2 * SCSI Device emulation
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
7 * Written by Paul Brook
9 * This code is licenced under the LGPL.
11 * Note that this file only handles the SCSI architecture model and device
12 * commands. Emulation of interface/link layer protocols is handled by
13 * the host adapter emulator.
16 #include <qemu-common.h>
21 #define DPRINTF(fmt, ...) \
22 do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
24 #define DPRINTF(fmt, ...) do {} while(0)
27 #define BADF(fmt, ...) \
28 do { fprintf(stderr, "scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
30 #include "qemu-common.h"
33 #include "scsi-defs.h"
35 #define SCSI_DMA_BUF_SIZE 131072
36 #define SCSI_MAX_INQUIRY_LEN 256
38 #define SCSI_REQ_STATUS_RETRY 0x01
40 typedef struct SCSIDiskState SCSIDiskState;
42 typedef struct SCSIDiskReq {
44 /* ??? We should probably keep track of whether the data transfer is
45 a read or a write. Currently we rely on the host getting it right. */
46 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
48 uint32_t sector_count;
58 /* The qemu block layer uses a fixed 512 byte sector size.
59 This is the number of 512 byte blocks in a single scsi sector. */
63 char drive_serial_str[21];
67 static SCSIDiskReq *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun)
72 req = scsi_req_alloc(sizeof(SCSIDiskReq), d, tag, lun);
73 r = DO_UPCAST(SCSIDiskReq, req, req);
74 r->iov.iov_base = qemu_memalign(512, SCSI_DMA_BUF_SIZE);
78 static void scsi_remove_request(SCSIDiskReq *r)
80 qemu_free(r->iov.iov_base);
81 scsi_req_free(&r->req);
84 static SCSIDiskReq *scsi_find_request(SCSIDiskState *s, uint32_t tag)
86 return DO_UPCAST(SCSIDiskReq, req, scsi_req_find(&s->qdev, tag));
89 /* Helper function for command completion. */
90 static void scsi_command_complete(SCSIDiskReq *r, int status, int sense)
92 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
94 DPRINTF("Command complete tag=0x%x status=%d sense=%d\n",
95 r->req.tag, status, sense);
98 r->req.bus->complete(r->req.bus, SCSI_REASON_DONE, tag, status);
99 scsi_remove_request(r);
102 /* Cancel a pending data transfer. */
103 static void scsi_cancel_io(SCSIDevice *d, uint32_t tag)
105 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
107 DPRINTF("Cancel tag=0x%x\n", tag);
108 r = scsi_find_request(s, tag);
111 bdrv_aio_cancel(r->req.aiocb);
113 scsi_remove_request(r);
117 static void scsi_read_complete(void * opaque, int ret)
119 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
122 DPRINTF("IO error\n");
123 r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, 0);
124 scsi_command_complete(r, CHECK_CONDITION, NO_SENSE);
127 DPRINTF("Data ready tag=0x%x len=%" PRId64 "\n", r->req.tag, r->iov.iov_len);
129 r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, r->iov.iov_len);
132 /* Read more data from scsi device into buffer. */
133 static void scsi_read_data(SCSIDevice *d, uint32_t tag)
135 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
139 r = scsi_find_request(s, tag);
141 BADF("Bad read tag 0x%x\n", tag);
142 /* ??? This is the wrong error. */
143 scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
146 if (r->sector_count == (uint32_t)-1) {
147 DPRINTF("Read buf_len=%" PRId64 "\n", r->iov.iov_len);
149 r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, r->iov.iov_len);
152 DPRINTF("Read sector_count=%d\n", r->sector_count);
153 if (r->sector_count == 0) {
154 scsi_command_complete(r, GOOD, NO_SENSE);
159 if (n > SCSI_DMA_BUF_SIZE / 512)
160 n = SCSI_DMA_BUF_SIZE / 512;
162 r->iov.iov_len = n * 512;
163 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
164 r->req.aiocb = bdrv_aio_readv(s->dinfo->bdrv, r->sector, &r->qiov, n,
165 scsi_read_complete, r);
166 if (r->req.aiocb == NULL)
167 scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
169 r->sector_count -= n;
172 static int scsi_handle_write_error(SCSIDiskReq *r, int error)
174 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
175 BlockInterfaceErrorAction action = drive_get_onerror(s->dinfo->bdrv);
177 if (action == BLOCK_ERR_IGNORE)
180 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
181 || action == BLOCK_ERR_STOP_ANY) {
182 r->status |= SCSI_REQ_STATUS_RETRY;
185 scsi_command_complete(r, CHECK_CONDITION,
192 static void scsi_write_complete(void * opaque, int ret)
194 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
201 if (scsi_handle_write_error(r, -ret))
205 n = r->iov.iov_len / 512;
207 r->sector_count -= n;
208 if (r->sector_count == 0) {
209 scsi_command_complete(r, GOOD, NO_SENSE);
211 len = r->sector_count * 512;
212 if (len > SCSI_DMA_BUF_SIZE) {
213 len = SCSI_DMA_BUF_SIZE;
215 r->iov.iov_len = len;
216 DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, len);
217 r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, len);
221 static void scsi_write_request(SCSIDiskReq *r)
223 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
226 n = r->iov.iov_len / 512;
228 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
229 r->req.aiocb = bdrv_aio_writev(s->dinfo->bdrv, r->sector, &r->qiov, n,
230 scsi_write_complete, r);
231 if (r->req.aiocb == NULL)
232 scsi_command_complete(r, CHECK_CONDITION,
235 /* Invoke completion routine to fetch data from host. */
236 scsi_write_complete(r, 0);
240 /* Write data to a scsi device. Returns nonzero on failure.
241 The transfer may complete asynchronously. */
242 static int scsi_write_data(SCSIDevice *d, uint32_t tag)
244 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
247 DPRINTF("Write data tag=0x%x\n", tag);
248 r = scsi_find_request(s, tag);
250 BADF("Bad write tag 0x%x\n", tag);
251 scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
256 BADF("Data transfer already in progress\n");
258 scsi_write_request(r);
263 static void scsi_dma_restart_bh(void *opaque)
265 SCSIDiskState *s = opaque;
269 qemu_bh_delete(s->bh);
272 QTAILQ_FOREACH(req, &s->qdev.requests, next) {
273 r = DO_UPCAST(SCSIDiskReq, req, req);
274 if (r->status & SCSI_REQ_STATUS_RETRY) {
275 r->status &= ~SCSI_REQ_STATUS_RETRY;
276 scsi_write_request(r);
281 static void scsi_dma_restart_cb(void *opaque, int running, int reason)
283 SCSIDiskState *s = opaque;
289 s->bh = qemu_bh_new(scsi_dma_restart_bh, s);
290 qemu_bh_schedule(s->bh);
294 /* Return a pointer to the data buffer. */
295 static uint8_t *scsi_get_buf(SCSIDevice *d, uint32_t tag)
297 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
300 r = scsi_find_request(s, tag);
302 BADF("Bad buffer tag 0x%x\n", tag);
305 return (uint8_t *)r->iov.iov_base;
308 /* Execute a scsi command. Returns the length of the data expected by the
309 command. This will be Positive for data transfers from the device
310 (eg. disk reads), negative for transfers to the device (eg. disk writes),
311 and zero if the command does not transfer any data. */
313 static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
314 uint8_t *buf, int lun)
316 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
327 r = scsi_find_request(s, tag);
329 BADF("Tag 0x%x already in use\n", tag);
330 scsi_cancel_io(d, tag);
332 /* ??? Tags are not unique for different luns. We only implement a
333 single lun, so this should not matter. */
334 r = scsi_new_request(d, tag, lun);
335 outbuf = (uint8_t *)r->iov.iov_base;
337 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
338 switch (command >> 5) {
340 lba = (uint64_t) buf[3] | ((uint64_t) buf[2] << 8) |
341 (((uint64_t) buf[1] & 0x1f) << 16);
347 lba = (uint64_t) buf[5] | ((uint64_t) buf[4] << 8) |
348 ((uint64_t) buf[3] << 16) | ((uint64_t) buf[2] << 24);
349 len = buf[8] | (buf[7] << 8);
353 lba = (uint64_t) buf[9] | ((uint64_t) buf[8] << 8) |
354 ((uint64_t) buf[7] << 16) | ((uint64_t) buf[6] << 24) |
355 ((uint64_t) buf[5] << 32) | ((uint64_t) buf[4] << 40) |
356 ((uint64_t) buf[3] << 48) | ((uint64_t) buf[2] << 56);
357 len = buf[13] | (buf[12] << 8) | (buf[11] << 16) | (buf[10] << 24);
361 lba = (uint64_t) buf[5] | ((uint64_t) buf[4] << 8) |
362 ((uint64_t) buf[3] << 16) | ((uint64_t) buf[2] << 24);
363 len = buf[9] | (buf[8] << 8) | (buf[7] << 16) | (buf[6] << 24);
367 BADF("Unsupported command length, command %x\n", command);
373 for (i = 1; i < cmdlen; i++) {
374 printf(" 0x%02x", buf[i]);
379 if (lun || buf[1] >> 5) {
380 /* Only LUN 0 supported. */
381 DPRINTF("Unimplemented LUN %d\n", lun ? lun : buf[1] >> 5);
382 if (command != 0x03 && command != 0x12) /* REQUEST SENSE and INQUIRY */
387 DPRINTF("Test Unit Ready\n");
388 if (!bdrv_is_inserted(s->dinfo->bdrv))
392 DPRINTF("Request Sense (len %d)\n", len);
395 memset(outbuf, 0, 4);
397 if (s->sense == NOT_READY && len >= 18) {
398 memset(outbuf, 0, 18);
401 /* asc 0x3a, ascq 0: Medium not present */
407 outbuf[2] = s->sense;
410 DPRINTF("Inquiry (len %d)\n", len);
412 /* Command support data - optional, not implemented */
413 BADF("optional INQUIRY command support request not implemented\n");
416 else if (buf[1] & 0x1) {
417 /* Vital product data */
418 uint8_t page_code = buf[2];
420 BADF("Error: Inquiry (EVPD[%02X]) buffer size %d is "
421 "less than 4\n", page_code, len);
428 /* Supported page codes, mandatory */
429 DPRINTF("Inquiry EVPD[Supported pages] "
430 "buffer size %d\n", len);
434 if (bdrv_get_type_hint(s->dinfo->bdrv) == BDRV_TYPE_CDROM) {
435 outbuf[r->iov.iov_len++] = 5;
437 outbuf[r->iov.iov_len++] = 0;
440 outbuf[r->iov.iov_len++] = 0x00; // this page
441 outbuf[r->iov.iov_len++] = 0x00;
442 outbuf[r->iov.iov_len++] = 3; // number of pages
443 outbuf[r->iov.iov_len++] = 0x00; // list of supported pages (this page)
444 outbuf[r->iov.iov_len++] = 0x80; // unit serial number
445 outbuf[r->iov.iov_len++] = 0x83; // device identification
452 /* Device serial number, optional */
454 BADF("Error: EVPD[Serial number] Inquiry buffer "
455 "size %d too small, %d needed\n", len, 4);
459 DPRINTF("Inquiry EVPD[Serial number] buffer size %d\n", len);
460 l = MIN(len, strlen(s->drive_serial_str));
464 /* Supported page codes */
465 if (bdrv_get_type_hint(s->dinfo->bdrv) == BDRV_TYPE_CDROM) {
466 outbuf[r->iov.iov_len++] = 5;
468 outbuf[r->iov.iov_len++] = 0;
471 outbuf[r->iov.iov_len++] = 0x80; // this page
472 outbuf[r->iov.iov_len++] = 0x00;
473 outbuf[r->iov.iov_len++] = l;
474 memcpy(&outbuf[r->iov.iov_len], s->drive_serial_str, l);
481 /* Device identification page, mandatory */
482 int max_len = 255 - 8;
483 int id_len = strlen(bdrv_get_device_name(s->dinfo->bdrv));
484 if (id_len > max_len)
487 DPRINTF("Inquiry EVPD[Device identification] "
488 "buffer size %d\n", len);
490 if (bdrv_get_type_hint(s->dinfo->bdrv) == BDRV_TYPE_CDROM) {
491 outbuf[r->iov.iov_len++] = 5;
493 outbuf[r->iov.iov_len++] = 0;
496 outbuf[r->iov.iov_len++] = 0x83; // this page
497 outbuf[r->iov.iov_len++] = 0x00;
498 outbuf[r->iov.iov_len++] = 3 + id_len;
500 outbuf[r->iov.iov_len++] = 0x2; // ASCII
501 outbuf[r->iov.iov_len++] = 0; // not officially assigned
502 outbuf[r->iov.iov_len++] = 0; // reserved
503 outbuf[r->iov.iov_len++] = id_len; // length of data following
505 memcpy(&outbuf[r->iov.iov_len],
506 bdrv_get_device_name(s->dinfo->bdrv), id_len);
507 r->iov.iov_len += id_len;
511 BADF("Error: unsupported Inquiry (EVPD[%02X]) "
512 "buffer size %d\n", page_code, len);
519 /* Standard INQUIRY data */
521 BADF("Error: Inquiry (STANDARD) page or code "
522 "is non-zero [%02X]\n", buf[2]);
528 BADF("Error: Inquiry (STANDARD) buffer size %d "
529 "is less than 5\n", len);
534 BADF("Error: Inquiry (STANDARD) buffer size %d "
535 "is less than 36 (TODO: only 5 required)\n", len);
539 if(len > SCSI_MAX_INQUIRY_LEN)
540 len = SCSI_MAX_INQUIRY_LEN;
542 memset(outbuf, 0, len);
544 if (lun || buf[1] >> 5) {
545 outbuf[0] = 0x7f; /* LUN not supported */
546 } else if (bdrv_get_type_hint(s->dinfo->bdrv) == BDRV_TYPE_CDROM) {
549 memcpy(&outbuf[16], "QEMU CD-ROM ", 16);
552 memcpy(&outbuf[16], "QEMU HARDDISK ", 16);
554 memcpy(&outbuf[8], "QEMU ", 8);
555 memcpy(&outbuf[32], QEMU_VERSION, 4);
556 /* Identify device as SCSI-3 rev 1.
557 Some later commands are also implemented. */
559 outbuf[3] = 2; /* Format 2 */
560 outbuf[4] = len - 5; /* Additional Length = (Len - 1) - 4 */
561 /* Sync data transfer and TCQ. */
562 outbuf[7] = 0x10 | (r->req.bus->tcq ? 0x02 : 0);
563 r->iov.iov_len = len;
566 DPRINTF("Reserve(6)\n");
571 DPRINTF("Release(6)\n");
583 page = buf[2] & 0x3f;
584 DPRINTF("Mode Sense (page %d, len %d)\n", page, len);
587 outbuf[1] = 0; /* Default media type. */
588 outbuf[3] = 0; /* Block descriptor length. */
589 if (bdrv_get_type_hint(s->dinfo->bdrv) == BDRV_TYPE_CDROM ||
590 bdrv_is_read_only(s->dinfo->bdrv)) {
591 outbuf[2] = 0x80; /* Readonly. */
594 bdrv_get_geometry(s->dinfo->bdrv, &nb_sectors);
595 if ((~dbd) & nb_sectors) {
596 nb_sectors /= s->cluster_size;
598 if (nb_sectors > 0xffffff)
599 nb_sectors = 0xffffff;
600 outbuf[3] = 8; /* Block descriptor length */
601 p[0] = 0; /* media density code */
602 p[1] = (nb_sectors >> 16) & 0xff;
603 p[2] = (nb_sectors >> 8) & 0xff;
604 p[3] = nb_sectors & 0xff;
605 p[4] = 0; /* reserved */
606 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
607 p[6] = s->cluster_size * 2;
613 int cylinders, heads, secs;
615 /* Rigid disk device geometry page. */
618 /* if a geometry hint is available, use it */
619 bdrv_get_geometry_hint(s->dinfo->bdrv, &cylinders, &heads, &secs);
620 p[2] = (cylinders >> 16) & 0xff;
621 p[3] = (cylinders >> 8) & 0xff;
622 p[4] = cylinders & 0xff;
624 /* Write precomp start cylinder, disabled */
625 p[6] = (cylinders >> 16) & 0xff;
626 p[7] = (cylinders >> 8) & 0xff;
627 p[8] = cylinders & 0xff;
628 /* Reduced current start cylinder, disabled */
629 p[9] = (cylinders >> 16) & 0xff;
630 p[10] = (cylinders >> 8) & 0xff;
631 p[11] = cylinders & 0xff;
632 /* Device step rate [ns], 200ns */
635 /* Landing zone cylinder */
639 /* Medium rotation rate [rpm], 5400 rpm */
640 p[20] = (5400 >> 8) & 0xff;
643 } else if (page == 5) {
644 int cylinders, heads, secs;
646 /* Flexible disk device geometry page. */
649 /* Transfer rate [kbit/s], 5Mbit/s */
652 /* if a geometry hint is available, use it */
653 bdrv_get_geometry_hint(s->dinfo->bdrv, &cylinders, &heads, &secs);
656 p[6] = s->cluster_size * 2;
657 p[8] = (cylinders >> 8) & 0xff;
658 p[9] = cylinders & 0xff;
659 /* Write precomp start cylinder, disabled */
660 p[10] = (cylinders >> 8) & 0xff;
661 p[11] = cylinders & 0xff;
662 /* Reduced current start cylinder, disabled */
663 p[12] = (cylinders >> 8) & 0xff;
664 p[13] = cylinders & 0xff;
665 /* Device step rate [100us], 100us */
668 /* Device step pulse width [us], 1us */
670 /* Device head settle delay [100us], 100us */
673 /* Motor on delay [0.1s], 0.1s */
675 /* Motor off delay [0.1s], 0.1s */
677 /* Medium rotation rate [rpm], 5400 rpm */
678 p[28] = (5400 >> 8) & 0xff;
681 } else if ((page == 8 || page == 0x3f)) {
686 if (bdrv_enable_write_cache(s->dinfo->bdrv)) {
691 if ((page == 0x3f || page == 0x2a)
692 && (bdrv_get_type_hint(s->dinfo->bdrv) == BDRV_TYPE_CDROM)) {
693 /* CD Capabilities and Mechanical Status page. */
696 p[2] = 3; // CD-R & CD-RW read
697 p[3] = 0; // Writing not supported
698 p[4] = 0x7f; /* Audio, composite, digital out,
699 mode 2 form 1&2, multi session */
700 p[5] = 0xff; /* CD DA, DA accurate, RW supported,
701 RW corrected, C2 errors, ISRC,
703 p[6] = 0x2d | (bdrv_is_locked(s->dinfo->bdrv)? 2 : 0);
704 /* Locking supported, jumper present, eject, tray */
705 p[7] = 0; /* no volume & mute control, no
707 p[8] = (50 * 176) >> 8; // 50x read speed
708 p[9] = (50 * 176) & 0xff;
709 p[10] = 0 >> 8; // No volume
711 p[12] = 2048 >> 8; // 2M buffer
713 p[14] = (16 * 176) >> 8; // 16x read speed current
714 p[15] = (16 * 176) & 0xff;
715 p[18] = (16 * 176) >> 8; // 16x write speed
716 p[19] = (16 * 176) & 0xff;
717 p[20] = (16 * 176) >> 8; // 16x write speed current
718 p[21] = (16 * 176) & 0xff;
721 r->iov.iov_len = p - outbuf;
722 outbuf[0] = r->iov.iov_len - 4;
723 if (r->iov.iov_len > len)
724 r->iov.iov_len = len;
728 DPRINTF("Start Stop Unit\n");
729 if (bdrv_get_type_hint(s->dinfo->bdrv) == BDRV_TYPE_CDROM &&
731 /* load/eject medium */
732 bdrv_eject(s->dinfo->bdrv, !(buf[4] & 1));
735 DPRINTF("Prevent Allow Medium Removal (prevent = %d)\n", buf[4] & 3);
736 bdrv_set_locked(s->dinfo->bdrv, buf[4] & 1);
739 DPRINTF("Read Capacity\n");
740 /* The normal LEN field for this command is zero. */
741 memset(outbuf, 0, 8);
742 bdrv_get_geometry(s->dinfo->bdrv, &nb_sectors);
743 nb_sectors /= s->cluster_size;
744 /* Returned value is the address of the last sector. */
747 /* Remember the new size for read/write sanity checking. */
748 s->max_lba = nb_sectors;
749 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
750 if (nb_sectors > UINT32_MAX)
751 nb_sectors = UINT32_MAX;
752 outbuf[0] = (nb_sectors >> 24) & 0xff;
753 outbuf[1] = (nb_sectors >> 16) & 0xff;
754 outbuf[2] = (nb_sectors >> 8) & 0xff;
755 outbuf[3] = nb_sectors & 0xff;
758 outbuf[6] = s->cluster_size * 2;
763 scsi_command_complete(r, CHECK_CONDITION, NOT_READY);
770 DPRINTF("Read (sector %" PRId64 ", count %d)\n", lba, len);
771 if (lba > s->max_lba)
773 r->sector = lba * s->cluster_size;
774 r->sector_count = len * s->cluster_size;
779 DPRINTF("Write (sector %" PRId64 ", count %d)\n", lba, len);
780 if (lba > s->max_lba)
782 r->sector = lba * s->cluster_size;
783 r->sector_count = len * s->cluster_size;
787 DPRINTF("Synchronise cache (sector %" PRId64 ", count %d)\n", lba, len);
788 bdrv_flush(s->dinfo->bdrv);
792 int start_track, format, msf, toclen;
795 format = buf[2] & 0xf;
796 start_track = buf[6];
797 bdrv_get_geometry(s->dinfo->bdrv, &nb_sectors);
798 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
799 nb_sectors /= s->cluster_size;
802 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
805 /* multi session : only a single session defined */
807 memset(outbuf, 0, 12);
813 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
821 r->iov.iov_len = len;
825 DPRINTF("Read TOC error\n");
829 DPRINTF("Get Configuration (rt %d, maxlen %d)\n", buf[1] & 3, len);
830 memset(outbuf, 0, 8);
831 /* ??? This should probably return much more information. For now
832 just return the basic header indicating the CD-ROM profile. */
833 outbuf[7] = 8; // CD-ROM
837 DPRINTF("Reserve(10)\n");
842 DPRINTF("Release(10)\n");
847 /* Service Action In subcommands. */
848 if ((buf[1] & 31) == 0x10) {
849 DPRINTF("SAI READ CAPACITY(16)\n");
850 memset(outbuf, 0, len);
851 bdrv_get_geometry(s->dinfo->bdrv, &nb_sectors);
852 nb_sectors /= s->cluster_size;
853 /* Returned value is the address of the last sector. */
856 /* Remember the new size for read/write sanity checking. */
857 s->max_lba = nb_sectors;
858 outbuf[0] = (nb_sectors >> 56) & 0xff;
859 outbuf[1] = (nb_sectors >> 48) & 0xff;
860 outbuf[2] = (nb_sectors >> 40) & 0xff;
861 outbuf[3] = (nb_sectors >> 32) & 0xff;
862 outbuf[4] = (nb_sectors >> 24) & 0xff;
863 outbuf[5] = (nb_sectors >> 16) & 0xff;
864 outbuf[6] = (nb_sectors >> 8) & 0xff;
865 outbuf[7] = nb_sectors & 0xff;
868 outbuf[10] = s->cluster_size * 2;
870 /* Protection, exponent and lowest lba field left blank. */
871 r->iov.iov_len = len;
873 scsi_command_complete(r, CHECK_CONDITION, NOT_READY);
878 DPRINTF("Unsupported Service Action In\n");
881 DPRINTF("Report LUNs (len %d)\n", len);
884 memset(outbuf, 0, 16);
889 DPRINTF("Verify (sector %" PRId64 ", count %d)\n", lba, len);
892 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
894 scsi_command_complete(r, CHECK_CONDITION, ILLEGAL_REQUEST);
897 scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
900 if (r->sector_count == 0 && r->iov.iov_len == 0) {
901 scsi_command_complete(r, GOOD, NO_SENSE);
903 len = r->sector_count * 512 + r->iov.iov_len;
907 if (!r->sector_count)
908 r->sector_count = -1;
913 static void scsi_destroy(SCSIDevice *dev)
915 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
918 while (!QTAILQ_EMPTY(&s->qdev.requests)) {
919 r = DO_UPCAST(SCSIDiskReq, req, QTAILQ_FIRST(&s->qdev.requests));
920 scsi_remove_request(r);
922 drive_uninit(s->dinfo);
925 static int scsi_disk_initfn(SCSIDevice *dev)
927 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
930 if (!s->dinfo || !s->dinfo->bdrv) {
931 qemu_error("scsi-disk: drive property not set\n");
935 if (bdrv_get_type_hint(s->dinfo->bdrv) == BDRV_TYPE_CDROM) {
940 s->qdev.blocksize = 512 * s->cluster_size;
941 s->qdev.type = TYPE_DISK;
942 bdrv_get_geometry(s->dinfo->bdrv, &nb_sectors);
943 nb_sectors /= s->cluster_size;
946 s->max_lba = nb_sectors;
947 strncpy(s->drive_serial_str, drive_get_serial(s->dinfo->bdrv),
948 sizeof(s->drive_serial_str));
949 if (strlen(s->drive_serial_str) == 0)
950 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), "0");
951 qemu_add_vm_change_state_handler(scsi_dma_restart_cb, s);
955 static SCSIDeviceInfo scsi_disk_info = {
956 .qdev.name = "scsi-disk",
957 .qdev.desc = "virtual scsi disk or cdrom",
958 .qdev.size = sizeof(SCSIDiskState),
959 .init = scsi_disk_initfn,
960 .destroy = scsi_destroy,
961 .send_command = scsi_send_command,
962 .read_data = scsi_read_data,
963 .write_data = scsi_write_data,
964 .cancel_io = scsi_cancel_io,
965 .get_buf = scsi_get_buf,
966 .qdev.props = (Property[]) {
967 DEFINE_PROP_DRIVE("drive", SCSIDiskState, dinfo),
968 DEFINE_PROP_END_OF_LIST(),
972 static void scsi_disk_register_devices(void)
974 scsi_qdev_register(&scsi_disk_info);
976 device_init(scsi_disk_register_devices)
projects / qemu.git / blob