search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
scsi: introduce scsi_sense_from_errno()
[qemu/kevin.git] / hw / scsi / scsi-disk.c
blob9c6099ffc438cb6f4cfafa662235edb49ea0746b
1 /*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
14 *
15 * This code is licensed under the LGPL.
16 *
17 * Note that this file only handles the SCSI architecture model and device
18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
20 */
21
22 #include "qemu/osdep.h"
23 #include "qemu/units.h"
24 #include "qapi/error.h"
25 #include "qemu/error-report.h"
26 #include "qemu/main-loop.h"
27 #include "qemu/module.h"
28 #include "hw/scsi/scsi.h"
29 #include "migration/qemu-file-types.h"
30 #include "migration/vmstate.h"
31 #include "hw/scsi/emulation.h"
32 #include "scsi/constants.h"
33 #include "sysemu/block-backend.h"
34 #include "sysemu/blockdev.h"
35 #include "hw/block/block.h"
36 #include "hw/qdev-properties.h"
37 #include "hw/qdev-properties-system.h"
38 #include "sysemu/dma.h"
39 #include "sysemu/sysemu.h"
40 #include "qemu/cutils.h"
41 #include "trace.h"
42 #include "qom/object.h"
43
44 #ifdef __linux
45 #include <scsi/sg.h>
46 #endif
47
48 #define SCSI_WRITE_SAME_MAX (512 * KiB)
49 #define SCSI_DMA_BUF_SIZE (128 * KiB)
50 #define SCSI_MAX_INQUIRY_LEN 256
51 #define SCSI_MAX_MODE_LEN 256
52
53 #define DEFAULT_DISCARD_GRANULARITY (4 * KiB)
54 #define DEFAULT_MAX_UNMAP_SIZE (1 * GiB)
55 #define DEFAULT_MAX_IO_SIZE INT_MAX /* 2 GB - 1 block */
56
57 #define TYPE_SCSI_DISK_BASE "scsi-disk-base"
58
59 OBJECT_DECLARE_TYPE(SCSIDiskState, SCSIDiskClass, SCSI_DISK_BASE)
60
61 struct SCSIDiskClass {
62 SCSIDeviceClass parent_class;
63 DMAIOFunc *dma_readv;
64 DMAIOFunc *dma_writev;
65 bool (*need_fua_emulation)(SCSICommand *cmd);
66 void (*update_sense)(SCSIRequest *r);
67 };
68
69 typedef struct SCSIDiskReq {
70 SCSIRequest req;
71 /* Both sector and sector_count are in terms of BDRV_SECTOR_SIZE bytes. */
72 uint64_t sector;
73 uint32_t sector_count;
74 uint32_t buflen;
75 bool started;
76 bool need_fua_emulation;
77 struct iovec iov;
78 QEMUIOVector qiov;
79 BlockAcctCookie acct;
80 unsigned char *status;
81 } SCSIDiskReq;
82
83 #define SCSI_DISK_F_REMOVABLE 0
84 #define SCSI_DISK_F_DPOFUA 1
85 #define SCSI_DISK_F_NO_REMOVABLE_DEVOPS 2
86
87 struct SCSIDiskState {
88 SCSIDevice qdev;
89 uint32_t features;
90 bool media_changed;
91 bool media_event;
92 bool eject_request;
93 uint16_t port_index;
94 uint64_t max_unmap_size;
95 uint64_t max_io_size;
96 QEMUBH *bh;
97 char *version;
98 char *serial;
99 char *vendor;
100 char *product;
101 char *device_id;
102 bool tray_open;
103 bool tray_locked;
104 /*
105 * 0x0000 - rotation rate not reported
106 * 0x0001 - non-rotating medium (SSD)
107 * 0x0002-0x0400 - reserved
108 * 0x0401-0xffe - rotations per minute
109 * 0xffff - reserved
110 */
111 uint16_t rotation_rate;
112 };
113
114 static void scsi_free_request(SCSIRequest *req)
115 {
116 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
117
118 qemu_vfree(r->iov.iov_base);
119 }
120
121 /* Helper function for command completion with sense. */
122 static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
123 {
124 trace_scsi_disk_check_condition(r->req.tag, sense.key, sense.asc,
125 sense.ascq);
126 scsi_req_build_sense(&r->req, sense);
127 scsi_req_complete(&r->req, CHECK_CONDITION);
128 }
129
130 static void scsi_init_iovec(SCSIDiskReq *r, size_t size)
131 {
132 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
133
134 if (!r->iov.iov_base) {
135 r->buflen = size;
136 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
137 }
138 r->iov.iov_len = MIN(r->sector_count * BDRV_SECTOR_SIZE, r->buflen);
139 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
140 }
141
142 static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req)
143 {
144 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
145
146 qemu_put_be64s(f, &r->sector);
147 qemu_put_be32s(f, &r->sector_count);
148 qemu_put_be32s(f, &r->buflen);
149 if (r->buflen) {
150 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
151 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
152 } else if (!req->retry) {
153 uint32_t len = r->iov.iov_len;
154 qemu_put_be32s(f, &len);
155 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
156 }
157 }
158 }
159
160 static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req)
161 {
162 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
163
164 qemu_get_be64s(f, &r->sector);
165 qemu_get_be32s(f, &r->sector_count);
166 qemu_get_be32s(f, &r->buflen);
167 if (r->buflen) {
168 scsi_init_iovec(r, r->buflen);
169 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
170 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
171 } else if (!r->req.retry) {
172 uint32_t len;
173 qemu_get_be32s(f, &len);
174 r->iov.iov_len = len;
175 assert(r->iov.iov_len <= r->buflen);
176 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
177 }
178 }
179
180 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
181 }
182
183 /*
184 * scsi_handle_rw_error has two return values. False means that the error
185 * must be ignored, true means that the error has been processed and the
186 * caller should not do anything else for this request. Note that
187 * scsi_handle_rw_error always manages its reference counts, independent
188 * of the return value.
189 */
190 static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed)
191 {
192 bool is_read = (r->req.cmd.mode == SCSI_XFER_FROM_DEV);
193 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
194 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
195 BlockErrorAction action = blk_get_error_action(s->qdev.conf.blk,
196 is_read, error);
197 SCSISense sense;
198
199 if (action == BLOCK_ERROR_ACTION_REPORT) {
200 if (acct_failed) {
201 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
202 }
203 if (error == 0) {
204 /* A passthrough command has run and has produced sense data; check
205 * whether the error has to be handled by the guest or should rather
206 * pause the host.
207 */
208 assert(r->status && *r->status);
209 if (scsi_sense_buf_is_guest_recoverable(r->req.sense, sizeof(r->req.sense))) {
210 /* These errors are handled by guest. */
211 sdc->update_sense(&r->req);
212 scsi_req_complete(&r->req, *r->status);
213 return true;
214 }
215 error = scsi_sense_buf_to_errno(r->req.sense, sizeof(r->req.sense));
216 } else {
217 int status = scsi_sense_from_errno(error, &sense);
218 if (status == CHECK_CONDITION) {
219 scsi_req_build_sense(&r->req, sense);
220 }
221 scsi_req_complete(&r->req, status);
222 }
223 }
224
225 blk_error_action(s->qdev.conf.blk, action, is_read, error);
226 if (action == BLOCK_ERROR_ACTION_IGNORE) {
227 return false;
228 }
229
230 if (action == BLOCK_ERROR_ACTION_STOP) {
231 scsi_req_retry(&r->req);
232 }
233 return true;
234 }
235
236 static bool scsi_disk_req_check_error(SCSIDiskReq *r, int ret, bool acct_failed)
237 {
238 if (r->req.io_canceled) {
239 scsi_req_cancel_complete(&r->req);
240 return true;
241 }
242
243 if (ret < 0 || (r->status && *r->status)) {
244 return scsi_handle_rw_error(r, -ret, acct_failed);
245 }
246
247 return false;
248 }
249
250 static void scsi_aio_complete(void *opaque, int ret)
251 {
252 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
253 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
254
255 assert(r->req.aiocb != NULL);
256 r->req.aiocb = NULL;
257 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
258 if (scsi_disk_req_check_error(r, ret, true)) {
259 goto done;
260 }
261
262 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
263 scsi_req_complete(&r->req, GOOD);
264
265 done:
266 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
267 scsi_req_unref(&r->req);
268 }
269
270 static bool scsi_is_cmd_fua(SCSICommand *cmd)
271 {
272 switch (cmd->buf[0]) {
273 case READ_10:
274 case READ_12:
275 case READ_16:
276 case WRITE_10:
277 case WRITE_12:
278 case WRITE_16:
279 return (cmd->buf[1] & 8) != 0;
280
281 case VERIFY_10:
282 case VERIFY_12:
283 case VERIFY_16:
284 case WRITE_VERIFY_10:
285 case WRITE_VERIFY_12:
286 case WRITE_VERIFY_16:
287 return true;
288
289 case READ_6:
290 case WRITE_6:
291 default:
292 return false;
293 }
294 }
295
296 static void scsi_write_do_fua(SCSIDiskReq *r)
297 {
298 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
299
300 assert(r->req.aiocb == NULL);
301 assert(!r->req.io_canceled);
302
303 if (r->need_fua_emulation) {
304 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
305 BLOCK_ACCT_FLUSH);
306 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
307 return;
308 }
309
310 scsi_req_complete(&r->req, GOOD);
311 scsi_req_unref(&r->req);
312 }
313
314 static void scsi_dma_complete_noio(SCSIDiskReq *r, int ret)
315 {
316 assert(r->req.aiocb == NULL);
317 if (scsi_disk_req_check_error(r, ret, false)) {
318 goto done;
319 }
320
321 r->sector += r->sector_count;
322 r->sector_count = 0;
323 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
324 scsi_write_do_fua(r);
325 return;
326 } else {
327 scsi_req_complete(&r->req, GOOD);
328 }
329
330 done:
331 scsi_req_unref(&r->req);
332 }
333
334 static void scsi_dma_complete(void *opaque, int ret)
335 {
336 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
337 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
338
339 assert(r->req.aiocb != NULL);
340 r->req.aiocb = NULL;
341
342 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
343 if (ret < 0) {
344 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
345 } else {
346 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
347 }
348 scsi_dma_complete_noio(r, ret);
349 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
350 }
351
352 static void scsi_read_complete_noio(SCSIDiskReq *r, int ret)
353 {
354 uint32_t n;
355
356 assert(r->req.aiocb == NULL);
357 if (scsi_disk_req_check_error(r, ret, false)) {
358 goto done;
359 }
360
361 n = r->qiov.size / BDRV_SECTOR_SIZE;
362 r->sector += n;
363 r->sector_count -= n;
364 scsi_req_data(&r->req, r->qiov.size);
365
366 done:
367 scsi_req_unref(&r->req);
368 }
369
370 static void scsi_read_complete(void *opaque, int ret)
371 {
372 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
373 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
374
375 assert(r->req.aiocb != NULL);
376 r->req.aiocb = NULL;
377
378 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
379 if (ret < 0) {
380 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
381 } else {
382 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
383 trace_scsi_disk_read_complete(r->req.tag, r->qiov.size);
384 }
385 scsi_read_complete_noio(r, ret);
386 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
387 }
388
389 /* Actually issue a read to the block device. */
390 static void scsi_do_read(SCSIDiskReq *r, int ret)
391 {
392 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
393 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
394
395 assert (r->req.aiocb == NULL);
396 if (scsi_disk_req_check_error(r, ret, false)) {
397 goto done;
398 }
399
400 /* The request is used as the AIO opaque value, so add a ref. */
401 scsi_req_ref(&r->req);
402
403 if (r->req.sg) {
404 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_READ);
405 r->req.resid -= r->req.sg->size;
406 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
407 r->req.sg, r->sector << BDRV_SECTOR_BITS,
408 BDRV_SECTOR_SIZE,
409 sdc->dma_readv, r, scsi_dma_complete, r,
410 DMA_DIRECTION_FROM_DEVICE);
411 } else {
412 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
413 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
414 r->qiov.size, BLOCK_ACCT_READ);
415 r->req.aiocb = sdc->dma_readv(r->sector << BDRV_SECTOR_BITS, &r->qiov,
416 scsi_read_complete, r, r);
417 }
418
419 done:
420 scsi_req_unref(&r->req);
421 }
422
423 static void scsi_do_read_cb(void *opaque, int ret)
424 {
425 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
426 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
427
428 assert (r->req.aiocb != NULL);
429 r->req.aiocb = NULL;
430
431 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
432 if (ret < 0) {
433 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
434 } else {
435 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
436 }
437 scsi_do_read(opaque, ret);
438 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
439 }
440
441 /* Read more data from scsi device into buffer. */
442 static void scsi_read_data(SCSIRequest *req)
443 {
444 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
445 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
446 bool first;
447
448 trace_scsi_disk_read_data_count(r->sector_count);
449 if (r->sector_count == 0) {
450 /* This also clears the sense buffer for REQUEST SENSE. */
451 scsi_req_complete(&r->req, GOOD);
452 return;
453 }
454
455 /* No data transfer may already be in progress */
456 assert(r->req.aiocb == NULL);
457
458 /* The request is used as the AIO opaque value, so add a ref. */
459 scsi_req_ref(&r->req);
460 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
461 trace_scsi_disk_read_data_invalid();
462 scsi_read_complete_noio(r, -EINVAL);
463 return;
464 }
465
466 if (!blk_is_available(req->dev->conf.blk)) {
467 scsi_read_complete_noio(r, -ENOMEDIUM);
468 return;
469 }
470
471 first = !r->started;
472 r->started = true;
473 if (first && r->need_fua_emulation) {
474 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
475 BLOCK_ACCT_FLUSH);
476 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_do_read_cb, r);
477 } else {
478 scsi_do_read(r, 0);
479 }
480 }
481
482 static void scsi_write_complete_noio(SCSIDiskReq *r, int ret)
483 {
484 uint32_t n;
485
486 assert (r->req.aiocb == NULL);
487 if (scsi_disk_req_check_error(r, ret, false)) {
488 goto done;
489 }
490
491 n = r->qiov.size / BDRV_SECTOR_SIZE;
492 r->sector += n;
493 r->sector_count -= n;
494 if (r->sector_count == 0) {
495 scsi_write_do_fua(r);
496 return;
497 } else {
498 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
499 trace_scsi_disk_write_complete_noio(r->req.tag, r->qiov.size);
500 scsi_req_data(&r->req, r->qiov.size);
501 }
502
503 done:
504 scsi_req_unref(&r->req);
505 }
506
507 static void scsi_write_complete(void * opaque, int ret)
508 {
509 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
510 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
511
512 assert (r->req.aiocb != NULL);
513 r->req.aiocb = NULL;
514
515 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
516 if (ret < 0) {
517 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
518 } else {
519 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
520 }
521 scsi_write_complete_noio(r, ret);
522 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
523 }
524
525 static void scsi_write_data(SCSIRequest *req)
526 {
527 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
528 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
529 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
530
531 /* No data transfer may already be in progress */
532 assert(r->req.aiocb == NULL);
533
534 /* The request is used as the AIO opaque value, so add a ref. */
535 scsi_req_ref(&r->req);
536 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
537 trace_scsi_disk_write_data_invalid();
538 scsi_write_complete_noio(r, -EINVAL);
539 return;
540 }
541
542 if (!r->req.sg && !r->qiov.size) {
543 /* Called for the first time. Ask the driver to send us more data. */
544 r->started = true;
545 scsi_write_complete_noio(r, 0);
546 return;
547 }
548 if (!blk_is_available(req->dev->conf.blk)) {
549 scsi_write_complete_noio(r, -ENOMEDIUM);
550 return;
551 }
552
553 if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 ||
554 r->req.cmd.buf[0] == VERIFY_16) {
555 if (r->req.sg) {
556 scsi_dma_complete_noio(r, 0);
557 } else {
558 scsi_write_complete_noio(r, 0);
559 }
560 return;
561 }
562
563 if (r->req.sg) {
564 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_WRITE);
565 r->req.resid -= r->req.sg->size;
566 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
567 r->req.sg, r->sector << BDRV_SECTOR_BITS,
568 BDRV_SECTOR_SIZE,
569 sdc->dma_writev, r, scsi_dma_complete, r,
570 DMA_DIRECTION_TO_DEVICE);
571 } else {
572 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
573 r->qiov.size, BLOCK_ACCT_WRITE);
574 r->req.aiocb = sdc->dma_writev(r->sector << BDRV_SECTOR_BITS, &r->qiov,
575 scsi_write_complete, r, r);
576 }
577 }
578
579 /* Return a pointer to the data buffer. */
580 static uint8_t *scsi_get_buf(SCSIRequest *req)
581 {
582 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
583
584 return (uint8_t *)r->iov.iov_base;
585 }
586
587 static int scsi_disk_emulate_vpd_page(SCSIRequest *req, uint8_t *outbuf)
588 {
589 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
590 uint8_t page_code = req->cmd.buf[2];
591 int start, buflen = 0;
592
593 outbuf[buflen++] = s->qdev.type & 0x1f;
594 outbuf[buflen++] = page_code;
595 outbuf[buflen++] = 0x00;
596 outbuf[buflen++] = 0x00;
597 start = buflen;
598
599 switch (page_code) {
600 case 0x00: /* Supported page codes, mandatory */
601 {
602 trace_scsi_disk_emulate_vpd_page_00(req->cmd.xfer);
603 outbuf[buflen++] = 0x00; /* list of supported pages (this page) */
604 if (s->serial) {
605 outbuf[buflen++] = 0x80; /* unit serial number */
606 }
607 outbuf[buflen++] = 0x83; /* device identification */
608 if (s->qdev.type == TYPE_DISK) {
609 outbuf[buflen++] = 0xb0; /* block limits */
610 outbuf[buflen++] = 0xb1; /* block device characteristics */
611 outbuf[buflen++] = 0xb2; /* thin provisioning */
612 }
613 break;
614 }
615 case 0x80: /* Device serial number, optional */
616 {
617 int l;
618
619 if (!s->serial) {
620 trace_scsi_disk_emulate_vpd_page_80_not_supported();
621 return -1;
622 }
623
624 l = strlen(s->serial);
625 if (l > 36) {
626 l = 36;
627 }
628
629 trace_scsi_disk_emulate_vpd_page_80(req->cmd.xfer);
630 memcpy(outbuf + buflen, s->serial, l);
631 buflen += l;
632 break;
633 }
634
635 case 0x83: /* Device identification page, mandatory */
636 {
637 int id_len = s->device_id ? MIN(strlen(s->device_id), 255 - 8) : 0;
638
639 trace_scsi_disk_emulate_vpd_page_83(req->cmd.xfer);
640
641 if (id_len) {
642 outbuf[buflen++] = 0x2; /* ASCII */
643 outbuf[buflen++] = 0; /* not officially assigned */
644 outbuf[buflen++] = 0; /* reserved */
645 outbuf[buflen++] = id_len; /* length of data following */
646 memcpy(outbuf + buflen, s->device_id, id_len);
647 buflen += id_len;
648 }
649
650 if (s->qdev.wwn) {
651 outbuf[buflen++] = 0x1; /* Binary */
652 outbuf[buflen++] = 0x3; /* NAA */
653 outbuf[buflen++] = 0; /* reserved */
654 outbuf[buflen++] = 8;
655 stq_be_p(&outbuf[buflen], s->qdev.wwn);
656 buflen += 8;
657 }
658
659 if (s->qdev.port_wwn) {
660 outbuf[buflen++] = 0x61; /* SAS / Binary */
661 outbuf[buflen++] = 0x93; /* PIV / Target port / NAA */
662 outbuf[buflen++] = 0; /* reserved */
663 outbuf[buflen++] = 8;
664 stq_be_p(&outbuf[buflen], s->qdev.port_wwn);
665 buflen += 8;
666 }
667
668 if (s->port_index) {
669 outbuf[buflen++] = 0x61; /* SAS / Binary */
670
671 /* PIV/Target port/relative target port */
672 outbuf[buflen++] = 0x94;
673
674 outbuf[buflen++] = 0; /* reserved */
675 outbuf[buflen++] = 4;
676 stw_be_p(&outbuf[buflen + 2], s->port_index);
677 buflen += 4;
678 }
679 break;
680 }
681 case 0xb0: /* block limits */
682 {
683 SCSIBlockLimits bl = {};
684
685 if (s->qdev.type == TYPE_ROM) {
686 trace_scsi_disk_emulate_vpd_page_b0_not_supported();
687 return -1;
688 }
689 bl.wsnz = 1;
690 bl.unmap_sectors =
691 s->qdev.conf.discard_granularity / s->qdev.blocksize;
692 bl.min_io_size =
693 s->qdev.conf.min_io_size / s->qdev.blocksize;
694 bl.opt_io_size =
695 s->qdev.conf.opt_io_size / s->qdev.blocksize;
696 bl.max_unmap_sectors =
697 s->max_unmap_size / s->qdev.blocksize;
698 bl.max_io_sectors =
699 s->max_io_size / s->qdev.blocksize;
700 /* 255 descriptors fit in 4 KiB with an 8-byte header */
701 bl.max_unmap_descr = 255;
702
703 if (s->qdev.type == TYPE_DISK) {
704 int max_transfer_blk = blk_get_max_transfer(s->qdev.conf.blk);
705 int max_io_sectors_blk =
706 max_transfer_blk / s->qdev.blocksize;
707
708 bl.max_io_sectors =
709 MIN_NON_ZERO(max_io_sectors_blk, bl.max_io_sectors);
710 }
711 buflen += scsi_emulate_block_limits(outbuf + buflen, &bl);
712 break;
713 }
714 case 0xb1: /* block device characteristics */
715 {
716 buflen = 0x40;
717 outbuf[4] = (s->rotation_rate >> 8) & 0xff;
718 outbuf[5] = s->rotation_rate & 0xff;
719 outbuf[6] = 0; /* PRODUCT TYPE */
720 outbuf[7] = 0; /* WABEREQ | WACEREQ | NOMINAL FORM FACTOR */
721 outbuf[8] = 0; /* VBULS */
722 break;
723 }
724 case 0xb2: /* thin provisioning */
725 {
726 buflen = 8;
727 outbuf[4] = 0;
728 outbuf[5] = 0xe0; /* unmap & write_same 10/16 all supported */
729 outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1;
730 outbuf[7] = 0;
731 break;
732 }
733 default:
734 return -1;
735 }
736 /* done with EVPD */
737 assert(buflen - start <= 255);
738 outbuf[start - 1] = buflen - start;
739 return buflen;
740 }
741
742 static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
743 {
744 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
745 int buflen = 0;
746
747 if (req->cmd.buf[1] & 0x1) {
748 /* Vital product data */
749 return scsi_disk_emulate_vpd_page(req, outbuf);
750 }
751
752 /* Standard INQUIRY data */
753 if (req->cmd.buf[2] != 0) {
754 return -1;
755 }
756
757 /* PAGE CODE == 0 */
758 buflen = req->cmd.xfer;
759 if (buflen > SCSI_MAX_INQUIRY_LEN) {
760 buflen = SCSI_MAX_INQUIRY_LEN;
761 }
762
763 outbuf[0] = s->qdev.type & 0x1f;
764 outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0;
765
766 strpadcpy((char *) &outbuf[16], 16, s->product, ' ');
767 strpadcpy((char *) &outbuf[8], 8, s->vendor, ' ');
768
769 memset(&outbuf[32], 0, 4);
770 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
771 /*
772 * We claim conformance to SPC-3, which is required for guests
773 * to ask for modern features like READ CAPACITY(16) or the
774 * block characteristics VPD page by default. Not all of SPC-3
775 * is actually implemented, but we're good enough.
776 */
777 outbuf[2] = s->qdev.default_scsi_version;
778 outbuf[3] = 2 | 0x10; /* Format 2, HiSup */
779
780 if (buflen > 36) {
781 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
782 } else {
783 /* If the allocation length of CDB is too small,
784 the additional length is not adjusted */
785 outbuf[4] = 36 - 5;
786 }
787
788 /* Sync data transfer and TCQ. */
789 outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0);
790 return buflen;
791 }
792
793 static inline bool media_is_dvd(SCSIDiskState *s)
794 {
795 uint64_t nb_sectors;
796 if (s->qdev.type != TYPE_ROM) {
797 return false;
798 }
799 if (!blk_is_available(s->qdev.conf.blk)) {
800 return false;
801 }
802 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
803 return nb_sectors > CD_MAX_SECTORS;
804 }
805
806 static inline bool media_is_cd(SCSIDiskState *s)
807 {
808 uint64_t nb_sectors;
809 if (s->qdev.type != TYPE_ROM) {
810 return false;
811 }
812 if (!blk_is_available(s->qdev.conf.blk)) {
813 return false;
814 }
815 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
816 return nb_sectors <= CD_MAX_SECTORS;
817 }
818
819 static int scsi_read_disc_information(SCSIDiskState *s, SCSIDiskReq *r,
820 uint8_t *outbuf)
821 {
822 uint8_t type = r->req.cmd.buf[1] & 7;
823
824 if (s->qdev.type != TYPE_ROM) {
825 return -1;
826 }
827
828 /* Types 1/2 are only defined for Blu-Ray. */
829 if (type != 0) {
830 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
831 return -1;
832 }
833
834 memset(outbuf, 0, 34);
835 outbuf[1] = 32;
836 outbuf[2] = 0xe; /* last session complete, disc finalized */
837 outbuf[3] = 1; /* first track on disc */
838 outbuf[4] = 1; /* # of sessions */
839 outbuf[5] = 1; /* first track of last session */
840 outbuf[6] = 1; /* last track of last session */
841 outbuf[7] = 0x20; /* unrestricted use */
842 outbuf[8] = 0x00; /* CD-ROM or DVD-ROM */
843 /* 9-10-11: most significant byte corresponding bytes 4-5-6 */
844 /* 12-23: not meaningful for CD-ROM or DVD-ROM */
845 /* 24-31: disc bar code */
846 /* 32: disc application code */
847 /* 33: number of OPC tables */
848
849 return 34;
850 }
851
852 static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r,
853 uint8_t *outbuf)
854 {
855 static const int rds_caps_size[5] = {
856 [0] = 2048 + 4,
857 [1] = 4 + 4,
858 [3] = 188 + 4,
859 [4] = 2048 + 4,
860 };
861
862 uint8_t media = r->req.cmd.buf[1];
863 uint8_t layer = r->req.cmd.buf[6];
864 uint8_t format = r->req.cmd.buf[7];
865 int size = -1;
866
867 if (s->qdev.type != TYPE_ROM) {
868 return -1;
869 }
870 if (media != 0) {
871 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
872 return -1;
873 }
874
875 if (format != 0xff) {
876 if (!blk_is_available(s->qdev.conf.blk)) {
877 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
878 return -1;
879 }
880 if (media_is_cd(s)) {
881 scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT));
882 return -1;
883 }
884 if (format >= ARRAY_SIZE(rds_caps_size)) {
885 return -1;
886 }
887 size = rds_caps_size[format];
888 memset(outbuf, 0, size);
889 }
890
891 switch (format) {
892 case 0x00: {
893 /* Physical format information */
894 uint64_t nb_sectors;
895 if (layer != 0) {
896 goto fail;
897 }
898 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
899
900 outbuf[4] = 1; /* DVD-ROM, part version 1 */
901 outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
902 outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
903 outbuf[7] = 0; /* default densities */
904
905 stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */
906 stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */
907 break;
908 }
909
910 case 0x01: /* DVD copyright information, all zeros */
911 break;
912
913 case 0x03: /* BCA information - invalid field for no BCA info */
914 return -1;
915
916 case 0x04: /* DVD disc manufacturing information, all zeros */
917 break;
918
919 case 0xff: { /* List capabilities */
920 int i;
921 size = 4;
922 for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) {
923 if (!rds_caps_size[i]) {
924 continue;
925 }
926 outbuf[size] = i;
927 outbuf[size + 1] = 0x40; /* Not writable, readable */
928 stw_be_p(&outbuf[size + 2], rds_caps_size[i]);
929 size += 4;
930 }
931 break;
932 }
933
934 default:
935 return -1;
936 }
937
938 /* Size of buffer, not including 2 byte size field */
939 stw_be_p(outbuf, size - 2);
940 return size;
941
942 fail:
943 return -1;
944 }
945
946 static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf)
947 {
948 uint8_t event_code, media_status;
949
950 media_status = 0;
951 if (s->tray_open) {
952 media_status = MS_TRAY_OPEN;
953 } else if (blk_is_inserted(s->qdev.conf.blk)) {
954 media_status = MS_MEDIA_PRESENT;
955 }
956
957 /* Event notification descriptor */
958 event_code = MEC_NO_CHANGE;
959 if (media_status != MS_TRAY_OPEN) {
960 if (s->media_event) {
961 event_code = MEC_NEW_MEDIA;
962 s->media_event = false;
963 } else if (s->eject_request) {
964 event_code = MEC_EJECT_REQUESTED;
965 s->eject_request = false;
966 }
967 }
968
969 outbuf[0] = event_code;
970 outbuf[1] = media_status;
971
972 /* These fields are reserved, just clear them. */
973 outbuf[2] = 0;
974 outbuf[3] = 0;
975 return 4;
976 }
977
978 static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r,
979 uint8_t *outbuf)
980 {
981 int size;
982 uint8_t *buf = r->req.cmd.buf;
983 uint8_t notification_class_request = buf[4];
984 if (s->qdev.type != TYPE_ROM) {
985 return -1;
986 }
987 if ((buf[1] & 1) == 0) {
988 /* asynchronous */
989 return -1;
990 }
991
992 size = 4;
993 outbuf[0] = outbuf[1] = 0;
994 outbuf[3] = 1 << GESN_MEDIA; /* supported events */
995 if (notification_class_request & (1 << GESN_MEDIA)) {
996 outbuf[2] = GESN_MEDIA;
997 size += scsi_event_status_media(s, &outbuf[size]);
998 } else {
999 outbuf[2] = 0x80;
1000 }
1001 stw_be_p(outbuf, size - 4);
1002 return size;
1003 }
1004
1005 static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf)
1006 {
1007 int current;
1008
1009 if (s->qdev.type != TYPE_ROM) {
1010 return -1;
1011 }
1012
1013 if (media_is_dvd(s)) {
1014 current = MMC_PROFILE_DVD_ROM;
1015 } else if (media_is_cd(s)) {
1016 current = MMC_PROFILE_CD_ROM;
1017 } else {
1018 current = MMC_PROFILE_NONE;
1019 }
1020
1021 memset(outbuf, 0, 40);
1022 stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */
1023 stw_be_p(&outbuf[6], current);
1024 /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */
1025 outbuf[10] = 0x03; /* persistent, current */
1026 outbuf[11] = 8; /* two profiles */
1027 stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM);
1028 outbuf[14] = (current == MMC_PROFILE_DVD_ROM);
1029 stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM);
1030 outbuf[18] = (current == MMC_PROFILE_CD_ROM);
1031 /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */
1032 stw_be_p(&outbuf[20], 1);
1033 outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */
1034 outbuf[23] = 8;
1035 stl_be_p(&outbuf[24], 1); /* SCSI */
1036 outbuf[28] = 1; /* DBE = 1, mandatory */
1037 /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */
1038 stw_be_p(&outbuf[32], 3);
1039 outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */
1040 outbuf[35] = 4;
1041 outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */
1042 /* TODO: Random readable, CD read, DVD read, drive serial number,
1043 power management */
1044 return 40;
1045 }
1046
1047 static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf)
1048 {
1049 if (s->qdev.type != TYPE_ROM) {
1050 return -1;
1051 }
1052 memset(outbuf, 0, 8);
1053 outbuf[5] = 1; /* CD-ROM */
1054 return 8;
1055 }
1056
1057 static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
1058 int page_control)
1059 {
1060 static const int mode_sense_valid[0x3f] = {
1061 [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK),
1062 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK),
1063 [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
1064 [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
1065 [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM),
1066 [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM),
1067 };
1068
1069 uint8_t *p = *p_outbuf + 2;
1070 int length;
1071
1072 if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) {
1073 return -1;
1074 }
1075
1076 /*
1077 * If Changeable Values are requested, a mask denoting those mode parameters
1078 * that are changeable shall be returned. As we currently don't support
1079 * parameter changes via MODE_SELECT all bits are returned set to zero.
1080 * The buffer was already menset to zero by the caller of this function.
1081 *
1082 * The offsets here are off by two compared to the descriptions in the
1083 * SCSI specs, because those include a 2-byte header. This is unfortunate,
1084 * but it is done so that offsets are consistent within our implementation
1085 * of MODE SENSE and MODE SELECT. MODE SELECT has to deal with both
1086 * 2-byte and 4-byte headers.
1087 */
1088 switch (page) {
1089 case MODE_PAGE_HD_GEOMETRY:
1090 length = 0x16;
1091 if (page_control == 1) { /* Changeable Values */
1092 break;
1093 }
1094 /* if a geometry hint is available, use it */
1095 p[0] = (s->qdev.conf.cyls >> 16) & 0xff;
1096 p[1] = (s->qdev.conf.cyls >> 8) & 0xff;
1097 p[2] = s->qdev.conf.cyls & 0xff;
1098 p[3] = s->qdev.conf.heads & 0xff;
1099 /* Write precomp start cylinder, disabled */
1100 p[4] = (s->qdev.conf.cyls >> 16) & 0xff;
1101 p[5] = (s->qdev.conf.cyls >> 8) & 0xff;
1102 p[6] = s->qdev.conf.cyls & 0xff;
1103 /* Reduced current start cylinder, disabled */
1104 p[7] = (s->qdev.conf.cyls >> 16) & 0xff;
1105 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1106 p[9] = s->qdev.conf.cyls & 0xff;
1107 /* Device step rate [ns], 200ns */
1108 p[10] = 0;
1109 p[11] = 200;
1110 /* Landing zone cylinder */
1111 p[12] = 0xff;
1112 p[13] = 0xff;
1113 p[14] = 0xff;
1114 /* Medium rotation rate [rpm], 5400 rpm */
1115 p[18] = (5400 >> 8) & 0xff;
1116 p[19] = 5400 & 0xff;
1117 break;
1118
1119 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY:
1120 length = 0x1e;
1121 if (page_control == 1) { /* Changeable Values */
1122 break;
1123 }
1124 /* Transfer rate [kbit/s], 5Mbit/s */
1125 p[0] = 5000 >> 8;
1126 p[1] = 5000 & 0xff;
1127 /* if a geometry hint is available, use it */
1128 p[2] = s->qdev.conf.heads & 0xff;
1129 p[3] = s->qdev.conf.secs & 0xff;
1130 p[4] = s->qdev.blocksize >> 8;
1131 p[6] = (s->qdev.conf.cyls >> 8) & 0xff;
1132 p[7] = s->qdev.conf.cyls & 0xff;
1133 /* Write precomp start cylinder, disabled */
1134 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1135 p[9] = s->qdev.conf.cyls & 0xff;
1136 /* Reduced current start cylinder, disabled */
1137 p[10] = (s->qdev.conf.cyls >> 8) & 0xff;
1138 p[11] = s->qdev.conf.cyls & 0xff;
1139 /* Device step rate [100us], 100us */
1140 p[12] = 0;
1141 p[13] = 1;
1142 /* Device step pulse width [us], 1us */
1143 p[14] = 1;
1144 /* Device head settle delay [100us], 100us */
1145 p[15] = 0;
1146 p[16] = 1;
1147 /* Motor on delay [0.1s], 0.1s */
1148 p[17] = 1;
1149 /* Motor off delay [0.1s], 0.1s */
1150 p[18] = 1;
1151 /* Medium rotation rate [rpm], 5400 rpm */
1152 p[26] = (5400 >> 8) & 0xff;
1153 p[27] = 5400 & 0xff;
1154 break;
1155
1156 case MODE_PAGE_CACHING:
1157 length = 0x12;
1158 if (page_control == 1 || /* Changeable Values */
1159 blk_enable_write_cache(s->qdev.conf.blk)) {
1160 p[0] = 4; /* WCE */
1161 }
1162 break;
1163
1164 case MODE_PAGE_R_W_ERROR:
1165 length = 10;
1166 if (page_control == 1) { /* Changeable Values */
1167 break;
1168 }
1169 p[0] = 0x80; /* Automatic Write Reallocation Enabled */
1170 if (s->qdev.type == TYPE_ROM) {
1171 p[1] = 0x20; /* Read Retry Count */
1172 }
1173 break;
1174
1175 case MODE_PAGE_AUDIO_CTL:
1176 length = 14;
1177 break;
1178
1179 case MODE_PAGE_CAPABILITIES:
1180 length = 0x14;
1181 if (page_control == 1) { /* Changeable Values */
1182 break;
1183 }
1184
1185 p[0] = 0x3b; /* CD-R & CD-RW read */
1186 p[1] = 0; /* Writing not supported */
1187 p[2] = 0x7f; /* Audio, composite, digital out,
1188 mode 2 form 1&2, multi session */
1189 p[3] = 0xff; /* CD DA, DA accurate, RW supported,
1190 RW corrected, C2 errors, ISRC,
1191 UPC, Bar code */
1192 p[4] = 0x2d | (s->tray_locked ? 2 : 0);
1193 /* Locking supported, jumper present, eject, tray */
1194 p[5] = 0; /* no volume & mute control, no
1195 changer */
1196 p[6] = (50 * 176) >> 8; /* 50x read speed */
1197 p[7] = (50 * 176) & 0xff;
1198 p[8] = 2 >> 8; /* Two volume levels */
1199 p[9] = 2 & 0xff;
1200 p[10] = 2048 >> 8; /* 2M buffer */
1201 p[11] = 2048 & 0xff;
1202 p[12] = (16 * 176) >> 8; /* 16x read speed current */
1203 p[13] = (16 * 176) & 0xff;
1204 p[16] = (16 * 176) >> 8; /* 16x write speed */
1205 p[17] = (16 * 176) & 0xff;
1206 p[18] = (16 * 176) >> 8; /* 16x write speed current */
1207 p[19] = (16 * 176) & 0xff;
1208 break;
1209
1210 default:
1211 return -1;
1212 }
1213
1214 assert(length < 256);
1215 (*p_outbuf)[0] = page;
1216 (*p_outbuf)[1] = length;
1217 *p_outbuf += length + 2;
1218 return length + 2;
1219 }
1220
1221 static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
1222 {
1223 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1224 uint64_t nb_sectors;
1225 bool dbd;
1226 int page, buflen, ret, page_control;
1227 uint8_t *p;
1228 uint8_t dev_specific_param;
1229
1230 dbd = (r->req.cmd.buf[1] & 0x8) != 0;
1231 page = r->req.cmd.buf[2] & 0x3f;
1232 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
1233
1234 trace_scsi_disk_emulate_mode_sense((r->req.cmd.buf[0] == MODE_SENSE) ? 6 :
1235 10, page, r->req.cmd.xfer, page_control);
1236 memset(outbuf, 0, r->req.cmd.xfer);
1237 p = outbuf;
1238
1239 if (s->qdev.type == TYPE_DISK) {
1240 dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0;
1241 if (!blk_is_writable(s->qdev.conf.blk)) {
1242 dev_specific_param |= 0x80; /* Readonly. */
1243 }
1244 } else {
1245 /* MMC prescribes that CD/DVD drives have no block descriptors,
1246 * and defines no device-specific parameter. */
1247 dev_specific_param = 0x00;
1248 dbd = true;
1249 }
1250
1251 if (r->req.cmd.buf[0] == MODE_SENSE) {
1252 p[1] = 0; /* Default media type. */
1253 p[2] = dev_specific_param;
1254 p[3] = 0; /* Block descriptor length. */
1255 p += 4;
1256 } else { /* MODE_SENSE_10 */
1257 p[2] = 0; /* Default media type. */
1258 p[3] = dev_specific_param;
1259 p[6] = p[7] = 0; /* Block descriptor length. */
1260 p += 8;
1261 }
1262
1263 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
1264 if (!dbd && nb_sectors) {
1265 if (r->req.cmd.buf[0] == MODE_SENSE) {
1266 outbuf[3] = 8; /* Block descriptor length */
1267 } else { /* MODE_SENSE_10 */
1268 outbuf[7] = 8; /* Block descriptor length */
1269 }
1270 nb_sectors /= (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1271 if (nb_sectors > 0xffffff) {
1272 nb_sectors = 0;
1273 }
1274 p[0] = 0; /* media density code */
1275 p[1] = (nb_sectors >> 16) & 0xff;
1276 p[2] = (nb_sectors >> 8) & 0xff;
1277 p[3] = nb_sectors & 0xff;
1278 p[4] = 0; /* reserved */
1279 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
1280 p[6] = s->qdev.blocksize >> 8;
1281 p[7] = 0;
1282 p += 8;
1283 }
1284
1285 if (page_control == 3) {
1286 /* Saved Values */
1287 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
1288 return -1;
1289 }
1290
1291 if (page == 0x3f) {
1292 for (page = 0; page <= 0x3e; page++) {
1293 mode_sense_page(s, page, &p, page_control);
1294 }
1295 } else {
1296 ret = mode_sense_page(s, page, &p, page_control);
1297 if (ret == -1) {
1298 return -1;
1299 }
1300 }
1301
1302 buflen = p - outbuf;
1303 /*
1304 * The mode data length field specifies the length in bytes of the
1305 * following data that is available to be transferred. The mode data
1306 * length does not include itself.
1307 */
1308 if (r->req.cmd.buf[0] == MODE_SENSE) {
1309 outbuf[0] = buflen - 1;
1310 } else { /* MODE_SENSE_10 */
1311 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
1312 outbuf[1] = (buflen - 2) & 0xff;
1313 }
1314 return buflen;
1315 }
1316
1317 static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
1318 {
1319 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1320 int start_track, format, msf, toclen;
1321 uint64_t nb_sectors;
1322
1323 msf = req->cmd.buf[1] & 2;
1324 format = req->cmd.buf[2] & 0xf;
1325 start_track = req->cmd.buf[6];
1326 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
1327 trace_scsi_disk_emulate_read_toc(start_track, format, msf >> 1);
1328 nb_sectors /= s->qdev.blocksize / BDRV_SECTOR_SIZE;
1329 switch (format) {
1330 case 0:
1331 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
1332 break;
1333 case 1:
1334 /* multi session : only a single session defined */
1335 toclen = 12;
1336 memset(outbuf, 0, 12);
1337 outbuf[1] = 0x0a;
1338 outbuf[2] = 0x01;
1339 outbuf[3] = 0x01;
1340 break;
1341 case 2:
1342 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
1343 break;
1344 default:
1345 return -1;
1346 }
1347 return toclen;
1348 }
1349
1350 static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
1351 {
1352 SCSIRequest *req = &r->req;
1353 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1354 bool start = req->cmd.buf[4] & 1;
1355 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
1356 int pwrcnd = req->cmd.buf[4] & 0xf0;
1357
1358 if (pwrcnd) {
1359 /* eject/load only happens for power condition == 0 */
1360 return 0;
1361 }
1362
1363 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) && loej) {
1364 if (!start && !s->tray_open && s->tray_locked) {
1365 scsi_check_condition(r,
1366 blk_is_inserted(s->qdev.conf.blk)
1367 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
1368 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
1369 return -1;
1370 }
1371
1372 if (s->tray_open != !start) {
1373 blk_eject(s->qdev.conf.blk, !start);
1374 s->tray_open = !start;
1375 }
1376 }
1377 return 0;
1378 }
1379
1380 static void scsi_disk_emulate_read_data(SCSIRequest *req)
1381 {
1382 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1383 int buflen = r->iov.iov_len;
1384
1385 if (buflen) {
1386 trace_scsi_disk_emulate_read_data(buflen);
1387 r->iov.iov_len = 0;
1388 r->started = true;
1389 scsi_req_data(&r->req, buflen);
1390 return;
1391 }
1392
1393 /* This also clears the sense buffer for REQUEST SENSE. */
1394 scsi_req_complete(&r->req, GOOD);
1395 }
1396
1397 static int scsi_disk_check_mode_select(SCSIDiskState *s, int page,
1398 uint8_t *inbuf, int inlen)
1399 {
1400 uint8_t mode_current[SCSI_MAX_MODE_LEN];
1401 uint8_t mode_changeable[SCSI_MAX_MODE_LEN];
1402 uint8_t *p;
1403 int len, expected_len, changeable_len, i;
1404
1405 /* The input buffer does not include the page header, so it is
1406 * off by 2 bytes.
1407 */
1408 expected_len = inlen + 2;
1409 if (expected_len > SCSI_MAX_MODE_LEN) {
1410 return -1;
1411 }
1412
1413 p = mode_current;
1414 memset(mode_current, 0, inlen + 2);
1415 len = mode_sense_page(s, page, &p, 0);
1416 if (len < 0 || len != expected_len) {
1417 return -1;
1418 }
1419
1420 p = mode_changeable;
1421 memset(mode_changeable, 0, inlen + 2);
1422 changeable_len = mode_sense_page(s, page, &p, 1);
1423 assert(changeable_len == len);
1424
1425 /* Check that unchangeable bits are the same as what MODE SENSE
1426 * would return.
1427 */
1428 for (i = 2; i < len; i++) {
1429 if (((mode_current[i] ^ inbuf[i - 2]) & ~mode_changeable[i]) != 0) {
1430 return -1;
1431 }
1432 }
1433 return 0;
1434 }
1435
1436 static void scsi_disk_apply_mode_select(SCSIDiskState *s, int page, uint8_t *p)
1437 {
1438 switch (page) {
1439 case MODE_PAGE_CACHING:
1440 blk_set_enable_write_cache(s->qdev.conf.blk, (p[0] & 4) != 0);
1441 break;
1442
1443 default:
1444 break;
1445 }
1446 }
1447
1448 static int mode_select_pages(SCSIDiskReq *r, uint8_t *p, int len, bool change)
1449 {
1450 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1451
1452 while (len > 0) {
1453 int page, subpage, page_len;
1454
1455 /* Parse both possible formats for the mode page headers. */
1456 page = p[0] & 0x3f;
1457 if (p[0] & 0x40) {
1458 if (len < 4) {
1459 goto invalid_param_len;
1460 }
1461 subpage = p[1];
1462 page_len = lduw_be_p(&p[2]);
1463 p += 4;
1464 len -= 4;
1465 } else {
1466 if (len < 2) {
1467 goto invalid_param_len;
1468 }
1469 subpage = 0;
1470 page_len = p[1];
1471 p += 2;
1472 len -= 2;
1473 }
1474
1475 if (subpage) {
1476 goto invalid_param;
1477 }
1478 if (page_len > len) {
1479 goto invalid_param_len;
1480 }
1481
1482 if (!change) {
1483 if (scsi_disk_check_mode_select(s, page, p, page_len) < 0) {
1484 goto invalid_param;
1485 }
1486 } else {
1487 scsi_disk_apply_mode_select(s, page, p);
1488 }
1489
1490 p += page_len;
1491 len -= page_len;
1492 }
1493 return 0;
1494
1495 invalid_param:
1496 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1497 return -1;
1498
1499 invalid_param_len:
1500 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1501 return -1;
1502 }
1503
1504 static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf)
1505 {
1506 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1507 uint8_t *p = inbuf;
1508 int cmd = r->req.cmd.buf[0];
1509 int len = r->req.cmd.xfer;
1510 int hdr_len = (cmd == MODE_SELECT ? 4 : 8);
1511 int bd_len;
1512 int pass;
1513
1514 /* We only support PF=1, SP=0. */
1515 if ((r->req.cmd.buf[1] & 0x11) != 0x10) {
1516 goto invalid_field;
1517 }
1518
1519 if (len < hdr_len) {
1520 goto invalid_param_len;
1521 }
1522
1523 bd_len = (cmd == MODE_SELECT ? p[3] : lduw_be_p(&p[6]));
1524 len -= hdr_len;
1525 p += hdr_len;
1526 if (len < bd_len) {
1527 goto invalid_param_len;
1528 }
1529 if (bd_len != 0 && bd_len != 8) {
1530 goto invalid_param;
1531 }
1532
1533 len -= bd_len;
1534 p += bd_len;
1535
1536 /* Ensure no change is made if there is an error! */
1537 for (pass = 0; pass < 2; pass++) {
1538 if (mode_select_pages(r, p, len, pass == 1) < 0) {
1539 assert(pass == 0);
1540 return;
1541 }
1542 }
1543 if (!blk_enable_write_cache(s->qdev.conf.blk)) {
1544 /* The request is used as the AIO opaque value, so add a ref. */
1545 scsi_req_ref(&r->req);
1546 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
1547 BLOCK_ACCT_FLUSH);
1548 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
1549 return;
1550 }
1551
1552 scsi_req_complete(&r->req, GOOD);
1553 return;
1554
1555 invalid_param:
1556 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1557 return;
1558
1559 invalid_param_len:
1560 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1561 return;
1562
1563 invalid_field:
1564 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1565 }
1566
1567 static inline bool check_lba_range(SCSIDiskState *s,
1568 uint64_t sector_num, uint32_t nb_sectors)
1569 {
1570 /*
1571 * The first line tests that no overflow happens when computing the last
1572 * sector. The second line tests that the last accessed sector is in
1573 * range.
1574 *
1575 * Careful, the computations should not underflow for nb_sectors == 0,
1576 * and a 0-block read to the first LBA beyond the end of device is
1577 * valid.
1578 */
1579 return (sector_num <= sector_num + nb_sectors &&
1580 sector_num + nb_sectors <= s->qdev.max_lba + 1);
1581 }
1582
1583 typedef struct UnmapCBData {
1584 SCSIDiskReq *r;
1585 uint8_t *inbuf;
1586 int count;
1587 } UnmapCBData;
1588
1589 static void scsi_unmap_complete(void *opaque, int ret);
1590
1591 static void scsi_unmap_complete_noio(UnmapCBData *data, int ret)
1592 {
1593 SCSIDiskReq *r = data->r;
1594 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1595
1596 assert(r->req.aiocb == NULL);
1597
1598 if (data->count > 0) {
1599 r->sector = ldq_be_p(&data->inbuf[0])
1600 * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1601 r->sector_count = (ldl_be_p(&data->inbuf[8]) & 0xffffffffULL)
1602 * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1603 if (!check_lba_range(s, r->sector, r->sector_count)) {
1604 block_acct_invalid(blk_get_stats(s->qdev.conf.blk),
1605 BLOCK_ACCT_UNMAP);
1606 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1607 goto done;
1608 }
1609
1610 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1611 r->sector_count * BDRV_SECTOR_SIZE,
1612 BLOCK_ACCT_UNMAP);
1613
1614 r->req.aiocb = blk_aio_pdiscard(s->qdev.conf.blk,
1615 r->sector * BDRV_SECTOR_SIZE,
1616 r->sector_count * BDRV_SECTOR_SIZE,
1617 scsi_unmap_complete, data);
1618 data->count--;
1619 data->inbuf += 16;
1620 return;
1621 }
1622
1623 scsi_req_complete(&r->req, GOOD);
1624
1625 done:
1626 scsi_req_unref(&r->req);
1627 g_free(data);
1628 }
1629
1630 static void scsi_unmap_complete(void *opaque, int ret)
1631 {
1632 UnmapCBData *data = opaque;
1633 SCSIDiskReq *r = data->r;
1634 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1635
1636 assert(r->req.aiocb != NULL);
1637 r->req.aiocb = NULL;
1638
1639 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
1640 if (scsi_disk_req_check_error(r, ret, true)) {
1641 scsi_req_unref(&r->req);
1642 g_free(data);
1643 } else {
1644 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
1645 scsi_unmap_complete_noio(data, ret);
1646 }
1647 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
1648 }
1649
1650 static void scsi_disk_emulate_unmap(SCSIDiskReq *r, uint8_t *inbuf)
1651 {
1652 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1653 uint8_t *p = inbuf;
1654 int len = r->req.cmd.xfer;
1655 UnmapCBData *data;
1656
1657 /* Reject ANCHOR=1. */
1658 if (r->req.cmd.buf[1] & 0x1) {
1659 goto invalid_field;
1660 }
1661
1662 if (len < 8) {
1663 goto invalid_param_len;
1664 }
1665 if (len < lduw_be_p(&p[0]) + 2) {
1666 goto invalid_param_len;
1667 }
1668 if (len < lduw_be_p(&p[2]) + 8) {
1669 goto invalid_param_len;
1670 }
1671 if (lduw_be_p(&p[2]) & 15) {
1672 goto invalid_param_len;
1673 }
1674
1675 if (!blk_is_writable(s->qdev.conf.blk)) {
1676 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
1677 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1678 return;
1679 }
1680
1681 data = g_new0(UnmapCBData, 1);
1682 data->r = r;
1683 data->inbuf = &p[8];
1684 data->count = lduw_be_p(&p[2]) >> 4;
1685
1686 /* The matching unref is in scsi_unmap_complete, before data is freed. */
1687 scsi_req_ref(&r->req);
1688 scsi_unmap_complete_noio(data, 0);
1689 return;
1690
1691 invalid_param_len:
1692 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
1693 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1694 return;
1695
1696 invalid_field:
1697 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
1698 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1699 }
1700
1701 typedef struct WriteSameCBData {
1702 SCSIDiskReq *r;
1703 int64_t sector;
1704 int nb_sectors;
1705 QEMUIOVector qiov;
1706 struct iovec iov;
1707 } WriteSameCBData;
1708
1709 static void scsi_write_same_complete(void *opaque, int ret)
1710 {
1711 WriteSameCBData *data = opaque;
1712 SCSIDiskReq *r = data->r;
1713 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1714
1715 assert(r->req.aiocb != NULL);
1716 r->req.aiocb = NULL;
1717 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
1718 if (scsi_disk_req_check_error(r, ret, true)) {
1719 goto done;
1720 }
1721
1722 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
1723
1724 data->nb_sectors -= data->iov.iov_len / BDRV_SECTOR_SIZE;
1725 data->sector += data->iov.iov_len / BDRV_SECTOR_SIZE;
1726 data->iov.iov_len = MIN(data->nb_sectors * BDRV_SECTOR_SIZE,
1727 data->iov.iov_len);
1728 if (data->iov.iov_len) {
1729 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1730 data->iov.iov_len, BLOCK_ACCT_WRITE);
1731 /* Reinitialize qiov, to handle unaligned WRITE SAME request
1732 * where final qiov may need smaller size */
1733 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
1734 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1735 data->sector << BDRV_SECTOR_BITS,
1736 &data->qiov, 0,
1737 scsi_write_same_complete, data);
1738 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
1739 return;
1740 }
1741
1742 scsi_req_complete(&r->req, GOOD);
1743
1744 done:
1745 scsi_req_unref(&r->req);
1746 qemu_vfree(data->iov.iov_base);
1747 g_free(data);
1748 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
1749 }
1750
1751 static void scsi_disk_emulate_write_same(SCSIDiskReq *r, uint8_t *inbuf)
1752 {
1753 SCSIRequest *req = &r->req;
1754 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1755 uint32_t nb_sectors = scsi_data_cdb_xfer(r->req.cmd.buf);
1756 WriteSameCBData *data;
1757 uint8_t *buf;
1758 int i;
1759
1760 /* Fail if PBDATA=1 or LBDATA=1 or ANCHOR=1. */
1761 if (nb_sectors == 0 || (req->cmd.buf[1] & 0x16)) {
1762 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1763 return;
1764 }
1765
1766 if (!blk_is_writable(s->qdev.conf.blk)) {
1767 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1768 return;
1769 }
1770 if (!check_lba_range(s, r->req.cmd.lba, nb_sectors)) {
1771 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1772 return;
1773 }
1774
1775 if ((req->cmd.buf[1] & 0x1) || buffer_is_zero(inbuf, s->qdev.blocksize)) {
1776 int flags = (req->cmd.buf[1] & 0x8) ? BDRV_REQ_MAY_UNMAP : 0;
1777
1778 /* The request is used as the AIO opaque value, so add a ref. */
1779 scsi_req_ref(&r->req);
1780 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1781 nb_sectors * s->qdev.blocksize,
1782 BLOCK_ACCT_WRITE);
1783 r->req.aiocb = blk_aio_pwrite_zeroes(s->qdev.conf.blk,
1784 r->req.cmd.lba * s->qdev.blocksize,
1785 nb_sectors * s->qdev.blocksize,
1786 flags, scsi_aio_complete, r);
1787 return;
1788 }
1789
1790 data = g_new0(WriteSameCBData, 1);
1791 data->r = r;
1792 data->sector = r->req.cmd.lba * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1793 data->nb_sectors = nb_sectors * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1794 data->iov.iov_len = MIN(data->nb_sectors * BDRV_SECTOR_SIZE,
1795 SCSI_WRITE_SAME_MAX);
1796 data->iov.iov_base = buf = blk_blockalign(s->qdev.conf.blk,
1797 data->iov.iov_len);
1798 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
1799
1800 for (i = 0; i < data->iov.iov_len; i += s->qdev.blocksize) {
1801 memcpy(&buf[i], inbuf, s->qdev.blocksize);
1802 }
1803
1804 scsi_req_ref(&r->req);
1805 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1806 data->iov.iov_len, BLOCK_ACCT_WRITE);
1807 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1808 data->sector << BDRV_SECTOR_BITS,
1809 &data->qiov, 0,
1810 scsi_write_same_complete, data);
1811 }
1812
1813 static void scsi_disk_emulate_write_data(SCSIRequest *req)
1814 {
1815 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1816
1817 if (r->iov.iov_len) {
1818 int buflen = r->iov.iov_len;
1819 trace_scsi_disk_emulate_write_data(buflen);
1820 r->iov.iov_len = 0;
1821 scsi_req_data(&r->req, buflen);
1822 return;
1823 }
1824
1825 switch (req->cmd.buf[0]) {
1826 case MODE_SELECT:
1827 case MODE_SELECT_10:
1828 /* This also clears the sense buffer for REQUEST SENSE. */
1829 scsi_disk_emulate_mode_select(r, r->iov.iov_base);
1830 break;
1831
1832 case UNMAP:
1833 scsi_disk_emulate_unmap(r, r->iov.iov_base);
1834 break;
1835
1836 case VERIFY_10:
1837 case VERIFY_12:
1838 case VERIFY_16:
1839 if (r->req.status == -1) {
1840 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1841 }
1842 break;
1843
1844 case WRITE_SAME_10:
1845 case WRITE_SAME_16:
1846 scsi_disk_emulate_write_same(r, r->iov.iov_base);
1847 break;
1848
1849 default:
1850 abort();
1851 }
1852 }
1853
1854 static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
1855 {
1856 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1857 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1858 uint64_t nb_sectors;
1859 uint8_t *outbuf;
1860 int buflen;
1861
1862 switch (req->cmd.buf[0]) {
1863 case INQUIRY:
1864 case MODE_SENSE:
1865 case MODE_SENSE_10:
1866 case RESERVE:
1867 case RESERVE_10:
1868 case RELEASE:
1869 case RELEASE_10:
1870 case START_STOP:
1871 case ALLOW_MEDIUM_REMOVAL:
1872 case GET_CONFIGURATION:
1873 case GET_EVENT_STATUS_NOTIFICATION:
1874 case MECHANISM_STATUS:
1875 case REQUEST_SENSE:
1876 break;
1877
1878 default:
1879 if (!blk_is_available(s->qdev.conf.blk)) {
1880 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1881 return 0;
1882 }
1883 break;
1884 }
1885
1886 /*
1887 * FIXME: we shouldn't return anything bigger than 4k, but the code
1888 * requires the buffer to be as big as req->cmd.xfer in several
1889 * places. So, do not allow CDBs with a very large ALLOCATION
1890 * LENGTH. The real fix would be to modify scsi_read_data and
1891 * dma_buf_read, so that they return data beyond the buflen
1892 * as all zeros.
1893 */
1894 if (req->cmd.xfer > 65536) {
1895 goto illegal_request;
1896 }
1897 r->buflen = MAX(4096, req->cmd.xfer);
1898
1899 if (!r->iov.iov_base) {
1900 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
1901 }
1902
1903 outbuf = r->iov.iov_base;
1904 memset(outbuf, 0, r->buflen);
1905 switch (req->cmd.buf[0]) {
1906 case TEST_UNIT_READY:
1907 assert(blk_is_available(s->qdev.conf.blk));
1908 break;
1909 case INQUIRY:
1910 buflen = scsi_disk_emulate_inquiry(req, outbuf);
1911 if (buflen < 0) {
1912 goto illegal_request;
1913 }
1914 break;
1915 case MODE_SENSE:
1916 case MODE_SENSE_10:
1917 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
1918 if (buflen < 0) {
1919 goto illegal_request;
1920 }
1921 break;
1922 case READ_TOC:
1923 buflen = scsi_disk_emulate_read_toc(req, outbuf);
1924 if (buflen < 0) {
1925 goto illegal_request;
1926 }
1927 break;
1928 case RESERVE:
1929 if (req->cmd.buf[1] & 1) {
1930 goto illegal_request;
1931 }
1932 break;
1933 case RESERVE_10:
1934 if (req->cmd.buf[1] & 3) {
1935 goto illegal_request;
1936 }
1937 break;
1938 case RELEASE:
1939 if (req->cmd.buf[1] & 1) {
1940 goto illegal_request;
1941 }
1942 break;
1943 case RELEASE_10:
1944 if (req->cmd.buf[1] & 3) {
1945 goto illegal_request;
1946 }
1947 break;
1948 case START_STOP:
1949 if (scsi_disk_emulate_start_stop(r) < 0) {
1950 return 0;
1951 }
1952 break;
1953 case ALLOW_MEDIUM_REMOVAL:
1954 s->tray_locked = req->cmd.buf[4] & 1;
1955 blk_lock_medium(s->qdev.conf.blk, req->cmd.buf[4] & 1);
1956 break;
1957 case READ_CAPACITY_10:
1958 /* The normal LEN field for this command is zero. */
1959 memset(outbuf, 0, 8);
1960 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
1961 if (!nb_sectors) {
1962 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
1963 return 0;
1964 }
1965 if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) {
1966 goto illegal_request;
1967 }
1968 nb_sectors /= s->qdev.blocksize / BDRV_SECTOR_SIZE;
1969 /* Returned value is the address of the last sector. */
1970 nb_sectors--;
1971 /* Remember the new size for read/write sanity checking. */
1972 s->qdev.max_lba = nb_sectors;
1973 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
1974 if (nb_sectors > UINT32_MAX) {
1975 nb_sectors = UINT32_MAX;
1976 }
1977 outbuf[0] = (nb_sectors >> 24) & 0xff;
1978 outbuf[1] = (nb_sectors >> 16) & 0xff;
1979 outbuf[2] = (nb_sectors >> 8) & 0xff;
1980 outbuf[3] = nb_sectors & 0xff;
1981 outbuf[4] = 0;
1982 outbuf[5] = 0;
1983 outbuf[6] = s->qdev.blocksize >> 8;
1984 outbuf[7] = 0;
1985 break;
1986 case REQUEST_SENSE:
1987 /* Just return "NO SENSE". */
1988 buflen = scsi_convert_sense(NULL, 0, outbuf, r->buflen,
1989 (req->cmd.buf[1] & 1) == 0);
1990 if (buflen < 0) {
1991 goto illegal_request;
1992 }
1993 break;
1994 case MECHANISM_STATUS:
1995 buflen = scsi_emulate_mechanism_status(s, outbuf);
1996 if (buflen < 0) {
1997 goto illegal_request;
1998 }
1999 break;
2000 case GET_CONFIGURATION:
2001 buflen = scsi_get_configuration(s, outbuf);
2002 if (buflen < 0) {
2003 goto illegal_request;
2004 }
2005 break;
2006 case GET_EVENT_STATUS_NOTIFICATION:
2007 buflen = scsi_get_event_status_notification(s, r, outbuf);
2008 if (buflen < 0) {
2009 goto illegal_request;
2010 }
2011 break;
2012 case READ_DISC_INFORMATION:
2013 buflen = scsi_read_disc_information(s, r, outbuf);
2014 if (buflen < 0) {
2015 goto illegal_request;
2016 }
2017 break;
2018 case READ_DVD_STRUCTURE:
2019 buflen = scsi_read_dvd_structure(s, r, outbuf);
2020 if (buflen < 0) {
2021 goto illegal_request;
2022 }
2023 break;
2024 case SERVICE_ACTION_IN_16:
2025 /* Service Action In subcommands. */
2026 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
2027 trace_scsi_disk_emulate_command_SAI_16();
2028 memset(outbuf, 0, req->cmd.xfer);
2029 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
2030 if (!nb_sectors) {
2031 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
2032 return 0;
2033 }
2034 if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) {
2035 goto illegal_request;
2036 }
2037 nb_sectors /= s->qdev.blocksize / BDRV_SECTOR_SIZE;
2038 /* Returned value is the address of the last sector. */
2039 nb_sectors--;
2040 /* Remember the new size for read/write sanity checking. */
2041 s->qdev.max_lba = nb_sectors;
2042 outbuf[0] = (nb_sectors >> 56) & 0xff;
2043 outbuf[1] = (nb_sectors >> 48) & 0xff;
2044 outbuf[2] = (nb_sectors >> 40) & 0xff;
2045 outbuf[3] = (nb_sectors >> 32) & 0xff;
2046 outbuf[4] = (nb_sectors >> 24) & 0xff;
2047 outbuf[5] = (nb_sectors >> 16) & 0xff;
2048 outbuf[6] = (nb_sectors >> 8) & 0xff;
2049 outbuf[7] = nb_sectors & 0xff;
2050 outbuf[8] = 0;
2051 outbuf[9] = 0;
2052 outbuf[10] = s->qdev.blocksize >> 8;
2053 outbuf[11] = 0;
2054 outbuf[12] = 0;
2055 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
2056
2057 /* set TPE bit if the format supports discard */
2058 if (s->qdev.conf.discard_granularity) {
2059 outbuf[14] = 0x80;
2060 }
2061
2062 /* Protection, exponent and lowest lba field left blank. */
2063 break;
2064 }
2065 trace_scsi_disk_emulate_command_SAI_unsupported();
2066 goto illegal_request;
2067 case SYNCHRONIZE_CACHE:
2068 /* The request is used as the AIO opaque value, so add a ref. */
2069 scsi_req_ref(&r->req);
2070 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
2071 BLOCK_ACCT_FLUSH);
2072 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
2073 return 0;
2074 case SEEK_10:
2075 trace_scsi_disk_emulate_command_SEEK_10(r->req.cmd.lba);
2076 if (r->req.cmd.lba > s->qdev.max_lba) {
2077 goto illegal_lba;
2078 }
2079 break;
2080 case MODE_SELECT:
2081 trace_scsi_disk_emulate_command_MODE_SELECT(r->req.cmd.xfer);
2082 break;
2083 case MODE_SELECT_10:
2084 trace_scsi_disk_emulate_command_MODE_SELECT_10(r->req.cmd.xfer);
2085 break;
2086 case UNMAP:
2087 trace_scsi_disk_emulate_command_UNMAP(r->req.cmd.xfer);
2088 break;
2089 case VERIFY_10:
2090 case VERIFY_12:
2091 case VERIFY_16:
2092 trace_scsi_disk_emulate_command_VERIFY((req->cmd.buf[1] >> 1) & 3);
2093 if (req->cmd.buf[1] & 6) {
2094 goto illegal_request;
2095 }
2096 break;
2097 case WRITE_SAME_10:
2098 case WRITE_SAME_16:
2099 trace_scsi_disk_emulate_command_WRITE_SAME(
2100 req->cmd.buf[0] == WRITE_SAME_10 ? 10 : 16, r->req.cmd.xfer);
2101 break;
2102 default:
2103 trace_scsi_disk_emulate_command_UNKNOWN(buf[0],
2104 scsi_command_name(buf[0]));
2105 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
2106 return 0;
2107 }
2108 assert(!r->req.aiocb);
2109 r->iov.iov_len = MIN(r->buflen, req->cmd.xfer);
2110 if (r->iov.iov_len == 0) {
2111 scsi_req_complete(&r->req, GOOD);
2112 }
2113 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
2114 assert(r->iov.iov_len == req->cmd.xfer);
2115 return -r->iov.iov_len;
2116 } else {
2117 return r->iov.iov_len;
2118 }
2119
2120 illegal_request:
2121 if (r->req.status == -1) {
2122 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2123 }
2124 return 0;
2125
2126 illegal_lba:
2127 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
2128 return 0;
2129 }
2130
2131 /* Execute a scsi command. Returns the length of the data expected by the
2132 command. This will be Positive for data transfers from the device
2133 (eg. disk reads), negative for transfers to the device (eg. disk writes),
2134 and zero if the command does not transfer any data. */
2135
2136 static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf)
2137 {
2138 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2139 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
2140 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
2141 uint32_t len;
2142 uint8_t command;
2143
2144 command = buf[0];
2145
2146 if (!blk_is_available(s->qdev.conf.blk)) {
2147 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
2148 return 0;
2149 }
2150
2151 len = scsi_data_cdb_xfer(r->req.cmd.buf);
2152 switch (command) {
2153 case READ_6:
2154 case READ_10:
2155 case READ_12:
2156 case READ_16:
2157 trace_scsi_disk_dma_command_READ(r->req.cmd.lba, len);
2158 /* Protection information is not supported. For SCSI versions 2 and
2159 * older (as determined by snooping the guest's INQUIRY commands),
2160 * there is no RD/WR/VRPROTECT, so skip this check in these versions.
2161 */
2162 if (s->qdev.scsi_version > 2 && (r->req.cmd.buf[1] & 0xe0)) {
2163 goto illegal_request;
2164 }
2165 if (!check_lba_range(s, r->req.cmd.lba, len)) {
2166 goto illegal_lba;
2167 }
2168 r->sector = r->req.cmd.lba * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
2169 r->sector_count = len * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
2170 break;
2171 case WRITE_6:
2172 case WRITE_10:
2173 case WRITE_12:
2174 case WRITE_16:
2175 case WRITE_VERIFY_10:
2176 case WRITE_VERIFY_12:
2177 case WRITE_VERIFY_16:
2178 if (!blk_is_writable(s->qdev.conf.blk)) {
2179 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
2180 return 0;
2181 }
2182 trace_scsi_disk_dma_command_WRITE(
2183 (command & 0xe) == 0xe ? "And Verify " : "",
2184 r->req.cmd.lba, len);
2185 /* fall through */
2186 case VERIFY_10:
2187 case VERIFY_12:
2188 case VERIFY_16:
2189 /* We get here only for BYTCHK == 0x01 and only for scsi-block.
2190 * As far as DMA is concerned, we can treat it the same as a write;
2191 * scsi_block_do_sgio will send VERIFY commands.
2192 */
2193 if (s->qdev.scsi_version > 2 && (r->req.cmd.buf[1] & 0xe0)) {
2194 goto illegal_request;
2195 }
2196 if (!check_lba_range(s, r->req.cmd.lba, len)) {
2197 goto illegal_lba;
2198 }
2199 r->sector = r->req.cmd.lba * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
2200 r->sector_count = len * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
2201 break;
2202 default:
2203 abort();
2204 illegal_request:
2205 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2206 return 0;
2207 illegal_lba:
2208 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
2209 return 0;
2210 }
2211 r->need_fua_emulation = sdc->need_fua_emulation(&r->req.cmd);
2212 if (r->sector_count == 0) {
2213 scsi_req_complete(&r->req, GOOD);
2214 }
2215 assert(r->iov.iov_len == 0);
2216 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
2217 return -r->sector_count * BDRV_SECTOR_SIZE;
2218 } else {
2219 return r->sector_count * BDRV_SECTOR_SIZE;
2220 }
2221 }
2222
2223 static void scsi_disk_reset(DeviceState *dev)
2224 {
2225 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
2226 uint64_t nb_sectors;
2227
2228 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
2229
2230 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
2231 nb_sectors /= s->qdev.blocksize / BDRV_SECTOR_SIZE;
2232 if (nb_sectors) {
2233 nb_sectors--;
2234 }
2235 s->qdev.max_lba = nb_sectors;
2236 /* reset tray statuses */
2237 s->tray_locked = 0;
2238 s->tray_open = 0;
2239
2240 s->qdev.scsi_version = s->qdev.default_scsi_version;
2241 }
2242
2243 static void scsi_disk_resize_cb(void *opaque)
2244 {
2245 SCSIDiskState *s = opaque;
2246
2247 /* SPC lists this sense code as available only for
2248 * direct-access devices.
2249 */
2250 if (s->qdev.type == TYPE_DISK) {
2251 scsi_device_report_change(&s->qdev, SENSE_CODE(CAPACITY_CHANGED));
2252 }
2253 }
2254
2255 static void scsi_cd_change_media_cb(void *opaque, bool load, Error **errp)
2256 {
2257 SCSIDiskState *s = opaque;
2258
2259 /*
2260 * When a CD gets changed, we have to report an ejected state and
2261 * then a loaded state to guests so that they detect tray
2262 * open/close and media change events. Guests that do not use
2263 * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close
2264 * states rely on this behavior.
2265 *
2266 * media_changed governs the state machine used for unit attention
2267 * report. media_event is used by GET EVENT STATUS NOTIFICATION.
2268 */
2269 s->media_changed = load;
2270 s->tray_open = !load;
2271 scsi_device_set_ua(&s->qdev, SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM));
2272 s->media_event = true;
2273 s->eject_request = false;
2274 }
2275
2276 static void scsi_cd_eject_request_cb(void *opaque, bool force)
2277 {
2278 SCSIDiskState *s = opaque;
2279
2280 s->eject_request = true;
2281 if (force) {
2282 s->tray_locked = false;
2283 }
2284 }
2285
2286 static bool scsi_cd_is_tray_open(void *opaque)
2287 {
2288 return ((SCSIDiskState *)opaque)->tray_open;
2289 }
2290
2291 static bool scsi_cd_is_medium_locked(void *opaque)
2292 {
2293 return ((SCSIDiskState *)opaque)->tray_locked;
2294 }
2295
2296 static const BlockDevOps scsi_disk_removable_block_ops = {
2297 .change_media_cb = scsi_cd_change_media_cb,
2298 .eject_request_cb = scsi_cd_eject_request_cb,
2299 .is_tray_open = scsi_cd_is_tray_open,
2300 .is_medium_locked = scsi_cd_is_medium_locked,
2301
2302 .resize_cb = scsi_disk_resize_cb,
2303 };
2304
2305 static const BlockDevOps scsi_disk_block_ops = {
2306 .resize_cb = scsi_disk_resize_cb,
2307 };
2308
2309 static void scsi_disk_unit_attention_reported(SCSIDevice *dev)
2310 {
2311 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2312 if (s->media_changed) {
2313 s->media_changed = false;
2314 scsi_device_set_ua(&s->qdev, SENSE_CODE(MEDIUM_CHANGED));
2315 }
2316 }
2317
2318 static void scsi_realize(SCSIDevice *dev, Error **errp)
2319 {
2320 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2321 bool read_only;
2322
2323 if (!s->qdev.conf.blk) {
2324 error_setg(errp, "drive property not set");
2325 return;
2326 }
2327
2328 if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2329 !blk_is_inserted(s->qdev.conf.blk)) {
2330 error_setg(errp, "Device needs media, but drive is empty");
2331 return;
2332 }
2333
2334 if (!blkconf_blocksizes(&s->qdev.conf, errp)) {
2335 return;
2336 }
2337
2338 if (blk_get_aio_context(s->qdev.conf.blk) != qemu_get_aio_context() &&
2339 !s->qdev.hba_supports_iothread)
2340 {
2341 error_setg(errp, "HBA does not support iothreads");
2342 return;
2343 }
2344
2345 if (dev->type == TYPE_DISK) {
2346 if (!blkconf_geometry(&dev->conf, NULL, 65535, 255, 255, errp)) {
2347 return;
2348 }
2349 }
2350
2351 read_only = !blk_supports_write_perm(s->qdev.conf.blk);
2352 if (dev->type == TYPE_ROM) {
2353 read_only = true;
2354 }
2355
2356 if (!blkconf_apply_backend_options(&dev->conf, read_only,
2357 dev->type == TYPE_DISK, errp)) {
2358 return;
2359 }
2360
2361 if (s->qdev.conf.discard_granularity == -1) {
2362 s->qdev.conf.discard_granularity =
2363 MAX(s->qdev.conf.logical_block_size, DEFAULT_DISCARD_GRANULARITY);
2364 }
2365
2366 if (!s->version) {
2367 s->version = g_strdup(qemu_hw_version());
2368 }
2369 if (!s->vendor) {
2370 s->vendor = g_strdup("QEMU");
2371 }
2372 if (!s->device_id) {
2373 if (s->serial) {
2374 s->device_id = g_strdup_printf("%.20s", s->serial);
2375 } else {
2376 const char *str = blk_name(s->qdev.conf.blk);
2377 if (str && *str) {
2378 s->device_id = g_strdup(str);
2379 }
2380 }
2381 }
2382
2383 if (blk_is_sg(s->qdev.conf.blk)) {
2384 error_setg(errp, "unwanted /dev/sg*");
2385 return;
2386 }
2387
2388 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2389 !(s->features & (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS))) {
2390 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_removable_block_ops, s);
2391 } else {
2392 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_block_ops, s);
2393 }
2394 blk_set_guest_block_size(s->qdev.conf.blk, s->qdev.blocksize);
2395
2396 blk_iostatus_enable(s->qdev.conf.blk);
2397
2398 add_boot_device_lchs(&dev->qdev, NULL,
2399 dev->conf.lcyls,
2400 dev->conf.lheads,
2401 dev->conf.lsecs);
2402 }
2403
2404 static void scsi_unrealize(SCSIDevice *dev)
2405 {
2406 del_boot_device_lchs(&dev->qdev, NULL);
2407 }
2408
2409 static void scsi_hd_realize(SCSIDevice *dev, Error **errp)
2410 {
2411 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2412 AioContext *ctx = NULL;
2413 /* can happen for devices without drive. The error message for missing
2414 * backend will be issued in scsi_realize
2415 */
2416 if (s->qdev.conf.blk) {
2417 ctx = blk_get_aio_context(s->qdev.conf.blk);
2418 aio_context_acquire(ctx);
2419 if (!blkconf_blocksizes(&s->qdev.conf, errp)) {
2420 goto out;
2421 }
2422 }
2423 s->qdev.blocksize = s->qdev.conf.logical_block_size;
2424 s->qdev.type = TYPE_DISK;
2425 if (!s->product) {
2426 s->product = g_strdup("QEMU HARDDISK");
2427 }
2428 scsi_realize(&s->qdev, errp);
2429 out:
2430 if (ctx) {
2431 aio_context_release(ctx);
2432 }
2433 }
2434
2435 static void scsi_cd_realize(SCSIDevice *dev, Error **errp)
2436 {
2437 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2438 AioContext *ctx;
2439 int ret;
2440
2441 if (!dev->conf.blk) {
2442 /* Anonymous BlockBackend for an empty drive. As we put it into
2443 * dev->conf, qdev takes care of detaching on unplug. */
2444 dev->conf.blk = blk_new(qemu_get_aio_context(), 0, BLK_PERM_ALL);
2445 ret = blk_attach_dev(dev->conf.blk, &dev->qdev);
2446 assert(ret == 0);
2447 }
2448
2449 ctx = blk_get_aio_context(dev->conf.blk);
2450 aio_context_acquire(ctx);
2451 s->qdev.blocksize = 2048;
2452 s->qdev.type = TYPE_ROM;
2453 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2454 if (!s->product) {
2455 s->product = g_strdup("QEMU CD-ROM");
2456 }
2457 scsi_realize(&s->qdev, errp);
2458 aio_context_release(ctx);
2459 }
2460
2461 static void scsi_disk_realize(SCSIDevice *dev, Error **errp)
2462 {
2463 DriveInfo *dinfo;
2464 Error *local_err = NULL;
2465
2466 warn_report("'scsi-disk' is deprecated, "
2467 "please use 'scsi-hd' or 'scsi-cd' instead");
2468
2469 if (!dev->conf.blk) {
2470 scsi_realize(dev, &local_err);
2471 assert(local_err);
2472 error_propagate(errp, local_err);
2473 return;
2474 }
2475
2476 dinfo = blk_legacy_dinfo(dev->conf.blk);
2477 if (dinfo && dinfo->media_cd) {
2478 scsi_cd_realize(dev, errp);
2479 } else {
2480 scsi_hd_realize(dev, errp);
2481 }
2482 }
2483
2484 static const SCSIReqOps scsi_disk_emulate_reqops = {
2485 .size = sizeof(SCSIDiskReq),
2486 .free_req = scsi_free_request,
2487 .send_command = scsi_disk_emulate_command,
2488 .read_data = scsi_disk_emulate_read_data,
2489 .write_data = scsi_disk_emulate_write_data,
2490 .get_buf = scsi_get_buf,
2491 };
2492
2493 static const SCSIReqOps scsi_disk_dma_reqops = {
2494 .size = sizeof(SCSIDiskReq),
2495 .free_req = scsi_free_request,
2496 .send_command = scsi_disk_dma_command,
2497 .read_data = scsi_read_data,
2498 .write_data = scsi_write_data,
2499 .get_buf = scsi_get_buf,
2500 .load_request = scsi_disk_load_request,
2501 .save_request = scsi_disk_save_request,
2502 };
2503
2504 static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = {
2505 [TEST_UNIT_READY] = &scsi_disk_emulate_reqops,
2506 [INQUIRY] = &scsi_disk_emulate_reqops,
2507 [MODE_SENSE] = &scsi_disk_emulate_reqops,
2508 [MODE_SENSE_10] = &scsi_disk_emulate_reqops,
2509 [START_STOP] = &scsi_disk_emulate_reqops,
2510 [ALLOW_MEDIUM_REMOVAL] = &scsi_disk_emulate_reqops,
2511 [READ_CAPACITY_10] = &scsi_disk_emulate_reqops,
2512 [READ_TOC] = &scsi_disk_emulate_reqops,
2513 [READ_DVD_STRUCTURE] = &scsi_disk_emulate_reqops,
2514 [READ_DISC_INFORMATION] = &scsi_disk_emulate_reqops,
2515 [GET_CONFIGURATION] = &scsi_disk_emulate_reqops,
2516 [GET_EVENT_STATUS_NOTIFICATION] = &scsi_disk_emulate_reqops,
2517 [MECHANISM_STATUS] = &scsi_disk_emulate_reqops,
2518 [SERVICE_ACTION_IN_16] = &scsi_disk_emulate_reqops,
2519 [REQUEST_SENSE] = &scsi_disk_emulate_reqops,
2520 [SYNCHRONIZE_CACHE] = &scsi_disk_emulate_reqops,
2521 [SEEK_10] = &scsi_disk_emulate_reqops,
2522 [MODE_SELECT] = &scsi_disk_emulate_reqops,
2523 [MODE_SELECT_10] = &scsi_disk_emulate_reqops,
2524 [UNMAP] = &scsi_disk_emulate_reqops,
2525 [WRITE_SAME_10] = &scsi_disk_emulate_reqops,
2526 [WRITE_SAME_16] = &scsi_disk_emulate_reqops,
2527 [VERIFY_10] = &scsi_disk_emulate_reqops,
2528 [VERIFY_12] = &scsi_disk_emulate_reqops,
2529 [VERIFY_16] = &scsi_disk_emulate_reqops,
2530
2531 [READ_6] = &scsi_disk_dma_reqops,
2532 [READ_10] = &scsi_disk_dma_reqops,
2533 [READ_12] = &scsi_disk_dma_reqops,
2534 [READ_16] = &scsi_disk_dma_reqops,
2535 [WRITE_6] = &scsi_disk_dma_reqops,
2536 [WRITE_10] = &scsi_disk_dma_reqops,
2537 [WRITE_12] = &scsi_disk_dma_reqops,
2538 [WRITE_16] = &scsi_disk_dma_reqops,
2539 [WRITE_VERIFY_10] = &scsi_disk_dma_reqops,
2540 [WRITE_VERIFY_12] = &scsi_disk_dma_reqops,
2541 [WRITE_VERIFY_16] = &scsi_disk_dma_reqops,
2542 };
2543
2544 static void scsi_disk_new_request_dump(uint32_t lun, uint32_t tag, uint8_t *buf)
2545 {
2546 int i;
2547 int len = scsi_cdb_length(buf);
2548 char *line_buffer, *p;
2549
2550 line_buffer = g_malloc(len * 5 + 1);
2551
2552 for (i = 0, p = line_buffer; i < len; i++) {
2553 p += sprintf(p, " 0x%02x", buf[i]);
2554 }
2555 trace_scsi_disk_new_request(lun, tag, line_buffer);
2556
2557 g_free(line_buffer);
2558 }
2559
2560 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
2561 uint8_t *buf, void *hba_private)
2562 {
2563 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2564 SCSIRequest *req;
2565 const SCSIReqOps *ops;
2566 uint8_t command;
2567
2568 command = buf[0];
2569 ops = scsi_disk_reqops_dispatch[command];
2570 if (!ops) {
2571 ops = &scsi_disk_emulate_reqops;
2572 }
2573 req = scsi_req_alloc(ops, &s->qdev, tag, lun, hba_private);
2574
2575 if (trace_event_get_state_backends(TRACE_SCSI_DISK_NEW_REQUEST)) {
2576 scsi_disk_new_request_dump(lun, tag, buf);
2577 }
2578
2579 return req;
2580 }
2581
2582 #ifdef __linux__
2583 static int get_device_type(SCSIDiskState *s)
2584 {
2585 uint8_t cmd[16];
2586 uint8_t buf[36];
2587 int ret;
2588
2589 memset(cmd, 0, sizeof(cmd));
2590 memset(buf, 0, sizeof(buf));
2591 cmd[0] = INQUIRY;
2592 cmd[4] = sizeof(buf);
2593
2594 ret = scsi_SG_IO_FROM_DEV(s->qdev.conf.blk, cmd, sizeof(cmd),
2595 buf, sizeof(buf), s->qdev.io_timeout);
2596 if (ret < 0) {
2597 return -1;
2598 }
2599 s->qdev.type = buf[0];
2600 if (buf[1] & 0x80) {
2601 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2602 }
2603 return 0;
2604 }
2605
2606 static void scsi_block_realize(SCSIDevice *dev, Error **errp)
2607 {
2608 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2609 AioContext *ctx;
2610 int sg_version;
2611 int rc;
2612
2613 if (!s->qdev.conf.blk) {
2614 error_setg(errp, "drive property not set");
2615 return;
2616 }
2617
2618 if (s->rotation_rate) {
2619 error_report_once("rotation_rate is specified for scsi-block but is "
2620 "not implemented. This option is deprecated and will "
2621 "be removed in a future version");
2622 }
2623
2624 ctx = blk_get_aio_context(s->qdev.conf.blk);
2625 aio_context_acquire(ctx);
2626
2627 /* check we are using a driver managing SG_IO (version 3 and after) */
2628 rc = blk_ioctl(s->qdev.conf.blk, SG_GET_VERSION_NUM, &sg_version);
2629 if (rc < 0) {
2630 error_setg_errno(errp, -rc, "cannot get SG_IO version number");
2631 if (rc != -EPERM) {
2632 error_append_hint(errp, "Is this a SCSI device?\n");
2633 }
2634 goto out;
2635 }
2636 if (sg_version < 30000) {
2637 error_setg(errp, "scsi generic interface too old");
2638 goto out;
2639 }
2640
2641 /* get device type from INQUIRY data */
2642 rc = get_device_type(s);
2643 if (rc < 0) {
2644 error_setg(errp, "INQUIRY failed");
2645 goto out;
2646 }
2647
2648 /* Make a guess for the block size, we'll fix it when the guest sends.
2649 * READ CAPACITY. If they don't, they likely would assume these sizes
2650 * anyway. (TODO: check in /sys).
2651 */
2652 if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) {
2653 s->qdev.blocksize = 2048;
2654 } else {
2655 s->qdev.blocksize = 512;
2656 }
2657
2658 /* Makes the scsi-block device not removable by using HMP and QMP eject
2659 * command.
2660 */
2661 s->features |= (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS);
2662
2663 scsi_realize(&s->qdev, errp);
2664 scsi_generic_read_device_inquiry(&s->qdev);
2665
2666 out:
2667 aio_context_release(ctx);
2668 }
2669
2670 typedef struct SCSIBlockReq {
2671 SCSIDiskReq req;
2672 sg_io_hdr_t io_header;
2673
2674 /* Selected bytes of the original CDB, copied into our own CDB. */
2675 uint8_t cmd, cdb1, group_number;
2676
2677 /* CDB passed to SG_IO. */
2678 uint8_t cdb[16];
2679 } SCSIBlockReq;
2680
2681 static BlockAIOCB *scsi_block_do_sgio(SCSIBlockReq *req,
2682 int64_t offset, QEMUIOVector *iov,
2683 int direction,
2684 BlockCompletionFunc *cb, void *opaque)
2685 {
2686 sg_io_hdr_t *io_header = &req->io_header;
2687 SCSIDiskReq *r = &req->req;
2688 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2689 int nb_logical_blocks;
2690 uint64_t lba;
2691 BlockAIOCB *aiocb;
2692
2693 /* This is not supported yet. It can only happen if the guest does
2694 * reads and writes that are not aligned to one logical sectors
2695 * _and_ cover multiple MemoryRegions.
2696 */
2697 assert(offset % s->qdev.blocksize == 0);
2698 assert(iov->size % s->qdev.blocksize == 0);
2699
2700 io_header->interface_id = 'S';
2701
2702 /* The data transfer comes from the QEMUIOVector. */
2703 io_header->dxfer_direction = direction;
2704 io_header->dxfer_len = iov->size;
2705 io_header->dxferp = (void *)iov->iov;
2706 io_header->iovec_count = iov->niov;
2707 assert(io_header->iovec_count == iov->niov); /* no overflow! */
2708
2709 /* Build a new CDB with the LBA and length patched in, in case
2710 * DMA helpers split the transfer in multiple segments. Do not
2711 * build a CDB smaller than what the guest wanted, and only build
2712 * a larger one if strictly necessary.
2713 */
2714 io_header->cmdp = req->cdb;
2715 lba = offset / s->qdev.blocksize;
2716 nb_logical_blocks = io_header->dxfer_len / s->qdev.blocksize;
2717
2718 if ((req->cmd >> 5) == 0 && lba <= 0x1ffff) {
2719 /* 6-byte CDB */
2720 stl_be_p(&req->cdb[0], lba | (req->cmd << 24));
2721 req->cdb[4] = nb_logical_blocks;
2722 req->cdb[5] = 0;
2723 io_header->cmd_len = 6;
2724 } else if ((req->cmd >> 5) <= 1 && lba <= 0xffffffffULL) {
2725 /* 10-byte CDB */
2726 req->cdb[0] = (req->cmd & 0x1f) | 0x20;
2727 req->cdb[1] = req->cdb1;
2728 stl_be_p(&req->cdb[2], lba);
2729 req->cdb[6] = req->group_number;
2730 stw_be_p(&req->cdb[7], nb_logical_blocks);
2731 req->cdb[9] = 0;
2732 io_header->cmd_len = 10;
2733 } else if ((req->cmd >> 5) != 4 && lba <= 0xffffffffULL) {
2734 /* 12-byte CDB */
2735 req->cdb[0] = (req->cmd & 0x1f) | 0xA0;
2736 req->cdb[1] = req->cdb1;
2737 stl_be_p(&req->cdb[2], lba);
2738 stl_be_p(&req->cdb[6], nb_logical_blocks);
2739 req->cdb[10] = req->group_number;
2740 req->cdb[11] = 0;
2741 io_header->cmd_len = 12;
2742 } else {
2743 /* 16-byte CDB */
2744 req->cdb[0] = (req->cmd & 0x1f) | 0x80;
2745 req->cdb[1] = req->cdb1;
2746 stq_be_p(&req->cdb[2], lba);
2747 stl_be_p(&req->cdb[10], nb_logical_blocks);
2748 req->cdb[14] = req->group_number;
2749 req->cdb[15] = 0;
2750 io_header->cmd_len = 16;
2751 }
2752
2753 /* The rest is as in scsi-generic.c. */
2754 io_header->mx_sb_len = sizeof(r->req.sense);
2755 io_header->sbp = r->req.sense;
2756 io_header->timeout = s->qdev.io_timeout * 1000;
2757 io_header->usr_ptr = r;
2758 io_header->flags |= SG_FLAG_DIRECT_IO;
2759 trace_scsi_disk_aio_sgio_command(r->req.tag, req->cdb[0], lba,
2760 nb_logical_blocks, io_header->timeout);
2761 aiocb = blk_aio_ioctl(s->qdev.conf.blk, SG_IO, io_header, cb, opaque);
2762 assert(aiocb != NULL);
2763 return aiocb;
2764 }
2765
2766 static bool scsi_block_no_fua(SCSICommand *cmd)
2767 {
2768 return false;
2769 }
2770
2771 static BlockAIOCB *scsi_block_dma_readv(int64_t offset,
2772 QEMUIOVector *iov,
2773 BlockCompletionFunc *cb, void *cb_opaque,
2774 void *opaque)
2775 {
2776 SCSIBlockReq *r = opaque;
2777 return scsi_block_do_sgio(r, offset, iov,
2778 SG_DXFER_FROM_DEV, cb, cb_opaque);
2779 }
2780
2781 static BlockAIOCB *scsi_block_dma_writev(int64_t offset,
2782 QEMUIOVector *iov,
2783 BlockCompletionFunc *cb, void *cb_opaque,
2784 void *opaque)
2785 {
2786 SCSIBlockReq *r = opaque;
2787 return scsi_block_do_sgio(r, offset, iov,
2788 SG_DXFER_TO_DEV, cb, cb_opaque);
2789 }
2790
2791 static bool scsi_block_is_passthrough(SCSIDiskState *s, uint8_t *buf)
2792 {
2793 switch (buf[0]) {
2794 case VERIFY_10:
2795 case VERIFY_12:
2796 case VERIFY_16:
2797 /* Check if BYTCHK == 0x01 (data-out buffer contains data
2798 * for the number of logical blocks specified in the length
2799 * field). For other modes, do not use scatter/gather operation.
2800 */
2801 if ((buf[1] & 6) == 2) {
2802 return false;
2803 }
2804 break;
2805
2806 case READ_6:
2807 case READ_10:
2808 case READ_12:
2809 case READ_16:
2810 case WRITE_6:
2811 case WRITE_10:
2812 case WRITE_12:
2813 case WRITE_16:
2814 case WRITE_VERIFY_10:
2815 case WRITE_VERIFY_12:
2816 case WRITE_VERIFY_16:
2817 /* MMC writing cannot be done via DMA helpers, because it sometimes
2818 * involves writing beyond the maximum LBA or to negative LBA (lead-in).
2819 * We might use scsi_block_dma_reqops as long as no writing commands are
2820 * seen, but performance usually isn't paramount on optical media. So,
2821 * just make scsi-block operate the same as scsi-generic for them.
2822 */
2823 if (s->qdev.type != TYPE_ROM) {
2824 return false;
2825 }
2826 break;
2827
2828 default:
2829 break;
2830 }
2831
2832 return true;
2833 }
2834
2835
2836 static int32_t scsi_block_dma_command(SCSIRequest *req, uint8_t *buf)
2837 {
2838 SCSIBlockReq *r = (SCSIBlockReq *)req;
2839 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
2840
2841 r->cmd = req->cmd.buf[0];
2842 switch (r->cmd >> 5) {
2843 case 0:
2844 /* 6-byte CDB. */
2845 r->cdb1 = r->group_number = 0;
2846 break;
2847 case 1:
2848 /* 10-byte CDB. */
2849 r->cdb1 = req->cmd.buf[1];
2850 r->group_number = req->cmd.buf[6];
2851 break;
2852 case 4:
2853 /* 12-byte CDB. */
2854 r->cdb1 = req->cmd.buf[1];
2855 r->group_number = req->cmd.buf[10];
2856 break;
2857 case 5:
2858 /* 16-byte CDB. */
2859 r->cdb1 = req->cmd.buf[1];
2860 r->group_number = req->cmd.buf[14];
2861 break;
2862 default:
2863 abort();
2864 }
2865
2866 /* Protection information is not supported. For SCSI versions 2 and
2867 * older (as determined by snooping the guest's INQUIRY commands),
2868 * there is no RD/WR/VRPROTECT, so skip this check in these versions.
2869 */
2870 if (s->qdev.scsi_version > 2 && (req->cmd.buf[1] & 0xe0)) {
2871 scsi_check_condition(&r->req, SENSE_CODE(INVALID_FIELD));
2872 return 0;
2873 }
2874
2875 r->req.status = &r->io_header.status;
2876 return scsi_disk_dma_command(req, buf);
2877 }
2878
2879 static const SCSIReqOps scsi_block_dma_reqops = {
2880 .size = sizeof(SCSIBlockReq),
2881 .free_req = scsi_free_request,
2882 .send_command = scsi_block_dma_command,
2883 .read_data = scsi_read_data,
2884 .write_data = scsi_write_data,
2885 .get_buf = scsi_get_buf,
2886 .load_request = scsi_disk_load_request,
2887 .save_request = scsi_disk_save_request,
2888 };
2889
2890 static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag,
2891 uint32_t lun, uint8_t *buf,
2892 void *hba_private)
2893 {
2894 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2895
2896 if (scsi_block_is_passthrough(s, buf)) {
2897 return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun,
2898 hba_private);
2899 } else {
2900 return scsi_req_alloc(&scsi_block_dma_reqops, &s->qdev, tag, lun,
2901 hba_private);
2902 }
2903 }
2904
2905 static int scsi_block_parse_cdb(SCSIDevice *d, SCSICommand *cmd,
2906 uint8_t *buf, void *hba_private)
2907 {
2908 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2909
2910 if (scsi_block_is_passthrough(s, buf)) {
2911 return scsi_bus_parse_cdb(&s->qdev, cmd, buf, hba_private);
2912 } else {
2913 return scsi_req_parse_cdb(&s->qdev, cmd, buf);
2914 }
2915 }
2916
2917 static void scsi_block_update_sense(SCSIRequest *req)
2918 {
2919 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2920 SCSIBlockReq *br = DO_UPCAST(SCSIBlockReq, req, r);
2921 r->req.sense_len = MIN(br->io_header.sb_len_wr, sizeof(r->req.sense));
2922 }
2923 #endif
2924
2925 static
2926 BlockAIOCB *scsi_dma_readv(int64_t offset, QEMUIOVector *iov,
2927 BlockCompletionFunc *cb, void *cb_opaque,
2928 void *opaque)
2929 {
2930 SCSIDiskReq *r = opaque;
2931 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2932 return blk_aio_preadv(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2933 }
2934
2935 static
2936 BlockAIOCB *scsi_dma_writev(int64_t offset, QEMUIOVector *iov,
2937 BlockCompletionFunc *cb, void *cb_opaque,
2938 void *opaque)
2939 {
2940 SCSIDiskReq *r = opaque;
2941 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2942 return blk_aio_pwritev(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2943 }
2944
2945 static void scsi_disk_base_class_initfn(ObjectClass *klass, void *data)
2946 {
2947 DeviceClass *dc = DEVICE_CLASS(klass);
2948 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
2949
2950 dc->fw_name = "disk";
2951 dc->reset = scsi_disk_reset;
2952 sdc->dma_readv = scsi_dma_readv;
2953 sdc->dma_writev = scsi_dma_writev;
2954 sdc->need_fua_emulation = scsi_is_cmd_fua;
2955 }
2956
2957 static const TypeInfo scsi_disk_base_info = {
2958 .name = TYPE_SCSI_DISK_BASE,
2959 .parent = TYPE_SCSI_DEVICE,
2960 .class_init = scsi_disk_base_class_initfn,
2961 .instance_size = sizeof(SCSIDiskState),
2962 .class_size = sizeof(SCSIDiskClass),
2963 .abstract = true,
2964 };
2965
2966 #define DEFINE_SCSI_DISK_PROPERTIES() \
2967 DEFINE_PROP_DRIVE_IOTHREAD("drive", SCSIDiskState, qdev.conf.blk), \
2968 DEFINE_BLOCK_PROPERTIES_BASE(SCSIDiskState, qdev.conf), \
2969 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf), \
2970 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
2971 DEFINE_PROP_STRING("serial", SCSIDiskState, serial), \
2972 DEFINE_PROP_STRING("vendor", SCSIDiskState, vendor), \
2973 DEFINE_PROP_STRING("product", SCSIDiskState, product), \
2974 DEFINE_PROP_STRING("device_id", SCSIDiskState, device_id)
2975
2976
2977 static Property scsi_hd_properties[] = {
2978 DEFINE_SCSI_DISK_PROPERTIES(),
2979 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2980 SCSI_DISK_F_REMOVABLE, false),
2981 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2982 SCSI_DISK_F_DPOFUA, false),
2983 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
2984 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
2985 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
2986 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
2987 DEFAULT_MAX_UNMAP_SIZE),
2988 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
2989 DEFAULT_MAX_IO_SIZE),
2990 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),
2991 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
2992 5),
2993 DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState, qdev.conf),
2994 DEFINE_PROP_END_OF_LIST(),
2995 };
2996
2997 static const VMStateDescription vmstate_scsi_disk_state = {
2998 .name = "scsi-disk",
2999 .version_id = 1,
3000 .minimum_version_id = 1,
3001 .fields = (VMStateField[]) {
3002 VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState),
3003 VMSTATE_BOOL(media_changed, SCSIDiskState),
3004 VMSTATE_BOOL(media_event, SCSIDiskState),
3005 VMSTATE_BOOL(eject_request, SCSIDiskState),
3006 VMSTATE_BOOL(tray_open, SCSIDiskState),
3007 VMSTATE_BOOL(tray_locked, SCSIDiskState),
3008 VMSTATE_END_OF_LIST()
3009 }
3010 };
3011
3012 static void scsi_hd_class_initfn(ObjectClass *klass, void *data)
3013 {
3014 DeviceClass *dc = DEVICE_CLASS(klass);
3015 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3016
3017 sc->realize = scsi_hd_realize;
3018 sc->unrealize = scsi_unrealize;
3019 sc->alloc_req = scsi_new_request;
3020 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
3021 dc->desc = "virtual SCSI disk";
3022 device_class_set_props(dc, scsi_hd_properties);
3023 dc->vmsd = &vmstate_scsi_disk_state;
3024 }
3025
3026 static const TypeInfo scsi_hd_info = {
3027 .name = "scsi-hd",
3028 .parent = TYPE_SCSI_DISK_BASE,
3029 .class_init = scsi_hd_class_initfn,
3030 };
3031
3032 static Property scsi_cd_properties[] = {
3033 DEFINE_SCSI_DISK_PROPERTIES(),
3034 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3035 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
3036 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
3037 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3038 DEFAULT_MAX_IO_SIZE),
3039 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3040 5),
3041 DEFINE_PROP_END_OF_LIST(),
3042 };
3043
3044 static void scsi_cd_class_initfn(ObjectClass *klass, void *data)
3045 {
3046 DeviceClass *dc = DEVICE_CLASS(klass);
3047 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3048
3049 sc->realize = scsi_cd_realize;
3050 sc->alloc_req = scsi_new_request;
3051 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
3052 dc->desc = "virtual SCSI CD-ROM";
3053 device_class_set_props(dc, scsi_cd_properties);
3054 dc->vmsd = &vmstate_scsi_disk_state;
3055 }
3056
3057 static const TypeInfo scsi_cd_info = {
3058 .name = "scsi-cd",
3059 .parent = TYPE_SCSI_DISK_BASE,
3060 .class_init = scsi_cd_class_initfn,
3061 };
3062
3063 #ifdef __linux__
3064 static Property scsi_block_properties[] = {
3065 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf),
3066 DEFINE_PROP_DRIVE("drive", SCSIDiskState, qdev.conf.blk),
3067 DEFINE_PROP_BOOL("share-rw", SCSIDiskState, qdev.conf.share_rw, false),
3068 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),
3069 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3070 DEFAULT_MAX_UNMAP_SIZE),
3071 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3072 DEFAULT_MAX_IO_SIZE),
3073 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3074 -1),
3075 DEFINE_PROP_UINT32("io_timeout", SCSIDiskState, qdev.io_timeout,
3076 DEFAULT_IO_TIMEOUT),
3077 DEFINE_PROP_END_OF_LIST(),
3078 };
3079
3080 static void scsi_block_class_initfn(ObjectClass *klass, void *data)
3081 {
3082 DeviceClass *dc = DEVICE_CLASS(klass);
3083 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3084 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
3085
3086 sc->realize = scsi_block_realize;
3087 sc->alloc_req = scsi_block_new_request;
3088 sc->parse_cdb = scsi_block_parse_cdb;
3089 sdc->dma_readv = scsi_block_dma_readv;
3090 sdc->dma_writev = scsi_block_dma_writev;
3091 sdc->update_sense = scsi_block_update_sense;
3092 sdc->need_fua_emulation = scsi_block_no_fua;
3093 dc->desc = "SCSI block device passthrough";
3094 device_class_set_props(dc, scsi_block_properties);
3095 dc->vmsd = &vmstate_scsi_disk_state;
3096 }
3097
3098 static const TypeInfo scsi_block_info = {
3099 .name = "scsi-block",
3100 .parent = TYPE_SCSI_DISK_BASE,
3101 .class_init = scsi_block_class_initfn,
3102 };
3103 #endif
3104
3105 static Property scsi_disk_properties[] = {
3106 DEFINE_SCSI_DISK_PROPERTIES(),
3107 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
3108 SCSI_DISK_F_REMOVABLE, false),
3109 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
3110 SCSI_DISK_F_DPOFUA, false),
3111 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3112 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
3113 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
3114 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3115 DEFAULT_MAX_UNMAP_SIZE),
3116 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3117 DEFAULT_MAX_IO_SIZE),
3118 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3119 5),
3120 DEFINE_PROP_END_OF_LIST(),
3121 };
3122
3123 static void scsi_disk_class_initfn(ObjectClass *klass, void *data)
3124 {
3125 DeviceClass *dc = DEVICE_CLASS(klass);
3126 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3127
3128 sc->realize = scsi_disk_realize;
3129 sc->alloc_req = scsi_new_request;
3130 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
3131 dc->fw_name = "disk";
3132 dc->desc = "virtual SCSI disk or CD-ROM (legacy)";
3133 dc->reset = scsi_disk_reset;
3134 device_class_set_props(dc, scsi_disk_properties);
3135 dc->vmsd = &vmstate_scsi_disk_state;
3136 }
3137
3138 static const TypeInfo scsi_disk_info = {
3139 .name = "scsi-disk",
3140 .parent = TYPE_SCSI_DISK_BASE,
3141 .class_init = scsi_disk_class_initfn,
3142 };
3143
3144 static void scsi_disk_register_types(void)
3145 {
3146 type_register_static(&scsi_disk_base_info);
3147 type_register_static(&scsi_hd_info);
3148 type_register_static(&scsi_cd_info);
3149 #ifdef __linux__
3150 type_register_static(&scsi_block_info);
3151 #endif
3152 type_register_static(&scsi_disk_info);
3153 }
3154
3155 type_init(scsi_disk_register_types)
Random patches