2 * SCSI Device emulation
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
7 * Written by Paul Brook
9 * This code is licenced under the LGPL.
11 * Note that this file only handles the SCSI architecture model and device
12 * commands. Emulation of interface/link layer protocols is handled by
13 * the host adapter emulator.
16 #include <qemu-common.h>
21 #define DPRINTF(fmt, args...) \
22 do { printf("scsi-disk: " fmt , ##args); } while (0)
24 #define DPRINTF(fmt, args...) do {} while(0)
27 #define BADF(fmt, args...) \
28 do { fprintf(stderr, "scsi-disk: " fmt , ##args); } while (0)
30 #include "qemu-common.h"
32 #include "scsi-disk.h"
34 #define SENSE_NO_SENSE 0
35 #define SENSE_NOT_READY 2
36 #define SENSE_HARDWARE_ERROR 4
37 #define SENSE_ILLEGAL_REQUEST 5
40 #define STATUS_CHECK_CONDITION 2
42 #define SCSI_DMA_BUF_SIZE 131072
43 #define SCSI_MAX_INQUIRY_LEN 256
45 #define SCSI_REQ_STATUS_RETRY 0x01
47 typedef struct SCSIRequest {
50 /* ??? We should probably keep track of whether the data transfer is
51 a read or a write. Currently we rely on the host getting it right. */
52 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
54 uint32_t sector_count;
55 /* The amounnt of data in the buffer. */
58 BlockDriverAIOCB *aiocb;
59 struct SCSIRequest *next;
63 struct SCSIDeviceState
65 BlockDriverState *bdrv;
66 SCSIRequest *requests;
67 /* The qemu block layer uses a fixed 512 byte sector size.
68 This is the number of 512 byte blocks in a single scsi sector. */
73 /* Completion functions may be called from either scsi_{read,write}_data
74 or from the AIO completion routines. */
75 scsi_completionfn completion;
77 char drive_serial_str[21];
80 /* Global pool of SCSIRequest structures. */
81 static SCSIRequest *free_requests = NULL;
83 static SCSIRequest *scsi_new_request(SCSIDeviceState *s, uint32_t tag)
89 free_requests = r->next;
91 r = qemu_malloc(sizeof(SCSIRequest));
92 r->dma_buf = qemu_memalign(512, SCSI_DMA_BUF_SIZE);
101 r->next = s->requests;
106 static void scsi_remove_request(SCSIRequest *r)
109 SCSIDeviceState *s = r->dev;
111 if (s->requests == r) {
112 s->requests = r->next;
115 while (last && last->next != r)
118 last->next = r->next;
120 BADF("Orphaned request\n");
123 r->next = free_requests;
127 static SCSIRequest *scsi_find_request(SCSIDeviceState *s, uint32_t tag)
132 while (r && r->tag != tag)
138 /* Helper function for command completion. */
139 static void scsi_command_complete(SCSIRequest *r, int status, int sense)
141 SCSIDeviceState *s = r->dev;
143 DPRINTF("Command complete tag=0x%x status=%d sense=%d\n", r->tag, status, sense);
146 scsi_remove_request(r);
147 s->completion(s->opaque, SCSI_REASON_DONE, tag, status);
150 /* Cancel a pending data transfer. */
151 static void scsi_cancel_io(SCSIDevice *d, uint32_t tag)
153 SCSIDeviceState *s = d->state;
155 DPRINTF("Cancel tag=0x%x\n", tag);
156 r = scsi_find_request(s, tag);
159 bdrv_aio_cancel(r->aiocb);
161 scsi_remove_request(r);
165 static void scsi_read_complete(void * opaque, int ret)
167 SCSIRequest *r = (SCSIRequest *)opaque;
168 SCSIDeviceState *s = r->dev;
171 DPRINTF("IO error\n");
172 s->completion(s->opaque, SCSI_REASON_DATA, r->tag, 0);
173 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_NO_SENSE);
176 DPRINTF("Data ready tag=0x%x len=%d\n", r->tag, r->buf_len);
178 s->completion(s->opaque, SCSI_REASON_DATA, r->tag, r->buf_len);
181 /* Read more data from scsi device into buffer. */
182 static void scsi_read_data(SCSIDevice *d, uint32_t tag)
184 SCSIDeviceState *s = d->state;
188 r = scsi_find_request(s, tag);
190 BADF("Bad read tag 0x%x\n", tag);
191 /* ??? This is the wrong error. */
192 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_HARDWARE_ERROR);
195 if (r->sector_count == (uint32_t)-1) {
196 DPRINTF("Read buf_len=%d\n", r->buf_len);
198 s->completion(s->opaque, SCSI_REASON_DATA, r->tag, r->buf_len);
201 DPRINTF("Read sector_count=%d\n", r->sector_count);
202 if (r->sector_count == 0) {
203 scsi_command_complete(r, STATUS_GOOD, SENSE_NO_SENSE);
208 if (n > SCSI_DMA_BUF_SIZE / 512)
209 n = SCSI_DMA_BUF_SIZE / 512;
211 r->buf_len = n * 512;
212 r->aiocb = bdrv_aio_read(s->bdrv, r->sector, r->dma_buf, n,
213 scsi_read_complete, r);
214 if (r->aiocb == NULL)
215 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_HARDWARE_ERROR);
217 r->sector_count -= n;
220 static int scsi_handle_write_error(SCSIRequest *r, int error)
222 BlockInterfaceErrorAction action = drive_get_onerror(r->dev->bdrv);
224 if (action == BLOCK_ERR_IGNORE)
227 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
228 || action == BLOCK_ERR_STOP_ANY) {
229 r->status |= SCSI_REQ_STATUS_RETRY;
232 scsi_command_complete(r, STATUS_CHECK_CONDITION,
233 SENSE_HARDWARE_ERROR);
239 static void scsi_write_complete(void * opaque, int ret)
241 SCSIRequest *r = (SCSIRequest *)opaque;
242 SCSIDeviceState *s = r->dev;
249 if (scsi_handle_write_error(r, -ret))
253 n = r->buf_len / 512;
255 r->sector_count -= n;
256 if (r->sector_count == 0) {
257 scsi_command_complete(r, STATUS_GOOD, SENSE_NO_SENSE);
259 len = r->sector_count * 512;
260 if (len > SCSI_DMA_BUF_SIZE) {
261 len = SCSI_DMA_BUF_SIZE;
264 DPRINTF("Write complete tag=0x%x more=%d\n", r->tag, len);
265 s->completion(s->opaque, SCSI_REASON_DATA, r->tag, len);
269 static void scsi_write_request(SCSIRequest *r)
271 SCSIDeviceState *s = r->dev;
274 n = r->buf_len / 512;
276 r->aiocb = bdrv_aio_write(s->bdrv, r->sector, r->dma_buf, n,
277 scsi_write_complete, r);
278 if (r->aiocb == NULL)
279 scsi_command_complete(r, STATUS_CHECK_CONDITION,
280 SENSE_HARDWARE_ERROR);
282 /* Invoke completion routine to fetch data from host. */
283 scsi_write_complete(r, 0);
287 /* Write data to a scsi device. Returns nonzero on failure.
288 The transfer may complete asynchronously. */
289 static int scsi_write_data(SCSIDevice *d, uint32_t tag)
291 SCSIDeviceState *s = d->state;
294 DPRINTF("Write data tag=0x%x\n", tag);
295 r = scsi_find_request(s, tag);
297 BADF("Bad write tag 0x%x\n", tag);
298 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_HARDWARE_ERROR);
303 BADF("Data transfer already in progress\n");
305 scsi_write_request(r);
310 static void scsi_dma_restart_cb(void *opaque, int running, int reason)
312 SCSIDeviceState *s = opaque;
313 SCSIRequest *r = s->requests;
318 if (r->status & SCSI_REQ_STATUS_RETRY) {
319 r->status &= ~SCSI_REQ_STATUS_RETRY;
320 scsi_write_request(r);
326 /* Return a pointer to the data buffer. */
327 static uint8_t *scsi_get_buf(SCSIDevice *d, uint32_t tag)
329 SCSIDeviceState *s = d->state;
332 r = scsi_find_request(s, tag);
334 BADF("Bad buffer tag 0x%x\n", tag);
340 /* Execute a scsi command. Returns the length of the data expected by the
341 command. This will be Positive for data transfers from the device
342 (eg. disk reads), negative for transfers to the device (eg. disk writes),
343 and zero if the command does not transfer any data. */
345 static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
346 uint8_t *buf, int lun)
348 SCSIDeviceState *s = d->state;
359 r = scsi_find_request(s, tag);
361 BADF("Tag 0x%x already in use\n", tag);
362 scsi_cancel_io(d, tag);
364 /* ??? Tags are not unique for different luns. We only implement a
365 single lun, so this should not matter. */
366 r = scsi_new_request(s, tag);
369 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
370 switch (command >> 5) {
372 lba = (uint64_t) buf[3] | ((uint64_t) buf[2] << 8) |
373 (((uint64_t) buf[1] & 0x1f) << 16);
379 lba = (uint64_t) buf[5] | ((uint64_t) buf[4] << 8) |
380 ((uint64_t) buf[3] << 16) | ((uint64_t) buf[2] << 24);
381 len = buf[8] | (buf[7] << 8);
385 lba = (uint64_t) buf[9] | ((uint64_t) buf[8] << 8) |
386 ((uint64_t) buf[7] << 16) | ((uint64_t) buf[6] << 24) |
387 ((uint64_t) buf[5] << 32) | ((uint64_t) buf[4] << 40) |
388 ((uint64_t) buf[3] << 48) | ((uint64_t) buf[2] << 56);
389 len = buf[13] | (buf[12] << 8) | (buf[11] << 16) | (buf[10] << 24);
393 lba = (uint64_t) buf[5] | ((uint64_t) buf[4] << 8) |
394 ((uint64_t) buf[3] << 16) | ((uint64_t) buf[2] << 24);
395 len = buf[9] | (buf[8] << 8) | (buf[7] << 16) | (buf[6] << 24);
399 BADF("Unsupported command length, command %x\n", command);
405 for (i = 1; i < cmdlen; i++) {
406 printf(" 0x%02x", buf[i]);
411 if (lun || buf[1] >> 5) {
412 /* Only LUN 0 supported. */
413 DPRINTF("Unimplemented LUN %d\n", lun ? lun : buf[1] >> 5);
414 if (command != 0x03 && command != 0x12) /* REQUEST SENSE and INQUIRY */
419 DPRINTF("Test Unit Ready\n");
420 if (!bdrv_is_inserted(s->bdrv))
424 DPRINTF("Request Sense (len %d)\n", len);
427 memset(outbuf, 0, 4);
429 if (s->sense == SENSE_NOT_READY && len >= 18) {
430 memset(outbuf, 0, 18);
433 /* asc 0x3a, ascq 0: Medium not present */
439 outbuf[2] = s->sense;
442 DPRINTF("Inquiry (len %d)\n", len);
444 /* Command support data - optional, not implemented */
445 BADF("optional INQUIRY command support request not implemented\n");
448 else if (buf[1] & 0x1) {
449 /* Vital product data */
450 uint8_t page_code = buf[2];
452 BADF("Error: Inquiry (EVPD[%02X]) buffer size %d is "
453 "less than 4\n", page_code, len);
460 /* Supported page codes, mandatory */
461 DPRINTF("Inquiry EVPD[Supported pages] "
462 "buffer size %d\n", len);
466 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
467 outbuf[r->buf_len++] = 5;
469 outbuf[r->buf_len++] = 0;
472 outbuf[r->buf_len++] = 0x00; // this page
473 outbuf[r->buf_len++] = 0x00;
474 outbuf[r->buf_len++] = 3; // number of pages
475 outbuf[r->buf_len++] = 0x00; // list of supported pages (this page)
476 outbuf[r->buf_len++] = 0x80; // unit serial number
477 outbuf[r->buf_len++] = 0x83; // device identification
484 /* Device serial number, optional */
486 BADF("Error: EVPD[Serial number] Inquiry buffer "
487 "size %d too small, %d needed\n", len, 4);
491 DPRINTF("Inquiry EVPD[Serial number] buffer size %d\n", len);
492 l = MIN(len, strlen(s->drive_serial_str));
496 /* Supported page codes */
497 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
498 outbuf[r->buf_len++] = 5;
500 outbuf[r->buf_len++] = 0;
503 outbuf[r->buf_len++] = 0x80; // this page
504 outbuf[r->buf_len++] = 0x00;
505 outbuf[r->buf_len++] = l;
506 memcpy(&outbuf[r->buf_len], s->drive_serial_str, l);
513 /* Device identification page, mandatory */
514 int max_len = 255 - 8;
515 int id_len = strlen(bdrv_get_device_name(s->bdrv));
516 if (id_len > max_len)
519 DPRINTF("Inquiry EVPD[Device identification] "
520 "buffer size %d\n", len);
522 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
523 outbuf[r->buf_len++] = 5;
525 outbuf[r->buf_len++] = 0;
528 outbuf[r->buf_len++] = 0x83; // this page
529 outbuf[r->buf_len++] = 0x00;
530 outbuf[r->buf_len++] = 3 + id_len;
532 outbuf[r->buf_len++] = 0x2; // ASCII
533 outbuf[r->buf_len++] = 0; // not officially assigned
534 outbuf[r->buf_len++] = 0; // reserved
535 outbuf[r->buf_len++] = id_len; // length of data following
537 memcpy(&outbuf[r->buf_len],
538 bdrv_get_device_name(s->bdrv), id_len);
539 r->buf_len += id_len;
543 BADF("Error: unsupported Inquiry (EVPD[%02X]) "
544 "buffer size %d\n", page_code, len);
551 /* Standard INQUIRY data */
553 BADF("Error: Inquiry (STANDARD) page or code "
554 "is non-zero [%02X]\n", buf[2]);
560 BADF("Error: Inquiry (STANDARD) buffer size %d "
561 "is less than 5\n", len);
566 BADF("Error: Inquiry (STANDARD) buffer size %d "
567 "is less than 36 (TODO: only 5 required)\n", len);
571 if(len > SCSI_MAX_INQUIRY_LEN)
572 len = SCSI_MAX_INQUIRY_LEN;
574 memset(outbuf, 0, len);
576 if (lun || buf[1] >> 5) {
577 outbuf[0] = 0x7f; /* LUN not supported */
578 } else if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
581 memcpy(&outbuf[16], "QEMU CD-ROM ", 16);
584 memcpy(&outbuf[16], "QEMU HARDDISK ", 16);
586 memcpy(&outbuf[8], "QEMU ", 8);
587 memcpy(&outbuf[32], QEMU_VERSION, 4);
588 /* Identify device as SCSI-3 rev 1.
589 Some later commands are also implemented. */
591 outbuf[3] = 2; /* Format 2 */
592 outbuf[4] = len - 5; /* Additional Length = (Len - 1) - 4 */
593 /* Sync data transfer and TCQ. */
594 outbuf[7] = 0x10 | (s->tcq ? 0x02 : 0);
598 DPRINTF("Reserve(6)\n");
603 DPRINTF("Release(6)\n");
613 page = buf[2] & 0x3f;
614 DPRINTF("Mode Sense (page %d, len %d)\n", page, len);
617 outbuf[1] = 0; /* Default media type. */
618 outbuf[3] = 0; /* Block descriptor length. */
619 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
620 outbuf[2] = 0x80; /* Readonly. */
624 int cylinders, heads, secs;
626 /* Rigid disk device geometry page. */
629 /* if a geometry hint is available, use it */
630 bdrv_get_geometry_hint(s->bdrv, &cylinders, &heads, &secs);
631 p[2] = (cylinders >> 16) & 0xff;
632 p[3] = (cylinders >> 8) & 0xff;
633 p[4] = cylinders & 0xff;
635 /* Write precomp start cylinder, disabled */
636 p[6] = (cylinders >> 16) & 0xff;
637 p[7] = (cylinders >> 8) & 0xff;
638 p[8] = cylinders & 0xff;
639 /* Reduced current start cylinder, disabled */
640 p[9] = (cylinders >> 16) & 0xff;
641 p[10] = (cylinders >> 8) & 0xff;
642 p[11] = cylinders & 0xff;
643 /* Device step rate [ns], 200ns */
646 /* Landing zone cylinder */
650 /* Medium rotation rate [rpm], 5400 rpm */
651 p[20] = (5400 >> 8) & 0xff;
654 } else if (page == 5) {
655 int cylinders, heads, secs;
657 /* Flexible disk device geometry page. */
660 /* Transfer rate [kbit/s], 5Mbit/s */
663 /* if a geometry hint is available, use it */
664 bdrv_get_geometry_hint(s->bdrv, &cylinders, &heads, &secs);
667 p[6] = s->cluster_size * 2;
668 p[8] = (cylinders >> 8) & 0xff;
669 p[9] = cylinders & 0xff;
670 /* Write precomp start cylinder, disabled */
671 p[10] = (cylinders >> 8) & 0xff;
672 p[11] = cylinders & 0xff;
673 /* Reduced current start cylinder, disabled */
674 p[12] = (cylinders >> 8) & 0xff;
675 p[13] = cylinders & 0xff;
676 /* Device step rate [100us], 100us */
679 /* Device step pulse width [us], 1us */
681 /* Device head settle delay [100us], 100us */
684 /* Motor on delay [0.1s], 0.1s */
686 /* Motor off delay [0.1s], 0.1s */
688 /* Medium rotation rate [rpm], 5400 rpm */
689 p[28] = (5400 >> 8) & 0xff;
692 } else if ((page == 8 || page == 0x3f)) {
700 if ((page == 0x3f || page == 0x2a)
701 && (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM)) {
702 /* CD Capabilities and Mechanical Status page. */
705 p[2] = 3; // CD-R & CD-RW read
706 p[3] = 0; // Writing not supported
707 p[4] = 0x7f; /* Audio, composite, digital out,
708 mode 2 form 1&2, multi session */
709 p[5] = 0xff; /* CD DA, DA accurate, RW supported,
710 RW corrected, C2 errors, ISRC,
712 p[6] = 0x2d | (bdrv_is_locked(s->bdrv)? 2 : 0);
713 /* Locking supported, jumper present, eject, tray */
714 p[7] = 0; /* no volume & mute control, no
716 p[8] = (50 * 176) >> 8; // 50x read speed
717 p[9] = (50 * 176) & 0xff;
718 p[10] = 0 >> 8; // No volume
720 p[12] = 2048 >> 8; // 2M buffer
722 p[14] = (16 * 176) >> 8; // 16x read speed current
723 p[15] = (16 * 176) & 0xff;
724 p[18] = (16 * 176) >> 8; // 16x write speed
725 p[19] = (16 * 176) & 0xff;
726 p[20] = (16 * 176) >> 8; // 16x write speed current
727 p[21] = (16 * 176) & 0xff;
730 r->buf_len = p - outbuf;
731 outbuf[0] = r->buf_len - 4;
732 if (r->buf_len > len)
737 DPRINTF("Start Stop Unit\n");
738 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM &&
740 /* load/eject medium */
741 bdrv_eject(s->bdrv, !(buf[4] & 1));
744 DPRINTF("Prevent Allow Medium Removal (prevent = %d)\n", buf[4] & 3);
745 bdrv_set_locked(s->bdrv, buf[4] & 1);
748 DPRINTF("Read Capacity\n");
749 /* The normal LEN field for this command is zero. */
750 memset(outbuf, 0, 8);
751 bdrv_get_geometry(s->bdrv, &nb_sectors);
752 nb_sectors /= s->cluster_size;
753 /* Returned value is the address of the last sector. */
756 /* Remember the new size for read/write sanity checking. */
757 s->max_lba = nb_sectors;
758 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
759 if (nb_sectors > UINT32_MAX)
760 nb_sectors = UINT32_MAX;
761 outbuf[0] = (nb_sectors >> 24) & 0xff;
762 outbuf[1] = (nb_sectors >> 16) & 0xff;
763 outbuf[2] = (nb_sectors >> 8) & 0xff;
764 outbuf[3] = nb_sectors & 0xff;
767 outbuf[6] = s->cluster_size * 2;
772 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_NOT_READY);
779 DPRINTF("Read (sector %lld, count %d)\n", lba, len);
780 if (lba > s->max_lba)
782 r->sector = lba * s->cluster_size;
783 r->sector_count = len * s->cluster_size;
788 DPRINTF("Write (sector %lld, count %d)\n", lba, len);
789 if (lba > s->max_lba)
791 r->sector = lba * s->cluster_size;
792 r->sector_count = len * s->cluster_size;
796 DPRINTF("Synchronise cache (sector %d, count %d)\n", lba, len);
801 int start_track, format, msf, toclen;
804 format = buf[2] & 0xf;
805 start_track = buf[6];
806 bdrv_get_geometry(s->bdrv, &nb_sectors);
807 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
808 nb_sectors /= s->cluster_size;
811 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
814 /* multi session : only a single session defined */
816 memset(outbuf, 0, 12);
822 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
834 DPRINTF("Read TOC error\n");
838 DPRINTF("Get Configuration (rt %d, maxlen %d)\n", buf[1] & 3, len);
839 memset(outbuf, 0, 8);
840 /* ??? This should probably return much more information. For now
841 just return the basic header indicating the CD-ROM profile. */
842 outbuf[7] = 8; // CD-ROM
846 DPRINTF("Reserve(10)\n");
851 DPRINTF("Release(10)\n");
856 /* Service Action In subcommands. */
857 if ((buf[1] & 31) == 0x10) {
858 DPRINTF("SAI READ CAPACITY(16)\n");
859 memset(outbuf, 0, len);
860 bdrv_get_geometry(s->bdrv, &nb_sectors);
861 nb_sectors /= s->cluster_size;
862 /* Returned value is the address of the last sector. */
865 /* Remember the new size for read/write sanity checking. */
866 s->max_lba = nb_sectors;
867 outbuf[0] = (nb_sectors >> 56) & 0xff;
868 outbuf[1] = (nb_sectors >> 48) & 0xff;
869 outbuf[2] = (nb_sectors >> 40) & 0xff;
870 outbuf[3] = (nb_sectors >> 32) & 0xff;
871 outbuf[4] = (nb_sectors >> 24) & 0xff;
872 outbuf[5] = (nb_sectors >> 16) & 0xff;
873 outbuf[6] = (nb_sectors >> 8) & 0xff;
874 outbuf[7] = nb_sectors & 0xff;
877 outbuf[10] = s->cluster_size * 2;
879 /* Protection, exponent and lowest lba field left blank. */
882 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_NOT_READY);
887 DPRINTF("Unsupported Service Action In\n");
890 DPRINTF("Report LUNs (len %d)\n", len);
893 memset(outbuf, 0, 16);
898 DPRINTF("Verify (sector %d, count %d)\n", lba, len);
901 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
903 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_ILLEGAL_REQUEST);
906 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_HARDWARE_ERROR);
909 if (r->sector_count == 0 && r->buf_len == 0) {
910 scsi_command_complete(r, STATUS_GOOD, SENSE_NO_SENSE);
912 len = r->sector_count * 512 + r->buf_len;
916 if (!r->sector_count)
917 r->sector_count = -1;
922 static void scsi_destroy(SCSIDevice *d)
928 SCSIDevice *scsi_disk_init(BlockDriverState *bdrv, int tcq,
929 scsi_completionfn completion, void *opaque)
935 s = (SCSIDeviceState *)qemu_mallocz(sizeof(SCSIDeviceState));
938 s->completion = completion;
940 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
945 bdrv_get_geometry(s->bdrv, &nb_sectors);
946 nb_sectors /= s->cluster_size;
949 s->max_lba = nb_sectors;
950 strncpy(s->drive_serial_str, drive_get_serial(s->bdrv),
951 sizeof(s->drive_serial_str));
952 if (strlen(s->drive_serial_str) == 0)
953 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), "0");
954 qemu_add_vm_change_state_handler(scsi_dma_restart_cb, s);
955 d = (SCSIDevice *)qemu_mallocz(sizeof(SCSIDevice));
957 d->destroy = scsi_destroy;
958 d->send_command = scsi_send_command;
959 d->read_data = scsi_read_data;
960 d->write_data = scsi_write_data;
961 d->cancel_io = scsi_cancel_io;
962 d->get_buf = scsi_get_buf;
projects / qemu.git / blob