search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
mips_mipssim: convert to memory API
[qemu.git] / hw / scsi-disk.c
blob4a60820b18c14941a442b1aa48bdbeffd0fef1ba
1 /*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
14 *
15 * This code is licensed under the LGPL.
16 *
17 * Note that this file only handles the SCSI architecture model and device
18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
20 */
21
22 //#define DEBUG_SCSI
23
24 #ifdef DEBUG_SCSI
25 #define DPRINTF(fmt, ...) \
26 do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
27 #else
28 #define DPRINTF(fmt, ...) do {} while(0)
29 #endif
30
31 #define BADF(fmt, ...) \
32 do { fprintf(stderr, "scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
33
34 #include "qemu-common.h"
35 #include "qemu-error.h"
36 #include "scsi.h"
37 #include "scsi-defs.h"
38 #include "sysemu.h"
39 #include "blockdev.h"
40 #include "block_int.h"
41
42 #define SCSI_DMA_BUF_SIZE 131072
43 #define SCSI_MAX_INQUIRY_LEN 256
44
45 #define SCSI_REQ_STATUS_RETRY 0x01
46 #define SCSI_REQ_STATUS_RETRY_TYPE_MASK 0x06
47 #define SCSI_REQ_STATUS_RETRY_READ 0x00
48 #define SCSI_REQ_STATUS_RETRY_WRITE 0x02
49 #define SCSI_REQ_STATUS_RETRY_FLUSH 0x04
50
51 typedef struct SCSIDiskState SCSIDiskState;
52
53 typedef struct SCSIDiskReq {
54 SCSIRequest req;
55 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
56 uint64_t sector;
57 uint32_t sector_count;
58 struct iovec iov;
59 QEMUIOVector qiov;
60 uint32_t status;
61 BlockAcctCookie acct;
62 } SCSIDiskReq;
63
64 struct SCSIDiskState
65 {
66 SCSIDevice qdev;
67 BlockDriverState *bs;
68 /* The qemu block layer uses a fixed 512 byte sector size.
69 This is the number of 512 byte blocks in a single scsi sector. */
70 int cluster_size;
71 uint32_t removable;
72 uint64_t max_lba;
73 QEMUBH *bh;
74 char *version;
75 char *serial;
76 bool tray_open;
77 bool tray_locked;
78 };
79
80 static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type);
81 static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf);
82
83 static void scsi_free_request(SCSIRequest *req)
84 {
85 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
86
87 qemu_vfree(r->iov.iov_base);
88 }
89
90 /* Helper function for command completion with sense. */
91 static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
92 {
93 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n",
94 r->req.tag, sense.key, sense.asc, sense.ascq);
95 scsi_req_build_sense(&r->req, sense);
96 scsi_req_complete(&r->req, CHECK_CONDITION);
97 }
98
99 /* Cancel a pending data transfer. */
100 static void scsi_cancel_io(SCSIRequest *req)
101 {
102 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
103
104 DPRINTF("Cancel tag=0x%x\n", req->tag);
105 if (r->req.aiocb) {
106 bdrv_aio_cancel(r->req.aiocb);
107 }
108 r->req.aiocb = NULL;
109 }
110
111 static void scsi_read_complete(void * opaque, int ret)
112 {
113 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
114 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
115 int n;
116
117 if (r->req.aiocb != NULL) {
118 r->req.aiocb = NULL;
119 bdrv_acct_done(s->bs, &r->acct);
120 }
121
122 if (ret) {
123 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_READ)) {
124 return;
125 }
126 }
127
128 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->iov.iov_len);
129
130 n = r->iov.iov_len / 512;
131 r->sector += n;
132 r->sector_count -= n;
133 scsi_req_data(&r->req, r->iov.iov_len);
134 }
135
136 static void scsi_flush_complete(void * opaque, int ret)
137 {
138 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
139 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
140
141 if (r->req.aiocb != NULL) {
142 r->req.aiocb = NULL;
143 bdrv_acct_done(s->bs, &r->acct);
144 }
145
146 if (ret < 0) {
147 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_FLUSH)) {
148 return;
149 }
150 }
151
152 scsi_req_complete(&r->req, GOOD);
153 }
154
155 /* Read more data from scsi device into buffer. */
156 static void scsi_read_data(SCSIRequest *req)
157 {
158 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
159 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
160 uint32_t n;
161
162 if (r->sector_count == (uint32_t)-1) {
163 DPRINTF("Read buf_len=%zd\n", r->iov.iov_len);
164 r->sector_count = 0;
165 scsi_req_data(&r->req, r->iov.iov_len);
166 return;
167 }
168 DPRINTF("Read sector_count=%d\n", r->sector_count);
169 if (r->sector_count == 0) {
170 /* This also clears the sense buffer for REQUEST SENSE. */
171 scsi_req_complete(&r->req, GOOD);
172 return;
173 }
174
175 /* No data transfer may already be in progress */
176 assert(r->req.aiocb == NULL);
177
178 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
179 DPRINTF("Data transfer direction invalid\n");
180 scsi_read_complete(r, -EINVAL);
181 return;
182 }
183
184 n = r->sector_count;
185 if (n > SCSI_DMA_BUF_SIZE / 512)
186 n = SCSI_DMA_BUF_SIZE / 512;
187
188 if (s->tray_open) {
189 scsi_read_complete(r, -ENOMEDIUM);
190 }
191 r->iov.iov_len = n * 512;
192 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
193
194 bdrv_acct_start(s->bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
195 r->req.aiocb = bdrv_aio_readv(s->bs, r->sector, &r->qiov, n,
196 scsi_read_complete, r);
197 if (r->req.aiocb == NULL) {
198 scsi_read_complete(r, -EIO);
199 }
200 }
201
202 static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type)
203 {
204 int is_read = (type == SCSI_REQ_STATUS_RETRY_READ);
205 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
206 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
207
208 if (action == BLOCK_ERR_IGNORE) {
209 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
210 return 0;
211 }
212
213 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
214 || action == BLOCK_ERR_STOP_ANY) {
215
216 type &= SCSI_REQ_STATUS_RETRY_TYPE_MASK;
217 r->status |= SCSI_REQ_STATUS_RETRY | type;
218
219 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
220 vm_stop(VMSTOP_DISKFULL);
221 } else {
222 switch (error) {
223 case ENOMEM:
224 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
225 break;
226 case EINVAL:
227 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
228 break;
229 default:
230 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
231 break;
232 }
233 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
234 }
235 return 1;
236 }
237
238 static void scsi_write_complete(void * opaque, int ret)
239 {
240 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
241 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
242 uint32_t len;
243 uint32_t n;
244
245 if (r->req.aiocb != NULL) {
246 r->req.aiocb = NULL;
247 bdrv_acct_done(s->bs, &r->acct);
248 }
249
250 if (ret) {
251 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_WRITE)) {
252 return;
253 }
254 }
255
256 n = r->iov.iov_len / 512;
257 r->sector += n;
258 r->sector_count -= n;
259 if (r->sector_count == 0) {
260 scsi_req_complete(&r->req, GOOD);
261 } else {
262 len = r->sector_count * 512;
263 if (len > SCSI_DMA_BUF_SIZE) {
264 len = SCSI_DMA_BUF_SIZE;
265 }
266 r->iov.iov_len = len;
267 DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, len);
268 scsi_req_data(&r->req, len);
269 }
270 }
271
272 static void scsi_write_data(SCSIRequest *req)
273 {
274 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
275 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
276 uint32_t n;
277
278 /* No data transfer may already be in progress */
279 assert(r->req.aiocb == NULL);
280
281 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
282 DPRINTF("Data transfer direction invalid\n");
283 scsi_write_complete(r, -EINVAL);
284 return;
285 }
286
287 n = r->iov.iov_len / 512;
288 if (n) {
289 if (s->tray_open) {
290 scsi_write_complete(r, -ENOMEDIUM);
291 }
292 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
293
294 bdrv_acct_start(s->bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_WRITE);
295 r->req.aiocb = bdrv_aio_writev(s->bs, r->sector, &r->qiov, n,
296 scsi_write_complete, r);
297 if (r->req.aiocb == NULL) {
298 scsi_write_complete(r, -ENOMEM);
299 }
300 } else {
301 /* Invoke completion routine to fetch data from host. */
302 scsi_write_complete(r, 0);
303 }
304 }
305
306 static void scsi_dma_restart_bh(void *opaque)
307 {
308 SCSIDiskState *s = opaque;
309 SCSIRequest *req;
310 SCSIDiskReq *r;
311
312 qemu_bh_delete(s->bh);
313 s->bh = NULL;
314
315 QTAILQ_FOREACH(req, &s->qdev.requests, next) {
316 r = DO_UPCAST(SCSIDiskReq, req, req);
317 if (r->status & SCSI_REQ_STATUS_RETRY) {
318 int status = r->status;
319 int ret;
320
321 r->status &=
322 ~(SCSI_REQ_STATUS_RETRY | SCSI_REQ_STATUS_RETRY_TYPE_MASK);
323
324 switch (status & SCSI_REQ_STATUS_RETRY_TYPE_MASK) {
325 case SCSI_REQ_STATUS_RETRY_READ:
326 scsi_read_data(&r->req);
327 break;
328 case SCSI_REQ_STATUS_RETRY_WRITE:
329 scsi_write_data(&r->req);
330 break;
331 case SCSI_REQ_STATUS_RETRY_FLUSH:
332 ret = scsi_disk_emulate_command(r, r->iov.iov_base);
333 if (ret == 0) {
334 scsi_req_complete(&r->req, GOOD);
335 }
336 }
337 }
338 }
339 }
340
341 static void scsi_dma_restart_cb(void *opaque, int running, int reason)
342 {
343 SCSIDiskState *s = opaque;
344
345 if (!running)
346 return;
347
348 if (!s->bh) {
349 s->bh = qemu_bh_new(scsi_dma_restart_bh, s);
350 qemu_bh_schedule(s->bh);
351 }
352 }
353
354 /* Return a pointer to the data buffer. */
355 static uint8_t *scsi_get_buf(SCSIRequest *req)
356 {
357 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
358
359 return (uint8_t *)r->iov.iov_base;
360 }
361
362 static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
363 {
364 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
365 int buflen = 0;
366
367 if (req->cmd.buf[1] & 0x2) {
368 /* Command support data - optional, not implemented */
369 BADF("optional INQUIRY command support request not implemented\n");
370 return -1;
371 }
372
373 if (req->cmd.buf[1] & 0x1) {
374 /* Vital product data */
375 uint8_t page_code = req->cmd.buf[2];
376 if (req->cmd.xfer < 4) {
377 BADF("Error: Inquiry (EVPD[%02X]) buffer size %zd is "
378 "less than 4\n", page_code, req->cmd.xfer);
379 return -1;
380 }
381
382 if (s->qdev.type == TYPE_ROM) {
383 outbuf[buflen++] = 5;
384 } else {
385 outbuf[buflen++] = 0;
386 }
387 outbuf[buflen++] = page_code ; // this page
388 outbuf[buflen++] = 0x00;
389
390 switch (page_code) {
391 case 0x00: /* Supported page codes, mandatory */
392 {
393 int pages;
394 DPRINTF("Inquiry EVPD[Supported pages] "
395 "buffer size %zd\n", req->cmd.xfer);
396 pages = buflen++;
397 outbuf[buflen++] = 0x00; // list of supported pages (this page)
398 if (s->serial)
399 outbuf[buflen++] = 0x80; // unit serial number
400 outbuf[buflen++] = 0x83; // device identification
401 if (s->qdev.type == TYPE_DISK) {
402 outbuf[buflen++] = 0xb0; // block limits
403 outbuf[buflen++] = 0xb2; // thin provisioning
404 }
405 outbuf[pages] = buflen - pages - 1; // number of pages
406 break;
407 }
408 case 0x80: /* Device serial number, optional */
409 {
410 int l;
411
412 if (!s->serial) {
413 DPRINTF("Inquiry (EVPD[Serial number] not supported\n");
414 return -1;
415 }
416
417 l = strlen(s->serial);
418 if (l > req->cmd.xfer)
419 l = req->cmd.xfer;
420 if (l > 20)
421 l = 20;
422
423 DPRINTF("Inquiry EVPD[Serial number] "
424 "buffer size %zd\n", req->cmd.xfer);
425 outbuf[buflen++] = l;
426 memcpy(outbuf+buflen, s->serial, l);
427 buflen += l;
428 break;
429 }
430
431 case 0x83: /* Device identification page, mandatory */
432 {
433 int max_len = 255 - 8;
434 int id_len = strlen(bdrv_get_device_name(s->bs));
435
436 if (id_len > max_len)
437 id_len = max_len;
438 DPRINTF("Inquiry EVPD[Device identification] "
439 "buffer size %zd\n", req->cmd.xfer);
440
441 outbuf[buflen++] = 4 + id_len;
442 outbuf[buflen++] = 0x2; // ASCII
443 outbuf[buflen++] = 0; // not officially assigned
444 outbuf[buflen++] = 0; // reserved
445 outbuf[buflen++] = id_len; // length of data following
446
447 memcpy(outbuf+buflen, bdrv_get_device_name(s->bs), id_len);
448 buflen += id_len;
449 break;
450 }
451 case 0xb0: /* block limits */
452 {
453 unsigned int unmap_sectors =
454 s->qdev.conf.discard_granularity / s->qdev.blocksize;
455 unsigned int min_io_size =
456 s->qdev.conf.min_io_size / s->qdev.blocksize;
457 unsigned int opt_io_size =
458 s->qdev.conf.opt_io_size / s->qdev.blocksize;
459
460 if (s->qdev.type == TYPE_ROM) {
461 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
462 page_code);
463 return -1;
464 }
465 /* required VPD size with unmap support */
466 outbuf[3] = buflen = 0x3c;
467
468 memset(outbuf + 4, 0, buflen - 4);
469
470 /* optimal transfer length granularity */
471 outbuf[6] = (min_io_size >> 8) & 0xff;
472 outbuf[7] = min_io_size & 0xff;
473
474 /* optimal transfer length */
475 outbuf[12] = (opt_io_size >> 24) & 0xff;
476 outbuf[13] = (opt_io_size >> 16) & 0xff;
477 outbuf[14] = (opt_io_size >> 8) & 0xff;
478 outbuf[15] = opt_io_size & 0xff;
479
480 /* optimal unmap granularity */
481 outbuf[28] = (unmap_sectors >> 24) & 0xff;
482 outbuf[29] = (unmap_sectors >> 16) & 0xff;
483 outbuf[30] = (unmap_sectors >> 8) & 0xff;
484 outbuf[31] = unmap_sectors & 0xff;
485 break;
486 }
487 case 0xb2: /* thin provisioning */
488 {
489 outbuf[3] = buflen = 8;
490 outbuf[4] = 0;
491 outbuf[5] = 0x40; /* write same with unmap supported */
492 outbuf[6] = 0;
493 outbuf[7] = 0;
494 break;
495 }
496 default:
497 BADF("Error: unsupported Inquiry (EVPD[%02X]) "
498 "buffer size %zd\n", page_code, req->cmd.xfer);
499 return -1;
500 }
501 /* done with EVPD */
502 return buflen;
503 }
504
505 /* Standard INQUIRY data */
506 if (req->cmd.buf[2] != 0) {
507 BADF("Error: Inquiry (STANDARD) page or code "
508 "is non-zero [%02X]\n", req->cmd.buf[2]);
509 return -1;
510 }
511
512 /* PAGE CODE == 0 */
513 if (req->cmd.xfer < 5) {
514 BADF("Error: Inquiry (STANDARD) buffer size %zd "
515 "is less than 5\n", req->cmd.xfer);
516 return -1;
517 }
518
519 buflen = req->cmd.xfer;
520 if (buflen > SCSI_MAX_INQUIRY_LEN)
521 buflen = SCSI_MAX_INQUIRY_LEN;
522
523 memset(outbuf, 0, buflen);
524
525 outbuf[0] = s->qdev.type & 0x1f;
526 if (s->qdev.type == TYPE_ROM) {
527 outbuf[1] = 0x80;
528 memcpy(&outbuf[16], "QEMU CD-ROM ", 16);
529 } else {
530 outbuf[1] = s->removable ? 0x80 : 0;
531 memcpy(&outbuf[16], "QEMU HARDDISK ", 16);
532 }
533 memcpy(&outbuf[8], "QEMU ", 8);
534 memset(&outbuf[32], 0, 4);
535 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
536 /*
537 * We claim conformance to SPC-3, which is required for guests
538 * to ask for modern features like READ CAPACITY(16) or the
539 * block characteristics VPD page by default. Not all of SPC-3
540 * is actually implemented, but we're good enough.
541 */
542 outbuf[2] = 5;
543 outbuf[3] = 2; /* Format 2 */
544
545 if (buflen > 36) {
546 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
547 } else {
548 /* If the allocation length of CDB is too small,
549 the additional length is not adjusted */
550 outbuf[4] = 36 - 5;
551 }
552
553 /* Sync data transfer and TCQ. */
554 outbuf[7] = 0x10 | (req->bus->tcq ? 0x02 : 0);
555 return buflen;
556 }
557
558 static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
559 int page_control)
560 {
561 BlockDriverState *bdrv = s->bs;
562 int cylinders, heads, secs;
563 uint8_t *p = *p_outbuf;
564
565 /*
566 * If Changeable Values are requested, a mask denoting those mode parameters
567 * that are changeable shall be returned. As we currently don't support
568 * parameter changes via MODE_SELECT all bits are returned set to zero.
569 * The buffer was already menset to zero by the caller of this function.
570 */
571 switch (page) {
572 case 4: /* Rigid disk device geometry page. */
573 if (s->qdev.type == TYPE_ROM) {
574 return -1;
575 }
576 p[0] = 4;
577 p[1] = 0x16;
578 if (page_control == 1) { /* Changeable Values */
579 break;
580 }
581 /* if a geometry hint is available, use it */
582 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
583 p[2] = (cylinders >> 16) & 0xff;
584 p[3] = (cylinders >> 8) & 0xff;
585 p[4] = cylinders & 0xff;
586 p[5] = heads & 0xff;
587 /* Write precomp start cylinder, disabled */
588 p[6] = (cylinders >> 16) & 0xff;
589 p[7] = (cylinders >> 8) & 0xff;
590 p[8] = cylinders & 0xff;
591 /* Reduced current start cylinder, disabled */
592 p[9] = (cylinders >> 16) & 0xff;
593 p[10] = (cylinders >> 8) & 0xff;
594 p[11] = cylinders & 0xff;
595 /* Device step rate [ns], 200ns */
596 p[12] = 0;
597 p[13] = 200;
598 /* Landing zone cylinder */
599 p[14] = 0xff;
600 p[15] = 0xff;
601 p[16] = 0xff;
602 /* Medium rotation rate [rpm], 5400 rpm */
603 p[20] = (5400 >> 8) & 0xff;
604 p[21] = 5400 & 0xff;
605 break;
606
607 case 5: /* Flexible disk device geometry page. */
608 if (s->qdev.type == TYPE_ROM) {
609 return -1;
610 }
611 p[0] = 5;
612 p[1] = 0x1e;
613 if (page_control == 1) { /* Changeable Values */
614 break;
615 }
616 /* Transfer rate [kbit/s], 5Mbit/s */
617 p[2] = 5000 >> 8;
618 p[3] = 5000 & 0xff;
619 /* if a geometry hint is available, use it */
620 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
621 p[4] = heads & 0xff;
622 p[5] = secs & 0xff;
623 p[6] = s->cluster_size * 2;
624 p[8] = (cylinders >> 8) & 0xff;
625 p[9] = cylinders & 0xff;
626 /* Write precomp start cylinder, disabled */
627 p[10] = (cylinders >> 8) & 0xff;
628 p[11] = cylinders & 0xff;
629 /* Reduced current start cylinder, disabled */
630 p[12] = (cylinders >> 8) & 0xff;
631 p[13] = cylinders & 0xff;
632 /* Device step rate [100us], 100us */
633 p[14] = 0;
634 p[15] = 1;
635 /* Device step pulse width [us], 1us */
636 p[16] = 1;
637 /* Device head settle delay [100us], 100us */
638 p[17] = 0;
639 p[18] = 1;
640 /* Motor on delay [0.1s], 0.1s */
641 p[19] = 1;
642 /* Motor off delay [0.1s], 0.1s */
643 p[20] = 1;
644 /* Medium rotation rate [rpm], 5400 rpm */
645 p[28] = (5400 >> 8) & 0xff;
646 p[29] = 5400 & 0xff;
647 break;
648
649 case 8: /* Caching page. */
650 p[0] = 8;
651 p[1] = 0x12;
652 if (page_control == 1) { /* Changeable Values */
653 break;
654 }
655 if (bdrv_enable_write_cache(s->bs)) {
656 p[2] = 4; /* WCE */
657 }
658 break;
659
660 case 0x2a: /* CD Capabilities and Mechanical Status page. */
661 if (s->qdev.type != TYPE_ROM) {
662 return -1;
663 }
664 p[0] = 0x2a;
665 p[1] = 0x14;
666 if (page_control == 1) { /* Changeable Values */
667 break;
668 }
669 p[2] = 3; // CD-R & CD-RW read
670 p[3] = 0; // Writing not supported
671 p[4] = 0x7f; /* Audio, composite, digital out,
672 mode 2 form 1&2, multi session */
673 p[5] = 0xff; /* CD DA, DA accurate, RW supported,
674 RW corrected, C2 errors, ISRC,
675 UPC, Bar code */
676 p[6] = 0x2d | (s->tray_locked ? 2 : 0);
677 /* Locking supported, jumper present, eject, tray */
678 p[7] = 0; /* no volume & mute control, no
679 changer */
680 p[8] = (50 * 176) >> 8; // 50x read speed
681 p[9] = (50 * 176) & 0xff;
682 p[10] = 0 >> 8; // No volume
683 p[11] = 0 & 0xff;
684 p[12] = 2048 >> 8; // 2M buffer
685 p[13] = 2048 & 0xff;
686 p[14] = (16 * 176) >> 8; // 16x read speed current
687 p[15] = (16 * 176) & 0xff;
688 p[18] = (16 * 176) >> 8; // 16x write speed
689 p[19] = (16 * 176) & 0xff;
690 p[20] = (16 * 176) >> 8; // 16x write speed current
691 p[21] = (16 * 176) & 0xff;
692 break;
693
694 default:
695 return -1;
696 }
697
698 *p_outbuf += p[1] + 2;
699 return p[1] + 2;
700 }
701
702 static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
703 {
704 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
705 uint64_t nb_sectors;
706 int page, dbd, buflen, ret, page_control;
707 uint8_t *p;
708 uint8_t dev_specific_param;
709
710 dbd = r->req.cmd.buf[1] & 0x8;
711 page = r->req.cmd.buf[2] & 0x3f;
712 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
713 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
714 (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control);
715 memset(outbuf, 0, r->req.cmd.xfer);
716 p = outbuf;
717
718 if (bdrv_is_read_only(s->bs)) {
719 dev_specific_param = 0x80; /* Readonly. */
720 } else {
721 dev_specific_param = 0x00;
722 }
723
724 if (r->req.cmd.buf[0] == MODE_SENSE) {
725 p[1] = 0; /* Default media type. */
726 p[2] = dev_specific_param;
727 p[3] = 0; /* Block descriptor length. */
728 p += 4;
729 } else { /* MODE_SENSE_10 */
730 p[2] = 0; /* Default media type. */
731 p[3] = dev_specific_param;
732 p[6] = p[7] = 0; /* Block descriptor length. */
733 p += 8;
734 }
735
736 bdrv_get_geometry(s->bs, &nb_sectors);
737 if (!dbd && nb_sectors) {
738 if (r->req.cmd.buf[0] == MODE_SENSE) {
739 outbuf[3] = 8; /* Block descriptor length */
740 } else { /* MODE_SENSE_10 */
741 outbuf[7] = 8; /* Block descriptor length */
742 }
743 nb_sectors /= s->cluster_size;
744 if (nb_sectors > 0xffffff)
745 nb_sectors = 0;
746 p[0] = 0; /* media density code */
747 p[1] = (nb_sectors >> 16) & 0xff;
748 p[2] = (nb_sectors >> 8) & 0xff;
749 p[3] = nb_sectors & 0xff;
750 p[4] = 0; /* reserved */
751 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
752 p[6] = s->cluster_size * 2;
753 p[7] = 0;
754 p += 8;
755 }
756
757 if (page_control == 3) {
758 /* Saved Values */
759 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
760 return -1;
761 }
762
763 if (page == 0x3f) {
764 for (page = 0; page <= 0x3e; page++) {
765 mode_sense_page(s, page, &p, page_control);
766 }
767 } else {
768 ret = mode_sense_page(s, page, &p, page_control);
769 if (ret == -1) {
770 return -1;
771 }
772 }
773
774 buflen = p - outbuf;
775 /*
776 * The mode data length field specifies the length in bytes of the
777 * following data that is available to be transferred. The mode data
778 * length does not include itself.
779 */
780 if (r->req.cmd.buf[0] == MODE_SENSE) {
781 outbuf[0] = buflen - 1;
782 } else { /* MODE_SENSE_10 */
783 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
784 outbuf[1] = (buflen - 2) & 0xff;
785 }
786 if (buflen > r->req.cmd.xfer)
787 buflen = r->req.cmd.xfer;
788 return buflen;
789 }
790
791 static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
792 {
793 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
794 int start_track, format, msf, toclen;
795 uint64_t nb_sectors;
796
797 msf = req->cmd.buf[1] & 2;
798 format = req->cmd.buf[2] & 0xf;
799 start_track = req->cmd.buf[6];
800 bdrv_get_geometry(s->bs, &nb_sectors);
801 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
802 nb_sectors /= s->cluster_size;
803 switch (format) {
804 case 0:
805 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
806 break;
807 case 1:
808 /* multi session : only a single session defined */
809 toclen = 12;
810 memset(outbuf, 0, 12);
811 outbuf[1] = 0x0a;
812 outbuf[2] = 0x01;
813 outbuf[3] = 0x01;
814 break;
815 case 2:
816 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
817 break;
818 default:
819 return -1;
820 }
821 if (toclen > req->cmd.xfer)
822 toclen = req->cmd.xfer;
823 return toclen;
824 }
825
826 static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
827 {
828 SCSIRequest *req = &r->req;
829 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
830 bool start = req->cmd.buf[4] & 1;
831 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
832
833 if (s->qdev.type == TYPE_ROM && loej) {
834 if (!start && !s->tray_open && s->tray_locked) {
835 scsi_check_condition(r,
836 bdrv_is_inserted(s->bs)
837 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
838 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
839 return -1;
840 }
841 bdrv_eject(s->bs, !start);
842 s->tray_open = !start;
843 }
844 return 0;
845 }
846
847 static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf)
848 {
849 SCSIRequest *req = &r->req;
850 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
851 uint64_t nb_sectors;
852 int buflen = 0;
853
854 switch (req->cmd.buf[0]) {
855 case TEST_UNIT_READY:
856 if (s->tray_open || !bdrv_is_inserted(s->bs))
857 goto not_ready;
858 break;
859 case INQUIRY:
860 buflen = scsi_disk_emulate_inquiry(req, outbuf);
861 if (buflen < 0)
862 goto illegal_request;
863 break;
864 case MODE_SENSE:
865 case MODE_SENSE_10:
866 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
867 if (buflen < 0)
868 goto illegal_request;
869 break;
870 case READ_TOC:
871 buflen = scsi_disk_emulate_read_toc(req, outbuf);
872 if (buflen < 0)
873 goto illegal_request;
874 break;
875 case RESERVE:
876 if (req->cmd.buf[1] & 1)
877 goto illegal_request;
878 break;
879 case RESERVE_10:
880 if (req->cmd.buf[1] & 3)
881 goto illegal_request;
882 break;
883 case RELEASE:
884 if (req->cmd.buf[1] & 1)
885 goto illegal_request;
886 break;
887 case RELEASE_10:
888 if (req->cmd.buf[1] & 3)
889 goto illegal_request;
890 break;
891 case START_STOP:
892 if (scsi_disk_emulate_start_stop(r) < 0) {
893 return -1;
894 }
895 break;
896 case ALLOW_MEDIUM_REMOVAL:
897 s->tray_locked = req->cmd.buf[4] & 1;
898 bdrv_lock_medium(s->bs, req->cmd.buf[4] & 1);
899 break;
900 case READ_CAPACITY_10:
901 /* The normal LEN field for this command is zero. */
902 memset(outbuf, 0, 8);
903 bdrv_get_geometry(s->bs, &nb_sectors);
904 if (!nb_sectors)
905 goto not_ready;
906 nb_sectors /= s->cluster_size;
907 /* Returned value is the address of the last sector. */
908 nb_sectors--;
909 /* Remember the new size for read/write sanity checking. */
910 s->max_lba = nb_sectors;
911 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
912 if (nb_sectors > UINT32_MAX)
913 nb_sectors = UINT32_MAX;
914 outbuf[0] = (nb_sectors >> 24) & 0xff;
915 outbuf[1] = (nb_sectors >> 16) & 0xff;
916 outbuf[2] = (nb_sectors >> 8) & 0xff;
917 outbuf[3] = nb_sectors & 0xff;
918 outbuf[4] = 0;
919 outbuf[5] = 0;
920 outbuf[6] = s->cluster_size * 2;
921 outbuf[7] = 0;
922 buflen = 8;
923 break;
924 case GET_CONFIGURATION:
925 memset(outbuf, 0, 8);
926 /* ??? This should probably return much more information. For now
927 just return the basic header indicating the CD-ROM profile. */
928 outbuf[7] = 8; // CD-ROM
929 buflen = 8;
930 break;
931 case SERVICE_ACTION_IN_16:
932 /* Service Action In subcommands. */
933 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
934 DPRINTF("SAI READ CAPACITY(16)\n");
935 memset(outbuf, 0, req->cmd.xfer);
936 bdrv_get_geometry(s->bs, &nb_sectors);
937 if (!nb_sectors)
938 goto not_ready;
939 nb_sectors /= s->cluster_size;
940 /* Returned value is the address of the last sector. */
941 nb_sectors--;
942 /* Remember the new size for read/write sanity checking. */
943 s->max_lba = nb_sectors;
944 outbuf[0] = (nb_sectors >> 56) & 0xff;
945 outbuf[1] = (nb_sectors >> 48) & 0xff;
946 outbuf[2] = (nb_sectors >> 40) & 0xff;
947 outbuf[3] = (nb_sectors >> 32) & 0xff;
948 outbuf[4] = (nb_sectors >> 24) & 0xff;
949 outbuf[5] = (nb_sectors >> 16) & 0xff;
950 outbuf[6] = (nb_sectors >> 8) & 0xff;
951 outbuf[7] = nb_sectors & 0xff;
952 outbuf[8] = 0;
953 outbuf[9] = 0;
954 outbuf[10] = s->cluster_size * 2;
955 outbuf[11] = 0;
956 outbuf[12] = 0;
957 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
958
959 /* set TPE bit if the format supports discard */
960 if (s->qdev.conf.discard_granularity) {
961 outbuf[14] = 0x80;
962 }
963
964 /* Protection, exponent and lowest lba field left blank. */
965 buflen = req->cmd.xfer;
966 break;
967 }
968 DPRINTF("Unsupported Service Action In\n");
969 goto illegal_request;
970 case VERIFY_10:
971 break;
972 default:
973 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
974 return -1;
975 }
976 return buflen;
977
978 not_ready:
979 if (s->tray_open || !bdrv_is_inserted(s->bs)) {
980 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
981 } else {
982 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
983 }
984 return -1;
985
986 illegal_request:
987 if (r->req.status == -1) {
988 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
989 }
990 return -1;
991 }
992
993 /* Execute a scsi command. Returns the length of the data expected by the
994 command. This will be Positive for data transfers from the device
995 (eg. disk reads), negative for transfers to the device (eg. disk writes),
996 and zero if the command does not transfer any data. */
997
998 static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf)
999 {
1000 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1001 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1002 int32_t len;
1003 uint8_t command;
1004 uint8_t *outbuf;
1005 int rc;
1006
1007 command = buf[0];
1008 outbuf = (uint8_t *)r->iov.iov_base;
1009 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", req->lun, req->tag, buf[0]);
1010
1011 #ifdef DEBUG_SCSI
1012 {
1013 int i;
1014 for (i = 1; i < r->req.cmd.len; i++) {
1015 printf(" 0x%02x", buf[i]);
1016 }
1017 printf("\n");
1018 }
1019 #endif
1020
1021 switch (command) {
1022 case TEST_UNIT_READY:
1023 case INQUIRY:
1024 case MODE_SENSE:
1025 case MODE_SENSE_10:
1026 case RESERVE:
1027 case RESERVE_10:
1028 case RELEASE:
1029 case RELEASE_10:
1030 case START_STOP:
1031 case ALLOW_MEDIUM_REMOVAL:
1032 case READ_CAPACITY_10:
1033 case READ_TOC:
1034 case GET_CONFIGURATION:
1035 case SERVICE_ACTION_IN_16:
1036 case VERIFY_10:
1037 rc = scsi_disk_emulate_command(r, outbuf);
1038 if (rc < 0) {
1039 return 0;
1040 }
1041
1042 r->iov.iov_len = rc;
1043 break;
1044 case SYNCHRONIZE_CACHE:
1045 bdrv_acct_start(s->bs, &r->acct, 0, BDRV_ACCT_FLUSH);
1046 r->req.aiocb = bdrv_aio_flush(s->bs, scsi_flush_complete, r);
1047 if (r->req.aiocb == NULL) {
1048 scsi_flush_complete(r, -EIO);
1049 }
1050 return 0;
1051 case READ_6:
1052 case READ_10:
1053 case READ_12:
1054 case READ_16:
1055 len = r->req.cmd.xfer / s->qdev.blocksize;
1056 DPRINTF("Read (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len);
1057 if (r->req.cmd.lba > s->max_lba)
1058 goto illegal_lba;
1059 r->sector = r->req.cmd.lba * s->cluster_size;
1060 r->sector_count = len * s->cluster_size;
1061 break;
1062 case WRITE_6:
1063 case WRITE_10:
1064 case WRITE_12:
1065 case WRITE_16:
1066 case WRITE_VERIFY_10:
1067 case WRITE_VERIFY_12:
1068 case WRITE_VERIFY_16:
1069 len = r->req.cmd.xfer / s->qdev.blocksize;
1070 DPRINTF("Write %s(sector %" PRId64 ", count %d)\n",
1071 (command & 0xe) == 0xe ? "And Verify " : "",
1072 r->req.cmd.lba, len);
1073 if (r->req.cmd.lba > s->max_lba)
1074 goto illegal_lba;
1075 r->sector = r->req.cmd.lba * s->cluster_size;
1076 r->sector_count = len * s->cluster_size;
1077 break;
1078 case MODE_SELECT:
1079 DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
1080 /* We don't support mode parameter changes.
1081 Allow the mode parameter header + block descriptors only. */
1082 if (r->req.cmd.xfer > 12) {
1083 goto fail;
1084 }
1085 break;
1086 case MODE_SELECT_10:
1087 DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
1088 /* We don't support mode parameter changes.
1089 Allow the mode parameter header + block descriptors only. */
1090 if (r->req.cmd.xfer > 16) {
1091 goto fail;
1092 }
1093 break;
1094 case SEEK_6:
1095 case SEEK_10:
1096 DPRINTF("Seek(%d) (sector %" PRId64 ")\n", command == SEEK_6 ? 6 : 10,
1097 r->req.cmd.lba);
1098 if (r->req.cmd.lba > s->max_lba) {
1099 goto illegal_lba;
1100 }
1101 break;
1102 case WRITE_SAME_16:
1103 len = r->req.cmd.xfer / s->qdev.blocksize;
1104
1105 DPRINTF("WRITE SAME(16) (sector %" PRId64 ", count %d)\n",
1106 r->req.cmd.lba, len);
1107
1108 if (r->req.cmd.lba > s->max_lba) {
1109 goto illegal_lba;
1110 }
1111
1112 /*
1113 * We only support WRITE SAME with the unmap bit set for now.
1114 */
1115 if (!(buf[1] & 0x8)) {
1116 goto fail;
1117 }
1118
1119 rc = bdrv_discard(s->bs, r->req.cmd.lba * s->cluster_size,
1120 len * s->cluster_size);
1121 if (rc < 0) {
1122 /* XXX: better error code ?*/
1123 goto fail;
1124 }
1125
1126 break;
1127 case REQUEST_SENSE:
1128 abort();
1129 default:
1130 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
1131 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
1132 return 0;
1133 fail:
1134 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1135 return 0;
1136 illegal_lba:
1137 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1138 return 0;
1139 }
1140 if (r->sector_count == 0 && r->iov.iov_len == 0) {
1141 scsi_req_complete(&r->req, GOOD);
1142 }
1143 len = r->sector_count * 512 + r->iov.iov_len;
1144 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
1145 return -len;
1146 } else {
1147 if (!r->sector_count)
1148 r->sector_count = -1;
1149 return len;
1150 }
1151 }
1152
1153 static void scsi_disk_reset(DeviceState *dev)
1154 {
1155 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
1156 uint64_t nb_sectors;
1157
1158 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
1159
1160 bdrv_get_geometry(s->bs, &nb_sectors);
1161 nb_sectors /= s->cluster_size;
1162 if (nb_sectors) {
1163 nb_sectors--;
1164 }
1165 s->max_lba = nb_sectors;
1166 }
1167
1168 static void scsi_destroy(SCSIDevice *dev)
1169 {
1170 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1171
1172 scsi_device_purge_requests(&s->qdev, SENSE_CODE(NO_SENSE));
1173 blockdev_mark_auto_del(s->qdev.conf.bs);
1174 }
1175
1176 static void scsi_cd_change_media_cb(void *opaque, bool load)
1177 {
1178 ((SCSIDiskState *)opaque)->tray_open = !load;
1179 }
1180
1181 static bool scsi_cd_is_tray_open(void *opaque)
1182 {
1183 return ((SCSIDiskState *)opaque)->tray_open;
1184 }
1185
1186 static bool scsi_cd_is_medium_locked(void *opaque)
1187 {
1188 return ((SCSIDiskState *)opaque)->tray_locked;
1189 }
1190
1191 static const BlockDevOps scsi_cd_block_ops = {
1192 .change_media_cb = scsi_cd_change_media_cb,
1193 .is_tray_open = scsi_cd_is_tray_open,
1194 .is_medium_locked = scsi_cd_is_medium_locked,
1195 };
1196
1197 static int scsi_initfn(SCSIDevice *dev, uint8_t scsi_type)
1198 {
1199 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1200 DriveInfo *dinfo;
1201
1202 if (!s->qdev.conf.bs) {
1203 error_report("scsi-disk: drive property not set");
1204 return -1;
1205 }
1206 s->bs = s->qdev.conf.bs;
1207
1208 if (scsi_type == TYPE_DISK && !bdrv_is_inserted(s->bs)) {
1209 error_report("Device needs media, but drive is empty");
1210 return -1;
1211 }
1212
1213 if (!s->serial) {
1214 /* try to fall back to value set with legacy -drive serial=... */
1215 dinfo = drive_get_by_blockdev(s->bs);
1216 if (*dinfo->serial) {
1217 s->serial = g_strdup(dinfo->serial);
1218 }
1219 }
1220
1221 if (!s->version) {
1222 s->version = g_strdup(QEMU_VERSION);
1223 }
1224
1225 if (bdrv_is_sg(s->bs)) {
1226 error_report("scsi-disk: unwanted /dev/sg*");
1227 return -1;
1228 }
1229
1230 if (scsi_type == TYPE_ROM) {
1231 bdrv_set_dev_ops(s->bs, &scsi_cd_block_ops, s);
1232 s->qdev.blocksize = 2048;
1233 } else if (scsi_type == TYPE_DISK) {
1234 s->qdev.blocksize = s->qdev.conf.logical_block_size;
1235 } else {
1236 error_report("scsi-disk: Unhandled SCSI type %02x", scsi_type);
1237 return -1;
1238 }
1239 s->cluster_size = s->qdev.blocksize / 512;
1240 bdrv_set_buffer_alignment(s->bs, s->qdev.blocksize);
1241
1242 s->qdev.type = scsi_type;
1243 qemu_add_vm_change_state_handler(scsi_dma_restart_cb, s);
1244 add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, ",0");
1245 return 0;
1246 }
1247
1248 static int scsi_hd_initfn(SCSIDevice *dev)
1249 {
1250 return scsi_initfn(dev, TYPE_DISK);
1251 }
1252
1253 static int scsi_cd_initfn(SCSIDevice *dev)
1254 {
1255 return scsi_initfn(dev, TYPE_ROM);
1256 }
1257
1258 static int scsi_disk_initfn(SCSIDevice *dev)
1259 {
1260 DriveInfo *dinfo;
1261 uint8_t scsi_type;
1262
1263 if (!dev->conf.bs) {
1264 scsi_type = TYPE_DISK; /* will die in scsi_initfn() */
1265 } else {
1266 dinfo = drive_get_by_blockdev(dev->conf.bs);
1267 scsi_type = dinfo->media_cd ? TYPE_ROM : TYPE_DISK;
1268 }
1269
1270 return scsi_initfn(dev, scsi_type);
1271 }
1272
1273 static SCSIReqOps scsi_disk_reqops = {
1274 .size = sizeof(SCSIDiskReq),
1275 .free_req = scsi_free_request,
1276 .send_command = scsi_send_command,
1277 .read_data = scsi_read_data,
1278 .write_data = scsi_write_data,
1279 .cancel_io = scsi_cancel_io,
1280 .get_buf = scsi_get_buf,
1281 };
1282
1283 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag,
1284 uint32_t lun, void *hba_private)
1285 {
1286 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
1287 SCSIRequest *req;
1288 SCSIDiskReq *r;
1289
1290 req = scsi_req_alloc(&scsi_disk_reqops, &s->qdev, tag, lun, hba_private);
1291 r = DO_UPCAST(SCSIDiskReq, req, req);
1292 r->iov.iov_base = qemu_blockalign(s->bs, SCSI_DMA_BUF_SIZE);
1293 return req;
1294 }
1295
1296 #define DEFINE_SCSI_DISK_PROPERTIES() \
1297 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \
1298 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
1299 DEFINE_PROP_STRING("serial", SCSIDiskState, serial)
1300
1301 static SCSIDeviceInfo scsi_disk_info[] = {
1302 {
1303 .qdev.name = "scsi-hd",
1304 .qdev.fw_name = "disk",
1305 .qdev.desc = "virtual SCSI disk",
1306 .qdev.size = sizeof(SCSIDiskState),
1307 .qdev.reset = scsi_disk_reset,
1308 .init = scsi_hd_initfn,
1309 .destroy = scsi_destroy,
1310 .alloc_req = scsi_new_request,
1311 .qdev.props = (Property[]) {
1312 DEFINE_SCSI_DISK_PROPERTIES(),
1313 DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false),
1314 DEFINE_PROP_END_OF_LIST(),
1315 }
1316 },{
1317 .qdev.name = "scsi-cd",
1318 .qdev.fw_name = "disk",
1319 .qdev.desc = "virtual SCSI CD-ROM",
1320 .qdev.size = sizeof(SCSIDiskState),
1321 .qdev.reset = scsi_disk_reset,
1322 .init = scsi_cd_initfn,
1323 .destroy = scsi_destroy,
1324 .alloc_req = scsi_new_request,
1325 .qdev.props = (Property[]) {
1326 DEFINE_SCSI_DISK_PROPERTIES(),
1327 DEFINE_PROP_END_OF_LIST(),
1328 },
1329 },{
1330 .qdev.name = "scsi-disk", /* legacy -device scsi-disk */
1331 .qdev.fw_name = "disk",
1332 .qdev.desc = "virtual SCSI disk or CD-ROM (legacy)",
1333 .qdev.size = sizeof(SCSIDiskState),
1334 .qdev.reset = scsi_disk_reset,
1335 .init = scsi_disk_initfn,
1336 .destroy = scsi_destroy,
1337 .alloc_req = scsi_new_request,
1338 .qdev.props = (Property[]) {
1339 DEFINE_SCSI_DISK_PROPERTIES(),
1340 DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false),
1341 DEFINE_PROP_END_OF_LIST(),
1342 }
1343 }
1344 };
1345
1346 static void scsi_disk_register_devices(void)
1347 {
1348 int i;
1349
1350 for (i = 0; i < ARRAY_SIZE(scsi_disk_info); i++) {
1351 scsi_qdev_register(&scsi_disk_info[i]);
1352 }
1353 }
1354 device_init(scsi_disk_register_devices)
QEmu