ahci: Fix non-NCQ accesses for LBA > 16bits

Submitted by Alexander Graf on May 19, 2011, 9:57 a.m.

Details

Message ID 1305799029-19093-1-git-send-email-agraf@suse.de
State New
Headers show

Commit Message

Alexander Graf May 19, 2011, 9:57 a.m.
AHCI provides two ways of reading/writing data:

 1) NCQ
 2) ATA commands with the LBA in the command FIS

In the second code path, we didn't handle any LBAs that were bigger than
16 bits, so whenever a guest that used high LBA numbers wanted to access
data, the LBA got truncated down to 16 bits, giving the guest garbage.

This patch adds support for LBAs higher than 16 bits. I've tested that it
works just fine with SeaBIOS and Linux guests. This patch also unbreaks
the often reported grub errors people have seen with AHCI.

Signed-off-by: Alexander Graf <agraf@suse.de>

---

v1 -> v2:

  - document fis bytes
---
 hw/ide/ahci.c |   27 +++++++++++++++++++++++++--
 1 files changed, 25 insertions(+), 2 deletions(-)

Comments

Kevin Wolf May 19, 2011, 10:09 a.m.
Am 19.05.2011 11:57, schrieb Alexander Graf:
> AHCI provides two ways of reading/writing data:
> 
>  1) NCQ
>  2) ATA commands with the LBA in the command FIS
> 
> In the second code path, we didn't handle any LBAs that were bigger than
> 16 bits, so whenever a guest that used high LBA numbers wanted to access
> data, the LBA got truncated down to 16 bits, giving the guest garbage.
> 
> This patch adds support for LBAs higher than 16 bits. I've tested that it
> works just fine with SeaBIOS and Linux guests. This patch also unbreaks
> the often reported grub errors people have seen with AHCI.
> 
> Signed-off-by: Alexander Graf <agraf@suse.de>
> 
> ---
> 
> v1 -> v2:
> 
>   - document fis bytes

Thanks, applied to the block branch.

Kevin

Patch hide | download patch | download mbox

diff --git a/hw/ide/ahci.c b/hw/ide/ahci.c
index c6e0c77..db20aae 100644
--- a/hw/ide/ahci.c
+++ b/hw/ide/ahci.c
@@ -884,8 +884,31 @@  static int handle_cmd(AHCIState *s, int port, int slot)
         }
 
         if (ide_state->drive_kind != IDE_CD) {
-            ide_set_sector(ide_state, (cmd_fis[6] << 16) | (cmd_fis[5] << 8) |
-                           cmd_fis[4]);
+            /*
+             * We set the sector depending on the sector defined in the FIS.
+             * Unfortunately, the spec isn't exactly obvious on this one.
+             *
+             * Apparently LBA48 commands set fis bytes 10,9,8,6,5,4 to the
+             * 48 bit sector number. ATA_CMD_READ_DMA_EXT is an example for
+             * such a command.
+             *
+             * Non-LBA48 commands however use 7[lower 4 bits],6,5,4 to define a
+             * 28-bit sector number. ATA_CMD_READ_DMA is an example for such
+             * a command.
+             *
+             * Since the spec doesn't explicitly state what each field should
+             * do, I simply assume non-used fields as reserved and OR everything
+             * together, independent of the command.
+             */
+            ide_set_sector(ide_state, ((uint64_t)cmd_fis[10] << 40)
+                                    | ((uint64_t)cmd_fis[9] << 32)
+                                    /* This is used for LBA48 commands */
+                                    | ((uint64_t)cmd_fis[8] << 24)
+                                    /* This is used for non-LBA48 commands */
+                                    | ((uint64_t)(cmd_fis[7] & 0xf) << 24)
+                                    | ((uint64_t)cmd_fis[6] << 16)
+                                    | ((uint64_t)cmd_fis[5] << 8)
+                                    | cmd_fis[4]);
         }
 
         /* Copy the ACMD field (ATAPI packet, if any) from the AHCI command