Index: qemu/hw/fdc.c
===================================================================
--- qemu.orig/hw/fdc.c	2007-08-22 19:41:40.000000000 +0000
+++ qemu/hw/fdc.c	2007-08-22 19:47:59.000000000 +0000
@@ -370,6 +370,7 @@
     /* HW */
     qemu_irq irq;
     int dma_chann;
+    qemu_dma *parent_dma;
     target_phys_addr_t io_base;
     /* Controller state */
     QEMUTimer *result_timer;
@@ -580,7 +581,8 @@
 
 fdctrl_t *fdctrl_init (qemu_irq irq, int dma_chann, int mem_mapped, 
                        target_phys_addr_t io_base,
-                       BlockDriverState **fds)
+                       BlockDriverState **fds,
+                       qemu_dma *parent_dma)
 {
     fdctrl_t *fdctrl;
     int io_mem;
@@ -598,6 +600,7 @@
     fdctrl->dma_chann = dma_chann;
     fdctrl->io_base = io_base;
     fdctrl->config = 0x60; /* Implicit seek, polling & FIFO enabled */
+    fdctrl->parent_dma = parent_dma;
     if (fdctrl->dma_chann != -1) {
         fdctrl->dma_en = 1;
         DMA_register_channel(dma_chann, &fdctrl_transfer_handler, fdctrl);
@@ -1087,17 +1090,13 @@
 	switch (fdctrl->data_dir) {
 	case FD_DIR_READ:
 	    /* READ commands */
-            DMA_write_memory (nchan, fdctrl->fifo + rel_pos,
-                              fdctrl->data_pos, len);
-/* 	    cpu_physical_memory_write(addr + fdctrl->data_pos, */
-/* 				      fdctrl->fifo + rel_pos, len); */
+            dma_memory_write(fdctrl->parent_dma, 0, fdctrl->fifo + rel_pos +
+                             fdctrl->data_pos, len);
 	    break;
 	case FD_DIR_WRITE:
             /* WRITE commands */
-            DMA_read_memory (nchan, fdctrl->fifo + rel_pos,
-                             fdctrl->data_pos, len);
-/*             cpu_physical_memory_read(addr + fdctrl->data_pos, */
-/* 				     fdctrl->fifo + rel_pos, len); */
+            dma_memory_read(fdctrl->parent_dma, 0, fdctrl->fifo + rel_pos +
+                            fdctrl->data_pos, len);
             if (bdrv_write(cur_drv->bs, fd_sector(cur_drv),
 			   fdctrl->fifo, 1) < 0) {
                 FLOPPY_ERROR("writting sector %d\n", fd_sector(cur_drv));
@@ -1110,9 +1109,8 @@
             {
 		uint8_t tmpbuf[FD_SECTOR_LEN];
                 int ret;
-                DMA_read_memory (nchan, tmpbuf, fdctrl->data_pos, len);
-/*                 cpu_physical_memory_read(addr + fdctrl->data_pos, */
-/*                                          tmpbuf, len); */
+                dma_memory_read(fdctrl->parent_dma, 0, tmpbuf +
+                                fdctrl->data_pos, len);
                 ret = memcmp(tmpbuf, fdctrl->fifo + rel_pos, len);
                 if (ret == 0) {
                     status2 = 0x08;
Index: qemu/vl.h
===================================================================
--- qemu.orig/vl.h	2007-08-22 19:47:22.000000000 +0000
+++ qemu/vl.h	2007-08-22 19:47:59.000000000 +0000
@@ -1077,7 +1077,8 @@
 
 fdctrl_t *fdctrl_init (qemu_irq irq, int dma_chann, int mem_mapped, 
                        target_phys_addr_t io_base,
-                       BlockDriverState **fds);
+                       BlockDriverState **fds,
+                       qemu_dma *parent_dma);
 int fdctrl_get_drive_type(fdctrl_t *fdctrl, int drive_num);
 
 /* eepro100.c */
Index: qemu/hw/pc.c
===================================================================
--- qemu.orig/hw/pc.c	2007-08-22 19:47:22.000000000 +0000
+++ qemu/hw/pc.c	2007-08-22 19:47:59.000000000 +0000
@@ -902,7 +902,7 @@
     audio_init(pci_enabled ? pci_bus : NULL, i8259, isa_dma[1], isa_dma[5]);
 #endif
 
-    floppy_controller = fdctrl_init(i8259[6], 2, 0, 0x3f0, fd_table);
+    floppy_controller = fdctrl_init(i8259[6], 2, 0, 0x3f0, fd_table, isa_dma[2]);
 
     cmos_init(ram_size, boot_device, bs_table);