2 * SCSI Device emulation
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
7 * Written by Paul Brook
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
15 * This code is licensed under the LGPL.
17 * Note that this file only handles the SCSI architecture model and device
18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
25 #define DPRINTF(fmt, ...) \
26 do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
28 #define DPRINTF(fmt, ...) do {} while(0)
31 #define BADF(fmt, ...) \
32 do { fprintf(stderr, "scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
34 #include "qemu-common.h"
35 #include "qemu-error.h"
37 #include "scsi-defs.h"
40 #include "block_int.h"
46 #define SCSI_DMA_BUF_SIZE 131072
47 #define SCSI_MAX_INQUIRY_LEN 256
49 typedef struct SCSIDiskState SCSIDiskState;
51 typedef struct SCSIDiskReq {
53 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
55 uint32_t sector_count;
76 static int scsi_handle_rw_error(SCSIDiskReq *r, int error);
78 static void scsi_free_request(SCSIRequest *req)
80 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
82 if (r->iov.iov_base) {
83 qemu_vfree(r->iov.iov_base);
87 /* Helper function for command completion with sense. */
88 static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
90 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n",
91 r->req.tag, sense.key, sense.asc, sense.ascq);
92 scsi_req_build_sense(&r->req, sense);
93 scsi_req_complete(&r->req, CHECK_CONDITION);
96 /* Cancel a pending data transfer. */
97 static void scsi_cancel_io(SCSIRequest *req)
99 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
101 DPRINTF("Cancel tag=0x%x\n", req->tag);
103 bdrv_aio_cancel(r->req.aiocb);
105 /* This reference was left in by scsi_*_data. We take ownership of
106 * it the moment scsi_req_cancel is called, independent of whether
107 * bdrv_aio_cancel completes the request or not. */
108 scsi_req_unref(&r->req);
113 static uint32_t scsi_init_iovec(SCSIDiskReq *r)
115 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
117 if (!r->iov.iov_base) {
118 r->buflen = SCSI_DMA_BUF_SIZE;
119 r->iov.iov_base = qemu_blockalign(s->qdev.conf.bs, r->buflen);
121 r->iov.iov_len = MIN(r->sector_count * 512, r->buflen);
122 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
123 return r->qiov.size / 512;
126 static void scsi_read_complete(void * opaque, int ret)
128 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
129 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
132 if (r->req.aiocb != NULL) {
134 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
138 if (scsi_handle_rw_error(r, -ret)) {
143 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->qiov.size);
145 n = r->qiov.size / 512;
147 r->sector_count -= n;
148 scsi_req_data(&r->req, r->qiov.size);
151 if (!r->req.io_canceled) {
152 scsi_req_unref(&r->req);
156 static void scsi_flush_complete(void * opaque, int ret)
158 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
159 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
161 if (r->req.aiocb != NULL) {
163 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
167 if (scsi_handle_rw_error(r, -ret)) {
172 scsi_req_complete(&r->req, GOOD);
175 if (!r->req.io_canceled) {
176 scsi_req_unref(&r->req);
180 /* Read more data from scsi device into buffer. */
181 static void scsi_read_data(SCSIRequest *req)
183 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
184 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
187 if (r->sector_count == (uint32_t)-1) {
188 DPRINTF("Read buf_len=%zd\n", r->iov.iov_len);
190 scsi_req_data(&r->req, r->iov.iov_len);
193 DPRINTF("Read sector_count=%d\n", r->sector_count);
194 if (r->sector_count == 0) {
195 /* This also clears the sense buffer for REQUEST SENSE. */
196 scsi_req_complete(&r->req, GOOD);
200 /* No data transfer may already be in progress */
201 assert(r->req.aiocb == NULL);
203 /* The request is used as the AIO opaque value, so add a ref. */
204 scsi_req_ref(&r->req);
205 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
206 DPRINTF("Data transfer direction invalid\n");
207 scsi_read_complete(r, -EINVAL);
212 scsi_read_complete(r, -ENOMEDIUM);
216 n = scsi_init_iovec(r);
217 bdrv_acct_start(s->qdev.conf.bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
218 r->req.aiocb = bdrv_aio_readv(s->qdev.conf.bs, r->sector, &r->qiov, n,
219 scsi_read_complete, r);
220 if (r->req.aiocb == NULL) {
221 scsi_read_complete(r, -EIO);
226 * scsi_handle_rw_error has two return values. 0 means that the error
227 * must be ignored, 1 means that the error has been processed and the
228 * caller should not do anything else for this request. Note that
229 * scsi_handle_rw_error always manages its reference counts, independent
230 * of the return value.
232 static int scsi_handle_rw_error(SCSIDiskReq *r, int error)
234 int is_read = (r->req.cmd.xfer == SCSI_XFER_FROM_DEV);
235 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
236 BlockErrorAction action = bdrv_get_on_error(s->qdev.conf.bs, is_read);
238 if (action == BLOCK_ERR_IGNORE) {
239 bdrv_mon_event(s->qdev.conf.bs, BDRV_ACTION_IGNORE, is_read);
243 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
244 || action == BLOCK_ERR_STOP_ANY) {
246 bdrv_mon_event(s->qdev.conf.bs, BDRV_ACTION_STOP, is_read);
247 vm_stop(RUN_STATE_IO_ERROR);
248 bdrv_iostatus_set_err(s->qdev.conf.bs, error);
249 scsi_req_retry(&r->req);
253 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
256 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
259 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
262 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
265 bdrv_mon_event(s->qdev.conf.bs, BDRV_ACTION_REPORT, is_read);
270 static void scsi_write_complete(void * opaque, int ret)
272 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
273 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
276 if (r->req.aiocb != NULL) {
278 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
282 if (scsi_handle_rw_error(r, -ret)) {
287 n = r->qiov.size / 512;
289 r->sector_count -= n;
290 if (r->sector_count == 0) {
291 scsi_req_complete(&r->req, GOOD);
294 DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, r->qiov.size);
295 scsi_req_data(&r->req, r->qiov.size);
299 if (!r->req.io_canceled) {
300 scsi_req_unref(&r->req);
304 static void scsi_write_data(SCSIRequest *req)
306 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
307 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
310 /* No data transfer may already be in progress */
311 assert(r->req.aiocb == NULL);
313 /* The request is used as the AIO opaque value, so add a ref. */
314 scsi_req_ref(&r->req);
315 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
316 DPRINTF("Data transfer direction invalid\n");
317 scsi_write_complete(r, -EINVAL);
321 n = r->qiov.size / 512;
324 scsi_write_complete(r, -ENOMEDIUM);
327 bdrv_acct_start(s->qdev.conf.bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_WRITE);
328 r->req.aiocb = bdrv_aio_writev(s->qdev.conf.bs, r->sector, &r->qiov, n,
329 scsi_write_complete, r);
330 if (r->req.aiocb == NULL) {
331 scsi_write_complete(r, -ENOMEM);
334 /* Called for the first time. Ask the driver to send us more data. */
335 scsi_write_complete(r, 0);
339 /* Return a pointer to the data buffer. */
340 static uint8_t *scsi_get_buf(SCSIRequest *req)
342 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
344 return (uint8_t *)r->iov.iov_base;
347 static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
349 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
352 if (req->cmd.buf[1] & 0x2) {
353 /* Command support data - optional, not implemented */
354 BADF("optional INQUIRY command support request not implemented\n");
358 if (req->cmd.buf[1] & 0x1) {
359 /* Vital product data */
360 uint8_t page_code = req->cmd.buf[2];
361 if (req->cmd.xfer < 4) {
362 BADF("Error: Inquiry (EVPD[%02X]) buffer size %zd is "
363 "less than 4\n", page_code, req->cmd.xfer);
367 outbuf[buflen++] = s->qdev.type & 0x1f;
368 outbuf[buflen++] = page_code ; // this page
369 outbuf[buflen++] = 0x00;
372 case 0x00: /* Supported page codes, mandatory */
375 DPRINTF("Inquiry EVPD[Supported pages] "
376 "buffer size %zd\n", req->cmd.xfer);
378 outbuf[buflen++] = 0x00; // list of supported pages (this page)
380 outbuf[buflen++] = 0x80; // unit serial number
382 outbuf[buflen++] = 0x83; // device identification
383 if (s->qdev.type == TYPE_DISK) {
384 outbuf[buflen++] = 0xb0; // block limits
385 outbuf[buflen++] = 0xb2; // thin provisioning
387 outbuf[pages] = buflen - pages - 1; // number of pages
390 case 0x80: /* Device serial number, optional */
395 DPRINTF("Inquiry (EVPD[Serial number] not supported\n");
399 l = strlen(s->serial);
400 if (l > req->cmd.xfer) {
407 DPRINTF("Inquiry EVPD[Serial number] "
408 "buffer size %zd\n", req->cmd.xfer);
409 outbuf[buflen++] = l;
410 memcpy(outbuf+buflen, s->serial, l);
415 case 0x83: /* Device identification page, mandatory */
417 int max_len = 255 - 8;
418 int id_len = strlen(bdrv_get_device_name(s->qdev.conf.bs));
420 if (id_len > max_len) {
423 DPRINTF("Inquiry EVPD[Device identification] "
424 "buffer size %zd\n", req->cmd.xfer);
426 outbuf[buflen++] = 4 + id_len;
427 outbuf[buflen++] = 0x2; // ASCII
428 outbuf[buflen++] = 0; // not officially assigned
429 outbuf[buflen++] = 0; // reserved
430 outbuf[buflen++] = id_len; // length of data following
432 memcpy(outbuf+buflen, bdrv_get_device_name(s->qdev.conf.bs), id_len);
436 case 0xb0: /* block limits */
438 unsigned int unmap_sectors =
439 s->qdev.conf.discard_granularity / s->qdev.blocksize;
440 unsigned int min_io_size =
441 s->qdev.conf.min_io_size / s->qdev.blocksize;
442 unsigned int opt_io_size =
443 s->qdev.conf.opt_io_size / s->qdev.blocksize;
445 if (s->qdev.type == TYPE_ROM) {
446 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
450 /* required VPD size with unmap support */
451 outbuf[3] = buflen = 0x3c;
453 memset(outbuf + 4, 0, buflen - 4);
455 /* optimal transfer length granularity */
456 outbuf[6] = (min_io_size >> 8) & 0xff;
457 outbuf[7] = min_io_size & 0xff;
459 /* optimal transfer length */
460 outbuf[12] = (opt_io_size >> 24) & 0xff;
461 outbuf[13] = (opt_io_size >> 16) & 0xff;
462 outbuf[14] = (opt_io_size >> 8) & 0xff;
463 outbuf[15] = opt_io_size & 0xff;
465 /* optimal unmap granularity */
466 outbuf[28] = (unmap_sectors >> 24) & 0xff;
467 outbuf[29] = (unmap_sectors >> 16) & 0xff;
468 outbuf[30] = (unmap_sectors >> 8) & 0xff;
469 outbuf[31] = unmap_sectors & 0xff;
472 case 0xb2: /* thin provisioning */
474 outbuf[3] = buflen = 8;
476 outbuf[5] = 0x40; /* write same with unmap supported */
482 BADF("Error: unsupported Inquiry (EVPD[%02X]) "
483 "buffer size %zd\n", page_code, req->cmd.xfer);
490 /* Standard INQUIRY data */
491 if (req->cmd.buf[2] != 0) {
492 BADF("Error: Inquiry (STANDARD) page or code "
493 "is non-zero [%02X]\n", req->cmd.buf[2]);
498 if (req->cmd.xfer < 5) {
499 BADF("Error: Inquiry (STANDARD) buffer size %zd "
500 "is less than 5\n", req->cmd.xfer);
504 buflen = req->cmd.xfer;
505 if (buflen > SCSI_MAX_INQUIRY_LEN) {
506 buflen = SCSI_MAX_INQUIRY_LEN;
508 memset(outbuf, 0, buflen);
510 outbuf[0] = s->qdev.type & 0x1f;
511 outbuf[1] = s->removable ? 0x80 : 0;
512 if (s->qdev.type == TYPE_ROM) {
513 memcpy(&outbuf[16], "QEMU CD-ROM ", 16);
515 memcpy(&outbuf[16], "QEMU HARDDISK ", 16);
517 memcpy(&outbuf[8], "QEMU ", 8);
518 memset(&outbuf[32], 0, 4);
519 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
521 * We claim conformance to SPC-3, which is required for guests
522 * to ask for modern features like READ CAPACITY(16) or the
523 * block characteristics VPD page by default. Not all of SPC-3
524 * is actually implemented, but we're good enough.
527 outbuf[3] = 2; /* Format 2 */
530 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
532 /* If the allocation length of CDB is too small,
533 the additional length is not adjusted */
537 /* Sync data transfer and TCQ. */
538 outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0);
542 static inline bool media_is_dvd(SCSIDiskState *s)
545 if (s->qdev.type != TYPE_ROM) {
548 if (!bdrv_is_inserted(s->qdev.conf.bs)) {
551 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
552 return nb_sectors > CD_MAX_SECTORS;
555 static inline bool media_is_cd(SCSIDiskState *s)
558 if (s->qdev.type != TYPE_ROM) {
561 if (!bdrv_is_inserted(s->qdev.conf.bs)) {
564 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
565 return nb_sectors <= CD_MAX_SECTORS;
568 static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r,
571 static const int rds_caps_size[5] = {
578 uint8_t media = r->req.cmd.buf[1];
579 uint8_t layer = r->req.cmd.buf[6];
580 uint8_t format = r->req.cmd.buf[7];
583 if (s->qdev.type != TYPE_ROM) {
587 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
591 if (format != 0xff) {
592 if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) {
593 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
596 if (media_is_cd(s)) {
597 scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT));
600 if (format >= ARRAY_SIZE(rds_caps_size)) {
603 size = rds_caps_size[format];
604 memset(outbuf, 0, size);
609 /* Physical format information */
614 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
616 outbuf[4] = 1; /* DVD-ROM, part version 1 */
617 outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
618 outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
619 outbuf[7] = 0; /* default densities */
621 stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */
622 stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */
626 case 0x01: /* DVD copyright information, all zeros */
629 case 0x03: /* BCA information - invalid field for no BCA info */
632 case 0x04: /* DVD disc manufacturing information, all zeros */
635 case 0xff: { /* List capabilities */
638 for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) {
639 if (!rds_caps_size[i]) {
643 outbuf[size + 1] = 0x40; /* Not writable, readable */
644 stw_be_p(&outbuf[size + 2], rds_caps_size[i]);
654 /* Size of buffer, not including 2 byte size field */
655 stw_be_p(outbuf, size - 2);
662 static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf)
664 uint8_t event_code, media_status;
668 media_status = MS_TRAY_OPEN;
669 } else if (bdrv_is_inserted(s->qdev.conf.bs)) {
670 media_status = MS_MEDIA_PRESENT;
673 /* Event notification descriptor */
674 event_code = MEC_NO_CHANGE;
675 if (media_status != MS_TRAY_OPEN) {
676 if (s->media_event) {
677 event_code = MEC_NEW_MEDIA;
678 s->media_event = false;
679 } else if (s->eject_request) {
680 event_code = MEC_EJECT_REQUESTED;
681 s->eject_request = false;
685 outbuf[0] = event_code;
686 outbuf[1] = media_status;
688 /* These fields are reserved, just clear them. */
694 static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r,
698 uint8_t *buf = r->req.cmd.buf;
699 uint8_t notification_class_request = buf[4];
700 if (s->qdev.type != TYPE_ROM) {
703 if ((buf[1] & 1) == 0) {
709 outbuf[0] = outbuf[1] = 0;
710 outbuf[3] = 1 << GESN_MEDIA; /* supported events */
711 if (notification_class_request & (1 << GESN_MEDIA)) {
712 outbuf[2] = GESN_MEDIA;
713 size += scsi_event_status_media(s, &outbuf[size]);
717 stw_be_p(outbuf, size - 4);
721 static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf)
725 if (s->qdev.type != TYPE_ROM) {
728 current = media_is_dvd(s) ? MMC_PROFILE_DVD_ROM : MMC_PROFILE_CD_ROM;
729 memset(outbuf, 0, 40);
730 stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */
731 stw_be_p(&outbuf[6], current);
732 /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */
733 outbuf[10] = 0x03; /* persistent, current */
734 outbuf[11] = 8; /* two profiles */
735 stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM);
736 outbuf[14] = (current == MMC_PROFILE_DVD_ROM);
737 stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM);
738 outbuf[18] = (current == MMC_PROFILE_CD_ROM);
739 /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */
740 stw_be_p(&outbuf[20], 1);
741 outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */
743 stl_be_p(&outbuf[24], 1); /* SCSI */
744 outbuf[28] = 1; /* DBE = 1, mandatory */
745 /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */
746 stw_be_p(&outbuf[32], 3);
747 outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */
749 outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */
750 /* TODO: Random readable, CD read, DVD read, drive serial number,
755 static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf)
757 if (s->qdev.type != TYPE_ROM) {
760 memset(outbuf, 0, 8);
761 outbuf[5] = 1; /* CD-ROM */
765 static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
768 static const int mode_sense_valid[0x3f] = {
769 [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK),
770 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK),
771 [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
772 [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
773 [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM),
774 [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM),
777 BlockDriverState *bdrv = s->qdev.conf.bs;
778 int cylinders, heads, secs;
779 uint8_t *p = *p_outbuf;
781 if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) {
788 * If Changeable Values are requested, a mask denoting those mode parameters
789 * that are changeable shall be returned. As we currently don't support
790 * parameter changes via MODE_SELECT all bits are returned set to zero.
791 * The buffer was already menset to zero by the caller of this function.
794 case MODE_PAGE_HD_GEOMETRY:
796 if (page_control == 1) { /* Changeable Values */
799 /* if a geometry hint is available, use it */
800 bdrv_guess_geometry(bdrv, &cylinders, &heads, &secs);
801 p[2] = (cylinders >> 16) & 0xff;
802 p[3] = (cylinders >> 8) & 0xff;
803 p[4] = cylinders & 0xff;
805 /* Write precomp start cylinder, disabled */
806 p[6] = (cylinders >> 16) & 0xff;
807 p[7] = (cylinders >> 8) & 0xff;
808 p[8] = cylinders & 0xff;
809 /* Reduced current start cylinder, disabled */
810 p[9] = (cylinders >> 16) & 0xff;
811 p[10] = (cylinders >> 8) & 0xff;
812 p[11] = cylinders & 0xff;
813 /* Device step rate [ns], 200ns */
816 /* Landing zone cylinder */
820 /* Medium rotation rate [rpm], 5400 rpm */
821 p[20] = (5400 >> 8) & 0xff;
825 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY:
827 if (page_control == 1) { /* Changeable Values */
830 /* Transfer rate [kbit/s], 5Mbit/s */
833 /* if a geometry hint is available, use it */
834 bdrv_guess_geometry(bdrv, &cylinders, &heads, &secs);
837 p[6] = s->qdev.blocksize >> 8;
838 p[8] = (cylinders >> 8) & 0xff;
839 p[9] = cylinders & 0xff;
840 /* Write precomp start cylinder, disabled */
841 p[10] = (cylinders >> 8) & 0xff;
842 p[11] = cylinders & 0xff;
843 /* Reduced current start cylinder, disabled */
844 p[12] = (cylinders >> 8) & 0xff;
845 p[13] = cylinders & 0xff;
846 /* Device step rate [100us], 100us */
849 /* Device step pulse width [us], 1us */
851 /* Device head settle delay [100us], 100us */
854 /* Motor on delay [0.1s], 0.1s */
856 /* Motor off delay [0.1s], 0.1s */
858 /* Medium rotation rate [rpm], 5400 rpm */
859 p[28] = (5400 >> 8) & 0xff;
863 case MODE_PAGE_CACHING:
866 if (page_control == 1) { /* Changeable Values */
869 if (bdrv_enable_write_cache(s->qdev.conf.bs)) {
874 case MODE_PAGE_R_W_ERROR:
876 p[2] = 0x80; /* Automatic Write Reallocation Enabled */
877 if (s->qdev.type == TYPE_ROM) {
878 p[3] = 0x20; /* Read Retry Count */
882 case MODE_PAGE_AUDIO_CTL:
886 case MODE_PAGE_CAPABILITIES:
888 if (page_control == 1) { /* Changeable Values */
892 p[2] = 0x3b; /* CD-R & CD-RW read */
893 p[3] = 0; /* Writing not supported */
894 p[4] = 0x7f; /* Audio, composite, digital out,
895 mode 2 form 1&2, multi session */
896 p[5] = 0xff; /* CD DA, DA accurate, RW supported,
897 RW corrected, C2 errors, ISRC,
899 p[6] = 0x2d | (s->tray_locked ? 2 : 0);
900 /* Locking supported, jumper present, eject, tray */
901 p[7] = 0; /* no volume & mute control, no
903 p[8] = (50 * 176) >> 8; /* 50x read speed */
904 p[9] = (50 * 176) & 0xff;
905 p[10] = 2 >> 8; /* Two volume levels */
907 p[12] = 2048 >> 8; /* 2M buffer */
909 p[14] = (16 * 176) >> 8; /* 16x read speed current */
910 p[15] = (16 * 176) & 0xff;
911 p[18] = (16 * 176) >> 8; /* 16x write speed */
912 p[19] = (16 * 176) & 0xff;
913 p[20] = (16 * 176) >> 8; /* 16x write speed current */
914 p[21] = (16 * 176) & 0xff;
921 *p_outbuf += p[1] + 2;
925 static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
927 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
929 int page, dbd, buflen, ret, page_control;
931 uint8_t dev_specific_param;
933 dbd = r->req.cmd.buf[1] & 0x8;
934 page = r->req.cmd.buf[2] & 0x3f;
935 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
936 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
937 (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control);
938 memset(outbuf, 0, r->req.cmd.xfer);
941 if (bdrv_is_read_only(s->qdev.conf.bs)) {
942 dev_specific_param = 0x80; /* Readonly. */
944 dev_specific_param = 0x00;
947 if (r->req.cmd.buf[0] == MODE_SENSE) {
948 p[1] = 0; /* Default media type. */
949 p[2] = dev_specific_param;
950 p[3] = 0; /* Block descriptor length. */
952 } else { /* MODE_SENSE_10 */
953 p[2] = 0; /* Default media type. */
954 p[3] = dev_specific_param;
955 p[6] = p[7] = 0; /* Block descriptor length. */
959 /* MMC prescribes that CD/DVD drives have no block descriptors. */
960 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
961 if (!dbd && s->qdev.type == TYPE_DISK && nb_sectors) {
962 if (r->req.cmd.buf[0] == MODE_SENSE) {
963 outbuf[3] = 8; /* Block descriptor length */
964 } else { /* MODE_SENSE_10 */
965 outbuf[7] = 8; /* Block descriptor length */
967 nb_sectors /= (s->qdev.blocksize / 512);
968 if (nb_sectors > 0xffffff) {
971 p[0] = 0; /* media density code */
972 p[1] = (nb_sectors >> 16) & 0xff;
973 p[2] = (nb_sectors >> 8) & 0xff;
974 p[3] = nb_sectors & 0xff;
975 p[4] = 0; /* reserved */
976 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
977 p[6] = s->qdev.blocksize >> 8;
982 if (page_control == 3) {
984 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
989 for (page = 0; page <= 0x3e; page++) {
990 mode_sense_page(s, page, &p, page_control);
993 ret = mode_sense_page(s, page, &p, page_control);
1001 * The mode data length field specifies the length in bytes of the
1002 * following data that is available to be transferred. The mode data
1003 * length does not include itself.
1005 if (r->req.cmd.buf[0] == MODE_SENSE) {
1006 outbuf[0] = buflen - 1;
1007 } else { /* MODE_SENSE_10 */
1008 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
1009 outbuf[1] = (buflen - 2) & 0xff;
1011 if (buflen > r->req.cmd.xfer) {
1012 buflen = r->req.cmd.xfer;
1017 static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
1019 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1020 int start_track, format, msf, toclen;
1021 uint64_t nb_sectors;
1023 msf = req->cmd.buf[1] & 2;
1024 format = req->cmd.buf[2] & 0xf;
1025 start_track = req->cmd.buf[6];
1026 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1027 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
1028 nb_sectors /= s->qdev.blocksize / 512;
1031 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
1034 /* multi session : only a single session defined */
1036 memset(outbuf, 0, 12);
1042 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
1047 if (toclen > req->cmd.xfer) {
1048 toclen = req->cmd.xfer;
1053 static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
1055 SCSIRequest *req = &r->req;
1056 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1057 bool start = req->cmd.buf[4] & 1;
1058 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
1060 if (s->qdev.type == TYPE_ROM && loej) {
1061 if (!start && !s->tray_open && s->tray_locked) {
1062 scsi_check_condition(r,
1063 bdrv_is_inserted(s->qdev.conf.bs)
1064 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
1065 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
1068 bdrv_eject(s->qdev.conf.bs, !start);
1069 s->tray_open = !start;
1074 static int scsi_disk_emulate_command(SCSIDiskReq *r)
1076 SCSIRequest *req = &r->req;
1077 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1078 uint64_t nb_sectors;
1082 if (!r->iov.iov_base) {
1084 * FIXME: we shouldn't return anything bigger than 4k, but the code
1085 * requires the buffer to be as big as req->cmd.xfer in several
1086 * places. So, do not allow CDBs with a very large ALLOCATION
1087 * LENGTH. The real fix would be to modify scsi_read_data and
1088 * dma_buf_read, so that they return data beyond the buflen
1091 if (req->cmd.xfer > 65536) {
1092 goto illegal_request;
1094 r->buflen = MAX(4096, req->cmd.xfer);
1095 r->iov.iov_base = qemu_blockalign(s->qdev.conf.bs, r->buflen);
1098 outbuf = r->iov.iov_base;
1099 switch (req->cmd.buf[0]) {
1100 case TEST_UNIT_READY:
1101 if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) {
1106 buflen = scsi_disk_emulate_inquiry(req, outbuf);
1108 goto illegal_request;
1113 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
1115 goto illegal_request;
1119 buflen = scsi_disk_emulate_read_toc(req, outbuf);
1121 goto illegal_request;
1125 if (req->cmd.buf[1] & 1) {
1126 goto illegal_request;
1130 if (req->cmd.buf[1] & 3) {
1131 goto illegal_request;
1135 if (req->cmd.buf[1] & 1) {
1136 goto illegal_request;
1140 if (req->cmd.buf[1] & 3) {
1141 goto illegal_request;
1145 if (scsi_disk_emulate_start_stop(r) < 0) {
1149 case ALLOW_MEDIUM_REMOVAL:
1150 s->tray_locked = req->cmd.buf[4] & 1;
1151 bdrv_lock_medium(s->qdev.conf.bs, req->cmd.buf[4] & 1);
1153 case READ_CAPACITY_10:
1154 /* The normal LEN field for this command is zero. */
1155 memset(outbuf, 0, 8);
1156 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1160 if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) {
1161 goto illegal_request;
1163 nb_sectors /= s->qdev.blocksize / 512;
1164 /* Returned value is the address of the last sector. */
1166 /* Remember the new size for read/write sanity checking. */
1167 s->qdev.max_lba = nb_sectors;
1168 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
1169 if (nb_sectors > UINT32_MAX) {
1170 nb_sectors = UINT32_MAX;
1172 outbuf[0] = (nb_sectors >> 24) & 0xff;
1173 outbuf[1] = (nb_sectors >> 16) & 0xff;
1174 outbuf[2] = (nb_sectors >> 8) & 0xff;
1175 outbuf[3] = nb_sectors & 0xff;
1178 outbuf[6] = s->qdev.blocksize >> 8;
1182 case MECHANISM_STATUS:
1183 buflen = scsi_emulate_mechanism_status(s, outbuf);
1185 goto illegal_request;
1188 case GET_CONFIGURATION:
1189 buflen = scsi_get_configuration(s, outbuf);
1191 goto illegal_request;
1194 case GET_EVENT_STATUS_NOTIFICATION:
1195 buflen = scsi_get_event_status_notification(s, r, outbuf);
1197 goto illegal_request;
1200 case READ_DVD_STRUCTURE:
1201 buflen = scsi_read_dvd_structure(s, r, outbuf);
1203 goto illegal_request;
1206 case SERVICE_ACTION_IN_16:
1207 /* Service Action In subcommands. */
1208 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
1209 DPRINTF("SAI READ CAPACITY(16)\n");
1210 memset(outbuf, 0, req->cmd.xfer);
1211 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1215 if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) {
1216 goto illegal_request;
1218 nb_sectors /= s->qdev.blocksize / 512;
1219 /* Returned value is the address of the last sector. */
1221 /* Remember the new size for read/write sanity checking. */
1222 s->qdev.max_lba = nb_sectors;
1223 outbuf[0] = (nb_sectors >> 56) & 0xff;
1224 outbuf[1] = (nb_sectors >> 48) & 0xff;
1225 outbuf[2] = (nb_sectors >> 40) & 0xff;
1226 outbuf[3] = (nb_sectors >> 32) & 0xff;
1227 outbuf[4] = (nb_sectors >> 24) & 0xff;
1228 outbuf[5] = (nb_sectors >> 16) & 0xff;
1229 outbuf[6] = (nb_sectors >> 8) & 0xff;
1230 outbuf[7] = nb_sectors & 0xff;
1233 outbuf[10] = s->qdev.blocksize >> 8;
1236 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
1238 /* set TPE bit if the format supports discard */
1239 if (s->qdev.conf.discard_granularity) {
1243 /* Protection, exponent and lowest lba field left blank. */
1244 buflen = req->cmd.xfer;
1247 DPRINTF("Unsupported Service Action In\n");
1248 goto illegal_request;
1252 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
1258 if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) {
1259 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1261 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
1266 if (r->req.status == -1) {
1267 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1272 /* Execute a scsi command. Returns the length of the data expected by the
1273 command. This will be Positive for data transfers from the device
1274 (eg. disk reads), negative for transfers to the device (eg. disk writes),
1275 and zero if the command does not transfer any data. */
1277 static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf)
1279 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1280 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1286 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", req->lun, req->tag, buf[0]);
1291 for (i = 1; i < r->req.cmd.len; i++) {
1292 printf(" 0x%02x", buf[i]);
1299 case TEST_UNIT_READY:
1308 case ALLOW_MEDIUM_REMOVAL:
1309 case READ_CAPACITY_10:
1311 case READ_DVD_STRUCTURE:
1312 case GET_CONFIGURATION:
1313 case GET_EVENT_STATUS_NOTIFICATION:
1314 case MECHANISM_STATUS:
1315 case SERVICE_ACTION_IN_16:
1317 rc = scsi_disk_emulate_command(r);
1322 r->iov.iov_len = rc;
1324 case SYNCHRONIZE_CACHE:
1325 /* The request is used as the AIO opaque value, so add a ref. */
1326 scsi_req_ref(&r->req);
1327 bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH);
1328 r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_flush_complete, r);
1329 if (r->req.aiocb == NULL) {
1330 scsi_flush_complete(r, -EIO);
1337 len = r->req.cmd.xfer / s->qdev.blocksize;
1338 DPRINTF("Read (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len);
1339 if (r->req.cmd.lba > s->qdev.max_lba) {
1342 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
1343 r->sector_count = len * (s->qdev.blocksize / 512);
1349 case WRITE_VERIFY_10:
1350 case WRITE_VERIFY_12:
1351 case WRITE_VERIFY_16:
1352 len = r->req.cmd.xfer / s->qdev.blocksize;
1353 DPRINTF("Write %s(sector %" PRId64 ", count %d)\n",
1354 (command & 0xe) == 0xe ? "And Verify " : "",
1355 r->req.cmd.lba, len);
1356 if (r->req.cmd.lba > s->qdev.max_lba) {
1359 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
1360 r->sector_count = len * (s->qdev.blocksize / 512);
1363 DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
1364 /* We don't support mode parameter changes.
1365 Allow the mode parameter header + block descriptors only. */
1366 if (r->req.cmd.xfer > 12) {
1370 case MODE_SELECT_10:
1371 DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
1372 /* We don't support mode parameter changes.
1373 Allow the mode parameter header + block descriptors only. */
1374 if (r->req.cmd.xfer > 16) {
1379 DPRINTF("Seek(10) (sector %" PRId64 ")\n", r->req.cmd.lba);
1380 if (r->req.cmd.lba > s->qdev.max_lba) {
1385 len = r->req.cmd.xfer / s->qdev.blocksize;
1387 DPRINTF("WRITE SAME(16) (sector %" PRId64 ", count %d)\n",
1388 r->req.cmd.lba, len);
1390 if (r->req.cmd.lba > s->qdev.max_lba) {
1395 * We only support WRITE SAME with the unmap bit set for now.
1397 if (!(buf[1] & 0x8)) {
1401 rc = bdrv_discard(s->qdev.conf.bs,
1402 r->req.cmd.lba * (s->qdev.blocksize / 512),
1403 len * (s->qdev.blocksize / 512));
1405 /* XXX: better error code ?*/
1413 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
1414 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
1417 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1420 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1423 if (r->sector_count == 0 && r->iov.iov_len == 0) {
1424 scsi_req_complete(&r->req, GOOD);
1426 len = r->sector_count * 512 + r->iov.iov_len;
1427 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
1430 if (!r->sector_count) {
1431 r->sector_count = -1;
1437 static void scsi_disk_reset(DeviceState *dev)
1439 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
1440 uint64_t nb_sectors;
1442 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
1444 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1445 nb_sectors /= s->qdev.blocksize / 512;
1449 s->qdev.max_lba = nb_sectors;
1452 static void scsi_destroy(SCSIDevice *dev)
1454 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1456 scsi_device_purge_requests(&s->qdev, SENSE_CODE(NO_SENSE));
1457 blockdev_mark_auto_del(s->qdev.conf.bs);
1460 static void scsi_cd_change_media_cb(void *opaque, bool load)
1462 SCSIDiskState *s = opaque;
1465 * When a CD gets changed, we have to report an ejected state and
1466 * then a loaded state to guests so that they detect tray
1467 * open/close and media change events. Guests that do not use
1468 * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close
1469 * states rely on this behavior.
1471 * media_changed governs the state machine used for unit attention
1472 * report. media_event is used by GET EVENT STATUS NOTIFICATION.
1474 s->media_changed = load;
1475 s->tray_open = !load;
1476 s->qdev.unit_attention = SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM);
1477 s->media_event = true;
1478 s->eject_request = false;
1481 static void scsi_cd_eject_request_cb(void *opaque, bool force)
1483 SCSIDiskState *s = opaque;
1485 s->eject_request = true;
1487 s->tray_locked = false;
1491 static bool scsi_cd_is_tray_open(void *opaque)
1493 return ((SCSIDiskState *)opaque)->tray_open;
1496 static bool scsi_cd_is_medium_locked(void *opaque)
1498 return ((SCSIDiskState *)opaque)->tray_locked;
1501 static const BlockDevOps scsi_cd_block_ops = {
1502 .change_media_cb = scsi_cd_change_media_cb,
1503 .eject_request_cb = scsi_cd_eject_request_cb,
1504 .is_tray_open = scsi_cd_is_tray_open,
1505 .is_medium_locked = scsi_cd_is_medium_locked,
1508 static void scsi_disk_unit_attention_reported(SCSIDevice *dev)
1510 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1511 if (s->media_changed) {
1512 s->media_changed = false;
1513 s->qdev.unit_attention = SENSE_CODE(MEDIUM_CHANGED);
1517 static int scsi_initfn(SCSIDevice *dev)
1519 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1522 if (!s->qdev.conf.bs) {
1523 error_report("scsi-disk: drive property not set");
1527 if (!s->removable && !bdrv_is_inserted(s->qdev.conf.bs)) {
1528 error_report("Device needs media, but drive is empty");
1533 /* try to fall back to value set with legacy -drive serial=... */
1534 dinfo = drive_get_by_blockdev(s->qdev.conf.bs);
1535 if (*dinfo->serial) {
1536 s->serial = g_strdup(dinfo->serial);
1541 s->version = g_strdup(QEMU_VERSION);
1544 if (bdrv_is_sg(s->qdev.conf.bs)) {
1545 error_report("scsi-disk: unwanted /dev/sg*");
1550 bdrv_set_dev_ops(s->qdev.conf.bs, &scsi_cd_block_ops, s);
1552 bdrv_set_buffer_alignment(s->qdev.conf.bs, s->qdev.blocksize);
1554 bdrv_iostatus_enable(s->qdev.conf.bs);
1555 add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, NULL);
1559 static int scsi_hd_initfn(SCSIDevice *dev)
1561 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1562 s->qdev.blocksize = s->qdev.conf.logical_block_size;
1563 s->qdev.type = TYPE_DISK;
1564 return scsi_initfn(&s->qdev);
1567 static int scsi_cd_initfn(SCSIDevice *dev)
1569 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1570 s->qdev.blocksize = 2048;
1571 s->qdev.type = TYPE_ROM;
1572 s->removable = true;
1573 return scsi_initfn(&s->qdev);
1576 static int scsi_disk_initfn(SCSIDevice *dev)
1580 if (!dev->conf.bs) {
1581 return scsi_initfn(dev); /* ... and die there */
1584 dinfo = drive_get_by_blockdev(dev->conf.bs);
1585 if (dinfo->media_cd) {
1586 return scsi_cd_initfn(dev);
1588 return scsi_hd_initfn(dev);
1592 static const SCSIReqOps scsi_disk_reqops = {
1593 .size = sizeof(SCSIDiskReq),
1594 .free_req = scsi_free_request,
1595 .send_command = scsi_send_command,
1596 .read_data = scsi_read_data,
1597 .write_data = scsi_write_data,
1598 .cancel_io = scsi_cancel_io,
1599 .get_buf = scsi_get_buf,
1602 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
1603 uint8_t *buf, void *hba_private)
1605 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
1608 req = scsi_req_alloc(&scsi_disk_reqops, &s->qdev, tag, lun, hba_private);
1613 static int get_device_type(SCSIDiskState *s)
1615 BlockDriverState *bdrv = s->qdev.conf.bs;
1618 uint8_t sensebuf[8];
1619 sg_io_hdr_t io_header;
1622 memset(cmd, 0, sizeof(cmd));
1623 memset(buf, 0, sizeof(buf));
1625 cmd[4] = sizeof(buf);
1627 memset(&io_header, 0, sizeof(io_header));
1628 io_header.interface_id = 'S';
1629 io_header.dxfer_direction = SG_DXFER_FROM_DEV;
1630 io_header.dxfer_len = sizeof(buf);
1631 io_header.dxferp = buf;
1632 io_header.cmdp = cmd;
1633 io_header.cmd_len = sizeof(cmd);
1634 io_header.mx_sb_len = sizeof(sensebuf);
1635 io_header.sbp = sensebuf;
1636 io_header.timeout = 6000; /* XXX */
1638 ret = bdrv_ioctl(bdrv, SG_IO, &io_header);
1639 if (ret < 0 || io_header.driver_status || io_header.host_status) {
1642 s->qdev.type = buf[0];
1643 s->removable = (buf[1] & 0x80) != 0;
1647 static int scsi_block_initfn(SCSIDevice *dev)
1649 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1653 if (!s->qdev.conf.bs) {
1654 error_report("scsi-block: drive property not set");
1658 /* check we are using a driver managing SG_IO (version 3 and after) */
1659 if (bdrv_ioctl(s->qdev.conf.bs, SG_GET_VERSION_NUM, &sg_version) < 0 ||
1660 sg_version < 30000) {
1661 error_report("scsi-block: scsi generic interface too old");
1665 /* get device type from INQUIRY data */
1666 rc = get_device_type(s);
1668 error_report("scsi-block: INQUIRY failed");
1672 /* Make a guess for the block size, we'll fix it when the guest sends.
1673 * READ CAPACITY. If they don't, they likely would assume these sizes
1674 * anyway. (TODO: check in /sys).
1676 if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) {
1677 s->qdev.blocksize = 2048;
1679 s->qdev.blocksize = 512;
1681 return scsi_initfn(&s->qdev);
1684 static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag,
1685 uint32_t lun, uint8_t *buf,
1688 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
1699 case WRITE_VERIFY_10:
1700 case WRITE_VERIFY_12:
1701 case WRITE_VERIFY_16:
1702 return scsi_req_alloc(&scsi_disk_reqops, &s->qdev, tag, lun,
1706 return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun,
1711 #define DEFINE_SCSI_DISK_PROPERTIES() \
1712 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \
1713 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
1714 DEFINE_PROP_STRING("serial", SCSIDiskState, serial)
1716 static SCSIDeviceInfo scsi_disk_info[] = {
1718 .qdev.name = "scsi-hd",
1719 .qdev.fw_name = "disk",
1720 .qdev.desc = "virtual SCSI disk",
1721 .qdev.size = sizeof(SCSIDiskState),
1722 .qdev.reset = scsi_disk_reset,
1723 .init = scsi_hd_initfn,
1724 .destroy = scsi_destroy,
1725 .alloc_req = scsi_new_request,
1726 .unit_attention_reported = scsi_disk_unit_attention_reported,
1727 .qdev.props = (Property[]) {
1728 DEFINE_SCSI_DISK_PROPERTIES(),
1729 DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false),
1730 DEFINE_PROP_END_OF_LIST(),
1733 .qdev.name = "scsi-cd",
1734 .qdev.fw_name = "disk",
1735 .qdev.desc = "virtual SCSI CD-ROM",
1736 .qdev.size = sizeof(SCSIDiskState),
1737 .qdev.reset = scsi_disk_reset,
1738 .init = scsi_cd_initfn,
1739 .destroy = scsi_destroy,
1740 .alloc_req = scsi_new_request,
1741 .unit_attention_reported = scsi_disk_unit_attention_reported,
1742 .qdev.props = (Property[]) {
1743 DEFINE_SCSI_DISK_PROPERTIES(),
1744 DEFINE_PROP_END_OF_LIST(),
1748 .qdev.name = "scsi-block",
1749 .qdev.fw_name = "disk",
1750 .qdev.desc = "SCSI block device passthrough",
1751 .qdev.size = sizeof(SCSIDiskState),
1752 .qdev.reset = scsi_disk_reset,
1753 .init = scsi_block_initfn,
1754 .destroy = scsi_destroy,
1755 .alloc_req = scsi_block_new_request,
1756 .qdev.props = (Property[]) {
1757 DEFINE_SCSI_DISK_PROPERTIES(),
1758 DEFINE_PROP_END_OF_LIST(),
1762 .qdev.name = "scsi-disk", /* legacy -device scsi-disk */
1763 .qdev.fw_name = "disk",
1764 .qdev.desc = "virtual SCSI disk or CD-ROM (legacy)",
1765 .qdev.size = sizeof(SCSIDiskState),
1766 .qdev.reset = scsi_disk_reset,
1767 .init = scsi_disk_initfn,
1768 .destroy = scsi_destroy,
1769 .alloc_req = scsi_new_request,
1770 .unit_attention_reported = scsi_disk_unit_attention_reported,
1771 .qdev.props = (Property[]) {
1772 DEFINE_SCSI_DISK_PROPERTIES(),
1773 DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false),
1774 DEFINE_PROP_END_OF_LIST(),
1779 static void scsi_disk_register_devices(void)
1783 for (i = 0; i < ARRAY_SIZE(scsi_disk_info); i++) {
1784 scsi_qdev_register(&scsi_disk_info[i]);
1787 device_init(scsi_disk_register_devices)
projects / qemu.git / blob