hw/scsi-bus.c

   1 #include "hw.h"
   2 #include "qemu-error.h"
   3 #include "scsi.h"
   4 #include "scsi-defs.h"
   5 #include "block.h"
   6 #include "qdev.h"
   7
   8 static struct BusInfo scsi_bus_info = {
   9     .name  = "SCSI",
  10     .size  = sizeof(SCSIBus),
  11     .props = (Property[]) {
  12         DEFINE_PROP_UINT32("scsi-id", SCSIDevice, id, -1),
  13         DEFINE_PROP_END_OF_LIST(),
  14     },
  15 };
  16 static int next_scsi_bus;
  17
  18 /* Create a scsi bus, and attach devices to it.  */
  19 void scsi_bus_new(SCSIBus *bus, DeviceState *host, int tcq, int ndev,
  20                   scsi_completionfn complete)
  21 {
  22     qbus_create_inplace(&bus->qbus, &scsi_bus_info, host, NULL);
  23     bus->busnr = next_scsi_bus++;
  24     bus->tcq = tcq;
  25     bus->ndev = ndev;
  26     bus->complete = complete;
  27     bus->qbus.allow_hotplug = 1;
  28 }
  29
  30 static int scsi_qdev_init(DeviceState *qdev, DeviceInfo *base)
  31 {
  32     SCSIDevice *dev = DO_UPCAST(SCSIDevice, qdev, qdev);
  33     SCSIDeviceInfo *info = DO_UPCAST(SCSIDeviceInfo, qdev, base);
  34     SCSIBus *bus = DO_UPCAST(SCSIBus, qbus, dev->qdev.parent_bus);
  35     int rc = -1;
  36
  37     if (dev->id == -1) {
  38         for (dev->id = 0; dev->id < bus->ndev; dev->id++) {
  39             if (bus->devs[dev->id] == NULL)
  40                 break;
  41         }
  42     }
  43     if (dev->id >= bus->ndev) {
  44         error_report("bad scsi device id: %d", dev->id);
  45         goto err;
  46     }
  47
  48     if (bus->devs[dev->id]) {
  49         qdev_free(&bus->devs[dev->id]->qdev);
  50     }
  51     bus->devs[dev->id] = dev;
  52
  53     dev->info = info;
  54     QTAILQ_INIT(&dev->requests);
  55     rc = dev->info->init(dev);
  56     if (rc != 0) {
  57         bus->devs[dev->id] = NULL;
  58     }
  59
  60 err:
  61     return rc;
  62 }
  63
  64 static int scsi_qdev_exit(DeviceState *qdev)
  65 {
  66     SCSIDevice *dev = DO_UPCAST(SCSIDevice, qdev, qdev);
  67     SCSIBus *bus = DO_UPCAST(SCSIBus, qbus, dev->qdev.parent_bus);
  68
  69     assert(bus->devs[dev->id] != NULL);
  70     if (bus->devs[dev->id]->info->destroy) {
  71         bus->devs[dev->id]->info->destroy(bus->devs[dev->id]);
  72     }
  73     bus->devs[dev->id] = NULL;
  74     return 0;
  75 }
  76
  77 void scsi_qdev_register(SCSIDeviceInfo *info)
  78 {
  79     info->qdev.bus_info = &scsi_bus_info;
  80     info->qdev.init     = scsi_qdev_init;
  81     info->qdev.unplug   = qdev_simple_unplug_cb;
  82     info->qdev.exit     = scsi_qdev_exit;
  83     qdev_register(&info->qdev);
  84 }
  85
  86 /* handle legacy '-drive if=scsi,...' cmd line args */
  87 /* FIXME callers should check for failure, but don't */
  88 SCSIDevice *scsi_bus_legacy_add_drive(SCSIBus *bus, DriveInfo *dinfo, int unit)
  89 {
  90     const char *driver;
  91     DeviceState *dev;
  92
  93     driver = bdrv_is_sg(dinfo->bdrv) ? "scsi-generic" : "scsi-disk";
  94     dev = qdev_create(&bus->qbus, driver);
  95     qdev_prop_set_uint32(dev, "scsi-id", unit);
  96     qdev_prop_set_drive(dev, "drive", dinfo);
  97     if (qdev_init(dev) < 0)
  98         return NULL;
  99     return DO_UPCAST(SCSIDevice, qdev, dev);
 100 }
 101
 102 void scsi_bus_legacy_handle_cmdline(SCSIBus *bus)
 103 {
 104     DriveInfo *dinfo;
 105     int unit;
 106
 107     for (unit = 0; unit < MAX_SCSI_DEVS; unit++) {
 108         dinfo = drive_get(IF_SCSI, bus->busnr, unit);
 109         if (dinfo == NULL) {
 110             continue;
 111         }
 112         scsi_bus_legacy_add_drive(bus, dinfo, unit);
 113     }
 114 }
 115
 116 void scsi_dev_clear_sense(SCSIDevice *dev)
 117 {
 118     memset(&dev->sense, 0, sizeof(dev->sense));
 119 }
 120
 121 void scsi_dev_set_sense(SCSIDevice *dev, uint8_t key)
 122 {
 123     dev->sense.key = key;
 124 }
 125
 126 SCSIRequest *scsi_req_alloc(size_t size, SCSIDevice *d, uint32_t tag, uint32_t lun)
 127 {
 128     SCSIRequest *req;
 129
 130     req = qemu_mallocz(size);
 131     req->bus = scsi_bus_from_device(d);
 132     req->dev = d;
 133     req->tag = tag;
 134     req->lun = lun;
 135     req->status = -1;
 136     QTAILQ_INSERT_TAIL(&d->requests, req, next);
 137     return req;
 138 }
 139
 140 SCSIRequest *scsi_req_find(SCSIDevice *d, uint32_t tag)
 141 {
 142     SCSIRequest *req;
 143
 144     QTAILQ_FOREACH(req, &d->requests, next) {
 145         if (req->tag == tag) {
 146             return req;
 147         }
 148     }
 149     return NULL;
 150 }
 151
 152 void scsi_req_free(SCSIRequest *req)
 153 {
 154     QTAILQ_REMOVE(&req->dev->requests, req, next);
 155     qemu_free(req);
 156 }
 157
 158 static int scsi_req_length(SCSIRequest *req, uint8_t *cmd)
 159 {
 160     switch (cmd[0] >> 5) {
 161     case 0:
 162         req->cmd.xfer = cmd[4];
 163         req->cmd.len = 6;
 164         /* length 0 means 256 blocks */
 165         if (req->cmd.xfer == 0)
 166             req->cmd.xfer = 256;
 167         break;
 168     case 1:
 169     case 2:
 170         req->cmd.xfer = cmd[8] | (cmd[7] << 8);
 171         req->cmd.len = 10;
 172         break;
 173     case 4:
 174         req->cmd.xfer = cmd[13] | (cmd[12] << 8) | (cmd[11] << 16) | (cmd[10] << 24);
 175         req->cmd.len = 16;
 176         break;
 177     case 5:
 178         req->cmd.xfer = cmd[9] | (cmd[8] << 8) | (cmd[7] << 16) | (cmd[6] << 24);
 179         req->cmd.len = 12;
 180         break;
 181     default:
 182         return -1;
 183     }
 184
 185     switch(cmd[0]) {
 186     case TEST_UNIT_READY:
 187     case REZERO_UNIT:
 188     case START_STOP:
 189     case SEEK_6:
 190     case WRITE_FILEMARKS:
 191     case SPACE:
 192     case ERASE:
 193     case ALLOW_MEDIUM_REMOVAL:
 194     case VERIFY:
 195     case SEEK_10:
 196     case SYNCHRONIZE_CACHE:
 197     case LOCK_UNLOCK_CACHE:
 198     case LOAD_UNLOAD:
 199     case SET_CD_SPEED:
 200     case SET_LIMITS:
 201     case WRITE_LONG:
 202     case MOVE_MEDIUM:
 203     case UPDATE_BLOCK:
 204         req->cmd.xfer = 0;
 205         break;
 206     case MODE_SENSE:
 207         break;
 208     case WRITE_SAME:
 209         req->cmd.xfer = 1;
 210         break;
 211     case READ_CAPACITY:
 212         req->cmd.xfer = 8;
 213         break;
 214     case READ_BLOCK_LIMITS:
 215         req->cmd.xfer = 6;
 216         break;
 217     case READ_POSITION:
 218         req->cmd.xfer = 20;
 219         break;
 220     case SEND_VOLUME_TAG:
 221         req->cmd.xfer *= 40;
 222         break;
 223     case MEDIUM_SCAN:
 224         req->cmd.xfer *= 8;
 225         break;
 226     case WRITE_10:
 227     case WRITE_VERIFY:
 228     case WRITE_6:
 229     case WRITE_12:
 230     case WRITE_VERIFY_12:
 231     case WRITE_16:
 232     case WRITE_VERIFY_16:
 233         req->cmd.xfer *= req->dev->blocksize;
 234         break;
 235     case READ_10:
 236     case READ_6:
 237     case READ_REVERSE:
 238     case RECOVER_BUFFERED_DATA:
 239     case READ_12:
 240     case READ_16:
 241         req->cmd.xfer *= req->dev->blocksize;
 242         break;
 243     case INQUIRY:
 244         req->cmd.xfer = cmd[4] | (cmd[3] << 8);
 245         break;
 246     }
 247     return 0;
 248 }
 249
 250 static int scsi_req_stream_length(SCSIRequest *req, uint8_t *cmd)
 251 {
 252     switch(cmd[0]) {
 253     /* stream commands */
 254     case READ_6:
 255     case READ_REVERSE:
 256     case RECOVER_BUFFERED_DATA:
 257     case WRITE_6:
 258         req->cmd.len = 6;
 259         req->cmd.xfer = cmd[4] | (cmd[3] << 8) | (cmd[2] << 16);
 260         if (cmd[1] & 0x01) /* fixed */
 261             req->cmd.xfer *= req->dev->blocksize;
 262         break;
 263     case REWIND:
 264     case START_STOP:
 265         req->cmd.len = 6;
 266         req->cmd.xfer = 0;
 267         break;
 268     /* generic commands */
 269     default:
 270         return scsi_req_length(req, cmd);
 271     }
 272     return 0;
 273 }
 274
 275 static void scsi_req_xfer_mode(SCSIRequest *req)
 276 {
 277     switch (req->cmd.buf[0]) {
 278     case WRITE_6:
 279     case WRITE_10:
 280     case WRITE_VERIFY:
 281     case WRITE_12:
 282     case WRITE_VERIFY_12:
 283     case WRITE_16:
 284     case WRITE_VERIFY_16:
 285     case COPY:
 286     case COPY_VERIFY:
 287     case COMPARE:
 288     case CHANGE_DEFINITION:
 289     case LOG_SELECT:
 290     case MODE_SELECT:
 291     case MODE_SELECT_10:
 292     case SEND_DIAGNOSTIC:
 293     case WRITE_BUFFER:
 294     case FORMAT_UNIT:
 295     case REASSIGN_BLOCKS:
 296     case RESERVE:
 297     case SEARCH_EQUAL:
 298     case SEARCH_HIGH:
 299     case SEARCH_LOW:
 300     case UPDATE_BLOCK:
 301     case WRITE_LONG:
 302     case WRITE_SAME:
 303     case SEARCH_HIGH_12:
 304     case SEARCH_EQUAL_12:
 305     case SEARCH_LOW_12:
 306     case SET_WINDOW:
 307     case MEDIUM_SCAN:
 308     case SEND_VOLUME_TAG:
 309     case WRITE_LONG_2:
 310         req->cmd.mode = SCSI_XFER_TO_DEV;
 311         break;
 312     default:
 313         if (req->cmd.xfer)
 314             req->cmd.mode = SCSI_XFER_FROM_DEV;
 315         else {
 316             req->cmd.mode = SCSI_XFER_NONE;
 317         }
 318         break;
 319     }
 320 }
 321
 322 static uint64_t scsi_req_lba(SCSIRequest *req)
 323 {
 324     uint8_t *buf = req->cmd.buf;
 325     uint64_t lba;
 326
 327     switch (buf[0] >> 5) {
 328     case 0:
 329         lba = (uint64_t) buf[3] | ((uint64_t) buf[2] << 8) |
 330               (((uint64_t) buf[1] & 0x1f) << 16);
 331         break;
 332     case 1:
 333     case 2:
 334         lba = (uint64_t) buf[5] | ((uint64_t) buf[4] << 8) |
 335               ((uint64_t) buf[3] << 16) | ((uint64_t) buf[2] << 24);
 336         break;
 337     case 4:
 338         lba = (uint64_t) buf[9] | ((uint64_t) buf[8] << 8) |
 339               ((uint64_t) buf[7] << 16) | ((uint64_t) buf[6] << 24) |
 340               ((uint64_t) buf[5] << 32) | ((uint64_t) buf[4] << 40) |
 341               ((uint64_t) buf[3] << 48) | ((uint64_t) buf[2] << 56);
 342         break;
 343     case 5:
 344         lba = (uint64_t) buf[5] | ((uint64_t) buf[4] << 8) |
 345               ((uint64_t) buf[3] << 16) | ((uint64_t) buf[2] << 24);
 346         break;
 347     default:
 348         lba = -1;
 349
 350     }
 351     return lba;
 352 }
 353
 354 int scsi_req_parse(SCSIRequest *req, uint8_t *buf)
 355 {
 356     int rc;
 357
 358     if (req->dev->type == TYPE_TAPE) {
 359         rc = scsi_req_stream_length(req, buf);
 360     } else {
 361         rc = scsi_req_length(req, buf);
 362     }
 363     if (rc != 0)
 364         return rc;
 365
 366     memcpy(req->cmd.buf, buf, req->cmd.len);
 367     scsi_req_xfer_mode(req);
 368     req->cmd.lba = scsi_req_lba(req);
 369     return 0;
 370 }
 371
 372 static const char *scsi_command_name(uint8_t cmd)
 373 {
 374     static const char *names[] = {
 375         [ TEST_UNIT_READY          ] = "TEST_UNIT_READY",
 376         [ REZERO_UNIT              ] = "REZERO_UNIT",
 377         /* REWIND and REZERO_UNIT use the same operation code */
 378         [ REQUEST_SENSE            ] = "REQUEST_SENSE",
 379         [ FORMAT_UNIT              ] = "FORMAT_UNIT",
 380         [ READ_BLOCK_LIMITS        ] = "READ_BLOCK_LIMITS",
 381         [ REASSIGN_BLOCKS          ] = "REASSIGN_BLOCKS",
 382         [ READ_6                   ] = "READ_6",
 383         [ WRITE_6                  ] = "WRITE_6",
 384         [ SEEK_6                   ] = "SEEK_6",
 385         [ READ_REVERSE             ] = "READ_REVERSE",
 386         [ WRITE_FILEMARKS          ] = "WRITE_FILEMARKS",
 387         [ SPACE                    ] = "SPACE",
 388         [ INQUIRY                  ] = "INQUIRY",
 389         [ RECOVER_BUFFERED_DATA    ] = "RECOVER_BUFFERED_DATA",
 390         [ MODE_SELECT              ] = "MODE_SELECT",
 391         [ RESERVE                  ] = "RESERVE",
 392         [ RELEASE                  ] = "RELEASE",
 393         [ COPY                     ] = "COPY",
 394         [ ERASE                    ] = "ERASE",
 395         [ MODE_SENSE               ] = "MODE_SENSE",
 396         [ START_STOP               ] = "START_STOP",
 397         [ RECEIVE_DIAGNOSTIC       ] = "RECEIVE_DIAGNOSTIC",
 398         [ SEND_DIAGNOSTIC          ] = "SEND_DIAGNOSTIC",
 399         [ ALLOW_MEDIUM_REMOVAL     ] = "ALLOW_MEDIUM_REMOVAL",
 400
 401         [ SET_WINDOW               ] = "SET_WINDOW",
 402         [ READ_CAPACITY            ] = "READ_CAPACITY",
 403         [ READ_10                  ] = "READ_10",
 404         [ WRITE_10                 ] = "WRITE_10",
 405         [ SEEK_10                  ] = "SEEK_10",
 406         [ WRITE_VERIFY             ] = "WRITE_VERIFY",
 407         [ VERIFY                   ] = "VERIFY",
 408         [ SEARCH_HIGH              ] = "SEARCH_HIGH",
 409         [ SEARCH_EQUAL             ] = "SEARCH_EQUAL",
 410         [ SEARCH_LOW               ] = "SEARCH_LOW",
 411         [ SET_LIMITS               ] = "SET_LIMITS",
 412         [ PRE_FETCH                ] = "PRE_FETCH",
 413         /* READ_POSITION and PRE_FETCH use the same operation code */
 414         [ SYNCHRONIZE_CACHE        ] = "SYNCHRONIZE_CACHE",
 415         [ LOCK_UNLOCK_CACHE        ] = "LOCK_UNLOCK_CACHE",
 416         [ READ_DEFECT_DATA         ] = "READ_DEFECT_DATA",
 417         [ MEDIUM_SCAN              ] = "MEDIUM_SCAN",
 418         [ COMPARE                  ] = "COMPARE",
 419         [ COPY_VERIFY              ] = "COPY_VERIFY",
 420         [ WRITE_BUFFER             ] = "WRITE_BUFFER",
 421         [ READ_BUFFER              ] = "READ_BUFFER",
 422         [ UPDATE_BLOCK             ] = "UPDATE_BLOCK",
 423         [ READ_LONG                ] = "READ_LONG",
 424         [ WRITE_LONG               ] = "WRITE_LONG",
 425         [ CHANGE_DEFINITION        ] = "CHANGE_DEFINITION",
 426         [ WRITE_SAME               ] = "WRITE_SAME",
 427         [ READ_TOC                 ] = "READ_TOC",
 428         [ LOG_SELECT               ] = "LOG_SELECT",
 429         [ LOG_SENSE                ] = "LOG_SENSE",
 430         [ MODE_SELECT_10           ] = "MODE_SELECT_10",
 431         [ RESERVE_10               ] = "RESERVE_10",
 432         [ RELEASE_10               ] = "RELEASE_10",
 433         [ MODE_SENSE_10            ] = "MODE_SENSE_10",
 434         [ PERSISTENT_RESERVE_IN    ] = "PERSISTENT_RESERVE_IN",
 435         [ PERSISTENT_RESERVE_OUT   ] = "PERSISTENT_RESERVE_OUT",
 436         [ MOVE_MEDIUM              ] = "MOVE_MEDIUM",
 437         [ READ_12                  ] = "READ_12",
 438         [ WRITE_12                 ] = "WRITE_12",
 439         [ WRITE_VERIFY_12          ] = "WRITE_VERIFY_12",
 440         [ SEARCH_HIGH_12           ] = "SEARCH_HIGH_12",
 441         [ SEARCH_EQUAL_12          ] = "SEARCH_EQUAL_12",
 442         [ SEARCH_LOW_12            ] = "SEARCH_LOW_12",
 443         [ READ_ELEMENT_STATUS      ] = "READ_ELEMENT_STATUS",
 444         [ SEND_VOLUME_TAG          ] = "SEND_VOLUME_TAG",
 445         [ WRITE_LONG_2             ] = "WRITE_LONG_2",
 446
 447         [ REPORT_DENSITY_SUPPORT   ] = "REPORT_DENSITY_SUPPORT",
 448         [ GET_CONFIGURATION        ] = "GET_CONFIGURATION",
 449         [ READ_16                  ] = "READ_16",
 450         [ WRITE_16                 ] = "WRITE_16",
 451         [ WRITE_VERIFY_16          ] = "WRITE_VERIFY_16",
 452         [ SERVICE_ACTION_IN        ] = "SERVICE_ACTION_IN",
 453         [ REPORT_LUNS              ] = "REPORT_LUNS",
 454         [ LOAD_UNLOAD              ] = "LOAD_UNLOAD",
 455         [ SET_CD_SPEED             ] = "SET_CD_SPEED",
 456         [ BLANK                    ] = "BLANK",
 457     };
 458
 459     if (cmd >= ARRAY_SIZE(names) || names[cmd] == NULL)
 460         return "*UNKNOWN*";
 461     return names[cmd];
 462 }
 463
 464 void scsi_req_print(SCSIRequest *req)
 465 {
 466     FILE *fp = stderr;
 467     int i;
 468
 469     fprintf(fp, "[%s id=%d] %s",
 470             req->dev->qdev.parent_bus->name,
 471             req->dev->id,
 472             scsi_command_name(req->cmd.buf[0]));
 473     for (i = 1; i < req->cmd.len; i++) {
 474         fprintf(fp, " 0x%02x", req->cmd.buf[i]);
 475     }
 476     switch (req->cmd.mode) {
 477     case SCSI_XFER_NONE:
 478         fprintf(fp, " - none\n");
 479         break;
 480     case SCSI_XFER_FROM_DEV:
 481         fprintf(fp, " - from-dev len=%zd\n", req->cmd.xfer);
 482         break;
 483     case SCSI_XFER_TO_DEV:
 484         fprintf(fp, " - to-dev len=%zd\n", req->cmd.xfer);
 485         break;
 486     default:
 487         fprintf(fp, " - Oops\n");
 488         break;
 489     }
 490 }
 491
 492 void scsi_req_complete(SCSIRequest *req)
 493 {
 494     assert(req->status != -1);
 495     req->bus->complete(req->bus, SCSI_REASON_DONE,
 496                        req->tag,
 497                        req->status);
 498 }