search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
hw/scsi: support SCSI-2 passthrough without PI
[qemu/rayw.git] / hw / scsi / scsi-generic.c
blob381f04e33967200ca46a3b4342f6a175be121f32
1 /*
2 * Generic SCSI Device support
3 *
4 * Copyright (c) 2007 Bull S.A.S.
5 * Based on code by Paul Brook
6 * Based on code by Fabrice Bellard
7 *
8 * Written by Laurent Vivier <Laurent.Vivier@bull.net>
9 *
10 * This code is licensed under the LGPL.
11 *
12 */
13
14 #include "qemu/osdep.h"
15 #include "qapi/error.h"
16 #include "qemu-common.h"
17 #include "qemu/error-report.h"
18 #include "hw/scsi/scsi.h"
19 #include "sysemu/block-backend.h"
20 #include "sysemu/blockdev.h"
21
22 #ifdef __linux__
23
24 //#define DEBUG_SCSI
25
26 #ifdef DEBUG_SCSI
27 #define DPRINTF(fmt, ...) \
28 do { printf("scsi-generic: " fmt , ## __VA_ARGS__); } while (0)
29 #else
30 #define DPRINTF(fmt, ...) do {} while(0)
31 #endif
32
33 #define BADF(fmt, ...) \
34 do { fprintf(stderr, "scsi-generic: " fmt , ## __VA_ARGS__); } while (0)
35
36 #include <scsi/sg.h>
37 #include "scsi/constants.h"
38
39 #ifndef MAX_UINT
40 #define MAX_UINT ((unsigned int)-1)
41 #endif
42
43 typedef struct SCSIGenericReq {
44 SCSIRequest req;
45 uint8_t *buf;
46 int buflen;
47 int len;
48 sg_io_hdr_t io_header;
49 } SCSIGenericReq;
50
51 static void scsi_generic_save_request(QEMUFile *f, SCSIRequest *req)
52 {
53 SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
54
55 qemu_put_sbe32s(f, &r->buflen);
56 if (r->buflen && r->req.cmd.mode == SCSI_XFER_TO_DEV) {
57 assert(!r->req.sg);
58 qemu_put_buffer(f, r->buf, r->req.cmd.xfer);
59 }
60 }
61
62 static void scsi_generic_load_request(QEMUFile *f, SCSIRequest *req)
63 {
64 SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
65
66 qemu_get_sbe32s(f, &r->buflen);
67 if (r->buflen && r->req.cmd.mode == SCSI_XFER_TO_DEV) {
68 assert(!r->req.sg);
69 qemu_get_buffer(f, r->buf, r->req.cmd.xfer);
70 }
71 }
72
73 static void scsi_free_request(SCSIRequest *req)
74 {
75 SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
76
77 g_free(r->buf);
78 }
79
80 /* Helper function for command completion. */
81 static void scsi_command_complete_noio(SCSIGenericReq *r, int ret)
82 {
83 int status;
84 SCSISense sense;
85
86 assert(r->req.aiocb == NULL);
87
88 if (r->req.io_canceled) {
89 scsi_req_cancel_complete(&r->req);
90 goto done;
91 }
92 status = sg_io_sense_from_errno(-ret, &r->io_header, &sense);
93 if (status == CHECK_CONDITION) {
94 if (r->io_header.driver_status & SG_ERR_DRIVER_SENSE) {
95 r->req.sense_len = r->io_header.sb_len_wr;
96 } else {
97 scsi_req_build_sense(&r->req, sense);
98 }
99 }
100
101 DPRINTF("Command complete 0x%p tag=0x%x status=%d\n",
102 r, r->req.tag, status);
103
104 scsi_req_complete(&r->req, status);
105 done:
106 scsi_req_unref(&r->req);
107 }
108
109 static void scsi_command_complete(void *opaque, int ret)
110 {
111 SCSIGenericReq *r = (SCSIGenericReq *)opaque;
112 SCSIDevice *s = r->req.dev;
113
114 assert(r->req.aiocb != NULL);
115 r->req.aiocb = NULL;
116
117 aio_context_acquire(blk_get_aio_context(s->conf.blk));
118 scsi_command_complete_noio(r, ret);
119 aio_context_release(blk_get_aio_context(s->conf.blk));
120 }
121
122 static int execute_command(BlockBackend *blk,
123 SCSIGenericReq *r, int direction,
124 BlockCompletionFunc *complete)
125 {
126 r->io_header.interface_id = 'S';
127 r->io_header.dxfer_direction = direction;
128 r->io_header.dxferp = r->buf;
129 r->io_header.dxfer_len = r->buflen;
130 r->io_header.cmdp = r->req.cmd.buf;
131 r->io_header.cmd_len = r->req.cmd.len;
132 r->io_header.mx_sb_len = sizeof(r->req.sense);
133 r->io_header.sbp = r->req.sense;
134 r->io_header.timeout = MAX_UINT;
135 r->io_header.usr_ptr = r;
136 r->io_header.flags |= SG_FLAG_DIRECT_IO;
137
138 r->req.aiocb = blk_aio_ioctl(blk, SG_IO, &r->io_header, complete, r);
139 if (r->req.aiocb == NULL) {
140 return -EIO;
141 }
142
143 return 0;
144 }
145
146 static void scsi_read_complete(void * opaque, int ret)
147 {
148 SCSIGenericReq *r = (SCSIGenericReq *)opaque;
149 SCSIDevice *s = r->req.dev;
150 int len;
151
152 assert(r->req.aiocb != NULL);
153 r->req.aiocb = NULL;
154
155 aio_context_acquire(blk_get_aio_context(s->conf.blk));
156
157 if (ret || r->req.io_canceled) {
158 scsi_command_complete_noio(r, ret);
159 goto done;
160 }
161
162 len = r->io_header.dxfer_len - r->io_header.resid;
163 DPRINTF("Data ready tag=0x%x len=%d\n", r->req.tag, len);
164
165 r->len = -1;
166 if (len == 0) {
167 scsi_command_complete_noio(r, 0);
168 goto done;
169 }
170
171 /* Snoop READ CAPACITY output to set the blocksize. */
172 if (r->req.cmd.buf[0] == READ_CAPACITY_10 &&
173 (ldl_be_p(&r->buf[0]) != 0xffffffffU || s->max_lba == 0)) {
174 s->blocksize = ldl_be_p(&r->buf[4]);
175 s->max_lba = ldl_be_p(&r->buf[0]) & 0xffffffffULL;
176 } else if (r->req.cmd.buf[0] == SERVICE_ACTION_IN_16 &&
177 (r->req.cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
178 s->blocksize = ldl_be_p(&r->buf[8]);
179 s->max_lba = ldq_be_p(&r->buf[0]);
180 }
181 blk_set_guest_block_size(s->conf.blk, s->blocksize);
182
183 /* Patch MODE SENSE device specific parameters if the BDS is opened
184 * readonly.
185 */
186 if ((s->type == TYPE_DISK || s->type == TYPE_TAPE) &&
187 blk_is_read_only(s->conf.blk) &&
188 (r->req.cmd.buf[0] == MODE_SENSE ||
189 r->req.cmd.buf[0] == MODE_SENSE_10) &&
190 (r->req.cmd.buf[1] & 0x8) == 0) {
191 if (r->req.cmd.buf[0] == MODE_SENSE) {
192 r->buf[2] |= 0x80;
193 } else {
194 r->buf[3] |= 0x80;
195 }
196 }
197 if (r->req.cmd.buf[0] == INQUIRY) {
198 /*
199 * EVPD set to zero returns the standard INQUIRY data.
200 *
201 * Check if scsi_version is unset (-1) to avoid re-defining it
202 * each time an INQUIRY with standard data is received.
203 * scsi_version is initialized with -1 in scsi_generic_reset
204 * and scsi_disk_reset, making sure that we'll set the
205 * scsi_version after a reset. If the version field of the
206 * INQUIRY response somehow changes after a guest reboot,
207 * we'll be able to keep track of it.
208 *
209 * On SCSI-2 and older, first 3 bits of byte 2 is the
210 * ANSI-approved version, while on later versions the
211 * whole byte 2 contains the version. Check if we're dealing
212 * with a newer version and, in that case, assign the
213 * whole byte.
214 */
215 if (s->scsi_version == -1 && !(r->req.cmd.buf[1] & 0x01)) {
216 s->scsi_version = r->buf[2] & 0x07;
217 if (s->scsi_version > 2) {
218 s->scsi_version = r->buf[2];
219 }
220 }
221 if (s->type == TYPE_DISK && r->req.cmd.buf[2] == 0xb0) {
222 uint32_t max_transfer =
223 blk_get_max_transfer(s->conf.blk) / s->blocksize;
224
225 assert(max_transfer);
226 stl_be_p(&r->buf[8], max_transfer);
227 /* Also take care of the opt xfer len. */
228 stl_be_p(&r->buf[12],
229 MIN_NON_ZERO(max_transfer, ldl_be_p(&r->buf[12])));
230 }
231 }
232 scsi_req_data(&r->req, len);
233 scsi_req_unref(&r->req);
234
235 done:
236 aio_context_release(blk_get_aio_context(s->conf.blk));
237 }
238
239 /* Read more data from scsi device into buffer. */
240 static void scsi_read_data(SCSIRequest *req)
241 {
242 SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
243 SCSIDevice *s = r->req.dev;
244 int ret;
245
246 DPRINTF("scsi_read_data tag=0x%x\n", req->tag);
247
248 /* The request is used as the AIO opaque value, so add a ref. */
249 scsi_req_ref(&r->req);
250 if (r->len == -1) {
251 scsi_command_complete_noio(r, 0);
252 return;
253 }
254
255 ret = execute_command(s->conf.blk, r, SG_DXFER_FROM_DEV,
256 scsi_read_complete);
257 if (ret < 0) {
258 scsi_command_complete_noio(r, ret);
259 }
260 }
261
262 static void scsi_write_complete(void * opaque, int ret)
263 {
264 SCSIGenericReq *r = (SCSIGenericReq *)opaque;
265 SCSIDevice *s = r->req.dev;
266
267 DPRINTF("scsi_write_complete() ret = %d\n", ret);
268
269 assert(r->req.aiocb != NULL);
270 r->req.aiocb = NULL;
271
272 aio_context_acquire(blk_get_aio_context(s->conf.blk));
273
274 if (ret || r->req.io_canceled) {
275 scsi_command_complete_noio(r, ret);
276 goto done;
277 }
278
279 if (r->req.cmd.buf[0] == MODE_SELECT && r->req.cmd.buf[4] == 12 &&
280 s->type == TYPE_TAPE) {
281 s->blocksize = (r->buf[9] << 16) | (r->buf[10] << 8) | r->buf[11];
282 DPRINTF("block size %d\n", s->blocksize);
283 }
284
285 scsi_command_complete_noio(r, ret);
286
287 done:
288 aio_context_release(blk_get_aio_context(s->conf.blk));
289 }
290
291 /* Write data to a scsi device. Returns nonzero on failure.
292 The transfer may complete asynchronously. */
293 static void scsi_write_data(SCSIRequest *req)
294 {
295 SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
296 SCSIDevice *s = r->req.dev;
297 int ret;
298
299 DPRINTF("scsi_write_data tag=0x%x\n", req->tag);
300 if (r->len == 0) {
301 r->len = r->buflen;
302 scsi_req_data(&r->req, r->len);
303 return;
304 }
305
306 /* The request is used as the AIO opaque value, so add a ref. */
307 scsi_req_ref(&r->req);
308 ret = execute_command(s->conf.blk, r, SG_DXFER_TO_DEV, scsi_write_complete);
309 if (ret < 0) {
310 scsi_command_complete_noio(r, ret);
311 }
312 }
313
314 /* Return a pointer to the data buffer. */
315 static uint8_t *scsi_get_buf(SCSIRequest *req)
316 {
317 SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
318
319 return r->buf;
320 }
321
322 /* Execute a scsi command. Returns the length of the data expected by the
323 command. This will be Positive for data transfers from the device
324 (eg. disk reads), negative for transfers to the device (eg. disk writes),
325 and zero if the command does not transfer any data. */
326
327 static int32_t scsi_send_command(SCSIRequest *req, uint8_t *cmd)
328 {
329 SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
330 SCSIDevice *s = r->req.dev;
331 int ret;
332
333 #ifdef DEBUG_SCSI
334 DPRINTF("Command: data=0x%02x", cmd[0]);
335 {
336 int i;
337 for (i = 1; i < r->req.cmd.len; i++) {
338 printf(" 0x%02x", cmd[i]);
339 }
340 printf("\n");
341 }
342 #endif
343
344 if (r->req.cmd.xfer == 0) {
345 g_free(r->buf);
346 r->buflen = 0;
347 r->buf = NULL;
348 /* The request is used as the AIO opaque value, so add a ref. */
349 scsi_req_ref(&r->req);
350 ret = execute_command(s->conf.blk, r, SG_DXFER_NONE,
351 scsi_command_complete);
352 if (ret < 0) {
353 scsi_command_complete_noio(r, ret);
354 return 0;
355 }
356 return 0;
357 }
358
359 if (r->buflen != r->req.cmd.xfer) {
360 g_free(r->buf);
361 r->buf = g_malloc(r->req.cmd.xfer);
362 r->buflen = r->req.cmd.xfer;
363 }
364
365 memset(r->buf, 0, r->buflen);
366 r->len = r->req.cmd.xfer;
367 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
368 r->len = 0;
369 return -r->req.cmd.xfer;
370 } else {
371 return r->req.cmd.xfer;
372 }
373 }
374
375 static int read_naa_id(const uint8_t *p, uint64_t *p_wwn)
376 {
377 int i;
378
379 if ((p[1] & 0xF) == 3) {
380 /* NAA designator type */
381 if (p[3] != 8) {
382 return -EINVAL;
383 }
384 *p_wwn = ldq_be_p(p + 4);
385 return 0;
386 }
387
388 if ((p[1] & 0xF) == 8) {
389 /* SCSI name string designator type */
390 if (p[3] < 20 || memcmp(&p[4], "naa.", 4)) {
391 return -EINVAL;
392 }
393 if (p[3] > 20 && p[24] != ',') {
394 return -EINVAL;
395 }
396 *p_wwn = 0;
397 for (i = 8; i < 24; i++) {
398 char c = qemu_toupper(p[i]);
399 c -= (c >= '0' && c <= '9' ? '0' : 'A' - 10);
400 *p_wwn = (*p_wwn << 4) | c;
401 }
402 return 0;
403 }
404
405 return -EINVAL;
406 }
407
408 void scsi_generic_read_device_identification(SCSIDevice *s)
409 {
410 uint8_t cmd[6];
411 uint8_t buf[250];
412 uint8_t sensebuf[8];
413 sg_io_hdr_t io_header;
414 int ret;
415 int i, len;
416
417 memset(cmd, 0, sizeof(cmd));
418 memset(buf, 0, sizeof(buf));
419 cmd[0] = INQUIRY;
420 cmd[1] = 1;
421 cmd[2] = 0x83;
422 cmd[4] = sizeof(buf);
423
424 memset(&io_header, 0, sizeof(io_header));
425 io_header.interface_id = 'S';
426 io_header.dxfer_direction = SG_DXFER_FROM_DEV;
427 io_header.dxfer_len = sizeof(buf);
428 io_header.dxferp = buf;
429 io_header.cmdp = cmd;
430 io_header.cmd_len = sizeof(cmd);
431 io_header.mx_sb_len = sizeof(sensebuf);
432 io_header.sbp = sensebuf;
433 io_header.timeout = 6000; /* XXX */
434
435 ret = blk_ioctl(s->conf.blk, SG_IO, &io_header);
436 if (ret < 0 || io_header.driver_status || io_header.host_status) {
437 return;
438 }
439
440 len = MIN((buf[2] << 8) | buf[3], sizeof(buf) - 4);
441 for (i = 0; i + 3 <= len; ) {
442 const uint8_t *p = &buf[i + 4];
443 uint64_t wwn;
444
445 if (i + (p[3] + 4) > len) {
446 break;
447 }
448
449 if ((p[1] & 0x10) == 0) {
450 /* Associated with the logical unit */
451 if (read_naa_id(p, &wwn) == 0) {
452 s->wwn = wwn;
453 }
454 } else if ((p[1] & 0x10) == 0x10) {
455 /* Associated with the target port */
456 if (read_naa_id(p, &wwn) == 0) {
457 s->port_wwn = wwn;
458 }
459 }
460
461 i += p[3] + 4;
462 }
463 }
464
465 static int get_stream_blocksize(BlockBackend *blk)
466 {
467 uint8_t cmd[6];
468 uint8_t buf[12];
469 uint8_t sensebuf[8];
470 sg_io_hdr_t io_header;
471 int ret;
472
473 memset(cmd, 0, sizeof(cmd));
474 memset(buf, 0, sizeof(buf));
475 cmd[0] = MODE_SENSE;
476 cmd[4] = sizeof(buf);
477
478 memset(&io_header, 0, sizeof(io_header));
479 io_header.interface_id = 'S';
480 io_header.dxfer_direction = SG_DXFER_FROM_DEV;
481 io_header.dxfer_len = sizeof(buf);
482 io_header.dxferp = buf;
483 io_header.cmdp = cmd;
484 io_header.cmd_len = sizeof(cmd);
485 io_header.mx_sb_len = sizeof(sensebuf);
486 io_header.sbp = sensebuf;
487 io_header.timeout = 6000; /* XXX */
488
489 ret = blk_ioctl(blk, SG_IO, &io_header);
490 if (ret < 0 || io_header.driver_status || io_header.host_status) {
491 return -1;
492 }
493 return (buf[9] << 16) | (buf[10] << 8) | buf[11];
494 }
495
496 static void scsi_generic_reset(DeviceState *dev)
497 {
498 SCSIDevice *s = SCSI_DEVICE(dev);
499
500 s->scsi_version = s->default_scsi_version;
501 scsi_device_purge_requests(s, SENSE_CODE(RESET));
502 }
503
504 static void scsi_generic_realize(SCSIDevice *s, Error **errp)
505 {
506 int rc;
507 int sg_version;
508 struct sg_scsi_id scsiid;
509
510 if (!s->conf.blk) {
511 error_setg(errp, "drive property not set");
512 return;
513 }
514
515 if (blk_get_on_error(s->conf.blk, 0) != BLOCKDEV_ON_ERROR_ENOSPC) {
516 error_setg(errp, "Device doesn't support drive option werror");
517 return;
518 }
519 if (blk_get_on_error(s->conf.blk, 1) != BLOCKDEV_ON_ERROR_REPORT) {
520 error_setg(errp, "Device doesn't support drive option rerror");
521 return;
522 }
523
524 /* check we are using a driver managing SG_IO (version 3 and after */
525 rc = blk_ioctl(s->conf.blk, SG_GET_VERSION_NUM, &sg_version);
526 if (rc < 0) {
527 error_setg_errno(errp, -rc, "cannot get SG_IO version number");
528 if (rc != -EPERM) {
529 error_append_hint(errp, "Is this a SCSI device?\n");
530 }
531 return;
532 }
533 if (sg_version < 30000) {
534 error_setg(errp, "scsi generic interface too old");
535 return;
536 }
537
538 /* get LUN of the /dev/sg? */
539 if (blk_ioctl(s->conf.blk, SG_GET_SCSI_ID, &scsiid)) {
540 error_setg(errp, "SG_GET_SCSI_ID ioctl failed");
541 return;
542 }
543 if (!blkconf_apply_backend_options(&s->conf,
544 blk_is_read_only(s->conf.blk),
545 true, errp)) {
546 return;
547 }
548
549 /* define device state */
550 s->type = scsiid.scsi_type;
551 DPRINTF("device type %d\n", s->type);
552
553 switch (s->type) {
554 case TYPE_TAPE:
555 s->blocksize = get_stream_blocksize(s->conf.blk);
556 if (s->blocksize == -1) {
557 s->blocksize = 0;
558 }
559 break;
560
561 /* Make a guess for block devices, we'll fix it when the guest sends.
562 * READ CAPACITY. If they don't, they likely would assume these sizes
563 * anyway. (TODO: they could also send MODE SENSE).
564 */
565 case TYPE_ROM:
566 case TYPE_WORM:
567 s->blocksize = 2048;
568 break;
569 default:
570 s->blocksize = 512;
571 break;
572 }
573
574 DPRINTF("block size %d\n", s->blocksize);
575
576 /* Only used by scsi-block, but initialize it nevertheless to be clean. */
577 s->default_scsi_version = -1;
578 scsi_generic_read_device_identification(s);
579 }
580
581 const SCSIReqOps scsi_generic_req_ops = {
582 .size = sizeof(SCSIGenericReq),
583 .free_req = scsi_free_request,
584 .send_command = scsi_send_command,
585 .read_data = scsi_read_data,
586 .write_data = scsi_write_data,
587 .get_buf = scsi_get_buf,
588 .load_request = scsi_generic_load_request,
589 .save_request = scsi_generic_save_request,
590 };
591
592 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
593 uint8_t *buf, void *hba_private)
594 {
595 return scsi_req_alloc(&scsi_generic_req_ops, d, tag, lun, hba_private);
596 }
597
598 static Property scsi_generic_properties[] = {
599 DEFINE_PROP_DRIVE("drive", SCSIDevice, conf.blk),
600 DEFINE_PROP_BOOL("share-rw", SCSIDevice, conf.share_rw, false),
601 DEFINE_PROP_END_OF_LIST(),
602 };
603
604 static int scsi_generic_parse_cdb(SCSIDevice *dev, SCSICommand *cmd,
605 uint8_t *buf, void *hba_private)
606 {
607 return scsi_bus_parse_cdb(dev, cmd, buf, hba_private);
608 }
609
610 static void scsi_generic_class_initfn(ObjectClass *klass, void *data)
611 {
612 DeviceClass *dc = DEVICE_CLASS(klass);
613 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
614
615 sc->realize = scsi_generic_realize;
616 sc->alloc_req = scsi_new_request;
617 sc->parse_cdb = scsi_generic_parse_cdb;
618 dc->fw_name = "disk";
619 dc->desc = "pass through generic scsi device (/dev/sg*)";
620 dc->reset = scsi_generic_reset;
621 dc->props = scsi_generic_properties;
622 dc->vmsd = &vmstate_scsi_device;
623 }
624
625 static const TypeInfo scsi_generic_info = {
626 .name = "scsi-generic",
627 .parent = TYPE_SCSI_DEVICE,
628 .instance_size = sizeof(SCSIDevice),
629 .class_init = scsi_generic_class_initfn,
630 };
631
632 static void scsi_generic_register_types(void)
633 {
634 type_register_static(&scsi_generic_info);
635 }
636
637 type_init(scsi_generic_register_types)
638
639 #endif /* __linux__ */
Ray Wang's QEMU Repository