macio: switch pmac_dma_write() over to new offset/len implementation

In particular, this fixes a bug whereby chains of overlapping head/tail chains
would incorrectly write over each other's remainder cache. This is the access
pattern used by OS X/Darwin and fixes an issue with a corrupt Darwin
installation in my local tests.

While we are here, rename the DBDMA_io struct property remainder to
head_remainder for clarification.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: John Snow <jsnow@redhat.com>
Message-id: 1433455177-21243-3-git-send-email-mark.cave-ayland@ilande.co.uk
Signed-off-by: John Snow <jsnow@redhat.com>
This commit is contained in:
Mark Cave-Ayland 2015-06-04 22:59:35 +01:00 committed by John Snow
parent 0389b8f8c7
commit ac58fe7b2c
2 changed files with 58 additions and 67 deletions

View File

@ -86,7 +86,7 @@ static void pmac_dma_read(BlockBackend *blk,
MACIO_DPRINTF("--- DMA unaligned head: sector %" PRId64 ", " MACIO_DPRINTF("--- DMA unaligned head: sector %" PRId64 ", "
"discarding %zu bytes\n", sector_num, head_bytes); "discarding %zu bytes\n", sector_num, head_bytes);
qemu_iovec_add(&io->iov, &io->remainder, head_bytes); qemu_iovec_add(&io->iov, &io->head_remainder, head_bytes);
bytes += offset & (align - 1); bytes += offset & (align - 1);
offset = offset & ~(align - 1); offset = offset & ~(align - 1);
@ -100,7 +100,7 @@ static void pmac_dma_read(BlockBackend *blk,
MACIO_DPRINTF("--- DMA unaligned tail: sector %" PRId64 ", " MACIO_DPRINTF("--- DMA unaligned tail: sector %" PRId64 ", "
"discarding bytes %zu\n", sector_num, tail_bytes); "discarding bytes %zu\n", sector_num, tail_bytes);
qemu_iovec_add(&io->iov, &io->remainder, align - tail_bytes); qemu_iovec_add(&io->iov, &io->tail_remainder, align - tail_bytes);
bytes = ROUND_UP(bytes, align); bytes = ROUND_UP(bytes, align);
} }
@ -117,7 +117,7 @@ static void pmac_dma_read(BlockBackend *blk,
} }
static void pmac_dma_write(BlockBackend *blk, static void pmac_dma_write(BlockBackend *blk,
int64_t sector_num, int nb_sectors, int64_t offset, int bytes,
void (*cb)(void *opaque, int ret), void *opaque) void (*cb)(void *opaque, int ret), void *opaque)
{ {
DBDMA_io *io = opaque; DBDMA_io *io = opaque;
@ -125,53 +125,20 @@ static void pmac_dma_write(BlockBackend *blk,
IDEState *s = idebus_active_if(&m->bus); IDEState *s = idebus_active_if(&m->bus);
dma_addr_t dma_addr, dma_len; dma_addr_t dma_addr, dma_len;
void *mem; void *mem;
int nsector, remainder; int64_t sector_num;
int extra = 0; int nsector;
uint64_t align = BDRV_SECTOR_SIZE;
size_t head_bytes, tail_bytes;
bool unaligned_head = false, unaligned_tail = false;
qemu_iovec_destroy(&io->iov); qemu_iovec_destroy(&io->iov);
qemu_iovec_init(&io->iov, io->len / MACIO_PAGE_SIZE + 1); qemu_iovec_init(&io->iov, io->len / MACIO_PAGE_SIZE + 1);
if (io->remainder_len > 0) { sector_num = (offset >> 9);
/* Return remainder of request */
int transfer = MIN(io->remainder_len, io->len);
MACIO_DPRINTF("--- processing write remainder %x\n", transfer);
cpu_physical_memory_read(io->addr,
&io->remainder + (0x200 - transfer),
transfer);
io->remainder_len -= transfer;
io->len -= transfer;
io->addr += transfer;
s->io_buffer_index += transfer;
s->io_buffer_size -= transfer;
if (io->remainder_len != 0) {
/* Still waiting for remainder */
return;
}
MACIO_DPRINTF("--> prepending bounce buffer with size 0x200\n");
/* Sector transfer complete - prepend to request */
qemu_iovec_add(&io->iov, &io->remainder, 0x200);
extra = 1;
}
if (s->drive_kind == IDE_CD) {
sector_num = (int64_t)(s->lba << 2) + (s->io_buffer_index >> 9);
} else {
sector_num = ide_get_sector(s) + (s->io_buffer_index >> 9);
}
nsector = (io->len >> 9); nsector = (io->len >> 9);
remainder = io->len - (nsector << 9);
MACIO_DPRINTF("--- DMA write transfer - addr: %" HWADDR_PRIx " len: %x\n", MACIO_DPRINTF("--- DMA write transfer (0x%" HWADDR_PRIx ",0x%x): "
io->addr, io->len); "sector_num: %" PRId64 ", nsector: %d\n", io->addr, io->len,
MACIO_DPRINTF("xxx remainder: %x\n", remainder);
MACIO_DPRINTF("xxx sector_num: %"PRIx64" nsector: %x\n",
sector_num, nsector); sector_num, nsector);
dma_addr = io->addr; dma_addr = io->addr;
@ -179,36 +146,59 @@ static void pmac_dma_write(BlockBackend *blk,
mem = dma_memory_map(&address_space_memory, dma_addr, &dma_len, mem = dma_memory_map(&address_space_memory, dma_addr, &dma_len,
DMA_DIRECTION_TO_DEVICE); DMA_DIRECTION_TO_DEVICE);
if (!remainder) { if (offset & (align - 1)) {
MACIO_DPRINTF("--- DMA write aligned - addr: %" HWADDR_PRIx head_bytes = offset & (align - 1);
" len: %x\n", io->addr, io->len); sector_num = ((offset & ~(align - 1)) >> 9);
MACIO_DPRINTF("--- DMA unaligned head: pre-reading head sector %"
PRId64 "\n", sector_num);
blk_pread(s->blk, (sector_num << 9), &io->head_remainder, align);
qemu_iovec_add(&io->iov, &io->head_remainder, head_bytes);
qemu_iovec_add(&io->iov, mem, io->len); qemu_iovec_add(&io->iov, mem, io->len);
} else {
/* Write up to last complete sector */
MACIO_DPRINTF("--- DMA write unaligned - addr: %" HWADDR_PRIx
" len: %x\n", io->addr, (nsector << 9));
qemu_iovec_add(&io->iov, mem, (nsector << 9));
MACIO_DPRINTF("--- DMA write read - bounce addr: %p " bytes += offset & (align - 1);
"remainder_len: %x\n", &io->remainder, remainder); offset = offset & ~(align - 1);
cpu_physical_memory_read(io->addr + (nsector << 9), &io->remainder,
remainder);
io->remainder_len = 0x200 - remainder; unaligned_head = true;
MACIO_DPRINTF("xxx remainder_len: %x\n", io->remainder_len);
} }
s->io_buffer_size -= ((nsector + extra) << 9); if ((offset + bytes) & (align - 1)) {
s->io_buffer_index += ((nsector + extra) << 9); tail_bytes = (offset + bytes) & (align - 1);
sector_num = (((offset + bytes) & ~(align - 1)) >> 9);
MACIO_DPRINTF("--- DMA unaligned tail: pre-reading tail sector %"
PRId64 "\n", sector_num);
blk_pread(s->blk, (sector_num << 9), &io->tail_remainder, align);
if (!unaligned_head) {
qemu_iovec_add(&io->iov, mem, io->len);
}
qemu_iovec_add(&io->iov, &io->tail_remainder + tail_bytes,
align - tail_bytes);
bytes = ROUND_UP(bytes, align);
unaligned_tail = true;
}
if (!unaligned_head && !unaligned_tail) {
qemu_iovec_add(&io->iov, mem, io->len);
}
s->io_buffer_size -= io->len;
s->io_buffer_index += io->len;
io->len = 0; io->len = 0;
MACIO_DPRINTF("--- Block write transfer - sector_num: %" PRIx64 " " MACIO_DPRINTF("--- Block write transfer - sector_num: %" PRIx64 " "
"nsector: %x\n", sector_num, nsector + extra); "nsector: %x\n", (offset >> 9), (bytes >> 9));
m->aiocb = blk_aio_writev(blk, sector_num, &io->iov, nsector + extra, cb, m->aiocb = blk_aio_writev(blk, (offset >> 9), &io->iov, (bytes >> 9),
io); cb, io);
} }
static void pmac_ide_atapi_transfer_cb(void *opaque, int ret) static void pmac_ide_atapi_transfer_cb(void *opaque, int ret)
@ -340,7 +330,7 @@ static void pmac_ide_transfer_cb(void *opaque, int ret)
pmac_dma_read(s->blk, offset, io->len, pmac_ide_transfer_cb, io); pmac_dma_read(s->blk, offset, io->len, pmac_ide_transfer_cb, io);
break; break;
case IDE_DMA_WRITE: case IDE_DMA_WRITE:
pmac_dma_write(s->blk, sector_num, nsector, pmac_ide_transfer_cb, io); pmac_dma_write(s->blk, offset, io->len, pmac_ide_transfer_cb, io);
break; break;
case IDE_DMA_TRIM: case IDE_DMA_TRIM:
MACIO_DPRINTF("TRIM command issued!"); MACIO_DPRINTF("TRIM command issued!");

View File

@ -40,7 +40,8 @@ struct DBDMA_io {
/* DMA is in progress, don't start another one */ /* DMA is in progress, don't start another one */
bool processing; bool processing;
/* unaligned last sector of a request */ /* unaligned last sector of a request */
uint8_t remainder[0x200]; uint8_t head_remainder[0x200];
uint8_t tail_remainder[0x200];
int remainder_len; int remainder_len;
QEMUIOVector iov; QEMUIOVector iov;
}; };