2 * SCSI Device emulation
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
7 * Written by Paul Brook
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
15 * This code is licensed under the LGPL.
17 * Note that this file only handles the SCSI architecture model and device
18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
25 #define DPRINTF(fmt, ...) \
26 do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
28 #define DPRINTF(fmt, ...) do {} while(0)
31 #include "qemu/osdep.h"
32 #include "qapi/error.h"
33 #include "qemu/error-report.h"
34 #include "hw/scsi/scsi.h"
35 #include "block/scsi.h"
36 #include "sysemu/sysemu.h"
37 #include "sysemu/block-backend.h"
38 #include "sysemu/blockdev.h"
39 #include "hw/block/block.h"
40 #include "sysemu/dma.h"
41 #include "qemu/cutils.h"
47 #define SCSI_WRITE_SAME_MAX 524288
48 #define SCSI_DMA_BUF_SIZE 131072
49 #define SCSI_MAX_INQUIRY_LEN 256
50 #define SCSI_MAX_MODE_LEN 256
52 #define DEFAULT_DISCARD_GRANULARITY 4096
53 #define DEFAULT_MAX_UNMAP_SIZE (1 << 30) /* 1 GB */
54 #define DEFAULT_MAX_IO_SIZE INT_MAX /* 2 GB - 1 block */
56 #define TYPE_SCSI_DISK_BASE "scsi-disk-base"
58 #define SCSI_DISK_BASE(obj) \
59 OBJECT_CHECK(SCSIDiskState, (obj), TYPE_SCSI_DISK_BASE)
60 #define SCSI_DISK_BASE_CLASS(klass) \
61 OBJECT_CLASS_CHECK(SCSIDiskClass, (klass), TYPE_SCSI_DISK_BASE)
62 #define SCSI_DISK_BASE_GET_CLASS(obj) \
63 OBJECT_GET_CLASS(SCSIDiskClass, (obj), TYPE_SCSI_DISK_BASE)
65 typedef struct SCSIDiskClass
{
66 SCSIDeviceClass parent_class
;
68 DMAIOFunc
*dma_writev
;
69 bool (*need_fua_emulation
)(SCSICommand
*cmd
);
72 typedef struct SCSIDiskReq
{
74 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
76 uint32_t sector_count
;
79 bool need_fua_emulation
;
83 unsigned char *status
;
86 #define SCSI_DISK_F_REMOVABLE 0
87 #define SCSI_DISK_F_DPOFUA 1
88 #define SCSI_DISK_F_NO_REMOVABLE_DEVOPS 2
90 typedef struct SCSIDiskState
98 uint64_t max_unmap_size
;
109 static int scsi_handle_rw_error(SCSIDiskReq
*r
, int error
, bool acct_failed
);
111 static void scsi_free_request(SCSIRequest
*req
)
113 SCSIDiskReq
*r
= DO_UPCAST(SCSIDiskReq
, req
, req
);
115 qemu_vfree(r
->iov
.iov_base
);
118 /* Helper function for command completion with sense. */
119 static void scsi_check_condition(SCSIDiskReq
*r
, SCSISense sense
)
121 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n",
122 r
->req
.tag
, sense
.key
, sense
.asc
, sense
.ascq
);
123 scsi_req_build_sense(&r
->req
, sense
);
124 scsi_req_complete(&r
->req
, CHECK_CONDITION
);
127 static void scsi_init_iovec(SCSIDiskReq
*r
, size_t size
)
129 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
131 if (!r
->iov
.iov_base
) {
133 r
->iov
.iov_base
= blk_blockalign(s
->qdev
.conf
.blk
, r
->buflen
);
135 r
->iov
.iov_len
= MIN(r
->sector_count
* 512, r
->buflen
);
136 qemu_iovec_init_external(&r
->qiov
, &r
->iov
, 1);
139 static void scsi_disk_save_request(QEMUFile
*f
, SCSIRequest
*req
)
141 SCSIDiskReq
*r
= DO_UPCAST(SCSIDiskReq
, req
, req
);
143 qemu_put_be64s(f
, &r
->sector
);
144 qemu_put_be32s(f
, &r
->sector_count
);
145 qemu_put_be32s(f
, &r
->buflen
);
147 if (r
->req
.cmd
.mode
== SCSI_XFER_TO_DEV
) {
148 qemu_put_buffer(f
, r
->iov
.iov_base
, r
->iov
.iov_len
);
149 } else if (!req
->retry
) {
150 uint32_t len
= r
->iov
.iov_len
;
151 qemu_put_be32s(f
, &len
);
152 qemu_put_buffer(f
, r
->iov
.iov_base
, r
->iov
.iov_len
);
157 static void scsi_disk_load_request(QEMUFile
*f
, SCSIRequest
*req
)
159 SCSIDiskReq
*r
= DO_UPCAST(SCSIDiskReq
, req
, req
);
161 qemu_get_be64s(f
, &r
->sector
);
162 qemu_get_be32s(f
, &r
->sector_count
);
163 qemu_get_be32s(f
, &r
->buflen
);
165 scsi_init_iovec(r
, r
->buflen
);
166 if (r
->req
.cmd
.mode
== SCSI_XFER_TO_DEV
) {
167 qemu_get_buffer(f
, r
->iov
.iov_base
, r
->iov
.iov_len
);
168 } else if (!r
->req
.retry
) {
170 qemu_get_be32s(f
, &len
);
171 r
->iov
.iov_len
= len
;
172 assert(r
->iov
.iov_len
<= r
->buflen
);
173 qemu_get_buffer(f
, r
->iov
.iov_base
, r
->iov
.iov_len
);
177 qemu_iovec_init_external(&r
->qiov
, &r
->iov
, 1);
180 static bool scsi_disk_req_check_error(SCSIDiskReq
*r
, int ret
, bool acct_failed
)
182 if (r
->req
.io_canceled
) {
183 scsi_req_cancel_complete(&r
->req
);
188 return scsi_handle_rw_error(r
, -ret
, acct_failed
);
191 if (r
->status
&& *r
->status
) {
193 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
194 block_acct_failed(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
);
196 scsi_req_complete(&r
->req
, *r
->status
);
203 static void scsi_aio_complete(void *opaque
, int ret
)
205 SCSIDiskReq
*r
= (SCSIDiskReq
*)opaque
;
206 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
208 assert(r
->req
.aiocb
!= NULL
);
210 aio_context_acquire(blk_get_aio_context(s
->qdev
.conf
.blk
));
211 if (scsi_disk_req_check_error(r
, ret
, true)) {
215 block_acct_done(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
);
216 scsi_req_complete(&r
->req
, GOOD
);
219 aio_context_release(blk_get_aio_context(s
->qdev
.conf
.blk
));
220 scsi_req_unref(&r
->req
);
223 static bool scsi_is_cmd_fua(SCSICommand
*cmd
)
225 switch (cmd
->buf
[0]) {
232 return (cmd
->buf
[1] & 8) != 0;
237 case WRITE_VERIFY_10
:
238 case WRITE_VERIFY_12
:
239 case WRITE_VERIFY_16
:
249 static void scsi_write_do_fua(SCSIDiskReq
*r
)
251 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
253 assert(r
->req
.aiocb
== NULL
);
254 assert(!r
->req
.io_canceled
);
256 if (r
->need_fua_emulation
) {
257 block_acct_start(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
, 0,
259 r
->req
.aiocb
= blk_aio_flush(s
->qdev
.conf
.blk
, scsi_aio_complete
, r
);
263 scsi_req_complete(&r
->req
, GOOD
);
264 scsi_req_unref(&r
->req
);
267 static void scsi_dma_complete_noio(SCSIDiskReq
*r
, int ret
)
269 assert(r
->req
.aiocb
== NULL
);
270 if (scsi_disk_req_check_error(r
, ret
, false)) {
274 r
->sector
+= r
->sector_count
;
276 if (r
->req
.cmd
.mode
== SCSI_XFER_TO_DEV
) {
277 scsi_write_do_fua(r
);
280 scsi_req_complete(&r
->req
, GOOD
);
284 scsi_req_unref(&r
->req
);
287 static void scsi_dma_complete(void *opaque
, int ret
)
289 SCSIDiskReq
*r
= (SCSIDiskReq
*)opaque
;
290 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
292 assert(r
->req
.aiocb
!= NULL
);
295 aio_context_acquire(blk_get_aio_context(s
->qdev
.conf
.blk
));
297 block_acct_failed(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
);
299 block_acct_done(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
);
301 scsi_dma_complete_noio(r
, ret
);
302 aio_context_release(blk_get_aio_context(s
->qdev
.conf
.blk
));
305 static void scsi_read_complete(void * opaque
, int ret
)
307 SCSIDiskReq
*r
= (SCSIDiskReq
*)opaque
;
308 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
311 assert(r
->req
.aiocb
!= NULL
);
313 aio_context_acquire(blk_get_aio_context(s
->qdev
.conf
.blk
));
314 if (scsi_disk_req_check_error(r
, ret
, true)) {
318 block_acct_done(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
);
319 DPRINTF("Data ready tag=0x%x len=%zd\n", r
->req
.tag
, r
->qiov
.size
);
321 n
= r
->qiov
.size
/ 512;
323 r
->sector_count
-= n
;
324 scsi_req_data(&r
->req
, r
->qiov
.size
);
327 scsi_req_unref(&r
->req
);
328 aio_context_release(blk_get_aio_context(s
->qdev
.conf
.blk
));
331 /* Actually issue a read to the block device. */
332 static void scsi_do_read(SCSIDiskReq
*r
, int ret
)
334 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
335 SCSIDiskClass
*sdc
= (SCSIDiskClass
*) object_get_class(OBJECT(s
));
337 assert (r
->req
.aiocb
== NULL
);
338 if (scsi_disk_req_check_error(r
, ret
, false)) {
342 /* The request is used as the AIO opaque value, so add a ref. */
343 scsi_req_ref(&r
->req
);
346 dma_acct_start(s
->qdev
.conf
.blk
, &r
->acct
, r
->req
.sg
, BLOCK_ACCT_READ
);
347 r
->req
.resid
-= r
->req
.sg
->size
;
348 r
->req
.aiocb
= dma_blk_io(blk_get_aio_context(s
->qdev
.conf
.blk
),
349 r
->req
.sg
, r
->sector
<< BDRV_SECTOR_BITS
,
351 sdc
->dma_readv
, r
, scsi_dma_complete
, r
,
352 DMA_DIRECTION_FROM_DEVICE
);
354 scsi_init_iovec(r
, SCSI_DMA_BUF_SIZE
);
355 block_acct_start(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
,
356 r
->qiov
.size
, BLOCK_ACCT_READ
);
357 r
->req
.aiocb
= sdc
->dma_readv(r
->sector
<< BDRV_SECTOR_BITS
, &r
->qiov
,
358 scsi_read_complete
, r
, r
);
362 scsi_req_unref(&r
->req
);
365 static void scsi_do_read_cb(void *opaque
, int ret
)
367 SCSIDiskReq
*r
= (SCSIDiskReq
*)opaque
;
368 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
370 assert (r
->req
.aiocb
!= NULL
);
373 aio_context_acquire(blk_get_aio_context(s
->qdev
.conf
.blk
));
375 block_acct_failed(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
);
377 block_acct_done(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
);
379 scsi_do_read(opaque
, ret
);
380 aio_context_release(blk_get_aio_context(s
->qdev
.conf
.blk
));
383 /* Read more data from scsi device into buffer. */
384 static void scsi_read_data(SCSIRequest
*req
)
386 SCSIDiskReq
*r
= DO_UPCAST(SCSIDiskReq
, req
, req
);
387 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
390 DPRINTF("Read sector_count=%d\n", r
->sector_count
);
391 if (r
->sector_count
== 0) {
392 /* This also clears the sense buffer for REQUEST SENSE. */
393 scsi_req_complete(&r
->req
, GOOD
);
397 /* No data transfer may already be in progress */
398 assert(r
->req
.aiocb
== NULL
);
400 /* The request is used as the AIO opaque value, so add a ref. */
401 scsi_req_ref(&r
->req
);
402 if (r
->req
.cmd
.mode
== SCSI_XFER_TO_DEV
) {
403 DPRINTF("Data transfer direction invalid\n");
404 scsi_read_complete(r
, -EINVAL
);
408 if (!blk_is_available(req
->dev
->conf
.blk
)) {
409 scsi_read_complete(r
, -ENOMEDIUM
);
415 if (first
&& r
->need_fua_emulation
) {
416 block_acct_start(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
, 0,
418 r
->req
.aiocb
= blk_aio_flush(s
->qdev
.conf
.blk
, scsi_do_read_cb
, r
);
425 * scsi_handle_rw_error has two return values. 0 means that the error
426 * must be ignored, 1 means that the error has been processed and the
427 * caller should not do anything else for this request. Note that
428 * scsi_handle_rw_error always manages its reference counts, independent
429 * of the return value.
431 static int scsi_handle_rw_error(SCSIDiskReq
*r
, int error
, bool acct_failed
)
433 bool is_read
= (r
->req
.cmd
.mode
== SCSI_XFER_FROM_DEV
);
434 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
435 BlockErrorAction action
= blk_get_error_action(s
->qdev
.conf
.blk
,
438 if (action
== BLOCK_ERROR_ACTION_REPORT
) {
440 block_acct_failed(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
);
444 scsi_check_condition(r
, SENSE_CODE(NO_MEDIUM
));
447 scsi_check_condition(r
, SENSE_CODE(TARGET_FAILURE
));
450 scsi_check_condition(r
, SENSE_CODE(INVALID_FIELD
));
453 scsi_check_condition(r
, SENSE_CODE(SPACE_ALLOC_FAILED
));
456 scsi_check_condition(r
, SENSE_CODE(IO_ERROR
));
460 blk_error_action(s
->qdev
.conf
.blk
, action
, is_read
, error
);
461 if (action
== BLOCK_ERROR_ACTION_STOP
) {
462 scsi_req_retry(&r
->req
);
464 return action
!= BLOCK_ERROR_ACTION_IGNORE
;
467 static void scsi_write_complete_noio(SCSIDiskReq
*r
, int ret
)
471 assert (r
->req
.aiocb
== NULL
);
472 if (scsi_disk_req_check_error(r
, ret
, false)) {
476 n
= r
->qiov
.size
/ 512;
478 r
->sector_count
-= n
;
479 if (r
->sector_count
== 0) {
480 scsi_write_do_fua(r
);
483 scsi_init_iovec(r
, SCSI_DMA_BUF_SIZE
);
484 DPRINTF("Write complete tag=0x%x more=%zd\n", r
->req
.tag
, r
->qiov
.size
);
485 scsi_req_data(&r
->req
, r
->qiov
.size
);
489 scsi_req_unref(&r
->req
);
492 static void scsi_write_complete(void * opaque
, int ret
)
494 SCSIDiskReq
*r
= (SCSIDiskReq
*)opaque
;
495 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
497 assert (r
->req
.aiocb
!= NULL
);
500 aio_context_acquire(blk_get_aio_context(s
->qdev
.conf
.blk
));
502 block_acct_failed(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
);
504 block_acct_done(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
);
506 scsi_write_complete_noio(r
, ret
);
507 aio_context_release(blk_get_aio_context(s
->qdev
.conf
.blk
));
510 static void scsi_write_data(SCSIRequest
*req
)
512 SCSIDiskReq
*r
= DO_UPCAST(SCSIDiskReq
, req
, req
);
513 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
514 SCSIDiskClass
*sdc
= (SCSIDiskClass
*) object_get_class(OBJECT(s
));
516 /* No data transfer may already be in progress */
517 assert(r
->req
.aiocb
== NULL
);
519 /* The request is used as the AIO opaque value, so add a ref. */
520 scsi_req_ref(&r
->req
);
521 if (r
->req
.cmd
.mode
!= SCSI_XFER_TO_DEV
) {
522 DPRINTF("Data transfer direction invalid\n");
523 scsi_write_complete_noio(r
, -EINVAL
);
527 if (!r
->req
.sg
&& !r
->qiov
.size
) {
528 /* Called for the first time. Ask the driver to send us more data. */
530 scsi_write_complete_noio(r
, 0);
533 if (!blk_is_available(req
->dev
->conf
.blk
)) {
534 scsi_write_complete_noio(r
, -ENOMEDIUM
);
538 if (r
->req
.cmd
.buf
[0] == VERIFY_10
|| r
->req
.cmd
.buf
[0] == VERIFY_12
||
539 r
->req
.cmd
.buf
[0] == VERIFY_16
) {
541 scsi_dma_complete_noio(r
, 0);
543 scsi_write_complete_noio(r
, 0);
549 dma_acct_start(s
->qdev
.conf
.blk
, &r
->acct
, r
->req
.sg
, BLOCK_ACCT_WRITE
);
550 r
->req
.resid
-= r
->req
.sg
->size
;
551 r
->req
.aiocb
= dma_blk_io(blk_get_aio_context(s
->qdev
.conf
.blk
),
552 r
->req
.sg
, r
->sector
<< BDRV_SECTOR_BITS
,
554 sdc
->dma_writev
, r
, scsi_dma_complete
, r
,
555 DMA_DIRECTION_TO_DEVICE
);
557 block_acct_start(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
,
558 r
->qiov
.size
, BLOCK_ACCT_WRITE
);
559 r
->req
.aiocb
= sdc
->dma_writev(r
->sector
<< BDRV_SECTOR_BITS
, &r
->qiov
,
560 scsi_write_complete
, r
, r
);
564 /* Return a pointer to the data buffer. */
565 static uint8_t *scsi_get_buf(SCSIRequest
*req
)
567 SCSIDiskReq
*r
= DO_UPCAST(SCSIDiskReq
, req
, req
);
569 return (uint8_t *)r
->iov
.iov_base
;
572 static int scsi_disk_emulate_inquiry(SCSIRequest
*req
, uint8_t *outbuf
)
574 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, req
->dev
);
578 if (req
->cmd
.buf
[1] & 0x1) {
579 /* Vital product data */
580 uint8_t page_code
= req
->cmd
.buf
[2];
582 outbuf
[buflen
++] = s
->qdev
.type
& 0x1f;
583 outbuf
[buflen
++] = page_code
; // this page
584 outbuf
[buflen
++] = 0x00;
585 outbuf
[buflen
++] = 0x00;
589 case 0x00: /* Supported page codes, mandatory */
591 DPRINTF("Inquiry EVPD[Supported pages] "
592 "buffer size %zd\n", req
->cmd
.xfer
);
593 outbuf
[buflen
++] = 0x00; // list of supported pages (this page)
595 outbuf
[buflen
++] = 0x80; // unit serial number
597 outbuf
[buflen
++] = 0x83; // device identification
598 if (s
->qdev
.type
== TYPE_DISK
) {
599 outbuf
[buflen
++] = 0xb0; // block limits
600 outbuf
[buflen
++] = 0xb2; // thin provisioning
604 case 0x80: /* Device serial number, optional */
609 DPRINTF("Inquiry (EVPD[Serial number] not supported\n");
613 l
= strlen(s
->serial
);
618 DPRINTF("Inquiry EVPD[Serial number] "
619 "buffer size %zd\n", req
->cmd
.xfer
);
620 memcpy(outbuf
+buflen
, s
->serial
, l
);
625 case 0x83: /* Device identification page, mandatory */
627 const char *str
= s
->serial
?: blk_name(s
->qdev
.conf
.blk
);
628 int max_len
= s
->serial
? 20 : 255 - 8;
629 int id_len
= strlen(str
);
631 if (id_len
> max_len
) {
634 DPRINTF("Inquiry EVPD[Device identification] "
635 "buffer size %zd\n", req
->cmd
.xfer
);
637 outbuf
[buflen
++] = 0x2; // ASCII
638 outbuf
[buflen
++] = 0; // not officially assigned
639 outbuf
[buflen
++] = 0; // reserved
640 outbuf
[buflen
++] = id_len
; // length of data following
641 memcpy(outbuf
+buflen
, str
, id_len
);
645 outbuf
[buflen
++] = 0x1; // Binary
646 outbuf
[buflen
++] = 0x3; // NAA
647 outbuf
[buflen
++] = 0; // reserved
648 outbuf
[buflen
++] = 8;
649 stq_be_p(&outbuf
[buflen
], s
->qdev
.wwn
);
653 if (s
->qdev
.port_wwn
) {
654 outbuf
[buflen
++] = 0x61; // SAS / Binary
655 outbuf
[buflen
++] = 0x93; // PIV / Target port / NAA
656 outbuf
[buflen
++] = 0; // reserved
657 outbuf
[buflen
++] = 8;
658 stq_be_p(&outbuf
[buflen
], s
->qdev
.port_wwn
);
663 outbuf
[buflen
++] = 0x61; // SAS / Binary
664 outbuf
[buflen
++] = 0x94; // PIV / Target port / relative target port
665 outbuf
[buflen
++] = 0; // reserved
666 outbuf
[buflen
++] = 4;
667 stw_be_p(&outbuf
[buflen
+ 2], s
->port_index
);
672 case 0xb0: /* block limits */
674 unsigned int unmap_sectors
=
675 s
->qdev
.conf
.discard_granularity
/ s
->qdev
.blocksize
;
676 unsigned int min_io_size
=
677 s
->qdev
.conf
.min_io_size
/ s
->qdev
.blocksize
;
678 unsigned int opt_io_size
=
679 s
->qdev
.conf
.opt_io_size
/ s
->qdev
.blocksize
;
680 unsigned int max_unmap_sectors
=
681 s
->max_unmap_size
/ s
->qdev
.blocksize
;
682 unsigned int max_io_sectors
=
683 s
->max_io_size
/ s
->qdev
.blocksize
;
685 if (s
->qdev
.type
== TYPE_ROM
) {
686 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
690 /* required VPD size with unmap support */
692 memset(outbuf
+ 4, 0, buflen
- 4);
694 outbuf
[4] = 0x1; /* wsnz */
696 /* optimal transfer length granularity */
697 outbuf
[6] = (min_io_size
>> 8) & 0xff;
698 outbuf
[7] = min_io_size
& 0xff;
700 /* maximum transfer length */
701 outbuf
[8] = (max_io_sectors
>> 24) & 0xff;
702 outbuf
[9] = (max_io_sectors
>> 16) & 0xff;
703 outbuf
[10] = (max_io_sectors
>> 8) & 0xff;
704 outbuf
[11] = max_io_sectors
& 0xff;
706 /* optimal transfer length */
707 outbuf
[12] = (opt_io_size
>> 24) & 0xff;
708 outbuf
[13] = (opt_io_size
>> 16) & 0xff;
709 outbuf
[14] = (opt_io_size
>> 8) & 0xff;
710 outbuf
[15] = opt_io_size
& 0xff;
712 /* max unmap LBA count, default is 1GB */
713 outbuf
[20] = (max_unmap_sectors
>> 24) & 0xff;
714 outbuf
[21] = (max_unmap_sectors
>> 16) & 0xff;
715 outbuf
[22] = (max_unmap_sectors
>> 8) & 0xff;
716 outbuf
[23] = max_unmap_sectors
& 0xff;
718 /* max unmap descriptors, 255 fit in 4 kb with an 8-byte header. */
724 /* optimal unmap granularity */
725 outbuf
[28] = (unmap_sectors
>> 24) & 0xff;
726 outbuf
[29] = (unmap_sectors
>> 16) & 0xff;
727 outbuf
[30] = (unmap_sectors
>> 8) & 0xff;
728 outbuf
[31] = unmap_sectors
& 0xff;
730 /* max write same size */
736 outbuf
[40] = (max_io_sectors
>> 24) & 0xff;
737 outbuf
[41] = (max_io_sectors
>> 16) & 0xff;
738 outbuf
[42] = (max_io_sectors
>> 8) & 0xff;
739 outbuf
[43] = max_io_sectors
& 0xff;
742 case 0xb2: /* thin provisioning */
746 outbuf
[5] = 0xe0; /* unmap & write_same 10/16 all supported */
747 outbuf
[6] = s
->qdev
.conf
.discard_granularity
? 2 : 1;
755 assert(buflen
- start
<= 255);
756 outbuf
[start
- 1] = buflen
- start
;
760 /* Standard INQUIRY data */
761 if (req
->cmd
.buf
[2] != 0) {
766 buflen
= req
->cmd
.xfer
;
767 if (buflen
> SCSI_MAX_INQUIRY_LEN
) {
768 buflen
= SCSI_MAX_INQUIRY_LEN
;
771 outbuf
[0] = s
->qdev
.type
& 0x1f;
772 outbuf
[1] = (s
->features
& (1 << SCSI_DISK_F_REMOVABLE
)) ? 0x80 : 0;
774 strpadcpy((char *) &outbuf
[16], 16, s
->product
, ' ');
775 strpadcpy((char *) &outbuf
[8], 8, s
->vendor
, ' ');
777 memset(&outbuf
[32], 0, 4);
778 memcpy(&outbuf
[32], s
->version
, MIN(4, strlen(s
->version
)));
780 * We claim conformance to SPC-3, which is required for guests
781 * to ask for modern features like READ CAPACITY(16) or the
782 * block characteristics VPD page by default. Not all of SPC-3
783 * is actually implemented, but we're good enough.
786 outbuf
[3] = 2 | 0x10; /* Format 2, HiSup */
789 outbuf
[4] = buflen
- 5; /* Additional Length = (Len - 1) - 4 */
791 /* If the allocation length of CDB is too small,
792 the additional length is not adjusted */
796 /* Sync data transfer and TCQ. */
797 outbuf
[7] = 0x10 | (req
->bus
->info
->tcq
? 0x02 : 0);
801 static inline bool media_is_dvd(SCSIDiskState
*s
)
804 if (s
->qdev
.type
!= TYPE_ROM
) {
807 if (!blk_is_available(s
->qdev
.conf
.blk
)) {
810 blk_get_geometry(s
->qdev
.conf
.blk
, &nb_sectors
);
811 return nb_sectors
> CD_MAX_SECTORS
;
814 static inline bool media_is_cd(SCSIDiskState
*s
)
817 if (s
->qdev
.type
!= TYPE_ROM
) {
820 if (!blk_is_available(s
->qdev
.conf
.blk
)) {
823 blk_get_geometry(s
->qdev
.conf
.blk
, &nb_sectors
);
824 return nb_sectors
<= CD_MAX_SECTORS
;
827 static int scsi_read_disc_information(SCSIDiskState
*s
, SCSIDiskReq
*r
,
830 uint8_t type
= r
->req
.cmd
.buf
[1] & 7;
832 if (s
->qdev
.type
!= TYPE_ROM
) {
836 /* Types 1/2 are only defined for Blu-Ray. */
838 scsi_check_condition(r
, SENSE_CODE(INVALID_FIELD
));
842 memset(outbuf
, 0, 34);
844 outbuf
[2] = 0xe; /* last session complete, disc finalized */
845 outbuf
[3] = 1; /* first track on disc */
846 outbuf
[4] = 1; /* # of sessions */
847 outbuf
[5] = 1; /* first track of last session */
848 outbuf
[6] = 1; /* last track of last session */
849 outbuf
[7] = 0x20; /* unrestricted use */
850 outbuf
[8] = 0x00; /* CD-ROM or DVD-ROM */
851 /* 9-10-11: most significant byte corresponding bytes 4-5-6 */
852 /* 12-23: not meaningful for CD-ROM or DVD-ROM */
853 /* 24-31: disc bar code */
854 /* 32: disc application code */
855 /* 33: number of OPC tables */
860 static int scsi_read_dvd_structure(SCSIDiskState
*s
, SCSIDiskReq
*r
,
863 static const int rds_caps_size
[5] = {
870 uint8_t media
= r
->req
.cmd
.buf
[1];
871 uint8_t layer
= r
->req
.cmd
.buf
[6];
872 uint8_t format
= r
->req
.cmd
.buf
[7];
875 if (s
->qdev
.type
!= TYPE_ROM
) {
879 scsi_check_condition(r
, SENSE_CODE(INVALID_FIELD
));
883 if (format
!= 0xff) {
884 if (!blk_is_available(s
->qdev
.conf
.blk
)) {
885 scsi_check_condition(r
, SENSE_CODE(NO_MEDIUM
));
888 if (media_is_cd(s
)) {
889 scsi_check_condition(r
, SENSE_CODE(INCOMPATIBLE_FORMAT
));
892 if (format
>= ARRAY_SIZE(rds_caps_size
)) {
895 size
= rds_caps_size
[format
];
896 memset(outbuf
, 0, size
);
901 /* Physical format information */
906 blk_get_geometry(s
->qdev
.conf
.blk
, &nb_sectors
);
908 outbuf
[4] = 1; /* DVD-ROM, part version 1 */
909 outbuf
[5] = 0xf; /* 120mm disc, minimum rate unspecified */
910 outbuf
[6] = 1; /* one layer, read-only (per MMC-2 spec) */
911 outbuf
[7] = 0; /* default densities */
913 stl_be_p(&outbuf
[12], (nb_sectors
>> 2) - 1); /* end sector */
914 stl_be_p(&outbuf
[16], (nb_sectors
>> 2) - 1); /* l0 end sector */
918 case 0x01: /* DVD copyright information, all zeros */
921 case 0x03: /* BCA information - invalid field for no BCA info */
924 case 0x04: /* DVD disc manufacturing information, all zeros */
927 case 0xff: { /* List capabilities */
930 for (i
= 0; i
< ARRAY_SIZE(rds_caps_size
); i
++) {
931 if (!rds_caps_size
[i
]) {
935 outbuf
[size
+ 1] = 0x40; /* Not writable, readable */
936 stw_be_p(&outbuf
[size
+ 2], rds_caps_size
[i
]);
946 /* Size of buffer, not including 2 byte size field */
947 stw_be_p(outbuf
, size
- 2);
954 static int scsi_event_status_media(SCSIDiskState
*s
, uint8_t *outbuf
)
956 uint8_t event_code
, media_status
;
960 media_status
= MS_TRAY_OPEN
;
961 } else if (blk_is_inserted(s
->qdev
.conf
.blk
)) {
962 media_status
= MS_MEDIA_PRESENT
;
965 /* Event notification descriptor */
966 event_code
= MEC_NO_CHANGE
;
967 if (media_status
!= MS_TRAY_OPEN
) {
968 if (s
->media_event
) {
969 event_code
= MEC_NEW_MEDIA
;
970 s
->media_event
= false;
971 } else if (s
->eject_request
) {
972 event_code
= MEC_EJECT_REQUESTED
;
973 s
->eject_request
= false;
977 outbuf
[0] = event_code
;
978 outbuf
[1] = media_status
;
980 /* These fields are reserved, just clear them. */
986 static int scsi_get_event_status_notification(SCSIDiskState
*s
, SCSIDiskReq
*r
,
990 uint8_t *buf
= r
->req
.cmd
.buf
;
991 uint8_t notification_class_request
= buf
[4];
992 if (s
->qdev
.type
!= TYPE_ROM
) {
995 if ((buf
[1] & 1) == 0) {
1001 outbuf
[0] = outbuf
[1] = 0;
1002 outbuf
[3] = 1 << GESN_MEDIA
; /* supported events */
1003 if (notification_class_request
& (1 << GESN_MEDIA
)) {
1004 outbuf
[2] = GESN_MEDIA
;
1005 size
+= scsi_event_status_media(s
, &outbuf
[size
]);
1009 stw_be_p(outbuf
, size
- 4);
1013 static int scsi_get_configuration(SCSIDiskState
*s
, uint8_t *outbuf
)
1017 if (s
->qdev
.type
!= TYPE_ROM
) {
1021 if (media_is_dvd(s
)) {
1022 current
= MMC_PROFILE_DVD_ROM
;
1023 } else if (media_is_cd(s
)) {
1024 current
= MMC_PROFILE_CD_ROM
;
1026 current
= MMC_PROFILE_NONE
;
1029 memset(outbuf
, 0, 40);
1030 stl_be_p(&outbuf
[0], 36); /* Bytes after the data length field */
1031 stw_be_p(&outbuf
[6], current
);
1032 /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */
1033 outbuf
[10] = 0x03; /* persistent, current */
1034 outbuf
[11] = 8; /* two profiles */
1035 stw_be_p(&outbuf
[12], MMC_PROFILE_DVD_ROM
);
1036 outbuf
[14] = (current
== MMC_PROFILE_DVD_ROM
);
1037 stw_be_p(&outbuf
[16], MMC_PROFILE_CD_ROM
);
1038 outbuf
[18] = (current
== MMC_PROFILE_CD_ROM
);
1039 /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */
1040 stw_be_p(&outbuf
[20], 1);
1041 outbuf
[22] = 0x08 | 0x03; /* version 2, persistent, current */
1043 stl_be_p(&outbuf
[24], 1); /* SCSI */
1044 outbuf
[28] = 1; /* DBE = 1, mandatory */
1045 /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */
1046 stw_be_p(&outbuf
[32], 3);
1047 outbuf
[34] = 0x08 | 0x03; /* version 2, persistent, current */
1049 outbuf
[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */
1050 /* TODO: Random readable, CD read, DVD read, drive serial number,
1055 static int scsi_emulate_mechanism_status(SCSIDiskState
*s
, uint8_t *outbuf
)
1057 if (s
->qdev
.type
!= TYPE_ROM
) {
1060 memset(outbuf
, 0, 8);
1061 outbuf
[5] = 1; /* CD-ROM */
1065 static int mode_sense_page(SCSIDiskState
*s
, int page
, uint8_t **p_outbuf
,
1068 static const int mode_sense_valid
[0x3f] = {
1069 [MODE_PAGE_HD_GEOMETRY
] = (1 << TYPE_DISK
),
1070 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY
] = (1 << TYPE_DISK
),
1071 [MODE_PAGE_CACHING
] = (1 << TYPE_DISK
) | (1 << TYPE_ROM
),
1072 [MODE_PAGE_R_W_ERROR
] = (1 << TYPE_DISK
) | (1 << TYPE_ROM
),
1073 [MODE_PAGE_AUDIO_CTL
] = (1 << TYPE_ROM
),
1074 [MODE_PAGE_CAPABILITIES
] = (1 << TYPE_ROM
),
1077 uint8_t *p
= *p_outbuf
+ 2;
1080 if ((mode_sense_valid
[page
] & (1 << s
->qdev
.type
)) == 0) {
1085 * If Changeable Values are requested, a mask denoting those mode parameters
1086 * that are changeable shall be returned. As we currently don't support
1087 * parameter changes via MODE_SELECT all bits are returned set to zero.
1088 * The buffer was already menset to zero by the caller of this function.
1090 * The offsets here are off by two compared to the descriptions in the
1091 * SCSI specs, because those include a 2-byte header. This is unfortunate,
1092 * but it is done so that offsets are consistent within our implementation
1093 * of MODE SENSE and MODE SELECT. MODE SELECT has to deal with both
1094 * 2-byte and 4-byte headers.
1097 case MODE_PAGE_HD_GEOMETRY
:
1099 if (page_control
== 1) { /* Changeable Values */
1102 /* if a geometry hint is available, use it */
1103 p
[0] = (s
->qdev
.conf
.cyls
>> 16) & 0xff;
1104 p
[1] = (s
->qdev
.conf
.cyls
>> 8) & 0xff;
1105 p
[2] = s
->qdev
.conf
.cyls
& 0xff;
1106 p
[3] = s
->qdev
.conf
.heads
& 0xff;
1107 /* Write precomp start cylinder, disabled */
1108 p
[4] = (s
->qdev
.conf
.cyls
>> 16) & 0xff;
1109 p
[5] = (s
->qdev
.conf
.cyls
>> 8) & 0xff;
1110 p
[6] = s
->qdev
.conf
.cyls
& 0xff;
1111 /* Reduced current start cylinder, disabled */
1112 p
[7] = (s
->qdev
.conf
.cyls
>> 16) & 0xff;
1113 p
[8] = (s
->qdev
.conf
.cyls
>> 8) & 0xff;
1114 p
[9] = s
->qdev
.conf
.cyls
& 0xff;
1115 /* Device step rate [ns], 200ns */
1118 /* Landing zone cylinder */
1122 /* Medium rotation rate [rpm], 5400 rpm */
1123 p
[18] = (5400 >> 8) & 0xff;
1124 p
[19] = 5400 & 0xff;
1127 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY
:
1129 if (page_control
== 1) { /* Changeable Values */
1132 /* Transfer rate [kbit/s], 5Mbit/s */
1135 /* if a geometry hint is available, use it */
1136 p
[2] = s
->qdev
.conf
.heads
& 0xff;
1137 p
[3] = s
->qdev
.conf
.secs
& 0xff;
1138 p
[4] = s
->qdev
.blocksize
>> 8;
1139 p
[6] = (s
->qdev
.conf
.cyls
>> 8) & 0xff;
1140 p
[7] = s
->qdev
.conf
.cyls
& 0xff;
1141 /* Write precomp start cylinder, disabled */
1142 p
[8] = (s
->qdev
.conf
.cyls
>> 8) & 0xff;
1143 p
[9] = s
->qdev
.conf
.cyls
& 0xff;
1144 /* Reduced current start cylinder, disabled */
1145 p
[10] = (s
->qdev
.conf
.cyls
>> 8) & 0xff;
1146 p
[11] = s
->qdev
.conf
.cyls
& 0xff;
1147 /* Device step rate [100us], 100us */
1150 /* Device step pulse width [us], 1us */
1152 /* Device head settle delay [100us], 100us */
1155 /* Motor on delay [0.1s], 0.1s */
1157 /* Motor off delay [0.1s], 0.1s */
1159 /* Medium rotation rate [rpm], 5400 rpm */
1160 p
[26] = (5400 >> 8) & 0xff;
1161 p
[27] = 5400 & 0xff;
1164 case MODE_PAGE_CACHING
:
1166 if (page_control
== 1 || /* Changeable Values */
1167 blk_enable_write_cache(s
->qdev
.conf
.blk
)) {
1172 case MODE_PAGE_R_W_ERROR
:
1174 if (page_control
== 1) { /* Changeable Values */
1177 p
[0] = 0x80; /* Automatic Write Reallocation Enabled */
1178 if (s
->qdev
.type
== TYPE_ROM
) {
1179 p
[1] = 0x20; /* Read Retry Count */
1183 case MODE_PAGE_AUDIO_CTL
:
1187 case MODE_PAGE_CAPABILITIES
:
1189 if (page_control
== 1) { /* Changeable Values */
1193 p
[0] = 0x3b; /* CD-R & CD-RW read */
1194 p
[1] = 0; /* Writing not supported */
1195 p
[2] = 0x7f; /* Audio, composite, digital out,
1196 mode 2 form 1&2, multi session */
1197 p
[3] = 0xff; /* CD DA, DA accurate, RW supported,
1198 RW corrected, C2 errors, ISRC,
1200 p
[4] = 0x2d | (s
->tray_locked
? 2 : 0);
1201 /* Locking supported, jumper present, eject, tray */
1202 p
[5] = 0; /* no volume & mute control, no
1204 p
[6] = (50 * 176) >> 8; /* 50x read speed */
1205 p
[7] = (50 * 176) & 0xff;
1206 p
[8] = 2 >> 8; /* Two volume levels */
1208 p
[10] = 2048 >> 8; /* 2M buffer */
1209 p
[11] = 2048 & 0xff;
1210 p
[12] = (16 * 176) >> 8; /* 16x read speed current */
1211 p
[13] = (16 * 176) & 0xff;
1212 p
[16] = (16 * 176) >> 8; /* 16x write speed */
1213 p
[17] = (16 * 176) & 0xff;
1214 p
[18] = (16 * 176) >> 8; /* 16x write speed current */
1215 p
[19] = (16 * 176) & 0xff;
1222 assert(length
< 256);
1223 (*p_outbuf
)[0] = page
;
1224 (*p_outbuf
)[1] = length
;
1225 *p_outbuf
+= length
+ 2;
1229 static int scsi_disk_emulate_mode_sense(SCSIDiskReq
*r
, uint8_t *outbuf
)
1231 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
1232 uint64_t nb_sectors
;
1234 int page
, buflen
, ret
, page_control
;
1236 uint8_t dev_specific_param
;
1238 dbd
= (r
->req
.cmd
.buf
[1] & 0x8) != 0;
1239 page
= r
->req
.cmd
.buf
[2] & 0x3f;
1240 page_control
= (r
->req
.cmd
.buf
[2] & 0xc0) >> 6;
1241 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
1242 (r
->req
.cmd
.buf
[0] == MODE_SENSE
) ? 6 : 10, page
, r
->req
.cmd
.xfer
, page_control
);
1243 memset(outbuf
, 0, r
->req
.cmd
.xfer
);
1246 if (s
->qdev
.type
== TYPE_DISK
) {
1247 dev_specific_param
= s
->features
& (1 << SCSI_DISK_F_DPOFUA
) ? 0x10 : 0;
1248 if (blk_is_read_only(s
->qdev
.conf
.blk
)) {
1249 dev_specific_param
|= 0x80; /* Readonly. */
1252 /* MMC prescribes that CD/DVD drives have no block descriptors,
1253 * and defines no device-specific parameter. */
1254 dev_specific_param
= 0x00;
1258 if (r
->req
.cmd
.buf
[0] == MODE_SENSE
) {
1259 p
[1] = 0; /* Default media type. */
1260 p
[2] = dev_specific_param
;
1261 p
[3] = 0; /* Block descriptor length. */
1263 } else { /* MODE_SENSE_10 */
1264 p
[2] = 0; /* Default media type. */
1265 p
[3] = dev_specific_param
;
1266 p
[6] = p
[7] = 0; /* Block descriptor length. */
1270 blk_get_geometry(s
->qdev
.conf
.blk
, &nb_sectors
);
1271 if (!dbd
&& nb_sectors
) {
1272 if (r
->req
.cmd
.buf
[0] == MODE_SENSE
) {
1273 outbuf
[3] = 8; /* Block descriptor length */
1274 } else { /* MODE_SENSE_10 */
1275 outbuf
[7] = 8; /* Block descriptor length */
1277 nb_sectors
/= (s
->qdev
.blocksize
/ 512);
1278 if (nb_sectors
> 0xffffff) {
1281 p
[0] = 0; /* media density code */
1282 p
[1] = (nb_sectors
>> 16) & 0xff;
1283 p
[2] = (nb_sectors
>> 8) & 0xff;
1284 p
[3] = nb_sectors
& 0xff;
1285 p
[4] = 0; /* reserved */
1286 p
[5] = 0; /* bytes 5-7 are the sector size in bytes */
1287 p
[6] = s
->qdev
.blocksize
>> 8;
1292 if (page_control
== 3) {
1294 scsi_check_condition(r
, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED
));
1299 for (page
= 0; page
<= 0x3e; page
++) {
1300 mode_sense_page(s
, page
, &p
, page_control
);
1303 ret
= mode_sense_page(s
, page
, &p
, page_control
);
1309 buflen
= p
- outbuf
;
1311 * The mode data length field specifies the length in bytes of the
1312 * following data that is available to be transferred. The mode data
1313 * length does not include itself.
1315 if (r
->req
.cmd
.buf
[0] == MODE_SENSE
) {
1316 outbuf
[0] = buflen
- 1;
1317 } else { /* MODE_SENSE_10 */
1318 outbuf
[0] = ((buflen
- 2) >> 8) & 0xff;
1319 outbuf
[1] = (buflen
- 2) & 0xff;
1324 static int scsi_disk_emulate_read_toc(SCSIRequest
*req
, uint8_t *outbuf
)
1326 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, req
->dev
);
1327 int start_track
, format
, msf
, toclen
;
1328 uint64_t nb_sectors
;
1330 msf
= req
->cmd
.buf
[1] & 2;
1331 format
= req
->cmd
.buf
[2] & 0xf;
1332 start_track
= req
->cmd
.buf
[6];
1333 blk_get_geometry(s
->qdev
.conf
.blk
, &nb_sectors
);
1334 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track
, format
, msf
>> 1);
1335 nb_sectors
/= s
->qdev
.blocksize
/ 512;
1338 toclen
= cdrom_read_toc(nb_sectors
, outbuf
, msf
, start_track
);
1341 /* multi session : only a single session defined */
1343 memset(outbuf
, 0, 12);
1349 toclen
= cdrom_read_toc_raw(nb_sectors
, outbuf
, msf
, start_track
);
1357 static int scsi_disk_emulate_start_stop(SCSIDiskReq
*r
)
1359 SCSIRequest
*req
= &r
->req
;
1360 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, req
->dev
);
1361 bool start
= req
->cmd
.buf
[4] & 1;
1362 bool loej
= req
->cmd
.buf
[4] & 2; /* load on start, eject on !start */
1363 int pwrcnd
= req
->cmd
.buf
[4] & 0xf0;
1366 /* eject/load only happens for power condition == 0 */
1370 if ((s
->features
& (1 << SCSI_DISK_F_REMOVABLE
)) && loej
) {
1371 if (!start
&& !s
->tray_open
&& s
->tray_locked
) {
1372 scsi_check_condition(r
,
1373 blk_is_inserted(s
->qdev
.conf
.blk
)
1374 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED
)
1375 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED
));
1379 if (s
->tray_open
!= !start
) {
1380 blk_eject(s
->qdev
.conf
.blk
, !start
);
1381 s
->tray_open
= !start
;
1387 static void scsi_disk_emulate_read_data(SCSIRequest
*req
)
1389 SCSIDiskReq
*r
= DO_UPCAST(SCSIDiskReq
, req
, req
);
1390 int buflen
= r
->iov
.iov_len
;
1393 DPRINTF("Read buf_len=%d\n", buflen
);
1396 scsi_req_data(&r
->req
, buflen
);
1400 /* This also clears the sense buffer for REQUEST SENSE. */
1401 scsi_req_complete(&r
->req
, GOOD
);
1404 static int scsi_disk_check_mode_select(SCSIDiskState
*s
, int page
,
1405 uint8_t *inbuf
, int inlen
)
1407 uint8_t mode_current
[SCSI_MAX_MODE_LEN
];
1408 uint8_t mode_changeable
[SCSI_MAX_MODE_LEN
];
1410 int len
, expected_len
, changeable_len
, i
;
1412 /* The input buffer does not include the page header, so it is
1415 expected_len
= inlen
+ 2;
1416 if (expected_len
> SCSI_MAX_MODE_LEN
) {
1421 memset(mode_current
, 0, inlen
+ 2);
1422 len
= mode_sense_page(s
, page
, &p
, 0);
1423 if (len
< 0 || len
!= expected_len
) {
1427 p
= mode_changeable
;
1428 memset(mode_changeable
, 0, inlen
+ 2);
1429 changeable_len
= mode_sense_page(s
, page
, &p
, 1);
1430 assert(changeable_len
== len
);
1432 /* Check that unchangeable bits are the same as what MODE SENSE
1435 for (i
= 2; i
< len
; i
++) {
1436 if (((mode_current
[i
] ^ inbuf
[i
- 2]) & ~mode_changeable
[i
]) != 0) {
1443 static void scsi_disk_apply_mode_select(SCSIDiskState
*s
, int page
, uint8_t *p
)
1446 case MODE_PAGE_CACHING
:
1447 blk_set_enable_write_cache(s
->qdev
.conf
.blk
, (p
[0] & 4) != 0);
1455 static int mode_select_pages(SCSIDiskReq
*r
, uint8_t *p
, int len
, bool change
)
1457 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
1460 int page
, subpage
, page_len
;
1462 /* Parse both possible formats for the mode page headers. */
1466 goto invalid_param_len
;
1469 page_len
= lduw_be_p(&p
[2]);
1474 goto invalid_param_len
;
1485 if (page_len
> len
) {
1486 goto invalid_param_len
;
1490 if (scsi_disk_check_mode_select(s
, page
, p
, page_len
) < 0) {
1494 scsi_disk_apply_mode_select(s
, page
, p
);
1503 scsi_check_condition(r
, SENSE_CODE(INVALID_PARAM
));
1507 scsi_check_condition(r
, SENSE_CODE(INVALID_PARAM_LEN
));
1511 static void scsi_disk_emulate_mode_select(SCSIDiskReq
*r
, uint8_t *inbuf
)
1513 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
1515 int cmd
= r
->req
.cmd
.buf
[0];
1516 int len
= r
->req
.cmd
.xfer
;
1517 int hdr_len
= (cmd
== MODE_SELECT
? 4 : 8);
1521 /* We only support PF=1, SP=0. */
1522 if ((r
->req
.cmd
.buf
[1] & 0x11) != 0x10) {
1526 if (len
< hdr_len
) {
1527 goto invalid_param_len
;
1530 bd_len
= (cmd
== MODE_SELECT
? p
[3] : lduw_be_p(&p
[6]));
1534 goto invalid_param_len
;
1536 if (bd_len
!= 0 && bd_len
!= 8) {
1543 /* Ensure no change is made if there is an error! */
1544 for (pass
= 0; pass
< 2; pass
++) {
1545 if (mode_select_pages(r
, p
, len
, pass
== 1) < 0) {
1550 if (!blk_enable_write_cache(s
->qdev
.conf
.blk
)) {
1551 /* The request is used as the AIO opaque value, so add a ref. */
1552 scsi_req_ref(&r
->req
);
1553 block_acct_start(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
, 0,
1555 r
->req
.aiocb
= blk_aio_flush(s
->qdev
.conf
.blk
, scsi_aio_complete
, r
);
1559 scsi_req_complete(&r
->req
, GOOD
);
1563 scsi_check_condition(r
, SENSE_CODE(INVALID_PARAM
));
1567 scsi_check_condition(r
, SENSE_CODE(INVALID_PARAM_LEN
));
1571 scsi_check_condition(r
, SENSE_CODE(INVALID_FIELD
));
1574 static inline bool check_lba_range(SCSIDiskState
*s
,
1575 uint64_t sector_num
, uint32_t nb_sectors
)
1578 * The first line tests that no overflow happens when computing the last
1579 * sector. The second line tests that the last accessed sector is in
1582 * Careful, the computations should not underflow for nb_sectors == 0,
1583 * and a 0-block read to the first LBA beyond the end of device is
1586 return (sector_num
<= sector_num
+ nb_sectors
&&
1587 sector_num
+ nb_sectors
<= s
->qdev
.max_lba
+ 1);
1590 typedef struct UnmapCBData
{
1596 static void scsi_unmap_complete(void *opaque
, int ret
);
1598 static void scsi_unmap_complete_noio(UnmapCBData
*data
, int ret
)
1600 SCSIDiskReq
*r
= data
->r
;
1601 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
1602 uint64_t sector_num
;
1603 uint32_t nb_sectors
;
1605 assert(r
->req
.aiocb
== NULL
);
1606 if (scsi_disk_req_check_error(r
, ret
, false)) {
1610 if (data
->count
> 0) {
1611 sector_num
= ldq_be_p(&data
->inbuf
[0]);
1612 nb_sectors
= ldl_be_p(&data
->inbuf
[8]) & 0xffffffffULL
;
1613 if (!check_lba_range(s
, sector_num
, nb_sectors
)) {
1614 scsi_check_condition(r
, SENSE_CODE(LBA_OUT_OF_RANGE
));
1618 r
->req
.aiocb
= blk_aio_pdiscard(s
->qdev
.conf
.blk
,
1619 sector_num
* s
->qdev
.blocksize
,
1620 nb_sectors
* s
->qdev
.blocksize
,
1621 scsi_unmap_complete
, data
);
1627 scsi_req_complete(&r
->req
, GOOD
);
1630 scsi_req_unref(&r
->req
);
1634 static void scsi_unmap_complete(void *opaque
, int ret
)
1636 UnmapCBData
*data
= opaque
;
1637 SCSIDiskReq
*r
= data
->r
;
1638 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
1640 assert(r
->req
.aiocb
!= NULL
);
1641 r
->req
.aiocb
= NULL
;
1643 aio_context_acquire(blk_get_aio_context(s
->qdev
.conf
.blk
));
1644 scsi_unmap_complete_noio(data
, ret
);
1645 aio_context_release(blk_get_aio_context(s
->qdev
.conf
.blk
));
1648 static void scsi_disk_emulate_unmap(SCSIDiskReq
*r
, uint8_t *inbuf
)
1650 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
1652 int len
= r
->req
.cmd
.xfer
;
1655 /* Reject ANCHOR=1. */
1656 if (r
->req
.cmd
.buf
[1] & 0x1) {
1661 goto invalid_param_len
;
1663 if (len
< lduw_be_p(&p
[0]) + 2) {
1664 goto invalid_param_len
;
1666 if (len
< lduw_be_p(&p
[2]) + 8) {
1667 goto invalid_param_len
;
1669 if (lduw_be_p(&p
[2]) & 15) {
1670 goto invalid_param_len
;
1673 if (blk_is_read_only(s
->qdev
.conf
.blk
)) {
1674 scsi_check_condition(r
, SENSE_CODE(WRITE_PROTECTED
));
1678 data
= g_new0(UnmapCBData
, 1);
1680 data
->inbuf
= &p
[8];
1681 data
->count
= lduw_be_p(&p
[2]) >> 4;
1683 /* The matching unref is in scsi_unmap_complete, before data is freed. */
1684 scsi_req_ref(&r
->req
);
1685 scsi_unmap_complete_noio(data
, 0);
1689 scsi_check_condition(r
, SENSE_CODE(INVALID_PARAM_LEN
));
1693 scsi_check_condition(r
, SENSE_CODE(INVALID_FIELD
));
1696 typedef struct WriteSameCBData
{
1704 static void scsi_write_same_complete(void *opaque
, int ret
)
1706 WriteSameCBData
*data
= opaque
;
1707 SCSIDiskReq
*r
= data
->r
;
1708 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
1710 assert(r
->req
.aiocb
!= NULL
);
1711 r
->req
.aiocb
= NULL
;
1712 aio_context_acquire(blk_get_aio_context(s
->qdev
.conf
.blk
));
1713 if (scsi_disk_req_check_error(r
, ret
, true)) {
1717 block_acct_done(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
);
1719 data
->nb_sectors
-= data
->iov
.iov_len
/ 512;
1720 data
->sector
+= data
->iov
.iov_len
/ 512;
1721 data
->iov
.iov_len
= MIN(data
->nb_sectors
* 512, data
->iov
.iov_len
);
1722 if (data
->iov
.iov_len
) {
1723 block_acct_start(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
,
1724 data
->iov
.iov_len
, BLOCK_ACCT_WRITE
);
1725 /* Reinitialize qiov, to handle unaligned WRITE SAME request
1726 * where final qiov may need smaller size */
1727 qemu_iovec_init_external(&data
->qiov
, &data
->iov
, 1);
1728 r
->req
.aiocb
= blk_aio_pwritev(s
->qdev
.conf
.blk
,
1729 data
->sector
<< BDRV_SECTOR_BITS
,
1731 scsi_write_same_complete
, data
);
1735 scsi_req_complete(&r
->req
, GOOD
);
1738 scsi_req_unref(&r
->req
);
1739 qemu_vfree(data
->iov
.iov_base
);
1741 aio_context_release(blk_get_aio_context(s
->qdev
.conf
.blk
));
1744 static void scsi_disk_emulate_write_same(SCSIDiskReq
*r
, uint8_t *inbuf
)
1746 SCSIRequest
*req
= &r
->req
;
1747 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, req
->dev
);
1748 uint32_t nb_sectors
= scsi_data_cdb_xfer(r
->req
.cmd
.buf
);
1749 WriteSameCBData
*data
;
1753 /* Fail if PBDATA=1 or LBDATA=1 or ANCHOR=1. */
1754 if (nb_sectors
== 0 || (req
->cmd
.buf
[1] & 0x16)) {
1755 scsi_check_condition(r
, SENSE_CODE(INVALID_FIELD
));
1759 if (blk_is_read_only(s
->qdev
.conf
.blk
)) {
1760 scsi_check_condition(r
, SENSE_CODE(WRITE_PROTECTED
));
1763 if (!check_lba_range(s
, r
->req
.cmd
.lba
, nb_sectors
)) {
1764 scsi_check_condition(r
, SENSE_CODE(LBA_OUT_OF_RANGE
));
1768 if (buffer_is_zero(inbuf
, s
->qdev
.blocksize
)) {
1769 int flags
= (req
->cmd
.buf
[1] & 0x8) ? BDRV_REQ_MAY_UNMAP
: 0;
1771 /* The request is used as the AIO opaque value, so add a ref. */
1772 scsi_req_ref(&r
->req
);
1773 block_acct_start(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
,
1774 nb_sectors
* s
->qdev
.blocksize
,
1776 r
->req
.aiocb
= blk_aio_pwrite_zeroes(s
->qdev
.conf
.blk
,
1777 r
->req
.cmd
.lba
* s
->qdev
.blocksize
,
1778 nb_sectors
* s
->qdev
.blocksize
,
1779 flags
, scsi_aio_complete
, r
);
1783 data
= g_new0(WriteSameCBData
, 1);
1785 data
->sector
= r
->req
.cmd
.lba
* (s
->qdev
.blocksize
/ 512);
1786 data
->nb_sectors
= nb_sectors
* (s
->qdev
.blocksize
/ 512);
1787 data
->iov
.iov_len
= MIN(data
->nb_sectors
* 512, SCSI_WRITE_SAME_MAX
);
1788 data
->iov
.iov_base
= buf
= blk_blockalign(s
->qdev
.conf
.blk
,
1790 qemu_iovec_init_external(&data
->qiov
, &data
->iov
, 1);
1792 for (i
= 0; i
< data
->iov
.iov_len
; i
+= s
->qdev
.blocksize
) {
1793 memcpy(&buf
[i
], inbuf
, s
->qdev
.blocksize
);
1796 scsi_req_ref(&r
->req
);
1797 block_acct_start(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
,
1798 data
->iov
.iov_len
, BLOCK_ACCT_WRITE
);
1799 r
->req
.aiocb
= blk_aio_pwritev(s
->qdev
.conf
.blk
,
1800 data
->sector
<< BDRV_SECTOR_BITS
,
1802 scsi_write_same_complete
, data
);
1805 static void scsi_disk_emulate_write_data(SCSIRequest
*req
)
1807 SCSIDiskReq
*r
= DO_UPCAST(SCSIDiskReq
, req
, req
);
1809 if (r
->iov
.iov_len
) {
1810 int buflen
= r
->iov
.iov_len
;
1811 DPRINTF("Write buf_len=%d\n", buflen
);
1813 scsi_req_data(&r
->req
, buflen
);
1817 switch (req
->cmd
.buf
[0]) {
1819 case MODE_SELECT_10
:
1820 /* This also clears the sense buffer for REQUEST SENSE. */
1821 scsi_disk_emulate_mode_select(r
, r
->iov
.iov_base
);
1825 scsi_disk_emulate_unmap(r
, r
->iov
.iov_base
);
1831 if (r
->req
.status
== -1) {
1832 scsi_check_condition(r
, SENSE_CODE(INVALID_FIELD
));
1838 scsi_disk_emulate_write_same(r
, r
->iov
.iov_base
);
1846 static int32_t scsi_disk_emulate_command(SCSIRequest
*req
, uint8_t *buf
)
1848 SCSIDiskReq
*r
= DO_UPCAST(SCSIDiskReq
, req
, req
);
1849 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, req
->dev
);
1850 uint64_t nb_sectors
;
1854 switch (req
->cmd
.buf
[0]) {
1863 case ALLOW_MEDIUM_REMOVAL
:
1864 case GET_CONFIGURATION
:
1865 case GET_EVENT_STATUS_NOTIFICATION
:
1866 case MECHANISM_STATUS
:
1871 if (!blk_is_available(s
->qdev
.conf
.blk
)) {
1872 scsi_check_condition(r
, SENSE_CODE(NO_MEDIUM
));
1879 * FIXME: we shouldn't return anything bigger than 4k, but the code
1880 * requires the buffer to be as big as req->cmd.xfer in several
1881 * places. So, do not allow CDBs with a very large ALLOCATION
1882 * LENGTH. The real fix would be to modify scsi_read_data and
1883 * dma_buf_read, so that they return data beyond the buflen
1886 if (req
->cmd
.xfer
> 65536) {
1887 goto illegal_request
;
1889 r
->buflen
= MAX(4096, req
->cmd
.xfer
);
1891 if (!r
->iov
.iov_base
) {
1892 r
->iov
.iov_base
= blk_blockalign(s
->qdev
.conf
.blk
, r
->buflen
);
1895 buflen
= req
->cmd
.xfer
;
1896 outbuf
= r
->iov
.iov_base
;
1897 memset(outbuf
, 0, r
->buflen
);
1898 switch (req
->cmd
.buf
[0]) {
1899 case TEST_UNIT_READY
:
1900 assert(blk_is_available(s
->qdev
.conf
.blk
));
1903 buflen
= scsi_disk_emulate_inquiry(req
, outbuf
);
1905 goto illegal_request
;
1910 buflen
= scsi_disk_emulate_mode_sense(r
, outbuf
);
1912 goto illegal_request
;
1916 buflen
= scsi_disk_emulate_read_toc(req
, outbuf
);
1918 goto illegal_request
;
1922 if (req
->cmd
.buf
[1] & 1) {
1923 goto illegal_request
;
1927 if (req
->cmd
.buf
[1] & 3) {
1928 goto illegal_request
;
1932 if (req
->cmd
.buf
[1] & 1) {
1933 goto illegal_request
;
1937 if (req
->cmd
.buf
[1] & 3) {
1938 goto illegal_request
;
1942 if (scsi_disk_emulate_start_stop(r
) < 0) {
1946 case ALLOW_MEDIUM_REMOVAL
:
1947 s
->tray_locked
= req
->cmd
.buf
[4] & 1;
1948 blk_lock_medium(s
->qdev
.conf
.blk
, req
->cmd
.buf
[4] & 1);
1950 case READ_CAPACITY_10
:
1951 /* The normal LEN field for this command is zero. */
1952 memset(outbuf
, 0, 8);
1953 blk_get_geometry(s
->qdev
.conf
.blk
, &nb_sectors
);
1955 scsi_check_condition(r
, SENSE_CODE(LUN_NOT_READY
));
1958 if ((req
->cmd
.buf
[8] & 1) == 0 && req
->cmd
.lba
) {
1959 goto illegal_request
;
1961 nb_sectors
/= s
->qdev
.blocksize
/ 512;
1962 /* Returned value is the address of the last sector. */
1964 /* Remember the new size for read/write sanity checking. */
1965 s
->qdev
.max_lba
= nb_sectors
;
1966 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
1967 if (nb_sectors
> UINT32_MAX
) {
1968 nb_sectors
= UINT32_MAX
;
1970 outbuf
[0] = (nb_sectors
>> 24) & 0xff;
1971 outbuf
[1] = (nb_sectors
>> 16) & 0xff;
1972 outbuf
[2] = (nb_sectors
>> 8) & 0xff;
1973 outbuf
[3] = nb_sectors
& 0xff;
1976 outbuf
[6] = s
->qdev
.blocksize
>> 8;
1980 /* Just return "NO SENSE". */
1981 buflen
= scsi_build_sense(NULL
, 0, outbuf
, r
->buflen
,
1982 (req
->cmd
.buf
[1] & 1) == 0);
1984 goto illegal_request
;
1987 case MECHANISM_STATUS
:
1988 buflen
= scsi_emulate_mechanism_status(s
, outbuf
);
1990 goto illegal_request
;
1993 case GET_CONFIGURATION
:
1994 buflen
= scsi_get_configuration(s
, outbuf
);
1996 goto illegal_request
;
1999 case GET_EVENT_STATUS_NOTIFICATION
:
2000 buflen
= scsi_get_event_status_notification(s
, r
, outbuf
);
2002 goto illegal_request
;
2005 case READ_DISC_INFORMATION
:
2006 buflen
= scsi_read_disc_information(s
, r
, outbuf
);
2008 goto illegal_request
;
2011 case READ_DVD_STRUCTURE
:
2012 buflen
= scsi_read_dvd_structure(s
, r
, outbuf
);
2014 goto illegal_request
;
2017 case SERVICE_ACTION_IN_16
:
2018 /* Service Action In subcommands. */
2019 if ((req
->cmd
.buf
[1] & 31) == SAI_READ_CAPACITY_16
) {
2020 DPRINTF("SAI READ CAPACITY(16)\n");
2021 memset(outbuf
, 0, req
->cmd
.xfer
);
2022 blk_get_geometry(s
->qdev
.conf
.blk
, &nb_sectors
);
2024 scsi_check_condition(r
, SENSE_CODE(LUN_NOT_READY
));
2027 if ((req
->cmd
.buf
[14] & 1) == 0 && req
->cmd
.lba
) {
2028 goto illegal_request
;
2030 nb_sectors
/= s
->qdev
.blocksize
/ 512;
2031 /* Returned value is the address of the last sector. */
2033 /* Remember the new size for read/write sanity checking. */
2034 s
->qdev
.max_lba
= nb_sectors
;
2035 outbuf
[0] = (nb_sectors
>> 56) & 0xff;
2036 outbuf
[1] = (nb_sectors
>> 48) & 0xff;
2037 outbuf
[2] = (nb_sectors
>> 40) & 0xff;
2038 outbuf
[3] = (nb_sectors
>> 32) & 0xff;
2039 outbuf
[4] = (nb_sectors
>> 24) & 0xff;
2040 outbuf
[5] = (nb_sectors
>> 16) & 0xff;
2041 outbuf
[6] = (nb_sectors
>> 8) & 0xff;
2042 outbuf
[7] = nb_sectors
& 0xff;
2045 outbuf
[10] = s
->qdev
.blocksize
>> 8;
2048 outbuf
[13] = get_physical_block_exp(&s
->qdev
.conf
);
2050 /* set TPE bit if the format supports discard */
2051 if (s
->qdev
.conf
.discard_granularity
) {
2055 /* Protection, exponent and lowest lba field left blank. */
2058 DPRINTF("Unsupported Service Action In\n");
2059 goto illegal_request
;
2060 case SYNCHRONIZE_CACHE
:
2061 /* The request is used as the AIO opaque value, so add a ref. */
2062 scsi_req_ref(&r
->req
);
2063 block_acct_start(blk_get_stats(s
->qdev
.conf
.blk
), &r
->acct
, 0,
2065 r
->req
.aiocb
= blk_aio_flush(s
->qdev
.conf
.blk
, scsi_aio_complete
, r
);
2068 DPRINTF("Seek(10) (sector %" PRId64
")\n", r
->req
.cmd
.lba
);
2069 if (r
->req
.cmd
.lba
> s
->qdev
.max_lba
) {
2074 DPRINTF("Mode Select(6) (len %lu)\n", (unsigned long)r
->req
.cmd
.xfer
);
2076 case MODE_SELECT_10
:
2077 DPRINTF("Mode Select(10) (len %lu)\n", (unsigned long)r
->req
.cmd
.xfer
);
2080 DPRINTF("Unmap (len %lu)\n", (unsigned long)r
->req
.cmd
.xfer
);
2085 DPRINTF("Verify (bytchk %d)\n", (req
->cmd
.buf
[1] >> 1) & 3);
2086 if (req
->cmd
.buf
[1] & 6) {
2087 goto illegal_request
;
2092 DPRINTF("WRITE SAME %d (len %lu)\n",
2093 req
->cmd
.buf
[0] == WRITE_SAME_10
? 10 : 16,
2094 (unsigned long)r
->req
.cmd
.xfer
);
2097 DPRINTF("Unknown SCSI command (%2.2x=%s)\n", buf
[0],
2098 scsi_command_name(buf
[0]));
2099 scsi_check_condition(r
, SENSE_CODE(INVALID_OPCODE
));
2102 assert(!r
->req
.aiocb
);
2103 r
->iov
.iov_len
= MIN(r
->buflen
, req
->cmd
.xfer
);
2104 if (r
->iov
.iov_len
== 0) {
2105 scsi_req_complete(&r
->req
, GOOD
);
2107 if (r
->req
.cmd
.mode
== SCSI_XFER_TO_DEV
) {
2108 assert(r
->iov
.iov_len
== req
->cmd
.xfer
);
2109 return -r
->iov
.iov_len
;
2111 return r
->iov
.iov_len
;
2115 if (r
->req
.status
== -1) {
2116 scsi_check_condition(r
, SENSE_CODE(INVALID_FIELD
));
2121 scsi_check_condition(r
, SENSE_CODE(LBA_OUT_OF_RANGE
));
2125 /* Execute a scsi command. Returns the length of the data expected by the
2126 command. This will be Positive for data transfers from the device
2127 (eg. disk reads), negative for transfers to the device (eg. disk writes),
2128 and zero if the command does not transfer any data. */
2130 static int32_t scsi_disk_dma_command(SCSIRequest
*req
, uint8_t *buf
)
2132 SCSIDiskReq
*r
= DO_UPCAST(SCSIDiskReq
, req
, req
);
2133 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, req
->dev
);
2134 SCSIDiskClass
*sdc
= (SCSIDiskClass
*) object_get_class(OBJECT(s
));
2140 if (!blk_is_available(s
->qdev
.conf
.blk
)) {
2141 scsi_check_condition(r
, SENSE_CODE(NO_MEDIUM
));
2145 len
= scsi_data_cdb_xfer(r
->req
.cmd
.buf
);
2151 DPRINTF("Read (sector %" PRId64
", count %u)\n", r
->req
.cmd
.lba
, len
);
2152 if (r
->req
.cmd
.buf
[1] & 0xe0) {
2153 goto illegal_request
;
2155 if (!check_lba_range(s
, r
->req
.cmd
.lba
, len
)) {
2158 r
->sector
= r
->req
.cmd
.lba
* (s
->qdev
.blocksize
/ 512);
2159 r
->sector_count
= len
* (s
->qdev
.blocksize
/ 512);
2165 case WRITE_VERIFY_10
:
2166 case WRITE_VERIFY_12
:
2167 case WRITE_VERIFY_16
:
2168 if (blk_is_read_only(s
->qdev
.conf
.blk
)) {
2169 scsi_check_condition(r
, SENSE_CODE(WRITE_PROTECTED
));
2172 DPRINTF("Write %s(sector %" PRId64
", count %u)\n",
2173 (command
& 0xe) == 0xe ? "And Verify " : "",
2174 r
->req
.cmd
.lba
, len
);
2179 /* We get here only for BYTCHK == 0x01 and only for scsi-block.
2180 * As far as DMA is concerned, we can treat it the same as a write;
2181 * scsi_block_do_sgio will send VERIFY commands.
2183 if (r
->req
.cmd
.buf
[1] & 0xe0) {
2184 goto illegal_request
;
2186 if (!check_lba_range(s
, r
->req
.cmd
.lba
, len
)) {
2189 r
->sector
= r
->req
.cmd
.lba
* (s
->qdev
.blocksize
/ 512);
2190 r
->sector_count
= len
* (s
->qdev
.blocksize
/ 512);
2195 scsi_check_condition(r
, SENSE_CODE(INVALID_FIELD
));
2198 scsi_check_condition(r
, SENSE_CODE(LBA_OUT_OF_RANGE
));
2201 r
->need_fua_emulation
= sdc
->need_fua_emulation(&r
->req
.cmd
);
2202 if (r
->sector_count
== 0) {
2203 scsi_req_complete(&r
->req
, GOOD
);
2205 assert(r
->iov
.iov_len
== 0);
2206 if (r
->req
.cmd
.mode
== SCSI_XFER_TO_DEV
) {
2207 return -r
->sector_count
* 512;
2209 return r
->sector_count
* 512;
2213 static void scsi_disk_reset(DeviceState
*dev
)
2215 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
.qdev
, dev
);
2216 uint64_t nb_sectors
;
2218 scsi_device_purge_requests(&s
->qdev
, SENSE_CODE(RESET
));
2220 blk_get_geometry(s
->qdev
.conf
.blk
, &nb_sectors
);
2221 nb_sectors
/= s
->qdev
.blocksize
/ 512;
2225 s
->qdev
.max_lba
= nb_sectors
;
2226 /* reset tray statuses */
2231 static void scsi_disk_resize_cb(void *opaque
)
2233 SCSIDiskState
*s
= opaque
;
2235 /* SPC lists this sense code as available only for
2236 * direct-access devices.
2238 if (s
->qdev
.type
== TYPE_DISK
) {
2239 scsi_device_report_change(&s
->qdev
, SENSE_CODE(CAPACITY_CHANGED
));
2243 static void scsi_cd_change_media_cb(void *opaque
, bool load
)
2245 SCSIDiskState
*s
= opaque
;
2248 * When a CD gets changed, we have to report an ejected state and
2249 * then a loaded state to guests so that they detect tray
2250 * open/close and media change events. Guests that do not use
2251 * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close
2252 * states rely on this behavior.
2254 * media_changed governs the state machine used for unit attention
2255 * report. media_event is used by GET EVENT STATUS NOTIFICATION.
2257 s
->media_changed
= load
;
2258 s
->tray_open
= !load
;
2259 scsi_device_set_ua(&s
->qdev
, SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM
));
2260 s
->media_event
= true;
2261 s
->eject_request
= false;
2264 static void scsi_cd_eject_request_cb(void *opaque
, bool force
)
2266 SCSIDiskState
*s
= opaque
;
2268 s
->eject_request
= true;
2270 s
->tray_locked
= false;
2274 static bool scsi_cd_is_tray_open(void *opaque
)
2276 return ((SCSIDiskState
*)opaque
)->tray_open
;
2279 static bool scsi_cd_is_medium_locked(void *opaque
)
2281 return ((SCSIDiskState
*)opaque
)->tray_locked
;
2284 static const BlockDevOps scsi_disk_removable_block_ops
= {
2285 .change_media_cb
= scsi_cd_change_media_cb
,
2286 .eject_request_cb
= scsi_cd_eject_request_cb
,
2287 .is_tray_open
= scsi_cd_is_tray_open
,
2288 .is_medium_locked
= scsi_cd_is_medium_locked
,
2290 .resize_cb
= scsi_disk_resize_cb
,
2293 static const BlockDevOps scsi_disk_block_ops
= {
2294 .resize_cb
= scsi_disk_resize_cb
,
2297 static void scsi_disk_unit_attention_reported(SCSIDevice
*dev
)
2299 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, dev
);
2300 if (s
->media_changed
) {
2301 s
->media_changed
= false;
2302 scsi_device_set_ua(&s
->qdev
, SENSE_CODE(MEDIUM_CHANGED
));
2306 static void scsi_realize(SCSIDevice
*dev
, Error
**errp
)
2308 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, dev
);
2311 if (!s
->qdev
.conf
.blk
) {
2312 error_setg(errp
, "drive property not set");
2316 if (!(s
->features
& (1 << SCSI_DISK_F_REMOVABLE
)) &&
2317 !blk_is_inserted(s
->qdev
.conf
.blk
)) {
2318 error_setg(errp
, "Device needs media, but drive is empty");
2322 blkconf_serial(&s
->qdev
.conf
, &s
->serial
);
2323 blkconf_blocksizes(&s
->qdev
.conf
);
2324 if (dev
->type
== TYPE_DISK
) {
2325 blkconf_geometry(&dev
->conf
, NULL
, 65535, 255, 255, &err
);
2327 error_propagate(errp
, err
);
2331 blkconf_apply_backend_options(&dev
->conf
);
2333 if (s
->qdev
.conf
.discard_granularity
== -1) {
2334 s
->qdev
.conf
.discard_granularity
=
2335 MAX(s
->qdev
.conf
.logical_block_size
, DEFAULT_DISCARD_GRANULARITY
);
2339 s
->version
= g_strdup(qemu_hw_version());
2342 s
->vendor
= g_strdup("QEMU");
2345 if (blk_is_sg(s
->qdev
.conf
.blk
)) {
2346 error_setg(errp
, "unwanted /dev/sg*");
2350 if ((s
->features
& (1 << SCSI_DISK_F_REMOVABLE
)) &&
2351 !(s
->features
& (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS
))) {
2352 blk_set_dev_ops(s
->qdev
.conf
.blk
, &scsi_disk_removable_block_ops
, s
);
2354 blk_set_dev_ops(s
->qdev
.conf
.blk
, &scsi_disk_block_ops
, s
);
2356 blk_set_guest_block_size(s
->qdev
.conf
.blk
, s
->qdev
.blocksize
);
2358 blk_iostatus_enable(s
->qdev
.conf
.blk
);
2361 static void scsi_hd_realize(SCSIDevice
*dev
, Error
**errp
)
2363 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, dev
);
2364 /* can happen for devices without drive. The error message for missing
2365 * backend will be issued in scsi_realize
2367 if (s
->qdev
.conf
.blk
) {
2368 blkconf_blocksizes(&s
->qdev
.conf
);
2370 s
->qdev
.blocksize
= s
->qdev
.conf
.logical_block_size
;
2371 s
->qdev
.type
= TYPE_DISK
;
2373 s
->product
= g_strdup("QEMU HARDDISK");
2375 scsi_realize(&s
->qdev
, errp
);
2378 static void scsi_cd_realize(SCSIDevice
*dev
, Error
**errp
)
2380 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, dev
);
2382 if (!dev
->conf
.blk
) {
2383 /* FIXME Use real permissions */
2384 dev
->conf
.blk
= blk_new(0, BLK_PERM_ALL
);
2387 s
->qdev
.blocksize
= 2048;
2388 s
->qdev
.type
= TYPE_ROM
;
2389 s
->features
|= 1 << SCSI_DISK_F_REMOVABLE
;
2391 s
->product
= g_strdup("QEMU CD-ROM");
2393 scsi_realize(&s
->qdev
, errp
);
2396 static void scsi_disk_realize(SCSIDevice
*dev
, Error
**errp
)
2399 Error
*local_err
= NULL
;
2401 if (!dev
->conf
.blk
) {
2402 scsi_realize(dev
, &local_err
);
2404 error_propagate(errp
, local_err
);
2408 dinfo
= blk_legacy_dinfo(dev
->conf
.blk
);
2409 if (dinfo
&& dinfo
->media_cd
) {
2410 scsi_cd_realize(dev
, errp
);
2412 scsi_hd_realize(dev
, errp
);
2416 static const SCSIReqOps scsi_disk_emulate_reqops
= {
2417 .size
= sizeof(SCSIDiskReq
),
2418 .free_req
= scsi_free_request
,
2419 .send_command
= scsi_disk_emulate_command
,
2420 .read_data
= scsi_disk_emulate_read_data
,
2421 .write_data
= scsi_disk_emulate_write_data
,
2422 .get_buf
= scsi_get_buf
,
2425 static const SCSIReqOps scsi_disk_dma_reqops
= {
2426 .size
= sizeof(SCSIDiskReq
),
2427 .free_req
= scsi_free_request
,
2428 .send_command
= scsi_disk_dma_command
,
2429 .read_data
= scsi_read_data
,
2430 .write_data
= scsi_write_data
,
2431 .get_buf
= scsi_get_buf
,
2432 .load_request
= scsi_disk_load_request
,
2433 .save_request
= scsi_disk_save_request
,
2436 static const SCSIReqOps
*const scsi_disk_reqops_dispatch
[256] = {
2437 [TEST_UNIT_READY
] = &scsi_disk_emulate_reqops
,
2438 [INQUIRY
] = &scsi_disk_emulate_reqops
,
2439 [MODE_SENSE
] = &scsi_disk_emulate_reqops
,
2440 [MODE_SENSE_10
] = &scsi_disk_emulate_reqops
,
2441 [START_STOP
] = &scsi_disk_emulate_reqops
,
2442 [ALLOW_MEDIUM_REMOVAL
] = &scsi_disk_emulate_reqops
,
2443 [READ_CAPACITY_10
] = &scsi_disk_emulate_reqops
,
2444 [READ_TOC
] = &scsi_disk_emulate_reqops
,
2445 [READ_DVD_STRUCTURE
] = &scsi_disk_emulate_reqops
,
2446 [READ_DISC_INFORMATION
] = &scsi_disk_emulate_reqops
,
2447 [GET_CONFIGURATION
] = &scsi_disk_emulate_reqops
,
2448 [GET_EVENT_STATUS_NOTIFICATION
] = &scsi_disk_emulate_reqops
,
2449 [MECHANISM_STATUS
] = &scsi_disk_emulate_reqops
,
2450 [SERVICE_ACTION_IN_16
] = &scsi_disk_emulate_reqops
,
2451 [REQUEST_SENSE
] = &scsi_disk_emulate_reqops
,
2452 [SYNCHRONIZE_CACHE
] = &scsi_disk_emulate_reqops
,
2453 [SEEK_10
] = &scsi_disk_emulate_reqops
,
2454 [MODE_SELECT
] = &scsi_disk_emulate_reqops
,
2455 [MODE_SELECT_10
] = &scsi_disk_emulate_reqops
,
2456 [UNMAP
] = &scsi_disk_emulate_reqops
,
2457 [WRITE_SAME_10
] = &scsi_disk_emulate_reqops
,
2458 [WRITE_SAME_16
] = &scsi_disk_emulate_reqops
,
2459 [VERIFY_10
] = &scsi_disk_emulate_reqops
,
2460 [VERIFY_12
] = &scsi_disk_emulate_reqops
,
2461 [VERIFY_16
] = &scsi_disk_emulate_reqops
,
2463 [READ_6
] = &scsi_disk_dma_reqops
,
2464 [READ_10
] = &scsi_disk_dma_reqops
,
2465 [READ_12
] = &scsi_disk_dma_reqops
,
2466 [READ_16
] = &scsi_disk_dma_reqops
,
2467 [WRITE_6
] = &scsi_disk_dma_reqops
,
2468 [WRITE_10
] = &scsi_disk_dma_reqops
,
2469 [WRITE_12
] = &scsi_disk_dma_reqops
,
2470 [WRITE_16
] = &scsi_disk_dma_reqops
,
2471 [WRITE_VERIFY_10
] = &scsi_disk_dma_reqops
,
2472 [WRITE_VERIFY_12
] = &scsi_disk_dma_reqops
,
2473 [WRITE_VERIFY_16
] = &scsi_disk_dma_reqops
,
2476 static SCSIRequest
*scsi_new_request(SCSIDevice
*d
, uint32_t tag
, uint32_t lun
,
2477 uint8_t *buf
, void *hba_private
)
2479 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, d
);
2481 const SCSIReqOps
*ops
;
2485 ops
= scsi_disk_reqops_dispatch
[command
];
2487 ops
= &scsi_disk_emulate_reqops
;
2489 req
= scsi_req_alloc(ops
, &s
->qdev
, tag
, lun
, hba_private
);
2492 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun
, tag
, buf
[0]);
2495 for (i
= 1; i
< scsi_cdb_length(buf
); i
++) {
2496 printf(" 0x%02x", buf
[i
]);
2506 static int get_device_type(SCSIDiskState
*s
)
2510 uint8_t sensebuf
[8];
2511 sg_io_hdr_t io_header
;
2514 memset(cmd
, 0, sizeof(cmd
));
2515 memset(buf
, 0, sizeof(buf
));
2517 cmd
[4] = sizeof(buf
);
2519 memset(&io_header
, 0, sizeof(io_header
));
2520 io_header
.interface_id
= 'S';
2521 io_header
.dxfer_direction
= SG_DXFER_FROM_DEV
;
2522 io_header
.dxfer_len
= sizeof(buf
);
2523 io_header
.dxferp
= buf
;
2524 io_header
.cmdp
= cmd
;
2525 io_header
.cmd_len
= sizeof(cmd
);
2526 io_header
.mx_sb_len
= sizeof(sensebuf
);
2527 io_header
.sbp
= sensebuf
;
2528 io_header
.timeout
= 6000; /* XXX */
2530 ret
= blk_ioctl(s
->qdev
.conf
.blk
, SG_IO
, &io_header
);
2531 if (ret
< 0 || io_header
.driver_status
|| io_header
.host_status
) {
2534 s
->qdev
.type
= buf
[0];
2535 if (buf
[1] & 0x80) {
2536 s
->features
|= 1 << SCSI_DISK_F_REMOVABLE
;
2541 static void scsi_block_realize(SCSIDevice
*dev
, Error
**errp
)
2543 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, dev
);
2547 if (!s
->qdev
.conf
.blk
) {
2548 error_setg(errp
, "drive property not set");
2552 /* check we are using a driver managing SG_IO (version 3 and after) */
2553 rc
= blk_ioctl(s
->qdev
.conf
.blk
, SG_GET_VERSION_NUM
, &sg_version
);
2555 error_setg(errp
, "cannot get SG_IO version number: %s. "
2556 "Is this a SCSI device?",
2560 if (sg_version
< 30000) {
2561 error_setg(errp
, "scsi generic interface too old");
2565 /* get device type from INQUIRY data */
2566 rc
= get_device_type(s
);
2568 error_setg(errp
, "INQUIRY failed");
2572 /* Make a guess for the block size, we'll fix it when the guest sends.
2573 * READ CAPACITY. If they don't, they likely would assume these sizes
2574 * anyway. (TODO: check in /sys).
2576 if (s
->qdev
.type
== TYPE_ROM
|| s
->qdev
.type
== TYPE_WORM
) {
2577 s
->qdev
.blocksize
= 2048;
2579 s
->qdev
.blocksize
= 512;
2582 /* Makes the scsi-block device not removable by using HMP and QMP eject
2585 s
->features
|= (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS
);
2587 scsi_realize(&s
->qdev
, errp
);
2588 scsi_generic_read_device_identification(&s
->qdev
);
2591 typedef struct SCSIBlockReq
{
2593 sg_io_hdr_t io_header
;
2595 /* Selected bytes of the original CDB, copied into our own CDB. */
2596 uint8_t cmd
, cdb1
, group_number
;
2598 /* CDB passed to SG_IO. */
2602 static BlockAIOCB
*scsi_block_do_sgio(SCSIBlockReq
*req
,
2603 int64_t offset
, QEMUIOVector
*iov
,
2605 BlockCompletionFunc
*cb
, void *opaque
)
2607 sg_io_hdr_t
*io_header
= &req
->io_header
;
2608 SCSIDiskReq
*r
= &req
->req
;
2609 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
2610 int nb_logical_blocks
;
2614 /* This is not supported yet. It can only happen if the guest does
2615 * reads and writes that are not aligned to one logical sectors
2616 * _and_ cover multiple MemoryRegions.
2618 assert(offset
% s
->qdev
.blocksize
== 0);
2619 assert(iov
->size
% s
->qdev
.blocksize
== 0);
2621 io_header
->interface_id
= 'S';
2623 /* The data transfer comes from the QEMUIOVector. */
2624 io_header
->dxfer_direction
= direction
;
2625 io_header
->dxfer_len
= iov
->size
;
2626 io_header
->dxferp
= (void *)iov
->iov
;
2627 io_header
->iovec_count
= iov
->niov
;
2628 assert(io_header
->iovec_count
== iov
->niov
); /* no overflow! */
2630 /* Build a new CDB with the LBA and length patched in, in case
2631 * DMA helpers split the transfer in multiple segments. Do not
2632 * build a CDB smaller than what the guest wanted, and only build
2633 * a larger one if strictly necessary.
2635 io_header
->cmdp
= req
->cdb
;
2636 lba
= offset
/ s
->qdev
.blocksize
;
2637 nb_logical_blocks
= io_header
->dxfer_len
/ s
->qdev
.blocksize
;
2639 if ((req
->cmd
>> 5) == 0 && lba
<= 0x1ffff) {
2641 stl_be_p(&req
->cdb
[0], lba
| (req
->cmd
<< 24));
2642 req
->cdb
[4] = nb_logical_blocks
;
2644 io_header
->cmd_len
= 6;
2645 } else if ((req
->cmd
>> 5) <= 1 && lba
<= 0xffffffffULL
) {
2647 req
->cdb
[0] = (req
->cmd
& 0x1f) | 0x20;
2648 req
->cdb
[1] = req
->cdb1
;
2649 stl_be_p(&req
->cdb
[2], lba
);
2650 req
->cdb
[6] = req
->group_number
;
2651 stw_be_p(&req
->cdb
[7], nb_logical_blocks
);
2653 io_header
->cmd_len
= 10;
2654 } else if ((req
->cmd
>> 5) != 4 && lba
<= 0xffffffffULL
) {
2656 req
->cdb
[0] = (req
->cmd
& 0x1f) | 0xA0;
2657 req
->cdb
[1] = req
->cdb1
;
2658 stl_be_p(&req
->cdb
[2], lba
);
2659 stl_be_p(&req
->cdb
[6], nb_logical_blocks
);
2660 req
->cdb
[10] = req
->group_number
;
2662 io_header
->cmd_len
= 12;
2665 req
->cdb
[0] = (req
->cmd
& 0x1f) | 0x80;
2666 req
->cdb
[1] = req
->cdb1
;
2667 stq_be_p(&req
->cdb
[2], lba
);
2668 stl_be_p(&req
->cdb
[10], nb_logical_blocks
);
2669 req
->cdb
[14] = req
->group_number
;
2671 io_header
->cmd_len
= 16;
2674 /* The rest is as in scsi-generic.c. */
2675 io_header
->mx_sb_len
= sizeof(r
->req
.sense
);
2676 io_header
->sbp
= r
->req
.sense
;
2677 io_header
->timeout
= UINT_MAX
;
2678 io_header
->usr_ptr
= r
;
2679 io_header
->flags
|= SG_FLAG_DIRECT_IO
;
2681 aiocb
= blk_aio_ioctl(s
->qdev
.conf
.blk
, SG_IO
, io_header
, cb
, opaque
);
2682 assert(aiocb
!= NULL
);
2686 static bool scsi_block_no_fua(SCSICommand
*cmd
)
2691 static BlockAIOCB
*scsi_block_dma_readv(int64_t offset
,
2693 BlockCompletionFunc
*cb
, void *cb_opaque
,
2696 SCSIBlockReq
*r
= opaque
;
2697 return scsi_block_do_sgio(r
, offset
, iov
,
2698 SG_DXFER_FROM_DEV
, cb
, cb_opaque
);
2701 static BlockAIOCB
*scsi_block_dma_writev(int64_t offset
,
2703 BlockCompletionFunc
*cb
, void *cb_opaque
,
2706 SCSIBlockReq
*r
= opaque
;
2707 return scsi_block_do_sgio(r
, offset
, iov
,
2708 SG_DXFER_TO_DEV
, cb
, cb_opaque
);
2711 static bool scsi_block_is_passthrough(SCSIDiskState
*s
, uint8_t *buf
)
2717 /* Check if BYTCHK == 0x01 (data-out buffer contains data
2718 * for the number of logical blocks specified in the length
2719 * field). For other modes, do not use scatter/gather operation.
2721 if ((buf
[1] & 6) == 2) {
2734 case WRITE_VERIFY_10
:
2735 case WRITE_VERIFY_12
:
2736 case WRITE_VERIFY_16
:
2737 /* MMC writing cannot be done via DMA helpers, because it sometimes
2738 * involves writing beyond the maximum LBA or to negative LBA (lead-in).
2739 * We might use scsi_block_dma_reqops as long as no writing commands are
2740 * seen, but performance usually isn't paramount on optical media. So,
2741 * just make scsi-block operate the same as scsi-generic for them.
2743 if (s
->qdev
.type
!= TYPE_ROM
) {
2756 static int32_t scsi_block_dma_command(SCSIRequest
*req
, uint8_t *buf
)
2758 SCSIBlockReq
*r
= (SCSIBlockReq
*)req
;
2759 r
->cmd
= req
->cmd
.buf
[0];
2760 switch (r
->cmd
>> 5) {
2763 r
->cdb1
= r
->group_number
= 0;
2767 r
->cdb1
= req
->cmd
.buf
[1];
2768 r
->group_number
= req
->cmd
.buf
[6];
2772 r
->cdb1
= req
->cmd
.buf
[1];
2773 r
->group_number
= req
->cmd
.buf
[10];
2777 r
->cdb1
= req
->cmd
.buf
[1];
2778 r
->group_number
= req
->cmd
.buf
[14];
2784 if (r
->cdb1
& 0xe0) {
2785 /* Protection information is not supported. */
2786 scsi_check_condition(&r
->req
, SENSE_CODE(INVALID_FIELD
));
2790 r
->req
.status
= &r
->io_header
.status
;
2791 return scsi_disk_dma_command(req
, buf
);
2794 static const SCSIReqOps scsi_block_dma_reqops
= {
2795 .size
= sizeof(SCSIBlockReq
),
2796 .free_req
= scsi_free_request
,
2797 .send_command
= scsi_block_dma_command
,
2798 .read_data
= scsi_read_data
,
2799 .write_data
= scsi_write_data
,
2800 .get_buf
= scsi_get_buf
,
2801 .load_request
= scsi_disk_load_request
,
2802 .save_request
= scsi_disk_save_request
,
2805 static SCSIRequest
*scsi_block_new_request(SCSIDevice
*d
, uint32_t tag
,
2806 uint32_t lun
, uint8_t *buf
,
2809 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, d
);
2811 if (scsi_block_is_passthrough(s
, buf
)) {
2812 return scsi_req_alloc(&scsi_generic_req_ops
, &s
->qdev
, tag
, lun
,
2815 return scsi_req_alloc(&scsi_block_dma_reqops
, &s
->qdev
, tag
, lun
,
2820 static int scsi_block_parse_cdb(SCSIDevice
*d
, SCSICommand
*cmd
,
2821 uint8_t *buf
, void *hba_private
)
2823 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, d
);
2825 if (scsi_block_is_passthrough(s
, buf
)) {
2826 return scsi_bus_parse_cdb(&s
->qdev
, cmd
, buf
, hba_private
);
2828 return scsi_req_parse_cdb(&s
->qdev
, cmd
, buf
);
2835 BlockAIOCB
*scsi_dma_readv(int64_t offset
, QEMUIOVector
*iov
,
2836 BlockCompletionFunc
*cb
, void *cb_opaque
,
2839 SCSIDiskReq
*r
= opaque
;
2840 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
2841 return blk_aio_preadv(s
->qdev
.conf
.blk
, offset
, iov
, 0, cb
, cb_opaque
);
2845 BlockAIOCB
*scsi_dma_writev(int64_t offset
, QEMUIOVector
*iov
,
2846 BlockCompletionFunc
*cb
, void *cb_opaque
,
2849 SCSIDiskReq
*r
= opaque
;
2850 SCSIDiskState
*s
= DO_UPCAST(SCSIDiskState
, qdev
, r
->req
.dev
);
2851 return blk_aio_pwritev(s
->qdev
.conf
.blk
, offset
, iov
, 0, cb
, cb_opaque
);
2854 static void scsi_disk_base_class_initfn(ObjectClass
*klass
, void *data
)
2856 DeviceClass
*dc
= DEVICE_CLASS(klass
);
2857 SCSIDiskClass
*sdc
= SCSI_DISK_BASE_CLASS(klass
);
2859 dc
->fw_name
= "disk";
2860 dc
->reset
= scsi_disk_reset
;
2861 sdc
->dma_readv
= scsi_dma_readv
;
2862 sdc
->dma_writev
= scsi_dma_writev
;
2863 sdc
->need_fua_emulation
= scsi_is_cmd_fua
;
2866 static const TypeInfo scsi_disk_base_info
= {
2867 .name
= TYPE_SCSI_DISK_BASE
,
2868 .parent
= TYPE_SCSI_DEVICE
,
2869 .class_init
= scsi_disk_base_class_initfn
,
2870 .instance_size
= sizeof(SCSIDiskState
),
2871 .class_size
= sizeof(SCSIDiskClass
),
2875 #define DEFINE_SCSI_DISK_PROPERTIES() \
2876 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \
2877 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf), \
2878 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
2879 DEFINE_PROP_STRING("serial", SCSIDiskState, serial), \
2880 DEFINE_PROP_STRING("vendor", SCSIDiskState, vendor), \
2881 DEFINE_PROP_STRING("product", SCSIDiskState, product)
2883 static Property scsi_hd_properties
[] = {
2884 DEFINE_SCSI_DISK_PROPERTIES(),
2885 DEFINE_PROP_BIT("removable", SCSIDiskState
, features
,
2886 SCSI_DISK_F_REMOVABLE
, false),
2887 DEFINE_PROP_BIT("dpofua", SCSIDiskState
, features
,
2888 SCSI_DISK_F_DPOFUA
, false),
2889 DEFINE_PROP_UINT64("wwn", SCSIDiskState
, qdev
.wwn
, 0),
2890 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState
, qdev
.port_wwn
, 0),
2891 DEFINE_PROP_UINT16("port_index", SCSIDiskState
, port_index
, 0),
2892 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState
, max_unmap_size
,
2893 DEFAULT_MAX_UNMAP_SIZE
),
2894 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState
, max_io_size
,
2895 DEFAULT_MAX_IO_SIZE
),
2896 DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState
, qdev
.conf
),
2897 DEFINE_PROP_END_OF_LIST(),
2900 static const VMStateDescription vmstate_scsi_disk_state
= {
2901 .name
= "scsi-disk",
2903 .minimum_version_id
= 1,
2904 .fields
= (VMStateField
[]) {
2905 VMSTATE_SCSI_DEVICE(qdev
, SCSIDiskState
),
2906 VMSTATE_BOOL(media_changed
, SCSIDiskState
),
2907 VMSTATE_BOOL(media_event
, SCSIDiskState
),
2908 VMSTATE_BOOL(eject_request
, SCSIDiskState
),
2909 VMSTATE_BOOL(tray_open
, SCSIDiskState
),
2910 VMSTATE_BOOL(tray_locked
, SCSIDiskState
),
2911 VMSTATE_END_OF_LIST()
2915 static void scsi_hd_class_initfn(ObjectClass
*klass
, void *data
)
2917 DeviceClass
*dc
= DEVICE_CLASS(klass
);
2918 SCSIDeviceClass
*sc
= SCSI_DEVICE_CLASS(klass
);
2920 sc
->realize
= scsi_hd_realize
;
2921 sc
->alloc_req
= scsi_new_request
;
2922 sc
->unit_attention_reported
= scsi_disk_unit_attention_reported
;
2923 dc
->desc
= "virtual SCSI disk";
2924 dc
->props
= scsi_hd_properties
;
2925 dc
->vmsd
= &vmstate_scsi_disk_state
;
2928 static const TypeInfo scsi_hd_info
= {
2930 .parent
= TYPE_SCSI_DISK_BASE
,
2931 .class_init
= scsi_hd_class_initfn
,
2934 static Property scsi_cd_properties
[] = {
2935 DEFINE_SCSI_DISK_PROPERTIES(),
2936 DEFINE_PROP_UINT64("wwn", SCSIDiskState
, qdev
.wwn
, 0),
2937 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState
, qdev
.port_wwn
, 0),
2938 DEFINE_PROP_UINT16("port_index", SCSIDiskState
, port_index
, 0),
2939 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState
, max_io_size
,
2940 DEFAULT_MAX_IO_SIZE
),
2941 DEFINE_PROP_END_OF_LIST(),
2944 static void scsi_cd_class_initfn(ObjectClass
*klass
, void *data
)
2946 DeviceClass
*dc
= DEVICE_CLASS(klass
);
2947 SCSIDeviceClass
*sc
= SCSI_DEVICE_CLASS(klass
);
2949 sc
->realize
= scsi_cd_realize
;
2950 sc
->alloc_req
= scsi_new_request
;
2951 sc
->unit_attention_reported
= scsi_disk_unit_attention_reported
;
2952 dc
->desc
= "virtual SCSI CD-ROM";
2953 dc
->props
= scsi_cd_properties
;
2954 dc
->vmsd
= &vmstate_scsi_disk_state
;
2957 static const TypeInfo scsi_cd_info
= {
2959 .parent
= TYPE_SCSI_DISK_BASE
,
2960 .class_init
= scsi_cd_class_initfn
,
2964 static Property scsi_block_properties
[] = {
2965 DEFINE_PROP_DRIVE("drive", SCSIDiskState
, qdev
.conf
.blk
),
2966 DEFINE_PROP_END_OF_LIST(),
2969 static void scsi_block_class_initfn(ObjectClass
*klass
, void *data
)
2971 DeviceClass
*dc
= DEVICE_CLASS(klass
);
2972 SCSIDeviceClass
*sc
= SCSI_DEVICE_CLASS(klass
);
2973 SCSIDiskClass
*sdc
= SCSI_DISK_BASE_CLASS(klass
);
2975 sc
->realize
= scsi_block_realize
;
2976 sc
->alloc_req
= scsi_block_new_request
;
2977 sc
->parse_cdb
= scsi_block_parse_cdb
;
2978 sdc
->dma_readv
= scsi_block_dma_readv
;
2979 sdc
->dma_writev
= scsi_block_dma_writev
;
2980 sdc
->need_fua_emulation
= scsi_block_no_fua
;
2981 dc
->desc
= "SCSI block device passthrough";
2982 dc
->props
= scsi_block_properties
;
2983 dc
->vmsd
= &vmstate_scsi_disk_state
;
2986 static const TypeInfo scsi_block_info
= {
2987 .name
= "scsi-block",
2988 .parent
= TYPE_SCSI_DISK_BASE
,
2989 .class_init
= scsi_block_class_initfn
,
2993 static Property scsi_disk_properties
[] = {
2994 DEFINE_SCSI_DISK_PROPERTIES(),
2995 DEFINE_PROP_BIT("removable", SCSIDiskState
, features
,
2996 SCSI_DISK_F_REMOVABLE
, false),
2997 DEFINE_PROP_BIT("dpofua", SCSIDiskState
, features
,
2998 SCSI_DISK_F_DPOFUA
, false),
2999 DEFINE_PROP_UINT64("wwn", SCSIDiskState
, qdev
.wwn
, 0),
3000 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState
, qdev
.port_wwn
, 0),
3001 DEFINE_PROP_UINT16("port_index", SCSIDiskState
, port_index
, 0),
3002 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState
, max_unmap_size
,
3003 DEFAULT_MAX_UNMAP_SIZE
),
3004 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState
, max_io_size
,
3005 DEFAULT_MAX_IO_SIZE
),
3006 DEFINE_PROP_END_OF_LIST(),
3009 static void scsi_disk_class_initfn(ObjectClass
*klass
, void *data
)
3011 DeviceClass
*dc
= DEVICE_CLASS(klass
);
3012 SCSIDeviceClass
*sc
= SCSI_DEVICE_CLASS(klass
);
3014 sc
->realize
= scsi_disk_realize
;
3015 sc
->alloc_req
= scsi_new_request
;
3016 sc
->unit_attention_reported
= scsi_disk_unit_attention_reported
;
3017 dc
->fw_name
= "disk";
3018 dc
->desc
= "virtual SCSI disk or CD-ROM (legacy)";
3019 dc
->reset
= scsi_disk_reset
;
3020 dc
->props
= scsi_disk_properties
;
3021 dc
->vmsd
= &vmstate_scsi_disk_state
;
3024 static const TypeInfo scsi_disk_info
= {
3025 .name
= "scsi-disk",
3026 .parent
= TYPE_SCSI_DISK_BASE
,
3027 .class_init
= scsi_disk_class_initfn
,
3030 static void scsi_disk_register_types(void)
3032 type_register_static(&scsi_disk_base_info
);
3033 type_register_static(&scsi_hd_info
);
3034 type_register_static(&scsi_cd_info
);
3036 type_register_static(&scsi_block_info
);
3038 type_register_static(&scsi_disk_info
);
3041 type_init(scsi_disk_register_types
)