[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 07/53] ahci: Correct PIO/D2H FIS responses
|
From: |
Stefan Hajnoczi |
|
Subject: |
[Qemu-devel] [PULL 07/53] ahci: Correct PIO/D2H FIS responses |
|
Date: |
Mon, 3 Nov 2014 11:50:10 +0000 |
From: John Snow <address@hidden>
Currently, the D2H FIS packets AHCI generates simply parrot back
the LBA that the guest sent to us in the cmd_fis. However, some
commands (like READ NATIVE MAX) modify the LBA registers as a
return value, through which the AHCI D2H FIS is the only response
mechanism. Thus, the D2H response should use the current register
values, not the initial ones.
This patch adjusts the LBA and drive select register responses for
PIO Setup and D2H FIS response packets.
Additionally, the PIO and D2H FIS responses copy too many bytes
from the command FIS that it is being generated from. Specifically,
byte 11 which is the Features(15:8) field for Register Host to
Device FIS packets, is instead reserved for the PIO Setup FIS and
should always be 0.
Signed-off-by: John Snow <address@hidden>
Reviewed-by: Paolo Bonzini <address@hidden>
Tested-by: Michael S. Tsirkin <address@hidden>
Message-id: address@hidden
Signed-off-by: Stefan Hajnoczi <address@hidden>
---
hw/ide/ahci.c | 48 +++++++++++++++++++++++++-----------------------
1 file changed, 25 insertions(+), 23 deletions(-)
diff --git a/hw/ide/ahci.c b/hw/ide/ahci.c
index 70958e3..03df462 100644
--- a/hw/ide/ahci.c
+++ b/hw/ide/ahci.c
@@ -600,6 +600,7 @@ static void ahci_write_fis_pio(AHCIDevice *ad, uint16_t len)
uint8_t *pio_fis, *cmd_fis;
uint64_t tbl_addr;
dma_addr_t cmd_len = 0x80;
+ IDEState *s = &ad->port.ifs[0];
if (!ad->res_fis || !(pr->cmd & PORT_CMD_FIS_RX)) {
return;
@@ -629,21 +630,21 @@ static void ahci_write_fis_pio(AHCIDevice *ad, uint16_t
len)
pio_fis[0] = 0x5f;
pio_fis[1] = (ad->hba->control_regs.irqstatus ? (1 << 6) : 0);
- pio_fis[2] = ad->port.ifs[0].status;
- pio_fis[3] = ad->port.ifs[0].error;
-
- pio_fis[4] = cmd_fis[4];
- pio_fis[5] = cmd_fis[5];
- pio_fis[6] = cmd_fis[6];
- pio_fis[7] = cmd_fis[7];
- pio_fis[8] = cmd_fis[8];
- pio_fis[9] = cmd_fis[9];
- pio_fis[10] = cmd_fis[10];
- pio_fis[11] = cmd_fis[11];
+ pio_fis[2] = s->status;
+ pio_fis[3] = s->error;
+
+ pio_fis[4] = s->sector;
+ pio_fis[5] = s->lcyl;
+ pio_fis[6] = s->hcyl;
+ pio_fis[7] = s->select;
+ pio_fis[8] = s->hob_sector;
+ pio_fis[9] = s->hob_lcyl;
+ pio_fis[10] = s->hob_hcyl;
+ pio_fis[11] = 0;
pio_fis[12] = cmd_fis[12];
pio_fis[13] = cmd_fis[13];
pio_fis[14] = 0;
- pio_fis[15] = ad->port.ifs[0].status;
+ pio_fis[15] = s->status;
pio_fis[16] = len & 255;
pio_fis[17] = len >> 8;
pio_fis[18] = 0;
@@ -670,6 +671,7 @@ static void ahci_write_fis_d2h(AHCIDevice *ad, uint8_t
*cmd_fis)
int i;
dma_addr_t cmd_len = 0x80;
int cmd_mapped = 0;
+ IDEState *s = &ad->port.ifs[0];
if (!ad->res_fis || !(pr->cmd & PORT_CMD_FIS_RX)) {
return;
@@ -687,17 +689,17 @@ static void ahci_write_fis_d2h(AHCIDevice *ad, uint8_t
*cmd_fis)
d2h_fis[0] = 0x34;
d2h_fis[1] = (ad->hba->control_regs.irqstatus ? (1 << 6) : 0);
- d2h_fis[2] = ad->port.ifs[0].status;
- d2h_fis[3] = ad->port.ifs[0].error;
-
- d2h_fis[4] = cmd_fis[4];
- d2h_fis[5] = cmd_fis[5];
- d2h_fis[6] = cmd_fis[6];
- d2h_fis[7] = cmd_fis[7];
- d2h_fis[8] = cmd_fis[8];
- d2h_fis[9] = cmd_fis[9];
- d2h_fis[10] = cmd_fis[10];
- d2h_fis[11] = cmd_fis[11];
+ d2h_fis[2] = s->status;
+ d2h_fis[3] = s->error;
+
+ d2h_fis[4] = s->sector;
+ d2h_fis[5] = s->lcyl;
+ d2h_fis[6] = s->hcyl;
+ d2h_fis[7] = s->select;
+ d2h_fis[8] = s->hob_sector;
+ d2h_fis[9] = s->hob_lcyl;
+ d2h_fis[10] = s->hob_hcyl;
+ d2h_fis[11] = 0;
d2h_fis[12] = cmd_fis[12];
d2h_fis[13] = cmd_fis[13];
for (i = 14; i < 20; i++) {
--
1.9.3
- [Qemu-devel] [PULL 00/53] Block patches, Stefan Hajnoczi, 2014/11/03
- [Qemu-devel] [PULL 02/53] BlockLimits: introduce max_transfer_length, Stefan Hajnoczi, 2014/11/03
- [Qemu-devel] [PULL 01/53] util: introduce MIN_NON_ZERO, Stefan Hajnoczi, 2014/11/03
- [Qemu-devel] [PULL 03/53] block/iscsi: set max_transfer_length, Stefan Hajnoczi, 2014/11/03
- [Qemu-devel] [PULL 04/53] block: avoid creating oversized writes in multiwrite_merge, Stefan Hajnoczi, 2014/11/03
- [Qemu-devel] [PULL 05/53] block/iscsi: use sector_limits_lun2qemu throughout iscsi_refresh_limits, Stefan Hajnoczi, 2014/11/03
- [Qemu-devel] [PULL 06/53] block/iscsi: check for oversized requests, Stefan Hajnoczi, 2014/11/03
- [Qemu-devel] [PULL 07/53] ahci: Correct PIO/D2H FIS responses,
Stefan Hajnoczi <=
- [Qemu-devel] [PULL 08/53] ahci: Update byte count after DMA completion, Stefan Hajnoczi, 2014/11/03
- [Qemu-devel] [PULL 09/53] ahci: Fix SDB FIS Construction, Stefan Hajnoczi, 2014/11/03
- [Qemu-devel] [PULL 10/53] snapshot: Reset err to NULL to avoid double free, Stefan Hajnoczi, 2014/11/03
- [Qemu-devel] [PULL 11/53] iotests: replace fake parallels image with authentic one, Stefan Hajnoczi, 2014/11/03
- [Qemu-devel] [PULL 12/53] iotests: add v2 parallels sample image and simple test for it, Stefan Hajnoczi, 2014/11/03
- [Qemu-devel] [PULL 13/53] block/parallels: fix access to not initialized memory in catalog_bitmap, Stefan Hajnoczi, 2014/11/03
- [Qemu-devel] [PULL 14/53] rbd: Add support for bdrv_invalidate_cache, Stefan Hajnoczi, 2014/11/03
- [Qemu-devel] [PULL 15/53] block.c: Fix type of IoOperationType variable in send_qmp_error_event(), Stefan Hajnoczi, 2014/11/03
- [Qemu-devel] [PULL 17/53] block/curl: Improve type safety of s->timeout., Stefan Hajnoczi, 2014/11/03
- [Qemu-devel] [PULL 16/53] snapshot: add bdrv_drain_all() to bdrv_snapshot_delete() to avoid concurrency problem, Stefan Hajnoczi, 2014/11/03