hw/scsi-bus.c

   1 #include "hw.h"
   2 #include "qemu-error.h"
   3 #include "scsi.h"
   4 #include "scsi-defs.h"
   5 #include "qdev.h"
   6
   7 static struct BusInfo scsi_bus_info = {
   8     .name  = "SCSI",
   9     .size  = sizeof(SCSIBus),
  10     .props = (Property[]) {
  11         DEFINE_PROP_UINT32("scsi-id", SCSIDevice, id, -1),
  12         DEFINE_PROP_END_OF_LIST(),
  13     },
  14 };
  15 static int next_scsi_bus;
  16
  17 /* Create a scsi bus, and attach devices to it.  */
  18 void scsi_bus_new(SCSIBus *bus, DeviceState *host, int tcq, int ndev,
  19                   scsi_completionfn complete)
  20 {
  21     qbus_create_inplace(&bus->qbus, &scsi_bus_info, host, NULL);
  22     bus->busnr = next_scsi_bus++;
  23     bus->tcq = tcq;
  24     bus->ndev = ndev;
  25     bus->complete = complete;
  26     bus->qbus.allow_hotplug = 1;
  27 }
  28
  29 static int scsi_qdev_init(DeviceState *qdev, DeviceInfo *base)
  30 {
  31     SCSIDevice *dev = DO_UPCAST(SCSIDevice, qdev, qdev);
  32     SCSIDeviceInfo *info = DO_UPCAST(SCSIDeviceInfo, qdev, base);
  33     SCSIBus *bus = DO_UPCAST(SCSIBus, qbus, dev->qdev.parent_bus);
  34     int rc = -1;
  35
  36     if (dev->id == -1) {
  37         for (dev->id = 0; dev->id < bus->ndev; dev->id++) {
  38             if (bus->devs[dev->id] == NULL)
  39                 break;
  40         }
  41     }
  42     if (dev->id >= bus->ndev) {
  43         error_report("bad scsi device id: %d", dev->id);
  44         goto err;
  45     }
  46
  47     if (bus->devs[dev->id]) {
  48         qdev_free(&bus->devs[dev->id]->qdev);
  49     }
  50     bus->devs[dev->id] = dev;
  51
  52     dev->info = info;
  53     QTAILQ_INIT(&dev->requests);
  54     rc = dev->info->init(dev);
  55     if (rc != 0) {
  56         bus->devs[dev->id] = NULL;
  57     }
  58
  59 err:
  60     return rc;
  61 }
  62
  63 static int scsi_qdev_exit(DeviceState *qdev)
  64 {
  65     SCSIDevice *dev = DO_UPCAST(SCSIDevice, qdev, qdev);
  66     SCSIBus *bus = DO_UPCAST(SCSIBus, qbus, dev->qdev.parent_bus);
  67
  68     assert(bus->devs[dev->id] != NULL);
  69     if (bus->devs[dev->id]->info->destroy) {
  70         bus->devs[dev->id]->info->destroy(bus->devs[dev->id]);
  71     }
  72     bus->devs[dev->id] = NULL;
  73     return 0;
  74 }
  75
  76 void scsi_qdev_register(SCSIDeviceInfo *info)
  77 {
  78     info->qdev.bus_info = &scsi_bus_info;
  79     info->qdev.init     = scsi_qdev_init;
  80     info->qdev.unplug   = qdev_simple_unplug_cb;
  81     info->qdev.exit     = scsi_qdev_exit;
  82     qdev_register(&info->qdev);
  83 }
  84
  85 /* handle legacy '-drive if=scsi,...' cmd line args */
  86 /* FIXME callers should check for failure, but don't */
  87 SCSIDevice *scsi_bus_legacy_add_drive(SCSIBus *bus, DriveInfo *dinfo, int unit)
  88 {
  89     const char *driver;
  90     DeviceState *dev;
  91
  92     driver = bdrv_is_sg(dinfo->bdrv) ? "scsi-generic" : "scsi-disk";
  93     dev = qdev_create(&bus->qbus, driver);
  94     qdev_prop_set_uint32(dev, "scsi-id", unit);
  95     qdev_prop_set_drive(dev, "drive", dinfo);
  96     if (qdev_init(dev) < 0)
  97         return NULL;
  98     return DO_UPCAST(SCSIDevice, qdev, dev);
  99 }
 100
 101 void scsi_bus_legacy_handle_cmdline(SCSIBus *bus)
 102 {
 103     DriveInfo *dinfo;
 104     int unit;
 105
 106     for (unit = 0; unit < MAX_SCSI_DEVS; unit++) {
 107         dinfo = drive_get(IF_SCSI, bus->busnr, unit);
 108         if (dinfo == NULL) {
 109             continue;
 110         }
 111         scsi_bus_legacy_add_drive(bus, dinfo, unit);
 112     }
 113 }
 114
 115 void scsi_dev_clear_sense(SCSIDevice *dev)
 116 {
 117     memset(&dev->sense, 0, sizeof(dev->sense));
 118 }
 119
 120 void scsi_dev_set_sense(SCSIDevice *dev, uint8_t key)
 121 {
 122     dev->sense.key = key;
 123 }
 124
 125 SCSIRequest *scsi_req_alloc(size_t size, SCSIDevice *d, uint32_t tag, uint32_t lun)
 126 {
 127     SCSIRequest *req;
 128
 129     req = qemu_mallocz(size);
 130     req->bus = scsi_bus_from_device(d);
 131     req->dev = d;
 132     req->tag = tag;
 133     req->lun = lun;
 134     req->status = -1;
 135     QTAILQ_INSERT_TAIL(&d->requests, req, next);
 136     return req;
 137 }
 138
 139 SCSIRequest *scsi_req_find(SCSIDevice *d, uint32_t tag)
 140 {
 141     SCSIRequest *req;
 142
 143     QTAILQ_FOREACH(req, &d->requests, next) {
 144         if (req->tag == tag) {
 145             return req;
 146         }
 147     }
 148     return NULL;
 149 }
 150
 151 void scsi_req_free(SCSIRequest *req)
 152 {
 153     QTAILQ_REMOVE(&req->dev->requests, req, next);
 154     qemu_free(req);
 155 }
 156
 157 static int scsi_req_length(SCSIRequest *req, uint8_t *cmd)
 158 {
 159     switch (cmd[0] >> 5) {
 160     case 0:
 161         req->cmd.xfer = cmd[4];
 162         req->cmd.len = 6;
 163         /* length 0 means 256 blocks */
 164         if (req->cmd.xfer == 0)
 165             req->cmd.xfer = 256;
 166         break;
 167     case 1:
 168     case 2:
 169         req->cmd.xfer = cmd[8] | (cmd[7] << 8);
 170         req->cmd.len = 10;
 171         break;
 172     case 4:
 173         req->cmd.xfer = cmd[13] | (cmd[12] << 8) | (cmd[11] << 16) | (cmd[10] << 24);
 174         req->cmd.len = 16;
 175         break;
 176     case 5:
 177         req->cmd.xfer = cmd[9] | (cmd[8] << 8) | (cmd[7] << 16) | (cmd[6] << 24);
 178         req->cmd.len = 12;
 179         break;
 180     default:
 181         return -1;
 182     }
 183
 184     switch(cmd[0]) {
 185     case TEST_UNIT_READY:
 186     case REZERO_UNIT:
 187     case START_STOP:
 188     case SEEK_6:
 189     case WRITE_FILEMARKS:
 190     case SPACE:
 191     case ERASE:
 192     case ALLOW_MEDIUM_REMOVAL:
 193     case VERIFY:
 194     case SEEK_10:
 195     case SYNCHRONIZE_CACHE:
 196     case LOCK_UNLOCK_CACHE:
 197     case LOAD_UNLOAD:
 198     case SET_CD_SPEED:
 199     case SET_LIMITS:
 200     case WRITE_LONG:
 201     case MOVE_MEDIUM:
 202     case UPDATE_BLOCK:
 203         req->cmd.xfer = 0;
 204         break;
 205     case MODE_SENSE:
 206         break;
 207     case WRITE_SAME:
 208         req->cmd.xfer = 1;
 209         break;
 210     case READ_CAPACITY:
 211         req->cmd.xfer = 8;
 212         break;
 213     case READ_BLOCK_LIMITS:
 214         req->cmd.xfer = 6;
 215         break;
 216     case READ_POSITION:
 217         req->cmd.xfer = 20;
 218         break;
 219     case SEND_VOLUME_TAG:
 220         req->cmd.xfer *= 40;
 221         break;
 222     case MEDIUM_SCAN:
 223         req->cmd.xfer *= 8;
 224         break;
 225     case WRITE_10:
 226     case WRITE_VERIFY:
 227     case WRITE_6:
 228     case WRITE_12:
 229     case WRITE_VERIFY_12:
 230     case WRITE_16:
 231     case WRITE_VERIFY_16:
 232         req->cmd.xfer *= req->dev->blocksize;
 233         break;
 234     case READ_10:
 235     case READ_6:
 236     case READ_REVERSE:
 237     case RECOVER_BUFFERED_DATA:
 238     case READ_12:
 239     case READ_16:
 240         req->cmd.xfer *= req->dev->blocksize;
 241         break;
 242     case INQUIRY:
 243         req->cmd.xfer = cmd[4] | (cmd[3] << 8);
 244         break;
 245     }
 246     return 0;
 247 }
 248
 249 static int scsi_req_stream_length(SCSIRequest *req, uint8_t *cmd)
 250 {
 251     switch(cmd[0]) {
 252     /* stream commands */
 253     case READ_6:
 254     case READ_REVERSE:
 255     case RECOVER_BUFFERED_DATA:
 256     case WRITE_6:
 257         req->cmd.len = 6;
 258         req->cmd.xfer = cmd[4] | (cmd[3] << 8) | (cmd[2] << 16);
 259         if (cmd[1] & 0x01) /* fixed */
 260             req->cmd.xfer *= req->dev->blocksize;
 261         break;
 262     case REWIND:
 263     case START_STOP:
 264         req->cmd.len = 6;
 265         req->cmd.xfer = 0;
 266         break;
 267     /* generic commands */
 268     default:
 269         return scsi_req_length(req, cmd);
 270     }
 271     return 0;
 272 }
 273
 274 static void scsi_req_xfer_mode(SCSIRequest *req)
 275 {
 276     switch (req->cmd.buf[0]) {
 277     case WRITE_6:
 278     case WRITE_10:
 279     case WRITE_VERIFY:
 280     case WRITE_12:
 281     case WRITE_VERIFY_12:
 282     case WRITE_16:
 283     case WRITE_VERIFY_16:
 284     case COPY:
 285     case COPY_VERIFY:
 286     case COMPARE:
 287     case CHANGE_DEFINITION:
 288     case LOG_SELECT:
 289     case MODE_SELECT:
 290     case MODE_SELECT_10:
 291     case SEND_DIAGNOSTIC:
 292     case WRITE_BUFFER:
 293     case FORMAT_UNIT:
 294     case REASSIGN_BLOCKS:
 295     case RESERVE:
 296     case SEARCH_EQUAL:
 297     case SEARCH_HIGH:
 298     case SEARCH_LOW:
 299     case UPDATE_BLOCK:
 300     case WRITE_LONG:
 301     case WRITE_SAME:
 302     case SEARCH_HIGH_12:
 303     case SEARCH_EQUAL_12:
 304     case SEARCH_LOW_12:
 305     case SET_WINDOW:
 306     case MEDIUM_SCAN:
 307     case SEND_VOLUME_TAG:
 308     case WRITE_LONG_2:
 309         req->cmd.mode = SCSI_XFER_TO_DEV;
 310         break;
 311     default:
 312         if (req->cmd.xfer)
 313             req->cmd.mode = SCSI_XFER_FROM_DEV;
 314         else {
 315             req->cmd.mode = SCSI_XFER_NONE;
 316         }
 317         break;
 318     }
 319 }
 320
 321 static uint64_t scsi_req_lba(SCSIRequest *req)
 322 {
 323     uint8_t *buf = req->cmd.buf;
 324     uint64_t lba;
 325
 326     switch (buf[0] >> 5) {
 327     case 0:
 328         lba = (uint64_t) buf[3] | ((uint64_t) buf[2] << 8) |
 329               (((uint64_t) buf[1] & 0x1f) << 16);
 330         break;
 331     case 1:
 332     case 2:
 333         lba = (uint64_t) buf[5] | ((uint64_t) buf[4] << 8) |
 334               ((uint64_t) buf[3] << 16) | ((uint64_t) buf[2] << 24);
 335         break;
 336     case 4:
 337         lba = (uint64_t) buf[9] | ((uint64_t) buf[8] << 8) |
 338               ((uint64_t) buf[7] << 16) | ((uint64_t) buf[6] << 24) |
 339               ((uint64_t) buf[5] << 32) | ((uint64_t) buf[4] << 40) |
 340               ((uint64_t) buf[3] << 48) | ((uint64_t) buf[2] << 56);
 341         break;
 342     case 5:
 343         lba = (uint64_t) buf[5] | ((uint64_t) buf[4] << 8) |
 344               ((uint64_t) buf[3] << 16) | ((uint64_t) buf[2] << 24);
 345         break;
 346     default:
 347         lba = -1;
 348
 349     }
 350     return lba;
 351 }
 352
 353 int scsi_req_parse(SCSIRequest *req, uint8_t *buf)
 354 {
 355     int rc;
 356
 357     if (req->dev->type == TYPE_TAPE) {
 358         rc = scsi_req_stream_length(req, buf);
 359     } else {
 360         rc = scsi_req_length(req, buf);
 361     }
 362     if (rc != 0)
 363         return rc;
 364
 365     memcpy(req->cmd.buf, buf, req->cmd.len);
 366     scsi_req_xfer_mode(req);
 367     req->cmd.lba = scsi_req_lba(req);
 368     return 0;
 369 }
 370
 371 static const char *scsi_command_name(uint8_t cmd)
 372 {
 373     static const char *names[] = {
 374         [ TEST_UNIT_READY          ] = "TEST_UNIT_READY",
 375         [ REZERO_UNIT              ] = "REZERO_UNIT",
 376         /* REWIND and REZERO_UNIT use the same operation code */
 377         [ REQUEST_SENSE            ] = "REQUEST_SENSE",
 378         [ FORMAT_UNIT              ] = "FORMAT_UNIT",
 379         [ READ_BLOCK_LIMITS        ] = "READ_BLOCK_LIMITS",
 380         [ REASSIGN_BLOCKS          ] = "REASSIGN_BLOCKS",
 381         [ READ_6                   ] = "READ_6",
 382         [ WRITE_6                  ] = "WRITE_6",
 383         [ SEEK_6                   ] = "SEEK_6",
 384         [ READ_REVERSE             ] = "READ_REVERSE",
 385         [ WRITE_FILEMARKS          ] = "WRITE_FILEMARKS",
 386         [ SPACE                    ] = "SPACE",
 387         [ INQUIRY                  ] = "INQUIRY",
 388         [ RECOVER_BUFFERED_DATA    ] = "RECOVER_BUFFERED_DATA",
 389         [ MODE_SELECT              ] = "MODE_SELECT",
 390         [ RESERVE                  ] = "RESERVE",
 391         [ RELEASE                  ] = "RELEASE",
 392         [ COPY                     ] = "COPY",
 393         [ ERASE                    ] = "ERASE",
 394         [ MODE_SENSE               ] = "MODE_SENSE",
 395         [ START_STOP               ] = "START_STOP",
 396         [ RECEIVE_DIAGNOSTIC       ] = "RECEIVE_DIAGNOSTIC",
 397         [ SEND_DIAGNOSTIC          ] = "SEND_DIAGNOSTIC",
 398         [ ALLOW_MEDIUM_REMOVAL     ] = "ALLOW_MEDIUM_REMOVAL",
 399
 400         [ SET_WINDOW               ] = "SET_WINDOW",
 401         [ READ_CAPACITY            ] = "READ_CAPACITY",
 402         [ READ_10                  ] = "READ_10",
 403         [ WRITE_10                 ] = "WRITE_10",
 404         [ SEEK_10                  ] = "SEEK_10",
 405         [ WRITE_VERIFY             ] = "WRITE_VERIFY",
 406         [ VERIFY                   ] = "VERIFY",
 407         [ SEARCH_HIGH              ] = "SEARCH_HIGH",
 408         [ SEARCH_EQUAL             ] = "SEARCH_EQUAL",
 409         [ SEARCH_LOW               ] = "SEARCH_LOW",
 410         [ SET_LIMITS               ] = "SET_LIMITS",
 411         [ PRE_FETCH                ] = "PRE_FETCH",
 412         /* READ_POSITION and PRE_FETCH use the same operation code */
 413         [ SYNCHRONIZE_CACHE        ] = "SYNCHRONIZE_CACHE",
 414         [ LOCK_UNLOCK_CACHE        ] = "LOCK_UNLOCK_CACHE",
 415         [ READ_DEFECT_DATA         ] = "READ_DEFECT_DATA",
 416         [ MEDIUM_SCAN              ] = "MEDIUM_SCAN",
 417         [ COMPARE                  ] = "COMPARE",
 418         [ COPY_VERIFY              ] = "COPY_VERIFY",
 419         [ WRITE_BUFFER             ] = "WRITE_BUFFER",
 420         [ READ_BUFFER              ] = "READ_BUFFER",
 421         [ UPDATE_BLOCK             ] = "UPDATE_BLOCK",
 422         [ READ_LONG                ] = "READ_LONG",
 423         [ WRITE_LONG               ] = "WRITE_LONG",
 424         [ CHANGE_DEFINITION        ] = "CHANGE_DEFINITION",
 425         [ WRITE_SAME               ] = "WRITE_SAME",
 426         [ READ_TOC                 ] = "READ_TOC",
 427         [ LOG_SELECT               ] = "LOG_SELECT",
 428         [ LOG_SENSE                ] = "LOG_SENSE",
 429         [ MODE_SELECT_10           ] = "MODE_SELECT_10",
 430         [ RESERVE_10               ] = "RESERVE_10",
 431         [ RELEASE_10               ] = "RELEASE_10",
 432         [ MODE_SENSE_10            ] = "MODE_SENSE_10",
 433         [ PERSISTENT_RESERVE_IN    ] = "PERSISTENT_RESERVE_IN",
 434         [ PERSISTENT_RESERVE_OUT   ] = "PERSISTENT_RESERVE_OUT",
 435         [ MOVE_MEDIUM              ] = "MOVE_MEDIUM",
 436         [ READ_12                  ] = "READ_12",
 437         [ WRITE_12                 ] = "WRITE_12",
 438         [ WRITE_VERIFY_12          ] = "WRITE_VERIFY_12",
 439         [ SEARCH_HIGH_12           ] = "SEARCH_HIGH_12",
 440         [ SEARCH_EQUAL_12          ] = "SEARCH_EQUAL_12",
 441         [ SEARCH_LOW_12            ] = "SEARCH_LOW_12",
 442         [ READ_ELEMENT_STATUS      ] = "READ_ELEMENT_STATUS",
 443         [ SEND_VOLUME_TAG          ] = "SEND_VOLUME_TAG",
 444         [ WRITE_LONG_2             ] = "WRITE_LONG_2",
 445
 446         [ REPORT_DENSITY_SUPPORT   ] = "REPORT_DENSITY_SUPPORT",
 447         [ GET_CONFIGURATION        ] = "GET_CONFIGURATION",
 448         [ READ_16                  ] = "READ_16",
 449         [ WRITE_16                 ] = "WRITE_16",
 450         [ WRITE_VERIFY_16          ] = "WRITE_VERIFY_16",
 451         [ SERVICE_ACTION_IN        ] = "SERVICE_ACTION_IN",
 452         [ REPORT_LUNS              ] = "REPORT_LUNS",
 453         [ LOAD_UNLOAD              ] = "LOAD_UNLOAD",
 454         [ SET_CD_SPEED             ] = "SET_CD_SPEED",
 455         [ BLANK                    ] = "BLANK",
 456     };
 457
 458     if (cmd >= ARRAY_SIZE(names) || names[cmd] == NULL)
 459         return "*UNKNOWN*";
 460     return names[cmd];
 461 }
 462
 463 void scsi_req_print(SCSIRequest *req)
 464 {
 465     FILE *fp = stderr;
 466     int i;
 467
 468     fprintf(fp, "[%s id=%d] %s",
 469             req->dev->qdev.parent_bus->name,
 470             req->dev->id,
 471             scsi_command_name(req->cmd.buf[0]));
 472     for (i = 1; i < req->cmd.len; i++) {
 473         fprintf(fp, " 0x%02x", req->cmd.buf[i]);
 474     }
 475     switch (req->cmd.mode) {
 476     case SCSI_XFER_NONE:
 477         fprintf(fp, " - none\n");
 478         break;
 479     case SCSI_XFER_FROM_DEV:
 480         fprintf(fp, " - from-dev len=%zd\n", req->cmd.xfer);
 481         break;
 482     case SCSI_XFER_TO_DEV:
 483         fprintf(fp, " - to-dev len=%zd\n", req->cmd.xfer);
 484         break;
 485     default:
 486         fprintf(fp, " - Oops\n");
 487         break;
 488     }
 489 }
 490
 491 void scsi_req_complete(SCSIRequest *req)
 492 {
 493     assert(req->status != -1);
 494     req->bus->complete(req->bus, SCSI_REASON_DONE,
 495                        req->tag,
 496                        req->status);
 497 }