Original Xbox Emulator for Windows, macOS, and Linux (Active Development)
Go to file
John Snow 1cbdd96813 ahci: Fix FIS decomposition
This patch introduces a few changes to how FIS packets are
deciphered in the AHCI virtual device. The summary of
changes can be grouped into two pieces:

[A] Changes to how we apply a preliminary sieve to FISes,
[B] Changes in how we internalize a decomposed FIS.

== Changes to how we apply a preliminary sieve to FISes ==

(1) Packets may now either update the Control register or
    the Command register, but not both. This is according
    to the SATA 3.2 specification which states:
    "...the device either initiates processing of the command
    indicated in the Command register or initiates processing
    of the control request indicated [...] depending on the
    state of the C bit in the FIS."

    See SATA 3.2 section 10.5.5.4, "Reception" in the 10.5.5
    "Register Host to Device FIS" section.

    This change accounts for the first two regions of change
    within the diff. All other changes belong to the following
    changes.

== Changes in how we internalize a decomposed FIS ==

(2) Instead of trying to extract the sector number out of the
    FIS from bytes 4-10 and setting it with ide_set_sector,
    we set the appropriate IDEState registers and trust that
    ide_get_sector can retrieve the correct sector later.

    By "constructing" the sector for use with ide_set_sector,
    we are duplicating the mechanisms of ide_get_sector.
    This change makes the FIS decomposition more obvious.

    SATA 3.2 as a specification does not make the legacy
    register mapping with respect to the D2H FIS obvious.
    However, SATA 3.2 section 10.5.5.1 "Register Host to
    Device FIS layout" describes all of the "cmd_fis"
    bytes:

    0 - FIS Type (0x27)
    1 - Port Multiplier Port and Command Update flag
    2 - ATA Command
    3 - Features_Low
    4 - LBA 7:0
    5 - LBA 15:8
    6 - LBA 23:16
    7 - Device, AKA "Drive Select."
    8 - LBA 31:24
    9 - LBA 39:32
    10 - LBA 47:40
    11 - Features_High
    12 - Count Low
    13 - Count High
    14 - ICC
    15 - Control
    16-19 - Auxiliary (for NCQ, defined per-command)

    Most of these registers map to existing IDEState registers
    in obvious ways, especially features, select, hob_features,
    and nsector (count). ICC is reserved in older specifications
    but is not supported in our implementation, and remains
    unused here. The Control register is not valid for a command
    that is trying to update the command register and is to be
    considered reserved at this point.

    What is not obvious is the LBA register mappings, but SATA 1.0
    can help inform of us legacy device support, see SATA 1.0 section
    8.5.2 "Register - Host to Device."

    LBA 7:0   - Sector Number    (sector)
    LBA 15:8  - Cyl Low          (lcyl)
    LBA 23:16 - Cyl High         (hcyl)
    LBA 31:24 - Sector Num Exp.  (hob_sector)
    LBA 39:32 - Cyl Low Exp.     (hob_lcyl)
    LBA 47:40 - Cyl High Exp.    (hob_hcyl)

    These mappings help guide which registers the FIS should be decomposed
    into/towards for CHS, LBA28 and LBA48 commands.

    As a note: The prior confusion that can be seen in the documentation
    arises from the fact that CHS and LBA28 commands use the low nybble
    of the drive select register to store LBA 27:24, whereas LNA48 commands
    use the hob_sector, hob_lcyl and hob_hcyl registers as explained above.

    The decomposition as it stands now will correctly decompose CHS, LBA28
    and LBA48 commands into their appropriate registers where the core
    IDE/ATAPI layers can deal with them correctly.

    See the below point for more information.

(3) We save cmd_fis[7] as ide_state->select, which informs
    decisions about if we are using LBA or CHS.
    This corrects a bug in AHCI wherein we attempt to set and/or
    retrieve the sector number by using ide_set_sector and
    ide_get_sector, which depend on the select register to
    determine if we are using LBA or CHS.

    Without this adjustment, LBA48 read/writes are currently
    broken. Thanks to Eniac Zheng @ HP for pointing this out.

(4) Save cmd_fis[11] as ide_state->hob_feature, as defined in SATA 3.2.

(5) For several ATA commands, the sector count register set to 0
    is a magic number that means 256 sectors. For LBA48 commands,
    this means 65,536 sectors. We drop the magic sector correction
    here, and trust the ide core layer to handle the conversion
    appropriately, in ide_cmd_lba48_transform(). As it stands,
    the current AHCI code is only compliant with LBA28 commands.
    By simply removing the magic, it will work with LBA28 and LBA48.

(6) We expand FIS decomposition to include both ATAPI and IDE devices.
    We leave the logic of determining if the fields are valid or not
    to the respective layers.

    This change intends to make it clearer that AHCI is only a
    composition mechanism for the FIS packets: the meanings of
    the registers is best left to the implementation layers for
    those devices.

(7) Forcefully setting the feature, hcyl and lcyl registers for ATAPI
    commands is removed.
    - The hcyl and lcyl magic present here is valid at boot only,
      and should not be overridden for every PACKET command.
    - The feature register is defined as valid for the PACKET command,
      so we should not suppress it. The ATAPI layer does not even
      currently depend on or require 0x01 as mandatory.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1415058979-16604-3-git-send-email-jsnow@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-11-14 09:20:35 +00:00
audio audio: Drop superfluous conditionals around g_free() 2014-06-13 12:34:54 +02:00
backends pci, pc, virtio, misc bugfixes 2014-09-18 20:02:01 +01:00
block block/vdi: Limit maximum size even futher 2014-11-09 23:39:50 +01:00
bsd-user bsd-user: Fix syscall format, add strace support for more syscalls 2014-06-11 00:25:06 +01:00
default-configs mips: Remove CONFIG_VT82C686 from non-Fulong configs 2014-11-07 11:15:49 +00:00
disas disas/mips.c: disassemble MSA instructions 2014-11-03 11:48:35 +00:00
docs virtio-scsi fixes, the first part of dynamic sysbus devices, 2014-10-30 13:35:12 +00:00
dtc@bc895d6d09 dtc: add submodule 2013-04-18 13:50:53 +02:00
fpu softfloat: add functions corresponding to IEEE-2008 min/maxNumMag 2014-10-14 13:28:51 +01:00
fsdev virtfs-proxy-helper: fix call to accept 2014-04-28 08:55:32 +04:00
gdb-xml s390x/gdb: add the feature xml files for s390x 2014-09-01 09:45:19 +02:00
hw ahci: Fix FIS decomposition 2014-11-14 09:20:35 +00:00
include x86 and SCSI fixes. I left out the APIC device model 2014-11-13 15:44:16 +00:00
libcacard libcacard: don't free sign buffer while sign op is pending 2014-10-28 11:38:18 +01:00
libdecnumber libdecnumber: Fix warnings from smatch (missing static, boolean operations) 2014-08-24 13:21:06 +04:00
linux-headers linux-headers: update to 3.17-rc7 2014-10-10 10:37:47 +02:00
linux-user linux-user: Fix up timer id handling 2014-11-11 08:13:09 +02:00
net slirp/smbd: modify/set several parameters in generated smbd.conf 2014-11-11 08:49:16 +03:00
pc-bios update seabios to 1.7.5.1 stable release 2014-11-13 13:02:31 +00:00
pixman@87eea99e44 pixman: update internal copy to pixman-0.32.6 2014-09-15 08:14:19 +02:00
po po: fix conflict with %.mo rule in rules.mak 2014-09-26 13:35:08 +02:00
qapi qapi: Complete BlkdebugEvent 2014-11-07 17:38:18 +01:00
qga qga: Rewrite code where using readdir_r 2014-10-22 07:49:52 -05:00
qobject json-lexer: fix escaped backslash in single-quoted string 2014-06-23 11:01:24 -04:00
qom qom/cpu: remove the unused CPU hot-plug notifier 2014-11-02 13:44:11 +02:00
roms update seabios to 1.7.5.1 stable release 2014-11-13 11:59:46 +01:00
scripts pc, virtio, misc bugfixes 2014-11-03 22:51:08 +00:00
slirp slirp: udp: fix NULL pointer dereference because of uninitialized socket 2014-09-23 19:15:05 +01:00
stubs block: Code motion to get rid of stubs/blockdev.c 2014-10-20 13:41:26 +02:00
sysconfigs/target Eliminate cpus-x86_64.conf file 2012-09-21 15:12:58 +02:00
target-alpha target-alpha: Use cpu_exec_interrupt qom hook 2014-09-25 18:54:21 +01:00
target-arm target-arm: Correct condition for taking VIRQ and VFIQ 2014-11-04 12:05:23 +00:00
target-cris gdbstub: Allow target CPUs to specify watchpoint STOP_BEFORE_ACCESS flag 2014-10-06 14:25:43 +01:00
target-i386 x86 and SCSI fixes. I left out the APIC device model 2014-11-13 15:44:16 +00:00
target-lm32 gdbstub: Allow target CPUs to specify watchpoint STOP_BEFORE_ACCESS flag 2014-10-06 14:25:43 +01:00
target-m68k target-m68k: Use cpu_exec_interrupt qom hook 2014-09-25 18:54:21 +01:00
target-microblaze target-microblaze: Use cpu_exec_interrupt qom hook 2014-09-25 18:54:22 +01:00
target-mips target-mips: fix multiple TCG registers covering same data 2014-11-07 14:15:28 +00:00
target-moxie softmmu: introduce cpu_ldst.h 2014-06-05 16:10:33 +02:00
target-openrisc target-openrisc: Use cpu_exec_interrupt qom hook 2014-09-25 18:54:22 +01:00
target-ppc target-ppc: Fix Altivec Round Opcodes 2014-11-04 23:26:15 +01:00
target-s390x s390x/kvm: Fix warning from sparse 2014-11-05 16:35:55 +01:00
target-sh4 target-sh4: Use cpu_exec_interrupt qom hook 2014-09-25 18:54:22 +01:00
target-sparc target-sparc: Use cpu_exec_interrupt qom hook 2014-09-25 18:54:22 +01:00
target-tricore target-tricore: Add instructions of BO opcode format 2014-10-20 12:25:07 +01:00
target-unicore32 target-unicore32: Use cpu_exec_interrupt qom hook 2014-09-25 18:54:22 +01:00
target-xtensa target-xtensa: add missing window check for entry 2014-11-10 17:59:13 +03:00
tcg tcg/mips: fix store softmmu slow path 2014-11-02 13:30:00 +01:00
tests Xtensa fixes for 2.2: 2014-11-10 20:50:37 +00:00
trace trace: [hmp] Reimplement "trace-event" and "info trace-events" using QMP 2014-09-26 09:34:38 +01:00
ui QMP/input-send-event: make console parameter optional 2014-11-13 11:06:40 +01:00
util util: Improve os_mem_prealloc error message 2014-11-02 10:04:34 +03:00
.exrc qemu: add .exrc 2012-09-07 09:02:44 +03:00
.gitignore trace: [tcg] Generate TCG tracing routines 2014-08-12 14:26:12 +01:00
.gitmodules PPC: Add u-boot firmware for e500 2014-06-16 13:24:35 +02:00
.mailmap Update mailmap 2013-09-05 09:40:31 -05:00
.travis.yml .travis.yml: remove "make check" from main matrix 2014-09-26 21:05:06 +04:00
accel.c accel: Create accel object when initializing machine 2014-10-09 15:36:14 +02:00
aio-posix.c AioContext: introduce aio_prepare 2014-08-29 10:46:58 +01:00
aio-win32.c aio-win32: avoid out-of-bounds access to the events array 2014-09-22 11:39:21 +01:00
arch_init.c migration: catch unknown flag combinations in ram_load 2014-10-14 11:24:20 +02:00
async.c async: aio_context_new(): Handle event_notifier_init failure 2014-09-22 11:39:48 +01:00
balloon.c qapi event: convert BALLOON_CHANGE 2014-06-23 11:12:28 -04:00
block-migration.c block: Rename BlockDriverAIOCB* to BlockAIOCB* 2014-10-20 13:41:27 +02:00
block.c trivial patches for 2014-11-11 2014-11-11 14:50:10 +00:00
blockdev-nbd.c block: Use g_new() & friends where that makes obvious sense 2014-08-20 11:51:28 +02:00
blockdev.c block: let commit blockjob run in BDS AioContext 2014-11-03 11:41:49 +00:00
blockjob.c block: declare blockjobs and dataplane friends! 2014-11-03 11:41:49 +00:00
bootdevice.c bootindex: change fprintf to error_report 2014-10-15 10:46:01 +02:00
bt-host.c sysemu: avoid proliferation of include/ subdirectories 2013-04-15 18:19:25 +02:00
bt-vhci.c sysemu: avoid proliferation of include/ subdirectories 2013-04-15 18:19:25 +02:00
Changelog Use qemu-project.org domain name 2013-10-11 09:34:56 -07:00
CODING_STYLE CODING_STYLE: Section about conditional statement 2014-08-15 18:54:06 +04:00
configure seccomp: change configure to avoid arm 32 to break 2014-11-11 17:05:21 +01:00
COPYING
COPYING.LIB
coroutine-gthread.c glib-compat.h: add new thread API emulation on top of pre-2.31 API 2014-06-10 07:44:01 +02:00
coroutine-sigaltstack.c coroutine-sigaltstack: Change jmp_buf to sigjmp_buf 2014-11-11 11:07:55 +03:00
coroutine-ucontext.c Fix warnings suppressors to honor --disable-werror 2013-04-17 10:28:04 -05:00
coroutine-win32.c coroutine-win32.c: Add noinline attribute to work around gcc bug 2014-06-26 14:08:14 +01:00
cpu-exec.c cpu-exec: Do CPU_INTERRUPT_HALT unconditionally 2014-09-25 18:54:22 +01:00
cpus.c Introduce cpu_clean_all_dirty 2014-09-16 11:04:09 +02:00
cputlb.c implementing victim TLB for QEMU system emulated TLB 2014-09-01 17:43:06 +01:00
device_tree.c device_tree.c: dump all err mesages with error_report 2014-09-02 22:38:16 +04:00
device-hotplug.c blockdev: Eliminate drive_del() 2014-10-20 13:41:26 +02:00
disas.c monitor: QEMU Monitor Instruction Disassembly Incorrect for PowerPC LE Mode 2014-06-16 13:24:26 +02:00
dma-helpers.c hw: Convert from BlockDriverState to BlockBackend, mostly 2014-10-20 14:02:25 +02:00
dump.c dump: Fix dump-guest-memory termination and use-after-close 2014-11-02 10:04:34 +03:00
exec.c exec.c: fix setting 1-byte-long watchpoints 2014-09-19 17:42:16 +01:00
gdbstub.c gdbstub: Add a missing case of signal number translation in gdbstub 2014-11-11 08:58:30 +03:00
HACKING HACKING: Document vaddr type usage 2013-07-23 02:41:31 +02:00
hmp-commands.hx hmp: Remove "info pcmcia" 2014-10-24 12:19:11 +01:00
hmp.c Add HMP command "info memory-devices" 2014-09-26 13:37:06 -04:00
hmp.h Add HMP command "info memory-devices" 2014-09-26 13:37:06 -04:00
iohandler.c iohandler.c: Properly initialize sigaction struct 2014-05-24 00:07:29 +04:00
ioport.c memory: convert memory_region_destroy to object_unparent 2014-08-18 12:06:20 +02:00
iothread.c async: aio_context_new(): Handle event_notifier_init failure 2014-09-22 11:39:48 +01:00
kvm-all.c kvm fix compilation with GCC 4.3.4 2014-10-10 14:07:08 +01:00
kvm-stub.c accel: Move KVM accel registration to kvm-all.c 2014-10-04 08:59:15 +02:00
LICENSE LICENSE: clarify 2013-08-12 09:15:12 -05:00
main-loop.c Revert "main-loop.c: Handle SIGINT, SIGHUP and SIGTERM synchronously" 2014-10-27 15:05:09 +00:00
MAINTAINERS Add Migration maintainer 2014-11-11 09:46:46 +01:00
Makefile trace: install trace-events file 2014-09-26 09:34:39 +01:00
Makefile.objs qemu-file: Move stdio implementation to qemu-file-stdio.c 2014-10-14 10:29:28 +02:00
Makefile.target bootdevice: move bootdevice related code to new file bootdevice.c 2014-10-15 09:49:48 +02:00
memory_mapping.c Add skip_dump flag to ignore memory region during dump 2014-10-31 11:29:01 +01:00
memory.c Add skip_dump flag to ignore memory region during dump 2014-10-31 11:29:01 +01:00
migration-exec.c aio / timers: Untangle include files 2013-08-22 19:10:27 +02:00
migration-fd.c aio / timers: Untangle include files 2013-08-22 19:10:27 +02:00
migration-rdma.c rdma: Fix incorrect description in comments 2014-09-20 17:55:53 +04:00
migration-tcp.c qemu-sockets: Add error to non-blocking connect handler 2014-10-09 15:36:15 +02:00
migration-unix.c qemu-sockets: Add error to non-blocking connect handler 2014-10-09 15:36:15 +02:00
migration.c block/migration: Disable cache invalidate for incoming migration 2014-10-14 09:35:21 +02:00
module-common.c module: implement module loading 2014-02-20 13:14:18 +01:00
monitor.c trivial patches for 2014-11-11 2014-11-11 14:50:10 +00:00
nbd.c block/migration: Disable cache invalidate for incoming migration 2014-10-14 09:35:21 +02:00
numa.c numa: make 'info numa' take into account hotplugged memory 2014-11-11 08:50:58 +03:00
os-posix.c os-posix: reorder parent notification for -daemonize 2014-11-02 10:04:34 +03:00
os-win32.c pidfile: stop making pidfile error a special case 2014-11-02 10:04:34 +03:00
page_cache.c migration: Plug memory leak in migrate-set-cache-size command 2014-06-10 19:54:43 +04:00
qapi-schema.json QMP/input-send-event: make console parameter optional 2014-11-13 11:06:40 +01:00
qdev-monitor.c qdev: Use qdev_get_device_class() for -device <type>,help 2014-11-04 17:50:00 +01:00
qdict-test-data.txt Introduce QDict test data file 2009-09-04 09:37:34 -05:00
qemu-bridge-helper.c qemu-bridge-helper: Fix fd leak in main() 2014-06-27 10:39:10 +02:00
qemu-char.c qemu-char: Fix reconnect socket error reporting 2014-10-09 15:36:15 +02:00
qemu-coroutine-io.c qemu-coroutine-io: fix for Win32 2014-08-29 10:46:58 +01:00
qemu-coroutine-lock.c coroutine: remove qemu_co_queue_wait_insert_head 2013-12-02 17:11:49 +01:00
qemu-coroutine-sleep.c coroutine: Drop co_sleep_ns 2014-08-29 10:46:58 +01:00
qemu-coroutine.c coroutine: make pool size dynamic 2014-08-15 15:07:14 +02:00
qemu-doc.texi qemu-doc.texi: fix typos in x509 examples 2014-11-05 09:53:18 +03:00
qemu-file-stdio.c qemu-file: Move stdio implementation to qemu-file-stdio.c 2014-10-14 10:29:28 +02:00
qemu-file-unix.c qemu-file: Move unix and socket implementations to qemu-file-unix.c 2014-10-14 10:29:28 +02:00
qemu-file.c qemu-file: Move stdio implementation to qemu-file-stdio.c 2014-10-14 10:29:28 +02:00
qemu-img-cmds.hx qemu-img: Add progress output for amend 2014-11-03 11:41:48 +00:00
qemu-img.c qemu-img: Omit error_report() after img_open() 2014-11-06 12:45:47 +01:00
qemu-img.texi qemu-img: Add progress output for amend 2014-11-03 11:41:48 +00:00
qemu-io-cmds.c qemu-io: Respect early image end for map 2014-10-23 15:34:02 +02:00
qemu-io.c block: Make BlockBackend own its BlockDriverState 2014-10-20 13:41:26 +02:00
qemu-log.c qemu-log: default to stderr for logging output 2013-02-26 13:31:47 -06:00
qemu-nbd.c block: Make BlockBackend own its BlockDriverState 2014-10-20 13:41:26 +02:00
qemu-nbd.texi nbd: Miscellaneous typo fixes. 2014-05-24 00:07:29 +04:00
qemu-options-wrapper.h vl.c: In qemu -h output, only print options for the arch we are running as 2011-12-19 10:27:33 -06:00
qemu-options.h vl.c: Move option generation logic into a wrapper file 2011-12-19 10:27:33 -06:00
qemu-options.hx -machine vmport=off: Allow disabling of VMWare ioport emulation 2014-11-02 13:44:12 +02:00
qemu-seccomp.c seccomp: whitelist syscalls fallocate(), fadvise64(), inotify_init1() and inotify_add_watch() 2014-11-11 17:01:35 +01:00
qemu-tech.texi qemu-tech.texi: update implemented xtensa features list 2012-11-29 13:00:52 -06:00
qemu-timer.c vl.c: remove init_clocks call from main 2014-05-09 20:57:32 +02:00
qemu.nsi nsis: Improved support for parallel installation of 32 and 64 bit code 2013-11-07 07:02:44 +01:00
qemu.sasl sasl: Avoid 'Could not find keytab file' in syslog 2014-03-15 13:54:18 +04:00
qmp-commands.hx QMP/input-send-event: make console parameter optional 2014-11-13 11:06:40 +01:00
qmp.c qmp: Print descriptions of object properties 2014-10-15 05:03:15 +02:00
qtest.c qtest: fix qtest log fd should be initialized before qtest chardev 2014-10-23 16:41:27 +02:00
README Use qemu-project.org domain name 2013-10-11 09:34:56 -07:00
rules.mak rules.mak: Allow .mo-objs and .mo-cflags in -y variables 2014-10-31 11:26:25 +01:00
savevm.c snapshot: Reset err to NULL to avoid double free 2014-11-03 09:48:41 +00:00
softmmu_template.h softmmu: provide softmmu access type enum 2014-11-03 11:48:34 +00:00
spice-qemu-char.c qemu-char: Rename register_char_driver_qapi() to register_char_driver() 2014-09-16 23:36:32 +01:00
tcg-runtime.c tcg: Push tcg-runtime routines into exec/helper-* 2014-05-28 09:33:54 -07:00
tci.c Merge remote-tracking branch 'remotes/bonzini/softmmu-smap' into staging 2014-06-05 21:06:14 +01:00
thread-pool.c block: Rename BlockDriverCompletionFunc to BlockCompletionFunc 2014-10-20 13:41:27 +02:00
thunk.c exec: move include files to include/exec/ 2012-12-19 08:31:31 +01:00
tpm.c Use error_is_set() only when necessary 2014-02-17 11:57:23 -05:00
trace-events megasas: Fixup MSI-X handling 2014-10-31 11:29:01 +01:00
translate-all.c translate-all.c: memory walker initial address miscalculation 2014-10-06 21:53:35 +03:00
translate-all.h translate-all: Change tb_check_watchpoint() argument to CPUState 2014-03-13 19:20:48 +01:00
user-exec.c softmmu: introduce cpu_ldst.h 2014-06-05 16:10:33 +02:00
VERSION Update version for v2.2.0-rc1 release 2014-11-11 17:25:11 +00:00
version.rc Use qemu-project.org domain name 2013-10-11 09:34:56 -07:00
vl.c sysbus: Make devices spawnable via -device 2014-11-04 23:26:14 +01:00
vmstate.c vmstate: Allow dynamic allocation for VBUFFER during migration 2014-10-14 09:35:48 +02:00
xbzrle.c xbzrle.c: Avoid undefined behaviour with signed arithmetic 2014-04-18 10:33:36 +04:00
xen-common-stub.c accel: Move Xen registration code to xen-common.c 2014-10-04 08:59:15 +02:00
xen-common.c accel: Pass MachineState object to accel init functions 2014-10-09 12:57:10 +02:00
xen-hvm-stub.c xen-hvm: Fix xen_hvm_init() to adjust pc memory layout 2014-06-23 17:50:04 +03:00
xen-hvm.c xen-hvm: Remove redundant variable 'xstate' 2014-11-11 17:34:53 +03:00
xen-mapcache.c xen: build on ARM 2014-07-07 10:37:40 +00:00

Read the documentation in qemu-doc.html or on http://wiki.qemu-project.org

- QEMU team