2 * SCSI Device emulation
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
7 * Written by Paul Brook
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
15 * This code is licensed under the LGPL.
17 * Note that this file only handles the SCSI architecture model and device
18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
25 #define DPRINTF(fmt, ...) \
26 do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
28 #define DPRINTF(fmt, ...) do {} while(0)
31 #include "qemu-common.h"
32 #include "qemu-error.h"
34 #include "scsi-defs.h"
37 #include "hw/block-common.h"
44 #define SCSI_DMA_BUF_SIZE 131072
45 #define SCSI_MAX_INQUIRY_LEN 256
46 #define SCSI_MAX_MODE_LEN 256
48 typedef struct SCSIDiskState SCSIDiskState;
50 typedef struct SCSIDiskReq {
52 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
54 uint32_t sector_count;
62 #define SCSI_DISK_F_REMOVABLE 0
63 #define SCSI_DISK_F_DPOFUA 1
82 static int scsi_handle_rw_error(SCSIDiskReq *r, int error);
84 static void scsi_free_request(SCSIRequest *req)
86 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
88 if (r->iov.iov_base) {
89 qemu_vfree(r->iov.iov_base);
93 /* Helper function for command completion with sense. */
94 static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
96 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n",
97 r->req.tag, sense.key, sense.asc, sense.ascq);
98 scsi_req_build_sense(&r->req, sense);
99 scsi_req_complete(&r->req, CHECK_CONDITION);
102 /* Cancel a pending data transfer. */
103 static void scsi_cancel_io(SCSIRequest *req)
105 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
107 DPRINTF("Cancel tag=0x%x\n", req->tag);
109 bdrv_aio_cancel(r->req.aiocb);
111 /* This reference was left in by scsi_*_data. We take ownership of
112 * it the moment scsi_req_cancel is called, independent of whether
113 * bdrv_aio_cancel completes the request or not. */
114 scsi_req_unref(&r->req);
119 static uint32_t scsi_init_iovec(SCSIDiskReq *r, size_t size)
121 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
123 if (!r->iov.iov_base) {
125 r->iov.iov_base = qemu_blockalign(s->qdev.conf.bs, r->buflen);
127 r->iov.iov_len = MIN(r->sector_count * 512, r->buflen);
128 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
129 return r->qiov.size / 512;
132 static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req)
134 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
136 qemu_put_be64s(f, &r->sector);
137 qemu_put_be32s(f, &r->sector_count);
138 qemu_put_be32s(f, &r->buflen);
140 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
141 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
142 } else if (!req->retry) {
143 uint32_t len = r->iov.iov_len;
144 qemu_put_be32s(f, &len);
145 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
150 static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req)
152 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
154 qemu_get_be64s(f, &r->sector);
155 qemu_get_be32s(f, &r->sector_count);
156 qemu_get_be32s(f, &r->buflen);
158 scsi_init_iovec(r, r->buflen);
159 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
160 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
161 } else if (!r->req.retry) {
163 qemu_get_be32s(f, &len);
164 r->iov.iov_len = len;
165 assert(r->iov.iov_len <= r->buflen);
166 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
170 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
173 static void scsi_aio_complete(void *opaque, int ret)
175 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
176 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
178 assert(r->req.aiocb != NULL);
180 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
183 if (scsi_handle_rw_error(r, -ret)) {
188 scsi_req_complete(&r->req, GOOD);
191 if (!r->req.io_canceled) {
192 scsi_req_unref(&r->req);
196 static bool scsi_is_cmd_fua(SCSICommand *cmd)
198 switch (cmd->buf[0]) {
205 return (cmd->buf[1] & 8) != 0;
210 case WRITE_VERIFY_10:
211 case WRITE_VERIFY_12:
212 case WRITE_VERIFY_16:
222 static void scsi_write_do_fua(SCSIDiskReq *r)
224 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
226 if (scsi_is_cmd_fua(&r->req.cmd)) {
227 bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH);
228 r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_aio_complete, r);
232 scsi_req_complete(&r->req, GOOD);
233 if (!r->req.io_canceled) {
234 scsi_req_unref(&r->req);
238 static void scsi_dma_complete(void *opaque, int ret)
240 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
241 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
243 assert(r->req.aiocb != NULL);
245 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
248 if (scsi_handle_rw_error(r, -ret)) {
253 r->sector += r->sector_count;
255 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
256 scsi_write_do_fua(r);
259 scsi_req_complete(&r->req, GOOD);
263 if (!r->req.io_canceled) {
264 scsi_req_unref(&r->req);
268 static void scsi_read_complete(void * opaque, int ret)
270 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
271 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
274 assert(r->req.aiocb != NULL);
276 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
279 if (scsi_handle_rw_error(r, -ret)) {
284 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->qiov.size);
286 n = r->qiov.size / 512;
288 r->sector_count -= n;
289 scsi_req_data(&r->req, r->qiov.size);
292 if (!r->req.io_canceled) {
293 scsi_req_unref(&r->req);
297 /* Actually issue a read to the block device. */
298 static void scsi_do_read(void *opaque, int ret)
300 SCSIDiskReq *r = opaque;
301 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
304 if (r->req.aiocb != NULL) {
306 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
310 if (scsi_handle_rw_error(r, -ret)) {
315 if (r->req.io_canceled) {
319 /* The request is used as the AIO opaque value, so add a ref. */
320 scsi_req_ref(&r->req);
323 dma_acct_start(s->qdev.conf.bs, &r->acct, r->req.sg, BDRV_ACCT_READ);
324 r->req.resid -= r->req.sg->size;
325 r->req.aiocb = dma_bdrv_read(s->qdev.conf.bs, r->req.sg, r->sector,
326 scsi_dma_complete, r);
328 n = scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
329 bdrv_acct_start(s->qdev.conf.bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
330 r->req.aiocb = bdrv_aio_readv(s->qdev.conf.bs, r->sector, &r->qiov, n,
331 scsi_read_complete, r);
335 if (!r->req.io_canceled) {
336 scsi_req_unref(&r->req);
340 /* Read more data from scsi device into buffer. */
341 static void scsi_read_data(SCSIRequest *req)
343 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
344 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
347 DPRINTF("Read sector_count=%d\n", r->sector_count);
348 if (r->sector_count == 0) {
349 /* This also clears the sense buffer for REQUEST SENSE. */
350 scsi_req_complete(&r->req, GOOD);
354 /* No data transfer may already be in progress */
355 assert(r->req.aiocb == NULL);
357 /* The request is used as the AIO opaque value, so add a ref. */
358 scsi_req_ref(&r->req);
359 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
360 DPRINTF("Data transfer direction invalid\n");
361 scsi_read_complete(r, -EINVAL);
366 scsi_read_complete(r, -ENOMEDIUM);
372 if (first && scsi_is_cmd_fua(&r->req.cmd)) {
373 bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH);
374 r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_do_read, r);
381 * scsi_handle_rw_error has two return values. 0 means that the error
382 * must be ignored, 1 means that the error has been processed and the
383 * caller should not do anything else for this request. Note that
384 * scsi_handle_rw_error always manages its reference counts, independent
385 * of the return value.
387 static int scsi_handle_rw_error(SCSIDiskReq *r, int error)
389 int is_read = (r->req.cmd.xfer == SCSI_XFER_FROM_DEV);
390 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
391 BlockErrorAction action = bdrv_get_on_error(s->qdev.conf.bs, is_read);
393 if (action == BLOCK_ERR_IGNORE) {
394 bdrv_emit_qmp_error_event(s->qdev.conf.bs, BDRV_ACTION_IGNORE, is_read);
398 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
399 || action == BLOCK_ERR_STOP_ANY) {
401 bdrv_emit_qmp_error_event(s->qdev.conf.bs, BDRV_ACTION_STOP, is_read);
402 vm_stop(RUN_STATE_IO_ERROR);
403 bdrv_iostatus_set_err(s->qdev.conf.bs, error);
404 scsi_req_retry(&r->req);
408 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
411 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
414 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
417 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
420 bdrv_emit_qmp_error_event(s->qdev.conf.bs, BDRV_ACTION_REPORT, is_read);
425 static void scsi_write_complete(void * opaque, int ret)
427 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
428 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
431 if (r->req.aiocb != NULL) {
433 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
437 if (scsi_handle_rw_error(r, -ret)) {
442 n = r->qiov.size / 512;
444 r->sector_count -= n;
445 if (r->sector_count == 0) {
446 scsi_write_do_fua(r);
449 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
450 DPRINTF("Write complete tag=0x%x more=%zd\n", r->req.tag, r->qiov.size);
451 scsi_req_data(&r->req, r->qiov.size);
455 if (!r->req.io_canceled) {
456 scsi_req_unref(&r->req);
460 static void scsi_write_data(SCSIRequest *req)
462 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
463 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
466 /* No data transfer may already be in progress */
467 assert(r->req.aiocb == NULL);
469 /* The request is used as the AIO opaque value, so add a ref. */
470 scsi_req_ref(&r->req);
471 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
472 DPRINTF("Data transfer direction invalid\n");
473 scsi_write_complete(r, -EINVAL);
477 if (!r->req.sg && !r->qiov.size) {
478 /* Called for the first time. Ask the driver to send us more data. */
480 scsi_write_complete(r, 0);
484 scsi_write_complete(r, -ENOMEDIUM);
488 if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 ||
489 r->req.cmd.buf[0] == VERIFY_16) {
491 scsi_dma_complete(r, 0);
493 scsi_write_complete(r, 0);
499 dma_acct_start(s->qdev.conf.bs, &r->acct, r->req.sg, BDRV_ACCT_WRITE);
500 r->req.resid -= r->req.sg->size;
501 r->req.aiocb = dma_bdrv_write(s->qdev.conf.bs, r->req.sg, r->sector,
502 scsi_dma_complete, r);
504 n = r->qiov.size / 512;
505 bdrv_acct_start(s->qdev.conf.bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_WRITE);
506 r->req.aiocb = bdrv_aio_writev(s->qdev.conf.bs, r->sector, &r->qiov, n,
507 scsi_write_complete, r);
511 /* Return a pointer to the data buffer. */
512 static uint8_t *scsi_get_buf(SCSIRequest *req)
514 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
516 return (uint8_t *)r->iov.iov_base;
519 static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
521 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
525 if (req->cmd.buf[1] & 0x1) {
526 /* Vital product data */
527 uint8_t page_code = req->cmd.buf[2];
529 outbuf[buflen++] = s->qdev.type & 0x1f;
530 outbuf[buflen++] = page_code ; // this page
531 outbuf[buflen++] = 0x00;
532 outbuf[buflen++] = 0x00;
536 case 0x00: /* Supported page codes, mandatory */
538 DPRINTF("Inquiry EVPD[Supported pages] "
539 "buffer size %zd\n", req->cmd.xfer);
540 outbuf[buflen++] = 0x00; // list of supported pages (this page)
542 outbuf[buflen++] = 0x80; // unit serial number
544 outbuf[buflen++] = 0x83; // device identification
545 if (s->qdev.type == TYPE_DISK) {
546 outbuf[buflen++] = 0xb0; // block limits
547 outbuf[buflen++] = 0xb2; // thin provisioning
551 case 0x80: /* Device serial number, optional */
556 DPRINTF("Inquiry (EVPD[Serial number] not supported\n");
560 l = strlen(s->serial);
565 DPRINTF("Inquiry EVPD[Serial number] "
566 "buffer size %zd\n", req->cmd.xfer);
567 memcpy(outbuf+buflen, s->serial, l);
572 case 0x83: /* Device identification page, mandatory */
574 const char *str = s->serial ?: bdrv_get_device_name(s->qdev.conf.bs);
575 int max_len = s->serial ? 20 : 255 - 8;
576 int id_len = strlen(str);
578 if (id_len > max_len) {
581 DPRINTF("Inquiry EVPD[Device identification] "
582 "buffer size %zd\n", req->cmd.xfer);
584 outbuf[buflen++] = 0x2; // ASCII
585 outbuf[buflen++] = 0; // not officially assigned
586 outbuf[buflen++] = 0; // reserved
587 outbuf[buflen++] = id_len; // length of data following
588 memcpy(outbuf+buflen, str, id_len);
592 outbuf[buflen++] = 0x1; // Binary
593 outbuf[buflen++] = 0x3; // NAA
594 outbuf[buflen++] = 0; // reserved
595 outbuf[buflen++] = 8;
596 stq_be_p(&outbuf[buflen], s->wwn);
601 case 0xb0: /* block limits */
603 unsigned int unmap_sectors =
604 s->qdev.conf.discard_granularity / s->qdev.blocksize;
605 unsigned int min_io_size =
606 s->qdev.conf.min_io_size / s->qdev.blocksize;
607 unsigned int opt_io_size =
608 s->qdev.conf.opt_io_size / s->qdev.blocksize;
610 if (s->qdev.type == TYPE_ROM) {
611 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
615 /* required VPD size with unmap support */
617 memset(outbuf + 4, 0, buflen - 4);
619 /* optimal transfer length granularity */
620 outbuf[6] = (min_io_size >> 8) & 0xff;
621 outbuf[7] = min_io_size & 0xff;
623 /* optimal transfer length */
624 outbuf[12] = (opt_io_size >> 24) & 0xff;
625 outbuf[13] = (opt_io_size >> 16) & 0xff;
626 outbuf[14] = (opt_io_size >> 8) & 0xff;
627 outbuf[15] = opt_io_size & 0xff;
629 /* optimal unmap granularity */
630 outbuf[28] = (unmap_sectors >> 24) & 0xff;
631 outbuf[29] = (unmap_sectors >> 16) & 0xff;
632 outbuf[30] = (unmap_sectors >> 8) & 0xff;
633 outbuf[31] = unmap_sectors & 0xff;
636 case 0xb2: /* thin provisioning */
640 outbuf[5] = 0xe0; /* unmap & write_same 10/16 all supported */
641 outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1;
649 assert(buflen - start <= 255);
650 outbuf[start - 1] = buflen - start;
654 /* Standard INQUIRY data */
655 if (req->cmd.buf[2] != 0) {
660 buflen = req->cmd.xfer;
661 if (buflen > SCSI_MAX_INQUIRY_LEN) {
662 buflen = SCSI_MAX_INQUIRY_LEN;
664 memset(outbuf, 0, buflen);
666 outbuf[0] = s->qdev.type & 0x1f;
667 outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0;
669 strpadcpy((char *) &outbuf[16], 16, s->product, ' ');
670 strpadcpy((char *) &outbuf[8], 8, s->vendor, ' ');
672 memset(&outbuf[32], 0, 4);
673 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
675 * We claim conformance to SPC-3, which is required for guests
676 * to ask for modern features like READ CAPACITY(16) or the
677 * block characteristics VPD page by default. Not all of SPC-3
678 * is actually implemented, but we're good enough.
681 outbuf[3] = 2; /* Format 2 */
684 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
686 /* If the allocation length of CDB is too small,
687 the additional length is not adjusted */
691 /* Sync data transfer and TCQ. */
692 outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0);
696 static inline bool media_is_dvd(SCSIDiskState *s)
699 if (s->qdev.type != TYPE_ROM) {
702 if (!bdrv_is_inserted(s->qdev.conf.bs)) {
705 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
706 return nb_sectors > CD_MAX_SECTORS;
709 static inline bool media_is_cd(SCSIDiskState *s)
712 if (s->qdev.type != TYPE_ROM) {
715 if (!bdrv_is_inserted(s->qdev.conf.bs)) {
718 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
719 return nb_sectors <= CD_MAX_SECTORS;
722 static int scsi_read_disc_information(SCSIDiskState *s, SCSIDiskReq *r,
725 uint8_t type = r->req.cmd.buf[1] & 7;
727 if (s->qdev.type != TYPE_ROM) {
731 /* Types 1/2 are only defined for Blu-Ray. */
733 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
737 memset(outbuf, 0, 34);
739 outbuf[2] = 0xe; /* last session complete, disc finalized */
740 outbuf[3] = 1; /* first track on disc */
741 outbuf[4] = 1; /* # of sessions */
742 outbuf[5] = 1; /* first track of last session */
743 outbuf[6] = 1; /* last track of last session */
744 outbuf[7] = 0x20; /* unrestricted use */
745 outbuf[8] = 0x00; /* CD-ROM or DVD-ROM */
746 /* 9-10-11: most significant byte corresponding bytes 4-5-6 */
747 /* 12-23: not meaningful for CD-ROM or DVD-ROM */
748 /* 24-31: disc bar code */
749 /* 32: disc application code */
750 /* 33: number of OPC tables */
755 static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r,
758 static const int rds_caps_size[5] = {
765 uint8_t media = r->req.cmd.buf[1];
766 uint8_t layer = r->req.cmd.buf[6];
767 uint8_t format = r->req.cmd.buf[7];
770 if (s->qdev.type != TYPE_ROM) {
774 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
778 if (format != 0xff) {
779 if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) {
780 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
783 if (media_is_cd(s)) {
784 scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT));
787 if (format >= ARRAY_SIZE(rds_caps_size)) {
790 size = rds_caps_size[format];
791 memset(outbuf, 0, size);
796 /* Physical format information */
801 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
803 outbuf[4] = 1; /* DVD-ROM, part version 1 */
804 outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
805 outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
806 outbuf[7] = 0; /* default densities */
808 stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */
809 stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */
813 case 0x01: /* DVD copyright information, all zeros */
816 case 0x03: /* BCA information - invalid field for no BCA info */
819 case 0x04: /* DVD disc manufacturing information, all zeros */
822 case 0xff: { /* List capabilities */
825 for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) {
826 if (!rds_caps_size[i]) {
830 outbuf[size + 1] = 0x40; /* Not writable, readable */
831 stw_be_p(&outbuf[size + 2], rds_caps_size[i]);
841 /* Size of buffer, not including 2 byte size field */
842 stw_be_p(outbuf, size - 2);
849 static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf)
851 uint8_t event_code, media_status;
855 media_status = MS_TRAY_OPEN;
856 } else if (bdrv_is_inserted(s->qdev.conf.bs)) {
857 media_status = MS_MEDIA_PRESENT;
860 /* Event notification descriptor */
861 event_code = MEC_NO_CHANGE;
862 if (media_status != MS_TRAY_OPEN) {
863 if (s->media_event) {
864 event_code = MEC_NEW_MEDIA;
865 s->media_event = false;
866 } else if (s->eject_request) {
867 event_code = MEC_EJECT_REQUESTED;
868 s->eject_request = false;
872 outbuf[0] = event_code;
873 outbuf[1] = media_status;
875 /* These fields are reserved, just clear them. */
881 static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r,
885 uint8_t *buf = r->req.cmd.buf;
886 uint8_t notification_class_request = buf[4];
887 if (s->qdev.type != TYPE_ROM) {
890 if ((buf[1] & 1) == 0) {
896 outbuf[0] = outbuf[1] = 0;
897 outbuf[3] = 1 << GESN_MEDIA; /* supported events */
898 if (notification_class_request & (1 << GESN_MEDIA)) {
899 outbuf[2] = GESN_MEDIA;
900 size += scsi_event_status_media(s, &outbuf[size]);
904 stw_be_p(outbuf, size - 4);
908 static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf)
912 if (s->qdev.type != TYPE_ROM) {
915 current = media_is_dvd(s) ? MMC_PROFILE_DVD_ROM : MMC_PROFILE_CD_ROM;
916 memset(outbuf, 0, 40);
917 stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */
918 stw_be_p(&outbuf[6], current);
919 /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */
920 outbuf[10] = 0x03; /* persistent, current */
921 outbuf[11] = 8; /* two profiles */
922 stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM);
923 outbuf[14] = (current == MMC_PROFILE_DVD_ROM);
924 stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM);
925 outbuf[18] = (current == MMC_PROFILE_CD_ROM);
926 /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */
927 stw_be_p(&outbuf[20], 1);
928 outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */
930 stl_be_p(&outbuf[24], 1); /* SCSI */
931 outbuf[28] = 1; /* DBE = 1, mandatory */
932 /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */
933 stw_be_p(&outbuf[32], 3);
934 outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */
936 outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */
937 /* TODO: Random readable, CD read, DVD read, drive serial number,
942 static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf)
944 if (s->qdev.type != TYPE_ROM) {
947 memset(outbuf, 0, 8);
948 outbuf[5] = 1; /* CD-ROM */
952 static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
955 static const int mode_sense_valid[0x3f] = {
956 [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK),
957 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK),
958 [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
959 [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
960 [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM),
961 [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM),
964 uint8_t *p = *p_outbuf + 2;
967 if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) {
972 * If Changeable Values are requested, a mask denoting those mode parameters
973 * that are changeable shall be returned. As we currently don't support
974 * parameter changes via MODE_SELECT all bits are returned set to zero.
975 * The buffer was already menset to zero by the caller of this function.
977 * The offsets here are off by two compared to the descriptions in the
978 * SCSI specs, because those include a 2-byte header. This is unfortunate,
979 * but it is done so that offsets are consistent within our implementation
980 * of MODE SENSE and MODE SELECT. MODE SELECT has to deal with both
981 * 2-byte and 4-byte headers.
984 case MODE_PAGE_HD_GEOMETRY:
986 if (page_control == 1) { /* Changeable Values */
989 /* if a geometry hint is available, use it */
990 p[0] = (s->qdev.conf.cyls >> 16) & 0xff;
991 p[1] = (s->qdev.conf.cyls >> 8) & 0xff;
992 p[2] = s->qdev.conf.cyls & 0xff;
993 p[3] = s->qdev.conf.heads & 0xff;
994 /* Write precomp start cylinder, disabled */
995 p[4] = (s->qdev.conf.cyls >> 16) & 0xff;
996 p[5] = (s->qdev.conf.cyls >> 8) & 0xff;
997 p[6] = s->qdev.conf.cyls & 0xff;
998 /* Reduced current start cylinder, disabled */
999 p[7] = (s->qdev.conf.cyls >> 16) & 0xff;
1000 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1001 p[9] = s->qdev.conf.cyls & 0xff;
1002 /* Device step rate [ns], 200ns */
1005 /* Landing zone cylinder */
1009 /* Medium rotation rate [rpm], 5400 rpm */
1010 p[18] = (5400 >> 8) & 0xff;
1011 p[19] = 5400 & 0xff;
1014 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY:
1016 if (page_control == 1) { /* Changeable Values */
1019 /* Transfer rate [kbit/s], 5Mbit/s */
1022 /* if a geometry hint is available, use it */
1023 p[2] = s->qdev.conf.heads & 0xff;
1024 p[3] = s->qdev.conf.secs & 0xff;
1025 p[4] = s->qdev.blocksize >> 8;
1026 p[6] = (s->qdev.conf.cyls >> 8) & 0xff;
1027 p[7] = s->qdev.conf.cyls & 0xff;
1028 /* Write precomp start cylinder, disabled */
1029 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1030 p[9] = s->qdev.conf.cyls & 0xff;
1031 /* Reduced current start cylinder, disabled */
1032 p[10] = (s->qdev.conf.cyls >> 8) & 0xff;
1033 p[11] = s->qdev.conf.cyls & 0xff;
1034 /* Device step rate [100us], 100us */
1037 /* Device step pulse width [us], 1us */
1039 /* Device head settle delay [100us], 100us */
1042 /* Motor on delay [0.1s], 0.1s */
1044 /* Motor off delay [0.1s], 0.1s */
1046 /* Medium rotation rate [rpm], 5400 rpm */
1047 p[26] = (5400 >> 8) & 0xff;
1048 p[27] = 5400 & 0xff;
1051 case MODE_PAGE_CACHING:
1053 if (page_control == 1 || /* Changeable Values */
1054 bdrv_enable_write_cache(s->qdev.conf.bs)) {
1059 case MODE_PAGE_R_W_ERROR:
1061 if (page_control == 1) { /* Changeable Values */
1064 p[0] = 0x80; /* Automatic Write Reallocation Enabled */
1065 if (s->qdev.type == TYPE_ROM) {
1066 p[1] = 0x20; /* Read Retry Count */
1070 case MODE_PAGE_AUDIO_CTL:
1074 case MODE_PAGE_CAPABILITIES:
1076 if (page_control == 1) { /* Changeable Values */
1080 p[0] = 0x3b; /* CD-R & CD-RW read */
1081 p[1] = 0; /* Writing not supported */
1082 p[2] = 0x7f; /* Audio, composite, digital out,
1083 mode 2 form 1&2, multi session */
1084 p[3] = 0xff; /* CD DA, DA accurate, RW supported,
1085 RW corrected, C2 errors, ISRC,
1087 p[4] = 0x2d | (s->tray_locked ? 2 : 0);
1088 /* Locking supported, jumper present, eject, tray */
1089 p[5] = 0; /* no volume & mute control, no
1091 p[6] = (50 * 176) >> 8; /* 50x read speed */
1092 p[7] = (50 * 176) & 0xff;
1093 p[8] = 2 >> 8; /* Two volume levels */
1095 p[10] = 2048 >> 8; /* 2M buffer */
1096 p[11] = 2048 & 0xff;
1097 p[12] = (16 * 176) >> 8; /* 16x read speed current */
1098 p[13] = (16 * 176) & 0xff;
1099 p[16] = (16 * 176) >> 8; /* 16x write speed */
1100 p[17] = (16 * 176) & 0xff;
1101 p[18] = (16 * 176) >> 8; /* 16x write speed current */
1102 p[19] = (16 * 176) & 0xff;
1109 assert(length < 256);
1110 (*p_outbuf)[0] = page;
1111 (*p_outbuf)[1] = length;
1112 *p_outbuf += length + 2;
1116 static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
1118 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1119 uint64_t nb_sectors;
1121 int page, buflen, ret, page_control;
1123 uint8_t dev_specific_param;
1125 dbd = (r->req.cmd.buf[1] & 0x8) != 0;
1126 page = r->req.cmd.buf[2] & 0x3f;
1127 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
1128 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
1129 (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control);
1130 memset(outbuf, 0, r->req.cmd.xfer);
1133 if (s->qdev.type == TYPE_DISK) {
1134 dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0;
1135 if (bdrv_is_read_only(s->qdev.conf.bs)) {
1136 dev_specific_param |= 0x80; /* Readonly. */
1139 /* MMC prescribes that CD/DVD drives have no block descriptors,
1140 * and defines no device-specific parameter. */
1141 dev_specific_param = 0x00;
1145 if (r->req.cmd.buf[0] == MODE_SENSE) {
1146 p[1] = 0; /* Default media type. */
1147 p[2] = dev_specific_param;
1148 p[3] = 0; /* Block descriptor length. */
1150 } else { /* MODE_SENSE_10 */
1151 p[2] = 0; /* Default media type. */
1152 p[3] = dev_specific_param;
1153 p[6] = p[7] = 0; /* Block descriptor length. */
1157 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1158 if (!dbd && nb_sectors) {
1159 if (r->req.cmd.buf[0] == MODE_SENSE) {
1160 outbuf[3] = 8; /* Block descriptor length */
1161 } else { /* MODE_SENSE_10 */
1162 outbuf[7] = 8; /* Block descriptor length */
1164 nb_sectors /= (s->qdev.blocksize / 512);
1165 if (nb_sectors > 0xffffff) {
1168 p[0] = 0; /* media density code */
1169 p[1] = (nb_sectors >> 16) & 0xff;
1170 p[2] = (nb_sectors >> 8) & 0xff;
1171 p[3] = nb_sectors & 0xff;
1172 p[4] = 0; /* reserved */
1173 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
1174 p[6] = s->qdev.blocksize >> 8;
1179 if (page_control == 3) {
1181 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
1186 for (page = 0; page <= 0x3e; page++) {
1187 mode_sense_page(s, page, &p, page_control);
1190 ret = mode_sense_page(s, page, &p, page_control);
1196 buflen = p - outbuf;
1198 * The mode data length field specifies the length in bytes of the
1199 * following data that is available to be transferred. The mode data
1200 * length does not include itself.
1202 if (r->req.cmd.buf[0] == MODE_SENSE) {
1203 outbuf[0] = buflen - 1;
1204 } else { /* MODE_SENSE_10 */
1205 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
1206 outbuf[1] = (buflen - 2) & 0xff;
1211 static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
1213 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1214 int start_track, format, msf, toclen;
1215 uint64_t nb_sectors;
1217 msf = req->cmd.buf[1] & 2;
1218 format = req->cmd.buf[2] & 0xf;
1219 start_track = req->cmd.buf[6];
1220 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1221 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
1222 nb_sectors /= s->qdev.blocksize / 512;
1225 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
1228 /* multi session : only a single session defined */
1230 memset(outbuf, 0, 12);
1236 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
1244 static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
1246 SCSIRequest *req = &r->req;
1247 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1248 bool start = req->cmd.buf[4] & 1;
1249 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
1250 int pwrcnd = req->cmd.buf[4] & 0xf0;
1253 /* eject/load only happens for power condition == 0 */
1257 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) && loej) {
1258 if (!start && !s->tray_open && s->tray_locked) {
1259 scsi_check_condition(r,
1260 bdrv_is_inserted(s->qdev.conf.bs)
1261 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
1262 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
1266 if (s->tray_open != !start) {
1267 bdrv_eject(s->qdev.conf.bs, !start);
1268 s->tray_open = !start;
1274 static void scsi_disk_emulate_read_data(SCSIRequest *req)
1276 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1277 int buflen = r->iov.iov_len;
1280 DPRINTF("Read buf_len=%d\n", buflen);
1283 scsi_req_data(&r->req, buflen);
1287 /* This also clears the sense buffer for REQUEST SENSE. */
1288 scsi_req_complete(&r->req, GOOD);
1291 static int scsi_disk_check_mode_select(SCSIDiskState *s, int page,
1292 uint8_t *inbuf, int inlen)
1294 uint8_t mode_current[SCSI_MAX_MODE_LEN];
1295 uint8_t mode_changeable[SCSI_MAX_MODE_LEN];
1297 int len, expected_len, changeable_len, i;
1299 /* The input buffer does not include the page header, so it is
1302 expected_len = inlen + 2;
1303 if (expected_len > SCSI_MAX_MODE_LEN) {
1308 memset(mode_current, 0, inlen + 2);
1309 len = mode_sense_page(s, page, &p, 0);
1310 if (len < 0 || len != expected_len) {
1314 p = mode_changeable;
1315 memset(mode_changeable, 0, inlen + 2);
1316 changeable_len = mode_sense_page(s, page, &p, 1);
1317 assert(changeable_len == len);
1319 /* Check that unchangeable bits are the same as what MODE SENSE
1322 for (i = 2; i < len; i++) {
1323 if (((mode_current[i] ^ inbuf[i - 2]) & ~mode_changeable[i]) != 0) {
1330 static void scsi_disk_apply_mode_select(SCSIDiskState *s, int page, uint8_t *p)
1333 case MODE_PAGE_CACHING:
1334 bdrv_set_enable_write_cache(s->qdev.conf.bs, (p[0] & 4) != 0);
1342 static int mode_select_pages(SCSIDiskReq *r, uint8_t *p, int len, bool change)
1344 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1347 int page, subpage, page_len;
1349 /* Parse both possible formats for the mode page headers. */
1353 goto invalid_param_len;
1356 page_len = lduw_be_p(&p[2]);
1361 goto invalid_param_len;
1372 if (page_len > len) {
1373 goto invalid_param_len;
1377 if (scsi_disk_check_mode_select(s, page, p, page_len) < 0) {
1381 scsi_disk_apply_mode_select(s, page, p);
1390 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1394 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1398 static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf)
1401 int cmd = r->req.cmd.buf[0];
1402 int len = r->req.cmd.xfer;
1403 int hdr_len = (cmd == MODE_SELECT ? 4 : 8);
1407 /* We only support PF=1, SP=0. */
1408 if ((r->req.cmd.buf[1] & 0x11) != 0x10) {
1412 if (len < hdr_len) {
1413 goto invalid_param_len;
1416 bd_len = (cmd == MODE_SELECT ? p[3] : lduw_be_p(&p[6]));
1420 goto invalid_param_len;
1422 if (bd_len != 0 && bd_len != 8) {
1429 /* Ensure no change is made if there is an error! */
1430 for (pass = 0; pass < 2; pass++) {
1431 if (mode_select_pages(r, p, len, pass == 1) < 0) {
1436 scsi_req_complete(&r->req, GOOD);
1440 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1444 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1448 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1452 static inline bool check_lba_range(SCSIDiskState *s,
1453 uint64_t sector_num, uint32_t nb_sectors)
1456 * The first line tests that no overflow happens when computing the last
1457 * sector. The second line tests that the last accessed sector is in
1460 * Careful, the computations should not underflow for nb_sectors == 0,
1461 * and a 0-block read to the first LBA beyond the end of device is
1464 return (sector_num <= sector_num + nb_sectors &&
1465 sector_num + nb_sectors <= s->qdev.max_lba + 1);
1468 typedef struct UnmapCBData {
1474 static void scsi_unmap_complete(void *opaque, int ret)
1476 UnmapCBData *data = opaque;
1477 SCSIDiskReq *r = data->r;
1478 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1479 uint64_t sector_num;
1480 uint32_t nb_sectors;
1482 r->req.aiocb = NULL;
1484 if (scsi_handle_rw_error(r, -ret)) {
1489 if (data->count > 0 && !r->req.io_canceled) {
1490 sector_num = ldq_be_p(&data->inbuf[0]);
1491 nb_sectors = ldl_be_p(&data->inbuf[8]) & 0xffffffffULL;
1492 if (!check_lba_range(s, sector_num, nb_sectors)) {
1493 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1497 r->req.aiocb = bdrv_aio_discard(s->qdev.conf.bs,
1498 sector_num * (s->qdev.blocksize / 512),
1499 nb_sectors * (s->qdev.blocksize / 512),
1500 scsi_unmap_complete, data);
1507 if (data->count == 0) {
1508 scsi_req_complete(&r->req, GOOD);
1510 if (!r->req.io_canceled) {
1511 scsi_req_unref(&r->req);
1516 static void scsi_disk_emulate_unmap(SCSIDiskReq *r, uint8_t *inbuf)
1519 int len = r->req.cmd.xfer;
1523 goto invalid_param_len;
1525 if (len < lduw_be_p(&p[0]) + 2) {
1526 goto invalid_param_len;
1528 if (len < lduw_be_p(&p[2]) + 8) {
1529 goto invalid_param_len;
1531 if (lduw_be_p(&p[2]) & 15) {
1532 goto invalid_param_len;
1535 data = g_new0(UnmapCBData, 1);
1537 data->inbuf = &p[8];
1538 data->count = lduw_be_p(&p[2]) >> 4;
1540 /* The matching unref is in scsi_unmap_complete, before data is freed. */
1541 scsi_req_ref(&r->req);
1542 scsi_unmap_complete(data, 0);
1546 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1550 static void scsi_disk_emulate_write_data(SCSIRequest *req)
1552 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1554 if (r->iov.iov_len) {
1555 int buflen = r->iov.iov_len;
1556 DPRINTF("Write buf_len=%d\n", buflen);
1558 scsi_req_data(&r->req, buflen);
1562 switch (req->cmd.buf[0]) {
1564 case MODE_SELECT_10:
1565 /* This also clears the sense buffer for REQUEST SENSE. */
1566 scsi_disk_emulate_mode_select(r, r->iov.iov_base);
1570 scsi_disk_emulate_unmap(r, r->iov.iov_base);
1578 static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
1580 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1581 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1582 uint64_t nb_sectors;
1586 switch (req->cmd.buf[0]) {
1595 case ALLOW_MEDIUM_REMOVAL:
1596 case GET_CONFIGURATION:
1597 case GET_EVENT_STATUS_NOTIFICATION:
1598 case MECHANISM_STATUS:
1603 if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) {
1604 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1610 if (!r->iov.iov_base) {
1612 * FIXME: we shouldn't return anything bigger than 4k, but the code
1613 * requires the buffer to be as big as req->cmd.xfer in several
1614 * places. So, do not allow CDBs with a very large ALLOCATION
1615 * LENGTH. The real fix would be to modify scsi_read_data and
1616 * dma_buf_read, so that they return data beyond the buflen
1619 if (req->cmd.xfer > 65536) {
1620 goto illegal_request;
1622 r->buflen = MAX(4096, req->cmd.xfer);
1623 r->iov.iov_base = qemu_blockalign(s->qdev.conf.bs, r->buflen);
1626 buflen = req->cmd.xfer;
1627 outbuf = r->iov.iov_base;
1628 switch (req->cmd.buf[0]) {
1629 case TEST_UNIT_READY:
1630 assert(!s->tray_open && bdrv_is_inserted(s->qdev.conf.bs));
1633 buflen = scsi_disk_emulate_inquiry(req, outbuf);
1635 goto illegal_request;
1640 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
1642 goto illegal_request;
1646 buflen = scsi_disk_emulate_read_toc(req, outbuf);
1648 goto illegal_request;
1652 if (req->cmd.buf[1] & 1) {
1653 goto illegal_request;
1657 if (req->cmd.buf[1] & 3) {
1658 goto illegal_request;
1662 if (req->cmd.buf[1] & 1) {
1663 goto illegal_request;
1667 if (req->cmd.buf[1] & 3) {
1668 goto illegal_request;
1672 if (scsi_disk_emulate_start_stop(r) < 0) {
1676 case ALLOW_MEDIUM_REMOVAL:
1677 s->tray_locked = req->cmd.buf[4] & 1;
1678 bdrv_lock_medium(s->qdev.conf.bs, req->cmd.buf[4] & 1);
1680 case READ_CAPACITY_10:
1681 /* The normal LEN field for this command is zero. */
1682 memset(outbuf, 0, 8);
1683 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1685 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
1688 if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) {
1689 goto illegal_request;
1691 nb_sectors /= s->qdev.blocksize / 512;
1692 /* Returned value is the address of the last sector. */
1694 /* Remember the new size for read/write sanity checking. */
1695 s->qdev.max_lba = nb_sectors;
1696 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
1697 if (nb_sectors > UINT32_MAX) {
1698 nb_sectors = UINT32_MAX;
1700 outbuf[0] = (nb_sectors >> 24) & 0xff;
1701 outbuf[1] = (nb_sectors >> 16) & 0xff;
1702 outbuf[2] = (nb_sectors >> 8) & 0xff;
1703 outbuf[3] = nb_sectors & 0xff;
1706 outbuf[6] = s->qdev.blocksize >> 8;
1711 /* Just return "NO SENSE". */
1712 buflen = scsi_build_sense(NULL, 0, outbuf, r->buflen,
1713 (req->cmd.buf[1] & 1) == 0);
1715 case MECHANISM_STATUS:
1716 buflen = scsi_emulate_mechanism_status(s, outbuf);
1718 goto illegal_request;
1721 case GET_CONFIGURATION:
1722 buflen = scsi_get_configuration(s, outbuf);
1724 goto illegal_request;
1727 case GET_EVENT_STATUS_NOTIFICATION:
1728 buflen = scsi_get_event_status_notification(s, r, outbuf);
1730 goto illegal_request;
1733 case READ_DISC_INFORMATION:
1734 buflen = scsi_read_disc_information(s, r, outbuf);
1736 goto illegal_request;
1739 case READ_DVD_STRUCTURE:
1740 buflen = scsi_read_dvd_structure(s, r, outbuf);
1742 goto illegal_request;
1745 case SERVICE_ACTION_IN_16:
1746 /* Service Action In subcommands. */
1747 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
1748 DPRINTF("SAI READ CAPACITY(16)\n");
1749 memset(outbuf, 0, req->cmd.xfer);
1750 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1752 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
1755 if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) {
1756 goto illegal_request;
1758 nb_sectors /= s->qdev.blocksize / 512;
1759 /* Returned value is the address of the last sector. */
1761 /* Remember the new size for read/write sanity checking. */
1762 s->qdev.max_lba = nb_sectors;
1763 outbuf[0] = (nb_sectors >> 56) & 0xff;
1764 outbuf[1] = (nb_sectors >> 48) & 0xff;
1765 outbuf[2] = (nb_sectors >> 40) & 0xff;
1766 outbuf[3] = (nb_sectors >> 32) & 0xff;
1767 outbuf[4] = (nb_sectors >> 24) & 0xff;
1768 outbuf[5] = (nb_sectors >> 16) & 0xff;
1769 outbuf[6] = (nb_sectors >> 8) & 0xff;
1770 outbuf[7] = nb_sectors & 0xff;
1773 outbuf[10] = s->qdev.blocksize >> 8;
1776 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
1778 /* set TPE bit if the format supports discard */
1779 if (s->qdev.conf.discard_granularity) {
1783 /* Protection, exponent and lowest lba field left blank. */
1784 buflen = req->cmd.xfer;
1787 DPRINTF("Unsupported Service Action In\n");
1788 goto illegal_request;
1789 case SYNCHRONIZE_CACHE:
1790 /* The request is used as the AIO opaque value, so add a ref. */
1791 scsi_req_ref(&r->req);
1792 bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH);
1793 r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_aio_complete, r);
1796 DPRINTF("Seek(10) (sector %" PRId64 ")\n", r->req.cmd.lba);
1797 if (r->req.cmd.lba > s->qdev.max_lba) {
1802 DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
1804 case MODE_SELECT_10:
1805 DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
1808 DPRINTF("Unmap (len %lu)\n", (long)r->req.cmd.xfer);
1811 nb_sectors = lduw_be_p(&req->cmd.buf[7]);
1814 nb_sectors = ldl_be_p(&req->cmd.buf[10]) & 0xffffffffULL;
1816 if (bdrv_is_read_only(s->qdev.conf.bs)) {
1817 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1820 if (!check_lba_range(s, r->req.cmd.lba, nb_sectors)) {
1825 * We only support WRITE SAME with the unmap bit set for now.
1827 if (!(req->cmd.buf[1] & 0x8)) {
1828 goto illegal_request;
1831 /* The request is used as the AIO opaque value, so add a ref. */
1832 scsi_req_ref(&r->req);
1833 r->req.aiocb = bdrv_aio_discard(s->qdev.conf.bs,
1834 r->req.cmd.lba * (s->qdev.blocksize / 512),
1835 nb_sectors * (s->qdev.blocksize / 512),
1836 scsi_aio_complete, r);
1839 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
1840 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
1843 assert(!r->req.aiocb);
1844 r->iov.iov_len = MIN(buflen, req->cmd.xfer);
1845 if (r->iov.iov_len == 0) {
1846 scsi_req_complete(&r->req, GOOD);
1848 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
1849 assert(r->iov.iov_len == req->cmd.xfer);
1850 return -r->iov.iov_len;
1852 return r->iov.iov_len;
1856 if (r->req.status == -1) {
1857 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1862 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1866 /* Execute a scsi command. Returns the length of the data expected by the
1867 command. This will be Positive for data transfers from the device
1868 (eg. disk reads), negative for transfers to the device (eg. disk writes),
1869 and zero if the command does not transfer any data. */
1871 static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf)
1873 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1874 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1880 if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) {
1881 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1890 len = r->req.cmd.xfer / s->qdev.blocksize;
1891 DPRINTF("Read (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len);
1892 if (r->req.cmd.buf[1] & 0xe0) {
1893 goto illegal_request;
1895 if (!check_lba_range(s, r->req.cmd.lba, len)) {
1898 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
1899 r->sector_count = len * (s->qdev.blocksize / 512);
1905 case WRITE_VERIFY_10:
1906 case WRITE_VERIFY_12:
1907 case WRITE_VERIFY_16:
1908 if (bdrv_is_read_only(s->qdev.conf.bs)) {
1909 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1916 len = r->req.cmd.xfer / s->qdev.blocksize;
1917 DPRINTF("Write %s(sector %" PRId64 ", count %d)\n",
1918 (command & 0xe) == 0xe ? "And Verify " : "",
1919 r->req.cmd.lba, len);
1920 if (r->req.cmd.buf[1] & 0xe0) {
1921 goto illegal_request;
1923 if (!check_lba_range(s, r->req.cmd.lba, len)) {
1926 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
1927 r->sector_count = len * (s->qdev.blocksize / 512);
1932 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1935 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1938 if (r->sector_count == 0) {
1939 scsi_req_complete(&r->req, GOOD);
1941 assert(r->iov.iov_len == 0);
1942 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
1943 return -r->sector_count * 512;
1945 return r->sector_count * 512;
1949 static void scsi_disk_reset(DeviceState *dev)
1951 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
1952 uint64_t nb_sectors;
1954 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
1956 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1957 nb_sectors /= s->qdev.blocksize / 512;
1961 s->qdev.max_lba = nb_sectors;
1964 static void scsi_destroy(SCSIDevice *dev)
1966 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1968 scsi_device_purge_requests(&s->qdev, SENSE_CODE(NO_SENSE));
1969 blockdev_mark_auto_del(s->qdev.conf.bs);
1972 static void scsi_disk_resize_cb(void *opaque)
1974 SCSIDiskState *s = opaque;
1976 /* SPC lists this sense code as available only for
1977 * direct-access devices.
1979 if (s->qdev.type == TYPE_DISK) {
1980 scsi_device_set_ua(&s->qdev, SENSE_CODE(CAPACITY_CHANGED));
1981 scsi_device_report_change(&s->qdev, SENSE_CODE(CAPACITY_CHANGED));
1985 static void scsi_cd_change_media_cb(void *opaque, bool load)
1987 SCSIDiskState *s = opaque;
1990 * When a CD gets changed, we have to report an ejected state and
1991 * then a loaded state to guests so that they detect tray
1992 * open/close and media change events. Guests that do not use
1993 * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close
1994 * states rely on this behavior.
1996 * media_changed governs the state machine used for unit attention
1997 * report. media_event is used by GET EVENT STATUS NOTIFICATION.
1999 s->media_changed = load;
2000 s->tray_open = !load;
2001 scsi_device_set_ua(&s->qdev, SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM));
2002 s->media_event = true;
2003 s->eject_request = false;
2006 static void scsi_cd_eject_request_cb(void *opaque, bool force)
2008 SCSIDiskState *s = opaque;
2010 s->eject_request = true;
2012 s->tray_locked = false;
2016 static bool scsi_cd_is_tray_open(void *opaque)
2018 return ((SCSIDiskState *)opaque)->tray_open;
2021 static bool scsi_cd_is_medium_locked(void *opaque)
2023 return ((SCSIDiskState *)opaque)->tray_locked;
2026 static const BlockDevOps scsi_disk_removable_block_ops = {
2027 .change_media_cb = scsi_cd_change_media_cb,
2028 .eject_request_cb = scsi_cd_eject_request_cb,
2029 .is_tray_open = scsi_cd_is_tray_open,
2030 .is_medium_locked = scsi_cd_is_medium_locked,
2032 .resize_cb = scsi_disk_resize_cb,
2035 static const BlockDevOps scsi_disk_block_ops = {
2036 .resize_cb = scsi_disk_resize_cb,
2039 static void scsi_disk_unit_attention_reported(SCSIDevice *dev)
2041 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2042 if (s->media_changed) {
2043 s->media_changed = false;
2044 scsi_device_set_ua(&s->qdev, SENSE_CODE(MEDIUM_CHANGED));
2048 static int scsi_initfn(SCSIDevice *dev)
2050 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2052 if (!s->qdev.conf.bs) {
2053 error_report("drive property not set");
2057 if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2058 !bdrv_is_inserted(s->qdev.conf.bs)) {
2059 error_report("Device needs media, but drive is empty");
2063 blkconf_serial(&s->qdev.conf, &s->serial);
2064 if (dev->type == TYPE_DISK
2065 && blkconf_geometry(&dev->conf, NULL, 65535, 255, 255) < 0) {
2070 s->version = g_strdup(qemu_get_version());
2073 s->vendor = g_strdup("QEMU");
2076 if (bdrv_is_sg(s->qdev.conf.bs)) {
2077 error_report("unwanted /dev/sg*");
2081 if (s->features & (1 << SCSI_DISK_F_REMOVABLE)) {
2082 bdrv_set_dev_ops(s->qdev.conf.bs, &scsi_disk_removable_block_ops, s);
2084 bdrv_set_dev_ops(s->qdev.conf.bs, &scsi_disk_block_ops, s);
2086 bdrv_set_buffer_alignment(s->qdev.conf.bs, s->qdev.blocksize);
2088 bdrv_iostatus_enable(s->qdev.conf.bs);
2089 add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, NULL);
2093 static int scsi_hd_initfn(SCSIDevice *dev)
2095 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2096 s->qdev.blocksize = s->qdev.conf.logical_block_size;
2097 s->qdev.type = TYPE_DISK;
2099 s->product = g_strdup("QEMU HARDDISK");
2101 return scsi_initfn(&s->qdev);
2104 static int scsi_cd_initfn(SCSIDevice *dev)
2106 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2107 s->qdev.blocksize = 2048;
2108 s->qdev.type = TYPE_ROM;
2109 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2111 s->product = g_strdup("QEMU CD-ROM");
2113 return scsi_initfn(&s->qdev);
2116 static int scsi_disk_initfn(SCSIDevice *dev)
2120 if (!dev->conf.bs) {
2121 return scsi_initfn(dev); /* ... and die there */
2124 dinfo = drive_get_by_blockdev(dev->conf.bs);
2125 if (dinfo->media_cd) {
2126 return scsi_cd_initfn(dev);
2128 return scsi_hd_initfn(dev);
2132 static const SCSIReqOps scsi_disk_emulate_reqops = {
2133 .size = sizeof(SCSIDiskReq),
2134 .free_req = scsi_free_request,
2135 .send_command = scsi_disk_emulate_command,
2136 .read_data = scsi_disk_emulate_read_data,
2137 .write_data = scsi_disk_emulate_write_data,
2138 .get_buf = scsi_get_buf,
2141 static const SCSIReqOps scsi_disk_dma_reqops = {
2142 .size = sizeof(SCSIDiskReq),
2143 .free_req = scsi_free_request,
2144 .send_command = scsi_disk_dma_command,
2145 .read_data = scsi_read_data,
2146 .write_data = scsi_write_data,
2147 .cancel_io = scsi_cancel_io,
2148 .get_buf = scsi_get_buf,
2149 .load_request = scsi_disk_load_request,
2150 .save_request = scsi_disk_save_request,
2153 static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = {
2154 [TEST_UNIT_READY] = &scsi_disk_emulate_reqops,
2155 [INQUIRY] = &scsi_disk_emulate_reqops,
2156 [MODE_SENSE] = &scsi_disk_emulate_reqops,
2157 [MODE_SENSE_10] = &scsi_disk_emulate_reqops,
2158 [START_STOP] = &scsi_disk_emulate_reqops,
2159 [ALLOW_MEDIUM_REMOVAL] = &scsi_disk_emulate_reqops,
2160 [READ_CAPACITY_10] = &scsi_disk_emulate_reqops,
2161 [READ_TOC] = &scsi_disk_emulate_reqops,
2162 [READ_DVD_STRUCTURE] = &scsi_disk_emulate_reqops,
2163 [READ_DISC_INFORMATION] = &scsi_disk_emulate_reqops,
2164 [GET_CONFIGURATION] = &scsi_disk_emulate_reqops,
2165 [GET_EVENT_STATUS_NOTIFICATION] = &scsi_disk_emulate_reqops,
2166 [MECHANISM_STATUS] = &scsi_disk_emulate_reqops,
2167 [SERVICE_ACTION_IN_16] = &scsi_disk_emulate_reqops,
2168 [REQUEST_SENSE] = &scsi_disk_emulate_reqops,
2169 [SYNCHRONIZE_CACHE] = &scsi_disk_emulate_reqops,
2170 [SEEK_10] = &scsi_disk_emulate_reqops,
2171 [MODE_SELECT] = &scsi_disk_emulate_reqops,
2172 [MODE_SELECT_10] = &scsi_disk_emulate_reqops,
2173 [UNMAP] = &scsi_disk_emulate_reqops,
2174 [WRITE_SAME_10] = &scsi_disk_emulate_reqops,
2175 [WRITE_SAME_16] = &scsi_disk_emulate_reqops,
2177 [READ_6] = &scsi_disk_dma_reqops,
2178 [READ_10] = &scsi_disk_dma_reqops,
2179 [READ_12] = &scsi_disk_dma_reqops,
2180 [READ_16] = &scsi_disk_dma_reqops,
2181 [VERIFY_10] = &scsi_disk_dma_reqops,
2182 [VERIFY_12] = &scsi_disk_dma_reqops,
2183 [VERIFY_16] = &scsi_disk_dma_reqops,
2184 [WRITE_6] = &scsi_disk_dma_reqops,
2185 [WRITE_10] = &scsi_disk_dma_reqops,
2186 [WRITE_12] = &scsi_disk_dma_reqops,
2187 [WRITE_16] = &scsi_disk_dma_reqops,
2188 [WRITE_VERIFY_10] = &scsi_disk_dma_reqops,
2189 [WRITE_VERIFY_12] = &scsi_disk_dma_reqops,
2190 [WRITE_VERIFY_16] = &scsi_disk_dma_reqops,
2193 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
2194 uint8_t *buf, void *hba_private)
2196 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2198 const SCSIReqOps *ops;
2202 ops = scsi_disk_reqops_dispatch[command];
2204 ops = &scsi_disk_emulate_reqops;
2206 req = scsi_req_alloc(ops, &s->qdev, tag, lun, hba_private);
2209 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
2212 for (i = 1; i < req->cmd.len; i++) {
2213 printf(" 0x%02x", buf[i]);
2223 static int get_device_type(SCSIDiskState *s)
2225 BlockDriverState *bdrv = s->qdev.conf.bs;
2228 uint8_t sensebuf[8];
2229 sg_io_hdr_t io_header;
2232 memset(cmd, 0, sizeof(cmd));
2233 memset(buf, 0, sizeof(buf));
2235 cmd[4] = sizeof(buf);
2237 memset(&io_header, 0, sizeof(io_header));
2238 io_header.interface_id = 'S';
2239 io_header.dxfer_direction = SG_DXFER_FROM_DEV;
2240 io_header.dxfer_len = sizeof(buf);
2241 io_header.dxferp = buf;
2242 io_header.cmdp = cmd;
2243 io_header.cmd_len = sizeof(cmd);
2244 io_header.mx_sb_len = sizeof(sensebuf);
2245 io_header.sbp = sensebuf;
2246 io_header.timeout = 6000; /* XXX */
2248 ret = bdrv_ioctl(bdrv, SG_IO, &io_header);
2249 if (ret < 0 || io_header.driver_status || io_header.host_status) {
2252 s->qdev.type = buf[0];
2253 if (buf[1] & 0x80) {
2254 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2259 static int scsi_block_initfn(SCSIDevice *dev)
2261 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2265 if (!s->qdev.conf.bs) {
2266 error_report("scsi-block: drive property not set");
2270 /* check we are using a driver managing SG_IO (version 3 and after) */
2271 if (bdrv_ioctl(s->qdev.conf.bs, SG_GET_VERSION_NUM, &sg_version) < 0 ||
2272 sg_version < 30000) {
2273 error_report("scsi-block: scsi generic interface too old");
2277 /* get device type from INQUIRY data */
2278 rc = get_device_type(s);
2280 error_report("scsi-block: INQUIRY failed");
2284 /* Make a guess for the block size, we'll fix it when the guest sends.
2285 * READ CAPACITY. If they don't, they likely would assume these sizes
2286 * anyway. (TODO: check in /sys).
2288 if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) {
2289 s->qdev.blocksize = 2048;
2291 s->qdev.blocksize = 512;
2293 return scsi_initfn(&s->qdev);
2296 static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag,
2297 uint32_t lun, uint8_t *buf,
2300 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2314 case WRITE_VERIFY_10:
2315 case WRITE_VERIFY_12:
2316 case WRITE_VERIFY_16:
2317 /* If we are not using O_DIRECT, we might read stale data from the
2318 * host cache if writes were made using other commands than these
2319 * ones (such as WRITE SAME or EXTENDED COPY, etc.). So, without
2320 * O_DIRECT everything must go through SG_IO.
2322 if (bdrv_get_flags(s->qdev.conf.bs) & BDRV_O_NOCACHE) {
2326 /* MMC writing cannot be done via pread/pwrite, because it sometimes
2327 * involves writing beyond the maximum LBA or to negative LBA (lead-in).
2328 * And once you do these writes, reading from the block device is
2329 * unreliable, too. It is even possible that reads deliver random data
2330 * from the host page cache (this is probably a Linux bug).
2332 * We might use scsi_disk_dma_reqops as long as no writing commands are
2333 * seen, but performance usually isn't paramount on optical media. So,
2334 * just make scsi-block operate the same as scsi-generic for them.
2336 if (s->qdev.type != TYPE_ROM) {
2337 return scsi_req_alloc(&scsi_disk_dma_reqops, &s->qdev, tag, lun,
2342 return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun,
2347 #define DEFINE_SCSI_DISK_PROPERTIES() \
2348 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \
2349 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
2350 DEFINE_PROP_STRING("serial", SCSIDiskState, serial), \
2351 DEFINE_PROP_STRING("vendor", SCSIDiskState, vendor), \
2352 DEFINE_PROP_STRING("product", SCSIDiskState, product)
2354 static Property scsi_hd_properties[] = {
2355 DEFINE_SCSI_DISK_PROPERTIES(),
2356 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2357 SCSI_DISK_F_REMOVABLE, false),
2358 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2359 SCSI_DISK_F_DPOFUA, false),
2360 DEFINE_PROP_HEX64("wwn", SCSIDiskState, wwn, 0),
2361 DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState, qdev.conf),
2362 DEFINE_PROP_END_OF_LIST(),
2365 static const VMStateDescription vmstate_scsi_disk_state = {
2366 .name = "scsi-disk",
2368 .minimum_version_id = 1,
2369 .minimum_version_id_old = 1,
2370 .fields = (VMStateField[]) {
2371 VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState),
2372 VMSTATE_BOOL(media_changed, SCSIDiskState),
2373 VMSTATE_BOOL(media_event, SCSIDiskState),
2374 VMSTATE_BOOL(eject_request, SCSIDiskState),
2375 VMSTATE_BOOL(tray_open, SCSIDiskState),
2376 VMSTATE_BOOL(tray_locked, SCSIDiskState),
2377 VMSTATE_END_OF_LIST()
2381 static void scsi_hd_class_initfn(ObjectClass *klass, void *data)
2383 DeviceClass *dc = DEVICE_CLASS(klass);
2384 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2386 sc->init = scsi_hd_initfn;
2387 sc->destroy = scsi_destroy;
2388 sc->alloc_req = scsi_new_request;
2389 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
2390 dc->fw_name = "disk";
2391 dc->desc = "virtual SCSI disk";
2392 dc->reset = scsi_disk_reset;
2393 dc->props = scsi_hd_properties;
2394 dc->vmsd = &vmstate_scsi_disk_state;
2397 static TypeInfo scsi_hd_info = {
2399 .parent = TYPE_SCSI_DEVICE,
2400 .instance_size = sizeof(SCSIDiskState),
2401 .class_init = scsi_hd_class_initfn,
2404 static Property scsi_cd_properties[] = {
2405 DEFINE_SCSI_DISK_PROPERTIES(),
2406 DEFINE_PROP_HEX64("wwn", SCSIDiskState, wwn, 0),
2407 DEFINE_PROP_END_OF_LIST(),
2410 static void scsi_cd_class_initfn(ObjectClass *klass, void *data)
2412 DeviceClass *dc = DEVICE_CLASS(klass);
2413 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2415 sc->init = scsi_cd_initfn;
2416 sc->destroy = scsi_destroy;
2417 sc->alloc_req = scsi_new_request;
2418 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
2419 dc->fw_name = "disk";
2420 dc->desc = "virtual SCSI CD-ROM";
2421 dc->reset = scsi_disk_reset;
2422 dc->props = scsi_cd_properties;
2423 dc->vmsd = &vmstate_scsi_disk_state;
2426 static TypeInfo scsi_cd_info = {
2428 .parent = TYPE_SCSI_DEVICE,
2429 .instance_size = sizeof(SCSIDiskState),
2430 .class_init = scsi_cd_class_initfn,
2434 static Property scsi_block_properties[] = {
2435 DEFINE_PROP_DRIVE("drive", SCSIDiskState, qdev.conf.bs),
2436 DEFINE_PROP_INT32("bootindex", SCSIDiskState, qdev.conf.bootindex, -1),
2437 DEFINE_PROP_END_OF_LIST(),
2440 static void scsi_block_class_initfn(ObjectClass *klass, void *data)
2442 DeviceClass *dc = DEVICE_CLASS(klass);
2443 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2445 sc->init = scsi_block_initfn;
2446 sc->destroy = scsi_destroy;
2447 sc->alloc_req = scsi_block_new_request;
2448 dc->fw_name = "disk";
2449 dc->desc = "SCSI block device passthrough";
2450 dc->reset = scsi_disk_reset;
2451 dc->props = scsi_block_properties;
2452 dc->vmsd = &vmstate_scsi_disk_state;
2455 static TypeInfo scsi_block_info = {
2456 .name = "scsi-block",
2457 .parent = TYPE_SCSI_DEVICE,
2458 .instance_size = sizeof(SCSIDiskState),
2459 .class_init = scsi_block_class_initfn,
2463 static Property scsi_disk_properties[] = {
2464 DEFINE_SCSI_DISK_PROPERTIES(),
2465 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2466 SCSI_DISK_F_REMOVABLE, false),
2467 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2468 SCSI_DISK_F_DPOFUA, false),
2469 DEFINE_PROP_HEX64("wwn", SCSIDiskState, wwn, 0),
2470 DEFINE_PROP_END_OF_LIST(),
2473 static void scsi_disk_class_initfn(ObjectClass *klass, void *data)
2475 DeviceClass *dc = DEVICE_CLASS(klass);
2476 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2478 sc->init = scsi_disk_initfn;
2479 sc->destroy = scsi_destroy;
2480 sc->alloc_req = scsi_new_request;
2481 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
2482 dc->fw_name = "disk";
2483 dc->desc = "virtual SCSI disk or CD-ROM (legacy)";
2484 dc->reset = scsi_disk_reset;
2485 dc->props = scsi_disk_properties;
2486 dc->vmsd = &vmstate_scsi_disk_state;
2489 static TypeInfo scsi_disk_info = {
2490 .name = "scsi-disk",
2491 .parent = TYPE_SCSI_DEVICE,
2492 .instance_size = sizeof(SCSIDiskState),
2493 .class_init = scsi_disk_class_initfn,
2496 static void scsi_disk_register_types(void)
2498 type_register_static(&scsi_hd_info);
2499 type_register_static(&scsi_cd_info);
2501 type_register_static(&scsi_block_info);
2503 type_register_static(&scsi_disk_info);
2506 type_init(scsi_disk_register_types)
projects / qemu.git / blob