search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
hw/elf_ops: Fix a typo
[qemu/ar7.git] / hw / scsi / virtio-scsi.c
blob6d807302870ae01b40d11c416d25b8d30c2166ad
1 /*
2 * Virtio SCSI HBA
3 *
4 * Copyright IBM, Corp. 2010
5 * Copyright Red Hat, Inc. 2011
6 *
7 * Authors:
8 * Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
9 * Paolo Bonzini <pbonzini@redhat.com>
10 *
11 * This work is licensed under the terms of the GNU GPL, version 2 or later.
12 * See the COPYING file in the top-level directory.
13 *
14 */
15
16 #include "qemu/osdep.h"
17 #include "qapi/error.h"
18 #include "standard-headers/linux/virtio_ids.h"
19 #include "hw/virtio/virtio-scsi.h"
20 #include "migration/qemu-file-types.h"
21 #include "qemu/error-report.h"
22 #include "qemu/iov.h"
23 #include "qemu/module.h"
24 #include "sysemu/block-backend.h"
25 #include "hw/qdev-properties.h"
26 #include "hw/scsi/scsi.h"
27 #include "scsi/constants.h"
28 #include "hw/virtio/virtio-bus.h"
29 #include "hw/virtio/virtio-access.h"
30 #include "trace.h"
31
32 static inline int virtio_scsi_get_lun(uint8_t *lun)
33 {
34 return ((lun[2] << 8) | lun[3]) & 0x3FFF;
35 }
36
37 static inline SCSIDevice *virtio_scsi_device_get(VirtIOSCSI *s, uint8_t *lun)
38 {
39 if (lun[0] != 1) {
40 return NULL;
41 }
42 if (lun[2] != 0 && !(lun[2] >= 0x40 && lun[2] < 0x80)) {
43 return NULL;
44 }
45 return scsi_device_get(&s->bus, 0, lun[1], virtio_scsi_get_lun(lun));
46 }
47
48 void virtio_scsi_init_req(VirtIOSCSI *s, VirtQueue *vq, VirtIOSCSIReq *req)
49 {
50 VirtIODevice *vdev = VIRTIO_DEVICE(s);
51 const size_t zero_skip =
52 offsetof(VirtIOSCSIReq, resp_iov) + sizeof(req->resp_iov);
53
54 req->vq = vq;
55 req->dev = s;
56 qemu_sglist_init(&req->qsgl, DEVICE(s), 8, vdev->dma_as);
57 qemu_iovec_init(&req->resp_iov, 1);
58 memset((uint8_t *)req + zero_skip, 0, sizeof(*req) - zero_skip);
59 }
60
61 void virtio_scsi_free_req(VirtIOSCSIReq *req)
62 {
63 qemu_iovec_destroy(&req->resp_iov);
64 qemu_sglist_destroy(&req->qsgl);
65 g_free(req);
66 }
67
68 static void virtio_scsi_complete_req(VirtIOSCSIReq *req)
69 {
70 VirtIOSCSI *s = req->dev;
71 VirtQueue *vq = req->vq;
72 VirtIODevice *vdev = VIRTIO_DEVICE(s);
73
74 qemu_iovec_from_buf(&req->resp_iov, 0, &req->resp, req->resp_size);
75 virtqueue_push(vq, &req->elem, req->qsgl.size + req->resp_iov.size);
76 if (s->dataplane_started && !s->dataplane_fenced) {
77 virtio_notify_irqfd(vdev, vq);
78 } else {
79 virtio_notify(vdev, vq);
80 }
81
82 if (req->sreq) {
83 req->sreq->hba_private = NULL;
84 scsi_req_unref(req->sreq);
85 }
86 virtio_scsi_free_req(req);
87 }
88
89 static void virtio_scsi_bad_req(VirtIOSCSIReq *req)
90 {
91 virtio_error(VIRTIO_DEVICE(req->dev), "wrong size for virtio-scsi headers");
92 virtqueue_detach_element(req->vq, &req->elem, 0);
93 virtio_scsi_free_req(req);
94 }
95
96 static size_t qemu_sgl_concat(VirtIOSCSIReq *req, struct iovec *iov,
97 hwaddr *addr, int num, size_t skip)
98 {
99 QEMUSGList *qsgl = &req->qsgl;
100 size_t copied = 0;
101
102 while (num) {
103 if (skip >= iov->iov_len) {
104 skip -= iov->iov_len;
105 } else {
106 qemu_sglist_add(qsgl, *addr + skip, iov->iov_len - skip);
107 copied += iov->iov_len - skip;
108 skip = 0;
109 }
110 iov++;
111 addr++;
112 num--;
113 }
114
115 assert(skip == 0);
116 return copied;
117 }
118
119 static int virtio_scsi_parse_req(VirtIOSCSIReq *req,
120 unsigned req_size, unsigned resp_size)
121 {
122 VirtIODevice *vdev = (VirtIODevice *) req->dev;
123 size_t in_size, out_size;
124
125 if (iov_to_buf(req->elem.out_sg, req->elem.out_num, 0,
126 &req->req, req_size) < req_size) {
127 return -EINVAL;
128 }
129
130 if (qemu_iovec_concat_iov(&req->resp_iov,
131 req->elem.in_sg, req->elem.in_num, 0,
132 resp_size) < resp_size) {
133 return -EINVAL;
134 }
135
136 req->resp_size = resp_size;
137
138 /* Old BIOSes left some padding by mistake after the req_size/resp_size.
139 * As a workaround, always consider the first buffer as the virtio-scsi
140 * request/response, making the payload start at the second element
141 * of the iovec.
142 *
143 * The actual length of the response header, stored in req->resp_size,
144 * does not change.
145 *
146 * TODO: always disable this workaround for virtio 1.0 devices.
147 */
148 if (!virtio_vdev_has_feature(vdev, VIRTIO_F_ANY_LAYOUT)) {
149 if (req->elem.out_num) {
150 req_size = req->elem.out_sg[0].iov_len;
151 }
152 if (req->elem.in_num) {
153 resp_size = req->elem.in_sg[0].iov_len;
154 }
155 }
156
157 out_size = qemu_sgl_concat(req, req->elem.out_sg,
158 &req->elem.out_addr[0], req->elem.out_num,
159 req_size);
160 in_size = qemu_sgl_concat(req, req->elem.in_sg,
161 &req->elem.in_addr[0], req->elem.in_num,
162 resp_size);
163
164 if (out_size && in_size) {
165 return -ENOTSUP;
166 }
167
168 if (out_size) {
169 req->mode = SCSI_XFER_TO_DEV;
170 } else if (in_size) {
171 req->mode = SCSI_XFER_FROM_DEV;
172 }
173
174 return 0;
175 }
176
177 static VirtIOSCSIReq *virtio_scsi_pop_req(VirtIOSCSI *s, VirtQueue *vq)
178 {
179 VirtIOSCSICommon *vs = (VirtIOSCSICommon *)s;
180 VirtIOSCSIReq *req;
181
182 req = virtqueue_pop(vq, sizeof(VirtIOSCSIReq) + vs->cdb_size);
183 if (!req) {
184 return NULL;
185 }
186 virtio_scsi_init_req(s, vq, req);
187 return req;
188 }
189
190 static void virtio_scsi_save_request(QEMUFile *f, SCSIRequest *sreq)
191 {
192 VirtIOSCSIReq *req = sreq->hba_private;
193 VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(req->dev);
194 VirtIODevice *vdev = VIRTIO_DEVICE(req->dev);
195 uint32_t n = virtio_get_queue_index(req->vq) - VIRTIO_SCSI_VQ_NUM_FIXED;
196
197 assert(n < vs->conf.num_queues);
198 qemu_put_be32s(f, &n);
199 qemu_put_virtqueue_element(vdev, f, &req->elem);
200 }
201
202 static void *virtio_scsi_load_request(QEMUFile *f, SCSIRequest *sreq)
203 {
204 SCSIBus *bus = sreq->bus;
205 VirtIOSCSI *s = container_of(bus, VirtIOSCSI, bus);
206 VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(s);
207 VirtIODevice *vdev = VIRTIO_DEVICE(s);
208 VirtIOSCSIReq *req;
209 uint32_t n;
210
211 qemu_get_be32s(f, &n);
212 assert(n < vs->conf.num_queues);
213 req = qemu_get_virtqueue_element(vdev, f,
214 sizeof(VirtIOSCSIReq) + vs->cdb_size);
215 virtio_scsi_init_req(s, vs->cmd_vqs[n], req);
216
217 if (virtio_scsi_parse_req(req, sizeof(VirtIOSCSICmdReq) + vs->cdb_size,
218 sizeof(VirtIOSCSICmdResp) + vs->sense_size) < 0) {
219 error_report("invalid SCSI request migration data");
220 exit(1);
221 }
222
223 scsi_req_ref(sreq);
224 req->sreq = sreq;
225 if (req->sreq->cmd.mode != SCSI_XFER_NONE) {
226 assert(req->sreq->cmd.mode == req->mode);
227 }
228 return req;
229 }
230
231 typedef struct {
232 Notifier notifier;
233 VirtIOSCSIReq *tmf_req;
234 } VirtIOSCSICancelNotifier;
235
236 static void virtio_scsi_cancel_notify(Notifier *notifier, void *data)
237 {
238 VirtIOSCSICancelNotifier *n = container_of(notifier,
239 VirtIOSCSICancelNotifier,
240 notifier);
241
242 if (--n->tmf_req->remaining == 0) {
243 VirtIOSCSIReq *req = n->tmf_req;
244
245 trace_virtio_scsi_tmf_resp(virtio_scsi_get_lun(req->req.tmf.lun),
246 req->req.tmf.tag, req->resp.tmf.response);
247 virtio_scsi_complete_req(req);
248 }
249 g_free(n);
250 }
251
252 static inline void virtio_scsi_ctx_check(VirtIOSCSI *s, SCSIDevice *d)
253 {
254 if (s->dataplane_started && d && blk_is_available(d->conf.blk)) {
255 assert(blk_get_aio_context(d->conf.blk) == s->ctx);
256 }
257 }
258
259 /* Return 0 if the request is ready to be completed and return to guest;
260 * -EINPROGRESS if the request is submitted and will be completed later, in the
261 * case of async cancellation. */
262 static int virtio_scsi_do_tmf(VirtIOSCSI *s, VirtIOSCSIReq *req)
263 {
264 SCSIDevice *d = virtio_scsi_device_get(s, req->req.tmf.lun);
265 SCSIRequest *r, *next;
266 BusChild *kid;
267 int target;
268 int ret = 0;
269
270 virtio_scsi_ctx_check(s, d);
271 /* Here VIRTIO_SCSI_S_OK means "FUNCTION COMPLETE". */
272 req->resp.tmf.response = VIRTIO_SCSI_S_OK;
273
274 /*
275 * req->req.tmf has the QEMU_PACKED attribute. Don't use virtio_tswap32s()
276 * to avoid compiler errors.
277 */
278 req->req.tmf.subtype =
279 virtio_tswap32(VIRTIO_DEVICE(s), req->req.tmf.subtype);
280
281 trace_virtio_scsi_tmf_req(virtio_scsi_get_lun(req->req.tmf.lun),
282 req->req.tmf.tag, req->req.tmf.subtype);
283
284 switch (req->req.tmf.subtype) {
285 case VIRTIO_SCSI_T_TMF_ABORT_TASK:
286 case VIRTIO_SCSI_T_TMF_QUERY_TASK:
287 if (!d) {
288 goto fail;
289 }
290 if (d->lun != virtio_scsi_get_lun(req->req.tmf.lun)) {
291 goto incorrect_lun;
292 }
293 QTAILQ_FOREACH_SAFE(r, &d->requests, next, next) {
294 VirtIOSCSIReq *cmd_req = r->hba_private;
295 if (cmd_req && cmd_req->req.cmd.tag == req->req.tmf.tag) {
296 break;
297 }
298 }
299 if (r) {
300 /*
301 * Assert that the request has not been completed yet, we
302 * check for it in the loop above.
303 */
304 assert(r->hba_private);
305 if (req->req.tmf.subtype == VIRTIO_SCSI_T_TMF_QUERY_TASK) {
306 /* "If the specified command is present in the task set, then
307 * return a service response set to FUNCTION SUCCEEDED".
308 */
309 req->resp.tmf.response = VIRTIO_SCSI_S_FUNCTION_SUCCEEDED;
310 } else {
311 VirtIOSCSICancelNotifier *notifier;
312
313 req->remaining = 1;
314 notifier = g_new(VirtIOSCSICancelNotifier, 1);
315 notifier->tmf_req = req;
316 notifier->notifier.notify = virtio_scsi_cancel_notify;
317 scsi_req_cancel_async(r, &notifier->notifier);
318 ret = -EINPROGRESS;
319 }
320 }
321 break;
322
323 case VIRTIO_SCSI_T_TMF_LOGICAL_UNIT_RESET:
324 if (!d) {
325 goto fail;
326 }
327 if (d->lun != virtio_scsi_get_lun(req->req.tmf.lun)) {
328 goto incorrect_lun;
329 }
330 s->resetting++;
331 qdev_reset_all(&d->qdev);
332 s->resetting--;
333 break;
334
335 case VIRTIO_SCSI_T_TMF_ABORT_TASK_SET:
336 case VIRTIO_SCSI_T_TMF_CLEAR_TASK_SET:
337 case VIRTIO_SCSI_T_TMF_QUERY_TASK_SET:
338 if (!d) {
339 goto fail;
340 }
341 if (d->lun != virtio_scsi_get_lun(req->req.tmf.lun)) {
342 goto incorrect_lun;
343 }
344
345 /* Add 1 to "remaining" until virtio_scsi_do_tmf returns.
346 * This way, if the bus starts calling back to the notifiers
347 * even before we finish the loop, virtio_scsi_cancel_notify
348 * will not complete the TMF too early.
349 */
350 req->remaining = 1;
351 QTAILQ_FOREACH_SAFE(r, &d->requests, next, next) {
352 if (r->hba_private) {
353 if (req->req.tmf.subtype == VIRTIO_SCSI_T_TMF_QUERY_TASK_SET) {
354 /* "If there is any command present in the task set, then
355 * return a service response set to FUNCTION SUCCEEDED".
356 */
357 req->resp.tmf.response = VIRTIO_SCSI_S_FUNCTION_SUCCEEDED;
358 break;
359 } else {
360 VirtIOSCSICancelNotifier *notifier;
361
362 req->remaining++;
363 notifier = g_new(VirtIOSCSICancelNotifier, 1);
364 notifier->notifier.notify = virtio_scsi_cancel_notify;
365 notifier->tmf_req = req;
366 scsi_req_cancel_async(r, &notifier->notifier);
367 }
368 }
369 }
370 if (--req->remaining > 0) {
371 ret = -EINPROGRESS;
372 }
373 break;
374
375 case VIRTIO_SCSI_T_TMF_I_T_NEXUS_RESET:
376 target = req->req.tmf.lun[1];
377 s->resetting++;
378
379 rcu_read_lock();
380 QTAILQ_FOREACH_RCU(kid, &s->bus.qbus.children, sibling) {
381 SCSIDevice *d1 = SCSI_DEVICE(kid->child);
382 if (d1->channel == 0 && d1->id == target) {
383 qdev_reset_all(&d1->qdev);
384 }
385 }
386 rcu_read_unlock();
387
388 s->resetting--;
389 break;
390
391 case VIRTIO_SCSI_T_TMF_CLEAR_ACA:
392 default:
393 req->resp.tmf.response = VIRTIO_SCSI_S_FUNCTION_REJECTED;
394 break;
395 }
396
397 object_unref(OBJECT(d));
398 return ret;
399
400 incorrect_lun:
401 req->resp.tmf.response = VIRTIO_SCSI_S_INCORRECT_LUN;
402 object_unref(OBJECT(d));
403 return ret;
404
405 fail:
406 req->resp.tmf.response = VIRTIO_SCSI_S_BAD_TARGET;
407 object_unref(OBJECT(d));
408 return ret;
409 }
410
411 static void virtio_scsi_handle_ctrl_req(VirtIOSCSI *s, VirtIOSCSIReq *req)
412 {
413 VirtIODevice *vdev = (VirtIODevice *)s;
414 uint32_t type;
415 int r = 0;
416
417 if (iov_to_buf(req->elem.out_sg, req->elem.out_num, 0,
418 &type, sizeof(type)) < sizeof(type)) {
419 virtio_scsi_bad_req(req);
420 return;
421 }
422
423 virtio_tswap32s(vdev, &type);
424 if (type == VIRTIO_SCSI_T_TMF) {
425 if (virtio_scsi_parse_req(req, sizeof(VirtIOSCSICtrlTMFReq),
426 sizeof(VirtIOSCSICtrlTMFResp)) < 0) {
427 virtio_scsi_bad_req(req);
428 return;
429 } else {
430 r = virtio_scsi_do_tmf(s, req);
431 }
432
433 } else if (type == VIRTIO_SCSI_T_AN_QUERY ||
434 type == VIRTIO_SCSI_T_AN_SUBSCRIBE) {
435 if (virtio_scsi_parse_req(req, sizeof(VirtIOSCSICtrlANReq),
436 sizeof(VirtIOSCSICtrlANResp)) < 0) {
437 virtio_scsi_bad_req(req);
438 return;
439 } else {
440 req->req.an.event_requested =
441 virtio_tswap32(VIRTIO_DEVICE(s), req->req.an.event_requested);
442 trace_virtio_scsi_an_req(virtio_scsi_get_lun(req->req.an.lun),
443 req->req.an.event_requested);
444 req->resp.an.event_actual = 0;
445 req->resp.an.response = VIRTIO_SCSI_S_OK;
446 }
447 }
448 if (r == 0) {
449 if (type == VIRTIO_SCSI_T_TMF)
450 trace_virtio_scsi_tmf_resp(virtio_scsi_get_lun(req->req.tmf.lun),
451 req->req.tmf.tag,
452 req->resp.tmf.response);
453 else if (type == VIRTIO_SCSI_T_AN_QUERY ||
454 type == VIRTIO_SCSI_T_AN_SUBSCRIBE)
455 trace_virtio_scsi_an_resp(virtio_scsi_get_lun(req->req.an.lun),
456 req->resp.an.response);
457 virtio_scsi_complete_req(req);
458 } else {
459 assert(r == -EINPROGRESS);
460 }
461 }
462
463 bool virtio_scsi_handle_ctrl_vq(VirtIOSCSI *s, VirtQueue *vq)
464 {
465 VirtIOSCSIReq *req;
466 bool progress = false;
467
468 while ((req = virtio_scsi_pop_req(s, vq))) {
469 progress = true;
470 virtio_scsi_handle_ctrl_req(s, req);
471 }
472 return progress;
473 }
474
475 static void virtio_scsi_handle_ctrl(VirtIODevice *vdev, VirtQueue *vq)
476 {
477 VirtIOSCSI *s = (VirtIOSCSI *)vdev;
478
479 if (s->ctx) {
480 virtio_device_start_ioeventfd(vdev);
481 if (!s->dataplane_fenced) {
482 return;
483 }
484 }
485 virtio_scsi_acquire(s);
486 virtio_scsi_handle_ctrl_vq(s, vq);
487 virtio_scsi_release(s);
488 }
489
490 static void virtio_scsi_complete_cmd_req(VirtIOSCSIReq *req)
491 {
492 trace_virtio_scsi_cmd_resp(virtio_scsi_get_lun(req->req.cmd.lun),
493 req->req.cmd.tag,
494 req->resp.cmd.response,
495 req->resp.cmd.status);
496 /* Sense data is not in req->resp and is copied separately
497 * in virtio_scsi_command_complete.
498 */
499 req->resp_size = sizeof(VirtIOSCSICmdResp);
500 virtio_scsi_complete_req(req);
501 }
502
503 static void virtio_scsi_command_failed(SCSIRequest *r)
504 {
505 VirtIOSCSIReq *req = r->hba_private;
506
507 if (r->io_canceled) {
508 return;
509 }
510
511 req->resp.cmd.status = GOOD;
512 switch (r->host_status) {
513 case SCSI_HOST_NO_LUN:
514 req->resp.cmd.response = VIRTIO_SCSI_S_INCORRECT_LUN;
515 break;
516 case SCSI_HOST_BUSY:
517 req->resp.cmd.response = VIRTIO_SCSI_S_BUSY;
518 break;
519 case SCSI_HOST_TIME_OUT:
520 case SCSI_HOST_ABORTED:
521 req->resp.cmd.response = VIRTIO_SCSI_S_ABORTED;
522 break;
523 case SCSI_HOST_BAD_RESPONSE:
524 req->resp.cmd.response = VIRTIO_SCSI_S_BAD_TARGET;
525 break;
526 case SCSI_HOST_RESET:
527 req->resp.cmd.response = VIRTIO_SCSI_S_RESET;
528 break;
529 case SCSI_HOST_TRANSPORT_DISRUPTED:
530 req->resp.cmd.response = VIRTIO_SCSI_S_TRANSPORT_FAILURE;
531 break;
532 case SCSI_HOST_TARGET_FAILURE:
533 req->resp.cmd.response = VIRTIO_SCSI_S_TARGET_FAILURE;
534 break;
535 case SCSI_HOST_RESERVATION_ERROR:
536 req->resp.cmd.response = VIRTIO_SCSI_S_NEXUS_FAILURE;
537 break;
538 case SCSI_HOST_ALLOCATION_FAILURE:
539 case SCSI_HOST_MEDIUM_ERROR:
540 case SCSI_HOST_ERROR:
541 default:
542 req->resp.cmd.response = VIRTIO_SCSI_S_FAILURE;
543 break;
544 }
545 virtio_scsi_complete_cmd_req(req);
546 }
547
548 static void virtio_scsi_command_complete(SCSIRequest *r, size_t resid)
549 {
550 VirtIOSCSIReq *req = r->hba_private;
551 uint8_t sense[SCSI_SENSE_BUF_SIZE];
552 uint32_t sense_len;
553 VirtIODevice *vdev = VIRTIO_DEVICE(req->dev);
554
555 if (r->io_canceled) {
556 return;
557 }
558
559 req->resp.cmd.response = VIRTIO_SCSI_S_OK;
560 req->resp.cmd.status = r->status;
561 if (req->resp.cmd.status == GOOD) {
562 req->resp.cmd.resid = virtio_tswap32(vdev, resid);
563 } else {
564 req->resp.cmd.resid = 0;
565 sense_len = scsi_req_get_sense(r, sense, sizeof(sense));
566 sense_len = MIN(sense_len, req->resp_iov.size - sizeof(req->resp.cmd));
567 qemu_iovec_from_buf(&req->resp_iov, sizeof(req->resp.cmd),
568 sense, sense_len);
569 req->resp.cmd.sense_len = virtio_tswap32(vdev, sense_len);
570 }
571 virtio_scsi_complete_cmd_req(req);
572 }
573
574 static int virtio_scsi_parse_cdb(SCSIDevice *dev, SCSICommand *cmd,
575 uint8_t *buf, void *hba_private)
576 {
577 VirtIOSCSIReq *req = hba_private;
578
579 if (cmd->len == 0) {
580 cmd->len = MIN(VIRTIO_SCSI_CDB_DEFAULT_SIZE, SCSI_CMD_BUF_SIZE);
581 memcpy(cmd->buf, buf, cmd->len);
582 }
583
584 /* Extract the direction and mode directly from the request, for
585 * host device passthrough.
586 */
587 cmd->xfer = req->qsgl.size;
588 cmd->mode = req->mode;
589 return 0;
590 }
591
592 static QEMUSGList *virtio_scsi_get_sg_list(SCSIRequest *r)
593 {
594 VirtIOSCSIReq *req = r->hba_private;
595
596 return &req->qsgl;
597 }
598
599 static void virtio_scsi_request_cancelled(SCSIRequest *r)
600 {
601 VirtIOSCSIReq *req = r->hba_private;
602
603 if (!req) {
604 return;
605 }
606 if (req->dev->resetting) {
607 req->resp.cmd.response = VIRTIO_SCSI_S_RESET;
608 } else {
609 req->resp.cmd.response = VIRTIO_SCSI_S_ABORTED;
610 }
611 virtio_scsi_complete_cmd_req(req);
612 }
613
614 static void virtio_scsi_fail_cmd_req(VirtIOSCSIReq *req)
615 {
616 req->resp.cmd.response = VIRTIO_SCSI_S_FAILURE;
617 virtio_scsi_complete_cmd_req(req);
618 }
619
620 static int virtio_scsi_handle_cmd_req_prepare(VirtIOSCSI *s, VirtIOSCSIReq *req)
621 {
622 VirtIOSCSICommon *vs = &s->parent_obj;
623 SCSIDevice *d;
624 int rc;
625
626 rc = virtio_scsi_parse_req(req, sizeof(VirtIOSCSICmdReq) + vs->cdb_size,
627 sizeof(VirtIOSCSICmdResp) + vs->sense_size);
628 if (rc < 0) {
629 if (rc == -ENOTSUP) {
630 virtio_scsi_fail_cmd_req(req);
631 return -ENOTSUP;
632 } else {
633 virtio_scsi_bad_req(req);
634 return -EINVAL;
635 }
636 }
637 trace_virtio_scsi_cmd_req(virtio_scsi_get_lun(req->req.cmd.lun),
638 req->req.cmd.tag, req->req.cmd.cdb[0]);
639
640 d = virtio_scsi_device_get(s, req->req.cmd.lun);
641 if (!d) {
642 req->resp.cmd.response = VIRTIO_SCSI_S_BAD_TARGET;
643 virtio_scsi_complete_cmd_req(req);
644 return -ENOENT;
645 }
646 virtio_scsi_ctx_check(s, d);
647 req->sreq = scsi_req_new(d, req->req.cmd.tag,
648 virtio_scsi_get_lun(req->req.cmd.lun),
649 req->req.cmd.cdb, req);
650
651 if (req->sreq->cmd.mode != SCSI_XFER_NONE
652 && (req->sreq->cmd.mode != req->mode ||
653 req->sreq->cmd.xfer > req->qsgl.size)) {
654 req->resp.cmd.response = VIRTIO_SCSI_S_OVERRUN;
655 virtio_scsi_complete_cmd_req(req);
656 object_unref(OBJECT(d));
657 return -ENOBUFS;
658 }
659 scsi_req_ref(req->sreq);
660 blk_io_plug(d->conf.blk);
661 object_unref(OBJECT(d));
662 return 0;
663 }
664
665 static void virtio_scsi_handle_cmd_req_submit(VirtIOSCSI *s, VirtIOSCSIReq *req)
666 {
667 SCSIRequest *sreq = req->sreq;
668 if (scsi_req_enqueue(sreq)) {
669 scsi_req_continue(sreq);
670 }
671 blk_io_unplug(sreq->dev->conf.blk);
672 scsi_req_unref(sreq);
673 }
674
675 bool virtio_scsi_handle_cmd_vq(VirtIOSCSI *s, VirtQueue *vq)
676 {
677 VirtIOSCSIReq *req, *next;
678 int ret = 0;
679 bool suppress_notifications = virtio_queue_get_notification(vq);
680 bool progress = false;
681
682 QTAILQ_HEAD(, VirtIOSCSIReq) reqs = QTAILQ_HEAD_INITIALIZER(reqs);
683
684 do {
685 if (suppress_notifications) {
686 virtio_queue_set_notification(vq, 0);
687 }
688
689 while ((req = virtio_scsi_pop_req(s, vq))) {
690 progress = true;
691 ret = virtio_scsi_handle_cmd_req_prepare(s, req);
692 if (!ret) {
693 QTAILQ_INSERT_TAIL(&reqs, req, next);
694 } else if (ret == -EINVAL) {
695 /* The device is broken and shouldn't process any request */
696 while (!QTAILQ_EMPTY(&reqs)) {
697 req = QTAILQ_FIRST(&reqs);
698 QTAILQ_REMOVE(&reqs, req, next);
699 blk_io_unplug(req->sreq->dev->conf.blk);
700 scsi_req_unref(req->sreq);
701 virtqueue_detach_element(req->vq, &req->elem, 0);
702 virtio_scsi_free_req(req);
703 }
704 }
705 }
706
707 if (suppress_notifications) {
708 virtio_queue_set_notification(vq, 1);
709 }
710 } while (ret != -EINVAL && !virtio_queue_empty(vq));
711
712 QTAILQ_FOREACH_SAFE(req, &reqs, next, next) {
713 virtio_scsi_handle_cmd_req_submit(s, req);
714 }
715 return progress;
716 }
717
718 static void virtio_scsi_handle_cmd(VirtIODevice *vdev, VirtQueue *vq)
719 {
720 /* use non-QOM casts in the data path */
721 VirtIOSCSI *s = (VirtIOSCSI *)vdev;
722
723 if (s->ctx) {
724 virtio_device_start_ioeventfd(vdev);
725 if (!s->dataplane_fenced) {
726 return;
727 }
728 }
729 virtio_scsi_acquire(s);
730 virtio_scsi_handle_cmd_vq(s, vq);
731 virtio_scsi_release(s);
732 }
733
734 static void virtio_scsi_get_config(VirtIODevice *vdev,
735 uint8_t *config)
736 {
737 VirtIOSCSIConfig *scsiconf = (VirtIOSCSIConfig *)config;
738 VirtIOSCSICommon *s = VIRTIO_SCSI_COMMON(vdev);
739
740 virtio_stl_p(vdev, &scsiconf->num_queues, s->conf.num_queues);
741 virtio_stl_p(vdev, &scsiconf->seg_max,
742 s->conf.seg_max_adjust ? s->conf.virtqueue_size - 2 : 128 - 2);
743 virtio_stl_p(vdev, &scsiconf->max_sectors, s->conf.max_sectors);
744 virtio_stl_p(vdev, &scsiconf->cmd_per_lun, s->conf.cmd_per_lun);
745 virtio_stl_p(vdev, &scsiconf->event_info_size, sizeof(VirtIOSCSIEvent));
746 virtio_stl_p(vdev, &scsiconf->sense_size, s->sense_size);
747 virtio_stl_p(vdev, &scsiconf->cdb_size, s->cdb_size);
748 virtio_stw_p(vdev, &scsiconf->max_channel, VIRTIO_SCSI_MAX_CHANNEL);
749 virtio_stw_p(vdev, &scsiconf->max_target, VIRTIO_SCSI_MAX_TARGET);
750 virtio_stl_p(vdev, &scsiconf->max_lun, VIRTIO_SCSI_MAX_LUN);
751 }
752
753 static void virtio_scsi_set_config(VirtIODevice *vdev,
754 const uint8_t *config)
755 {
756 VirtIOSCSIConfig *scsiconf = (VirtIOSCSIConfig *)config;
757 VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(vdev);
758
759 if ((uint32_t) virtio_ldl_p(vdev, &scsiconf->sense_size) >= 65536 ||
760 (uint32_t) virtio_ldl_p(vdev, &scsiconf->cdb_size) >= 256) {
761 virtio_error(vdev,
762 "bad data written to virtio-scsi configuration space");
763 return;
764 }
765
766 vs->sense_size = virtio_ldl_p(vdev, &scsiconf->sense_size);
767 vs->cdb_size = virtio_ldl_p(vdev, &scsiconf->cdb_size);
768 }
769
770 static uint64_t virtio_scsi_get_features(VirtIODevice *vdev,
771 uint64_t requested_features,
772 Error **errp)
773 {
774 VirtIOSCSI *s = VIRTIO_SCSI(vdev);
775
776 /* Firstly sync all virtio-scsi possible supported features */
777 requested_features |= s->host_features;
778 return requested_features;
779 }
780
781 static void virtio_scsi_reset(VirtIODevice *vdev)
782 {
783 VirtIOSCSI *s = VIRTIO_SCSI(vdev);
784 VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(vdev);
785
786 assert(!s->dataplane_started);
787 s->resetting++;
788 qbus_reset_all(BUS(&s->bus));
789 s->resetting--;
790
791 vs->sense_size = VIRTIO_SCSI_SENSE_DEFAULT_SIZE;
792 vs->cdb_size = VIRTIO_SCSI_CDB_DEFAULT_SIZE;
793 s->events_dropped = false;
794 }
795
796 void virtio_scsi_push_event(VirtIOSCSI *s, SCSIDevice *dev,
797 uint32_t event, uint32_t reason)
798 {
799 VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(s);
800 VirtIOSCSIReq *req;
801 VirtIOSCSIEvent *evt;
802 VirtIODevice *vdev = VIRTIO_DEVICE(s);
803
804 if (!(vdev->status & VIRTIO_CONFIG_S_DRIVER_OK)) {
805 return;
806 }
807
808 req = virtio_scsi_pop_req(s, vs->event_vq);
809 if (!req) {
810 s->events_dropped = true;
811 return;
812 }
813
814 if (s->events_dropped) {
815 event |= VIRTIO_SCSI_T_EVENTS_MISSED;
816 s->events_dropped = false;
817 }
818
819 if (virtio_scsi_parse_req(req, 0, sizeof(VirtIOSCSIEvent))) {
820 virtio_scsi_bad_req(req);
821 return;
822 }
823
824 evt = &req->resp.event;
825 memset(evt, 0, sizeof(VirtIOSCSIEvent));
826 evt->event = virtio_tswap32(vdev, event);
827 evt->reason = virtio_tswap32(vdev, reason);
828 if (!dev) {
829 assert(event == VIRTIO_SCSI_T_EVENTS_MISSED);
830 } else {
831 evt->lun[0] = 1;
832 evt->lun[1] = dev->id;
833
834 /* Linux wants us to keep the same encoding we use for REPORT LUNS. */
835 if (dev->lun >= 256) {
836 evt->lun[2] = (dev->lun >> 8) | 0x40;
837 }
838 evt->lun[3] = dev->lun & 0xFF;
839 }
840 trace_virtio_scsi_event(virtio_scsi_get_lun(evt->lun), event, reason);
841
842 virtio_scsi_complete_req(req);
843 }
844
845 bool virtio_scsi_handle_event_vq(VirtIOSCSI *s, VirtQueue *vq)
846 {
847 if (s->events_dropped) {
848 virtio_scsi_push_event(s, NULL, VIRTIO_SCSI_T_NO_EVENT, 0);
849 return true;
850 }
851 return false;
852 }
853
854 static void virtio_scsi_handle_event(VirtIODevice *vdev, VirtQueue *vq)
855 {
856 VirtIOSCSI *s = VIRTIO_SCSI(vdev);
857
858 if (s->ctx) {
859 virtio_device_start_ioeventfd(vdev);
860 if (!s->dataplane_fenced) {
861 return;
862 }
863 }
864 virtio_scsi_acquire(s);
865 virtio_scsi_handle_event_vq(s, vq);
866 virtio_scsi_release(s);
867 }
868
869 static void virtio_scsi_change(SCSIBus *bus, SCSIDevice *dev, SCSISense sense)
870 {
871 VirtIOSCSI *s = container_of(bus, VirtIOSCSI, bus);
872 VirtIODevice *vdev = VIRTIO_DEVICE(s);
873
874 if (virtio_vdev_has_feature(vdev, VIRTIO_SCSI_F_CHANGE) &&
875 dev->type != TYPE_ROM) {
876 virtio_scsi_acquire(s);
877 virtio_scsi_push_event(s, dev, VIRTIO_SCSI_T_PARAM_CHANGE,
878 sense.asc | (sense.ascq << 8));
879 virtio_scsi_release(s);
880 }
881 }
882
883 static void virtio_scsi_pre_hotplug(HotplugHandler *hotplug_dev,
884 DeviceState *dev, Error **errp)
885 {
886 SCSIDevice *sd = SCSI_DEVICE(dev);
887 sd->hba_supports_iothread = true;
888 }
889
890 static void virtio_scsi_hotplug(HotplugHandler *hotplug_dev, DeviceState *dev,
891 Error **errp)
892 {
893 VirtIODevice *vdev = VIRTIO_DEVICE(hotplug_dev);
894 VirtIOSCSI *s = VIRTIO_SCSI(vdev);
895 SCSIDevice *sd = SCSI_DEVICE(dev);
896 AioContext *old_context;
897 int ret;
898
899 if (s->ctx && !s->dataplane_fenced) {
900 if (blk_op_is_blocked(sd->conf.blk, BLOCK_OP_TYPE_DATAPLANE, errp)) {
901 return;
902 }
903 old_context = blk_get_aio_context(sd->conf.blk);
904 aio_context_acquire(old_context);
905 ret = blk_set_aio_context(sd->conf.blk, s->ctx, errp);
906 aio_context_release(old_context);
907 if (ret < 0) {
908 return;
909 }
910 }
911
912 if (virtio_vdev_has_feature(vdev, VIRTIO_SCSI_F_HOTPLUG)) {
913 virtio_scsi_acquire(s);
914 virtio_scsi_push_event(s, sd,
915 VIRTIO_SCSI_T_TRANSPORT_RESET,
916 VIRTIO_SCSI_EVT_RESET_RESCAN);
917 virtio_scsi_release(s);
918 }
919 }
920
921 static void virtio_scsi_hotunplug(HotplugHandler *hotplug_dev, DeviceState *dev,
922 Error **errp)
923 {
924 VirtIODevice *vdev = VIRTIO_DEVICE(hotplug_dev);
925 VirtIOSCSI *s = VIRTIO_SCSI(vdev);
926 SCSIDevice *sd = SCSI_DEVICE(dev);
927 AioContext *ctx = s->ctx ?: qemu_get_aio_context();
928
929 if (virtio_vdev_has_feature(vdev, VIRTIO_SCSI_F_HOTPLUG)) {
930 virtio_scsi_acquire(s);
931 virtio_scsi_push_event(s, sd,
932 VIRTIO_SCSI_T_TRANSPORT_RESET,
933 VIRTIO_SCSI_EVT_RESET_REMOVED);
934 virtio_scsi_release(s);
935 }
936
937 aio_disable_external(ctx);
938 qdev_simple_device_unplug_cb(hotplug_dev, dev, errp);
939 aio_enable_external(ctx);
940
941 if (s->ctx) {
942 virtio_scsi_acquire(s);
943 /* If other users keep the BlockBackend in the iothread, that's ok */
944 blk_set_aio_context(sd->conf.blk, qemu_get_aio_context(), NULL);
945 virtio_scsi_release(s);
946 }
947 }
948
949 static struct SCSIBusInfo virtio_scsi_scsi_info = {
950 .tcq = true,
951 .max_channel = VIRTIO_SCSI_MAX_CHANNEL,
952 .max_target = VIRTIO_SCSI_MAX_TARGET,
953 .max_lun = VIRTIO_SCSI_MAX_LUN,
954
955 .complete = virtio_scsi_command_complete,
956 .fail = virtio_scsi_command_failed,
957 .cancel = virtio_scsi_request_cancelled,
958 .change = virtio_scsi_change,
959 .parse_cdb = virtio_scsi_parse_cdb,
960 .get_sg_list = virtio_scsi_get_sg_list,
961 .save_request = virtio_scsi_save_request,
962 .load_request = virtio_scsi_load_request,
963 };
964
965 void virtio_scsi_common_realize(DeviceState *dev,
966 VirtIOHandleOutput ctrl,
967 VirtIOHandleOutput evt,
968 VirtIOHandleOutput cmd,
969 Error **errp)
970 {
971 VirtIODevice *vdev = VIRTIO_DEVICE(dev);
972 VirtIOSCSICommon *s = VIRTIO_SCSI_COMMON(dev);
973 int i;
974
975 virtio_init(vdev, "virtio-scsi", VIRTIO_ID_SCSI,
976 sizeof(VirtIOSCSIConfig));
977
978 if (s->conf.num_queues == VIRTIO_SCSI_AUTO_NUM_QUEUES) {
979 s->conf.num_queues = 1;
980 }
981 if (s->conf.num_queues == 0 ||
982 s->conf.num_queues > VIRTIO_QUEUE_MAX - VIRTIO_SCSI_VQ_NUM_FIXED) {
983 error_setg(errp, "Invalid number of queues (= %" PRIu32 "), "
984 "must be a positive integer less than %d.",
985 s->conf.num_queues,
986 VIRTIO_QUEUE_MAX - VIRTIO_SCSI_VQ_NUM_FIXED);
987 virtio_cleanup(vdev);
988 return;
989 }
990 if (s->conf.virtqueue_size <= 2) {
991 error_setg(errp, "invalid virtqueue_size property (= %" PRIu32 "), "
992 "must be > 2", s->conf.virtqueue_size);
993 return;
994 }
995 s->cmd_vqs = g_new0(VirtQueue *, s->conf.num_queues);
996 s->sense_size = VIRTIO_SCSI_SENSE_DEFAULT_SIZE;
997 s->cdb_size = VIRTIO_SCSI_CDB_DEFAULT_SIZE;
998
999 s->ctrl_vq = virtio_add_queue(vdev, s->conf.virtqueue_size, ctrl);
1000 s->event_vq = virtio_add_queue(vdev, s->conf.virtqueue_size, evt);
1001 for (i = 0; i < s->conf.num_queues; i++) {
1002 s->cmd_vqs[i] = virtio_add_queue(vdev, s->conf.virtqueue_size, cmd);
1003 }
1004 }
1005
1006 static void virtio_scsi_device_realize(DeviceState *dev, Error **errp)
1007 {
1008 VirtIODevice *vdev = VIRTIO_DEVICE(dev);
1009 VirtIOSCSI *s = VIRTIO_SCSI(dev);
1010 Error *err = NULL;
1011
1012 virtio_scsi_common_realize(dev,
1013 virtio_scsi_handle_ctrl,
1014 virtio_scsi_handle_event,
1015 virtio_scsi_handle_cmd,
1016 &err);
1017 if (err != NULL) {
1018 error_propagate(errp, err);
1019 return;
1020 }
1021
1022 scsi_bus_new(&s->bus, sizeof(s->bus), dev,
1023 &virtio_scsi_scsi_info, vdev->bus_name);
1024 /* override default SCSI bus hotplug-handler, with virtio-scsi's one */
1025 qbus_set_hotplug_handler(BUS(&s->bus), OBJECT(dev));
1026
1027 virtio_scsi_dataplane_setup(s, errp);
1028 }
1029
1030 void virtio_scsi_common_unrealize(DeviceState *dev)
1031 {
1032 VirtIODevice *vdev = VIRTIO_DEVICE(dev);
1033 VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(dev);
1034 int i;
1035
1036 virtio_delete_queue(vs->ctrl_vq);
1037 virtio_delete_queue(vs->event_vq);
1038 for (i = 0; i < vs->conf.num_queues; i++) {
1039 virtio_delete_queue(vs->cmd_vqs[i]);
1040 }
1041 g_free(vs->cmd_vqs);
1042 virtio_cleanup(vdev);
1043 }
1044
1045 static void virtio_scsi_device_unrealize(DeviceState *dev)
1046 {
1047 VirtIOSCSI *s = VIRTIO_SCSI(dev);
1048
1049 qbus_set_hotplug_handler(BUS(&s->bus), NULL);
1050 virtio_scsi_common_unrealize(dev);
1051 }
1052
1053 static Property virtio_scsi_properties[] = {
1054 DEFINE_PROP_UINT32("num_queues", VirtIOSCSI, parent_obj.conf.num_queues,
1055 VIRTIO_SCSI_AUTO_NUM_QUEUES),
1056 DEFINE_PROP_UINT32("virtqueue_size", VirtIOSCSI,
1057 parent_obj.conf.virtqueue_size, 256),
1058 DEFINE_PROP_BOOL("seg_max_adjust", VirtIOSCSI,
1059 parent_obj.conf.seg_max_adjust, true),
1060 DEFINE_PROP_UINT32("max_sectors", VirtIOSCSI, parent_obj.conf.max_sectors,
1061 0xFFFF),
1062 DEFINE_PROP_UINT32("cmd_per_lun", VirtIOSCSI, parent_obj.conf.cmd_per_lun,
1063 128),
1064 DEFINE_PROP_BIT("hotplug", VirtIOSCSI, host_features,
1065 VIRTIO_SCSI_F_HOTPLUG, true),
1066 DEFINE_PROP_BIT("param_change", VirtIOSCSI, host_features,
1067 VIRTIO_SCSI_F_CHANGE, true),
1068 DEFINE_PROP_LINK("iothread", VirtIOSCSI, parent_obj.conf.iothread,
1069 TYPE_IOTHREAD, IOThread *),
1070 DEFINE_PROP_END_OF_LIST(),
1071 };
1072
1073 static const VMStateDescription vmstate_virtio_scsi = {
1074 .name = "virtio-scsi",
1075 .minimum_version_id = 1,
1076 .version_id = 1,
1077 .fields = (VMStateField[]) {
1078 VMSTATE_VIRTIO_DEVICE,
1079 VMSTATE_END_OF_LIST()
1080 },
1081 };
1082
1083 static void virtio_scsi_common_class_init(ObjectClass *klass, void *data)
1084 {
1085 VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);
1086 DeviceClass *dc = DEVICE_CLASS(klass);
1087
1088 vdc->get_config = virtio_scsi_get_config;
1089 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
1090 }
1091
1092 static void virtio_scsi_class_init(ObjectClass *klass, void *data)
1093 {
1094 DeviceClass *dc = DEVICE_CLASS(klass);
1095 VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);
1096 HotplugHandlerClass *hc = HOTPLUG_HANDLER_CLASS(klass);
1097
1098 device_class_set_props(dc, virtio_scsi_properties);
1099 dc->vmsd = &vmstate_virtio_scsi;
1100 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
1101 vdc->realize = virtio_scsi_device_realize;
1102 vdc->unrealize = virtio_scsi_device_unrealize;
1103 vdc->set_config = virtio_scsi_set_config;
1104 vdc->get_features = virtio_scsi_get_features;
1105 vdc->reset = virtio_scsi_reset;
1106 vdc->start_ioeventfd = virtio_scsi_dataplane_start;
1107 vdc->stop_ioeventfd = virtio_scsi_dataplane_stop;
1108 hc->pre_plug = virtio_scsi_pre_hotplug;
1109 hc->plug = virtio_scsi_hotplug;
1110 hc->unplug = virtio_scsi_hotunplug;
1111 }
1112
1113 static const TypeInfo virtio_scsi_common_info = {
1114 .name = TYPE_VIRTIO_SCSI_COMMON,
1115 .parent = TYPE_VIRTIO_DEVICE,
1116 .instance_size = sizeof(VirtIOSCSICommon),
1117 .abstract = true,
1118 .class_init = virtio_scsi_common_class_init,
1119 };
1120
1121 static const TypeInfo virtio_scsi_info = {
1122 .name = TYPE_VIRTIO_SCSI,
1123 .parent = TYPE_VIRTIO_SCSI_COMMON,
1124 .instance_size = sizeof(VirtIOSCSI),
1125 .class_init = virtio_scsi_class_init,
1126 .interfaces = (InterfaceInfo[]) {
1127 { TYPE_HOTPLUG_HANDLER },
1128 { }
1129 }
1130 };
1131
1132 static void virtio_register_types(void)
1133 {
1134 type_register_static(&virtio_scsi_common_info);
1135 type_register_static(&virtio_scsi_info);
1136 }
1137
1138 type_init(virtio_register_types)
AR7 emulation for QEMU