gwj / at91sam9263 · Commits

Commit 5391d8066941d9ed0dc32c3e8e02cfcde6a0c53b

Authored by bellard
1 parent 36b486bb

moved IDE driver to ide.c 


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@445 c046a42c-6fe2-441c-8c8c-71466251a162
Inline Side-by-side
Showing 4 changed files with 1434 additions and 1370 deletions
Makefile.target
  View file @5391d80
@@ -176,7 +176,7 @@ ifeq ($(ARCH),alpha) @@ -176,7 +176,7 @@ ifeq ($(ARCH),alpha)
176 endif 176 endif
177 177
178 # must use static linking to avoid leaving stuff in virtual address space 178 # must use static linking to avoid leaving stuff in virtual address space
179 -VL_OBJS=vl.o block.o vga.o 179 +VL_OBJS=vl.o block.o ide.o vga.o
180 ifdef CONFIG_SDL 180 ifdef CONFIG_SDL
181 VL_OBJS+=sdl.o 181 VL_OBJS+=sdl.o
182 SDL_LIBS+=-L/usr/X11R6/lib -lX11 -lXext -lXv -ldl -lm 182 SDL_LIBS+=-L/usr/X11R6/lib -lX11 -lXext -lXv -ldl -lm
hw/ide.c 0 → 100644
  View file @5391d80
  1 +/*
  2 + * QEMU IDE disk and CD-ROM Emulator
  3 + *
  4 + * Copyright (c) 2003 Fabrice Bellard
  5 + *
  6 + * Permission is hereby granted, free of charge, to any person obtaining a copy
  7 + * of this software and associated documentation files (the "Software"), to deal
  8 + * in the Software without restriction, including without limitation the rights
  9 + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  10 + * copies of the Software, and to permit persons to whom the Software is
  11 + * furnished to do so, subject to the following conditions:
  12 + *
  13 + * The above copyright notice and this permission notice shall be included in
  14 + * all copies or substantial portions of the Software.
  15 + *
  16 + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  17 + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  18 + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
  19 + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  20 + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  21 + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  22 + * THE SOFTWARE.
  23 + */
  24 +#include <stdlib.h>
  25 +#include <stdio.h>
  26 +#include <stdarg.h>
  27 +#include <string.h>
  28 +#include <getopt.h>
  29 +#include <inttypes.h>
  30 +#include <unistd.h>
  31 +#include <sys/mman.h>
  32 +#include <fcntl.h>
  33 +#include <signal.h>
  34 +#include <time.h>
  35 +#include <sys/time.h>
  36 +#include <malloc.h>
  37 +#include <termios.h>
  38 +#include <sys/poll.h>
  39 +#include <errno.h>
  40 +#include <sys/wait.h>
  41 +#include <netinet/in.h>
  42 +
  43 +#include "cpu.h"
  44 +#include "exec-all.h"
  45 +
  46 +#include "vl.h"
  47 +
  48 +#define NO_THUNK_TYPE_SIZE
  49 +#include "thunk.h"
  50 +
  51 +/* debug IDE devices */
  52 +//#define DEBUG_IDE
  53 +//#define DEBUG_IDE_ATAPI
  54 +
  55 +/* Bits of HD_STATUS */
  56 +#define ERR_STAT 0x01
  57 +#define INDEX_STAT 0x02
  58 +#define ECC_STAT 0x04 /* Corrected error */
  59 +#define DRQ_STAT 0x08
  60 +#define SEEK_STAT 0x10
  61 +#define SRV_STAT 0x10
  62 +#define WRERR_STAT 0x20
  63 +#define READY_STAT 0x40
  64 +#define BUSY_STAT 0x80
  65 +
  66 +/* Bits for HD_ERROR */
  67 +#define MARK_ERR 0x01 /* Bad address mark */
  68 +#define TRK0_ERR 0x02 /* couldn't find track 0 */
  69 +#define ABRT_ERR 0x04 /* Command aborted */
  70 +#define MCR_ERR 0x08 /* media change request */
  71 +#define ID_ERR 0x10 /* ID field not found */
  72 +#define MC_ERR 0x20 /* media changed */
  73 +#define ECC_ERR 0x40 /* Uncorrectable ECC error */
  74 +#define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
  75 +#define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
  76 +
  77 +/* Bits of HD_NSECTOR */
  78 +#define CD 0x01
  79 +#define IO 0x02
  80 +#define REL 0x04
  81 +#define TAG_MASK 0xf8
  82 +
  83 +#define IDE_CMD_RESET 0x04
  84 +#define IDE_CMD_DISABLE_IRQ 0x02
  85 +
  86 +/* ATA/ATAPI Commands pre T13 Spec */
  87 +#define WIN_NOP 0x00
  88 +/*
  89 + * 0x01->0x02 Reserved
  90 + */
  91 +#define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
  92 +/*
  93 + * 0x04->0x07 Reserved
  94 + */
  95 +#define WIN_SRST 0x08 /* ATAPI soft reset command */
  96 +#define WIN_DEVICE_RESET 0x08
  97 +/*
  98 + * 0x09->0x0F Reserved
  99 + */
  100 +#define WIN_RECAL 0x10
  101 +#define WIN_RESTORE WIN_RECAL
  102 +/*
  103 + * 0x10->0x1F Reserved
  104 + */
  105 +#define WIN_READ 0x20 /* 28-Bit */
  106 +#define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
  107 +#define WIN_READ_LONG 0x22 /* 28-Bit */
  108 +#define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
  109 +#define WIN_READ_EXT 0x24 /* 48-Bit */
  110 +#define WIN_READDMA_EXT 0x25 /* 48-Bit */
  111 +#define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
  112 +#define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
  113 +/*
  114 + * 0x28
  115 + */
  116 +#define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
  117 +/*
  118 + * 0x2A->0x2F Reserved
  119 + */
  120 +#define WIN_WRITE 0x30 /* 28-Bit */
  121 +#define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
  122 +#define WIN_WRITE_LONG 0x32 /* 28-Bit */
  123 +#define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
  124 +#define WIN_WRITE_EXT 0x34 /* 48-Bit */
  125 +#define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
  126 +#define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
  127 +#define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
  128 +#define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
  129 +#define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
  130 +/*
  131 + * 0x3A->0x3B Reserved
  132 + */
  133 +#define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
  134 +/*
  135 + * 0x3D->0x3F Reserved
  136 + */
  137 +#define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
  138 +#define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
  139 +#define WIN_VERIFY_EXT 0x42 /* 48-Bit */
  140 +/*
  141 + * 0x43->0x4F Reserved
  142 + */
  143 +#define WIN_FORMAT 0x50
  144 +/*
  145 + * 0x51->0x5F Reserved
  146 + */
  147 +#define WIN_INIT 0x60
  148 +/*
  149 + * 0x61->0x5F Reserved
  150 + */
  151 +#define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
  152 +#define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
  153 +#define WIN_DIAGNOSE 0x90
  154 +#define WIN_SPECIFY 0x91 /* set drive geometry translation */
  155 +#define WIN_DOWNLOAD_MICROCODE 0x92
  156 +#define WIN_STANDBYNOW2 0x94
  157 +#define WIN_STANDBY2 0x96
  158 +#define WIN_SETIDLE2 0x97
  159 +#define WIN_CHECKPOWERMODE2 0x98
  160 +#define WIN_SLEEPNOW2 0x99
  161 +/*
  162 + * 0x9A VENDOR
  163 + */
  164 +#define WIN_PACKETCMD 0xA0 /* Send a packet command. */
  165 +#define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
  166 +#define WIN_QUEUED_SERVICE 0xA2
  167 +#define WIN_SMART 0xB0 /* self-monitoring and reporting */
  168 +#define CFA_ERASE_SECTORS 0xC0
  169 +#define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
  170 +#define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
  171 +#define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
  172 +#define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
  173 +#define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
  174 +#define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
  175 +#define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
  176 +#define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
  177 +#define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
  178 +#define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
  179 +#define WIN_GETMEDIASTATUS 0xDA
  180 +#define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
  181 +#define WIN_POSTBOOT 0xDC
  182 +#define WIN_PREBOOT 0xDD
  183 +#define WIN_DOORLOCK 0xDE /* lock door on removable drives */
  184 +#define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
  185 +#define WIN_STANDBYNOW1 0xE0
  186 +#define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
  187 +#define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
  188 +#define WIN_SETIDLE1 0xE3
  189 +#define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
  190 +#define WIN_CHECKPOWERMODE1 0xE5
  191 +#define WIN_SLEEPNOW1 0xE6
  192 +#define WIN_FLUSH_CACHE 0xE7
  193 +#define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
  194 +#define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
  195 + /* SET_FEATURES 0x22 or 0xDD */
  196 +#define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
  197 +#define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
  198 +#define WIN_MEDIAEJECT 0xED
  199 +#define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
  200 +#define WIN_SETFEATURES 0xEF /* set special drive features */
  201 +#define EXABYTE_ENABLE_NEST 0xF0
  202 +#define WIN_SECURITY_SET_PASS 0xF1
  203 +#define WIN_SECURITY_UNLOCK 0xF2
  204 +#define WIN_SECURITY_ERASE_PREPARE 0xF3
  205 +#define WIN_SECURITY_ERASE_UNIT 0xF4
  206 +#define WIN_SECURITY_FREEZE_LOCK 0xF5
  207 +#define WIN_SECURITY_DISABLE 0xF6
  208 +#define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
  209 +#define WIN_SET_MAX 0xF9
  210 +#define DISABLE_SEAGATE 0xFB
  211 +
  212 +/* set to 1 set disable mult support */
  213 +#define MAX_MULT_SECTORS 8
  214 +
  215 +/* ATAPI defines */
  216 +
  217 +#define ATAPI_PACKET_SIZE 12
  218 +
  219 +/* The generic packet command opcodes for CD/DVD Logical Units,
  220 + * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
  221 +#define GPCMD_BLANK 0xa1
  222 +#define GPCMD_CLOSE_TRACK 0x5b
  223 +#define GPCMD_FLUSH_CACHE 0x35
  224 +#define GPCMD_FORMAT_UNIT 0x04
  225 +#define GPCMD_GET_CONFIGURATION 0x46
  226 +#define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
  227 +#define GPCMD_GET_PERFORMANCE 0xac
  228 +#define GPCMD_INQUIRY 0x12
  229 +#define GPCMD_LOAD_UNLOAD 0xa6
  230 +#define GPCMD_MECHANISM_STATUS 0xbd
  231 +#define GPCMD_MODE_SELECT_10 0x55
  232 +#define GPCMD_MODE_SENSE_10 0x5a
  233 +#define GPCMD_PAUSE_RESUME 0x4b
  234 +#define GPCMD_PLAY_AUDIO_10 0x45
  235 +#define GPCMD_PLAY_AUDIO_MSF 0x47
  236 +#define GPCMD_PLAY_AUDIO_TI 0x48
  237 +#define GPCMD_PLAY_CD 0xbc
  238 +#define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
  239 +#define GPCMD_READ_10 0x28
  240 +#define GPCMD_READ_12 0xa8
  241 +#define GPCMD_READ_CDVD_CAPACITY 0x25
  242 +#define GPCMD_READ_CD 0xbe
  243 +#define GPCMD_READ_CD_MSF 0xb9
  244 +#define GPCMD_READ_DISC_INFO 0x51
  245 +#define GPCMD_READ_DVD_STRUCTURE 0xad
  246 +#define GPCMD_READ_FORMAT_CAPACITIES 0x23
  247 +#define GPCMD_READ_HEADER 0x44
  248 +#define GPCMD_READ_TRACK_RZONE_INFO 0x52
  249 +#define GPCMD_READ_SUBCHANNEL 0x42
  250 +#define GPCMD_READ_TOC_PMA_ATIP 0x43
  251 +#define GPCMD_REPAIR_RZONE_TRACK 0x58
  252 +#define GPCMD_REPORT_KEY 0xa4
  253 +#define GPCMD_REQUEST_SENSE 0x03
  254 +#define GPCMD_RESERVE_RZONE_TRACK 0x53
  255 +#define GPCMD_SCAN 0xba
  256 +#define GPCMD_SEEK 0x2b
  257 +#define GPCMD_SEND_DVD_STRUCTURE 0xad
  258 +#define GPCMD_SEND_EVENT 0xa2
  259 +#define GPCMD_SEND_KEY 0xa3
  260 +#define GPCMD_SEND_OPC 0x54
  261 +#define GPCMD_SET_READ_AHEAD 0xa7
  262 +#define GPCMD_SET_STREAMING 0xb6
  263 +#define GPCMD_START_STOP_UNIT 0x1b
  264 +#define GPCMD_STOP_PLAY_SCAN 0x4e
  265 +#define GPCMD_TEST_UNIT_READY 0x00
  266 +#define GPCMD_VERIFY_10 0x2f
  267 +#define GPCMD_WRITE_10 0x2a
  268 +#define GPCMD_WRITE_AND_VERIFY_10 0x2e
  269 +/* This is listed as optional in ATAPI 2.6, but is (curiously)
  270 + * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
  271 + * Table 377 as an MMC command for SCSi devices though... Most ATAPI
  272 + * drives support it. */
  273 +#define GPCMD_SET_SPEED 0xbb
  274 +/* This seems to be a SCSI specific CD-ROM opcode
  275 + * to play data at track/index */
  276 +#define GPCMD_PLAYAUDIO_TI 0x48
  277 +/*
  278 + * From MS Media Status Notification Support Specification. For
  279 + * older drives only.
  280 + */
  281 +#define GPCMD_GET_MEDIA_STATUS 0xda
  282 +
  283 +/* Mode page codes for mode sense/set */
  284 +#define GPMODE_R_W_ERROR_PAGE 0x01
  285 +#define GPMODE_WRITE_PARMS_PAGE 0x05
  286 +#define GPMODE_AUDIO_CTL_PAGE 0x0e
  287 +#define GPMODE_POWER_PAGE 0x1a
  288 +#define GPMODE_FAULT_FAIL_PAGE 0x1c
  289 +#define GPMODE_TO_PROTECT_PAGE 0x1d
  290 +#define GPMODE_CAPABILITIES_PAGE 0x2a
  291 +#define GPMODE_ALL_PAGES 0x3f
  292 +/* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
  293 + * of MODE_SENSE_POWER_PAGE */
  294 +#define GPMODE_CDROM_PAGE 0x0d
  295 +
  296 +#define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
  297 +#define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
  298 +#define ATAPI_INT_REASON_REL 0x04
  299 +#define ATAPI_INT_REASON_TAG 0xf8
  300 +
  301 +/* same constants as bochs */
  302 +#define ASC_LOGICAL_BLOCK_OOR 0x21
  303 +#define ASC_INV_FIELD_IN_CMD_PACKET 0x24
  304 +#define ASC_MEDIUM_NOT_PRESENT 0x3a
  305 +#define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
  306 +
  307 +#define SENSE_NONE 0
  308 +#define SENSE_NOT_READY 2
  309 +#define SENSE_ILLEGAL_REQUEST 5
  310 +#define SENSE_UNIT_ATTENTION 6
  311 +
  312 +struct IDEState;
  313 +
  314 +typedef void EndTransferFunc(struct IDEState *);
  315 +
  316 +typedef struct IDEState {
  317 + /* ide config */
  318 + int is_cdrom;
  319 + int cdrom_locked;
  320 + int cylinders, heads, sectors;
  321 + int64_t nb_sectors;
  322 + int mult_sectors;
  323 + int irq;
  324 + /* ide regs */
  325 + uint8_t feature;
  326 + uint8_t error;
  327 + uint16_t nsector; /* 0 is 256 to ease computations */
  328 + uint8_t sector;
  329 + uint8_t lcyl;
  330 + uint8_t hcyl;
  331 + uint8_t select;
  332 + uint8_t status;
  333 + /* 0x3f6 command, only meaningful for drive 0 */
  334 + uint8_t cmd;
  335 + /* depends on bit 4 in select, only meaningful for drive 0 */
  336 + struct IDEState *cur_drive;
  337 + BlockDriverState *bs;
  338 + /* ATAPI specific */
  339 + uint8_t sense_key;
  340 + uint8_t asc;
  341 + int packet_transfer_size;
  342 + int elementary_transfer_size;
  343 + int io_buffer_index;
  344 + int lba;
  345 + /* transfer handling */
  346 + int req_nb_sectors; /* number of sectors per interrupt */
  347 + EndTransferFunc *end_transfer_func;
  348 + uint8_t *data_ptr;
  349 + uint8_t *data_end;
  350 + uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
  351 +} IDEState;
  352 +
  353 +IDEState ide_state[MAX_DISKS];
  354 +IDEState *ide_table[0x400 >> 3];
  355 +
  356 +static inline IDEState *get_ide_interface(uint32_t addr)
  357 +{
  358 + return ide_table[addr >> 3];
  359 +}
  360 +
  361 +static void padstr(char *str, const char *src, int len)
  362 +{
  363 + int i, v;
  364 + for(i = 0; i < len; i++) {
  365 + if (*src)
  366 + v = *src++;
  367 + else
  368 + v = ' ';
  369 + *(char *)((long)str ^ 1) = v;
  370 + str++;
  371 + }
  372 +}
  373 +
  374 +static void ide_identify(IDEState *s)
  375 +{
  376 + uint16_t *p;
  377 + unsigned int oldsize;
  378 +
  379 + memset(s->io_buffer, 0, 512);
  380 + p = (uint16_t *)s->io_buffer;
  381 + stw_raw(p + 0, 0x0040);
  382 + stw_raw(p + 1, s->cylinders);
  383 + stw_raw(p + 3, s->heads);
  384 + stw_raw(p + 4, 512 * s->sectors); /* sectors */
  385 + stw_raw(p + 5, 512); /* sector size */
  386 + stw_raw(p + 6, s->sectors);
  387 + padstr((uint8_t *)(p + 10), "QM00001", 20); /* serial number */
  388 + stw_raw(p + 20, 3); /* buffer type */
  389 + stw_raw(p + 21, 512); /* cache size in sectors */
  390 + stw_raw(p + 22, 4); /* ecc bytes */
  391 + padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
  392 + padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
  393 +#if MAX_MULT_SECTORS > 1
  394 + stw_raw(p + 47, MAX_MULT_SECTORS);
  395 +#endif
  396 + stw_raw(p + 48, 1); /* dword I/O */
  397 + stw_raw(p + 49, 1 << 9); /* LBA supported, no DMA */
  398 + stw_raw(p + 51, 0x200); /* PIO transfer cycle */
  399 + stw_raw(p + 52, 0x200); /* DMA transfer cycle */
  400 + stw_raw(p + 54, s->cylinders);
  401 + stw_raw(p + 55, s->heads);
  402 + stw_raw(p + 56, s->sectors);
  403 + oldsize = s->cylinders * s->heads * s->sectors;
  404 + stw_raw(p + 57, oldsize);
  405 + stw_raw(p + 58, oldsize >> 16);
  406 + if (s->mult_sectors)
  407 + stw_raw(p + 59, 0x100 | s->mult_sectors);
  408 + stw_raw(p + 60, s->nb_sectors);
  409 + stw_raw(p + 61, s->nb_sectors >> 16);
  410 + stw_raw(p + 80, (1 << 1) | (1 << 2));
  411 + stw_raw(p + 82, (1 << 14));
  412 + stw_raw(p + 83, (1 << 14));
  413 + stw_raw(p + 84, (1 << 14));
  414 + stw_raw(p + 85, (1 << 14));
  415 + stw_raw(p + 86, 0);
  416 + stw_raw(p + 87, (1 << 14));
  417 +}
  418 +
  419 +static void ide_atapi_identify(IDEState *s)
  420 +{
  421 + uint16_t *p;
  422 +
  423 + memset(s->io_buffer, 0, 512);
  424 + p = (uint16_t *)s->io_buffer;
  425 + /* Removable CDROM, 50us response, 12 byte packets */
  426 + stw_raw(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
  427 + stw_raw(p + 1, s->cylinders);
  428 + stw_raw(p + 3, s->heads);
  429 + stw_raw(p + 4, 512 * s->sectors); /* sectors */
  430 + stw_raw(p + 5, 512); /* sector size */
  431 + stw_raw(p + 6, s->sectors);
  432 + padstr((uint8_t *)(p + 10), "QM00001", 20); /* serial number */
  433 + stw_raw(p + 20, 3); /* buffer type */
  434 + stw_raw(p + 21, 512); /* cache size in sectors */
  435 + stw_raw(p + 22, 4); /* ecc bytes */
  436 + padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
  437 + padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
  438 + stw_raw(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
  439 + stw_raw(p + 49, 1 << 9); /* LBA supported, no DMA */
  440 + stw_raw(p + 53, 3); /* words 64-70, 54-58 valid */
  441 + stw_raw(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
  442 + stw_raw(p + 64, 1); /* PIO modes */
  443 + stw_raw(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
  444 + stw_raw(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
  445 + stw_raw(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
  446 + stw_raw(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
  447 +
  448 + stw_raw(p + 71, 30); /* in ns */
  449 + stw_raw(p + 72, 30); /* in ns */
  450 +
  451 + stw_raw(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
  452 +}
  453 +
  454 +static void ide_set_signature(IDEState *s)
  455 +{
  456 + s->select &= 0xf0; /* clear head */
  457 + /* put signature */
  458 + s->nsector = 1;
  459 + s->sector = 1;
  460 + if (s->is_cdrom) {
  461 + s->lcyl = 0x14;
  462 + s->hcyl = 0xeb;
  463 + } else if (s->bs) {
  464 + s->lcyl = 0;
  465 + s->hcyl = 0;
  466 + } else {
  467 + s->lcyl = 0xff;
  468 + s->hcyl = 0xff;
  469 + }
  470 +}
  471 +
  472 +static inline void ide_abort_command(IDEState *s)
  473 +{
  474 + s->status = READY_STAT | ERR_STAT;
  475 + s->error = ABRT_ERR;
  476 +}
  477 +
  478 +static inline void ide_set_irq(IDEState *s)
  479 +{
  480 + if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
  481 + pic_set_irq(s->irq, 1);
  482 + }
  483 +}
  484 +
  485 +/* prepare data transfer and tell what to do after */
  486 +static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
  487 + EndTransferFunc *end_transfer_func)
  488 +{
  489 + s->end_transfer_func = end_transfer_func;
  490 + s->data_ptr = buf;
  491 + s->data_end = buf + size;
  492 + s->status |= DRQ_STAT;
  493 +}
  494 +
  495 +static void ide_transfer_stop(IDEState *s)
  496 +{
  497 + s->end_transfer_func = ide_transfer_stop;
  498 + s->data_ptr = s->io_buffer;
  499 + s->data_end = s->io_buffer;
  500 + s->status &= ~DRQ_STAT;
  501 +}
  502 +
  503 +static int64_t ide_get_sector(IDEState *s)
  504 +{
  505 + int64_t sector_num;
  506 + if (s->select & 0x40) {
  507 + /* lba */
  508 + sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
  509 + (s->lcyl << 8) | s->sector;
  510 + } else {
  511 + sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
  512 + (s->select & 0x0f) * s->sectors +
  513 + (s->sector - 1);
  514 + }
  515 + return sector_num;
  516 +}
  517 +
  518 +static void ide_set_sector(IDEState *s, int64_t sector_num)
  519 +{
  520 + unsigned int cyl, r;
  521 + if (s->select & 0x40) {
  522 + s->select = (s->select & 0xf0) | (sector_num >> 24);
  523 + s->hcyl = (sector_num >> 16);
  524 + s->lcyl = (sector_num >> 8);
  525 + s->sector = (sector_num);
  526 + } else {
  527 + cyl = sector_num / (s->heads * s->sectors);
  528 + r = sector_num % (s->heads * s->sectors);
  529 + s->hcyl = cyl >> 8;
  530 + s->lcyl = cyl;
  531 + s->select = (s->select & 0xf0) | (r / s->sectors);
  532 + s->sector = (r % s->sectors) + 1;
  533 + }
  534 +}
  535 +
  536 +static void ide_sector_read(IDEState *s)
  537 +{
  538 + int64_t sector_num;
  539 + int ret, n;
  540 +
  541 + s->status = READY_STAT | SEEK_STAT;
  542 + sector_num = ide_get_sector(s);
  543 + n = s->nsector;
  544 + if (n == 0) {
  545 + /* no more sector to read from disk */
  546 + ide_transfer_stop(s);
  547 + } else {
  548 +#if defined(DEBUG_IDE)
  549 + printf("read sector=%Ld\n", sector_num);
  550 +#endif
  551 + if (n > s->req_nb_sectors)
  552 + n = s->req_nb_sectors;
  553 + ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
  554 + ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
  555 + ide_set_irq(s);
  556 + ide_set_sector(s, sector_num + n);
  557 + s->nsector -= n;
  558 + }
  559 +}
  560 +
  561 +static void ide_sector_write(IDEState *s)
  562 +{
  563 + int64_t sector_num;
  564 + int ret, n, n1;
  565 +
  566 + s->status = READY_STAT | SEEK_STAT;
  567 + sector_num = ide_get_sector(s);
  568 +#if defined(DEBUG_IDE)
  569 + printf("write sector=%Ld\n", sector_num);
  570 +#endif
  571 + n = s->nsector;
  572 + if (n > s->req_nb_sectors)
  573 + n = s->req_nb_sectors;
  574 + ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
  575 + s->nsector -= n;
  576 + if (s->nsector == 0) {
  577 + /* no more sector to write */
  578 + ide_transfer_stop(s);
  579 + } else {
  580 + n1 = s->nsector;
  581 + if (n1 > s->req_nb_sectors)
  582 + n1 = s->req_nb_sectors;
  583 + ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
  584 + }
  585 + ide_set_sector(s, sector_num + n);
  586 + ide_set_irq(s);
  587 +}
  588 +
  589 +static void ide_atapi_cmd_ok(IDEState *s)
  590 +{
  591 + s->error = 0;
  592 + s->status = READY_STAT;
  593 + s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
  594 + ide_set_irq(s);
  595 +}
  596 +
  597 +static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
  598 +{
  599 +#ifdef DEBUG_IDE_ATAPI
  600 + printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
  601 +#endif
  602 + s->error = sense_key << 4;
  603 + s->status = READY_STAT | ERR_STAT;
  604 + s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
  605 + s->sense_key = sense_key;
  606 + s->asc = asc;
  607 + ide_set_irq(s);
  608 +}
  609 +
  610 +static inline void cpu_to_ube16(uint8_t *buf, int val)
  611 +{
  612 + buf[0] = val >> 8;
  613 + buf[1] = val;
  614 +}
  615 +
  616 +static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
  617 +{
  618 + buf[0] = val >> 24;
  619 + buf[1] = val >> 16;
  620 + buf[2] = val >> 8;
  621 + buf[3] = val;
  622 +}
  623 +
  624 +static inline int ube16_to_cpu(const uint8_t *buf)
  625 +{
  626 + return (buf[0] << 8) | buf[1];
  627 +}
  628 +
  629 +static inline int ube32_to_cpu(const uint8_t *buf)
  630 +{
  631 + return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
  632 +}
  633 +
  634 +/* The whole ATAPI transfer logic is handled in this function */
  635 +static void ide_atapi_cmd_reply_end(IDEState *s)
  636 +{
  637 + int byte_count_limit, size;
  638 +#ifdef DEBUG_IDE_ATAPI
  639 + printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
  640 + s->packet_transfer_size,
  641 + s->elementary_transfer_size,
  642 + s->io_buffer_index);
  643 +#endif
  644 + if (s->packet_transfer_size <= 0) {
  645 + /* end of transfer */
  646 + ide_transfer_stop(s);
  647 + s->status = READY_STAT;
  648 + s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
  649 + ide_set_irq(s);
  650 +#ifdef DEBUG_IDE_ATAPI
  651 + printf("status=0x%x\n", s->status);
  652 +#endif
  653 + } else {
  654 + /* see if a new sector must be read */
  655 + if (s->lba != -1 && s->io_buffer_index >= 2048) {
  656 + bdrv_read(s->bs, (int64_t)s->lba << 2, s->io_buffer, 4);
  657 + s->lba++;
  658 + s->io_buffer_index = 0;
  659 + }
  660 + if (s->elementary_transfer_size > 0) {
  661 + /* there are some data left to transmit in this elementary
  662 + transfer */
  663 + size = 2048 - s->io_buffer_index;
  664 + if (size > s->elementary_transfer_size)
  665 + size = s->elementary_transfer_size;
  666 + ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
  667 + size, ide_atapi_cmd_reply_end);
  668 + s->packet_transfer_size -= size;
  669 + s->elementary_transfer_size -= size;
  670 + s->io_buffer_index += size;
  671 + } else {
  672 + /* a new transfer is needed */
  673 + s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
  674 + byte_count_limit = s->lcyl | (s->hcyl << 8);
  675 +#ifdef DEBUG_IDE_ATAPI
  676 + printf("byte_count_limit=%d\n", byte_count_limit);
  677 +#endif
  678 + if (byte_count_limit == 0xffff)
  679 + byte_count_limit--;
  680 + size = s->packet_transfer_size;
  681 + if (size > byte_count_limit) {
  682 + /* byte count limit must be even if this case */
  683 + if (byte_count_limit & 1)
  684 + byte_count_limit--;
  685 + size = byte_count_limit;
  686 + } else {
  687 + s->lcyl = size;
  688 + s->hcyl = size >> 8;
  689 + }
  690 + s->elementary_transfer_size = size;
  691 + /* we cannot transmit more than one sector at a time */
  692 + if (s->lba != -1) {
  693 + if (size > (2048 - s->io_buffer_index))
  694 + size = (2048 - s->io_buffer_index);
  695 + }
  696 + ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
  697 + size, ide_atapi_cmd_reply_end);
  698 + s->packet_transfer_size -= size;
  699 + s->elementary_transfer_size -= size;
  700 + s->io_buffer_index += size;
  701 + ide_set_irq(s);
  702 +#ifdef DEBUG_IDE_ATAPI
  703 + printf("status=0x%x\n", s->status);
  704 +#endif
  705 + }
  706 + }
  707 +}
  708 +
  709 +/* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
  710 +static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
  711 +{
  712 + if (size > max_size)
  713 + size = max_size;
  714 + s->lba = -1; /* no sector read */
  715 + s->packet_transfer_size = size;
  716 + s->elementary_transfer_size = 0;
  717 + s->io_buffer_index = 0;
  718 +
  719 + s->status = READY_STAT;
  720 + ide_atapi_cmd_reply_end(s);
  721 +}
  722 +
  723 +/* start a CD-CDROM read command */
  724 +static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors)
  725 +{
  726 +#ifdef DEBUG_IDE_ATAPI
  727 + printf("read: LBA=%d nb_sectors=%d\n", lba, nb_sectors);
  728 +#endif
  729 + s->lba = lba;
  730 + s->packet_transfer_size = nb_sectors * 2048;
  731 + s->elementary_transfer_size = 0;
  732 + s->io_buffer_index = 2048;
  733 +
  734 + s->status = READY_STAT;
  735 + ide_atapi_cmd_reply_end(s);
  736 +}
  737 +
  738 +/* same toc as bochs. Return -1 if error or the toc length */
  739 +static int cdrom_read_toc(IDEState *s, uint8_t *buf, int msf, int start_track)
  740 +{
  741 + uint8_t *q;
  742 + int nb_sectors, len;
  743 +
  744 + if (start_track > 1 && start_track != 0xaa)
  745 + return -1;
  746 + q = buf + 2;
  747 + *q++ = 1;
  748 + *q++ = 1;
  749 + if (start_track <= 1) {
  750 + *q++ = 0; /* reserved */
  751 + *q++ = 0x14; /* ADR, control */
  752 + *q++ = 1; /* track number */
  753 + *q++ = 0; /* reserved */
  754 + if (msf) {
  755 + *q++ = 0; /* reserved */
  756 + *q++ = 0; /* minute */
  757 + *q++ = 2; /* second */
  758 + *q++ = 0; /* frame */
  759 + } else {
  760 + /* sector 0 */
  761 + cpu_to_ube32(q, 0);
  762 + q += 4;
  763 + }
  764 + }
  765 + /* lead out track */
  766 + *q++ = 0; /* reserved */
  767 + *q++ = 0x16; /* ADR, control */
  768 + *q++ = 0xaa; /* track number */
  769 + *q++ = 0; /* reserved */
  770 + nb_sectors = s->nb_sectors >> 2;
  771 + if (msf) {
  772 + *q++ = 0; /* reserved */
  773 + *q++ = ((nb_sectors + 150) / 75) / 60;
  774 + *q++ = ((nb_sectors + 150) / 75) % 60;
  775 + *q++ = (nb_sectors + 150) % 75;
  776 + } else {
  777 + cpu_to_ube32(q, nb_sectors);
  778 + q += 4;
  779 + }
  780 + len = q - buf;
  781 + cpu_to_ube16(buf, len - 2);
  782 + return len;
  783 +}
  784 +
  785 +static void ide_atapi_cmd(IDEState *s)
  786 +{
  787 + const uint8_t *packet;
  788 + uint8_t *buf;
  789 + int max_len;
  790 +
  791 + packet = s->io_buffer;
  792 + buf = s->io_buffer;
  793 +#ifdef DEBUG_IDE_ATAPI
  794 + {
  795 + int i;
  796 + printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
  797 + for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
  798 + printf(" %02x", packet[i]);
  799 + }
  800 + printf("\n");
  801 + }
  802 +#endif
  803 + switch(s->io_buffer[0]) {
  804 + case GPCMD_TEST_UNIT_READY:
  805 + if (s->bs) {
  806 + ide_atapi_cmd_ok(s);
  807 + } else {
  808 + ide_atapi_cmd_error(s, SENSE_NOT_READY,
  809 + ASC_MEDIUM_NOT_PRESENT);
  810 + }
  811 + break;
  812 + case GPCMD_MODE_SENSE_10:
  813 + {
  814 + int action, code;
  815 + max_len = ube16_to_cpu(packet + 7);
  816 + action = packet[2] >> 6;
  817 + code = packet[2] & 0x3f;
  818 + switch(action) {
  819 + case 0: /* current values */
  820 + switch(code) {
  821 + case 0x01: /* error recovery */
  822 + cpu_to_ube16(&buf[0], 16 + 6);
  823 + buf[2] = 0x70;
  824 + buf[3] = 0;
  825 + buf[4] = 0;
  826 + buf[5] = 0;
  827 + buf[6] = 0;
  828 + buf[7] = 0;
  829 +
  830 + buf[8] = 0x01;
  831 + buf[9] = 0x06;
  832 + buf[10] = 0x00;
  833 + buf[11] = 0x05;
  834 + buf[12] = 0x00;
  835 + buf[13] = 0x00;
  836 + buf[14] = 0x00;
  837 + buf[15] = 0x00;
  838 + ide_atapi_cmd_reply(s, 16, max_len);
  839 + break;
  840 + case 0x2a:
  841 + cpu_to_ube16(&buf[0], 28 + 6);
  842 + buf[2] = 0x70;
  843 + buf[3] = 0;
  844 + buf[4] = 0;
  845 + buf[5] = 0;
  846 + buf[6] = 0;
  847 + buf[7] = 0;
  848 +
  849 + buf[8] = 0x2a;
  850 + buf[9] = 0x12;
  851 + buf[10] = 0x00;
  852 + buf[11] = 0x00;
  853 +
  854 + buf[12] = 0x70;
  855 + buf[13] = 3 << 5;
  856 + buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
  857 + if (s->cdrom_locked)
  858 + buf[6] |= 1 << 1;
  859 + buf[15] = 0x00;
  860 + cpu_to_ube16(&buf[16], 706);
  861 + buf[18] = 0;
  862 + buf[19] = 2;
  863 + cpu_to_ube16(&buf[20], 512);
  864 + cpu_to_ube16(&buf[22], 706);
  865 + buf[24] = 0;
  866 + buf[25] = 0;
  867 + buf[26] = 0;
  868 + buf[27] = 0;
  869 + ide_atapi_cmd_reply(s, 28, max_len);
  870 + break;
  871 + default:
  872 + goto error_cmd;
  873 + }
  874 + break;
  875 + case 1: /* changeable values */
  876 + goto error_cmd;
  877 + case 2: /* default values */
  878 + goto error_cmd;
  879 + default:
  880 + case 3: /* saved values */
  881 + ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
  882 + ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
  883 + break;
  884 + }
  885 + }
  886 + break;
  887 + case GPCMD_REQUEST_SENSE:
  888 + max_len = packet[4];
  889 + memset(buf, 0, 18);
  890 + buf[0] = 0x70 | (1 << 7);
  891 + buf[2] = s->sense_key;
  892 + buf[7] = 10;
  893 + buf[12] = s->asc;
  894 + ide_atapi_cmd_reply(s, 18, max_len);
  895 + break;
  896 + case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
  897 + if (s->bs) {
  898 + s->cdrom_locked = packet[4] & 1;
  899 + ide_atapi_cmd_ok(s);
  900 + } else {
  901 + ide_atapi_cmd_error(s, SENSE_NOT_READY,
  902 + ASC_MEDIUM_NOT_PRESENT);
  903 + }
  904 + break;
  905 + case GPCMD_READ_10:
  906 + case GPCMD_READ_12:
  907 + {
  908 + int nb_sectors, lba;
  909 +
  910 + if (!s->bs) {
  911 + ide_atapi_cmd_error(s, SENSE_NOT_READY,
  912 + ASC_MEDIUM_NOT_PRESENT);
  913 + break;
  914 + }
  915 + if (packet[0] == GPCMD_READ_10)
  916 + nb_sectors = ube16_to_cpu(packet + 7);
  917 + else
  918 + nb_sectors = ube32_to_cpu(packet + 6);
  919 + lba = ube32_to_cpu(packet + 2);
  920 + if (nb_sectors == 0) {
  921 + ide_atapi_cmd_ok(s);
  922 + break;
  923 + }
  924 + if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
  925 + ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
  926 + ASC_LOGICAL_BLOCK_OOR);
  927 + break;
  928 + }
  929 + ide_atapi_cmd_read(s, lba, nb_sectors);
  930 + }
  931 + break;
  932 + case GPCMD_SEEK:
  933 + {
  934 + int lba;
  935 + if (!s->bs) {
  936 + ide_atapi_cmd_error(s, SENSE_NOT_READY,
  937 + ASC_MEDIUM_NOT_PRESENT);
  938 + break;
  939 + }
  940 + lba = ube32_to_cpu(packet + 2);
  941 + if (((int64_t)lba << 2) > s->nb_sectors) {
  942 + ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
  943 + ASC_LOGICAL_BLOCK_OOR);
  944 + break;
  945 + }
  946 + ide_atapi_cmd_ok(s);
  947 + }
  948 + break;
  949 + case GPCMD_START_STOP_UNIT:
  950 + {
  951 + int start, eject;
  952 + start = packet[4] & 1;
  953 + eject = (packet[4] >> 1) & 1;
  954 +
  955 + /* XXX: currently none implemented */
  956 + ide_atapi_cmd_ok(s);
  957 + }
  958 + break;
  959 + case GPCMD_MECHANISM_STATUS:
  960 + {
  961 + max_len = ube16_to_cpu(packet + 8);
  962 + cpu_to_ube16(buf, 0);
  963 + /* no current LBA */
  964 + buf[2] = 0;
  965 + buf[3] = 0;
  966 + buf[4] = 0;
  967 + buf[5] = 1;
  968 + cpu_to_ube16(buf + 6, 0);
  969 + ide_atapi_cmd_reply(s, 8, max_len);
  970 + }
  971 + break;
  972 + case GPCMD_READ_TOC_PMA_ATIP:
  973 + {
  974 + int format, msf, start_track, len;
  975 +
  976 + if (!s->bs) {
  977 + ide_atapi_cmd_error(s, SENSE_NOT_READY,
  978 + ASC_MEDIUM_NOT_PRESENT);
  979 + break;
  980 + }
  981 + max_len = ube16_to_cpu(packet + 7);
  982 + format = packet[9] >> 6;
  983 + msf = (packet[1] >> 1) & 1;
  984 + start_track = packet[6];
  985 + switch(format) {
  986 + case 0:
  987 + len = cdrom_read_toc(s, buf, msf, start_track);
  988 + if (len < 0)
  989 + goto error_cmd;
  990 + ide_atapi_cmd_reply(s, len, max_len);
  991 + break;
  992 + case 1:
  993 + /* multi session : only a single session defined */
  994 + memset(buf, 0, 12);
  995 + buf[1] = 0x0a;
  996 + buf[2] = 0x01;
  997 + buf[3] = 0x01;
  998 + ide_atapi_cmd_reply(s, 12, max_len);
  999 + break;
  1000 + default:
  1001 + goto error_cmd;
  1002 + }
  1003 + }
  1004 + break;
  1005 + case GPCMD_READ_CDVD_CAPACITY:
  1006 + if (!s->bs) {
  1007 + ide_atapi_cmd_error(s, SENSE_NOT_READY,
  1008 + ASC_MEDIUM_NOT_PRESENT);
  1009 + break;
  1010 + }
  1011 + /* NOTE: it is really the number of sectors minus 1 */
  1012 + cpu_to_ube32(buf, (s->nb_sectors >> 2) - 1);
  1013 + cpu_to_ube32(buf + 4, 2048);
  1014 + ide_atapi_cmd_reply(s, 8, 8);
  1015 + break;
  1016 + default:
  1017 + error_cmd:
  1018 + ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
  1019 + ASC_INV_FIELD_IN_CMD_PACKET);
  1020 + break;
  1021 + }
  1022 +}
  1023 +
  1024 +static void ide_ioport_write(CPUX86State *env, uint32_t addr, uint32_t val)
  1025 +{
  1026 + IDEState *ide_if = get_ide_interface(addr);
  1027 + IDEState *s = ide_if->cur_drive;
  1028 + int unit, n;
  1029 +
  1030 +#ifdef DEBUG_IDE
  1031 + printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
  1032 +#endif
  1033 + addr &= 7;
  1034 + switch(addr) {
  1035 + case 0:
  1036 + break;
  1037 + case 1:
  1038 + s->feature = val;
  1039 + break;
  1040 + case 2:
  1041 + if (val == 0)
  1042 + val = 256;
  1043 + s->nsector = val;
  1044 + break;
  1045 + case 3:
  1046 + s->sector = val;
  1047 + break;
  1048 + case 4:
  1049 + s->lcyl = val;
  1050 + break;
  1051 + case 5:
  1052 + s->hcyl = val;
  1053 + break;
  1054 + case 6:
  1055 + /* select drive */
  1056 + unit = (val >> 4) & 1;
  1057 + s = ide_if + unit;
  1058 + ide_if->cur_drive = s;
  1059 + s->select = val;
  1060 + break;
  1061 + default:
  1062 + case 7:
  1063 + /* command */
  1064 +#if defined(DEBUG_IDE)
  1065 + printf("ide: CMD=%02x\n", val);
  1066 +#endif
  1067 + switch(val) {
  1068 + case WIN_IDENTIFY:
  1069 + if (s->bs && !s->is_cdrom) {
  1070 + ide_identify(s);
  1071 + s->status = READY_STAT;
  1072 + ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
  1073 + } else {
  1074 + if (s->is_cdrom) {
  1075 + ide_set_signature(s);
  1076 + }
  1077 + ide_abort_command(s);
  1078 + }
  1079 + ide_set_irq(s);
  1080 + break;
  1081 + case WIN_SPECIFY:
  1082 + case WIN_RECAL:
  1083 + s->status = READY_STAT;
  1084 + ide_set_irq(s);
  1085 + break;
  1086 + case WIN_SETMULT:
  1087 + if (s->nsector > MAX_MULT_SECTORS ||
  1088 + s->nsector == 0 ||
  1089 + (s->nsector & (s->nsector - 1)) != 0) {
  1090 + ide_abort_command(s);
  1091 + } else {
  1092 + s->mult_sectors = s->nsector;
  1093 + s->status = READY_STAT;
  1094 + }
  1095 + ide_set_irq(s);
  1096 + break;
  1097 + case WIN_READ:
  1098 + case WIN_READ_ONCE:
  1099 + s->req_nb_sectors = 1;
  1100 + ide_sector_read(s);
  1101 + break;
  1102 + case WIN_WRITE:
  1103 + case WIN_WRITE_ONCE:
  1104 + s->status = SEEK_STAT;
  1105 + s->req_nb_sectors = 1;
  1106 + ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
  1107 + break;
  1108 + case WIN_MULTREAD:
  1109 + if (!s->mult_sectors)
  1110 + goto abort_cmd;
  1111 + s->req_nb_sectors = s->mult_sectors;
  1112 + ide_sector_read(s);
  1113 + break;
  1114 + case WIN_MULTWRITE:
  1115 + if (!s->mult_sectors)
  1116 + goto abort_cmd;
  1117 + s->status = SEEK_STAT;
  1118 + s->req_nb_sectors = s->mult_sectors;
  1119 + n = s->nsector;
  1120 + if (n > s->req_nb_sectors)
  1121 + n = s->req_nb_sectors;
  1122 + ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
  1123 + break;
  1124 + case WIN_READ_NATIVE_MAX:
  1125 + ide_set_sector(s, s->nb_sectors - 1);
  1126 + s->status = READY_STAT;
  1127 + ide_set_irq(s);
  1128 + break;
  1129 +
  1130 + /* ATAPI commands */
  1131 + case WIN_PIDENTIFY:
  1132 + if (s->is_cdrom) {
  1133 + ide_atapi_identify(s);
  1134 + s->status = READY_STAT;
  1135 + ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
  1136 + } else {
  1137 + ide_abort_command(s);
  1138 + }
  1139 + ide_set_irq(s);
  1140 + break;
  1141 + case WIN_SRST:
  1142 + if (!s->is_cdrom)
  1143 + goto abort_cmd;
  1144 + ide_set_signature(s);
  1145 + s->status = READY_STAT;
  1146 + s->error = 0x01;
  1147 + break;
  1148 + case WIN_PACKETCMD:
  1149 + if (!s->is_cdrom)
  1150 + goto abort_cmd;
  1151 + /* DMA or overlapping commands not supported */
  1152 + if ((s->feature & 0x03) != 0)
  1153 + goto abort_cmd;
  1154 + s->nsector = 1;
  1155 + ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
  1156 + ide_atapi_cmd);
  1157 + break;
  1158 + default:
  1159 + abort_cmd:
  1160 + ide_abort_command(s);
  1161 + ide_set_irq(s);
  1162 + break;
  1163 + }
  1164 + }
  1165 +}
  1166 +
  1167 +static uint32_t ide_ioport_read(CPUX86State *env, uint32_t addr1)
  1168 +{
  1169 + IDEState *s = get_ide_interface(addr1)->cur_drive;
  1170 + uint32_t addr;
  1171 + int ret;
  1172 +
  1173 + addr = addr1 & 7;
  1174 + switch(addr) {
  1175 + case 0:
  1176 + ret = 0xff;
  1177 + break;
  1178 + case 1:
  1179 + ret = s->error;
  1180 + break;
  1181 + case 2:
  1182 + ret = s->nsector & 0xff;
  1183 + break;
  1184 + case 3:
  1185 + ret = s->sector;
  1186 + break;
  1187 + case 4:
  1188 + ret = s->lcyl;
  1189 + break;
  1190 + case 5:
  1191 + ret = s->hcyl;
  1192 + break;
  1193 + case 6:
  1194 + ret = s->select;
  1195 + break;
  1196 + default:
  1197 + case 7:
  1198 + ret = s->status;
  1199 + pic_set_irq(s->irq, 0);
  1200 + break;
  1201 + }
  1202 +#ifdef DEBUG_IDE
  1203 + printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
  1204 +#endif
  1205 + return ret;
  1206 +}
  1207 +
  1208 +static uint32_t ide_status_read(CPUX86State *env, uint32_t addr)
  1209 +{
  1210 + IDEState *s = get_ide_interface(addr)->cur_drive;
  1211 + int ret;
  1212 + ret = s->status;
  1213 +#ifdef DEBUG_IDE
  1214 + printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
  1215 +#endif
  1216 + return ret;
  1217 +}
  1218 +
  1219 +static void ide_cmd_write(CPUX86State *env, uint32_t addr, uint32_t val)
  1220 +{
  1221 + IDEState *ide_if = get_ide_interface(addr);
  1222 + IDEState *s;
  1223 + int i;
  1224 +
  1225 +#ifdef DEBUG_IDE
  1226 + printf("ide: write control addr=0x%x val=%02x\n", addr, val);
  1227 +#endif
  1228 + /* common for both drives */
  1229 + if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
  1230 + (val & IDE_CMD_RESET)) {
  1231 + /* reset low to high */
  1232 + for(i = 0;i < 2; i++) {
  1233 + s = &ide_if[i];
  1234 + s->status = BUSY_STAT | SEEK_STAT;
  1235 + s->error = 0x01;
  1236 + }
  1237 + } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
  1238 + !(val & IDE_CMD_RESET)) {
  1239 + /* high to low */
  1240 + for(i = 0;i < 2; i++) {
  1241 + s = &ide_if[i];
  1242 + s->status = READY_STAT;
  1243 + ide_set_signature(s);
  1244 + }
  1245 + }
  1246 +
  1247 + ide_if[0].cmd = val;
  1248 + ide_if[1].cmd = val;
  1249 +}
  1250 +
  1251 +static void ide_data_writew(CPUX86State *env, uint32_t addr, uint32_t val)
  1252 +{
  1253 + IDEState *s = get_ide_interface(addr)->cur_drive;
  1254 + uint8_t *p;
  1255 +
  1256 + p = s->data_ptr;
  1257 + *(uint16_t *)p = tswap16(val);
  1258 + p += 2;
  1259 + s->data_ptr = p;
  1260 + if (p >= s->data_end)
  1261 + s->end_transfer_func(s);
  1262 +}
  1263 +
  1264 +static uint32_t ide_data_readw(CPUX86State *env, uint32_t addr)
  1265 +{
  1266 + IDEState *s = get_ide_interface(addr)->cur_drive;
  1267 + uint8_t *p;
  1268 + int ret;
  1269 + p = s->data_ptr;
  1270 + ret = tswap16(*(uint16_t *)p);
  1271 + p += 2;
  1272 + s->data_ptr = p;
  1273 + if (p >= s->data_end)
  1274 + s->end_transfer_func(s);
  1275 + return ret;
  1276 +}
  1277 +
  1278 +static void ide_data_writel(CPUX86State *env, uint32_t addr, uint32_t val)
  1279 +{
  1280 + IDEState *s = get_ide_interface(addr)->cur_drive;
  1281 + uint8_t *p;
  1282 +
  1283 + p = s->data_ptr;
  1284 + *(uint32_t *)p = tswap32(val);
  1285 + p += 4;
  1286 + s->data_ptr = p;
  1287 + if (p >= s->data_end)
  1288 + s->end_transfer_func(s);
  1289 +}
  1290 +
  1291 +static uint32_t ide_data_readl(CPUX86State *env, uint32_t addr)
  1292 +{
  1293 + IDEState *s = get_ide_interface(addr)->cur_drive;
  1294 + uint8_t *p;
  1295 + int ret;
  1296 +
  1297 + p = s->data_ptr;
  1298 + ret = tswap32(*(uint32_t *)p);
  1299 + p += 4;
  1300 + s->data_ptr = p;
  1301 + if (p >= s->data_end)
  1302 + s->end_transfer_func(s);
  1303 + return ret;
  1304 +}
  1305 +
  1306 +static void ide_reset(IDEState *s)
  1307 +{
  1308 + s->mult_sectors = MAX_MULT_SECTORS;
  1309 + s->cur_drive = s;
  1310 + s->select = 0xa0;
  1311 + s->status = READY_STAT;
  1312 + ide_set_signature(s);
  1313 +}
  1314 +
  1315 +struct partition {
  1316 + uint8_t boot_ind; /* 0x80 - active */
  1317 + uint8_t head; /* starting head */
  1318 + uint8_t sector; /* starting sector */
  1319 + uint8_t cyl; /* starting cylinder */
  1320 + uint8_t sys_ind; /* What partition type */
  1321 + uint8_t end_head; /* end head */
  1322 + uint8_t end_sector; /* end sector */
  1323 + uint8_t end_cyl; /* end cylinder */
  1324 + uint32_t start_sect; /* starting sector counting from 0 */
  1325 + uint32_t nr_sects; /* nr of sectors in partition */
  1326 +} __attribute__((packed));
  1327 +
  1328 +/* try to guess the IDE geometry from the MSDOS partition table */
  1329 +static void ide_guess_geometry(IDEState *s)
  1330 +{
  1331 + uint8_t buf[512];
  1332 + int ret, i;
  1333 + struct partition *p;
  1334 + uint32_t nr_sects;
  1335 +
  1336 + if (s->cylinders != 0)
  1337 + return;
  1338 + ret = bdrv_read(s->bs, 0, buf, 1);
  1339 + if (ret < 0)
  1340 + return;
  1341 + /* test msdos magic */
  1342 + if (buf[510] != 0x55 || buf[511] != 0xaa)
  1343 + return;
  1344 + for(i = 0; i < 4; i++) {
  1345 + p = ((struct partition *)(buf + 0x1be)) + i;
  1346 + nr_sects = tswap32(p->nr_sects);
  1347 + if (nr_sects && p->end_head) {
  1348 + /* We make the assumption that the partition terminates on
  1349 + a cylinder boundary */
  1350 + s->heads = p->end_head + 1;
  1351 + s->sectors = p->end_sector & 63;
  1352 + s->cylinders = s->nb_sectors / (s->heads * s->sectors);
  1353 +#if 0
  1354 + printf("guessed partition: CHS=%d %d %d\n",
  1355 + s->cylinders, s->heads, s->sectors);
  1356 +#endif
  1357 + }
  1358 + }
  1359 +}
  1360 +
  1361 +void ide_init(void)
  1362 +{
  1363 + IDEState *s;
  1364 + int i, cylinders, iobase, iobase2;
  1365 + int64_t nb_sectors;
  1366 + static const int ide_iobase[2] = { 0x1f0, 0x170 };
  1367 + static const int ide_iobase2[2] = { 0x3f6, 0x376 };
  1368 + static const int ide_irq[2] = { 14, 15 };
  1369 +
  1370 + for(i = 0; i < MAX_DISKS; i++) {
  1371 + s = &ide_state[i];
  1372 + s->bs = bs_table[i];
  1373 + if (s->bs) {
  1374 + bdrv_get_geometry(s->bs, &nb_sectors);
  1375 + s->nb_sectors = nb_sectors;
  1376 + ide_guess_geometry(s);
  1377 + if (s->cylinders == 0) {
  1378 + /* if no geometry, use a LBA compatible one */
  1379 + cylinders = nb_sectors / (16 * 63);
  1380 + if (cylinders > 16383)
  1381 + cylinders = 16383;
  1382 + else if (cylinders < 2)
  1383 + cylinders = 2;
  1384 + s->cylinders = cylinders;
  1385 + s->heads = 16;
  1386 + s->sectors = 63;
  1387 + }
  1388 + }
  1389 + s->irq = ide_irq[i >> 1];
  1390 + ide_reset(s);
  1391 + }
  1392 + for(i = 0; i < (MAX_DISKS / 2); i++) {
  1393 + iobase = ide_iobase[i];
  1394 + iobase2 = ide_iobase2[i];
  1395 + ide_table[iobase >> 3] = &ide_state[2 * i];
  1396 + if (ide_iobase2[i])
  1397 + ide_table[iobase2 >> 3] = &ide_state[2 * i];
  1398 + register_ioport_write(iobase, 8, ide_ioport_write, 1);
  1399 + register_ioport_read(iobase, 8, ide_ioport_read, 1);
  1400 + register_ioport_read(iobase2, 1, ide_status_read, 1);
  1401 + register_ioport_write(iobase2, 1, ide_cmd_write, 1);
  1402 +
  1403 + /* data ports */
  1404 + register_ioport_write(iobase, 2, ide_data_writew, 2);
  1405 + register_ioport_read(iobase, 2, ide_data_readw, 2);
  1406 + register_ioport_write(iobase, 4, ide_data_writel, 4);
  1407 + register_ioport_read(iobase, 4, ide_data_readl, 4);
  1408 + }
  1409 +}
  1410 +
  1411 +void ide_set_geometry(int n, int cyls, int heads, int secs)
  1412 +{
  1413 + ide_state[n].cylinders = cyls;
  1414 + ide_state[n].heads = heads;
  1415 + ide_state[n].sectors = secs;
  1416 +}
  1417 +
  1418 +void ide_set_cdrom(int n, int is_cdrom)
  1419 +{
  1420 + ide_state[n].is_cdrom = is_cdrom;
  1421 +}
@@ -61,10 +61,6 @@ @@ -61,10 +61,6 @@
61 /* output Bochs bios info messages */ 61 /* output Bochs bios info messages */
62 //#define DEBUG_BIOS 62 //#define DEBUG_BIOS
63 63
64 -/* debug IDE devices */  
65 -//#define DEBUG_IDE  
66 -//#define DEBUG_IDE_ATAPI  
67 -  
68 /* debug PIC */ 64 /* debug PIC */
69 //#define DEBUG_PIC 65 //#define DEBUG_PIC
70 66
@@ -86,8 +82,6 @@ @@ -86,8 +82,6 @@
86 82
87 #define GUI_REFRESH_INTERVAL 30 83 #define GUI_REFRESH_INTERVAL 30
88 84
89 -#define MAX_DISKS 4  
90 -  
91 /* from plex86 (BSD license) */ 85 /* from plex86 (BSD license) */
92 struct __attribute__ ((packed)) linux_params { 86 struct __attribute__ ((packed)) linux_params {
93 // For 0x00..0x3f, see 'struct screen_info' in linux/include/linux/tty.h. 87 // For 0x00..0x3f, see 'struct screen_info' in linux/include/linux/tty.h.
@@ -1865,1365 +1859,6 @@ void ne2000_init(void) @@ -1865,1365 +1859,6 @@ void ne2000_init(void)
1865 } 1859 }
1866 1860
1867 /***********************************************************/ 1861 /***********************************************************/
1868 -/* ide emulation */  
1869 -  
1870 -/* Bits of HD_STATUS */  
1871 -#define ERR_STAT 0x01  
1872 -#define INDEX_STAT 0x02  
1873 -#define ECC_STAT 0x04 /* Corrected error */  
1874 -#define DRQ_STAT 0x08  
1875 -#define SEEK_STAT 0x10  
1876 -#define SRV_STAT 0x10  
1877 -#define WRERR_STAT 0x20  
1878 -#define READY_STAT 0x40  
1879 -#define BUSY_STAT 0x80  
1880 -  
1881 -/* Bits for HD_ERROR */  
1882 -#define MARK_ERR 0x01 /* Bad address mark */  
1883 -#define TRK0_ERR 0x02 /* couldn't find track 0 */  
1884 -#define ABRT_ERR 0x04 /* Command aborted */  
1885 -#define MCR_ERR 0x08 /* media change request */  
1886 -#define ID_ERR 0x10 /* ID field not found */  
1887 -#define MC_ERR 0x20 /* media changed */  
1888 -#define ECC_ERR 0x40 /* Uncorrectable ECC error */  
1889 -#define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */  
1890 -#define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */  
1891 -  
1892 -/* Bits of HD_NSECTOR */  
1893 -#define CD 0x01  
1894 -#define IO 0x02  
1895 -#define REL 0x04  
1896 -#define TAG_MASK 0xf8  
1897 -  
1898 -#define IDE_CMD_RESET 0x04  
1899 -#define IDE_CMD_DISABLE_IRQ 0x02  
1900 -  
1901 -/* ATA/ATAPI Commands pre T13 Spec */  
1902 -#define WIN_NOP 0x00  
1903 -/*  
1904 - * 0x01->0x02 Reserved  
1905 - */  
1906 -#define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */  
1907 -/*  
1908 - * 0x04->0x07 Reserved  
1909 - */  
1910 -#define WIN_SRST 0x08 /* ATAPI soft reset command */  
1911 -#define WIN_DEVICE_RESET 0x08  
1912 -/*  
1913 - * 0x09->0x0F Reserved  
1914 - */  
1915 -#define WIN_RECAL 0x10  
1916 -#define WIN_RESTORE WIN_RECAL  
1917 -/*  
1918 - * 0x10->0x1F Reserved  
1919 - */  
1920 -#define WIN_READ 0x20 /* 28-Bit */  
1921 -#define WIN_READ_ONCE 0x21 /* 28-Bit without retries */  
1922 -#define WIN_READ_LONG 0x22 /* 28-Bit */  
1923 -#define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */  
1924 -#define WIN_READ_EXT 0x24 /* 48-Bit */  
1925 -#define WIN_READDMA_EXT 0x25 /* 48-Bit */  
1926 -#define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */  
1927 -#define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */  
1928 -/*  
1929 - * 0x28  
1930 - */  
1931 -#define WIN_MULTREAD_EXT 0x29 /* 48-Bit */  
1932 -/*  
1933 - * 0x2A->0x2F Reserved  
1934 - */  
1935 -#define WIN_WRITE 0x30 /* 28-Bit */  
1936 -#define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */  
1937 -#define WIN_WRITE_LONG 0x32 /* 28-Bit */  
1938 -#define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */  
1939 -#define WIN_WRITE_EXT 0x34 /* 48-Bit */  
1940 -#define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */  
1941 -#define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */  
1942 -#define WIN_SET_MAX_EXT 0x37 /* 48-Bit */  
1943 -#define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */  
1944 -#define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */  
1945 -/*  
1946 - * 0x3A->0x3B Reserved  
1947 - */  
1948 -#define WIN_WRITE_VERIFY 0x3C /* 28-Bit */  
1949 -/*  
1950 - * 0x3D->0x3F Reserved  
1951 - */  
1952 -#define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */  
1953 -#define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */  
1954 -#define WIN_VERIFY_EXT 0x42 /* 48-Bit */  
1955 -/*  
1956 - * 0x43->0x4F Reserved  
1957 - */  
1958 -#define WIN_FORMAT 0x50  
1959 -/*  
1960 - * 0x51->0x5F Reserved  
1961 - */  
1962 -#define WIN_INIT 0x60  
1963 -/*  
1964 - * 0x61->0x5F Reserved  
1965 - */  
1966 -#define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */  
1967 -#define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */  
1968 -#define WIN_DIAGNOSE 0x90  
1969 -#define WIN_SPECIFY 0x91 /* set drive geometry translation */  
1970 -#define WIN_DOWNLOAD_MICROCODE 0x92  
1971 -#define WIN_STANDBYNOW2 0x94  
1972 -#define WIN_STANDBY2 0x96  
1973 -#define WIN_SETIDLE2 0x97  
1974 -#define WIN_CHECKPOWERMODE2 0x98  
1975 -#define WIN_SLEEPNOW2 0x99  
1976 -/*  
1977 - * 0x9A VENDOR  
1978 - */  
1979 -#define WIN_PACKETCMD 0xA0 /* Send a packet command. */  
1980 -#define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */  
1981 -#define WIN_QUEUED_SERVICE 0xA2  
1982 -#define WIN_SMART 0xB0 /* self-monitoring and reporting */  
1983 -#define CFA_ERASE_SECTORS 0xC0  
1984 -#define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/  
1985 -#define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */  
1986 -#define WIN_SETMULT 0xC6 /* enable/disable multiple mode */  
1987 -#define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */  
1988 -#define WIN_READDMA 0xC8 /* read sectors using DMA transfers */  
1989 -#define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */  
1990 -#define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */  
1991 -#define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */  
1992 -#define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */  
1993 -#define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */  
1994 -#define WIN_GETMEDIASTATUS 0xDA  
1995 -#define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */  
1996 -#define WIN_POSTBOOT 0xDC  
1997 -#define WIN_PREBOOT 0xDD  
1998 -#define WIN_DOORLOCK 0xDE /* lock door on removable drives */  
1999 -#define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */  
2000 -#define WIN_STANDBYNOW1 0xE0  
2001 -#define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */  
2002 -#define WIN_STANDBY 0xE2 /* Set device in Standby Mode */  
2003 -#define WIN_SETIDLE1 0xE3  
2004 -#define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */  
2005 -#define WIN_CHECKPOWERMODE1 0xE5  
2006 -#define WIN_SLEEPNOW1 0xE6  
2007 -#define WIN_FLUSH_CACHE 0xE7  
2008 -#define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */  
2009 -#define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */  
2010 - /* SET_FEATURES 0x22 or 0xDD */  
2011 -#define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */  
2012 -#define WIN_IDENTIFY 0xEC /* ask drive to identify itself */  
2013 -#define WIN_MEDIAEJECT 0xED  
2014 -#define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */  
2015 -#define WIN_SETFEATURES 0xEF /* set special drive features */  
2016 -#define EXABYTE_ENABLE_NEST 0xF0  
2017 -#define WIN_SECURITY_SET_PASS 0xF1  
2018 -#define WIN_SECURITY_UNLOCK 0xF2  
2019 -#define WIN_SECURITY_ERASE_PREPARE 0xF3  
2020 -#define WIN_SECURITY_ERASE_UNIT 0xF4  
2021 -#define WIN_SECURITY_FREEZE_LOCK 0xF5  
2022 -#define WIN_SECURITY_DISABLE 0xF6  
2023 -#define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */  
2024 -#define WIN_SET_MAX 0xF9  
2025 -#define DISABLE_SEAGATE 0xFB  
2026 -  
2027 -/* set to 1 set disable mult support */  
2028 -#define MAX_MULT_SECTORS 8  
2029 -  
2030 -/* ATAPI defines */  
2031 -  
2032 -#define ATAPI_PACKET_SIZE 12  
2033 -  
2034 -/* The generic packet command opcodes for CD/DVD Logical Units,  
2035 - * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */  
2036 -#define GPCMD_BLANK 0xa1  
2037 -#define GPCMD_CLOSE_TRACK 0x5b  
2038 -#define GPCMD_FLUSH_CACHE 0x35  
2039 -#define GPCMD_FORMAT_UNIT 0x04  
2040 -#define GPCMD_GET_CONFIGURATION 0x46  
2041 -#define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a  
2042 -#define GPCMD_GET_PERFORMANCE 0xac  
2043 -#define GPCMD_INQUIRY 0x12  
2044 -#define GPCMD_LOAD_UNLOAD 0xa6  
2045 -#define GPCMD_MECHANISM_STATUS 0xbd  
2046 -#define GPCMD_MODE_SELECT_10 0x55  
2047 -#define GPCMD_MODE_SENSE_10 0x5a  
2048 -#define GPCMD_PAUSE_RESUME 0x4b  
2049 -#define GPCMD_PLAY_AUDIO_10 0x45  
2050 -#define GPCMD_PLAY_AUDIO_MSF 0x47  
2051 -#define GPCMD_PLAY_AUDIO_TI 0x48  
2052 -#define GPCMD_PLAY_CD 0xbc  
2053 -#define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e  
2054 -#define GPCMD_READ_10 0x28  
2055 -#define GPCMD_READ_12 0xa8  
2056 -#define GPCMD_READ_CDVD_CAPACITY 0x25  
2057 -#define GPCMD_READ_CD 0xbe  
2058 -#define GPCMD_READ_CD_MSF 0xb9  
2059 -#define GPCMD_READ_DISC_INFO 0x51  
2060 -#define GPCMD_READ_DVD_STRUCTURE 0xad  
2061 -#define GPCMD_READ_FORMAT_CAPACITIES 0x23  
2062 -#define GPCMD_READ_HEADER 0x44  
2063 -#define GPCMD_READ_TRACK_RZONE_INFO 0x52  
2064 -#define GPCMD_READ_SUBCHANNEL 0x42  
2065 -#define GPCMD_READ_TOC_PMA_ATIP 0x43  
2066 -#define GPCMD_REPAIR_RZONE_TRACK 0x58  
2067 -#define GPCMD_REPORT_KEY 0xa4  
2068 -#define GPCMD_REQUEST_SENSE 0x03  
2069 -#define GPCMD_RESERVE_RZONE_TRACK 0x53  
2070 -#define GPCMD_SCAN 0xba  
2071 -#define GPCMD_SEEK 0x2b  
2072 -#define GPCMD_SEND_DVD_STRUCTURE 0xad  
2073 -#define GPCMD_SEND_EVENT 0xa2  
2074 -#define GPCMD_SEND_KEY 0xa3  
2075 -#define GPCMD_SEND_OPC 0x54  
2076 -#define GPCMD_SET_READ_AHEAD 0xa7  
2077 -#define GPCMD_SET_STREAMING 0xb6  
2078 -#define GPCMD_START_STOP_UNIT 0x1b  
2079 -#define GPCMD_STOP_PLAY_SCAN 0x4e  
2080 -#define GPCMD_TEST_UNIT_READY 0x00  
2081 -#define GPCMD_VERIFY_10 0x2f  
2082 -#define GPCMD_WRITE_10 0x2a  
2083 -#define GPCMD_WRITE_AND_VERIFY_10 0x2e  
2084 -/* This is listed as optional in ATAPI 2.6, but is (curiously)  
2085 - * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji  
2086 - * Table 377 as an MMC command for SCSi devices though... Most ATAPI  
2087 - * drives support it. */  
2088 -#define GPCMD_SET_SPEED 0xbb  
2089 -/* This seems to be a SCSI specific CD-ROM opcode  
2090 - * to play data at track/index */  
2091 -#define GPCMD_PLAYAUDIO_TI 0x48  
2092 -/*  
2093 - * From MS Media Status Notification Support Specification. For  
2094 - * older drives only.  
2095 - */  
2096 -#define GPCMD_GET_MEDIA_STATUS 0xda  
2097 -  
2098 -/* Mode page codes for mode sense/set */  
2099 -#define GPMODE_R_W_ERROR_PAGE 0x01  
2100 -#define GPMODE_WRITE_PARMS_PAGE 0x05  
2101 -#define GPMODE_AUDIO_CTL_PAGE 0x0e  
2102 -#define GPMODE_POWER_PAGE 0x1a  
2103 -#define GPMODE_FAULT_FAIL_PAGE 0x1c  
2104 -#define GPMODE_TO_PROTECT_PAGE 0x1d  
2105 -#define GPMODE_CAPABILITIES_PAGE 0x2a  
2106 -#define GPMODE_ALL_PAGES 0x3f  
2107 -/* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor  
2108 - * of MODE_SENSE_POWER_PAGE */  
2109 -#define GPMODE_CDROM_PAGE 0x0d  
2110 -  
2111 -#define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */  
2112 -#define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */  
2113 -#define ATAPI_INT_REASON_REL 0x04  
2114 -#define ATAPI_INT_REASON_TAG 0xf8  
2115 -  
2116 -/* same constants as bochs */  
2117 -#define ASC_LOGICAL_BLOCK_OOR 0x21  
2118 -#define ASC_INV_FIELD_IN_CMD_PACKET 0x24  
2119 -#define ASC_MEDIUM_NOT_PRESENT 0x3a  
2120 -#define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39  
2121 -  
2122 -#define SENSE_NONE 0  
2123 -#define SENSE_NOT_READY 2  
2124 -#define SENSE_ILLEGAL_REQUEST 5  
2125 -#define SENSE_UNIT_ATTENTION 6  
2126 -  
2127 -struct IDEState;  
2128 -  
2129 -typedef void EndTransferFunc(struct IDEState *);  
2130 -  
2131 -typedef struct IDEState {  
2132 - /* ide config */  
2133 - int is_cdrom;  
2134 - int cdrom_locked;  
2135 - int cylinders, heads, sectors;  
2136 - int64_t nb_sectors;  
2137 - int mult_sectors;  
2138 - int irq;  
2139 - /* ide regs */  
2140 - uint8_t feature;  
2141 - uint8_t error;  
2142 - uint16_t nsector; /* 0 is 256 to ease computations */  
2143 - uint8_t sector;  
2144 - uint8_t lcyl;  
2145 - uint8_t hcyl;  
2146 - uint8_t select;  
2147 - uint8_t status;  
2148 - /* 0x3f6 command, only meaningful for drive 0 */  
2149 - uint8_t cmd;  
2150 - /* depends on bit 4 in select, only meaningful for drive 0 */  
2151 - struct IDEState *cur_drive;  
2152 - BlockDriverState *bs;  
2153 - /* ATAPI specific */  
2154 - uint8_t sense_key;  
2155 - uint8_t asc;  
2156 - int packet_transfer_size;  
2157 - int elementary_transfer_size;  
2158 - int io_buffer_index;  
2159 - int lba;  
2160 - /* transfer handling */  
2161 - int req_nb_sectors; /* number of sectors per interrupt */  
2162 - EndTransferFunc *end_transfer_func;  
2163 - uint8_t *data_ptr;  
2164 - uint8_t *data_end;  
2165 - uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];  
2166 -} IDEState;  
2167 -  
2168 -IDEState ide_state[MAX_DISKS];  
2169 -IDEState *ide_table[0x400 >> 3];  
2170 -  
2171 -static inline IDEState *get_ide_interface(uint32_t addr)  
2172 -{  
2173 - return ide_table[addr >> 3];  
2174 -}  
2175 -  
2176 -static void padstr(char *str, const char *src, int len)  
2177 -{  
2178 - int i, v;  
2179 - for(i = 0; i < len; i++) {  
2180 - if (*src)  
2181 - v = *src++;  
2182 - else  
2183 - v = ' ';  
2184 - *(char *)((long)str ^ 1) = v;  
2185 - str++;  
2186 - }  
2187 -}  
2188 -  
2189 -static void ide_identify(IDEState *s)  
2190 -{  
2191 - uint16_t *p;  
2192 - unsigned int oldsize;  
2193 -  
2194 - memset(s->io_buffer, 0, 512);  
2195 - p = (uint16_t *)s->io_buffer;  
2196 - stw_raw(p + 0, 0x0040);  
2197 - stw_raw(p + 1, s->cylinders);  
2198 - stw_raw(p + 3, s->heads);  
2199 - stw_raw(p + 4, 512 * s->sectors); /* sectors */  
2200 - stw_raw(p + 5, 512); /* sector size */  
2201 - stw_raw(p + 6, s->sectors);  
2202 - padstr((uint8_t *)(p + 10), "QM00001", 20); /* serial number */  
2203 - stw_raw(p + 20, 3); /* buffer type */  
2204 - stw_raw(p + 21, 512); /* cache size in sectors */  
2205 - stw_raw(p + 22, 4); /* ecc bytes */  
2206 - padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */  
2207 - padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */  
2208 -#if MAX_MULT_SECTORS > 1  
2209 - stw_raw(p + 47, MAX_MULT_SECTORS);  
2210 -#endif  
2211 - stw_raw(p + 48, 1); /* dword I/O */  
2212 - stw_raw(p + 49, 1 << 9); /* LBA supported, no DMA */  
2213 - stw_raw(p + 51, 0x200); /* PIO transfer cycle */  
2214 - stw_raw(p + 52, 0x200); /* DMA transfer cycle */  
2215 - stw_raw(p + 54, s->cylinders);  
2216 - stw_raw(p + 55, s->heads);  
2217 - stw_raw(p + 56, s->sectors);  
2218 - oldsize = s->cylinders * s->heads * s->sectors;  
2219 - stw_raw(p + 57, oldsize);  
2220 - stw_raw(p + 58, oldsize >> 16);  
2221 - if (s->mult_sectors)  
2222 - stw_raw(p + 59, 0x100 | s->mult_sectors);  
2223 - stw_raw(p + 60, s->nb_sectors);  
2224 - stw_raw(p + 61, s->nb_sectors >> 16);  
2225 - stw_raw(p + 80, (1 << 1) | (1 << 2));  
2226 - stw_raw(p + 82, (1 << 14));  
2227 - stw_raw(p + 83, (1 << 14));  
2228 - stw_raw(p + 84, (1 << 14));  
2229 - stw_raw(p + 85, (1 << 14));  
2230 - stw_raw(p + 86, 0);  
2231 - stw_raw(p + 87, (1 << 14));  
2232 -}  
2233 -  
2234 -static void ide_atapi_identify(IDEState *s)  
2235 -{  
2236 - uint16_t *p;  
2237 -  
2238 - memset(s->io_buffer, 0, 512);  
2239 - p = (uint16_t *)s->io_buffer;  
2240 - /* Removable CDROM, 50us response, 12 byte packets */  
2241 - stw_raw(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));  
2242 - stw_raw(p + 1, s->cylinders);  
2243 - stw_raw(p + 3, s->heads);  
2244 - stw_raw(p + 4, 512 * s->sectors); /* sectors */  
2245 - stw_raw(p + 5, 512); /* sector size */  
2246 - stw_raw(p + 6, s->sectors);  
2247 - padstr((uint8_t *)(p + 10), "QM00001", 20); /* serial number */  
2248 - stw_raw(p + 20, 3); /* buffer type */  
2249 - stw_raw(p + 21, 512); /* cache size in sectors */  
2250 - stw_raw(p + 22, 4); /* ecc bytes */  
2251 - padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */  
2252 - padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */  
2253 - stw_raw(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */  
2254 - stw_raw(p + 49, 1 << 9); /* LBA supported, no DMA */  
2255 - stw_raw(p + 53, 3); /* words 64-70, 54-58 valid */  
2256 - stw_raw(p + 63, 0x103); /* DMA modes XXX: may be incorrect */  
2257 - stw_raw(p + 64, 1); /* PIO modes */  
2258 - stw_raw(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */  
2259 - stw_raw(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */  
2260 - stw_raw(p + 67, 0x12c); /* minimum PIO cycle time without flow control */  
2261 - stw_raw(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */  
2262 -  
2263 - stw_raw(p + 71, 30); /* in ns */  
2264 - stw_raw(p + 72, 30); /* in ns */  
2265 -  
2266 - stw_raw(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */  
2267 -}  
2268 -  
2269 -static void ide_set_signature(IDEState *s)  
2270 -{  
2271 - s->select &= 0xf0; /* clear head */  
2272 - /* put signature */  
2273 - s->nsector = 1;  
2274 - s->sector = 1;  
2275 - if (s->is_cdrom) {  
2276 - s->lcyl = 0x14;  
2277 - s->hcyl = 0xeb;  
2278 - } else if (s->bs) {  
2279 - s->lcyl = 0;  
2280 - s->hcyl = 0;  
2281 - } else {  
2282 - s->lcyl = 0xff;  
2283 - s->hcyl = 0xff;  
2284 - }  
2285 -}  
2286 -  
2287 -static inline void ide_abort_command(IDEState *s)  
2288 -{  
2289 - s->status = READY_STAT | ERR_STAT;  
2290 - s->error = ABRT_ERR;  
2291 -}  
2292 -  
2293 -static inline void ide_set_irq(IDEState *s)  
2294 -{  
2295 - if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {  
2296 - pic_set_irq(s->irq, 1);  
2297 - }  
2298 -}  
2299 -  
2300 -/* prepare data transfer and tell what to do after */  
2301 -static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,  
2302 - EndTransferFunc *end_transfer_func)  
2303 -{  
2304 - s->end_transfer_func = end_transfer_func;  
2305 - s->data_ptr = buf;  
2306 - s->data_end = buf + size;  
2307 - s->status |= DRQ_STAT;  
2308 -}  
2309 -  
2310 -static void ide_transfer_stop(IDEState *s)  
2311 -{  
2312 - s->end_transfer_func = ide_transfer_stop;  
2313 - s->data_ptr = s->io_buffer;  
2314 - s->data_end = s->io_buffer;  
2315 - s->status &= ~DRQ_STAT;  
2316 -}  
2317 -  
2318 -static int64_t ide_get_sector(IDEState *s)  
2319 -{  
2320 - int64_t sector_num;  
2321 - if (s->select & 0x40) {  
2322 - /* lba */  
2323 - sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |  
2324 - (s->lcyl << 8) | s->sector;  
2325 - } else {  
2326 - sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +  
2327 - (s->select & 0x0f) * s->sectors +  
2328 - (s->sector - 1);  
2329 - }  
2330 - return sector_num;  
2331 -}  
2332 -  
2333 -static void ide_set_sector(IDEState *s, int64_t sector_num)  
2334 -{  
2335 - unsigned int cyl, r;  
2336 - if (s->select & 0x40) {  
2337 - s->select = (s->select & 0xf0) | (sector_num >> 24);  
2338 - s->hcyl = (sector_num >> 16);  
2339 - s->lcyl = (sector_num >> 8);  
2340 - s->sector = (sector_num);  
2341 - } else {  
2342 - cyl = sector_num / (s->heads * s->sectors);  
2343 - r = sector_num % (s->heads * s->sectors);  
2344 - s->hcyl = cyl >> 8;  
2345 - s->lcyl = cyl;  
2346 - s->select = (s->select & 0xf0) | (r / s->sectors);  
2347 - s->sector = (r % s->sectors) + 1;  
2348 - }  
2349 -}  
2350 -  
2351 -static void ide_sector_read(IDEState *s)  
2352 -{  
2353 - int64_t sector_num;  
2354 - int ret, n;  
2355 -  
2356 - s->status = READY_STAT | SEEK_STAT;  
2357 - sector_num = ide_get_sector(s);  
2358 - n = s->nsector;  
2359 - if (n == 0) {  
2360 - /* no more sector to read from disk */  
2361 - ide_transfer_stop(s);  
2362 - } else {  
2363 -#if defined(DEBUG_IDE)  
2364 - printf("read sector=%Ld\n", sector_num);  
2365 -#endif  
2366 - if (n > s->req_nb_sectors)  
2367 - n = s->req_nb_sectors;  
2368 - ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);  
2369 - ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);  
2370 - ide_set_irq(s);  
2371 - ide_set_sector(s, sector_num + n);  
2372 - s->nsector -= n;  
2373 - }  
2374 -}  
2375 -  
2376 -static void ide_sector_write(IDEState *s)  
2377 -{  
2378 - int64_t sector_num;  
2379 - int ret, n, n1;  
2380 -  
2381 - s->status = READY_STAT | SEEK_STAT;  
2382 - sector_num = ide_get_sector(s);  
2383 -#if defined(DEBUG_IDE)  
2384 - printf("write sector=%Ld\n", sector_num);  
2385 -#endif  
2386 - n = s->nsector;  
2387 - if (n > s->req_nb_sectors)  
2388 - n = s->req_nb_sectors;  
2389 - ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);  
2390 - s->nsector -= n;  
2391 - if (s->nsector == 0) {  
2392 - /* no more sector to write */  
2393 - ide_transfer_stop(s);  
2394 - } else {  
2395 - n1 = s->nsector;  
2396 - if (n1 > s->req_nb_sectors)  
2397 - n1 = s->req_nb_sectors;  
2398 - ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);  
2399 - }  
2400 - ide_set_sector(s, sector_num + n);  
2401 - ide_set_irq(s);  
2402 -}  
2403 -  
2404 -static void ide_atapi_cmd_ok(IDEState *s)  
2405 -{  
2406 - s->error = 0;  
2407 - s->status = READY_STAT;  
2408 - s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;  
2409 - ide_set_irq(s);  
2410 -}  
2411 -  
2412 -static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)  
2413 -{  
2414 -#ifdef DEBUG_IDE_ATAPI  
2415 - printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);  
2416 -#endif  
2417 - s->error = sense_key << 4;  
2418 - s->status = READY_STAT | ERR_STAT;  
2419 - s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;  
2420 - s->sense_key = sense_key;  
2421 - s->asc = asc;  
2422 - ide_set_irq(s);  
2423 -}  
2424 -  
2425 -static inline void cpu_to_ube16(uint8_t *buf, int val)  
2426 -{  
2427 - buf[0] = val >> 8;  
2428 - buf[1] = val;  
2429 -}  
2430 -  
2431 -static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)  
2432 -{  
2433 - buf[0] = val >> 24;  
2434 - buf[1] = val >> 16;  
2435 - buf[2] = val >> 8;  
2436 - buf[3] = val;  
2437 -}  
2438 -  
2439 -static inline int ube16_to_cpu(const uint8_t *buf)  
2440 -{  
2441 - return (buf[0] << 8) | buf[1];  
2442 -}  
2443 -  
2444 -static inline int ube32_to_cpu(const uint8_t *buf)  
2445 -{  
2446 - return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];  
2447 -}  
2448 -  
2449 -/* The whole ATAPI transfer logic is handled in this function */  
2450 -static void ide_atapi_cmd_reply_end(IDEState *s)  
2451 -{  
2452 - int byte_count_limit, size;  
2453 -#ifdef DEBUG_IDE_ATAPI  
2454 - printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",  
2455 - s->packet_transfer_size,  
2456 - s->elementary_transfer_size,  
2457 - s->io_buffer_index);  
2458 -#endif  
2459 - if (s->packet_transfer_size <= 0) {  
2460 - /* end of transfer */  
2461 - ide_transfer_stop(s);  
2462 - s->status = READY_STAT;  
2463 - s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;  
2464 - ide_set_irq(s);  
2465 -#ifdef DEBUG_IDE_ATAPI  
2466 - printf("status=0x%x\n", s->status);  
2467 -#endif  
2468 - } else {  
2469 - /* see if a new sector must be read */  
2470 - if (s->lba != -1 && s->io_buffer_index >= 2048) {  
2471 - bdrv_read(s->bs, (int64_t)s->lba << 2, s->io_buffer, 4);  
2472 - s->lba++;  
2473 - s->io_buffer_index = 0;  
2474 - }  
2475 - if (s->elementary_transfer_size > 0) {  
2476 - /* there are some data left to transmit in this elementary  
2477 - transfer */  
2478 - size = 2048 - s->io_buffer_index;  
2479 - if (size > s->elementary_transfer_size)  
2480 - size = s->elementary_transfer_size;  
2481 - ide_transfer_start(s, s->io_buffer + s->io_buffer_index,  
2482 - size, ide_atapi_cmd_reply_end);  
2483 - s->packet_transfer_size -= size;  
2484 - s->elementary_transfer_size -= size;  
2485 - s->io_buffer_index += size;  
2486 - } else {  
2487 - /* a new transfer is needed */  
2488 - s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;  
2489 - byte_count_limit = s->lcyl | (s->hcyl << 8);  
2490 -#ifdef DEBUG_IDE_ATAPI  
2491 - printf("byte_count_limit=%d\n", byte_count_limit);  
2492 -#endif  
2493 - if (byte_count_limit == 0xffff)  
2494 - byte_count_limit--;  
2495 - size = s->packet_transfer_size;  
2496 - if (size > byte_count_limit) {  
2497 - /* byte count limit must be even if this case */  
2498 - if (byte_count_limit & 1)  
2499 - byte_count_limit--;  
2500 - size = byte_count_limit;  
2501 - } else {  
2502 - s->lcyl = size;  
2503 - s->hcyl = size >> 8;  
2504 - }  
2505 - s->elementary_transfer_size = size;  
2506 - /* we cannot transmit more than one sector at a time */  
2507 - if (s->lba != -1) {  
2508 - if (size > (2048 - s->io_buffer_index))  
2509 - size = (2048 - s->io_buffer_index);  
2510 - }  
2511 - ide_transfer_start(s, s->io_buffer + s->io_buffer_index,  
2512 - size, ide_atapi_cmd_reply_end);  
2513 - s->packet_transfer_size -= size;  
2514 - s->elementary_transfer_size -= size;  
2515 - s->io_buffer_index += size;  
2516 - ide_set_irq(s);  
2517 -#ifdef DEBUG_IDE_ATAPI  
2518 - printf("status=0x%x\n", s->status);  
2519 -#endif  
2520 - }  
2521 - }  
2522 -}  
2523 -  
2524 -/* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */  
2525 -static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)  
2526 -{  
2527 - if (size > max_size)  
2528 - size = max_size;  
2529 - s->lba = -1; /* no sector read */  
2530 - s->packet_transfer_size = size;  
2531 - s->elementary_transfer_size = 0;  
2532 - s->io_buffer_index = 0;  
2533 -  
2534 - s->status = READY_STAT;  
2535 - ide_atapi_cmd_reply_end(s);  
2536 -}  
2537 -  
2538 -/* start a CD-CDROM read command */  
2539 -static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors)  
2540 -{  
2541 -#ifdef DEBUG_IDE_ATAPI  
2542 - printf("read: LBA=%d nb_sectors=%d\n", lba, nb_sectors);  
2543 -#endif  
2544 - s->lba = lba;  
2545 - s->packet_transfer_size = nb_sectors * 2048;  
2546 - s->elementary_transfer_size = 0;  
2547 - s->io_buffer_index = 2048;  
2548 -  
2549 - s->status = READY_STAT;  
2550 - ide_atapi_cmd_reply_end(s);  
2551 -}  
2552 -  
2553 -/* same toc as bochs. Return -1 if error or the toc length */  
2554 -static int cdrom_read_toc(IDEState *s, uint8_t *buf, int msf, int start_track)  
2555 -{  
2556 - uint8_t *q;  
2557 - int nb_sectors, len;  
2558 -  
2559 - if (start_track > 1 && start_track != 0xaa)  
2560 - return -1;  
2561 - q = buf + 2;  
2562 - *q++ = 1;  
2563 - *q++ = 1;  
2564 - if (start_track <= 1) {  
2565 - *q++ = 0; /* reserved */  
2566 - *q++ = 0x14; /* ADR, control */  
2567 - *q++ = 1; /* track number */  
2568 - *q++ = 0; /* reserved */  
2569 - if (msf) {  
2570 - *q++ = 0; /* reserved */  
2571 - *q++ = 0; /* minute */  
2572 - *q++ = 2; /* second */  
2573 - *q++ = 0; /* frame */  
2574 - } else {  
2575 - /* sector 0 */  
2576 - cpu_to_ube32(q, 0);  
2577 - q += 4;  
2578 - }  
2579 - }  
2580 - /* lead out track */  
2581 - *q++ = 0; /* reserved */  
2582 - *q++ = 0x16; /* ADR, control */  
2583 - *q++ = 0xaa; /* track number */  
2584 - *q++ = 0; /* reserved */  
2585 - nb_sectors = s->nb_sectors >> 2;  
2586 - if (msf) {  
2587 - *q++ = 0; /* reserved */  
2588 - *q++ = ((nb_sectors + 150) / 75) / 60;  
2589 - *q++ = ((nb_sectors + 150) / 75) % 60;  
2590 - *q++ = (nb_sectors + 150) % 75;  
2591 - } else {  
2592 - cpu_to_ube32(q, nb_sectors);  
2593 - q += 4;  
2594 - }  
2595 - len = q - buf;  
2596 - cpu_to_ube16(buf, len - 2);  
2597 - return len;  
2598 -}  
2599 -  
2600 -static void ide_atapi_cmd(IDEState *s)  
2601 -{  
2602 - const uint8_t *packet;  
2603 - uint8_t *buf;  
2604 - int max_len;  
2605 -  
2606 - packet = s->io_buffer;  
2607 - buf = s->io_buffer;  
2608 -#ifdef DEBUG_IDE_ATAPI  
2609 - {  
2610 - int i;  
2611 - printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));  
2612 - for(i = 0; i < ATAPI_PACKET_SIZE; i++) {  
2613 - printf(" %02x", packet[i]);  
2614 - }  
2615 - printf("\n");  
2616 - }  
2617 -#endif  
2618 - switch(s->io_buffer[0]) {  
2619 - case GPCMD_TEST_UNIT_READY:  
2620 - if (s->bs) {  
2621 - ide_atapi_cmd_ok(s);  
2622 - } else {  
2623 - ide_atapi_cmd_error(s, SENSE_NOT_READY,  
2624 - ASC_MEDIUM_NOT_PRESENT);  
2625 - }  
2626 - break;  
2627 - case GPCMD_MODE_SENSE_10:  
2628 - {  
2629 - int action, code;  
2630 - max_len = ube16_to_cpu(packet + 7);  
2631 - action = packet[2] >> 6;  
2632 - code = packet[2] & 0x3f;  
2633 - switch(action) {  
2634 - case 0: /* current values */  
2635 - switch(code) {  
2636 - case 0x01: /* error recovery */  
2637 - cpu_to_ube16(&buf[0], 16 + 6);  
2638 - buf[2] = 0x70;  
2639 - buf[3] = 0;  
2640 - buf[4] = 0;  
2641 - buf[5] = 0;  
2642 - buf[6] = 0;  
2643 - buf[7] = 0;  
2644 -  
2645 - buf[8] = 0x01;  
2646 - buf[9] = 0x06;  
2647 - buf[10] = 0x00;  
2648 - buf[11] = 0x05;  
2649 - buf[12] = 0x00;  
2650 - buf[13] = 0x00;  
2651 - buf[14] = 0x00;  
2652 - buf[15] = 0x00;  
2653 - ide_atapi_cmd_reply(s, 16, max_len);  
2654 - break;  
2655 - case 0x2a:  
2656 - cpu_to_ube16(&buf[0], 28 + 6);  
2657 - buf[2] = 0x70;  
2658 - buf[3] = 0;  
2659 - buf[4] = 0;  
2660 - buf[5] = 0;  
2661 - buf[6] = 0;  
2662 - buf[7] = 0;  
2663 -  
2664 - buf[8] = 0x2a;  
2665 - buf[9] = 0x12;  
2666 - buf[10] = 0x00;  
2667 - buf[11] = 0x00;  
2668 -  
2669 - buf[12] = 0x70;  
2670 - buf[13] = 3 << 5;  
2671 - buf[14] = (1 << 0) | (1 << 3) | (1 << 5);  
2672 - if (s->cdrom_locked)  
2673 - buf[6] |= 1 << 1;  
2674 - buf[15] = 0x00;  
2675 - cpu_to_ube16(&buf[16], 706);  
2676 - buf[18] = 0;  
2677 - buf[19] = 2;  
2678 - cpu_to_ube16(&buf[20], 512);  
2679 - cpu_to_ube16(&buf[22], 706);  
2680 - buf[24] = 0;  
2681 - buf[25] = 0;  
2682 - buf[26] = 0;  
2683 - buf[27] = 0;  
2684 - ide_atapi_cmd_reply(s, 28, max_len);  
2685 - break;  
2686 - default:  
2687 - goto error_cmd;  
2688 - }  
2689 - break;  
2690 - case 1: /* changeable values */  
2691 - goto error_cmd;  
2692 - case 2: /* default values */  
2693 - goto error_cmd;  
2694 - default:  
2695 - case 3: /* saved values */  
2696 - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,  
2697 - ASC_SAVING_PARAMETERS_NOT_SUPPORTED);  
2698 - break;  
2699 - }  
2700 - }  
2701 - break;  
2702 - case GPCMD_REQUEST_SENSE:  
2703 - max_len = packet[4];  
2704 - memset(buf, 0, 18);  
2705 - buf[0] = 0x70 | (1 << 7);  
2706 - buf[2] = s->sense_key;  
2707 - buf[7] = 10;  
2708 - buf[12] = s->asc;  
2709 - ide_atapi_cmd_reply(s, 18, max_len);  
2710 - break;  
2711 - case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:  
2712 - if (s->bs) {  
2713 - s->cdrom_locked = packet[4] & 1;  
2714 - ide_atapi_cmd_ok(s);  
2715 - } else {  
2716 - ide_atapi_cmd_error(s, SENSE_NOT_READY,  
2717 - ASC_MEDIUM_NOT_PRESENT);  
2718 - }  
2719 - break;  
2720 - case GPCMD_READ_10:  
2721 - case GPCMD_READ_12:  
2722 - {  
2723 - int nb_sectors, lba;  
2724 -  
2725 - if (!s->bs) {  
2726 - ide_atapi_cmd_error(s, SENSE_NOT_READY,  
2727 - ASC_MEDIUM_NOT_PRESENT);  
2728 - break;  
2729 - }  
2730 - if (packet[0] == GPCMD_READ_10)  
2731 - nb_sectors = ube16_to_cpu(packet + 7);  
2732 - else  
2733 - nb_sectors = ube32_to_cpu(packet + 6);  
2734 - lba = ube32_to_cpu(packet + 2);  
2735 - if (nb_sectors == 0) {  
2736 - ide_atapi_cmd_ok(s);  
2737 - break;  
2738 - }  
2739 - if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {  
2740 - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,  
2741 - ASC_LOGICAL_BLOCK_OOR);  
2742 - break;  
2743 - }  
2744 - ide_atapi_cmd_read(s, lba, nb_sectors);  
2745 - }  
2746 - break;  
2747 - case GPCMD_SEEK:  
2748 - {  
2749 - int lba;  
2750 - if (!s->bs) {  
2751 - ide_atapi_cmd_error(s, SENSE_NOT_READY,  
2752 - ASC_MEDIUM_NOT_PRESENT);  
2753 - break;  
2754 - }  
2755 - lba = ube32_to_cpu(packet + 2);  
2756 - if (((int64_t)lba << 2) > s->nb_sectors) {  
2757 - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,  
2758 - ASC_LOGICAL_BLOCK_OOR);  
2759 - break;  
2760 - }  
2761 - ide_atapi_cmd_ok(s);  
2762 - }  
2763 - break;  
2764 - case GPCMD_START_STOP_UNIT:  
2765 - {  
2766 - int start, eject;  
2767 - start = packet[4] & 1;  
2768 - eject = (packet[4] >> 1) & 1;  
2769 -  
2770 - /* XXX: currently none implemented */  
2771 - ide_atapi_cmd_ok(s);  
2772 - }  
2773 - break;  
2774 - case GPCMD_MECHANISM_STATUS:  
2775 - {  
2776 - max_len = ube16_to_cpu(packet + 8);  
2777 - cpu_to_ube16(buf, 0);  
2778 - /* no current LBA */  
2779 - buf[2] = 0;  
2780 - buf[3] = 0;  
2781 - buf[4] = 0;  
2782 - buf[5] = 1;  
2783 - cpu_to_ube16(buf + 6, 0);  
2784 - ide_atapi_cmd_reply(s, 8, max_len);  
2785 - }  
2786 - break;  
2787 - case GPCMD_READ_TOC_PMA_ATIP:  
2788 - {  
2789 - int format, msf, start_track, len;  
2790 -  
2791 - if (!s->bs) {  
2792 - ide_atapi_cmd_error(s, SENSE_NOT_READY,  
2793 - ASC_MEDIUM_NOT_PRESENT);  
2794 - break;  
2795 - }  
2796 - max_len = ube16_to_cpu(packet + 7);  
2797 - format = packet[9] >> 6;  
2798 - msf = (packet[1] >> 1) & 1;  
2799 - start_track = packet[6];  
2800 - switch(format) {  
2801 - case 0:  
2802 - len = cdrom_read_toc(s, buf, msf, start_track);  
2803 - if (len < 0)  
2804 - goto error_cmd;  
2805 - ide_atapi_cmd_reply(s, len, max_len);  
2806 - break;  
2807 - case 1:  
2808 - /* multi session : only a single session defined */  
2809 - memset(buf, 0, 12);  
2810 - buf[1] = 0x0a;  
2811 - buf[2] = 0x01;  
2812 - buf[3] = 0x01;  
2813 - ide_atapi_cmd_reply(s, 12, max_len);  
2814 - break;  
2815 - default:  
2816 - goto error_cmd;  
2817 - }  
2818 - }  
2819 - break;  
2820 - case GPCMD_READ_CDVD_CAPACITY:  
2821 - if (!s->bs) {  
2822 - ide_atapi_cmd_error(s, SENSE_NOT_READY,  
2823 - ASC_MEDIUM_NOT_PRESENT);  
2824 - break;  
2825 - }  
2826 - /* NOTE: it is really the number of sectors minus 1 */  
2827 - cpu_to_ube32(buf, (s->nb_sectors >> 2) - 1);  
2828 - cpu_to_ube32(buf + 4, 2048);  
2829 - ide_atapi_cmd_reply(s, 8, 8);  
2830 - break;  
2831 - default:  
2832 - error_cmd:  
2833 - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,  
2834 - ASC_INV_FIELD_IN_CMD_PACKET);  
2835 - break;  
2836 - }  
2837 -}  
2838 -  
2839 -void ide_ioport_write(CPUX86State *env, uint32_t addr, uint32_t val)  
2840 -{  
2841 - IDEState *ide_if = get_ide_interface(addr);  
2842 - IDEState *s = ide_if->cur_drive;  
2843 - int unit, n;  
2844 -  
2845 -#ifdef DEBUG_IDE  
2846 - printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);  
2847 -#endif  
2848 - addr &= 7;  
2849 - switch(addr) {  
2850 - case 0:  
2851 - break;  
2852 - case 1:  
2853 - s->feature = val;  
2854 - break;  
2855 - case 2:  
2856 - if (val == 0)  
2857 - val = 256;  
2858 - s->nsector = val;  
2859 - break;  
2860 - case 3:  
2861 - s->sector = val;  
2862 - break;  
2863 - case 4:  
2864 - s->lcyl = val;  
2865 - break;  
2866 - case 5:  
2867 - s->hcyl = val;  
2868 - break;  
2869 - case 6:  
2870 - /* select drive */  
2871 - unit = (val >> 4) & 1;  
2872 - s = ide_if + unit;  
2873 - ide_if->cur_drive = s;  
2874 - s->select = val;  
2875 - break;  
2876 - default:  
2877 - case 7:  
2878 - /* command */  
2879 -#if defined(DEBUG_IDE)  
2880 - printf("ide: CMD=%02x\n", val);  
2881 -#endif  
2882 - switch(val) {  
2883 - case WIN_IDENTIFY:  
2884 - if (s->bs && !s->is_cdrom) {  
2885 - ide_identify(s);  
2886 - s->status = READY_STAT;  
2887 - ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);  
2888 - } else {  
2889 - if (s->is_cdrom) {  
2890 - ide_set_signature(s);  
2891 - }  
2892 - ide_abort_command(s);  
2893 - }  
2894 - ide_set_irq(s);  
2895 - break;  
2896 - case WIN_SPECIFY:  
2897 - case WIN_RECAL:  
2898 - s->status = READY_STAT;  
2899 - ide_set_irq(s);  
2900 - break;  
2901 - case WIN_SETMULT:  
2902 - if (s->nsector > MAX_MULT_SECTORS ||  
2903 - s->nsector == 0 ||  
2904 - (s->nsector & (s->nsector - 1)) != 0) {  
2905 - ide_abort_command(s);  
2906 - } else {  
2907 - s->mult_sectors = s->nsector;  
2908 - s->status = READY_STAT;  
2909 - }  
2910 - ide_set_irq(s);  
2911 - break;  
2912 - case WIN_READ:  
2913 - case WIN_READ_ONCE:  
2914 - s->req_nb_sectors = 1;  
2915 - ide_sector_read(s);  
2916 - break;  
2917 - case WIN_WRITE:  
2918 - case WIN_WRITE_ONCE:  
2919 - s->status = SEEK_STAT;  
2920 - s->req_nb_sectors = 1;  
2921 - ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);  
2922 - break;  
2923 - case WIN_MULTREAD:  
2924 - if (!s->mult_sectors)  
2925 - goto abort_cmd;  
2926 - s->req_nb_sectors = s->mult_sectors;  
2927 - ide_sector_read(s);  
2928 - break;  
2929 - case WIN_MULTWRITE:  
2930 - if (!s->mult_sectors)  
2931 - goto abort_cmd;  
2932 - s->status = SEEK_STAT;  
2933 - s->req_nb_sectors = s->mult_sectors;  
2934 - n = s->nsector;  
2935 - if (n > s->req_nb_sectors)  
2936 - n = s->req_nb_sectors;  
2937 - ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);  
2938 - break;  
2939 - case WIN_READ_NATIVE_MAX:  
2940 - ide_set_sector(s, s->nb_sectors - 1);  
2941 - s->status = READY_STAT;  
2942 - ide_set_irq(s);  
2943 - break;  
2944 -  
2945 - /* ATAPI commands */  
2946 - case WIN_PIDENTIFY:  
2947 - if (s->is_cdrom) {  
2948 - ide_atapi_identify(s);  
2949 - s->status = READY_STAT;  
2950 - ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);  
2951 - } else {  
2952 - ide_abort_command(s);  
2953 - }  
2954 - ide_set_irq(s);  
2955 - break;  
2956 - case WIN_SRST:  
2957 - if (!s->is_cdrom)  
2958 - goto abort_cmd;  
2959 - ide_set_signature(s);  
2960 - s->status = READY_STAT;  
2961 - s->error = 0x01;  
2962 - break;  
2963 - case WIN_PACKETCMD:  
2964 - if (!s->is_cdrom)  
2965 - goto abort_cmd;  
2966 - /* DMA or overlapping commands not supported */  
2967 - if ((s->feature & 0x03) != 0)  
2968 - goto abort_cmd;  
2969 - s->nsector = 1;  
2970 - ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,  
2971 - ide_atapi_cmd);  
2972 - break;  
2973 - default:  
2974 - abort_cmd:  
2975 - ide_abort_command(s);  
2976 - ide_set_irq(s);  
2977 - break;  
2978 - }  
2979 - }  
2980 -}  
2981 -  
2982 -uint32_t ide_ioport_read(CPUX86State *env, uint32_t addr1)  
2983 -{  
2984 - IDEState *s = get_ide_interface(addr1)->cur_drive;  
2985 - uint32_t addr;  
2986 - int ret;  
2987 -  
2988 - addr = addr1 & 7;  
2989 - switch(addr) {  
2990 - case 0:  
2991 - ret = 0xff;  
2992 - break;  
2993 - case 1:  
2994 - ret = s->error;  
2995 - break;  
2996 - case 2:  
2997 - ret = s->nsector & 0xff;  
2998 - break;  
2999 - case 3:  
3000 - ret = s->sector;  
3001 - break;  
3002 - case 4:  
3003 - ret = s->lcyl;  
3004 - break;  
3005 - case 5:  
3006 - ret = s->hcyl;  
3007 - break;  
3008 - case 6:  
3009 - ret = s->select;  
3010 - break;  
3011 - default:  
3012 - case 7:  
3013 - ret = s->status;  
3014 - pic_set_irq(s->irq, 0);  
3015 - break;  
3016 - }  
3017 -#ifdef DEBUG_IDE  
3018 - printf("ide: read addr=0x%x val=%02x\n", addr1, ret);  
3019 -#endif  
3020 - return ret;  
3021 -}  
3022 -  
3023 -uint32_t ide_status_read(CPUX86State *env, uint32_t addr)  
3024 -{  
3025 - IDEState *s = get_ide_interface(addr)->cur_drive;  
3026 - int ret;  
3027 - ret = s->status;  
3028 -#ifdef DEBUG_IDE  
3029 - printf("ide: read status addr=0x%x val=%02x\n", addr, ret);  
3030 -#endif  
3031 - return ret;  
3032 -}  
3033 -  
3034 -void ide_cmd_write(CPUX86State *env, uint32_t addr, uint32_t val)  
3035 -{  
3036 - IDEState *ide_if = get_ide_interface(addr);  
3037 - IDEState *s;  
3038 - int i;  
3039 -  
3040 -#ifdef DEBUG_IDE  
3041 - printf("ide: write control addr=0x%x val=%02x\n", addr, val);  
3042 -#endif  
3043 - /* common for both drives */  
3044 - if (!(ide_if[0].cmd & IDE_CMD_RESET) &&  
3045 - (val & IDE_CMD_RESET)) {  
3046 - /* reset low to high */  
3047 - for(i = 0;i < 2; i++) {  
3048 - s = &ide_if[i];  
3049 - s->status = BUSY_STAT | SEEK_STAT;  
3050 - s->error = 0x01;  
3051 - }  
3052 - } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&  
3053 - !(val & IDE_CMD_RESET)) {  
3054 - /* high to low */  
3055 - for(i = 0;i < 2; i++) {  
3056 - s = &ide_if[i];  
3057 - s->status = READY_STAT;  
3058 - ide_set_signature(s);  
3059 - }  
3060 - }  
3061 -  
3062 - ide_if[0].cmd = val;  
3063 - ide_if[1].cmd = val;  
3064 -}  
3065 -  
3066 -void ide_data_writew(CPUX86State *env, uint32_t addr, uint32_t val)  
3067 -{  
3068 - IDEState *s = get_ide_interface(addr)->cur_drive;  
3069 - uint8_t *p;  
3070 -  
3071 - p = s->data_ptr;  
3072 - *(uint16_t *)p = tswap16(val);  
3073 - p += 2;  
3074 - s->data_ptr = p;  
3075 - if (p >= s->data_end)  
3076 - s->end_transfer_func(s);  
3077 -}  
3078 -  
3079 -uint32_t ide_data_readw(CPUX86State *env, uint32_t addr)  
3080 -{  
3081 - IDEState *s = get_ide_interface(addr)->cur_drive;  
3082 - uint8_t *p;  
3083 - int ret;  
3084 - p = s->data_ptr;  
3085 - ret = tswap16(*(uint16_t *)p);  
3086 - p += 2;  
3087 - s->data_ptr = p;  
3088 - if (p >= s->data_end)  
3089 - s->end_transfer_func(s);  
3090 - return ret;  
3091 -}  
3092 -  
3093 -void ide_data_writel(CPUX86State *env, uint32_t addr, uint32_t val)  
3094 -{  
3095 - IDEState *s = get_ide_interface(addr)->cur_drive;  
3096 - uint8_t *p;  
3097 -  
3098 - p = s->data_ptr;  
3099 - *(uint32_t *)p = tswap32(val);  
3100 - p += 4;  
3101 - s->data_ptr = p;  
3102 - if (p >= s->data_end)  
3103 - s->end_transfer_func(s);  
3104 -}  
3105 -  
3106 -uint32_t ide_data_readl(CPUX86State *env, uint32_t addr)  
3107 -{  
3108 - IDEState *s = get_ide_interface(addr)->cur_drive;  
3109 - uint8_t *p;  
3110 - int ret;  
3111 -  
3112 - p = s->data_ptr;  
3113 - ret = tswap32(*(uint32_t *)p);  
3114 - p += 4;  
3115 - s->data_ptr = p;  
3116 - if (p >= s->data_end)  
3117 - s->end_transfer_func(s);  
3118 - return ret;  
3119 -}  
3120 -  
3121 -void ide_reset(IDEState *s)  
3122 -{  
3123 - s->mult_sectors = MAX_MULT_SECTORS;  
3124 - s->cur_drive = s;  
3125 - s->select = 0xa0;  
3126 - s->status = READY_STAT;  
3127 - ide_set_signature(s);  
3128 -}  
3129 -  
3130 -struct partition {  
3131 - uint8_t boot_ind; /* 0x80 - active */  
3132 - uint8_t head; /* starting head */  
3133 - uint8_t sector; /* starting sector */  
3134 - uint8_t cyl; /* starting cylinder */  
3135 - uint8_t sys_ind; /* What partition type */  
3136 - uint8_t end_head; /* end head */  
3137 - uint8_t end_sector; /* end sector */  
3138 - uint8_t end_cyl; /* end cylinder */  
3139 - uint32_t start_sect; /* starting sector counting from 0 */  
3140 - uint32_t nr_sects; /* nr of sectors in partition */  
3141 -} __attribute__((packed));  
3142 -  
3143 -/* try to guess the IDE geometry from the MSDOS partition table */  
3144 -void ide_guess_geometry(IDEState *s)  
3145 -{  
3146 - uint8_t buf[512];  
3147 - int ret, i;  
3148 - struct partition *p;  
3149 - uint32_t nr_sects;  
3150 -  
3151 - if (s->cylinders != 0)  
3152 - return;  
3153 - ret = bdrv_read(s->bs, 0, buf, 1);  
3154 - if (ret < 0)  
3155 - return;  
3156 - /* test msdos magic */  
3157 - if (buf[510] != 0x55 || buf[511] != 0xaa)  
3158 - return;  
3159 - for(i = 0; i < 4; i++) {  
3160 - p = ((struct partition *)(buf + 0x1be)) + i;  
3161 - nr_sects = tswap32(p->nr_sects);  
3162 - if (nr_sects && p->end_head) {  
3163 - /* We make the assumption that the partition terminates on  
3164 - a cylinder boundary */  
3165 - s->heads = p->end_head + 1;  
3166 - s->sectors = p->end_sector & 63;  
3167 - s->cylinders = s->nb_sectors / (s->heads * s->sectors);  
3168 -#if 0  
3169 - printf("guessed partition: CHS=%d %d %d\n",  
3170 - s->cylinders, s->heads, s->sectors);  
3171 -#endif  
3172 - }  
3173 - }  
3174 -}  
3175 -  
3176 -void ide_init(void)  
3177 -{  
3178 - IDEState *s;  
3179 - int i, cylinders, iobase, iobase2;  
3180 - int64_t nb_sectors;  
3181 - static const int ide_iobase[2] = { 0x1f0, 0x170 };  
3182 - static const int ide_iobase2[2] = { 0x3f6, 0x376 };  
3183 - static const int ide_irq[2] = { 14, 15 };  
3184 -  
3185 - for(i = 0; i < MAX_DISKS; i++) {  
3186 - s = &ide_state[i];  
3187 - s->bs = bs_table[i];  
3188 - if (s->bs) {  
3189 - bdrv_get_geometry(s->bs, &nb_sectors);  
3190 - s->nb_sectors = nb_sectors;  
3191 - ide_guess_geometry(s);  
3192 - if (s->cylinders == 0) {  
3193 - /* if no geometry, use a LBA compatible one */  
3194 - cylinders = nb_sectors / (16 * 63);  
3195 - if (cylinders > 16383)  
3196 - cylinders = 16383;  
3197 - else if (cylinders < 2)  
3198 - cylinders = 2;  
3199 - s->cylinders = cylinders;  
3200 - s->heads = 16;  
3201 - s->sectors = 63;  
3202 - }  
3203 - }  
3204 - s->irq = ide_irq[i >> 1];  
3205 - ide_reset(s);  
3206 - }  
3207 - for(i = 0; i < (MAX_DISKS / 2); i++) {  
3208 - iobase = ide_iobase[i];  
3209 - iobase2 = ide_iobase2[i];  
3210 - ide_table[iobase >> 3] = &ide_state[2 * i];  
3211 - if (ide_iobase2[i])  
3212 - ide_table[iobase2 >> 3] = &ide_state[2 * i];  
3213 - register_ioport_write(iobase, 8, ide_ioport_write, 1);  
3214 - register_ioport_read(iobase, 8, ide_ioport_read, 1);  
3215 - register_ioport_read(iobase2, 1, ide_status_read, 1);  
3216 - register_ioport_write(iobase2, 1, ide_cmd_write, 1);  
3217 -  
3218 - /* data ports */  
3219 - register_ioport_write(iobase, 2, ide_data_writew, 2);  
3220 - register_ioport_read(iobase, 2, ide_data_readw, 2);  
3221 - register_ioport_write(iobase, 4, ide_data_writel, 4);  
3222 - register_ioport_read(iobase, 4, ide_data_readl, 4);  
3223 - }  
3224 -}  
3225 -  
3226 -/***********************************************************/  
3227 /* keyboard emulation */ 1862 /* keyboard emulation */
3228 1863
3229 /* Keyboard Controller Commands */ 1864 /* Keyboard Controller Commands */
@@ -4239,9 +2874,7 @@ int main(int argc, char **argv) @@ -4239,9 +2874,7 @@ int main(int argc, char **argv)
4239 secs = strtol(p, (char **)&p, 0); 2874 secs = strtol(p, (char **)&p, 0);
4240 if (*p != '\0') 2875 if (*p != '\0')
4241 goto chs_fail; 2876 goto chs_fail;
4242 - ide_state[0].cylinders = cyls;  
4243 - ide_state[0].heads = heads;  
4244 - ide_state[0].sectors = secs; 2877 + ide_set_geometry(0, cyls, heads, secs);
4245 chs_fail: ; 2878 chs_fail: ;
4246 } 2879 }
4247 break; 2880 break;
@@ -4265,7 +2898,7 @@ int main(int argc, char **argv) @@ -4265,7 +2898,7 @@ int main(int argc, char **argv)
4265 break; 2898 break;
4266 case 11: 2899 case 11:
4267 hd_filename[2] = optarg; 2900 hd_filename[2] = optarg;
4268 - ide_state[2].is_cdrom = 1; 2901 + ide_set_cdrom(2, 1);
4269 break; 2902 break;
4270 case 12: 2903 case 12:
4271 boot_device = optarg[0]; 2904 boot_device = optarg[0];
@@ -34,6 +34,7 @@ typedef uint32_t (IOPortReadFunc)(struct CPUX86State *env, uint32_t address); @@ -34,6 +34,7 @@ typedef uint32_t (IOPortReadFunc)(struct CPUX86State *env, uint32_t address);
34 void *get_mmap_addr(unsigned long size); 34 void *get_mmap_addr(unsigned long size);
35 int register_ioport_read(int start, int length, IOPortReadFunc *func, int size); 35 int register_ioport_read(int start, int length, IOPortReadFunc *func, int size);
36 int register_ioport_write(int start, int length, IOPortWriteFunc *func, int size); 36 int register_ioport_write(int start, int length, IOPortWriteFunc *func, int size);
  37 +void pic_set_irq(int irq, int level);
37 38
38 void kbd_put_keycode(int keycode); 39 void kbd_put_keycode(int keycode);
39 40
@@ -97,4 +98,13 @@ void vga_update_display(void); @@ -97,4 +98,13 @@ void vga_update_display(void);
97 /* sdl.c */ 98 /* sdl.c */
98 void sdl_display_init(DisplayState *ds); 99 void sdl_display_init(DisplayState *ds);
99 100
  101 +/* ide.c */
  102 +#define MAX_DISKS 4
  103 +
  104 +extern BlockDriverState *bs_table[MAX_DISKS];
  105 +
  106 +void ide_init(void);
  107 +void ide_set_geometry(int n, int cyls, int heads, int secs);
  108 +void ide_set_cdrom(int n, int is_cdrom);
  109 +
100 #endif /* VL_H */ 110 #endif /* VL_H */