2 * SCSI Device emulation
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
7 * Written by Paul Brook
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
15 * This code is licensed under the LGPL.
17 * Note that this file only handles the SCSI architecture model and device
18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
25 #define DPRINTF(fmt, ...) \
26 do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
28 #define DPRINTF(fmt, ...) do {} while(0)
31 #include "qemu-common.h"
32 #include "qemu-error.h"
34 #include "scsi-defs.h"
37 #include "hw/block-common.h"
44 #define SCSI_DMA_BUF_SIZE 131072
45 #define SCSI_MAX_INQUIRY_LEN 256
46 #define SCSI_MAX_MODE_LEN 256
48 typedef struct SCSIDiskState SCSIDiskState;
50 typedef struct SCSIDiskReq {
52 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
54 uint32_t sector_count;
62 #define SCSI_DISK_F_REMOVABLE 0
63 #define SCSI_DISK_F_DPOFUA 1
82 static int scsi_handle_rw_error(SCSIDiskReq *r, int error);
84 static void scsi_free_request(SCSIRequest *req)
86 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
88 if (r->iov.iov_base) {
89 qemu_vfree(r->iov.iov_base);
93 /* Helper function for command completion with sense. */
94 static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
96 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n",
97 r->req.tag, sense.key, sense.asc, sense.ascq);
98 scsi_req_build_sense(&r->req, sense);
99 scsi_req_complete(&r->req, CHECK_CONDITION);
102 /* Cancel a pending data transfer. */
103 static void scsi_cancel_io(SCSIRequest *req)
105 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
107 DPRINTF("Cancel tag=0x%x\n", req->tag);
109 bdrv_aio_cancel(r->req.aiocb);
111 /* This reference was left in by scsi_*_data. We take ownership of
112 * it the moment scsi_req_cancel is called, independent of whether
113 * bdrv_aio_cancel completes the request or not. */
114 scsi_req_unref(&r->req);
119 static uint32_t scsi_init_iovec(SCSIDiskReq *r, size_t size)
121 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
123 if (!r->iov.iov_base) {
125 r->iov.iov_base = qemu_blockalign(s->qdev.conf.bs, r->buflen);
127 r->iov.iov_len = MIN(r->sector_count * 512, r->buflen);
128 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
129 return r->qiov.size / 512;
132 static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req)
134 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
136 qemu_put_be64s(f, &r->sector);
137 qemu_put_be32s(f, &r->sector_count);
138 qemu_put_be32s(f, &r->buflen);
140 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
141 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
142 } else if (!req->retry) {
143 uint32_t len = r->iov.iov_len;
144 qemu_put_be32s(f, &len);
145 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
150 static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req)
152 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
154 qemu_get_be64s(f, &r->sector);
155 qemu_get_be32s(f, &r->sector_count);
156 qemu_get_be32s(f, &r->buflen);
158 scsi_init_iovec(r, r->buflen);
159 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
160 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
161 } else if (!r->req.retry) {
163 qemu_get_be32s(f, &len);
164 r->iov.iov_len = len;
165 assert(r->iov.iov_len <= r->buflen);
166 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
170 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
173 static void scsi_aio_complete(void *opaque, int ret)
175 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
176 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
178 assert(r->req.aiocb != NULL);
180 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
183 if (scsi_handle_rw_error(r, -ret)) {
188 scsi_req_complete(&r->req, GOOD);
191 if (!r->req.io_canceled) {
192 scsi_req_unref(&r->req);
196 static bool scsi_is_cmd_fua(SCSICommand *cmd)
198 switch (cmd->buf[0]) {
205 return (cmd->buf[1] & 8) != 0;
210 case WRITE_VERIFY_10:
211 case WRITE_VERIFY_12:
212 case WRITE_VERIFY_16:
222 static void scsi_write_do_fua(SCSIDiskReq *r)
224 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
226 if (scsi_is_cmd_fua(&r->req.cmd)) {
227 bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH);
228 r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_aio_complete, r);
232 scsi_req_complete(&r->req, GOOD);
233 if (!r->req.io_canceled) {
234 scsi_req_unref(&r->req);
238 static void scsi_dma_complete(void *opaque, int ret)
240 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
241 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
243 assert(r->req.aiocb != NULL);
245 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
248 if (scsi_handle_rw_error(r, -ret)) {
253 r->sector += r->sector_count;
255 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
256 scsi_write_do_fua(r);
259 scsi_req_complete(&r->req, GOOD);
263 if (!r->req.io_canceled) {
264 scsi_req_unref(&r->req);
268 static void scsi_read_complete(void * opaque, int ret)
270 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
271 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
274 assert(r->req.aiocb != NULL);
276 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
279 if (scsi_handle_rw_error(r, -ret)) {
284 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->qiov.size);
286 n = r->qiov.size / 512;
288 r->sector_count -= n;
289 scsi_req_data(&r->req, r->qiov.size);
292 if (!r->req.io_canceled) {
293 scsi_req_unref(&r->req);
297 /* Actually issue a read to the block device. */
298 static void scsi_do_read(void *opaque, int ret)
300 SCSIDiskReq *r = opaque;
301 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
304 if (r->req.aiocb != NULL) {
306 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
310 if (scsi_handle_rw_error(r, -ret)) {
315 if (r->req.io_canceled) {
319 /* The request is used as the AIO opaque value, so add a ref. */
320 scsi_req_ref(&r->req);
323 dma_acct_start(s->qdev.conf.bs, &r->acct, r->req.sg, BDRV_ACCT_READ);
324 r->req.resid -= r->req.sg->size;
325 r->req.aiocb = dma_bdrv_read(s->qdev.conf.bs, r->req.sg, r->sector,
326 scsi_dma_complete, r);
328 n = scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
329 bdrv_acct_start(s->qdev.conf.bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
330 r->req.aiocb = bdrv_aio_readv(s->qdev.conf.bs, r->sector, &r->qiov, n,
331 scsi_read_complete, r);
335 if (!r->req.io_canceled) {
336 scsi_req_unref(&r->req);
340 /* Read more data from scsi device into buffer. */
341 static void scsi_read_data(SCSIRequest *req)
343 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
344 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
347 DPRINTF("Read sector_count=%d\n", r->sector_count);
348 if (r->sector_count == 0) {
349 /* This also clears the sense buffer for REQUEST SENSE. */
350 scsi_req_complete(&r->req, GOOD);
354 /* No data transfer may already be in progress */
355 assert(r->req.aiocb == NULL);
357 /* The request is used as the AIO opaque value, so add a ref. */
358 scsi_req_ref(&r->req);
359 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
360 DPRINTF("Data transfer direction invalid\n");
361 scsi_read_complete(r, -EINVAL);
366 scsi_read_complete(r, -ENOMEDIUM);
372 if (first && scsi_is_cmd_fua(&r->req.cmd)) {
373 bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH);
374 r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_do_read, r);
381 * scsi_handle_rw_error has two return values. 0 means that the error
382 * must be ignored, 1 means that the error has been processed and the
383 * caller should not do anything else for this request. Note that
384 * scsi_handle_rw_error always manages its reference counts, independent
385 * of the return value.
387 static int scsi_handle_rw_error(SCSIDiskReq *r, int error)
389 bool is_read = (r->req.cmd.xfer == SCSI_XFER_FROM_DEV);
390 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
391 BlockErrorAction action = bdrv_get_error_action(s->qdev.conf.bs, is_read, error);
393 if (action == BDRV_ACTION_REPORT) {
396 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
399 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
402 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
405 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
409 bdrv_error_action(s->qdev.conf.bs, action, is_read, error);
410 if (action == BDRV_ACTION_STOP) {
411 scsi_req_retry(&r->req);
413 return action != BDRV_ACTION_IGNORE;
416 static void scsi_write_complete(void * opaque, int ret)
418 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
419 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
422 if (r->req.aiocb != NULL) {
424 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
428 if (scsi_handle_rw_error(r, -ret)) {
433 n = r->qiov.size / 512;
435 r->sector_count -= n;
436 if (r->sector_count == 0) {
437 scsi_write_do_fua(r);
440 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
441 DPRINTF("Write complete tag=0x%x more=%zd\n", r->req.tag, r->qiov.size);
442 scsi_req_data(&r->req, r->qiov.size);
446 if (!r->req.io_canceled) {
447 scsi_req_unref(&r->req);
451 static void scsi_write_data(SCSIRequest *req)
453 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
454 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
457 /* No data transfer may already be in progress */
458 assert(r->req.aiocb == NULL);
460 /* The request is used as the AIO opaque value, so add a ref. */
461 scsi_req_ref(&r->req);
462 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
463 DPRINTF("Data transfer direction invalid\n");
464 scsi_write_complete(r, -EINVAL);
468 if (!r->req.sg && !r->qiov.size) {
469 /* Called for the first time. Ask the driver to send us more data. */
471 scsi_write_complete(r, 0);
475 scsi_write_complete(r, -ENOMEDIUM);
479 if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 ||
480 r->req.cmd.buf[0] == VERIFY_16) {
482 scsi_dma_complete(r, 0);
484 scsi_write_complete(r, 0);
490 dma_acct_start(s->qdev.conf.bs, &r->acct, r->req.sg, BDRV_ACCT_WRITE);
491 r->req.resid -= r->req.sg->size;
492 r->req.aiocb = dma_bdrv_write(s->qdev.conf.bs, r->req.sg, r->sector,
493 scsi_dma_complete, r);
495 n = r->qiov.size / 512;
496 bdrv_acct_start(s->qdev.conf.bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_WRITE);
497 r->req.aiocb = bdrv_aio_writev(s->qdev.conf.bs, r->sector, &r->qiov, n,
498 scsi_write_complete, r);
502 /* Return a pointer to the data buffer. */
503 static uint8_t *scsi_get_buf(SCSIRequest *req)
505 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
507 return (uint8_t *)r->iov.iov_base;
510 static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
512 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
516 if (req->cmd.buf[1] & 0x1) {
517 /* Vital product data */
518 uint8_t page_code = req->cmd.buf[2];
520 outbuf[buflen++] = s->qdev.type & 0x1f;
521 outbuf[buflen++] = page_code ; // this page
522 outbuf[buflen++] = 0x00;
523 outbuf[buflen++] = 0x00;
527 case 0x00: /* Supported page codes, mandatory */
529 DPRINTF("Inquiry EVPD[Supported pages] "
530 "buffer size %zd\n", req->cmd.xfer);
531 outbuf[buflen++] = 0x00; // list of supported pages (this page)
533 outbuf[buflen++] = 0x80; // unit serial number
535 outbuf[buflen++] = 0x83; // device identification
536 if (s->qdev.type == TYPE_DISK) {
537 outbuf[buflen++] = 0xb0; // block limits
538 outbuf[buflen++] = 0xb2; // thin provisioning
542 case 0x80: /* Device serial number, optional */
547 DPRINTF("Inquiry (EVPD[Serial number] not supported\n");
551 l = strlen(s->serial);
556 DPRINTF("Inquiry EVPD[Serial number] "
557 "buffer size %zd\n", req->cmd.xfer);
558 memcpy(outbuf+buflen, s->serial, l);
563 case 0x83: /* Device identification page, mandatory */
565 const char *str = s->serial ?: bdrv_get_device_name(s->qdev.conf.bs);
566 int max_len = s->serial ? 20 : 255 - 8;
567 int id_len = strlen(str);
569 if (id_len > max_len) {
572 DPRINTF("Inquiry EVPD[Device identification] "
573 "buffer size %zd\n", req->cmd.xfer);
575 outbuf[buflen++] = 0x2; // ASCII
576 outbuf[buflen++] = 0; // not officially assigned
577 outbuf[buflen++] = 0; // reserved
578 outbuf[buflen++] = id_len; // length of data following
579 memcpy(outbuf+buflen, str, id_len);
583 outbuf[buflen++] = 0x1; // Binary
584 outbuf[buflen++] = 0x3; // NAA
585 outbuf[buflen++] = 0; // reserved
586 outbuf[buflen++] = 8;
587 stq_be_p(&outbuf[buflen], s->wwn);
592 case 0xb0: /* block limits */
594 unsigned int unmap_sectors =
595 s->qdev.conf.discard_granularity / s->qdev.blocksize;
596 unsigned int min_io_size =
597 s->qdev.conf.min_io_size / s->qdev.blocksize;
598 unsigned int opt_io_size =
599 s->qdev.conf.opt_io_size / s->qdev.blocksize;
601 if (s->qdev.type == TYPE_ROM) {
602 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
606 /* required VPD size with unmap support */
608 memset(outbuf + 4, 0, buflen - 4);
610 /* optimal transfer length granularity */
611 outbuf[6] = (min_io_size >> 8) & 0xff;
612 outbuf[7] = min_io_size & 0xff;
614 /* optimal transfer length */
615 outbuf[12] = (opt_io_size >> 24) & 0xff;
616 outbuf[13] = (opt_io_size >> 16) & 0xff;
617 outbuf[14] = (opt_io_size >> 8) & 0xff;
618 outbuf[15] = opt_io_size & 0xff;
620 /* optimal unmap granularity */
621 outbuf[28] = (unmap_sectors >> 24) & 0xff;
622 outbuf[29] = (unmap_sectors >> 16) & 0xff;
623 outbuf[30] = (unmap_sectors >> 8) & 0xff;
624 outbuf[31] = unmap_sectors & 0xff;
627 case 0xb2: /* thin provisioning */
631 outbuf[5] = 0xe0; /* unmap & write_same 10/16 all supported */
632 outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1;
640 assert(buflen - start <= 255);
641 outbuf[start - 1] = buflen - start;
645 /* Standard INQUIRY data */
646 if (req->cmd.buf[2] != 0) {
651 buflen = req->cmd.xfer;
652 if (buflen > SCSI_MAX_INQUIRY_LEN) {
653 buflen = SCSI_MAX_INQUIRY_LEN;
655 memset(outbuf, 0, buflen);
657 outbuf[0] = s->qdev.type & 0x1f;
658 outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0;
660 strpadcpy((char *) &outbuf[16], 16, s->product, ' ');
661 strpadcpy((char *) &outbuf[8], 8, s->vendor, ' ');
663 memset(&outbuf[32], 0, 4);
664 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
666 * We claim conformance to SPC-3, which is required for guests
667 * to ask for modern features like READ CAPACITY(16) or the
668 * block characteristics VPD page by default. Not all of SPC-3
669 * is actually implemented, but we're good enough.
672 outbuf[3] = 2 | 0x10; /* Format 2, HiSup */
675 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
677 /* If the allocation length of CDB is too small,
678 the additional length is not adjusted */
682 /* Sync data transfer and TCQ. */
683 outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0);
687 static inline bool media_is_dvd(SCSIDiskState *s)
690 if (s->qdev.type != TYPE_ROM) {
693 if (!bdrv_is_inserted(s->qdev.conf.bs)) {
696 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
697 return nb_sectors > CD_MAX_SECTORS;
700 static inline bool media_is_cd(SCSIDiskState *s)
703 if (s->qdev.type != TYPE_ROM) {
706 if (!bdrv_is_inserted(s->qdev.conf.bs)) {
709 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
710 return nb_sectors <= CD_MAX_SECTORS;
713 static int scsi_read_disc_information(SCSIDiskState *s, SCSIDiskReq *r,
716 uint8_t type = r->req.cmd.buf[1] & 7;
718 if (s->qdev.type != TYPE_ROM) {
722 /* Types 1/2 are only defined for Blu-Ray. */
724 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
728 memset(outbuf, 0, 34);
730 outbuf[2] = 0xe; /* last session complete, disc finalized */
731 outbuf[3] = 1; /* first track on disc */
732 outbuf[4] = 1; /* # of sessions */
733 outbuf[5] = 1; /* first track of last session */
734 outbuf[6] = 1; /* last track of last session */
735 outbuf[7] = 0x20; /* unrestricted use */
736 outbuf[8] = 0x00; /* CD-ROM or DVD-ROM */
737 /* 9-10-11: most significant byte corresponding bytes 4-5-6 */
738 /* 12-23: not meaningful for CD-ROM or DVD-ROM */
739 /* 24-31: disc bar code */
740 /* 32: disc application code */
741 /* 33: number of OPC tables */
746 static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r,
749 static const int rds_caps_size[5] = {
756 uint8_t media = r->req.cmd.buf[1];
757 uint8_t layer = r->req.cmd.buf[6];
758 uint8_t format = r->req.cmd.buf[7];
761 if (s->qdev.type != TYPE_ROM) {
765 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
769 if (format != 0xff) {
770 if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) {
771 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
774 if (media_is_cd(s)) {
775 scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT));
778 if (format >= ARRAY_SIZE(rds_caps_size)) {
781 size = rds_caps_size[format];
782 memset(outbuf, 0, size);
787 /* Physical format information */
792 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
794 outbuf[4] = 1; /* DVD-ROM, part version 1 */
795 outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
796 outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
797 outbuf[7] = 0; /* default densities */
799 stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */
800 stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */
804 case 0x01: /* DVD copyright information, all zeros */
807 case 0x03: /* BCA information - invalid field for no BCA info */
810 case 0x04: /* DVD disc manufacturing information, all zeros */
813 case 0xff: { /* List capabilities */
816 for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) {
817 if (!rds_caps_size[i]) {
821 outbuf[size + 1] = 0x40; /* Not writable, readable */
822 stw_be_p(&outbuf[size + 2], rds_caps_size[i]);
832 /* Size of buffer, not including 2 byte size field */
833 stw_be_p(outbuf, size - 2);
840 static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf)
842 uint8_t event_code, media_status;
846 media_status = MS_TRAY_OPEN;
847 } else if (bdrv_is_inserted(s->qdev.conf.bs)) {
848 media_status = MS_MEDIA_PRESENT;
851 /* Event notification descriptor */
852 event_code = MEC_NO_CHANGE;
853 if (media_status != MS_TRAY_OPEN) {
854 if (s->media_event) {
855 event_code = MEC_NEW_MEDIA;
856 s->media_event = false;
857 } else if (s->eject_request) {
858 event_code = MEC_EJECT_REQUESTED;
859 s->eject_request = false;
863 outbuf[0] = event_code;
864 outbuf[1] = media_status;
866 /* These fields are reserved, just clear them. */
872 static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r,
876 uint8_t *buf = r->req.cmd.buf;
877 uint8_t notification_class_request = buf[4];
878 if (s->qdev.type != TYPE_ROM) {
881 if ((buf[1] & 1) == 0) {
887 outbuf[0] = outbuf[1] = 0;
888 outbuf[3] = 1 << GESN_MEDIA; /* supported events */
889 if (notification_class_request & (1 << GESN_MEDIA)) {
890 outbuf[2] = GESN_MEDIA;
891 size += scsi_event_status_media(s, &outbuf[size]);
895 stw_be_p(outbuf, size - 4);
899 static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf)
903 if (s->qdev.type != TYPE_ROM) {
906 current = media_is_dvd(s) ? MMC_PROFILE_DVD_ROM : MMC_PROFILE_CD_ROM;
907 memset(outbuf, 0, 40);
908 stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */
909 stw_be_p(&outbuf[6], current);
910 /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */
911 outbuf[10] = 0x03; /* persistent, current */
912 outbuf[11] = 8; /* two profiles */
913 stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM);
914 outbuf[14] = (current == MMC_PROFILE_DVD_ROM);
915 stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM);
916 outbuf[18] = (current == MMC_PROFILE_CD_ROM);
917 /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */
918 stw_be_p(&outbuf[20], 1);
919 outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */
921 stl_be_p(&outbuf[24], 1); /* SCSI */
922 outbuf[28] = 1; /* DBE = 1, mandatory */
923 /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */
924 stw_be_p(&outbuf[32], 3);
925 outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */
927 outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */
928 /* TODO: Random readable, CD read, DVD read, drive serial number,
933 static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf)
935 if (s->qdev.type != TYPE_ROM) {
938 memset(outbuf, 0, 8);
939 outbuf[5] = 1; /* CD-ROM */
943 static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
946 static const int mode_sense_valid[0x3f] = {
947 [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK),
948 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK),
949 [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
950 [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
951 [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM),
952 [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM),
955 uint8_t *p = *p_outbuf + 2;
958 if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) {
963 * If Changeable Values are requested, a mask denoting those mode parameters
964 * that are changeable shall be returned. As we currently don't support
965 * parameter changes via MODE_SELECT all bits are returned set to zero.
966 * The buffer was already menset to zero by the caller of this function.
968 * The offsets here are off by two compared to the descriptions in the
969 * SCSI specs, because those include a 2-byte header. This is unfortunate,
970 * but it is done so that offsets are consistent within our implementation
971 * of MODE SENSE and MODE SELECT. MODE SELECT has to deal with both
972 * 2-byte and 4-byte headers.
975 case MODE_PAGE_HD_GEOMETRY:
977 if (page_control == 1) { /* Changeable Values */
980 /* if a geometry hint is available, use it */
981 p[0] = (s->qdev.conf.cyls >> 16) & 0xff;
982 p[1] = (s->qdev.conf.cyls >> 8) & 0xff;
983 p[2] = s->qdev.conf.cyls & 0xff;
984 p[3] = s->qdev.conf.heads & 0xff;
985 /* Write precomp start cylinder, disabled */
986 p[4] = (s->qdev.conf.cyls >> 16) & 0xff;
987 p[5] = (s->qdev.conf.cyls >> 8) & 0xff;
988 p[6] = s->qdev.conf.cyls & 0xff;
989 /* Reduced current start cylinder, disabled */
990 p[7] = (s->qdev.conf.cyls >> 16) & 0xff;
991 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
992 p[9] = s->qdev.conf.cyls & 0xff;
993 /* Device step rate [ns], 200ns */
996 /* Landing zone cylinder */
1000 /* Medium rotation rate [rpm], 5400 rpm */
1001 p[18] = (5400 >> 8) & 0xff;
1002 p[19] = 5400 & 0xff;
1005 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY:
1007 if (page_control == 1) { /* Changeable Values */
1010 /* Transfer rate [kbit/s], 5Mbit/s */
1013 /* if a geometry hint is available, use it */
1014 p[2] = s->qdev.conf.heads & 0xff;
1015 p[3] = s->qdev.conf.secs & 0xff;
1016 p[4] = s->qdev.blocksize >> 8;
1017 p[6] = (s->qdev.conf.cyls >> 8) & 0xff;
1018 p[7] = s->qdev.conf.cyls & 0xff;
1019 /* Write precomp start cylinder, disabled */
1020 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1021 p[9] = s->qdev.conf.cyls & 0xff;
1022 /* Reduced current start cylinder, disabled */
1023 p[10] = (s->qdev.conf.cyls >> 8) & 0xff;
1024 p[11] = s->qdev.conf.cyls & 0xff;
1025 /* Device step rate [100us], 100us */
1028 /* Device step pulse width [us], 1us */
1030 /* Device head settle delay [100us], 100us */
1033 /* Motor on delay [0.1s], 0.1s */
1035 /* Motor off delay [0.1s], 0.1s */
1037 /* Medium rotation rate [rpm], 5400 rpm */
1038 p[26] = (5400 >> 8) & 0xff;
1039 p[27] = 5400 & 0xff;
1042 case MODE_PAGE_CACHING:
1044 if (page_control == 1 || /* Changeable Values */
1045 bdrv_enable_write_cache(s->qdev.conf.bs)) {
1050 case MODE_PAGE_R_W_ERROR:
1052 if (page_control == 1) { /* Changeable Values */
1055 p[0] = 0x80; /* Automatic Write Reallocation Enabled */
1056 if (s->qdev.type == TYPE_ROM) {
1057 p[1] = 0x20; /* Read Retry Count */
1061 case MODE_PAGE_AUDIO_CTL:
1065 case MODE_PAGE_CAPABILITIES:
1067 if (page_control == 1) { /* Changeable Values */
1071 p[0] = 0x3b; /* CD-R & CD-RW read */
1072 p[1] = 0; /* Writing not supported */
1073 p[2] = 0x7f; /* Audio, composite, digital out,
1074 mode 2 form 1&2, multi session */
1075 p[3] = 0xff; /* CD DA, DA accurate, RW supported,
1076 RW corrected, C2 errors, ISRC,
1078 p[4] = 0x2d | (s->tray_locked ? 2 : 0);
1079 /* Locking supported, jumper present, eject, tray */
1080 p[5] = 0; /* no volume & mute control, no
1082 p[6] = (50 * 176) >> 8; /* 50x read speed */
1083 p[7] = (50 * 176) & 0xff;
1084 p[8] = 2 >> 8; /* Two volume levels */
1086 p[10] = 2048 >> 8; /* 2M buffer */
1087 p[11] = 2048 & 0xff;
1088 p[12] = (16 * 176) >> 8; /* 16x read speed current */
1089 p[13] = (16 * 176) & 0xff;
1090 p[16] = (16 * 176) >> 8; /* 16x write speed */
1091 p[17] = (16 * 176) & 0xff;
1092 p[18] = (16 * 176) >> 8; /* 16x write speed current */
1093 p[19] = (16 * 176) & 0xff;
1100 assert(length < 256);
1101 (*p_outbuf)[0] = page;
1102 (*p_outbuf)[1] = length;
1103 *p_outbuf += length + 2;
1107 static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
1109 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1110 uint64_t nb_sectors;
1112 int page, buflen, ret, page_control;
1114 uint8_t dev_specific_param;
1116 dbd = (r->req.cmd.buf[1] & 0x8) != 0;
1117 page = r->req.cmd.buf[2] & 0x3f;
1118 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
1119 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
1120 (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control);
1121 memset(outbuf, 0, r->req.cmd.xfer);
1124 if (s->qdev.type == TYPE_DISK) {
1125 dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0;
1126 if (bdrv_is_read_only(s->qdev.conf.bs)) {
1127 dev_specific_param |= 0x80; /* Readonly. */
1130 /* MMC prescribes that CD/DVD drives have no block descriptors,
1131 * and defines no device-specific parameter. */
1132 dev_specific_param = 0x00;
1136 if (r->req.cmd.buf[0] == MODE_SENSE) {
1137 p[1] = 0; /* Default media type. */
1138 p[2] = dev_specific_param;
1139 p[3] = 0; /* Block descriptor length. */
1141 } else { /* MODE_SENSE_10 */
1142 p[2] = 0; /* Default media type. */
1143 p[3] = dev_specific_param;
1144 p[6] = p[7] = 0; /* Block descriptor length. */
1148 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1149 if (!dbd && nb_sectors) {
1150 if (r->req.cmd.buf[0] == MODE_SENSE) {
1151 outbuf[3] = 8; /* Block descriptor length */
1152 } else { /* MODE_SENSE_10 */
1153 outbuf[7] = 8; /* Block descriptor length */
1155 nb_sectors /= (s->qdev.blocksize / 512);
1156 if (nb_sectors > 0xffffff) {
1159 p[0] = 0; /* media density code */
1160 p[1] = (nb_sectors >> 16) & 0xff;
1161 p[2] = (nb_sectors >> 8) & 0xff;
1162 p[3] = nb_sectors & 0xff;
1163 p[4] = 0; /* reserved */
1164 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
1165 p[6] = s->qdev.blocksize >> 8;
1170 if (page_control == 3) {
1172 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
1177 for (page = 0; page <= 0x3e; page++) {
1178 mode_sense_page(s, page, &p, page_control);
1181 ret = mode_sense_page(s, page, &p, page_control);
1187 buflen = p - outbuf;
1189 * The mode data length field specifies the length in bytes of the
1190 * following data that is available to be transferred. The mode data
1191 * length does not include itself.
1193 if (r->req.cmd.buf[0] == MODE_SENSE) {
1194 outbuf[0] = buflen - 1;
1195 } else { /* MODE_SENSE_10 */
1196 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
1197 outbuf[1] = (buflen - 2) & 0xff;
1202 static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
1204 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1205 int start_track, format, msf, toclen;
1206 uint64_t nb_sectors;
1208 msf = req->cmd.buf[1] & 2;
1209 format = req->cmd.buf[2] & 0xf;
1210 start_track = req->cmd.buf[6];
1211 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1212 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
1213 nb_sectors /= s->qdev.blocksize / 512;
1216 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
1219 /* multi session : only a single session defined */
1221 memset(outbuf, 0, 12);
1227 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
1235 static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
1237 SCSIRequest *req = &r->req;
1238 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1239 bool start = req->cmd.buf[4] & 1;
1240 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
1241 int pwrcnd = req->cmd.buf[4] & 0xf0;
1244 /* eject/load only happens for power condition == 0 */
1248 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) && loej) {
1249 if (!start && !s->tray_open && s->tray_locked) {
1250 scsi_check_condition(r,
1251 bdrv_is_inserted(s->qdev.conf.bs)
1252 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
1253 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
1257 if (s->tray_open != !start) {
1258 bdrv_eject(s->qdev.conf.bs, !start);
1259 s->tray_open = !start;
1265 static void scsi_disk_emulate_read_data(SCSIRequest *req)
1267 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1268 int buflen = r->iov.iov_len;
1271 DPRINTF("Read buf_len=%d\n", buflen);
1274 scsi_req_data(&r->req, buflen);
1278 /* This also clears the sense buffer for REQUEST SENSE. */
1279 scsi_req_complete(&r->req, GOOD);
1282 static int scsi_disk_check_mode_select(SCSIDiskState *s, int page,
1283 uint8_t *inbuf, int inlen)
1285 uint8_t mode_current[SCSI_MAX_MODE_LEN];
1286 uint8_t mode_changeable[SCSI_MAX_MODE_LEN];
1288 int len, expected_len, changeable_len, i;
1290 /* The input buffer does not include the page header, so it is
1293 expected_len = inlen + 2;
1294 if (expected_len > SCSI_MAX_MODE_LEN) {
1299 memset(mode_current, 0, inlen + 2);
1300 len = mode_sense_page(s, page, &p, 0);
1301 if (len < 0 || len != expected_len) {
1305 p = mode_changeable;
1306 memset(mode_changeable, 0, inlen + 2);
1307 changeable_len = mode_sense_page(s, page, &p, 1);
1308 assert(changeable_len == len);
1310 /* Check that unchangeable bits are the same as what MODE SENSE
1313 for (i = 2; i < len; i++) {
1314 if (((mode_current[i] ^ inbuf[i - 2]) & ~mode_changeable[i]) != 0) {
1321 static void scsi_disk_apply_mode_select(SCSIDiskState *s, int page, uint8_t *p)
1324 case MODE_PAGE_CACHING:
1325 bdrv_set_enable_write_cache(s->qdev.conf.bs, (p[0] & 4) != 0);
1333 static int mode_select_pages(SCSIDiskReq *r, uint8_t *p, int len, bool change)
1335 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1338 int page, subpage, page_len;
1340 /* Parse both possible formats for the mode page headers. */
1344 goto invalid_param_len;
1347 page_len = lduw_be_p(&p[2]);
1352 goto invalid_param_len;
1363 if (page_len > len) {
1364 goto invalid_param_len;
1368 if (scsi_disk_check_mode_select(s, page, p, page_len) < 0) {
1372 scsi_disk_apply_mode_select(s, page, p);
1381 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1385 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1389 static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf)
1392 int cmd = r->req.cmd.buf[0];
1393 int len = r->req.cmd.xfer;
1394 int hdr_len = (cmd == MODE_SELECT ? 4 : 8);
1398 /* We only support PF=1, SP=0. */
1399 if ((r->req.cmd.buf[1] & 0x11) != 0x10) {
1403 if (len < hdr_len) {
1404 goto invalid_param_len;
1407 bd_len = (cmd == MODE_SELECT ? p[3] : lduw_be_p(&p[6]));
1411 goto invalid_param_len;
1413 if (bd_len != 0 && bd_len != 8) {
1420 /* Ensure no change is made if there is an error! */
1421 for (pass = 0; pass < 2; pass++) {
1422 if (mode_select_pages(r, p, len, pass == 1) < 0) {
1427 scsi_req_complete(&r->req, GOOD);
1431 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1435 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1439 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1442 static inline bool check_lba_range(SCSIDiskState *s,
1443 uint64_t sector_num, uint32_t nb_sectors)
1446 * The first line tests that no overflow happens when computing the last
1447 * sector. The second line tests that the last accessed sector is in
1450 * Careful, the computations should not underflow for nb_sectors == 0,
1451 * and a 0-block read to the first LBA beyond the end of device is
1454 return (sector_num <= sector_num + nb_sectors &&
1455 sector_num + nb_sectors <= s->qdev.max_lba + 1);
1458 typedef struct UnmapCBData {
1464 static void scsi_unmap_complete(void *opaque, int ret)
1466 UnmapCBData *data = opaque;
1467 SCSIDiskReq *r = data->r;
1468 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1469 uint64_t sector_num;
1470 uint32_t nb_sectors;
1472 r->req.aiocb = NULL;
1474 if (scsi_handle_rw_error(r, -ret)) {
1479 if (data->count > 0 && !r->req.io_canceled) {
1480 sector_num = ldq_be_p(&data->inbuf[0]);
1481 nb_sectors = ldl_be_p(&data->inbuf[8]) & 0xffffffffULL;
1482 if (!check_lba_range(s, sector_num, nb_sectors)) {
1483 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1487 r->req.aiocb = bdrv_aio_discard(s->qdev.conf.bs,
1488 sector_num * (s->qdev.blocksize / 512),
1489 nb_sectors * (s->qdev.blocksize / 512),
1490 scsi_unmap_complete, data);
1497 if (data->count == 0) {
1498 scsi_req_complete(&r->req, GOOD);
1500 if (!r->req.io_canceled) {
1501 scsi_req_unref(&r->req);
1506 static void scsi_disk_emulate_unmap(SCSIDiskReq *r, uint8_t *inbuf)
1509 int len = r->req.cmd.xfer;
1513 goto invalid_param_len;
1515 if (len < lduw_be_p(&p[0]) + 2) {
1516 goto invalid_param_len;
1518 if (len < lduw_be_p(&p[2]) + 8) {
1519 goto invalid_param_len;
1521 if (lduw_be_p(&p[2]) & 15) {
1522 goto invalid_param_len;
1525 data = g_new0(UnmapCBData, 1);
1527 data->inbuf = &p[8];
1528 data->count = lduw_be_p(&p[2]) >> 4;
1530 /* The matching unref is in scsi_unmap_complete, before data is freed. */
1531 scsi_req_ref(&r->req);
1532 scsi_unmap_complete(data, 0);
1536 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1539 static void scsi_disk_emulate_write_data(SCSIRequest *req)
1541 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1543 if (r->iov.iov_len) {
1544 int buflen = r->iov.iov_len;
1545 DPRINTF("Write buf_len=%d\n", buflen);
1547 scsi_req_data(&r->req, buflen);
1551 switch (req->cmd.buf[0]) {
1553 case MODE_SELECT_10:
1554 /* This also clears the sense buffer for REQUEST SENSE. */
1555 scsi_disk_emulate_mode_select(r, r->iov.iov_base);
1559 scsi_disk_emulate_unmap(r, r->iov.iov_base);
1567 static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
1569 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1570 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1571 uint64_t nb_sectors;
1575 switch (req->cmd.buf[0]) {
1584 case ALLOW_MEDIUM_REMOVAL:
1585 case GET_CONFIGURATION:
1586 case GET_EVENT_STATUS_NOTIFICATION:
1587 case MECHANISM_STATUS:
1592 if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) {
1593 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1599 if (!r->iov.iov_base) {
1601 * FIXME: we shouldn't return anything bigger than 4k, but the code
1602 * requires the buffer to be as big as req->cmd.xfer in several
1603 * places. So, do not allow CDBs with a very large ALLOCATION
1604 * LENGTH. The real fix would be to modify scsi_read_data and
1605 * dma_buf_read, so that they return data beyond the buflen
1608 if (req->cmd.xfer > 65536) {
1609 goto illegal_request;
1611 r->buflen = MAX(4096, req->cmd.xfer);
1612 r->iov.iov_base = qemu_blockalign(s->qdev.conf.bs, r->buflen);
1615 buflen = req->cmd.xfer;
1616 outbuf = r->iov.iov_base;
1617 switch (req->cmd.buf[0]) {
1618 case TEST_UNIT_READY:
1619 assert(!s->tray_open && bdrv_is_inserted(s->qdev.conf.bs));
1622 buflen = scsi_disk_emulate_inquiry(req, outbuf);
1624 goto illegal_request;
1629 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
1631 goto illegal_request;
1635 buflen = scsi_disk_emulate_read_toc(req, outbuf);
1637 goto illegal_request;
1641 if (req->cmd.buf[1] & 1) {
1642 goto illegal_request;
1646 if (req->cmd.buf[1] & 3) {
1647 goto illegal_request;
1651 if (req->cmd.buf[1] & 1) {
1652 goto illegal_request;
1656 if (req->cmd.buf[1] & 3) {
1657 goto illegal_request;
1661 if (scsi_disk_emulate_start_stop(r) < 0) {
1665 case ALLOW_MEDIUM_REMOVAL:
1666 s->tray_locked = req->cmd.buf[4] & 1;
1667 bdrv_lock_medium(s->qdev.conf.bs, req->cmd.buf[4] & 1);
1669 case READ_CAPACITY_10:
1670 /* The normal LEN field for this command is zero. */
1671 memset(outbuf, 0, 8);
1672 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1674 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
1677 if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) {
1678 goto illegal_request;
1680 nb_sectors /= s->qdev.blocksize / 512;
1681 /* Returned value is the address of the last sector. */
1683 /* Remember the new size for read/write sanity checking. */
1684 s->qdev.max_lba = nb_sectors;
1685 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
1686 if (nb_sectors > UINT32_MAX) {
1687 nb_sectors = UINT32_MAX;
1689 outbuf[0] = (nb_sectors >> 24) & 0xff;
1690 outbuf[1] = (nb_sectors >> 16) & 0xff;
1691 outbuf[2] = (nb_sectors >> 8) & 0xff;
1692 outbuf[3] = nb_sectors & 0xff;
1695 outbuf[6] = s->qdev.blocksize >> 8;
1700 /* Just return "NO SENSE". */
1701 buflen = scsi_build_sense(NULL, 0, outbuf, r->buflen,
1702 (req->cmd.buf[1] & 1) == 0);
1704 case MECHANISM_STATUS:
1705 buflen = scsi_emulate_mechanism_status(s, outbuf);
1707 goto illegal_request;
1710 case GET_CONFIGURATION:
1711 buflen = scsi_get_configuration(s, outbuf);
1713 goto illegal_request;
1716 case GET_EVENT_STATUS_NOTIFICATION:
1717 buflen = scsi_get_event_status_notification(s, r, outbuf);
1719 goto illegal_request;
1722 case READ_DISC_INFORMATION:
1723 buflen = scsi_read_disc_information(s, r, outbuf);
1725 goto illegal_request;
1728 case READ_DVD_STRUCTURE:
1729 buflen = scsi_read_dvd_structure(s, r, outbuf);
1731 goto illegal_request;
1734 case SERVICE_ACTION_IN_16:
1735 /* Service Action In subcommands. */
1736 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
1737 DPRINTF("SAI READ CAPACITY(16)\n");
1738 memset(outbuf, 0, req->cmd.xfer);
1739 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1741 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
1744 if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) {
1745 goto illegal_request;
1747 nb_sectors /= s->qdev.blocksize / 512;
1748 /* Returned value is the address of the last sector. */
1750 /* Remember the new size for read/write sanity checking. */
1751 s->qdev.max_lba = nb_sectors;
1752 outbuf[0] = (nb_sectors >> 56) & 0xff;
1753 outbuf[1] = (nb_sectors >> 48) & 0xff;
1754 outbuf[2] = (nb_sectors >> 40) & 0xff;
1755 outbuf[3] = (nb_sectors >> 32) & 0xff;
1756 outbuf[4] = (nb_sectors >> 24) & 0xff;
1757 outbuf[5] = (nb_sectors >> 16) & 0xff;
1758 outbuf[6] = (nb_sectors >> 8) & 0xff;
1759 outbuf[7] = nb_sectors & 0xff;
1762 outbuf[10] = s->qdev.blocksize >> 8;
1765 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
1767 /* set TPE bit if the format supports discard */
1768 if (s->qdev.conf.discard_granularity) {
1772 /* Protection, exponent and lowest lba field left blank. */
1773 buflen = req->cmd.xfer;
1776 DPRINTF("Unsupported Service Action In\n");
1777 goto illegal_request;
1778 case SYNCHRONIZE_CACHE:
1779 /* The request is used as the AIO opaque value, so add a ref. */
1780 scsi_req_ref(&r->req);
1781 bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH);
1782 r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_aio_complete, r);
1785 DPRINTF("Seek(10) (sector %" PRId64 ")\n", r->req.cmd.lba);
1786 if (r->req.cmd.lba > s->qdev.max_lba) {
1791 DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
1793 case MODE_SELECT_10:
1794 DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
1797 DPRINTF("Unmap (len %lu)\n", (long)r->req.cmd.xfer);
1801 nb_sectors = scsi_data_cdb_length(r->req.cmd.buf);
1802 if (bdrv_is_read_only(s->qdev.conf.bs)) {
1803 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1806 if (!check_lba_range(s, r->req.cmd.lba, nb_sectors)) {
1811 * We only support WRITE SAME with the unmap bit set for now.
1813 if (!(req->cmd.buf[1] & 0x8)) {
1814 goto illegal_request;
1817 /* The request is used as the AIO opaque value, so add a ref. */
1818 scsi_req_ref(&r->req);
1819 r->req.aiocb = bdrv_aio_discard(s->qdev.conf.bs,
1820 r->req.cmd.lba * (s->qdev.blocksize / 512),
1821 nb_sectors * (s->qdev.blocksize / 512),
1822 scsi_aio_complete, r);
1825 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
1826 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
1829 assert(!r->req.aiocb);
1830 r->iov.iov_len = MIN(buflen, req->cmd.xfer);
1831 if (r->iov.iov_len == 0) {
1832 scsi_req_complete(&r->req, GOOD);
1834 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
1835 assert(r->iov.iov_len == req->cmd.xfer);
1836 return -r->iov.iov_len;
1838 return r->iov.iov_len;
1842 if (r->req.status == -1) {
1843 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1848 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1852 /* Execute a scsi command. Returns the length of the data expected by the
1853 command. This will be Positive for data transfers from the device
1854 (eg. disk reads), negative for transfers to the device (eg. disk writes),
1855 and zero if the command does not transfer any data. */
1857 static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf)
1859 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1860 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1866 if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) {
1867 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1871 len = scsi_data_cdb_length(r->req.cmd.buf);
1877 DPRINTF("Read (sector %" PRId64 ", count %u)\n", r->req.cmd.lba, len);
1878 if (r->req.cmd.buf[1] & 0xe0) {
1879 goto illegal_request;
1881 if (!check_lba_range(s, r->req.cmd.lba, len)) {
1884 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
1885 r->sector_count = len * (s->qdev.blocksize / 512);
1891 case WRITE_VERIFY_10:
1892 case WRITE_VERIFY_12:
1893 case WRITE_VERIFY_16:
1894 if (bdrv_is_read_only(s->qdev.conf.bs)) {
1895 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1902 DPRINTF("Write %s(sector %" PRId64 ", count %u)\n",
1903 (command & 0xe) == 0xe ? "And Verify " : "",
1904 r->req.cmd.lba, len);
1905 if (r->req.cmd.buf[1] & 0xe0) {
1906 goto illegal_request;
1908 if (!check_lba_range(s, r->req.cmd.lba, len)) {
1911 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
1912 r->sector_count = len * (s->qdev.blocksize / 512);
1917 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1920 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1923 if (r->sector_count == 0) {
1924 scsi_req_complete(&r->req, GOOD);
1926 assert(r->iov.iov_len == 0);
1927 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
1928 return -r->sector_count * 512;
1930 return r->sector_count * 512;
1934 static void scsi_disk_reset(DeviceState *dev)
1936 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
1937 uint64_t nb_sectors;
1939 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
1941 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1942 nb_sectors /= s->qdev.blocksize / 512;
1946 s->qdev.max_lba = nb_sectors;
1949 static void scsi_destroy(SCSIDevice *dev)
1951 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1953 scsi_device_purge_requests(&s->qdev, SENSE_CODE(NO_SENSE));
1954 blockdev_mark_auto_del(s->qdev.conf.bs);
1957 static void scsi_disk_resize_cb(void *opaque)
1959 SCSIDiskState *s = opaque;
1961 /* SPC lists this sense code as available only for
1962 * direct-access devices.
1964 if (s->qdev.type == TYPE_DISK) {
1965 scsi_device_set_ua(&s->qdev, SENSE_CODE(CAPACITY_CHANGED));
1966 scsi_device_report_change(&s->qdev, SENSE_CODE(CAPACITY_CHANGED));
1970 static void scsi_cd_change_media_cb(void *opaque, bool load)
1972 SCSIDiskState *s = opaque;
1975 * When a CD gets changed, we have to report an ejected state and
1976 * then a loaded state to guests so that they detect tray
1977 * open/close and media change events. Guests that do not use
1978 * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close
1979 * states rely on this behavior.
1981 * media_changed governs the state machine used for unit attention
1982 * report. media_event is used by GET EVENT STATUS NOTIFICATION.
1984 s->media_changed = load;
1985 s->tray_open = !load;
1986 scsi_device_set_ua(&s->qdev, SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM));
1987 s->media_event = true;
1988 s->eject_request = false;
1991 static void scsi_cd_eject_request_cb(void *opaque, bool force)
1993 SCSIDiskState *s = opaque;
1995 s->eject_request = true;
1997 s->tray_locked = false;
2001 static bool scsi_cd_is_tray_open(void *opaque)
2003 return ((SCSIDiskState *)opaque)->tray_open;
2006 static bool scsi_cd_is_medium_locked(void *opaque)
2008 return ((SCSIDiskState *)opaque)->tray_locked;
2011 static const BlockDevOps scsi_disk_removable_block_ops = {
2012 .change_media_cb = scsi_cd_change_media_cb,
2013 .eject_request_cb = scsi_cd_eject_request_cb,
2014 .is_tray_open = scsi_cd_is_tray_open,
2015 .is_medium_locked = scsi_cd_is_medium_locked,
2017 .resize_cb = scsi_disk_resize_cb,
2020 static const BlockDevOps scsi_disk_block_ops = {
2021 .resize_cb = scsi_disk_resize_cb,
2024 static void scsi_disk_unit_attention_reported(SCSIDevice *dev)
2026 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2027 if (s->media_changed) {
2028 s->media_changed = false;
2029 scsi_device_set_ua(&s->qdev, SENSE_CODE(MEDIUM_CHANGED));
2033 static int scsi_initfn(SCSIDevice *dev)
2035 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2037 if (!s->qdev.conf.bs) {
2038 error_report("drive property not set");
2042 if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2043 !bdrv_is_inserted(s->qdev.conf.bs)) {
2044 error_report("Device needs media, but drive is empty");
2048 blkconf_serial(&s->qdev.conf, &s->serial);
2049 if (dev->type == TYPE_DISK
2050 && blkconf_geometry(&dev->conf, NULL, 65535, 255, 255) < 0) {
2055 s->version = g_strdup(qemu_get_version());
2058 s->vendor = g_strdup("QEMU");
2061 if (bdrv_is_sg(s->qdev.conf.bs)) {
2062 error_report("unwanted /dev/sg*");
2066 if (s->features & (1 << SCSI_DISK_F_REMOVABLE)) {
2067 bdrv_set_dev_ops(s->qdev.conf.bs, &scsi_disk_removable_block_ops, s);
2069 bdrv_set_dev_ops(s->qdev.conf.bs, &scsi_disk_block_ops, s);
2071 bdrv_set_buffer_alignment(s->qdev.conf.bs, s->qdev.blocksize);
2073 bdrv_iostatus_enable(s->qdev.conf.bs);
2074 add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, NULL);
2078 static int scsi_hd_initfn(SCSIDevice *dev)
2080 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2081 s->qdev.blocksize = s->qdev.conf.logical_block_size;
2082 s->qdev.type = TYPE_DISK;
2084 s->product = g_strdup("QEMU HARDDISK");
2086 return scsi_initfn(&s->qdev);
2089 static int scsi_cd_initfn(SCSIDevice *dev)
2091 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2092 s->qdev.blocksize = 2048;
2093 s->qdev.type = TYPE_ROM;
2094 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2096 s->product = g_strdup("QEMU CD-ROM");
2098 return scsi_initfn(&s->qdev);
2101 static int scsi_disk_initfn(SCSIDevice *dev)
2105 if (!dev->conf.bs) {
2106 return scsi_initfn(dev); /* ... and die there */
2109 dinfo = drive_get_by_blockdev(dev->conf.bs);
2110 if (dinfo->media_cd) {
2111 return scsi_cd_initfn(dev);
2113 return scsi_hd_initfn(dev);
2117 static const SCSIReqOps scsi_disk_emulate_reqops = {
2118 .size = sizeof(SCSIDiskReq),
2119 .free_req = scsi_free_request,
2120 .send_command = scsi_disk_emulate_command,
2121 .read_data = scsi_disk_emulate_read_data,
2122 .write_data = scsi_disk_emulate_write_data,
2123 .get_buf = scsi_get_buf,
2126 static const SCSIReqOps scsi_disk_dma_reqops = {
2127 .size = sizeof(SCSIDiskReq),
2128 .free_req = scsi_free_request,
2129 .send_command = scsi_disk_dma_command,
2130 .read_data = scsi_read_data,
2131 .write_data = scsi_write_data,
2132 .cancel_io = scsi_cancel_io,
2133 .get_buf = scsi_get_buf,
2134 .load_request = scsi_disk_load_request,
2135 .save_request = scsi_disk_save_request,
2138 static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = {
2139 [TEST_UNIT_READY] = &scsi_disk_emulate_reqops,
2140 [INQUIRY] = &scsi_disk_emulate_reqops,
2141 [MODE_SENSE] = &scsi_disk_emulate_reqops,
2142 [MODE_SENSE_10] = &scsi_disk_emulate_reqops,
2143 [START_STOP] = &scsi_disk_emulate_reqops,
2144 [ALLOW_MEDIUM_REMOVAL] = &scsi_disk_emulate_reqops,
2145 [READ_CAPACITY_10] = &scsi_disk_emulate_reqops,
2146 [READ_TOC] = &scsi_disk_emulate_reqops,
2147 [READ_DVD_STRUCTURE] = &scsi_disk_emulate_reqops,
2148 [READ_DISC_INFORMATION] = &scsi_disk_emulate_reqops,
2149 [GET_CONFIGURATION] = &scsi_disk_emulate_reqops,
2150 [GET_EVENT_STATUS_NOTIFICATION] = &scsi_disk_emulate_reqops,
2151 [MECHANISM_STATUS] = &scsi_disk_emulate_reqops,
2152 [SERVICE_ACTION_IN_16] = &scsi_disk_emulate_reqops,
2153 [REQUEST_SENSE] = &scsi_disk_emulate_reqops,
2154 [SYNCHRONIZE_CACHE] = &scsi_disk_emulate_reqops,
2155 [SEEK_10] = &scsi_disk_emulate_reqops,
2156 [MODE_SELECT] = &scsi_disk_emulate_reqops,
2157 [MODE_SELECT_10] = &scsi_disk_emulate_reqops,
2158 [UNMAP] = &scsi_disk_emulate_reqops,
2159 [WRITE_SAME_10] = &scsi_disk_emulate_reqops,
2160 [WRITE_SAME_16] = &scsi_disk_emulate_reqops,
2162 [READ_6] = &scsi_disk_dma_reqops,
2163 [READ_10] = &scsi_disk_dma_reqops,
2164 [READ_12] = &scsi_disk_dma_reqops,
2165 [READ_16] = &scsi_disk_dma_reqops,
2166 [VERIFY_10] = &scsi_disk_dma_reqops,
2167 [VERIFY_12] = &scsi_disk_dma_reqops,
2168 [VERIFY_16] = &scsi_disk_dma_reqops,
2169 [WRITE_6] = &scsi_disk_dma_reqops,
2170 [WRITE_10] = &scsi_disk_dma_reqops,
2171 [WRITE_12] = &scsi_disk_dma_reqops,
2172 [WRITE_16] = &scsi_disk_dma_reqops,
2173 [WRITE_VERIFY_10] = &scsi_disk_dma_reqops,
2174 [WRITE_VERIFY_12] = &scsi_disk_dma_reqops,
2175 [WRITE_VERIFY_16] = &scsi_disk_dma_reqops,
2178 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
2179 uint8_t *buf, void *hba_private)
2181 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2183 const SCSIReqOps *ops;
2187 ops = scsi_disk_reqops_dispatch[command];
2189 ops = &scsi_disk_emulate_reqops;
2191 req = scsi_req_alloc(ops, &s->qdev, tag, lun, hba_private);
2194 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
2197 for (i = 1; i < req->cmd.len; i++) {
2198 printf(" 0x%02x", buf[i]);
2208 static int get_device_type(SCSIDiskState *s)
2210 BlockDriverState *bdrv = s->qdev.conf.bs;
2213 uint8_t sensebuf[8];
2214 sg_io_hdr_t io_header;
2217 memset(cmd, 0, sizeof(cmd));
2218 memset(buf, 0, sizeof(buf));
2220 cmd[4] = sizeof(buf);
2222 memset(&io_header, 0, sizeof(io_header));
2223 io_header.interface_id = 'S';
2224 io_header.dxfer_direction = SG_DXFER_FROM_DEV;
2225 io_header.dxfer_len = sizeof(buf);
2226 io_header.dxferp = buf;
2227 io_header.cmdp = cmd;
2228 io_header.cmd_len = sizeof(cmd);
2229 io_header.mx_sb_len = sizeof(sensebuf);
2230 io_header.sbp = sensebuf;
2231 io_header.timeout = 6000; /* XXX */
2233 ret = bdrv_ioctl(bdrv, SG_IO, &io_header);
2234 if (ret < 0 || io_header.driver_status || io_header.host_status) {
2237 s->qdev.type = buf[0];
2238 if (buf[1] & 0x80) {
2239 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2244 static int scsi_block_initfn(SCSIDevice *dev)
2246 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2250 if (!s->qdev.conf.bs) {
2251 error_report("scsi-block: drive property not set");
2255 /* check we are using a driver managing SG_IO (version 3 and after) */
2256 if (bdrv_ioctl(s->qdev.conf.bs, SG_GET_VERSION_NUM, &sg_version) < 0 ||
2257 sg_version < 30000) {
2258 error_report("scsi-block: scsi generic interface too old");
2262 /* get device type from INQUIRY data */
2263 rc = get_device_type(s);
2265 error_report("scsi-block: INQUIRY failed");
2269 /* Make a guess for the block size, we'll fix it when the guest sends.
2270 * READ CAPACITY. If they don't, they likely would assume these sizes
2271 * anyway. (TODO: check in /sys).
2273 if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) {
2274 s->qdev.blocksize = 2048;
2276 s->qdev.blocksize = 512;
2278 return scsi_initfn(&s->qdev);
2281 static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag,
2282 uint32_t lun, uint8_t *buf,
2285 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2299 case WRITE_VERIFY_10:
2300 case WRITE_VERIFY_12:
2301 case WRITE_VERIFY_16:
2302 /* If we are not using O_DIRECT, we might read stale data from the
2303 * host cache if writes were made using other commands than these
2304 * ones (such as WRITE SAME or EXTENDED COPY, etc.). So, without
2305 * O_DIRECT everything must go through SG_IO.
2307 if (bdrv_get_flags(s->qdev.conf.bs) & BDRV_O_NOCACHE) {
2311 /* MMC writing cannot be done via pread/pwrite, because it sometimes
2312 * involves writing beyond the maximum LBA or to negative LBA (lead-in).
2313 * And once you do these writes, reading from the block device is
2314 * unreliable, too. It is even possible that reads deliver random data
2315 * from the host page cache (this is probably a Linux bug).
2317 * We might use scsi_disk_dma_reqops as long as no writing commands are
2318 * seen, but performance usually isn't paramount on optical media. So,
2319 * just make scsi-block operate the same as scsi-generic for them.
2321 if (s->qdev.type != TYPE_ROM) {
2322 return scsi_req_alloc(&scsi_disk_dma_reqops, &s->qdev, tag, lun,
2327 return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun,
2332 #define DEFINE_SCSI_DISK_PROPERTIES() \
2333 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \
2334 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
2335 DEFINE_PROP_STRING("serial", SCSIDiskState, serial), \
2336 DEFINE_PROP_STRING("vendor", SCSIDiskState, vendor), \
2337 DEFINE_PROP_STRING("product", SCSIDiskState, product)
2339 static Property scsi_hd_properties[] = {
2340 DEFINE_SCSI_DISK_PROPERTIES(),
2341 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2342 SCSI_DISK_F_REMOVABLE, false),
2343 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2344 SCSI_DISK_F_DPOFUA, false),
2345 DEFINE_PROP_HEX64("wwn", SCSIDiskState, wwn, 0),
2346 DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState, qdev.conf),
2347 DEFINE_PROP_END_OF_LIST(),
2350 static const VMStateDescription vmstate_scsi_disk_state = {
2351 .name = "scsi-disk",
2353 .minimum_version_id = 1,
2354 .minimum_version_id_old = 1,
2355 .fields = (VMStateField[]) {
2356 VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState),
2357 VMSTATE_BOOL(media_changed, SCSIDiskState),
2358 VMSTATE_BOOL(media_event, SCSIDiskState),
2359 VMSTATE_BOOL(eject_request, SCSIDiskState),
2360 VMSTATE_BOOL(tray_open, SCSIDiskState),
2361 VMSTATE_BOOL(tray_locked, SCSIDiskState),
2362 VMSTATE_END_OF_LIST()
2366 static void scsi_hd_class_initfn(ObjectClass *klass, void *data)
2368 DeviceClass *dc = DEVICE_CLASS(klass);
2369 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2371 sc->init = scsi_hd_initfn;
2372 sc->destroy = scsi_destroy;
2373 sc->alloc_req = scsi_new_request;
2374 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
2375 dc->fw_name = "disk";
2376 dc->desc = "virtual SCSI disk";
2377 dc->reset = scsi_disk_reset;
2378 dc->props = scsi_hd_properties;
2379 dc->vmsd = &vmstate_scsi_disk_state;
2382 static TypeInfo scsi_hd_info = {
2384 .parent = TYPE_SCSI_DEVICE,
2385 .instance_size = sizeof(SCSIDiskState),
2386 .class_init = scsi_hd_class_initfn,
2389 static Property scsi_cd_properties[] = {
2390 DEFINE_SCSI_DISK_PROPERTIES(),
2391 DEFINE_PROP_HEX64("wwn", SCSIDiskState, wwn, 0),
2392 DEFINE_PROP_END_OF_LIST(),
2395 static void scsi_cd_class_initfn(ObjectClass *klass, void *data)
2397 DeviceClass *dc = DEVICE_CLASS(klass);
2398 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2400 sc->init = scsi_cd_initfn;
2401 sc->destroy = scsi_destroy;
2402 sc->alloc_req = scsi_new_request;
2403 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
2404 dc->fw_name = "disk";
2405 dc->desc = "virtual SCSI CD-ROM";
2406 dc->reset = scsi_disk_reset;
2407 dc->props = scsi_cd_properties;
2408 dc->vmsd = &vmstate_scsi_disk_state;
2411 static TypeInfo scsi_cd_info = {
2413 .parent = TYPE_SCSI_DEVICE,
2414 .instance_size = sizeof(SCSIDiskState),
2415 .class_init = scsi_cd_class_initfn,
2419 static Property scsi_block_properties[] = {
2420 DEFINE_PROP_DRIVE("drive", SCSIDiskState, qdev.conf.bs),
2421 DEFINE_PROP_INT32("bootindex", SCSIDiskState, qdev.conf.bootindex, -1),
2422 DEFINE_PROP_END_OF_LIST(),
2425 static void scsi_block_class_initfn(ObjectClass *klass, void *data)
2427 DeviceClass *dc = DEVICE_CLASS(klass);
2428 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2430 sc->init = scsi_block_initfn;
2431 sc->destroy = scsi_destroy;
2432 sc->alloc_req = scsi_block_new_request;
2433 dc->fw_name = "disk";
2434 dc->desc = "SCSI block device passthrough";
2435 dc->reset = scsi_disk_reset;
2436 dc->props = scsi_block_properties;
2437 dc->vmsd = &vmstate_scsi_disk_state;
2440 static TypeInfo scsi_block_info = {
2441 .name = "scsi-block",
2442 .parent = TYPE_SCSI_DEVICE,
2443 .instance_size = sizeof(SCSIDiskState),
2444 .class_init = scsi_block_class_initfn,
2448 static Property scsi_disk_properties[] = {
2449 DEFINE_SCSI_DISK_PROPERTIES(),
2450 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2451 SCSI_DISK_F_REMOVABLE, false),
2452 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2453 SCSI_DISK_F_DPOFUA, false),
2454 DEFINE_PROP_HEX64("wwn", SCSIDiskState, wwn, 0),
2455 DEFINE_PROP_END_OF_LIST(),
2458 static void scsi_disk_class_initfn(ObjectClass *klass, void *data)
2460 DeviceClass *dc = DEVICE_CLASS(klass);
2461 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2463 sc->init = scsi_disk_initfn;
2464 sc->destroy = scsi_destroy;
2465 sc->alloc_req = scsi_new_request;
2466 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
2467 dc->fw_name = "disk";
2468 dc->desc = "virtual SCSI disk or CD-ROM (legacy)";
2469 dc->reset = scsi_disk_reset;
2470 dc->props = scsi_disk_properties;
2471 dc->vmsd = &vmstate_scsi_disk_state;
2474 static TypeInfo scsi_disk_info = {
2475 .name = "scsi-disk",
2476 .parent = TYPE_SCSI_DEVICE,
2477 .instance_size = sizeof(SCSIDiskState),
2478 .class_init = scsi_disk_class_initfn,
2481 static void scsi_disk_register_types(void)
2483 type_register_static(&scsi_hd_info);
2484 type_register_static(&scsi_cd_info);
2486 type_register_static(&scsi_block_info);
2488 type_register_static(&scsi_disk_info);
2491 type_init(scsi_disk_register_types)
projects / qemu.git / blob