[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 10/12] macio: switch pmac_dma_write() over to new off
From: |
John Snow |
Subject: |
[Qemu-devel] [PULL 10/12] macio: switch pmac_dma_write() over to new offset/len implementation |
Date: |
Fri, 5 Jun 2015 16:00:47 -0400 |
From: Mark Cave-Ayland <address@hidden>
In particular, this fixes a bug whereby chains of overlapping head/tail chains
would incorrectly write over each other's remainder cache. This is the access
pattern used by OS X/Darwin and fixes an issue with a corrupt Darwin
installation in my local tests.
While we are here, rename the DBDMA_io struct property remainder to
head_remainder for clarification.
Signed-off-by: Mark Cave-Ayland <address@hidden>
Reviewed-by: John Snow <address@hidden>
Message-id: address@hidden
Signed-off-by: John Snow <address@hidden>
---
hw/ide/macio.c | 120 +++++++++++++++++++++------------------------
include/hw/ppc/mac_dbdma.h | 3 +-
2 files changed, 57 insertions(+), 66 deletions(-)
diff --git a/hw/ide/macio.c b/hw/ide/macio.c
index 52ee4ac..85e315f 100644
--- a/hw/ide/macio.c
+++ b/hw/ide/macio.c
@@ -86,7 +86,7 @@ static void pmac_dma_read(BlockBackend *blk,
MACIO_DPRINTF("--- DMA unaligned head: sector %" PRId64 ", "
"discarding %zu bytes\n", sector_num, head_bytes);
- qemu_iovec_add(&io->iov, &io->remainder, head_bytes);
+ qemu_iovec_add(&io->iov, &io->head_remainder, head_bytes);
bytes += offset & (align - 1);
offset = offset & ~(align - 1);
@@ -100,7 +100,7 @@ static void pmac_dma_read(BlockBackend *blk,
MACIO_DPRINTF("--- DMA unaligned tail: sector %" PRId64 ", "
"discarding bytes %zu\n", sector_num, tail_bytes);
- qemu_iovec_add(&io->iov, &io->remainder, align - tail_bytes);
+ qemu_iovec_add(&io->iov, &io->tail_remainder, align - tail_bytes);
bytes = ROUND_UP(bytes, align);
}
@@ -117,7 +117,7 @@ static void pmac_dma_read(BlockBackend *blk,
}
static void pmac_dma_write(BlockBackend *blk,
- int64_t sector_num, int nb_sectors,
+ int64_t offset, int bytes,
void (*cb)(void *opaque, int ret), void *opaque)
{
DBDMA_io *io = opaque;
@@ -125,53 +125,20 @@ static void pmac_dma_write(BlockBackend *blk,
IDEState *s = idebus_active_if(&m->bus);
dma_addr_t dma_addr, dma_len;
void *mem;
- int nsector, remainder;
- int extra = 0;
+ int64_t sector_num;
+ int nsector;
+ uint64_t align = BDRV_SECTOR_SIZE;
+ size_t head_bytes, tail_bytes;
+ bool unaligned_head = false, unaligned_tail = false;
qemu_iovec_destroy(&io->iov);
qemu_iovec_init(&io->iov, io->len / MACIO_PAGE_SIZE + 1);
- if (io->remainder_len > 0) {
- /* Return remainder of request */
- int transfer = MIN(io->remainder_len, io->len);
-
- MACIO_DPRINTF("--- processing write remainder %x\n", transfer);
- cpu_physical_memory_read(io->addr,
- &io->remainder + (0x200 - transfer),
- transfer);
-
- io->remainder_len -= transfer;
- io->len -= transfer;
- io->addr += transfer;
-
- s->io_buffer_index += transfer;
- s->io_buffer_size -= transfer;
-
- if (io->remainder_len != 0) {
- /* Still waiting for remainder */
- return;
- }
-
- MACIO_DPRINTF("--> prepending bounce buffer with size 0x200\n");
-
- /* Sector transfer complete - prepend to request */
- qemu_iovec_add(&io->iov, &io->remainder, 0x200);
- extra = 1;
- }
-
- if (s->drive_kind == IDE_CD) {
- sector_num = (int64_t)(s->lba << 2) + (s->io_buffer_index >> 9);
- } else {
- sector_num = ide_get_sector(s) + (s->io_buffer_index >> 9);
- }
-
+ sector_num = (offset >> 9);
nsector = (io->len >> 9);
- remainder = io->len - (nsector << 9);
- MACIO_DPRINTF("--- DMA write transfer - addr: %" HWADDR_PRIx " len: %x\n",
- io->addr, io->len);
- MACIO_DPRINTF("xxx remainder: %x\n", remainder);
- MACIO_DPRINTF("xxx sector_num: %"PRIx64" nsector: %x\n",
+ MACIO_DPRINTF("--- DMA write transfer (0x%" HWADDR_PRIx ",0x%x): "
+ "sector_num: %" PRId64 ", nsector: %d\n", io->addr, io->len,
sector_num, nsector);
dma_addr = io->addr;
@@ -179,36 +146,59 @@ static void pmac_dma_write(BlockBackend *blk,
mem = dma_memory_map(&address_space_memory, dma_addr, &dma_len,
DMA_DIRECTION_TO_DEVICE);
- if (!remainder) {
- MACIO_DPRINTF("--- DMA write aligned - addr: %" HWADDR_PRIx
- " len: %x\n", io->addr, io->len);
+ if (offset & (align - 1)) {
+ head_bytes = offset & (align - 1);
+ sector_num = ((offset & ~(align - 1)) >> 9);
+
+ MACIO_DPRINTF("--- DMA unaligned head: pre-reading head sector %"
+ PRId64 "\n", sector_num);
+
+ blk_pread(s->blk, (sector_num << 9), &io->head_remainder, align);
+
+ qemu_iovec_add(&io->iov, &io->head_remainder, head_bytes);
qemu_iovec_add(&io->iov, mem, io->len);
- } else {
- /* Write up to last complete sector */
- MACIO_DPRINTF("--- DMA write unaligned - addr: %" HWADDR_PRIx
- " len: %x\n", io->addr, (nsector << 9));
- qemu_iovec_add(&io->iov, mem, (nsector << 9));
- MACIO_DPRINTF("--- DMA write read - bounce addr: %p "
- "remainder_len: %x\n", &io->remainder, remainder);
- cpu_physical_memory_read(io->addr + (nsector << 9), &io->remainder,
- remainder);
+ bytes += offset & (align - 1);
+ offset = offset & ~(align - 1);
+
+ unaligned_head = true;
+ }
+
+ if ((offset + bytes) & (align - 1)) {
+ tail_bytes = (offset + bytes) & (align - 1);
+ sector_num = (((offset + bytes) & ~(align - 1)) >> 9);
+
+ MACIO_DPRINTF("--- DMA unaligned tail: pre-reading tail sector %"
+ PRId64 "\n", sector_num);
- io->remainder_len = 0x200 - remainder;
+ blk_pread(s->blk, (sector_num << 9), &io->tail_remainder, align);
- MACIO_DPRINTF("xxx remainder_len: %x\n", io->remainder_len);
+ if (!unaligned_head) {
+ qemu_iovec_add(&io->iov, mem, io->len);
+ }
+
+ qemu_iovec_add(&io->iov, &io->tail_remainder + tail_bytes,
+ align - tail_bytes);
+
+ bytes = ROUND_UP(bytes, align);
+
+ unaligned_tail = true;
+ }
+
+ if (!unaligned_head && !unaligned_tail) {
+ qemu_iovec_add(&io->iov, mem, io->len);
}
- s->io_buffer_size -= ((nsector + extra) << 9);
- s->io_buffer_index += ((nsector + extra) << 9);
+ s->io_buffer_size -= io->len;
+ s->io_buffer_index += io->len;
io->len = 0;
- MACIO_DPRINTF("--- Block write transfer - sector_num: %"PRIx64" "
- "nsector: %x\n", sector_num, nsector + extra);
+ MACIO_DPRINTF("--- Block write transfer - sector_num: %" PRIx64 " "
+ "nsector: %x\n", (offset >> 9), (bytes >> 9));
- m->aiocb = blk_aio_writev(blk, sector_num, &io->iov, nsector + extra, cb,
- io);
+ m->aiocb = blk_aio_writev(blk, (offset >> 9), &io->iov, (bytes >> 9),
+ cb, io);
}
static void pmac_ide_atapi_transfer_cb(void *opaque, int ret)
@@ -340,7 +330,7 @@ static void pmac_ide_transfer_cb(void *opaque, int ret)
pmac_dma_read(s->blk, offset, io->len, pmac_ide_transfer_cb, io);
break;
case IDE_DMA_WRITE:
- pmac_dma_write(s->blk, sector_num, nsector, pmac_ide_transfer_cb, io);
+ pmac_dma_write(s->blk, offset, io->len, pmac_ide_transfer_cb, io);
break;
case IDE_DMA_TRIM:
MACIO_DPRINTF("TRIM command issued!");
diff --git a/include/hw/ppc/mac_dbdma.h b/include/hw/ppc/mac_dbdma.h
index c580327..7f247fa 100644
--- a/include/hw/ppc/mac_dbdma.h
+++ b/include/hw/ppc/mac_dbdma.h
@@ -40,7 +40,8 @@ struct DBDMA_io {
/* DMA is in progress, don't start another one */
bool processing;
/* unaligned last sector of a request */
- uint8_t remainder[0x200];
+ uint8_t head_remainder[0x200];
+ uint8_t tail_remainder[0x200];
int remainder_len;
QEMUIOVector iov;
};
--
2.1.0
- [Qemu-devel] [PULL 00/12] Ide patches, John Snow, 2015/06/05
- [Qemu-devel] [PULL 01/12] fdc: Rename fdctrl_reset_fifo() to fdctrl_to_command_phase(), John Snow, 2015/06/05
- [Qemu-devel] [PULL 02/12] fdc: Rename fdctrl_set_fifo() to fdctrl_to_result_phase(), John Snow, 2015/06/05
- [Qemu-devel] [PULL 05/12] fdc: Code cleanup in fdctrl_write_data(), John Snow, 2015/06/05
- [Qemu-devel] [PULL 07/12] fdc: Fix MSR.RQM flag, John Snow, 2015/06/05
- [Qemu-devel] [PULL 10/12] macio: switch pmac_dma_write() over to new offset/len implementation,
John Snow <=
- [Qemu-devel] [PULL 09/12] macio: switch pmac_dma_read() over to new offset/len implementation, John Snow, 2015/06/05
- [Qemu-devel] [PULL 03/12] fdc: Introduce fdctrl->phase, John Snow, 2015/06/05
- [Qemu-devel] [PULL 11/12] macio: update comment/constants to reflect the new code, John Snow, 2015/06/05
- [Qemu-devel] [PULL 04/12] fdc: Use phase in fdctrl_write_data(), John Snow, 2015/06/05
- [Qemu-devel] [PULL 06/12] fdc: Disentangle phases in fdctrl_read_data(), John Snow, 2015/06/05
- [Qemu-devel] [PULL 12/12] macio: remove remainder_len DBDMA_io property, John Snow, 2015/06/05
- [Qemu-devel] [PULL 08/12] fdc-test: Test state for existing cases more thoroughly, John Snow, 2015/06/05
- Re: [Qemu-devel] [PULL 00/12] Ide patches, Peter Maydell, 2015/06/08