From: John Snow <jsnow@redhat.com>
To: Markus Armbruster <armbru@redhat.com>
Cc: kwolf@redhat.com, pbonzini@redhat.com, qemu-devel@nongnu.org,
stefanha@redhat.com, mst@redhat.com
Subject: Re: [Qemu-devel] [PATCH 1/6] ahci: Correct PIO/D2H FIS responses
Date: Mon, 27 Oct 2014 11:43:16 -0400 [thread overview]
Message-ID: <544E6814.5030803@redhat.com> (raw)
In-Reply-To: <87ioj5c0xz.fsf@blackfin.pond.sub.org>
On 10/27/2014 05:32 AM, Markus Armbruster wrote:
> John Snow <jsnow@redhat.com> writes:
>
>> Currently, the D2H FIS packets AHCI generates simply parrot back
>> the LBA that the guest sent to us in the cmd_fis. However, some
>> commands (like READ NATIVE MAX) modify the LBA registers as a
>> return value, through which the AHCI D2H FIS is the only response
>> mechanism. Thus, the D2H response should use the current register
>> values, not the initial ones.
>>
>> This patch adjusts the LBA and drive select register responses for
>> PIO Setup and D2H FIS response packets.
>>
>> Additionally, the PIO and D2H FIS responses copy too many bytes
>> from the command FIS that it is being generated from. Specifically,
>> byte 11 which is the Features(15:8) field for Register Host to
>> Device FIS packets, is instead reserved for the PIO Setup FIS and
>> should always be 0.
>
> Ignorant q: is this based on observation or some specification? If
> specification: where can I find a copy?
>
Not ignorant. I do all kinds of crazy things. It's based off an
interpretation of the specification and an observation.
Specification: The SATA specification defines the FIS responses to
commands via the Register Device to Host FIS. See Sata 3.2 section
10.5.6 "Register Device to Host FIS"
The fields of this packet are defined as things like:
"LBA(7:0) - Contains the *new value* of the LBA low register of the
Shadow Register Block." (emphasis mine.) Many other registers are
defined similarly. All six LBA registers, Device, Error, Count, and so on.
Implying that instead of returning back what the Host-To-Device FIS set,
we are returning what it is currently (the "new value" after the command
was run.)
The observation: READ_NATIVE_MAX_ADDRESS is a non-data command, so it
performs no PIO or DMA actions on the IDE device. It will only return,
in the case of the AHCI controller, an FIS packet. If the FIS packet
returns (for example) the LBA registers that the user sent, there is no
mechanism by which the host can actually /receive/ the native max address.
Therefore, I interpret the specification to imply that the response FIS
after successful completion of a command should return the new, current
values of the IDE registers, and not simply parrot back what the user
sent. It's a synchronization mechanism between the device and the host.
For further specification... READ_NATIVE_MAX_ADDRESS is deprecated in
AC3, but we can look at ATA8-ACS revision 4a, which is pretty clear
about the line response to this command:
Section 7.33 READ NATIVE MAX ADDRESS - F8h, Non-data, subsection 7.33.4
"Normal Outputs":
"See table 96. LBA contains the Native Max Address. Bits 47:28 of LBA
shall be cleared to zero."
Table 96 - "HPA Normal Output" Specifies the line output for this
command. Error, Count, LBA, Device, Status. These line outputs are for
sure the information that is bundled up into the D2H FIS.
On this basis, then, is the reasoning behind this patch.
next prev parent reply other threads:[~2014-10-27 15:43 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-01 22:55 [Qemu-devel] [PATCH 0/6] AHCI Device Fixes John Snow
2014-10-01 22:55 ` [Qemu-devel] [PATCH 1/6] ahci: Correct PIO/D2H FIS responses John Snow
2014-10-27 9:32 ` Markus Armbruster
2014-10-27 15:43 ` John Snow [this message]
2014-10-27 15:59 ` Markus Armbruster
2014-10-01 22:55 ` [Qemu-devel] [PATCH 2/6] ahci: Update byte count after DMA completion John Snow
2014-10-01 22:55 ` [Qemu-devel] [PATCH 3/6] ide: repair PIO transfers for cases where nsector > 1 John Snow
2014-10-01 22:55 ` [Qemu-devel] [PATCH 4/6] ahci: unify sglist preparation John Snow
2014-10-01 22:55 ` [Qemu-devel] [PATCH 5/6] ide: Correct handling of malformed/short PRDTs John Snow
2014-10-27 10:06 ` Paolo Bonzini
2014-10-27 18:30 ` John Snow
2014-10-01 22:55 ` [Qemu-devel] [PATCH 6/6] ahci: Fix SDB FIS Construction John Snow
2014-10-16 9:36 ` [Qemu-devel] [PATCH 0/6] AHCI Device Fixes John Snow
2014-10-25 20:03 ` Michael S. Tsirkin
2014-10-27 10:07 ` Paolo Bonzini
2014-10-28 13:51 ` Stefan Hajnoczi
2014-10-28 23:54 ` John Snow
2014-10-29 0:03 ` Paolo Bonzini
2014-10-29 0:06 ` John Snow
2014-10-29 0:27 ` Paolo Bonzini
2014-10-29 1:28 ` John Snow
2014-10-29 8:58 ` Paolo Bonzini
2014-10-30 10:52 ` Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=544E6814.5030803@redhat.com \
--to=jsnow@redhat.com \
--cc=armbru@redhat.com \
--cc=kwolf@redhat.com \
--cc=mst@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).