search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
block: directly invoke .bdrv_* from emulation functions
[qemu/ar7.git] / hw / scsi-disk.c
blob69095780aca64f0f2085d6cd23c3a1a5448d0ef2
1 /*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
14 *
15 * This code is licensed under the LGPL.
16 *
17 * Note that this file only handles the SCSI architecture model and device
18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
20 */
21
22 //#define DEBUG_SCSI
23
24 #ifdef DEBUG_SCSI
25 #define DPRINTF(fmt, ...) \
26 do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
27 #else
28 #define DPRINTF(fmt, ...) do {} while(0)
29 #endif
30
31 #define BADF(fmt, ...) \
32 do { fprintf(stderr, "scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
33
34 #include "qemu-common.h"
35 #include "qemu-error.h"
36 #include "scsi.h"
37 #include "scsi-defs.h"
38 #include "sysemu.h"
39 #include "blockdev.h"
40 #include "block_int.h"
41
42 #define SCSI_DMA_BUF_SIZE 131072
43 #define SCSI_MAX_INQUIRY_LEN 256
44
45 #define SCSI_REQ_STATUS_RETRY 0x01
46 #define SCSI_REQ_STATUS_RETRY_TYPE_MASK 0x06
47 #define SCSI_REQ_STATUS_RETRY_READ 0x00
48 #define SCSI_REQ_STATUS_RETRY_WRITE 0x02
49 #define SCSI_REQ_STATUS_RETRY_FLUSH 0x04
50
51 typedef struct SCSIDiskState SCSIDiskState;
52
53 typedef struct SCSIDiskReq {
54 SCSIRequest req;
55 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
56 uint64_t sector;
57 uint32_t sector_count;
58 uint32_t buflen;
59 struct iovec iov;
60 QEMUIOVector qiov;
61 uint32_t status;
62 BlockAcctCookie acct;
63 } SCSIDiskReq;
64
65 struct SCSIDiskState
66 {
67 SCSIDevice qdev;
68 BlockDriverState *bs;
69 /* The qemu block layer uses a fixed 512 byte sector size.
70 This is the number of 512 byte blocks in a single scsi sector. */
71 int cluster_size;
72 uint32_t removable;
73 uint64_t max_lba;
74 QEMUBH *bh;
75 char *version;
76 char *serial;
77 bool tray_open;
78 bool tray_locked;
79 };
80
81 static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type);
82 static int scsi_disk_emulate_command(SCSIDiskReq *r);
83
84 static void scsi_free_request(SCSIRequest *req)
85 {
86 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
87
88 if (r->iov.iov_base) {
89 qemu_vfree(r->iov.iov_base);
90 }
91 }
92
93 /* Helper function for command completion with sense. */
94 static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
95 {
96 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n",
97 r->req.tag, sense.key, sense.asc, sense.ascq);
98 scsi_req_build_sense(&r->req, sense);
99 scsi_req_complete(&r->req, CHECK_CONDITION);
100 }
101
102 /* Cancel a pending data transfer. */
103 static void scsi_cancel_io(SCSIRequest *req)
104 {
105 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
106
107 DPRINTF("Cancel tag=0x%x\n", req->tag);
108 if (r->req.aiocb) {
109 bdrv_aio_cancel(r->req.aiocb);
110 }
111 r->req.aiocb = NULL;
112 }
113
114 static uint32_t scsi_init_iovec(SCSIDiskReq *r)
115 {
116 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
117
118 if (!r->iov.iov_base) {
119 r->buflen = SCSI_DMA_BUF_SIZE;
120 r->iov.iov_base = qemu_blockalign(s->bs, r->buflen);
121 }
122 r->iov.iov_len = MIN(r->sector_count * 512, r->buflen);
123 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
124 return r->qiov.size / 512;
125 }
126
127 static void scsi_read_complete(void * opaque, int ret)
128 {
129 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
130 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
131 int n;
132
133 if (r->req.aiocb != NULL) {
134 r->req.aiocb = NULL;
135 bdrv_acct_done(s->bs, &r->acct);
136 }
137
138 if (ret) {
139 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_READ)) {
140 return;
141 }
142 }
143
144 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->qiov.size);
145
146 n = r->qiov.size / 512;
147 r->sector += n;
148 r->sector_count -= n;
149 scsi_req_data(&r->req, r->qiov.size);
150 }
151
152 static void scsi_flush_complete(void * opaque, int ret)
153 {
154 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
155 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
156
157 if (r->req.aiocb != NULL) {
158 r->req.aiocb = NULL;
159 bdrv_acct_done(s->bs, &r->acct);
160 }
161
162 if (ret < 0) {
163 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_FLUSH)) {
164 return;
165 }
166 }
167
168 scsi_req_complete(&r->req, GOOD);
169 }
170
171 /* Read more data from scsi device into buffer. */
172 static void scsi_read_data(SCSIRequest *req)
173 {
174 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
175 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
176 uint32_t n;
177
178 if (r->sector_count == (uint32_t)-1) {
179 DPRINTF("Read buf_len=%zd\n", r->iov.iov_len);
180 r->sector_count = 0;
181 scsi_req_data(&r->req, r->iov.iov_len);
182 return;
183 }
184 DPRINTF("Read sector_count=%d\n", r->sector_count);
185 if (r->sector_count == 0) {
186 /* This also clears the sense buffer for REQUEST SENSE. */
187 scsi_req_complete(&r->req, GOOD);
188 return;
189 }
190
191 /* No data transfer may already be in progress */
192 assert(r->req.aiocb == NULL);
193
194 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
195 DPRINTF("Data transfer direction invalid\n");
196 scsi_read_complete(r, -EINVAL);
197 return;
198 }
199
200 if (s->tray_open) {
201 scsi_read_complete(r, -ENOMEDIUM);
202 }
203 n = scsi_init_iovec(r);
204 bdrv_acct_start(s->bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
205 r->req.aiocb = bdrv_aio_readv(s->bs, r->sector, &r->qiov, n,
206 scsi_read_complete, r);
207 if (r->req.aiocb == NULL) {
208 scsi_read_complete(r, -EIO);
209 }
210 }
211
212 static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type)
213 {
214 int is_read = (type == SCSI_REQ_STATUS_RETRY_READ);
215 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
216 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
217
218 if (action == BLOCK_ERR_IGNORE) {
219 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
220 return 0;
221 }
222
223 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
224 || action == BLOCK_ERR_STOP_ANY) {
225
226 type &= SCSI_REQ_STATUS_RETRY_TYPE_MASK;
227 r->status |= SCSI_REQ_STATUS_RETRY | type;
228
229 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
230 vm_stop(RUN_STATE_IO_ERROR);
231 bdrv_iostatus_set_err(s->bs, error);
232 } else {
233 switch (error) {
234 case ENOMEM:
235 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
236 break;
237 case EINVAL:
238 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
239 break;
240 default:
241 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
242 break;
243 }
244 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
245 }
246 return 1;
247 }
248
249 static void scsi_write_complete(void * opaque, int ret)
250 {
251 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
252 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
253 uint32_t n;
254
255 if (r->req.aiocb != NULL) {
256 r->req.aiocb = NULL;
257 bdrv_acct_done(s->bs, &r->acct);
258 }
259
260 if (ret) {
261 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_WRITE)) {
262 return;
263 }
264 }
265
266 n = r->qiov.size / 512;
267 r->sector += n;
268 r->sector_count -= n;
269 if (r->sector_count == 0) {
270 scsi_req_complete(&r->req, GOOD);
271 } else {
272 scsi_init_iovec(r);
273 DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, r->qiov.size);
274 scsi_req_data(&r->req, r->qiov.size);
275 }
276 }
277
278 static void scsi_write_data(SCSIRequest *req)
279 {
280 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
281 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
282 uint32_t n;
283
284 /* No data transfer may already be in progress */
285 assert(r->req.aiocb == NULL);
286
287 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
288 DPRINTF("Data transfer direction invalid\n");
289 scsi_write_complete(r, -EINVAL);
290 return;
291 }
292
293 n = r->qiov.size / 512;
294 if (n) {
295 if (s->tray_open) {
296 scsi_write_complete(r, -ENOMEDIUM);
297 }
298 bdrv_acct_start(s->bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_WRITE);
299 r->req.aiocb = bdrv_aio_writev(s->bs, r->sector, &r->qiov, n,
300 scsi_write_complete, r);
301 if (r->req.aiocb == NULL) {
302 scsi_write_complete(r, -ENOMEM);
303 }
304 } else {
305 /* Called for the first time. Ask the driver to send us more data. */
306 scsi_write_complete(r, 0);
307 }
308 }
309
310 static void scsi_dma_restart_bh(void *opaque)
311 {
312 SCSIDiskState *s = opaque;
313 SCSIRequest *req;
314 SCSIDiskReq *r;
315
316 qemu_bh_delete(s->bh);
317 s->bh = NULL;
318
319 QTAILQ_FOREACH(req, &s->qdev.requests, next) {
320 r = DO_UPCAST(SCSIDiskReq, req, req);
321 if (r->status & SCSI_REQ_STATUS_RETRY) {
322 int status = r->status;
323 int ret;
324
325 r->status &=
326 ~(SCSI_REQ_STATUS_RETRY | SCSI_REQ_STATUS_RETRY_TYPE_MASK);
327
328 switch (status & SCSI_REQ_STATUS_RETRY_TYPE_MASK) {
329 case SCSI_REQ_STATUS_RETRY_READ:
330 scsi_read_data(&r->req);
331 break;
332 case SCSI_REQ_STATUS_RETRY_WRITE:
333 scsi_write_data(&r->req);
334 break;
335 case SCSI_REQ_STATUS_RETRY_FLUSH:
336 ret = scsi_disk_emulate_command(r);
337 if (ret == 0) {
338 scsi_req_complete(&r->req, GOOD);
339 }
340 }
341 }
342 }
343 }
344
345 static void scsi_dma_restart_cb(void *opaque, int running, RunState state)
346 {
347 SCSIDiskState *s = opaque;
348
349 if (!running)
350 return;
351
352 if (!s->bh) {
353 s->bh = qemu_bh_new(scsi_dma_restart_bh, s);
354 qemu_bh_schedule(s->bh);
355 }
356 }
357
358 /* Return a pointer to the data buffer. */
359 static uint8_t *scsi_get_buf(SCSIRequest *req)
360 {
361 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
362
363 return (uint8_t *)r->iov.iov_base;
364 }
365
366 static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
367 {
368 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
369 int buflen = 0;
370
371 if (req->cmd.buf[1] & 0x2) {
372 /* Command support data - optional, not implemented */
373 BADF("optional INQUIRY command support request not implemented\n");
374 return -1;
375 }
376
377 if (req->cmd.buf[1] & 0x1) {
378 /* Vital product data */
379 uint8_t page_code = req->cmd.buf[2];
380 if (req->cmd.xfer < 4) {
381 BADF("Error: Inquiry (EVPD[%02X]) buffer size %zd is "
382 "less than 4\n", page_code, req->cmd.xfer);
383 return -1;
384 }
385
386 if (s->qdev.type == TYPE_ROM) {
387 outbuf[buflen++] = 5;
388 } else {
389 outbuf[buflen++] = 0;
390 }
391 outbuf[buflen++] = page_code ; // this page
392 outbuf[buflen++] = 0x00;
393
394 switch (page_code) {
395 case 0x00: /* Supported page codes, mandatory */
396 {
397 int pages;
398 DPRINTF("Inquiry EVPD[Supported pages] "
399 "buffer size %zd\n", req->cmd.xfer);
400 pages = buflen++;
401 outbuf[buflen++] = 0x00; // list of supported pages (this page)
402 if (s->serial)
403 outbuf[buflen++] = 0x80; // unit serial number
404 outbuf[buflen++] = 0x83; // device identification
405 if (s->qdev.type == TYPE_DISK) {
406 outbuf[buflen++] = 0xb0; // block limits
407 outbuf[buflen++] = 0xb2; // thin provisioning
408 }
409 outbuf[pages] = buflen - pages - 1; // number of pages
410 break;
411 }
412 case 0x80: /* Device serial number, optional */
413 {
414 int l;
415
416 if (!s->serial) {
417 DPRINTF("Inquiry (EVPD[Serial number] not supported\n");
418 return -1;
419 }
420
421 l = strlen(s->serial);
422 if (l > req->cmd.xfer)
423 l = req->cmd.xfer;
424 if (l > 20)
425 l = 20;
426
427 DPRINTF("Inquiry EVPD[Serial number] "
428 "buffer size %zd\n", req->cmd.xfer);
429 outbuf[buflen++] = l;
430 memcpy(outbuf+buflen, s->serial, l);
431 buflen += l;
432 break;
433 }
434
435 case 0x83: /* Device identification page, mandatory */
436 {
437 int max_len = 255 - 8;
438 int id_len = strlen(bdrv_get_device_name(s->bs));
439
440 if (id_len > max_len)
441 id_len = max_len;
442 DPRINTF("Inquiry EVPD[Device identification] "
443 "buffer size %zd\n", req->cmd.xfer);
444
445 outbuf[buflen++] = 4 + id_len;
446 outbuf[buflen++] = 0x2; // ASCII
447 outbuf[buflen++] = 0; // not officially assigned
448 outbuf[buflen++] = 0; // reserved
449 outbuf[buflen++] = id_len; // length of data following
450
451 memcpy(outbuf+buflen, bdrv_get_device_name(s->bs), id_len);
452 buflen += id_len;
453 break;
454 }
455 case 0xb0: /* block limits */
456 {
457 unsigned int unmap_sectors =
458 s->qdev.conf.discard_granularity / s->qdev.blocksize;
459 unsigned int min_io_size =
460 s->qdev.conf.min_io_size / s->qdev.blocksize;
461 unsigned int opt_io_size =
462 s->qdev.conf.opt_io_size / s->qdev.blocksize;
463
464 if (s->qdev.type == TYPE_ROM) {
465 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
466 page_code);
467 return -1;
468 }
469 /* required VPD size with unmap support */
470 outbuf[3] = buflen = 0x3c;
471
472 memset(outbuf + 4, 0, buflen - 4);
473
474 /* optimal transfer length granularity */
475 outbuf[6] = (min_io_size >> 8) & 0xff;
476 outbuf[7] = min_io_size & 0xff;
477
478 /* optimal transfer length */
479 outbuf[12] = (opt_io_size >> 24) & 0xff;
480 outbuf[13] = (opt_io_size >> 16) & 0xff;
481 outbuf[14] = (opt_io_size >> 8) & 0xff;
482 outbuf[15] = opt_io_size & 0xff;
483
484 /* optimal unmap granularity */
485 outbuf[28] = (unmap_sectors >> 24) & 0xff;
486 outbuf[29] = (unmap_sectors >> 16) & 0xff;
487 outbuf[30] = (unmap_sectors >> 8) & 0xff;
488 outbuf[31] = unmap_sectors & 0xff;
489 break;
490 }
491 case 0xb2: /* thin provisioning */
492 {
493 outbuf[3] = buflen = 8;
494 outbuf[4] = 0;
495 outbuf[5] = 0x40; /* write same with unmap supported */
496 outbuf[6] = 0;
497 outbuf[7] = 0;
498 break;
499 }
500 default:
501 BADF("Error: unsupported Inquiry (EVPD[%02X]) "
502 "buffer size %zd\n", page_code, req->cmd.xfer);
503 return -1;
504 }
505 /* done with EVPD */
506 return buflen;
507 }
508
509 /* Standard INQUIRY data */
510 if (req->cmd.buf[2] != 0) {
511 BADF("Error: Inquiry (STANDARD) page or code "
512 "is non-zero [%02X]\n", req->cmd.buf[2]);
513 return -1;
514 }
515
516 /* PAGE CODE == 0 */
517 if (req->cmd.xfer < 5) {
518 BADF("Error: Inquiry (STANDARD) buffer size %zd "
519 "is less than 5\n", req->cmd.xfer);
520 return -1;
521 }
522
523 buflen = req->cmd.xfer;
524 if (buflen > SCSI_MAX_INQUIRY_LEN)
525 buflen = SCSI_MAX_INQUIRY_LEN;
526
527 memset(outbuf, 0, buflen);
528
529 outbuf[0] = s->qdev.type & 0x1f;
530 if (s->qdev.type == TYPE_ROM) {
531 outbuf[1] = 0x80;
532 memcpy(&outbuf[16], "QEMU CD-ROM ", 16);
533 } else {
534 outbuf[1] = s->removable ? 0x80 : 0;
535 memcpy(&outbuf[16], "QEMU HARDDISK ", 16);
536 }
537 memcpy(&outbuf[8], "QEMU ", 8);
538 memset(&outbuf[32], 0, 4);
539 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
540 /*
541 * We claim conformance to SPC-3, which is required for guests
542 * to ask for modern features like READ CAPACITY(16) or the
543 * block characteristics VPD page by default. Not all of SPC-3
544 * is actually implemented, but we're good enough.
545 */
546 outbuf[2] = 5;
547 outbuf[3] = 2; /* Format 2 */
548
549 if (buflen > 36) {
550 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
551 } else {
552 /* If the allocation length of CDB is too small,
553 the additional length is not adjusted */
554 outbuf[4] = 36 - 5;
555 }
556
557 /* Sync data transfer and TCQ. */
558 outbuf[7] = 0x10 | (req->bus->tcq ? 0x02 : 0);
559 return buflen;
560 }
561
562 static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
563 int page_control)
564 {
565 BlockDriverState *bdrv = s->bs;
566 int cylinders, heads, secs;
567 uint8_t *p = *p_outbuf;
568
569 /*
570 * If Changeable Values are requested, a mask denoting those mode parameters
571 * that are changeable shall be returned. As we currently don't support
572 * parameter changes via MODE_SELECT all bits are returned set to zero.
573 * The buffer was already menset to zero by the caller of this function.
574 */
575 switch (page) {
576 case 4: /* Rigid disk device geometry page. */
577 if (s->qdev.type == TYPE_ROM) {
578 return -1;
579 }
580 p[0] = 4;
581 p[1] = 0x16;
582 if (page_control == 1) { /* Changeable Values */
583 break;
584 }
585 /* if a geometry hint is available, use it */
586 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
587 p[2] = (cylinders >> 16) & 0xff;
588 p[3] = (cylinders >> 8) & 0xff;
589 p[4] = cylinders & 0xff;
590 p[5] = heads & 0xff;
591 /* Write precomp start cylinder, disabled */
592 p[6] = (cylinders >> 16) & 0xff;
593 p[7] = (cylinders >> 8) & 0xff;
594 p[8] = cylinders & 0xff;
595 /* Reduced current start cylinder, disabled */
596 p[9] = (cylinders >> 16) & 0xff;
597 p[10] = (cylinders >> 8) & 0xff;
598 p[11] = cylinders & 0xff;
599 /* Device step rate [ns], 200ns */
600 p[12] = 0;
601 p[13] = 200;
602 /* Landing zone cylinder */
603 p[14] = 0xff;
604 p[15] = 0xff;
605 p[16] = 0xff;
606 /* Medium rotation rate [rpm], 5400 rpm */
607 p[20] = (5400 >> 8) & 0xff;
608 p[21] = 5400 & 0xff;
609 break;
610
611 case 5: /* Flexible disk device geometry page. */
612 if (s->qdev.type == TYPE_ROM) {
613 return -1;
614 }
615 p[0] = 5;
616 p[1] = 0x1e;
617 if (page_control == 1) { /* Changeable Values */
618 break;
619 }
620 /* Transfer rate [kbit/s], 5Mbit/s */
621 p[2] = 5000 >> 8;
622 p[3] = 5000 & 0xff;
623 /* if a geometry hint is available, use it */
624 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
625 p[4] = heads & 0xff;
626 p[5] = secs & 0xff;
627 p[6] = s->cluster_size * 2;
628 p[8] = (cylinders >> 8) & 0xff;
629 p[9] = cylinders & 0xff;
630 /* Write precomp start cylinder, disabled */
631 p[10] = (cylinders >> 8) & 0xff;
632 p[11] = cylinders & 0xff;
633 /* Reduced current start cylinder, disabled */
634 p[12] = (cylinders >> 8) & 0xff;
635 p[13] = cylinders & 0xff;
636 /* Device step rate [100us], 100us */
637 p[14] = 0;
638 p[15] = 1;
639 /* Device step pulse width [us], 1us */
640 p[16] = 1;
641 /* Device head settle delay [100us], 100us */
642 p[17] = 0;
643 p[18] = 1;
644 /* Motor on delay [0.1s], 0.1s */
645 p[19] = 1;
646 /* Motor off delay [0.1s], 0.1s */
647 p[20] = 1;
648 /* Medium rotation rate [rpm], 5400 rpm */
649 p[28] = (5400 >> 8) & 0xff;
650 p[29] = 5400 & 0xff;
651 break;
652
653 case 8: /* Caching page. */
654 p[0] = 8;
655 p[1] = 0x12;
656 if (page_control == 1) { /* Changeable Values */
657 break;
658 }
659 if (bdrv_enable_write_cache(s->bs)) {
660 p[2] = 4; /* WCE */
661 }
662 break;
663
664 case 0x2a: /* CD Capabilities and Mechanical Status page. */
665 if (s->qdev.type != TYPE_ROM) {
666 return -1;
667 }
668 p[0] = 0x2a;
669 p[1] = 0x14;
670 if (page_control == 1) { /* Changeable Values */
671 break;
672 }
673 p[2] = 3; // CD-R & CD-RW read
674 p[3] = 0; // Writing not supported
675 p[4] = 0x7f; /* Audio, composite, digital out,
676 mode 2 form 1&2, multi session */
677 p[5] = 0xff; /* CD DA, DA accurate, RW supported,
678 RW corrected, C2 errors, ISRC,
679 UPC, Bar code */
680 p[6] = 0x2d | (s->tray_locked ? 2 : 0);
681 /* Locking supported, jumper present, eject, tray */
682 p[7] = 0; /* no volume & mute control, no
683 changer */
684 p[8] = (50 * 176) >> 8; // 50x read speed
685 p[9] = (50 * 176) & 0xff;
686 p[10] = 0 >> 8; // No volume
687 p[11] = 0 & 0xff;
688 p[12] = 2048 >> 8; // 2M buffer
689 p[13] = 2048 & 0xff;
690 p[14] = (16 * 176) >> 8; // 16x read speed current
691 p[15] = (16 * 176) & 0xff;
692 p[18] = (16 * 176) >> 8; // 16x write speed
693 p[19] = (16 * 176) & 0xff;
694 p[20] = (16 * 176) >> 8; // 16x write speed current
695 p[21] = (16 * 176) & 0xff;
696 break;
697
698 default:
699 return -1;
700 }
701
702 *p_outbuf += p[1] + 2;
703 return p[1] + 2;
704 }
705
706 static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
707 {
708 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
709 uint64_t nb_sectors;
710 int page, dbd, buflen, ret, page_control;
711 uint8_t *p;
712 uint8_t dev_specific_param;
713
714 dbd = r->req.cmd.buf[1] & 0x8;
715 page = r->req.cmd.buf[2] & 0x3f;
716 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
717 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
718 (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control);
719 memset(outbuf, 0, r->req.cmd.xfer);
720 p = outbuf;
721
722 if (bdrv_is_read_only(s->bs)) {
723 dev_specific_param = 0x80; /* Readonly. */
724 } else {
725 dev_specific_param = 0x00;
726 }
727
728 if (r->req.cmd.buf[0] == MODE_SENSE) {
729 p[1] = 0; /* Default media type. */
730 p[2] = dev_specific_param;
731 p[3] = 0; /* Block descriptor length. */
732 p += 4;
733 } else { /* MODE_SENSE_10 */
734 p[2] = 0; /* Default media type. */
735 p[3] = dev_specific_param;
736 p[6] = p[7] = 0; /* Block descriptor length. */
737 p += 8;
738 }
739
740 bdrv_get_geometry(s->bs, &nb_sectors);
741 if (!dbd && nb_sectors) {
742 if (r->req.cmd.buf[0] == MODE_SENSE) {
743 outbuf[3] = 8; /* Block descriptor length */
744 } else { /* MODE_SENSE_10 */
745 outbuf[7] = 8; /* Block descriptor length */
746 }
747 nb_sectors /= s->cluster_size;
748 if (nb_sectors > 0xffffff)
749 nb_sectors = 0;
750 p[0] = 0; /* media density code */
751 p[1] = (nb_sectors >> 16) & 0xff;
752 p[2] = (nb_sectors >> 8) & 0xff;
753 p[3] = nb_sectors & 0xff;
754 p[4] = 0; /* reserved */
755 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
756 p[6] = s->cluster_size * 2;
757 p[7] = 0;
758 p += 8;
759 }
760
761 if (page_control == 3) {
762 /* Saved Values */
763 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
764 return -1;
765 }
766
767 if (page == 0x3f) {
768 for (page = 0; page <= 0x3e; page++) {
769 mode_sense_page(s, page, &p, page_control);
770 }
771 } else {
772 ret = mode_sense_page(s, page, &p, page_control);
773 if (ret == -1) {
774 return -1;
775 }
776 }
777
778 buflen = p - outbuf;
779 /*
780 * The mode data length field specifies the length in bytes of the
781 * following data that is available to be transferred. The mode data
782 * length does not include itself.
783 */
784 if (r->req.cmd.buf[0] == MODE_SENSE) {
785 outbuf[0] = buflen - 1;
786 } else { /* MODE_SENSE_10 */
787 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
788 outbuf[1] = (buflen - 2) & 0xff;
789 }
790 if (buflen > r->req.cmd.xfer)
791 buflen = r->req.cmd.xfer;
792 return buflen;
793 }
794
795 static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
796 {
797 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
798 int start_track, format, msf, toclen;
799 uint64_t nb_sectors;
800
801 msf = req->cmd.buf[1] & 2;
802 format = req->cmd.buf[2] & 0xf;
803 start_track = req->cmd.buf[6];
804 bdrv_get_geometry(s->bs, &nb_sectors);
805 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
806 nb_sectors /= s->cluster_size;
807 switch (format) {
808 case 0:
809 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
810 break;
811 case 1:
812 /* multi session : only a single session defined */
813 toclen = 12;
814 memset(outbuf, 0, 12);
815 outbuf[1] = 0x0a;
816 outbuf[2] = 0x01;
817 outbuf[3] = 0x01;
818 break;
819 case 2:
820 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
821 break;
822 default:
823 return -1;
824 }
825 if (toclen > req->cmd.xfer)
826 toclen = req->cmd.xfer;
827 return toclen;
828 }
829
830 static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
831 {
832 SCSIRequest *req = &r->req;
833 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
834 bool start = req->cmd.buf[4] & 1;
835 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
836
837 if (s->qdev.type == TYPE_ROM && loej) {
838 if (!start && !s->tray_open && s->tray_locked) {
839 scsi_check_condition(r,
840 bdrv_is_inserted(s->bs)
841 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
842 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
843 return -1;
844 }
845 bdrv_eject(s->bs, !start);
846 s->tray_open = !start;
847 }
848 return 0;
849 }
850
851 static int scsi_disk_emulate_command(SCSIDiskReq *r)
852 {
853 SCSIRequest *req = &r->req;
854 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
855 uint64_t nb_sectors;
856 uint8_t *outbuf;
857 int buflen = 0;
858
859 if (!r->iov.iov_base) {
860 /*
861 * FIXME: we shouldn't return anything bigger than 4k, but the code
862 * requires the buffer to be as big as req->cmd.xfer in several
863 * places. So, do not allow CDBs with a very large ALLOCATION
864 * LENGTH. The real fix would be to modify scsi_read_data and
865 * dma_buf_read, so that they return data beyond the buflen
866 * as all zeros.
867 */
868 if (req->cmd.xfer > 65536) {
869 goto illegal_request;
870 }
871 r->buflen = MAX(4096, req->cmd.xfer);
872 r->iov.iov_base = qemu_blockalign(s->bs, r->buflen);
873 }
874
875 outbuf = r->iov.iov_base;
876 switch (req->cmd.buf[0]) {
877 case TEST_UNIT_READY:
878 if (s->tray_open || !bdrv_is_inserted(s->bs))
879 goto not_ready;
880 break;
881 case INQUIRY:
882 buflen = scsi_disk_emulate_inquiry(req, outbuf);
883 if (buflen < 0)
884 goto illegal_request;
885 break;
886 case MODE_SENSE:
887 case MODE_SENSE_10:
888 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
889 if (buflen < 0)
890 goto illegal_request;
891 break;
892 case READ_TOC:
893 buflen = scsi_disk_emulate_read_toc(req, outbuf);
894 if (buflen < 0)
895 goto illegal_request;
896 break;
897 case RESERVE:
898 if (req->cmd.buf[1] & 1)
899 goto illegal_request;
900 break;
901 case RESERVE_10:
902 if (req->cmd.buf[1] & 3)
903 goto illegal_request;
904 break;
905 case RELEASE:
906 if (req->cmd.buf[1] & 1)
907 goto illegal_request;
908 break;
909 case RELEASE_10:
910 if (req->cmd.buf[1] & 3)
911 goto illegal_request;
912 break;
913 case START_STOP:
914 if (scsi_disk_emulate_start_stop(r) < 0) {
915 return -1;
916 }
917 break;
918 case ALLOW_MEDIUM_REMOVAL:
919 s->tray_locked = req->cmd.buf[4] & 1;
920 bdrv_lock_medium(s->bs, req->cmd.buf[4] & 1);
921 break;
922 case READ_CAPACITY_10:
923 /* The normal LEN field for this command is zero. */
924 memset(outbuf, 0, 8);
925 bdrv_get_geometry(s->bs, &nb_sectors);
926 if (!nb_sectors)
927 goto not_ready;
928 nb_sectors /= s->cluster_size;
929 /* Returned value is the address of the last sector. */
930 nb_sectors--;
931 /* Remember the new size for read/write sanity checking. */
932 s->max_lba = nb_sectors;
933 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
934 if (nb_sectors > UINT32_MAX)
935 nb_sectors = UINT32_MAX;
936 outbuf[0] = (nb_sectors >> 24) & 0xff;
937 outbuf[1] = (nb_sectors >> 16) & 0xff;
938 outbuf[2] = (nb_sectors >> 8) & 0xff;
939 outbuf[3] = nb_sectors & 0xff;
940 outbuf[4] = 0;
941 outbuf[5] = 0;
942 outbuf[6] = s->cluster_size * 2;
943 outbuf[7] = 0;
944 buflen = 8;
945 break;
946 case GET_CONFIGURATION:
947 memset(outbuf, 0, 8);
948 /* ??? This should probably return much more information. For now
949 just return the basic header indicating the CD-ROM profile. */
950 outbuf[7] = 8; // CD-ROM
951 buflen = 8;
952 break;
953 case SERVICE_ACTION_IN_16:
954 /* Service Action In subcommands. */
955 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
956 DPRINTF("SAI READ CAPACITY(16)\n");
957 memset(outbuf, 0, req->cmd.xfer);
958 bdrv_get_geometry(s->bs, &nb_sectors);
959 if (!nb_sectors)
960 goto not_ready;
961 nb_sectors /= s->cluster_size;
962 /* Returned value is the address of the last sector. */
963 nb_sectors--;
964 /* Remember the new size for read/write sanity checking. */
965 s->max_lba = nb_sectors;
966 outbuf[0] = (nb_sectors >> 56) & 0xff;
967 outbuf[1] = (nb_sectors >> 48) & 0xff;
968 outbuf[2] = (nb_sectors >> 40) & 0xff;
969 outbuf[3] = (nb_sectors >> 32) & 0xff;
970 outbuf[4] = (nb_sectors >> 24) & 0xff;
971 outbuf[5] = (nb_sectors >> 16) & 0xff;
972 outbuf[6] = (nb_sectors >> 8) & 0xff;
973 outbuf[7] = nb_sectors & 0xff;
974 outbuf[8] = 0;
975 outbuf[9] = 0;
976 outbuf[10] = s->cluster_size * 2;
977 outbuf[11] = 0;
978 outbuf[12] = 0;
979 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
980
981 /* set TPE bit if the format supports discard */
982 if (s->qdev.conf.discard_granularity) {
983 outbuf[14] = 0x80;
984 }
985
986 /* Protection, exponent and lowest lba field left blank. */
987 buflen = req->cmd.xfer;
988 break;
989 }
990 DPRINTF("Unsupported Service Action In\n");
991 goto illegal_request;
992 case VERIFY_10:
993 break;
994 default:
995 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
996 return -1;
997 }
998 return buflen;
999
1000 not_ready:
1001 if (s->tray_open || !bdrv_is_inserted(s->bs)) {
1002 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1003 } else {
1004 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
1005 }
1006 return -1;
1007
1008 illegal_request:
1009 if (r->req.status == -1) {
1010 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1011 }
1012 return -1;
1013 }
1014
1015 /* Execute a scsi command. Returns the length of the data expected by the
1016 command. This will be Positive for data transfers from the device
1017 (eg. disk reads), negative for transfers to the device (eg. disk writes),
1018 and zero if the command does not transfer any data. */
1019
1020 static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf)
1021 {
1022 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1023 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1024 int32_t len;
1025 uint8_t command;
1026 int rc;
1027
1028 command = buf[0];
1029 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", req->lun, req->tag, buf[0]);
1030
1031 #ifdef DEBUG_SCSI
1032 {
1033 int i;
1034 for (i = 1; i < r->req.cmd.len; i++) {
1035 printf(" 0x%02x", buf[i]);
1036 }
1037 printf("\n");
1038 }
1039 #endif
1040
1041 switch (command) {
1042 case TEST_UNIT_READY:
1043 case INQUIRY:
1044 case MODE_SENSE:
1045 case MODE_SENSE_10:
1046 case RESERVE:
1047 case RESERVE_10:
1048 case RELEASE:
1049 case RELEASE_10:
1050 case START_STOP:
1051 case ALLOW_MEDIUM_REMOVAL:
1052 case READ_CAPACITY_10:
1053 case READ_TOC:
1054 case GET_CONFIGURATION:
1055 case SERVICE_ACTION_IN_16:
1056 case VERIFY_10:
1057 rc = scsi_disk_emulate_command(r);
1058 if (rc < 0) {
1059 return 0;
1060 }
1061
1062 r->iov.iov_len = rc;
1063 break;
1064 case SYNCHRONIZE_CACHE:
1065 bdrv_acct_start(s->bs, &r->acct, 0, BDRV_ACCT_FLUSH);
1066 r->req.aiocb = bdrv_aio_flush(s->bs, scsi_flush_complete, r);
1067 if (r->req.aiocb == NULL) {
1068 scsi_flush_complete(r, -EIO);
1069 }
1070 return 0;
1071 case READ_6:
1072 case READ_10:
1073 case READ_12:
1074 case READ_16:
1075 len = r->req.cmd.xfer / s->qdev.blocksize;
1076 DPRINTF("Read (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len);
1077 if (r->req.cmd.lba > s->max_lba)
1078 goto illegal_lba;
1079 r->sector = r->req.cmd.lba * s->cluster_size;
1080 r->sector_count = len * s->cluster_size;
1081 break;
1082 case WRITE_6:
1083 case WRITE_10:
1084 case WRITE_12:
1085 case WRITE_16:
1086 case WRITE_VERIFY_10:
1087 case WRITE_VERIFY_12:
1088 case WRITE_VERIFY_16:
1089 len = r->req.cmd.xfer / s->qdev.blocksize;
1090 DPRINTF("Write %s(sector %" PRId64 ", count %d)\n",
1091 (command & 0xe) == 0xe ? "And Verify " : "",
1092 r->req.cmd.lba, len);
1093 if (r->req.cmd.lba > s->max_lba)
1094 goto illegal_lba;
1095 r->sector = r->req.cmd.lba * s->cluster_size;
1096 r->sector_count = len * s->cluster_size;
1097 break;
1098 case MODE_SELECT:
1099 DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
1100 /* We don't support mode parameter changes.
1101 Allow the mode parameter header + block descriptors only. */
1102 if (r->req.cmd.xfer > 12) {
1103 goto fail;
1104 }
1105 break;
1106 case MODE_SELECT_10:
1107 DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
1108 /* We don't support mode parameter changes.
1109 Allow the mode parameter header + block descriptors only. */
1110 if (r->req.cmd.xfer > 16) {
1111 goto fail;
1112 }
1113 break;
1114 case SEEK_6:
1115 case SEEK_10:
1116 DPRINTF("Seek(%d) (sector %" PRId64 ")\n", command == SEEK_6 ? 6 : 10,
1117 r->req.cmd.lba);
1118 if (r->req.cmd.lba > s->max_lba) {
1119 goto illegal_lba;
1120 }
1121 break;
1122 case WRITE_SAME_16:
1123 len = r->req.cmd.xfer / s->qdev.blocksize;
1124
1125 DPRINTF("WRITE SAME(16) (sector %" PRId64 ", count %d)\n",
1126 r->req.cmd.lba, len);
1127
1128 if (r->req.cmd.lba > s->max_lba) {
1129 goto illegal_lba;
1130 }
1131
1132 /*
1133 * We only support WRITE SAME with the unmap bit set for now.
1134 */
1135 if (!(buf[1] & 0x8)) {
1136 goto fail;
1137 }
1138
1139 rc = bdrv_discard(s->bs, r->req.cmd.lba * s->cluster_size,
1140 len * s->cluster_size);
1141 if (rc < 0) {
1142 /* XXX: better error code ?*/
1143 goto fail;
1144 }
1145
1146 break;
1147 case REQUEST_SENSE:
1148 abort();
1149 default:
1150 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
1151 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
1152 return 0;
1153 fail:
1154 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1155 return 0;
1156 illegal_lba:
1157 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1158 return 0;
1159 }
1160 if (r->sector_count == 0 && r->iov.iov_len == 0) {
1161 scsi_req_complete(&r->req, GOOD);
1162 }
1163 len = r->sector_count * 512 + r->iov.iov_len;
1164 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
1165 return -len;
1166 } else {
1167 if (!r->sector_count)
1168 r->sector_count = -1;
1169 return len;
1170 }
1171 }
1172
1173 static void scsi_disk_reset(DeviceState *dev)
1174 {
1175 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
1176 uint64_t nb_sectors;
1177
1178 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
1179
1180 bdrv_get_geometry(s->bs, &nb_sectors);
1181 nb_sectors /= s->cluster_size;
1182 if (nb_sectors) {
1183 nb_sectors--;
1184 }
1185 s->max_lba = nb_sectors;
1186 }
1187
1188 static void scsi_destroy(SCSIDevice *dev)
1189 {
1190 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1191
1192 scsi_device_purge_requests(&s->qdev, SENSE_CODE(NO_SENSE));
1193 blockdev_mark_auto_del(s->qdev.conf.bs);
1194 }
1195
1196 static void scsi_cd_change_media_cb(void *opaque, bool load)
1197 {
1198 ((SCSIDiskState *)opaque)->tray_open = !load;
1199 }
1200
1201 static bool scsi_cd_is_tray_open(void *opaque)
1202 {
1203 return ((SCSIDiskState *)opaque)->tray_open;
1204 }
1205
1206 static bool scsi_cd_is_medium_locked(void *opaque)
1207 {
1208 return ((SCSIDiskState *)opaque)->tray_locked;
1209 }
1210
1211 static const BlockDevOps scsi_cd_block_ops = {
1212 .change_media_cb = scsi_cd_change_media_cb,
1213 .is_tray_open = scsi_cd_is_tray_open,
1214 .is_medium_locked = scsi_cd_is_medium_locked,
1215 };
1216
1217 static int scsi_initfn(SCSIDevice *dev, uint8_t scsi_type)
1218 {
1219 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1220 DriveInfo *dinfo;
1221
1222 if (!s->qdev.conf.bs) {
1223 error_report("scsi-disk: drive property not set");
1224 return -1;
1225 }
1226 s->bs = s->qdev.conf.bs;
1227
1228 if (scsi_type == TYPE_DISK && !bdrv_is_inserted(s->bs)) {
1229 error_report("Device needs media, but drive is empty");
1230 return -1;
1231 }
1232
1233 if (!s->serial) {
1234 /* try to fall back to value set with legacy -drive serial=... */
1235 dinfo = drive_get_by_blockdev(s->bs);
1236 if (*dinfo->serial) {
1237 s->serial = g_strdup(dinfo->serial);
1238 }
1239 }
1240
1241 if (!s->version) {
1242 s->version = g_strdup(QEMU_VERSION);
1243 }
1244
1245 if (bdrv_is_sg(s->bs)) {
1246 error_report("scsi-disk: unwanted /dev/sg*");
1247 return -1;
1248 }
1249
1250 if (scsi_type == TYPE_ROM) {
1251 bdrv_set_dev_ops(s->bs, &scsi_cd_block_ops, s);
1252 s->qdev.blocksize = 2048;
1253 } else if (scsi_type == TYPE_DISK) {
1254 s->qdev.blocksize = s->qdev.conf.logical_block_size;
1255 } else {
1256 error_report("scsi-disk: Unhandled SCSI type %02x", scsi_type);
1257 return -1;
1258 }
1259 s->cluster_size = s->qdev.blocksize / 512;
1260 bdrv_set_buffer_alignment(s->bs, s->qdev.blocksize);
1261
1262 s->qdev.type = scsi_type;
1263 qemu_add_vm_change_state_handler(scsi_dma_restart_cb, s);
1264 bdrv_iostatus_enable(s->bs);
1265 add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, ",0");
1266 return 0;
1267 }
1268
1269 static int scsi_hd_initfn(SCSIDevice *dev)
1270 {
1271 return scsi_initfn(dev, TYPE_DISK);
1272 }
1273
1274 static int scsi_cd_initfn(SCSIDevice *dev)
1275 {
1276 return scsi_initfn(dev, TYPE_ROM);
1277 }
1278
1279 static int scsi_disk_initfn(SCSIDevice *dev)
1280 {
1281 DriveInfo *dinfo;
1282 uint8_t scsi_type;
1283
1284 if (!dev->conf.bs) {
1285 scsi_type = TYPE_DISK; /* will die in scsi_initfn() */
1286 } else {
1287 dinfo = drive_get_by_blockdev(dev->conf.bs);
1288 scsi_type = dinfo->media_cd ? TYPE_ROM : TYPE_DISK;
1289 }
1290
1291 return scsi_initfn(dev, scsi_type);
1292 }
1293
1294 static SCSIReqOps scsi_disk_reqops = {
1295 .size = sizeof(SCSIDiskReq),
1296 .free_req = scsi_free_request,
1297 .send_command = scsi_send_command,
1298 .read_data = scsi_read_data,
1299 .write_data = scsi_write_data,
1300 .cancel_io = scsi_cancel_io,
1301 .get_buf = scsi_get_buf,
1302 };
1303
1304 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag,
1305 uint32_t lun, void *hba_private)
1306 {
1307 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
1308 SCSIRequest *req;
1309
1310 req = scsi_req_alloc(&scsi_disk_reqops, &s->qdev, tag, lun, hba_private);
1311 return req;
1312 }
1313
1314 #define DEFINE_SCSI_DISK_PROPERTIES() \
1315 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \
1316 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
1317 DEFINE_PROP_STRING("serial", SCSIDiskState, serial)
1318
1319 static SCSIDeviceInfo scsi_disk_info[] = {
1320 {
1321 .qdev.name = "scsi-hd",
1322 .qdev.fw_name = "disk",
1323 .qdev.desc = "virtual SCSI disk",
1324 .qdev.size = sizeof(SCSIDiskState),
1325 .qdev.reset = scsi_disk_reset,
1326 .init = scsi_hd_initfn,
1327 .destroy = scsi_destroy,
1328 .alloc_req = scsi_new_request,
1329 .qdev.props = (Property[]) {
1330 DEFINE_SCSI_DISK_PROPERTIES(),
1331 DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false),
1332 DEFINE_PROP_END_OF_LIST(),
1333 }
1334 },{
1335 .qdev.name = "scsi-cd",
1336 .qdev.fw_name = "disk",
1337 .qdev.desc = "virtual SCSI CD-ROM",
1338 .qdev.size = sizeof(SCSIDiskState),
1339 .qdev.reset = scsi_disk_reset,
1340 .init = scsi_cd_initfn,
1341 .destroy = scsi_destroy,
1342 .alloc_req = scsi_new_request,
1343 .qdev.props = (Property[]) {
1344 DEFINE_SCSI_DISK_PROPERTIES(),
1345 DEFINE_PROP_END_OF_LIST(),
1346 },
1347 },{
1348 .qdev.name = "scsi-disk", /* legacy -device scsi-disk */
1349 .qdev.fw_name = "disk",
1350 .qdev.desc = "virtual SCSI disk or CD-ROM (legacy)",
1351 .qdev.size = sizeof(SCSIDiskState),
1352 .qdev.reset = scsi_disk_reset,
1353 .init = scsi_disk_initfn,
1354 .destroy = scsi_destroy,
1355 .alloc_req = scsi_new_request,
1356 .qdev.props = (Property[]) {
1357 DEFINE_SCSI_DISK_PROPERTIES(),
1358 DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false),
1359 DEFINE_PROP_END_OF_LIST(),
1360 }
1361 }
1362 };
1363
1364 static void scsi_disk_register_devices(void)
1365 {
1366 int i;
1367
1368 for (i = 0; i < ARRAY_SIZE(scsi_disk_info); i++) {
1369 scsi_qdev_register(&scsi_disk_info[i]);
1370 }
1371 }
1372 device_init(scsi_disk_register_devices)
AR7 emulation for QEMU