search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge remote branch 'spice/usb.5' into staging
[qemu.git] / hw / scsi-disk.c
blob488eedd2cd8b4988c137ad451d1aa671a936b2a0
1 /*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
14 *
15 * This code is licenced under the LGPL.
16 *
17 * Note that this file only handles the SCSI architecture model and device
18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
20 */
21
22 //#define DEBUG_SCSI
23
24 #ifdef DEBUG_SCSI
25 #define DPRINTF(fmt, ...) \
26 do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
27 #else
28 #define DPRINTF(fmt, ...) do {} while(0)
29 #endif
30
31 #define BADF(fmt, ...) \
32 do { fprintf(stderr, "scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
33
34 #include "qemu-common.h"
35 #include "qemu-error.h"
36 #include "scsi.h"
37 #include "scsi-defs.h"
38 #include "sysemu.h"
39 #include "blockdev.h"
40
41 #define SCSI_DMA_BUF_SIZE 131072
42 #define SCSI_MAX_INQUIRY_LEN 256
43
44 #define SCSI_REQ_STATUS_RETRY 0x01
45 #define SCSI_REQ_STATUS_RETRY_TYPE_MASK 0x06
46 #define SCSI_REQ_STATUS_RETRY_READ 0x00
47 #define SCSI_REQ_STATUS_RETRY_WRITE 0x02
48 #define SCSI_REQ_STATUS_RETRY_FLUSH 0x04
49
50 typedef struct SCSIDiskState SCSIDiskState;
51
52 typedef struct SCSISense {
53 uint8_t key;
54 } SCSISense;
55
56 typedef struct SCSIDiskReq {
57 SCSIRequest req;
58 /* ??? We should probably keep track of whether the data transfer is
59 a read or a write. Currently we rely on the host getting it right. */
60 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
61 uint64_t sector;
62 uint32_t sector_count;
63 struct iovec iov;
64 QEMUIOVector qiov;
65 uint32_t status;
66 } SCSIDiskReq;
67
68 struct SCSIDiskState
69 {
70 SCSIDevice qdev;
71 BlockDriverState *bs;
72 /* The qemu block layer uses a fixed 512 byte sector size.
73 This is the number of 512 byte blocks in a single scsi sector. */
74 int cluster_size;
75 uint32_t removable;
76 uint64_t max_lba;
77 QEMUBH *bh;
78 char *version;
79 char *serial;
80 SCSISense sense;
81 };
82
83 static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type);
84 static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf);
85
86 static SCSIDiskReq *scsi_new_request(SCSIDiskState *s, uint32_t tag,
87 uint32_t lun)
88 {
89 SCSIRequest *req;
90 SCSIDiskReq *r;
91
92 req = scsi_req_alloc(sizeof(SCSIDiskReq), &s->qdev, tag, lun);
93 r = DO_UPCAST(SCSIDiskReq, req, req);
94 r->iov.iov_base = qemu_blockalign(s->bs, SCSI_DMA_BUF_SIZE);
95 return r;
96 }
97
98 static void scsi_remove_request(SCSIDiskReq *r)
99 {
100 qemu_vfree(r->iov.iov_base);
101 scsi_req_free(&r->req);
102 }
103
104 static SCSIDiskReq *scsi_find_request(SCSIDiskState *s, uint32_t tag)
105 {
106 return DO_UPCAST(SCSIDiskReq, req, scsi_req_find(&s->qdev, tag));
107 }
108
109 static void scsi_disk_clear_sense(SCSIDiskState *s)
110 {
111 memset(&s->sense, 0, sizeof(s->sense));
112 }
113
114 static void scsi_disk_set_sense(SCSIDiskState *s, uint8_t key)
115 {
116 s->sense.key = key;
117 }
118
119 static void scsi_req_set_status(SCSIDiskReq *r, int status, int sense_code)
120 {
121 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
122
123 r->req.status = status;
124 scsi_disk_set_sense(s, sense_code);
125 }
126
127 /* Helper function for command completion. */
128 static void scsi_command_complete(SCSIDiskReq *r, int status, int sense)
129 {
130 DPRINTF("Command complete tag=0x%x status=%d sense=%d\n",
131 r->req.tag, status, sense);
132 scsi_req_set_status(r, status, sense);
133 scsi_req_complete(&r->req);
134 scsi_remove_request(r);
135 }
136
137 /* Cancel a pending data transfer. */
138 static void scsi_cancel_io(SCSIDevice *d, uint32_t tag)
139 {
140 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
141 SCSIDiskReq *r;
142 DPRINTF("Cancel tag=0x%x\n", tag);
143 r = scsi_find_request(s, tag);
144 if (r) {
145 if (r->req.aiocb)
146 bdrv_aio_cancel(r->req.aiocb);
147 r->req.aiocb = NULL;
148 scsi_remove_request(r);
149 }
150 }
151
152 static void scsi_read_complete(void * opaque, int ret)
153 {
154 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
155 int n;
156
157 r->req.aiocb = NULL;
158
159 if (ret) {
160 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_READ)) {
161 return;
162 }
163 }
164
165 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->iov.iov_len);
166
167 n = r->iov.iov_len / 512;
168 r->sector += n;
169 r->sector_count -= n;
170 r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, r->iov.iov_len);
171 }
172
173
174 static void scsi_read_request(SCSIDiskReq *r)
175 {
176 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
177 uint32_t n;
178
179 if (r->sector_count == (uint32_t)-1) {
180 DPRINTF("Read buf_len=%zd\n", r->iov.iov_len);
181 r->sector_count = 0;
182 r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, r->iov.iov_len);
183 return;
184 }
185 DPRINTF("Read sector_count=%d\n", r->sector_count);
186 if (r->sector_count == 0) {
187 scsi_command_complete(r, GOOD, NO_SENSE);
188 return;
189 }
190
191 /* No data transfer may already be in progress */
192 assert(r->req.aiocb == NULL);
193
194 n = r->sector_count;
195 if (n > SCSI_DMA_BUF_SIZE / 512)
196 n = SCSI_DMA_BUF_SIZE / 512;
197
198 r->iov.iov_len = n * 512;
199 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
200 r->req.aiocb = bdrv_aio_readv(s->bs, r->sector, &r->qiov, n,
201 scsi_read_complete, r);
202 if (r->req.aiocb == NULL) {
203 scsi_read_complete(r, -EIO);
204 }
205 }
206
207 /* Read more data from scsi device into buffer. */
208 static void scsi_read_data(SCSIDevice *d, uint32_t tag)
209 {
210 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
211 SCSIDiskReq *r;
212
213 r = scsi_find_request(s, tag);
214 if (!r) {
215 BADF("Bad read tag 0x%x\n", tag);
216 /* ??? This is the wrong error. */
217 scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
218 return;
219 }
220
221 scsi_read_request(r);
222 }
223
224 static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type)
225 {
226 int is_read = (type == SCSI_REQ_STATUS_RETRY_READ);
227 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
228 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
229
230 if (action == BLOCK_ERR_IGNORE) {
231 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
232 return 0;
233 }
234
235 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
236 || action == BLOCK_ERR_STOP_ANY) {
237
238 type &= SCSI_REQ_STATUS_RETRY_TYPE_MASK;
239 r->status |= SCSI_REQ_STATUS_RETRY | type;
240
241 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
242 vm_stop(0);
243 } else {
244 if (type == SCSI_REQ_STATUS_RETRY_READ) {
245 r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, 0);
246 }
247 scsi_command_complete(r, CHECK_CONDITION,
248 HARDWARE_ERROR);
249 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
250 }
251
252 return 1;
253 }
254
255 static void scsi_write_complete(void * opaque, int ret)
256 {
257 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
258 uint32_t len;
259 uint32_t n;
260
261 r->req.aiocb = NULL;
262
263 if (ret) {
264 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_WRITE)) {
265 return;
266 }
267 }
268
269 n = r->iov.iov_len / 512;
270 r->sector += n;
271 r->sector_count -= n;
272 if (r->sector_count == 0) {
273 scsi_command_complete(r, GOOD, NO_SENSE);
274 } else {
275 len = r->sector_count * 512;
276 if (len > SCSI_DMA_BUF_SIZE) {
277 len = SCSI_DMA_BUF_SIZE;
278 }
279 r->iov.iov_len = len;
280 DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, len);
281 r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, len);
282 }
283 }
284
285 static void scsi_write_request(SCSIDiskReq *r)
286 {
287 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
288 uint32_t n;
289
290 /* No data transfer may already be in progress */
291 assert(r->req.aiocb == NULL);
292
293 n = r->iov.iov_len / 512;
294 if (n) {
295 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
296 r->req.aiocb = bdrv_aio_writev(s->bs, r->sector, &r->qiov, n,
297 scsi_write_complete, r);
298 if (r->req.aiocb == NULL) {
299 scsi_write_complete(r, -EIO);
300 }
301 } else {
302 /* Invoke completion routine to fetch data from host. */
303 scsi_write_complete(r, 0);
304 }
305 }
306
307 /* Write data to a scsi device. Returns nonzero on failure.
308 The transfer may complete asynchronously. */
309 static int scsi_write_data(SCSIDevice *d, uint32_t tag)
310 {
311 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
312 SCSIDiskReq *r;
313
314 DPRINTF("Write data tag=0x%x\n", tag);
315 r = scsi_find_request(s, tag);
316 if (!r) {
317 BADF("Bad write tag 0x%x\n", tag);
318 scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
319 return 1;
320 }
321
322 scsi_write_request(r);
323
324 return 0;
325 }
326
327 static void scsi_dma_restart_bh(void *opaque)
328 {
329 SCSIDiskState *s = opaque;
330 SCSIRequest *req;
331 SCSIDiskReq *r;
332
333 qemu_bh_delete(s->bh);
334 s->bh = NULL;
335
336 QTAILQ_FOREACH(req, &s->qdev.requests, next) {
337 r = DO_UPCAST(SCSIDiskReq, req, req);
338 if (r->status & SCSI_REQ_STATUS_RETRY) {
339 int status = r->status;
340 int ret;
341
342 r->status &=
343 ~(SCSI_REQ_STATUS_RETRY | SCSI_REQ_STATUS_RETRY_TYPE_MASK);
344
345 switch (status & SCSI_REQ_STATUS_RETRY_TYPE_MASK) {
346 case SCSI_REQ_STATUS_RETRY_READ:
347 scsi_read_request(r);
348 break;
349 case SCSI_REQ_STATUS_RETRY_WRITE:
350 scsi_write_request(r);
351 break;
352 case SCSI_REQ_STATUS_RETRY_FLUSH:
353 ret = scsi_disk_emulate_command(r, r->iov.iov_base);
354 if (ret == 0) {
355 scsi_command_complete(r, GOOD, NO_SENSE);
356 }
357 }
358 }
359 }
360 }
361
362 static void scsi_dma_restart_cb(void *opaque, int running, int reason)
363 {
364 SCSIDiskState *s = opaque;
365
366 if (!running)
367 return;
368
369 if (!s->bh) {
370 s->bh = qemu_bh_new(scsi_dma_restart_bh, s);
371 qemu_bh_schedule(s->bh);
372 }
373 }
374
375 /* Return a pointer to the data buffer. */
376 static uint8_t *scsi_get_buf(SCSIDevice *d, uint32_t tag)
377 {
378 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
379 SCSIDiskReq *r;
380
381 r = scsi_find_request(s, tag);
382 if (!r) {
383 BADF("Bad buffer tag 0x%x\n", tag);
384 return NULL;
385 }
386 return (uint8_t *)r->iov.iov_base;
387 }
388
389 static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
390 {
391 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
392 int buflen = 0;
393
394 if (req->cmd.buf[1] & 0x2) {
395 /* Command support data - optional, not implemented */
396 BADF("optional INQUIRY command support request not implemented\n");
397 return -1;
398 }
399
400 if (req->cmd.buf[1] & 0x1) {
401 /* Vital product data */
402 uint8_t page_code = req->cmd.buf[2];
403 if (req->cmd.xfer < 4) {
404 BADF("Error: Inquiry (EVPD[%02X]) buffer size %zd is "
405 "less than 4\n", page_code, req->cmd.xfer);
406 return -1;
407 }
408
409 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
410 outbuf[buflen++] = 5;
411 } else {
412 outbuf[buflen++] = 0;
413 }
414 outbuf[buflen++] = page_code ; // this page
415 outbuf[buflen++] = 0x00;
416
417 switch (page_code) {
418 case 0x00: /* Supported page codes, mandatory */
419 {
420 int pages;
421 DPRINTF("Inquiry EVPD[Supported pages] "
422 "buffer size %zd\n", req->cmd.xfer);
423 pages = buflen++;
424 outbuf[buflen++] = 0x00; // list of supported pages (this page)
425 outbuf[buflen++] = 0x80; // unit serial number
426 outbuf[buflen++] = 0x83; // device identification
427 if (bdrv_get_type_hint(s->bs) != BDRV_TYPE_CDROM) {
428 outbuf[buflen++] = 0xb0; // block limits
429 outbuf[buflen++] = 0xb2; // thin provisioning
430 }
431 outbuf[pages] = buflen - pages - 1; // number of pages
432 break;
433 }
434 case 0x80: /* Device serial number, optional */
435 {
436 int l = strlen(s->serial);
437
438 if (l > req->cmd.xfer)
439 l = req->cmd.xfer;
440 if (l > 20)
441 l = 20;
442
443 DPRINTF("Inquiry EVPD[Serial number] "
444 "buffer size %zd\n", req->cmd.xfer);
445 outbuf[buflen++] = l;
446 memcpy(outbuf+buflen, s->serial, l);
447 buflen += l;
448 break;
449 }
450
451 case 0x83: /* Device identification page, mandatory */
452 {
453 int max_len = 255 - 8;
454 int id_len = strlen(bdrv_get_device_name(s->bs));
455
456 if (id_len > max_len)
457 id_len = max_len;
458 DPRINTF("Inquiry EVPD[Device identification] "
459 "buffer size %zd\n", req->cmd.xfer);
460
461 outbuf[buflen++] = 4 + id_len;
462 outbuf[buflen++] = 0x2; // ASCII
463 outbuf[buflen++] = 0; // not officially assigned
464 outbuf[buflen++] = 0; // reserved
465 outbuf[buflen++] = id_len; // length of data following
466
467 memcpy(outbuf+buflen, bdrv_get_device_name(s->bs), id_len);
468 buflen += id_len;
469 break;
470 }
471 case 0xb0: /* block limits */
472 {
473 unsigned int unmap_sectors =
474 s->qdev.conf.discard_granularity / s->qdev.blocksize;
475 unsigned int min_io_size =
476 s->qdev.conf.min_io_size / s->qdev.blocksize;
477 unsigned int opt_io_size =
478 s->qdev.conf.opt_io_size / s->qdev.blocksize;
479
480 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
481 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
482 page_code);
483 return -1;
484 }
485 /* required VPD size with unmap support */
486 outbuf[3] = buflen = 0x3c;
487
488 memset(outbuf + 4, 0, buflen - 4);
489
490 /* optimal transfer length granularity */
491 outbuf[6] = (min_io_size >> 8) & 0xff;
492 outbuf[7] = min_io_size & 0xff;
493
494 /* optimal transfer length */
495 outbuf[12] = (opt_io_size >> 24) & 0xff;
496 outbuf[13] = (opt_io_size >> 16) & 0xff;
497 outbuf[14] = (opt_io_size >> 8) & 0xff;
498 outbuf[15] = opt_io_size & 0xff;
499
500 /* optimal unmap granularity */
501 outbuf[28] = (unmap_sectors >> 24) & 0xff;
502 outbuf[29] = (unmap_sectors >> 16) & 0xff;
503 outbuf[30] = (unmap_sectors >> 8) & 0xff;
504 outbuf[31] = unmap_sectors & 0xff;
505 break;
506 }
507 case 0xb2: /* thin provisioning */
508 {
509 outbuf[3] = buflen = 8;
510 outbuf[4] = 0;
511 outbuf[5] = 0x40; /* write same with unmap supported */
512 outbuf[6] = 0;
513 outbuf[7] = 0;
514 break;
515 }
516 default:
517 BADF("Error: unsupported Inquiry (EVPD[%02X]) "
518 "buffer size %zd\n", page_code, req->cmd.xfer);
519 return -1;
520 }
521 /* done with EVPD */
522 return buflen;
523 }
524
525 /* Standard INQUIRY data */
526 if (req->cmd.buf[2] != 0) {
527 BADF("Error: Inquiry (STANDARD) page or code "
528 "is non-zero [%02X]\n", req->cmd.buf[2]);
529 return -1;
530 }
531
532 /* PAGE CODE == 0 */
533 if (req->cmd.xfer < 5) {
534 BADF("Error: Inquiry (STANDARD) buffer size %zd "
535 "is less than 5\n", req->cmd.xfer);
536 return -1;
537 }
538
539 buflen = req->cmd.xfer;
540 if (buflen > SCSI_MAX_INQUIRY_LEN)
541 buflen = SCSI_MAX_INQUIRY_LEN;
542
543 memset(outbuf, 0, buflen);
544
545 if (req->lun || req->cmd.buf[1] >> 5) {
546 outbuf[0] = 0x7f; /* LUN not supported */
547 return buflen;
548 }
549
550 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
551 outbuf[0] = 5;
552 outbuf[1] = 0x80;
553 memcpy(&outbuf[16], "QEMU CD-ROM ", 16);
554 } else {
555 outbuf[0] = 0;
556 outbuf[1] = s->removable ? 0x80 : 0;
557 memcpy(&outbuf[16], "QEMU HARDDISK ", 16);
558 }
559 memcpy(&outbuf[8], "QEMU ", 8);
560 memset(&outbuf[32], 0, 4);
561 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
562 /*
563 * We claim conformance to SPC-3, which is required for guests
564 * to ask for modern features like READ CAPACITY(16) or the
565 * block characteristics VPD page by default. Not all of SPC-3
566 * is actually implemented, but we're good enough.
567 */
568 outbuf[2] = 5;
569 outbuf[3] = 2; /* Format 2 */
570
571 if (buflen > 36) {
572 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
573 } else {
574 /* If the allocation length of CDB is too small,
575 the additional length is not adjusted */
576 outbuf[4] = 36 - 5;
577 }
578
579 /* Sync data transfer and TCQ. */
580 outbuf[7] = 0x10 | (req->bus->tcq ? 0x02 : 0);
581 return buflen;
582 }
583
584 static int mode_sense_page(SCSIRequest *req, int page, uint8_t *p,
585 int page_control)
586 {
587 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
588 BlockDriverState *bdrv = s->bs;
589 int cylinders, heads, secs;
590
591 /*
592 * If Changeable Values are requested, a mask denoting those mode parameters
593 * that are changeable shall be returned. As we currently don't support
594 * parameter changes via MODE_SELECT all bits are returned set to zero.
595 * The buffer was already menset to zero by the caller of this function.
596 */
597 switch (page) {
598 case 4: /* Rigid disk device geometry page. */
599 p[0] = 4;
600 p[1] = 0x16;
601 if (page_control == 1) { /* Changeable Values */
602 return p[1] + 2;
603 }
604 /* if a geometry hint is available, use it */
605 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
606 p[2] = (cylinders >> 16) & 0xff;
607 p[3] = (cylinders >> 8) & 0xff;
608 p[4] = cylinders & 0xff;
609 p[5] = heads & 0xff;
610 /* Write precomp start cylinder, disabled */
611 p[6] = (cylinders >> 16) & 0xff;
612 p[7] = (cylinders >> 8) & 0xff;
613 p[8] = cylinders & 0xff;
614 /* Reduced current start cylinder, disabled */
615 p[9] = (cylinders >> 16) & 0xff;
616 p[10] = (cylinders >> 8) & 0xff;
617 p[11] = cylinders & 0xff;
618 /* Device step rate [ns], 200ns */
619 p[12] = 0;
620 p[13] = 200;
621 /* Landing zone cylinder */
622 p[14] = 0xff;
623 p[15] = 0xff;
624 p[16] = 0xff;
625 /* Medium rotation rate [rpm], 5400 rpm */
626 p[20] = (5400 >> 8) & 0xff;
627 p[21] = 5400 & 0xff;
628 return p[1] + 2;
629
630 case 5: /* Flexible disk device geometry page. */
631 p[0] = 5;
632 p[1] = 0x1e;
633 if (page_control == 1) { /* Changeable Values */
634 return p[1] + 2;
635 }
636 /* Transfer rate [kbit/s], 5Mbit/s */
637 p[2] = 5000 >> 8;
638 p[3] = 5000 & 0xff;
639 /* if a geometry hint is available, use it */
640 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
641 p[4] = heads & 0xff;
642 p[5] = secs & 0xff;
643 p[6] = s->cluster_size * 2;
644 p[8] = (cylinders >> 8) & 0xff;
645 p[9] = cylinders & 0xff;
646 /* Write precomp start cylinder, disabled */
647 p[10] = (cylinders >> 8) & 0xff;
648 p[11] = cylinders & 0xff;
649 /* Reduced current start cylinder, disabled */
650 p[12] = (cylinders >> 8) & 0xff;
651 p[13] = cylinders & 0xff;
652 /* Device step rate [100us], 100us */
653 p[14] = 0;
654 p[15] = 1;
655 /* Device step pulse width [us], 1us */
656 p[16] = 1;
657 /* Device head settle delay [100us], 100us */
658 p[17] = 0;
659 p[18] = 1;
660 /* Motor on delay [0.1s], 0.1s */
661 p[19] = 1;
662 /* Motor off delay [0.1s], 0.1s */
663 p[20] = 1;
664 /* Medium rotation rate [rpm], 5400 rpm */
665 p[28] = (5400 >> 8) & 0xff;
666 p[29] = 5400 & 0xff;
667 return p[1] + 2;
668
669 case 8: /* Caching page. */
670 p[0] = 8;
671 p[1] = 0x12;
672 if (page_control == 1) { /* Changeable Values */
673 return p[1] + 2;
674 }
675 if (bdrv_enable_write_cache(s->bs)) {
676 p[2] = 4; /* WCE */
677 }
678 return p[1] + 2;
679
680 case 0x2a: /* CD Capabilities and Mechanical Status page. */
681 if (bdrv_get_type_hint(bdrv) != BDRV_TYPE_CDROM)
682 return 0;
683 p[0] = 0x2a;
684 p[1] = 0x14;
685 if (page_control == 1) { /* Changeable Values */
686 return p[1] + 2;
687 }
688 p[2] = 3; // CD-R & CD-RW read
689 p[3] = 0; // Writing not supported
690 p[4] = 0x7f; /* Audio, composite, digital out,
691 mode 2 form 1&2, multi session */
692 p[5] = 0xff; /* CD DA, DA accurate, RW supported,
693 RW corrected, C2 errors, ISRC,
694 UPC, Bar code */
695 p[6] = 0x2d | (bdrv_is_locked(s->bs)? 2 : 0);
696 /* Locking supported, jumper present, eject, tray */
697 p[7] = 0; /* no volume & mute control, no
698 changer */
699 p[8] = (50 * 176) >> 8; // 50x read speed
700 p[9] = (50 * 176) & 0xff;
701 p[10] = 0 >> 8; // No volume
702 p[11] = 0 & 0xff;
703 p[12] = 2048 >> 8; // 2M buffer
704 p[13] = 2048 & 0xff;
705 p[14] = (16 * 176) >> 8; // 16x read speed current
706 p[15] = (16 * 176) & 0xff;
707 p[18] = (16 * 176) >> 8; // 16x write speed
708 p[19] = (16 * 176) & 0xff;
709 p[20] = (16 * 176) >> 8; // 16x write speed current
710 p[21] = (16 * 176) & 0xff;
711 return p[1] + 2;
712
713 default:
714 return 0;
715 }
716 }
717
718 static int scsi_disk_emulate_mode_sense(SCSIRequest *req, uint8_t *outbuf)
719 {
720 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
721 uint64_t nb_sectors;
722 int page, dbd, buflen, page_control;
723 uint8_t *p;
724 uint8_t dev_specific_param;
725
726 dbd = req->cmd.buf[1] & 0x8;
727 page = req->cmd.buf[2] & 0x3f;
728 page_control = (req->cmd.buf[2] & 0xc0) >> 6;
729 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
730 (req->cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, req->cmd.xfer, page_control);
731 memset(outbuf, 0, req->cmd.xfer);
732 p = outbuf;
733
734 if (bdrv_is_read_only(s->bs)) {
735 dev_specific_param = 0x80; /* Readonly. */
736 } else {
737 dev_specific_param = 0x00;
738 }
739
740 if (req->cmd.buf[0] == MODE_SENSE) {
741 p[1] = 0; /* Default media type. */
742 p[2] = dev_specific_param;
743 p[3] = 0; /* Block descriptor length. */
744 p += 4;
745 } else { /* MODE_SENSE_10 */
746 p[2] = 0; /* Default media type. */
747 p[3] = dev_specific_param;
748 p[6] = p[7] = 0; /* Block descriptor length. */
749 p += 8;
750 }
751
752 bdrv_get_geometry(s->bs, &nb_sectors);
753 if (!dbd && nb_sectors) {
754 if (req->cmd.buf[0] == MODE_SENSE) {
755 outbuf[3] = 8; /* Block descriptor length */
756 } else { /* MODE_SENSE_10 */
757 outbuf[7] = 8; /* Block descriptor length */
758 }
759 nb_sectors /= s->cluster_size;
760 if (nb_sectors > 0xffffff)
761 nb_sectors = 0;
762 p[0] = 0; /* media density code */
763 p[1] = (nb_sectors >> 16) & 0xff;
764 p[2] = (nb_sectors >> 8) & 0xff;
765 p[3] = nb_sectors & 0xff;
766 p[4] = 0; /* reserved */
767 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
768 p[6] = s->cluster_size * 2;
769 p[7] = 0;
770 p += 8;
771 }
772
773 if (page_control == 3) { /* Saved Values */
774 return -1; /* ILLEGAL_REQUEST */
775 }
776
777 switch (page) {
778 case 0x04:
779 case 0x05:
780 case 0x08:
781 case 0x2a:
782 p += mode_sense_page(req, page, p, page_control);
783 break;
784 case 0x3f:
785 p += mode_sense_page(req, 0x08, p, page_control);
786 p += mode_sense_page(req, 0x2a, p, page_control);
787 break;
788 default:
789 return -1; /* ILLEGAL_REQUEST */
790 }
791
792 buflen = p - outbuf;
793 /*
794 * The mode data length field specifies the length in bytes of the
795 * following data that is available to be transferred. The mode data
796 * length does not include itself.
797 */
798 if (req->cmd.buf[0] == MODE_SENSE) {
799 outbuf[0] = buflen - 1;
800 } else { /* MODE_SENSE_10 */
801 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
802 outbuf[1] = (buflen - 2) & 0xff;
803 }
804 if (buflen > req->cmd.xfer)
805 buflen = req->cmd.xfer;
806 return buflen;
807 }
808
809 static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
810 {
811 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
812 int start_track, format, msf, toclen;
813 uint64_t nb_sectors;
814
815 msf = req->cmd.buf[1] & 2;
816 format = req->cmd.buf[2] & 0xf;
817 start_track = req->cmd.buf[6];
818 bdrv_get_geometry(s->bs, &nb_sectors);
819 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
820 nb_sectors /= s->cluster_size;
821 switch (format) {
822 case 0:
823 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
824 break;
825 case 1:
826 /* multi session : only a single session defined */
827 toclen = 12;
828 memset(outbuf, 0, 12);
829 outbuf[1] = 0x0a;
830 outbuf[2] = 0x01;
831 outbuf[3] = 0x01;
832 break;
833 case 2:
834 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
835 break;
836 default:
837 return -1;
838 }
839 if (toclen > req->cmd.xfer)
840 toclen = req->cmd.xfer;
841 return toclen;
842 }
843
844 static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf)
845 {
846 SCSIRequest *req = &r->req;
847 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
848 uint64_t nb_sectors;
849 int buflen = 0;
850 int ret;
851
852 switch (req->cmd.buf[0]) {
853 case TEST_UNIT_READY:
854 if (!bdrv_is_inserted(s->bs))
855 goto not_ready;
856 break;
857 case REQUEST_SENSE:
858 if (req->cmd.xfer < 4)
859 goto illegal_request;
860 memset(outbuf, 0, 4);
861 buflen = 4;
862 if (s->sense.key == NOT_READY && req->cmd.xfer >= 18) {
863 memset(outbuf, 0, 18);
864 buflen = 18;
865 outbuf[7] = 10;
866 /* asc 0x3a, ascq 0: Medium not present */
867 outbuf[12] = 0x3a;
868 outbuf[13] = 0;
869 }
870 outbuf[0] = 0xf0;
871 outbuf[1] = 0;
872 outbuf[2] = s->sense.key;
873 scsi_disk_clear_sense(s);
874 break;
875 case INQUIRY:
876 buflen = scsi_disk_emulate_inquiry(req, outbuf);
877 if (buflen < 0)
878 goto illegal_request;
879 break;
880 case MODE_SENSE:
881 case MODE_SENSE_10:
882 buflen = scsi_disk_emulate_mode_sense(req, outbuf);
883 if (buflen < 0)
884 goto illegal_request;
885 break;
886 case READ_TOC:
887 buflen = scsi_disk_emulate_read_toc(req, outbuf);
888 if (buflen < 0)
889 goto illegal_request;
890 break;
891 case RESERVE:
892 if (req->cmd.buf[1] & 1)
893 goto illegal_request;
894 break;
895 case RESERVE_10:
896 if (req->cmd.buf[1] & 3)
897 goto illegal_request;
898 break;
899 case RELEASE:
900 if (req->cmd.buf[1] & 1)
901 goto illegal_request;
902 break;
903 case RELEASE_10:
904 if (req->cmd.buf[1] & 3)
905 goto illegal_request;
906 break;
907 case START_STOP:
908 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM && (req->cmd.buf[4] & 2)) {
909 /* load/eject medium */
910 bdrv_eject(s->bs, !(req->cmd.buf[4] & 1));
911 }
912 break;
913 case ALLOW_MEDIUM_REMOVAL:
914 bdrv_set_locked(s->bs, req->cmd.buf[4] & 1);
915 break;
916 case READ_CAPACITY:
917 /* The normal LEN field for this command is zero. */
918 memset(outbuf, 0, 8);
919 bdrv_get_geometry(s->bs, &nb_sectors);
920 if (!nb_sectors)
921 goto not_ready;
922 nb_sectors /= s->cluster_size;
923 /* Returned value is the address of the last sector. */
924 nb_sectors--;
925 /* Remember the new size for read/write sanity checking. */
926 s->max_lba = nb_sectors;
927 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
928 if (nb_sectors > UINT32_MAX)
929 nb_sectors = UINT32_MAX;
930 outbuf[0] = (nb_sectors >> 24) & 0xff;
931 outbuf[1] = (nb_sectors >> 16) & 0xff;
932 outbuf[2] = (nb_sectors >> 8) & 0xff;
933 outbuf[3] = nb_sectors & 0xff;
934 outbuf[4] = 0;
935 outbuf[5] = 0;
936 outbuf[6] = s->cluster_size * 2;
937 outbuf[7] = 0;
938 buflen = 8;
939 break;
940 case SYNCHRONIZE_CACHE:
941 ret = bdrv_flush(s->bs);
942 if (ret < 0) {
943 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_FLUSH)) {
944 return -1;
945 }
946 }
947 break;
948 case GET_CONFIGURATION:
949 memset(outbuf, 0, 8);
950 /* ??? This should probably return much more information. For now
951 just return the basic header indicating the CD-ROM profile. */
952 outbuf[7] = 8; // CD-ROM
953 buflen = 8;
954 break;
955 case SERVICE_ACTION_IN:
956 /* Service Action In subcommands. */
957 if ((req->cmd.buf[1] & 31) == 0x10) {
958 DPRINTF("SAI READ CAPACITY(16)\n");
959 memset(outbuf, 0, req->cmd.xfer);
960 bdrv_get_geometry(s->bs, &nb_sectors);
961 if (!nb_sectors)
962 goto not_ready;
963 nb_sectors /= s->cluster_size;
964 /* Returned value is the address of the last sector. */
965 nb_sectors--;
966 /* Remember the new size for read/write sanity checking. */
967 s->max_lba = nb_sectors;
968 outbuf[0] = (nb_sectors >> 56) & 0xff;
969 outbuf[1] = (nb_sectors >> 48) & 0xff;
970 outbuf[2] = (nb_sectors >> 40) & 0xff;
971 outbuf[3] = (nb_sectors >> 32) & 0xff;
972 outbuf[4] = (nb_sectors >> 24) & 0xff;
973 outbuf[5] = (nb_sectors >> 16) & 0xff;
974 outbuf[6] = (nb_sectors >> 8) & 0xff;
975 outbuf[7] = nb_sectors & 0xff;
976 outbuf[8] = 0;
977 outbuf[9] = 0;
978 outbuf[10] = s->cluster_size * 2;
979 outbuf[11] = 0;
980 outbuf[12] = 0;
981 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
982
983 /* set TPE bit if the format supports discard */
984 if (s->qdev.conf.discard_granularity) {
985 outbuf[14] = 0x80;
986 }
987
988 /* Protection, exponent and lowest lba field left blank. */
989 buflen = req->cmd.xfer;
990 break;
991 }
992 DPRINTF("Unsupported Service Action In\n");
993 goto illegal_request;
994 case REPORT_LUNS:
995 if (req->cmd.xfer < 16)
996 goto illegal_request;
997 memset(outbuf, 0, 16);
998 outbuf[3] = 8;
999 buflen = 16;
1000 break;
1001 case VERIFY:
1002 break;
1003 case REZERO_UNIT:
1004 DPRINTF("Rezero Unit\n");
1005 if (!bdrv_is_inserted(s->bs)) {
1006 goto not_ready;
1007 }
1008 break;
1009 default:
1010 goto illegal_request;
1011 }
1012 scsi_req_set_status(r, GOOD, NO_SENSE);
1013 return buflen;
1014
1015 not_ready:
1016 scsi_command_complete(r, CHECK_CONDITION, NOT_READY);
1017 return -1;
1018
1019 illegal_request:
1020 scsi_command_complete(r, CHECK_CONDITION, ILLEGAL_REQUEST);
1021 return -1;
1022 }
1023
1024 /* Execute a scsi command. Returns the length of the data expected by the
1025 command. This will be Positive for data transfers from the device
1026 (eg. disk reads), negative for transfers to the device (eg. disk writes),
1027 and zero if the command does not transfer any data. */
1028
1029 static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
1030 uint8_t *buf, int lun)
1031 {
1032 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
1033 uint32_t len;
1034 int is_write;
1035 uint8_t command;
1036 uint8_t *outbuf;
1037 SCSIDiskReq *r;
1038 int rc;
1039
1040 command = buf[0];
1041 r = scsi_find_request(s, tag);
1042 if (r) {
1043 BADF("Tag 0x%x already in use\n", tag);
1044 scsi_cancel_io(d, tag);
1045 }
1046 /* ??? Tags are not unique for different luns. We only implement a
1047 single lun, so this should not matter. */
1048 r = scsi_new_request(s, tag, lun);
1049 outbuf = (uint8_t *)r->iov.iov_base;
1050 is_write = 0;
1051 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
1052
1053 if (scsi_req_parse(&r->req, buf) != 0) {
1054 BADF("Unsupported command length, command %x\n", command);
1055 goto fail;
1056 }
1057 #ifdef DEBUG_SCSI
1058 {
1059 int i;
1060 for (i = 1; i < r->req.cmd.len; i++) {
1061 printf(" 0x%02x", buf[i]);
1062 }
1063 printf("\n");
1064 }
1065 #endif
1066
1067 if (lun || buf[1] >> 5) {
1068 /* Only LUN 0 supported. */
1069 DPRINTF("Unimplemented LUN %d\n", lun ? lun : buf[1] >> 5);
1070 if (command != REQUEST_SENSE && command != INQUIRY)
1071 goto fail;
1072 }
1073 switch (command) {
1074 case TEST_UNIT_READY:
1075 case REQUEST_SENSE:
1076 case INQUIRY:
1077 case MODE_SENSE:
1078 case MODE_SENSE_10:
1079 case RESERVE:
1080 case RESERVE_10:
1081 case RELEASE:
1082 case RELEASE_10:
1083 case START_STOP:
1084 case ALLOW_MEDIUM_REMOVAL:
1085 case READ_CAPACITY:
1086 case SYNCHRONIZE_CACHE:
1087 case READ_TOC:
1088 case GET_CONFIGURATION:
1089 case SERVICE_ACTION_IN:
1090 case REPORT_LUNS:
1091 case VERIFY:
1092 case REZERO_UNIT:
1093 rc = scsi_disk_emulate_command(r, outbuf);
1094 if (rc < 0) {
1095 return 0;
1096 }
1097
1098 r->iov.iov_len = rc;
1099 break;
1100 case READ_6:
1101 case READ_10:
1102 case READ_12:
1103 case READ_16:
1104 len = r->req.cmd.xfer / d->blocksize;
1105 DPRINTF("Read (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len);
1106 if (r->req.cmd.lba > s->max_lba)
1107 goto illegal_lba;
1108 r->sector = r->req.cmd.lba * s->cluster_size;
1109 r->sector_count = len * s->cluster_size;
1110 break;
1111 case WRITE_6:
1112 case WRITE_10:
1113 case WRITE_12:
1114 case WRITE_16:
1115 case WRITE_VERIFY:
1116 case WRITE_VERIFY_12:
1117 case WRITE_VERIFY_16:
1118 len = r->req.cmd.xfer / d->blocksize;
1119 DPRINTF("Write %s(sector %" PRId64 ", count %d)\n",
1120 (command & 0xe) == 0xe ? "And Verify " : "",
1121 r->req.cmd.lba, len);
1122 if (r->req.cmd.lba > s->max_lba)
1123 goto illegal_lba;
1124 r->sector = r->req.cmd.lba * s->cluster_size;
1125 r->sector_count = len * s->cluster_size;
1126 is_write = 1;
1127 break;
1128 case MODE_SELECT:
1129 DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
1130 /* We don't support mode parameter changes.
1131 Allow the mode parameter header + block descriptors only. */
1132 if (r->req.cmd.xfer > 12) {
1133 goto fail;
1134 }
1135 break;
1136 case MODE_SELECT_10:
1137 DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
1138 /* We don't support mode parameter changes.
1139 Allow the mode parameter header + block descriptors only. */
1140 if (r->req.cmd.xfer > 16) {
1141 goto fail;
1142 }
1143 break;
1144 case SEEK_6:
1145 case SEEK_10:
1146 DPRINTF("Seek(%d) (sector %" PRId64 ")\n", command == SEEK_6 ? 6 : 10,
1147 r->req.cmd.lba);
1148 if (r->req.cmd.lba > s->max_lba) {
1149 goto illegal_lba;
1150 }
1151 break;
1152 case WRITE_SAME_16:
1153 len = r->req.cmd.xfer / d->blocksize;
1154
1155 DPRINTF("WRITE SAME(16) (sector %" PRId64 ", count %d)\n",
1156 r->req.cmd.lba, len);
1157
1158 if (r->req.cmd.lba > s->max_lba) {
1159 goto illegal_lba;
1160 }
1161
1162 /*
1163 * We only support WRITE SAME with the unmap bit set for now.
1164 */
1165 if (!(buf[1] & 0x8)) {
1166 goto fail;
1167 }
1168
1169 rc = bdrv_discard(s->bs, r->req.cmd.lba * s->cluster_size,
1170 len * s->cluster_size);
1171 if (rc < 0) {
1172 /* XXX: better error code ?*/
1173 goto fail;
1174 }
1175
1176 break;
1177 default:
1178 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
1179 fail:
1180 scsi_command_complete(r, CHECK_CONDITION, ILLEGAL_REQUEST);
1181 return 0;
1182 illegal_lba:
1183 scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
1184 return 0;
1185 }
1186 if (r->sector_count == 0 && r->iov.iov_len == 0) {
1187 scsi_command_complete(r, GOOD, NO_SENSE);
1188 }
1189 len = r->sector_count * 512 + r->iov.iov_len;
1190 if (is_write) {
1191 return -len;
1192 } else {
1193 if (!r->sector_count)
1194 r->sector_count = -1;
1195 return len;
1196 }
1197 }
1198
1199 static void scsi_disk_purge_requests(SCSIDiskState *s)
1200 {
1201 SCSIDiskReq *r;
1202
1203 while (!QTAILQ_EMPTY(&s->qdev.requests)) {
1204 r = DO_UPCAST(SCSIDiskReq, req, QTAILQ_FIRST(&s->qdev.requests));
1205 if (r->req.aiocb) {
1206 bdrv_aio_cancel(r->req.aiocb);
1207 }
1208 scsi_remove_request(r);
1209 }
1210 }
1211
1212 static void scsi_disk_reset(DeviceState *dev)
1213 {
1214 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
1215 uint64_t nb_sectors;
1216
1217 scsi_disk_purge_requests(s);
1218
1219 bdrv_get_geometry(s->bs, &nb_sectors);
1220 nb_sectors /= s->cluster_size;
1221 if (nb_sectors) {
1222 nb_sectors--;
1223 }
1224 s->max_lba = nb_sectors;
1225 }
1226
1227 static void scsi_destroy(SCSIDevice *dev)
1228 {
1229 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1230
1231 scsi_disk_purge_requests(s);
1232 blockdev_mark_auto_del(s->qdev.conf.bs);
1233 }
1234
1235 static int scsi_disk_initfn(SCSIDevice *dev)
1236 {
1237 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1238 int is_cd;
1239 DriveInfo *dinfo;
1240
1241 if (!s->qdev.conf.bs) {
1242 error_report("scsi-disk: drive property not set");
1243 return -1;
1244 }
1245 s->bs = s->qdev.conf.bs;
1246 is_cd = bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM;
1247
1248 if (!is_cd && !bdrv_is_inserted(s->bs)) {
1249 error_report("Device needs media, but drive is empty");
1250 return -1;
1251 }
1252
1253 if (!s->serial) {
1254 /* try to fall back to value set with legacy -drive serial=... */
1255 dinfo = drive_get_by_blockdev(s->bs);
1256 s->serial = qemu_strdup(*dinfo->serial ? dinfo->serial : "0");
1257 }
1258
1259 if (!s->version) {
1260 s->version = qemu_strdup(QEMU_VERSION);
1261 }
1262
1263 if (bdrv_is_sg(s->bs)) {
1264 error_report("scsi-disk: unwanted /dev/sg*");
1265 return -1;
1266 }
1267
1268 if (is_cd) {
1269 s->qdev.blocksize = 2048;
1270 } else {
1271 s->qdev.blocksize = s->qdev.conf.logical_block_size;
1272 }
1273 s->cluster_size = s->qdev.blocksize / 512;
1274 s->bs->buffer_alignment = s->qdev.blocksize;
1275
1276 s->qdev.type = TYPE_DISK;
1277 qemu_add_vm_change_state_handler(scsi_dma_restart_cb, s);
1278 bdrv_set_removable(s->bs, is_cd);
1279 add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, ",0");
1280 return 0;
1281 }
1282
1283 static SCSIDeviceInfo scsi_disk_info = {
1284 .qdev.name = "scsi-disk",
1285 .qdev.fw_name = "disk",
1286 .qdev.desc = "virtual scsi disk or cdrom",
1287 .qdev.size = sizeof(SCSIDiskState),
1288 .qdev.reset = scsi_disk_reset,
1289 .init = scsi_disk_initfn,
1290 .destroy = scsi_destroy,
1291 .send_command = scsi_send_command,
1292 .read_data = scsi_read_data,
1293 .write_data = scsi_write_data,
1294 .cancel_io = scsi_cancel_io,
1295 .get_buf = scsi_get_buf,
1296 .qdev.props = (Property[]) {
1297 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf),
1298 DEFINE_PROP_STRING("ver", SCSIDiskState, version),
1299 DEFINE_PROP_STRING("serial", SCSIDiskState, serial),
1300 DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false),
1301 DEFINE_PROP_END_OF_LIST(),
1302 },
1303 };
1304
1305 static void scsi_disk_register_devices(void)
1306 {
1307 scsi_qdev_register(&scsi_disk_info);
1308 }
1309 device_init(scsi_disk_register_devices)
QEmu