*/
#include "qemu-common.h"
+#include "qemu-error.h"
#include "block.h"
#include "scsi.h"
#include <sys/stat.h>
#include <unistd.h>
#include <scsi/sg.h>
-#include <scsi/scsi.h>
+#include "scsi-defs.h"
-#define REWIND 0x01
-#define REPORT_DENSITY_SUPPORT 0x44
-#define LOAD_UNLOAD 0xa6
-#define SET_CD_SPEED 0xbb
-#define BLANK 0xa1
-
-#define SCSI_CMD_BUF_SIZE 16
#define SCSI_SENSE_BUF_SIZE 96
#define SG_ERR_DRIVER_TIMEOUT 0x06
typedef struct SCSIGenericState SCSIGenericState;
-typedef struct SCSIRequest {
- BlockDriverAIOCB *aiocb;
- struct SCSIRequest *next;
- SCSIBus *bus;
- SCSIGenericState *dev;
- uint32_t tag;
- uint8_t cmd[SCSI_CMD_BUF_SIZE];
- int cmdlen;
+typedef struct SCSIGenericReq {
+ SCSIRequest req;
uint8_t *buf;
int buflen;
int len;
sg_io_hdr_t io_header;
-} SCSIRequest;
+} SCSIGenericReq;
struct SCSIGenericState
{
SCSIDevice qdev;
- SCSIRequest *requests;
- DriveInfo *dinfo;
- int type;
- int blocksize;
+ BlockDriverState *bs;
int lun;
int driver_status;
uint8_t sensebuf[SCSI_SENSE_BUF_SIZE];
uint8_t senselen;
};
-/* Global pool of SCSIRequest structures. */
-static SCSIRequest *free_requests = NULL;
-
-static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag)
+static SCSIGenericReq *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun)
{
- SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, d);
- SCSIRequest *r;
+ SCSIRequest *req;
- if (free_requests) {
- r = free_requests;
- free_requests = r->next;
- } else {
- r = qemu_malloc(sizeof(SCSIRequest));
- r->buf = NULL;
- r->buflen = 0;
- }
- r->bus = scsi_bus_from_device(d);
- r->dev = s;
- r->tag = tag;
- memset(r->cmd, 0, sizeof(r->cmd));
- memset(&r->io_header, 0, sizeof(r->io_header));
- r->cmdlen = 0;
- r->len = 0;
- r->aiocb = NULL;
-
- /* link */
-
- r->next = s->requests;
- s->requests = r;
- return r;
+ req = scsi_req_alloc(sizeof(SCSIGenericReq), d, tag, lun);
+ return DO_UPCAST(SCSIGenericReq, req, req);
}
-static void scsi_remove_request(SCSIRequest *r)
+static void scsi_remove_request(SCSIGenericReq *r)
{
- SCSIRequest *last;
- SCSIGenericState *s = r->dev;
-
- if (s->requests == r) {
- s->requests = r->next;
- } else {
- last = s->requests;
- while (last && last->next != r)
- last = last->next;
- if (last) {
- last->next = r->next;
- } else {
- BADF("Orphaned request\n");
- }
- }
- r->next = free_requests;
- free_requests = r;
+ qemu_free(r->buf);
+ scsi_req_free(&r->req);
}
-static SCSIRequest *scsi_find_request(SCSIGenericState *s, uint32_t tag)
+static SCSIGenericReq *scsi_find_request(SCSIGenericState *s, uint32_t tag)
{
- SCSIRequest *r;
-
- r = s->requests;
- while (r && r->tag != tag)
- r = r->next;
-
- return r;
+ return DO_UPCAST(SCSIGenericReq, req, scsi_req_find(&s->qdev, tag));
}
/* Helper function for command completion. */
static void scsi_command_complete(void *opaque, int ret)
{
- SCSIRequest *r = (SCSIRequest *)opaque;
- SCSIGenericState *s = r->dev;
- uint32_t tag;
- int status;
+ SCSIGenericReq *r = (SCSIGenericReq *)opaque;
+ SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, r->req.dev);
s->driver_status = r->io_header.driver_status;
if (s->driver_status & SG_ERR_DRIVER_SENSE)
s->senselen = r->io_header.sb_len_wr;
if (ret != 0)
- status = BUSY << 1;
+ r->req.status = BUSY << 1;
else {
if (s->driver_status & SG_ERR_DRIVER_TIMEOUT) {
- status = BUSY << 1;
+ r->req.status = BUSY << 1;
BADF("Driver Timeout\n");
} else if (r->io_header.status)
- status = r->io_header.status;
+ r->req.status = r->io_header.status;
else if (s->driver_status & SG_ERR_DRIVER_SENSE)
- status = CHECK_CONDITION << 1;
+ r->req.status = CHECK_CONDITION << 1;
else
- status = GOOD << 1;
+ r->req.status = GOOD << 1;
}
DPRINTF("Command complete 0x%p tag=0x%x status=%d\n",
- r, r->tag, status);
- tag = r->tag;
+ r, r->req.tag, r->req.status);
+
+ scsi_req_complete(&r->req);
scsi_remove_request(r);
- r->bus->complete(r->bus, SCSI_REASON_DONE, tag, status);
}
/* Cancel a pending data transfer. */
{
DPRINTF("scsi_cancel_io 0x%x\n", tag);
SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, d);
- SCSIRequest *r;
+ SCSIGenericReq *r;
DPRINTF("Cancel tag=0x%x\n", tag);
r = scsi_find_request(s, tag);
if (r) {
- if (r->aiocb)
- bdrv_aio_cancel(r->aiocb);
- r->aiocb = NULL;
+ if (r->req.aiocb)
+ bdrv_aio_cancel(r->req.aiocb);
+ r->req.aiocb = NULL;
scsi_remove_request(r);
}
}
static int execute_command(BlockDriverState *bdrv,
- SCSIRequest *r, int direction,
+ SCSIGenericReq *r, int direction,
BlockDriverCompletionFunc *complete)
{
+ SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, r->req.dev);
+
r->io_header.interface_id = 'S';
r->io_header.dxfer_direction = direction;
r->io_header.dxferp = r->buf;
r->io_header.dxfer_len = r->buflen;
- r->io_header.cmdp = r->cmd;
- r->io_header.cmd_len = r->cmdlen;
- r->io_header.mx_sb_len = sizeof(r->dev->sensebuf);
- r->io_header.sbp = r->dev->sensebuf;
+ r->io_header.cmdp = r->req.cmd.buf;
+ r->io_header.cmd_len = r->req.cmd.len;
+ r->io_header.mx_sb_len = sizeof(s->sensebuf);
+ r->io_header.sbp = s->sensebuf;
r->io_header.timeout = MAX_UINT;
r->io_header.usr_ptr = r;
r->io_header.flags |= SG_FLAG_DIRECT_IO;
- r->aiocb = bdrv_aio_ioctl(bdrv, SG_IO, &r->io_header, complete, r);
- if (r->aiocb == NULL) {
+ r->req.aiocb = bdrv_aio_ioctl(bdrv, SG_IO, &r->io_header, complete, r);
+ if (r->req.aiocb == NULL) {
BADF("execute_command: read failed !\n");
return -1;
}
static void scsi_read_complete(void * opaque, int ret)
{
- SCSIRequest *r = (SCSIRequest *)opaque;
+ SCSIGenericReq *r = (SCSIGenericReq *)opaque;
int len;
if (ret) {
return;
}
len = r->io_header.dxfer_len - r->io_header.resid;
- DPRINTF("Data ready tag=0x%x len=%d\n", r->tag, len);
+ DPRINTF("Data ready tag=0x%x len=%d\n", r->req.tag, len);
r->len = -1;
- r->bus->complete(r->bus, SCSI_REASON_DATA, r->tag, len);
+ r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, len);
if (len == 0)
scsi_command_complete(r, 0);
}
static void scsi_read_data(SCSIDevice *d, uint32_t tag)
{
SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, d);
- SCSIRequest *r;
+ SCSIGenericReq *r;
int ret;
DPRINTF("scsi_read_data 0x%x\n", tag);
return;
}
- if (r->cmd[0] == REQUEST_SENSE && s->driver_status & SG_ERR_DRIVER_SENSE)
+ if (r->req.cmd.buf[0] == REQUEST_SENSE && s->driver_status & SG_ERR_DRIVER_SENSE)
{
s->senselen = MIN(r->len, s->senselen);
memcpy(r->buf, s->sensebuf, s->senselen);
r->io_header.status = 0;
r->io_header.dxfer_len = s->senselen;
r->len = -1;
- DPRINTF("Data ready tag=0x%x len=%d\n", r->tag, s->senselen);
+ DPRINTF("Data ready tag=0x%x len=%d\n", r->req.tag, s->senselen);
DPRINTF("Sense: %d %d %d %d %d %d %d %d\n",
r->buf[0], r->buf[1], r->buf[2], r->buf[3],
r->buf[4], r->buf[5], r->buf[6], r->buf[7]);
- r->bus->complete(r->bus, SCSI_REASON_DATA, r->tag, s->senselen);
+ r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, s->senselen);
return;
}
- ret = execute_command(s->dinfo->bdrv, r, SG_DXFER_FROM_DEV, scsi_read_complete);
+ ret = execute_command(s->bs, r, SG_DXFER_FROM_DEV, scsi_read_complete);
if (ret == -1) {
scsi_command_complete(r, -EINVAL);
return;
static void scsi_write_complete(void * opaque, int ret)
{
- SCSIRequest *r = (SCSIRequest *)opaque;
+ SCSIGenericReq *r = (SCSIGenericReq *)opaque;
+ SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, r->req.dev);
DPRINTF("scsi_write_complete() ret = %d\n", ret);
if (ret) {
return;
}
- if (r->cmd[0] == MODE_SELECT && r->cmd[4] == 12 &&
- r->dev->type == TYPE_TAPE) {
- r->dev->blocksize = (r->buf[9] << 16) | (r->buf[10] << 8) | r->buf[11];
- DPRINTF("block size %d\n", r->dev->blocksize);
+ if (r->req.cmd.buf[0] == MODE_SELECT && r->req.cmd.buf[4] == 12 &&
+ s->qdev.type == TYPE_TAPE) {
+ s->qdev.blocksize = (r->buf[9] << 16) | (r->buf[10] << 8) | r->buf[11];
+ DPRINTF("block size %d\n", s->blocksize);
}
scsi_command_complete(r, ret);
static int scsi_write_data(SCSIDevice *d, uint32_t tag)
{
SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, d);
- SCSIRequest *r;
+ SCSIGenericReq *r;
int ret;
DPRINTF("scsi_write_data 0x%x\n", tag);
if (r->len == 0) {
r->len = r->buflen;
- r->bus->complete(r->bus, SCSI_REASON_DATA, r->tag, r->len);
+ r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, r->len);
return 0;
}
- ret = execute_command(s->dinfo->bdrv, r, SG_DXFER_TO_DEV, scsi_write_complete);
+ ret = execute_command(s->bs, r, SG_DXFER_TO_DEV, scsi_write_complete);
if (ret == -1) {
scsi_command_complete(r, -EINVAL);
return 1;
static uint8_t *scsi_get_buf(SCSIDevice *d, uint32_t tag)
{
SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, d);
- SCSIRequest *r;
+ SCSIGenericReq *r;
r = scsi_find_request(s, tag);
if (!r) {
BADF("Bad buffer tag 0x%x\n", tag);
return r->buf;
}
-static int scsi_length(uint8_t *cmd, int blocksize, int *cmdlen, uint32_t *len)
+static void scsi_req_fixup(SCSIRequest *req)
{
- switch (cmd[0] >> 5) {
- case 0:
- *len = cmd[4];
- *cmdlen = 6;
- /* length 0 means 256 blocks */
- if (*len == 0)
- *len = 256;
- break;
- case 1:
- case 2:
- *len = cmd[8] | (cmd[7] << 8);
- *cmdlen = 10;
- break;
- case 4:
- *len = cmd[13] | (cmd[12] << 8) | (cmd[11] << 16) | (cmd[10] << 24);
- *cmdlen = 16;
- break;
- case 5:
- *len = cmd[9] | (cmd[8] << 8) | (cmd[7] << 16) | (cmd[6] << 24);
- *cmdlen = 12;
- break;
- default:
- return -1;
- }
-
- switch(cmd[0]) {
- case TEST_UNIT_READY:
- case REZERO_UNIT:
- case START_STOP:
- case SEEK_6:
- case WRITE_FILEMARKS:
- case SPACE:
- case ERASE:
- case ALLOW_MEDIUM_REMOVAL:
- case VERIFY:
- case SEEK_10:
- case SYNCHRONIZE_CACHE:
- case LOCK_UNLOCK_CACHE:
- case LOAD_UNLOAD:
- case SET_CD_SPEED:
- case SET_LIMITS:
- case WRITE_LONG:
- case MOVE_MEDIUM:
- case UPDATE_BLOCK:
- *len = 0;
- break;
- case MODE_SENSE:
- break;
- case WRITE_SAME:
- *len = 1;
- break;
- case READ_CAPACITY:
- *len = 8;
- break;
- case READ_BLOCK_LIMITS:
- *len = 6;
- break;
- case READ_POSITION:
- *len = 20;
- break;
- case SEND_VOLUME_TAG:
- *len *= 40;
- break;
- case MEDIUM_SCAN:
- *len *= 8;
- break;
+ switch(req->cmd.buf[0]) {
case WRITE_10:
- cmd[1] &= ~0x08; /* disable FUA */
- case WRITE_VERIFY:
- case WRITE_6:
- case WRITE_12:
- case WRITE_VERIFY_12:
- *len *= blocksize;
+ req->cmd.buf[1] &= ~0x08; /* disable FUA */
break;
case READ_10:
- cmd[1] &= ~0x08; /* disable FUA */
- case READ_6:
- case READ_REVERSE:
- case RECOVER_BUFFERED_DATA:
- case READ_12:
- *len *= blocksize;
- break;
- case INQUIRY:
- *len = cmd[4] | (cmd[3] << 8);
- break;
- }
- return 0;
-}
-
-static int scsi_stream_length(uint8_t *cmd, int blocksize, int *cmdlen, uint32_t *len)
-{
- switch(cmd[0]) {
- /* stream commands */
- case READ_6:
- case READ_REVERSE:
- case RECOVER_BUFFERED_DATA:
- case WRITE_6:
- *cmdlen = 6;
- *len = cmd[4] | (cmd[3] << 8) | (cmd[2] << 16);
- if (cmd[1] & 0x01) /* fixed */
- *len *= blocksize;
+ req->cmd.buf[1] &= ~0x08; /* disable FUA */
break;
case REWIND:
case START_STOP:
- *cmdlen = 6;
- *len = 0;
- cmd[1] = 0x01; /* force IMMED, otherwise qemu waits end of command */
+ if (req->dev->type == TYPE_TAPE) {
+ /* force IMMED, otherwise qemu waits end of command */
+ req->cmd.buf[1] = 0x01;
+ }
break;
- /* generic commands */
- default:
- return scsi_length(cmd, blocksize, cmdlen, len);
- }
- return 0;
-}
-
-static int is_write(int command)
-{
- switch (command) {
- case COPY:
- case COPY_VERIFY:
- case COMPARE:
- case CHANGE_DEFINITION:
- case LOG_SELECT:
- case MODE_SELECT:
- case MODE_SELECT_10:
- case SEND_DIAGNOSTIC:
- case WRITE_BUFFER:
- case FORMAT_UNIT:
- case REASSIGN_BLOCKS:
- case RESERVE:
- case SEARCH_EQUAL:
- case SEARCH_HIGH:
- case SEARCH_LOW:
- case WRITE_6:
- case WRITE_10:
- case WRITE_VERIFY:
- case UPDATE_BLOCK:
- case WRITE_LONG:
- case WRITE_SAME:
- case SEARCH_HIGH_12:
- case SEARCH_EQUAL_12:
- case SEARCH_LOW_12:
- case WRITE_12:
- case WRITE_VERIFY_12:
- case SET_WINDOW:
- case MEDIUM_SCAN:
- case SEND_VOLUME_TAG:
- case WRITE_LONG_2:
- return 1;
}
- return 0;
}
/* Execute a scsi command. Returns the length of the data expected by the
uint8_t *cmd, int lun)
{
SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, d);
- uint32_t len=0;
- int cmdlen=0;
- SCSIRequest *r;
+ SCSIGenericReq *r;
SCSIBus *bus;
int ret;
- if (s->type == TYPE_TAPE) {
- if (scsi_stream_length(cmd, s->blocksize, &cmdlen, &len) == -1) {
- BADF("Unsupported command length, command %x\n", cmd[0]);
- return 0;
- }
- } else {
- if (scsi_length(cmd, s->blocksize, &cmdlen, &len) == -1) {
- BADF("Unsupported command length, command %x\n", cmd[0]);
- return 0;
- }
- }
-
- DPRINTF("Command: lun=%d tag=0x%x data=0x%02x len %d\n", lun, tag,
- cmd[0], len);
-
if (cmd[0] != REQUEST_SENSE &&
(lun != s->lun || (cmd[1] >> 5) != s->lun)) {
DPRINTF("Unimplemented LUN %d\n", lun ? lun : cmd[1] >> 5);
BADF("Tag 0x%x already in use %p\n", tag, r);
scsi_cancel_io(d, tag);
}
- r = scsi_new_request(d, tag);
+ r = scsi_new_request(d, tag, lun);
+
+ if (-1 == scsi_req_parse(&r->req, cmd)) {
+ BADF("Unsupported command length, command %x\n", cmd[0]);
+ scsi_remove_request(r);
+ return 0;
+ }
+ scsi_req_fixup(&r->req);
- memcpy(r->cmd, cmd, cmdlen);
- r->cmdlen = cmdlen;
+ DPRINTF("Command: lun=%d tag=0x%x data=0x%02x len %d\n", lun, tag,
+ cmd[0], r->req.cmd.xfer);
- if (len == 0) {
+ if (r->req.cmd.xfer == 0) {
if (r->buf != NULL)
qemu_free(r->buf);
r->buflen = 0;
r->buf = NULL;
- ret = execute_command(s->dinfo->bdrv, r, SG_DXFER_NONE, scsi_command_complete);
+ ret = execute_command(s->bs, r, SG_DXFER_NONE, scsi_command_complete);
if (ret == -1) {
scsi_command_complete(r, -EINVAL);
return 0;
return 0;
}
- if (r->buflen != len) {
+ if (r->buflen != r->req.cmd.xfer) {
if (r->buf != NULL)
qemu_free(r->buf);
- r->buf = qemu_malloc(len);
- r->buflen = len;
+ r->buf = qemu_malloc(r->req.cmd.xfer);
+ r->buflen = r->req.cmd.xfer;
}
memset(r->buf, 0, r->buflen);
- r->len = len;
- if (is_write(cmd[0])) {
+ r->len = r->req.cmd.xfer;
+ if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
r->len = 0;
- return -len;
+ return -r->req.cmd.xfer;
}
- return len;
+ return r->req.cmd.xfer;
}
static int get_blocksize(BlockDriverState *bdrv)
static void scsi_destroy(SCSIDevice *d)
{
SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, d);
- SCSIRequest *r, *n;
+ SCSIGenericReq *r;
- r = s->requests;
- while (r) {
- n = r->next;
- qemu_free(r);
- r = n;
- }
-
- r = free_requests;
- while (r) {
- n = r->next;
- qemu_free(r);
- r = n;
+ while (!QTAILQ_EMPTY(&s->qdev.requests)) {
+ r = DO_UPCAST(SCSIGenericReq, req, QTAILQ_FIRST(&s->qdev.requests));
+ scsi_remove_request(r);
}
-
- drive_uninit(s->dinfo);
+ drive_uninit(s->qdev.conf.dinfo);
}
static int scsi_generic_initfn(SCSIDevice *dev)
int sg_version;
struct sg_scsi_id scsiid;
- if (!s->dinfo || !s->dinfo->bdrv) {
- qemu_error("scsi-generic: drive property not set\n");
+ if (!s->qdev.conf.dinfo || !s->qdev.conf.dinfo->bdrv) {
+ error_report("scsi-generic: drive property not set");
return -1;
}
+ s->bs = s->qdev.conf.dinfo->bdrv;
/* check we are really using a /dev/sg* file */
- if (!bdrv_is_sg(s->dinfo->bdrv)) {
- qemu_error("scsi-generic: not /dev/sg*\n");
+ if (!bdrv_is_sg(s->bs)) {
+ error_report("scsi-generic: not /dev/sg*");
return -1;
}
/* check we are using a driver managing SG_IO (version 3 and after */
- if (bdrv_ioctl(s->dinfo->bdrv, SG_GET_VERSION_NUM, &sg_version) < 0 ||
+ if (bdrv_ioctl(s->bs, SG_GET_VERSION_NUM, &sg_version) < 0 ||
sg_version < 30000) {
- qemu_error("scsi-generic: scsi generic interface too old\n");
+ error_report("scsi-generic: scsi generic interface too old");
return -1;
}
/* get LUN of the /dev/sg? */
- if (bdrv_ioctl(s->dinfo->bdrv, SG_GET_SCSI_ID, &scsiid)) {
- qemu_error("scsi-generic: SG_GET_SCSI_ID ioctl failed\n");
+ if (bdrv_ioctl(s->bs, SG_GET_SCSI_ID, &scsiid)) {
+ error_report("scsi-generic: SG_GET_SCSI_ID ioctl failed");
return -1;
}
/* define device state */
s->lun = scsiid.lun;
DPRINTF("LUN %d\n", s->lun);
- s->type = scsiid.scsi_type;
- DPRINTF("device type %d\n", s->type);
- if (s->type == TYPE_TAPE) {
- s->blocksize = get_stream_blocksize(s->dinfo->bdrv);
- if (s->blocksize == -1)
- s->blocksize = 0;
+ s->qdev.type = scsiid.scsi_type;
+ DPRINTF("device type %d\n", s->qdev.type);
+ if (s->qdev.type == TYPE_TAPE) {
+ s->qdev.blocksize = get_stream_blocksize(s->bs);
+ if (s->qdev.blocksize == -1)
+ s->qdev.blocksize = 0;
} else {
- s->blocksize = get_blocksize(s->dinfo->bdrv);
+ s->qdev.blocksize = get_blocksize(s->bs);
/* removable media returns 0 if not present */
- if (s->blocksize <= 0) {
- if (s->type == TYPE_ROM || s->type == TYPE_WORM)
- s->blocksize = 2048;
+ if (s->qdev.blocksize <= 0) {
+ if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM)
+ s->qdev.blocksize = 2048;
else
- s->blocksize = 512;
+ s->qdev.blocksize = 512;
}
}
- DPRINTF("block size %d\n", s->blocksize);
+ DPRINTF("block size %d\n", s->qdev.blocksize);
s->driver_status = 0;
memset(s->sensebuf, 0, sizeof(s->sensebuf));
return 0;
.cancel_io = scsi_cancel_io,
.get_buf = scsi_get_buf,
.qdev.props = (Property[]) {
- DEFINE_PROP_DRIVE("drive", SCSIGenericState, dinfo),
+ DEFINE_BLOCK_PROPERTIES(SCSIGenericState, qdev.conf),
DEFINE_PROP_END_OF_LIST(),
},
};
projects / qemu.git / blobdiff