]> Git Repo - qemu.git/blame - hw/scsi/scsi-disk.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
blockdev: Drop superfluous DriveInfo member id
[qemu.git] / hw / scsi / scsi-disk.c
CommitLineData
2e5d83bb
PB		 1/*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
ad3cea42
AT		 8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
2e5d83bb 14 *
8e31bf38 15 * This code is licensed under the LGPL.
a917d384
PB		 16 *
17 * Note that this file only handles the SCSI architecture model and device
1d4db89c
AZ		 18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
2e5d83bb
PB		 20 */
21
22//#define DEBUG_SCSI
23
24#ifdef DEBUG_SCSI
001faf32
BS		 25#define DPRINTF(fmt, ...) \
26do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
2e5d83bb 27#else
001faf32 28#define DPRINTF(fmt, ...) do {} while(0)
2e5d83bb
PB		 29#endif
30
87ecb68b 31#include "qemu-common.h"
1de7afc9 32#include "qemu/error-report.h"
0d09e41a
PB		 33#include "hw/scsi/scsi.h"
34#include "block/scsi.h"
9c17d615 35#include "sysemu/sysemu.h"
4be74634 36#include "sysemu/block-backend.h"
9c17d615 37#include "sysemu/blockdev.h"
0d09e41a 38#include "hw/block/block.h"
9c17d615 39#include "sysemu/dma.h"
22864256 40
336a6915
PB		 41#ifdef __linux
42#include <scsi/sg.h>
43#endif
44
84f94a9a 45#define SCSI_WRITE_SAME_MAX 524288
215e47b9
PB		 46#define SCSI_DMA_BUF_SIZE 131072
47#define SCSI_MAX_INQUIRY_LEN 256
48#define SCSI_MAX_MODE_LEN 256
49
50#define DEFAULT_DISCARD_GRANULARITY 4096
8a1bd297 51#define DEFAULT_MAX_UNMAP_SIZE (1 << 30) /* 1 GB */
a917d384 52
d52affa7
GH		 53typedef struct SCSIDiskState SCSIDiskState;
54
4c41d2ef
GH		 55typedef struct SCSIDiskReq {
56 SCSIRequest req;
a917d384 57 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
e035b43d
AL		 58 uint64_t sector;
59 uint32_t sector_count;
7285477a 60 uint32_t buflen;
a0e66a69 61 bool started;
c87c0672
AL		 62 struct iovec iov;
63 QEMUIOVector qiov;
a597e79c 64 BlockAcctCookie acct;
4c41d2ef 65} SCSIDiskReq;
a917d384 66
18e673b8
PH		 67#define SCSI_DISK_F_REMOVABLE 0
68#define SCSI_DISK_F_DPOFUA 1
69#define SCSI_DISK_F_NO_REMOVABLE_DEVOPS 2
bfe3d7ac 70
d52affa7 71struct SCSIDiskState
a917d384 72{
d52affa7 73 SCSIDevice qdev;
bfe3d7ac 74 uint32_t features;
8a9c16f6 75 bool media_changed;
3c2f7c12 76 bool media_event;
4480de19 77 bool eject_request;
27395add 78 uint64_t wwn;
64cc2284
RD		 79 uint64_t port_wwn;
80 uint16_t port_index;
8a1bd297 81 uint64_t max_unmap_size;
213189ab 82 QEMUBH *bh;
383b4d9b 83 char *version;
a0fef654 84 char *serial;
353815aa
DF		 85 char *vendor;
86 char *product;
ece0d5e9 87 bool tray_open;
81b1008d 88 bool tray_locked;
2e5d83bb
PB		 89};
90
71544d30 91static int scsi_handle_rw_error(SCSIDiskReq *r, int error);
5dba48a8 92
ad2d30f7 93static void scsi_free_request(SCSIRequest *req)
4d611c9a 94{
ad2d30f7
PB		 95 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
96
db4c34c3 97 qemu_vfree(r->iov.iov_base);
4d611c9a
PB		 98}
99
b45ef674
PB		 100/* Helper function for command completion with sense. */
101static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
ed3a34a3 102{
02fa69b6
BS		 103 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n",
104 r->req.tag, sense.key, sense.asc, sense.ascq);
b45ef674
PB		 105 scsi_req_build_sense(&r->req, sense);
106 scsi_req_complete(&r->req, CHECK_CONDITION);
4d611c9a
PB		 107}
108
43b978b9 109static uint32_t scsi_init_iovec(SCSIDiskReq *r, size_t size)
103b40f5 110{
7285477a
PB		 111 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
112
113 if (!r->iov.iov_base) {
43b978b9 114 r->buflen = size;
4be74634 115 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
7285477a
PB		 116 }
117 r->iov.iov_len = MIN(r->sector_count * 512, r->buflen);
103b40f5
PB		 118 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
119 return r->qiov.size / 512;
120}
121
43b978b9
PB		 122static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req)
123{
124 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
125
126 qemu_put_be64s(f, &r->sector);
127 qemu_put_be32s(f, &r->sector_count);
128 qemu_put_be32s(f, &r->buflen);
18eef3bc
GH		 129 if (r->buflen) {
130 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
131 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
132 } else if (!req->retry) {
133 uint32_t len = r->iov.iov_len;
134 qemu_put_be32s(f, &len);
135 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
136 }
43b978b9
PB		 137 }
138}
139
140static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req)
141{
142 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
143
144 qemu_get_be64s(f, &r->sector);
145 qemu_get_be32s(f, &r->sector_count);
146 qemu_get_be32s(f, &r->buflen);
147 if (r->buflen) {
148 scsi_init_iovec(r, r->buflen);
149 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
150 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
18eef3bc
GH		 151 } else if (!r->req.retry) {
152 uint32_t len;
153 qemu_get_be32s(f, &len);
154 r->iov.iov_len = len;
155 assert(r->iov.iov_len <= r->buflen);
156 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
43b978b9
PB		 157 }
158 }
159
160 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
161}
162
c1b35247 163static void scsi_aio_complete(void *opaque, int ret)
5d0d2467
PB		 164{
165 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
166 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
167
46e3f30e
PB		 168 assert(r->req.aiocb != NULL);
169 r->req.aiocb = NULL;
4be74634 170 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
0c92e0e6 171 if (r->req.io_canceled) {
d5776465 172 scsi_req_cancel_complete(&r->req);
0c92e0e6
PB		 173 goto done;
174 }
5d0d2467 175
80624c93 176 if (ret < 0) {
5d0d2467
PB		 177 if (scsi_handle_rw_error(r, -ret)) {
178 goto done;
179 }
180 }
181
5d0d2467
PB		 182 scsi_req_complete(&r->req, GOOD);
183
184done:
3df9caf8 185 scsi_req_unref(&r->req);
5d0d2467
PB		 186}
187
7e8c49c5
PB		 188static bool scsi_is_cmd_fua(SCSICommand *cmd)
189{
190 switch (cmd->buf[0]) {
191 case READ_10:
192 case READ_12:
193 case READ_16:
194 case WRITE_10:
195 case WRITE_12:
196 case WRITE_16:
197 return (cmd->buf[1] & 8) != 0;
198
7f64f8e2
PB		 199 case VERIFY_10:
200 case VERIFY_12:
201 case VERIFY_16:
7e8c49c5
PB		 202 case WRITE_VERIFY_10:
203 case WRITE_VERIFY_12:
204 case WRITE_VERIFY_16:
205 return true;
206
207 case READ_6:
208 case WRITE_6:
209 default:
210 return false;
211 }
212}
213
214static void scsi_write_do_fua(SCSIDiskReq *r)
215{
216 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
217
0c92e0e6 218 if (r->req.io_canceled) {
d5776465 219 scsi_req_cancel_complete(&r->req);
0c92e0e6
PB		 220 goto done;
221 }
222
7e8c49c5 223 if (scsi_is_cmd_fua(&r->req.cmd)) {
4be74634 224 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 225 BLOCK_ACCT_FLUSH);
4be74634 226 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
7e8c49c5
PB		 227 return;
228 }
229
230 scsi_req_complete(&r->req, GOOD);
0c92e0e6
PB		 231
232done:
3df9caf8 233 scsi_req_unref(&r->req);
7e8c49c5
PB		 234}
235
ef8489d4 236static void scsi_dma_complete_noio(void *opaque, int ret)
a917d384 237{
4c41d2ef 238 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
a597e79c 239 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
a917d384 240
ef8489d4
PB		 241 if (r->req.aiocb != NULL) {
242 r->req.aiocb = NULL;
4be74634 243 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
ef8489d4 244 }
0c92e0e6 245 if (r->req.io_canceled) {
d5776465 246 scsi_req_cancel_complete(&r->req);
0c92e0e6
PB		 247 goto done;
248 }
a597e79c 249
80624c93 250 if (ret < 0) {
71544d30 251 if (scsi_handle_rw_error(r, -ret)) {
c7bae6a7 252 goto done;
5dba48a8 253 }
4d611c9a 254 }
5dba48a8 255
b77912a7
PB		 256 r->sector += r->sector_count;
257 r->sector_count = 0;
7e8c49c5
PB		 258 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
259 scsi_write_do_fua(r);
260 return;
261 } else {
262 scsi_req_complete(&r->req, GOOD);
263 }
c7bae6a7
PB		 264
265done:
3df9caf8 266 scsi_req_unref(&r->req);
4d611c9a
PB		 267}
268
ef8489d4
PB		 269static void scsi_dma_complete(void *opaque, int ret)
270{
271 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
272
273 assert(r->req.aiocb != NULL);
274 scsi_dma_complete_noio(opaque, ret);
275}
276
b77912a7 277static void scsi_read_complete(void * opaque, int ret)
0a4ac106
PB		 278{
279 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
280 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
b77912a7 281 int n;
0a4ac106 282
46e3f30e
PB		 283 assert(r->req.aiocb != NULL);
284 r->req.aiocb = NULL;
4be74634 285 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
0c92e0e6 286 if (r->req.io_canceled) {
d5776465 287 scsi_req_cancel_complete(&r->req);
0c92e0e6
PB		 288 goto done;
289 }
0a4ac106
PB		 290
291 if (ret < 0) {
71544d30 292 if (scsi_handle_rw_error(r, -ret)) {
c7bae6a7 293 goto done;
0a4ac106
PB		 294 }
295 }
296
b77912a7
PB		 297 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->qiov.size);
298
299 n = r->qiov.size / 512;
300 r->sector += n;
301 r->sector_count -= n;
302 scsi_req_data(&r->req, r->qiov.size);
c7bae6a7
PB		 303
304done:
3df9caf8 305 scsi_req_unref(&r->req);
0a4ac106 306}
5dba48a8 307
ac668426
PB		 308/* Actually issue a read to the block device. */
309static void scsi_do_read(void *opaque, int ret)
310{
311 SCSIDiskReq *r = opaque;
312 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
313 uint32_t n;
314
315 if (r->req.aiocb != NULL) {
316 r->req.aiocb = NULL;
4be74634 317 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
ac668426 318 }
0c92e0e6 319 if (r->req.io_canceled) {
d5776465 320 scsi_req_cancel_complete(&r->req);
0c92e0e6
PB		 321 goto done;
322 }
ac668426
PB		 323
324 if (ret < 0) {
325 if (scsi_handle_rw_error(r, -ret)) {
326 goto done;
327 }
328 }
329
31e8fd86
PB		 330 /* The request is used as the AIO opaque value, so add a ref. */
331 scsi_req_ref(&r->req);
332
ac668426 333 if (r->req.sg) {
4be74634 334 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_READ);
ac668426 335 r->req.resid -= r->req.sg->size;
4be74634
MA		 336 r->req.aiocb = dma_blk_read(s->qdev.conf.blk, r->req.sg, r->sector,
337 scsi_dma_complete, r);
ac668426
PB		 338 } else {
339 n = scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
4be74634 340 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8 341 n * BDRV_SECTOR_SIZE, BLOCK_ACCT_READ);
4be74634
MA		 342 r->req.aiocb = blk_aio_readv(s->qdev.conf.blk, r->sector, &r->qiov, n,
343 scsi_read_complete, r);
ac668426
PB		 344 }
345
346done:
3df9caf8 347 scsi_req_unref(&r->req);
ac668426
PB		 348}
349
5c6c0e51
HR		 350/* Read more data from scsi device into buffer. */
351static void scsi_read_data(SCSIRequest *req)
2e5d83bb 352{
5c6c0e51 353 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
5dba48a8 354 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ac668426 355 bool first;
2e5d83bb 356
a917d384
PB		 357 DPRINTF("Read sector_count=%d\n", r->sector_count);
358 if (r->sector_count == 0) {
b45ef674
PB		 359 /* This also clears the sense buffer for REQUEST SENSE. */
360 scsi_req_complete(&r->req, GOOD);
a917d384 361 return;
2e5d83bb
PB		 362 }
363
6fa2c95f
SH		 364 /* No data transfer may already be in progress */
365 assert(r->req.aiocb == NULL);
366
c7bae6a7
PB		 367 /* The request is used as the AIO opaque value, so add a ref. */
368 scsi_req_ref(&r->req);
efb9ee02
HR		 369 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
370 DPRINTF("Data transfer direction invalid\n");
371 scsi_read_complete(r, -EINVAL);
372 return;
373 }
374
a1aff5bf
MA		 375 if (s->tray_open) {
376 scsi_read_complete(r, -ENOMEDIUM);
c7bae6a7 377 return;
a1aff5bf 378 }
c7bae6a7 379
ac668426 380 first = !r->started;
a0e66a69 381 r->started = true;
ac668426 382 if (first && scsi_is_cmd_fua(&r->req.cmd)) {
4be74634 383 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 384 BLOCK_ACCT_FLUSH);
4be74634 385 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_do_read, r);
5d0d2467 386 } else {
ac668426 387 scsi_do_read(r, 0);
5d0d2467 388 }
2e5d83bb
PB		 389}
390
c7bae6a7
PB		 391/*
392 * scsi_handle_rw_error has two return values. 0 means that the error
393 * must be ignored, 1 means that the error has been processed and the
394 * caller should not do anything else for this request. Note that
395 * scsi_handle_rw_error always manages its reference counts, independent
396 * of the return value.
397 */
71544d30 398static int scsi_handle_rw_error(SCSIDiskReq *r, int error)
5dba48a8 399{
1ceee0d5 400 bool is_read = (r->req.cmd.xfer == SCSI_XFER_FROM_DEV);
4c41d2ef 401 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
4be74634
MA		 402 BlockErrorAction action = blk_get_error_action(s->qdev.conf.blk,
403 is_read, error);
ea8a5d7f 404
a589569f 405 if (action == BLOCK_ERROR_ACTION_REPORT) {
efb9ee02 406 switch (error) {
7e218df5
PB		 407 case ENOMEDIUM:
408 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
409 break;
efb9ee02 410 case ENOMEM:
b45ef674 411 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
efb9ee02
HR		 412 break;
413 case EINVAL:
b45ef674 414 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
efb9ee02 415 break;
703dd81a
PB		 416 case ENOSPC:
417 scsi_check_condition(r, SENSE_CODE(SPACE_ALLOC_FAILED));
418 break;
efb9ee02 419 default:
b45ef674 420 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
efb9ee02 421 break;
a1f0cce2 422 }
ea8a5d7f 423 }
4be74634 424 blk_error_action(s->qdev.conf.blk, action, is_read, error);
a589569f 425 if (action == BLOCK_ERROR_ACTION_STOP) {
3e1caa5f
PB		 426 scsi_req_retry(&r->req);
427 }
a589569f 428 return action != BLOCK_ERROR_ACTION_IGNORE;
ea8a5d7f
AL		 429}
430
4d611c9a
PB		 431static void scsi_write_complete(void * opaque, int ret)
432{
4c41d2ef 433 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
a597e79c 434 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ea8a5d7f
AL		 435 uint32_t n;
436
8e321cc6
PB		 437 if (r->req.aiocb != NULL) {
438 r->req.aiocb = NULL;
4be74634 439 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
8e321cc6 440 }
0c92e0e6 441 if (r->req.io_canceled) {
d5776465 442 scsi_req_cancel_complete(&r->req);
0c92e0e6
PB		 443 goto done;
444 }
a597e79c 445
80624c93 446 if (ret < 0) {
71544d30 447 if (scsi_handle_rw_error(r, -ret)) {
c7bae6a7 448 goto done;
5dba48a8 449 }
4d611c9a
PB		 450 }
451
103b40f5 452 n = r->qiov.size / 512;
ea8a5d7f
AL		 453 r->sector += n;
454 r->sector_count -= n;
a917d384 455 if (r->sector_count == 0) {
7e8c49c5
PB		 456 scsi_write_do_fua(r);
457 return;
a917d384 458 } else {
43b978b9 459 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
79fb50bb 460 DPRINTF("Write complete tag=0x%x more=%zd\n", r->req.tag, r->qiov.size);
103b40f5 461 scsi_req_data(&r->req, r->qiov.size);
4d611c9a 462 }
c7bae6a7
PB		 463
464done:
3df9caf8 465 scsi_req_unref(&r->req);
4d611c9a
PB		 466}
467
42741212 468static void scsi_write_data(SCSIRequest *req)
ea8a5d7f 469{
5c6c0e51 470 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
4c41d2ef 471 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ea8a5d7f
AL		 472 uint32_t n;
473
6fa2c95f
SH		 474 /* No data transfer may already be in progress */
475 assert(r->req.aiocb == NULL);
476
c7bae6a7
PB		 477 /* The request is used as the AIO opaque value, so add a ref. */
478 scsi_req_ref(&r->req);
efb9ee02
HR		 479 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
480 DPRINTF("Data transfer direction invalid\n");
481 scsi_write_complete(r, -EINVAL);
42741212 482 return;
efb9ee02
HR		 483 }
484
5d0d2467
PB		 485 if (!r->req.sg && !r->qiov.size) {
486 /* Called for the first time. Ask the driver to send us more data. */
a0e66a69 487 r->started = true;
5d0d2467
PB		 488 scsi_write_complete(r, 0);
489 return;
490 }
491 if (s->tray_open) {
492 scsi_write_complete(r, -ENOMEDIUM);
493 return;
494 }
495
7f64f8e2
PB		 496 if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 ||
497 r->req.cmd.buf[0] == VERIFY_16) {
498 if (r->req.sg) {
ef8489d4 499 scsi_dma_complete_noio(r, 0);
7f64f8e2
PB		 500 } else {
501 scsi_write_complete(r, 0);
502 }
503 return;
504 }
505
5d0d2467 506 if (r->req.sg) {
4be74634 507 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_WRITE);
5d0d2467 508 r->req.resid -= r->req.sg->size;
4be74634
MA		 509 r->req.aiocb = dma_blk_write(s->qdev.conf.blk, r->req.sg, r->sector,
510 scsi_dma_complete, r);
5d0d2467
PB		 511 } else {
512 n = r->qiov.size / 512;
4be74634 513 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8 514 n * BDRV_SECTOR_SIZE, BLOCK_ACCT_WRITE);
4be74634
MA		 515 r->req.aiocb = blk_aio_writev(s->qdev.conf.blk, r->sector, &r->qiov, n,
516 scsi_write_complete, r);
ea8a5d7f 517 }
a917d384 518}
2e5d83bb 519
a917d384 520/* Return a pointer to the data buffer. */
5c6c0e51 521static uint8_t *scsi_get_buf(SCSIRequest *req)
a917d384 522{
5c6c0e51 523 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2e5d83bb 524
3f4cb3d3 525 return (uint8_t *)r->iov.iov_base;
2e5d83bb
PB		 526}
527
0b06c059
GH		 528static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
529{
383b4d9b 530 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
0b06c059 531 int buflen = 0;
82579390 532 int start;
0b06c059 533
0b06c059
GH		 534 if (req->cmd.buf[1] & 0x1) {
535 /* Vital product data */
536 uint8_t page_code = req->cmd.buf[2];
0b06c059 537
e39be482 538 outbuf[buflen++] = s->qdev.type & 0x1f;
0b06c059
GH		 539 outbuf[buflen++] = page_code ; // this page
540 outbuf[buflen++] = 0x00;
82579390
PB		 541 outbuf[buflen++] = 0x00;
542 start = buflen;
0b06c059
GH		 543
544 switch (page_code) {
545 case 0x00: /* Supported page codes, mandatory */
39d98982 546 {
0b06c059
GH		 547 DPRINTF("Inquiry EVPD[Supported pages] "
548 "buffer size %zd\n", req->cmd.xfer);
0b06c059 549 outbuf[buflen++] = 0x00; // list of supported pages (this page)
f01b5931 550 if (s->serial) {
3e1c0c9a 551 outbuf[buflen++] = 0x80; // unit serial number
f01b5931 552 }
0b06c059 553 outbuf[buflen++] = 0x83; // device identification
f37bd73b 554 if (s->qdev.type == TYPE_DISK) {
ea3bd56f
CH		 555 outbuf[buflen++] = 0xb0; // block limits
556 outbuf[buflen++] = 0xb2; // thin provisioning
39d98982 557 }
0b06c059 558 break;
39d98982 559 }
0b06c059
GH		 560 case 0x80: /* Device serial number, optional */
561 {
3e1c0c9a 562 int l;
0b06c059 563
3e1c0c9a
HR		 564 if (!s->serial) {
565 DPRINTF("Inquiry (EVPD[Serial number] not supported\n");
566 return -1;
567 }
568
569 l = strlen(s->serial);
f01b5931 570 if (l > 20) {
0b06c059 571 l = 20;
f01b5931 572 }
0b06c059
GH		 573
574 DPRINTF("Inquiry EVPD[Serial number] "
575 "buffer size %zd\n", req->cmd.xfer);
a0fef654 576 memcpy(outbuf+buflen, s->serial, l);
0b06c059
GH		 577 buflen += l;
578 break;
579 }
580
581 case 0x83: /* Device identification page, mandatory */
582 {
4be74634 583 const char *str = s->serial ?: blk_name(s->qdev.conf.blk);
fd930791
PB		 584 int max_len = s->serial ? 20 : 255 - 8;
585 int id_len = strlen(str);
0b06c059 586
f01b5931 587 if (id_len > max_len) {
0b06c059 588 id_len = max_len;
f01b5931 589 }
0b06c059
GH		 590 DPRINTF("Inquiry EVPD[Device identification] "
591 "buffer size %zd\n", req->cmd.xfer);
592
0b06c059
GH		 593 outbuf[buflen++] = 0x2; // ASCII
594 outbuf[buflen++] = 0; // not officially assigned
595 outbuf[buflen++] = 0; // reserved
596 outbuf[buflen++] = id_len; // length of data following
fd930791 597 memcpy(outbuf+buflen, str, id_len);
0b06c059 598 buflen += id_len;
27395add
PB		 599
600 if (s->wwn) {
601 outbuf[buflen++] = 0x1; // Binary
602 outbuf[buflen++] = 0x3; // NAA
603 outbuf[buflen++] = 0; // reserved
604 outbuf[buflen++] = 8;
605 stq_be_p(&outbuf[buflen], s->wwn);
606 buflen += 8;
607 }
64cc2284
RD		 608
609 if (s->port_wwn) {
610 outbuf[buflen++] = 0x61; // SAS / Binary
611 outbuf[buflen++] = 0x93; // PIV / Target port / NAA
612 outbuf[buflen++] = 0; // reserved
613 outbuf[buflen++] = 8;
614 stq_be_p(&outbuf[buflen], s->port_wwn);
615 buflen += 8;
616 }
617
618 if (s->port_index) {
619 outbuf[buflen++] = 0x61; // SAS / Binary
620 outbuf[buflen++] = 0x94; // PIV / Target port / relative target port
621 outbuf[buflen++] = 0; // reserved
622 outbuf[buflen++] = 4;
623 stw_be_p(&outbuf[buflen + 2], s->port_index);
624 buflen += 4;
625 }
0b06c059
GH		 626 break;
627 }
ea3bd56f 628 case 0xb0: /* block limits */
ee3659e3 629 {
ea3bd56f
CH		 630 unsigned int unmap_sectors =
631 s->qdev.conf.discard_granularity / s->qdev.blocksize;
8cfacf07
CH		 632 unsigned int min_io_size =
633 s->qdev.conf.min_io_size / s->qdev.blocksize;
634 unsigned int opt_io_size =
635 s->qdev.conf.opt_io_size / s->qdev.blocksize;
8a1bd297
PB		 636 unsigned int max_unmap_sectors =
637 s->max_unmap_size / s->qdev.blocksize;
ee3659e3 638
f37bd73b 639 if (s->qdev.type == TYPE_ROM) {
39d98982
HR		 640 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
641 page_code);
642 return -1;
643 }
ee3659e3 644 /* required VPD size with unmap support */
82579390 645 buflen = 0x40;
ee3659e3
CH		 646 memset(outbuf + 4, 0, buflen - 4);
647
84f94a9a
PB		 648 outbuf[4] = 0x1; /* wsnz */
649
ee3659e3
CH		 650 /* optimal transfer length granularity */
651 outbuf[6] = (min_io_size >> 8) & 0xff;
652 outbuf[7] = min_io_size & 0xff;
653
654 /* optimal transfer length */
655 outbuf[12] = (opt_io_size >> 24) & 0xff;
656 outbuf[13] = (opt_io_size >> 16) & 0xff;
657 outbuf[14] = (opt_io_size >> 8) & 0xff;
658 outbuf[15] = opt_io_size & 0xff;
ea3bd56f 659
8a1bd297
PB		 660 /* max unmap LBA count, default is 1GB */
661 outbuf[20] = (max_unmap_sectors >> 24) & 0xff;
662 outbuf[21] = (max_unmap_sectors >> 16) & 0xff;
663 outbuf[22] = (max_unmap_sectors >> 8) & 0xff;
664 outbuf[23] = max_unmap_sectors & 0xff;
665
666 /* max unmap descriptors, 255 fit in 4 kb with an 8-byte header. */
667 outbuf[24] = 0;
668 outbuf[25] = 0;
669 outbuf[26] = 0;
670 outbuf[27] = 255;
671
ea3bd56f
CH		 672 /* optimal unmap granularity */
673 outbuf[28] = (unmap_sectors >> 24) & 0xff;
674 outbuf[29] = (unmap_sectors >> 16) & 0xff;
675 outbuf[30] = (unmap_sectors >> 8) & 0xff;
676 outbuf[31] = unmap_sectors & 0xff;
677 break;
678 }
679 case 0xb2: /* thin provisioning */
680 {
82579390 681 buflen = 8;
ea3bd56f 682 outbuf[4] = 0;
5222aaf2 683 outbuf[5] = 0xe0; /* unmap & write_same 10/16 all supported */
f644a290 684 outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1;
ea3bd56f 685 outbuf[7] = 0;
ee3659e3
CH		 686 break;
687 }
0b06c059 688 default:
0b06c059
GH		 689 return -1;
690 }
691 /* done with EVPD */
82579390
PB		 692 assert(buflen - start <= 255);
693 outbuf[start - 1] = buflen - start;
0b06c059
GH		 694 return buflen;
695 }
696
697 /* Standard INQUIRY data */
698 if (req->cmd.buf[2] != 0) {
0b06c059
GH		 699 return -1;
700 }
701
702 /* PAGE CODE == 0 */
0b06c059 703 buflen = req->cmd.xfer;
f01b5931 704 if (buflen > SCSI_MAX_INQUIRY_LEN) {
0b06c059 705 buflen = SCSI_MAX_INQUIRY_LEN;
f01b5931 706 }
0b06c059 707
f37bd73b 708 outbuf[0] = s->qdev.type & 0x1f;
bfe3d7ac 709 outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0;
353815aa
DF		 710
711 strpadcpy((char *) &outbuf[16], 16, s->product, ' ');
712 strpadcpy((char *) &outbuf[8], 8, s->vendor, ' ');
713
314b1811 714 memset(&outbuf[32], 0, 4);
552fee93 715 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
99aba0c4
CH		 716 /*
717 * We claim conformance to SPC-3, which is required for guests
718 * to ask for modern features like READ CAPACITY(16) or the
719 * block characteristics VPD page by default. Not all of SPC-3
720 * is actually implemented, but we're good enough.
721 */
ee3659e3 722 outbuf[2] = 5;
1109c894 723 outbuf[3] = 2 | 0x10; /* Format 2, HiSup */
ad3cea42
AT		 724
725 if (buflen > 36) {
726 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
727 } else {
728 /* If the allocation length of CDB is too small,
729 the additional length is not adjusted */
730 outbuf[4] = 36 - 5;
731 }
732
0b06c059 733 /* Sync data transfer and TCQ. */
afd4030c 734 outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0);
0b06c059
GH		 735 return buflen;
736}
737
430ee2f2
PB		 738static inline bool media_is_dvd(SCSIDiskState *s)
739{
740 uint64_t nb_sectors;
741 if (s->qdev.type != TYPE_ROM) {
742 return false;
743 }
4be74634 744 if (!blk_is_inserted(s->qdev.conf.blk)) {
430ee2f2
PB		 745 return false;
746 }
4be74634 747 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
430ee2f2
PB		 748 return nb_sectors > CD_MAX_SECTORS;
749}
750
ceb792ef
PB		 751static inline bool media_is_cd(SCSIDiskState *s)
752{
753 uint64_t nb_sectors;
754 if (s->qdev.type != TYPE_ROM) {
755 return false;
756 }
4be74634 757 if (!blk_is_inserted(s->qdev.conf.blk)) {
ceb792ef
PB		 758 return false;
759 }
4be74634 760 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
ceb792ef
PB		 761 return nb_sectors <= CD_MAX_SECTORS;
762}
763
1a4f0c3a
PB		 764static int scsi_read_disc_information(SCSIDiskState *s, SCSIDiskReq *r,
765 uint8_t *outbuf)
766{
767 uint8_t type = r->req.cmd.buf[1] & 7;
768
769 if (s->qdev.type != TYPE_ROM) {
770 return -1;
771 }
772
773 /* Types 1/2 are only defined for Blu-Ray. */
774 if (type != 0) {
775 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
776 return -1;
777 }
778
779 memset(outbuf, 0, 34);
780 outbuf[1] = 32;
781 outbuf[2] = 0xe; /* last session complete, disc finalized */
782 outbuf[3] = 1; /* first track on disc */
783 outbuf[4] = 1; /* # of sessions */
784 outbuf[5] = 1; /* first track of last session */
785 outbuf[6] = 1; /* last track of last session */
786 outbuf[7] = 0x20; /* unrestricted use */
787 outbuf[8] = 0x00; /* CD-ROM or DVD-ROM */
788 /* 9-10-11: most significant byte corresponding bytes 4-5-6 */
789 /* 12-23: not meaningful for CD-ROM or DVD-ROM */
790 /* 24-31: disc bar code */
791 /* 32: disc application code */
792 /* 33: number of OPC tables */
793
794 return 34;
795}
796
b6c251ab
PB		 797static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r,
798 uint8_t *outbuf)
799{
ceb792ef
PB		 800 static const int rds_caps_size[5] = {
801 [0] = 2048 + 4,
802 [1] = 4 + 4,
803 [3] = 188 + 4,
804 [4] = 2048 + 4,
805 };
806
807 uint8_t media = r->req.cmd.buf[1];
808 uint8_t layer = r->req.cmd.buf[6];
809 uint8_t format = r->req.cmd.buf[7];
810 int size = -1;
811
812 if (s->qdev.type != TYPE_ROM) {
813 return -1;
814 }
815 if (media != 0) {
816 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
817 return -1;
818 }
819
820 if (format != 0xff) {
4be74634 821 if (s->tray_open || !blk_is_inserted(s->qdev.conf.blk)) {
ceb792ef
PB		 822 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
823 return -1;
824 }
825 if (media_is_cd(s)) {
826 scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT));
827 return -1;
828 }
829 if (format >= ARRAY_SIZE(rds_caps_size)) {
830 return -1;
831 }
832 size = rds_caps_size[format];
833 memset(outbuf, 0, size);
834 }
835
836 switch (format) {
837 case 0x00: {
838 /* Physical format information */
839 uint64_t nb_sectors;
840 if (layer != 0) {
841 goto fail;
842 }
4be74634 843 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
ceb792ef
PB		 844
845 outbuf[4] = 1; /* DVD-ROM, part version 1 */
846 outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
847 outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
848 outbuf[7] = 0; /* default densities */
849
850 stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */
851 stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */
852 break;
853 }
854
855 case 0x01: /* DVD copyright information, all zeros */
856 break;
857
858 case 0x03: /* BCA information - invalid field for no BCA info */
859 return -1;
860
861 case 0x04: /* DVD disc manufacturing information, all zeros */
862 break;
863
864 case 0xff: { /* List capabilities */
865 int i;
866 size = 4;
867 for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) {
868 if (!rds_caps_size[i]) {
869 continue;
870 }
871 outbuf[size] = i;
872 outbuf[size + 1] = 0x40; /* Not writable, readable */
873 stw_be_p(&outbuf[size + 2], rds_caps_size[i]);
874 size += 4;
875 }
876 break;
877 }
878
879 default:
880 return -1;
881 }
882
883 /* Size of buffer, not including 2 byte size field */
884 stw_be_p(outbuf, size - 2);
885 return size;
886
887fail:
b6c251ab
PB		 888 return -1;
889}
890
3c2f7c12 891static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf)
b6c251ab 892{
3c2f7c12
PB		 893 uint8_t event_code, media_status;
894
895 media_status = 0;
896 if (s->tray_open) {
897 media_status = MS_TRAY_OPEN;
4be74634 898 } else if (blk_is_inserted(s->qdev.conf.blk)) {
3c2f7c12
PB		 899 media_status = MS_MEDIA_PRESENT;
900 }
901
902 /* Event notification descriptor */
903 event_code = MEC_NO_CHANGE;
4480de19
PB		 904 if (media_status != MS_TRAY_OPEN) {
905 if (s->media_event) {
906 event_code = MEC_NEW_MEDIA;
907 s->media_event = false;
908 } else if (s->eject_request) {
909 event_code = MEC_EJECT_REQUESTED;
910 s->eject_request = false;
911 }
3c2f7c12
PB		 912 }
913
914 outbuf[0] = event_code;
915 outbuf[1] = media_status;
916
917 /* These fields are reserved, just clear them. */
918 outbuf[2] = 0;
919 outbuf[3] = 0;
920 return 4;
921}
922
923static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r,
924 uint8_t *outbuf)
925{
926 int size;
927 uint8_t *buf = r->req.cmd.buf;
928 uint8_t notification_class_request = buf[4];
929 if (s->qdev.type != TYPE_ROM) {
930 return -1;
931 }
932 if ((buf[1] & 1) == 0) {
933 /* asynchronous */
934 return -1;
935 }
936
937 size = 4;
938 outbuf[0] = outbuf[1] = 0;
939 outbuf[3] = 1 << GESN_MEDIA; /* supported events */
940 if (notification_class_request & (1 << GESN_MEDIA)) {
941 outbuf[2] = GESN_MEDIA;
942 size += scsi_event_status_media(s, &outbuf[size]);
943 } else {
944 outbuf[2] = 0x80;
945 }
946 stw_be_p(outbuf, size - 4);
947 return size;
b6c251ab
PB		 948}
949
430ee2f2 950static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf)
b6c251ab 951{
430ee2f2
PB		 952 int current;
953
b6c251ab
PB		 954 if (s->qdev.type != TYPE_ROM) {
955 return -1;
956 }
430ee2f2
PB		 957 current = media_is_dvd(s) ? MMC_PROFILE_DVD_ROM : MMC_PROFILE_CD_ROM;
958 memset(outbuf, 0, 40);
959 stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */
960 stw_be_p(&outbuf[6], current);
961 /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */
962 outbuf[10] = 0x03; /* persistent, current */
963 outbuf[11] = 8; /* two profiles */
964 stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM);
965 outbuf[14] = (current == MMC_PROFILE_DVD_ROM);
966 stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM);
967 outbuf[18] = (current == MMC_PROFILE_CD_ROM);
968 /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */
969 stw_be_p(&outbuf[20], 1);
970 outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */
971 outbuf[23] = 8;
972 stl_be_p(&outbuf[24], 1); /* SCSI */
973 outbuf[28] = 1; /* DBE = 1, mandatory */
974 /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */
975 stw_be_p(&outbuf[32], 3);
976 outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */
977 outbuf[35] = 4;
978 outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */
979 /* TODO: Random readable, CD read, DVD read, drive serial number,
980 power management */
981 return 40;
b6c251ab
PB		 982}
983
984static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf)
985{
986 if (s->qdev.type != TYPE_ROM) {
987 return -1;
988 }
989 memset(outbuf, 0, 8);
990 outbuf[5] = 1; /* CD-ROM */
991 return 8;
992}
993
cfc606da 994static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
282ab04e 995 int page_control)
ebddfcbe 996{
a8f4bbe2
PB		 997 static const int mode_sense_valid[0x3f] = {
998 [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK),
999 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK),
1000 [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
a07c7dcd
PB		 1001 [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
1002 [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM),
a8f4bbe2
PB		 1003 [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM),
1004 };
ef405611
PB		 1005
1006 uint8_t *p = *p_outbuf + 2;
1007 int length;
ebddfcbe 1008
a8f4bbe2
PB		 1009 if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) {
1010 return -1;
1011 }
1012
282ab04e
BK		 1013 /*
1014 * If Changeable Values are requested, a mask denoting those mode parameters
1015 * that are changeable shall be returned. As we currently don't support
1016 * parameter changes via MODE_SELECT all bits are returned set to zero.
1017 * The buffer was already menset to zero by the caller of this function.
ef405611
PB		 1018 *
1019 * The offsets here are off by two compared to the descriptions in the
1020 * SCSI specs, because those include a 2-byte header. This is unfortunate,
1021 * but it is done so that offsets are consistent within our implementation
1022 * of MODE SENSE and MODE SELECT. MODE SELECT has to deal with both
1023 * 2-byte and 4-byte headers.
282ab04e 1024 */
ebddfcbe 1025 switch (page) {
67cc61e4 1026 case MODE_PAGE_HD_GEOMETRY:
ef405611 1027 length = 0x16;
282ab04e 1028 if (page_control == 1) { /* Changeable Values */
cfc606da 1029 break;
282ab04e 1030 }
ebddfcbe 1031 /* if a geometry hint is available, use it */
ef405611
PB		 1032 p[0] = (s->qdev.conf.cyls >> 16) & 0xff;
1033 p[1] = (s->qdev.conf.cyls >> 8) & 0xff;
1034 p[2] = s->qdev.conf.cyls & 0xff;
1035 p[3] = s->qdev.conf.heads & 0xff;
ebddfcbe 1036 /* Write precomp start cylinder, disabled */
ef405611
PB		 1037 p[4] = (s->qdev.conf.cyls >> 16) & 0xff;
1038 p[5] = (s->qdev.conf.cyls >> 8) & 0xff;
1039 p[6] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1040 /* Reduced current start cylinder, disabled */
ef405611
PB		 1041 p[7] = (s->qdev.conf.cyls >> 16) & 0xff;
1042 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1043 p[9] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1044 /* Device step rate [ns], 200ns */
ef405611
PB		 1045 p[10] = 0;
1046 p[11] = 200;
ebddfcbe 1047 /* Landing zone cylinder */
ef405611
PB		 1048 p[12] = 0xff;
1049 p[13] = 0xff;
ebddfcbe 1050 p[14] = 0xff;
ebddfcbe 1051 /* Medium rotation rate [rpm], 5400 rpm */
ef405611
PB		 1052 p[18] = (5400 >> 8) & 0xff;
1053 p[19] = 5400 & 0xff;
cfc606da 1054 break;
ebddfcbe 1055
67cc61e4 1056 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY:
ef405611 1057 length = 0x1e;
282ab04e 1058 if (page_control == 1) { /* Changeable Values */
cfc606da 1059 break;
282ab04e 1060 }
ebddfcbe 1061 /* Transfer rate [kbit/s], 5Mbit/s */
ef405611
PB		 1062 p[0] = 5000 >> 8;
1063 p[1] = 5000 & 0xff;
ebddfcbe 1064 /* if a geometry hint is available, use it */
ef405611
PB		 1065 p[2] = s->qdev.conf.heads & 0xff;
1066 p[3] = s->qdev.conf.secs & 0xff;
1067 p[4] = s->qdev.blocksize >> 8;
1068 p[6] = (s->qdev.conf.cyls >> 8) & 0xff;
1069 p[7] = s->qdev.conf.cyls & 0xff;
1070 /* Write precomp start cylinder, disabled */
d252df48
MA		 1071 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1072 p[9] = s->qdev.conf.cyls & 0xff;
ef405611 1073 /* Reduced current start cylinder, disabled */
d252df48
MA		 1074 p[10] = (s->qdev.conf.cyls >> 8) & 0xff;
1075 p[11] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1076 /* Device step rate [100us], 100us */
ef405611
PB		 1077 p[12] = 0;
1078 p[13] = 1;
ebddfcbe 1079 /* Device step pulse width [us], 1us */
ef405611 1080 p[14] = 1;
ebddfcbe 1081 /* Device head settle delay [100us], 100us */
ef405611
PB		 1082 p[15] = 0;
1083 p[16] = 1;
ebddfcbe 1084 /* Motor on delay [0.1s], 0.1s */
ef405611 1085 p[17] = 1;
ebddfcbe 1086 /* Motor off delay [0.1s], 0.1s */
ef405611 1087 p[18] = 1;
ebddfcbe 1088 /* Medium rotation rate [rpm], 5400 rpm */
ef405611
PB		 1089 p[26] = (5400 >> 8) & 0xff;
1090 p[27] = 5400 & 0xff;
cfc606da 1091 break;
ebddfcbe 1092
67cc61e4 1093 case MODE_PAGE_CACHING:
ef405611 1094 length = 0x12;
96c91bbf 1095 if (page_control == 1 || /* Changeable Values */
4be74634 1096 blk_enable_write_cache(s->qdev.conf.blk)) {
ef405611 1097 p[0] = 4; /* WCE */
ebddfcbe 1098 }
cfc606da 1099 break;
ebddfcbe 1100
a07c7dcd 1101 case MODE_PAGE_R_W_ERROR:
ef405611 1102 length = 10;
4f588b15
PB		 1103 if (page_control == 1) { /* Changeable Values */
1104 break;
1105 }
ef405611 1106 p[0] = 0x80; /* Automatic Write Reallocation Enabled */
a07c7dcd 1107 if (s->qdev.type == TYPE_ROM) {
ef405611 1108 p[1] = 0x20; /* Read Retry Count */
a07c7dcd
PB		 1109 }
1110 break;
1111
1112 case MODE_PAGE_AUDIO_CTL:
ef405611 1113 length = 14;
a07c7dcd
PB		 1114 break;
1115
67cc61e4 1116 case MODE_PAGE_CAPABILITIES:
ef405611 1117 length = 0x14;
282ab04e 1118 if (page_control == 1) { /* Changeable Values */
cfc606da 1119 break;
282ab04e 1120 }
a07c7dcd 1121
ef405611
PB		 1122 p[0] = 0x3b; /* CD-R & CD-RW read */
1123 p[1] = 0; /* Writing not supported */
1124 p[2] = 0x7f; /* Audio, composite, digital out,
ebddfcbe 1125 mode 2 form 1&2, multi session */
ef405611 1126 p[3] = 0xff; /* CD DA, DA accurate, RW supported,
ebddfcbe
GH		 1127 RW corrected, C2 errors, ISRC,
1128 UPC, Bar code */
ef405611 1129 p[4] = 0x2d | (s->tray_locked ? 2 : 0);
ebddfcbe 1130 /* Locking supported, jumper present, eject, tray */
ef405611 1131 p[5] = 0; /* no volume & mute control, no
ebddfcbe 1132 changer */
ef405611
PB		 1133 p[6] = (50 * 176) >> 8; /* 50x read speed */
1134 p[7] = (50 * 176) & 0xff;
1135 p[8] = 2 >> 8; /* Two volume levels */
1136 p[9] = 2 & 0xff;
1137 p[10] = 2048 >> 8; /* 2M buffer */
1138 p[11] = 2048 & 0xff;
1139 p[12] = (16 * 176) >> 8; /* 16x read speed current */
1140 p[13] = (16 * 176) & 0xff;
1141 p[16] = (16 * 176) >> 8; /* 16x write speed */
1142 p[17] = (16 * 176) & 0xff;
1143 p[18] = (16 * 176) >> 8; /* 16x write speed current */
ebddfcbe 1144 p[19] = (16 * 176) & 0xff;
cfc606da 1145 break;
ebddfcbe
GH		 1146
1147 default:
cfc606da 1148 return -1;
ebddfcbe 1149 }
cfc606da 1150
ef405611
PB		 1151 assert(length < 256);
1152 (*p_outbuf)[0] = page;
1153 (*p_outbuf)[1] = length;
1154 *p_outbuf += length + 2;
1155 return length + 2;
ebddfcbe
GH		 1156}
1157
cfc606da 1158static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
ebddfcbe 1159{
cfc606da 1160 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ebddfcbe 1161 uint64_t nb_sectors;
e590ecbe
PB		 1162 bool dbd;
1163 int page, buflen, ret, page_control;
ebddfcbe 1164 uint8_t *p;
ce512ee1 1165 uint8_t dev_specific_param;
ebddfcbe 1166
e590ecbe 1167 dbd = (r->req.cmd.buf[1] & 0x8) != 0;
cfc606da
PB		 1168 page = r->req.cmd.buf[2] & 0x3f;
1169 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
aa2b1e89 1170 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
cfc606da
PB		 1171 (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control);
1172 memset(outbuf, 0, r->req.cmd.xfer);
ebddfcbe
GH		 1173 p = outbuf;
1174
e590ecbe 1175 if (s->qdev.type == TYPE_DISK) {
da8365db 1176 dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0;
4be74634 1177 if (blk_is_read_only(s->qdev.conf.blk)) {
e590ecbe
PB		 1178 dev_specific_param |= 0x80; /* Readonly. */
1179 }
ce512ee1 1180 } else {
e590ecbe
PB		 1181 /* MMC prescribes that CD/DVD drives have no block descriptors,
1182 * and defines no device-specific parameter. */
6a2de0f2 1183 dev_specific_param = 0x00;
e590ecbe 1184 dbd = true;
ce512ee1
BK		 1185 }
1186
cfc606da 1187 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1188 p[1] = 0; /* Default media type. */
1189 p[2] = dev_specific_param;
1190 p[3] = 0; /* Block descriptor length. */
1191 p += 4;
1192 } else { /* MODE_SENSE_10 */
1193 p[2] = 0; /* Default media type. */
1194 p[3] = dev_specific_param;
1195 p[6] = p[7] = 0; /* Block descriptor length. */
1196 p += 8;
ebddfcbe 1197 }
ebddfcbe 1198
4be74634 1199 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
e590ecbe 1200 if (!dbd && nb_sectors) {
cfc606da 1201 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1202 outbuf[3] = 8; /* Block descriptor length */
1203 } else { /* MODE_SENSE_10 */
1204 outbuf[7] = 8; /* Block descriptor length */
1205 }
69377307 1206 nb_sectors /= (s->qdev.blocksize / 512);
f01b5931 1207 if (nb_sectors > 0xffffff) {
2488b740 1208 nb_sectors = 0;
f01b5931 1209 }
ebddfcbe
GH		 1210 p[0] = 0; /* media density code */
1211 p[1] = (nb_sectors >> 16) & 0xff;
1212 p[2] = (nb_sectors >> 8) & 0xff;
1213 p[3] = nb_sectors & 0xff;
1214 p[4] = 0; /* reserved */
1215 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
69377307 1216 p[6] = s->qdev.blocksize >> 8;
ebddfcbe
GH		 1217 p[7] = 0;
1218 p += 8;
1219 }
1220
cfc606da
PB		 1221 if (page_control == 3) {
1222 /* Saved Values */
1223 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
1224 return -1;
282ab04e
BK		 1225 }
1226
cfc606da
PB		 1227 if (page == 0x3f) {
1228 for (page = 0; page <= 0x3e; page++) {
1229 mode_sense_page(s, page, &p, page_control);
1230 }
1231 } else {
1232 ret = mode_sense_page(s, page, &p, page_control);
1233 if (ret == -1) {
1234 return -1;
1235 }
ebddfcbe
GH		 1236 }
1237
1238 buflen = p - outbuf;
ce512ee1
BK		 1239 /*
1240 * The mode data length field specifies the length in bytes of the
1241 * following data that is available to be transferred. The mode data
1242 * length does not include itself.
1243 */
cfc606da 1244 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1245 outbuf[0] = buflen - 1;
1246 } else { /* MODE_SENSE_10 */
1247 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
1248 outbuf[1] = (buflen - 2) & 0xff;
1249 }
ebddfcbe
GH		 1250 return buflen;
1251}
1252
02880f43
GH		 1253static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
1254{
1255 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
02880f43
GH		 1256 int start_track, format, msf, toclen;
1257 uint64_t nb_sectors;
1258
1259 msf = req->cmd.buf[1] & 2;
1260 format = req->cmd.buf[2] & 0xf;
1261 start_track = req->cmd.buf[6];
4be74634 1262 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
02880f43 1263 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
69377307 1264 nb_sectors /= s->qdev.blocksize / 512;
02880f43
GH		 1265 switch (format) {
1266 case 0:
1267 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
1268 break;
1269 case 1:
1270 /* multi session : only a single session defined */
1271 toclen = 12;
1272 memset(outbuf, 0, 12);
1273 outbuf[1] = 0x0a;
1274 outbuf[2] = 0x01;
1275 outbuf[3] = 0x01;
1276 break;
1277 case 2:
1278 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
1279 break;
1280 default:
1281 return -1;
1282 }
02880f43
GH		 1283 return toclen;
1284}
1285
68bb01f3 1286static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
bfd52647
MA		 1287{
1288 SCSIRequest *req = &r->req;
1289 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1290 bool start = req->cmd.buf[4] & 1;
1291 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
ae5708b3
RS		 1292 int pwrcnd = req->cmd.buf[4] & 0xf0;
1293
1294 if (pwrcnd) {
1295 /* eject/load only happens for power condition == 0 */
1296 return 0;
1297 }
bfd52647 1298
b456a71c 1299 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) && loej) {
68bb01f3
MA		 1300 if (!start && !s->tray_open && s->tray_locked) {
1301 scsi_check_condition(r,
4be74634 1302 blk_is_inserted(s->qdev.conf.blk)
68bb01f3
MA		 1303 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
1304 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
1305 return -1;
fdec4404 1306 }
d88b1819
LC		 1307
1308 if (s->tray_open != !start) {
4be74634 1309 blk_eject(s->qdev.conf.blk, !start);
d88b1819
LC		 1310 s->tray_open = !start;
1311 }
bfd52647 1312 }
68bb01f3 1313 return 0;
bfd52647
MA		 1314}
1315
314a3299
PB		 1316static void scsi_disk_emulate_read_data(SCSIRequest *req)
1317{
1318 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1319 int buflen = r->iov.iov_len;
1320
1321 if (buflen) {
79fb50bb 1322 DPRINTF("Read buf_len=%d\n", buflen);
314a3299
PB		 1323 r->iov.iov_len = 0;
1324 r->started = true;
1325 scsi_req_data(&r->req, buflen);
1326 return;
1327 }
1328
1329 /* This also clears the sense buffer for REQUEST SENSE. */
1330 scsi_req_complete(&r->req, GOOD);
1331}
1332
380feaff
PB		 1333static int scsi_disk_check_mode_select(SCSIDiskState *s, int page,
1334 uint8_t *inbuf, int inlen)
1335{
1336 uint8_t mode_current[SCSI_MAX_MODE_LEN];
1337 uint8_t mode_changeable[SCSI_MAX_MODE_LEN];
1338 uint8_t *p;
1339 int len, expected_len, changeable_len, i;
1340
1341 /* The input buffer does not include the page header, so it is
1342 * off by 2 bytes.
1343 */
1344 expected_len = inlen + 2;
1345 if (expected_len > SCSI_MAX_MODE_LEN) {
1346 return -1;
1347 }
1348
1349 p = mode_current;
1350 memset(mode_current, 0, inlen + 2);
1351 len = mode_sense_page(s, page, &p, 0);
1352 if (len < 0 || len != expected_len) {
1353 return -1;
1354 }
1355
1356 p = mode_changeable;
1357 memset(mode_changeable, 0, inlen + 2);
1358 changeable_len = mode_sense_page(s, page, &p, 1);
1359 assert(changeable_len == len);
1360
1361 /* Check that unchangeable bits are the same as what MODE SENSE
1362 * would return.
1363 */
1364 for (i = 2; i < len; i++) {
1365 if (((mode_current[i] ^ inbuf[i - 2]) & ~mode_changeable[i]) != 0) {
1366 return -1;
1367 }
1368 }
1369 return 0;
1370}
1371
1372static void scsi_disk_apply_mode_select(SCSIDiskState *s, int page, uint8_t *p)
1373{
96c91bbf
PB		 1374 switch (page) {
1375 case MODE_PAGE_CACHING:
4be74634 1376 blk_set_enable_write_cache(s->qdev.conf.blk, (p[0] & 4) != 0);
96c91bbf
PB		 1377 break;
1378
1379 default:
1380 break;
1381 }
380feaff
PB		 1382}
1383
1384static int mode_select_pages(SCSIDiskReq *r, uint8_t *p, int len, bool change)
1385{
1386 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1387
1388 while (len > 0) {
1389 int page, subpage, page_len;
1390
1391 /* Parse both possible formats for the mode page headers. */
1392 page = p[0] & 0x3f;
1393 if (p[0] & 0x40) {
1394 if (len < 4) {
1395 goto invalid_param_len;
1396 }
1397 subpage = p[1];
1398 page_len = lduw_be_p(&p[2]);
1399 p += 4;
1400 len -= 4;
1401 } else {
1402 if (len < 2) {
1403 goto invalid_param_len;
1404 }
1405 subpage = 0;
1406 page_len = p[1];
1407 p += 2;
1408 len -= 2;
1409 }
1410
1411 if (subpage) {
1412 goto invalid_param;
1413 }
1414 if (page_len > len) {
1415 goto invalid_param_len;
1416 }
1417
1418 if (!change) {
1419 if (scsi_disk_check_mode_select(s, page, p, page_len) < 0) {
1420 goto invalid_param;
1421 }
1422 } else {
1423 scsi_disk_apply_mode_select(s, page, p);
1424 }
1425
1426 p += page_len;
1427 len -= page_len;
1428 }
1429 return 0;
1430
1431invalid_param:
1432 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1433 return -1;
1434
1435invalid_param_len:
1436 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1437 return -1;
1438}
1439
1440static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf)
1441{
accfeb2d 1442 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
380feaff
PB		 1443 uint8_t *p = inbuf;
1444 int cmd = r->req.cmd.buf[0];
1445 int len = r->req.cmd.xfer;
1446 int hdr_len = (cmd == MODE_SELECT ? 4 : 8);
1447 int bd_len;
1448 int pass;
1449
1450 /* We only support PF=1, SP=0. */
1451 if ((r->req.cmd.buf[1] & 0x11) != 0x10) {
1452 goto invalid_field;
1453 }
1454
1455 if (len < hdr_len) {
1456 goto invalid_param_len;
1457 }
1458
1459 bd_len = (cmd == MODE_SELECT ? p[3] : lduw_be_p(&p[6]));
1460 len -= hdr_len;
1461 p += hdr_len;
1462 if (len < bd_len) {
1463 goto invalid_param_len;
1464 }
1465 if (bd_len != 0 && bd_len != 8) {
1466 goto invalid_param;
1467 }
1468
1469 len -= bd_len;
1470 p += bd_len;
1471
1472 /* Ensure no change is made if there is an error! */
1473 for (pass = 0; pass < 2; pass++) {
1474 if (mode_select_pages(r, p, len, pass == 1) < 0) {
1475 assert(pass == 0);
1476 return;
1477 }
1478 }
4be74634 1479 if (!blk_enable_write_cache(s->qdev.conf.blk)) {
accfeb2d
PB		 1480 /* The request is used as the AIO opaque value, so add a ref. */
1481 scsi_req_ref(&r->req);
4be74634 1482 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 1483 BLOCK_ACCT_FLUSH);
4be74634 1484 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
accfeb2d
PB		 1485 return;
1486 }
1487
380feaff
PB		 1488 scsi_req_complete(&r->req, GOOD);
1489 return;
1490
1491invalid_param:
1492 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1493 return;
1494
1495invalid_param_len:
1496 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1497 return;
1498
1499invalid_field:
1500 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
380feaff
PB		 1501}
1502
444bc908
PB		 1503static inline bool check_lba_range(SCSIDiskState *s,
1504 uint64_t sector_num, uint32_t nb_sectors)
1505{
1506 /*
1507 * The first line tests that no overflow happens when computing the last
1508 * sector. The second line tests that the last accessed sector is in
1509 * range.
12ca76fc
PB		 1510 *
1511 * Careful, the computations should not underflow for nb_sectors == 0,
1512 * and a 0-block read to the first LBA beyond the end of device is
1513 * valid.
444bc908
PB		 1514 */
1515 return (sector_num <= sector_num + nb_sectors &&
12ca76fc 1516 sector_num + nb_sectors <= s->qdev.max_lba + 1);
444bc908
PB		 1517}
1518
5222aaf2
PB		 1519typedef struct UnmapCBData {
1520 SCSIDiskReq *r;
1521 uint8_t *inbuf;
1522 int count;
1523} UnmapCBData;
1524
1525static void scsi_unmap_complete(void *opaque, int ret)
1526{
1527 UnmapCBData *data = opaque;
1528 SCSIDiskReq *r = data->r;
1529 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1530 uint64_t sector_num;
5bb0b62e 1531 uint32_t nb_sectors;
5222aaf2
PB		 1532
1533 r->req.aiocb = NULL;
d0242ead 1534 if (r->req.io_canceled) {
d5776465 1535 scsi_req_cancel_complete(&r->req);
d0242ead
PB		 1536 goto done;
1537 }
1538
5222aaf2
PB		 1539 if (ret < 0) {
1540 if (scsi_handle_rw_error(r, -ret)) {
1541 goto done;
1542 }
1543 }
1544
d0242ead 1545 if (data->count > 0) {
5222aaf2
PB		 1546 sector_num = ldq_be_p(&data->inbuf[0]);
1547 nb_sectors = ldl_be_p(&data->inbuf[8]) & 0xffffffffULL;
444bc908 1548 if (!check_lba_range(s, sector_num, nb_sectors)) {
5222aaf2
PB		 1549 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1550 goto done;
1551 }
1552
4be74634
MA		 1553 r->req.aiocb = blk_aio_discard(s->qdev.conf.blk,
1554 sector_num * (s->qdev.blocksize / 512),
1555 nb_sectors * (s->qdev.blocksize / 512),
1556 scsi_unmap_complete, data);
5222aaf2
PB		 1557 data->count--;
1558 data->inbuf += 16;
1559 return;
1560 }
1561
d0242ead
PB		 1562 scsi_req_complete(&r->req, GOOD);
1563
5222aaf2 1564done:
3df9caf8 1565 scsi_req_unref(&r->req);
5222aaf2
PB		 1566 g_free(data);
1567}
1568
1569static void scsi_disk_emulate_unmap(SCSIDiskReq *r, uint8_t *inbuf)
1570{
c5fd1fb0 1571 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
5222aaf2
PB		 1572 uint8_t *p = inbuf;
1573 int len = r->req.cmd.xfer;
1574 UnmapCBData *data;
1575
823bd739
PB		 1576 /* Reject ANCHOR=1. */
1577 if (r->req.cmd.buf[1] & 0x1) {
1578 goto invalid_field;
1579 }
1580
5222aaf2
PB		 1581 if (len < 8) {
1582 goto invalid_param_len;
1583 }
1584 if (len < lduw_be_p(&p[0]) + 2) {
1585 goto invalid_param_len;
1586 }
1587 if (len < lduw_be_p(&p[2]) + 8) {
1588 goto invalid_param_len;
1589 }
1590 if (lduw_be_p(&p[2]) & 15) {
1591 goto invalid_param_len;
1592 }
1593
4be74634 1594 if (blk_is_read_only(s->qdev.conf.blk)) {
c5fd1fb0
PB		 1595 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1596 return;
1597 }
1598
5222aaf2
PB		 1599 data = g_new0(UnmapCBData, 1);
1600 data->r = r;
1601 data->inbuf = &p[8];
1602 data->count = lduw_be_p(&p[2]) >> 4;
1603
1604 /* The matching unref is in scsi_unmap_complete, before data is freed. */
1605 scsi_req_ref(&r->req);
1606 scsi_unmap_complete(data, 0);
1607 return;
1608
1609invalid_param_len:
1610 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
823bd739
PB		 1611 return;
1612
1613invalid_field:
1614 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
5222aaf2
PB		 1615}
1616
84f94a9a
PB		 1617typedef struct WriteSameCBData {
1618 SCSIDiskReq *r;
1619 int64_t sector;
1620 int nb_sectors;
1621 QEMUIOVector qiov;
1622 struct iovec iov;
1623} WriteSameCBData;
1624
1625static void scsi_write_same_complete(void *opaque, int ret)
1626{
1627 WriteSameCBData *data = opaque;
1628 SCSIDiskReq *r = data->r;
1629 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1630
1631 assert(r->req.aiocb != NULL);
1632 r->req.aiocb = NULL;
4be74634 1633 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
84f94a9a 1634 if (r->req.io_canceled) {
d5776465 1635 scsi_req_cancel_complete(&r->req);
84f94a9a
PB		 1636 goto done;
1637 }
1638
1639 if (ret < 0) {
1640 if (scsi_handle_rw_error(r, -ret)) {
1641 goto done;
1642 }
1643 }
1644
1645 data->nb_sectors -= data->iov.iov_len / 512;
1646 data->sector += data->iov.iov_len / 512;
1647 data->iov.iov_len = MIN(data->nb_sectors * 512, data->iov.iov_len);
1648 if (data->iov.iov_len) {
4be74634 1649 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8 1650 data->iov.iov_len, BLOCK_ACCT_WRITE);
4be74634
MA		 1651 r->req.aiocb = blk_aio_writev(s->qdev.conf.blk, data->sector,
1652 &data->qiov, data->iov.iov_len / 512,
1653 scsi_write_same_complete, data);
84f94a9a
PB		 1654 return;
1655 }
1656
1657 scsi_req_complete(&r->req, GOOD);
1658
1659done:
3df9caf8 1660 scsi_req_unref(&r->req);
84f94a9a
PB		 1661 qemu_vfree(data->iov.iov_base);
1662 g_free(data);
1663}
1664
1665static void scsi_disk_emulate_write_same(SCSIDiskReq *r, uint8_t *inbuf)
1666{
1667 SCSIRequest *req = &r->req;
1668 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1669 uint32_t nb_sectors = scsi_data_cdb_length(r->req.cmd.buf);
1670 WriteSameCBData *data;
1671 uint8_t *buf;
1672 int i;
1673
1674 /* Fail if PBDATA=1 or LBDATA=1 or ANCHOR=1. */
1675 if (nb_sectors == 0 || (req->cmd.buf[1] & 0x16)) {
1676 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1677 return;
1678 }
1679
4be74634 1680 if (blk_is_read_only(s->qdev.conf.blk)) {
84f94a9a
PB		 1681 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1682 return;
1683 }
1684 if (!check_lba_range(s, r->req.cmd.lba, nb_sectors)) {
1685 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1686 return;
1687 }
1688
1689 if (buffer_is_zero(inbuf, s->qdev.blocksize)) {
1690 int flags = (req->cmd.buf[1] & 0x8) ? BDRV_REQ_MAY_UNMAP : 0;
1691
1692 /* The request is used as the AIO opaque value, so add a ref. */
1693 scsi_req_ref(&r->req);
4be74634 1694 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8
BC		 1695 nb_sectors * s->qdev.blocksize,
1696 BLOCK_ACCT_WRITE);
4be74634
MA		 1697 r->req.aiocb = blk_aio_write_zeroes(s->qdev.conf.blk,
1698 r->req.cmd.lba * (s->qdev.blocksize / 512),
1699 nb_sectors * (s->qdev.blocksize / 512),
1700 flags, scsi_aio_complete, r);
84f94a9a
PB		 1701 return;
1702 }
1703
1704 data = g_new0(WriteSameCBData, 1);
1705 data->r = r;
1706 data->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
1707 data->nb_sectors = nb_sectors * (s->qdev.blocksize / 512);
1708 data->iov.iov_len = MIN(data->nb_sectors * 512, SCSI_WRITE_SAME_MAX);
4be74634
MA		 1709 data->iov.iov_base = buf = blk_blockalign(s->qdev.conf.blk,
1710 data->iov.iov_len);
84f94a9a
PB		 1711 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
1712
1713 for (i = 0; i < data->iov.iov_len; i += s->qdev.blocksize) {
1714 memcpy(&buf[i], inbuf, s->qdev.blocksize);
1715 }
1716
1717 scsi_req_ref(&r->req);
4be74634 1718 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8 1719 data->iov.iov_len, BLOCK_ACCT_WRITE);
4be74634
MA		 1720 r->req.aiocb = blk_aio_writev(s->qdev.conf.blk, data->sector,
1721 &data->qiov, data->iov.iov_len / 512,
1722 scsi_write_same_complete, data);
84f94a9a
PB		 1723}
1724
314a3299
PB		 1725static void scsi_disk_emulate_write_data(SCSIRequest *req)
1726{
af6d510d
PB		 1727 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1728
1729 if (r->iov.iov_len) {
1730 int buflen = r->iov.iov_len;
79fb50bb 1731 DPRINTF("Write buf_len=%d\n", buflen);
af6d510d
PB		 1732 r->iov.iov_len = 0;
1733 scsi_req_data(&r->req, buflen);
1734 return;
1735 }
1736
1737 switch (req->cmd.buf[0]) {
1738 case MODE_SELECT:
1739 case MODE_SELECT_10:
1740 /* This also clears the sense buffer for REQUEST SENSE. */
380feaff 1741 scsi_disk_emulate_mode_select(r, r->iov.iov_base);
af6d510d
PB		 1742 break;
1743
5222aaf2
PB		 1744 case UNMAP:
1745 scsi_disk_emulate_unmap(r, r->iov.iov_base);
1746 break;
1747
d97e7730
PB		 1748 case VERIFY_10:
1749 case VERIFY_12:
1750 case VERIFY_16:
1751 if (r->req.status == -1) {
1752 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1753 }
1754 break;
1755
84f94a9a
PB		 1756 case WRITE_SAME_10:
1757 case WRITE_SAME_16:
1758 scsi_disk_emulate_write_same(r, r->iov.iov_base);
1759 break;
d97e7730 1760
af6d510d
PB		 1761 default:
1762 abort();
1763 }
314a3299
PB		 1764}
1765
b08d0ea0 1766static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
aa5dbdc1 1767{
b08d0ea0 1768 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
e7e25e32 1769 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
e7e25e32 1770 uint64_t nb_sectors;
7285477a 1771 uint8_t *outbuf;
af6d510d 1772 int buflen;
aa5dbdc1 1773
b08d0ea0
PB		 1774 switch (req->cmd.buf[0]) {
1775 case INQUIRY:
1776 case MODE_SENSE:
1777 case MODE_SENSE_10:
1778 case RESERVE:
1779 case RESERVE_10:
1780 case RELEASE:
1781 case RELEASE_10:
1782 case START_STOP:
1783 case ALLOW_MEDIUM_REMOVAL:
1784 case GET_CONFIGURATION:
1785 case GET_EVENT_STATUS_NOTIFICATION:
1786 case MECHANISM_STATUS:
1787 case REQUEST_SENSE:
1788 break;
1789
1790 default:
4be74634 1791 if (s->tray_open || !blk_is_inserted(s->qdev.conf.blk)) {
b08d0ea0
PB		 1792 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1793 return 0;
1794 }
1795 break;
1796 }
1797
c8dcb531
PB		 1798 /*
1799 * FIXME: we shouldn't return anything bigger than 4k, but the code
1800 * requires the buffer to be as big as req->cmd.xfer in several
1801 * places. So, do not allow CDBs with a very large ALLOCATION
1802 * LENGTH. The real fix would be to modify scsi_read_data and
1803 * dma_buf_read, so that they return data beyond the buflen
1804 * as all zeros.
1805 */
1806 if (req->cmd.xfer > 65536) {
1807 goto illegal_request;
1808 }
1809 r->buflen = MAX(4096, req->cmd.xfer);
1810
7285477a 1811 if (!r->iov.iov_base) {
4be74634 1812 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
7285477a
PB		 1813 }
1814
af6d510d 1815 buflen = req->cmd.xfer;
7285477a 1816 outbuf = r->iov.iov_base;
c8dcb531 1817 memset(outbuf, 0, r->buflen);
aa5dbdc1
GH		 1818 switch (req->cmd.buf[0]) {
1819 case TEST_UNIT_READY:
4be74634 1820 assert(!s->tray_open && blk_is_inserted(s->qdev.conf.blk));
5f71d32f 1821 break;
0b06c059
GH		 1822 case INQUIRY:
1823 buflen = scsi_disk_emulate_inquiry(req, outbuf);
f01b5931 1824 if (buflen < 0) {
0b06c059 1825 goto illegal_request;
f01b5931 1826 }
5f71d32f 1827 break;
ebddfcbe
GH		 1828 case MODE_SENSE:
1829 case MODE_SENSE_10:
cfc606da 1830 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
f01b5931 1831 if (buflen < 0) {
ebddfcbe 1832 goto illegal_request;
f01b5931 1833 }
ebddfcbe 1834 break;
02880f43
GH		 1835 case READ_TOC:
1836 buflen = scsi_disk_emulate_read_toc(req, outbuf);
f01b5931 1837 if (buflen < 0) {
02880f43 1838 goto illegal_request;
f01b5931 1839 }
02880f43 1840 break;
3d53ba18 1841 case RESERVE:
f01b5931 1842 if (req->cmd.buf[1] & 1) {
3d53ba18 1843 goto illegal_request;
f01b5931 1844 }
3d53ba18
GH		 1845 break;
1846 case RESERVE_10:
f01b5931 1847 if (req->cmd.buf[1] & 3) {
3d53ba18 1848 goto illegal_request;
f01b5931 1849 }
3d53ba18
GH		 1850 break;
1851 case RELEASE:
f01b5931 1852 if (req->cmd.buf[1] & 1) {
3d53ba18 1853 goto illegal_request;
f01b5931 1854 }
3d53ba18
GH		 1855 break;
1856 case RELEASE_10:
f01b5931 1857 if (req->cmd.buf[1] & 3) {
3d53ba18 1858 goto illegal_request;
f01b5931 1859 }
3d53ba18 1860 break;
8d3628ff 1861 case START_STOP:
68bb01f3 1862 if (scsi_disk_emulate_start_stop(r) < 0) {
b08d0ea0 1863 return 0;
68bb01f3 1864 }
5f71d32f 1865 break;
c68b9f34 1866 case ALLOW_MEDIUM_REMOVAL:
81b1008d 1867 s->tray_locked = req->cmd.buf[4] & 1;
4be74634 1868 blk_lock_medium(s->qdev.conf.blk, req->cmd.buf[4] & 1);
5f71d32f 1869 break;
5e30a07d 1870 case READ_CAPACITY_10:
e7e25e32 1871 /* The normal LEN field for this command is zero. */
5f71d32f 1872 memset(outbuf, 0, 8);
4be74634 1873 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
f01b5931 1874 if (!nb_sectors) {
9bcaf4fe 1875 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
0369f06f 1876 return 0;
f01b5931 1877 }
7cec78b6
PB		 1878 if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) {
1879 goto illegal_request;
1880 }
69377307 1881 nb_sectors /= s->qdev.blocksize / 512;
e7e25e32
GH		 1882 /* Returned value is the address of the last sector. */
1883 nb_sectors--;
1884 /* Remember the new size for read/write sanity checking. */
7877903a 1885 s->qdev.max_lba = nb_sectors;
e7e25e32 1886 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
f01b5931 1887 if (nb_sectors > UINT32_MAX) {
e7e25e32 1888 nb_sectors = UINT32_MAX;
f01b5931 1889 }
e7e25e32
GH		 1890 outbuf[0] = (nb_sectors >> 24) & 0xff;
1891 outbuf[1] = (nb_sectors >> 16) & 0xff;
1892 outbuf[2] = (nb_sectors >> 8) & 0xff;
1893 outbuf[3] = nb_sectors & 0xff;
1894 outbuf[4] = 0;
1895 outbuf[5] = 0;
69377307 1896 outbuf[6] = s->qdev.blocksize >> 8;
e7e25e32 1897 outbuf[7] = 0;
5f71d32f 1898 break;
f3b338ef
PB		 1899 case REQUEST_SENSE:
1900 /* Just return "NO SENSE". */
1901 buflen = scsi_build_sense(NULL, 0, outbuf, r->buflen,
1902 (req->cmd.buf[1] & 1) == 0);
c8dcb531
PB		 1903 if (buflen < 0) {
1904 goto illegal_request;
1905 }
f3b338ef 1906 break;
b6c251ab
PB		 1907 case MECHANISM_STATUS:
1908 buflen = scsi_emulate_mechanism_status(s, outbuf);
1909 if (buflen < 0) {
1910 goto illegal_request;
1911 }
1912 break;
38215553 1913 case GET_CONFIGURATION:
430ee2f2 1914 buflen = scsi_get_configuration(s, outbuf);
b6c251ab
PB		 1915 if (buflen < 0) {
1916 goto illegal_request;
1917 }
1918 break;
1919 case GET_EVENT_STATUS_NOTIFICATION:
1920 buflen = scsi_get_event_status_notification(s, r, outbuf);
1921 if (buflen < 0) {
1922 goto illegal_request;
1923 }
1924 break;
1a4f0c3a
PB		 1925 case READ_DISC_INFORMATION:
1926 buflen = scsi_read_disc_information(s, r, outbuf);
1927 if (buflen < 0) {
1928 goto illegal_request;
1929 }
1930 break;
b6c251ab
PB		 1931 case READ_DVD_STRUCTURE:
1932 buflen = scsi_read_dvd_structure(s, r, outbuf);
1933 if (buflen < 0) {
1934 goto illegal_request;
1935 }
38215553 1936 break;
f6515262 1937 case SERVICE_ACTION_IN_16:
5dd90e2a 1938 /* Service Action In subcommands. */
f6515262 1939 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
5dd90e2a
GH		 1940 DPRINTF("SAI READ CAPACITY(16)\n");
1941 memset(outbuf, 0, req->cmd.xfer);
4be74634 1942 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
f01b5931 1943 if (!nb_sectors) {
9bcaf4fe 1944 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
0369f06f 1945 return 0;
f01b5931 1946 }
7cec78b6
PB		 1947 if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) {
1948 goto illegal_request;
1949 }
69377307 1950 nb_sectors /= s->qdev.blocksize / 512;
5dd90e2a
GH		 1951 /* Returned value is the address of the last sector. */
1952 nb_sectors--;
1953 /* Remember the new size for read/write sanity checking. */
7877903a 1954 s->qdev.max_lba = nb_sectors;
5dd90e2a
GH		 1955 outbuf[0] = (nb_sectors >> 56) & 0xff;
1956 outbuf[1] = (nb_sectors >> 48) & 0xff;
1957 outbuf[2] = (nb_sectors >> 40) & 0xff;
1958 outbuf[3] = (nb_sectors >> 32) & 0xff;
1959 outbuf[4] = (nb_sectors >> 24) & 0xff;
1960 outbuf[5] = (nb_sectors >> 16) & 0xff;
1961 outbuf[6] = (nb_sectors >> 8) & 0xff;
1962 outbuf[7] = nb_sectors & 0xff;
1963 outbuf[8] = 0;
1964 outbuf[9] = 0;
69377307 1965 outbuf[10] = s->qdev.blocksize >> 8;
5dd90e2a 1966 outbuf[11] = 0;
ee3659e3
CH		 1967 outbuf[12] = 0;
1968 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
ea3bd56f
CH		 1969
1970 /* set TPE bit if the format supports discard */
1971 if (s->qdev.conf.discard_granularity) {
1972 outbuf[14] = 0x80;
1973 }
1974
5dd90e2a 1975 /* Protection, exponent and lowest lba field left blank. */
5dd90e2a
GH		 1976 break;
1977 }
1978 DPRINTF("Unsupported Service Action In\n");
1979 goto illegal_request;
101aa85f
PB		 1980 case SYNCHRONIZE_CACHE:
1981 /* The request is used as the AIO opaque value, so add a ref. */
1982 scsi_req_ref(&r->req);
4be74634 1983 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 1984 BLOCK_ACCT_FLUSH);
4be74634 1985 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
101aa85f
PB		 1986 return 0;
1987 case SEEK_10:
1988 DPRINTF("Seek(10) (sector %" PRId64 ")\n", r->req.cmd.lba);
1989 if (r->req.cmd.lba > s->qdev.max_lba) {
1990 goto illegal_lba;
1991 }
1992 break;
101aa85f
PB		 1993 case MODE_SELECT:
1994 DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
101aa85f
PB		 1995 break;
1996 case MODE_SELECT_10:
1997 DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
101aa85f 1998 break;
5222aaf2
PB		 1999 case UNMAP:
2000 DPRINTF("Unmap (len %lu)\n", (long)r->req.cmd.xfer);
2001 break;
d97e7730
PB		 2002 case VERIFY_10:
2003 case VERIFY_12:
2004 case VERIFY_16:
4525c133 2005 DPRINTF("Verify (bytchk %d)\n", (req->cmd.buf[1] >> 1) & 3);
d97e7730
PB		 2006 if (req->cmd.buf[1] & 6) {
2007 goto illegal_request;
2008 }
2009 break;
101aa85f 2010 case WRITE_SAME_10:
101aa85f 2011 case WRITE_SAME_16:
84f94a9a
PB		 2012 DPRINTF("WRITE SAME %d (len %lu)\n",
2013 req->cmd.buf[0] == WRITE_SAME_10 ? 10 : 16,
2014 (long)r->req.cmd.xfer);
2015 break;
aa5dbdc1 2016 default:
b9e77bc7
AK		 2017 DPRINTF("Unknown SCSI command (%2.2x=%s)\n", buf[0],
2018 scsi_command_name(buf[0]));
b45ef674 2019 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
b08d0ea0 2020 return 0;
aa5dbdc1 2021 }
314a3299 2022 assert(!r->req.aiocb);
c8dcb531 2023 r->iov.iov_len = MIN(r->buflen, req->cmd.xfer);
b08d0ea0
PB		 2024 if (r->iov.iov_len == 0) {
2025 scsi_req_complete(&r->req, GOOD);
2026 }
af6d510d
PB		 2027 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
2028 assert(r->iov.iov_len == req->cmd.xfer);
2029 return -r->iov.iov_len;
2030 } else {
2031 return r->iov.iov_len;
2032 }
aa5dbdc1 2033
aa5dbdc1 2034illegal_request:
cfc606da
PB		 2035 if (r->req.status == -1) {
2036 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2037 }
b08d0ea0 2038 return 0;
101aa85f
PB		 2039
2040illegal_lba:
2041 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
2042 return 0;
aa5dbdc1
GH		 2043}
2044
2e5d83bb
PB		 2045/* Execute a scsi command. Returns the length of the data expected by the
2046 command. This will be Positive for data transfers from the device
2047 (eg. disk reads), negative for transfers to the device (eg. disk writes),
2048 and zero if the command does not transfer any data. */
2049
b08d0ea0 2050static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf)
2e5d83bb 2051{
5c6c0e51
HR		 2052 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2053 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
e93176d5 2054 uint32_t len;
a917d384 2055 uint8_t command;
a917d384
PB		 2056
2057 command = buf[0];
aa5dbdc1 2058
4be74634 2059 if (s->tray_open || !blk_is_inserted(s->qdev.conf.blk)) {
b08d0ea0
PB		 2060 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
2061 return 0;
9bcaf4fe
PB		 2062 }
2063
e93176d5 2064 len = scsi_data_cdb_length(r->req.cmd.buf);
a917d384 2065 switch (command) {
ebf46023
GH		 2066 case READ_6:
2067 case READ_10:
bd536cf3
GH		 2068 case READ_12:
2069 case READ_16:
e93176d5 2070 DPRINTF("Read (sector %" PRId64 ", count %u)\n", r->req.cmd.lba, len);
96bdbbab
RS		 2071 if (r->req.cmd.buf[1] & 0xe0) {
2072 goto illegal_request;
2073 }
444bc908 2074 if (!check_lba_range(s, r->req.cmd.lba, len)) {
274fb0e1 2075 goto illegal_lba;
f01b5931 2076 }
69377307
PB		 2077 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
2078 r->sector_count = len * (s->qdev.blocksize / 512);
2e5d83bb 2079 break;
ebf46023
GH		 2080 case WRITE_6:
2081 case WRITE_10:
bd536cf3
GH		 2082 case WRITE_12:
2083 case WRITE_16:
5e30a07d 2084 case WRITE_VERIFY_10:
ebef0bbb
BK		 2085 case WRITE_VERIFY_12:
2086 case WRITE_VERIFY_16:
4be74634 2087 if (blk_is_read_only(s->qdev.conf.blk)) {
6a8a685c
RS		 2088 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
2089 return 0;
2090 }
e93176d5 2091 DPRINTF("Write %s(sector %" PRId64 ", count %u)\n",
2dd791b6
HR		 2092 (command & 0xe) == 0xe ? "And Verify " : "",
2093 r->req.cmd.lba, len);
96bdbbab
RS		 2094 if (r->req.cmd.buf[1] & 0xe0) {
2095 goto illegal_request;
2096 }
444bc908 2097 if (!check_lba_range(s, r->req.cmd.lba, len)) {
274fb0e1 2098 goto illegal_lba;
f01b5931 2099 }
69377307
PB		 2100 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
2101 r->sector_count = len * (s->qdev.blocksize / 512);
2e5d83bb 2102 break;
101aa85f 2103 default:
b08d0ea0 2104 abort();
96bdbbab
RS		 2105 illegal_request:
2106 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2107 return 0;
274fb0e1 2108 illegal_lba:
b45ef674 2109 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
274fb0e1 2110 return 0;
2e5d83bb 2111 }
b08d0ea0 2112 if (r->sector_count == 0) {
b45ef674 2113 scsi_req_complete(&r->req, GOOD);
a917d384 2114 }
b08d0ea0 2115 assert(r->iov.iov_len == 0);
efb9ee02 2116 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
b08d0ea0 2117 return -r->sector_count * 512;
a917d384 2118 } else {
b08d0ea0 2119 return r->sector_count * 512;
2e5d83bb 2120 }
2e5d83bb
PB		 2121}
2122
e9447f35
JK		 2123static void scsi_disk_reset(DeviceState *dev)
2124{
2125 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
2126 uint64_t nb_sectors;
2127
c7b48872 2128 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
e9447f35 2129
4be74634 2130 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
69377307 2131 nb_sectors /= s->qdev.blocksize / 512;
e9447f35
JK		 2132 if (nb_sectors) {
2133 nb_sectors--;
2134 }
7877903a 2135 s->qdev.max_lba = nb_sectors;
7721c7f7
PH		 2136 /* reset tray statuses */
2137 s->tray_locked = 0;
2138 s->tray_open = 0;
e9447f35
JK		 2139}
2140
a818a4b6 2141static void scsi_unrealize(SCSIDevice *dev, Error **errp)
e9447f35
JK		 2142{
2143 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2144
c7b48872 2145 scsi_device_purge_requests(&s->qdev, SENSE_CODE(NO_SENSE));
4be74634 2146 blockdev_mark_auto_del(s->qdev.conf.blk);
56a14938
GH		 2147}
2148
aaebacef
PB		 2149static void scsi_disk_resize_cb(void *opaque)
2150{
2151 SCSIDiskState *s = opaque;
2152
2153 /* SPC lists this sense code as available only for
2154 * direct-access devices.
2155 */
2156 if (s->qdev.type == TYPE_DISK) {
53200fad 2157 scsi_device_report_change(&s->qdev, SENSE_CODE(CAPACITY_CHANGED));
aaebacef
PB		 2158 }
2159}
2160
7d4b4ba5 2161static void scsi_cd_change_media_cb(void *opaque, bool load)
2c6942fa 2162{
8a9c16f6
PB		 2163 SCSIDiskState *s = opaque;
2164
2165 /*
2166 * When a CD gets changed, we have to report an ejected state and
2167 * then a loaded state to guests so that they detect tray
2168 * open/close and media change events. Guests that do not use
2169 * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close
2170 * states rely on this behavior.
2171 *
2172 * media_changed governs the state machine used for unit attention
2173 * report. media_event is used by GET EVENT STATUS NOTIFICATION.
2174 */
2175 s->media_changed = load;
2176 s->tray_open = !load;
e48e84ea 2177 scsi_device_set_ua(&s->qdev, SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM));
3c2f7c12 2178 s->media_event = true;
4480de19
PB		 2179 s->eject_request = false;
2180}
2181
2182static void scsi_cd_eject_request_cb(void *opaque, bool force)
2183{
2184 SCSIDiskState *s = opaque;
2185
2186 s->eject_request = true;
2187 if (force) {
2188 s->tray_locked = false;
2189 }
2c6942fa
MA		 2190}
2191
e4def80b
MA		 2192static bool scsi_cd_is_tray_open(void *opaque)
2193{
2194 return ((SCSIDiskState *)opaque)->tray_open;
2195}
2196
f107639a
MA		 2197static bool scsi_cd_is_medium_locked(void *opaque)
2198{
2199 return ((SCSIDiskState *)opaque)->tray_locked;
2200}
2201
aaebacef 2202static const BlockDevOps scsi_disk_removable_block_ops = {
2c6942fa 2203 .change_media_cb = scsi_cd_change_media_cb,
4480de19 2204 .eject_request_cb = scsi_cd_eject_request_cb,
e4def80b 2205 .is_tray_open = scsi_cd_is_tray_open,
f107639a 2206 .is_medium_locked = scsi_cd_is_medium_locked,
aaebacef
PB		 2207
2208 .resize_cb = scsi_disk_resize_cb,
2209};
2210
2211static const BlockDevOps scsi_disk_block_ops = {
2212 .resize_cb = scsi_disk_resize_cb,
f107639a
MA		 2213};
2214
8a9c16f6
PB		 2215static void scsi_disk_unit_attention_reported(SCSIDevice *dev)
2216{
2217 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2218 if (s->media_changed) {
2219 s->media_changed = false;
e48e84ea 2220 scsi_device_set_ua(&s->qdev, SENSE_CODE(MEDIUM_CHANGED));
8a9c16f6
PB		 2221 }
2222}
2223
a818a4b6 2224static void scsi_realize(SCSIDevice *dev, Error **errp)
2e5d83bb 2225{
d52affa7 2226 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
5ff5efb4 2227 Error *err = NULL;
2e5d83bb 2228
4be74634 2229 if (!s->qdev.conf.blk) {
a818a4b6
FZ		 2230 error_setg(errp, "drive property not set");
2231 return;
d52affa7
GH		 2232 }
2233
bfe3d7ac 2234 if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
4be74634 2235 !blk_is_inserted(s->qdev.conf.blk)) {
a818a4b6
FZ		 2236 error_setg(errp, "Device needs media, but drive is empty");
2237 return;
98f28ad7
MA		 2238 }
2239
911525db 2240 blkconf_serial(&s->qdev.conf, &s->serial);
5ff5efb4
FZ		 2241 if (dev->type == TYPE_DISK) {
2242 blkconf_geometry(&dev->conf, NULL, 65535, 255, 255, &err);
2243 if (err) {
a818a4b6
FZ		 2244 error_propagate(errp, err);
2245 return;
5ff5efb4 2246 }
b7eb0c9f 2247 }
a0fef654 2248
215e47b9
PB		 2249 if (s->qdev.conf.discard_granularity == -1) {
2250 s->qdev.conf.discard_granularity =
2251 MAX(s->qdev.conf.logical_block_size, DEFAULT_DISCARD_GRANULARITY);
2252 }
2253
552fee93 2254 if (!s->version) {
93bfef4c 2255 s->version = g_strdup(qemu_get_version());
552fee93 2256 }
353815aa
DF		 2257 if (!s->vendor) {
2258 s->vendor = g_strdup("QEMU");
2259 }
552fee93 2260
4be74634 2261 if (blk_is_sg(s->qdev.conf.blk)) {
a818a4b6
FZ		 2262 error_setg(errp, "unwanted /dev/sg*");
2263 return;
32bb404a
MA		 2264 }
2265
18e673b8
PH		 2266 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2267 !(s->features & (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS))) {
4be74634 2268 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_removable_block_ops, s);
aaebacef 2269 } else {
4be74634 2270 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_block_ops, s);
2e5d83bb 2271 }
4be74634 2272 blk_set_guest_block_size(s->qdev.conf.blk, s->qdev.blocksize);
8cfacf07 2273
4be74634 2274 blk_iostatus_enable(s->qdev.conf.blk);
d52affa7
GH		 2275}
2276
a818a4b6 2277static void scsi_hd_realize(SCSIDevice *dev, Error **errp)
b443ae67 2278{
e39be482
PB		 2279 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2280 s->qdev.blocksize = s->qdev.conf.logical_block_size;
2281 s->qdev.type = TYPE_DISK;
353815aa
DF		 2282 if (!s->product) {
2283 s->product = g_strdup("QEMU HARDDISK");
2284 }
a818a4b6 2285 scsi_realize(&s->qdev, errp);
b443ae67
MA		 2286}
2287
a818a4b6 2288static void scsi_cd_realize(SCSIDevice *dev, Error **errp)
b443ae67 2289{
e39be482
PB		 2290 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2291 s->qdev.blocksize = 2048;
2292 s->qdev.type = TYPE_ROM;
bfe3d7ac 2293 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
353815aa
DF		 2294 if (!s->product) {
2295 s->product = g_strdup("QEMU CD-ROM");
2296 }
a818a4b6 2297 scsi_realize(&s->qdev, errp);
b443ae67
MA		 2298}
2299
a818a4b6 2300static void scsi_disk_realize(SCSIDevice *dev, Error **errp)
b443ae67 2301{
95b5edcd 2302 DriveInfo *dinfo;
a818a4b6 2303 Error *local_err = NULL;
b443ae67 2304
4be74634 2305 if (!dev->conf.blk) {
a818a4b6
FZ		 2306 scsi_realize(dev, &local_err);
2307 assert(local_err);
2308 error_propagate(errp, local_err);
2309 return;
b443ae67
MA		 2310 }
2311
4be74634 2312 dinfo = blk_legacy_dinfo(dev->conf.blk);
e39be482 2313 if (dinfo->media_cd) {
a818a4b6 2314 scsi_cd_realize(dev, errp);
e39be482 2315 } else {
a818a4b6 2316 scsi_hd_realize(dev, errp);
e39be482 2317 }
b443ae67
MA		 2318}
2319
b08d0ea0 2320static const SCSIReqOps scsi_disk_emulate_reqops = {
8dbd4574 2321 .size = sizeof(SCSIDiskReq),
12010e7b 2322 .free_req = scsi_free_request,
b08d0ea0 2323 .send_command = scsi_disk_emulate_command,
314a3299
PB		 2324 .read_data = scsi_disk_emulate_read_data,
2325 .write_data = scsi_disk_emulate_write_data,
b08d0ea0
PB		 2326 .get_buf = scsi_get_buf,
2327};
2328
2329static const SCSIReqOps scsi_disk_dma_reqops = {
2330 .size = sizeof(SCSIDiskReq),
2331 .free_req = scsi_free_request,
2332 .send_command = scsi_disk_dma_command,
12010e7b
PB		 2333 .read_data = scsi_read_data,
2334 .write_data = scsi_write_data,
12010e7b 2335 .get_buf = scsi_get_buf,
43b978b9
PB		 2336 .load_request = scsi_disk_load_request,
2337 .save_request = scsi_disk_save_request,
8dbd4574
PB		 2338};
2339
b08d0ea0
PB		 2340static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = {
2341 [TEST_UNIT_READY] = &scsi_disk_emulate_reqops,
2342 [INQUIRY] = &scsi_disk_emulate_reqops,
2343 [MODE_SENSE] = &scsi_disk_emulate_reqops,
2344 [MODE_SENSE_10] = &scsi_disk_emulate_reqops,
2345 [START_STOP] = &scsi_disk_emulate_reqops,
2346 [ALLOW_MEDIUM_REMOVAL] = &scsi_disk_emulate_reqops,
2347 [READ_CAPACITY_10] = &scsi_disk_emulate_reqops,
2348 [READ_TOC] = &scsi_disk_emulate_reqops,
2349 [READ_DVD_STRUCTURE] = &scsi_disk_emulate_reqops,
2350 [READ_DISC_INFORMATION] = &scsi_disk_emulate_reqops,
2351 [GET_CONFIGURATION] = &scsi_disk_emulate_reqops,
2352 [GET_EVENT_STATUS_NOTIFICATION] = &scsi_disk_emulate_reqops,
2353 [MECHANISM_STATUS] = &scsi_disk_emulate_reqops,
2354 [SERVICE_ACTION_IN_16] = &scsi_disk_emulate_reqops,
2355 [REQUEST_SENSE] = &scsi_disk_emulate_reqops,
2356 [SYNCHRONIZE_CACHE] = &scsi_disk_emulate_reqops,
2357 [SEEK_10] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2358 [MODE_SELECT] = &scsi_disk_emulate_reqops,
2359 [MODE_SELECT_10] = &scsi_disk_emulate_reqops,
5222aaf2 2360 [UNMAP] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2361 [WRITE_SAME_10] = &scsi_disk_emulate_reqops,
2362 [WRITE_SAME_16] = &scsi_disk_emulate_reqops,
d97e7730
PB		 2363 [VERIFY_10] = &scsi_disk_emulate_reqops,
2364 [VERIFY_12] = &scsi_disk_emulate_reqops,
2365 [VERIFY_16] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2366
2367 [READ_6] = &scsi_disk_dma_reqops,
2368 [READ_10] = &scsi_disk_dma_reqops,
2369 [READ_12] = &scsi_disk_dma_reqops,
2370 [READ_16] = &scsi_disk_dma_reqops,
b08d0ea0
PB		 2371 [WRITE_6] = &scsi_disk_dma_reqops,
2372 [WRITE_10] = &scsi_disk_dma_reqops,
2373 [WRITE_12] = &scsi_disk_dma_reqops,
2374 [WRITE_16] = &scsi_disk_dma_reqops,
2375 [WRITE_VERIFY_10] = &scsi_disk_dma_reqops,
2376 [WRITE_VERIFY_12] = &scsi_disk_dma_reqops,
2377 [WRITE_VERIFY_16] = &scsi_disk_dma_reqops,
2378};
2379
63db0f0e
PB		 2380static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
2381 uint8_t *buf, void *hba_private)
8dbd4574
PB		 2382{
2383 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2384 SCSIRequest *req;
b08d0ea0
PB		 2385 const SCSIReqOps *ops;
2386 uint8_t command;
8dbd4574 2387
79fb50bb
PB		 2388 command = buf[0];
2389 ops = scsi_disk_reqops_dispatch[command];
2390 if (!ops) {
2391 ops = &scsi_disk_emulate_reqops;
2392 }
2393 req = scsi_req_alloc(ops, &s->qdev, tag, lun, hba_private);
2394
b08d0ea0 2395#ifdef DEBUG_SCSI
79fb50bb 2396 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
b08d0ea0
PB		 2397 {
2398 int i;
79fb50bb 2399 for (i = 1; i < req->cmd.len; i++) {
b08d0ea0
PB		 2400 printf(" 0x%02x", buf[i]);
2401 }
2402 printf("\n");
2403 }
2404#endif
2405
8dbd4574
PB		 2406 return req;
2407}
2408
336a6915
PB		 2409#ifdef __linux__
2410static int get_device_type(SCSIDiskState *s)
2411{
336a6915
PB		 2412 uint8_t cmd[16];
2413 uint8_t buf[36];
2414 uint8_t sensebuf[8];
2415 sg_io_hdr_t io_header;
2416 int ret;
2417
2418 memset(cmd, 0, sizeof(cmd));
2419 memset(buf, 0, sizeof(buf));
2420 cmd[0] = INQUIRY;
2421 cmd[4] = sizeof(buf);
2422
2423 memset(&io_header, 0, sizeof(io_header));
2424 io_header.interface_id = 'S';
2425 io_header.dxfer_direction = SG_DXFER_FROM_DEV;
2426 io_header.dxfer_len = sizeof(buf);
2427 io_header.dxferp = buf;
2428 io_header.cmdp = cmd;
2429 io_header.cmd_len = sizeof(cmd);
2430 io_header.mx_sb_len = sizeof(sensebuf);
2431 io_header.sbp = sensebuf;
2432 io_header.timeout = 6000; /* XXX */
2433
4be74634 2434 ret = blk_ioctl(s->qdev.conf.blk, SG_IO, &io_header);
336a6915
PB		 2435 if (ret < 0 || io_header.driver_status || io_header.host_status) {
2436 return -1;
2437 }
2438 s->qdev.type = buf[0];
bfe3d7ac
PB		 2439 if (buf[1] & 0x80) {
2440 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2441 }
336a6915
PB		 2442 return 0;
2443}
2444
a818a4b6 2445static void scsi_block_realize(SCSIDevice *dev, Error **errp)
336a6915
PB		 2446{
2447 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2448 int sg_version;
2449 int rc;
2450
4be74634 2451 if (!s->qdev.conf.blk) {
a818a4b6
FZ		 2452 error_setg(errp, "drive property not set");
2453 return;
336a6915
PB		 2454 }
2455
2456 /* check we are using a driver managing SG_IO (version 3 and after) */
4be74634 2457 rc = blk_ioctl(s->qdev.conf.blk, SG_GET_VERSION_NUM, &sg_version);
4bbeb8b1 2458 if (rc < 0) {
a818a4b6 2459 error_setg(errp, "cannot get SG_IO version number: %s. "
6ee143a0 2460 "Is this a SCSI device?",
4bbeb8b1 2461 strerror(-rc));
a818a4b6 2462 return;
4bbeb8b1
FZ		 2463 }
2464 if (sg_version < 30000) {
a818a4b6
FZ		 2465 error_setg(errp, "scsi generic interface too old");
2466 return;
336a6915
PB		 2467 }
2468
2469 /* get device type from INQUIRY data */
2470 rc = get_device_type(s);
2471 if (rc < 0) {
a818a4b6
FZ		 2472 error_setg(errp, "INQUIRY failed");
2473 return;
336a6915
PB		 2474 }
2475
2476 /* Make a guess for the block size, we'll fix it when the guest sends.
2477 * READ CAPACITY. If they don't, they likely would assume these sizes
2478 * anyway. (TODO: check in /sys).
2479 */
2480 if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) {
2481 s->qdev.blocksize = 2048;
2482 } else {
2483 s->qdev.blocksize = 512;
2484 }
18e673b8
PH		 2485
2486 /* Makes the scsi-block device not removable by using HMP and QMP eject
2487 * command.
2488 */
2489 s->features |= (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS);
2490
a818a4b6 2491 scsi_realize(&s->qdev, errp);
336a6915
PB		 2492}
2493
592c3b28 2494static bool scsi_block_is_passthrough(SCSIDiskState *s, uint8_t *buf)
336a6915 2495{
336a6915
PB		 2496 switch (buf[0]) {
2497 case READ_6:
2498 case READ_10:
2499 case READ_12:
2500 case READ_16:
7f64f8e2
PB		 2501 case VERIFY_10:
2502 case VERIFY_12:
2503 case VERIFY_16:
336a6915
PB		 2504 case WRITE_6:
2505 case WRITE_10:
2506 case WRITE_12:
2507 case WRITE_16:
2508 case WRITE_VERIFY_10:
2509 case WRITE_VERIFY_12:
2510 case WRITE_VERIFY_16:
eaccf49e 2511 /* If we are not using O_DIRECT, we might read stale data from the
592c3b28
PB		 2512 * host cache if writes were made using other commands than these
2513 * ones (such as WRITE SAME or EXTENDED COPY, etc.). So, without
2514 * O_DIRECT everything must go through SG_IO.
eaccf49e 2515 */
4be74634 2516 if (!(blk_get_flags(s->qdev.conf.blk) & BDRV_O_NOCACHE)) {
eaccf49e
PB		 2517 break;
2518 }
2519
33ebad12
PB		 2520 /* MMC writing cannot be done via pread/pwrite, because it sometimes
2521 * involves writing beyond the maximum LBA or to negative LBA (lead-in).
2522 * And once you do these writes, reading from the block device is
2523 * unreliable, too. It is even possible that reads deliver random data
2524 * from the host page cache (this is probably a Linux bug).
2525 *
b08d0ea0 2526 * We might use scsi_disk_dma_reqops as long as no writing commands are
33ebad12
PB		 2527 * seen, but performance usually isn't paramount on optical media. So,
2528 * just make scsi-block operate the same as scsi-generic for them.
2529 */
b08d0ea0 2530 if (s->qdev.type != TYPE_ROM) {
592c3b28 2531 return false;
b08d0ea0 2532 }
592c3b28
PB		 2533 break;
2534
2535 default:
2536 break;
336a6915
PB		 2537 }
2538
592c3b28
PB		 2539 return true;
2540}
2541
2542
2543static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag,
2544 uint32_t lun, uint8_t *buf,
2545 void *hba_private)
2546{
2547 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2548
2549 if (scsi_block_is_passthrough(s, buf)) {
2550 return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun,
2551 hba_private);
2552 } else {
2553 return scsi_req_alloc(&scsi_disk_dma_reqops, &s->qdev, tag, lun,
2554 hba_private);
2555 }
336a6915 2556}
3e7e180a
PB		 2557
2558static int scsi_block_parse_cdb(SCSIDevice *d, SCSICommand *cmd,
2559 uint8_t *buf, void *hba_private)
2560{
2561 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2562
2563 if (scsi_block_is_passthrough(s, buf)) {
2564 return scsi_bus_parse_cdb(&s->qdev, cmd, buf, hba_private);
2565 } else {
2566 return scsi_req_parse_cdb(&s->qdev, cmd, buf);
2567 }
2568}
2569
336a6915
PB		 2570#endif
2571
353815aa
DF		 2572#define DEFINE_SCSI_DISK_PROPERTIES() \
2573 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \
2574 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
2575 DEFINE_PROP_STRING("serial", SCSIDiskState, serial), \
2576 DEFINE_PROP_STRING("vendor", SCSIDiskState, vendor), \
2577 DEFINE_PROP_STRING("product", SCSIDiskState, product)
b443ae67 2578
39bffca2
AL		 2579static Property scsi_hd_properties[] = {
2580 DEFINE_SCSI_DISK_PROPERTIES(),
bfe3d7ac
PB		 2581 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2582 SCSI_DISK_F_REMOVABLE, false),
da8365db
PB		 2583 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2584 SCSI_DISK_F_DPOFUA, false),
c7bcc85d 2585 DEFINE_PROP_UINT64("wwn", SCSIDiskState, wwn, 0),
64cc2284
RD		 2586 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, port_wwn, 0),
2587 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
8a1bd297
PB		 2588 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
2589 DEFAULT_MAX_UNMAP_SIZE),
d252df48 2590 DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState, qdev.conf),
39bffca2
AL		 2591 DEFINE_PROP_END_OF_LIST(),
2592};
2593
43b978b9
PB		 2594static const VMStateDescription vmstate_scsi_disk_state = {
2595 .name = "scsi-disk",
2596 .version_id = 1,
2597 .minimum_version_id = 1,
43b978b9
PB		 2598 .fields = (VMStateField[]) {
2599 VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState),
2600 VMSTATE_BOOL(media_changed, SCSIDiskState),
2601 VMSTATE_BOOL(media_event, SCSIDiskState),
2602 VMSTATE_BOOL(eject_request, SCSIDiskState),
2603 VMSTATE_BOOL(tray_open, SCSIDiskState),
2604 VMSTATE_BOOL(tray_locked, SCSIDiskState),
2605 VMSTATE_END_OF_LIST()
2606 }
2607};
2608
b9eea3e6
AL		 2609static void scsi_hd_class_initfn(ObjectClass *klass, void *data)
2610{
39bffca2 2611 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 2612 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2613
a818a4b6
FZ		 2614 sc->realize = scsi_hd_realize;
2615 sc->unrealize = scsi_unrealize;
b9eea3e6
AL		 2616 sc->alloc_req = scsi_new_request;
2617 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2
AL		 2618 dc->fw_name = "disk";
2619 dc->desc = "virtual SCSI disk";
2620 dc->reset = scsi_disk_reset;
2621 dc->props = scsi_hd_properties;
43b978b9 2622 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 2623}
2624
8c43a6f0 2625static const TypeInfo scsi_hd_info = {
39bffca2
AL		 2626 .name = "scsi-hd",
2627 .parent = TYPE_SCSI_DEVICE,
2628 .instance_size = sizeof(SCSIDiskState),
2629 .class_init = scsi_hd_class_initfn,
2630};
2631
2632static Property scsi_cd_properties[] = {
2633 DEFINE_SCSI_DISK_PROPERTIES(),
c7bcc85d 2634 DEFINE_PROP_UINT64("wwn", SCSIDiskState, wwn, 0),
64cc2284
RD		 2635 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, port_wwn, 0),
2636 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
39bffca2 2637 DEFINE_PROP_END_OF_LIST(),
b9eea3e6
AL		 2638};
2639
2640static void scsi_cd_class_initfn(ObjectClass *klass, void *data)
2641{
39bffca2 2642 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 2643 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2644
a818a4b6
FZ		 2645 sc->realize = scsi_cd_realize;
2646 sc->unrealize = scsi_unrealize;
b9eea3e6
AL		 2647 sc->alloc_req = scsi_new_request;
2648 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2
AL		 2649 dc->fw_name = "disk";
2650 dc->desc = "virtual SCSI CD-ROM";
2651 dc->reset = scsi_disk_reset;
2652 dc->props = scsi_cd_properties;
43b978b9 2653 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 2654}
2655
8c43a6f0 2656static const TypeInfo scsi_cd_info = {
39bffca2
AL		 2657 .name = "scsi-cd",
2658 .parent = TYPE_SCSI_DEVICE,
2659 .instance_size = sizeof(SCSIDiskState),
2660 .class_init = scsi_cd_class_initfn,
b9eea3e6
AL		 2661};
2662
336a6915 2663#ifdef __linux__
39bffca2 2664static Property scsi_block_properties[] = {
4be74634 2665 DEFINE_PROP_DRIVE("drive", SCSIDiskState, qdev.conf.blk),
39bffca2
AL		 2666 DEFINE_PROP_END_OF_LIST(),
2667};
2668
b9eea3e6
AL		 2669static void scsi_block_class_initfn(ObjectClass *klass, void *data)
2670{
39bffca2 2671 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 2672 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2673
a818a4b6
FZ		 2674 sc->realize = scsi_block_realize;
2675 sc->unrealize = scsi_unrealize;
b9eea3e6 2676 sc->alloc_req = scsi_block_new_request;
3e7e180a 2677 sc->parse_cdb = scsi_block_parse_cdb;
39bffca2
AL		 2678 dc->fw_name = "disk";
2679 dc->desc = "SCSI block device passthrough";
2680 dc->reset = scsi_disk_reset;
2681 dc->props = scsi_block_properties;
43b978b9 2682 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 2683}
2684
8c43a6f0 2685static const TypeInfo scsi_block_info = {
39bffca2
AL		 2686 .name = "scsi-block",
2687 .parent = TYPE_SCSI_DEVICE,
2688 .instance_size = sizeof(SCSIDiskState),
2689 .class_init = scsi_block_class_initfn,
b9eea3e6 2690};
336a6915 2691#endif
b9eea3e6 2692
39bffca2
AL		 2693static Property scsi_disk_properties[] = {
2694 DEFINE_SCSI_DISK_PROPERTIES(),
bfe3d7ac
PB		 2695 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2696 SCSI_DISK_F_REMOVABLE, false),
da8365db
PB		 2697 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2698 SCSI_DISK_F_DPOFUA, false),
c7bcc85d 2699 DEFINE_PROP_UINT64("wwn", SCSIDiskState, wwn, 0),
64cc2284
RD		 2700 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, port_wwn, 0),
2701 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
8a1bd297
PB		 2702 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
2703 DEFAULT_MAX_UNMAP_SIZE),
39bffca2
AL		 2704 DEFINE_PROP_END_OF_LIST(),
2705};
2706
b9eea3e6
AL		 2707static void scsi_disk_class_initfn(ObjectClass *klass, void *data)
2708{
39bffca2 2709 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 2710 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2711
a818a4b6
FZ		 2712 sc->realize = scsi_disk_realize;
2713 sc->unrealize = scsi_unrealize;
b9eea3e6
AL		 2714 sc->alloc_req = scsi_new_request;
2715 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2
AL		 2716 dc->fw_name = "disk";
2717 dc->desc = "virtual SCSI disk or CD-ROM (legacy)";
2718 dc->reset = scsi_disk_reset;
2719 dc->props = scsi_disk_properties;
43b978b9 2720 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 2721}
2722
8c43a6f0 2723static const TypeInfo scsi_disk_info = {
39bffca2
AL		 2724 .name = "scsi-disk",
2725 .parent = TYPE_SCSI_DEVICE,
2726 .instance_size = sizeof(SCSIDiskState),
2727 .class_init = scsi_disk_class_initfn,
d52affa7
GH		 2728};
2729
83f7d43a 2730static void scsi_disk_register_types(void)
d52affa7 2731{
39bffca2
AL		 2732 type_register_static(&scsi_hd_info);
2733 type_register_static(&scsi_cd_info);
b9eea3e6 2734#ifdef __linux__
39bffca2 2735 type_register_static(&scsi_block_info);
b9eea3e6 2736#endif
39bffca2 2737 type_register_static(&scsi_disk_info);
8ccc2ace 2738}
83f7d43a
AF		 2739
2740type_init(scsi_disk_register_types)
Empty description
This page took 1.340727 seconds and 4 git commands to generate.