	[0x036] = 'M',
3760	201a51fc	balrog	[0x038] = 0x00,
3761	201a51fc	balrog	[0x03a] = 'm',
3762	201a51fc	balrog	[0x03c] = 'i',
3763	201a51fc	balrog	[0x03e] = 'c',
3764	201a51fc	balrog	[0x040] = 'r',
3765	201a51fc	balrog	[0x042] = 'o',
3766	201a51fc	balrog	[0x044] = 'd',
3767	201a51fc	balrog	[0x046] = 'r',
3768	201a51fc	balrog	[0x048] = 'i',
3769	201a51fc	balrog	[0x04a] = 'v',
3770	201a51fc	balrog	[0x04c] = 'e',
3771	201a51fc	balrog	[0x04e] = 0x00,
3772	201a51fc	balrog	[0x050] = CISTPL_ENDMARK,
3773	201a51fc	balrog
3774	201a51fc	balrog	[0x052] = CISTPL_FUNCID, /* Function ID */
3775	201a51fc	balrog	[0x054] = 0x02, /* Tuple length = 2 bytes */
3776	201a51fc	balrog	[0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3777	201a51fc	balrog	[0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3778	201a51fc	balrog
3779	201a51fc	balrog	[0x05a] = CISTPL_FUNCE, /* Function Extension */
3780	201a51fc	balrog	[0x05c] = 0x02, /* Tuple length = 2 bytes */
3781	201a51fc	balrog	[0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3782	201a51fc	balrog	[0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3783	201a51fc	balrog
3784	201a51fc	balrog	[0x062] = CISTPL_FUNCE, /* Function Extension */
3785	201a51fc	balrog	[0x064] = 0x03, /* Tuple length = 3 bytes */
3786	201a51fc	balrog	[0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3787	201a51fc	balrog	[0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3788	201a51fc	balrog	[0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3789	201a51fc	balrog
3790	201a51fc	balrog	[0x06c] = CISTPL_CONFIG, /* Configuration */
3791	201a51fc	balrog	[0x06e] = 0x05, /* Tuple length = 5 bytes */
3792	201a51fc	balrog	[0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3793	201a51fc	balrog	[0x072] = 0x07, /* TPCC_LAST = 7 */
3794	201a51fc	balrog	[0x074] = 0x00, /* TPCC_RADR = 0200 */
3795	201a51fc	balrog	[0x076] = 0x02,
3796	201a51fc	balrog	[0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3797	201a51fc	balrog
3798	201a51fc	balrog	[0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3799	201a51fc	balrog	[0x07c] = 0x0b, /* Tuple length = 11 bytes */
3800	201a51fc	balrog	[0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3801	201a51fc	balrog	[0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3802	201a51fc	balrog	[0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3803	201a51fc	balrog	[0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3804	201a51fc	balrog	[0x086] = 0x55, /* NomV: 5.0 V */
3805	201a51fc	balrog	[0x088] = 0x4d, /* MinV: 4.5 V */
3806	201a51fc	balrog	[0x08a] = 0x5d, /* MaxV: 5.5 V */
3807	201a51fc	balrog	[0x08c] = 0x4e, /* Peakl: 450 mA */
3808	201a51fc	balrog	[0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3809	201a51fc	balrog	[0x090] = 0x00, /* Window descriptor: Window length = 0 */
3810	201a51fc	balrog	[0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3811	201a51fc	balrog
3812	201a51fc	balrog	[0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3813	201a51fc	balrog	[0x096] = 0x06, /* Tuple length = 6 bytes */
3814	201a51fc	balrog	[0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3815	201a51fc	balrog	[0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3816	201a51fc	balrog	[0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3817	201a51fc	balrog	[0x09e] = 0xb5, /* NomV: 3.3 V */
3818	201a51fc	balrog	[0x0a0] = 0x1e,
3819	201a51fc	balrog	[0x0a2] = 0x3e, /* Peakl: 350 mA */
3820	201a51fc	balrog
3821	201a51fc	balrog	[0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3822	201a51fc	balrog	[0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3823	201a51fc	balrog	[0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3824	201a51fc	balrog	[0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3825	201a51fc	balrog	[0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3826	201a51fc	balrog	[0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3827	201a51fc	balrog	[0x0b0] = 0x55, /* NomV: 5.0 V */
3828	201a51fc	balrog	[0x0b2] = 0x4d, /* MinV: 4.5 V */
3829	201a51fc	balrog	[0x0b4] = 0x5d, /* MaxV: 5.5 V */
3830	201a51fc	balrog	[0x0b6] = 0x4e, /* Peakl: 450 mA */
3831	201a51fc	balrog	[0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3832	201a51fc	balrog	[0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3833	201a51fc	balrog	[0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3834	201a51fc	balrog	[0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3835	201a51fc	balrog	[0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3836	201a51fc	balrog
3837	201a51fc	balrog	[0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3838	201a51fc	balrog	[0x0c4] = 0x06, /* Tuple length = 6 bytes */
3839	201a51fc	balrog	[0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3840	201a51fc	balrog	[0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3841	201a51fc	balrog	[0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3842	201a51fc	balrog	[0x0cc] = 0xb5, /* NomV: 3.3 V */
3843	201a51fc	balrog	[0x0ce] = 0x1e,
3844	201a51fc	balrog	[0x0d0] = 0x3e, /* Peakl: 350 mA */
3845	201a51fc	balrog
3846	201a51fc	balrog	[0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3847	201a51fc	balrog	[0x0d4] = 0x12, /* Tuple length = 18 bytes */
3848	201a51fc	balrog	[0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3849	201a51fc	balrog	[0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3850	201a51fc	balrog	[0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3851	201a51fc	balrog	[0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3852	201a51fc	balrog	[0x0de] = 0x55, /* NomV: 5.0 V */
3853	201a51fc	balrog	[0x0e0] = 0x4d, /* MinV: 4.5 V */
3854	201a51fc	balrog	[0x0e2] = 0x5d, /* MaxV: 5.5 V */
3855	201a51fc	balrog	[0x0e4] = 0x4e, /* Peakl: 450 mA */
3856	201a51fc	balrog	[0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3857	201a51fc	balrog	[0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3858	201a51fc	balrog	[0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3859	201a51fc	balrog	[0x0ec] = 0x01,
3860	201a51fc	balrog	[0x0ee] = 0x07, /* Address block length = 8 */
3861	201a51fc	balrog	[0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3862	201a51fc	balrog	[0x0f2] = 0x03,
3863	201a51fc	balrog	[0x0f4] = 0x01, /* Address block length = 2 */
3864	201a51fc	balrog	[0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3865	201a51fc	balrog	[0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3866	201a51fc	balrog
3867	201a51fc	balrog	[0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3868	201a51fc	balrog	[0x0fc] = 0x06, /* Tuple length = 6 bytes */
3869	201a51fc	balrog	[0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3870	201a51fc	balrog	[0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3871	201a51fc	balrog	[0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3872	201a51fc	balrog	[0x104] = 0xb5, /* NomV: 3.3 V */
3873	201a51fc	balrog	[0x106] = 0x1e,
3874	201a51fc	balrog	[0x108] = 0x3e, /* Peakl: 350 mA */
3875	201a51fc	balrog
3876	201a51fc	balrog	[0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3877	201a51fc	balrog	[0x10c] = 0x12, /* Tuple length = 18 bytes */
3878	201a51fc	balrog	[0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3879	201a51fc	balrog	[0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3880	201a51fc	balrog	[0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3881	201a51fc	balrog	[0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3882	201a51fc	balrog	[0x116] = 0x55, /* NomV: 5.0 V */
3883	201a51fc	balrog	[0x118] = 0x4d, /* MinV: 4.5 V */
3884	201a51fc	balrog	[0x11a] = 0x5d, /* MaxV: 5.5 V */
3885	201a51fc	balrog	[0x11c] = 0x4e, /* Peakl: 450 mA */
3886	201a51fc	balrog	[0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3887	201a51fc	balrog	[0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3888	201a51fc	balrog	[0x122] = 0x70, /* Field 1 address = 0x0170 */
3889	201a51fc	balrog	[0x124] = 0x01,
3890	201a51fc	balrog	[0x126] = 0x07, /* Address block length = 8 */
3891	201a51fc	balrog	[0x128] = 0x76, /* Field 2 address = 0x0376 */
3892	201a51fc	balrog	[0x12a] = 0x03,
3893	201a51fc	balrog	[0x12c] = 0x01, /* Address block length = 2 */
3894	201a51fc	balrog	[0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3895	201a51fc	balrog	[0x130] = 0x20, /* TPCE_MI = support power down mode */
3896	201a51fc	balrog
3897	201a51fc	balrog	[0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3898	201a51fc	balrog	[0x134] = 0x06, /* Tuple length = 6 bytes */
3899	201a51fc	balrog	[0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3900	201a51fc	balrog	[0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3901	201a51fc	balrog	[0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3902	201a51fc	balrog	[0x13c] = 0xb5, /* NomV: 3.3 V */
3903	201a51fc	balrog	[0x13e] = 0x1e,
3904	201a51fc	balrog	[0x140] = 0x3e, /* Peakl: 350 mA */
3905	201a51fc	balrog
3906	201a51fc	balrog	[0x142] = CISTPL_NO_LINK, /* No Link */
3907	201a51fc	balrog	[0x144] = 0x00, /* Tuple length = 0 bytes */
3908	201a51fc	balrog
3909	201a51fc	balrog	[0x146] = CISTPL_END, /* Tuple End */
3910	201a51fc	balrog	};
3911	201a51fc	balrog
3912	201a51fc	balrog	static int dscm1xxxx_attach(void *opaque)
3913	201a51fc	balrog	{
3914	201a51fc	balrog	struct md_s md = (struct md_s ) opaque;
3915	201a51fc	balrog	md->card.attr_read = md_attr_read;
3916	201a51fc	balrog	md->card.attr_write = md_attr_write;
3917	201a51fc	balrog	md->card.common_read = md_common_read;
3918	201a51fc	balrog	md->card.common_write = md_common_write;
3919	201a51fc	balrog	md->card.io_read = md_common_read;
3920	201a51fc	balrog	md->card.io_write = md_common_write;
3921	201a51fc	balrog
3922	201a51fc	balrog	md->attr_base = md->card.cis[0x74] \| (md->card.cis[0x76] << 8);
3923	201a51fc	balrog	md->io_base = 0x0;
3924	201a51fc	balrog
3925	201a51fc	balrog	md_reset(md);
3926	201a51fc	balrog	md_interrupt_update(md);
3927	201a51fc	balrog
3928	201a51fc	balrog	md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
3929	201a51fc	balrog	return 0;
3930	201a51fc	balrog	}
3931	201a51fc	balrog
3932	201a51fc	balrog	static int dscm1xxxx_detach(void *opaque)
3933	201a51fc	balrog	{
3934	201a51fc	balrog	struct md_s md = (struct md_s ) opaque;
3935	201a51fc	balrog	md_reset(md);
3936	201a51fc	balrog	return 0;
3937	201a51fc	balrog	}
3938	201a51fc	balrog
3939	201a51fc	balrog	struct pcmcia_card_s dscm1xxxx_init(BlockDriverState bdrv)
3940	201a51fc	balrog	{
3941	201a51fc	balrog	struct md_s md = (struct md_s ) qemu_mallocz(sizeof(struct md_s));
3942	201a51fc	balrog	md->card.state = md;
3943	201a51fc	balrog	md->card.attach = dscm1xxxx_attach;
3944	201a51fc	balrog	md->card.detach = dscm1xxxx_detach;
3945	201a51fc	balrog	md->card.cis = dscm1xxxx_cis;
3946	201a51fc	balrog	md->card.cis_len = sizeof(dscm1xxxx_cis);
3947	201a51fc	balrog
3948	201a51fc	balrog	ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
3949	201a51fc	balrog	md->ide->is_cf = 1;
3950	201a51fc	balrog	md->ide->mdata_size = METADATA_SIZE;
3951	201a51fc	balrog	md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
3952	aa941b94	balrog
3953	18be5187	pbrook	register_savevm("microdrive", -1, 0, md_save, md_load, md);
3954	aa941b94	balrog
3955	201a51fc	balrog	return &md->card;
3956	201a51fc	balrog	}

Archipelago » qemu

root / hw / ide.c @ 1ea879e5