2 * Generic SCSI Device support
4 * Copyright (c) 2007 Bull S.A.S.
5 * Based on code by Paul Brook
6 * Based on code by Fabrice Bellard
10 * This code is licensed under the LGPL.
14 #include "qemu/osdep.h"
15 #include "qapi/error.h"
16 #include "qemu-common.h"
17 #include "qemu/error-report.h"
18 #include "hw/scsi/scsi.h"
19 #include "sysemu/block-backend.h"
20 #include "sysemu/blockdev.h"
27 #define DPRINTF(fmt, ...) \
28 do { printf("scsi-generic: " fmt , ## __VA_ARGS__); } while (0)
30 #define DPRINTF(fmt, ...) do {} while(0)
33 #define BADF(fmt, ...) \
34 do { fprintf(stderr, "scsi-generic: " fmt , ## __VA_ARGS__); } while (0)
37 #include "scsi/constants.h"
40 #define MAX_UINT ((unsigned int)-1)
43 typedef struct SCSIGenericReq {
48 sg_io_hdr_t io_header;
51 static void scsi_generic_save_request(QEMUFile *f, SCSIRequest *req)
53 SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
55 qemu_put_sbe32s(f, &r->buflen);
56 if (r->buflen && r->req.cmd.mode == SCSI_XFER_TO_DEV) {
58 qemu_put_buffer(f, r->buf, r->req.cmd.xfer);
62 static void scsi_generic_load_request(QEMUFile *f, SCSIRequest *req)
64 SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
66 qemu_get_sbe32s(f, &r->buflen);
67 if (r->buflen && r->req.cmd.mode == SCSI_XFER_TO_DEV) {
69 qemu_get_buffer(f, r->buf, r->req.cmd.xfer);
73 static void scsi_free_request(SCSIRequest *req)
75 SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
80 /* Helper function for command completion. */
81 static void scsi_command_complete_noio(SCSIGenericReq *r, int ret)
86 assert(r->req.aiocb == NULL);
88 if (r->req.io_canceled) {
89 scsi_req_cancel_complete(&r->req);
92 status = sg_io_sense_from_errno(-ret, &r->io_header, &sense);
93 if (status == CHECK_CONDITION) {
94 if (r->io_header.driver_status & SG_ERR_DRIVER_SENSE) {
95 r->req.sense_len = r->io_header.sb_len_wr;
97 scsi_req_build_sense(&r->req, sense);
101 DPRINTF("Command complete 0x%p tag=0x%x status=%d\n",
102 r, r->req.tag, status);
104 scsi_req_complete(&r->req, status);
106 scsi_req_unref(&r->req);
109 static void scsi_command_complete(void *opaque, int ret)
111 SCSIGenericReq *r = (SCSIGenericReq *)opaque;
112 SCSIDevice *s = r->req.dev;
114 assert(r->req.aiocb != NULL);
117 aio_context_acquire(blk_get_aio_context(s->conf.blk));
118 scsi_command_complete_noio(r, ret);
119 aio_context_release(blk_get_aio_context(s->conf.blk));
122 static int execute_command(BlockBackend *blk,
123 SCSIGenericReq *r, int direction,
124 BlockCompletionFunc *complete)
126 r->io_header.interface_id = 'S';
127 r->io_header.dxfer_direction = direction;
128 r->io_header.dxferp = r->buf;
129 r->io_header.dxfer_len = r->buflen;
130 r->io_header.cmdp = r->req.cmd.buf;
131 r->io_header.cmd_len = r->req.cmd.len;
132 r->io_header.mx_sb_len = sizeof(r->req.sense);
133 r->io_header.sbp = r->req.sense;
134 r->io_header.timeout = MAX_UINT;
135 r->io_header.usr_ptr = r;
136 r->io_header.flags |= SG_FLAG_DIRECT_IO;
138 r->req.aiocb = blk_aio_ioctl(blk, SG_IO, &r->io_header, complete, r);
139 if (r->req.aiocb == NULL) {
146 static void scsi_read_complete(void * opaque, int ret)
148 SCSIGenericReq *r = (SCSIGenericReq *)opaque;
149 SCSIDevice *s = r->req.dev;
152 assert(r->req.aiocb != NULL);
155 aio_context_acquire(blk_get_aio_context(s->conf.blk));
157 if (ret || r->req.io_canceled) {
158 scsi_command_complete_noio(r, ret);
162 len = r->io_header.dxfer_len - r->io_header.resid;
163 DPRINTF("Data ready tag=0x%x len=%d\n", r->req.tag, len);
167 scsi_command_complete_noio(r, 0);
171 /* Snoop READ CAPACITY output to set the blocksize. */
172 if (r->req.cmd.buf[0] == READ_CAPACITY_10 &&
173 (ldl_be_p(&r->buf[0]) != 0xffffffffU || s->max_lba == 0)) {
174 s->blocksize = ldl_be_p(&r->buf[4]);
175 s->max_lba = ldl_be_p(&r->buf[0]) & 0xffffffffULL;
176 } else if (r->req.cmd.buf[0] == SERVICE_ACTION_IN_16 &&
177 (r->req.cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
178 s->blocksize = ldl_be_p(&r->buf[8]);
179 s->max_lba = ldq_be_p(&r->buf[0]);
181 blk_set_guest_block_size(s->conf.blk, s->blocksize);
183 /* Patch MODE SENSE device specific parameters if the BDS is opened
186 if ((s->type == TYPE_DISK || s->type == TYPE_TAPE) &&
187 blk_is_read_only(s->conf.blk) &&
188 (r->req.cmd.buf[0] == MODE_SENSE ||
189 r->req.cmd.buf[0] == MODE_SENSE_10) &&
190 (r->req.cmd.buf[1] & 0x8) == 0) {
191 if (r->req.cmd.buf[0] == MODE_SENSE) {
197 if (s->type == TYPE_DISK &&
198 r->req.cmd.buf[0] == INQUIRY &&
199 r->req.cmd.buf[2] == 0xb0) {
200 uint32_t max_transfer =
201 blk_get_max_transfer(s->conf.blk) / s->blocksize;
203 assert(max_transfer);
204 stl_be_p(&r->buf[8], max_transfer);
205 /* Also take care of the opt xfer len. */
206 stl_be_p(&r->buf[12],
207 MIN_NON_ZERO(max_transfer, ldl_be_p(&r->buf[12])));
209 scsi_req_data(&r->req, len);
210 scsi_req_unref(&r->req);
213 aio_context_release(blk_get_aio_context(s->conf.blk));
216 /* Read more data from scsi device into buffer. */
217 static void scsi_read_data(SCSIRequest *req)
219 SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
220 SCSIDevice *s = r->req.dev;
223 DPRINTF("scsi_read_data tag=0x%x\n", req->tag);
225 /* The request is used as the AIO opaque value, so add a ref. */
226 scsi_req_ref(&r->req);
228 scsi_command_complete_noio(r, 0);
232 ret = execute_command(s->conf.blk, r, SG_DXFER_FROM_DEV,
235 scsi_command_complete_noio(r, ret);
239 static void scsi_write_complete(void * opaque, int ret)
241 SCSIGenericReq *r = (SCSIGenericReq *)opaque;
242 SCSIDevice *s = r->req.dev;
244 DPRINTF("scsi_write_complete() ret = %d\n", ret);
246 assert(r->req.aiocb != NULL);
249 aio_context_acquire(blk_get_aio_context(s->conf.blk));
251 if (ret || r->req.io_canceled) {
252 scsi_command_complete_noio(r, ret);
256 if (r->req.cmd.buf[0] == MODE_SELECT && r->req.cmd.buf[4] == 12 &&
257 s->type == TYPE_TAPE) {
258 s->blocksize = (r->buf[9] << 16) | (r->buf[10] << 8) | r->buf[11];
259 DPRINTF("block size %d\n", s->blocksize);
262 scsi_command_complete_noio(r, ret);
265 aio_context_release(blk_get_aio_context(s->conf.blk));
268 /* Write data to a scsi device. Returns nonzero on failure.
269 The transfer may complete asynchronously. */
270 static void scsi_write_data(SCSIRequest *req)
272 SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
273 SCSIDevice *s = r->req.dev;
276 DPRINTF("scsi_write_data tag=0x%x\n", req->tag);
279 scsi_req_data(&r->req, r->len);
283 /* The request is used as the AIO opaque value, so add a ref. */
284 scsi_req_ref(&r->req);
285 ret = execute_command(s->conf.blk, r, SG_DXFER_TO_DEV, scsi_write_complete);
287 scsi_command_complete_noio(r, ret);
291 /* Return a pointer to the data buffer. */
292 static uint8_t *scsi_get_buf(SCSIRequest *req)
294 SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
299 /* Execute a scsi command. Returns the length of the data expected by the
300 command. This will be Positive for data transfers from the device
301 (eg. disk reads), negative for transfers to the device (eg. disk writes),
302 and zero if the command does not transfer any data. */
304 static int32_t scsi_send_command(SCSIRequest *req, uint8_t *cmd)
306 SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
307 SCSIDevice *s = r->req.dev;
311 DPRINTF("Command: data=0x%02x", cmd[0]);
314 for (i = 1; i < r->req.cmd.len; i++) {
315 printf(" 0x%02x", cmd[i]);
321 if (r->req.cmd.xfer == 0) {
325 /* The request is used as the AIO opaque value, so add a ref. */
326 scsi_req_ref(&r->req);
327 ret = execute_command(s->conf.blk, r, SG_DXFER_NONE,
328 scsi_command_complete);
330 scsi_command_complete_noio(r, ret);
336 if (r->buflen != r->req.cmd.xfer) {
338 r->buf = g_malloc(r->req.cmd.xfer);
339 r->buflen = r->req.cmd.xfer;
342 memset(r->buf, 0, r->buflen);
343 r->len = r->req.cmd.xfer;
344 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
346 return -r->req.cmd.xfer;
348 return r->req.cmd.xfer;
352 static int read_naa_id(const uint8_t *p, uint64_t *p_wwn)
356 if ((p[1] & 0xF) == 3) {
357 /* NAA designator type */
361 *p_wwn = ldq_be_p(p + 4);
365 if ((p[1] & 0xF) == 8) {
366 /* SCSI name string designator type */
367 if (p[3] < 20 || memcmp(&p[4], "naa.", 4)) {
370 if (p[3] > 20 && p[24] != ',') {
374 for (i = 8; i < 24; i++) {
375 char c = qemu_toupper(p[i]);
376 c -= (c >= '0' && c <= '9' ? '0' : 'A' - 10);
377 *p_wwn = (*p_wwn << 4) | c;
385 void scsi_generic_read_device_identification(SCSIDevice *s)
390 sg_io_hdr_t io_header;
394 memset(cmd, 0, sizeof(cmd));
395 memset(buf, 0, sizeof(buf));
399 cmd[4] = sizeof(buf);
401 memset(&io_header, 0, sizeof(io_header));
402 io_header.interface_id = 'S';
403 io_header.dxfer_direction = SG_DXFER_FROM_DEV;
404 io_header.dxfer_len = sizeof(buf);
405 io_header.dxferp = buf;
406 io_header.cmdp = cmd;
407 io_header.cmd_len = sizeof(cmd);
408 io_header.mx_sb_len = sizeof(sensebuf);
409 io_header.sbp = sensebuf;
410 io_header.timeout = 6000; /* XXX */
412 ret = blk_ioctl(s->conf.blk, SG_IO, &io_header);
413 if (ret < 0 || io_header.driver_status || io_header.host_status) {
417 len = MIN((buf[2] << 8) | buf[3], sizeof(buf) - 4);
418 for (i = 0; i + 3 <= len; ) {
419 const uint8_t *p = &buf[i + 4];
422 if (i + (p[3] + 4) > len) {
426 if ((p[1] & 0x10) == 0) {
427 /* Associated with the logical unit */
428 if (read_naa_id(p, &wwn) == 0) {
431 } else if ((p[1] & 0x10) == 0x10) {
432 /* Associated with the target port */
433 if (read_naa_id(p, &wwn) == 0) {
442 static int get_stream_blocksize(BlockBackend *blk)
447 sg_io_hdr_t io_header;
450 memset(cmd, 0, sizeof(cmd));
451 memset(buf, 0, sizeof(buf));
453 cmd[4] = sizeof(buf);
455 memset(&io_header, 0, sizeof(io_header));
456 io_header.interface_id = 'S';
457 io_header.dxfer_direction = SG_DXFER_FROM_DEV;
458 io_header.dxfer_len = sizeof(buf);
459 io_header.dxferp = buf;
460 io_header.cmdp = cmd;
461 io_header.cmd_len = sizeof(cmd);
462 io_header.mx_sb_len = sizeof(sensebuf);
463 io_header.sbp = sensebuf;
464 io_header.timeout = 6000; /* XXX */
466 ret = blk_ioctl(blk, SG_IO, &io_header);
467 if (ret < 0 || io_header.driver_status || io_header.host_status) {
470 return (buf[9] << 16) | (buf[10] << 8) | buf[11];
473 static void scsi_generic_reset(DeviceState *dev)
475 SCSIDevice *s = SCSI_DEVICE(dev);
477 scsi_device_purge_requests(s, SENSE_CODE(RESET));
480 static void scsi_generic_realize(SCSIDevice *s, Error **errp)
484 struct sg_scsi_id scsiid;
487 error_setg(errp, "drive property not set");
491 if (blk_get_on_error(s->conf.blk, 0) != BLOCKDEV_ON_ERROR_ENOSPC) {
492 error_setg(errp, "Device doesn't support drive option werror");
495 if (blk_get_on_error(s->conf.blk, 1) != BLOCKDEV_ON_ERROR_REPORT) {
496 error_setg(errp, "Device doesn't support drive option rerror");
500 /* check we are using a driver managing SG_IO (version 3 and after */
501 rc = blk_ioctl(s->conf.blk, SG_GET_VERSION_NUM, &sg_version);
503 error_setg(errp, "cannot get SG_IO version number: %s. "
504 "Is this a SCSI device?",
508 if (sg_version < 30000) {
509 error_setg(errp, "scsi generic interface too old");
513 /* get LUN of the /dev/sg? */
514 if (blk_ioctl(s->conf.blk, SG_GET_SCSI_ID, &scsiid)) {
515 error_setg(errp, "SG_GET_SCSI_ID ioctl failed");
518 if (!blkconf_apply_backend_options(&s->conf,
519 blk_is_read_only(s->conf.blk),
524 /* define device state */
525 s->type = scsiid.scsi_type;
526 DPRINTF("device type %d\n", s->type);
530 s->blocksize = get_stream_blocksize(s->conf.blk);
531 if (s->blocksize == -1) {
536 /* Make a guess for block devices, we'll fix it when the guest sends.
537 * READ CAPACITY. If they don't, they likely would assume these sizes
538 * anyway. (TODO: they could also send MODE SENSE).
549 DPRINTF("block size %d\n", s->blocksize);
551 scsi_generic_read_device_identification(s);
554 const SCSIReqOps scsi_generic_req_ops = {
555 .size = sizeof(SCSIGenericReq),
556 .free_req = scsi_free_request,
557 .send_command = scsi_send_command,
558 .read_data = scsi_read_data,
559 .write_data = scsi_write_data,
560 .get_buf = scsi_get_buf,
561 .load_request = scsi_generic_load_request,
562 .save_request = scsi_generic_save_request,
565 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
566 uint8_t *buf, void *hba_private)
568 return scsi_req_alloc(&scsi_generic_req_ops, d, tag, lun, hba_private);
571 static Property scsi_generic_properties[] = {
572 DEFINE_PROP_DRIVE("drive", SCSIDevice, conf.blk),
573 DEFINE_PROP_BOOL("share-rw", SCSIDevice, conf.share_rw, false),
574 DEFINE_PROP_END_OF_LIST(),
577 static int scsi_generic_parse_cdb(SCSIDevice *dev, SCSICommand *cmd,
578 uint8_t *buf, void *hba_private)
580 return scsi_bus_parse_cdb(dev, cmd, buf, hba_private);
583 static void scsi_generic_class_initfn(ObjectClass *klass, void *data)
585 DeviceClass *dc = DEVICE_CLASS(klass);
586 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
588 sc->realize = scsi_generic_realize;
589 sc->alloc_req = scsi_new_request;
590 sc->parse_cdb = scsi_generic_parse_cdb;
591 dc->fw_name = "disk";
592 dc->desc = "pass through generic scsi device (/dev/sg*)";
593 dc->reset = scsi_generic_reset;
594 dc->props = scsi_generic_properties;
595 dc->vmsd = &vmstate_scsi_device;
598 static const TypeInfo scsi_generic_info = {
599 .name = "scsi-generic",
600 .parent = TYPE_SCSI_DEVICE,
601 .instance_size = sizeof(SCSIDevice),
602 .class_init = scsi_generic_class_initfn,
605 static void scsi_generic_register_types(void)
607 type_register_static(&scsi_generic_info);
610 type_init(scsi_generic_register_types)
612 #endif /* __linux__ */
projects / qemu.git / blob