2 * Generic SCSI Device support
4 * Copyright (c) 2007 Bull S.A.S.
5 * Based on code by Paul Brook
6 * Based on code by Fabrice Bellard
8 * Written by Laurent Vivier <Laurent.Vivier@bull.net>
10 * This code is licensed under the LGPL.
14 #include "qemu/osdep.h"
15 #include "qapi/error.h"
16 #include "qemu-common.h"
17 #include "qemu/error-report.h"
18 #include "hw/scsi/scsi.h"
19 #include "sysemu/block-backend.h"
26 #define DPRINTF(fmt, ...) \
27 do { printf("scsi-generic: " fmt , ## __VA_ARGS__); } while (0)
29 #define DPRINTF(fmt, ...) do {} while(0)
32 #define BADF(fmt, ...) \
33 do { fprintf(stderr, "scsi-generic: " fmt , ## __VA_ARGS__); } while (0)
36 #include "scsi/constants.h"
39 #define MAX_UINT ((unsigned int)-1)
42 typedef struct SCSIGenericReq
{
47 sg_io_hdr_t io_header
;
50 static void scsi_generic_save_request(QEMUFile
*f
, SCSIRequest
*req
)
52 SCSIGenericReq
*r
= DO_UPCAST(SCSIGenericReq
, req
, req
);
54 qemu_put_sbe32s(f
, &r
->buflen
);
55 if (r
->buflen
&& r
->req
.cmd
.mode
== SCSI_XFER_TO_DEV
) {
57 qemu_put_buffer(f
, r
->buf
, r
->req
.cmd
.xfer
);
61 static void scsi_generic_load_request(QEMUFile
*f
, SCSIRequest
*req
)
63 SCSIGenericReq
*r
= DO_UPCAST(SCSIGenericReq
, req
, req
);
65 qemu_get_sbe32s(f
, &r
->buflen
);
66 if (r
->buflen
&& r
->req
.cmd
.mode
== SCSI_XFER_TO_DEV
) {
68 qemu_get_buffer(f
, r
->buf
, r
->req
.cmd
.xfer
);
72 static void scsi_free_request(SCSIRequest
*req
)
74 SCSIGenericReq
*r
= DO_UPCAST(SCSIGenericReq
, req
, req
);
79 /* Helper function for command completion. */
80 static void scsi_command_complete_noio(SCSIGenericReq
*r
, int ret
)
85 assert(r
->req
.aiocb
== NULL
);
87 if (r
->req
.io_canceled
) {
88 scsi_req_cancel_complete(&r
->req
);
91 status
= sg_io_sense_from_errno(-ret
, &r
->io_header
, &sense
);
92 if (status
== CHECK_CONDITION
) {
93 if (r
->io_header
.driver_status
& SG_ERR_DRIVER_SENSE
) {
94 r
->req
.sense_len
= r
->io_header
.sb_len_wr
;
96 scsi_req_build_sense(&r
->req
, sense
);
100 DPRINTF("Command complete 0x%p tag=0x%x status=%d\n",
101 r
, r
->req
.tag
, status
);
103 scsi_req_complete(&r
->req
, status
);
105 scsi_req_unref(&r
->req
);
108 static void scsi_command_complete(void *opaque
, int ret
)
110 SCSIGenericReq
*r
= (SCSIGenericReq
*)opaque
;
111 SCSIDevice
*s
= r
->req
.dev
;
113 assert(r
->req
.aiocb
!= NULL
);
116 aio_context_acquire(blk_get_aio_context(s
->conf
.blk
));
117 scsi_command_complete_noio(r
, ret
);
118 aio_context_release(blk_get_aio_context(s
->conf
.blk
));
121 static int execute_command(BlockBackend
*blk
,
122 SCSIGenericReq
*r
, int direction
,
123 BlockCompletionFunc
*complete
)
125 r
->io_header
.interface_id
= 'S';
126 r
->io_header
.dxfer_direction
= direction
;
127 r
->io_header
.dxferp
= r
->buf
;
128 r
->io_header
.dxfer_len
= r
->buflen
;
129 r
->io_header
.cmdp
= r
->req
.cmd
.buf
;
130 r
->io_header
.cmd_len
= r
->req
.cmd
.len
;
131 r
->io_header
.mx_sb_len
= sizeof(r
->req
.sense
);
132 r
->io_header
.sbp
= r
->req
.sense
;
133 r
->io_header
.timeout
= MAX_UINT
;
134 r
->io_header
.usr_ptr
= r
;
135 r
->io_header
.flags
|= SG_FLAG_DIRECT_IO
;
137 r
->req
.aiocb
= blk_aio_ioctl(blk
, SG_IO
, &r
->io_header
, complete
, r
);
138 if (r
->req
.aiocb
== NULL
) {
145 static void scsi_read_complete(void * opaque
, int ret
)
147 SCSIGenericReq
*r
= (SCSIGenericReq
*)opaque
;
148 SCSIDevice
*s
= r
->req
.dev
;
151 assert(r
->req
.aiocb
!= NULL
);
154 aio_context_acquire(blk_get_aio_context(s
->conf
.blk
));
156 if (ret
|| r
->req
.io_canceled
) {
157 scsi_command_complete_noio(r
, ret
);
161 len
= r
->io_header
.dxfer_len
- r
->io_header
.resid
;
162 DPRINTF("Data ready tag=0x%x len=%d\n", r
->req
.tag
, len
);
166 scsi_command_complete_noio(r
, 0);
170 /* Snoop READ CAPACITY output to set the blocksize. */
171 if (r
->req
.cmd
.buf
[0] == READ_CAPACITY_10
&&
172 (ldl_be_p(&r
->buf
[0]) != 0xffffffffU
|| s
->max_lba
== 0)) {
173 s
->blocksize
= ldl_be_p(&r
->buf
[4]);
174 s
->max_lba
= ldl_be_p(&r
->buf
[0]) & 0xffffffffULL
;
175 } else if (r
->req
.cmd
.buf
[0] == SERVICE_ACTION_IN_16
&&
176 (r
->req
.cmd
.buf
[1] & 31) == SAI_READ_CAPACITY_16
) {
177 s
->blocksize
= ldl_be_p(&r
->buf
[8]);
178 s
->max_lba
= ldq_be_p(&r
->buf
[0]);
180 blk_set_guest_block_size(s
->conf
.blk
, s
->blocksize
);
182 /* Patch MODE SENSE device specific parameters if the BDS is opened
185 if ((s
->type
== TYPE_DISK
|| s
->type
== TYPE_TAPE
) &&
186 blk_is_read_only(s
->conf
.blk
) &&
187 (r
->req
.cmd
.buf
[0] == MODE_SENSE
||
188 r
->req
.cmd
.buf
[0] == MODE_SENSE_10
) &&
189 (r
->req
.cmd
.buf
[1] & 0x8) == 0) {
190 if (r
->req
.cmd
.buf
[0] == MODE_SENSE
) {
196 if (r
->req
.cmd
.buf
[0] == INQUIRY
) {
198 * EVPD set to zero returns the standard INQUIRY data.
200 * Check if scsi_version is unset (-1) to avoid re-defining it
201 * each time an INQUIRY with standard data is received.
202 * scsi_version is initialized with -1 in scsi_generic_reset
203 * and scsi_disk_reset, making sure that we'll set the
204 * scsi_version after a reset. If the version field of the
205 * INQUIRY response somehow changes after a guest reboot,
206 * we'll be able to keep track of it.
208 * On SCSI-2 and older, first 3 bits of byte 2 is the
209 * ANSI-approved version, while on later versions the
210 * whole byte 2 contains the version. Check if we're dealing
211 * with a newer version and, in that case, assign the
214 if (s
->scsi_version
== -1 && !(r
->req
.cmd
.buf
[1] & 0x01)) {
215 s
->scsi_version
= r
->buf
[2] & 0x07;
216 if (s
->scsi_version
> 2) {
217 s
->scsi_version
= r
->buf
[2];
220 if (s
->type
== TYPE_DISK
&& r
->req
.cmd
.buf
[2] == 0xb0) {
221 uint32_t max_transfer
=
222 blk_get_max_transfer(s
->conf
.blk
) / s
->blocksize
;
224 assert(max_transfer
);
225 stl_be_p(&r
->buf
[8], max_transfer
);
226 /* Also take care of the opt xfer len. */
227 stl_be_p(&r
->buf
[12],
228 MIN_NON_ZERO(max_transfer
, ldl_be_p(&r
->buf
[12])));
231 scsi_req_data(&r
->req
, len
);
232 scsi_req_unref(&r
->req
);
235 aio_context_release(blk_get_aio_context(s
->conf
.blk
));
238 /* Read more data from scsi device into buffer. */
239 static void scsi_read_data(SCSIRequest
*req
)
241 SCSIGenericReq
*r
= DO_UPCAST(SCSIGenericReq
, req
, req
);
242 SCSIDevice
*s
= r
->req
.dev
;
245 DPRINTF("scsi_read_data tag=0x%x\n", req
->tag
);
247 /* The request is used as the AIO opaque value, so add a ref. */
248 scsi_req_ref(&r
->req
);
250 scsi_command_complete_noio(r
, 0);
254 ret
= execute_command(s
->conf
.blk
, r
, SG_DXFER_FROM_DEV
,
257 scsi_command_complete_noio(r
, ret
);
261 static void scsi_write_complete(void * opaque
, int ret
)
263 SCSIGenericReq
*r
= (SCSIGenericReq
*)opaque
;
264 SCSIDevice
*s
= r
->req
.dev
;
266 DPRINTF("scsi_write_complete() ret = %d\n", ret
);
268 assert(r
->req
.aiocb
!= NULL
);
271 aio_context_acquire(blk_get_aio_context(s
->conf
.blk
));
273 if (ret
|| r
->req
.io_canceled
) {
274 scsi_command_complete_noio(r
, ret
);
278 if (r
->req
.cmd
.buf
[0] == MODE_SELECT
&& r
->req
.cmd
.buf
[4] == 12 &&
279 s
->type
== TYPE_TAPE
) {
280 s
->blocksize
= (r
->buf
[9] << 16) | (r
->buf
[10] << 8) | r
->buf
[11];
281 DPRINTF("block size %d\n", s
->blocksize
);
284 scsi_command_complete_noio(r
, ret
);
287 aio_context_release(blk_get_aio_context(s
->conf
.blk
));
290 /* Write data to a scsi device. Returns nonzero on failure.
291 The transfer may complete asynchronously. */
292 static void scsi_write_data(SCSIRequest
*req
)
294 SCSIGenericReq
*r
= DO_UPCAST(SCSIGenericReq
, req
, req
);
295 SCSIDevice
*s
= r
->req
.dev
;
298 DPRINTF("scsi_write_data tag=0x%x\n", req
->tag
);
301 scsi_req_data(&r
->req
, r
->len
);
305 /* The request is used as the AIO opaque value, so add a ref. */
306 scsi_req_ref(&r
->req
);
307 ret
= execute_command(s
->conf
.blk
, r
, SG_DXFER_TO_DEV
, scsi_write_complete
);
309 scsi_command_complete_noio(r
, ret
);
313 /* Return a pointer to the data buffer. */
314 static uint8_t *scsi_get_buf(SCSIRequest
*req
)
316 SCSIGenericReq
*r
= DO_UPCAST(SCSIGenericReq
, req
, req
);
321 /* Execute a scsi command. Returns the length of the data expected by the
322 command. This will be Positive for data transfers from the device
323 (eg. disk reads), negative for transfers to the device (eg. disk writes),
324 and zero if the command does not transfer any data. */
326 static int32_t scsi_send_command(SCSIRequest
*req
, uint8_t *cmd
)
328 SCSIGenericReq
*r
= DO_UPCAST(SCSIGenericReq
, req
, req
);
329 SCSIDevice
*s
= r
->req
.dev
;
333 DPRINTF("Command: data=0x%02x", cmd
[0]);
336 for (i
= 1; i
< r
->req
.cmd
.len
; i
++) {
337 printf(" 0x%02x", cmd
[i
]);
343 if (r
->req
.cmd
.xfer
== 0) {
347 /* The request is used as the AIO opaque value, so add a ref. */
348 scsi_req_ref(&r
->req
);
349 ret
= execute_command(s
->conf
.blk
, r
, SG_DXFER_NONE
,
350 scsi_command_complete
);
352 scsi_command_complete_noio(r
, ret
);
358 if (r
->buflen
!= r
->req
.cmd
.xfer
) {
360 r
->buf
= g_malloc(r
->req
.cmd
.xfer
);
361 r
->buflen
= r
->req
.cmd
.xfer
;
364 memset(r
->buf
, 0, r
->buflen
);
365 r
->len
= r
->req
.cmd
.xfer
;
366 if (r
->req
.cmd
.mode
== SCSI_XFER_TO_DEV
) {
368 return -r
->req
.cmd
.xfer
;
370 return r
->req
.cmd
.xfer
;
374 static int read_naa_id(const uint8_t *p
, uint64_t *p_wwn
)
378 if ((p
[1] & 0xF) == 3) {
379 /* NAA designator type */
383 *p_wwn
= ldq_be_p(p
+ 4);
387 if ((p
[1] & 0xF) == 8) {
388 /* SCSI name string designator type */
389 if (p
[3] < 20 || memcmp(&p
[4], "naa.", 4)) {
392 if (p
[3] > 20 && p
[24] != ',') {
396 for (i
= 8; i
< 24; i
++) {
397 char c
= qemu_toupper(p
[i
]);
398 c
-= (c
>= '0' && c
<= '9' ? '0' : 'A' - 10);
399 *p_wwn
= (*p_wwn
<< 4) | c
;
407 void scsi_generic_read_device_identification(SCSIDevice
*s
)
412 sg_io_hdr_t io_header
;
416 memset(cmd
, 0, sizeof(cmd
));
417 memset(buf
, 0, sizeof(buf
));
421 cmd
[4] = sizeof(buf
);
423 memset(&io_header
, 0, sizeof(io_header
));
424 io_header
.interface_id
= 'S';
425 io_header
.dxfer_direction
= SG_DXFER_FROM_DEV
;
426 io_header
.dxfer_len
= sizeof(buf
);
427 io_header
.dxferp
= buf
;
428 io_header
.cmdp
= cmd
;
429 io_header
.cmd_len
= sizeof(cmd
);
430 io_header
.mx_sb_len
= sizeof(sensebuf
);
431 io_header
.sbp
= sensebuf
;
432 io_header
.timeout
= 6000; /* XXX */
434 ret
= blk_ioctl(s
->conf
.blk
, SG_IO
, &io_header
);
435 if (ret
< 0 || io_header
.driver_status
|| io_header
.host_status
) {
439 len
= MIN((buf
[2] << 8) | buf
[3], sizeof(buf
) - 4);
440 for (i
= 0; i
+ 3 <= len
; ) {
441 const uint8_t *p
= &buf
[i
+ 4];
444 if (i
+ (p
[3] + 4) > len
) {
448 if ((p
[1] & 0x10) == 0) {
449 /* Associated with the logical unit */
450 if (read_naa_id(p
, &wwn
) == 0) {
453 } else if ((p
[1] & 0x10) == 0x10) {
454 /* Associated with the target port */
455 if (read_naa_id(p
, &wwn
) == 0) {
464 static int get_stream_blocksize(BlockBackend
*blk
)
469 sg_io_hdr_t io_header
;
472 memset(cmd
, 0, sizeof(cmd
));
473 memset(buf
, 0, sizeof(buf
));
475 cmd
[4] = sizeof(buf
);
477 memset(&io_header
, 0, sizeof(io_header
));
478 io_header
.interface_id
= 'S';
479 io_header
.dxfer_direction
= SG_DXFER_FROM_DEV
;
480 io_header
.dxfer_len
= sizeof(buf
);
481 io_header
.dxferp
= buf
;
482 io_header
.cmdp
= cmd
;
483 io_header
.cmd_len
= sizeof(cmd
);
484 io_header
.mx_sb_len
= sizeof(sensebuf
);
485 io_header
.sbp
= sensebuf
;
486 io_header
.timeout
= 6000; /* XXX */
488 ret
= blk_ioctl(blk
, SG_IO
, &io_header
);
489 if (ret
< 0 || io_header
.driver_status
|| io_header
.host_status
) {
492 return (buf
[9] << 16) | (buf
[10] << 8) | buf
[11];
495 static void scsi_generic_reset(DeviceState
*dev
)
497 SCSIDevice
*s
= SCSI_DEVICE(dev
);
499 s
->scsi_version
= s
->default_scsi_version
;
500 scsi_device_purge_requests(s
, SENSE_CODE(RESET
));
503 static void scsi_generic_realize(SCSIDevice
*s
, Error
**errp
)
507 struct sg_scsi_id scsiid
;
510 error_setg(errp
, "drive property not set");
514 if (blk_get_on_error(s
->conf
.blk
, 0) != BLOCKDEV_ON_ERROR_ENOSPC
) {
515 error_setg(errp
, "Device doesn't support drive option werror");
518 if (blk_get_on_error(s
->conf
.blk
, 1) != BLOCKDEV_ON_ERROR_REPORT
) {
519 error_setg(errp
, "Device doesn't support drive option rerror");
523 /* check we are using a driver managing SG_IO (version 3 and after */
524 rc
= blk_ioctl(s
->conf
.blk
, SG_GET_VERSION_NUM
, &sg_version
);
526 error_setg_errno(errp
, -rc
, "cannot get SG_IO version number");
528 error_append_hint(errp
, "Is this a SCSI device?\n");
532 if (sg_version
< 30000) {
533 error_setg(errp
, "scsi generic interface too old");
537 /* get LUN of the /dev/sg? */
538 if (blk_ioctl(s
->conf
.blk
, SG_GET_SCSI_ID
, &scsiid
)) {
539 error_setg(errp
, "SG_GET_SCSI_ID ioctl failed");
542 if (!blkconf_apply_backend_options(&s
->conf
,
543 blk_is_read_only(s
->conf
.blk
),
548 /* define device state */
549 s
->type
= scsiid
.scsi_type
;
550 DPRINTF("device type %d\n", s
->type
);
554 s
->blocksize
= get_stream_blocksize(s
->conf
.blk
);
555 if (s
->blocksize
== -1) {
560 /* Make a guess for block devices, we'll fix it when the guest sends.
561 * READ CAPACITY. If they don't, they likely would assume these sizes
562 * anyway. (TODO: they could also send MODE SENSE).
573 DPRINTF("block size %d\n", s
->blocksize
);
575 /* Only used by scsi-block, but initialize it nevertheless to be clean. */
576 s
->default_scsi_version
= -1;
577 scsi_generic_read_device_identification(s
);
580 const SCSIReqOps scsi_generic_req_ops
= {
581 .size
= sizeof(SCSIGenericReq
),
582 .free_req
= scsi_free_request
,
583 .send_command
= scsi_send_command
,
584 .read_data
= scsi_read_data
,
585 .write_data
= scsi_write_data
,
586 .get_buf
= scsi_get_buf
,
587 .load_request
= scsi_generic_load_request
,
588 .save_request
= scsi_generic_save_request
,
591 static SCSIRequest
*scsi_new_request(SCSIDevice
*d
, uint32_t tag
, uint32_t lun
,
592 uint8_t *buf
, void *hba_private
)
594 return scsi_req_alloc(&scsi_generic_req_ops
, d
, tag
, lun
, hba_private
);
597 static Property scsi_generic_properties
[] = {
598 DEFINE_PROP_DRIVE("drive", SCSIDevice
, conf
.blk
),
599 DEFINE_PROP_BOOL("share-rw", SCSIDevice
, conf
.share_rw
, false),
600 DEFINE_PROP_END_OF_LIST(),
603 static int scsi_generic_parse_cdb(SCSIDevice
*dev
, SCSICommand
*cmd
,
604 uint8_t *buf
, void *hba_private
)
606 return scsi_bus_parse_cdb(dev
, cmd
, buf
, hba_private
);
609 static void scsi_generic_class_initfn(ObjectClass
*klass
, void *data
)
611 DeviceClass
*dc
= DEVICE_CLASS(klass
);
612 SCSIDeviceClass
*sc
= SCSI_DEVICE_CLASS(klass
);
614 sc
->realize
= scsi_generic_realize
;
615 sc
->alloc_req
= scsi_new_request
;
616 sc
->parse_cdb
= scsi_generic_parse_cdb
;
617 dc
->fw_name
= "disk";
618 dc
->desc
= "pass through generic scsi device (/dev/sg*)";
619 dc
->reset
= scsi_generic_reset
;
620 dc
->props
= scsi_generic_properties
;
621 dc
->vmsd
= &vmstate_scsi_device
;
624 static const TypeInfo scsi_generic_info
= {
625 .name
= "scsi-generic",
626 .parent
= TYPE_SCSI_DEVICE
,
627 .instance_size
= sizeof(SCSIDevice
),
628 .class_init
= scsi_generic_class_initfn
,
631 static void scsi_generic_register_types(void)
633 type_register_static(&scsi_generic_info
);
636 type_init(scsi_generic_register_types
)
638 #endif /* __linux__ */