]> Git Repo - qemu.git/blame - hw/scsi-disk.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
scsi-disk: Track tray locked state
[qemu.git] / hw / scsi-disk.c
CommitLineData
2e5d83bb
PB		 1/*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
ad3cea42
AT		 8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
2e5d83bb 14 *
8e31bf38 15 * This code is licensed under the LGPL.
a917d384
PB		 16 *
17 * Note that this file only handles the SCSI architecture model and device
1d4db89c
AZ		 18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
2e5d83bb
PB		 20 */
21
22//#define DEBUG_SCSI
23
24#ifdef DEBUG_SCSI
001faf32
BS		 25#define DPRINTF(fmt, ...) \
26do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
2e5d83bb 27#else
001faf32 28#define DPRINTF(fmt, ...) do {} while(0)
2e5d83bb
PB		 29#endif
30
001faf32
BS		 31#define BADF(fmt, ...) \
32do { fprintf(stderr, "scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
2e5d83bb 33
87ecb68b 34#include "qemu-common.h"
2f792016 35#include "qemu-error.h"
43b443b6 36#include "scsi.h"
0d65e1f8 37#include "scsi-defs.h"
666daa68 38#include "sysemu.h"
2446333c 39#include "blockdev.h"
22864256 40
f0f72ffe 41#define SCSI_DMA_BUF_SIZE 131072
57575058 42#define SCSI_MAX_INQUIRY_LEN 256
a917d384 43
5dba48a8
KW		 44#define SCSI_REQ_STATUS_RETRY 0x01
45#define SCSI_REQ_STATUS_RETRY_TYPE_MASK 0x06
46#define SCSI_REQ_STATUS_RETRY_READ 0x00
47#define SCSI_REQ_STATUS_RETRY_WRITE 0x02
78ced65e 48#define SCSI_REQ_STATUS_RETRY_FLUSH 0x04
ea8a5d7f 49
d52affa7
GH		 50typedef struct SCSIDiskState SCSIDiskState;
51
4c41d2ef
GH		 52typedef struct SCSIDiskReq {
53 SCSIRequest req;
a917d384 54 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
e035b43d
AL		 55 uint64_t sector;
56 uint32_t sector_count;
c87c0672
AL		 57 struct iovec iov;
58 QEMUIOVector qiov;
ea8a5d7f 59 uint32_t status;
a597e79c 60 BlockAcctCookie acct;
4c41d2ef 61} SCSIDiskReq;
a917d384 62
d52affa7 63struct SCSIDiskState
a917d384 64{
d52affa7 65 SCSIDevice qdev;
428c149b 66 BlockDriverState *bs;
a917d384
PB		 67 /* The qemu block layer uses a fixed 512 byte sector size.
68 This is the number of 512 byte blocks in a single scsi sector. */
69 int cluster_size;
419e691f 70 uint32_t removable;
274fb0e1 71 uint64_t max_lba;
213189ab 72 QEMUBH *bh;
383b4d9b 73 char *version;
a0fef654 74 char *serial;
ece0d5e9 75 bool tray_open;
81b1008d 76 bool tray_locked;
2e5d83bb
PB		 77};
78
5dba48a8 79static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type);
78ced65e 80static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf);
5dba48a8 81
ad2d30f7 82static void scsi_free_request(SCSIRequest *req)
4d611c9a 83{
ad2d30f7
PB		 84 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
85
f8a83245 86 qemu_vfree(r->iov.iov_base);
4d611c9a
PB		 87}
88
b45ef674
PB		 89/* Helper function for command completion with sense. */
90static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
ed3a34a3 91{
02fa69b6
BS		 92 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n",
93 r->req.tag, sense.key, sense.asc, sense.ascq);
b45ef674
PB		 94 scsi_req_build_sense(&r->req, sense);
95 scsi_req_complete(&r->req, CHECK_CONDITION);
4d611c9a
PB		 96}
97
98/* Cancel a pending data transfer. */
5c6c0e51 99static void scsi_cancel_io(SCSIRequest *req)
4d611c9a 100{
5c6c0e51
HR		 101 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
102
103 DPRINTF("Cancel tag=0x%x\n", req->tag);
104 if (r->req.aiocb) {
105 bdrv_aio_cancel(r->req.aiocb);
a917d384 106 }
5c6c0e51 107 r->req.aiocb = NULL;
a917d384
PB		 108}
109
110static void scsi_read_complete(void * opaque, int ret)
111{
4c41d2ef 112 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
a597e79c 113 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
5dba48a8 114 int n;
a917d384 115
8e321cc6
PB		 116 if (r->req.aiocb != NULL) {
117 r->req.aiocb = NULL;
118 bdrv_acct_done(s->bs, &r->acct);
119 }
a597e79c 120
a917d384 121 if (ret) {
5dba48a8
KW		 122 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_READ)) {
123 return;
124 }
4d611c9a 125 }
5dba48a8 126
aa2b1e89 127 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->iov.iov_len);
a917d384 128
5dba48a8
KW		 129 n = r->iov.iov_len / 512;
130 r->sector += n;
131 r->sector_count -= n;
ab9adc88 132 scsi_req_data(&r->req, r->iov.iov_len);
4d611c9a
PB		 133}
134
0a4ac106
PB		 135static void scsi_flush_complete(void * opaque, int ret)
136{
137 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
138 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
139
140 if (r->req.aiocb != NULL) {
141 r->req.aiocb = NULL;
142 bdrv_acct_done(s->bs, &r->acct);
143 }
144
145 if (ret < 0) {
146 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_FLUSH)) {
147 return;
148 }
149 }
150
151 scsi_req_complete(&r->req, GOOD);
152}
5dba48a8 153
5c6c0e51
HR		 154/* Read more data from scsi device into buffer. */
155static void scsi_read_data(SCSIRequest *req)
2e5d83bb 156{
5c6c0e51 157 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
5dba48a8 158 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2e5d83bb
PB		 159 uint32_t n;
160
a917d384 161 if (r->sector_count == (uint32_t)-1) {
aa2b1e89 162 DPRINTF("Read buf_len=%zd\n", r->iov.iov_len);
a917d384 163 r->sector_count = 0;
ab9adc88 164 scsi_req_data(&r->req, r->iov.iov_len);
a917d384 165 return;
2e5d83bb 166 }
a917d384
PB		 167 DPRINTF("Read sector_count=%d\n", r->sector_count);
168 if (r->sector_count == 0) {
b45ef674
PB		 169 /* This also clears the sense buffer for REQUEST SENSE. */
170 scsi_req_complete(&r->req, GOOD);
a917d384 171 return;
2e5d83bb
PB		 172 }
173
6fa2c95f
SH		 174 /* No data transfer may already be in progress */
175 assert(r->req.aiocb == NULL);
176
efb9ee02
HR		 177 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
178 DPRINTF("Data transfer direction invalid\n");
179 scsi_read_complete(r, -EINVAL);
180 return;
181 }
182
a917d384
PB		 183 n = r->sector_count;
184 if (n > SCSI_DMA_BUF_SIZE / 512)
185 n = SCSI_DMA_BUF_SIZE / 512;
186
a1aff5bf
MA		 187 if (s->tray_open) {
188 scsi_read_complete(r, -ENOMEDIUM);
189 }
c87c0672
AL		 190 r->iov.iov_len = n * 512;
191 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
a597e79c
CH		 192
193 bdrv_acct_start(s->bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
428c149b 194 r->req.aiocb = bdrv_aio_readv(s->bs, r->sector, &r->qiov, n,
c87c0672 195 scsi_read_complete, r);
d33ea50a
KW		 196 if (r->req.aiocb == NULL) {
197 scsi_read_complete(r, -EIO);
198 }
2e5d83bb
PB		 199}
200
5dba48a8
KW		 201static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type)
202{
203 int is_read = (type == SCSI_REQ_STATUS_RETRY_READ);
4c41d2ef 204 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
5dba48a8 205 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
ea8a5d7f 206
380f640f 207 if (action == BLOCK_ERR_IGNORE) {
5dba48a8 208 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
ea8a5d7f 209 return 0;
380f640f 210 }
ea8a5d7f
AL		 211
212 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
213 || action == BLOCK_ERR_STOP_ANY) {
5dba48a8
KW		 214
215 type &= SCSI_REQ_STATUS_RETRY_TYPE_MASK;
216 r->status |= SCSI_REQ_STATUS_RETRY | type;
217
218 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
e07bbac5 219 vm_stop(VMSTOP_DISKFULL);
ea8a5d7f 220 } else {
efb9ee02
HR		 221 switch (error) {
222 case ENOMEM:
b45ef674 223 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
efb9ee02
HR		 224 break;
225 case EINVAL:
b45ef674 226 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
efb9ee02
HR		 227 break;
228 default:
b45ef674 229 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
efb9ee02 230 break;
a1f0cce2 231 }
5dba48a8 232 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
ea8a5d7f 233 }
ea8a5d7f
AL		 234 return 1;
235}
236
4d611c9a
PB		 237static void scsi_write_complete(void * opaque, int ret)
238{
4c41d2ef 239 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
a597e79c 240 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
a917d384 241 uint32_t len;
ea8a5d7f
AL		 242 uint32_t n;
243
8e321cc6
PB		 244 if (r->req.aiocb != NULL) {
245 r->req.aiocb = NULL;
246 bdrv_acct_done(s->bs, &r->acct);
247 }
a597e79c 248
4d611c9a 249 if (ret) {
5dba48a8 250 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_WRITE)) {
ea8a5d7f 251 return;
5dba48a8 252 }
4d611c9a
PB		 253 }
254
c87c0672 255 n = r->iov.iov_len / 512;
ea8a5d7f
AL		 256 r->sector += n;
257 r->sector_count -= n;
a917d384 258 if (r->sector_count == 0) {
b45ef674 259 scsi_req_complete(&r->req, GOOD);
a917d384
PB		 260 } else {
261 len = r->sector_count * 512;
262 if (len > SCSI_DMA_BUF_SIZE) {
263 len = SCSI_DMA_BUF_SIZE;
264 }
c87c0672 265 r->iov.iov_len = len;
4c41d2ef 266 DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, len);
ab9adc88 267 scsi_req_data(&r->req, len);
4d611c9a 268 }
4d611c9a
PB		 269}
270
42741212 271static void scsi_write_data(SCSIRequest *req)
ea8a5d7f 272{
5c6c0e51 273 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
4c41d2ef 274 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ea8a5d7f
AL		 275 uint32_t n;
276
6fa2c95f
SH		 277 /* No data transfer may already be in progress */
278 assert(r->req.aiocb == NULL);
279
efb9ee02
HR		 280 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
281 DPRINTF("Data transfer direction invalid\n");
282 scsi_write_complete(r, -EINVAL);
42741212 283 return;
efb9ee02
HR		 284 }
285
c87c0672 286 n = r->iov.iov_len / 512;
ea8a5d7f 287 if (n) {
a1aff5bf
MA		 288 if (s->tray_open) {
289 scsi_write_complete(r, -ENOMEDIUM);
290 }
c87c0672 291 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
a597e79c
CH		 292
293 bdrv_acct_start(s->bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_WRITE);
428c149b 294 r->req.aiocb = bdrv_aio_writev(s->bs, r->sector, &r->qiov, n,
c87c0672 295 scsi_write_complete, r);
d33ea50a 296 if (r->req.aiocb == NULL) {
a1f0cce2 297 scsi_write_complete(r, -ENOMEM);
d33ea50a 298 }
ea8a5d7f
AL		 299 } else {
300 /* Invoke completion routine to fetch data from host. */
301 scsi_write_complete(r, 0);
302 }
a917d384 303}
2e5d83bb 304
213189ab 305static void scsi_dma_restart_bh(void *opaque)
ea8a5d7f 306{
d52affa7 307 SCSIDiskState *s = opaque;
9af99d98
GH		 308 SCSIRequest *req;
309 SCSIDiskReq *r;
213189ab
MA		 310
311 qemu_bh_delete(s->bh);
312 s->bh = NULL;
ea8a5d7f 313
9af99d98
GH		 314 QTAILQ_FOREACH(req, &s->qdev.requests, next) {
315 r = DO_UPCAST(SCSIDiskReq, req, req);
ea8a5d7f 316 if (r->status & SCSI_REQ_STATUS_RETRY) {
5dba48a8 317 int status = r->status;
78ced65e
KW		 318 int ret;
319
5dba48a8
KW		 320 r->status &=
321 ~(SCSI_REQ_STATUS_RETRY | SCSI_REQ_STATUS_RETRY_TYPE_MASK);
322
323 switch (status & SCSI_REQ_STATUS_RETRY_TYPE_MASK) {
324 case SCSI_REQ_STATUS_RETRY_READ:
5c6c0e51 325 scsi_read_data(&r->req);
5dba48a8
KW		 326 break;
327 case SCSI_REQ_STATUS_RETRY_WRITE:
5c6c0e51 328 scsi_write_data(&r->req);
5dba48a8 329 break;
78ced65e
KW		 330 case SCSI_REQ_STATUS_RETRY_FLUSH:
331 ret = scsi_disk_emulate_command(r, r->iov.iov_base);
332 if (ret == 0) {
b45ef674 333 scsi_req_complete(&r->req, GOOD);
78ced65e 334 }
5dba48a8 335 }
ea8a5d7f 336 }
ea8a5d7f
AL		 337 }
338}
339
213189ab
MA		 340static void scsi_dma_restart_cb(void *opaque, int running, int reason)
341{
d52affa7 342 SCSIDiskState *s = opaque;
213189ab
MA		 343
344 if (!running)
345 return;
346
347 if (!s->bh) {
348 s->bh = qemu_bh_new(scsi_dma_restart_bh, s);
349 qemu_bh_schedule(s->bh);
350 }
351}
352
a917d384 353/* Return a pointer to the data buffer. */
5c6c0e51 354static uint8_t *scsi_get_buf(SCSIRequest *req)
a917d384 355{
5c6c0e51 356 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2e5d83bb 357
3f4cb3d3 358 return (uint8_t *)r->iov.iov_base;
2e5d83bb
PB		 359}
360
0b06c059
GH		 361static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
362{
383b4d9b 363 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
0b06c059
GH		 364 int buflen = 0;
365
366 if (req->cmd.buf[1] & 0x2) {
367 /* Command support data - optional, not implemented */
368 BADF("optional INQUIRY command support request not implemented\n");
369 return -1;
370 }
371
372 if (req->cmd.buf[1] & 0x1) {
373 /* Vital product data */
374 uint8_t page_code = req->cmd.buf[2];
375 if (req->cmd.xfer < 4) {
376 BADF("Error: Inquiry (EVPD[%02X]) buffer size %zd is "
377 "less than 4\n", page_code, req->cmd.xfer);
378 return -1;
379 }
380
f37bd73b 381 if (s->qdev.type == TYPE_ROM) {
0b06c059
GH		 382 outbuf[buflen++] = 5;
383 } else {
384 outbuf[buflen++] = 0;
385 }
386 outbuf[buflen++] = page_code ; // this page
387 outbuf[buflen++] = 0x00;
388
389 switch (page_code) {
390 case 0x00: /* Supported page codes, mandatory */
39d98982
HR		 391 {
392 int pages;
0b06c059
GH		 393 DPRINTF("Inquiry EVPD[Supported pages] "
394 "buffer size %zd\n", req->cmd.xfer);
39d98982 395 pages = buflen++;
0b06c059 396 outbuf[buflen++] = 0x00; // list of supported pages (this page)
3e1c0c9a
HR		 397 if (s->serial)
398 outbuf[buflen++] = 0x80; // unit serial number
0b06c059 399 outbuf[buflen++] = 0x83; // device identification
f37bd73b 400 if (s->qdev.type == TYPE_DISK) {
ea3bd56f
CH		 401 outbuf[buflen++] = 0xb0; // block limits
402 outbuf[buflen++] = 0xb2; // thin provisioning
39d98982
HR		 403 }
404 outbuf[pages] = buflen - pages - 1; // number of pages
0b06c059 405 break;
39d98982 406 }
0b06c059
GH		 407 case 0x80: /* Device serial number, optional */
408 {
3e1c0c9a 409 int l;
0b06c059 410
3e1c0c9a
HR		 411 if (!s->serial) {
412 DPRINTF("Inquiry (EVPD[Serial number] not supported\n");
413 return -1;
414 }
415
416 l = strlen(s->serial);
0b06c059
GH		 417 if (l > req->cmd.xfer)
418 l = req->cmd.xfer;
419 if (l > 20)
420 l = 20;
421
422 DPRINTF("Inquiry EVPD[Serial number] "
423 "buffer size %zd\n", req->cmd.xfer);
424 outbuf[buflen++] = l;
a0fef654 425 memcpy(outbuf+buflen, s->serial, l);
0b06c059
GH		 426 buflen += l;
427 break;
428 }
429
430 case 0x83: /* Device identification page, mandatory */
431 {
432 int max_len = 255 - 8;
428c149b 433 int id_len = strlen(bdrv_get_device_name(s->bs));
0b06c059
GH		 434
435 if (id_len > max_len)
436 id_len = max_len;
437 DPRINTF("Inquiry EVPD[Device identification] "
438 "buffer size %zd\n", req->cmd.xfer);
439
39d98982 440 outbuf[buflen++] = 4 + id_len;
0b06c059
GH		 441 outbuf[buflen++] = 0x2; // ASCII
442 outbuf[buflen++] = 0; // not officially assigned
443 outbuf[buflen++] = 0; // reserved
444 outbuf[buflen++] = id_len; // length of data following
445
428c149b 446 memcpy(outbuf+buflen, bdrv_get_device_name(s->bs), id_len);
0b06c059
GH		 447 buflen += id_len;
448 break;
449 }
ea3bd56f 450 case 0xb0: /* block limits */
ee3659e3 451 {
ea3bd56f
CH		 452 unsigned int unmap_sectors =
453 s->qdev.conf.discard_granularity / s->qdev.blocksize;
8cfacf07
CH		 454 unsigned int min_io_size =
455 s->qdev.conf.min_io_size / s->qdev.blocksize;
456 unsigned int opt_io_size =
457 s->qdev.conf.opt_io_size / s->qdev.blocksize;
ee3659e3 458
f37bd73b 459 if (s->qdev.type == TYPE_ROM) {
39d98982
HR		 460 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
461 page_code);
462 return -1;
463 }
ee3659e3
CH		 464 /* required VPD size with unmap support */
465 outbuf[3] = buflen = 0x3c;
466
467 memset(outbuf + 4, 0, buflen - 4);
468
469 /* optimal transfer length granularity */
470 outbuf[6] = (min_io_size >> 8) & 0xff;
471 outbuf[7] = min_io_size & 0xff;
472
473 /* optimal transfer length */
474 outbuf[12] = (opt_io_size >> 24) & 0xff;
475 outbuf[13] = (opt_io_size >> 16) & 0xff;
476 outbuf[14] = (opt_io_size >> 8) & 0xff;
477 outbuf[15] = opt_io_size & 0xff;
ea3bd56f
CH		 478
479 /* optimal unmap granularity */
480 outbuf[28] = (unmap_sectors >> 24) & 0xff;
481 outbuf[29] = (unmap_sectors >> 16) & 0xff;
482 outbuf[30] = (unmap_sectors >> 8) & 0xff;
483 outbuf[31] = unmap_sectors & 0xff;
484 break;
485 }
486 case 0xb2: /* thin provisioning */
487 {
488 outbuf[3] = buflen = 8;
489 outbuf[4] = 0;
490 outbuf[5] = 0x40; /* write same with unmap supported */
491 outbuf[6] = 0;
492 outbuf[7] = 0;
ee3659e3
CH		 493 break;
494 }
0b06c059
GH		 495 default:
496 BADF("Error: unsupported Inquiry (EVPD[%02X]) "
497 "buffer size %zd\n", page_code, req->cmd.xfer);
498 return -1;
499 }
500 /* done with EVPD */
501 return buflen;
502 }
503
504 /* Standard INQUIRY data */
505 if (req->cmd.buf[2] != 0) {
506 BADF("Error: Inquiry (STANDARD) page or code "
507 "is non-zero [%02X]\n", req->cmd.buf[2]);
508 return -1;
509 }
510
511 /* PAGE CODE == 0 */
512 if (req->cmd.xfer < 5) {
513 BADF("Error: Inquiry (STANDARD) buffer size %zd "
514 "is less than 5\n", req->cmd.xfer);
515 return -1;
516 }
517
0b06c059
GH		 518 buflen = req->cmd.xfer;
519 if (buflen > SCSI_MAX_INQUIRY_LEN)
520 buflen = SCSI_MAX_INQUIRY_LEN;
521
522 memset(outbuf, 0, buflen);
523
f37bd73b
HR		 524 outbuf[0] = s->qdev.type & 0x1f;
525 if (s->qdev.type == TYPE_ROM) {
0b06c059 526 outbuf[1] = 0x80;
550fe6c6 527 memcpy(&outbuf[16], "QEMU CD-ROM ", 16);
0b06c059 528 } else {
419e691f 529 outbuf[1] = s->removable ? 0x80 : 0;
550fe6c6 530 memcpy(&outbuf[16], "QEMU HARDDISK ", 16);
0b06c059 531 }
550fe6c6 532 memcpy(&outbuf[8], "QEMU ", 8);
314b1811 533 memset(&outbuf[32], 0, 4);
552fee93 534 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
99aba0c4
CH		 535 /*
536 * We claim conformance to SPC-3, which is required for guests
537 * to ask for modern features like READ CAPACITY(16) or the
538 * block characteristics VPD page by default. Not all of SPC-3
539 * is actually implemented, but we're good enough.
540 */
ee3659e3 541 outbuf[2] = 5;
0b06c059 542 outbuf[3] = 2; /* Format 2 */
ad3cea42
AT		 543
544 if (buflen > 36) {
545 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
546 } else {
547 /* If the allocation length of CDB is too small,
548 the additional length is not adjusted */
549 outbuf[4] = 36 - 5;
550 }
551
0b06c059
GH		 552 /* Sync data transfer and TCQ. */
553 outbuf[7] = 0x10 | (req->bus->tcq ? 0x02 : 0);
554 return buflen;
555}
556
cfc606da 557static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
282ab04e 558 int page_control)
ebddfcbe 559{
428c149b 560 BlockDriverState *bdrv = s->bs;
ebddfcbe 561 int cylinders, heads, secs;
cfc606da 562 uint8_t *p = *p_outbuf;
ebddfcbe 563
282ab04e
BK		 564 /*
565 * If Changeable Values are requested, a mask denoting those mode parameters
566 * that are changeable shall be returned. As we currently don't support
567 * parameter changes via MODE_SELECT all bits are returned set to zero.
568 * The buffer was already menset to zero by the caller of this function.
569 */
ebddfcbe
GH		 570 switch (page) {
571 case 4: /* Rigid disk device geometry page. */
cfc606da
PB		 572 if (s->qdev.type == TYPE_ROM) {
573 return -1;
574 }
ebddfcbe
GH		 575 p[0] = 4;
576 p[1] = 0x16;
282ab04e 577 if (page_control == 1) { /* Changeable Values */
cfc606da 578 break;
282ab04e 579 }
ebddfcbe
GH		 580 /* if a geometry hint is available, use it */
581 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
582 p[2] = (cylinders >> 16) & 0xff;
583 p[3] = (cylinders >> 8) & 0xff;
584 p[4] = cylinders & 0xff;
585 p[5] = heads & 0xff;
586 /* Write precomp start cylinder, disabled */
587 p[6] = (cylinders >> 16) & 0xff;
588 p[7] = (cylinders >> 8) & 0xff;
589 p[8] = cylinders & 0xff;
590 /* Reduced current start cylinder, disabled */
591 p[9] = (cylinders >> 16) & 0xff;
592 p[10] = (cylinders >> 8) & 0xff;
593 p[11] = cylinders & 0xff;
594 /* Device step rate [ns], 200ns */
595 p[12] = 0;
596 p[13] = 200;
597 /* Landing zone cylinder */
598 p[14] = 0xff;
599 p[15] = 0xff;
600 p[16] = 0xff;
601 /* Medium rotation rate [rpm], 5400 rpm */
602 p[20] = (5400 >> 8) & 0xff;
603 p[21] = 5400 & 0xff;
cfc606da 604 break;
ebddfcbe
GH		 605
606 case 5: /* Flexible disk device geometry page. */
cfc606da
PB		 607 if (s->qdev.type == TYPE_ROM) {
608 return -1;
609 }
ebddfcbe
GH		 610 p[0] = 5;
611 p[1] = 0x1e;
282ab04e 612 if (page_control == 1) { /* Changeable Values */
cfc606da 613 break;
282ab04e 614 }
ebddfcbe
GH		 615 /* Transfer rate [kbit/s], 5Mbit/s */
616 p[2] = 5000 >> 8;
617 p[3] = 5000 & 0xff;
618 /* if a geometry hint is available, use it */
619 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
620 p[4] = heads & 0xff;
621 p[5] = secs & 0xff;
622 p[6] = s->cluster_size * 2;
623 p[8] = (cylinders >> 8) & 0xff;
624 p[9] = cylinders & 0xff;
625 /* Write precomp start cylinder, disabled */
626 p[10] = (cylinders >> 8) & 0xff;
627 p[11] = cylinders & 0xff;
628 /* Reduced current start cylinder, disabled */
629 p[12] = (cylinders >> 8) & 0xff;
630 p[13] = cylinders & 0xff;
631 /* Device step rate [100us], 100us */
632 p[14] = 0;
633 p[15] = 1;
634 /* Device step pulse width [us], 1us */
635 p[16] = 1;
636 /* Device head settle delay [100us], 100us */
637 p[17] = 0;
638 p[18] = 1;
639 /* Motor on delay [0.1s], 0.1s */
640 p[19] = 1;
641 /* Motor off delay [0.1s], 0.1s */
642 p[20] = 1;
643 /* Medium rotation rate [rpm], 5400 rpm */
644 p[28] = (5400 >> 8) & 0xff;
645 p[29] = 5400 & 0xff;
cfc606da 646 break;
ebddfcbe
GH		 647
648 case 8: /* Caching page. */
649 p[0] = 8;
650 p[1] = 0x12;
282ab04e 651 if (page_control == 1) { /* Changeable Values */
cfc606da 652 break;
282ab04e 653 }
428c149b 654 if (bdrv_enable_write_cache(s->bs)) {
ebddfcbe
GH		 655 p[2] = 4; /* WCE */
656 }
cfc606da 657 break;
ebddfcbe
GH		 658
659 case 0x2a: /* CD Capabilities and Mechanical Status page. */
cfc606da
PB		 660 if (s->qdev.type != TYPE_ROM) {
661 return -1;
662 }
ebddfcbe
GH		 663 p[0] = 0x2a;
664 p[1] = 0x14;
282ab04e 665 if (page_control == 1) { /* Changeable Values */
cfc606da 666 break;
282ab04e 667 }
ebddfcbe
GH		 668 p[2] = 3; // CD-R & CD-RW read
669 p[3] = 0; // Writing not supported
670 p[4] = 0x7f; /* Audio, composite, digital out,
671 mode 2 form 1&2, multi session */
672 p[5] = 0xff; /* CD DA, DA accurate, RW supported,
673 RW corrected, C2 errors, ISRC,
674 UPC, Bar code */
81b1008d 675 p[6] = 0x2d | (s->tray_locked ? 2 : 0);
ebddfcbe
GH		 676 /* Locking supported, jumper present, eject, tray */
677 p[7] = 0; /* no volume & mute control, no
678 changer */
679 p[8] = (50 * 176) >> 8; // 50x read speed
680 p[9] = (50 * 176) & 0xff;
681 p[10] = 0 >> 8; // No volume
682 p[11] = 0 & 0xff;
683 p[12] = 2048 >> 8; // 2M buffer
684 p[13] = 2048 & 0xff;
685 p[14] = (16 * 176) >> 8; // 16x read speed current
686 p[15] = (16 * 176) & 0xff;
687 p[18] = (16 * 176) >> 8; // 16x write speed
688 p[19] = (16 * 176) & 0xff;
689 p[20] = (16 * 176) >> 8; // 16x write speed current
690 p[21] = (16 * 176) & 0xff;
cfc606da 691 break;
ebddfcbe
GH		 692
693 default:
cfc606da 694 return -1;
ebddfcbe 695 }
cfc606da
PB		 696
697 *p_outbuf += p[1] + 2;
698 return p[1] + 2;
ebddfcbe
GH		 699}
700
cfc606da 701static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
ebddfcbe 702{
cfc606da 703 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ebddfcbe 704 uint64_t nb_sectors;
cfc606da 705 int page, dbd, buflen, ret, page_control;
ebddfcbe 706 uint8_t *p;
ce512ee1 707 uint8_t dev_specific_param;
ebddfcbe 708
cfc606da
PB		 709 dbd = r->req.cmd.buf[1] & 0x8;
710 page = r->req.cmd.buf[2] & 0x3f;
711 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
aa2b1e89 712 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
cfc606da
PB		 713 (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control);
714 memset(outbuf, 0, r->req.cmd.xfer);
ebddfcbe
GH		 715 p = outbuf;
716
0056dcc1 717 if (bdrv_is_read_only(s->bs)) {
ce512ee1
BK		 718 dev_specific_param = 0x80; /* Readonly. */
719 } else {
720 dev_specific_param = 0x00;
721 }
722
cfc606da 723 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 724 p[1] = 0; /* Default media type. */
725 p[2] = dev_specific_param;
726 p[3] = 0; /* Block descriptor length. */
727 p += 4;
728 } else { /* MODE_SENSE_10 */
729 p[2] = 0; /* Default media type. */
730 p[3] = dev_specific_param;
731 p[6] = p[7] = 0; /* Block descriptor length. */
732 p += 8;
ebddfcbe 733 }
ebddfcbe 734
428c149b 735 bdrv_get_geometry(s->bs, &nb_sectors);
333d50fe 736 if (!dbd && nb_sectors) {
cfc606da 737 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 738 outbuf[3] = 8; /* Block descriptor length */
739 } else { /* MODE_SENSE_10 */
740 outbuf[7] = 8; /* Block descriptor length */
741 }
ebddfcbe 742 nb_sectors /= s->cluster_size;
ebddfcbe 743 if (nb_sectors > 0xffffff)
2488b740 744 nb_sectors = 0;
ebddfcbe
GH		 745 p[0] = 0; /* media density code */
746 p[1] = (nb_sectors >> 16) & 0xff;
747 p[2] = (nb_sectors >> 8) & 0xff;
748 p[3] = nb_sectors & 0xff;
749 p[4] = 0; /* reserved */
750 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
751 p[6] = s->cluster_size * 2;
752 p[7] = 0;
753 p += 8;
754 }
755
cfc606da
PB		 756 if (page_control == 3) {
757 /* Saved Values */
758 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
759 return -1;
282ab04e
BK		 760 }
761
cfc606da
PB		 762 if (page == 0x3f) {
763 for (page = 0; page <= 0x3e; page++) {
764 mode_sense_page(s, page, &p, page_control);
765 }
766 } else {
767 ret = mode_sense_page(s, page, &p, page_control);
768 if (ret == -1) {
769 return -1;
770 }
ebddfcbe
GH		 771 }
772
773 buflen = p - outbuf;
ce512ee1
BK		 774 /*
775 * The mode data length field specifies the length in bytes of the
776 * following data that is available to be transferred. The mode data
777 * length does not include itself.
778 */
cfc606da 779 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 780 outbuf[0] = buflen - 1;
781 } else { /* MODE_SENSE_10 */
782 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
783 outbuf[1] = (buflen - 2) & 0xff;
784 }
cfc606da
PB		 785 if (buflen > r->req.cmd.xfer)
786 buflen = r->req.cmd.xfer;
ebddfcbe
GH		 787 return buflen;
788}
789
02880f43
GH		 790static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
791{
792 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
02880f43
GH		 793 int start_track, format, msf, toclen;
794 uint64_t nb_sectors;
795
796 msf = req->cmd.buf[1] & 2;
797 format = req->cmd.buf[2] & 0xf;
798 start_track = req->cmd.buf[6];
428c149b 799 bdrv_get_geometry(s->bs, &nb_sectors);
02880f43
GH		 800 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
801 nb_sectors /= s->cluster_size;
802 switch (format) {
803 case 0:
804 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
805 break;
806 case 1:
807 /* multi session : only a single session defined */
808 toclen = 12;
809 memset(outbuf, 0, 12);
810 outbuf[1] = 0x0a;
811 outbuf[2] = 0x01;
812 outbuf[3] = 0x01;
813 break;
814 case 2:
815 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
816 break;
817 default:
818 return -1;
819 }
820 if (toclen > req->cmd.xfer)
821 toclen = req->cmd.xfer;
822 return toclen;
823}
824
bfd52647
MA		 825static void scsi_disk_emulate_start_stop(SCSIDiskReq *r)
826{
827 SCSIRequest *req = &r->req;
828 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
829 bool start = req->cmd.buf[4] & 1;
830 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
831
832 if (s->qdev.type == TYPE_ROM && loej) {
833 bdrv_eject(s->bs, !start);
ece0d5e9 834 s->tray_open = !start;
bfd52647
MA		 835 }
836}
837
8af7a3ab 838static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf)
aa5dbdc1 839{
8af7a3ab 840 SCSIRequest *req = &r->req;
e7e25e32 841 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
e7e25e32 842 uint64_t nb_sectors;
aa5dbdc1
GH		 843 int buflen = 0;
844
845 switch (req->cmd.buf[0]) {
846 case TEST_UNIT_READY:
a1aff5bf 847 if (s->tray_open || !bdrv_is_inserted(s->bs))
aa5dbdc1 848 goto not_ready;
5f71d32f 849 break;
0b06c059
GH		 850 case INQUIRY:
851 buflen = scsi_disk_emulate_inquiry(req, outbuf);
852 if (buflen < 0)
853 goto illegal_request;
5f71d32f 854 break;
ebddfcbe
GH		 855 case MODE_SENSE:
856 case MODE_SENSE_10:
cfc606da 857 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
ebddfcbe
GH		 858 if (buflen < 0)
859 goto illegal_request;
860 break;
02880f43
GH		 861 case READ_TOC:
862 buflen = scsi_disk_emulate_read_toc(req, outbuf);
863 if (buflen < 0)
864 goto illegal_request;
865 break;
3d53ba18
GH		 866 case RESERVE:
867 if (req->cmd.buf[1] & 1)
868 goto illegal_request;
869 break;
870 case RESERVE_10:
871 if (req->cmd.buf[1] & 3)
872 goto illegal_request;
873 break;
874 case RELEASE:
875 if (req->cmd.buf[1] & 1)
876 goto illegal_request;
877 break;
878 case RELEASE_10:
879 if (req->cmd.buf[1] & 3)
880 goto illegal_request;
881 break;
8d3628ff 882 case START_STOP:
bfd52647 883 scsi_disk_emulate_start_stop(r);
5f71d32f 884 break;
c68b9f34 885 case ALLOW_MEDIUM_REMOVAL:
81b1008d 886 s->tray_locked = req->cmd.buf[4] & 1;
428c149b 887 bdrv_set_locked(s->bs, req->cmd.buf[4] & 1);
5f71d32f 888 break;
5e30a07d 889 case READ_CAPACITY_10:
e7e25e32 890 /* The normal LEN field for this command is zero. */
5f71d32f
HR		 891 memset(outbuf, 0, 8);
892 bdrv_get_geometry(s->bs, &nb_sectors);
e7e25e32
GH		 893 if (!nb_sectors)
894 goto not_ready;
895 nb_sectors /= s->cluster_size;
896 /* Returned value is the address of the last sector. */
897 nb_sectors--;
898 /* Remember the new size for read/write sanity checking. */
899 s->max_lba = nb_sectors;
900 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
901 if (nb_sectors > UINT32_MAX)
902 nb_sectors = UINT32_MAX;
903 outbuf[0] = (nb_sectors >> 24) & 0xff;
904 outbuf[1] = (nb_sectors >> 16) & 0xff;
905 outbuf[2] = (nb_sectors >> 8) & 0xff;
906 outbuf[3] = nb_sectors & 0xff;
907 outbuf[4] = 0;
908 outbuf[5] = 0;
909 outbuf[6] = s->cluster_size * 2;
910 outbuf[7] = 0;
911 buflen = 8;
5f71d32f 912 break;
38215553
GH		 913 case GET_CONFIGURATION:
914 memset(outbuf, 0, 8);
915 /* ??? This should probably return much more information. For now
916 just return the basic header indicating the CD-ROM profile. */
917 outbuf[7] = 8; // CD-ROM
918 buflen = 8;
919 break;
f6515262 920 case SERVICE_ACTION_IN_16:
5dd90e2a 921 /* Service Action In subcommands. */
f6515262 922 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
5dd90e2a
GH		 923 DPRINTF("SAI READ CAPACITY(16)\n");
924 memset(outbuf, 0, req->cmd.xfer);
428c149b 925 bdrv_get_geometry(s->bs, &nb_sectors);
5dd90e2a
GH		 926 if (!nb_sectors)
927 goto not_ready;
928 nb_sectors /= s->cluster_size;
929 /* Returned value is the address of the last sector. */
930 nb_sectors--;
931 /* Remember the new size for read/write sanity checking. */
932 s->max_lba = nb_sectors;
933 outbuf[0] = (nb_sectors >> 56) & 0xff;
934 outbuf[1] = (nb_sectors >> 48) & 0xff;
935 outbuf[2] = (nb_sectors >> 40) & 0xff;
936 outbuf[3] = (nb_sectors >> 32) & 0xff;
937 outbuf[4] = (nb_sectors >> 24) & 0xff;
938 outbuf[5] = (nb_sectors >> 16) & 0xff;
939 outbuf[6] = (nb_sectors >> 8) & 0xff;
940 outbuf[7] = nb_sectors & 0xff;
941 outbuf[8] = 0;
942 outbuf[9] = 0;
943 outbuf[10] = s->cluster_size * 2;
944 outbuf[11] = 0;
ee3659e3
CH		 945 outbuf[12] = 0;
946 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
ea3bd56f
CH		 947
948 /* set TPE bit if the format supports discard */
949 if (s->qdev.conf.discard_granularity) {
950 outbuf[14] = 0x80;
951 }
952
5dd90e2a
GH		 953 /* Protection, exponent and lowest lba field left blank. */
954 buflen = req->cmd.xfer;
955 break;
956 }
957 DPRINTF("Unsupported Service Action In\n");
958 goto illegal_request;
5e30a07d 959 case VERIFY_10:
88f8a5ed 960 break;
aa5dbdc1 961 default:
b45ef674 962 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
a1f0cce2 963 return -1;
aa5dbdc1 964 }
aa5dbdc1
GH		 965 return buflen;
966
967not_ready:
a1aff5bf 968 if (s->tray_open || !bdrv_is_inserted(s->bs)) {
b45ef674 969 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
a1f0cce2 970 } else {
b45ef674 971 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
a1f0cce2 972 }
8af7a3ab 973 return -1;
aa5dbdc1
GH		 974
975illegal_request:
cfc606da
PB		 976 if (r->req.status == -1) {
977 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
978 }
8af7a3ab 979 return -1;
aa5dbdc1
GH		 980}
981
2e5d83bb
PB		 982/* Execute a scsi command. Returns the length of the data expected by the
983 command. This will be Positive for data transfers from the device
984 (eg. disk reads), negative for transfers to the device (eg. disk writes),
985 and zero if the command does not transfer any data. */
986
5c6c0e51 987static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf)
2e5d83bb 988{
5c6c0e51
HR		 989 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
990 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
ad2d30f7 991 int32_t len;
a917d384
PB		 992 uint8_t command;
993 uint8_t *outbuf;
aa5dbdc1 994 int rc;
a917d384
PB		 995
996 command = buf[0];
3f4cb3d3 997 outbuf = (uint8_t *)r->iov.iov_base;
653c1c3f 998 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", req->lun, req->tag, buf[0]);
2dd791b6 999
2e5d83bb
PB		 1000#ifdef DEBUG_SCSI
1001 {
1002 int i;
2dd791b6 1003 for (i = 1; i < r->req.cmd.len; i++) {
2e5d83bb
PB		 1004 printf(" 0x%02x", buf[i]);
1005 }
1006 printf("\n");
1007 }
1008#endif
aa5dbdc1 1009
a917d384 1010 switch (command) {
ebf46023 1011 case TEST_UNIT_READY:
0b06c059 1012 case INQUIRY:
ebddfcbe
GH		 1013 case MODE_SENSE:
1014 case MODE_SENSE_10:
3d53ba18
GH		 1015 case RESERVE:
1016 case RESERVE_10:
1017 case RELEASE:
1018 case RELEASE_10:
8d3628ff 1019 case START_STOP:
c68b9f34 1020 case ALLOW_MEDIUM_REMOVAL:
5e30a07d 1021 case READ_CAPACITY_10:
02880f43 1022 case READ_TOC:
38215553 1023 case GET_CONFIGURATION:
f6515262 1024 case SERVICE_ACTION_IN_16:
5e30a07d 1025 case VERIFY_10:
8af7a3ab
KW		 1026 rc = scsi_disk_emulate_command(r, outbuf);
1027 if (rc < 0) {
0b06c059 1028 return 0;
aa5dbdc1 1029 }
8af7a3ab
KW		 1030
1031 r->iov.iov_len = rc;
0b06c059 1032 break;
0a4ac106
PB		 1033 case SYNCHRONIZE_CACHE:
1034 bdrv_acct_start(s->bs, &r->acct, 0, BDRV_ACCT_FLUSH);
1035 r->req.aiocb = bdrv_aio_flush(s->bs, scsi_flush_complete, r);
1036 if (r->req.aiocb == NULL) {
1037 scsi_flush_complete(r, -EIO);
1038 }
1039 return 0;
ebf46023
GH		 1040 case READ_6:
1041 case READ_10:
bd536cf3
GH		 1042 case READ_12:
1043 case READ_16:
5c6c0e51 1044 len = r->req.cmd.xfer / s->qdev.blocksize;
2dd791b6
HR		 1045 DPRINTF("Read (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len);
1046 if (r->req.cmd.lba > s->max_lba)
274fb0e1 1047 goto illegal_lba;
2dd791b6 1048 r->sector = r->req.cmd.lba * s->cluster_size;
a917d384 1049 r->sector_count = len * s->cluster_size;
2e5d83bb 1050 break;
ebf46023
GH		 1051 case WRITE_6:
1052 case WRITE_10:
bd536cf3
GH		 1053 case WRITE_12:
1054 case WRITE_16:
5e30a07d 1055 case WRITE_VERIFY_10:
ebef0bbb
BK		 1056 case WRITE_VERIFY_12:
1057 case WRITE_VERIFY_16:
5c6c0e51 1058 len = r->req.cmd.xfer / s->qdev.blocksize;
ebef0bbb 1059 DPRINTF("Write %s(sector %" PRId64 ", count %d)\n",
2dd791b6
HR		 1060 (command & 0xe) == 0xe ? "And Verify " : "",
1061 r->req.cmd.lba, len);
1062 if (r->req.cmd.lba > s->max_lba)
274fb0e1 1063 goto illegal_lba;
2dd791b6 1064 r->sector = r->req.cmd.lba * s->cluster_size;
a917d384 1065 r->sector_count = len * s->cluster_size;
2e5d83bb 1066 break;
ebef0bbb 1067 case MODE_SELECT:
2dd791b6 1068 DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
ebef0bbb
BK		 1069 /* We don't support mode parameter changes.
1070 Allow the mode parameter header + block descriptors only. */
2dd791b6 1071 if (r->req.cmd.xfer > 12) {
ebef0bbb
BK		 1072 goto fail;
1073 }
1074 break;
1075 case MODE_SELECT_10:
2dd791b6 1076 DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
ebef0bbb
BK		 1077 /* We don't support mode parameter changes.
1078 Allow the mode parameter header + block descriptors only. */
2dd791b6 1079 if (r->req.cmd.xfer > 16) {
ebef0bbb
BK		 1080 goto fail;
1081 }
1082 break;
1083 case SEEK_6:
1084 case SEEK_10:
2dd791b6
HR		 1085 DPRINTF("Seek(%d) (sector %" PRId64 ")\n", command == SEEK_6 ? 6 : 10,
1086 r->req.cmd.lba);
1087 if (r->req.cmd.lba > s->max_lba) {
ebef0bbb
BK		 1088 goto illegal_lba;
1089 }
ea3bd56f
CH		 1090 break;
1091 case WRITE_SAME_16:
5c6c0e51 1092 len = r->req.cmd.xfer / s->qdev.blocksize;
ea3bd56f
CH		 1093
1094 DPRINTF("WRITE SAME(16) (sector %" PRId64 ", count %d)\n",
1095 r->req.cmd.lba, len);
1096
1097 if (r->req.cmd.lba > s->max_lba) {
1098 goto illegal_lba;
1099 }
1100
1101 /*
1102 * We only support WRITE SAME with the unmap bit set for now.
1103 */
1104 if (!(buf[1] & 0x8)) {
1105 goto fail;
1106 }
1107
1108 rc = bdrv_discard(s->bs, r->req.cmd.lba * s->cluster_size,
1109 len * s->cluster_size);
1110 if (rc < 0) {
1111 /* XXX: better error code ?*/
1112 goto fail;
1113 }
1114
ebef0bbb 1115 break;
739df215
PB		 1116 case REQUEST_SENSE:
1117 abort();
2e5d83bb 1118 default:
2dd791b6 1119 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
b45ef674 1120 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
a1f0cce2 1121 return 0;
2e5d83bb 1122 fail:
b45ef674 1123 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2dd791b6 1124 return 0;
274fb0e1 1125 illegal_lba:
b45ef674 1126 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
274fb0e1 1127 return 0;
2e5d83bb 1128 }
c87c0672 1129 if (r->sector_count == 0 && r->iov.iov_len == 0) {
b45ef674 1130 scsi_req_complete(&r->req, GOOD);
a917d384 1131 }
c87c0672 1132 len = r->sector_count * 512 + r->iov.iov_len;
efb9ee02
HR		 1133 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
1134 return -len;
a917d384
PB		 1135 } else {
1136 if (!r->sector_count)
1137 r->sector_count = -1;
efb9ee02 1138 return len;
2e5d83bb 1139 }
2e5d83bb
PB		 1140}
1141
e9447f35
JK		 1142static void scsi_disk_reset(DeviceState *dev)
1143{
1144 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
1145 uint64_t nb_sectors;
1146
c7b48872 1147 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
e9447f35
JK		 1148
1149 bdrv_get_geometry(s->bs, &nb_sectors);
1150 nb_sectors /= s->cluster_size;
1151 if (nb_sectors) {
1152 nb_sectors--;
1153 }
1154 s->max_lba = nb_sectors;
1155}
1156
1157static void scsi_destroy(SCSIDevice *dev)
1158{
1159 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1160
c7b48872 1161 scsi_device_purge_requests(&s->qdev, SENSE_CODE(NO_SENSE));
f8b6cc00 1162 blockdev_mark_auto_del(s->qdev.conf.bs);
56a14938
GH		 1163}
1164
f37bd73b 1165static int scsi_initfn(SCSIDevice *dev, uint8_t scsi_type)
2e5d83bb 1166{
d52affa7 1167 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
f8b6cc00 1168 DriveInfo *dinfo;
2e5d83bb 1169
f8b6cc00 1170 if (!s->qdev.conf.bs) {
1ecda02b 1171 error_report("scsi-disk: drive property not set");
d52affa7
GH		 1172 return -1;
1173 }
f8b6cc00 1174 s->bs = s->qdev.conf.bs;
d52affa7 1175
f37bd73b 1176 if (scsi_type == TYPE_DISK && !bdrv_is_inserted(s->bs)) {
98f28ad7
MA		 1177 error_report("Device needs media, but drive is empty");
1178 return -1;
1179 }
1180
a0fef654 1181 if (!s->serial) {
f8b6cc00
MA		 1182 /* try to fall back to value set with legacy -drive serial=... */
1183 dinfo = drive_get_by_blockdev(s->bs);
3e1c0c9a 1184 if (*dinfo->serial) {
7267c094 1185 s->serial = g_strdup(dinfo->serial);
3e1c0c9a 1186 }
a0fef654
MA		 1187 }
1188
552fee93 1189 if (!s->version) {
7267c094 1190 s->version = g_strdup(QEMU_VERSION);
552fee93
MA		 1191 }
1192
32bb404a 1193 if (bdrv_is_sg(s->bs)) {
1ecda02b 1194 error_report("scsi-disk: unwanted /dev/sg*");
32bb404a
MA		 1195 return -1;
1196 }
1197
f37bd73b 1198 if (scsi_type == TYPE_ROM) {
8cfacf07 1199 s->qdev.blocksize = 2048;
f37bd73b 1200 } else if (scsi_type == TYPE_DISK) {
8cfacf07 1201 s->qdev.blocksize = s->qdev.conf.logical_block_size;
f37bd73b
HR		 1202 } else {
1203 error_report("scsi-disk: Unhandled SCSI type %02x", scsi_type);
1204 return -1;
2e5d83bb 1205 }
8cfacf07 1206 s->cluster_size = s->qdev.blocksize / 512;
73fdb1e1 1207 s->bs->buffer_alignment = s->qdev.blocksize;
8cfacf07 1208
f37bd73b 1209 s->qdev.type = scsi_type;
ea8a5d7f 1210 qemu_add_vm_change_state_handler(scsi_dma_restart_cb, s);
f37bd73b 1211 bdrv_set_removable(s->bs, scsi_type == TYPE_ROM);
1ca4d09a 1212 add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, ",0");
d52affa7
GH		 1213 return 0;
1214}
1215
b443ae67
MA		 1216static int scsi_hd_initfn(SCSIDevice *dev)
1217{
f37bd73b 1218 return scsi_initfn(dev, TYPE_DISK);
b443ae67
MA		 1219}
1220
1221static int scsi_cd_initfn(SCSIDevice *dev)
1222{
f37bd73b 1223 return scsi_initfn(dev, TYPE_ROM);
b443ae67
MA		 1224}
1225
1226static int scsi_disk_initfn(SCSIDevice *dev)
1227{
95b5edcd 1228 DriveInfo *dinfo;
f37bd73b 1229 uint8_t scsi_type;
b443ae67
MA		 1230
1231 if (!dev->conf.bs) {
f37bd73b 1232 scsi_type = TYPE_DISK; /* will die in scsi_initfn() */
b443ae67 1233 } else {
95b5edcd 1234 dinfo = drive_get_by_blockdev(dev->conf.bs);
f37bd73b 1235 scsi_type = dinfo->media_cd ? TYPE_ROM : TYPE_DISK;
b443ae67
MA		 1236 }
1237
f37bd73b 1238 return scsi_initfn(dev, scsi_type);
b443ae67
MA		 1239}
1240
8dbd4574
PB		 1241static SCSIReqOps scsi_disk_reqops = {
1242 .size = sizeof(SCSIDiskReq),
12010e7b
PB		 1243 .free_req = scsi_free_request,
1244 .send_command = scsi_send_command,
1245 .read_data = scsi_read_data,
1246 .write_data = scsi_write_data,
1247 .cancel_io = scsi_cancel_io,
1248 .get_buf = scsi_get_buf,
8dbd4574
PB		 1249};
1250
1251static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag,
1252 uint32_t lun, void *hba_private)
1253{
1254 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
1255 SCSIRequest *req;
1256 SCSIDiskReq *r;
1257
1258 req = scsi_req_alloc(&scsi_disk_reqops, &s->qdev, tag, lun, hba_private);
1259 r = DO_UPCAST(SCSIDiskReq, req, req);
1260 r->iov.iov_base = qemu_blockalign(s->bs, SCSI_DMA_BUF_SIZE);
1261 return req;
1262}
1263
b443ae67
MA		 1264#define DEFINE_SCSI_DISK_PROPERTIES() \
1265 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \
1266 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
1267 DEFINE_PROP_STRING("serial", SCSIDiskState, serial)
1268
1269static SCSIDeviceInfo scsi_disk_info[] = {
1270 {
1271 .qdev.name = "scsi-hd",
1272 .qdev.fw_name = "disk",
1273 .qdev.desc = "virtual SCSI disk",
1274 .qdev.size = sizeof(SCSIDiskState),
1275 .qdev.reset = scsi_disk_reset,
1276 .init = scsi_hd_initfn,
1277 .destroy = scsi_destroy,
5c6c0e51 1278 .alloc_req = scsi_new_request,
b443ae67
MA		 1279 .qdev.props = (Property[]) {
1280 DEFINE_SCSI_DISK_PROPERTIES(),
1281 DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false),
1282 DEFINE_PROP_END_OF_LIST(),
1283 }
1284 },{
1285 .qdev.name = "scsi-cd",
1286 .qdev.fw_name = "disk",
1287 .qdev.desc = "virtual SCSI CD-ROM",
1288 .qdev.size = sizeof(SCSIDiskState),
1289 .qdev.reset = scsi_disk_reset,
1290 .init = scsi_cd_initfn,
1291 .destroy = scsi_destroy,
5c6c0e51 1292 .alloc_req = scsi_new_request,
b443ae67
MA		 1293 .qdev.props = (Property[]) {
1294 DEFINE_SCSI_DISK_PROPERTIES(),
1295 DEFINE_PROP_END_OF_LIST(),
1296 },
1297 },{
1298 .qdev.name = "scsi-disk", /* legacy -device scsi-disk */
1299 .qdev.fw_name = "disk",
1300 .qdev.desc = "virtual SCSI disk or CD-ROM (legacy)",
1301 .qdev.size = sizeof(SCSIDiskState),
1302 .qdev.reset = scsi_disk_reset,
1303 .init = scsi_disk_initfn,
1304 .destroy = scsi_destroy,
5c6c0e51 1305 .alloc_req = scsi_new_request,
b443ae67
MA		 1306 .qdev.props = (Property[]) {
1307 DEFINE_SCSI_DISK_PROPERTIES(),
1308 DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false),
1309 DEFINE_PROP_END_OF_LIST(),
1310 }
1311 }
d52affa7
GH		 1312};
1313
1314static void scsi_disk_register_devices(void)
1315{
b443ae67
MA		 1316 int i;
1317
1318 for (i = 0; i < ARRAY_SIZE(scsi_disk_info); i++) {
1319 scsi_qdev_register(&scsi_disk_info[i]);
1320 }
8ccc2ace 1321}
d52affa7 1322device_init(scsi_disk_register_devices)
Empty description
This page took 0.814212 seconds and 4 git commands to generate.