search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge remote branch 'mst/for_anthony' into staging
[qemu.git] / hw / scsi-disk.c
blob6cb317c8f972eecc148ce7ebf9c34215539d7de8
1 /*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
14 *
15 * This code is licenced under the LGPL.
16 *
17 * Note that this file only handles the SCSI architecture model and device
18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
20 */
21
22 //#define DEBUG_SCSI
23
24 #ifdef DEBUG_SCSI
25 #define DPRINTF(fmt, ...) \
26 do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
27 #else
28 #define DPRINTF(fmt, ...) do {} while(0)
29 #endif
30
31 #define BADF(fmt, ...) \
32 do { fprintf(stderr, "scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
33
34 #include "qemu-common.h"
35 #include "qemu-error.h"
36 #include "scsi.h"
37 #include "scsi-defs.h"
38 #include "sysemu.h"
39 #include "blockdev.h"
40
41 #define SCSI_DMA_BUF_SIZE 131072
42 #define SCSI_MAX_INQUIRY_LEN 256
43
44 #define SCSI_REQ_STATUS_RETRY 0x01
45 #define SCSI_REQ_STATUS_RETRY_TYPE_MASK 0x06
46 #define SCSI_REQ_STATUS_RETRY_READ 0x00
47 #define SCSI_REQ_STATUS_RETRY_WRITE 0x02
48 #define SCSI_REQ_STATUS_RETRY_FLUSH 0x04
49
50 typedef struct SCSIDiskState SCSIDiskState;
51
52 typedef struct SCSISense {
53 uint8_t key;
54 } SCSISense;
55
56 typedef struct SCSIDiskReq {
57 SCSIRequest req;
58 /* ??? We should probably keep track of whether the data transfer is
59 a read or a write. Currently we rely on the host getting it right. */
60 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
61 uint64_t sector;
62 uint32_t sector_count;
63 struct iovec iov;
64 QEMUIOVector qiov;
65 uint32_t status;
66 } SCSIDiskReq;
67
68 struct SCSIDiskState
69 {
70 SCSIDevice qdev;
71 BlockDriverState *bs;
72 /* The qemu block layer uses a fixed 512 byte sector size.
73 This is the number of 512 byte blocks in a single scsi sector. */
74 int cluster_size;
75 uint64_t max_lba;
76 QEMUBH *bh;
77 char *version;
78 char *serial;
79 SCSISense sense;
80 };
81
82 static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type);
83 static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf);
84
85 static SCSIDiskReq *scsi_new_request(SCSIDiskState *s, uint32_t tag,
86 uint32_t lun)
87 {
88 SCSIRequest *req;
89 SCSIDiskReq *r;
90
91 req = scsi_req_alloc(sizeof(SCSIDiskReq), &s->qdev, tag, lun);
92 r = DO_UPCAST(SCSIDiskReq, req, req);
93 r->iov.iov_base = qemu_blockalign(s->bs, SCSI_DMA_BUF_SIZE);
94 return r;
95 }
96
97 static void scsi_remove_request(SCSIDiskReq *r)
98 {
99 qemu_vfree(r->iov.iov_base);
100 scsi_req_free(&r->req);
101 }
102
103 static SCSIDiskReq *scsi_find_request(SCSIDiskState *s, uint32_t tag)
104 {
105 return DO_UPCAST(SCSIDiskReq, req, scsi_req_find(&s->qdev, tag));
106 }
107
108 static void scsi_disk_clear_sense(SCSIDiskState *s)
109 {
110 memset(&s->sense, 0, sizeof(s->sense));
111 }
112
113 static void scsi_disk_set_sense(SCSIDiskState *s, uint8_t key)
114 {
115 s->sense.key = key;
116 }
117
118 static void scsi_req_set_status(SCSIDiskReq *r, int status, int sense_code)
119 {
120 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
121
122 r->req.status = status;
123 scsi_disk_set_sense(s, sense_code);
124 }
125
126 /* Helper function for command completion. */
127 static void scsi_command_complete(SCSIDiskReq *r, int status, int sense)
128 {
129 DPRINTF("Command complete tag=0x%x status=%d sense=%d\n",
130 r->req.tag, status, sense);
131 scsi_req_set_status(r, status, sense);
132 scsi_req_complete(&r->req);
133 scsi_remove_request(r);
134 }
135
136 /* Cancel a pending data transfer. */
137 static void scsi_cancel_io(SCSIDevice *d, uint32_t tag)
138 {
139 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
140 SCSIDiskReq *r;
141 DPRINTF("Cancel tag=0x%x\n", tag);
142 r = scsi_find_request(s, tag);
143 if (r) {
144 if (r->req.aiocb)
145 bdrv_aio_cancel(r->req.aiocb);
146 r->req.aiocb = NULL;
147 scsi_remove_request(r);
148 }
149 }
150
151 static void scsi_read_complete(void * opaque, int ret)
152 {
153 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
154 int n;
155
156 r->req.aiocb = NULL;
157
158 if (ret) {
159 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_READ)) {
160 return;
161 }
162 }
163
164 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->iov.iov_len);
165
166 n = r->iov.iov_len / 512;
167 r->sector += n;
168 r->sector_count -= n;
169 r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, r->iov.iov_len);
170 }
171
172
173 static void scsi_read_request(SCSIDiskReq *r)
174 {
175 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
176 uint32_t n;
177
178 if (r->sector_count == (uint32_t)-1) {
179 DPRINTF("Read buf_len=%zd\n", r->iov.iov_len);
180 r->sector_count = 0;
181 r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, r->iov.iov_len);
182 return;
183 }
184 DPRINTF("Read sector_count=%d\n", r->sector_count);
185 if (r->sector_count == 0) {
186 scsi_command_complete(r, GOOD, NO_SENSE);
187 return;
188 }
189
190 /* No data transfer may already be in progress */
191 assert(r->req.aiocb == NULL);
192
193 n = r->sector_count;
194 if (n > SCSI_DMA_BUF_SIZE / 512)
195 n = SCSI_DMA_BUF_SIZE / 512;
196
197 r->iov.iov_len = n * 512;
198 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
199 r->req.aiocb = bdrv_aio_readv(s->bs, r->sector, &r->qiov, n,
200 scsi_read_complete, r);
201 if (r->req.aiocb == NULL) {
202 scsi_read_complete(r, -EIO);
203 }
204 }
205
206 /* Read more data from scsi device into buffer. */
207 static void scsi_read_data(SCSIDevice *d, uint32_t tag)
208 {
209 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
210 SCSIDiskReq *r;
211
212 r = scsi_find_request(s, tag);
213 if (!r) {
214 BADF("Bad read tag 0x%x\n", tag);
215 /* ??? This is the wrong error. */
216 scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
217 return;
218 }
219
220 scsi_read_request(r);
221 }
222
223 static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type)
224 {
225 int is_read = (type == SCSI_REQ_STATUS_RETRY_READ);
226 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
227 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
228
229 if (action == BLOCK_ERR_IGNORE) {
230 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
231 return 0;
232 }
233
234 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
235 || action == BLOCK_ERR_STOP_ANY) {
236
237 type &= SCSI_REQ_STATUS_RETRY_TYPE_MASK;
238 r->status |= SCSI_REQ_STATUS_RETRY | type;
239
240 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
241 vm_stop(0);
242 } else {
243 if (type == SCSI_REQ_STATUS_RETRY_READ) {
244 r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, 0);
245 }
246 scsi_command_complete(r, CHECK_CONDITION,
247 HARDWARE_ERROR);
248 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
249 }
250
251 return 1;
252 }
253
254 static void scsi_write_complete(void * opaque, int ret)
255 {
256 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
257 uint32_t len;
258 uint32_t n;
259
260 r->req.aiocb = NULL;
261
262 if (ret) {
263 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_WRITE)) {
264 return;
265 }
266 }
267
268 n = r->iov.iov_len / 512;
269 r->sector += n;
270 r->sector_count -= n;
271 if (r->sector_count == 0) {
272 scsi_command_complete(r, GOOD, NO_SENSE);
273 } else {
274 len = r->sector_count * 512;
275 if (len > SCSI_DMA_BUF_SIZE) {
276 len = SCSI_DMA_BUF_SIZE;
277 }
278 r->iov.iov_len = len;
279 DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, len);
280 r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, len);
281 }
282 }
283
284 static void scsi_write_request(SCSIDiskReq *r)
285 {
286 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
287 uint32_t n;
288
289 /* No data transfer may already be in progress */
290 assert(r->req.aiocb == NULL);
291
292 n = r->iov.iov_len / 512;
293 if (n) {
294 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
295 r->req.aiocb = bdrv_aio_writev(s->bs, r->sector, &r->qiov, n,
296 scsi_write_complete, r);
297 if (r->req.aiocb == NULL) {
298 scsi_write_complete(r, -EIO);
299 }
300 } else {
301 /* Invoke completion routine to fetch data from host. */
302 scsi_write_complete(r, 0);
303 }
304 }
305
306 /* Write data to a scsi device. Returns nonzero on failure.
307 The transfer may complete asynchronously. */
308 static int scsi_write_data(SCSIDevice *d, uint32_t tag)
309 {
310 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
311 SCSIDiskReq *r;
312
313 DPRINTF("Write data tag=0x%x\n", tag);
314 r = scsi_find_request(s, tag);
315 if (!r) {
316 BADF("Bad write tag 0x%x\n", tag);
317 scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
318 return 1;
319 }
320
321 scsi_write_request(r);
322
323 return 0;
324 }
325
326 static void scsi_dma_restart_bh(void *opaque)
327 {
328 SCSIDiskState *s = opaque;
329 SCSIRequest *req;
330 SCSIDiskReq *r;
331
332 qemu_bh_delete(s->bh);
333 s->bh = NULL;
334
335 QTAILQ_FOREACH(req, &s->qdev.requests, next) {
336 r = DO_UPCAST(SCSIDiskReq, req, req);
337 if (r->status & SCSI_REQ_STATUS_RETRY) {
338 int status = r->status;
339 int ret;
340
341 r->status &=
342 ~(SCSI_REQ_STATUS_RETRY | SCSI_REQ_STATUS_RETRY_TYPE_MASK);
343
344 switch (status & SCSI_REQ_STATUS_RETRY_TYPE_MASK) {
345 case SCSI_REQ_STATUS_RETRY_READ:
346 scsi_read_request(r);
347 break;
348 case SCSI_REQ_STATUS_RETRY_WRITE:
349 scsi_write_request(r);
350 break;
351 case SCSI_REQ_STATUS_RETRY_FLUSH:
352 ret = scsi_disk_emulate_command(r, r->iov.iov_base);
353 if (ret == 0) {
354 scsi_command_complete(r, GOOD, NO_SENSE);
355 }
356 }
357 }
358 }
359 }
360
361 static void scsi_dma_restart_cb(void *opaque, int running, int reason)
362 {
363 SCSIDiskState *s = opaque;
364
365 if (!running)
366 return;
367
368 if (!s->bh) {
369 s->bh = qemu_bh_new(scsi_dma_restart_bh, s);
370 qemu_bh_schedule(s->bh);
371 }
372 }
373
374 /* Return a pointer to the data buffer. */
375 static uint8_t *scsi_get_buf(SCSIDevice *d, uint32_t tag)
376 {
377 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
378 SCSIDiskReq *r;
379
380 r = scsi_find_request(s, tag);
381 if (!r) {
382 BADF("Bad buffer tag 0x%x\n", tag);
383 return NULL;
384 }
385 return (uint8_t *)r->iov.iov_base;
386 }
387
388 static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
389 {
390 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
391 int buflen = 0;
392
393 if (req->cmd.buf[1] & 0x2) {
394 /* Command support data - optional, not implemented */
395 BADF("optional INQUIRY command support request not implemented\n");
396 return -1;
397 }
398
399 if (req->cmd.buf[1] & 0x1) {
400 /* Vital product data */
401 uint8_t page_code = req->cmd.buf[2];
402 if (req->cmd.xfer < 4) {
403 BADF("Error: Inquiry (EVPD[%02X]) buffer size %zd is "
404 "less than 4\n", page_code, req->cmd.xfer);
405 return -1;
406 }
407
408 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
409 outbuf[buflen++] = 5;
410 } else {
411 outbuf[buflen++] = 0;
412 }
413 outbuf[buflen++] = page_code ; // this page
414 outbuf[buflen++] = 0x00;
415
416 switch (page_code) {
417 case 0x00: /* Supported page codes, mandatory */
418 {
419 int pages;
420 DPRINTF("Inquiry EVPD[Supported pages] "
421 "buffer size %zd\n", req->cmd.xfer);
422 pages = buflen++;
423 outbuf[buflen++] = 0x00; // list of supported pages (this page)
424 outbuf[buflen++] = 0x80; // unit serial number
425 outbuf[buflen++] = 0x83; // device identification
426 if (bdrv_get_type_hint(s->bs) != BDRV_TYPE_CDROM) {
427 outbuf[buflen++] = 0xb0; // block limits
428 outbuf[buflen++] = 0xb2; // thin provisioning
429 }
430 outbuf[pages] = buflen - pages - 1; // number of pages
431 break;
432 }
433 case 0x80: /* Device serial number, optional */
434 {
435 int l = strlen(s->serial);
436
437 if (l > req->cmd.xfer)
438 l = req->cmd.xfer;
439 if (l > 20)
440 l = 20;
441
442 DPRINTF("Inquiry EVPD[Serial number] "
443 "buffer size %zd\n", req->cmd.xfer);
444 outbuf[buflen++] = l;
445 memcpy(outbuf+buflen, s->serial, l);
446 buflen += l;
447 break;
448 }
449
450 case 0x83: /* Device identification page, mandatory */
451 {
452 int max_len = 255 - 8;
453 int id_len = strlen(bdrv_get_device_name(s->bs));
454
455 if (id_len > max_len)
456 id_len = max_len;
457 DPRINTF("Inquiry EVPD[Device identification] "
458 "buffer size %zd\n", req->cmd.xfer);
459
460 outbuf[buflen++] = 4 + id_len;
461 outbuf[buflen++] = 0x2; // ASCII
462 outbuf[buflen++] = 0; // not officially assigned
463 outbuf[buflen++] = 0; // reserved
464 outbuf[buflen++] = id_len; // length of data following
465
466 memcpy(outbuf+buflen, bdrv_get_device_name(s->bs), id_len);
467 buflen += id_len;
468 break;
469 }
470 case 0xb0: /* block limits */
471 {
472 unsigned int unmap_sectors =
473 s->qdev.conf.discard_granularity / s->qdev.blocksize;
474 unsigned int min_io_size =
475 s->qdev.conf.min_io_size / s->qdev.blocksize;
476 unsigned int opt_io_size =
477 s->qdev.conf.opt_io_size / s->qdev.blocksize;
478
479 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
480 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
481 page_code);
482 return -1;
483 }
484 /* required VPD size with unmap support */
485 outbuf[3] = buflen = 0x3c;
486
487 memset(outbuf + 4, 0, buflen - 4);
488
489 /* optimal transfer length granularity */
490 outbuf[6] = (min_io_size >> 8) & 0xff;
491 outbuf[7] = min_io_size & 0xff;
492
493 /* optimal transfer length */
494 outbuf[12] = (opt_io_size >> 24) & 0xff;
495 outbuf[13] = (opt_io_size >> 16) & 0xff;
496 outbuf[14] = (opt_io_size >> 8) & 0xff;
497 outbuf[15] = opt_io_size & 0xff;
498
499 /* optimal unmap granularity */
500 outbuf[28] = (unmap_sectors >> 24) & 0xff;
501 outbuf[29] = (unmap_sectors >> 16) & 0xff;
502 outbuf[30] = (unmap_sectors >> 8) & 0xff;
503 outbuf[31] = unmap_sectors & 0xff;
504 break;
505 }
506 case 0xb2: /* thin provisioning */
507 {
508 outbuf[3] = buflen = 8;
509 outbuf[4] = 0;
510 outbuf[5] = 0x40; /* write same with unmap supported */
511 outbuf[6] = 0;
512 outbuf[7] = 0;
513 break;
514 }
515 default:
516 BADF("Error: unsupported Inquiry (EVPD[%02X]) "
517 "buffer size %zd\n", page_code, req->cmd.xfer);
518 return -1;
519 }
520 /* done with EVPD */
521 return buflen;
522 }
523
524 /* Standard INQUIRY data */
525 if (req->cmd.buf[2] != 0) {
526 BADF("Error: Inquiry (STANDARD) page or code "
527 "is non-zero [%02X]\n", req->cmd.buf[2]);
528 return -1;
529 }
530
531 /* PAGE CODE == 0 */
532 if (req->cmd.xfer < 5) {
533 BADF("Error: Inquiry (STANDARD) buffer size %zd "
534 "is less than 5\n", req->cmd.xfer);
535 return -1;
536 }
537
538 buflen = req->cmd.xfer;
539 if (buflen > SCSI_MAX_INQUIRY_LEN)
540 buflen = SCSI_MAX_INQUIRY_LEN;
541
542 memset(outbuf, 0, buflen);
543
544 if (req->lun || req->cmd.buf[1] >> 5) {
545 outbuf[0] = 0x7f; /* LUN not supported */
546 return buflen;
547 }
548
549 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
550 outbuf[0] = 5;
551 outbuf[1] = 0x80;
552 memcpy(&outbuf[16], "QEMU CD-ROM ", 16);
553 } else {
554 outbuf[0] = 0;
555 memcpy(&outbuf[16], "QEMU HARDDISK ", 16);
556 }
557 memcpy(&outbuf[8], "QEMU ", 8);
558 memset(&outbuf[32], 0, 4);
559 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
560 /*
561 * We claim conformance to SPC-3, which is required for guests
562 * to ask for modern features like READ CAPACITY(16) or the
563 * block characteristics VPD page by default. Not all of SPC-3
564 * is actually implemented, but we're good enough.
565 */
566 outbuf[2] = 5;
567 outbuf[3] = 2; /* Format 2 */
568
569 if (buflen > 36) {
570 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
571 } else {
572 /* If the allocation length of CDB is too small,
573 the additional length is not adjusted */
574 outbuf[4] = 36 - 5;
575 }
576
577 /* Sync data transfer and TCQ. */
578 outbuf[7] = 0x10 | (req->bus->tcq ? 0x02 : 0);
579 return buflen;
580 }
581
582 static int mode_sense_page(SCSIRequest *req, int page, uint8_t *p,
583 int page_control)
584 {
585 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
586 BlockDriverState *bdrv = s->bs;
587 int cylinders, heads, secs;
588
589 /*
590 * If Changeable Values are requested, a mask denoting those mode parameters
591 * that are changeable shall be returned. As we currently don't support
592 * parameter changes via MODE_SELECT all bits are returned set to zero.
593 * The buffer was already menset to zero by the caller of this function.
594 */
595 switch (page) {
596 case 4: /* Rigid disk device geometry page. */
597 p[0] = 4;
598 p[1] = 0x16;
599 if (page_control == 1) { /* Changeable Values */
600 return p[1] + 2;
601 }
602 /* if a geometry hint is available, use it */
603 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
604 p[2] = (cylinders >> 16) & 0xff;
605 p[3] = (cylinders >> 8) & 0xff;
606 p[4] = cylinders & 0xff;
607 p[5] = heads & 0xff;
608 /* Write precomp start cylinder, disabled */
609 p[6] = (cylinders >> 16) & 0xff;
610 p[7] = (cylinders >> 8) & 0xff;
611 p[8] = cylinders & 0xff;
612 /* Reduced current start cylinder, disabled */
613 p[9] = (cylinders >> 16) & 0xff;
614 p[10] = (cylinders >> 8) & 0xff;
615 p[11] = cylinders & 0xff;
616 /* Device step rate [ns], 200ns */
617 p[12] = 0;
618 p[13] = 200;
619 /* Landing zone cylinder */
620 p[14] = 0xff;
621 p[15] = 0xff;
622 p[16] = 0xff;
623 /* Medium rotation rate [rpm], 5400 rpm */
624 p[20] = (5400 >> 8) & 0xff;
625 p[21] = 5400 & 0xff;
626 return p[1] + 2;
627
628 case 5: /* Flexible disk device geometry page. */
629 p[0] = 5;
630 p[1] = 0x1e;
631 if (page_control == 1) { /* Changeable Values */
632 return p[1] + 2;
633 }
634 /* Transfer rate [kbit/s], 5Mbit/s */
635 p[2] = 5000 >> 8;
636 p[3] = 5000 & 0xff;
637 /* if a geometry hint is available, use it */
638 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
639 p[4] = heads & 0xff;
640 p[5] = secs & 0xff;
641 p[6] = s->cluster_size * 2;
642 p[8] = (cylinders >> 8) & 0xff;
643 p[9] = cylinders & 0xff;
644 /* Write precomp start cylinder, disabled */
645 p[10] = (cylinders >> 8) & 0xff;
646 p[11] = cylinders & 0xff;
647 /* Reduced current start cylinder, disabled */
648 p[12] = (cylinders >> 8) & 0xff;
649 p[13] = cylinders & 0xff;
650 /* Device step rate [100us], 100us */
651 p[14] = 0;
652 p[15] = 1;
653 /* Device step pulse width [us], 1us */
654 p[16] = 1;
655 /* Device head settle delay [100us], 100us */
656 p[17] = 0;
657 p[18] = 1;
658 /* Motor on delay [0.1s], 0.1s */
659 p[19] = 1;
660 /* Motor off delay [0.1s], 0.1s */
661 p[20] = 1;
662 /* Medium rotation rate [rpm], 5400 rpm */
663 p[28] = (5400 >> 8) & 0xff;
664 p[29] = 5400 & 0xff;
665 return p[1] + 2;
666
667 case 8: /* Caching page. */
668 p[0] = 8;
669 p[1] = 0x12;
670 if (page_control == 1) { /* Changeable Values */
671 return p[1] + 2;
672 }
673 if (bdrv_enable_write_cache(s->bs)) {
674 p[2] = 4; /* WCE */
675 }
676 return p[1] + 2;
677
678 case 0x2a: /* CD Capabilities and Mechanical Status page. */
679 if (bdrv_get_type_hint(bdrv) != BDRV_TYPE_CDROM)
680 return 0;
681 p[0] = 0x2a;
682 p[1] = 0x14;
683 if (page_control == 1) { /* Changeable Values */
684 return p[1] + 2;
685 }
686 p[2] = 3; // CD-R & CD-RW read
687 p[3] = 0; // Writing not supported
688 p[4] = 0x7f; /* Audio, composite, digital out,
689 mode 2 form 1&2, multi session */
690 p[5] = 0xff; /* CD DA, DA accurate, RW supported,
691 RW corrected, C2 errors, ISRC,
692 UPC, Bar code */
693 p[6] = 0x2d | (bdrv_is_locked(s->bs)? 2 : 0);
694 /* Locking supported, jumper present, eject, tray */
695 p[7] = 0; /* no volume & mute control, no
696 changer */
697 p[8] = (50 * 176) >> 8; // 50x read speed
698 p[9] = (50 * 176) & 0xff;
699 p[10] = 0 >> 8; // No volume
700 p[11] = 0 & 0xff;
701 p[12] = 2048 >> 8; // 2M buffer
702 p[13] = 2048 & 0xff;
703 p[14] = (16 * 176) >> 8; // 16x read speed current
704 p[15] = (16 * 176) & 0xff;
705 p[18] = (16 * 176) >> 8; // 16x write speed
706 p[19] = (16 * 176) & 0xff;
707 p[20] = (16 * 176) >> 8; // 16x write speed current
708 p[21] = (16 * 176) & 0xff;
709 return p[1] + 2;
710
711 default:
712 return 0;
713 }
714 }
715
716 static int scsi_disk_emulate_mode_sense(SCSIRequest *req, uint8_t *outbuf)
717 {
718 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
719 uint64_t nb_sectors;
720 int page, dbd, buflen, page_control;
721 uint8_t *p;
722 uint8_t dev_specific_param;
723
724 dbd = req->cmd.buf[1] & 0x8;
725 page = req->cmd.buf[2] & 0x3f;
726 page_control = (req->cmd.buf[2] & 0xc0) >> 6;
727 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
728 (req->cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, req->cmd.xfer, page_control);
729 memset(outbuf, 0, req->cmd.xfer);
730 p = outbuf;
731
732 if (bdrv_is_read_only(s->bs)) {
733 dev_specific_param = 0x80; /* Readonly. */
734 } else {
735 dev_specific_param = 0x00;
736 }
737
738 if (req->cmd.buf[0] == MODE_SENSE) {
739 p[1] = 0; /* Default media type. */
740 p[2] = dev_specific_param;
741 p[3] = 0; /* Block descriptor length. */
742 p += 4;
743 } else { /* MODE_SENSE_10 */
744 p[2] = 0; /* Default media type. */
745 p[3] = dev_specific_param;
746 p[6] = p[7] = 0; /* Block descriptor length. */
747 p += 8;
748 }
749
750 bdrv_get_geometry(s->bs, &nb_sectors);
751 if (!dbd && nb_sectors) {
752 if (req->cmd.buf[0] == MODE_SENSE) {
753 outbuf[3] = 8; /* Block descriptor length */
754 } else { /* MODE_SENSE_10 */
755 outbuf[7] = 8; /* Block descriptor length */
756 }
757 nb_sectors /= s->cluster_size;
758 if (nb_sectors > 0xffffff)
759 nb_sectors = 0;
760 p[0] = 0; /* media density code */
761 p[1] = (nb_sectors >> 16) & 0xff;
762 p[2] = (nb_sectors >> 8) & 0xff;
763 p[3] = nb_sectors & 0xff;
764 p[4] = 0; /* reserved */
765 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
766 p[6] = s->cluster_size * 2;
767 p[7] = 0;
768 p += 8;
769 }
770
771 if (page_control == 3) { /* Saved Values */
772 return -1; /* ILLEGAL_REQUEST */
773 }
774
775 switch (page) {
776 case 0x04:
777 case 0x05:
778 case 0x08:
779 case 0x2a:
780 p += mode_sense_page(req, page, p, page_control);
781 break;
782 case 0x3f:
783 p += mode_sense_page(req, 0x08, p, page_control);
784 p += mode_sense_page(req, 0x2a, p, page_control);
785 break;
786 default:
787 return -1; /* ILLEGAL_REQUEST */
788 }
789
790 buflen = p - outbuf;
791 /*
792 * The mode data length field specifies the length in bytes of the
793 * following data that is available to be transferred. The mode data
794 * length does not include itself.
795 */
796 if (req->cmd.buf[0] == MODE_SENSE) {
797 outbuf[0] = buflen - 1;
798 } else { /* MODE_SENSE_10 */
799 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
800 outbuf[1] = (buflen - 2) & 0xff;
801 }
802 if (buflen > req->cmd.xfer)
803 buflen = req->cmd.xfer;
804 return buflen;
805 }
806
807 static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
808 {
809 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
810 int start_track, format, msf, toclen;
811 uint64_t nb_sectors;
812
813 msf = req->cmd.buf[1] & 2;
814 format = req->cmd.buf[2] & 0xf;
815 start_track = req->cmd.buf[6];
816 bdrv_get_geometry(s->bs, &nb_sectors);
817 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
818 nb_sectors /= s->cluster_size;
819 switch (format) {
820 case 0:
821 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
822 break;
823 case 1:
824 /* multi session : only a single session defined */
825 toclen = 12;
826 memset(outbuf, 0, 12);
827 outbuf[1] = 0x0a;
828 outbuf[2] = 0x01;
829 outbuf[3] = 0x01;
830 break;
831 case 2:
832 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
833 break;
834 default:
835 return -1;
836 }
837 if (toclen > req->cmd.xfer)
838 toclen = req->cmd.xfer;
839 return toclen;
840 }
841
842 static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf)
843 {
844 SCSIRequest *req = &r->req;
845 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
846 uint64_t nb_sectors;
847 int buflen = 0;
848 int ret;
849
850 switch (req->cmd.buf[0]) {
851 case TEST_UNIT_READY:
852 if (!bdrv_is_inserted(s->bs))
853 goto not_ready;
854 break;
855 case REQUEST_SENSE:
856 if (req->cmd.xfer < 4)
857 goto illegal_request;
858 memset(outbuf, 0, 4);
859 buflen = 4;
860 if (s->sense.key == NOT_READY && req->cmd.xfer >= 18) {
861 memset(outbuf, 0, 18);
862 buflen = 18;
863 outbuf[7] = 10;
864 /* asc 0x3a, ascq 0: Medium not present */
865 outbuf[12] = 0x3a;
866 outbuf[13] = 0;
867 }
868 outbuf[0] = 0xf0;
869 outbuf[1] = 0;
870 outbuf[2] = s->sense.key;
871 scsi_disk_clear_sense(s);
872 break;
873 case INQUIRY:
874 buflen = scsi_disk_emulate_inquiry(req, outbuf);
875 if (buflen < 0)
876 goto illegal_request;
877 break;
878 case MODE_SENSE:
879 case MODE_SENSE_10:
880 buflen = scsi_disk_emulate_mode_sense(req, outbuf);
881 if (buflen < 0)
882 goto illegal_request;
883 break;
884 case READ_TOC:
885 buflen = scsi_disk_emulate_read_toc(req, outbuf);
886 if (buflen < 0)
887 goto illegal_request;
888 break;
889 case RESERVE:
890 if (req->cmd.buf[1] & 1)
891 goto illegal_request;
892 break;
893 case RESERVE_10:
894 if (req->cmd.buf[1] & 3)
895 goto illegal_request;
896 break;
897 case RELEASE:
898 if (req->cmd.buf[1] & 1)
899 goto illegal_request;
900 break;
901 case RELEASE_10:
902 if (req->cmd.buf[1] & 3)
903 goto illegal_request;
904 break;
905 case START_STOP:
906 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM && (req->cmd.buf[4] & 2)) {
907 /* load/eject medium */
908 bdrv_eject(s->bs, !(req->cmd.buf[4] & 1));
909 }
910 break;
911 case ALLOW_MEDIUM_REMOVAL:
912 bdrv_set_locked(s->bs, req->cmd.buf[4] & 1);
913 break;
914 case READ_CAPACITY:
915 /* The normal LEN field for this command is zero. */
916 memset(outbuf, 0, 8);
917 bdrv_get_geometry(s->bs, &nb_sectors);
918 if (!nb_sectors)
919 goto not_ready;
920 nb_sectors /= s->cluster_size;
921 /* Returned value is the address of the last sector. */
922 nb_sectors--;
923 /* Remember the new size for read/write sanity checking. */
924 s->max_lba = nb_sectors;
925 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
926 if (nb_sectors > UINT32_MAX)
927 nb_sectors = UINT32_MAX;
928 outbuf[0] = (nb_sectors >> 24) & 0xff;
929 outbuf[1] = (nb_sectors >> 16) & 0xff;
930 outbuf[2] = (nb_sectors >> 8) & 0xff;
931 outbuf[3] = nb_sectors & 0xff;
932 outbuf[4] = 0;
933 outbuf[5] = 0;
934 outbuf[6] = s->cluster_size * 2;
935 outbuf[7] = 0;
936 buflen = 8;
937 break;
938 case SYNCHRONIZE_CACHE:
939 ret = bdrv_flush(s->bs);
940 if (ret < 0) {
941 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_FLUSH)) {
942 return -1;
943 }
944 }
945 break;
946 case GET_CONFIGURATION:
947 memset(outbuf, 0, 8);
948 /* ??? This should probably return much more information. For now
949 just return the basic header indicating the CD-ROM profile. */
950 outbuf[7] = 8; // CD-ROM
951 buflen = 8;
952 break;
953 case SERVICE_ACTION_IN:
954 /* Service Action In subcommands. */
955 if ((req->cmd.buf[1] & 31) == 0x10) {
956 DPRINTF("SAI READ CAPACITY(16)\n");
957 memset(outbuf, 0, req->cmd.xfer);
958 bdrv_get_geometry(s->bs, &nb_sectors);
959 if (!nb_sectors)
960 goto not_ready;
961 nb_sectors /= s->cluster_size;
962 /* Returned value is the address of the last sector. */
963 nb_sectors--;
964 /* Remember the new size for read/write sanity checking. */
965 s->max_lba = nb_sectors;
966 outbuf[0] = (nb_sectors >> 56) & 0xff;
967 outbuf[1] = (nb_sectors >> 48) & 0xff;
968 outbuf[2] = (nb_sectors >> 40) & 0xff;
969 outbuf[3] = (nb_sectors >> 32) & 0xff;
970 outbuf[4] = (nb_sectors >> 24) & 0xff;
971 outbuf[5] = (nb_sectors >> 16) & 0xff;
972 outbuf[6] = (nb_sectors >> 8) & 0xff;
973 outbuf[7] = nb_sectors & 0xff;
974 outbuf[8] = 0;
975 outbuf[9] = 0;
976 outbuf[10] = s->cluster_size * 2;
977 outbuf[11] = 0;
978 outbuf[12] = 0;
979 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
980
981 /* set TPE bit if the format supports discard */
982 if (s->qdev.conf.discard_granularity) {
983 outbuf[14] = 0x80;
984 }
985
986 /* Protection, exponent and lowest lba field left blank. */
987 buflen = req->cmd.xfer;
988 break;
989 }
990 DPRINTF("Unsupported Service Action In\n");
991 goto illegal_request;
992 case REPORT_LUNS:
993 if (req->cmd.xfer < 16)
994 goto illegal_request;
995 memset(outbuf, 0, 16);
996 outbuf[3] = 8;
997 buflen = 16;
998 break;
999 case VERIFY:
1000 break;
1001 case REZERO_UNIT:
1002 DPRINTF("Rezero Unit\n");
1003 if (!bdrv_is_inserted(s->bs)) {
1004 goto not_ready;
1005 }
1006 break;
1007 default:
1008 goto illegal_request;
1009 }
1010 scsi_req_set_status(r, GOOD, NO_SENSE);
1011 return buflen;
1012
1013 not_ready:
1014 scsi_command_complete(r, CHECK_CONDITION, NOT_READY);
1015 return -1;
1016
1017 illegal_request:
1018 scsi_command_complete(r, CHECK_CONDITION, ILLEGAL_REQUEST);
1019 return -1;
1020 }
1021
1022 /* Execute a scsi command. Returns the length of the data expected by the
1023 command. This will be Positive for data transfers from the device
1024 (eg. disk reads), negative for transfers to the device (eg. disk writes),
1025 and zero if the command does not transfer any data. */
1026
1027 static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
1028 uint8_t *buf, int lun)
1029 {
1030 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
1031 uint32_t len;
1032 int is_write;
1033 uint8_t command;
1034 uint8_t *outbuf;
1035 SCSIDiskReq *r;
1036 int rc;
1037
1038 command = buf[0];
1039 r = scsi_find_request(s, tag);
1040 if (r) {
1041 BADF("Tag 0x%x already in use\n", tag);
1042 scsi_cancel_io(d, tag);
1043 }
1044 /* ??? Tags are not unique for different luns. We only implement a
1045 single lun, so this should not matter. */
1046 r = scsi_new_request(s, tag, lun);
1047 outbuf = (uint8_t *)r->iov.iov_base;
1048 is_write = 0;
1049 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
1050
1051 if (scsi_req_parse(&r->req, buf) != 0) {
1052 BADF("Unsupported command length, command %x\n", command);
1053 goto fail;
1054 }
1055 #ifdef DEBUG_SCSI
1056 {
1057 int i;
1058 for (i = 1; i < r->req.cmd.len; i++) {
1059 printf(" 0x%02x", buf[i]);
1060 }
1061 printf("\n");
1062 }
1063 #endif
1064
1065 if (lun || buf[1] >> 5) {
1066 /* Only LUN 0 supported. */
1067 DPRINTF("Unimplemented LUN %d\n", lun ? lun : buf[1] >> 5);
1068 if (command != REQUEST_SENSE && command != INQUIRY)
1069 goto fail;
1070 }
1071 switch (command) {
1072 case TEST_UNIT_READY:
1073 case REQUEST_SENSE:
1074 case INQUIRY:
1075 case MODE_SENSE:
1076 case MODE_SENSE_10:
1077 case RESERVE:
1078 case RESERVE_10:
1079 case RELEASE:
1080 case RELEASE_10:
1081 case START_STOP:
1082 case ALLOW_MEDIUM_REMOVAL:
1083 case READ_CAPACITY:
1084 case SYNCHRONIZE_CACHE:
1085 case READ_TOC:
1086 case GET_CONFIGURATION:
1087 case SERVICE_ACTION_IN:
1088 case REPORT_LUNS:
1089 case VERIFY:
1090 case REZERO_UNIT:
1091 rc = scsi_disk_emulate_command(r, outbuf);
1092 if (rc < 0) {
1093 return 0;
1094 }
1095
1096 r->iov.iov_len = rc;
1097 break;
1098 case READ_6:
1099 case READ_10:
1100 case READ_12:
1101 case READ_16:
1102 len = r->req.cmd.xfer / d->blocksize;
1103 DPRINTF("Read (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len);
1104 if (r->req.cmd.lba > s->max_lba)
1105 goto illegal_lba;
1106 r->sector = r->req.cmd.lba * s->cluster_size;
1107 r->sector_count = len * s->cluster_size;
1108 break;
1109 case WRITE_6:
1110 case WRITE_10:
1111 case WRITE_12:
1112 case WRITE_16:
1113 case WRITE_VERIFY:
1114 case WRITE_VERIFY_12:
1115 case WRITE_VERIFY_16:
1116 len = r->req.cmd.xfer / d->blocksize;
1117 DPRINTF("Write %s(sector %" PRId64 ", count %d)\n",
1118 (command & 0xe) == 0xe ? "And Verify " : "",
1119 r->req.cmd.lba, len);
1120 if (r->req.cmd.lba > s->max_lba)
1121 goto illegal_lba;
1122 r->sector = r->req.cmd.lba * s->cluster_size;
1123 r->sector_count = len * s->cluster_size;
1124 is_write = 1;
1125 break;
1126 case MODE_SELECT:
1127 DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
1128 /* We don't support mode parameter changes.
1129 Allow the mode parameter header + block descriptors only. */
1130 if (r->req.cmd.xfer > 12) {
1131 goto fail;
1132 }
1133 break;
1134 case MODE_SELECT_10:
1135 DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
1136 /* We don't support mode parameter changes.
1137 Allow the mode parameter header + block descriptors only. */
1138 if (r->req.cmd.xfer > 16) {
1139 goto fail;
1140 }
1141 break;
1142 case SEEK_6:
1143 case SEEK_10:
1144 DPRINTF("Seek(%d) (sector %" PRId64 ")\n", command == SEEK_6 ? 6 : 10,
1145 r->req.cmd.lba);
1146 if (r->req.cmd.lba > s->max_lba) {
1147 goto illegal_lba;
1148 }
1149 break;
1150 case WRITE_SAME_16:
1151 len = r->req.cmd.xfer / d->blocksize;
1152
1153 DPRINTF("WRITE SAME(16) (sector %" PRId64 ", count %d)\n",
1154 r->req.cmd.lba, len);
1155
1156 if (r->req.cmd.lba > s->max_lba) {
1157 goto illegal_lba;
1158 }
1159
1160 /*
1161 * We only support WRITE SAME with the unmap bit set for now.
1162 */
1163 if (!(buf[1] & 0x8)) {
1164 goto fail;
1165 }
1166
1167 rc = bdrv_discard(s->bs, r->req.cmd.lba * s->cluster_size,
1168 len * s->cluster_size);
1169 if (rc < 0) {
1170 /* XXX: better error code ?*/
1171 goto fail;
1172 }
1173
1174 break;
1175 default:
1176 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
1177 fail:
1178 scsi_command_complete(r, CHECK_CONDITION, ILLEGAL_REQUEST);
1179 return 0;
1180 illegal_lba:
1181 scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
1182 return 0;
1183 }
1184 if (r->sector_count == 0 && r->iov.iov_len == 0) {
1185 scsi_command_complete(r, GOOD, NO_SENSE);
1186 }
1187 len = r->sector_count * 512 + r->iov.iov_len;
1188 if (is_write) {
1189 return -len;
1190 } else {
1191 if (!r->sector_count)
1192 r->sector_count = -1;
1193 return len;
1194 }
1195 }
1196
1197 static void scsi_disk_purge_requests(SCSIDiskState *s)
1198 {
1199 SCSIDiskReq *r;
1200
1201 while (!QTAILQ_EMPTY(&s->qdev.requests)) {
1202 r = DO_UPCAST(SCSIDiskReq, req, QTAILQ_FIRST(&s->qdev.requests));
1203 if (r->req.aiocb) {
1204 bdrv_aio_cancel(r->req.aiocb);
1205 }
1206 scsi_remove_request(r);
1207 }
1208 }
1209
1210 static void scsi_disk_reset(DeviceState *dev)
1211 {
1212 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
1213 uint64_t nb_sectors;
1214
1215 scsi_disk_purge_requests(s);
1216
1217 bdrv_get_geometry(s->bs, &nb_sectors);
1218 nb_sectors /= s->cluster_size;
1219 if (nb_sectors) {
1220 nb_sectors--;
1221 }
1222 s->max_lba = nb_sectors;
1223 }
1224
1225 static void scsi_destroy(SCSIDevice *dev)
1226 {
1227 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1228
1229 scsi_disk_purge_requests(s);
1230 blockdev_mark_auto_del(s->qdev.conf.bs);
1231 }
1232
1233 static int scsi_disk_initfn(SCSIDevice *dev)
1234 {
1235 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1236 int is_cd;
1237 DriveInfo *dinfo;
1238
1239 if (!s->qdev.conf.bs) {
1240 error_report("scsi-disk: drive property not set");
1241 return -1;
1242 }
1243 s->bs = s->qdev.conf.bs;
1244 is_cd = bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM;
1245
1246 if (!is_cd && !bdrv_is_inserted(s->bs)) {
1247 error_report("Device needs media, but drive is empty");
1248 return -1;
1249 }
1250
1251 if (!s->serial) {
1252 /* try to fall back to value set with legacy -drive serial=... */
1253 dinfo = drive_get_by_blockdev(s->bs);
1254 s->serial = qemu_strdup(*dinfo->serial ? dinfo->serial : "0");
1255 }
1256
1257 if (!s->version) {
1258 s->version = qemu_strdup(QEMU_VERSION);
1259 }
1260
1261 if (bdrv_is_sg(s->bs)) {
1262 error_report("scsi-disk: unwanted /dev/sg*");
1263 return -1;
1264 }
1265
1266 if (is_cd) {
1267 s->qdev.blocksize = 2048;
1268 } else {
1269 s->qdev.blocksize = s->qdev.conf.logical_block_size;
1270 }
1271 s->cluster_size = s->qdev.blocksize / 512;
1272 s->bs->buffer_alignment = s->qdev.blocksize;
1273
1274 s->qdev.type = TYPE_DISK;
1275 qemu_add_vm_change_state_handler(scsi_dma_restart_cb, s);
1276 bdrv_set_removable(s->bs, is_cd);
1277 add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, ",0");
1278 return 0;
1279 }
1280
1281 static SCSIDeviceInfo scsi_disk_info = {
1282 .qdev.name = "scsi-disk",
1283 .qdev.fw_name = "disk",
1284 .qdev.desc = "virtual scsi disk or cdrom",
1285 .qdev.size = sizeof(SCSIDiskState),
1286 .qdev.reset = scsi_disk_reset,
1287 .init = scsi_disk_initfn,
1288 .destroy = scsi_destroy,
1289 .send_command = scsi_send_command,
1290 .read_data = scsi_read_data,
1291 .write_data = scsi_write_data,
1292 .cancel_io = scsi_cancel_io,
1293 .get_buf = scsi_get_buf,
1294 .qdev.props = (Property[]) {
1295 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf),
1296 DEFINE_PROP_STRING("ver", SCSIDiskState, version),
1297 DEFINE_PROP_STRING("serial", SCSIDiskState, serial),
1298 DEFINE_PROP_END_OF_LIST(),
1299 },
1300 };
1301
1302 static void scsi_disk_register_devices(void)
1303 {
1304 scsi_qdev_register(&scsi_disk_info);
1305 }
1306 device_init(scsi_disk_register_devices)
QEmu