]> git.ipfire.org Git - thirdparty/qemu.git/blob - hw/scsi/scsi-disk.c
projects / thirdparty / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Move QOM typedefs and add missing includes
[thirdparty/qemu.git] / hw / scsi / scsi-disk.c
1 /*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
14 *
15 * This code is licensed under the LGPL.
16 *
17 * Note that this file only handles the SCSI architecture model and device
18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
20 */
21
22 #include "qemu/osdep.h"
23 #include "qemu/units.h"
24 #include "qapi/error.h"
25 #include "qemu/error-report.h"
26 #include "qemu/main-loop.h"
27 #include "qemu/module.h"
28 #include "hw/scsi/scsi.h"
29 #include "migration/qemu-file-types.h"
30 #include "migration/vmstate.h"
31 #include "hw/scsi/emulation.h"
32 #include "scsi/constants.h"
33 #include "sysemu/block-backend.h"
34 #include "sysemu/blockdev.h"
35 #include "hw/block/block.h"
36 #include "hw/qdev-properties.h"
37 #include "sysemu/dma.h"
38 #include "sysemu/sysemu.h"
39 #include "qemu/cutils.h"
40 #include "trace.h"
41 #include "qom/object.h"
42
43 #ifdef __linux
44 #include <scsi/sg.h>
45 #endif
46
47 #define SCSI_WRITE_SAME_MAX (512 * KiB)
48 #define SCSI_DMA_BUF_SIZE (128 * KiB)
49 #define SCSI_MAX_INQUIRY_LEN 256
50 #define SCSI_MAX_MODE_LEN 256
51
52 #define DEFAULT_DISCARD_GRANULARITY (4 * KiB)
53 #define DEFAULT_MAX_UNMAP_SIZE (1 * GiB)
54 #define DEFAULT_MAX_IO_SIZE INT_MAX /* 2 GB - 1 block */
55
56 #define TYPE_SCSI_DISK_BASE "scsi-disk-base"
57
58 typedef struct SCSIDiskClass SCSIDiskClass;
59 typedef struct SCSIDiskState SCSIDiskState;
60 #define SCSI_DISK_BASE(obj) \
61 OBJECT_CHECK(SCSIDiskState, (obj), TYPE_SCSI_DISK_BASE)
62 #define SCSI_DISK_BASE_CLASS(klass) \
63 OBJECT_CLASS_CHECK(SCSIDiskClass, (klass), TYPE_SCSI_DISK_BASE)
64 #define SCSI_DISK_BASE_GET_CLASS(obj) \
65 OBJECT_GET_CLASS(SCSIDiskClass, (obj), TYPE_SCSI_DISK_BASE)
66
67 struct SCSIDiskClass {
68 SCSIDeviceClass parent_class;
69 DMAIOFunc *dma_readv;
70 DMAIOFunc *dma_writev;
71 bool (*need_fua_emulation)(SCSICommand *cmd);
72 void (*update_sense)(SCSIRequest *r);
73 };
74
75 typedef struct SCSIDiskReq {
76 SCSIRequest req;
77 /* Both sector and sector_count are in terms of BDRV_SECTOR_SIZE bytes. */
78 uint64_t sector;
79 uint32_t sector_count;
80 uint32_t buflen;
81 bool started;
82 bool need_fua_emulation;
83 struct iovec iov;
84 QEMUIOVector qiov;
85 BlockAcctCookie acct;
86 unsigned char *status;
87 } SCSIDiskReq;
88
89 #define SCSI_DISK_F_REMOVABLE 0
90 #define SCSI_DISK_F_DPOFUA 1
91 #define SCSI_DISK_F_NO_REMOVABLE_DEVOPS 2
92
93 struct SCSIDiskState {
94 SCSIDevice qdev;
95 uint32_t features;
96 bool media_changed;
97 bool media_event;
98 bool eject_request;
99 uint16_t port_index;
100 uint64_t max_unmap_size;
101 uint64_t max_io_size;
102 QEMUBH *bh;
103 char *version;
104 char *serial;
105 char *vendor;
106 char *product;
107 char *device_id;
108 bool tray_open;
109 bool tray_locked;
110 /*
111 * 0x0000 - rotation rate not reported
112 * 0x0001 - non-rotating medium (SSD)
113 * 0x0002-0x0400 - reserved
114 * 0x0401-0xffe - rotations per minute
115 * 0xffff - reserved
116 */
117 uint16_t rotation_rate;
118 };
119
120 static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed);
121
122 static void scsi_free_request(SCSIRequest *req)
123 {
124 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
125
126 qemu_vfree(r->iov.iov_base);
127 }
128
129 /* Helper function for command completion with sense. */
130 static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
131 {
132 trace_scsi_disk_check_condition(r->req.tag, sense.key, sense.asc,
133 sense.ascq);
134 scsi_req_build_sense(&r->req, sense);
135 scsi_req_complete(&r->req, CHECK_CONDITION);
136 }
137
138 static void scsi_init_iovec(SCSIDiskReq *r, size_t size)
139 {
140 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
141
142 if (!r->iov.iov_base) {
143 r->buflen = size;
144 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
145 }
146 r->iov.iov_len = MIN(r->sector_count * BDRV_SECTOR_SIZE, r->buflen);
147 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
148 }
149
150 static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req)
151 {
152 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
153
154 qemu_put_be64s(f, &r->sector);
155 qemu_put_be32s(f, &r->sector_count);
156 qemu_put_be32s(f, &r->buflen);
157 if (r->buflen) {
158 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
159 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
160 } else if (!req->retry) {
161 uint32_t len = r->iov.iov_len;
162 qemu_put_be32s(f, &len);
163 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
164 }
165 }
166 }
167
168 static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req)
169 {
170 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
171
172 qemu_get_be64s(f, &r->sector);
173 qemu_get_be32s(f, &r->sector_count);
174 qemu_get_be32s(f, &r->buflen);
175 if (r->buflen) {
176 scsi_init_iovec(r, r->buflen);
177 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
178 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
179 } else if (!r->req.retry) {
180 uint32_t len;
181 qemu_get_be32s(f, &len);
182 r->iov.iov_len = len;
183 assert(r->iov.iov_len <= r->buflen);
184 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
185 }
186 }
187
188 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
189 }
190
191 static bool scsi_disk_req_check_error(SCSIDiskReq *r, int ret, bool acct_failed)
192 {
193 if (r->req.io_canceled) {
194 scsi_req_cancel_complete(&r->req);
195 return true;
196 }
197
198 if (ret < 0 || (r->status && *r->status)) {
199 return scsi_handle_rw_error(r, -ret, acct_failed);
200 }
201
202 return false;
203 }
204
205 static void scsi_aio_complete(void *opaque, int ret)
206 {
207 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
208 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
209
210 assert(r->req.aiocb != NULL);
211 r->req.aiocb = NULL;
212 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
213 if (scsi_disk_req_check_error(r, ret, true)) {
214 goto done;
215 }
216
217 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
218 scsi_req_complete(&r->req, GOOD);
219
220 done:
221 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
222 scsi_req_unref(&r->req);
223 }
224
225 static bool scsi_is_cmd_fua(SCSICommand *cmd)
226 {
227 switch (cmd->buf[0]) {
228 case READ_10:
229 case READ_12:
230 case READ_16:
231 case WRITE_10:
232 case WRITE_12:
233 case WRITE_16:
234 return (cmd->buf[1] & 8) != 0;
235
236 case VERIFY_10:
237 case VERIFY_12:
238 case VERIFY_16:
239 case WRITE_VERIFY_10:
240 case WRITE_VERIFY_12:
241 case WRITE_VERIFY_16:
242 return true;
243
244 case READ_6:
245 case WRITE_6:
246 default:
247 return false;
248 }
249 }
250
251 static void scsi_write_do_fua(SCSIDiskReq *r)
252 {
253 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
254
255 assert(r->req.aiocb == NULL);
256 assert(!r->req.io_canceled);
257
258 if (r->need_fua_emulation) {
259 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
260 BLOCK_ACCT_FLUSH);
261 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
262 return;
263 }
264
265 scsi_req_complete(&r->req, GOOD);
266 scsi_req_unref(&r->req);
267 }
268
269 static void scsi_dma_complete_noio(SCSIDiskReq *r, int ret)
270 {
271 assert(r->req.aiocb == NULL);
272 if (scsi_disk_req_check_error(r, ret, false)) {
273 goto done;
274 }
275
276 r->sector += r->sector_count;
277 r->sector_count = 0;
278 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
279 scsi_write_do_fua(r);
280 return;
281 } else {
282 scsi_req_complete(&r->req, GOOD);
283 }
284
285 done:
286 scsi_req_unref(&r->req);
287 }
288
289 static void scsi_dma_complete(void *opaque, int ret)
290 {
291 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
292 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
293
294 assert(r->req.aiocb != NULL);
295 r->req.aiocb = NULL;
296
297 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
298 if (ret < 0) {
299 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
300 } else {
301 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
302 }
303 scsi_dma_complete_noio(r, ret);
304 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
305 }
306
307 static void scsi_read_complete_noio(SCSIDiskReq *r, int ret)
308 {
309 uint32_t n;
310
311 assert(r->req.aiocb == NULL);
312 if (scsi_disk_req_check_error(r, ret, false)) {
313 goto done;
314 }
315
316 n = r->qiov.size / BDRV_SECTOR_SIZE;
317 r->sector += n;
318 r->sector_count -= n;
319 scsi_req_data(&r->req, r->qiov.size);
320
321 done:
322 scsi_req_unref(&r->req);
323 }
324
325 static void scsi_read_complete(void *opaque, int ret)
326 {
327 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
328 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
329
330 assert(r->req.aiocb != NULL);
331 r->req.aiocb = NULL;
332
333 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
334 if (ret < 0) {
335 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
336 } else {
337 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
338 trace_scsi_disk_read_complete(r->req.tag, r->qiov.size);
339 }
340 scsi_read_complete_noio(r, ret);
341 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
342 }
343
344 /* Actually issue a read to the block device. */
345 static void scsi_do_read(SCSIDiskReq *r, int ret)
346 {
347 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
348 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
349
350 assert (r->req.aiocb == NULL);
351 if (scsi_disk_req_check_error(r, ret, false)) {
352 goto done;
353 }
354
355 /* The request is used as the AIO opaque value, so add a ref. */
356 scsi_req_ref(&r->req);
357
358 if (r->req.sg) {
359 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_READ);
360 r->req.resid -= r->req.sg->size;
361 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
362 r->req.sg, r->sector << BDRV_SECTOR_BITS,
363 BDRV_SECTOR_SIZE,
364 sdc->dma_readv, r, scsi_dma_complete, r,
365 DMA_DIRECTION_FROM_DEVICE);
366 } else {
367 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
368 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
369 r->qiov.size, BLOCK_ACCT_READ);
370 r->req.aiocb = sdc->dma_readv(r->sector << BDRV_SECTOR_BITS, &r->qiov,
371 scsi_read_complete, r, r);
372 }
373
374 done:
375 scsi_req_unref(&r->req);
376 }
377
378 static void scsi_do_read_cb(void *opaque, int ret)
379 {
380 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
381 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
382
383 assert (r->req.aiocb != NULL);
384 r->req.aiocb = NULL;
385
386 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
387 if (ret < 0) {
388 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
389 } else {
390 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
391 }
392 scsi_do_read(opaque, ret);
393 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
394 }
395
396 /* Read more data from scsi device into buffer. */
397 static void scsi_read_data(SCSIRequest *req)
398 {
399 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
400 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
401 bool first;
402
403 trace_scsi_disk_read_data_count(r->sector_count);
404 if (r->sector_count == 0) {
405 /* This also clears the sense buffer for REQUEST SENSE. */
406 scsi_req_complete(&r->req, GOOD);
407 return;
408 }
409
410 /* No data transfer may already be in progress */
411 assert(r->req.aiocb == NULL);
412
413 /* The request is used as the AIO opaque value, so add a ref. */
414 scsi_req_ref(&r->req);
415 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
416 trace_scsi_disk_read_data_invalid();
417 scsi_read_complete_noio(r, -EINVAL);
418 return;
419 }
420
421 if (!blk_is_available(req->dev->conf.blk)) {
422 scsi_read_complete_noio(r, -ENOMEDIUM);
423 return;
424 }
425
426 first = !r->started;
427 r->started = true;
428 if (first && r->need_fua_emulation) {
429 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
430 BLOCK_ACCT_FLUSH);
431 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_do_read_cb, r);
432 } else {
433 scsi_do_read(r, 0);
434 }
435 }
436
437 /*
438 * scsi_handle_rw_error has two return values. False means that the error
439 * must be ignored, true means that the error has been processed and the
440 * caller should not do anything else for this request. Note that
441 * scsi_handle_rw_error always manages its reference counts, independent
442 * of the return value.
443 */
444 static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed)
445 {
446 bool is_read = (r->req.cmd.mode == SCSI_XFER_FROM_DEV);
447 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
448 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
449 BlockErrorAction action = blk_get_error_action(s->qdev.conf.blk,
450 is_read, error);
451
452 if (action == BLOCK_ERROR_ACTION_REPORT) {
453 if (acct_failed) {
454 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
455 }
456 switch (error) {
457 case 0:
458 /* A passthrough command has run and has produced sense data; check
459 * whether the error has to be handled by the guest or should rather
460 * pause the host.
461 */
462 assert(r->status && *r->status);
463 if (scsi_sense_buf_is_guest_recoverable(r->req.sense, sizeof(r->req.sense))) {
464 /* These errors are handled by guest. */
465 sdc->update_sense(&r->req);
466 scsi_req_complete(&r->req, *r->status);
467 return true;
468 }
469 error = scsi_sense_buf_to_errno(r->req.sense, sizeof(r->req.sense));
470 break;
471 case ENOMEDIUM:
472 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
473 break;
474 case ENOMEM:
475 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
476 break;
477 case EINVAL:
478 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
479 break;
480 case ENOSPC:
481 scsi_check_condition(r, SENSE_CODE(SPACE_ALLOC_FAILED));
482 break;
483 default:
484 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
485 break;
486 }
487 }
488
489 blk_error_action(s->qdev.conf.blk, action, is_read, error);
490 if (action == BLOCK_ERROR_ACTION_IGNORE) {
491 scsi_req_complete(&r->req, 0);
492 return true;
493 }
494
495 if (action == BLOCK_ERROR_ACTION_STOP) {
496 scsi_req_retry(&r->req);
497 }
498 return true;
499 }
500
501 static void scsi_write_complete_noio(SCSIDiskReq *r, int ret)
502 {
503 uint32_t n;
504
505 assert (r->req.aiocb == NULL);
506 if (scsi_disk_req_check_error(r, ret, false)) {
507 goto done;
508 }
509
510 n = r->qiov.size / BDRV_SECTOR_SIZE;
511 r->sector += n;
512 r->sector_count -= n;
513 if (r->sector_count == 0) {
514 scsi_write_do_fua(r);
515 return;
516 } else {
517 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
518 trace_scsi_disk_write_complete_noio(r->req.tag, r->qiov.size);
519 scsi_req_data(&r->req, r->qiov.size);
520 }
521
522 done:
523 scsi_req_unref(&r->req);
524 }
525
526 static void scsi_write_complete(void * opaque, int ret)
527 {
528 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
529 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
530
531 assert (r->req.aiocb != NULL);
532 r->req.aiocb = NULL;
533
534 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
535 if (ret < 0) {
536 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
537 } else {
538 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
539 }
540 scsi_write_complete_noio(r, ret);
541 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
542 }
543
544 static void scsi_write_data(SCSIRequest *req)
545 {
546 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
547 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
548 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
549
550 /* No data transfer may already be in progress */
551 assert(r->req.aiocb == NULL);
552
553 /* The request is used as the AIO opaque value, so add a ref. */
554 scsi_req_ref(&r->req);
555 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
556 trace_scsi_disk_write_data_invalid();
557 scsi_write_complete_noio(r, -EINVAL);
558 return;
559 }
560
561 if (!r->req.sg && !r->qiov.size) {
562 /* Called for the first time. Ask the driver to send us more data. */
563 r->started = true;
564 scsi_write_complete_noio(r, 0);
565 return;
566 }
567 if (!blk_is_available(req->dev->conf.blk)) {
568 scsi_write_complete_noio(r, -ENOMEDIUM);
569 return;
570 }
571
572 if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 ||
573 r->req.cmd.buf[0] == VERIFY_16) {
574 if (r->req.sg) {
575 scsi_dma_complete_noio(r, 0);
576 } else {
577 scsi_write_complete_noio(r, 0);
578 }
579 return;
580 }
581
582 if (r->req.sg) {
583 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_WRITE);
584 r->req.resid -= r->req.sg->size;
585 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
586 r->req.sg, r->sector << BDRV_SECTOR_BITS,
587 BDRV_SECTOR_SIZE,
588 sdc->dma_writev, r, scsi_dma_complete, r,
589 DMA_DIRECTION_TO_DEVICE);
590 } else {
591 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
592 r->qiov.size, BLOCK_ACCT_WRITE);
593 r->req.aiocb = sdc->dma_writev(r->sector << BDRV_SECTOR_BITS, &r->qiov,
594 scsi_write_complete, r, r);
595 }
596 }
597
598 /* Return a pointer to the data buffer. */
599 static uint8_t *scsi_get_buf(SCSIRequest *req)
600 {
601 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
602
603 return (uint8_t *)r->iov.iov_base;
604 }
605
606 static int scsi_disk_emulate_vpd_page(SCSIRequest *req, uint8_t *outbuf)
607 {
608 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
609 uint8_t page_code = req->cmd.buf[2];
610 int start, buflen = 0;
611
612 outbuf[buflen++] = s->qdev.type & 0x1f;
613 outbuf[buflen++] = page_code;
614 outbuf[buflen++] = 0x00;
615 outbuf[buflen++] = 0x00;
616 start = buflen;
617
618 switch (page_code) {
619 case 0x00: /* Supported page codes, mandatory */
620 {
621 trace_scsi_disk_emulate_vpd_page_00(req->cmd.xfer);
622 outbuf[buflen++] = 0x00; /* list of supported pages (this page) */
623 if (s->serial) {
624 outbuf[buflen++] = 0x80; /* unit serial number */
625 }
626 outbuf[buflen++] = 0x83; /* device identification */
627 if (s->qdev.type == TYPE_DISK) {
628 outbuf[buflen++] = 0xb0; /* block limits */
629 outbuf[buflen++] = 0xb1; /* block device characteristics */
630 outbuf[buflen++] = 0xb2; /* thin provisioning */
631 }
632 break;
633 }
634 case 0x80: /* Device serial number, optional */
635 {
636 int l;
637
638 if (!s->serial) {
639 trace_scsi_disk_emulate_vpd_page_80_not_supported();
640 return -1;
641 }
642
643 l = strlen(s->serial);
644 if (l > 36) {
645 l = 36;
646 }
647
648 trace_scsi_disk_emulate_vpd_page_80(req->cmd.xfer);
649 memcpy(outbuf + buflen, s->serial, l);
650 buflen += l;
651 break;
652 }
653
654 case 0x83: /* Device identification page, mandatory */
655 {
656 int id_len = s->device_id ? MIN(strlen(s->device_id), 255 - 8) : 0;
657
658 trace_scsi_disk_emulate_vpd_page_83(req->cmd.xfer);
659
660 if (id_len) {
661 outbuf[buflen++] = 0x2; /* ASCII */
662 outbuf[buflen++] = 0; /* not officially assigned */
663 outbuf[buflen++] = 0; /* reserved */
664 outbuf[buflen++] = id_len; /* length of data following */
665 memcpy(outbuf + buflen, s->device_id, id_len);
666 buflen += id_len;
667 }
668
669 if (s->qdev.wwn) {
670 outbuf[buflen++] = 0x1; /* Binary */
671 outbuf[buflen++] = 0x3; /* NAA */
672 outbuf[buflen++] = 0; /* reserved */
673 outbuf[buflen++] = 8;
674 stq_be_p(&outbuf[buflen], s->qdev.wwn);
675 buflen += 8;
676 }
677
678 if (s->qdev.port_wwn) {
679 outbuf[buflen++] = 0x61; /* SAS / Binary */
680 outbuf[buflen++] = 0x93; /* PIV / Target port / NAA */
681 outbuf[buflen++] = 0; /* reserved */
682 outbuf[buflen++] = 8;
683 stq_be_p(&outbuf[buflen], s->qdev.port_wwn);
684 buflen += 8;
685 }
686
687 if (s->port_index) {
688 outbuf[buflen++] = 0x61; /* SAS / Binary */
689
690 /* PIV/Target port/relative target port */
691 outbuf[buflen++] = 0x94;
692
693 outbuf[buflen++] = 0; /* reserved */
694 outbuf[buflen++] = 4;
695 stw_be_p(&outbuf[buflen + 2], s->port_index);
696 buflen += 4;
697 }
698 break;
699 }
700 case 0xb0: /* block limits */
701 {
702 SCSIBlockLimits bl = {};
703
704 if (s->qdev.type == TYPE_ROM) {
705 trace_scsi_disk_emulate_vpd_page_b0_not_supported();
706 return -1;
707 }
708 bl.wsnz = 1;
709 bl.unmap_sectors =
710 s->qdev.conf.discard_granularity / s->qdev.blocksize;
711 bl.min_io_size =
712 s->qdev.conf.min_io_size / s->qdev.blocksize;
713 bl.opt_io_size =
714 s->qdev.conf.opt_io_size / s->qdev.blocksize;
715 bl.max_unmap_sectors =
716 s->max_unmap_size / s->qdev.blocksize;
717 bl.max_io_sectors =
718 s->max_io_size / s->qdev.blocksize;
719 /* 255 descriptors fit in 4 KiB with an 8-byte header */
720 bl.max_unmap_descr = 255;
721
722 if (s->qdev.type == TYPE_DISK) {
723 int max_transfer_blk = blk_get_max_transfer(s->qdev.conf.blk);
724 int max_io_sectors_blk =
725 max_transfer_blk / s->qdev.blocksize;
726
727 bl.max_io_sectors =
728 MIN_NON_ZERO(max_io_sectors_blk, bl.max_io_sectors);
729 }
730 buflen += scsi_emulate_block_limits(outbuf + buflen, &bl);
731 break;
732 }
733 case 0xb1: /* block device characteristics */
734 {
735 buflen = 0x40;
736 outbuf[4] = (s->rotation_rate >> 8) & 0xff;
737 outbuf[5] = s->rotation_rate & 0xff;
738 outbuf[6] = 0; /* PRODUCT TYPE */
739 outbuf[7] = 0; /* WABEREQ | WACEREQ | NOMINAL FORM FACTOR */
740 outbuf[8] = 0; /* VBULS */
741 break;
742 }
743 case 0xb2: /* thin provisioning */
744 {
745 buflen = 8;
746 outbuf[4] = 0;
747 outbuf[5] = 0xe0; /* unmap & write_same 10/16 all supported */
748 outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1;
749 outbuf[7] = 0;
750 break;
751 }
752 default:
753 return -1;
754 }
755 /* done with EVPD */
756 assert(buflen - start <= 255);
757 outbuf[start - 1] = buflen - start;
758 return buflen;
759 }
760
761 static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
762 {
763 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
764 int buflen = 0;
765
766 if (req->cmd.buf[1] & 0x1) {
767 /* Vital product data */
768 return scsi_disk_emulate_vpd_page(req, outbuf);
769 }
770
771 /* Standard INQUIRY data */
772 if (req->cmd.buf[2] != 0) {
773 return -1;
774 }
775
776 /* PAGE CODE == 0 */
777 buflen = req->cmd.xfer;
778 if (buflen > SCSI_MAX_INQUIRY_LEN) {
779 buflen = SCSI_MAX_INQUIRY_LEN;
780 }
781
782 outbuf[0] = s->qdev.type & 0x1f;
783 outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0;
784
785 strpadcpy((char *) &outbuf[16], 16, s->product, ' ');
786 strpadcpy((char *) &outbuf[8], 8, s->vendor, ' ');
787
788 memset(&outbuf[32], 0, 4);
789 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
790 /*
791 * We claim conformance to SPC-3, which is required for guests
792 * to ask for modern features like READ CAPACITY(16) or the
793 * block characteristics VPD page by default. Not all of SPC-3
794 * is actually implemented, but we're good enough.
795 */
796 outbuf[2] = s->qdev.default_scsi_version;
797 outbuf[3] = 2 | 0x10; /* Format 2, HiSup */
798
799 if (buflen > 36) {
800 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
801 } else {
802 /* If the allocation length of CDB is too small,
803 the additional length is not adjusted */
804 outbuf[4] = 36 - 5;
805 }
806
807 /* Sync data transfer and TCQ. */
808 outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0);
809 return buflen;
810 }
811
812 static inline bool media_is_dvd(SCSIDiskState *s)
813 {
814 uint64_t nb_sectors;
815 if (s->qdev.type != TYPE_ROM) {
816 return false;
817 }
818 if (!blk_is_available(s->qdev.conf.blk)) {
819 return false;
820 }
821 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
822 return nb_sectors > CD_MAX_SECTORS;
823 }
824
825 static inline bool media_is_cd(SCSIDiskState *s)
826 {
827 uint64_t nb_sectors;
828 if (s->qdev.type != TYPE_ROM) {
829 return false;
830 }
831 if (!blk_is_available(s->qdev.conf.blk)) {
832 return false;
833 }
834 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
835 return nb_sectors <= CD_MAX_SECTORS;
836 }
837
838 static int scsi_read_disc_information(SCSIDiskState *s, SCSIDiskReq *r,
839 uint8_t *outbuf)
840 {
841 uint8_t type = r->req.cmd.buf[1] & 7;
842
843 if (s->qdev.type != TYPE_ROM) {
844 return -1;
845 }
846
847 /* Types 1/2 are only defined for Blu-Ray. */
848 if (type != 0) {
849 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
850 return -1;
851 }
852
853 memset(outbuf, 0, 34);
854 outbuf[1] = 32;
855 outbuf[2] = 0xe; /* last session complete, disc finalized */
856 outbuf[3] = 1; /* first track on disc */
857 outbuf[4] = 1; /* # of sessions */
858 outbuf[5] = 1; /* first track of last session */
859 outbuf[6] = 1; /* last track of last session */
860 outbuf[7] = 0x20; /* unrestricted use */
861 outbuf[8] = 0x00; /* CD-ROM or DVD-ROM */
862 /* 9-10-11: most significant byte corresponding bytes 4-5-6 */
863 /* 12-23: not meaningful for CD-ROM or DVD-ROM */
864 /* 24-31: disc bar code */
865 /* 32: disc application code */
866 /* 33: number of OPC tables */
867
868 return 34;
869 }
870
871 static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r,
872 uint8_t *outbuf)
873 {
874 static const int rds_caps_size[5] = {
875 [0] = 2048 + 4,
876 [1] = 4 + 4,
877 [3] = 188 + 4,
878 [4] = 2048 + 4,
879 };
880
881 uint8_t media = r->req.cmd.buf[1];
882 uint8_t layer = r->req.cmd.buf[6];
883 uint8_t format = r->req.cmd.buf[7];
884 int size = -1;
885
886 if (s->qdev.type != TYPE_ROM) {
887 return -1;
888 }
889 if (media != 0) {
890 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
891 return -1;
892 }
893
894 if (format != 0xff) {
895 if (!blk_is_available(s->qdev.conf.blk)) {
896 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
897 return -1;
898 }
899 if (media_is_cd(s)) {
900 scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT));
901 return -1;
902 }
903 if (format >= ARRAY_SIZE(rds_caps_size)) {
904 return -1;
905 }
906 size = rds_caps_size[format];
907 memset(outbuf, 0, size);
908 }
909
910 switch (format) {
911 case 0x00: {
912 /* Physical format information */
913 uint64_t nb_sectors;
914 if (layer != 0) {
915 goto fail;
916 }
917 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
918
919 outbuf[4] = 1; /* DVD-ROM, part version 1 */
920 outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
921 outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
922 outbuf[7] = 0; /* default densities */
923
924 stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */
925 stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */
926 break;
927 }
928
929 case 0x01: /* DVD copyright information, all zeros */
930 break;
931
932 case 0x03: /* BCA information - invalid field for no BCA info */
933 return -1;
934
935 case 0x04: /* DVD disc manufacturing information, all zeros */
936 break;
937
938 case 0xff: { /* List capabilities */
939 int i;
940 size = 4;
941 for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) {
942 if (!rds_caps_size[i]) {
943 continue;
944 }
945 outbuf[size] = i;
946 outbuf[size + 1] = 0x40; /* Not writable, readable */
947 stw_be_p(&outbuf[size + 2], rds_caps_size[i]);
948 size += 4;
949 }
950 break;
951 }
952
953 default:
954 return -1;
955 }
956
957 /* Size of buffer, not including 2 byte size field */
958 stw_be_p(outbuf, size - 2);
959 return size;
960
961 fail:
962 return -1;
963 }
964
965 static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf)
966 {
967 uint8_t event_code, media_status;
968
969 media_status = 0;
970 if (s->tray_open) {
971 media_status = MS_TRAY_OPEN;
972 } else if (blk_is_inserted(s->qdev.conf.blk)) {
973 media_status = MS_MEDIA_PRESENT;
974 }
975
976 /* Event notification descriptor */
977 event_code = MEC_NO_CHANGE;
978 if (media_status != MS_TRAY_OPEN) {
979 if (s->media_event) {
980 event_code = MEC_NEW_MEDIA;
981 s->media_event = false;
982 } else if (s->eject_request) {
983 event_code = MEC_EJECT_REQUESTED;
984 s->eject_request = false;
985 }
986 }
987
988 outbuf[0] = event_code;
989 outbuf[1] = media_status;
990
991 /* These fields are reserved, just clear them. */
992 outbuf[2] = 0;
993 outbuf[3] = 0;
994 return 4;
995 }
996
997 static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r,
998 uint8_t *outbuf)
999 {
1000 int size;
1001 uint8_t *buf = r->req.cmd.buf;
1002 uint8_t notification_class_request = buf[4];
1003 if (s->qdev.type != TYPE_ROM) {
1004 return -1;
1005 }
1006 if ((buf[1] & 1) == 0) {
1007 /* asynchronous */
1008 return -1;
1009 }
1010
1011 size = 4;
1012 outbuf[0] = outbuf[1] = 0;
1013 outbuf[3] = 1 << GESN_MEDIA; /* supported events */
1014 if (notification_class_request & (1 << GESN_MEDIA)) {
1015 outbuf[2] = GESN_MEDIA;
1016 size += scsi_event_status_media(s, &outbuf[size]);
1017 } else {
1018 outbuf[2] = 0x80;
1019 }
1020 stw_be_p(outbuf, size - 4);
1021 return size;
1022 }
1023
1024 static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf)
1025 {
1026 int current;
1027
1028 if (s->qdev.type != TYPE_ROM) {
1029 return -1;
1030 }
1031
1032 if (media_is_dvd(s)) {
1033 current = MMC_PROFILE_DVD_ROM;
1034 } else if (media_is_cd(s)) {
1035 current = MMC_PROFILE_CD_ROM;
1036 } else {
1037 current = MMC_PROFILE_NONE;
1038 }
1039
1040 memset(outbuf, 0, 40);
1041 stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */
1042 stw_be_p(&outbuf[6], current);
1043 /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */
1044 outbuf[10] = 0x03; /* persistent, current */
1045 outbuf[11] = 8; /* two profiles */
1046 stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM);
1047 outbuf[14] = (current == MMC_PROFILE_DVD_ROM);
1048 stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM);
1049 outbuf[18] = (current == MMC_PROFILE_CD_ROM);
1050 /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */
1051 stw_be_p(&outbuf[20], 1);
1052 outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */
1053 outbuf[23] = 8;
1054 stl_be_p(&outbuf[24], 1); /* SCSI */
1055 outbuf[28] = 1; /* DBE = 1, mandatory */
1056 /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */
1057 stw_be_p(&outbuf[32], 3);
1058 outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */
1059 outbuf[35] = 4;
1060 outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */
1061 /* TODO: Random readable, CD read, DVD read, drive serial number,
1062 power management */
1063 return 40;
1064 }
1065
1066 static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf)
1067 {
1068 if (s->qdev.type != TYPE_ROM) {
1069 return -1;
1070 }
1071 memset(outbuf, 0, 8);
1072 outbuf[5] = 1; /* CD-ROM */
1073 return 8;
1074 }
1075
1076 static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
1077 int page_control)
1078 {
1079 static const int mode_sense_valid[0x3f] = {
1080 [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK),
1081 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK),
1082 [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
1083 [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
1084 [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM),
1085 [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM),
1086 };
1087
1088 uint8_t *p = *p_outbuf + 2;
1089 int length;
1090
1091 if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) {
1092 return -1;
1093 }
1094
1095 /*
1096 * If Changeable Values are requested, a mask denoting those mode parameters
1097 * that are changeable shall be returned. As we currently don't support
1098 * parameter changes via MODE_SELECT all bits are returned set to zero.
1099 * The buffer was already menset to zero by the caller of this function.
1100 *
1101 * The offsets here are off by two compared to the descriptions in the
1102 * SCSI specs, because those include a 2-byte header. This is unfortunate,
1103 * but it is done so that offsets are consistent within our implementation
1104 * of MODE SENSE and MODE SELECT. MODE SELECT has to deal with both
1105 * 2-byte and 4-byte headers.
1106 */
1107 switch (page) {
1108 case MODE_PAGE_HD_GEOMETRY:
1109 length = 0x16;
1110 if (page_control == 1) { /* Changeable Values */
1111 break;
1112 }
1113 /* if a geometry hint is available, use it */
1114 p[0] = (s->qdev.conf.cyls >> 16) & 0xff;
1115 p[1] = (s->qdev.conf.cyls >> 8) & 0xff;
1116 p[2] = s->qdev.conf.cyls & 0xff;
1117 p[3] = s->qdev.conf.heads & 0xff;
1118 /* Write precomp start cylinder, disabled */
1119 p[4] = (s->qdev.conf.cyls >> 16) & 0xff;
1120 p[5] = (s->qdev.conf.cyls >> 8) & 0xff;
1121 p[6] = s->qdev.conf.cyls & 0xff;
1122 /* Reduced current start cylinder, disabled */
1123 p[7] = (s->qdev.conf.cyls >> 16) & 0xff;
1124 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1125 p[9] = s->qdev.conf.cyls & 0xff;
1126 /* Device step rate [ns], 200ns */
1127 p[10] = 0;
1128 p[11] = 200;
1129 /* Landing zone cylinder */
1130 p[12] = 0xff;
1131 p[13] = 0xff;
1132 p[14] = 0xff;
1133 /* Medium rotation rate [rpm], 5400 rpm */
1134 p[18] = (5400 >> 8) & 0xff;
1135 p[19] = 5400 & 0xff;
1136 break;
1137
1138 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY:
1139 length = 0x1e;
1140 if (page_control == 1) { /* Changeable Values */
1141 break;
1142 }
1143 /* Transfer rate [kbit/s], 5Mbit/s */
1144 p[0] = 5000 >> 8;
1145 p[1] = 5000 & 0xff;
1146 /* if a geometry hint is available, use it */
1147 p[2] = s->qdev.conf.heads & 0xff;
1148 p[3] = s->qdev.conf.secs & 0xff;
1149 p[4] = s->qdev.blocksize >> 8;
1150 p[6] = (s->qdev.conf.cyls >> 8) & 0xff;
1151 p[7] = s->qdev.conf.cyls & 0xff;
1152 /* Write precomp start cylinder, disabled */
1153 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1154 p[9] = s->qdev.conf.cyls & 0xff;
1155 /* Reduced current start cylinder, disabled */
1156 p[10] = (s->qdev.conf.cyls >> 8) & 0xff;
1157 p[11] = s->qdev.conf.cyls & 0xff;
1158 /* Device step rate [100us], 100us */
1159 p[12] = 0;
1160 p[13] = 1;
1161 /* Device step pulse width [us], 1us */
1162 p[14] = 1;
1163 /* Device head settle delay [100us], 100us */
1164 p[15] = 0;
1165 p[16] = 1;
1166 /* Motor on delay [0.1s], 0.1s */
1167 p[17] = 1;
1168 /* Motor off delay [0.1s], 0.1s */
1169 p[18] = 1;
1170 /* Medium rotation rate [rpm], 5400 rpm */
1171 p[26] = (5400 >> 8) & 0xff;
1172 p[27] = 5400 & 0xff;
1173 break;
1174
1175 case MODE_PAGE_CACHING:
1176 length = 0x12;
1177 if (page_control == 1 || /* Changeable Values */
1178 blk_enable_write_cache(s->qdev.conf.blk)) {
1179 p[0] = 4; /* WCE */
1180 }
1181 break;
1182
1183 case MODE_PAGE_R_W_ERROR:
1184 length = 10;
1185 if (page_control == 1) { /* Changeable Values */
1186 break;
1187 }
1188 p[0] = 0x80; /* Automatic Write Reallocation Enabled */
1189 if (s->qdev.type == TYPE_ROM) {
1190 p[1] = 0x20; /* Read Retry Count */
1191 }
1192 break;
1193
1194 case MODE_PAGE_AUDIO_CTL:
1195 length = 14;
1196 break;
1197
1198 case MODE_PAGE_CAPABILITIES:
1199 length = 0x14;
1200 if (page_control == 1) { /* Changeable Values */
1201 break;
1202 }
1203
1204 p[0] = 0x3b; /* CD-R & CD-RW read */
1205 p[1] = 0; /* Writing not supported */
1206 p[2] = 0x7f; /* Audio, composite, digital out,
1207 mode 2 form 1&2, multi session */
1208 p[3] = 0xff; /* CD DA, DA accurate, RW supported,
1209 RW corrected, C2 errors, ISRC,
1210 UPC, Bar code */
1211 p[4] = 0x2d | (s->tray_locked ? 2 : 0);
1212 /* Locking supported, jumper present, eject, tray */
1213 p[5] = 0; /* no volume & mute control, no
1214 changer */
1215 p[6] = (50 * 176) >> 8; /* 50x read speed */
1216 p[7] = (50 * 176) & 0xff;
1217 p[8] = 2 >> 8; /* Two volume levels */
1218 p[9] = 2 & 0xff;
1219 p[10] = 2048 >> 8; /* 2M buffer */
1220 p[11] = 2048 & 0xff;
1221 p[12] = (16 * 176) >> 8; /* 16x read speed current */
1222 p[13] = (16 * 176) & 0xff;
1223 p[16] = (16 * 176) >> 8; /* 16x write speed */
1224 p[17] = (16 * 176) & 0xff;
1225 p[18] = (16 * 176) >> 8; /* 16x write speed current */
1226 p[19] = (16 * 176) & 0xff;
1227 break;
1228
1229 default:
1230 return -1;
1231 }
1232
1233 assert(length < 256);
1234 (*p_outbuf)[0] = page;
1235 (*p_outbuf)[1] = length;
1236 *p_outbuf += length + 2;
1237 return length + 2;
1238 }
1239
1240 static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
1241 {
1242 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1243 uint64_t nb_sectors;
1244 bool dbd;
1245 int page, buflen, ret, page_control;
1246 uint8_t *p;
1247 uint8_t dev_specific_param;
1248
1249 dbd = (r->req.cmd.buf[1] & 0x8) != 0;
1250 page = r->req.cmd.buf[2] & 0x3f;
1251 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
1252
1253 trace_scsi_disk_emulate_mode_sense((r->req.cmd.buf[0] == MODE_SENSE) ? 6 :
1254 10, page, r->req.cmd.xfer, page_control);
1255 memset(outbuf, 0, r->req.cmd.xfer);
1256 p = outbuf;
1257
1258 if (s->qdev.type == TYPE_DISK) {
1259 dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0;
1260 if (blk_is_read_only(s->qdev.conf.blk)) {
1261 dev_specific_param |= 0x80; /* Readonly. */
1262 }
1263 } else {
1264 /* MMC prescribes that CD/DVD drives have no block descriptors,
1265 * and defines no device-specific parameter. */
1266 dev_specific_param = 0x00;
1267 dbd = true;
1268 }
1269
1270 if (r->req.cmd.buf[0] == MODE_SENSE) {
1271 p[1] = 0; /* Default media type. */
1272 p[2] = dev_specific_param;
1273 p[3] = 0; /* Block descriptor length. */
1274 p += 4;
1275 } else { /* MODE_SENSE_10 */
1276 p[2] = 0; /* Default media type. */
1277 p[3] = dev_specific_param;
1278 p[6] = p[7] = 0; /* Block descriptor length. */
1279 p += 8;
1280 }
1281
1282 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
1283 if (!dbd && nb_sectors) {
1284 if (r->req.cmd.buf[0] == MODE_SENSE) {
1285 outbuf[3] = 8; /* Block descriptor length */
1286 } else { /* MODE_SENSE_10 */
1287 outbuf[7] = 8; /* Block descriptor length */
1288 }
1289 nb_sectors /= (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1290 if (nb_sectors > 0xffffff) {
1291 nb_sectors = 0;
1292 }
1293 p[0] = 0; /* media density code */
1294 p[1] = (nb_sectors >> 16) & 0xff;
1295 p[2] = (nb_sectors >> 8) & 0xff;
1296 p[3] = nb_sectors & 0xff;
1297 p[4] = 0; /* reserved */
1298 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
1299 p[6] = s->qdev.blocksize >> 8;
1300 p[7] = 0;
1301 p += 8;
1302 }
1303
1304 if (page_control == 3) {
1305 /* Saved Values */
1306 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
1307 return -1;
1308 }
1309
1310 if (page == 0x3f) {
1311 for (page = 0; page <= 0x3e; page++) {
1312 mode_sense_page(s, page, &p, page_control);
1313 }
1314 } else {
1315 ret = mode_sense_page(s, page, &p, page_control);
1316 if (ret == -1) {
1317 return -1;
1318 }
1319 }
1320
1321 buflen = p - outbuf;
1322 /*
1323 * The mode data length field specifies the length in bytes of the
1324 * following data that is available to be transferred. The mode data
1325 * length does not include itself.
1326 */
1327 if (r->req.cmd.buf[0] == MODE_SENSE) {
1328 outbuf[0] = buflen - 1;
1329 } else { /* MODE_SENSE_10 */
1330 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
1331 outbuf[1] = (buflen - 2) & 0xff;
1332 }
1333 return buflen;
1334 }
1335
1336 static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
1337 {
1338 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1339 int start_track, format, msf, toclen;
1340 uint64_t nb_sectors;
1341
1342 msf = req->cmd.buf[1] & 2;
1343 format = req->cmd.buf[2] & 0xf;
1344 start_track = req->cmd.buf[6];
1345 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
1346 trace_scsi_disk_emulate_read_toc(start_track, format, msf >> 1);
1347 nb_sectors /= s->qdev.blocksize / BDRV_SECTOR_SIZE;
1348 switch (format) {
1349 case 0:
1350 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
1351 break;
1352 case 1:
1353 /* multi session : only a single session defined */
1354 toclen = 12;
1355 memset(outbuf, 0, 12);
1356 outbuf[1] = 0x0a;
1357 outbuf[2] = 0x01;
1358 outbuf[3] = 0x01;
1359 break;
1360 case 2:
1361 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
1362 break;
1363 default:
1364 return -1;
1365 }
1366 return toclen;
1367 }
1368
1369 static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
1370 {
1371 SCSIRequest *req = &r->req;
1372 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1373 bool start = req->cmd.buf[4] & 1;
1374 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
1375 int pwrcnd = req->cmd.buf[4] & 0xf0;
1376
1377 if (pwrcnd) {
1378 /* eject/load only happens for power condition == 0 */
1379 return 0;
1380 }
1381
1382 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) && loej) {
1383 if (!start && !s->tray_open && s->tray_locked) {
1384 scsi_check_condition(r,
1385 blk_is_inserted(s->qdev.conf.blk)
1386 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
1387 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
1388 return -1;
1389 }
1390
1391 if (s->tray_open != !start) {
1392 blk_eject(s->qdev.conf.blk, !start);
1393 s->tray_open = !start;
1394 }
1395 }
1396 return 0;
1397 }
1398
1399 static void scsi_disk_emulate_read_data(SCSIRequest *req)
1400 {
1401 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1402 int buflen = r->iov.iov_len;
1403
1404 if (buflen) {
1405 trace_scsi_disk_emulate_read_data(buflen);
1406 r->iov.iov_len = 0;
1407 r->started = true;
1408 scsi_req_data(&r->req, buflen);
1409 return;
1410 }
1411
1412 /* This also clears the sense buffer for REQUEST SENSE. */
1413 scsi_req_complete(&r->req, GOOD);
1414 }
1415
1416 static int scsi_disk_check_mode_select(SCSIDiskState *s, int page,
1417 uint8_t *inbuf, int inlen)
1418 {
1419 uint8_t mode_current[SCSI_MAX_MODE_LEN];
1420 uint8_t mode_changeable[SCSI_MAX_MODE_LEN];
1421 uint8_t *p;
1422 int len, expected_len, changeable_len, i;
1423
1424 /* The input buffer does not include the page header, so it is
1425 * off by 2 bytes.
1426 */
1427 expected_len = inlen + 2;
1428 if (expected_len > SCSI_MAX_MODE_LEN) {
1429 return -1;
1430 }
1431
1432 p = mode_current;
1433 memset(mode_current, 0, inlen + 2);
1434 len = mode_sense_page(s, page, &p, 0);
1435 if (len < 0 || len != expected_len) {
1436 return -1;
1437 }
1438
1439 p = mode_changeable;
1440 memset(mode_changeable, 0, inlen + 2);
1441 changeable_len = mode_sense_page(s, page, &p, 1);
1442 assert(changeable_len == len);
1443
1444 /* Check that unchangeable bits are the same as what MODE SENSE
1445 * would return.
1446 */
1447 for (i = 2; i < len; i++) {
1448 if (((mode_current[i] ^ inbuf[i - 2]) & ~mode_changeable[i]) != 0) {
1449 return -1;
1450 }
1451 }
1452 return 0;
1453 }
1454
1455 static void scsi_disk_apply_mode_select(SCSIDiskState *s, int page, uint8_t *p)
1456 {
1457 switch (page) {
1458 case MODE_PAGE_CACHING:
1459 blk_set_enable_write_cache(s->qdev.conf.blk, (p[0] & 4) != 0);
1460 break;
1461
1462 default:
1463 break;
1464 }
1465 }
1466
1467 static int mode_select_pages(SCSIDiskReq *r, uint8_t *p, int len, bool change)
1468 {
1469 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1470
1471 while (len > 0) {
1472 int page, subpage, page_len;
1473
1474 /* Parse both possible formats for the mode page headers. */
1475 page = p[0] & 0x3f;
1476 if (p[0] & 0x40) {
1477 if (len < 4) {
1478 goto invalid_param_len;
1479 }
1480 subpage = p[1];
1481 page_len = lduw_be_p(&p[2]);
1482 p += 4;
1483 len -= 4;
1484 } else {
1485 if (len < 2) {
1486 goto invalid_param_len;
1487 }
1488 subpage = 0;
1489 page_len = p[1];
1490 p += 2;
1491 len -= 2;
1492 }
1493
1494 if (subpage) {
1495 goto invalid_param;
1496 }
1497 if (page_len > len) {
1498 goto invalid_param_len;
1499 }
1500
1501 if (!change) {
1502 if (scsi_disk_check_mode_select(s, page, p, page_len) < 0) {
1503 goto invalid_param;
1504 }
1505 } else {
1506 scsi_disk_apply_mode_select(s, page, p);
1507 }
1508
1509 p += page_len;
1510 len -= page_len;
1511 }
1512 return 0;
1513
1514 invalid_param:
1515 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1516 return -1;
1517
1518 invalid_param_len:
1519 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1520 return -1;
1521 }
1522
1523 static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf)
1524 {
1525 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1526 uint8_t *p = inbuf;
1527 int cmd = r->req.cmd.buf[0];
1528 int len = r->req.cmd.xfer;
1529 int hdr_len = (cmd == MODE_SELECT ? 4 : 8);
1530 int bd_len;
1531 int pass;
1532
1533 /* We only support PF=1, SP=0. */
1534 if ((r->req.cmd.buf[1] & 0x11) != 0x10) {
1535 goto invalid_field;
1536 }
1537
1538 if (len < hdr_len) {
1539 goto invalid_param_len;
1540 }
1541
1542 bd_len = (cmd == MODE_SELECT ? p[3] : lduw_be_p(&p[6]));
1543 len -= hdr_len;
1544 p += hdr_len;
1545 if (len < bd_len) {
1546 goto invalid_param_len;
1547 }
1548 if (bd_len != 0 && bd_len != 8) {
1549 goto invalid_param;
1550 }
1551
1552 len -= bd_len;
1553 p += bd_len;
1554
1555 /* Ensure no change is made if there is an error! */
1556 for (pass = 0; pass < 2; pass++) {
1557 if (mode_select_pages(r, p, len, pass == 1) < 0) {
1558 assert(pass == 0);
1559 return;
1560 }
1561 }
1562 if (!blk_enable_write_cache(s->qdev.conf.blk)) {
1563 /* The request is used as the AIO opaque value, so add a ref. */
1564 scsi_req_ref(&r->req);
1565 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
1566 BLOCK_ACCT_FLUSH);
1567 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
1568 return;
1569 }
1570
1571 scsi_req_complete(&r->req, GOOD);
1572 return;
1573
1574 invalid_param:
1575 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1576 return;
1577
1578 invalid_param_len:
1579 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1580 return;
1581
1582 invalid_field:
1583 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1584 }
1585
1586 static inline bool check_lba_range(SCSIDiskState *s,
1587 uint64_t sector_num, uint32_t nb_sectors)
1588 {
1589 /*
1590 * The first line tests that no overflow happens when computing the last
1591 * sector. The second line tests that the last accessed sector is in
1592 * range.
1593 *
1594 * Careful, the computations should not underflow for nb_sectors == 0,
1595 * and a 0-block read to the first LBA beyond the end of device is
1596 * valid.
1597 */
1598 return (sector_num <= sector_num + nb_sectors &&
1599 sector_num + nb_sectors <= s->qdev.max_lba + 1);
1600 }
1601
1602 typedef struct UnmapCBData {
1603 SCSIDiskReq *r;
1604 uint8_t *inbuf;
1605 int count;
1606 } UnmapCBData;
1607
1608 static void scsi_unmap_complete(void *opaque, int ret);
1609
1610 static void scsi_unmap_complete_noio(UnmapCBData *data, int ret)
1611 {
1612 SCSIDiskReq *r = data->r;
1613 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1614
1615 assert(r->req.aiocb == NULL);
1616
1617 if (data->count > 0) {
1618 r->sector = ldq_be_p(&data->inbuf[0])
1619 * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1620 r->sector_count = (ldl_be_p(&data->inbuf[8]) & 0xffffffffULL)
1621 * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1622 if (!check_lba_range(s, r->sector, r->sector_count)) {
1623 block_acct_invalid(blk_get_stats(s->qdev.conf.blk),
1624 BLOCK_ACCT_UNMAP);
1625 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1626 goto done;
1627 }
1628
1629 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1630 r->sector_count * BDRV_SECTOR_SIZE,
1631 BLOCK_ACCT_UNMAP);
1632
1633 r->req.aiocb = blk_aio_pdiscard(s->qdev.conf.blk,
1634 r->sector * BDRV_SECTOR_SIZE,
1635 r->sector_count * BDRV_SECTOR_SIZE,
1636 scsi_unmap_complete, data);
1637 data->count--;
1638 data->inbuf += 16;
1639 return;
1640 }
1641
1642 scsi_req_complete(&r->req, GOOD);
1643
1644 done:
1645 scsi_req_unref(&r->req);
1646 g_free(data);
1647 }
1648
1649 static void scsi_unmap_complete(void *opaque, int ret)
1650 {
1651 UnmapCBData *data = opaque;
1652 SCSIDiskReq *r = data->r;
1653 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1654
1655 assert(r->req.aiocb != NULL);
1656 r->req.aiocb = NULL;
1657
1658 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
1659 if (scsi_disk_req_check_error(r, ret, true)) {
1660 scsi_req_unref(&r->req);
1661 g_free(data);
1662 } else {
1663 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
1664 scsi_unmap_complete_noio(data, ret);
1665 }
1666 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
1667 }
1668
1669 static void scsi_disk_emulate_unmap(SCSIDiskReq *r, uint8_t *inbuf)
1670 {
1671 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1672 uint8_t *p = inbuf;
1673 int len = r->req.cmd.xfer;
1674 UnmapCBData *data;
1675
1676 /* Reject ANCHOR=1. */
1677 if (r->req.cmd.buf[1] & 0x1) {
1678 goto invalid_field;
1679 }
1680
1681 if (len < 8) {
1682 goto invalid_param_len;
1683 }
1684 if (len < lduw_be_p(&p[0]) + 2) {
1685 goto invalid_param_len;
1686 }
1687 if (len < lduw_be_p(&p[2]) + 8) {
1688 goto invalid_param_len;
1689 }
1690 if (lduw_be_p(&p[2]) & 15) {
1691 goto invalid_param_len;
1692 }
1693
1694 if (blk_is_read_only(s->qdev.conf.blk)) {
1695 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
1696 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1697 return;
1698 }
1699
1700 data = g_new0(UnmapCBData, 1);
1701 data->r = r;
1702 data->inbuf = &p[8];
1703 data->count = lduw_be_p(&p[2]) >> 4;
1704
1705 /* The matching unref is in scsi_unmap_complete, before data is freed. */
1706 scsi_req_ref(&r->req);
1707 scsi_unmap_complete_noio(data, 0);
1708 return;
1709
1710 invalid_param_len:
1711 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
1712 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1713 return;
1714
1715 invalid_field:
1716 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
1717 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1718 }
1719
1720 typedef struct WriteSameCBData {
1721 SCSIDiskReq *r;
1722 int64_t sector;
1723 int nb_sectors;
1724 QEMUIOVector qiov;
1725 struct iovec iov;
1726 } WriteSameCBData;
1727
1728 static void scsi_write_same_complete(void *opaque, int ret)
1729 {
1730 WriteSameCBData *data = opaque;
1731 SCSIDiskReq *r = data->r;
1732 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1733
1734 assert(r->req.aiocb != NULL);
1735 r->req.aiocb = NULL;
1736 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
1737 if (scsi_disk_req_check_error(r, ret, true)) {
1738 goto done;
1739 }
1740
1741 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
1742
1743 data->nb_sectors -= data->iov.iov_len / BDRV_SECTOR_SIZE;
1744 data->sector += data->iov.iov_len / BDRV_SECTOR_SIZE;
1745 data->iov.iov_len = MIN(data->nb_sectors * BDRV_SECTOR_SIZE,
1746 data->iov.iov_len);
1747 if (data->iov.iov_len) {
1748 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1749 data->iov.iov_len, BLOCK_ACCT_WRITE);
1750 /* Reinitialize qiov, to handle unaligned WRITE SAME request
1751 * where final qiov may need smaller size */
1752 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
1753 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1754 data->sector << BDRV_SECTOR_BITS,
1755 &data->qiov, 0,
1756 scsi_write_same_complete, data);
1757 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
1758 return;
1759 }
1760
1761 scsi_req_complete(&r->req, GOOD);
1762
1763 done:
1764 scsi_req_unref(&r->req);
1765 qemu_vfree(data->iov.iov_base);
1766 g_free(data);
1767 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
1768 }
1769
1770 static void scsi_disk_emulate_write_same(SCSIDiskReq *r, uint8_t *inbuf)
1771 {
1772 SCSIRequest *req = &r->req;
1773 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1774 uint32_t nb_sectors = scsi_data_cdb_xfer(r->req.cmd.buf);
1775 WriteSameCBData *data;
1776 uint8_t *buf;
1777 int i;
1778
1779 /* Fail if PBDATA=1 or LBDATA=1 or ANCHOR=1. */
1780 if (nb_sectors == 0 || (req->cmd.buf[1] & 0x16)) {
1781 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1782 return;
1783 }
1784
1785 if (blk_is_read_only(s->qdev.conf.blk)) {
1786 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1787 return;
1788 }
1789 if (!check_lba_range(s, r->req.cmd.lba, nb_sectors)) {
1790 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1791 return;
1792 }
1793
1794 if ((req->cmd.buf[1] & 0x1) || buffer_is_zero(inbuf, s->qdev.blocksize)) {
1795 int flags = (req->cmd.buf[1] & 0x8) ? BDRV_REQ_MAY_UNMAP : 0;
1796
1797 /* The request is used as the AIO opaque value, so add a ref. */
1798 scsi_req_ref(&r->req);
1799 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1800 nb_sectors * s->qdev.blocksize,
1801 BLOCK_ACCT_WRITE);
1802 r->req.aiocb = blk_aio_pwrite_zeroes(s->qdev.conf.blk,
1803 r->req.cmd.lba * s->qdev.blocksize,
1804 nb_sectors * s->qdev.blocksize,
1805 flags, scsi_aio_complete, r);
1806 return;
1807 }
1808
1809 data = g_new0(WriteSameCBData, 1);
1810 data->r = r;
1811 data->sector = r->req.cmd.lba * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1812 data->nb_sectors = nb_sectors * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1813 data->iov.iov_len = MIN(data->nb_sectors * BDRV_SECTOR_SIZE,
1814 SCSI_WRITE_SAME_MAX);
1815 data->iov.iov_base = buf = blk_blockalign(s->qdev.conf.blk,
1816 data->iov.iov_len);
1817 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
1818
1819 for (i = 0; i < data->iov.iov_len; i += s->qdev.blocksize) {
1820 memcpy(&buf[i], inbuf, s->qdev.blocksize);
1821 }
1822
1823 scsi_req_ref(&r->req);
1824 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1825 data->iov.iov_len, BLOCK_ACCT_WRITE);
1826 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1827 data->sector << BDRV_SECTOR_BITS,
1828 &data->qiov, 0,
1829 scsi_write_same_complete, data);
1830 }
1831
1832 static void scsi_disk_emulate_write_data(SCSIRequest *req)
1833 {
1834 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1835
1836 if (r->iov.iov_len) {
1837 int buflen = r->iov.iov_len;
1838 trace_scsi_disk_emulate_write_data(buflen);
1839 r->iov.iov_len = 0;
1840 scsi_req_data(&r->req, buflen);
1841 return;
1842 }
1843
1844 switch (req->cmd.buf[0]) {
1845 case MODE_SELECT:
1846 case MODE_SELECT_10:
1847 /* This also clears the sense buffer for REQUEST SENSE. */
1848 scsi_disk_emulate_mode_select(r, r->iov.iov_base);
1849 break;
1850
1851 case UNMAP:
1852 scsi_disk_emulate_unmap(r, r->iov.iov_base);
1853 break;
1854
1855 case VERIFY_10:
1856 case VERIFY_12:
1857 case VERIFY_16:
1858 if (r->req.status == -1) {
1859 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1860 }
1861 break;
1862
1863 case WRITE_SAME_10:
1864 case WRITE_SAME_16:
1865 scsi_disk_emulate_write_same(r, r->iov.iov_base);
1866 break;
1867
1868 default:
1869 abort();
1870 }
1871 }
1872
1873 static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
1874 {
1875 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1876 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1877 uint64_t nb_sectors;
1878 uint8_t *outbuf;
1879 int buflen;
1880
1881 switch (req->cmd.buf[0]) {
1882 case INQUIRY:
1883 case MODE_SENSE:
1884 case MODE_SENSE_10:
1885 case RESERVE:
1886 case RESERVE_10:
1887 case RELEASE:
1888 case RELEASE_10:
1889 case START_STOP:
1890 case ALLOW_MEDIUM_REMOVAL:
1891 case GET_CONFIGURATION:
1892 case GET_EVENT_STATUS_NOTIFICATION:
1893 case MECHANISM_STATUS:
1894 case REQUEST_SENSE:
1895 break;
1896
1897 default:
1898 if (!blk_is_available(s->qdev.conf.blk)) {
1899 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1900 return 0;
1901 }
1902 break;
1903 }
1904
1905 /*
1906 * FIXME: we shouldn't return anything bigger than 4k, but the code
1907 * requires the buffer to be as big as req->cmd.xfer in several
1908 * places. So, do not allow CDBs with a very large ALLOCATION
1909 * LENGTH. The real fix would be to modify scsi_read_data and
1910 * dma_buf_read, so that they return data beyond the buflen
1911 * as all zeros.
1912 */
1913 if (req->cmd.xfer > 65536) {
1914 goto illegal_request;
1915 }
1916 r->buflen = MAX(4096, req->cmd.xfer);
1917
1918 if (!r->iov.iov_base) {
1919 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
1920 }
1921
1922 outbuf = r->iov.iov_base;
1923 memset(outbuf, 0, r->buflen);
1924 switch (req->cmd.buf[0]) {
1925 case TEST_UNIT_READY:
1926 assert(blk_is_available(s->qdev.conf.blk));
1927 break;
1928 case INQUIRY:
1929 buflen = scsi_disk_emulate_inquiry(req, outbuf);
1930 if (buflen < 0) {
1931 goto illegal_request;
1932 }
1933 break;
1934 case MODE_SENSE:
1935 case MODE_SENSE_10:
1936 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
1937 if (buflen < 0) {
1938 goto illegal_request;
1939 }
1940 break;
1941 case READ_TOC:
1942 buflen = scsi_disk_emulate_read_toc(req, outbuf);
1943 if (buflen < 0) {
1944 goto illegal_request;
1945 }
1946 break;
1947 case RESERVE:
1948 if (req->cmd.buf[1] & 1) {
1949 goto illegal_request;
1950 }
1951 break;
1952 case RESERVE_10:
1953 if (req->cmd.buf[1] & 3) {
1954 goto illegal_request;
1955 }
1956 break;
1957 case RELEASE:
1958 if (req->cmd.buf[1] & 1) {
1959 goto illegal_request;
1960 }
1961 break;
1962 case RELEASE_10:
1963 if (req->cmd.buf[1] & 3) {
1964 goto illegal_request;
1965 }
1966 break;
1967 case START_STOP:
1968 if (scsi_disk_emulate_start_stop(r) < 0) {
1969 return 0;
1970 }
1971 break;
1972 case ALLOW_MEDIUM_REMOVAL:
1973 s->tray_locked = req->cmd.buf[4] & 1;
1974 blk_lock_medium(s->qdev.conf.blk, req->cmd.buf[4] & 1);
1975 break;
1976 case READ_CAPACITY_10:
1977 /* The normal LEN field for this command is zero. */
1978 memset(outbuf, 0, 8);
1979 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
1980 if (!nb_sectors) {
1981 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
1982 return 0;
1983 }
1984 if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) {
1985 goto illegal_request;
1986 }
1987 nb_sectors /= s->qdev.blocksize / BDRV_SECTOR_SIZE;
1988 /* Returned value is the address of the last sector. */
1989 nb_sectors--;
1990 /* Remember the new size for read/write sanity checking. */
1991 s->qdev.max_lba = nb_sectors;
1992 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
1993 if (nb_sectors > UINT32_MAX) {
1994 nb_sectors = UINT32_MAX;
1995 }
1996 outbuf[0] = (nb_sectors >> 24) & 0xff;
1997 outbuf[1] = (nb_sectors >> 16) & 0xff;
1998 outbuf[2] = (nb_sectors >> 8) & 0xff;
1999 outbuf[3] = nb_sectors & 0xff;
2000 outbuf[4] = 0;
2001 outbuf[5] = 0;
2002 outbuf[6] = s->qdev.blocksize >> 8;
2003 outbuf[7] = 0;
2004 break;
2005 case REQUEST_SENSE:
2006 /* Just return "NO SENSE". */
2007 buflen = scsi_convert_sense(NULL, 0, outbuf, r->buflen,
2008 (req->cmd.buf[1] & 1) == 0);
2009 if (buflen < 0) {
2010 goto illegal_request;
2011 }
2012 break;
2013 case MECHANISM_STATUS:
2014 buflen = scsi_emulate_mechanism_status(s, outbuf);
2015 if (buflen < 0) {
2016 goto illegal_request;
2017 }
2018 break;
2019 case GET_CONFIGURATION:
2020 buflen = scsi_get_configuration(s, outbuf);
2021 if (buflen < 0) {
2022 goto illegal_request;
2023 }
2024 break;
2025 case GET_EVENT_STATUS_NOTIFICATION:
2026 buflen = scsi_get_event_status_notification(s, r, outbuf);
2027 if (buflen < 0) {
2028 goto illegal_request;
2029 }
2030 break;
2031 case READ_DISC_INFORMATION:
2032 buflen = scsi_read_disc_information(s, r, outbuf);
2033 if (buflen < 0) {
2034 goto illegal_request;
2035 }
2036 break;
2037 case READ_DVD_STRUCTURE:
2038 buflen = scsi_read_dvd_structure(s, r, outbuf);
2039 if (buflen < 0) {
2040 goto illegal_request;
2041 }
2042 break;
2043 case SERVICE_ACTION_IN_16:
2044 /* Service Action In subcommands. */
2045 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
2046 trace_scsi_disk_emulate_command_SAI_16();
2047 memset(outbuf, 0, req->cmd.xfer);
2048 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
2049 if (!nb_sectors) {
2050 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
2051 return 0;
2052 }
2053 if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) {
2054 goto illegal_request;
2055 }
2056 nb_sectors /= s->qdev.blocksize / BDRV_SECTOR_SIZE;
2057 /* Returned value is the address of the last sector. */
2058 nb_sectors--;
2059 /* Remember the new size for read/write sanity checking. */
2060 s->qdev.max_lba = nb_sectors;
2061 outbuf[0] = (nb_sectors >> 56) & 0xff;
2062 outbuf[1] = (nb_sectors >> 48) & 0xff;
2063 outbuf[2] = (nb_sectors >> 40) & 0xff;
2064 outbuf[3] = (nb_sectors >> 32) & 0xff;
2065 outbuf[4] = (nb_sectors >> 24) & 0xff;
2066 outbuf[5] = (nb_sectors >> 16) & 0xff;
2067 outbuf[6] = (nb_sectors >> 8) & 0xff;
2068 outbuf[7] = nb_sectors & 0xff;
2069 outbuf[8] = 0;
2070 outbuf[9] = 0;
2071 outbuf[10] = s->qdev.blocksize >> 8;
2072 outbuf[11] = 0;
2073 outbuf[12] = 0;
2074 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
2075
2076 /* set TPE bit if the format supports discard */
2077 if (s->qdev.conf.discard_granularity) {
2078 outbuf[14] = 0x80;
2079 }
2080
2081 /* Protection, exponent and lowest lba field left blank. */
2082 break;
2083 }
2084 trace_scsi_disk_emulate_command_SAI_unsupported();
2085 goto illegal_request;
2086 case SYNCHRONIZE_CACHE:
2087 /* The request is used as the AIO opaque value, so add a ref. */
2088 scsi_req_ref(&r->req);
2089 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
2090 BLOCK_ACCT_FLUSH);
2091 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
2092 return 0;
2093 case SEEK_10:
2094 trace_scsi_disk_emulate_command_SEEK_10(r->req.cmd.lba);
2095 if (r->req.cmd.lba > s->qdev.max_lba) {
2096 goto illegal_lba;
2097 }
2098 break;
2099 case MODE_SELECT:
2100 trace_scsi_disk_emulate_command_MODE_SELECT(r->req.cmd.xfer);
2101 break;
2102 case MODE_SELECT_10:
2103 trace_scsi_disk_emulate_command_MODE_SELECT_10(r->req.cmd.xfer);
2104 break;
2105 case UNMAP:
2106 trace_scsi_disk_emulate_command_UNMAP(r->req.cmd.xfer);
2107 break;
2108 case VERIFY_10:
2109 case VERIFY_12:
2110 case VERIFY_16:
2111 trace_scsi_disk_emulate_command_VERIFY((req->cmd.buf[1] >> 1) & 3);
2112 if (req->cmd.buf[1] & 6) {
2113 goto illegal_request;
2114 }
2115 break;
2116 case WRITE_SAME_10:
2117 case WRITE_SAME_16:
2118 trace_scsi_disk_emulate_command_WRITE_SAME(
2119 req->cmd.buf[0] == WRITE_SAME_10 ? 10 : 16, r->req.cmd.xfer);
2120 break;
2121 default:
2122 trace_scsi_disk_emulate_command_UNKNOWN(buf[0],
2123 scsi_command_name(buf[0]));
2124 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
2125 return 0;
2126 }
2127 assert(!r->req.aiocb);
2128 r->iov.iov_len = MIN(r->buflen, req->cmd.xfer);
2129 if (r->iov.iov_len == 0) {
2130 scsi_req_complete(&r->req, GOOD);
2131 }
2132 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
2133 assert(r->iov.iov_len == req->cmd.xfer);
2134 return -r->iov.iov_len;
2135 } else {
2136 return r->iov.iov_len;
2137 }
2138
2139 illegal_request:
2140 if (r->req.status == -1) {
2141 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2142 }
2143 return 0;
2144
2145 illegal_lba:
2146 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
2147 return 0;
2148 }
2149
2150 /* Execute a scsi command. Returns the length of the data expected by the
2151 command. This will be Positive for data transfers from the device
2152 (eg. disk reads), negative for transfers to the device (eg. disk writes),
2153 and zero if the command does not transfer any data. */
2154
2155 static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf)
2156 {
2157 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2158 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
2159 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
2160 uint32_t len;
2161 uint8_t command;
2162
2163 command = buf[0];
2164
2165 if (!blk_is_available(s->qdev.conf.blk)) {
2166 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
2167 return 0;
2168 }
2169
2170 len = scsi_data_cdb_xfer(r->req.cmd.buf);
2171 switch (command) {
2172 case READ_6:
2173 case READ_10:
2174 case READ_12:
2175 case READ_16:
2176 trace_scsi_disk_dma_command_READ(r->req.cmd.lba, len);
2177 /* Protection information is not supported. For SCSI versions 2 and
2178 * older (as determined by snooping the guest's INQUIRY commands),
2179 * there is no RD/WR/VRPROTECT, so skip this check in these versions.
2180 */
2181 if (s->qdev.scsi_version > 2 && (r->req.cmd.buf[1] & 0xe0)) {
2182 goto illegal_request;
2183 }
2184 if (!check_lba_range(s, r->req.cmd.lba, len)) {
2185 goto illegal_lba;
2186 }
2187 r->sector = r->req.cmd.lba * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
2188 r->sector_count = len * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
2189 break;
2190 case WRITE_6:
2191 case WRITE_10:
2192 case WRITE_12:
2193 case WRITE_16:
2194 case WRITE_VERIFY_10:
2195 case WRITE_VERIFY_12:
2196 case WRITE_VERIFY_16:
2197 if (blk_is_read_only(s->qdev.conf.blk)) {
2198 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
2199 return 0;
2200 }
2201 trace_scsi_disk_dma_command_WRITE(
2202 (command & 0xe) == 0xe ? "And Verify " : "",
2203 r->req.cmd.lba, len);
2204 /* fall through */
2205 case VERIFY_10:
2206 case VERIFY_12:
2207 case VERIFY_16:
2208 /* We get here only for BYTCHK == 0x01 and only for scsi-block.
2209 * As far as DMA is concerned, we can treat it the same as a write;
2210 * scsi_block_do_sgio will send VERIFY commands.
2211 */
2212 if (s->qdev.scsi_version > 2 && (r->req.cmd.buf[1] & 0xe0)) {
2213 goto illegal_request;
2214 }
2215 if (!check_lba_range(s, r->req.cmd.lba, len)) {
2216 goto illegal_lba;
2217 }
2218 r->sector = r->req.cmd.lba * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
2219 r->sector_count = len * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
2220 break;
2221 default:
2222 abort();
2223 illegal_request:
2224 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2225 return 0;
2226 illegal_lba:
2227 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
2228 return 0;
2229 }
2230 r->need_fua_emulation = sdc->need_fua_emulation(&r->req.cmd);
2231 if (r->sector_count == 0) {
2232 scsi_req_complete(&r->req, GOOD);
2233 }
2234 assert(r->iov.iov_len == 0);
2235 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
2236 return -r->sector_count * BDRV_SECTOR_SIZE;
2237 } else {
2238 return r->sector_count * BDRV_SECTOR_SIZE;
2239 }
2240 }
2241
2242 static void scsi_disk_reset(DeviceState *dev)
2243 {
2244 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
2245 uint64_t nb_sectors;
2246
2247 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
2248
2249 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
2250 nb_sectors /= s->qdev.blocksize / BDRV_SECTOR_SIZE;
2251 if (nb_sectors) {
2252 nb_sectors--;
2253 }
2254 s->qdev.max_lba = nb_sectors;
2255 /* reset tray statuses */
2256 s->tray_locked = 0;
2257 s->tray_open = 0;
2258
2259 s->qdev.scsi_version = s->qdev.default_scsi_version;
2260 }
2261
2262 static void scsi_disk_resize_cb(void *opaque)
2263 {
2264 SCSIDiskState *s = opaque;
2265
2266 /* SPC lists this sense code as available only for
2267 * direct-access devices.
2268 */
2269 if (s->qdev.type == TYPE_DISK) {
2270 scsi_device_report_change(&s->qdev, SENSE_CODE(CAPACITY_CHANGED));
2271 }
2272 }
2273
2274 static void scsi_cd_change_media_cb(void *opaque, bool load, Error **errp)
2275 {
2276 SCSIDiskState *s = opaque;
2277
2278 /*
2279 * When a CD gets changed, we have to report an ejected state and
2280 * then a loaded state to guests so that they detect tray
2281 * open/close and media change events. Guests that do not use
2282 * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close
2283 * states rely on this behavior.
2284 *
2285 * media_changed governs the state machine used for unit attention
2286 * report. media_event is used by GET EVENT STATUS NOTIFICATION.
2287 */
2288 s->media_changed = load;
2289 s->tray_open = !load;
2290 scsi_device_set_ua(&s->qdev, SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM));
2291 s->media_event = true;
2292 s->eject_request = false;
2293 }
2294
2295 static void scsi_cd_eject_request_cb(void *opaque, bool force)
2296 {
2297 SCSIDiskState *s = opaque;
2298
2299 s->eject_request = true;
2300 if (force) {
2301 s->tray_locked = false;
2302 }
2303 }
2304
2305 static bool scsi_cd_is_tray_open(void *opaque)
2306 {
2307 return ((SCSIDiskState *)opaque)->tray_open;
2308 }
2309
2310 static bool scsi_cd_is_medium_locked(void *opaque)
2311 {
2312 return ((SCSIDiskState *)opaque)->tray_locked;
2313 }
2314
2315 static const BlockDevOps scsi_disk_removable_block_ops = {
2316 .change_media_cb = scsi_cd_change_media_cb,
2317 .eject_request_cb = scsi_cd_eject_request_cb,
2318 .is_tray_open = scsi_cd_is_tray_open,
2319 .is_medium_locked = scsi_cd_is_medium_locked,
2320
2321 .resize_cb = scsi_disk_resize_cb,
2322 };
2323
2324 static const BlockDevOps scsi_disk_block_ops = {
2325 .resize_cb = scsi_disk_resize_cb,
2326 };
2327
2328 static void scsi_disk_unit_attention_reported(SCSIDevice *dev)
2329 {
2330 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2331 if (s->media_changed) {
2332 s->media_changed = false;
2333 scsi_device_set_ua(&s->qdev, SENSE_CODE(MEDIUM_CHANGED));
2334 }
2335 }
2336
2337 static void scsi_realize(SCSIDevice *dev, Error **errp)
2338 {
2339 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2340 bool read_only;
2341
2342 if (!s->qdev.conf.blk) {
2343 error_setg(errp, "drive property not set");
2344 return;
2345 }
2346
2347 if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2348 !blk_is_inserted(s->qdev.conf.blk)) {
2349 error_setg(errp, "Device needs media, but drive is empty");
2350 return;
2351 }
2352
2353 if (!blkconf_blocksizes(&s->qdev.conf, errp)) {
2354 return;
2355 }
2356
2357 if (blk_get_aio_context(s->qdev.conf.blk) != qemu_get_aio_context() &&
2358 !s->qdev.hba_supports_iothread)
2359 {
2360 error_setg(errp, "HBA does not support iothreads");
2361 return;
2362 }
2363
2364 if (dev->type == TYPE_DISK) {
2365 if (!blkconf_geometry(&dev->conf, NULL, 65535, 255, 255, errp)) {
2366 return;
2367 }
2368 }
2369
2370 read_only = blk_is_read_only(s->qdev.conf.blk);
2371 if (dev->type == TYPE_ROM) {
2372 read_only = true;
2373 }
2374
2375 if (!blkconf_apply_backend_options(&dev->conf, read_only,
2376 dev->type == TYPE_DISK, errp)) {
2377 return;
2378 }
2379
2380 if (s->qdev.conf.discard_granularity == -1) {
2381 s->qdev.conf.discard_granularity =
2382 MAX(s->qdev.conf.logical_block_size, DEFAULT_DISCARD_GRANULARITY);
2383 }
2384
2385 if (!s->version) {
2386 s->version = g_strdup(qemu_hw_version());
2387 }
2388 if (!s->vendor) {
2389 s->vendor = g_strdup("QEMU");
2390 }
2391 if (!s->device_id) {
2392 if (s->serial) {
2393 s->device_id = g_strdup_printf("%.20s", s->serial);
2394 } else {
2395 const char *str = blk_name(s->qdev.conf.blk);
2396 if (str && *str) {
2397 s->device_id = g_strdup(str);
2398 }
2399 }
2400 }
2401
2402 if (blk_is_sg(s->qdev.conf.blk)) {
2403 error_setg(errp, "unwanted /dev/sg*");
2404 return;
2405 }
2406
2407 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2408 !(s->features & (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS))) {
2409 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_removable_block_ops, s);
2410 } else {
2411 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_block_ops, s);
2412 }
2413 blk_set_guest_block_size(s->qdev.conf.blk, s->qdev.blocksize);
2414
2415 blk_iostatus_enable(s->qdev.conf.blk);
2416
2417 add_boot_device_lchs(&dev->qdev, NULL,
2418 dev->conf.lcyls,
2419 dev->conf.lheads,
2420 dev->conf.lsecs);
2421 }
2422
2423 static void scsi_unrealize(SCSIDevice *dev)
2424 {
2425 del_boot_device_lchs(&dev->qdev, NULL);
2426 }
2427
2428 static void scsi_hd_realize(SCSIDevice *dev, Error **errp)
2429 {
2430 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2431 AioContext *ctx = NULL;
2432 /* can happen for devices without drive. The error message for missing
2433 * backend will be issued in scsi_realize
2434 */
2435 if (s->qdev.conf.blk) {
2436 ctx = blk_get_aio_context(s->qdev.conf.blk);
2437 aio_context_acquire(ctx);
2438 if (!blkconf_blocksizes(&s->qdev.conf, errp)) {
2439 goto out;
2440 }
2441 }
2442 s->qdev.blocksize = s->qdev.conf.logical_block_size;
2443 s->qdev.type = TYPE_DISK;
2444 if (!s->product) {
2445 s->product = g_strdup("QEMU HARDDISK");
2446 }
2447 scsi_realize(&s->qdev, errp);
2448 out:
2449 if (ctx) {
2450 aio_context_release(ctx);
2451 }
2452 }
2453
2454 static void scsi_cd_realize(SCSIDevice *dev, Error **errp)
2455 {
2456 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2457 AioContext *ctx;
2458 int ret;
2459
2460 if (!dev->conf.blk) {
2461 /* Anonymous BlockBackend for an empty drive. As we put it into
2462 * dev->conf, qdev takes care of detaching on unplug. */
2463 dev->conf.blk = blk_new(qemu_get_aio_context(), 0, BLK_PERM_ALL);
2464 ret = blk_attach_dev(dev->conf.blk, &dev->qdev);
2465 assert(ret == 0);
2466 }
2467
2468 ctx = blk_get_aio_context(dev->conf.blk);
2469 aio_context_acquire(ctx);
2470 s->qdev.blocksize = 2048;
2471 s->qdev.type = TYPE_ROM;
2472 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2473 if (!s->product) {
2474 s->product = g_strdup("QEMU CD-ROM");
2475 }
2476 scsi_realize(&s->qdev, errp);
2477 aio_context_release(ctx);
2478 }
2479
2480 static void scsi_disk_realize(SCSIDevice *dev, Error **errp)
2481 {
2482 DriveInfo *dinfo;
2483 Error *local_err = NULL;
2484
2485 warn_report("'scsi-disk' is deprecated, "
2486 "please use 'scsi-hd' or 'scsi-cd' instead");
2487
2488 if (!dev->conf.blk) {
2489 scsi_realize(dev, &local_err);
2490 assert(local_err);
2491 error_propagate(errp, local_err);
2492 return;
2493 }
2494
2495 dinfo = blk_legacy_dinfo(dev->conf.blk);
2496 if (dinfo && dinfo->media_cd) {
2497 scsi_cd_realize(dev, errp);
2498 } else {
2499 scsi_hd_realize(dev, errp);
2500 }
2501 }
2502
2503 static const SCSIReqOps scsi_disk_emulate_reqops = {
2504 .size = sizeof(SCSIDiskReq),
2505 .free_req = scsi_free_request,
2506 .send_command = scsi_disk_emulate_command,
2507 .read_data = scsi_disk_emulate_read_data,
2508 .write_data = scsi_disk_emulate_write_data,
2509 .get_buf = scsi_get_buf,
2510 };
2511
2512 static const SCSIReqOps scsi_disk_dma_reqops = {
2513 .size = sizeof(SCSIDiskReq),
2514 .free_req = scsi_free_request,
2515 .send_command = scsi_disk_dma_command,
2516 .read_data = scsi_read_data,
2517 .write_data = scsi_write_data,
2518 .get_buf = scsi_get_buf,
2519 .load_request = scsi_disk_load_request,
2520 .save_request = scsi_disk_save_request,
2521 };
2522
2523 static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = {
2524 [TEST_UNIT_READY] = &scsi_disk_emulate_reqops,
2525 [INQUIRY] = &scsi_disk_emulate_reqops,
2526 [MODE_SENSE] = &scsi_disk_emulate_reqops,
2527 [MODE_SENSE_10] = &scsi_disk_emulate_reqops,
2528 [START_STOP] = &scsi_disk_emulate_reqops,
2529 [ALLOW_MEDIUM_REMOVAL] = &scsi_disk_emulate_reqops,
2530 [READ_CAPACITY_10] = &scsi_disk_emulate_reqops,
2531 [READ_TOC] = &scsi_disk_emulate_reqops,
2532 [READ_DVD_STRUCTURE] = &scsi_disk_emulate_reqops,
2533 [READ_DISC_INFORMATION] = &scsi_disk_emulate_reqops,
2534 [GET_CONFIGURATION] = &scsi_disk_emulate_reqops,
2535 [GET_EVENT_STATUS_NOTIFICATION] = &scsi_disk_emulate_reqops,
2536 [MECHANISM_STATUS] = &scsi_disk_emulate_reqops,
2537 [SERVICE_ACTION_IN_16] = &scsi_disk_emulate_reqops,
2538 [REQUEST_SENSE] = &scsi_disk_emulate_reqops,
2539 [SYNCHRONIZE_CACHE] = &scsi_disk_emulate_reqops,
2540 [SEEK_10] = &scsi_disk_emulate_reqops,
2541 [MODE_SELECT] = &scsi_disk_emulate_reqops,
2542 [MODE_SELECT_10] = &scsi_disk_emulate_reqops,
2543 [UNMAP] = &scsi_disk_emulate_reqops,
2544 [WRITE_SAME_10] = &scsi_disk_emulate_reqops,
2545 [WRITE_SAME_16] = &scsi_disk_emulate_reqops,
2546 [VERIFY_10] = &scsi_disk_emulate_reqops,
2547 [VERIFY_12] = &scsi_disk_emulate_reqops,
2548 [VERIFY_16] = &scsi_disk_emulate_reqops,
2549
2550 [READ_6] = &scsi_disk_dma_reqops,
2551 [READ_10] = &scsi_disk_dma_reqops,
2552 [READ_12] = &scsi_disk_dma_reqops,
2553 [READ_16] = &scsi_disk_dma_reqops,
2554 [WRITE_6] = &scsi_disk_dma_reqops,
2555 [WRITE_10] = &scsi_disk_dma_reqops,
2556 [WRITE_12] = &scsi_disk_dma_reqops,
2557 [WRITE_16] = &scsi_disk_dma_reqops,
2558 [WRITE_VERIFY_10] = &scsi_disk_dma_reqops,
2559 [WRITE_VERIFY_12] = &scsi_disk_dma_reqops,
2560 [WRITE_VERIFY_16] = &scsi_disk_dma_reqops,
2561 };
2562
2563 static void scsi_disk_new_request_dump(uint32_t lun, uint32_t tag, uint8_t *buf)
2564 {
2565 int i;
2566 int len = scsi_cdb_length(buf);
2567 char *line_buffer, *p;
2568
2569 line_buffer = g_malloc(len * 5 + 1);
2570
2571 for (i = 0, p = line_buffer; i < len; i++) {
2572 p += sprintf(p, " 0x%02x", buf[i]);
2573 }
2574 trace_scsi_disk_new_request(lun, tag, line_buffer);
2575
2576 g_free(line_buffer);
2577 }
2578
2579 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
2580 uint8_t *buf, void *hba_private)
2581 {
2582 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2583 SCSIRequest *req;
2584 const SCSIReqOps *ops;
2585 uint8_t command;
2586
2587 command = buf[0];
2588 ops = scsi_disk_reqops_dispatch[command];
2589 if (!ops) {
2590 ops = &scsi_disk_emulate_reqops;
2591 }
2592 req = scsi_req_alloc(ops, &s->qdev, tag, lun, hba_private);
2593
2594 if (trace_event_get_state_backends(TRACE_SCSI_DISK_NEW_REQUEST)) {
2595 scsi_disk_new_request_dump(lun, tag, buf);
2596 }
2597
2598 return req;
2599 }
2600
2601 #ifdef __linux__
2602 static int get_device_type(SCSIDiskState *s)
2603 {
2604 uint8_t cmd[16];
2605 uint8_t buf[36];
2606 int ret;
2607
2608 memset(cmd, 0, sizeof(cmd));
2609 memset(buf, 0, sizeof(buf));
2610 cmd[0] = INQUIRY;
2611 cmd[4] = sizeof(buf);
2612
2613 ret = scsi_SG_IO_FROM_DEV(s->qdev.conf.blk, cmd, sizeof(cmd),
2614 buf, sizeof(buf));
2615 if (ret < 0) {
2616 return -1;
2617 }
2618 s->qdev.type = buf[0];
2619 if (buf[1] & 0x80) {
2620 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2621 }
2622 return 0;
2623 }
2624
2625 static void scsi_block_realize(SCSIDevice *dev, Error **errp)
2626 {
2627 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2628 AioContext *ctx;
2629 int sg_version;
2630 int rc;
2631
2632 if (!s->qdev.conf.blk) {
2633 error_setg(errp, "drive property not set");
2634 return;
2635 }
2636
2637 if (s->rotation_rate) {
2638 error_report_once("rotation_rate is specified for scsi-block but is "
2639 "not implemented. This option is deprecated and will "
2640 "be removed in a future version");
2641 }
2642
2643 ctx = blk_get_aio_context(s->qdev.conf.blk);
2644 aio_context_acquire(ctx);
2645
2646 /* check we are using a driver managing SG_IO (version 3 and after) */
2647 rc = blk_ioctl(s->qdev.conf.blk, SG_GET_VERSION_NUM, &sg_version);
2648 if (rc < 0) {
2649 error_setg_errno(errp, -rc, "cannot get SG_IO version number");
2650 if (rc != -EPERM) {
2651 error_append_hint(errp, "Is this a SCSI device?\n");
2652 }
2653 goto out;
2654 }
2655 if (sg_version < 30000) {
2656 error_setg(errp, "scsi generic interface too old");
2657 goto out;
2658 }
2659
2660 /* get device type from INQUIRY data */
2661 rc = get_device_type(s);
2662 if (rc < 0) {
2663 error_setg(errp, "INQUIRY failed");
2664 goto out;
2665 }
2666
2667 /* Make a guess for the block size, we'll fix it when the guest sends.
2668 * READ CAPACITY. If they don't, they likely would assume these sizes
2669 * anyway. (TODO: check in /sys).
2670 */
2671 if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) {
2672 s->qdev.blocksize = 2048;
2673 } else {
2674 s->qdev.blocksize = 512;
2675 }
2676
2677 /* Makes the scsi-block device not removable by using HMP and QMP eject
2678 * command.
2679 */
2680 s->features |= (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS);
2681
2682 scsi_realize(&s->qdev, errp);
2683 scsi_generic_read_device_inquiry(&s->qdev);
2684
2685 out:
2686 aio_context_release(ctx);
2687 }
2688
2689 typedef struct SCSIBlockReq {
2690 SCSIDiskReq req;
2691 sg_io_hdr_t io_header;
2692
2693 /* Selected bytes of the original CDB, copied into our own CDB. */
2694 uint8_t cmd, cdb1, group_number;
2695
2696 /* CDB passed to SG_IO. */
2697 uint8_t cdb[16];
2698 } SCSIBlockReq;
2699
2700 static BlockAIOCB *scsi_block_do_sgio(SCSIBlockReq *req,
2701 int64_t offset, QEMUIOVector *iov,
2702 int direction,
2703 BlockCompletionFunc *cb, void *opaque)
2704 {
2705 sg_io_hdr_t *io_header = &req->io_header;
2706 SCSIDiskReq *r = &req->req;
2707 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2708 int nb_logical_blocks;
2709 uint64_t lba;
2710 BlockAIOCB *aiocb;
2711
2712 /* This is not supported yet. It can only happen if the guest does
2713 * reads and writes that are not aligned to one logical sectors
2714 * _and_ cover multiple MemoryRegions.
2715 */
2716 assert(offset % s->qdev.blocksize == 0);
2717 assert(iov->size % s->qdev.blocksize == 0);
2718
2719 io_header->interface_id = 'S';
2720
2721 /* The data transfer comes from the QEMUIOVector. */
2722 io_header->dxfer_direction = direction;
2723 io_header->dxfer_len = iov->size;
2724 io_header->dxferp = (void *)iov->iov;
2725 io_header->iovec_count = iov->niov;
2726 assert(io_header->iovec_count == iov->niov); /* no overflow! */
2727
2728 /* Build a new CDB with the LBA and length patched in, in case
2729 * DMA helpers split the transfer in multiple segments. Do not
2730 * build a CDB smaller than what the guest wanted, and only build
2731 * a larger one if strictly necessary.
2732 */
2733 io_header->cmdp = req->cdb;
2734 lba = offset / s->qdev.blocksize;
2735 nb_logical_blocks = io_header->dxfer_len / s->qdev.blocksize;
2736
2737 if ((req->cmd >> 5) == 0 && lba <= 0x1ffff) {
2738 /* 6-byte CDB */
2739 stl_be_p(&req->cdb[0], lba | (req->cmd << 24));
2740 req->cdb[4] = nb_logical_blocks;
2741 req->cdb[5] = 0;
2742 io_header->cmd_len = 6;
2743 } else if ((req->cmd >> 5) <= 1 && lba <= 0xffffffffULL) {
2744 /* 10-byte CDB */
2745 req->cdb[0] = (req->cmd & 0x1f) | 0x20;
2746 req->cdb[1] = req->cdb1;
2747 stl_be_p(&req->cdb[2], lba);
2748 req->cdb[6] = req->group_number;
2749 stw_be_p(&req->cdb[7], nb_logical_blocks);
2750 req->cdb[9] = 0;
2751 io_header->cmd_len = 10;
2752 } else if ((req->cmd >> 5) != 4 && lba <= 0xffffffffULL) {
2753 /* 12-byte CDB */
2754 req->cdb[0] = (req->cmd & 0x1f) | 0xA0;
2755 req->cdb[1] = req->cdb1;
2756 stl_be_p(&req->cdb[2], lba);
2757 stl_be_p(&req->cdb[6], nb_logical_blocks);
2758 req->cdb[10] = req->group_number;
2759 req->cdb[11] = 0;
2760 io_header->cmd_len = 12;
2761 } else {
2762 /* 16-byte CDB */
2763 req->cdb[0] = (req->cmd & 0x1f) | 0x80;
2764 req->cdb[1] = req->cdb1;
2765 stq_be_p(&req->cdb[2], lba);
2766 stl_be_p(&req->cdb[10], nb_logical_blocks);
2767 req->cdb[14] = req->group_number;
2768 req->cdb[15] = 0;
2769 io_header->cmd_len = 16;
2770 }
2771
2772 /* The rest is as in scsi-generic.c. */
2773 io_header->mx_sb_len = sizeof(r->req.sense);
2774 io_header->sbp = r->req.sense;
2775 io_header->timeout = UINT_MAX;
2776 io_header->usr_ptr = r;
2777 io_header->flags |= SG_FLAG_DIRECT_IO;
2778
2779 aiocb = blk_aio_ioctl(s->qdev.conf.blk, SG_IO, io_header, cb, opaque);
2780 assert(aiocb != NULL);
2781 return aiocb;
2782 }
2783
2784 static bool scsi_block_no_fua(SCSICommand *cmd)
2785 {
2786 return false;
2787 }
2788
2789 static BlockAIOCB *scsi_block_dma_readv(int64_t offset,
2790 QEMUIOVector *iov,
2791 BlockCompletionFunc *cb, void *cb_opaque,
2792 void *opaque)
2793 {
2794 SCSIBlockReq *r = opaque;
2795 return scsi_block_do_sgio(r, offset, iov,
2796 SG_DXFER_FROM_DEV, cb, cb_opaque);
2797 }
2798
2799 static BlockAIOCB *scsi_block_dma_writev(int64_t offset,
2800 QEMUIOVector *iov,
2801 BlockCompletionFunc *cb, void *cb_opaque,
2802 void *opaque)
2803 {
2804 SCSIBlockReq *r = opaque;
2805 return scsi_block_do_sgio(r, offset, iov,
2806 SG_DXFER_TO_DEV, cb, cb_opaque);
2807 }
2808
2809 static bool scsi_block_is_passthrough(SCSIDiskState *s, uint8_t *buf)
2810 {
2811 switch (buf[0]) {
2812 case VERIFY_10:
2813 case VERIFY_12:
2814 case VERIFY_16:
2815 /* Check if BYTCHK == 0x01 (data-out buffer contains data
2816 * for the number of logical blocks specified in the length
2817 * field). For other modes, do not use scatter/gather operation.
2818 */
2819 if ((buf[1] & 6) == 2) {
2820 return false;
2821 }
2822 break;
2823
2824 case READ_6:
2825 case READ_10:
2826 case READ_12:
2827 case READ_16:
2828 case WRITE_6:
2829 case WRITE_10:
2830 case WRITE_12:
2831 case WRITE_16:
2832 case WRITE_VERIFY_10:
2833 case WRITE_VERIFY_12:
2834 case WRITE_VERIFY_16:
2835 /* MMC writing cannot be done via DMA helpers, because it sometimes
2836 * involves writing beyond the maximum LBA or to negative LBA (lead-in).
2837 * We might use scsi_block_dma_reqops as long as no writing commands are
2838 * seen, but performance usually isn't paramount on optical media. So,
2839 * just make scsi-block operate the same as scsi-generic for them.
2840 */
2841 if (s->qdev.type != TYPE_ROM) {
2842 return false;
2843 }
2844 break;
2845
2846 default:
2847 break;
2848 }
2849
2850 return true;
2851 }
2852
2853
2854 static int32_t scsi_block_dma_command(SCSIRequest *req, uint8_t *buf)
2855 {
2856 SCSIBlockReq *r = (SCSIBlockReq *)req;
2857 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
2858
2859 r->cmd = req->cmd.buf[0];
2860 switch (r->cmd >> 5) {
2861 case 0:
2862 /* 6-byte CDB. */
2863 r->cdb1 = r->group_number = 0;
2864 break;
2865 case 1:
2866 /* 10-byte CDB. */
2867 r->cdb1 = req->cmd.buf[1];
2868 r->group_number = req->cmd.buf[6];
2869 break;
2870 case 4:
2871 /* 12-byte CDB. */
2872 r->cdb1 = req->cmd.buf[1];
2873 r->group_number = req->cmd.buf[10];
2874 break;
2875 case 5:
2876 /* 16-byte CDB. */
2877 r->cdb1 = req->cmd.buf[1];
2878 r->group_number = req->cmd.buf[14];
2879 break;
2880 default:
2881 abort();
2882 }
2883
2884 /* Protection information is not supported. For SCSI versions 2 and
2885 * older (as determined by snooping the guest's INQUIRY commands),
2886 * there is no RD/WR/VRPROTECT, so skip this check in these versions.
2887 */
2888 if (s->qdev.scsi_version > 2 && (req->cmd.buf[1] & 0xe0)) {
2889 scsi_check_condition(&r->req, SENSE_CODE(INVALID_FIELD));
2890 return 0;
2891 }
2892
2893 r->req.status = &r->io_header.status;
2894 return scsi_disk_dma_command(req, buf);
2895 }
2896
2897 static const SCSIReqOps scsi_block_dma_reqops = {
2898 .size = sizeof(SCSIBlockReq),
2899 .free_req = scsi_free_request,
2900 .send_command = scsi_block_dma_command,
2901 .read_data = scsi_read_data,
2902 .write_data = scsi_write_data,
2903 .get_buf = scsi_get_buf,
2904 .load_request = scsi_disk_load_request,
2905 .save_request = scsi_disk_save_request,
2906 };
2907
2908 static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag,
2909 uint32_t lun, uint8_t *buf,
2910 void *hba_private)
2911 {
2912 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2913
2914 if (scsi_block_is_passthrough(s, buf)) {
2915 return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun,
2916 hba_private);
2917 } else {
2918 return scsi_req_alloc(&scsi_block_dma_reqops, &s->qdev, tag, lun,
2919 hba_private);
2920 }
2921 }
2922
2923 static int scsi_block_parse_cdb(SCSIDevice *d, SCSICommand *cmd,
2924 uint8_t *buf, void *hba_private)
2925 {
2926 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2927
2928 if (scsi_block_is_passthrough(s, buf)) {
2929 return scsi_bus_parse_cdb(&s->qdev, cmd, buf, hba_private);
2930 } else {
2931 return scsi_req_parse_cdb(&s->qdev, cmd, buf);
2932 }
2933 }
2934
2935 static void scsi_block_update_sense(SCSIRequest *req)
2936 {
2937 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2938 SCSIBlockReq *br = DO_UPCAST(SCSIBlockReq, req, r);
2939 r->req.sense_len = MIN(br->io_header.sb_len_wr, sizeof(r->req.sense));
2940 }
2941 #endif
2942
2943 static
2944 BlockAIOCB *scsi_dma_readv(int64_t offset, QEMUIOVector *iov,
2945 BlockCompletionFunc *cb, void *cb_opaque,
2946 void *opaque)
2947 {
2948 SCSIDiskReq *r = opaque;
2949 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2950 return blk_aio_preadv(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2951 }
2952
2953 static
2954 BlockAIOCB *scsi_dma_writev(int64_t offset, QEMUIOVector *iov,
2955 BlockCompletionFunc *cb, void *cb_opaque,
2956 void *opaque)
2957 {
2958 SCSIDiskReq *r = opaque;
2959 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2960 return blk_aio_pwritev(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2961 }
2962
2963 static void scsi_disk_base_class_initfn(ObjectClass *klass, void *data)
2964 {
2965 DeviceClass *dc = DEVICE_CLASS(klass);
2966 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
2967
2968 dc->fw_name = "disk";
2969 dc->reset = scsi_disk_reset;
2970 sdc->dma_readv = scsi_dma_readv;
2971 sdc->dma_writev = scsi_dma_writev;
2972 sdc->need_fua_emulation = scsi_is_cmd_fua;
2973 }
2974
2975 static const TypeInfo scsi_disk_base_info = {
2976 .name = TYPE_SCSI_DISK_BASE,
2977 .parent = TYPE_SCSI_DEVICE,
2978 .class_init = scsi_disk_base_class_initfn,
2979 .instance_size = sizeof(SCSIDiskState),
2980 .class_size = sizeof(SCSIDiskClass),
2981 .abstract = true,
2982 };
2983
2984 #define DEFINE_SCSI_DISK_PROPERTIES() \
2985 DEFINE_PROP_DRIVE_IOTHREAD("drive", SCSIDiskState, qdev.conf.blk), \
2986 DEFINE_BLOCK_PROPERTIES_BASE(SCSIDiskState, qdev.conf), \
2987 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf), \
2988 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
2989 DEFINE_PROP_STRING("serial", SCSIDiskState, serial), \
2990 DEFINE_PROP_STRING("vendor", SCSIDiskState, vendor), \
2991 DEFINE_PROP_STRING("product", SCSIDiskState, product), \
2992 DEFINE_PROP_STRING("device_id", SCSIDiskState, device_id)
2993
2994
2995 static Property scsi_hd_properties[] = {
2996 DEFINE_SCSI_DISK_PROPERTIES(),
2997 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2998 SCSI_DISK_F_REMOVABLE, false),
2999 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
3000 SCSI_DISK_F_DPOFUA, false),
3001 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3002 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
3003 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
3004 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3005 DEFAULT_MAX_UNMAP_SIZE),
3006 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3007 DEFAULT_MAX_IO_SIZE),
3008 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),
3009 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3010 5),
3011 DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState, qdev.conf),
3012 DEFINE_PROP_END_OF_LIST(),
3013 };
3014
3015 static const VMStateDescription vmstate_scsi_disk_state = {
3016 .name = "scsi-disk",
3017 .version_id = 1,
3018 .minimum_version_id = 1,
3019 .fields = (VMStateField[]) {
3020 VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState),
3021 VMSTATE_BOOL(media_changed, SCSIDiskState),
3022 VMSTATE_BOOL(media_event, SCSIDiskState),
3023 VMSTATE_BOOL(eject_request, SCSIDiskState),
3024 VMSTATE_BOOL(tray_open, SCSIDiskState),
3025 VMSTATE_BOOL(tray_locked, SCSIDiskState),
3026 VMSTATE_END_OF_LIST()
3027 }
3028 };
3029
3030 static void scsi_hd_class_initfn(ObjectClass *klass, void *data)
3031 {
3032 DeviceClass *dc = DEVICE_CLASS(klass);
3033 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3034
3035 sc->realize = scsi_hd_realize;
3036 sc->unrealize = scsi_unrealize;
3037 sc->alloc_req = scsi_new_request;
3038 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
3039 dc->desc = "virtual SCSI disk";
3040 device_class_set_props(dc, scsi_hd_properties);
3041 dc->vmsd = &vmstate_scsi_disk_state;
3042 }
3043
3044 static const TypeInfo scsi_hd_info = {
3045 .name = "scsi-hd",
3046 .parent = TYPE_SCSI_DISK_BASE,
3047 .class_init = scsi_hd_class_initfn,
3048 };
3049
3050 static Property scsi_cd_properties[] = {
3051 DEFINE_SCSI_DISK_PROPERTIES(),
3052 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3053 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
3054 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
3055 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3056 DEFAULT_MAX_IO_SIZE),
3057 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3058 5),
3059 DEFINE_PROP_END_OF_LIST(),
3060 };
3061
3062 static void scsi_cd_class_initfn(ObjectClass *klass, void *data)
3063 {
3064 DeviceClass *dc = DEVICE_CLASS(klass);
3065 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3066
3067 sc->realize = scsi_cd_realize;
3068 sc->alloc_req = scsi_new_request;
3069 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
3070 dc->desc = "virtual SCSI CD-ROM";
3071 device_class_set_props(dc, scsi_cd_properties);
3072 dc->vmsd = &vmstate_scsi_disk_state;
3073 }
3074
3075 static const TypeInfo scsi_cd_info = {
3076 .name = "scsi-cd",
3077 .parent = TYPE_SCSI_DISK_BASE,
3078 .class_init = scsi_cd_class_initfn,
3079 };
3080
3081 #ifdef __linux__
3082 static Property scsi_block_properties[] = {
3083 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf),
3084 DEFINE_PROP_DRIVE("drive", SCSIDiskState, qdev.conf.blk),
3085 DEFINE_PROP_BOOL("share-rw", SCSIDiskState, qdev.conf.share_rw, false),
3086 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),
3087 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3088 DEFAULT_MAX_UNMAP_SIZE),
3089 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3090 DEFAULT_MAX_IO_SIZE),
3091 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3092 -1),
3093 DEFINE_PROP_END_OF_LIST(),
3094 };
3095
3096 static void scsi_block_class_initfn(ObjectClass *klass, void *data)
3097 {
3098 DeviceClass *dc = DEVICE_CLASS(klass);
3099 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3100 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
3101
3102 sc->realize = scsi_block_realize;
3103 sc->alloc_req = scsi_block_new_request;
3104 sc->parse_cdb = scsi_block_parse_cdb;
3105 sdc->dma_readv = scsi_block_dma_readv;
3106 sdc->dma_writev = scsi_block_dma_writev;
3107 sdc->update_sense = scsi_block_update_sense;
3108 sdc->need_fua_emulation = scsi_block_no_fua;
3109 dc->desc = "SCSI block device passthrough";
3110 device_class_set_props(dc, scsi_block_properties);
3111 dc->vmsd = &vmstate_scsi_disk_state;
3112 }
3113
3114 static const TypeInfo scsi_block_info = {
3115 .name = "scsi-block",
3116 .parent = TYPE_SCSI_DISK_BASE,
3117 .class_init = scsi_block_class_initfn,
3118 };
3119 #endif
3120
3121 static Property scsi_disk_properties[] = {
3122 DEFINE_SCSI_DISK_PROPERTIES(),
3123 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
3124 SCSI_DISK_F_REMOVABLE, false),
3125 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
3126 SCSI_DISK_F_DPOFUA, false),
3127 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3128 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
3129 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
3130 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3131 DEFAULT_MAX_UNMAP_SIZE),
3132 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3133 DEFAULT_MAX_IO_SIZE),
3134 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3135 5),
3136 DEFINE_PROP_END_OF_LIST(),
3137 };
3138
3139 static void scsi_disk_class_initfn(ObjectClass *klass, void *data)
3140 {
3141 DeviceClass *dc = DEVICE_CLASS(klass);
3142 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3143
3144 sc->realize = scsi_disk_realize;
3145 sc->alloc_req = scsi_new_request;
3146 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
3147 dc->fw_name = "disk";
3148 dc->desc = "virtual SCSI disk or CD-ROM (legacy)";
3149 dc->reset = scsi_disk_reset;
3150 device_class_set_props(dc, scsi_disk_properties);
3151 dc->vmsd = &vmstate_scsi_disk_state;
3152 }
3153
3154 static const TypeInfo scsi_disk_info = {
3155 .name = "scsi-disk",
3156 .parent = TYPE_SCSI_DISK_BASE,
3157 .class_init = scsi_disk_class_initfn,
3158 };
3159
3160 static void scsi_disk_register_types(void)
3161 {
3162 type_register_static(&scsi_disk_base_info);
3163 type_register_static(&scsi_hd_info);
3164 type_register_static(&scsi_cd_info);
3165 #ifdef __linux__
3166 type_register_static(&scsi_block_info);
3167 #endif
3168 type_register_static(&scsi_disk_info);
3169 }
3170
3171 type_init(scsi_disk_register_types)
Mirror of https://git.qemu.org/git/qemu.git