]> Git Repo - qemu.git/blame - hw/scsi-disk.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
SPARC: Emulation of GRLIB APB UART
[qemu.git] / hw / scsi-disk.c
CommitLineData
2e5d83bb
PB		 1/*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
ad3cea42
AT		 8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
2e5d83bb
PB		 14 *
15 * This code is licenced under the LGPL.
a917d384
PB		 16 *
17 * Note that this file only handles the SCSI architecture model and device
1d4db89c
AZ		 18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
2e5d83bb
PB		 20 */
21
22//#define DEBUG_SCSI
23
24#ifdef DEBUG_SCSI
001faf32
BS		 25#define DPRINTF(fmt, ...) \
26do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
2e5d83bb 27#else
001faf32 28#define DPRINTF(fmt, ...) do {} while(0)
2e5d83bb
PB		 29#endif
30
001faf32
BS		 31#define BADF(fmt, ...) \
32do { fprintf(stderr, "scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
2e5d83bb 33
87ecb68b 34#include "qemu-common.h"
2f792016 35#include "qemu-error.h"
43b443b6 36#include "scsi.h"
0d65e1f8 37#include "scsi-defs.h"
666daa68 38#include "sysemu.h"
2446333c 39#include "blockdev.h"
22864256 40
f0f72ffe 41#define SCSI_DMA_BUF_SIZE 131072
57575058 42#define SCSI_MAX_INQUIRY_LEN 256
a917d384 43
5dba48a8
KW		 44#define SCSI_REQ_STATUS_RETRY 0x01
45#define SCSI_REQ_STATUS_RETRY_TYPE_MASK 0x06
46#define SCSI_REQ_STATUS_RETRY_READ 0x00
47#define SCSI_REQ_STATUS_RETRY_WRITE 0x02
78ced65e 48#define SCSI_REQ_STATUS_RETRY_FLUSH 0x04
ea8a5d7f 49
d52affa7
GH		 50typedef struct SCSIDiskState SCSIDiskState;
51
a6d96eb7
HR		 52typedef struct SCSISense {
53 uint8_t key;
54} SCSISense;
55
4c41d2ef
GH		 56typedef struct SCSIDiskReq {
57 SCSIRequest req;
e035b43d 58 /* ??? We should probably keep track of whether the data transfer is
2e5d83bb 59 a read or a write. Currently we rely on the host getting it right. */
a917d384 60 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
e035b43d
AL		 61 uint64_t sector;
62 uint32_t sector_count;
c87c0672
AL		 63 struct iovec iov;
64 QEMUIOVector qiov;
ea8a5d7f 65 uint32_t status;
4c41d2ef 66} SCSIDiskReq;
a917d384 67
d52affa7 68struct SCSIDiskState
a917d384 69{
d52affa7 70 SCSIDevice qdev;
428c149b 71 BlockDriverState *bs;
a917d384
PB		 72 /* The qemu block layer uses a fixed 512 byte sector size.
73 This is the number of 512 byte blocks in a single scsi sector. */
74 int cluster_size;
274fb0e1 75 uint64_t max_lba;
213189ab 76 QEMUBH *bh;
383b4d9b 77 char *version;
a0fef654 78 char *serial;
a6d96eb7 79 SCSISense sense;
2e5d83bb
PB		 80};
81
5dba48a8 82static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type);
78ced65e 83static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf);
5dba48a8 84
72aef731
CH		 85static SCSIDiskReq *scsi_new_request(SCSIDiskState *s, uint32_t tag,
86 uint32_t lun)
2e5d83bb 87{
89b08ae1 88 SCSIRequest *req;
4c41d2ef 89 SCSIDiskReq *r;
a917d384 90
72aef731 91 req = scsi_req_alloc(sizeof(SCSIDiskReq), &s->qdev, tag, lun);
89b08ae1 92 r = DO_UPCAST(SCSIDiskReq, req, req);
72aef731 93 r->iov.iov_base = qemu_blockalign(s->bs, SCSI_DMA_BUF_SIZE);
a917d384 94 return r;
2e5d83bb
PB		 95}
96
4c41d2ef 97static void scsi_remove_request(SCSIDiskReq *r)
4d611c9a 98{
f8a83245 99 qemu_vfree(r->iov.iov_base);
89b08ae1 100 scsi_req_free(&r->req);
4d611c9a
PB		 101}
102
4c41d2ef 103static SCSIDiskReq *scsi_find_request(SCSIDiskState *s, uint32_t tag)
4d611c9a 104{
89b08ae1 105 return DO_UPCAST(SCSIDiskReq, req, scsi_req_find(&s->qdev, tag));
a917d384
PB		 106}
107
a6d96eb7 108static void scsi_disk_clear_sense(SCSIDiskState *s)
ed3a34a3 109{
a6d96eb7
HR		 110 memset(&s->sense, 0, sizeof(s->sense));
111}
112
113static void scsi_disk_set_sense(SCSIDiskState *s, uint8_t key)
114{
115 s->sense.key = key;
116}
117
118static void scsi_req_set_status(SCSIDiskReq *r, int status, int sense_code)
119{
120 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
121
122 r->req.status = status;
123 scsi_disk_set_sense(s, sense_code);
ed3a34a3
GH		 124}
125
a917d384 126/* Helper function for command completion. */
4c41d2ef 127static void scsi_command_complete(SCSIDiskReq *r, int status, int sense)
a917d384 128{
4c41d2ef
GH		 129 DPRINTF("Command complete tag=0x%x status=%d sense=%d\n",
130 r->req.tag, status, sense);
a6d96eb7 131 scsi_req_set_status(r, status, sense);
ed3a34a3 132 scsi_req_complete(&r->req);
89b08ae1 133 scsi_remove_request(r);
4d611c9a
PB		 134}
135
136/* Cancel a pending data transfer. */
8ccc2ace 137static void scsi_cancel_io(SCSIDevice *d, uint32_t tag)
4d611c9a 138{
d52affa7 139 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
4c41d2ef 140 SCSIDiskReq *r;
a917d384
PB		 141 DPRINTF("Cancel tag=0x%x\n", tag);
142 r = scsi_find_request(s, tag);
143 if (r) {
4c41d2ef
GH		 144 if (r->req.aiocb)
145 bdrv_aio_cancel(r->req.aiocb);
146 r->req.aiocb = NULL;
a917d384
PB		 147 scsi_remove_request(r);
148 }
149}
150
151static void scsi_read_complete(void * opaque, int ret)
152{
4c41d2ef 153 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
5dba48a8 154 int n;
a917d384 155
3e94cb02
JK		 156 r->req.aiocb = NULL;
157
a917d384 158 if (ret) {
5dba48a8
KW		 159 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_READ)) {
160 return;
161 }
4d611c9a 162 }
5dba48a8 163
aa2b1e89 164 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->iov.iov_len);
a917d384 165
5dba48a8
KW		 166 n = r->iov.iov_len / 512;
167 r->sector += n;
168 r->sector_count -= n;
4c41d2ef 169 r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, r->iov.iov_len);
4d611c9a
PB		 170}
171
5dba48a8
KW		 172
173static void scsi_read_request(SCSIDiskReq *r)
2e5d83bb 174{
5dba48a8 175 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2e5d83bb
PB		 176 uint32_t n;
177
a917d384 178 if (r->sector_count == (uint32_t)-1) {
aa2b1e89 179 DPRINTF("Read buf_len=%zd\n", r->iov.iov_len);
a917d384 180 r->sector_count = 0;
4c41d2ef 181 r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, r->iov.iov_len);
a917d384 182 return;
2e5d83bb 183 }
a917d384
PB		 184 DPRINTF("Read sector_count=%d\n", r->sector_count);
185 if (r->sector_count == 0) {
0d65e1f8 186 scsi_command_complete(r, GOOD, NO_SENSE);
a917d384 187 return;
2e5d83bb
PB		 188 }
189
6fa2c95f
SH		 190 /* No data transfer may already be in progress */
191 assert(r->req.aiocb == NULL);
192
a917d384
PB		 193 n = r->sector_count;
194 if (n > SCSI_DMA_BUF_SIZE / 512)
195 n = SCSI_DMA_BUF_SIZE / 512;
196
c87c0672
AL		 197 r->iov.iov_len = n * 512;
198 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
428c149b 199 r->req.aiocb = bdrv_aio_readv(s->bs, r->sector, &r->qiov, n,
c87c0672 200 scsi_read_complete, r);
d33ea50a
KW		 201 if (r->req.aiocb == NULL) {
202 scsi_read_complete(r, -EIO);
203 }
2e5d83bb
PB		 204}
205
5dba48a8
KW		 206/* Read more data from scsi device into buffer. */
207static void scsi_read_data(SCSIDevice *d, uint32_t tag)
ea8a5d7f 208{
5dba48a8
KW		 209 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
210 SCSIDiskReq *r;
211
212 r = scsi_find_request(s, tag);
213 if (!r) {
214 BADF("Bad read tag 0x%x\n", tag);
215 /* ??? This is the wrong error. */
216 scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
217 return;
218 }
219
5dba48a8
KW		 220 scsi_read_request(r);
221}
222
223static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type)
224{
225 int is_read = (type == SCSI_REQ_STATUS_RETRY_READ);
4c41d2ef 226 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
5dba48a8 227 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
ea8a5d7f 228
380f640f 229 if (action == BLOCK_ERR_IGNORE) {
5dba48a8 230 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
ea8a5d7f 231 return 0;
380f640f 232 }
ea8a5d7f
AL		 233
234 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
235 || action == BLOCK_ERR_STOP_ANY) {
5dba48a8
KW		 236
237 type &= SCSI_REQ_STATUS_RETRY_TYPE_MASK;
238 r->status |= SCSI_REQ_STATUS_RETRY | type;
239
240 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
554a310b 241 vm_stop(0);
ea8a5d7f 242 } else {
5dba48a8
KW		 243 if (type == SCSI_REQ_STATUS_RETRY_READ) {
244 r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, 0);
245 }
0d65e1f8
GH		 246 scsi_command_complete(r, CHECK_CONDITION,
247 HARDWARE_ERROR);
5dba48a8 248 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
ea8a5d7f
AL		 249 }
250
251 return 1;
252}
253
4d611c9a
PB		 254static void scsi_write_complete(void * opaque, int ret)
255{
4c41d2ef 256 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
a917d384 257 uint32_t len;
ea8a5d7f
AL		 258 uint32_t n;
259
4c41d2ef 260 r->req.aiocb = NULL;
4d611c9a
PB		 261
262 if (ret) {
5dba48a8 263 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_WRITE)) {
ea8a5d7f 264 return;
5dba48a8 265 }
4d611c9a
PB		 266 }
267
c87c0672 268 n = r->iov.iov_len / 512;
ea8a5d7f
AL		 269 r->sector += n;
270 r->sector_count -= n;
a917d384 271 if (r->sector_count == 0) {
0d65e1f8 272 scsi_command_complete(r, GOOD, NO_SENSE);
a917d384
PB		 273 } else {
274 len = r->sector_count * 512;
275 if (len > SCSI_DMA_BUF_SIZE) {
276 len = SCSI_DMA_BUF_SIZE;
277 }
c87c0672 278 r->iov.iov_len = len;
4c41d2ef
GH		 279 DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, len);
280 r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, len);
4d611c9a 281 }
4d611c9a
PB		 282}
283
4c41d2ef 284static void scsi_write_request(SCSIDiskReq *r)
ea8a5d7f 285{
4c41d2ef 286 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ea8a5d7f
AL		 287 uint32_t n;
288
6fa2c95f
SH		 289 /* No data transfer may already be in progress */
290 assert(r->req.aiocb == NULL);
291
c87c0672 292 n = r->iov.iov_len / 512;
ea8a5d7f 293 if (n) {
c87c0672 294 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
428c149b 295 r->req.aiocb = bdrv_aio_writev(s->bs, r->sector, &r->qiov, n,
c87c0672 296 scsi_write_complete, r);
d33ea50a
KW		 297 if (r->req.aiocb == NULL) {
298 scsi_write_complete(r, -EIO);
299 }
ea8a5d7f
AL		 300 } else {
301 /* Invoke completion routine to fetch data from host. */
302 scsi_write_complete(r, 0);
303 }
304}
305
4d611c9a
PB		 306/* Write data to a scsi device. Returns nonzero on failure.
307 The transfer may complete asynchronously. */
8ccc2ace 308static int scsi_write_data(SCSIDevice *d, uint32_t tag)
2e5d83bb 309{
d52affa7 310 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
4c41d2ef 311 SCSIDiskReq *r;
2e5d83bb 312
a917d384
PB		 313 DPRINTF("Write data tag=0x%x\n", tag);
314 r = scsi_find_request(s, tag);
315 if (!r) {
316 BADF("Bad write tag 0x%x\n", tag);
0d65e1f8 317 scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
2e5d83bb
PB		 318 return 1;
319 }
ea8a5d7f 320
ea8a5d7f 321 scsi_write_request(r);
2e5d83bb 322
a917d384
PB		 323 return 0;
324}
2e5d83bb 325
213189ab 326static void scsi_dma_restart_bh(void *opaque)
ea8a5d7f 327{
d52affa7 328 SCSIDiskState *s = opaque;
9af99d98
GH		 329 SCSIRequest *req;
330 SCSIDiskReq *r;
213189ab
MA		 331
332 qemu_bh_delete(s->bh);
333 s->bh = NULL;
ea8a5d7f 334
9af99d98
GH		 335 QTAILQ_FOREACH(req, &s->qdev.requests, next) {
336 r = DO_UPCAST(SCSIDiskReq, req, req);
ea8a5d7f 337 if (r->status & SCSI_REQ_STATUS_RETRY) {
5dba48a8 338 int status = r->status;
78ced65e
KW		 339 int ret;
340
5dba48a8
KW		 341 r->status &=
342 ~(SCSI_REQ_STATUS_RETRY | SCSI_REQ_STATUS_RETRY_TYPE_MASK);
343
344 switch (status & SCSI_REQ_STATUS_RETRY_TYPE_MASK) {
345 case SCSI_REQ_STATUS_RETRY_READ:
346 scsi_read_request(r);
347 break;
348 case SCSI_REQ_STATUS_RETRY_WRITE:
349 scsi_write_request(r);
350 break;
78ced65e
KW		 351 case SCSI_REQ_STATUS_RETRY_FLUSH:
352 ret = scsi_disk_emulate_command(r, r->iov.iov_base);
353 if (ret == 0) {
354 scsi_command_complete(r, GOOD, NO_SENSE);
355 }
5dba48a8 356 }
ea8a5d7f 357 }
ea8a5d7f
AL		 358 }
359}
360
213189ab
MA		 361static void scsi_dma_restart_cb(void *opaque, int running, int reason)
362{
d52affa7 363 SCSIDiskState *s = opaque;
213189ab
MA		 364
365 if (!running)
366 return;
367
368 if (!s->bh) {
369 s->bh = qemu_bh_new(scsi_dma_restart_bh, s);
370 qemu_bh_schedule(s->bh);
371 }
372}
373
a917d384 374/* Return a pointer to the data buffer. */
8ccc2ace 375static uint8_t *scsi_get_buf(SCSIDevice *d, uint32_t tag)
a917d384 376{
d52affa7 377 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
4c41d2ef 378 SCSIDiskReq *r;
2e5d83bb 379
a917d384
PB		 380 r = scsi_find_request(s, tag);
381 if (!r) {
382 BADF("Bad buffer tag 0x%x\n", tag);
383 return NULL;
4d611c9a 384 }
3f4cb3d3 385 return (uint8_t *)r->iov.iov_base;
2e5d83bb
PB		 386}
387
0b06c059
GH		 388static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
389{
383b4d9b 390 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
0b06c059
GH		 391 int buflen = 0;
392
393 if (req->cmd.buf[1] & 0x2) {
394 /* Command support data - optional, not implemented */
395 BADF("optional INQUIRY command support request not implemented\n");
396 return -1;
397 }
398
399 if (req->cmd.buf[1] & 0x1) {
400 /* Vital product data */
401 uint8_t page_code = req->cmd.buf[2];
402 if (req->cmd.xfer < 4) {
403 BADF("Error: Inquiry (EVPD[%02X]) buffer size %zd is "
404 "less than 4\n", page_code, req->cmd.xfer);
405 return -1;
406 }
407
428c149b 408 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
0b06c059
GH		 409 outbuf[buflen++] = 5;
410 } else {
411 outbuf[buflen++] = 0;
412 }
413 outbuf[buflen++] = page_code ; // this page
414 outbuf[buflen++] = 0x00;
415
416 switch (page_code) {
417 case 0x00: /* Supported page codes, mandatory */
39d98982
HR		 418 {
419 int pages;
0b06c059
GH		 420 DPRINTF("Inquiry EVPD[Supported pages] "
421 "buffer size %zd\n", req->cmd.xfer);
39d98982 422 pages = buflen++;
0b06c059
GH		 423 outbuf[buflen++] = 0x00; // list of supported pages (this page)
424 outbuf[buflen++] = 0x80; // unit serial number
425 outbuf[buflen++] = 0x83; // device identification
39d98982 426 if (bdrv_get_type_hint(s->bs) != BDRV_TYPE_CDROM) {
ea3bd56f
CH		 427 outbuf[buflen++] = 0xb0; // block limits
428 outbuf[buflen++] = 0xb2; // thin provisioning
39d98982
HR		 429 }
430 outbuf[pages] = buflen - pages - 1; // number of pages
0b06c059 431 break;
39d98982 432 }
0b06c059
GH		 433 case 0x80: /* Device serial number, optional */
434 {
a0fef654 435 int l = strlen(s->serial);
0b06c059
GH		 436
437 if (l > req->cmd.xfer)
438 l = req->cmd.xfer;
439 if (l > 20)
440 l = 20;
441
442 DPRINTF("Inquiry EVPD[Serial number] "
443 "buffer size %zd\n", req->cmd.xfer);
444 outbuf[buflen++] = l;
a0fef654 445 memcpy(outbuf+buflen, s->serial, l);
0b06c059
GH		 446 buflen += l;
447 break;
448 }
449
450 case 0x83: /* Device identification page, mandatory */
451 {
452 int max_len = 255 - 8;
428c149b 453 int id_len = strlen(bdrv_get_device_name(s->bs));
0b06c059
GH		 454
455 if (id_len > max_len)
456 id_len = max_len;
457 DPRINTF("Inquiry EVPD[Device identification] "
458 "buffer size %zd\n", req->cmd.xfer);
459
39d98982 460 outbuf[buflen++] = 4 + id_len;
0b06c059
GH		 461 outbuf[buflen++] = 0x2; // ASCII
462 outbuf[buflen++] = 0; // not officially assigned
463 outbuf[buflen++] = 0; // reserved
464 outbuf[buflen++] = id_len; // length of data following
465
428c149b 466 memcpy(outbuf+buflen, bdrv_get_device_name(s->bs), id_len);
0b06c059
GH		 467 buflen += id_len;
468 break;
469 }
ea3bd56f 470 case 0xb0: /* block limits */
ee3659e3 471 {
ea3bd56f
CH		 472 unsigned int unmap_sectors =
473 s->qdev.conf.discard_granularity / s->qdev.blocksize;
8cfacf07
CH		 474 unsigned int min_io_size =
475 s->qdev.conf.min_io_size / s->qdev.blocksize;
476 unsigned int opt_io_size =
477 s->qdev.conf.opt_io_size / s->qdev.blocksize;
ee3659e3 478
39d98982
HR		 479 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
480 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
481 page_code);
482 return -1;
483 }
ee3659e3
CH		 484 /* required VPD size with unmap support */
485 outbuf[3] = buflen = 0x3c;
486
487 memset(outbuf + 4, 0, buflen - 4);
488
489 /* optimal transfer length granularity */
490 outbuf[6] = (min_io_size >> 8) & 0xff;
491 outbuf[7] = min_io_size & 0xff;
492
493 /* optimal transfer length */
494 outbuf[12] = (opt_io_size >> 24) & 0xff;
495 outbuf[13] = (opt_io_size >> 16) & 0xff;
496 outbuf[14] = (opt_io_size >> 8) & 0xff;
497 outbuf[15] = opt_io_size & 0xff;
ea3bd56f
CH		 498
499 /* optimal unmap granularity */
500 outbuf[28] = (unmap_sectors >> 24) & 0xff;
501 outbuf[29] = (unmap_sectors >> 16) & 0xff;
502 outbuf[30] = (unmap_sectors >> 8) & 0xff;
503 outbuf[31] = unmap_sectors & 0xff;
504 break;
505 }
506 case 0xb2: /* thin provisioning */
507 {
508 outbuf[3] = buflen = 8;
509 outbuf[4] = 0;
510 outbuf[5] = 0x40; /* write same with unmap supported */
511 outbuf[6] = 0;
512 outbuf[7] = 0;
ee3659e3
CH		 513 break;
514 }
0b06c059
GH		 515 default:
516 BADF("Error: unsupported Inquiry (EVPD[%02X]) "
517 "buffer size %zd\n", page_code, req->cmd.xfer);
518 return -1;
519 }
520 /* done with EVPD */
521 return buflen;
522 }
523
524 /* Standard INQUIRY data */
525 if (req->cmd.buf[2] != 0) {
526 BADF("Error: Inquiry (STANDARD) page or code "
527 "is non-zero [%02X]\n", req->cmd.buf[2]);
528 return -1;
529 }
530
531 /* PAGE CODE == 0 */
532 if (req->cmd.xfer < 5) {
533 BADF("Error: Inquiry (STANDARD) buffer size %zd "
534 "is less than 5\n", req->cmd.xfer);
535 return -1;
536 }
537
0b06c059
GH		 538 buflen = req->cmd.xfer;
539 if (buflen > SCSI_MAX_INQUIRY_LEN)
540 buflen = SCSI_MAX_INQUIRY_LEN;
541
542 memset(outbuf, 0, buflen);
543
544 if (req->lun || req->cmd.buf[1] >> 5) {
545 outbuf[0] = 0x7f; /* LUN not supported */
546 return buflen;
547 }
548
428c149b 549 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
0b06c059
GH		 550 outbuf[0] = 5;
551 outbuf[1] = 0x80;
550fe6c6 552 memcpy(&outbuf[16], "QEMU CD-ROM ", 16);
0b06c059
GH		 553 } else {
554 outbuf[0] = 0;
550fe6c6 555 memcpy(&outbuf[16], "QEMU HARDDISK ", 16);
0b06c059 556 }
550fe6c6 557 memcpy(&outbuf[8], "QEMU ", 8);
314b1811 558 memset(&outbuf[32], 0, 4);
552fee93 559 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
99aba0c4
CH		 560 /*
561 * We claim conformance to SPC-3, which is required for guests
562 * to ask for modern features like READ CAPACITY(16) or the
563 * block characteristics VPD page by default. Not all of SPC-3
564 * is actually implemented, but we're good enough.
565 */
ee3659e3 566 outbuf[2] = 5;
0b06c059 567 outbuf[3] = 2; /* Format 2 */
ad3cea42
AT		 568
569 if (buflen > 36) {
570 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
571 } else {
572 /* If the allocation length of CDB is too small,
573 the additional length is not adjusted */
574 outbuf[4] = 36 - 5;
575 }
576
0b06c059
GH		 577 /* Sync data transfer and TCQ. */
578 outbuf[7] = 0x10 | (req->bus->tcq ? 0x02 : 0);
579 return buflen;
580}
581
282ab04e
BK		 582static int mode_sense_page(SCSIRequest *req, int page, uint8_t *p,
583 int page_control)
ebddfcbe
GH		 584{
585 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
428c149b 586 BlockDriverState *bdrv = s->bs;
ebddfcbe
GH		 587 int cylinders, heads, secs;
588
282ab04e
BK		 589 /*
590 * If Changeable Values are requested, a mask denoting those mode parameters
591 * that are changeable shall be returned. As we currently don't support
592 * parameter changes via MODE_SELECT all bits are returned set to zero.
593 * The buffer was already menset to zero by the caller of this function.
594 */
ebddfcbe
GH		 595 switch (page) {
596 case 4: /* Rigid disk device geometry page. */
597 p[0] = 4;
598 p[1] = 0x16;
282ab04e
BK		 599 if (page_control == 1) { /* Changeable Values */
600 return p[1] + 2;
601 }
ebddfcbe
GH		 602 /* if a geometry hint is available, use it */
603 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
604 p[2] = (cylinders >> 16) & 0xff;
605 p[3] = (cylinders >> 8) & 0xff;
606 p[4] = cylinders & 0xff;
607 p[5] = heads & 0xff;
608 /* Write precomp start cylinder, disabled */
609 p[6] = (cylinders >> 16) & 0xff;
610 p[7] = (cylinders >> 8) & 0xff;
611 p[8] = cylinders & 0xff;
612 /* Reduced current start cylinder, disabled */
613 p[9] = (cylinders >> 16) & 0xff;
614 p[10] = (cylinders >> 8) & 0xff;
615 p[11] = cylinders & 0xff;
616 /* Device step rate [ns], 200ns */
617 p[12] = 0;
618 p[13] = 200;
619 /* Landing zone cylinder */
620 p[14] = 0xff;
621 p[15] = 0xff;
622 p[16] = 0xff;
623 /* Medium rotation rate [rpm], 5400 rpm */
624 p[20] = (5400 >> 8) & 0xff;
625 p[21] = 5400 & 0xff;
282ab04e 626 return p[1] + 2;
ebddfcbe
GH		 627
628 case 5: /* Flexible disk device geometry page. */
629 p[0] = 5;
630 p[1] = 0x1e;
282ab04e
BK		 631 if (page_control == 1) { /* Changeable Values */
632 return p[1] + 2;
633 }
ebddfcbe
GH		 634 /* Transfer rate [kbit/s], 5Mbit/s */
635 p[2] = 5000 >> 8;
636 p[3] = 5000 & 0xff;
637 /* if a geometry hint is available, use it */
638 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
639 p[4] = heads & 0xff;
640 p[5] = secs & 0xff;
641 p[6] = s->cluster_size * 2;
642 p[8] = (cylinders >> 8) & 0xff;
643 p[9] = cylinders & 0xff;
644 /* Write precomp start cylinder, disabled */
645 p[10] = (cylinders >> 8) & 0xff;
646 p[11] = cylinders & 0xff;
647 /* Reduced current start cylinder, disabled */
648 p[12] = (cylinders >> 8) & 0xff;
649 p[13] = cylinders & 0xff;
650 /* Device step rate [100us], 100us */
651 p[14] = 0;
652 p[15] = 1;
653 /* Device step pulse width [us], 1us */
654 p[16] = 1;
655 /* Device head settle delay [100us], 100us */
656 p[17] = 0;
657 p[18] = 1;
658 /* Motor on delay [0.1s], 0.1s */
659 p[19] = 1;
660 /* Motor off delay [0.1s], 0.1s */
661 p[20] = 1;
662 /* Medium rotation rate [rpm], 5400 rpm */
663 p[28] = (5400 >> 8) & 0xff;
664 p[29] = 5400 & 0xff;
282ab04e 665 return p[1] + 2;
ebddfcbe
GH		 666
667 case 8: /* Caching page. */
668 p[0] = 8;
669 p[1] = 0x12;
282ab04e
BK		 670 if (page_control == 1) { /* Changeable Values */
671 return p[1] + 2;
672 }
428c149b 673 if (bdrv_enable_write_cache(s->bs)) {
ebddfcbe
GH		 674 p[2] = 4; /* WCE */
675 }
282ab04e 676 return p[1] + 2;
ebddfcbe
GH		 677
678 case 0x2a: /* CD Capabilities and Mechanical Status page. */
679 if (bdrv_get_type_hint(bdrv) != BDRV_TYPE_CDROM)
680 return 0;
681 p[0] = 0x2a;
682 p[1] = 0x14;
282ab04e
BK		 683 if (page_control == 1) { /* Changeable Values */
684 return p[1] + 2;
685 }
ebddfcbe
GH		 686 p[2] = 3; // CD-R & CD-RW read
687 p[3] = 0; // Writing not supported
688 p[4] = 0x7f; /* Audio, composite, digital out,
689 mode 2 form 1&2, multi session */
690 p[5] = 0xff; /* CD DA, DA accurate, RW supported,
691 RW corrected, C2 errors, ISRC,
692 UPC, Bar code */
428c149b 693 p[6] = 0x2d | (bdrv_is_locked(s->bs)? 2 : 0);
ebddfcbe
GH		 694 /* Locking supported, jumper present, eject, tray */
695 p[7] = 0; /* no volume & mute control, no
696 changer */
697 p[8] = (50 * 176) >> 8; // 50x read speed
698 p[9] = (50 * 176) & 0xff;
699 p[10] = 0 >> 8; // No volume
700 p[11] = 0 & 0xff;
701 p[12] = 2048 >> 8; // 2M buffer
702 p[13] = 2048 & 0xff;
703 p[14] = (16 * 176) >> 8; // 16x read speed current
704 p[15] = (16 * 176) & 0xff;
705 p[18] = (16 * 176) >> 8; // 16x write speed
706 p[19] = (16 * 176) & 0xff;
707 p[20] = (16 * 176) >> 8; // 16x write speed current
708 p[21] = (16 * 176) & 0xff;
282ab04e 709 return p[1] + 2;
ebddfcbe
GH		 710
711 default:
712 return 0;
713 }
714}
715
716static int scsi_disk_emulate_mode_sense(SCSIRequest *req, uint8_t *outbuf)
717{
718 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
ebddfcbe 719 uint64_t nb_sectors;
282ab04e 720 int page, dbd, buflen, page_control;
ebddfcbe 721 uint8_t *p;
ce512ee1 722 uint8_t dev_specific_param;
ebddfcbe
GH		 723
724 dbd = req->cmd.buf[1] & 0x8;
725 page = req->cmd.buf[2] & 0x3f;
282ab04e 726 page_control = (req->cmd.buf[2] & 0xc0) >> 6;
aa2b1e89
BK		 727 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
728 (req->cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, req->cmd.xfer, page_control);
ebddfcbe
GH		 729 memset(outbuf, 0, req->cmd.xfer);
730 p = outbuf;
731
0056dcc1 732 if (bdrv_is_read_only(s->bs)) {
ce512ee1
BK		 733 dev_specific_param = 0x80; /* Readonly. */
734 } else {
735 dev_specific_param = 0x00;
736 }
737
738 if (req->cmd.buf[0] == MODE_SENSE) {
739 p[1] = 0; /* Default media type. */
740 p[2] = dev_specific_param;
741 p[3] = 0; /* Block descriptor length. */
742 p += 4;
743 } else { /* MODE_SENSE_10 */
744 p[2] = 0; /* Default media type. */
745 p[3] = dev_specific_param;
746 p[6] = p[7] = 0; /* Block descriptor length. */
747 p += 8;
ebddfcbe 748 }
ebddfcbe 749
428c149b 750 bdrv_get_geometry(s->bs, &nb_sectors);
333d50fe 751 if (!dbd && nb_sectors) {
ce512ee1
BK		 752 if (req->cmd.buf[0] == MODE_SENSE) {
753 outbuf[3] = 8; /* Block descriptor length */
754 } else { /* MODE_SENSE_10 */
755 outbuf[7] = 8; /* Block descriptor length */
756 }
ebddfcbe 757 nb_sectors /= s->cluster_size;
ebddfcbe 758 if (nb_sectors > 0xffffff)
2488b740 759 nb_sectors = 0;
ebddfcbe
GH		 760 p[0] = 0; /* media density code */
761 p[1] = (nb_sectors >> 16) & 0xff;
762 p[2] = (nb_sectors >> 8) & 0xff;
763 p[3] = nb_sectors & 0xff;
764 p[4] = 0; /* reserved */
765 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
766 p[6] = s->cluster_size * 2;
767 p[7] = 0;
768 p += 8;
769 }
770
282ab04e
BK		 771 if (page_control == 3) { /* Saved Values */
772 return -1; /* ILLEGAL_REQUEST */
773 }
774
ebddfcbe
GH		 775 switch (page) {
776 case 0x04:
777 case 0x05:
778 case 0x08:
779 case 0x2a:
282ab04e 780 p += mode_sense_page(req, page, p, page_control);
ebddfcbe
GH		 781 break;
782 case 0x3f:
282ab04e
BK		 783 p += mode_sense_page(req, 0x08, p, page_control);
784 p += mode_sense_page(req, 0x2a, p, page_control);
ebddfcbe 785 break;
a9c17b2b
BK		 786 default:
787 return -1; /* ILLEGAL_REQUEST */
ebddfcbe
GH		 788 }
789
790 buflen = p - outbuf;
ce512ee1
BK		 791 /*
792 * The mode data length field specifies the length in bytes of the
793 * following data that is available to be transferred. The mode data
794 * length does not include itself.
795 */
796 if (req->cmd.buf[0] == MODE_SENSE) {
797 outbuf[0] = buflen - 1;
798 } else { /* MODE_SENSE_10 */
799 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
800 outbuf[1] = (buflen - 2) & 0xff;
801 }
ebddfcbe
GH		 802 if (buflen > req->cmd.xfer)
803 buflen = req->cmd.xfer;
804 return buflen;
805}
806
02880f43
GH		 807static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
808{
809 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
02880f43
GH		 810 int start_track, format, msf, toclen;
811 uint64_t nb_sectors;
812
813 msf = req->cmd.buf[1] & 2;
814 format = req->cmd.buf[2] & 0xf;
815 start_track = req->cmd.buf[6];
428c149b 816 bdrv_get_geometry(s->bs, &nb_sectors);
02880f43
GH		 817 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
818 nb_sectors /= s->cluster_size;
819 switch (format) {
820 case 0:
821 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
822 break;
823 case 1:
824 /* multi session : only a single session defined */
825 toclen = 12;
826 memset(outbuf, 0, 12);
827 outbuf[1] = 0x0a;
828 outbuf[2] = 0x01;
829 outbuf[3] = 0x01;
830 break;
831 case 2:
832 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
833 break;
834 default:
835 return -1;
836 }
837 if (toclen > req->cmd.xfer)
838 toclen = req->cmd.xfer;
839 return toclen;
840}
841
8af7a3ab 842static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf)
aa5dbdc1 843{
8af7a3ab 844 SCSIRequest *req = &r->req;
e7e25e32 845 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
e7e25e32 846 uint64_t nb_sectors;
aa5dbdc1 847 int buflen = 0;
78ced65e 848 int ret;
aa5dbdc1
GH		 849
850 switch (req->cmd.buf[0]) {
851 case TEST_UNIT_READY:
428c149b 852 if (!bdrv_is_inserted(s->bs))
aa5dbdc1
GH		 853 goto not_ready;
854 break;
51ad87c9
GH		 855 case REQUEST_SENSE:
856 if (req->cmd.xfer < 4)
857 goto illegal_request;
858 memset(outbuf, 0, 4);
859 buflen = 4;
a6d96eb7 860 if (s->sense.key == NOT_READY && req->cmd.xfer >= 18) {
51ad87c9
GH		 861 memset(outbuf, 0, 18);
862 buflen = 18;
863 outbuf[7] = 10;
864 /* asc 0x3a, ascq 0: Medium not present */
865 outbuf[12] = 0x3a;
866 outbuf[13] = 0;
867 }
868 outbuf[0] = 0xf0;
869 outbuf[1] = 0;
a6d96eb7
HR		 870 outbuf[2] = s->sense.key;
871 scsi_disk_clear_sense(s);
51ad87c9 872 break;
0b06c059
GH		 873 case INQUIRY:
874 buflen = scsi_disk_emulate_inquiry(req, outbuf);
875 if (buflen < 0)
876 goto illegal_request;
877 break;
ebddfcbe
GH		 878 case MODE_SENSE:
879 case MODE_SENSE_10:
880 buflen = scsi_disk_emulate_mode_sense(req, outbuf);
881 if (buflen < 0)
882 goto illegal_request;
883 break;
02880f43
GH		 884 case READ_TOC:
885 buflen = scsi_disk_emulate_read_toc(req, outbuf);
886 if (buflen < 0)
887 goto illegal_request;
888 break;
3d53ba18
GH		 889 case RESERVE:
890 if (req->cmd.buf[1] & 1)
891 goto illegal_request;
892 break;
893 case RESERVE_10:
894 if (req->cmd.buf[1] & 3)
895 goto illegal_request;
896 break;
897 case RELEASE:
898 if (req->cmd.buf[1] & 1)
899 goto illegal_request;
900 break;
901 case RELEASE_10:
902 if (req->cmd.buf[1] & 3)
903 goto illegal_request;
904 break;
8d3628ff 905 case START_STOP:
428c149b 906 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM && (req->cmd.buf[4] & 2)) {
8d3628ff 907 /* load/eject medium */
428c149b 908 bdrv_eject(s->bs, !(req->cmd.buf[4] & 1));
8d3628ff
GH		 909 }
910 break;
c68b9f34 911 case ALLOW_MEDIUM_REMOVAL:
428c149b 912 bdrv_set_locked(s->bs, req->cmd.buf[4] & 1);
c68b9f34 913 break;
e7e25e32
GH		 914 case READ_CAPACITY:
915 /* The normal LEN field for this command is zero. */
916 memset(outbuf, 0, 8);
428c149b 917 bdrv_get_geometry(s->bs, &nb_sectors);
e7e25e32
GH		 918 if (!nb_sectors)
919 goto not_ready;
920 nb_sectors /= s->cluster_size;
921 /* Returned value is the address of the last sector. */
922 nb_sectors--;
923 /* Remember the new size for read/write sanity checking. */
924 s->max_lba = nb_sectors;
925 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
926 if (nb_sectors > UINT32_MAX)
927 nb_sectors = UINT32_MAX;
928 outbuf[0] = (nb_sectors >> 24) & 0xff;
929 outbuf[1] = (nb_sectors >> 16) & 0xff;
930 outbuf[2] = (nb_sectors >> 8) & 0xff;
931 outbuf[3] = nb_sectors & 0xff;
932 outbuf[4] = 0;
933 outbuf[5] = 0;
934 outbuf[6] = s->cluster_size * 2;
935 outbuf[7] = 0;
936 buflen = 8;
937 break;
fc903943 938 case SYNCHRONIZE_CACHE:
78ced65e
KW		 939 ret = bdrv_flush(s->bs);
940 if (ret < 0) {
941 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_FLUSH)) {
942 return -1;
943 }
944 }
fc903943 945 break;
38215553
GH		 946 case GET_CONFIGURATION:
947 memset(outbuf, 0, 8);
948 /* ??? This should probably return much more information. For now
949 just return the basic header indicating the CD-ROM profile. */
950 outbuf[7] = 8; // CD-ROM
951 buflen = 8;
952 break;
5dd90e2a
GH		 953 case SERVICE_ACTION_IN:
954 /* Service Action In subcommands. */
955 if ((req->cmd.buf[1] & 31) == 0x10) {
956 DPRINTF("SAI READ CAPACITY(16)\n");
957 memset(outbuf, 0, req->cmd.xfer);
428c149b 958 bdrv_get_geometry(s->bs, &nb_sectors);
5dd90e2a
GH		 959 if (!nb_sectors)
960 goto not_ready;
961 nb_sectors /= s->cluster_size;
962 /* Returned value is the address of the last sector. */
963 nb_sectors--;
964 /* Remember the new size for read/write sanity checking. */
965 s->max_lba = nb_sectors;
966 outbuf[0] = (nb_sectors >> 56) & 0xff;
967 outbuf[1] = (nb_sectors >> 48) & 0xff;
968 outbuf[2] = (nb_sectors >> 40) & 0xff;
969 outbuf[3] = (nb_sectors >> 32) & 0xff;
970 outbuf[4] = (nb_sectors >> 24) & 0xff;
971 outbuf[5] = (nb_sectors >> 16) & 0xff;
972 outbuf[6] = (nb_sectors >> 8) & 0xff;
973 outbuf[7] = nb_sectors & 0xff;
974 outbuf[8] = 0;
975 outbuf[9] = 0;
976 outbuf[10] = s->cluster_size * 2;
977 outbuf[11] = 0;
ee3659e3
CH		 978 outbuf[12] = 0;
979 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
ea3bd56f
CH		 980
981 /* set TPE bit if the format supports discard */
982 if (s->qdev.conf.discard_granularity) {
983 outbuf[14] = 0x80;
984 }
985
5dd90e2a
GH		 986 /* Protection, exponent and lowest lba field left blank. */
987 buflen = req->cmd.xfer;
988 break;
989 }
990 DPRINTF("Unsupported Service Action In\n");
991 goto illegal_request;
39ec9a50
GH		 992 case REPORT_LUNS:
993 if (req->cmd.xfer < 16)
994 goto illegal_request;
995 memset(outbuf, 0, 16);
996 outbuf[3] = 8;
997 buflen = 16;
998 break;
88f8a5ed
GH		 999 case VERIFY:
1000 break;
ebef0bbb
BK		 1001 case REZERO_UNIT:
1002 DPRINTF("Rezero Unit\n");
1003 if (!bdrv_is_inserted(s->bs)) {
1004 goto not_ready;
1005 }
1006 break;
aa5dbdc1
GH		 1007 default:
1008 goto illegal_request;
1009 }
a6d96eb7 1010 scsi_req_set_status(r, GOOD, NO_SENSE);
aa5dbdc1
GH		 1011 return buflen;
1012
1013not_ready:
8af7a3ab
KW		 1014 scsi_command_complete(r, CHECK_CONDITION, NOT_READY);
1015 return -1;
aa5dbdc1
GH		 1016
1017illegal_request:
8af7a3ab
KW		 1018 scsi_command_complete(r, CHECK_CONDITION, ILLEGAL_REQUEST);
1019 return -1;
aa5dbdc1
GH		 1020}
1021
2e5d83bb
PB		 1022/* Execute a scsi command. Returns the length of the data expected by the
1023 command. This will be Positive for data transfers from the device
1024 (eg. disk reads), negative for transfers to the device (eg. disk writes),
1025 and zero if the command does not transfer any data. */
1026
8ccc2ace
TS		 1027static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
1028 uint8_t *buf, int lun)
2e5d83bb 1029{
d52affa7 1030 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2e5d83bb 1031 uint32_t len;
2e5d83bb 1032 int is_write;
a917d384
PB		 1033 uint8_t command;
1034 uint8_t *outbuf;
4c41d2ef 1035 SCSIDiskReq *r;
aa5dbdc1 1036 int rc;
a917d384
PB		 1037
1038 command = buf[0];
1039 r = scsi_find_request(s, tag);
1040 if (r) {
1041 BADF("Tag 0x%x already in use\n", tag);
8ccc2ace 1042 scsi_cancel_io(d, tag);
a917d384
PB		 1043 }
1044 /* ??? Tags are not unique for different luns. We only implement a
1045 single lun, so this should not matter. */
72aef731 1046 r = scsi_new_request(s, tag, lun);
3f4cb3d3 1047 outbuf = (uint8_t *)r->iov.iov_base;
2e5d83bb 1048 is_write = 0;
a917d384 1049 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
2dd791b6
HR		 1050
1051 if (scsi_req_parse(&r->req, buf) != 0) {
a917d384 1052 BADF("Unsupported command length, command %x\n", command);
2e5d83bb
PB		 1053 goto fail;
1054 }
1055#ifdef DEBUG_SCSI
1056 {
1057 int i;
2dd791b6 1058 for (i = 1; i < r->req.cmd.len; i++) {
2e5d83bb
PB		 1059 printf(" 0x%02x", buf[i]);
1060 }
1061 printf("\n");
1062 }
1063#endif
aa5dbdc1 1064
0fc5c15a 1065 if (lun || buf[1] >> 5) {
2e5d83bb 1066 /* Only LUN 0 supported. */
0fc5c15a 1067 DPRINTF("Unimplemented LUN %d\n", lun ? lun : buf[1] >> 5);
ebf46023 1068 if (command != REQUEST_SENSE && command != INQUIRY)
22864256 1069 goto fail;
2e5d83bb 1070 }
a917d384 1071 switch (command) {
ebf46023 1072 case TEST_UNIT_READY:
51ad87c9 1073 case REQUEST_SENSE:
0b06c059 1074 case INQUIRY:
ebddfcbe
GH		 1075 case MODE_SENSE:
1076 case MODE_SENSE_10:
3d53ba18
GH		 1077 case RESERVE:
1078 case RESERVE_10:
1079 case RELEASE:
1080 case RELEASE_10:
8d3628ff 1081 case START_STOP:
c68b9f34 1082 case ALLOW_MEDIUM_REMOVAL:
e7e25e32 1083 case READ_CAPACITY:
fc903943 1084 case SYNCHRONIZE_CACHE:
02880f43 1085 case READ_TOC:
38215553 1086 case GET_CONFIGURATION:
5dd90e2a 1087 case SERVICE_ACTION_IN:
39ec9a50 1088 case REPORT_LUNS:
88f8a5ed 1089 case VERIFY:
ebef0bbb 1090 case REZERO_UNIT:
8af7a3ab
KW		 1091 rc = scsi_disk_emulate_command(r, outbuf);
1092 if (rc < 0) {
0b06c059 1093 return 0;
aa5dbdc1 1094 }
8af7a3ab
KW		 1095
1096 r->iov.iov_len = rc;
0b06c059 1097 break;
ebf46023
GH		 1098 case READ_6:
1099 case READ_10:
bd536cf3
GH		 1100 case READ_12:
1101 case READ_16:
2dd791b6
HR		 1102 len = r->req.cmd.xfer / d->blocksize;
1103 DPRINTF("Read (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len);
1104 if (r->req.cmd.lba > s->max_lba)
274fb0e1 1105 goto illegal_lba;
2dd791b6 1106 r->sector = r->req.cmd.lba * s->cluster_size;
a917d384 1107 r->sector_count = len * s->cluster_size;
2e5d83bb 1108 break;
ebf46023
GH		 1109 case WRITE_6:
1110 case WRITE_10:
bd536cf3
GH		 1111 case WRITE_12:
1112 case WRITE_16:
ebef0bbb
BK		 1113 case WRITE_VERIFY:
1114 case WRITE_VERIFY_12:
1115 case WRITE_VERIFY_16:
2dd791b6 1116 len = r->req.cmd.xfer / d->blocksize;
ebef0bbb 1117 DPRINTF("Write %s(sector %" PRId64 ", count %d)\n",
2dd791b6
HR		 1118 (command & 0xe) == 0xe ? "And Verify " : "",
1119 r->req.cmd.lba, len);
1120 if (r->req.cmd.lba > s->max_lba)
274fb0e1 1121 goto illegal_lba;
2dd791b6 1122 r->sector = r->req.cmd.lba * s->cluster_size;
a917d384 1123 r->sector_count = len * s->cluster_size;
2e5d83bb
PB		 1124 is_write = 1;
1125 break;
ebef0bbb 1126 case MODE_SELECT:
2dd791b6 1127 DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
ebef0bbb
BK		 1128 /* We don't support mode parameter changes.
1129 Allow the mode parameter header + block descriptors only. */
2dd791b6 1130 if (r->req.cmd.xfer > 12) {
ebef0bbb
BK		 1131 goto fail;
1132 }
1133 break;
1134 case MODE_SELECT_10:
2dd791b6 1135 DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
ebef0bbb
BK		 1136 /* We don't support mode parameter changes.
1137 Allow the mode parameter header + block descriptors only. */
2dd791b6 1138 if (r->req.cmd.xfer > 16) {
ebef0bbb
BK		 1139 goto fail;
1140 }
1141 break;
1142 case SEEK_6:
1143 case SEEK_10:
2dd791b6
HR		 1144 DPRINTF("Seek(%d) (sector %" PRId64 ")\n", command == SEEK_6 ? 6 : 10,
1145 r->req.cmd.lba);
1146 if (r->req.cmd.lba > s->max_lba) {
ebef0bbb
BK		 1147 goto illegal_lba;
1148 }
ea3bd56f
CH		 1149 break;
1150 case WRITE_SAME_16:
1151 len = r->req.cmd.xfer / d->blocksize;
1152
1153 DPRINTF("WRITE SAME(16) (sector %" PRId64 ", count %d)\n",
1154 r->req.cmd.lba, len);
1155
1156 if (r->req.cmd.lba > s->max_lba) {
1157 goto illegal_lba;
1158 }
1159
1160 /*
1161 * We only support WRITE SAME with the unmap bit set for now.
1162 */
1163 if (!(buf[1] & 0x8)) {
1164 goto fail;
1165 }
1166
1167 rc = bdrv_discard(s->bs, r->req.cmd.lba * s->cluster_size,
1168 len * s->cluster_size);
1169 if (rc < 0) {
1170 /* XXX: better error code ?*/
1171 goto fail;
1172 }
1173
ebef0bbb 1174 break;
2e5d83bb 1175 default:
2dd791b6 1176 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
2e5d83bb 1177 fail:
0d65e1f8 1178 scsi_command_complete(r, CHECK_CONDITION, ILLEGAL_REQUEST);
2dd791b6 1179 return 0;
274fb0e1 1180 illegal_lba:
0d65e1f8 1181 scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
274fb0e1 1182 return 0;
2e5d83bb 1183 }
c87c0672 1184 if (r->sector_count == 0 && r->iov.iov_len == 0) {
0d65e1f8 1185 scsi_command_complete(r, GOOD, NO_SENSE);
a917d384 1186 }
c87c0672 1187 len = r->sector_count * 512 + r->iov.iov_len;
a917d384
PB		 1188 if (is_write) {
1189 return -len;
1190 } else {
1191 if (!r->sector_count)
1192 r->sector_count = -1;
1193 return len;
2e5d83bb 1194 }
2e5d83bb
PB		 1195}
1196
e9447f35 1197static void scsi_disk_purge_requests(SCSIDiskState *s)
56a14938 1198{
9af99d98 1199 SCSIDiskReq *r;
56a14938 1200
9af99d98
GH		 1201 while (!QTAILQ_EMPTY(&s->qdev.requests)) {
1202 r = DO_UPCAST(SCSIDiskReq, req, QTAILQ_FIRST(&s->qdev.requests));
e9447f35
JK		 1203 if (r->req.aiocb) {
1204 bdrv_aio_cancel(r->req.aiocb);
1205 }
9af99d98
GH		 1206 scsi_remove_request(r);
1207 }
e9447f35
JK		 1208}
1209
1210static void scsi_disk_reset(DeviceState *dev)
1211{
1212 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
1213 uint64_t nb_sectors;
1214
1215 scsi_disk_purge_requests(s);
1216
1217 bdrv_get_geometry(s->bs, &nb_sectors);
1218 nb_sectors /= s->cluster_size;
1219 if (nb_sectors) {
1220 nb_sectors--;
1221 }
1222 s->max_lba = nb_sectors;
1223}
1224
1225static void scsi_destroy(SCSIDevice *dev)
1226{
1227 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1228
1229 scsi_disk_purge_requests(s);
f8b6cc00 1230 blockdev_mark_auto_del(s->qdev.conf.bs);
56a14938
GH		 1231}
1232
d52affa7 1233static int scsi_disk_initfn(SCSIDevice *dev)
2e5d83bb 1234{
d52affa7 1235 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
7d0d6950 1236 int is_cd;
f8b6cc00 1237 DriveInfo *dinfo;
2e5d83bb 1238
f8b6cc00 1239 if (!s->qdev.conf.bs) {
1ecda02b 1240 error_report("scsi-disk: drive property not set");
d52affa7
GH		 1241 return -1;
1242 }
f8b6cc00 1243 s->bs = s->qdev.conf.bs;
7d0d6950 1244 is_cd = bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM;
d52affa7 1245
98f28ad7
MA		 1246 if (!is_cd && !bdrv_is_inserted(s->bs)) {
1247 error_report("Device needs media, but drive is empty");
1248 return -1;
1249 }
1250
a0fef654 1251 if (!s->serial) {
f8b6cc00
MA		 1252 /* try to fall back to value set with legacy -drive serial=... */
1253 dinfo = drive_get_by_blockdev(s->bs);
1254 s->serial = qemu_strdup(*dinfo->serial ? dinfo->serial : "0");
a0fef654
MA		 1255 }
1256
552fee93
MA		 1257 if (!s->version) {
1258 s->version = qemu_strdup(QEMU_VERSION);
1259 }
1260
32bb404a 1261 if (bdrv_is_sg(s->bs)) {
1ecda02b 1262 error_report("scsi-disk: unwanted /dev/sg*");
32bb404a
MA		 1263 return -1;
1264 }
1265
7d0d6950 1266 if (is_cd) {
8cfacf07 1267 s->qdev.blocksize = 2048;
2e5d83bb 1268 } else {
8cfacf07 1269 s->qdev.blocksize = s->qdev.conf.logical_block_size;
2e5d83bb 1270 }
8cfacf07 1271 s->cluster_size = s->qdev.blocksize / 512;
73fdb1e1 1272 s->bs->buffer_alignment = s->qdev.blocksize;
8cfacf07 1273
91376656 1274 s->qdev.type = TYPE_DISK;
ea8a5d7f 1275 qemu_add_vm_change_state_handler(scsi_dma_restart_cb, s);
7d0d6950 1276 bdrv_set_removable(s->bs, is_cd);
1ca4d09a 1277 add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, ",0");
d52affa7
GH		 1278 return 0;
1279}
1280
1281static SCSIDeviceInfo scsi_disk_info = {
1282 .qdev.name = "scsi-disk",
779206de 1283 .qdev.fw_name = "disk",
d52affa7
GH		 1284 .qdev.desc = "virtual scsi disk or cdrom",
1285 .qdev.size = sizeof(SCSIDiskState),
e9447f35 1286 .qdev.reset = scsi_disk_reset,
d52affa7 1287 .init = scsi_disk_initfn,
56a14938 1288 .destroy = scsi_destroy,
d52affa7
GH		 1289 .send_command = scsi_send_command,
1290 .read_data = scsi_read_data,
1291 .write_data = scsi_write_data,
1292 .cancel_io = scsi_cancel_io,
1293 .get_buf = scsi_get_buf,
1294 .qdev.props = (Property[]) {
428c149b 1295 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf),
383b4d9b 1296 DEFINE_PROP_STRING("ver", SCSIDiskState, version),
a0fef654 1297 DEFINE_PROP_STRING("serial", SCSIDiskState, serial),
d52affa7
GH		 1298 DEFINE_PROP_END_OF_LIST(),
1299 },
1300};
1301
1302static void scsi_disk_register_devices(void)
1303{
1304 scsi_qdev_register(&scsi_disk_info);
8ccc2ace 1305}
d52affa7 1306device_init(scsi_disk_register_devices)
Empty description
This page took 0.705975 seconds and 4 git commands to generate.