hw/scsi/scsi-generic.c

   1 /*
   2  * Generic SCSI Device support
   3  *
   4  * Copyright (c) 2007 Bull S.A.S.
   5  * Based on code by Paul Brook
   6  * Based on code by Fabrice Bellard
   7  *
   8  * Written by Laurent Vivier <Laurent.Vivier@bull.net>
   9  *
  10  * This code is licensed under the LGPL.
  11  *
  12  */
  13
  14 #include "qemu/osdep.h"
  15 #include "qapi/error.h"
  16 #include "qemu-common.h"
  17 #include "qemu/error-report.h"
  18 #include "hw/scsi/scsi.h"
  19 #include "sysemu/block-backend.h"
  20 #include "sysemu/blockdev.h"
  21
  22 #ifdef __linux__
  23
  24 //#define DEBUG_SCSI
  25
  26 #ifdef DEBUG_SCSI
  27 #define DPRINTF(fmt, ...) \
  28 do { printf("scsi-generic: " fmt , ## __VA_ARGS__); } while (0)
  29 #else
  30 #define DPRINTF(fmt, ...) do {} while(0)
  31 #endif
  32
  33 #define BADF(fmt, ...) \
  34 do { fprintf(stderr, "scsi-generic: " fmt , ## __VA_ARGS__); } while (0)
  35
  36 #include <scsi/sg.h>
  37 #include "block/scsi.h"
  38
  39 #define SG_ERR_DRIVER_TIMEOUT  0x06
  40 #define SG_ERR_DRIVER_SENSE    0x08
  41
  42 #define SG_ERR_DID_OK          0x00
  43 #define SG_ERR_DID_NO_CONNECT  0x01
  44 #define SG_ERR_DID_BUS_BUSY    0x02
  45 #define SG_ERR_DID_TIME_OUT    0x03
  46
  47 #ifndef MAX_UINT
  48 #define MAX_UINT ((unsigned int)-1)
  49 #endif
  50
  51 typedef struct SCSIGenericReq {
  52     SCSIRequest req;
  53     uint8_t *buf;
  54     int buflen;
  55     int len;
  56     sg_io_hdr_t io_header;
  57 } SCSIGenericReq;
  58
  59 static void scsi_generic_save_request(QEMUFile *f, SCSIRequest *req)
  60 {
  61     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
  62
  63     qemu_put_sbe32s(f, &r->buflen);
  64     if (r->buflen && r->req.cmd.mode == SCSI_XFER_TO_DEV) {
  65         assert(!r->req.sg);
  66         qemu_put_buffer(f, r->buf, r->req.cmd.xfer);
  67     }
  68 }
  69
  70 static void scsi_generic_load_request(QEMUFile *f, SCSIRequest *req)
  71 {
  72     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
  73
  74     qemu_get_sbe32s(f, &r->buflen);
  75     if (r->buflen && r->req.cmd.mode == SCSI_XFER_TO_DEV) {
  76         assert(!r->req.sg);
  77         qemu_get_buffer(f, r->buf, r->req.cmd.xfer);
  78     }
  79 }
  80
  81 static void scsi_free_request(SCSIRequest *req)
  82 {
  83     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
  84
  85     g_free(r->buf);
  86 }
  87
  88 /* Helper function for command completion.  */
  89 static void scsi_command_complete_noio(SCSIGenericReq *r, int ret)
  90 {
  91     int status;
  92
  93     assert(r->req.aiocb == NULL);
  94
  95     if (r->req.io_canceled) {
  96         scsi_req_cancel_complete(&r->req);
  97         goto done;
  98     }
  99     if (r->io_header.driver_status & SG_ERR_DRIVER_SENSE) {
 100         r->req.sense_len = r->io_header.sb_len_wr;
 101     }
 102
 103     if (ret != 0) {
 104         switch (ret) {
 105         case -EDOM:
 106             status = TASK_SET_FULL;
 107             break;
 108         case -ENOMEM:
 109             status = CHECK_CONDITION;
 110             scsi_req_build_sense(&r->req, SENSE_CODE(TARGET_FAILURE));
 111             break;
 112         default:
 113             status = CHECK_CONDITION;
 114             scsi_req_build_sense(&r->req, SENSE_CODE(IO_ERROR));
 115             break;
 116         }
 117     } else {
 118         if (r->io_header.host_status == SG_ERR_DID_NO_CONNECT ||
 119             r->io_header.host_status == SG_ERR_DID_BUS_BUSY ||
 120             r->io_header.host_status == SG_ERR_DID_TIME_OUT ||
 121             (r->io_header.driver_status & SG_ERR_DRIVER_TIMEOUT)) {
 122             status = BUSY;
 123             BADF("Driver Timeout\n");
 124         } else if (r->io_header.host_status) {
 125             status = CHECK_CONDITION;
 126             scsi_req_build_sense(&r->req, SENSE_CODE(I_T_NEXUS_LOSS));
 127         } else if (r->io_header.status) {
 128             status = r->io_header.status;
 129         } else if (r->io_header.driver_status & SG_ERR_DRIVER_SENSE) {
 130             status = CHECK_CONDITION;
 131         } else {
 132             status = GOOD;
 133         }
 134     }
 135     DPRINTF("Command complete 0x%p tag=0x%x status=%d\n",
 136             r, r->req.tag, status);
 137
 138     scsi_req_complete(&r->req, status);
 139 done:
 140     scsi_req_unref(&r->req);
 141 }
 142
 143 static void scsi_command_complete(void *opaque, int ret)
 144 {
 145     SCSIGenericReq *r = (SCSIGenericReq *)opaque;
 146
 147     assert(r->req.aiocb != NULL);
 148     r->req.aiocb = NULL;
 149     scsi_command_complete_noio(r, ret);
 150 }
 151
 152 static int execute_command(BlockBackend *blk,
 153                            SCSIGenericReq *r, int direction,
 154                            BlockCompletionFunc *complete)
 155 {
 156     r->io_header.interface_id = 'S';
 157     r->io_header.dxfer_direction = direction;
 158     r->io_header.dxferp = r->buf;
 159     r->io_header.dxfer_len = r->buflen;
 160     r->io_header.cmdp = r->req.cmd.buf;
 161     r->io_header.cmd_len = r->req.cmd.len;
 162     r->io_header.mx_sb_len = sizeof(r->req.sense);
 163     r->io_header.sbp = r->req.sense;
 164     r->io_header.timeout = MAX_UINT;
 165     r->io_header.usr_ptr = r;
 166     r->io_header.flags |= SG_FLAG_DIRECT_IO;
 167
 168     r->req.aiocb = blk_aio_ioctl(blk, SG_IO, &r->io_header, complete, r);
 169     if (r->req.aiocb == NULL) {
 170         return -EIO;
 171     }
 172
 173     return 0;
 174 }
 175
 176 static void scsi_read_complete(void * opaque, int ret)
 177 {
 178     SCSIGenericReq *r = (SCSIGenericReq *)opaque;
 179     SCSIDevice *s = r->req.dev;
 180     int len;
 181
 182     assert(r->req.aiocb != NULL);
 183     r->req.aiocb = NULL;
 184
 185     if (ret || r->req.io_canceled) {
 186         scsi_command_complete_noio(r, ret);
 187         return;
 188     }
 189
 190     len = r->io_header.dxfer_len - r->io_header.resid;
 191     DPRINTF("Data ready tag=0x%x len=%d\n", r->req.tag, len);
 192
 193     r->len = -1;
 194     if (len == 0) {
 195         scsi_command_complete_noio(r, 0);
 196         return;
 197     }
 198
 199     /* Snoop READ CAPACITY output to set the blocksize.  */
 200     if (r->req.cmd.buf[0] == READ_CAPACITY_10 &&
 201         (ldl_be_p(&r->buf[0]) != 0xffffffffU || s->max_lba == 0)) {
 202         s->blocksize = ldl_be_p(&r->buf[4]);
 203         s->max_lba = ldl_be_p(&r->buf[0]) & 0xffffffffULL;
 204     } else if (r->req.cmd.buf[0] == SERVICE_ACTION_IN_16 &&
 205                (r->req.cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
 206         s->blocksize = ldl_be_p(&r->buf[8]);
 207         s->max_lba = ldq_be_p(&r->buf[0]);
 208     }
 209     blk_set_guest_block_size(s->conf.blk, s->blocksize);
 210
 211     /* Patch MODE SENSE device specific parameters if the BDS is opened
 212      * readonly.
 213      */
 214     if ((s->type == TYPE_DISK || s->type == TYPE_TAPE) &&
 215         blk_is_read_only(s->conf.blk) &&
 216         (r->req.cmd.buf[0] == MODE_SENSE ||
 217          r->req.cmd.buf[0] == MODE_SENSE_10) &&
 218         (r->req.cmd.buf[1] & 0x8) == 0) {
 219         if (r->req.cmd.buf[0] == MODE_SENSE) {
 220             r->buf[2] |= 0x80;
 221         } else  {
 222             r->buf[3] |= 0x80;
 223         }
 224     }
 225     scsi_req_data(&r->req, len);
 226     scsi_req_unref(&r->req);
 227 }
 228
 229 /* Read more data from scsi device into buffer.  */
 230 static void scsi_read_data(SCSIRequest *req)
 231 {
 232     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
 233     SCSIDevice *s = r->req.dev;
 234     int ret;
 235
 236     DPRINTF("scsi_read_data 0x%x\n", req->tag);
 237
 238     /* The request is used as the AIO opaque value, so add a ref.  */
 239     scsi_req_ref(&r->req);
 240     if (r->len == -1) {
 241         scsi_command_complete_noio(r, 0);
 242         return;
 243     }
 244
 245     ret = execute_command(s->conf.blk, r, SG_DXFER_FROM_DEV,
 246                           scsi_read_complete);
 247     if (ret < 0) {
 248         scsi_command_complete_noio(r, ret);
 249     }
 250 }
 251
 252 static void scsi_write_complete(void * opaque, int ret)
 253 {
 254     SCSIGenericReq *r = (SCSIGenericReq *)opaque;
 255     SCSIDevice *s = r->req.dev;
 256
 257     DPRINTF("scsi_write_complete() ret = %d\n", ret);
 258
 259     assert(r->req.aiocb != NULL);
 260     r->req.aiocb = NULL;
 261
 262     if (ret || r->req.io_canceled) {
 263         scsi_command_complete_noio(r, ret);
 264         return;
 265     }
 266
 267     if (r->req.cmd.buf[0] == MODE_SELECT && r->req.cmd.buf[4] == 12 &&
 268         s->type == TYPE_TAPE) {
 269         s->blocksize = (r->buf[9] << 16) | (r->buf[10] << 8) | r->buf[11];
 270         DPRINTF("block size %d\n", s->blocksize);
 271     }
 272
 273     scsi_command_complete_noio(r, ret);
 274 }
 275
 276 /* Write data to a scsi device.  Returns nonzero on failure.
 277    The transfer may complete asynchronously.  */
 278 static void scsi_write_data(SCSIRequest *req)
 279 {
 280     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
 281     SCSIDevice *s = r->req.dev;
 282     int ret;
 283
 284     DPRINTF("scsi_write_data 0x%x\n", req->tag);
 285     if (r->len == 0) {
 286         r->len = r->buflen;
 287         scsi_req_data(&r->req, r->len);
 288         return;
 289     }
 290
 291     /* The request is used as the AIO opaque value, so add a ref.  */
 292     scsi_req_ref(&r->req);
 293     ret = execute_command(s->conf.blk, r, SG_DXFER_TO_DEV, scsi_write_complete);
 294     if (ret < 0) {
 295         scsi_command_complete_noio(r, ret);
 296     }
 297 }
 298
 299 /* Return a pointer to the data buffer.  */
 300 static uint8_t *scsi_get_buf(SCSIRequest *req)
 301 {
 302     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
 303
 304     return r->buf;
 305 }
 306
 307 /* Execute a scsi command.  Returns the length of the data expected by the
 308    command.  This will be Positive for data transfers from the device
 309    (eg. disk reads), negative for transfers to the device (eg. disk writes),
 310    and zero if the command does not transfer any data.  */
 311
 312 static int32_t scsi_send_command(SCSIRequest *req, uint8_t *cmd)
 313 {
 314     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
 315     SCSIDevice *s = r->req.dev;
 316     int ret;
 317
 318 #ifdef DEBUG_SCSI
 319     {
 320         int i;
 321         for (i = 1; i < r->req.cmd.len; i++) {
 322             printf(" 0x%02x", cmd[i]);
 323         }
 324         printf("\n");
 325     }
 326 #endif
 327
 328     if (r->req.cmd.xfer == 0) {
 329         g_free(r->buf);
 330         r->buflen = 0;
 331         r->buf = NULL;
 332         /* The request is used as the AIO opaque value, so add a ref.  */
 333         scsi_req_ref(&r->req);
 334         ret = execute_command(s->conf.blk, r, SG_DXFER_NONE,
 335                               scsi_command_complete);
 336         if (ret < 0) {
 337             scsi_command_complete_noio(r, ret);
 338             return 0;
 339         }
 340         return 0;
 341     }
 342
 343     if (r->buflen != r->req.cmd.xfer) {
 344         g_free(r->buf);
 345         r->buf = g_malloc(r->req.cmd.xfer);
 346         r->buflen = r->req.cmd.xfer;
 347     }
 348
 349     memset(r->buf, 0, r->buflen);
 350     r->len = r->req.cmd.xfer;
 351     if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
 352         r->len = 0;
 353         return -r->req.cmd.xfer;
 354     } else {
 355         return r->req.cmd.xfer;
 356     }
 357 }
 358
 359 static int read_naa_id(const uint8_t *p, uint64_t *p_wwn)
 360 {
 361     int i;
 362
 363     if ((p[1] & 0xF) == 3) {
 364         /* NAA designator type */
 365         if (p[3] != 8) {
 366             return -EINVAL;
 367         }
 368         *p_wwn = ldq_be_p(p + 4);
 369         return 0;
 370     }
 371
 372     if ((p[1] & 0xF) == 8) {
 373         /* SCSI name string designator type */
 374         if (p[3] < 20 || memcmp(&p[4], "naa.", 4)) {
 375             return -EINVAL;
 376         }
 377         if (p[3] > 20 && p[24] != ',') {
 378             return -EINVAL;
 379         }
 380         *p_wwn = 0;
 381         for (i = 8; i < 24; i++) {
 382             char c = toupper(p[i]);
 383             c -= (c >= '0' && c <= '9' ? '0' : 'A' - 10);
 384             *p_wwn = (*p_wwn << 4) | c;
 385         }
 386         return 0;
 387     }
 388
 389     return -EINVAL;
 390 }
 391
 392 void scsi_generic_read_device_identification(SCSIDevice *s)
 393 {
 394     uint8_t cmd[6];
 395     uint8_t buf[250];
 396     uint8_t sensebuf[8];
 397     sg_io_hdr_t io_header;
 398     int ret;
 399     int i, len;
 400
 401     memset(cmd, 0, sizeof(cmd));
 402     memset(buf, 0, sizeof(buf));
 403     cmd[0] = INQUIRY;
 404     cmd[1] = 1;
 405     cmd[2] = 0x83;
 406     cmd[4] = sizeof(buf);
 407
 408     memset(&io_header, 0, sizeof(io_header));
 409     io_header.interface_id = 'S';
 410     io_header.dxfer_direction = SG_DXFER_FROM_DEV;
 411     io_header.dxfer_len = sizeof(buf);
 412     io_header.dxferp = buf;
 413     io_header.cmdp = cmd;
 414     io_header.cmd_len = sizeof(cmd);
 415     io_header.mx_sb_len = sizeof(sensebuf);
 416     io_header.sbp = sensebuf;
 417     io_header.timeout = 6000; /* XXX */
 418
 419     ret = blk_ioctl(s->conf.blk, SG_IO, &io_header);
 420     if (ret < 0 || io_header.driver_status || io_header.host_status) {
 421         return;
 422     }
 423
 424     len = MIN((buf[2] << 8) | buf[3], sizeof(buf) - 4);
 425     for (i = 0; i + 3 <= len; ) {
 426         const uint8_t *p = &buf[i + 4];
 427         uint64_t wwn;
 428
 429         if (i + (p[3] + 4) > len) {
 430             break;
 431         }
 432
 433         if ((p[1] & 0x10) == 0) {
 434             /* Associated with the logical unit */
 435             if (read_naa_id(p, &wwn) == 0) {
 436                 s->wwn = wwn;
 437             }
 438         } else if ((p[1] & 0x10) == 0x10) {
 439             /* Associated with the target port */
 440             if (read_naa_id(p, &wwn) == 0) {
 441                 s->port_wwn = wwn;
 442             }
 443         }
 444
 445         i += p[3] + 4;
 446     }
 447 }
 448
 449 static int get_stream_blocksize(BlockBackend *blk)
 450 {
 451     uint8_t cmd[6];
 452     uint8_t buf[12];
 453     uint8_t sensebuf[8];
 454     sg_io_hdr_t io_header;
 455     int ret;
 456
 457     memset(cmd, 0, sizeof(cmd));
 458     memset(buf, 0, sizeof(buf));
 459     cmd[0] = MODE_SENSE;
 460     cmd[4] = sizeof(buf);
 461
 462     memset(&io_header, 0, sizeof(io_header));
 463     io_header.interface_id = 'S';
 464     io_header.dxfer_direction = SG_DXFER_FROM_DEV;
 465     io_header.dxfer_len = sizeof(buf);
 466     io_header.dxferp = buf;
 467     io_header.cmdp = cmd;
 468     io_header.cmd_len = sizeof(cmd);
 469     io_header.mx_sb_len = sizeof(sensebuf);
 470     io_header.sbp = sensebuf;
 471     io_header.timeout = 6000; /* XXX */
 472
 473     ret = blk_ioctl(blk, SG_IO, &io_header);
 474     if (ret < 0 || io_header.driver_status || io_header.host_status) {
 475         return -1;
 476     }
 477     return (buf[9] << 16) | (buf[10] << 8) | buf[11];
 478 }
 479
 480 static void scsi_generic_reset(DeviceState *dev)
 481 {
 482     SCSIDevice *s = SCSI_DEVICE(dev);
 483
 484     scsi_device_purge_requests(s, SENSE_CODE(RESET));
 485 }
 486
 487 static void scsi_generic_realize(SCSIDevice *s, Error **errp)
 488 {
 489     int rc;
 490     int sg_version;
 491     struct sg_scsi_id scsiid;
 492
 493     if (!s->conf.blk) {
 494         error_setg(errp, "drive property not set");
 495         return;
 496     }
 497
 498     if (blk_get_on_error(s->conf.blk, 0) != BLOCKDEV_ON_ERROR_ENOSPC) {
 499         error_setg(errp, "Device doesn't support drive option werror");
 500         return;
 501     }
 502     if (blk_get_on_error(s->conf.blk, 1) != BLOCKDEV_ON_ERROR_REPORT) {
 503         error_setg(errp, "Device doesn't support drive option rerror");
 504         return;
 505     }
 506
 507     /* check we are using a driver managing SG_IO (version 3 and after */
 508     rc = blk_ioctl(s->conf.blk, SG_GET_VERSION_NUM, &sg_version);
 509     if (rc < 0) {
 510         error_setg(errp, "cannot get SG_IO version number: %s.  "
 511                          "Is this a SCSI device?",
 512                          strerror(-rc));
 513         return;
 514     }
 515     if (sg_version < 30000) {
 516         error_setg(errp, "scsi generic interface too old");
 517         return;
 518     }
 519
 520     /* get LUN of the /dev/sg? */
 521     if (blk_ioctl(s->conf.blk, SG_GET_SCSI_ID, &scsiid)) {
 522         error_setg(errp, "SG_GET_SCSI_ID ioctl failed");
 523         return;
 524     }
 525
 526     /* define device state */
 527     s->type = scsiid.scsi_type;
 528     DPRINTF("device type %d\n", s->type);
 529
 530     switch (s->type) {
 531     case TYPE_TAPE:
 532         s->blocksize = get_stream_blocksize(s->conf.blk);
 533         if (s->blocksize == -1) {
 534             s->blocksize = 0;
 535         }
 536         break;
 537
 538         /* Make a guess for block devices, we'll fix it when the guest sends.
 539          * READ CAPACITY.  If they don't, they likely would assume these sizes
 540          * anyway. (TODO: they could also send MODE SENSE).
 541          */
 542     case TYPE_ROM:
 543     case TYPE_WORM:
 544         s->blocksize = 2048;
 545         break;
 546     default:
 547         s->blocksize = 512;
 548         break;
 549     }
 550
 551     DPRINTF("block size %d\n", s->blocksize);
 552
 553     scsi_generic_read_device_identification(s);
 554 }
 555
 556 const SCSIReqOps scsi_generic_req_ops = {
 557     .size         = sizeof(SCSIGenericReq),
 558     .free_req     = scsi_free_request,
 559     .send_command = scsi_send_command,
 560     .read_data    = scsi_read_data,
 561     .write_data   = scsi_write_data,
 562     .get_buf      = scsi_get_buf,
 563     .load_request = scsi_generic_load_request,
 564     .save_request = scsi_generic_save_request,
 565 };
 566
 567 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
 568                                      uint8_t *buf, void *hba_private)
 569 {
 570     SCSIRequest *req;
 571
 572     req = scsi_req_alloc(&scsi_generic_req_ops, d, tag, lun, hba_private);
 573     return req;
 574 }
 575
 576 static Property scsi_generic_properties[] = {
 577     DEFINE_PROP_DRIVE("drive", SCSIDevice, conf.blk),
 578     DEFINE_PROP_END_OF_LIST(),
 579 };
 580
 581 static int scsi_generic_parse_cdb(SCSIDevice *dev, SCSICommand *cmd,
 582                                   uint8_t *buf, void *hba_private)
 583 {
 584     return scsi_bus_parse_cdb(dev, cmd, buf, hba_private);
 585 }
 586
 587 static void scsi_generic_class_initfn(ObjectClass *klass, void *data)
 588 {
 589     DeviceClass *dc = DEVICE_CLASS(klass);
 590     SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
 591
 592     sc->realize      = scsi_generic_realize;
 593     sc->alloc_req    = scsi_new_request;
 594     sc->parse_cdb    = scsi_generic_parse_cdb;
 595     dc->fw_name = "disk";
 596     dc->desc = "pass through generic scsi device (/dev/sg*)";
 597     dc->reset = scsi_generic_reset;
 598     dc->props = scsi_generic_properties;
 599     dc->vmsd  = &vmstate_scsi_device;
 600 }
 601
 602 static const TypeInfo scsi_generic_info = {
 603     .name          = "scsi-generic",
 604     .parent        = TYPE_SCSI_DEVICE,
 605     .instance_size = sizeof(SCSIDevice),
 606     .class_init    = scsi_generic_class_initfn,
 607 };
 608
 609 static void scsi_generic_register_types(void)
 610 {
 611     type_register_static(&scsi_generic_info);
 612 }
 613
 614 type_init(scsi_generic_register_types)
 615
 616 #endif /* __linux__ */