search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
block: Clean up remaining users of "removable"
[qemu/ar7.git] / hw / scsi-disk.c
blobd6e838cdce411c276461ce6ffbc4850428da2349
1 /*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
14 *
15 * This code is licensed under the LGPL.
16 *
17 * Note that this file only handles the SCSI architecture model and device
18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
20 */
21
22 //#define DEBUG_SCSI
23
24 #ifdef DEBUG_SCSI
25 #define DPRINTF(fmt, ...) \
26 do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
27 #else
28 #define DPRINTF(fmt, ...) do {} while(0)
29 #endif
30
31 #define BADF(fmt, ...) \
32 do { fprintf(stderr, "scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
33
34 #include "qemu-common.h"
35 #include "qemu-error.h"
36 #include "scsi.h"
37 #include "scsi-defs.h"
38 #include "sysemu.h"
39 #include "blockdev.h"
40
41 #define SCSI_DMA_BUF_SIZE 131072
42 #define SCSI_MAX_INQUIRY_LEN 256
43
44 #define SCSI_REQ_STATUS_RETRY 0x01
45 #define SCSI_REQ_STATUS_RETRY_TYPE_MASK 0x06
46 #define SCSI_REQ_STATUS_RETRY_READ 0x00
47 #define SCSI_REQ_STATUS_RETRY_WRITE 0x02
48 #define SCSI_REQ_STATUS_RETRY_FLUSH 0x04
49
50 typedef struct SCSIDiskState SCSIDiskState;
51
52 typedef struct SCSIDiskReq {
53 SCSIRequest req;
54 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
55 uint64_t sector;
56 uint32_t sector_count;
57 struct iovec iov;
58 QEMUIOVector qiov;
59 uint32_t status;
60 BlockAcctCookie acct;
61 } SCSIDiskReq;
62
63 struct SCSIDiskState
64 {
65 SCSIDevice qdev;
66 BlockDriverState *bs;
67 /* The qemu block layer uses a fixed 512 byte sector size.
68 This is the number of 512 byte blocks in a single scsi sector. */
69 int cluster_size;
70 uint32_t removable;
71 uint64_t max_lba;
72 QEMUBH *bh;
73 char *version;
74 char *serial;
75 bool tray_open;
76 bool tray_locked;
77 };
78
79 static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type);
80 static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf);
81
82 static void scsi_free_request(SCSIRequest *req)
83 {
84 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
85
86 qemu_vfree(r->iov.iov_base);
87 }
88
89 /* Helper function for command completion with sense. */
90 static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
91 {
92 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n",
93 r->req.tag, sense.key, sense.asc, sense.ascq);
94 scsi_req_build_sense(&r->req, sense);
95 scsi_req_complete(&r->req, CHECK_CONDITION);
96 }
97
98 /* Cancel a pending data transfer. */
99 static void scsi_cancel_io(SCSIRequest *req)
100 {
101 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
102
103 DPRINTF("Cancel tag=0x%x\n", req->tag);
104 if (r->req.aiocb) {
105 bdrv_aio_cancel(r->req.aiocb);
106 }
107 r->req.aiocb = NULL;
108 }
109
110 static void scsi_read_complete(void * opaque, int ret)
111 {
112 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
113 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
114 int n;
115
116 if (r->req.aiocb != NULL) {
117 r->req.aiocb = NULL;
118 bdrv_acct_done(s->bs, &r->acct);
119 }
120
121 if (ret) {
122 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_READ)) {
123 return;
124 }
125 }
126
127 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->iov.iov_len);
128
129 n = r->iov.iov_len / 512;
130 r->sector += n;
131 r->sector_count -= n;
132 scsi_req_data(&r->req, r->iov.iov_len);
133 }
134
135 static void scsi_flush_complete(void * opaque, int ret)
136 {
137 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
138 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
139
140 if (r->req.aiocb != NULL) {
141 r->req.aiocb = NULL;
142 bdrv_acct_done(s->bs, &r->acct);
143 }
144
145 if (ret < 0) {
146 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_FLUSH)) {
147 return;
148 }
149 }
150
151 scsi_req_complete(&r->req, GOOD);
152 }
153
154 /* Read more data from scsi device into buffer. */
155 static void scsi_read_data(SCSIRequest *req)
156 {
157 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
158 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
159 uint32_t n;
160
161 if (r->sector_count == (uint32_t)-1) {
162 DPRINTF("Read buf_len=%zd\n", r->iov.iov_len);
163 r->sector_count = 0;
164 scsi_req_data(&r->req, r->iov.iov_len);
165 return;
166 }
167 DPRINTF("Read sector_count=%d\n", r->sector_count);
168 if (r->sector_count == 0) {
169 /* This also clears the sense buffer for REQUEST SENSE. */
170 scsi_req_complete(&r->req, GOOD);
171 return;
172 }
173
174 /* No data transfer may already be in progress */
175 assert(r->req.aiocb == NULL);
176
177 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
178 DPRINTF("Data transfer direction invalid\n");
179 scsi_read_complete(r, -EINVAL);
180 return;
181 }
182
183 n = r->sector_count;
184 if (n > SCSI_DMA_BUF_SIZE / 512)
185 n = SCSI_DMA_BUF_SIZE / 512;
186
187 if (s->tray_open) {
188 scsi_read_complete(r, -ENOMEDIUM);
189 }
190 r->iov.iov_len = n * 512;
191 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
192
193 bdrv_acct_start(s->bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
194 r->req.aiocb = bdrv_aio_readv(s->bs, r->sector, &r->qiov, n,
195 scsi_read_complete, r);
196 if (r->req.aiocb == NULL) {
197 scsi_read_complete(r, -EIO);
198 }
199 }
200
201 static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type)
202 {
203 int is_read = (type == SCSI_REQ_STATUS_RETRY_READ);
204 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
205 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
206
207 if (action == BLOCK_ERR_IGNORE) {
208 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
209 return 0;
210 }
211
212 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
213 || action == BLOCK_ERR_STOP_ANY) {
214
215 type &= SCSI_REQ_STATUS_RETRY_TYPE_MASK;
216 r->status |= SCSI_REQ_STATUS_RETRY | type;
217
218 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
219 vm_stop(VMSTOP_DISKFULL);
220 } else {
221 switch (error) {
222 case ENOMEM:
223 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
224 break;
225 case EINVAL:
226 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
227 break;
228 default:
229 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
230 break;
231 }
232 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
233 }
234 return 1;
235 }
236
237 static void scsi_write_complete(void * opaque, int ret)
238 {
239 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
240 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
241 uint32_t len;
242 uint32_t n;
243
244 if (r->req.aiocb != NULL) {
245 r->req.aiocb = NULL;
246 bdrv_acct_done(s->bs, &r->acct);
247 }
248
249 if (ret) {
250 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_WRITE)) {
251 return;
252 }
253 }
254
255 n = r->iov.iov_len / 512;
256 r->sector += n;
257 r->sector_count -= n;
258 if (r->sector_count == 0) {
259 scsi_req_complete(&r->req, GOOD);
260 } else {
261 len = r->sector_count * 512;
262 if (len > SCSI_DMA_BUF_SIZE) {
263 len = SCSI_DMA_BUF_SIZE;
264 }
265 r->iov.iov_len = len;
266 DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, len);
267 scsi_req_data(&r->req, len);
268 }
269 }
270
271 static void scsi_write_data(SCSIRequest *req)
272 {
273 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
274 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
275 uint32_t n;
276
277 /* No data transfer may already be in progress */
278 assert(r->req.aiocb == NULL);
279
280 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
281 DPRINTF("Data transfer direction invalid\n");
282 scsi_write_complete(r, -EINVAL);
283 return;
284 }
285
286 n = r->iov.iov_len / 512;
287 if (n) {
288 if (s->tray_open) {
289 scsi_write_complete(r, -ENOMEDIUM);
290 }
291 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
292
293 bdrv_acct_start(s->bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_WRITE);
294 r->req.aiocb = bdrv_aio_writev(s->bs, r->sector, &r->qiov, n,
295 scsi_write_complete, r);
296 if (r->req.aiocb == NULL) {
297 scsi_write_complete(r, -ENOMEM);
298 }
299 } else {
300 /* Invoke completion routine to fetch data from host. */
301 scsi_write_complete(r, 0);
302 }
303 }
304
305 static void scsi_dma_restart_bh(void *opaque)
306 {
307 SCSIDiskState *s = opaque;
308 SCSIRequest *req;
309 SCSIDiskReq *r;
310
311 qemu_bh_delete(s->bh);
312 s->bh = NULL;
313
314 QTAILQ_FOREACH(req, &s->qdev.requests, next) {
315 r = DO_UPCAST(SCSIDiskReq, req, req);
316 if (r->status & SCSI_REQ_STATUS_RETRY) {
317 int status = r->status;
318 int ret;
319
320 r->status &=
321 ~(SCSI_REQ_STATUS_RETRY | SCSI_REQ_STATUS_RETRY_TYPE_MASK);
322
323 switch (status & SCSI_REQ_STATUS_RETRY_TYPE_MASK) {
324 case SCSI_REQ_STATUS_RETRY_READ:
325 scsi_read_data(&r->req);
326 break;
327 case SCSI_REQ_STATUS_RETRY_WRITE:
328 scsi_write_data(&r->req);
329 break;
330 case SCSI_REQ_STATUS_RETRY_FLUSH:
331 ret = scsi_disk_emulate_command(r, r->iov.iov_base);
332 if (ret == 0) {
333 scsi_req_complete(&r->req, GOOD);
334 }
335 }
336 }
337 }
338 }
339
340 static void scsi_dma_restart_cb(void *opaque, int running, int reason)
341 {
342 SCSIDiskState *s = opaque;
343
344 if (!running)
345 return;
346
347 if (!s->bh) {
348 s->bh = qemu_bh_new(scsi_dma_restart_bh, s);
349 qemu_bh_schedule(s->bh);
350 }
351 }
352
353 /* Return a pointer to the data buffer. */
354 static uint8_t *scsi_get_buf(SCSIRequest *req)
355 {
356 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
357
358 return (uint8_t *)r->iov.iov_base;
359 }
360
361 static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
362 {
363 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
364 int buflen = 0;
365
366 if (req->cmd.buf[1] & 0x2) {
367 /* Command support data - optional, not implemented */
368 BADF("optional INQUIRY command support request not implemented\n");
369 return -1;
370 }
371
372 if (req->cmd.buf[1] & 0x1) {
373 /* Vital product data */
374 uint8_t page_code = req->cmd.buf[2];
375 if (req->cmd.xfer < 4) {
376 BADF("Error: Inquiry (EVPD[%02X]) buffer size %zd is "
377 "less than 4\n", page_code, req->cmd.xfer);
378 return -1;
379 }
380
381 if (s->qdev.type == TYPE_ROM) {
382 outbuf[buflen++] = 5;
383 } else {
384 outbuf[buflen++] = 0;
385 }
386 outbuf[buflen++] = page_code ; // this page
387 outbuf[buflen++] = 0x00;
388
389 switch (page_code) {
390 case 0x00: /* Supported page codes, mandatory */
391 {
392 int pages;
393 DPRINTF("Inquiry EVPD[Supported pages] "
394 "buffer size %zd\n", req->cmd.xfer);
395 pages = buflen++;
396 outbuf[buflen++] = 0x00; // list of supported pages (this page)
397 if (s->serial)
398 outbuf[buflen++] = 0x80; // unit serial number
399 outbuf[buflen++] = 0x83; // device identification
400 if (s->qdev.type == TYPE_DISK) {
401 outbuf[buflen++] = 0xb0; // block limits
402 outbuf[buflen++] = 0xb2; // thin provisioning
403 }
404 outbuf[pages] = buflen - pages - 1; // number of pages
405 break;
406 }
407 case 0x80: /* Device serial number, optional */
408 {
409 int l;
410
411 if (!s->serial) {
412 DPRINTF("Inquiry (EVPD[Serial number] not supported\n");
413 return -1;
414 }
415
416 l = strlen(s->serial);
417 if (l > req->cmd.xfer)
418 l = req->cmd.xfer;
419 if (l > 20)
420 l = 20;
421
422 DPRINTF("Inquiry EVPD[Serial number] "
423 "buffer size %zd\n", req->cmd.xfer);
424 outbuf[buflen++] = l;
425 memcpy(outbuf+buflen, s->serial, l);
426 buflen += l;
427 break;
428 }
429
430 case 0x83: /* Device identification page, mandatory */
431 {
432 int max_len = 255 - 8;
433 int id_len = strlen(bdrv_get_device_name(s->bs));
434
435 if (id_len > max_len)
436 id_len = max_len;
437 DPRINTF("Inquiry EVPD[Device identification] "
438 "buffer size %zd\n", req->cmd.xfer);
439
440 outbuf[buflen++] = 4 + id_len;
441 outbuf[buflen++] = 0x2; // ASCII
442 outbuf[buflen++] = 0; // not officially assigned
443 outbuf[buflen++] = 0; // reserved
444 outbuf[buflen++] = id_len; // length of data following
445
446 memcpy(outbuf+buflen, bdrv_get_device_name(s->bs), id_len);
447 buflen += id_len;
448 break;
449 }
450 case 0xb0: /* block limits */
451 {
452 unsigned int unmap_sectors =
453 s->qdev.conf.discard_granularity / s->qdev.blocksize;
454 unsigned int min_io_size =
455 s->qdev.conf.min_io_size / s->qdev.blocksize;
456 unsigned int opt_io_size =
457 s->qdev.conf.opt_io_size / s->qdev.blocksize;
458
459 if (s->qdev.type == TYPE_ROM) {
460 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
461 page_code);
462 return -1;
463 }
464 /* required VPD size with unmap support */
465 outbuf[3] = buflen = 0x3c;
466
467 memset(outbuf + 4, 0, buflen - 4);
468
469 /* optimal transfer length granularity */
470 outbuf[6] = (min_io_size >> 8) & 0xff;
471 outbuf[7] = min_io_size & 0xff;
472
473 /* optimal transfer length */
474 outbuf[12] = (opt_io_size >> 24) & 0xff;
475 outbuf[13] = (opt_io_size >> 16) & 0xff;
476 outbuf[14] = (opt_io_size >> 8) & 0xff;
477 outbuf[15] = opt_io_size & 0xff;
478
479 /* optimal unmap granularity */
480 outbuf[28] = (unmap_sectors >> 24) & 0xff;
481 outbuf[29] = (unmap_sectors >> 16) & 0xff;
482 outbuf[30] = (unmap_sectors >> 8) & 0xff;
483 outbuf[31] = unmap_sectors & 0xff;
484 break;
485 }
486 case 0xb2: /* thin provisioning */
487 {
488 outbuf[3] = buflen = 8;
489 outbuf[4] = 0;
490 outbuf[5] = 0x40; /* write same with unmap supported */
491 outbuf[6] = 0;
492 outbuf[7] = 0;
493 break;
494 }
495 default:
496 BADF("Error: unsupported Inquiry (EVPD[%02X]) "
497 "buffer size %zd\n", page_code, req->cmd.xfer);
498 return -1;
499 }
500 /* done with EVPD */
501 return buflen;
502 }
503
504 /* Standard INQUIRY data */
505 if (req->cmd.buf[2] != 0) {
506 BADF("Error: Inquiry (STANDARD) page or code "
507 "is non-zero [%02X]\n", req->cmd.buf[2]);
508 return -1;
509 }
510
511 /* PAGE CODE == 0 */
512 if (req->cmd.xfer < 5) {
513 BADF("Error: Inquiry (STANDARD) buffer size %zd "
514 "is less than 5\n", req->cmd.xfer);
515 return -1;
516 }
517
518 buflen = req->cmd.xfer;
519 if (buflen > SCSI_MAX_INQUIRY_LEN)
520 buflen = SCSI_MAX_INQUIRY_LEN;
521
522 memset(outbuf, 0, buflen);
523
524 outbuf[0] = s->qdev.type & 0x1f;
525 if (s->qdev.type == TYPE_ROM) {
526 outbuf[1] = 0x80;
527 memcpy(&outbuf[16], "QEMU CD-ROM ", 16);
528 } else {
529 outbuf[1] = s->removable ? 0x80 : 0;
530 memcpy(&outbuf[16], "QEMU HARDDISK ", 16);
531 }
532 memcpy(&outbuf[8], "QEMU ", 8);
533 memset(&outbuf[32], 0, 4);
534 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
535 /*
536 * We claim conformance to SPC-3, which is required for guests
537 * to ask for modern features like READ CAPACITY(16) or the
538 * block characteristics VPD page by default. Not all of SPC-3
539 * is actually implemented, but we're good enough.
540 */
541 outbuf[2] = 5;
542 outbuf[3] = 2; /* Format 2 */
543
544 if (buflen > 36) {
545 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
546 } else {
547 /* If the allocation length of CDB is too small,
548 the additional length is not adjusted */
549 outbuf[4] = 36 - 5;
550 }
551
552 /* Sync data transfer and TCQ. */
553 outbuf[7] = 0x10 | (req->bus->tcq ? 0x02 : 0);
554 return buflen;
555 }
556
557 static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
558 int page_control)
559 {
560 BlockDriverState *bdrv = s->bs;
561 int cylinders, heads, secs;
562 uint8_t *p = *p_outbuf;
563
564 /*
565 * If Changeable Values are requested, a mask denoting those mode parameters
566 * that are changeable shall be returned. As we currently don't support
567 * parameter changes via MODE_SELECT all bits are returned set to zero.
568 * The buffer was already menset to zero by the caller of this function.
569 */
570 switch (page) {
571 case 4: /* Rigid disk device geometry page. */
572 if (s->qdev.type == TYPE_ROM) {
573 return -1;
574 }
575 p[0] = 4;
576 p[1] = 0x16;
577 if (page_control == 1) { /* Changeable Values */
578 break;
579 }
580 /* if a geometry hint is available, use it */
581 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
582 p[2] = (cylinders >> 16) & 0xff;
583 p[3] = (cylinders >> 8) & 0xff;
584 p[4] = cylinders & 0xff;
585 p[5] = heads & 0xff;
586 /* Write precomp start cylinder, disabled */
587 p[6] = (cylinders >> 16) & 0xff;
588 p[7] = (cylinders >> 8) & 0xff;
589 p[8] = cylinders & 0xff;
590 /* Reduced current start cylinder, disabled */
591 p[9] = (cylinders >> 16) & 0xff;
592 p[10] = (cylinders >> 8) & 0xff;
593 p[11] = cylinders & 0xff;
594 /* Device step rate [ns], 200ns */
595 p[12] = 0;
596 p[13] = 200;
597 /* Landing zone cylinder */
598 p[14] = 0xff;
599 p[15] = 0xff;
600 p[16] = 0xff;
601 /* Medium rotation rate [rpm], 5400 rpm */
602 p[20] = (5400 >> 8) & 0xff;
603 p[21] = 5400 & 0xff;
604 break;
605
606 case 5: /* Flexible disk device geometry page. */
607 if (s->qdev.type == TYPE_ROM) {
608 return -1;
609 }
610 p[0] = 5;
611 p[1] = 0x1e;
612 if (page_control == 1) { /* Changeable Values */
613 break;
614 }
615 /* Transfer rate [kbit/s], 5Mbit/s */
616 p[2] = 5000 >> 8;
617 p[3] = 5000 & 0xff;
618 /* if a geometry hint is available, use it */
619 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
620 p[4] = heads & 0xff;
621 p[5] = secs & 0xff;
622 p[6] = s->cluster_size * 2;
623 p[8] = (cylinders >> 8) & 0xff;
624 p[9] = cylinders & 0xff;
625 /* Write precomp start cylinder, disabled */
626 p[10] = (cylinders >> 8) & 0xff;
627 p[11] = cylinders & 0xff;
628 /* Reduced current start cylinder, disabled */
629 p[12] = (cylinders >> 8) & 0xff;
630 p[13] = cylinders & 0xff;
631 /* Device step rate [100us], 100us */
632 p[14] = 0;
633 p[15] = 1;
634 /* Device step pulse width [us], 1us */
635 p[16] = 1;
636 /* Device head settle delay [100us], 100us */
637 p[17] = 0;
638 p[18] = 1;
639 /* Motor on delay [0.1s], 0.1s */
640 p[19] = 1;
641 /* Motor off delay [0.1s], 0.1s */
642 p[20] = 1;
643 /* Medium rotation rate [rpm], 5400 rpm */
644 p[28] = (5400 >> 8) & 0xff;
645 p[29] = 5400 & 0xff;
646 break;
647
648 case 8: /* Caching page. */
649 p[0] = 8;
650 p[1] = 0x12;
651 if (page_control == 1) { /* Changeable Values */
652 break;
653 }
654 if (bdrv_enable_write_cache(s->bs)) {
655 p[2] = 4; /* WCE */
656 }
657 break;
658
659 case 0x2a: /* CD Capabilities and Mechanical Status page. */
660 if (s->qdev.type != TYPE_ROM) {
661 return -1;
662 }
663 p[0] = 0x2a;
664 p[1] = 0x14;
665 if (page_control == 1) { /* Changeable Values */
666 break;
667 }
668 p[2] = 3; // CD-R & CD-RW read
669 p[3] = 0; // Writing not supported
670 p[4] = 0x7f; /* Audio, composite, digital out,
671 mode 2 form 1&2, multi session */
672 p[5] = 0xff; /* CD DA, DA accurate, RW supported,
673 RW corrected, C2 errors, ISRC,
674 UPC, Bar code */
675 p[6] = 0x2d | (s->tray_locked ? 2 : 0);
676 /* Locking supported, jumper present, eject, tray */
677 p[7] = 0; /* no volume & mute control, no
678 changer */
679 p[8] = (50 * 176) >> 8; // 50x read speed
680 p[9] = (50 * 176) & 0xff;
681 p[10] = 0 >> 8; // No volume
682 p[11] = 0 & 0xff;
683 p[12] = 2048 >> 8; // 2M buffer
684 p[13] = 2048 & 0xff;
685 p[14] = (16 * 176) >> 8; // 16x read speed current
686 p[15] = (16 * 176) & 0xff;
687 p[18] = (16 * 176) >> 8; // 16x write speed
688 p[19] = (16 * 176) & 0xff;
689 p[20] = (16 * 176) >> 8; // 16x write speed current
690 p[21] = (16 * 176) & 0xff;
691 break;
692
693 default:
694 return -1;
695 }
696
697 *p_outbuf += p[1] + 2;
698 return p[1] + 2;
699 }
700
701 static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
702 {
703 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
704 uint64_t nb_sectors;
705 int page, dbd, buflen, ret, page_control;
706 uint8_t *p;
707 uint8_t dev_specific_param;
708
709 dbd = r->req.cmd.buf[1] & 0x8;
710 page = r->req.cmd.buf[2] & 0x3f;
711 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
712 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
713 (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control);
714 memset(outbuf, 0, r->req.cmd.xfer);
715 p = outbuf;
716
717 if (bdrv_is_read_only(s->bs)) {
718 dev_specific_param = 0x80; /* Readonly. */
719 } else {
720 dev_specific_param = 0x00;
721 }
722
723 if (r->req.cmd.buf[0] == MODE_SENSE) {
724 p[1] = 0; /* Default media type. */
725 p[2] = dev_specific_param;
726 p[3] = 0; /* Block descriptor length. */
727 p += 4;
728 } else { /* MODE_SENSE_10 */
729 p[2] = 0; /* Default media type. */
730 p[3] = dev_specific_param;
731 p[6] = p[7] = 0; /* Block descriptor length. */
732 p += 8;
733 }
734
735 bdrv_get_geometry(s->bs, &nb_sectors);
736 if (!dbd && nb_sectors) {
737 if (r->req.cmd.buf[0] == MODE_SENSE) {
738 outbuf[3] = 8; /* Block descriptor length */
739 } else { /* MODE_SENSE_10 */
740 outbuf[7] = 8; /* Block descriptor length */
741 }
742 nb_sectors /= s->cluster_size;
743 if (nb_sectors > 0xffffff)
744 nb_sectors = 0;
745 p[0] = 0; /* media density code */
746 p[1] = (nb_sectors >> 16) & 0xff;
747 p[2] = (nb_sectors >> 8) & 0xff;
748 p[3] = nb_sectors & 0xff;
749 p[4] = 0; /* reserved */
750 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
751 p[6] = s->cluster_size * 2;
752 p[7] = 0;
753 p += 8;
754 }
755
756 if (page_control == 3) {
757 /* Saved Values */
758 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
759 return -1;
760 }
761
762 if (page == 0x3f) {
763 for (page = 0; page <= 0x3e; page++) {
764 mode_sense_page(s, page, &p, page_control);
765 }
766 } else {
767 ret = mode_sense_page(s, page, &p, page_control);
768 if (ret == -1) {
769 return -1;
770 }
771 }
772
773 buflen = p - outbuf;
774 /*
775 * The mode data length field specifies the length in bytes of the
776 * following data that is available to be transferred. The mode data
777 * length does not include itself.
778 */
779 if (r->req.cmd.buf[0] == MODE_SENSE) {
780 outbuf[0] = buflen - 1;
781 } else { /* MODE_SENSE_10 */
782 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
783 outbuf[1] = (buflen - 2) & 0xff;
784 }
785 if (buflen > r->req.cmd.xfer)
786 buflen = r->req.cmd.xfer;
787 return buflen;
788 }
789
790 static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
791 {
792 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
793 int start_track, format, msf, toclen;
794 uint64_t nb_sectors;
795
796 msf = req->cmd.buf[1] & 2;
797 format = req->cmd.buf[2] & 0xf;
798 start_track = req->cmd.buf[6];
799 bdrv_get_geometry(s->bs, &nb_sectors);
800 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
801 nb_sectors /= s->cluster_size;
802 switch (format) {
803 case 0:
804 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
805 break;
806 case 1:
807 /* multi session : only a single session defined */
808 toclen = 12;
809 memset(outbuf, 0, 12);
810 outbuf[1] = 0x0a;
811 outbuf[2] = 0x01;
812 outbuf[3] = 0x01;
813 break;
814 case 2:
815 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
816 break;
817 default:
818 return -1;
819 }
820 if (toclen > req->cmd.xfer)
821 toclen = req->cmd.xfer;
822 return toclen;
823 }
824
825 static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
826 {
827 SCSIRequest *req = &r->req;
828 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
829 bool start = req->cmd.buf[4] & 1;
830 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
831
832 if (s->qdev.type == TYPE_ROM && loej) {
833 if (!start && !s->tray_open && s->tray_locked) {
834 scsi_check_condition(r,
835 bdrv_is_inserted(s->bs)
836 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
837 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
838 return -1;
839 }
840 bdrv_eject(s->bs, !start);
841 s->tray_open = !start;
842 }
843 return 0;
844 }
845
846 static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf)
847 {
848 SCSIRequest *req = &r->req;
849 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
850 uint64_t nb_sectors;
851 int buflen = 0;
852
853 switch (req->cmd.buf[0]) {
854 case TEST_UNIT_READY:
855 if (s->tray_open || !bdrv_is_inserted(s->bs))
856 goto not_ready;
857 break;
858 case INQUIRY:
859 buflen = scsi_disk_emulate_inquiry(req, outbuf);
860 if (buflen < 0)
861 goto illegal_request;
862 break;
863 case MODE_SENSE:
864 case MODE_SENSE_10:
865 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
866 if (buflen < 0)
867 goto illegal_request;
868 break;
869 case READ_TOC:
870 buflen = scsi_disk_emulate_read_toc(req, outbuf);
871 if (buflen < 0)
872 goto illegal_request;
873 break;
874 case RESERVE:
875 if (req->cmd.buf[1] & 1)
876 goto illegal_request;
877 break;
878 case RESERVE_10:
879 if (req->cmd.buf[1] & 3)
880 goto illegal_request;
881 break;
882 case RELEASE:
883 if (req->cmd.buf[1] & 1)
884 goto illegal_request;
885 break;
886 case RELEASE_10:
887 if (req->cmd.buf[1] & 3)
888 goto illegal_request;
889 break;
890 case START_STOP:
891 if (scsi_disk_emulate_start_stop(r) < 0) {
892 return -1;
893 }
894 break;
895 case ALLOW_MEDIUM_REMOVAL:
896 s->tray_locked = req->cmd.buf[4] & 1;
897 bdrv_lock_medium(s->bs, req->cmd.buf[4] & 1);
898 break;
899 case READ_CAPACITY_10:
900 /* The normal LEN field for this command is zero. */
901 memset(outbuf, 0, 8);
902 bdrv_get_geometry(s->bs, &nb_sectors);
903 if (!nb_sectors)
904 goto not_ready;
905 nb_sectors /= s->cluster_size;
906 /* Returned value is the address of the last sector. */
907 nb_sectors--;
908 /* Remember the new size for read/write sanity checking. */
909 s->max_lba = nb_sectors;
910 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
911 if (nb_sectors > UINT32_MAX)
912 nb_sectors = UINT32_MAX;
913 outbuf[0] = (nb_sectors >> 24) & 0xff;
914 outbuf[1] = (nb_sectors >> 16) & 0xff;
915 outbuf[2] = (nb_sectors >> 8) & 0xff;
916 outbuf[3] = nb_sectors & 0xff;
917 outbuf[4] = 0;
918 outbuf[5] = 0;
919 outbuf[6] = s->cluster_size * 2;
920 outbuf[7] = 0;
921 buflen = 8;
922 break;
923 case GET_CONFIGURATION:
924 memset(outbuf, 0, 8);
925 /* ??? This should probably return much more information. For now
926 just return the basic header indicating the CD-ROM profile. */
927 outbuf[7] = 8; // CD-ROM
928 buflen = 8;
929 break;
930 case SERVICE_ACTION_IN_16:
931 /* Service Action In subcommands. */
932 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
933 DPRINTF("SAI READ CAPACITY(16)\n");
934 memset(outbuf, 0, req->cmd.xfer);
935 bdrv_get_geometry(s->bs, &nb_sectors);
936 if (!nb_sectors)
937 goto not_ready;
938 nb_sectors /= s->cluster_size;
939 /* Returned value is the address of the last sector. */
940 nb_sectors--;
941 /* Remember the new size for read/write sanity checking. */
942 s->max_lba = nb_sectors;
943 outbuf[0] = (nb_sectors >> 56) & 0xff;
944 outbuf[1] = (nb_sectors >> 48) & 0xff;
945 outbuf[2] = (nb_sectors >> 40) & 0xff;
946 outbuf[3] = (nb_sectors >> 32) & 0xff;
947 outbuf[4] = (nb_sectors >> 24) & 0xff;
948 outbuf[5] = (nb_sectors >> 16) & 0xff;
949 outbuf[6] = (nb_sectors >> 8) & 0xff;
950 outbuf[7] = nb_sectors & 0xff;
951 outbuf[8] = 0;
952 outbuf[9] = 0;
953 outbuf[10] = s->cluster_size * 2;
954 outbuf[11] = 0;
955 outbuf[12] = 0;
956 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
957
958 /* set TPE bit if the format supports discard */
959 if (s->qdev.conf.discard_granularity) {
960 outbuf[14] = 0x80;
961 }
962
963 /* Protection, exponent and lowest lba field left blank. */
964 buflen = req->cmd.xfer;
965 break;
966 }
967 DPRINTF("Unsupported Service Action In\n");
968 goto illegal_request;
969 case VERIFY_10:
970 break;
971 default:
972 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
973 return -1;
974 }
975 return buflen;
976
977 not_ready:
978 if (s->tray_open || !bdrv_is_inserted(s->bs)) {
979 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
980 } else {
981 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
982 }
983 return -1;
984
985 illegal_request:
986 if (r->req.status == -1) {
987 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
988 }
989 return -1;
990 }
991
992 /* Execute a scsi command. Returns the length of the data expected by the
993 command. This will be Positive for data transfers from the device
994 (eg. disk reads), negative for transfers to the device (eg. disk writes),
995 and zero if the command does not transfer any data. */
996
997 static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf)
998 {
999 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1000 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1001 int32_t len;
1002 uint8_t command;
1003 uint8_t *outbuf;
1004 int rc;
1005
1006 command = buf[0];
1007 outbuf = (uint8_t *)r->iov.iov_base;
1008 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", req->lun, req->tag, buf[0]);
1009
1010 #ifdef DEBUG_SCSI
1011 {
1012 int i;
1013 for (i = 1; i < r->req.cmd.len; i++) {
1014 printf(" 0x%02x", buf[i]);
1015 }
1016 printf("\n");
1017 }
1018 #endif
1019
1020 switch (command) {
1021 case TEST_UNIT_READY:
1022 case INQUIRY:
1023 case MODE_SENSE:
1024 case MODE_SENSE_10:
1025 case RESERVE:
1026 case RESERVE_10:
1027 case RELEASE:
1028 case RELEASE_10:
1029 case START_STOP:
1030 case ALLOW_MEDIUM_REMOVAL:
1031 case READ_CAPACITY_10:
1032 case READ_TOC:
1033 case GET_CONFIGURATION:
1034 case SERVICE_ACTION_IN_16:
1035 case VERIFY_10:
1036 rc = scsi_disk_emulate_command(r, outbuf);
1037 if (rc < 0) {
1038 return 0;
1039 }
1040
1041 r->iov.iov_len = rc;
1042 break;
1043 case SYNCHRONIZE_CACHE:
1044 bdrv_acct_start(s->bs, &r->acct, 0, BDRV_ACCT_FLUSH);
1045 r->req.aiocb = bdrv_aio_flush(s->bs, scsi_flush_complete, r);
1046 if (r->req.aiocb == NULL) {
1047 scsi_flush_complete(r, -EIO);
1048 }
1049 return 0;
1050 case READ_6:
1051 case READ_10:
1052 case READ_12:
1053 case READ_16:
1054 len = r->req.cmd.xfer / s->qdev.blocksize;
1055 DPRINTF("Read (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len);
1056 if (r->req.cmd.lba > s->max_lba)
1057 goto illegal_lba;
1058 r->sector = r->req.cmd.lba * s->cluster_size;
1059 r->sector_count = len * s->cluster_size;
1060 break;
1061 case WRITE_6:
1062 case WRITE_10:
1063 case WRITE_12:
1064 case WRITE_16:
1065 case WRITE_VERIFY_10:
1066 case WRITE_VERIFY_12:
1067 case WRITE_VERIFY_16:
1068 len = r->req.cmd.xfer / s->qdev.blocksize;
1069 DPRINTF("Write %s(sector %" PRId64 ", count %d)\n",
1070 (command & 0xe) == 0xe ? "And Verify " : "",
1071 r->req.cmd.lba, len);
1072 if (r->req.cmd.lba > s->max_lba)
1073 goto illegal_lba;
1074 r->sector = r->req.cmd.lba * s->cluster_size;
1075 r->sector_count = len * s->cluster_size;
1076 break;
1077 case MODE_SELECT:
1078 DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
1079 /* We don't support mode parameter changes.
1080 Allow the mode parameter header + block descriptors only. */
1081 if (r->req.cmd.xfer > 12) {
1082 goto fail;
1083 }
1084 break;
1085 case MODE_SELECT_10:
1086 DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
1087 /* We don't support mode parameter changes.
1088 Allow the mode parameter header + block descriptors only. */
1089 if (r->req.cmd.xfer > 16) {
1090 goto fail;
1091 }
1092 break;
1093 case SEEK_6:
1094 case SEEK_10:
1095 DPRINTF("Seek(%d) (sector %" PRId64 ")\n", command == SEEK_6 ? 6 : 10,
1096 r->req.cmd.lba);
1097 if (r->req.cmd.lba > s->max_lba) {
1098 goto illegal_lba;
1099 }
1100 break;
1101 case WRITE_SAME_16:
1102 len = r->req.cmd.xfer / s->qdev.blocksize;
1103
1104 DPRINTF("WRITE SAME(16) (sector %" PRId64 ", count %d)\n",
1105 r->req.cmd.lba, len);
1106
1107 if (r->req.cmd.lba > s->max_lba) {
1108 goto illegal_lba;
1109 }
1110
1111 /*
1112 * We only support WRITE SAME with the unmap bit set for now.
1113 */
1114 if (!(buf[1] & 0x8)) {
1115 goto fail;
1116 }
1117
1118 rc = bdrv_discard(s->bs, r->req.cmd.lba * s->cluster_size,
1119 len * s->cluster_size);
1120 if (rc < 0) {
1121 /* XXX: better error code ?*/
1122 goto fail;
1123 }
1124
1125 break;
1126 case REQUEST_SENSE:
1127 abort();
1128 default:
1129 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
1130 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
1131 return 0;
1132 fail:
1133 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1134 return 0;
1135 illegal_lba:
1136 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1137 return 0;
1138 }
1139 if (r->sector_count == 0 && r->iov.iov_len == 0) {
1140 scsi_req_complete(&r->req, GOOD);
1141 }
1142 len = r->sector_count * 512 + r->iov.iov_len;
1143 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
1144 return -len;
1145 } else {
1146 if (!r->sector_count)
1147 r->sector_count = -1;
1148 return len;
1149 }
1150 }
1151
1152 static void scsi_disk_reset(DeviceState *dev)
1153 {
1154 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
1155 uint64_t nb_sectors;
1156
1157 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
1158
1159 bdrv_get_geometry(s->bs, &nb_sectors);
1160 nb_sectors /= s->cluster_size;
1161 if (nb_sectors) {
1162 nb_sectors--;
1163 }
1164 s->max_lba = nb_sectors;
1165 }
1166
1167 static void scsi_destroy(SCSIDevice *dev)
1168 {
1169 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1170
1171 scsi_device_purge_requests(&s->qdev, SENSE_CODE(NO_SENSE));
1172 blockdev_mark_auto_del(s->qdev.conf.bs);
1173 }
1174
1175 static void scsi_cd_change_media_cb(void *opaque)
1176 {
1177 }
1178
1179 static bool scsi_cd_is_medium_locked(void *opaque)
1180 {
1181 return ((SCSIDiskState *)opaque)->tray_locked;
1182 }
1183
1184 static const BlockDevOps scsi_cd_block_ops = {
1185 .change_media_cb = scsi_cd_change_media_cb,
1186 .is_medium_locked = scsi_cd_is_medium_locked,
1187 };
1188
1189 static int scsi_initfn(SCSIDevice *dev, uint8_t scsi_type)
1190 {
1191 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1192 DriveInfo *dinfo;
1193
1194 if (!s->qdev.conf.bs) {
1195 error_report("scsi-disk: drive property not set");
1196 return -1;
1197 }
1198 s->bs = s->qdev.conf.bs;
1199
1200 if (scsi_type == TYPE_DISK && !bdrv_is_inserted(s->bs)) {
1201 error_report("Device needs media, but drive is empty");
1202 return -1;
1203 }
1204
1205 if (!s->serial) {
1206 /* try to fall back to value set with legacy -drive serial=... */
1207 dinfo = drive_get_by_blockdev(s->bs);
1208 if (*dinfo->serial) {
1209 s->serial = g_strdup(dinfo->serial);
1210 }
1211 }
1212
1213 if (!s->version) {
1214 s->version = g_strdup(QEMU_VERSION);
1215 }
1216
1217 if (bdrv_is_sg(s->bs)) {
1218 error_report("scsi-disk: unwanted /dev/sg*");
1219 return -1;
1220 }
1221
1222 if (scsi_type == TYPE_ROM) {
1223 bdrv_set_dev_ops(s->bs, &scsi_cd_block_ops, s);
1224 s->qdev.blocksize = 2048;
1225 } else if (scsi_type == TYPE_DISK) {
1226 s->qdev.blocksize = s->qdev.conf.logical_block_size;
1227 } else {
1228 error_report("scsi-disk: Unhandled SCSI type %02x", scsi_type);
1229 return -1;
1230 }
1231 s->cluster_size = s->qdev.blocksize / 512;
1232 s->bs->buffer_alignment = s->qdev.blocksize;
1233
1234 s->qdev.type = scsi_type;
1235 qemu_add_vm_change_state_handler(scsi_dma_restart_cb, s);
1236 bdrv_set_removable(s->bs, scsi_type == TYPE_ROM);
1237 add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, ",0");
1238 return 0;
1239 }
1240
1241 static int scsi_hd_initfn(SCSIDevice *dev)
1242 {
1243 return scsi_initfn(dev, TYPE_DISK);
1244 }
1245
1246 static int scsi_cd_initfn(SCSIDevice *dev)
1247 {
1248 return scsi_initfn(dev, TYPE_ROM);
1249 }
1250
1251 static int scsi_disk_initfn(SCSIDevice *dev)
1252 {
1253 DriveInfo *dinfo;
1254 uint8_t scsi_type;
1255
1256 if (!dev->conf.bs) {
1257 scsi_type = TYPE_DISK; /* will die in scsi_initfn() */
1258 } else {
1259 dinfo = drive_get_by_blockdev(dev->conf.bs);
1260 scsi_type = dinfo->media_cd ? TYPE_ROM : TYPE_DISK;
1261 }
1262
1263 return scsi_initfn(dev, scsi_type);
1264 }
1265
1266 static SCSIReqOps scsi_disk_reqops = {
1267 .size = sizeof(SCSIDiskReq),
1268 .free_req = scsi_free_request,
1269 .send_command = scsi_send_command,
1270 .read_data = scsi_read_data,
1271 .write_data = scsi_write_data,
1272 .cancel_io = scsi_cancel_io,
1273 .get_buf = scsi_get_buf,
1274 };
1275
1276 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag,
1277 uint32_t lun, void *hba_private)
1278 {
1279 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
1280 SCSIRequest *req;
1281 SCSIDiskReq *r;
1282
1283 req = scsi_req_alloc(&scsi_disk_reqops, &s->qdev, tag, lun, hba_private);
1284 r = DO_UPCAST(SCSIDiskReq, req, req);
1285 r->iov.iov_base = qemu_blockalign(s->bs, SCSI_DMA_BUF_SIZE);
1286 return req;
1287 }
1288
1289 #define DEFINE_SCSI_DISK_PROPERTIES() \
1290 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \
1291 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
1292 DEFINE_PROP_STRING("serial", SCSIDiskState, serial)
1293
1294 static SCSIDeviceInfo scsi_disk_info[] = {
1295 {
1296 .qdev.name = "scsi-hd",
1297 .qdev.fw_name = "disk",
1298 .qdev.desc = "virtual SCSI disk",
1299 .qdev.size = sizeof(SCSIDiskState),
1300 .qdev.reset = scsi_disk_reset,
1301 .init = scsi_hd_initfn,
1302 .destroy = scsi_destroy,
1303 .alloc_req = scsi_new_request,
1304 .qdev.props = (Property[]) {
1305 DEFINE_SCSI_DISK_PROPERTIES(),
1306 DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false),
1307 DEFINE_PROP_END_OF_LIST(),
1308 }
1309 },{
1310 .qdev.name = "scsi-cd",
1311 .qdev.fw_name = "disk",
1312 .qdev.desc = "virtual SCSI CD-ROM",
1313 .qdev.size = sizeof(SCSIDiskState),
1314 .qdev.reset = scsi_disk_reset,
1315 .init = scsi_cd_initfn,
1316 .destroy = scsi_destroy,
1317 .alloc_req = scsi_new_request,
1318 .qdev.props = (Property[]) {
1319 DEFINE_SCSI_DISK_PROPERTIES(),
1320 DEFINE_PROP_END_OF_LIST(),
1321 },
1322 },{
1323 .qdev.name = "scsi-disk", /* legacy -device scsi-disk */
1324 .qdev.fw_name = "disk",
1325 .qdev.desc = "virtual SCSI disk or CD-ROM (legacy)",
1326 .qdev.size = sizeof(SCSIDiskState),
1327 .qdev.reset = scsi_disk_reset,
1328 .init = scsi_disk_initfn,
1329 .destroy = scsi_destroy,
1330 .alloc_req = scsi_new_request,
1331 .qdev.props = (Property[]) {
1332 DEFINE_SCSI_DISK_PROPERTIES(),
1333 DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false),
1334 DEFINE_PROP_END_OF_LIST(),
1335 }
1336 }
1337 };
1338
1339 static void scsi_disk_register_devices(void)
1340 {
1341 int i;
1342
1343 for (i = 0; i < ARRAY_SIZE(scsi_disk_info); i++) {
1344 scsi_qdev_register(&scsi_disk_info[i]);
1345 }
1346 }
1347 device_init(scsi_disk_register_devices)
AR7 emulation for QEMU