]> Git Repo - qemu.git/blame - hw/scsi/scsi-disk.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
scsi-disk: introduce scsi_disk_req_check_error
[qemu.git] / hw / scsi / scsi-disk.c
CommitLineData
2e5d83bb
PB		 1/*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
ad3cea42
AT		 8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
2e5d83bb 14 *
8e31bf38 15 * This code is licensed under the LGPL.
a917d384
PB		 16 *
17 * Note that this file only handles the SCSI architecture model and device
1d4db89c
AZ		 18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
2e5d83bb
PB		 20 */
21
22//#define DEBUG_SCSI
23
24#ifdef DEBUG_SCSI
001faf32
BS		 25#define DPRINTF(fmt, ...) \
26do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
2e5d83bb 27#else
001faf32 28#define DPRINTF(fmt, ...) do {} while(0)
2e5d83bb
PB		 29#endif
30
a4ab4792 31#include "qemu/osdep.h"
da34e65c 32#include "qapi/error.h"
1de7afc9 33#include "qemu/error-report.h"
0d09e41a
PB		 34#include "hw/scsi/scsi.h"
35#include "block/scsi.h"
9c17d615 36#include "sysemu/sysemu.h"
4be74634 37#include "sysemu/block-backend.h"
9c17d615 38#include "sysemu/blockdev.h"
0d09e41a 39#include "hw/block/block.h"
9c17d615 40#include "sysemu/dma.h"
f348b6d1 41#include "qemu/cutils.h"
22864256 42
336a6915
PB		 43#ifdef __linux
44#include <scsi/sg.h>
45#endif
46
84f94a9a 47#define SCSI_WRITE_SAME_MAX 524288
215e47b9
PB		 48#define SCSI_DMA_BUF_SIZE 131072
49#define SCSI_MAX_INQUIRY_LEN 256
50#define SCSI_MAX_MODE_LEN 256
51
52#define DEFAULT_DISCARD_GRANULARITY 4096
8a1bd297 53#define DEFAULT_MAX_UNMAP_SIZE (1 << 30) /* 1 GB */
f8e1f533 54#define DEFAULT_MAX_IO_SIZE INT_MAX /* 2 GB - 1 block */
a917d384 55
993935f3
PB		 56#define TYPE_SCSI_DISK_BASE "scsi-disk-base"
57
fcaafb10
PB		 58#define SCSI_DISK_BASE(obj) \
59 OBJECT_CHECK(SCSIDiskState, (obj), TYPE_SCSI_DISK_BASE)
60#define SCSI_DISK_BASE_CLASS(klass) \
61 OBJECT_CLASS_CHECK(SCSIDiskClass, (klass), TYPE_SCSI_DISK_BASE)
62#define SCSI_DISK_BASE_GET_CLASS(obj) \
63 OBJECT_GET_CLASS(SCSIDiskClass, (obj), TYPE_SCSI_DISK_BASE)
64
65typedef struct SCSIDiskClass {
66 SCSIDeviceClass parent_class;
67 DMAIOFunc *dma_readv;
68 DMAIOFunc *dma_writev;
94f8ba11 69 bool (*need_fua_emulation)(SCSICommand *cmd);
fcaafb10 70} SCSIDiskClass;
d52affa7 71
4c41d2ef
GH		 72typedef struct SCSIDiskReq {
73 SCSIRequest req;
a917d384 74 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
e035b43d
AL		 75 uint64_t sector;
76 uint32_t sector_count;
7285477a 77 uint32_t buflen;
a0e66a69 78 bool started;
94f8ba11 79 bool need_fua_emulation;
c87c0672
AL		 80 struct iovec iov;
81 QEMUIOVector qiov;
a597e79c 82 BlockAcctCookie acct;
4c41d2ef 83} SCSIDiskReq;
a917d384 84
18e673b8
PH		 85#define SCSI_DISK_F_REMOVABLE 0
86#define SCSI_DISK_F_DPOFUA 1
87#define SCSI_DISK_F_NO_REMOVABLE_DEVOPS 2
bfe3d7ac 88
fcaafb10 89typedef struct SCSIDiskState
a917d384 90{
d52affa7 91 SCSIDevice qdev;
bfe3d7ac 92 uint32_t features;
8a9c16f6 93 bool media_changed;
3c2f7c12 94 bool media_event;
4480de19 95 bool eject_request;
64cc2284 96 uint16_t port_index;
8a1bd297 97 uint64_t max_unmap_size;
f8e1f533 98 uint64_t max_io_size;
213189ab 99 QEMUBH *bh;
383b4d9b 100 char *version;
a0fef654 101 char *serial;
353815aa
DF		 102 char *vendor;
103 char *product;
ece0d5e9 104 bool tray_open;
81b1008d 105 bool tray_locked;
fcaafb10 106} SCSIDiskState;
2e5d83bb 107
d7628080 108static int scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed);
5dba48a8 109
ad2d30f7 110static void scsi_free_request(SCSIRequest *req)
4d611c9a 111{
ad2d30f7
PB		 112 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
113
db4c34c3 114 qemu_vfree(r->iov.iov_base);
4d611c9a
PB		 115}
116
b45ef674
PB		 117/* Helper function for command completion with sense. */
118static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
ed3a34a3 119{
02fa69b6
BS		 120 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n",
121 r->req.tag, sense.key, sense.asc, sense.ascq);
b45ef674
PB		 122 scsi_req_build_sense(&r->req, sense);
123 scsi_req_complete(&r->req, CHECK_CONDITION);
4d611c9a
PB		 124}
125
03c90063 126static void scsi_init_iovec(SCSIDiskReq *r, size_t size)
103b40f5 127{
7285477a
PB		 128 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
129
130 if (!r->iov.iov_base) {
43b978b9 131 r->buflen = size;
4be74634 132 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
7285477a
PB		 133 }
134 r->iov.iov_len = MIN(r->sector_count * 512, r->buflen);
103b40f5 135 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
103b40f5
PB		 136}
137
43b978b9
PB		 138static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req)
139{
140 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
141
142 qemu_put_be64s(f, &r->sector);
143 qemu_put_be32s(f, &r->sector_count);
144 qemu_put_be32s(f, &r->buflen);
18eef3bc
GH		 145 if (r->buflen) {
146 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
147 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
148 } else if (!req->retry) {
149 uint32_t len = r->iov.iov_len;
150 qemu_put_be32s(f, &len);
151 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
152 }
43b978b9
PB		 153 }
154}
155
156static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req)
157{
158 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
159
160 qemu_get_be64s(f, &r->sector);
161 qemu_get_be32s(f, &r->sector_count);
162 qemu_get_be32s(f, &r->buflen);
163 if (r->buflen) {
164 scsi_init_iovec(r, r->buflen);
165 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
166 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
18eef3bc
GH		 167 } else if (!r->req.retry) {
168 uint32_t len;
169 qemu_get_be32s(f, &len);
170 r->iov.iov_len = len;
171 assert(r->iov.iov_len <= r->buflen);
172 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
43b978b9
PB		 173 }
174 }
175
176 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
177}
178
5b956f41
PB		 179static bool scsi_disk_req_check_error(SCSIDiskReq *r, int ret, bool acct_failed)
180{
181 if (r->req.io_canceled) {
182 scsi_req_cancel_complete(&r->req);
183 return true;
184 }
185
186 if (ret < 0) {
187 return scsi_handle_rw_error(r, -ret, acct_failed);
188 }
189
190 return false;
191}
192
c1b35247 193static void scsi_aio_complete(void *opaque, int ret)
5d0d2467
PB		 194{
195 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
196 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
197
46e3f30e
PB		 198 assert(r->req.aiocb != NULL);
199 r->req.aiocb = NULL;
5b956f41 200 if (scsi_disk_req_check_error(r, ret, true)) {
0c92e0e6
PB		 201 goto done;
202 }
5d0d2467 203
d7628080 204 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
5d0d2467
PB		 205 scsi_req_complete(&r->req, GOOD);
206
207done:
3df9caf8 208 scsi_req_unref(&r->req);
5d0d2467
PB		 209}
210
7e8c49c5
PB		 211static bool scsi_is_cmd_fua(SCSICommand *cmd)
212{
213 switch (cmd->buf[0]) {
214 case READ_10:
215 case READ_12:
216 case READ_16:
217 case WRITE_10:
218 case WRITE_12:
219 case WRITE_16:
220 return (cmd->buf[1] & 8) != 0;
221
7f64f8e2
PB		 222 case VERIFY_10:
223 case VERIFY_12:
224 case VERIFY_16:
7e8c49c5
PB		 225 case WRITE_VERIFY_10:
226 case WRITE_VERIFY_12:
227 case WRITE_VERIFY_16:
228 return true;
229
230 case READ_6:
231 case WRITE_6:
232 default:
233 return false;
234 }
235}
236
237static void scsi_write_do_fua(SCSIDiskReq *r)
238{
239 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
240
5fd2b563 241 assert(r->req.aiocb == NULL);
5b956f41 242 assert(!r->req.io_canceled);
0c92e0e6 243
94f8ba11 244 if (r->need_fua_emulation) {
4be74634 245 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 246 BLOCK_ACCT_FLUSH);
4be74634 247 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
7e8c49c5
PB		 248 return;
249 }
250
251 scsi_req_complete(&r->req, GOOD);
3df9caf8 252 scsi_req_unref(&r->req);
7e8c49c5
PB		 253}
254
5fd2b563 255static void scsi_dma_complete_noio(SCSIDiskReq *r, int ret)
a917d384 256{
5fd2b563 257 assert(r->req.aiocb == NULL);
5b956f41 258 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 259 goto done;
260 }
a597e79c 261
b77912a7
PB		 262 r->sector += r->sector_count;
263 r->sector_count = 0;
7e8c49c5
PB		 264 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
265 scsi_write_do_fua(r);
266 return;
267 } else {
268 scsi_req_complete(&r->req, GOOD);
269 }
c7bae6a7
PB		 270
271done:
3df9caf8 272 scsi_req_unref(&r->req);
4d611c9a
PB		 273}
274
ef8489d4
PB		 275static void scsi_dma_complete(void *opaque, int ret)
276{
277 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
5fd2b563 278 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ef8489d4
PB		 279
280 assert(r->req.aiocb != NULL);
5fd2b563
PB		 281 r->req.aiocb = NULL;
282
d7628080
AG		 283 if (ret < 0) {
284 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
285 } else {
286 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
287 }
5fd2b563 288 scsi_dma_complete_noio(r, ret);
ef8489d4
PB		 289}
290
b77912a7 291static void scsi_read_complete(void * opaque, int ret)
0a4ac106
PB		 292{
293 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
294 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
b77912a7 295 int n;
0a4ac106 296
46e3f30e
PB		 297 assert(r->req.aiocb != NULL);
298 r->req.aiocb = NULL;
5b956f41 299 if (scsi_disk_req_check_error(r, ret, true)) {
0c92e0e6
PB		 300 goto done;
301 }
0a4ac106 302
d7628080 303 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
b77912a7
PB		 304 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->qiov.size);
305
306 n = r->qiov.size / 512;
307 r->sector += n;
308 r->sector_count -= n;
309 scsi_req_data(&r->req, r->qiov.size);
c7bae6a7
PB		 310
311done:
3df9caf8 312 scsi_req_unref(&r->req);
0a4ac106 313}
5dba48a8 314
ac668426 315/* Actually issue a read to the block device. */
5fd2b563 316static void scsi_do_read(SCSIDiskReq *r, int ret)
ac668426 317{
ac668426 318 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
fcaafb10 319 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
ac668426 320
5fd2b563 321 assert (r->req.aiocb == NULL);
5b956f41 322 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 323 goto done;
324 }
ac668426 325
31e8fd86
PB		 326 /* The request is used as the AIO opaque value, so add a ref. */
327 scsi_req_ref(&r->req);
328
ac668426 329 if (r->req.sg) {
4be74634 330 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_READ);
ac668426 331 r->req.resid -= r->req.sg->size;
fcaafb10
PB		 332 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
333 r->req.sg, r->sector << BDRV_SECTOR_BITS,
334 sdc->dma_readv, r, scsi_dma_complete, r,
335 DMA_DIRECTION_FROM_DEVICE);
ac668426 336 } else {
03c90063 337 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
4be74634 338 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
03c90063 339 r->qiov.size, BLOCK_ACCT_READ);
fcaafb10
PB		 340 r->req.aiocb = sdc->dma_readv(r->sector, &r->qiov,
341 scsi_read_complete, r, r);
ac668426
PB		 342 }
343
344done:
3df9caf8 345 scsi_req_unref(&r->req);
ac668426
PB		 346}
347
5fd2b563
PB		 348static void scsi_do_read_cb(void *opaque, int ret)
349{
350 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
351 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
352
353 assert (r->req.aiocb != NULL);
354 r->req.aiocb = NULL;
355
d7628080
AG		 356 if (ret < 0) {
357 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
358 } else {
359 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
360 }
5fd2b563
PB		 361 scsi_do_read(opaque, ret);
362}
363
5c6c0e51
HR		 364/* Read more data from scsi device into buffer. */
365static void scsi_read_data(SCSIRequest *req)
2e5d83bb 366{
5c6c0e51 367 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
5dba48a8 368 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ac668426 369 bool first;
2e5d83bb 370
a917d384
PB		 371 DPRINTF("Read sector_count=%d\n", r->sector_count);
372 if (r->sector_count == 0) {
b45ef674
PB		 373 /* This also clears the sense buffer for REQUEST SENSE. */
374 scsi_req_complete(&r->req, GOOD);
a917d384 375 return;
2e5d83bb
PB		 376 }
377
6fa2c95f
SH		 378 /* No data transfer may already be in progress */
379 assert(r->req.aiocb == NULL);
380
c7bae6a7
PB		 381 /* The request is used as the AIO opaque value, so add a ref. */
382 scsi_req_ref(&r->req);
efb9ee02
HR		 383 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
384 DPRINTF("Data transfer direction invalid\n");
385 scsi_read_complete(r, -EINVAL);
386 return;
387 }
388
a1aff5bf
MA		 389 if (s->tray_open) {
390 scsi_read_complete(r, -ENOMEDIUM);
c7bae6a7 391 return;
a1aff5bf 392 }
c7bae6a7 393
ac668426 394 first = !r->started;
a0e66a69 395 r->started = true;
94f8ba11 396 if (first && r->need_fua_emulation) {
4be74634 397 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 398 BLOCK_ACCT_FLUSH);
5fd2b563 399 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_do_read_cb, r);
5d0d2467 400 } else {
ac668426 401 scsi_do_read(r, 0);
5d0d2467 402 }
2e5d83bb
PB		 403}
404
c7bae6a7
PB		 405/*
406 * scsi_handle_rw_error has two return values. 0 means that the error
407 * must be ignored, 1 means that the error has been processed and the
408 * caller should not do anything else for this request. Note that
409 * scsi_handle_rw_error always manages its reference counts, independent
410 * of the return value.
411 */
d7628080 412static int scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed)
5dba48a8 413{
c85a7a00 414 bool is_read = (r->req.cmd.mode == SCSI_XFER_FROM_DEV);
4c41d2ef 415 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
4be74634
MA		 416 BlockErrorAction action = blk_get_error_action(s->qdev.conf.blk,
417 is_read, error);
ea8a5d7f 418
a589569f 419 if (action == BLOCK_ERROR_ACTION_REPORT) {
d7628080
AG		 420 if (acct_failed) {
421 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
422 }
efb9ee02 423 switch (error) {
7e218df5
PB		 424 case ENOMEDIUM:
425 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
426 break;
efb9ee02 427 case ENOMEM:
b45ef674 428 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
efb9ee02
HR		 429 break;
430 case EINVAL:
b45ef674 431 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
efb9ee02 432 break;
703dd81a
PB		 433 case ENOSPC:
434 scsi_check_condition(r, SENSE_CODE(SPACE_ALLOC_FAILED));
435 break;
efb9ee02 436 default:
b45ef674 437 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
efb9ee02 438 break;
a1f0cce2 439 }
ea8a5d7f 440 }
4be74634 441 blk_error_action(s->qdev.conf.blk, action, is_read, error);
a589569f 442 if (action == BLOCK_ERROR_ACTION_STOP) {
3e1caa5f
PB		 443 scsi_req_retry(&r->req);
444 }
a589569f 445 return action != BLOCK_ERROR_ACTION_IGNORE;
ea8a5d7f
AL		 446}
447
5fd2b563 448static void scsi_write_complete_noio(SCSIDiskReq *r, int ret)
4d611c9a 449{
ea8a5d7f
AL		 450 uint32_t n;
451
5fd2b563 452 assert (r->req.aiocb == NULL);
5b956f41 453 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 454 goto done;
455 }
a597e79c 456
103b40f5 457 n = r->qiov.size / 512;
ea8a5d7f
AL		 458 r->sector += n;
459 r->sector_count -= n;
a917d384 460 if (r->sector_count == 0) {
7e8c49c5
PB		 461 scsi_write_do_fua(r);
462 return;
a917d384 463 } else {
43b978b9 464 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
79fb50bb 465 DPRINTF("Write complete tag=0x%x more=%zd\n", r->req.tag, r->qiov.size);
103b40f5 466 scsi_req_data(&r->req, r->qiov.size);
4d611c9a 467 }
c7bae6a7
PB		 468
469done:
3df9caf8 470 scsi_req_unref(&r->req);
4d611c9a
PB		 471}
472
5fd2b563
PB		 473static void scsi_write_complete(void * opaque, int ret)
474{
475 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
476 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
477
478 assert (r->req.aiocb != NULL);
479 r->req.aiocb = NULL;
480
d7628080
AG		 481 if (ret < 0) {
482 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
483 } else {
484 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
485 }
5fd2b563
PB		 486 scsi_write_complete_noio(r, ret);
487}
488
42741212 489static void scsi_write_data(SCSIRequest *req)
ea8a5d7f 490{
5c6c0e51 491 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
4c41d2ef 492 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
fcaafb10 493 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
ea8a5d7f 494
6fa2c95f
SH		 495 /* No data transfer may already be in progress */
496 assert(r->req.aiocb == NULL);
497
c7bae6a7
PB		 498 /* The request is used as the AIO opaque value, so add a ref. */
499 scsi_req_ref(&r->req);
efb9ee02
HR		 500 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
501 DPRINTF("Data transfer direction invalid\n");
5fd2b563 502 scsi_write_complete_noio(r, -EINVAL);
42741212 503 return;
efb9ee02
HR		 504 }
505
5d0d2467
PB		 506 if (!r->req.sg && !r->qiov.size) {
507 /* Called for the first time. Ask the driver to send us more data. */
a0e66a69 508 r->started = true;
5fd2b563 509 scsi_write_complete_noio(r, 0);
5d0d2467
PB		 510 return;
511 }
512 if (s->tray_open) {
5fd2b563 513 scsi_write_complete_noio(r, -ENOMEDIUM);
5d0d2467
PB		 514 return;
515 }
516
7f64f8e2
PB		 517 if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 ||
518 r->req.cmd.buf[0] == VERIFY_16) {
519 if (r->req.sg) {
ef8489d4 520 scsi_dma_complete_noio(r, 0);
7f64f8e2 521 } else {
5fd2b563 522 scsi_write_complete_noio(r, 0);
7f64f8e2
PB		 523 }
524 return;
525 }
526
5d0d2467 527 if (r->req.sg) {
4be74634 528 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_WRITE);
5d0d2467 529 r->req.resid -= r->req.sg->size;
fcaafb10
PB		 530 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
531 r->req.sg, r->sector << BDRV_SECTOR_BITS,
532 sdc->dma_writev, r, scsi_dma_complete, r,
533 DMA_DIRECTION_TO_DEVICE);
5d0d2467 534 } else {
4be74634 535 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
03c90063 536 r->qiov.size, BLOCK_ACCT_WRITE);
fcaafb10
PB		 537 r->req.aiocb = sdc->dma_writev(r->sector << BDRV_SECTOR_BITS, &r->qiov,
538 scsi_write_complete, r, r);
ea8a5d7f 539 }
a917d384 540}
2e5d83bb 541
a917d384 542/* Return a pointer to the data buffer. */
5c6c0e51 543static uint8_t *scsi_get_buf(SCSIRequest *req)
a917d384 544{
5c6c0e51 545 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2e5d83bb 546
3f4cb3d3 547 return (uint8_t *)r->iov.iov_base;
2e5d83bb
PB		 548}
549
0b06c059
GH		 550static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
551{
383b4d9b 552 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
0b06c059 553 int buflen = 0;
82579390 554 int start;
0b06c059 555
0b06c059
GH		 556 if (req->cmd.buf[1] & 0x1) {
557 /* Vital product data */
558 uint8_t page_code = req->cmd.buf[2];
0b06c059 559
e39be482 560 outbuf[buflen++] = s->qdev.type & 0x1f;
0b06c059
GH		 561 outbuf[buflen++] = page_code ; // this page
562 outbuf[buflen++] = 0x00;
82579390
PB		 563 outbuf[buflen++] = 0x00;
564 start = buflen;
0b06c059
GH		 565
566 switch (page_code) {
567 case 0x00: /* Supported page codes, mandatory */
39d98982 568 {
0b06c059
GH		 569 DPRINTF("Inquiry EVPD[Supported pages] "
570 "buffer size %zd\n", req->cmd.xfer);
0b06c059 571 outbuf[buflen++] = 0x00; // list of supported pages (this page)
f01b5931 572 if (s->serial) {
3e1c0c9a 573 outbuf[buflen++] = 0x80; // unit serial number
f01b5931 574 }
0b06c059 575 outbuf[buflen++] = 0x83; // device identification
f37bd73b 576 if (s->qdev.type == TYPE_DISK) {
ea3bd56f
CH		 577 outbuf[buflen++] = 0xb0; // block limits
578 outbuf[buflen++] = 0xb2; // thin provisioning
39d98982 579 }
0b06c059 580 break;
39d98982 581 }
0b06c059
GH		 582 case 0x80: /* Device serial number, optional */
583 {
3e1c0c9a 584 int l;
0b06c059 585
3e1c0c9a
HR		 586 if (!s->serial) {
587 DPRINTF("Inquiry (EVPD[Serial number] not supported\n");
588 return -1;
589 }
590
591 l = strlen(s->serial);
f01b5931 592 if (l > 20) {
0b06c059 593 l = 20;
f01b5931 594 }
0b06c059
GH		 595
596 DPRINTF("Inquiry EVPD[Serial number] "
597 "buffer size %zd\n", req->cmd.xfer);
a0fef654 598 memcpy(outbuf+buflen, s->serial, l);
0b06c059
GH		 599 buflen += l;
600 break;
601 }
602
603 case 0x83: /* Device identification page, mandatory */
604 {
4be74634 605 const char *str = s->serial ?: blk_name(s->qdev.conf.blk);
fd930791
PB		 606 int max_len = s->serial ? 20 : 255 - 8;
607 int id_len = strlen(str);
0b06c059 608
f01b5931 609 if (id_len > max_len) {
0b06c059 610 id_len = max_len;
f01b5931 611 }
0b06c059
GH		 612 DPRINTF("Inquiry EVPD[Device identification] "
613 "buffer size %zd\n", req->cmd.xfer);
614
0b06c059
GH		 615 outbuf[buflen++] = 0x2; // ASCII
616 outbuf[buflen++] = 0; // not officially assigned
617 outbuf[buflen++] = 0; // reserved
618 outbuf[buflen++] = id_len; // length of data following
fd930791 619 memcpy(outbuf+buflen, str, id_len);
0b06c059 620 buflen += id_len;
27395add 621
2ecab408 622 if (s->qdev.wwn) {
27395add
PB		 623 outbuf[buflen++] = 0x1; // Binary
624 outbuf[buflen++] = 0x3; // NAA
625 outbuf[buflen++] = 0; // reserved
626 outbuf[buflen++] = 8;
2ecab408 627 stq_be_p(&outbuf[buflen], s->qdev.wwn);
27395add
PB		 628 buflen += 8;
629 }
64cc2284 630
2ecab408 631 if (s->qdev.port_wwn) {
64cc2284
RD		 632 outbuf[buflen++] = 0x61; // SAS / Binary
633 outbuf[buflen++] = 0x93; // PIV / Target port / NAA
634 outbuf[buflen++] = 0; // reserved
635 outbuf[buflen++] = 8;
2ecab408 636 stq_be_p(&outbuf[buflen], s->qdev.port_wwn);
64cc2284
RD		 637 buflen += 8;
638 }
639
640 if (s->port_index) {
641 outbuf[buflen++] = 0x61; // SAS / Binary
642 outbuf[buflen++] = 0x94; // PIV / Target port / relative target port
643 outbuf[buflen++] = 0; // reserved
644 outbuf[buflen++] = 4;
645 stw_be_p(&outbuf[buflen + 2], s->port_index);
646 buflen += 4;
647 }
0b06c059
GH		 648 break;
649 }
ea3bd56f 650 case 0xb0: /* block limits */
ee3659e3 651 {
ea3bd56f
CH		 652 unsigned int unmap_sectors =
653 s->qdev.conf.discard_granularity / s->qdev.blocksize;
8cfacf07
CH		 654 unsigned int min_io_size =
655 s->qdev.conf.min_io_size / s->qdev.blocksize;
656 unsigned int opt_io_size =
657 s->qdev.conf.opt_io_size / s->qdev.blocksize;
8a1bd297
PB		 658 unsigned int max_unmap_sectors =
659 s->max_unmap_size / s->qdev.blocksize;
f8e1f533
PB		 660 unsigned int max_io_sectors =
661 s->max_io_size / s->qdev.blocksize;
ee3659e3 662
f37bd73b 663 if (s->qdev.type == TYPE_ROM) {
39d98982
HR		 664 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
665 page_code);
666 return -1;
667 }
ee3659e3 668 /* required VPD size with unmap support */
82579390 669 buflen = 0x40;
ee3659e3
CH		 670 memset(outbuf + 4, 0, buflen - 4);
671
84f94a9a
PB		 672 outbuf[4] = 0x1; /* wsnz */
673
ee3659e3
CH		 674 /* optimal transfer length granularity */
675 outbuf[6] = (min_io_size >> 8) & 0xff;
676 outbuf[7] = min_io_size & 0xff;
677
f8e1f533
PB		 678 /* maximum transfer length */
679 outbuf[8] = (max_io_sectors >> 24) & 0xff;
680 outbuf[9] = (max_io_sectors >> 16) & 0xff;
681 outbuf[10] = (max_io_sectors >> 8) & 0xff;
682 outbuf[11] = max_io_sectors & 0xff;
683
ee3659e3
CH		 684 /* optimal transfer length */
685 outbuf[12] = (opt_io_size >> 24) & 0xff;
686 outbuf[13] = (opt_io_size >> 16) & 0xff;
687 outbuf[14] = (opt_io_size >> 8) & 0xff;
688 outbuf[15] = opt_io_size & 0xff;
ea3bd56f 689
8a1bd297
PB		 690 /* max unmap LBA count, default is 1GB */
691 outbuf[20] = (max_unmap_sectors >> 24) & 0xff;
692 outbuf[21] = (max_unmap_sectors >> 16) & 0xff;
693 outbuf[22] = (max_unmap_sectors >> 8) & 0xff;
694 outbuf[23] = max_unmap_sectors & 0xff;
695
696 /* max unmap descriptors, 255 fit in 4 kb with an 8-byte header. */
697 outbuf[24] = 0;
698 outbuf[25] = 0;
699 outbuf[26] = 0;
700 outbuf[27] = 255;
701
ea3bd56f
CH		 702 /* optimal unmap granularity */
703 outbuf[28] = (unmap_sectors >> 24) & 0xff;
704 outbuf[29] = (unmap_sectors >> 16) & 0xff;
705 outbuf[30] = (unmap_sectors >> 8) & 0xff;
706 outbuf[31] = unmap_sectors & 0xff;
f8e1f533
PB		 707
708 /* max write same size */
709 outbuf[36] = 0;
710 outbuf[37] = 0;
711 outbuf[38] = 0;
712 outbuf[39] = 0;
713
714 outbuf[40] = (max_io_sectors >> 24) & 0xff;
715 outbuf[41] = (max_io_sectors >> 16) & 0xff;
716 outbuf[42] = (max_io_sectors >> 8) & 0xff;
717 outbuf[43] = max_io_sectors & 0xff;
ea3bd56f
CH		 718 break;
719 }
720 case 0xb2: /* thin provisioning */
721 {
82579390 722 buflen = 8;
ea3bd56f 723 outbuf[4] = 0;
5222aaf2 724 outbuf[5] = 0xe0; /* unmap & write_same 10/16 all supported */
f644a290 725 outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1;
ea3bd56f 726 outbuf[7] = 0;
ee3659e3
CH		 727 break;
728 }
0b06c059 729 default:
0b06c059
GH		 730 return -1;
731 }
732 /* done with EVPD */
82579390
PB		 733 assert(buflen - start <= 255);
734 outbuf[start - 1] = buflen - start;
0b06c059
GH		 735 return buflen;
736 }
737
738 /* Standard INQUIRY data */
739 if (req->cmd.buf[2] != 0) {
0b06c059
GH		 740 return -1;
741 }
742
743 /* PAGE CODE == 0 */
0b06c059 744 buflen = req->cmd.xfer;
f01b5931 745 if (buflen > SCSI_MAX_INQUIRY_LEN) {
0b06c059 746 buflen = SCSI_MAX_INQUIRY_LEN;
f01b5931 747 }
0b06c059 748
f37bd73b 749 outbuf[0] = s->qdev.type & 0x1f;
bfe3d7ac 750 outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0;
353815aa
DF		 751
752 strpadcpy((char *) &outbuf[16], 16, s->product, ' ');
753 strpadcpy((char *) &outbuf[8], 8, s->vendor, ' ');
754
314b1811 755 memset(&outbuf[32], 0, 4);
552fee93 756 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
99aba0c4
CH		 757 /*
758 * We claim conformance to SPC-3, which is required for guests
759 * to ask for modern features like READ CAPACITY(16) or the
760 * block characteristics VPD page by default. Not all of SPC-3
761 * is actually implemented, but we're good enough.
762 */
ee3659e3 763 outbuf[2] = 5;
1109c894 764 outbuf[3] = 2 | 0x10; /* Format 2, HiSup */
ad3cea42
AT		 765
766 if (buflen > 36) {
767 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
768 } else {
769 /* If the allocation length of CDB is too small,
770 the additional length is not adjusted */
771 outbuf[4] = 36 - 5;
772 }
773
0b06c059 774 /* Sync data transfer and TCQ. */
afd4030c 775 outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0);
0b06c059
GH		 776 return buflen;
777}
778
430ee2f2
PB		 779static inline bool media_is_dvd(SCSIDiskState *s)
780{
781 uint64_t nb_sectors;
782 if (s->qdev.type != TYPE_ROM) {
783 return false;
784 }
4be74634 785 if (!blk_is_inserted(s->qdev.conf.blk)) {
430ee2f2
PB		 786 return false;
787 }
7d99f4c1
MR		 788 if (s->tray_open) {
789 return false;
790 }
4be74634 791 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
430ee2f2
PB		 792 return nb_sectors > CD_MAX_SECTORS;
793}
794
ceb792ef
PB		 795static inline bool media_is_cd(SCSIDiskState *s)
796{
797 uint64_t nb_sectors;
798 if (s->qdev.type != TYPE_ROM) {
799 return false;
800 }
4be74634 801 if (!blk_is_inserted(s->qdev.conf.blk)) {
ceb792ef
PB		 802 return false;
803 }
7d99f4c1
MR		 804 if (s->tray_open) {
805 return false;
806 }
4be74634 807 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
ceb792ef
PB		 808 return nb_sectors <= CD_MAX_SECTORS;
809}
810
1a4f0c3a
PB		 811static int scsi_read_disc_information(SCSIDiskState *s, SCSIDiskReq *r,
812 uint8_t *outbuf)
813{
814 uint8_t type = r->req.cmd.buf[1] & 7;
815
816 if (s->qdev.type != TYPE_ROM) {
817 return -1;
818 }
819
820 /* Types 1/2 are only defined for Blu-Ray. */
821 if (type != 0) {
822 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
823 return -1;
824 }
825
826 memset(outbuf, 0, 34);
827 outbuf[1] = 32;
828 outbuf[2] = 0xe; /* last session complete, disc finalized */
829 outbuf[3] = 1; /* first track on disc */
830 outbuf[4] = 1; /* # of sessions */
831 outbuf[5] = 1; /* first track of last session */
832 outbuf[6] = 1; /* last track of last session */
833 outbuf[7] = 0x20; /* unrestricted use */
834 outbuf[8] = 0x00; /* CD-ROM or DVD-ROM */
835 /* 9-10-11: most significant byte corresponding bytes 4-5-6 */
836 /* 12-23: not meaningful for CD-ROM or DVD-ROM */
837 /* 24-31: disc bar code */
838 /* 32: disc application code */
839 /* 33: number of OPC tables */
840
841 return 34;
842}
843
b6c251ab
PB		 844static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r,
845 uint8_t *outbuf)
846{
ceb792ef
PB		 847 static const int rds_caps_size[5] = {
848 [0] = 2048 + 4,
849 [1] = 4 + 4,
850 [3] = 188 + 4,
851 [4] = 2048 + 4,
852 };
853
854 uint8_t media = r->req.cmd.buf[1];
855 uint8_t layer = r->req.cmd.buf[6];
856 uint8_t format = r->req.cmd.buf[7];
857 int size = -1;
858
859 if (s->qdev.type != TYPE_ROM) {
860 return -1;
861 }
862 if (media != 0) {
863 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
864 return -1;
865 }
866
867 if (format != 0xff) {
4be74634 868 if (s->tray_open || !blk_is_inserted(s->qdev.conf.blk)) {
ceb792ef
PB		 869 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
870 return -1;
871 }
872 if (media_is_cd(s)) {
873 scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT));
874 return -1;
875 }
876 if (format >= ARRAY_SIZE(rds_caps_size)) {
877 return -1;
878 }
879 size = rds_caps_size[format];
880 memset(outbuf, 0, size);
881 }
882
883 switch (format) {
884 case 0x00: {
885 /* Physical format information */
886 uint64_t nb_sectors;
887 if (layer != 0) {
888 goto fail;
889 }
4be74634 890 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
ceb792ef
PB		 891
892 outbuf[4] = 1; /* DVD-ROM, part version 1 */
893 outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
894 outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
895 outbuf[7] = 0; /* default densities */
896
897 stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */
898 stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */
899 break;
900 }
901
902 case 0x01: /* DVD copyright information, all zeros */
903 break;
904
905 case 0x03: /* BCA information - invalid field for no BCA info */
906 return -1;
907
908 case 0x04: /* DVD disc manufacturing information, all zeros */
909 break;
910
911 case 0xff: { /* List capabilities */
912 int i;
913 size = 4;
914 for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) {
915 if (!rds_caps_size[i]) {
916 continue;
917 }
918 outbuf[size] = i;
919 outbuf[size + 1] = 0x40; /* Not writable, readable */
920 stw_be_p(&outbuf[size + 2], rds_caps_size[i]);
921 size += 4;
922 }
923 break;
924 }
925
926 default:
927 return -1;
928 }
929
930 /* Size of buffer, not including 2 byte size field */
931 stw_be_p(outbuf, size - 2);
932 return size;
933
934fail:
b6c251ab
PB		 935 return -1;
936}
937
3c2f7c12 938static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf)
b6c251ab 939{
3c2f7c12
PB		 940 uint8_t event_code, media_status;
941
942 media_status = 0;
943 if (s->tray_open) {
944 media_status = MS_TRAY_OPEN;
4be74634 945 } else if (blk_is_inserted(s->qdev.conf.blk)) {
3c2f7c12
PB		 946 media_status = MS_MEDIA_PRESENT;
947 }
948
949 /* Event notification descriptor */
950 event_code = MEC_NO_CHANGE;
4480de19
PB		 951 if (media_status != MS_TRAY_OPEN) {
952 if (s->media_event) {
953 event_code = MEC_NEW_MEDIA;
954 s->media_event = false;
955 } else if (s->eject_request) {
956 event_code = MEC_EJECT_REQUESTED;
957 s->eject_request = false;
958 }
3c2f7c12
PB		 959 }
960
961 outbuf[0] = event_code;
962 outbuf[1] = media_status;
963
964 /* These fields are reserved, just clear them. */
965 outbuf[2] = 0;
966 outbuf[3] = 0;
967 return 4;
968}
969
970static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r,
971 uint8_t *outbuf)
972{
973 int size;
974 uint8_t *buf = r->req.cmd.buf;
975 uint8_t notification_class_request = buf[4];
976 if (s->qdev.type != TYPE_ROM) {
977 return -1;
978 }
979 if ((buf[1] & 1) == 0) {
980 /* asynchronous */
981 return -1;
982 }
983
984 size = 4;
985 outbuf[0] = outbuf[1] = 0;
986 outbuf[3] = 1 << GESN_MEDIA; /* supported events */
987 if (notification_class_request & (1 << GESN_MEDIA)) {
988 outbuf[2] = GESN_MEDIA;
989 size += scsi_event_status_media(s, &outbuf[size]);
990 } else {
991 outbuf[2] = 0x80;
992 }
993 stw_be_p(outbuf, size - 4);
994 return size;
b6c251ab
PB		 995}
996
430ee2f2 997static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf)
b6c251ab 998{
430ee2f2
PB		 999 int current;
1000
b6c251ab
PB		 1001 if (s->qdev.type != TYPE_ROM) {
1002 return -1;
1003 }
7d99f4c1
MR		 1004
1005 if (media_is_dvd(s)) {
1006 current = MMC_PROFILE_DVD_ROM;
1007 } else if (media_is_cd(s)) {
1008 current = MMC_PROFILE_CD_ROM;
1009 } else {
1010 current = MMC_PROFILE_NONE;
1011 }
1012
430ee2f2
PB		 1013 memset(outbuf, 0, 40);
1014 stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */
1015 stw_be_p(&outbuf[6], current);
1016 /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */
1017 outbuf[10] = 0x03; /* persistent, current */
1018 outbuf[11] = 8; /* two profiles */
1019 stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM);
1020 outbuf[14] = (current == MMC_PROFILE_DVD_ROM);
1021 stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM);
1022 outbuf[18] = (current == MMC_PROFILE_CD_ROM);
1023 /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */
1024 stw_be_p(&outbuf[20], 1);
1025 outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */
1026 outbuf[23] = 8;
1027 stl_be_p(&outbuf[24], 1); /* SCSI */
1028 outbuf[28] = 1; /* DBE = 1, mandatory */
1029 /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */
1030 stw_be_p(&outbuf[32], 3);
1031 outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */
1032 outbuf[35] = 4;
1033 outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */
1034 /* TODO: Random readable, CD read, DVD read, drive serial number,
1035 power management */
1036 return 40;
b6c251ab
PB		 1037}
1038
1039static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf)
1040{
1041 if (s->qdev.type != TYPE_ROM) {
1042 return -1;
1043 }
1044 memset(outbuf, 0, 8);
1045 outbuf[5] = 1; /* CD-ROM */
1046 return 8;
1047}
1048
cfc606da 1049static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
282ab04e 1050 int page_control)
ebddfcbe 1051{
a8f4bbe2
PB		 1052 static const int mode_sense_valid[0x3f] = {
1053 [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK),
1054 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK),
1055 [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
a07c7dcd
PB		 1056 [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
1057 [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM),
a8f4bbe2
PB		 1058 [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM),
1059 };
ef405611
PB		 1060
1061 uint8_t *p = *p_outbuf + 2;
1062 int length;
ebddfcbe 1063
a8f4bbe2
PB		 1064 if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) {
1065 return -1;
1066 }
1067
282ab04e
BK		 1068 /*
1069 * If Changeable Values are requested, a mask denoting those mode parameters
1070 * that are changeable shall be returned. As we currently don't support
1071 * parameter changes via MODE_SELECT all bits are returned set to zero.
1072 * The buffer was already menset to zero by the caller of this function.
ef405611
PB		 1073 *
1074 * The offsets here are off by two compared to the descriptions in the
1075 * SCSI specs, because those include a 2-byte header. This is unfortunate,
1076 * but it is done so that offsets are consistent within our implementation
1077 * of MODE SENSE and MODE SELECT. MODE SELECT has to deal with both
1078 * 2-byte and 4-byte headers.
282ab04e 1079 */
ebddfcbe 1080 switch (page) {
67cc61e4 1081 case MODE_PAGE_HD_GEOMETRY:
ef405611 1082 length = 0x16;
282ab04e 1083 if (page_control == 1) { /* Changeable Values */
cfc606da 1084 break;
282ab04e 1085 }
ebddfcbe 1086 /* if a geometry hint is available, use it */
ef405611
PB		 1087 p[0] = (s->qdev.conf.cyls >> 16) & 0xff;
1088 p[1] = (s->qdev.conf.cyls >> 8) & 0xff;
1089 p[2] = s->qdev.conf.cyls & 0xff;
1090 p[3] = s->qdev.conf.heads & 0xff;
ebddfcbe 1091 /* Write precomp start cylinder, disabled */
ef405611
PB		 1092 p[4] = (s->qdev.conf.cyls >> 16) & 0xff;
1093 p[5] = (s->qdev.conf.cyls >> 8) & 0xff;
1094 p[6] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1095 /* Reduced current start cylinder, disabled */
ef405611
PB		 1096 p[7] = (s->qdev.conf.cyls >> 16) & 0xff;
1097 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1098 p[9] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1099 /* Device step rate [ns], 200ns */
ef405611
PB		 1100 p[10] = 0;
1101 p[11] = 200;
ebddfcbe 1102 /* Landing zone cylinder */
ef405611
PB		 1103 p[12] = 0xff;
1104 p[13] = 0xff;
ebddfcbe 1105 p[14] = 0xff;
ebddfcbe 1106 /* Medium rotation rate [rpm], 5400 rpm */
ef405611
PB		 1107 p[18] = (5400 >> 8) & 0xff;
1108 p[19] = 5400 & 0xff;
cfc606da 1109 break;
ebddfcbe 1110
67cc61e4 1111 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY:
ef405611 1112 length = 0x1e;
282ab04e 1113 if (page_control == 1) { /* Changeable Values */
cfc606da 1114 break;
282ab04e 1115 }
ebddfcbe 1116 /* Transfer rate [kbit/s], 5Mbit/s */
ef405611
PB		 1117 p[0] = 5000 >> 8;
1118 p[1] = 5000 & 0xff;
ebddfcbe 1119 /* if a geometry hint is available, use it */
ef405611
PB		 1120 p[2] = s->qdev.conf.heads & 0xff;
1121 p[3] = s->qdev.conf.secs & 0xff;
1122 p[4] = s->qdev.blocksize >> 8;
1123 p[6] = (s->qdev.conf.cyls >> 8) & 0xff;
1124 p[7] = s->qdev.conf.cyls & 0xff;
1125 /* Write precomp start cylinder, disabled */
d252df48
MA		 1126 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1127 p[9] = s->qdev.conf.cyls & 0xff;
ef405611 1128 /* Reduced current start cylinder, disabled */
d252df48
MA		 1129 p[10] = (s->qdev.conf.cyls >> 8) & 0xff;
1130 p[11] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1131 /* Device step rate [100us], 100us */
ef405611
PB		 1132 p[12] = 0;
1133 p[13] = 1;
ebddfcbe 1134 /* Device step pulse width [us], 1us */
ef405611 1135 p[14] = 1;
ebddfcbe 1136 /* Device head settle delay [100us], 100us */
ef405611
PB		 1137 p[15] = 0;
1138 p[16] = 1;
ebddfcbe 1139 /* Motor on delay [0.1s], 0.1s */
ef405611 1140 p[17] = 1;
ebddfcbe 1141 /* Motor off delay [0.1s], 0.1s */
ef405611 1142 p[18] = 1;
ebddfcbe 1143 /* Medium rotation rate [rpm], 5400 rpm */
ef405611
PB		 1144 p[26] = (5400 >> 8) & 0xff;
1145 p[27] = 5400 & 0xff;
cfc606da 1146 break;
ebddfcbe 1147
67cc61e4 1148 case MODE_PAGE_CACHING:
ef405611 1149 length = 0x12;
96c91bbf 1150 if (page_control == 1 || /* Changeable Values */
4be74634 1151 blk_enable_write_cache(s->qdev.conf.blk)) {
ef405611 1152 p[0] = 4; /* WCE */
ebddfcbe 1153 }
cfc606da 1154 break;
ebddfcbe 1155
a07c7dcd 1156 case MODE_PAGE_R_W_ERROR:
ef405611 1157 length = 10;
4f588b15
PB		 1158 if (page_control == 1) { /* Changeable Values */
1159 break;
1160 }
ef405611 1161 p[0] = 0x80; /* Automatic Write Reallocation Enabled */
a07c7dcd 1162 if (s->qdev.type == TYPE_ROM) {
ef405611 1163 p[1] = 0x20; /* Read Retry Count */
a07c7dcd
PB		 1164 }
1165 break;
1166
1167 case MODE_PAGE_AUDIO_CTL:
ef405611 1168 length = 14;
a07c7dcd
PB		 1169 break;
1170
67cc61e4 1171 case MODE_PAGE_CAPABILITIES:
ef405611 1172 length = 0x14;
282ab04e 1173 if (page_control == 1) { /* Changeable Values */
cfc606da 1174 break;
282ab04e 1175 }
a07c7dcd 1176
ef405611
PB		 1177 p[0] = 0x3b; /* CD-R & CD-RW read */
1178 p[1] = 0; /* Writing not supported */
1179 p[2] = 0x7f; /* Audio, composite, digital out,
ebddfcbe 1180 mode 2 form 1&2, multi session */
ef405611 1181 p[3] = 0xff; /* CD DA, DA accurate, RW supported,
ebddfcbe
GH		 1182 RW corrected, C2 errors, ISRC,
1183 UPC, Bar code */
ef405611 1184 p[4] = 0x2d | (s->tray_locked ? 2 : 0);
ebddfcbe 1185 /* Locking supported, jumper present, eject, tray */
ef405611 1186 p[5] = 0; /* no volume & mute control, no
ebddfcbe 1187 changer */
ef405611
PB		 1188 p[6] = (50 * 176) >> 8; /* 50x read speed */
1189 p[7] = (50 * 176) & 0xff;
1190 p[8] = 2 >> 8; /* Two volume levels */
1191 p[9] = 2 & 0xff;
1192 p[10] = 2048 >> 8; /* 2M buffer */
1193 p[11] = 2048 & 0xff;
1194 p[12] = (16 * 176) >> 8; /* 16x read speed current */
1195 p[13] = (16 * 176) & 0xff;
1196 p[16] = (16 * 176) >> 8; /* 16x write speed */
1197 p[17] = (16 * 176) & 0xff;
1198 p[18] = (16 * 176) >> 8; /* 16x write speed current */
ebddfcbe 1199 p[19] = (16 * 176) & 0xff;
cfc606da 1200 break;
ebddfcbe
GH		 1201
1202 default:
cfc606da 1203 return -1;
ebddfcbe 1204 }
cfc606da 1205
ef405611
PB		 1206 assert(length < 256);
1207 (*p_outbuf)[0] = page;
1208 (*p_outbuf)[1] = length;
1209 *p_outbuf += length + 2;
1210 return length + 2;
ebddfcbe
GH		 1211}
1212
cfc606da 1213static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
ebddfcbe 1214{
cfc606da 1215 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ebddfcbe 1216 uint64_t nb_sectors;
e590ecbe
PB		 1217 bool dbd;
1218 int page, buflen, ret, page_control;
ebddfcbe 1219 uint8_t *p;
ce512ee1 1220 uint8_t dev_specific_param;
ebddfcbe 1221
e590ecbe 1222 dbd = (r->req.cmd.buf[1] & 0x8) != 0;
cfc606da
PB		 1223 page = r->req.cmd.buf[2] & 0x3f;
1224 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
aa2b1e89 1225 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
cfc606da
PB		 1226 (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control);
1227 memset(outbuf, 0, r->req.cmd.xfer);
ebddfcbe
GH		 1228 p = outbuf;
1229
e590ecbe 1230 if (s->qdev.type == TYPE_DISK) {
da8365db 1231 dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0;
4be74634 1232 if (blk_is_read_only(s->qdev.conf.blk)) {
e590ecbe
PB		 1233 dev_specific_param |= 0x80; /* Readonly. */
1234 }
ce512ee1 1235 } else {
e590ecbe
PB		 1236 /* MMC prescribes that CD/DVD drives have no block descriptors,
1237 * and defines no device-specific parameter. */
6a2de0f2 1238 dev_specific_param = 0x00;
e590ecbe 1239 dbd = true;
ce512ee1
BK		 1240 }
1241
cfc606da 1242 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1243 p[1] = 0; /* Default media type. */
1244 p[2] = dev_specific_param;
1245 p[3] = 0; /* Block descriptor length. */
1246 p += 4;
1247 } else { /* MODE_SENSE_10 */
1248 p[2] = 0; /* Default media type. */
1249 p[3] = dev_specific_param;
1250 p[6] = p[7] = 0; /* Block descriptor length. */
1251 p += 8;
ebddfcbe 1252 }
ebddfcbe 1253
4be74634 1254 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
e590ecbe 1255 if (!dbd && nb_sectors) {
cfc606da 1256 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1257 outbuf[3] = 8; /* Block descriptor length */
1258 } else { /* MODE_SENSE_10 */
1259 outbuf[7] = 8; /* Block descriptor length */
1260 }
69377307 1261 nb_sectors /= (s->qdev.blocksize / 512);
f01b5931 1262 if (nb_sectors > 0xffffff) {
2488b740 1263 nb_sectors = 0;
f01b5931 1264 }
ebddfcbe
GH		 1265 p[0] = 0; /* media density code */
1266 p[1] = (nb_sectors >> 16) & 0xff;
1267 p[2] = (nb_sectors >> 8) & 0xff;
1268 p[3] = nb_sectors & 0xff;
1269 p[4] = 0; /* reserved */
1270 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
69377307 1271 p[6] = s->qdev.blocksize >> 8;
ebddfcbe
GH		 1272 p[7] = 0;
1273 p += 8;
1274 }
1275
cfc606da
PB		 1276 if (page_control == 3) {
1277 /* Saved Values */
1278 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
1279 return -1;
282ab04e
BK		 1280 }
1281
cfc606da
PB		 1282 if (page == 0x3f) {
1283 for (page = 0; page <= 0x3e; page++) {
1284 mode_sense_page(s, page, &p, page_control);
1285 }
1286 } else {
1287 ret = mode_sense_page(s, page, &p, page_control);
1288 if (ret == -1) {
1289 return -1;
1290 }
ebddfcbe
GH		 1291 }
1292
1293 buflen = p - outbuf;
ce512ee1
BK		 1294 /*
1295 * The mode data length field specifies the length in bytes of the
1296 * following data that is available to be transferred. The mode data
1297 * length does not include itself.
1298 */
cfc606da 1299 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1300 outbuf[0] = buflen - 1;
1301 } else { /* MODE_SENSE_10 */
1302 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
1303 outbuf[1] = (buflen - 2) & 0xff;
1304 }
ebddfcbe
GH		 1305 return buflen;
1306}
1307
02880f43
GH		 1308static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
1309{
1310 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
02880f43
GH		 1311 int start_track, format, msf, toclen;
1312 uint64_t nb_sectors;
1313
1314 msf = req->cmd.buf[1] & 2;
1315 format = req->cmd.buf[2] & 0xf;
1316 start_track = req->cmd.buf[6];
4be74634 1317 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
02880f43 1318 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
69377307 1319 nb_sectors /= s->qdev.blocksize / 512;
02880f43
GH		 1320 switch (format) {
1321 case 0:
1322 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
1323 break;
1324 case 1:
1325 /* multi session : only a single session defined */
1326 toclen = 12;
1327 memset(outbuf, 0, 12);
1328 outbuf[1] = 0x0a;
1329 outbuf[2] = 0x01;
1330 outbuf[3] = 0x01;
1331 break;
1332 case 2:
1333 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
1334 break;
1335 default:
1336 return -1;
1337 }
02880f43
GH		 1338 return toclen;
1339}
1340
68bb01f3 1341static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
bfd52647
MA		 1342{
1343 SCSIRequest *req = &r->req;
1344 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1345 bool start = req->cmd.buf[4] & 1;
1346 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
ae5708b3
RS		 1347 int pwrcnd = req->cmd.buf[4] & 0xf0;
1348
1349 if (pwrcnd) {
1350 /* eject/load only happens for power condition == 0 */
1351 return 0;
1352 }
bfd52647 1353
b456a71c 1354 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) && loej) {
68bb01f3
MA		 1355 if (!start && !s->tray_open && s->tray_locked) {
1356 scsi_check_condition(r,
4be74634 1357 blk_is_inserted(s->qdev.conf.blk)
68bb01f3
MA		 1358 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
1359 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
1360 return -1;
fdec4404 1361 }
d88b1819
LC		 1362
1363 if (s->tray_open != !start) {
4be74634 1364 blk_eject(s->qdev.conf.blk, !start);
d88b1819
LC		 1365 s->tray_open = !start;
1366 }
bfd52647 1367 }
68bb01f3 1368 return 0;
bfd52647
MA		 1369}
1370
314a3299
PB		 1371static void scsi_disk_emulate_read_data(SCSIRequest *req)
1372{
1373 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1374 int buflen = r->iov.iov_len;
1375
1376 if (buflen) {
79fb50bb 1377 DPRINTF("Read buf_len=%d\n", buflen);
314a3299
PB		 1378 r->iov.iov_len = 0;
1379 r->started = true;
1380 scsi_req_data(&r->req, buflen);
1381 return;
1382 }
1383
1384 /* This also clears the sense buffer for REQUEST SENSE. */
1385 scsi_req_complete(&r->req, GOOD);
1386}
1387
380feaff
PB		 1388static int scsi_disk_check_mode_select(SCSIDiskState *s, int page,
1389 uint8_t *inbuf, int inlen)
1390{
1391 uint8_t mode_current[SCSI_MAX_MODE_LEN];
1392 uint8_t mode_changeable[SCSI_MAX_MODE_LEN];
1393 uint8_t *p;
1394 int len, expected_len, changeable_len, i;
1395
1396 /* The input buffer does not include the page header, so it is
1397 * off by 2 bytes.
1398 */
1399 expected_len = inlen + 2;
1400 if (expected_len > SCSI_MAX_MODE_LEN) {
1401 return -1;
1402 }
1403
1404 p = mode_current;
1405 memset(mode_current, 0, inlen + 2);
1406 len = mode_sense_page(s, page, &p, 0);
1407 if (len < 0 || len != expected_len) {
1408 return -1;
1409 }
1410
1411 p = mode_changeable;
1412 memset(mode_changeable, 0, inlen + 2);
1413 changeable_len = mode_sense_page(s, page, &p, 1);
1414 assert(changeable_len == len);
1415
1416 /* Check that unchangeable bits are the same as what MODE SENSE
1417 * would return.
1418 */
1419 for (i = 2; i < len; i++) {
1420 if (((mode_current[i] ^ inbuf[i - 2]) & ~mode_changeable[i]) != 0) {
1421 return -1;
1422 }
1423 }
1424 return 0;
1425}
1426
1427static void scsi_disk_apply_mode_select(SCSIDiskState *s, int page, uint8_t *p)
1428{
96c91bbf
PB		 1429 switch (page) {
1430 case MODE_PAGE_CACHING:
4be74634 1431 blk_set_enable_write_cache(s->qdev.conf.blk, (p[0] & 4) != 0);
96c91bbf
PB		 1432 break;
1433
1434 default:
1435 break;
1436 }
380feaff
PB		 1437}
1438
1439static int mode_select_pages(SCSIDiskReq *r, uint8_t *p, int len, bool change)
1440{
1441 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1442
1443 while (len > 0) {
1444 int page, subpage, page_len;
1445
1446 /* Parse both possible formats for the mode page headers. */
1447 page = p[0] & 0x3f;
1448 if (p[0] & 0x40) {
1449 if (len < 4) {
1450 goto invalid_param_len;
1451 }
1452 subpage = p[1];
1453 page_len = lduw_be_p(&p[2]);
1454 p += 4;
1455 len -= 4;
1456 } else {
1457 if (len < 2) {
1458 goto invalid_param_len;
1459 }
1460 subpage = 0;
1461 page_len = p[1];
1462 p += 2;
1463 len -= 2;
1464 }
1465
1466 if (subpage) {
1467 goto invalid_param;
1468 }
1469 if (page_len > len) {
1470 goto invalid_param_len;
1471 }
1472
1473 if (!change) {
1474 if (scsi_disk_check_mode_select(s, page, p, page_len) < 0) {
1475 goto invalid_param;
1476 }
1477 } else {
1478 scsi_disk_apply_mode_select(s, page, p);
1479 }
1480
1481 p += page_len;
1482 len -= page_len;
1483 }
1484 return 0;
1485
1486invalid_param:
1487 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1488 return -1;
1489
1490invalid_param_len:
1491 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1492 return -1;
1493}
1494
1495static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf)
1496{
accfeb2d 1497 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
380feaff
PB		 1498 uint8_t *p = inbuf;
1499 int cmd = r->req.cmd.buf[0];
1500 int len = r->req.cmd.xfer;
1501 int hdr_len = (cmd == MODE_SELECT ? 4 : 8);
1502 int bd_len;
1503 int pass;
1504
1505 /* We only support PF=1, SP=0. */
1506 if ((r->req.cmd.buf[1] & 0x11) != 0x10) {
1507 goto invalid_field;
1508 }
1509
1510 if (len < hdr_len) {
1511 goto invalid_param_len;
1512 }
1513
1514 bd_len = (cmd == MODE_SELECT ? p[3] : lduw_be_p(&p[6]));
1515 len -= hdr_len;
1516 p += hdr_len;
1517 if (len < bd_len) {
1518 goto invalid_param_len;
1519 }
1520 if (bd_len != 0 && bd_len != 8) {
1521 goto invalid_param;
1522 }
1523
1524 len -= bd_len;
1525 p += bd_len;
1526
1527 /* Ensure no change is made if there is an error! */
1528 for (pass = 0; pass < 2; pass++) {
1529 if (mode_select_pages(r, p, len, pass == 1) < 0) {
1530 assert(pass == 0);
1531 return;
1532 }
1533 }
4be74634 1534 if (!blk_enable_write_cache(s->qdev.conf.blk)) {
accfeb2d
PB		 1535 /* The request is used as the AIO opaque value, so add a ref. */
1536 scsi_req_ref(&r->req);
4be74634 1537 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 1538 BLOCK_ACCT_FLUSH);
4be74634 1539 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
accfeb2d
PB		 1540 return;
1541 }
1542
380feaff
PB		 1543 scsi_req_complete(&r->req, GOOD);
1544 return;
1545
1546invalid_param:
1547 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1548 return;
1549
1550invalid_param_len:
1551 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1552 return;
1553
1554invalid_field:
1555 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
380feaff
PB		 1556}
1557
444bc908
PB		 1558static inline bool check_lba_range(SCSIDiskState *s,
1559 uint64_t sector_num, uint32_t nb_sectors)
1560{
1561 /*
1562 * The first line tests that no overflow happens when computing the last
1563 * sector. The second line tests that the last accessed sector is in
1564 * range.
12ca76fc
PB		 1565 *
1566 * Careful, the computations should not underflow for nb_sectors == 0,
1567 * and a 0-block read to the first LBA beyond the end of device is
1568 * valid.
444bc908
PB		 1569 */
1570 return (sector_num <= sector_num + nb_sectors &&
12ca76fc 1571 sector_num + nb_sectors <= s->qdev.max_lba + 1);
444bc908
PB		 1572}
1573
5222aaf2
PB		 1574typedef struct UnmapCBData {
1575 SCSIDiskReq *r;
1576 uint8_t *inbuf;
1577 int count;
1578} UnmapCBData;
1579
5fd2b563
PB		 1580static void scsi_unmap_complete(void *opaque, int ret);
1581
1582static void scsi_unmap_complete_noio(UnmapCBData *data, int ret)
5222aaf2 1583{
5222aaf2
PB		 1584 SCSIDiskReq *r = data->r;
1585 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1586 uint64_t sector_num;
5bb0b62e 1587 uint32_t nb_sectors;
5222aaf2 1588
5fd2b563 1589 assert(r->req.aiocb == NULL);
5b956f41 1590 if (scsi_disk_req_check_error(r, ret, false)) {
d0242ead
PB		 1591 goto done;
1592 }
1593
d0242ead 1594 if (data->count > 0) {
5222aaf2
PB		 1595 sector_num = ldq_be_p(&data->inbuf[0]);
1596 nb_sectors = ldl_be_p(&data->inbuf[8]) & 0xffffffffULL;
444bc908 1597 if (!check_lba_range(s, sector_num, nb_sectors)) {
5222aaf2
PB		 1598 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1599 goto done;
1600 }
1601
4be74634
MA		 1602 r->req.aiocb = blk_aio_discard(s->qdev.conf.blk,
1603 sector_num * (s->qdev.blocksize / 512),
1604 nb_sectors * (s->qdev.blocksize / 512),
1605 scsi_unmap_complete, data);
5222aaf2
PB		 1606 data->count--;
1607 data->inbuf += 16;
1608 return;
1609 }
1610
d0242ead
PB		 1611 scsi_req_complete(&r->req, GOOD);
1612
5222aaf2 1613done:
3df9caf8 1614 scsi_req_unref(&r->req);
5222aaf2
PB		 1615 g_free(data);
1616}
1617
5fd2b563
PB		 1618static void scsi_unmap_complete(void *opaque, int ret)
1619{
1620 UnmapCBData *data = opaque;
1621 SCSIDiskReq *r = data->r;
1622
1623 assert(r->req.aiocb != NULL);
1624 r->req.aiocb = NULL;
1625
1626 scsi_unmap_complete_noio(data, ret);
1627}
1628
5222aaf2
PB		 1629static void scsi_disk_emulate_unmap(SCSIDiskReq *r, uint8_t *inbuf)
1630{
c5fd1fb0 1631 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
5222aaf2
PB		 1632 uint8_t *p = inbuf;
1633 int len = r->req.cmd.xfer;
1634 UnmapCBData *data;
1635
823bd739
PB		 1636 /* Reject ANCHOR=1. */
1637 if (r->req.cmd.buf[1] & 0x1) {
1638 goto invalid_field;
1639 }
1640
5222aaf2
PB		 1641 if (len < 8) {
1642 goto invalid_param_len;
1643 }
1644 if (len < lduw_be_p(&p[0]) + 2) {
1645 goto invalid_param_len;
1646 }
1647 if (len < lduw_be_p(&p[2]) + 8) {
1648 goto invalid_param_len;
1649 }
1650 if (lduw_be_p(&p[2]) & 15) {
1651 goto invalid_param_len;
1652 }
1653
4be74634 1654 if (blk_is_read_only(s->qdev.conf.blk)) {
c5fd1fb0
PB		 1655 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1656 return;
1657 }
1658
5222aaf2
PB		 1659 data = g_new0(UnmapCBData, 1);
1660 data->r = r;
1661 data->inbuf = &p[8];
1662 data->count = lduw_be_p(&p[2]) >> 4;
1663
1664 /* The matching unref is in scsi_unmap_complete, before data is freed. */
1665 scsi_req_ref(&r->req);
5fd2b563 1666 scsi_unmap_complete_noio(data, 0);
5222aaf2
PB		 1667 return;
1668
1669invalid_param_len:
1670 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
823bd739
PB		 1671 return;
1672
1673invalid_field:
1674 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
5222aaf2
PB		 1675}
1676
84f94a9a
PB		 1677typedef struct WriteSameCBData {
1678 SCSIDiskReq *r;
1679 int64_t sector;
1680 int nb_sectors;
1681 QEMUIOVector qiov;
1682 struct iovec iov;
1683} WriteSameCBData;
1684
1685static void scsi_write_same_complete(void *opaque, int ret)
1686{
1687 WriteSameCBData *data = opaque;
1688 SCSIDiskReq *r = data->r;
1689 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1690
1691 assert(r->req.aiocb != NULL);
1692 r->req.aiocb = NULL;
5b956f41 1693 if (scsi_disk_req_check_error(r, ret, true)) {
84f94a9a
PB		 1694 goto done;
1695 }
1696
d7628080
AG		 1697 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
1698
84f94a9a
PB		 1699 data->nb_sectors -= data->iov.iov_len / 512;
1700 data->sector += data->iov.iov_len / 512;
1701 data->iov.iov_len = MIN(data->nb_sectors * 512, data->iov.iov_len);
1702 if (data->iov.iov_len) {
4be74634 1703 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8 1704 data->iov.iov_len, BLOCK_ACCT_WRITE);
03c90063
EB		 1705 /* Reinitialize qiov, to handle unaligned WRITE SAME request
1706 * where final qiov may need smaller size */
a56537a1 1707 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
03c90063
EB		 1708 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1709 data->sector << BDRV_SECTOR_BITS,
1710 &data->qiov, 0,
1711 scsi_write_same_complete, data);
84f94a9a
PB		 1712 return;
1713 }
1714
1715 scsi_req_complete(&r->req, GOOD);
1716
1717done:
3df9caf8 1718 scsi_req_unref(&r->req);
84f94a9a
PB		 1719 qemu_vfree(data->iov.iov_base);
1720 g_free(data);
1721}
1722
1723static void scsi_disk_emulate_write_same(SCSIDiskReq *r, uint8_t *inbuf)
1724{
1725 SCSIRequest *req = &r->req;
1726 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1894df02 1727 uint32_t nb_sectors = scsi_data_cdb_xfer(r->req.cmd.buf);
84f94a9a
PB		 1728 WriteSameCBData *data;
1729 uint8_t *buf;
1730 int i;
1731
1732 /* Fail if PBDATA=1 or LBDATA=1 or ANCHOR=1. */
1733 if (nb_sectors == 0 || (req->cmd.buf[1] & 0x16)) {
1734 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1735 return;
1736 }
1737
4be74634 1738 if (blk_is_read_only(s->qdev.conf.blk)) {
84f94a9a
PB		 1739 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1740 return;
1741 }
1742 if (!check_lba_range(s, r->req.cmd.lba, nb_sectors)) {
1743 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1744 return;
1745 }
1746
1747 if (buffer_is_zero(inbuf, s->qdev.blocksize)) {
1748 int flags = (req->cmd.buf[1] & 0x8) ? BDRV_REQ_MAY_UNMAP : 0;
1749
1750 /* The request is used as the AIO opaque value, so add a ref. */
1751 scsi_req_ref(&r->req);
4be74634 1752 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8
BC		 1753 nb_sectors * s->qdev.blocksize,
1754 BLOCK_ACCT_WRITE);
d004bd52 1755 r->req.aiocb = blk_aio_pwrite_zeroes(s->qdev.conf.blk,
983a1600
EB		 1756 r->req.cmd.lba * s->qdev.blocksize,
1757 nb_sectors * s->qdev.blocksize,
4be74634 1758 flags, scsi_aio_complete, r);
84f94a9a
PB		 1759 return;
1760 }
1761
1762 data = g_new0(WriteSameCBData, 1);
1763 data->r = r;
1764 data->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
1765 data->nb_sectors = nb_sectors * (s->qdev.blocksize / 512);
1766 data->iov.iov_len = MIN(data->nb_sectors * 512, SCSI_WRITE_SAME_MAX);
4be74634
MA		 1767 data->iov.iov_base = buf = blk_blockalign(s->qdev.conf.blk,
1768 data->iov.iov_len);
84f94a9a
PB		 1769 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
1770
1771 for (i = 0; i < data->iov.iov_len; i += s->qdev.blocksize) {
1772 memcpy(&buf[i], inbuf, s->qdev.blocksize);
1773 }
1774
1775 scsi_req_ref(&r->req);
4be74634 1776 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8 1777 data->iov.iov_len, BLOCK_ACCT_WRITE);
03c90063
EB		 1778 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1779 data->sector << BDRV_SECTOR_BITS,
1780 &data->qiov, 0,
1781 scsi_write_same_complete, data);
84f94a9a
PB		 1782}
1783
314a3299
PB		 1784static void scsi_disk_emulate_write_data(SCSIRequest *req)
1785{
af6d510d
PB		 1786 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1787
1788 if (r->iov.iov_len) {
1789 int buflen = r->iov.iov_len;
79fb50bb 1790 DPRINTF("Write buf_len=%d\n", buflen);
af6d510d
PB		 1791 r->iov.iov_len = 0;
1792 scsi_req_data(&r->req, buflen);
1793 return;
1794 }
1795
1796 switch (req->cmd.buf[0]) {
1797 case MODE_SELECT:
1798 case MODE_SELECT_10:
1799 /* This also clears the sense buffer for REQUEST SENSE. */
380feaff 1800 scsi_disk_emulate_mode_select(r, r->iov.iov_base);
af6d510d
PB		 1801 break;
1802
5222aaf2
PB		 1803 case UNMAP:
1804 scsi_disk_emulate_unmap(r, r->iov.iov_base);
1805 break;
1806
d97e7730
PB		 1807 case VERIFY_10:
1808 case VERIFY_12:
1809 case VERIFY_16:
1810 if (r->req.status == -1) {
1811 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1812 }
1813 break;
1814
84f94a9a
PB		 1815 case WRITE_SAME_10:
1816 case WRITE_SAME_16:
1817 scsi_disk_emulate_write_same(r, r->iov.iov_base);
1818 break;
d97e7730 1819
af6d510d
PB		 1820 default:
1821 abort();
1822 }
314a3299
PB		 1823}
1824
b08d0ea0 1825static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
aa5dbdc1 1826{
b08d0ea0 1827 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
e7e25e32 1828 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
e7e25e32 1829 uint64_t nb_sectors;
7285477a 1830 uint8_t *outbuf;
af6d510d 1831 int buflen;
aa5dbdc1 1832
b08d0ea0
PB		 1833 switch (req->cmd.buf[0]) {
1834 case INQUIRY:
1835 case MODE_SENSE:
1836 case MODE_SENSE_10:
1837 case RESERVE:
1838 case RESERVE_10:
1839 case RELEASE:
1840 case RELEASE_10:
1841 case START_STOP:
1842 case ALLOW_MEDIUM_REMOVAL:
1843 case GET_CONFIGURATION:
1844 case GET_EVENT_STATUS_NOTIFICATION:
1845 case MECHANISM_STATUS:
1846 case REQUEST_SENSE:
1847 break;
1848
1849 default:
4be74634 1850 if (s->tray_open || !blk_is_inserted(s->qdev.conf.blk)) {
b08d0ea0
PB		 1851 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1852 return 0;
1853 }
1854 break;
1855 }
1856
c8dcb531
PB		 1857 /*
1858 * FIXME: we shouldn't return anything bigger than 4k, but the code
1859 * requires the buffer to be as big as req->cmd.xfer in several
1860 * places. So, do not allow CDBs with a very large ALLOCATION
1861 * LENGTH. The real fix would be to modify scsi_read_data and
1862 * dma_buf_read, so that they return data beyond the buflen
1863 * as all zeros.
1864 */
1865 if (req->cmd.xfer > 65536) {
1866 goto illegal_request;
1867 }
1868 r->buflen = MAX(4096, req->cmd.xfer);
1869
7285477a 1870 if (!r->iov.iov_base) {
4be74634 1871 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
7285477a
PB		 1872 }
1873
af6d510d 1874 buflen = req->cmd.xfer;
7285477a 1875 outbuf = r->iov.iov_base;
c8dcb531 1876 memset(outbuf, 0, r->buflen);
aa5dbdc1
GH		 1877 switch (req->cmd.buf[0]) {
1878 case TEST_UNIT_READY:
4be74634 1879 assert(!s->tray_open && blk_is_inserted(s->qdev.conf.blk));
5f71d32f 1880 break;
0b06c059
GH		 1881 case INQUIRY:
1882 buflen = scsi_disk_emulate_inquiry(req, outbuf);
f01b5931 1883 if (buflen < 0) {
0b06c059 1884 goto illegal_request;
f01b5931 1885 }
5f71d32f 1886 break;
ebddfcbe
GH		 1887 case MODE_SENSE:
1888 case MODE_SENSE_10:
cfc606da 1889 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
f01b5931 1890 if (buflen < 0) {
ebddfcbe 1891 goto illegal_request;
f01b5931 1892 }
ebddfcbe 1893 break;
02880f43
GH		 1894 case READ_TOC:
1895 buflen = scsi_disk_emulate_read_toc(req, outbuf);
f01b5931 1896 if (buflen < 0) {
02880f43 1897 goto illegal_request;
f01b5931 1898 }
02880f43 1899 break;
3d53ba18 1900 case RESERVE:
f01b5931 1901 if (req->cmd.buf[1] & 1) {
3d53ba18 1902 goto illegal_request;
f01b5931 1903 }
3d53ba18
GH		 1904 break;
1905 case RESERVE_10:
f01b5931 1906 if (req->cmd.buf[1] & 3) {
3d53ba18 1907 goto illegal_request;
f01b5931 1908 }
3d53ba18
GH		 1909 break;
1910 case RELEASE:
f01b5931 1911 if (req->cmd.buf[1] & 1) {
3d53ba18 1912 goto illegal_request;
f01b5931 1913 }
3d53ba18
GH		 1914 break;
1915 case RELEASE_10:
f01b5931 1916 if (req->cmd.buf[1] & 3) {
3d53ba18 1917 goto illegal_request;
f01b5931 1918 }
3d53ba18 1919 break;
8d3628ff 1920 case START_STOP:
68bb01f3 1921 if (scsi_disk_emulate_start_stop(r) < 0) {
b08d0ea0 1922 return 0;
68bb01f3 1923 }
5f71d32f 1924 break;
c68b9f34 1925 case ALLOW_MEDIUM_REMOVAL:
81b1008d 1926 s->tray_locked = req->cmd.buf[4] & 1;
4be74634 1927 blk_lock_medium(s->qdev.conf.blk, req->cmd.buf[4] & 1);
5f71d32f 1928 break;
5e30a07d 1929 case READ_CAPACITY_10:
e7e25e32 1930 /* The normal LEN field for this command is zero. */
5f71d32f 1931 memset(outbuf, 0, 8);
4be74634 1932 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
f01b5931 1933 if (!nb_sectors) {
9bcaf4fe 1934 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
0369f06f 1935 return 0;
f01b5931 1936 }
7cec78b6
PB		 1937 if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) {
1938 goto illegal_request;
1939 }
69377307 1940 nb_sectors /= s->qdev.blocksize / 512;
e7e25e32
GH		 1941 /* Returned value is the address of the last sector. */
1942 nb_sectors--;
1943 /* Remember the new size for read/write sanity checking. */
7877903a 1944 s->qdev.max_lba = nb_sectors;
e7e25e32 1945 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
f01b5931 1946 if (nb_sectors > UINT32_MAX) {
e7e25e32 1947 nb_sectors = UINT32_MAX;
f01b5931 1948 }
e7e25e32
GH		 1949 outbuf[0] = (nb_sectors >> 24) & 0xff;
1950 outbuf[1] = (nb_sectors >> 16) & 0xff;
1951 outbuf[2] = (nb_sectors >> 8) & 0xff;
1952 outbuf[3] = nb_sectors & 0xff;
1953 outbuf[4] = 0;
1954 outbuf[5] = 0;
69377307 1955 outbuf[6] = s->qdev.blocksize >> 8;
e7e25e32 1956 outbuf[7] = 0;
5f71d32f 1957 break;
f3b338ef
PB		 1958 case REQUEST_SENSE:
1959 /* Just return "NO SENSE". */
1960 buflen = scsi_build_sense(NULL, 0, outbuf, r->buflen,
1961 (req->cmd.buf[1] & 1) == 0);
c8dcb531
PB		 1962 if (buflen < 0) {
1963 goto illegal_request;
1964 }
f3b338ef 1965 break;
b6c251ab
PB		 1966 case MECHANISM_STATUS:
1967 buflen = scsi_emulate_mechanism_status(s, outbuf);
1968 if (buflen < 0) {
1969 goto illegal_request;
1970 }
1971 break;
38215553 1972 case GET_CONFIGURATION:
430ee2f2 1973 buflen = scsi_get_configuration(s, outbuf);
b6c251ab
PB		 1974 if (buflen < 0) {
1975 goto illegal_request;
1976 }
1977 break;
1978 case GET_EVENT_STATUS_NOTIFICATION:
1979 buflen = scsi_get_event_status_notification(s, r, outbuf);
1980 if (buflen < 0) {
1981 goto illegal_request;
1982 }
1983 break;
1a4f0c3a
PB		 1984 case READ_DISC_INFORMATION:
1985 buflen = scsi_read_disc_information(s, r, outbuf);
1986 if (buflen < 0) {
1987 goto illegal_request;
1988 }
1989 break;
b6c251ab
PB		 1990 case READ_DVD_STRUCTURE:
1991 buflen = scsi_read_dvd_structure(s, r, outbuf);
1992 if (buflen < 0) {
1993 goto illegal_request;
1994 }
38215553 1995 break;
f6515262 1996 case SERVICE_ACTION_IN_16:
5dd90e2a 1997 /* Service Action In subcommands. */
f6515262 1998 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
5dd90e2a
GH		 1999 DPRINTF("SAI READ CAPACITY(16)\n");
2000 memset(outbuf, 0, req->cmd.xfer);
4be74634 2001 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
f01b5931 2002 if (!nb_sectors) {
9bcaf4fe 2003 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
0369f06f 2004 return 0;
f01b5931 2005 }
7cec78b6
PB		 2006 if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) {
2007 goto illegal_request;
2008 }
69377307 2009 nb_sectors /= s->qdev.blocksize / 512;
5dd90e2a
GH		 2010 /* Returned value is the address of the last sector. */
2011 nb_sectors--;
2012 /* Remember the new size for read/write sanity checking. */
7877903a 2013 s->qdev.max_lba = nb_sectors;
5dd90e2a
GH		 2014 outbuf[0] = (nb_sectors >> 56) & 0xff;
2015 outbuf[1] = (nb_sectors >> 48) & 0xff;
2016 outbuf[2] = (nb_sectors >> 40) & 0xff;
2017 outbuf[3] = (nb_sectors >> 32) & 0xff;
2018 outbuf[4] = (nb_sectors >> 24) & 0xff;
2019 outbuf[5] = (nb_sectors >> 16) & 0xff;
2020 outbuf[6] = (nb_sectors >> 8) & 0xff;
2021 outbuf[7] = nb_sectors & 0xff;
2022 outbuf[8] = 0;
2023 outbuf[9] = 0;
69377307 2024 outbuf[10] = s->qdev.blocksize >> 8;
5dd90e2a 2025 outbuf[11] = 0;
ee3659e3
CH		 2026 outbuf[12] = 0;
2027 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
ea3bd56f
CH		 2028
2029 /* set TPE bit if the format supports discard */
2030 if (s->qdev.conf.discard_granularity) {
2031 outbuf[14] = 0x80;
2032 }
2033
5dd90e2a 2034 /* Protection, exponent and lowest lba field left blank. */
5dd90e2a
GH		 2035 break;
2036 }
2037 DPRINTF("Unsupported Service Action In\n");
2038 goto illegal_request;
101aa85f
PB		 2039 case SYNCHRONIZE_CACHE:
2040 /* The request is used as the AIO opaque value, so add a ref. */
2041 scsi_req_ref(&r->req);
4be74634 2042 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 2043 BLOCK_ACCT_FLUSH);
4be74634 2044 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
101aa85f
PB		 2045 return 0;
2046 case SEEK_10:
2047 DPRINTF("Seek(10) (sector %" PRId64 ")\n", r->req.cmd.lba);
2048 if (r->req.cmd.lba > s->qdev.max_lba) {
2049 goto illegal_lba;
2050 }
2051 break;
101aa85f
PB		 2052 case MODE_SELECT:
2053 DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
101aa85f
PB		 2054 break;
2055 case MODE_SELECT_10:
2056 DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
101aa85f 2057 break;
5222aaf2
PB		 2058 case UNMAP:
2059 DPRINTF("Unmap (len %lu)\n", (long)r->req.cmd.xfer);
2060 break;
d97e7730
PB		 2061 case VERIFY_10:
2062 case VERIFY_12:
2063 case VERIFY_16:
4525c133 2064 DPRINTF("Verify (bytchk %d)\n", (req->cmd.buf[1] >> 1) & 3);
d97e7730
PB		 2065 if (req->cmd.buf[1] & 6) {
2066 goto illegal_request;
2067 }
2068 break;
101aa85f 2069 case WRITE_SAME_10:
101aa85f 2070 case WRITE_SAME_16:
84f94a9a
PB		 2071 DPRINTF("WRITE SAME %d (len %lu)\n",
2072 req->cmd.buf[0] == WRITE_SAME_10 ? 10 : 16,
2073 (long)r->req.cmd.xfer);
2074 break;
aa5dbdc1 2075 default:
b9e77bc7
AK		 2076 DPRINTF("Unknown SCSI command (%2.2x=%s)\n", buf[0],
2077 scsi_command_name(buf[0]));
b45ef674 2078 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
b08d0ea0 2079 return 0;
aa5dbdc1 2080 }
314a3299 2081 assert(!r->req.aiocb);
c8dcb531 2082 r->iov.iov_len = MIN(r->buflen, req->cmd.xfer);
b08d0ea0
PB		 2083 if (r->iov.iov_len == 0) {
2084 scsi_req_complete(&r->req, GOOD);
2085 }
af6d510d
PB		 2086 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
2087 assert(r->iov.iov_len == req->cmd.xfer);
2088 return -r->iov.iov_len;
2089 } else {
2090 return r->iov.iov_len;
2091 }
aa5dbdc1 2092
aa5dbdc1 2093illegal_request:
cfc606da
PB		 2094 if (r->req.status == -1) {
2095 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2096 }
b08d0ea0 2097 return 0;
101aa85f
PB		 2098
2099illegal_lba:
2100 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
2101 return 0;
aa5dbdc1
GH		 2102}
2103
2e5d83bb
PB		 2104/* Execute a scsi command. Returns the length of the data expected by the
2105 command. This will be Positive for data transfers from the device
2106 (eg. disk reads), negative for transfers to the device (eg. disk writes),
2107 and zero if the command does not transfer any data. */
2108
b08d0ea0 2109static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf)
2e5d83bb 2110{
5c6c0e51
HR		 2111 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2112 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
94f8ba11 2113 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
e93176d5 2114 uint32_t len;
a917d384 2115 uint8_t command;
a917d384
PB		 2116
2117 command = buf[0];
aa5dbdc1 2118
4be74634 2119 if (s->tray_open || !blk_is_inserted(s->qdev.conf.blk)) {
b08d0ea0
PB		 2120 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
2121 return 0;
9bcaf4fe
PB		 2122 }
2123
1894df02 2124 len = scsi_data_cdb_xfer(r->req.cmd.buf);
a917d384 2125 switch (command) {
ebf46023
GH		 2126 case READ_6:
2127 case READ_10:
bd536cf3
GH		 2128 case READ_12:
2129 case READ_16:
e93176d5 2130 DPRINTF("Read (sector %" PRId64 ", count %u)\n", r->req.cmd.lba, len);
96bdbbab
RS		 2131 if (r->req.cmd.buf[1] & 0xe0) {
2132 goto illegal_request;
2133 }
444bc908 2134 if (!check_lba_range(s, r->req.cmd.lba, len)) {
274fb0e1 2135 goto illegal_lba;
f01b5931 2136 }
69377307
PB		 2137 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
2138 r->sector_count = len * (s->qdev.blocksize / 512);
2e5d83bb 2139 break;
ebf46023
GH		 2140 case WRITE_6:
2141 case WRITE_10:
bd536cf3
GH		 2142 case WRITE_12:
2143 case WRITE_16:
5e30a07d 2144 case WRITE_VERIFY_10:
ebef0bbb
BK		 2145 case WRITE_VERIFY_12:
2146 case WRITE_VERIFY_16:
4be74634 2147 if (blk_is_read_only(s->qdev.conf.blk)) {
6a8a685c
RS		 2148 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
2149 return 0;
2150 }
e93176d5 2151 DPRINTF("Write %s(sector %" PRId64 ", count %u)\n",
2dd791b6
HR		 2152 (command & 0xe) == 0xe ? "And Verify " : "",
2153 r->req.cmd.lba, len);
96bdbbab
RS		 2154 if (r->req.cmd.buf[1] & 0xe0) {
2155 goto illegal_request;
2156 }
444bc908 2157 if (!check_lba_range(s, r->req.cmd.lba, len)) {
274fb0e1 2158 goto illegal_lba;
f01b5931 2159 }
69377307
PB		 2160 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
2161 r->sector_count = len * (s->qdev.blocksize / 512);
2e5d83bb 2162 break;
101aa85f 2163 default:
b08d0ea0 2164 abort();
96bdbbab
RS		 2165 illegal_request:
2166 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2167 return 0;
274fb0e1 2168 illegal_lba:
b45ef674 2169 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
274fb0e1 2170 return 0;
2e5d83bb 2171 }
94f8ba11 2172 r->need_fua_emulation = sdc->need_fua_emulation(&r->req.cmd);
b08d0ea0 2173 if (r->sector_count == 0) {
b45ef674 2174 scsi_req_complete(&r->req, GOOD);
a917d384 2175 }
b08d0ea0 2176 assert(r->iov.iov_len == 0);
efb9ee02 2177 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
b08d0ea0 2178 return -r->sector_count * 512;
a917d384 2179 } else {
b08d0ea0 2180 return r->sector_count * 512;
2e5d83bb 2181 }
2e5d83bb
PB		 2182}
2183
e9447f35
JK		 2184static void scsi_disk_reset(DeviceState *dev)
2185{
2186 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
2187 uint64_t nb_sectors;
2188
c7b48872 2189 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
e9447f35 2190
4be74634 2191 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
69377307 2192 nb_sectors /= s->qdev.blocksize / 512;
e9447f35
JK		 2193 if (nb_sectors) {
2194 nb_sectors--;
2195 }
7877903a 2196 s->qdev.max_lba = nb_sectors;
7721c7f7
PH		 2197 /* reset tray statuses */
2198 s->tray_locked = 0;
2199 s->tray_open = 0;
e9447f35
JK		 2200}
2201
aaebacef
PB		 2202static void scsi_disk_resize_cb(void *opaque)
2203{
2204 SCSIDiskState *s = opaque;
2205
2206 /* SPC lists this sense code as available only for
2207 * direct-access devices.
2208 */
2209 if (s->qdev.type == TYPE_DISK) {
53200fad 2210 scsi_device_report_change(&s->qdev, SENSE_CODE(CAPACITY_CHANGED));
aaebacef
PB		 2211 }
2212}
2213
7d4b4ba5 2214static void scsi_cd_change_media_cb(void *opaque, bool load)
2c6942fa 2215{
8a9c16f6
PB		 2216 SCSIDiskState *s = opaque;
2217
2218 /*
2219 * When a CD gets changed, we have to report an ejected state and
2220 * then a loaded state to guests so that they detect tray
2221 * open/close and media change events. Guests that do not use
2222 * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close
2223 * states rely on this behavior.
2224 *
2225 * media_changed governs the state machine used for unit attention
2226 * report. media_event is used by GET EVENT STATUS NOTIFICATION.
2227 */
2228 s->media_changed = load;
2229 s->tray_open = !load;
e48e84ea 2230 scsi_device_set_ua(&s->qdev, SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM));
3c2f7c12 2231 s->media_event = true;
4480de19
PB		 2232 s->eject_request = false;
2233}
2234
2235static void scsi_cd_eject_request_cb(void *opaque, bool force)
2236{
2237 SCSIDiskState *s = opaque;
2238
2239 s->eject_request = true;
2240 if (force) {
2241 s->tray_locked = false;
2242 }
2c6942fa
MA		 2243}
2244
e4def80b
MA		 2245static bool scsi_cd_is_tray_open(void *opaque)
2246{
2247 return ((SCSIDiskState *)opaque)->tray_open;
2248}
2249
f107639a
MA		 2250static bool scsi_cd_is_medium_locked(void *opaque)
2251{
2252 return ((SCSIDiskState *)opaque)->tray_locked;
2253}
2254
aaebacef 2255static const BlockDevOps scsi_disk_removable_block_ops = {
2c6942fa 2256 .change_media_cb = scsi_cd_change_media_cb,
4480de19 2257 .eject_request_cb = scsi_cd_eject_request_cb,
e4def80b 2258 .is_tray_open = scsi_cd_is_tray_open,
f107639a 2259 .is_medium_locked = scsi_cd_is_medium_locked,
aaebacef
PB		 2260
2261 .resize_cb = scsi_disk_resize_cb,
2262};
2263
2264static const BlockDevOps scsi_disk_block_ops = {
2265 .resize_cb = scsi_disk_resize_cb,
f107639a
MA		 2266};
2267
8a9c16f6
PB		 2268static void scsi_disk_unit_attention_reported(SCSIDevice *dev)
2269{
2270 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2271 if (s->media_changed) {
2272 s->media_changed = false;
e48e84ea 2273 scsi_device_set_ua(&s->qdev, SENSE_CODE(MEDIUM_CHANGED));
8a9c16f6
PB		 2274 }
2275}
2276
a818a4b6 2277static void scsi_realize(SCSIDevice *dev, Error **errp)
2e5d83bb 2278{
d52affa7 2279 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
5ff5efb4 2280 Error *err = NULL;
2e5d83bb 2281
4be74634 2282 if (!s->qdev.conf.blk) {
a818a4b6
FZ		 2283 error_setg(errp, "drive property not set");
2284 return;
d52affa7
GH		 2285 }
2286
bfe3d7ac 2287 if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
4be74634 2288 !blk_is_inserted(s->qdev.conf.blk)) {
a818a4b6
FZ		 2289 error_setg(errp, "Device needs media, but drive is empty");
2290 return;
98f28ad7
MA		 2291 }
2292
911525db 2293 blkconf_serial(&s->qdev.conf, &s->serial);
0eb28a42 2294 blkconf_blocksizes(&s->qdev.conf);
5ff5efb4
FZ		 2295 if (dev->type == TYPE_DISK) {
2296 blkconf_geometry(&dev->conf, NULL, 65535, 255, 255, &err);
2297 if (err) {
a818a4b6
FZ		 2298 error_propagate(errp, err);
2299 return;
5ff5efb4 2300 }
b7eb0c9f 2301 }
a0fef654 2302
215e47b9
PB		 2303 if (s->qdev.conf.discard_granularity == -1) {
2304 s->qdev.conf.discard_granularity =
2305 MAX(s->qdev.conf.logical_block_size, DEFAULT_DISCARD_GRANULARITY);
2306 }
2307
552fee93 2308 if (!s->version) {
35c2c8dc 2309 s->version = g_strdup(qemu_hw_version());
552fee93 2310 }
353815aa
DF		 2311 if (!s->vendor) {
2312 s->vendor = g_strdup("QEMU");
2313 }
552fee93 2314
4be74634 2315 if (blk_is_sg(s->qdev.conf.blk)) {
a818a4b6
FZ		 2316 error_setg(errp, "unwanted /dev/sg*");
2317 return;
32bb404a
MA		 2318 }
2319
18e673b8
PH		 2320 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2321 !(s->features & (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS))) {
4be74634 2322 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_removable_block_ops, s);
aaebacef 2323 } else {
4be74634 2324 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_block_ops, s);
2e5d83bb 2325 }
4be74634 2326 blk_set_guest_block_size(s->qdev.conf.blk, s->qdev.blocksize);
8cfacf07 2327
4be74634 2328 blk_iostatus_enable(s->qdev.conf.blk);
d52affa7
GH		 2329}
2330
a818a4b6 2331static void scsi_hd_realize(SCSIDevice *dev, Error **errp)
b443ae67 2332{
e39be482 2333 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
df1d4c34
ET		 2334 /* can happen for devices without drive. The error message for missing
2335 * backend will be issued in scsi_realize
2336 */
2337 if (s->qdev.conf.blk) {
2338 blkconf_blocksizes(&s->qdev.conf);
2339 }
e39be482
PB		 2340 s->qdev.blocksize = s->qdev.conf.logical_block_size;
2341 s->qdev.type = TYPE_DISK;
353815aa
DF		 2342 if (!s->product) {
2343 s->product = g_strdup("QEMU HARDDISK");
2344 }
a818a4b6 2345 scsi_realize(&s->qdev, errp);
b443ae67
MA		 2346}
2347
a818a4b6 2348static void scsi_cd_realize(SCSIDevice *dev, Error **errp)
b443ae67 2349{
e39be482
PB		 2350 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2351 s->qdev.blocksize = 2048;
2352 s->qdev.type = TYPE_ROM;
bfe3d7ac 2353 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
353815aa
DF		 2354 if (!s->product) {
2355 s->product = g_strdup("QEMU CD-ROM");
2356 }
a818a4b6 2357 scsi_realize(&s->qdev, errp);
b443ae67
MA		 2358}
2359
a818a4b6 2360static void scsi_disk_realize(SCSIDevice *dev, Error **errp)
b443ae67 2361{
95b5edcd 2362 DriveInfo *dinfo;
a818a4b6 2363 Error *local_err = NULL;
b443ae67 2364
4be74634 2365 if (!dev->conf.blk) {
a818a4b6
FZ		 2366 scsi_realize(dev, &local_err);
2367 assert(local_err);
2368 error_propagate(errp, local_err);
2369 return;
b443ae67
MA		 2370 }
2371
4be74634 2372 dinfo = blk_legacy_dinfo(dev->conf.blk);
26f8b3a8 2373 if (dinfo && dinfo->media_cd) {
a818a4b6 2374 scsi_cd_realize(dev, errp);
e39be482 2375 } else {
a818a4b6 2376 scsi_hd_realize(dev, errp);
e39be482 2377 }
b443ae67
MA		 2378}
2379
b08d0ea0 2380static const SCSIReqOps scsi_disk_emulate_reqops = {
8dbd4574 2381 .size = sizeof(SCSIDiskReq),
12010e7b 2382 .free_req = scsi_free_request,
b08d0ea0 2383 .send_command = scsi_disk_emulate_command,
314a3299
PB		 2384 .read_data = scsi_disk_emulate_read_data,
2385 .write_data = scsi_disk_emulate_write_data,
b08d0ea0
PB		 2386 .get_buf = scsi_get_buf,
2387};
2388
2389static const SCSIReqOps scsi_disk_dma_reqops = {
2390 .size = sizeof(SCSIDiskReq),
2391 .free_req = scsi_free_request,
2392 .send_command = scsi_disk_dma_command,
12010e7b
PB		 2393 .read_data = scsi_read_data,
2394 .write_data = scsi_write_data,
12010e7b 2395 .get_buf = scsi_get_buf,
43b978b9
PB		 2396 .load_request = scsi_disk_load_request,
2397 .save_request = scsi_disk_save_request,
8dbd4574
PB		 2398};
2399
b08d0ea0
PB		 2400static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = {
2401 [TEST_UNIT_READY] = &scsi_disk_emulate_reqops,
2402 [INQUIRY] = &scsi_disk_emulate_reqops,
2403 [MODE_SENSE] = &scsi_disk_emulate_reqops,
2404 [MODE_SENSE_10] = &scsi_disk_emulate_reqops,
2405 [START_STOP] = &scsi_disk_emulate_reqops,
2406 [ALLOW_MEDIUM_REMOVAL] = &scsi_disk_emulate_reqops,
2407 [READ_CAPACITY_10] = &scsi_disk_emulate_reqops,
2408 [READ_TOC] = &scsi_disk_emulate_reqops,
2409 [READ_DVD_STRUCTURE] = &scsi_disk_emulate_reqops,
2410 [READ_DISC_INFORMATION] = &scsi_disk_emulate_reqops,
2411 [GET_CONFIGURATION] = &scsi_disk_emulate_reqops,
2412 [GET_EVENT_STATUS_NOTIFICATION] = &scsi_disk_emulate_reqops,
2413 [MECHANISM_STATUS] = &scsi_disk_emulate_reqops,
2414 [SERVICE_ACTION_IN_16] = &scsi_disk_emulate_reqops,
2415 [REQUEST_SENSE] = &scsi_disk_emulate_reqops,
2416 [SYNCHRONIZE_CACHE] = &scsi_disk_emulate_reqops,
2417 [SEEK_10] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2418 [MODE_SELECT] = &scsi_disk_emulate_reqops,
2419 [MODE_SELECT_10] = &scsi_disk_emulate_reqops,
5222aaf2 2420 [UNMAP] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2421 [WRITE_SAME_10] = &scsi_disk_emulate_reqops,
2422 [WRITE_SAME_16] = &scsi_disk_emulate_reqops,
d97e7730
PB		 2423 [VERIFY_10] = &scsi_disk_emulate_reqops,
2424 [VERIFY_12] = &scsi_disk_emulate_reqops,
2425 [VERIFY_16] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2426
2427 [READ_6] = &scsi_disk_dma_reqops,
2428 [READ_10] = &scsi_disk_dma_reqops,
2429 [READ_12] = &scsi_disk_dma_reqops,
2430 [READ_16] = &scsi_disk_dma_reqops,
b08d0ea0
PB		 2431 [WRITE_6] = &scsi_disk_dma_reqops,
2432 [WRITE_10] = &scsi_disk_dma_reqops,
2433 [WRITE_12] = &scsi_disk_dma_reqops,
2434 [WRITE_16] = &scsi_disk_dma_reqops,
2435 [WRITE_VERIFY_10] = &scsi_disk_dma_reqops,
2436 [WRITE_VERIFY_12] = &scsi_disk_dma_reqops,
2437 [WRITE_VERIFY_16] = &scsi_disk_dma_reqops,
2438};
2439
63db0f0e
PB		 2440static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
2441 uint8_t *buf, void *hba_private)
8dbd4574
PB		 2442{
2443 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2444 SCSIRequest *req;
b08d0ea0
PB		 2445 const SCSIReqOps *ops;
2446 uint8_t command;
8dbd4574 2447
79fb50bb
PB		 2448 command = buf[0];
2449 ops = scsi_disk_reqops_dispatch[command];
2450 if (!ops) {
2451 ops = &scsi_disk_emulate_reqops;
2452 }
2453 req = scsi_req_alloc(ops, &s->qdev, tag, lun, hba_private);
2454
b08d0ea0 2455#ifdef DEBUG_SCSI
79fb50bb 2456 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
b08d0ea0
PB		 2457 {
2458 int i;
1894df02 2459 for (i = 1; i < scsi_cdb_length(buf); i++) {
b08d0ea0
PB		 2460 printf(" 0x%02x", buf[i]);
2461 }
2462 printf("\n");
2463 }
2464#endif
2465
8dbd4574
PB		 2466 return req;
2467}
2468
336a6915
PB		 2469#ifdef __linux__
2470static int get_device_type(SCSIDiskState *s)
2471{
336a6915
PB		 2472 uint8_t cmd[16];
2473 uint8_t buf[36];
2474 uint8_t sensebuf[8];
2475 sg_io_hdr_t io_header;
2476 int ret;
2477
2478 memset(cmd, 0, sizeof(cmd));
2479 memset(buf, 0, sizeof(buf));
2480 cmd[0] = INQUIRY;
2481 cmd[4] = sizeof(buf);
2482
2483 memset(&io_header, 0, sizeof(io_header));
2484 io_header.interface_id = 'S';
2485 io_header.dxfer_direction = SG_DXFER_FROM_DEV;
2486 io_header.dxfer_len = sizeof(buf);
2487 io_header.dxferp = buf;
2488 io_header.cmdp = cmd;
2489 io_header.cmd_len = sizeof(cmd);
2490 io_header.mx_sb_len = sizeof(sensebuf);
2491 io_header.sbp = sensebuf;
2492 io_header.timeout = 6000; /* XXX */
2493
4be74634 2494 ret = blk_ioctl(s->qdev.conf.blk, SG_IO, &io_header);
336a6915
PB		 2495 if (ret < 0 || io_header.driver_status || io_header.host_status) {
2496 return -1;
2497 }
2498 s->qdev.type = buf[0];
bfe3d7ac
PB		 2499 if (buf[1] & 0x80) {
2500 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2501 }
336a6915
PB		 2502 return 0;
2503}
2504
a818a4b6 2505static void scsi_block_realize(SCSIDevice *dev, Error **errp)
336a6915
PB		 2506{
2507 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2508 int sg_version;
2509 int rc;
2510
4be74634 2511 if (!s->qdev.conf.blk) {
a818a4b6
FZ		 2512 error_setg(errp, "drive property not set");
2513 return;
336a6915
PB		 2514 }
2515
2516 /* check we are using a driver managing SG_IO (version 3 and after) */
4be74634 2517 rc = blk_ioctl(s->qdev.conf.blk, SG_GET_VERSION_NUM, &sg_version);
4bbeb8b1 2518 if (rc < 0) {
a818a4b6 2519 error_setg(errp, "cannot get SG_IO version number: %s. "
6ee143a0 2520 "Is this a SCSI device?",
4bbeb8b1 2521 strerror(-rc));
a818a4b6 2522 return;
4bbeb8b1
FZ		 2523 }
2524 if (sg_version < 30000) {
a818a4b6
FZ		 2525 error_setg(errp, "scsi generic interface too old");
2526 return;
336a6915
PB		 2527 }
2528
2529 /* get device type from INQUIRY data */
2530 rc = get_device_type(s);
2531 if (rc < 0) {
a818a4b6
FZ		 2532 error_setg(errp, "INQUIRY failed");
2533 return;
336a6915
PB		 2534 }
2535
2536 /* Make a guess for the block size, we'll fix it when the guest sends.
2537 * READ CAPACITY. If they don't, they likely would assume these sizes
2538 * anyway. (TODO: check in /sys).
2539 */
2540 if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) {
2541 s->qdev.blocksize = 2048;
2542 } else {
2543 s->qdev.blocksize = 512;
2544 }
18e673b8
PH		 2545
2546 /* Makes the scsi-block device not removable by using HMP and QMP eject
2547 * command.
2548 */
2549 s->features |= (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS);
2550
a818a4b6 2551 scsi_realize(&s->qdev, errp);
9fd7e859 2552 scsi_generic_read_device_identification(&s->qdev);
336a6915
PB		 2553}
2554
592c3b28 2555static bool scsi_block_is_passthrough(SCSIDiskState *s, uint8_t *buf)
336a6915 2556{
336a6915
PB		 2557 switch (buf[0]) {
2558 case READ_6:
2559 case READ_10:
2560 case READ_12:
2561 case READ_16:
7f64f8e2
PB		 2562 case VERIFY_10:
2563 case VERIFY_12:
2564 case VERIFY_16:
336a6915
PB		 2565 case WRITE_6:
2566 case WRITE_10:
2567 case WRITE_12:
2568 case WRITE_16:
2569 case WRITE_VERIFY_10:
2570 case WRITE_VERIFY_12:
2571 case WRITE_VERIFY_16:
eaccf49e 2572 /* If we are not using O_DIRECT, we might read stale data from the
592c3b28
PB		 2573 * host cache if writes were made using other commands than these
2574 * ones (such as WRITE SAME or EXTENDED COPY, etc.). So, without
2575 * O_DIRECT everything must go through SG_IO.
eaccf49e 2576 */
4be74634 2577 if (!(blk_get_flags(s->qdev.conf.blk) & BDRV_O_NOCACHE)) {
eaccf49e
PB		 2578 break;
2579 }
2580
33ebad12
PB		 2581 /* MMC writing cannot be done via pread/pwrite, because it sometimes
2582 * involves writing beyond the maximum LBA or to negative LBA (lead-in).
2583 * And once you do these writes, reading from the block device is
2584 * unreliable, too. It is even possible that reads deliver random data
2585 * from the host page cache (this is probably a Linux bug).
2586 *
b08d0ea0 2587 * We might use scsi_disk_dma_reqops as long as no writing commands are
33ebad12
PB		 2588 * seen, but performance usually isn't paramount on optical media. So,
2589 * just make scsi-block operate the same as scsi-generic for them.
2590 */
b08d0ea0 2591 if (s->qdev.type != TYPE_ROM) {
592c3b28 2592 return false;
b08d0ea0 2593 }
592c3b28
PB		 2594 break;
2595
2596 default:
2597 break;
336a6915
PB		 2598 }
2599
592c3b28
PB		 2600 return true;
2601}
2602
2603
2604static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag,
2605 uint32_t lun, uint8_t *buf,
2606 void *hba_private)
2607{
2608 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2609
2610 if (scsi_block_is_passthrough(s, buf)) {
2611 return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun,
2612 hba_private);
2613 } else {
2614 return scsi_req_alloc(&scsi_disk_dma_reqops, &s->qdev, tag, lun,
2615 hba_private);
2616 }
336a6915 2617}
3e7e180a
PB		 2618
2619static int scsi_block_parse_cdb(SCSIDevice *d, SCSICommand *cmd,
2620 uint8_t *buf, void *hba_private)
2621{
2622 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2623
2624 if (scsi_block_is_passthrough(s, buf)) {
2625 return scsi_bus_parse_cdb(&s->qdev, cmd, buf, hba_private);
2626 } else {
2627 return scsi_req_parse_cdb(&s->qdev, cmd, buf);
2628 }
2629}
2630
336a6915
PB		 2631#endif
2632
fcaafb10
PB		 2633static
2634BlockAIOCB *scsi_dma_readv(int64_t offset, QEMUIOVector *iov,
2635 BlockCompletionFunc *cb, void *cb_opaque,
2636 void *opaque)
2637{
2638 SCSIDiskReq *r = opaque;
2639 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2640 return blk_aio_preadv(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2641}
2642
2643static
2644BlockAIOCB *scsi_dma_writev(int64_t offset, QEMUIOVector *iov,
2645 BlockCompletionFunc *cb, void *cb_opaque,
2646 void *opaque)
2647{
2648 SCSIDiskReq *r = opaque;
2649 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2650 return blk_aio_pwritev(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2651}
2652
993935f3
PB		 2653static void scsi_disk_base_class_initfn(ObjectClass *klass, void *data)
2654{
2655 DeviceClass *dc = DEVICE_CLASS(klass);
fcaafb10 2656 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
993935f3
PB		 2657
2658 dc->fw_name = "disk";
2659 dc->reset = scsi_disk_reset;
fcaafb10
PB		 2660 sdc->dma_readv = scsi_dma_readv;
2661 sdc->dma_writev = scsi_dma_writev;
94f8ba11 2662 sdc->need_fua_emulation = scsi_is_cmd_fua;
993935f3
PB		 2663}
2664
2665static const TypeInfo scsi_disk_base_info = {
2666 .name = TYPE_SCSI_DISK_BASE,
2667 .parent = TYPE_SCSI_DEVICE,
2668 .class_init = scsi_disk_base_class_initfn,
2669 .instance_size = sizeof(SCSIDiskState),
fcaafb10 2670 .class_size = sizeof(SCSIDiskClass),
993935f3
PB		 2671};
2672
353815aa
DF		 2673#define DEFINE_SCSI_DISK_PROPERTIES() \
2674 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \
2675 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
2676 DEFINE_PROP_STRING("serial", SCSIDiskState, serial), \
2677 DEFINE_PROP_STRING("vendor", SCSIDiskState, vendor), \
2678 DEFINE_PROP_STRING("product", SCSIDiskState, product)
b443ae67 2679
39bffca2
AL		 2680static Property scsi_hd_properties[] = {
2681 DEFINE_SCSI_DISK_PROPERTIES(),
bfe3d7ac
PB		 2682 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2683 SCSI_DISK_F_REMOVABLE, false),
da8365db
PB		 2684 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2685 SCSI_DISK_F_DPOFUA, false),
2ecab408
PB		 2686 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
2687 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
64cc2284 2688 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
8a1bd297
PB		 2689 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
2690 DEFAULT_MAX_UNMAP_SIZE),
f8e1f533
PB		 2691 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
2692 DEFAULT_MAX_IO_SIZE),
d252df48 2693 DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState, qdev.conf),
39bffca2
AL		 2694 DEFINE_PROP_END_OF_LIST(),
2695};
2696
43b978b9
PB		 2697static const VMStateDescription vmstate_scsi_disk_state = {
2698 .name = "scsi-disk",
2699 .version_id = 1,
2700 .minimum_version_id = 1,
43b978b9
PB		 2701 .fields = (VMStateField[]) {
2702 VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState),
2703 VMSTATE_BOOL(media_changed, SCSIDiskState),
2704 VMSTATE_BOOL(media_event, SCSIDiskState),
2705 VMSTATE_BOOL(eject_request, SCSIDiskState),
2706 VMSTATE_BOOL(tray_open, SCSIDiskState),
2707 VMSTATE_BOOL(tray_locked, SCSIDiskState),
2708 VMSTATE_END_OF_LIST()
2709 }
2710};
2711
b9eea3e6
AL		 2712static void scsi_hd_class_initfn(ObjectClass *klass, void *data)
2713{
39bffca2 2714 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 2715 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2716
a818a4b6 2717 sc->realize = scsi_hd_realize;
b9eea3e6
AL		 2718 sc->alloc_req = scsi_new_request;
2719 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2 2720 dc->desc = "virtual SCSI disk";
39bffca2 2721 dc->props = scsi_hd_properties;
43b978b9 2722 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 2723}
2724
8c43a6f0 2725static const TypeInfo scsi_hd_info = {
39bffca2 2726 .name = "scsi-hd",
993935f3 2727 .parent = TYPE_SCSI_DISK_BASE,
39bffca2
AL		 2728 .class_init = scsi_hd_class_initfn,
2729};
2730
2731static Property scsi_cd_properties[] = {
2732 DEFINE_SCSI_DISK_PROPERTIES(),
2ecab408
PB		 2733 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
2734 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
64cc2284 2735 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
f8e1f533
PB		 2736 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
2737 DEFAULT_MAX_IO_SIZE),
39bffca2 2738 DEFINE_PROP_END_OF_LIST(),
b9eea3e6
AL		 2739};
2740
2741static void scsi_cd_class_initfn(ObjectClass *klass, void *data)
2742{
39bffca2 2743 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 2744 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2745
a818a4b6 2746 sc->realize = scsi_cd_realize;
b9eea3e6
AL		 2747 sc->alloc_req = scsi_new_request;
2748 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2 2749 dc->desc = "virtual SCSI CD-ROM";
39bffca2 2750 dc->props = scsi_cd_properties;
43b978b9 2751 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 2752}
2753
8c43a6f0 2754static const TypeInfo scsi_cd_info = {
39bffca2 2755 .name = "scsi-cd",
993935f3 2756 .parent = TYPE_SCSI_DISK_BASE,
39bffca2 2757 .class_init = scsi_cd_class_initfn,
b9eea3e6
AL		 2758};
2759
336a6915 2760#ifdef __linux__
39bffca2 2761static Property scsi_block_properties[] = {
4be74634 2762 DEFINE_PROP_DRIVE("drive", SCSIDiskState, qdev.conf.blk),
39bffca2
AL		 2763 DEFINE_PROP_END_OF_LIST(),
2764};
2765
b9eea3e6
AL		 2766static void scsi_block_class_initfn(ObjectClass *klass, void *data)
2767{
39bffca2 2768 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 2769 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2770
a818a4b6 2771 sc->realize = scsi_block_realize;
b9eea3e6 2772 sc->alloc_req = scsi_block_new_request;
3e7e180a 2773 sc->parse_cdb = scsi_block_parse_cdb;
39bffca2 2774 dc->desc = "SCSI block device passthrough";
39bffca2 2775 dc->props = scsi_block_properties;
43b978b9 2776 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 2777}
2778
8c43a6f0 2779static const TypeInfo scsi_block_info = {
39bffca2 2780 .name = "scsi-block",
993935f3 2781 .parent = TYPE_SCSI_DISK_BASE,
39bffca2 2782 .class_init = scsi_block_class_initfn,
b9eea3e6 2783};
336a6915 2784#endif
b9eea3e6 2785
39bffca2
AL		 2786static Property scsi_disk_properties[] = {
2787 DEFINE_SCSI_DISK_PROPERTIES(),
bfe3d7ac
PB		 2788 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2789 SCSI_DISK_F_REMOVABLE, false),
da8365db
PB		 2790 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2791 SCSI_DISK_F_DPOFUA, false),
2ecab408
PB		 2792 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
2793 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
64cc2284 2794 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
8a1bd297
PB		 2795 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
2796 DEFAULT_MAX_UNMAP_SIZE),
f8e1f533
PB		 2797 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
2798 DEFAULT_MAX_IO_SIZE),
39bffca2
AL		 2799 DEFINE_PROP_END_OF_LIST(),
2800};
2801
b9eea3e6
AL		 2802static void scsi_disk_class_initfn(ObjectClass *klass, void *data)
2803{
39bffca2 2804 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 2805 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2806
a818a4b6 2807 sc->realize = scsi_disk_realize;
b9eea3e6
AL		 2808 sc->alloc_req = scsi_new_request;
2809 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2
AL		 2810 dc->fw_name = "disk";
2811 dc->desc = "virtual SCSI disk or CD-ROM (legacy)";
2812 dc->reset = scsi_disk_reset;
2813 dc->props = scsi_disk_properties;
43b978b9 2814 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 2815}
2816
8c43a6f0 2817static const TypeInfo scsi_disk_info = {
39bffca2 2818 .name = "scsi-disk",
993935f3 2819 .parent = TYPE_SCSI_DISK_BASE,
39bffca2 2820 .class_init = scsi_disk_class_initfn,
d52affa7
GH		 2821};
2822
83f7d43a 2823static void scsi_disk_register_types(void)
d52affa7 2824{
993935f3 2825 type_register_static(&scsi_disk_base_info);
39bffca2
AL		 2826 type_register_static(&scsi_hd_info);
2827 type_register_static(&scsi_cd_info);
b9eea3e6 2828#ifdef __linux__
39bffca2 2829 type_register_static(&scsi_block_info);
b9eea3e6 2830#endif
39bffca2 2831 type_register_static(&scsi_disk_info);
8ccc2ace 2832}
83f7d43a
AF		 2833
2834type_init(scsi_disk_register_types)
Empty description
This page took 1.412162 seconds and 4 git commands to generate.