]> git.proxmox.com Git - mirror_qemu.git/blame - hw/scsi/scsi-disk.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
target/arm: Implement VFP fp16 VLDR and VSTR
[mirror_qemu.git] / hw / scsi / scsi-disk.c
CommitLineData
2e5d83bb
PB		 1/*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
ad3cea42
AT		 8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
2e5d83bb 14 *
8e31bf38 15 * This code is licensed under the LGPL.
a917d384
PB		 16 *
17 * Note that this file only handles the SCSI architecture model and device
1d4db89c
AZ		 18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
2e5d83bb
PB		 20 */
21
a4ab4792 22#include "qemu/osdep.h"
7e462605 23#include "qemu/units.h"
da34e65c 24#include "qapi/error.h"
1de7afc9 25#include "qemu/error-report.h"
db725815 26#include "qemu/main-loop.h"
0b8fa32f 27#include "qemu/module.h"
0d09e41a 28#include "hw/scsi/scsi.h"
ca77ee28 29#include "migration/qemu-file-types.h"
d6454270 30#include "migration/vmstate.h"
3d4a8bf0 31#include "hw/scsi/emulation.h"
08e2c9f1 32#include "scsi/constants.h"
4be74634 33#include "sysemu/block-backend.h"
9c17d615 34#include "sysemu/blockdev.h"
0d09e41a 35#include "hw/block/block.h"
a27bd6c7 36#include "hw/qdev-properties.h"
9c17d615 37#include "sysemu/dma.h"
71f571a2 38#include "sysemu/sysemu.h"
f348b6d1 39#include "qemu/cutils.h"
59ee9500 40#include "trace.h"
22864256 41
336a6915
PB		 42#ifdef __linux
43#include <scsi/sg.h>
44#endif
45
7e462605
PMD		 46#define SCSI_WRITE_SAME_MAX (512 * KiB)
47#define SCSI_DMA_BUF_SIZE (128 * KiB)
215e47b9
PB		 48#define SCSI_MAX_INQUIRY_LEN 256
49#define SCSI_MAX_MODE_LEN 256
50
7e462605
PMD		 51#define DEFAULT_DISCARD_GRANULARITY (4 * KiB)
52#define DEFAULT_MAX_UNMAP_SIZE (1 * GiB)
f8e1f533 53#define DEFAULT_MAX_IO_SIZE INT_MAX /* 2 GB - 1 block */
a917d384 54
993935f3
PB		 55#define TYPE_SCSI_DISK_BASE "scsi-disk-base"
56
fcaafb10
PB		 57#define SCSI_DISK_BASE(obj) \
58 OBJECT_CHECK(SCSIDiskState, (obj), TYPE_SCSI_DISK_BASE)
59#define SCSI_DISK_BASE_CLASS(klass) \
60 OBJECT_CLASS_CHECK(SCSIDiskClass, (klass), TYPE_SCSI_DISK_BASE)
61#define SCSI_DISK_BASE_GET_CLASS(obj) \
62 OBJECT_GET_CLASS(SCSIDiskClass, (obj), TYPE_SCSI_DISK_BASE)
63
64typedef struct SCSIDiskClass {
65 SCSIDeviceClass parent_class;
66 DMAIOFunc *dma_readv;
67 DMAIOFunc *dma_writev;
94f8ba11 68 bool (*need_fua_emulation)(SCSICommand *cmd);
d31347f5 69 void (*update_sense)(SCSIRequest *r);
fcaafb10 70} SCSIDiskClass;
d52affa7 71
4c41d2ef
GH		 72typedef struct SCSIDiskReq {
73 SCSIRequest req;
a917d384 74 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
e035b43d
AL		 75 uint64_t sector;
76 uint32_t sector_count;
7285477a 77 uint32_t buflen;
a0e66a69 78 bool started;
94f8ba11 79 bool need_fua_emulation;
c87c0672
AL		 80 struct iovec iov;
81 QEMUIOVector qiov;
a597e79c 82 BlockAcctCookie acct;
8fdc7839 83 unsigned char *status;
4c41d2ef 84} SCSIDiskReq;
a917d384 85
18e673b8
PH		 86#define SCSI_DISK_F_REMOVABLE 0
87#define SCSI_DISK_F_DPOFUA 1
88#define SCSI_DISK_F_NO_REMOVABLE_DEVOPS 2
bfe3d7ac 89
fcaafb10 90typedef struct SCSIDiskState
a917d384 91{
d52affa7 92 SCSIDevice qdev;
bfe3d7ac 93 uint32_t features;
8a9c16f6 94 bool media_changed;
3c2f7c12 95 bool media_event;
4480de19 96 bool eject_request;
64cc2284 97 uint16_t port_index;
8a1bd297 98 uint64_t max_unmap_size;
f8e1f533 99 uint64_t max_io_size;
213189ab 100 QEMUBH *bh;
383b4d9b 101 char *version;
a0fef654 102 char *serial;
353815aa
DF		 103 char *vendor;
104 char *product;
7471a649 105 char *device_id;
ece0d5e9 106 bool tray_open;
81b1008d 107 bool tray_locked;
070f8009
DB		 108 /*
109 * 0x0000 - rotation rate not reported
110 * 0x0001 - non-rotating medium (SSD)
111 * 0x0002-0x0400 - reserved
112 * 0x0401-0xffe - rotations per minute
113 * 0xffff - reserved
114 */
115 uint16_t rotation_rate;
fcaafb10 116} SCSIDiskState;
2e5d83bb 117
14b20748 118static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed);
5dba48a8 119
ad2d30f7 120static void scsi_free_request(SCSIRequest *req)
4d611c9a 121{
ad2d30f7
PB		 122 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
123
db4c34c3 124 qemu_vfree(r->iov.iov_base);
4d611c9a
PB		 125}
126
b45ef674
PB		 127/* Helper function for command completion with sense. */
128static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
ed3a34a3 129{
59ee9500
LV		 130 trace_scsi_disk_check_condition(r->req.tag, sense.key, sense.asc,
131 sense.ascq);
b45ef674
PB		 132 scsi_req_build_sense(&r->req, sense);
133 scsi_req_complete(&r->req, CHECK_CONDITION);
4d611c9a
PB		 134}
135
03c90063 136static void scsi_init_iovec(SCSIDiskReq *r, size_t size)
103b40f5 137{
7285477a
PB		 138 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
139
140 if (!r->iov.iov_base) {
43b978b9 141 r->buflen = size;
4be74634 142 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
7285477a
PB		 143 }
144 r->iov.iov_len = MIN(r->sector_count * 512, r->buflen);
103b40f5 145 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
103b40f5
PB		 146}
147
43b978b9
PB		 148static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req)
149{
150 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
151
152 qemu_put_be64s(f, &r->sector);
153 qemu_put_be32s(f, &r->sector_count);
154 qemu_put_be32s(f, &r->buflen);
18eef3bc
GH		 155 if (r->buflen) {
156 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
157 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
158 } else if (!req->retry) {
159 uint32_t len = r->iov.iov_len;
160 qemu_put_be32s(f, &len);
161 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
162 }
43b978b9
PB		 163 }
164}
165
166static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req)
167{
168 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
169
170 qemu_get_be64s(f, &r->sector);
171 qemu_get_be32s(f, &r->sector_count);
172 qemu_get_be32s(f, &r->buflen);
173 if (r->buflen) {
174 scsi_init_iovec(r, r->buflen);
175 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
176 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
18eef3bc
GH		 177 } else if (!r->req.retry) {
178 uint32_t len;
179 qemu_get_be32s(f, &len);
180 r->iov.iov_len = len;
181 assert(r->iov.iov_len <= r->buflen);
182 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
43b978b9
PB		 183 }
184 }
185
186 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
187}
188
5b956f41
PB		 189static bool scsi_disk_req_check_error(SCSIDiskReq *r, int ret, bool acct_failed)
190{
191 if (r->req.io_canceled) {
192 scsi_req_cancel_complete(&r->req);
193 return true;
194 }
195
14b20748 196 if (ret < 0 || (r->status && *r->status)) {
5b956f41
PB		 197 return scsi_handle_rw_error(r, -ret, acct_failed);
198 }
199
200 return false;
201}
202
c1b35247 203static void scsi_aio_complete(void *opaque, int ret)
5d0d2467
PB		 204{
205 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
206 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
207
46e3f30e
PB		 208 assert(r->req.aiocb != NULL);
209 r->req.aiocb = NULL;
b9e413dd 210 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
5b956f41 211 if (scsi_disk_req_check_error(r, ret, true)) {
0c92e0e6
PB		 212 goto done;
213 }
5d0d2467 214
d7628080 215 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
5d0d2467
PB		 216 scsi_req_complete(&r->req, GOOD);
217
218done:
b9e413dd 219 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
3df9caf8 220 scsi_req_unref(&r->req);
5d0d2467
PB		 221}
222
7e8c49c5
PB		 223static bool scsi_is_cmd_fua(SCSICommand *cmd)
224{
225 switch (cmd->buf[0]) {
226 case READ_10:
227 case READ_12:
228 case READ_16:
229 case WRITE_10:
230 case WRITE_12:
231 case WRITE_16:
232 return (cmd->buf[1] & 8) != 0;
233
7f64f8e2
PB		 234 case VERIFY_10:
235 case VERIFY_12:
236 case VERIFY_16:
7e8c49c5
PB		 237 case WRITE_VERIFY_10:
238 case WRITE_VERIFY_12:
239 case WRITE_VERIFY_16:
240 return true;
241
242 case READ_6:
243 case WRITE_6:
244 default:
245 return false;
246 }
247}
248
249static void scsi_write_do_fua(SCSIDiskReq *r)
250{
251 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
252
5fd2b563 253 assert(r->req.aiocb == NULL);
5b956f41 254 assert(!r->req.io_canceled);
0c92e0e6 255
94f8ba11 256 if (r->need_fua_emulation) {
4be74634 257 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 258 BLOCK_ACCT_FLUSH);
4be74634 259 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
7e8c49c5
PB		 260 return;
261 }
262
263 scsi_req_complete(&r->req, GOOD);
3df9caf8 264 scsi_req_unref(&r->req);
7e8c49c5
PB		 265}
266
5fd2b563 267static void scsi_dma_complete_noio(SCSIDiskReq *r, int ret)
a917d384 268{
5fd2b563 269 assert(r->req.aiocb == NULL);
5b956f41 270 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 271 goto done;
272 }
a597e79c 273
b77912a7
PB		 274 r->sector += r->sector_count;
275 r->sector_count = 0;
7e8c49c5
PB		 276 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
277 scsi_write_do_fua(r);
278 return;
279 } else {
280 scsi_req_complete(&r->req, GOOD);
281 }
c7bae6a7
PB		 282
283done:
3df9caf8 284 scsi_req_unref(&r->req);
4d611c9a
PB		 285}
286
ef8489d4
PB		 287static void scsi_dma_complete(void *opaque, int ret)
288{
289 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
5fd2b563 290 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ef8489d4
PB		 291
292 assert(r->req.aiocb != NULL);
5fd2b563
PB		 293 r->req.aiocb = NULL;
294
b9e413dd 295 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
d7628080
AG		 296 if (ret < 0) {
297 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
298 } else {
299 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
300 }
5fd2b563 301 scsi_dma_complete_noio(r, ret);
b9e413dd 302 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
ef8489d4
PB		 303}
304
1505421a 305static void scsi_read_complete_noio(SCSIDiskReq *r, int ret)
0a4ac106 306{
1505421a 307 uint32_t n;
0a4ac106 308
1505421a
ZL		 309 assert(r->req.aiocb == NULL);
310 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 311 goto done;
312 }
0a4ac106 313
b77912a7
PB		 314 n = r->qiov.size / 512;
315 r->sector += n;
316 r->sector_count -= n;
317 scsi_req_data(&r->req, r->qiov.size);
c7bae6a7
PB		 318
319done:
3df9caf8 320 scsi_req_unref(&r->req);
1505421a
ZL		 321}
322
323static void scsi_read_complete(void *opaque, int ret)
324{
325 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
326 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
327
328 assert(r->req.aiocb != NULL);
329 r->req.aiocb = NULL;
330
331 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
332 if (ret < 0) {
333 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
334 } else {
335 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
336 trace_scsi_disk_read_complete(r->req.tag, r->qiov.size);
337 }
338 scsi_read_complete_noio(r, ret);
b9e413dd 339 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
0a4ac106 340}
5dba48a8 341
ac668426 342/* Actually issue a read to the block device. */
5fd2b563 343static void scsi_do_read(SCSIDiskReq *r, int ret)
ac668426 344{
ac668426 345 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
fcaafb10 346 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
ac668426 347
5fd2b563 348 assert (r->req.aiocb == NULL);
5b956f41 349 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 350 goto done;
351 }
ac668426 352
31e8fd86
PB		 353 /* The request is used as the AIO opaque value, so add a ref. */
354 scsi_req_ref(&r->req);
355
ac668426 356 if (r->req.sg) {
4be74634 357 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_READ);
ac668426 358 r->req.resid -= r->req.sg->size;
fcaafb10
PB		 359 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
360 r->req.sg, r->sector << BDRV_SECTOR_BITS,
99868af3 361 BDRV_SECTOR_SIZE,
fcaafb10
PB		 362 sdc->dma_readv, r, scsi_dma_complete, r,
363 DMA_DIRECTION_FROM_DEVICE);
ac668426 364 } else {
03c90063 365 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
4be74634 366 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
03c90063 367 r->qiov.size, BLOCK_ACCT_READ);
890e48d7 368 r->req.aiocb = sdc->dma_readv(r->sector << BDRV_SECTOR_BITS, &r->qiov,
fcaafb10 369 scsi_read_complete, r, r);
ac668426
PB		 370 }
371
372done:
3df9caf8 373 scsi_req_unref(&r->req);
ac668426
PB		 374}
375
5fd2b563
PB		 376static void scsi_do_read_cb(void *opaque, int ret)
377{
378 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
379 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
380
381 assert (r->req.aiocb != NULL);
382 r->req.aiocb = NULL;
383
b9e413dd 384 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
d7628080
AG		 385 if (ret < 0) {
386 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
387 } else {
388 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
389 }
5fd2b563 390 scsi_do_read(opaque, ret);
b9e413dd 391 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
5fd2b563
PB		 392}
393
5c6c0e51
HR		 394/* Read more data from scsi device into buffer. */
395static void scsi_read_data(SCSIRequest *req)
2e5d83bb 396{
5c6c0e51 397 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
5dba48a8 398 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ac668426 399 bool first;
2e5d83bb 400
59ee9500 401 trace_scsi_disk_read_data_count(r->sector_count);
a917d384 402 if (r->sector_count == 0) {
b45ef674
PB		 403 /* This also clears the sense buffer for REQUEST SENSE. */
404 scsi_req_complete(&r->req, GOOD);
a917d384 405 return;
2e5d83bb
PB		 406 }
407
6fa2c95f
SH		 408 /* No data transfer may already be in progress */
409 assert(r->req.aiocb == NULL);
410
c7bae6a7
PB		 411 /* The request is used as the AIO opaque value, so add a ref. */
412 scsi_req_ref(&r->req);
efb9ee02 413 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
59ee9500 414 trace_scsi_disk_read_data_invalid();
1505421a 415 scsi_read_complete_noio(r, -EINVAL);
efb9ee02
HR		 416 return;
417 }
418
cd723b85 419 if (!blk_is_available(req->dev->conf.blk)) {
1505421a 420 scsi_read_complete_noio(r, -ENOMEDIUM);
c7bae6a7 421 return;
a1aff5bf 422 }
c7bae6a7 423
ac668426 424 first = !r->started;
a0e66a69 425 r->started = true;
94f8ba11 426 if (first && r->need_fua_emulation) {
4be74634 427 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 428 BLOCK_ACCT_FLUSH);
5fd2b563 429 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_do_read_cb, r);
5d0d2467 430 } else {
ac668426 431 scsi_do_read(r, 0);
5d0d2467 432 }
2e5d83bb
PB		 433}
434
c7bae6a7 435/*
14b20748
FZ		 436 * scsi_handle_rw_error has two return values. False means that the error
437 * must be ignored, true means that the error has been processed and the
c7bae6a7
PB		 438 * caller should not do anything else for this request. Note that
439 * scsi_handle_rw_error always manages its reference counts, independent
440 * of the return value.
441 */
14b20748 442static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed)
5dba48a8 443{
c85a7a00 444 bool is_read = (r->req.cmd.mode == SCSI_XFER_FROM_DEV);
4c41d2ef 445 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
d31347f5 446 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
4be74634
MA		 447 BlockErrorAction action = blk_get_error_action(s->qdev.conf.blk,
448 is_read, error);
ea8a5d7f 449
a589569f 450 if (action == BLOCK_ERROR_ACTION_REPORT) {
d7628080
AG		 451 if (acct_failed) {
452 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
453 }
efb9ee02 454 switch (error) {
14b20748 455 case 0:
e6aa5ba4
PB		 456 /* A passthrough command has run and has produced sense data; check
457 * whether the error has to be handled by the guest or should rather
458 * pause the host.
459 */
14b20748 460 assert(r->status && *r->status);
bdf9613b 461 if (scsi_sense_buf_is_guest_recoverable(r->req.sense, sizeof(r->req.sense))) {
e6aa5ba4 462 /* These errors are handled by guest. */
d31347f5 463 sdc->update_sense(&r->req);
e6aa5ba4
PB		 464 scsi_req_complete(&r->req, *r->status);
465 return true;
466 }
bdf9613b 467 error = scsi_sense_buf_to_errno(r->req.sense, sizeof(r->req.sense));
14b20748 468 break;
7e218df5
PB		 469 case ENOMEDIUM:
470 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
471 break;
efb9ee02 472 case ENOMEM:
b45ef674 473 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
efb9ee02
HR		 474 break;
475 case EINVAL:
b45ef674 476 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
efb9ee02 477 break;
703dd81a
PB		 478 case ENOSPC:
479 scsi_check_condition(r, SENSE_CODE(SPACE_ALLOC_FAILED));
480 break;
efb9ee02 481 default:
b45ef674 482 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
efb9ee02 483 break;
a1f0cce2 484 }
ea8a5d7f 485 }
14b20748 486
4be74634 487 blk_error_action(s->qdev.conf.blk, action, is_read, error);
40dce4ee
PB		 488 if (action == BLOCK_ERROR_ACTION_IGNORE) {
489 scsi_req_complete(&r->req, 0);
490 return true;
491 }
492
a589569f 493 if (action == BLOCK_ERROR_ACTION_STOP) {
3e1caa5f
PB		 494 scsi_req_retry(&r->req);
495 }
1c7f618f 496 return true;
ea8a5d7f
AL		 497}
498
5fd2b563 499static void scsi_write_complete_noio(SCSIDiskReq *r, int ret)
4d611c9a 500{
ea8a5d7f
AL		 501 uint32_t n;
502
5fd2b563 503 assert (r->req.aiocb == NULL);
5b956f41 504 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 505 goto done;
506 }
a597e79c 507
103b40f5 508 n = r->qiov.size / 512;
ea8a5d7f
AL		 509 r->sector += n;
510 r->sector_count -= n;
a917d384 511 if (r->sector_count == 0) {
7e8c49c5
PB		 512 scsi_write_do_fua(r);
513 return;
a917d384 514 } else {
43b978b9 515 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
59ee9500 516 trace_scsi_disk_write_complete_noio(r->req.tag, r->qiov.size);
103b40f5 517 scsi_req_data(&r->req, r->qiov.size);
4d611c9a 518 }
c7bae6a7
PB		 519
520done:
3df9caf8 521 scsi_req_unref(&r->req);
4d611c9a
PB		 522}
523
5fd2b563
PB		 524static void scsi_write_complete(void * opaque, int ret)
525{
526 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
527 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
528
529 assert (r->req.aiocb != NULL);
530 r->req.aiocb = NULL;
531
b9e413dd 532 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
d7628080
AG		 533 if (ret < 0) {
534 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
535 } else {
536 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
537 }
5fd2b563 538 scsi_write_complete_noio(r, ret);
b9e413dd 539 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
5fd2b563
PB		 540}
541
42741212 542static void scsi_write_data(SCSIRequest *req)
ea8a5d7f 543{
5c6c0e51 544 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
4c41d2ef 545 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
fcaafb10 546 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
ea8a5d7f 547
6fa2c95f
SH		 548 /* No data transfer may already be in progress */
549 assert(r->req.aiocb == NULL);
550
c7bae6a7
PB		 551 /* The request is used as the AIO opaque value, so add a ref. */
552 scsi_req_ref(&r->req);
efb9ee02 553 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
59ee9500 554 trace_scsi_disk_write_data_invalid();
5fd2b563 555 scsi_write_complete_noio(r, -EINVAL);
42741212 556 return;
efb9ee02
HR		 557 }
558
5d0d2467
PB		 559 if (!r->req.sg && !r->qiov.size) {
560 /* Called for the first time. Ask the driver to send us more data. */
a0e66a69 561 r->started = true;
5fd2b563 562 scsi_write_complete_noio(r, 0);
5d0d2467
PB		 563 return;
564 }
cd723b85 565 if (!blk_is_available(req->dev->conf.blk)) {
5fd2b563 566 scsi_write_complete_noio(r, -ENOMEDIUM);
5d0d2467
PB		 567 return;
568 }
569
7f64f8e2
PB		 570 if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 ||
571 r->req.cmd.buf[0] == VERIFY_16) {
572 if (r->req.sg) {
ef8489d4 573 scsi_dma_complete_noio(r, 0);
7f64f8e2 574 } else {
5fd2b563 575 scsi_write_complete_noio(r, 0);
7f64f8e2
PB		 576 }
577 return;
578 }
579
5d0d2467 580 if (r->req.sg) {
4be74634 581 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_WRITE);
5d0d2467 582 r->req.resid -= r->req.sg->size;
fcaafb10
PB		 583 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
584 r->req.sg, r->sector << BDRV_SECTOR_BITS,
99868af3 585 BDRV_SECTOR_SIZE,
fcaafb10
PB		 586 sdc->dma_writev, r, scsi_dma_complete, r,
587 DMA_DIRECTION_TO_DEVICE);
5d0d2467 588 } else {
4be74634 589 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
03c90063 590 r->qiov.size, BLOCK_ACCT_WRITE);
fcaafb10
PB		 591 r->req.aiocb = sdc->dma_writev(r->sector << BDRV_SECTOR_BITS, &r->qiov,
592 scsi_write_complete, r, r);
ea8a5d7f 593 }
a917d384 594}
2e5d83bb 595
a917d384 596/* Return a pointer to the data buffer. */
5c6c0e51 597static uint8_t *scsi_get_buf(SCSIRequest *req)
a917d384 598{
5c6c0e51 599 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2e5d83bb 600
3f4cb3d3 601 return (uint8_t *)r->iov.iov_base;
2e5d83bb
PB		 602}
603
3d4a8bf0 604static int scsi_disk_emulate_vpd_page(SCSIRequest *req, uint8_t *outbuf)
0b06c059 605{
383b4d9b 606 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
0a96ca24
DHB		 607 uint8_t page_code = req->cmd.buf[2];
608 int start, buflen = 0;
0b06c059 609
0a96ca24
DHB		 610 outbuf[buflen++] = s->qdev.type & 0x1f;
611 outbuf[buflen++] = page_code;
612 outbuf[buflen++] = 0x00;
613 outbuf[buflen++] = 0x00;
614 start = buflen;
3e1c0c9a 615
0a96ca24
DHB		 616 switch (page_code) {
617 case 0x00: /* Supported page codes, mandatory */
618 {
59ee9500 619 trace_scsi_disk_emulate_vpd_page_00(req->cmd.xfer);
0a96ca24
DHB		 620 outbuf[buflen++] = 0x00; /* list of supported pages (this page) */
621 if (s->serial) {
622 outbuf[buflen++] = 0x80; /* unit serial number */
623 }
624 outbuf[buflen++] = 0x83; /* device identification */
625 if (s->qdev.type == TYPE_DISK) {
626 outbuf[buflen++] = 0xb0; /* block limits */
627 outbuf[buflen++] = 0xb1; /* block device characteristics */
628 outbuf[buflen++] = 0xb2; /* thin provisioning */
629 }
630 break;
631 }
632 case 0x80: /* Device serial number, optional */
633 {
634 int l;
0b06c059 635
0a96ca24 636 if (!s->serial) {
59ee9500 637 trace_scsi_disk_emulate_vpd_page_80_not_supported();
0a96ca24 638 return -1;
0b06c059
GH		 639 }
640
0a96ca24
DHB		 641 l = strlen(s->serial);
642 if (l > 36) {
643 l = 36;
644 }
0b06c059 645
59ee9500 646 trace_scsi_disk_emulate_vpd_page_80(req->cmd.xfer);
0a96ca24
DHB		 647 memcpy(outbuf + buflen, s->serial, l);
648 buflen += l;
649 break;
650 }
64cc2284 651
0a96ca24
DHB		 652 case 0x83: /* Device identification page, mandatory */
653 {
7471a649 654 int id_len = s->device_id ? MIN(strlen(s->device_id), 255 - 8) : 0;
64cc2284 655
59ee9500 656 trace_scsi_disk_emulate_vpd_page_83(req->cmd.xfer);
0a96ca24 657
a8f58afc
KW		 658 if (id_len) {
659 outbuf[buflen++] = 0x2; /* ASCII */
660 outbuf[buflen++] = 0; /* not officially assigned */
661 outbuf[buflen++] = 0; /* reserved */
662 outbuf[buflen++] = id_len; /* length of data following */
7471a649 663 memcpy(outbuf + buflen, s->device_id, id_len);
a8f58afc
KW		 664 buflen += id_len;
665 }
0a96ca24
DHB		 666
667 if (s->qdev.wwn) {
668 outbuf[buflen++] = 0x1; /* Binary */
669 outbuf[buflen++] = 0x3; /* NAA */
670 outbuf[buflen++] = 0; /* reserved */
671 outbuf[buflen++] = 8;
672 stq_be_p(&outbuf[buflen], s->qdev.wwn);
673 buflen += 8;
ea3bd56f 674 }
0a96ca24
DHB		 675
676 if (s->qdev.port_wwn) {
677 outbuf[buflen++] = 0x61; /* SAS / Binary */
678 outbuf[buflen++] = 0x93; /* PIV / Target port / NAA */
679 outbuf[buflen++] = 0; /* reserved */
680 outbuf[buflen++] = 8;
681 stq_be_p(&outbuf[buflen], s->qdev.port_wwn);
682 buflen += 8;
070f8009 683 }
0a96ca24
DHB		 684
685 if (s->port_index) {
686 outbuf[buflen++] = 0x61; /* SAS / Binary */
687
688 /* PIV/Target port/relative target port */
689 outbuf[buflen++] = 0x94;
690
691 outbuf[buflen++] = 0; /* reserved */
692 outbuf[buflen++] = 4;
693 stw_be_p(&outbuf[buflen + 2], s->port_index);
694 buflen += 4;
ee3659e3 695 }
0a96ca24
DHB		 696 break;
697 }
698 case 0xb0: /* block limits */
699 {
3d4a8bf0 700 SCSIBlockLimits bl = {};
0a96ca24
DHB		 701
702 if (s->qdev.type == TYPE_ROM) {
59ee9500 703 trace_scsi_disk_emulate_vpd_page_b0_not_supported();
0b06c059
GH		 704 return -1;
705 }
3d4a8bf0
PB		 706 bl.wsnz = 1;
707 bl.unmap_sectors =
708 s->qdev.conf.discard_granularity / s->qdev.blocksize;
709 bl.min_io_size =
710 s->qdev.conf.min_io_size / s->qdev.blocksize;
711 bl.opt_io_size =
712 s->qdev.conf.opt_io_size / s->qdev.blocksize;
713 bl.max_unmap_sectors =
714 s->max_unmap_size / s->qdev.blocksize;
715 bl.max_io_sectors =
716 s->max_io_size / s->qdev.blocksize;
717 /* 255 descriptors fit in 4 KiB with an 8-byte header */
718 bl.max_unmap_descr = 255;
719
0a96ca24
DHB		 720 if (s->qdev.type == TYPE_DISK) {
721 int max_transfer_blk = blk_get_max_transfer(s->qdev.conf.blk);
722 int max_io_sectors_blk =
723 max_transfer_blk / s->qdev.blocksize;
724
3d4a8bf0
PB		 725 bl.max_io_sectors =
726 MIN_NON_ZERO(max_io_sectors_blk, bl.max_io_sectors);
0a96ca24 727 }
3d4a8bf0 728 buflen += scsi_emulate_block_limits(outbuf + buflen, &bl);
0a96ca24
DHB		 729 break;
730 }
731 case 0xb1: /* block device characteristics */
732 {
740842c9 733 buflen = 0x40;
0a96ca24
DHB		 734 outbuf[4] = (s->rotation_rate >> 8) & 0xff;
735 outbuf[5] = s->rotation_rate & 0xff;
740842c9
DHB		 736 outbuf[6] = 0; /* PRODUCT TYPE */
737 outbuf[7] = 0; /* WABEREQ | WACEREQ | NOMINAL FORM FACTOR */
738 outbuf[8] = 0; /* VBULS */
0a96ca24
DHB		 739 break;
740 }
741 case 0xb2: /* thin provisioning */
742 {
743 buflen = 8;
744 outbuf[4] = 0;
745 outbuf[5] = 0xe0; /* unmap & write_same 10/16 all supported */
746 outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1;
747 outbuf[7] = 0;
748 break;
749 }
750 default:
751 return -1;
752 }
753 /* done with EVPD */
754 assert(buflen - start <= 255);
755 outbuf[start - 1] = buflen - start;
756 return buflen;
757}
758
759static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
760{
761 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
762 int buflen = 0;
763
764 if (req->cmd.buf[1] & 0x1) {
765 /* Vital product data */
766 return scsi_disk_emulate_vpd_page(req, outbuf);
0b06c059
GH		 767 }
768
769 /* Standard INQUIRY data */
770 if (req->cmd.buf[2] != 0) {
0b06c059
GH		 771 return -1;
772 }
773
774 /* PAGE CODE == 0 */
0b06c059 775 buflen = req->cmd.xfer;
f01b5931 776 if (buflen > SCSI_MAX_INQUIRY_LEN) {
0b06c059 777 buflen = SCSI_MAX_INQUIRY_LEN;
f01b5931 778 }
0b06c059 779
f37bd73b 780 outbuf[0] = s->qdev.type & 0x1f;
bfe3d7ac 781 outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0;
353815aa
DF		 782
783 strpadcpy((char *) &outbuf[16], 16, s->product, ' ');
784 strpadcpy((char *) &outbuf[8], 8, s->vendor, ' ');
785
314b1811 786 memset(&outbuf[32], 0, 4);
552fee93 787 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
99aba0c4
CH		 788 /*
789 * We claim conformance to SPC-3, which is required for guests
790 * to ask for modern features like READ CAPACITY(16) or the
791 * block characteristics VPD page by default. Not all of SPC-3
792 * is actually implemented, but we're good enough.
793 */
2343be0d 794 outbuf[2] = s->qdev.default_scsi_version;
1109c894 795 outbuf[3] = 2 | 0x10; /* Format 2, HiSup */
ad3cea42
AT		 796
797 if (buflen > 36) {
798 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
799 } else {
800 /* If the allocation length of CDB is too small,
801 the additional length is not adjusted */
802 outbuf[4] = 36 - 5;
803 }
804
0b06c059 805 /* Sync data transfer and TCQ. */
afd4030c 806 outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0);
0b06c059
GH		 807 return buflen;
808}
809
430ee2f2
PB		 810static inline bool media_is_dvd(SCSIDiskState *s)
811{
812 uint64_t nb_sectors;
813 if (s->qdev.type != TYPE_ROM) {
814 return false;
815 }
cd723b85 816 if (!blk_is_available(s->qdev.conf.blk)) {
7d99f4c1
MR		 817 return false;
818 }
4be74634 819 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
430ee2f2
PB		 820 return nb_sectors > CD_MAX_SECTORS;
821}
822
ceb792ef
PB		 823static inline bool media_is_cd(SCSIDiskState *s)
824{
825 uint64_t nb_sectors;
826 if (s->qdev.type != TYPE_ROM) {
827 return false;
828 }
cd723b85 829 if (!blk_is_available(s->qdev.conf.blk)) {
7d99f4c1
MR		 830 return false;
831 }
4be74634 832 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
ceb792ef
PB		 833 return nb_sectors <= CD_MAX_SECTORS;
834}
835
1a4f0c3a
PB		 836static int scsi_read_disc_information(SCSIDiskState *s, SCSIDiskReq *r,
837 uint8_t *outbuf)
838{
839 uint8_t type = r->req.cmd.buf[1] & 7;
840
841 if (s->qdev.type != TYPE_ROM) {
842 return -1;
843 }
844
845 /* Types 1/2 are only defined for Blu-Ray. */
846 if (type != 0) {
847 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
848 return -1;
849 }
850
851 memset(outbuf, 0, 34);
852 outbuf[1] = 32;
853 outbuf[2] = 0xe; /* last session complete, disc finalized */
854 outbuf[3] = 1; /* first track on disc */
855 outbuf[4] = 1; /* # of sessions */
856 outbuf[5] = 1; /* first track of last session */
857 outbuf[6] = 1; /* last track of last session */
858 outbuf[7] = 0x20; /* unrestricted use */
859 outbuf[8] = 0x00; /* CD-ROM or DVD-ROM */
860 /* 9-10-11: most significant byte corresponding bytes 4-5-6 */
861 /* 12-23: not meaningful for CD-ROM or DVD-ROM */
862 /* 24-31: disc bar code */
863 /* 32: disc application code */
864 /* 33: number of OPC tables */
865
866 return 34;
867}
868
b6c251ab
PB		 869static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r,
870 uint8_t *outbuf)
871{
ceb792ef
PB		 872 static const int rds_caps_size[5] = {
873 [0] = 2048 + 4,
874 [1] = 4 + 4,
875 [3] = 188 + 4,
876 [4] = 2048 + 4,
877 };
878
879 uint8_t media = r->req.cmd.buf[1];
880 uint8_t layer = r->req.cmd.buf[6];
881 uint8_t format = r->req.cmd.buf[7];
882 int size = -1;
883
884 if (s->qdev.type != TYPE_ROM) {
885 return -1;
886 }
887 if (media != 0) {
888 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
889 return -1;
890 }
891
892 if (format != 0xff) {
cd723b85 893 if (!blk_is_available(s->qdev.conf.blk)) {
ceb792ef
PB		 894 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
895 return -1;
896 }
897 if (media_is_cd(s)) {
898 scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT));
899 return -1;
900 }
901 if (format >= ARRAY_SIZE(rds_caps_size)) {
902 return -1;
903 }
904 size = rds_caps_size[format];
905 memset(outbuf, 0, size);
906 }
907
908 switch (format) {
909 case 0x00: {
910 /* Physical format information */
911 uint64_t nb_sectors;
912 if (layer != 0) {
913 goto fail;
914 }
4be74634 915 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
ceb792ef
PB		 916
917 outbuf[4] = 1; /* DVD-ROM, part version 1 */
918 outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
919 outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
920 outbuf[7] = 0; /* default densities */
921
922 stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */
923 stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */
924 break;
925 }
926
927 case 0x01: /* DVD copyright information, all zeros */
928 break;
929
930 case 0x03: /* BCA information - invalid field for no BCA info */
931 return -1;
932
933 case 0x04: /* DVD disc manufacturing information, all zeros */
934 break;
935
936 case 0xff: { /* List capabilities */
937 int i;
938 size = 4;
939 for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) {
940 if (!rds_caps_size[i]) {
941 continue;
942 }
943 outbuf[size] = i;
944 outbuf[size + 1] = 0x40; /* Not writable, readable */
945 stw_be_p(&outbuf[size + 2], rds_caps_size[i]);
946 size += 4;
947 }
948 break;
949 }
950
951 default:
952 return -1;
953 }
954
955 /* Size of buffer, not including 2 byte size field */
956 stw_be_p(outbuf, size - 2);
957 return size;
958
959fail:
b6c251ab
PB		 960 return -1;
961}
962
3c2f7c12 963static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf)
b6c251ab 964{
3c2f7c12
PB		 965 uint8_t event_code, media_status;
966
967 media_status = 0;
968 if (s->tray_open) {
969 media_status = MS_TRAY_OPEN;
4be74634 970 } else if (blk_is_inserted(s->qdev.conf.blk)) {
3c2f7c12
PB		 971 media_status = MS_MEDIA_PRESENT;
972 }
973
974 /* Event notification descriptor */
975 event_code = MEC_NO_CHANGE;
4480de19
PB		 976 if (media_status != MS_TRAY_OPEN) {
977 if (s->media_event) {
978 event_code = MEC_NEW_MEDIA;
979 s->media_event = false;
980 } else if (s->eject_request) {
981 event_code = MEC_EJECT_REQUESTED;
982 s->eject_request = false;
983 }
3c2f7c12
PB		 984 }
985
986 outbuf[0] = event_code;
987 outbuf[1] = media_status;
988
989 /* These fields are reserved, just clear them. */
990 outbuf[2] = 0;
991 outbuf[3] = 0;
992 return 4;
993}
994
995static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r,
996 uint8_t *outbuf)
997{
998 int size;
999 uint8_t *buf = r->req.cmd.buf;
1000 uint8_t notification_class_request = buf[4];
1001 if (s->qdev.type != TYPE_ROM) {
1002 return -1;
1003 }
1004 if ((buf[1] & 1) == 0) {
1005 /* asynchronous */
1006 return -1;
1007 }
1008
1009 size = 4;
1010 outbuf[0] = outbuf[1] = 0;
1011 outbuf[3] = 1 << GESN_MEDIA; /* supported events */
1012 if (notification_class_request & (1 << GESN_MEDIA)) {
1013 outbuf[2] = GESN_MEDIA;
1014 size += scsi_event_status_media(s, &outbuf[size]);
1015 } else {
1016 outbuf[2] = 0x80;
1017 }
1018 stw_be_p(outbuf, size - 4);
1019 return size;
b6c251ab
PB		 1020}
1021
430ee2f2 1022static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf)
b6c251ab 1023{
430ee2f2
PB		 1024 int current;
1025
b6c251ab
PB		 1026 if (s->qdev.type != TYPE_ROM) {
1027 return -1;
1028 }
7d99f4c1
MR		 1029
1030 if (media_is_dvd(s)) {
1031 current = MMC_PROFILE_DVD_ROM;
1032 } else if (media_is_cd(s)) {
1033 current = MMC_PROFILE_CD_ROM;
1034 } else {
1035 current = MMC_PROFILE_NONE;
1036 }
1037
430ee2f2
PB		 1038 memset(outbuf, 0, 40);
1039 stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */
1040 stw_be_p(&outbuf[6], current);
1041 /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */
1042 outbuf[10] = 0x03; /* persistent, current */
1043 outbuf[11] = 8; /* two profiles */
1044 stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM);
1045 outbuf[14] = (current == MMC_PROFILE_DVD_ROM);
1046 stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM);
1047 outbuf[18] = (current == MMC_PROFILE_CD_ROM);
1048 /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */
1049 stw_be_p(&outbuf[20], 1);
1050 outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */
1051 outbuf[23] = 8;
1052 stl_be_p(&outbuf[24], 1); /* SCSI */
1053 outbuf[28] = 1; /* DBE = 1, mandatory */
1054 /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */
1055 stw_be_p(&outbuf[32], 3);
1056 outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */
1057 outbuf[35] = 4;
1058 outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */
1059 /* TODO: Random readable, CD read, DVD read, drive serial number,
1060 power management */
1061 return 40;
b6c251ab
PB		 1062}
1063
1064static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf)
1065{
1066 if (s->qdev.type != TYPE_ROM) {
1067 return -1;
1068 }
1069 memset(outbuf, 0, 8);
1070 outbuf[5] = 1; /* CD-ROM */
1071 return 8;
1072}
1073
cfc606da 1074static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
282ab04e 1075 int page_control)
ebddfcbe 1076{
a8f4bbe2
PB		 1077 static const int mode_sense_valid[0x3f] = {
1078 [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK),
1079 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK),
1080 [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
a07c7dcd
PB		 1081 [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
1082 [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM),
a8f4bbe2
PB		 1083 [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM),
1084 };
ef405611
PB		 1085
1086 uint8_t *p = *p_outbuf + 2;
1087 int length;
ebddfcbe 1088
a8f4bbe2
PB		 1089 if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) {
1090 return -1;
1091 }
1092
282ab04e
BK		 1093 /*
1094 * If Changeable Values are requested, a mask denoting those mode parameters
1095 * that are changeable shall be returned. As we currently don't support
1096 * parameter changes via MODE_SELECT all bits are returned set to zero.
1097 * The buffer was already menset to zero by the caller of this function.
ef405611
PB		 1098 *
1099 * The offsets here are off by two compared to the descriptions in the
1100 * SCSI specs, because those include a 2-byte header. This is unfortunate,
1101 * but it is done so that offsets are consistent within our implementation
1102 * of MODE SENSE and MODE SELECT. MODE SELECT has to deal with both
1103 * 2-byte and 4-byte headers.
282ab04e 1104 */
ebddfcbe 1105 switch (page) {
67cc61e4 1106 case MODE_PAGE_HD_GEOMETRY:
ef405611 1107 length = 0x16;
282ab04e 1108 if (page_control == 1) { /* Changeable Values */
cfc606da 1109 break;
282ab04e 1110 }
ebddfcbe 1111 /* if a geometry hint is available, use it */
ef405611
PB		 1112 p[0] = (s->qdev.conf.cyls >> 16) & 0xff;
1113 p[1] = (s->qdev.conf.cyls >> 8) & 0xff;
1114 p[2] = s->qdev.conf.cyls & 0xff;
1115 p[3] = s->qdev.conf.heads & 0xff;
ebddfcbe 1116 /* Write precomp start cylinder, disabled */
ef405611
PB		 1117 p[4] = (s->qdev.conf.cyls >> 16) & 0xff;
1118 p[5] = (s->qdev.conf.cyls >> 8) & 0xff;
1119 p[6] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1120 /* Reduced current start cylinder, disabled */
ef405611
PB		 1121 p[7] = (s->qdev.conf.cyls >> 16) & 0xff;
1122 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1123 p[9] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1124 /* Device step rate [ns], 200ns */
ef405611
PB		 1125 p[10] = 0;
1126 p[11] = 200;
ebddfcbe 1127 /* Landing zone cylinder */
ef405611
PB		 1128 p[12] = 0xff;
1129 p[13] = 0xff;
ebddfcbe 1130 p[14] = 0xff;
ebddfcbe 1131 /* Medium rotation rate [rpm], 5400 rpm */
ef405611
PB		 1132 p[18] = (5400 >> 8) & 0xff;
1133 p[19] = 5400 & 0xff;
cfc606da 1134 break;
ebddfcbe 1135
67cc61e4 1136 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY:
ef405611 1137 length = 0x1e;
282ab04e 1138 if (page_control == 1) { /* Changeable Values */
cfc606da 1139 break;
282ab04e 1140 }
ebddfcbe 1141 /* Transfer rate [kbit/s], 5Mbit/s */
ef405611
PB		 1142 p[0] = 5000 >> 8;
1143 p[1] = 5000 & 0xff;
ebddfcbe 1144 /* if a geometry hint is available, use it */
ef405611
PB		 1145 p[2] = s->qdev.conf.heads & 0xff;
1146 p[3] = s->qdev.conf.secs & 0xff;
1147 p[4] = s->qdev.blocksize >> 8;
1148 p[6] = (s->qdev.conf.cyls >> 8) & 0xff;
1149 p[7] = s->qdev.conf.cyls & 0xff;
1150 /* Write precomp start cylinder, disabled */
d252df48
MA		 1151 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1152 p[9] = s->qdev.conf.cyls & 0xff;
ef405611 1153 /* Reduced current start cylinder, disabled */
d252df48
MA		 1154 p[10] = (s->qdev.conf.cyls >> 8) & 0xff;
1155 p[11] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1156 /* Device step rate [100us], 100us */
ef405611
PB		 1157 p[12] = 0;
1158 p[13] = 1;
ebddfcbe 1159 /* Device step pulse width [us], 1us */
ef405611 1160 p[14] = 1;
ebddfcbe 1161 /* Device head settle delay [100us], 100us */
ef405611
PB		 1162 p[15] = 0;
1163 p[16] = 1;
ebddfcbe 1164 /* Motor on delay [0.1s], 0.1s */
ef405611 1165 p[17] = 1;
ebddfcbe 1166 /* Motor off delay [0.1s], 0.1s */
ef405611 1167 p[18] = 1;
ebddfcbe 1168 /* Medium rotation rate [rpm], 5400 rpm */
ef405611
PB		 1169 p[26] = (5400 >> 8) & 0xff;
1170 p[27] = 5400 & 0xff;
cfc606da 1171 break;
ebddfcbe 1172
67cc61e4 1173 case MODE_PAGE_CACHING:
ef405611 1174 length = 0x12;
96c91bbf 1175 if (page_control == 1 || /* Changeable Values */
4be74634 1176 blk_enable_write_cache(s->qdev.conf.blk)) {
ef405611 1177 p[0] = 4; /* WCE */
ebddfcbe 1178 }
cfc606da 1179 break;
ebddfcbe 1180
a07c7dcd 1181 case MODE_PAGE_R_W_ERROR:
ef405611 1182 length = 10;
4f588b15
PB		 1183 if (page_control == 1) { /* Changeable Values */
1184 break;
1185 }
ef405611 1186 p[0] = 0x80; /* Automatic Write Reallocation Enabled */
a07c7dcd 1187 if (s->qdev.type == TYPE_ROM) {
ef405611 1188 p[1] = 0x20; /* Read Retry Count */
a07c7dcd
PB		 1189 }
1190 break;
1191
1192 case MODE_PAGE_AUDIO_CTL:
ef405611 1193 length = 14;
a07c7dcd
PB		 1194 break;
1195
67cc61e4 1196 case MODE_PAGE_CAPABILITIES:
ef405611 1197 length = 0x14;
282ab04e 1198 if (page_control == 1) { /* Changeable Values */
cfc606da 1199 break;
282ab04e 1200 }
a07c7dcd 1201
ef405611
PB		 1202 p[0] = 0x3b; /* CD-R & CD-RW read */
1203 p[1] = 0; /* Writing not supported */
1204 p[2] = 0x7f; /* Audio, composite, digital out,
ebddfcbe 1205 mode 2 form 1&2, multi session */
ef405611 1206 p[3] = 0xff; /* CD DA, DA accurate, RW supported,
ebddfcbe
GH		 1207 RW corrected, C2 errors, ISRC,
1208 UPC, Bar code */
ef405611 1209 p[4] = 0x2d | (s->tray_locked ? 2 : 0);
ebddfcbe 1210 /* Locking supported, jumper present, eject, tray */
ef405611 1211 p[5] = 0; /* no volume & mute control, no
ebddfcbe 1212 changer */
ef405611
PB		 1213 p[6] = (50 * 176) >> 8; /* 50x read speed */
1214 p[7] = (50 * 176) & 0xff;
1215 p[8] = 2 >> 8; /* Two volume levels */
1216 p[9] = 2 & 0xff;
1217 p[10] = 2048 >> 8; /* 2M buffer */
1218 p[11] = 2048 & 0xff;
1219 p[12] = (16 * 176) >> 8; /* 16x read speed current */
1220 p[13] = (16 * 176) & 0xff;
1221 p[16] = (16 * 176) >> 8; /* 16x write speed */
1222 p[17] = (16 * 176) & 0xff;
1223 p[18] = (16 * 176) >> 8; /* 16x write speed current */
ebddfcbe 1224 p[19] = (16 * 176) & 0xff;
cfc606da 1225 break;
ebddfcbe
GH		 1226
1227 default:
cfc606da 1228 return -1;
ebddfcbe 1229 }
cfc606da 1230
ef405611
PB		 1231 assert(length < 256);
1232 (*p_outbuf)[0] = page;
1233 (*p_outbuf)[1] = length;
1234 *p_outbuf += length + 2;
1235 return length + 2;
ebddfcbe
GH		 1236}
1237
cfc606da 1238static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
ebddfcbe 1239{
cfc606da 1240 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ebddfcbe 1241 uint64_t nb_sectors;
e590ecbe
PB		 1242 bool dbd;
1243 int page, buflen, ret, page_control;
ebddfcbe 1244 uint8_t *p;
ce512ee1 1245 uint8_t dev_specific_param;
ebddfcbe 1246
e590ecbe 1247 dbd = (r->req.cmd.buf[1] & 0x8) != 0;
cfc606da
PB		 1248 page = r->req.cmd.buf[2] & 0x3f;
1249 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
59ee9500
LV		 1250
1251 trace_scsi_disk_emulate_mode_sense((r->req.cmd.buf[0] == MODE_SENSE) ? 6 :
1252 10, page, r->req.cmd.xfer, page_control);
cfc606da 1253 memset(outbuf, 0, r->req.cmd.xfer);
ebddfcbe
GH		 1254 p = outbuf;
1255
e590ecbe 1256 if (s->qdev.type == TYPE_DISK) {
da8365db 1257 dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0;
4be74634 1258 if (blk_is_read_only(s->qdev.conf.blk)) {
e590ecbe
PB		 1259 dev_specific_param |= 0x80; /* Readonly. */
1260 }
ce512ee1 1261 } else {
e590ecbe
PB		 1262 /* MMC prescribes that CD/DVD drives have no block descriptors,
1263 * and defines no device-specific parameter. */
6a2de0f2 1264 dev_specific_param = 0x00;
e590ecbe 1265 dbd = true;
ce512ee1
BK		 1266 }
1267
cfc606da 1268 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1269 p[1] = 0; /* Default media type. */
1270 p[2] = dev_specific_param;
1271 p[3] = 0; /* Block descriptor length. */
1272 p += 4;
1273 } else { /* MODE_SENSE_10 */
1274 p[2] = 0; /* Default media type. */
1275 p[3] = dev_specific_param;
1276 p[6] = p[7] = 0; /* Block descriptor length. */
1277 p += 8;
ebddfcbe 1278 }
ebddfcbe 1279
4be74634 1280 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
e590ecbe 1281 if (!dbd && nb_sectors) {
cfc606da 1282 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1283 outbuf[3] = 8; /* Block descriptor length */
1284 } else { /* MODE_SENSE_10 */
1285 outbuf[7] = 8; /* Block descriptor length */
1286 }
69377307 1287 nb_sectors /= (s->qdev.blocksize / 512);
f01b5931 1288 if (nb_sectors > 0xffffff) {
2488b740 1289 nb_sectors = 0;
f01b5931 1290 }
ebddfcbe
GH		 1291 p[0] = 0; /* media density code */
1292 p[1] = (nb_sectors >> 16) & 0xff;
1293 p[2] = (nb_sectors >> 8) & 0xff;
1294 p[3] = nb_sectors & 0xff;
1295 p[4] = 0; /* reserved */
1296 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
69377307 1297 p[6] = s->qdev.blocksize >> 8;
ebddfcbe
GH		 1298 p[7] = 0;
1299 p += 8;
1300 }
1301
cfc606da
PB		 1302 if (page_control == 3) {
1303 /* Saved Values */
1304 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
1305 return -1;
282ab04e
BK		 1306 }
1307
cfc606da
PB		 1308 if (page == 0x3f) {
1309 for (page = 0; page <= 0x3e; page++) {
1310 mode_sense_page(s, page, &p, page_control);
1311 }
1312 } else {
1313 ret = mode_sense_page(s, page, &p, page_control);
1314 if (ret == -1) {
1315 return -1;
1316 }
ebddfcbe
GH		 1317 }
1318
1319 buflen = p - outbuf;
ce512ee1
BK		 1320 /*
1321 * The mode data length field specifies the length in bytes of the
1322 * following data that is available to be transferred. The mode data
1323 * length does not include itself.
1324 */
cfc606da 1325 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1326 outbuf[0] = buflen - 1;
1327 } else { /* MODE_SENSE_10 */
1328 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
1329 outbuf[1] = (buflen - 2) & 0xff;
1330 }
ebddfcbe
GH		 1331 return buflen;
1332}
1333
02880f43
GH		 1334static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
1335{
1336 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
02880f43
GH		 1337 int start_track, format, msf, toclen;
1338 uint64_t nb_sectors;
1339
1340 msf = req->cmd.buf[1] & 2;
1341 format = req->cmd.buf[2] & 0xf;
1342 start_track = req->cmd.buf[6];
4be74634 1343 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
59ee9500 1344 trace_scsi_disk_emulate_read_toc(start_track, format, msf >> 1);
69377307 1345 nb_sectors /= s->qdev.blocksize / 512;
02880f43
GH		 1346 switch (format) {
1347 case 0:
1348 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
1349 break;
1350 case 1:
1351 /* multi session : only a single session defined */
1352 toclen = 12;
1353 memset(outbuf, 0, 12);
1354 outbuf[1] = 0x0a;
1355 outbuf[2] = 0x01;
1356 outbuf[3] = 0x01;
1357 break;
1358 case 2:
1359 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
1360 break;
1361 default:
1362 return -1;
1363 }
02880f43
GH		 1364 return toclen;
1365}
1366
68bb01f3 1367static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
bfd52647
MA		 1368{
1369 SCSIRequest *req = &r->req;
1370 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1371 bool start = req->cmd.buf[4] & 1;
1372 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
ae5708b3
RS		 1373 int pwrcnd = req->cmd.buf[4] & 0xf0;
1374
1375 if (pwrcnd) {
1376 /* eject/load only happens for power condition == 0 */
1377 return 0;
1378 }
bfd52647 1379
b456a71c 1380 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) && loej) {
68bb01f3
MA		 1381 if (!start && !s->tray_open && s->tray_locked) {
1382 scsi_check_condition(r,
4be74634 1383 blk_is_inserted(s->qdev.conf.blk)
68bb01f3
MA		 1384 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
1385 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
1386 return -1;
fdec4404 1387 }
d88b1819
LC		 1388
1389 if (s->tray_open != !start) {
4be74634 1390 blk_eject(s->qdev.conf.blk, !start);
d88b1819
LC		 1391 s->tray_open = !start;
1392 }
bfd52647 1393 }
68bb01f3 1394 return 0;
bfd52647
MA		 1395}
1396
314a3299
PB		 1397static void scsi_disk_emulate_read_data(SCSIRequest *req)
1398{
1399 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1400 int buflen = r->iov.iov_len;
1401
1402 if (buflen) {
59ee9500 1403 trace_scsi_disk_emulate_read_data(buflen);
314a3299
PB		 1404 r->iov.iov_len = 0;
1405 r->started = true;
1406 scsi_req_data(&r->req, buflen);
1407 return;
1408 }
1409
1410 /* This also clears the sense buffer for REQUEST SENSE. */
1411 scsi_req_complete(&r->req, GOOD);
1412}
1413
380feaff
PB		 1414static int scsi_disk_check_mode_select(SCSIDiskState *s, int page,
1415 uint8_t *inbuf, int inlen)
1416{
1417 uint8_t mode_current[SCSI_MAX_MODE_LEN];
1418 uint8_t mode_changeable[SCSI_MAX_MODE_LEN];
1419 uint8_t *p;
1420 int len, expected_len, changeable_len, i;
1421
1422 /* The input buffer does not include the page header, so it is
1423 * off by 2 bytes.
1424 */
1425 expected_len = inlen + 2;
1426 if (expected_len > SCSI_MAX_MODE_LEN) {
1427 return -1;
1428 }
1429
1430 p = mode_current;
1431 memset(mode_current, 0, inlen + 2);
1432 len = mode_sense_page(s, page, &p, 0);
1433 if (len < 0 || len != expected_len) {
1434 return -1;
1435 }
1436
1437 p = mode_changeable;
1438 memset(mode_changeable, 0, inlen + 2);
1439 changeable_len = mode_sense_page(s, page, &p, 1);
1440 assert(changeable_len == len);
1441
1442 /* Check that unchangeable bits are the same as what MODE SENSE
1443 * would return.
1444 */
1445 for (i = 2; i < len; i++) {
1446 if (((mode_current[i] ^ inbuf[i - 2]) & ~mode_changeable[i]) != 0) {
1447 return -1;
1448 }
1449 }
1450 return 0;
1451}
1452
1453static void scsi_disk_apply_mode_select(SCSIDiskState *s, int page, uint8_t *p)
1454{
96c91bbf
PB		 1455 switch (page) {
1456 case MODE_PAGE_CACHING:
4be74634 1457 blk_set_enable_write_cache(s->qdev.conf.blk, (p[0] & 4) != 0);
96c91bbf
PB		 1458 break;
1459
1460 default:
1461 break;
1462 }
380feaff
PB		 1463}
1464
1465static int mode_select_pages(SCSIDiskReq *r, uint8_t *p, int len, bool change)
1466{
1467 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1468
1469 while (len > 0) {
1470 int page, subpage, page_len;
1471
1472 /* Parse both possible formats for the mode page headers. */
1473 page = p[0] & 0x3f;
1474 if (p[0] & 0x40) {
1475 if (len < 4) {
1476 goto invalid_param_len;
1477 }
1478 subpage = p[1];
1479 page_len = lduw_be_p(&p[2]);
1480 p += 4;
1481 len -= 4;
1482 } else {
1483 if (len < 2) {
1484 goto invalid_param_len;
1485 }
1486 subpage = 0;
1487 page_len = p[1];
1488 p += 2;
1489 len -= 2;
1490 }
1491
1492 if (subpage) {
1493 goto invalid_param;
1494 }
1495 if (page_len > len) {
1496 goto invalid_param_len;
1497 }
1498
1499 if (!change) {
1500 if (scsi_disk_check_mode_select(s, page, p, page_len) < 0) {
1501 goto invalid_param;
1502 }
1503 } else {
1504 scsi_disk_apply_mode_select(s, page, p);
1505 }
1506
1507 p += page_len;
1508 len -= page_len;
1509 }
1510 return 0;
1511
1512invalid_param:
1513 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1514 return -1;
1515
1516invalid_param_len:
1517 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1518 return -1;
1519}
1520
1521static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf)
1522{
accfeb2d 1523 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
380feaff
PB		 1524 uint8_t *p = inbuf;
1525 int cmd = r->req.cmd.buf[0];
1526 int len = r->req.cmd.xfer;
1527 int hdr_len = (cmd == MODE_SELECT ? 4 : 8);
1528 int bd_len;
1529 int pass;
1530
1531 /* We only support PF=1, SP=0. */
1532 if ((r->req.cmd.buf[1] & 0x11) != 0x10) {
1533 goto invalid_field;
1534 }
1535
1536 if (len < hdr_len) {
1537 goto invalid_param_len;
1538 }
1539
1540 bd_len = (cmd == MODE_SELECT ? p[3] : lduw_be_p(&p[6]));
1541 len -= hdr_len;
1542 p += hdr_len;
1543 if (len < bd_len) {
1544 goto invalid_param_len;
1545 }
1546 if (bd_len != 0 && bd_len != 8) {
1547 goto invalid_param;
1548 }
1549
1550 len -= bd_len;
1551 p += bd_len;
1552
1553 /* Ensure no change is made if there is an error! */
1554 for (pass = 0; pass < 2; pass++) {
1555 if (mode_select_pages(r, p, len, pass == 1) < 0) {
1556 assert(pass == 0);
1557 return;
1558 }
1559 }
4be74634 1560 if (!blk_enable_write_cache(s->qdev.conf.blk)) {
accfeb2d
PB		 1561 /* The request is used as the AIO opaque value, so add a ref. */
1562 scsi_req_ref(&r->req);
4be74634 1563 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 1564 BLOCK_ACCT_FLUSH);
4be74634 1565 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
accfeb2d
PB		 1566 return;
1567 }
1568
380feaff
PB		 1569 scsi_req_complete(&r->req, GOOD);
1570 return;
1571
1572invalid_param:
1573 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1574 return;
1575
1576invalid_param_len:
1577 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1578 return;
1579
1580invalid_field:
1581 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
380feaff
PB		 1582}
1583
444bc908
PB		 1584static inline bool check_lba_range(SCSIDiskState *s,
1585 uint64_t sector_num, uint32_t nb_sectors)
1586{
1587 /*
1588 * The first line tests that no overflow happens when computing the last
1589 * sector. The second line tests that the last accessed sector is in
1590 * range.
12ca76fc
PB		 1591 *
1592 * Careful, the computations should not underflow for nb_sectors == 0,
1593 * and a 0-block read to the first LBA beyond the end of device is
1594 * valid.
444bc908
PB		 1595 */
1596 return (sector_num <= sector_num + nb_sectors &&
12ca76fc 1597 sector_num + nb_sectors <= s->qdev.max_lba + 1);
444bc908
PB		 1598}
1599
5222aaf2
PB		 1600typedef struct UnmapCBData {
1601 SCSIDiskReq *r;
1602 uint8_t *inbuf;
1603 int count;
1604} UnmapCBData;
1605
5fd2b563
PB		 1606static void scsi_unmap_complete(void *opaque, int ret);
1607
1608static void scsi_unmap_complete_noio(UnmapCBData *data, int ret)
5222aaf2 1609{
5222aaf2
PB		 1610 SCSIDiskReq *r = data->r;
1611 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
5222aaf2 1612
5fd2b563 1613 assert(r->req.aiocb == NULL);
d0242ead 1614
d0242ead 1615 if (data->count > 0) {
6d068082
AN		 1616 r->sector = ldq_be_p(&data->inbuf[0])
1617 * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1618 r->sector_count = (ldl_be_p(&data->inbuf[8]) & 0xffffffffULL)
1619 * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1620 if (!check_lba_range(s, r->sector, r->sector_count)) {
4989ef57
AN		 1621 block_acct_invalid(blk_get_stats(s->qdev.conf.blk),
1622 BLOCK_ACCT_UNMAP);
5222aaf2
PB		 1623 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1624 goto done;
1625 }
1626
4989ef57
AN		 1627 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1628 r->sector_count * BDRV_SECTOR_SIZE,
1629 BLOCK_ACCT_UNMAP);
1630
1c6c4bb7 1631 r->req.aiocb = blk_aio_pdiscard(s->qdev.conf.blk,
6d068082
AN		 1632 r->sector * BDRV_SECTOR_SIZE,
1633 r->sector_count * BDRV_SECTOR_SIZE,
1c6c4bb7 1634 scsi_unmap_complete, data);
5222aaf2
PB		 1635 data->count--;
1636 data->inbuf += 16;
1637 return;
1638 }
1639
d0242ead
PB		 1640 scsi_req_complete(&r->req, GOOD);
1641
5222aaf2 1642done:
3df9caf8 1643 scsi_req_unref(&r->req);
5222aaf2
PB		 1644 g_free(data);
1645}
1646
5fd2b563
PB		 1647static void scsi_unmap_complete(void *opaque, int ret)
1648{
1649 UnmapCBData *data = opaque;
1650 SCSIDiskReq *r = data->r;
b9e413dd 1651 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
5fd2b563
PB		 1652
1653 assert(r->req.aiocb != NULL);
1654 r->req.aiocb = NULL;
1655
b9e413dd 1656 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
4989ef57 1657 if (scsi_disk_req_check_error(r, ret, true)) {
90ebf843
AN		 1658 scsi_req_unref(&r->req);
1659 g_free(data);
1660 } else {
4989ef57 1661 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
90ebf843
AN		 1662 scsi_unmap_complete_noio(data, ret);
1663 }
b9e413dd 1664 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
5fd2b563
PB		 1665}
1666
5222aaf2
PB		 1667static void scsi_disk_emulate_unmap(SCSIDiskReq *r, uint8_t *inbuf)
1668{
c5fd1fb0 1669 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
5222aaf2
PB		 1670 uint8_t *p = inbuf;
1671 int len = r->req.cmd.xfer;
1672 UnmapCBData *data;
1673
823bd739
PB		 1674 /* Reject ANCHOR=1. */
1675 if (r->req.cmd.buf[1] & 0x1) {
1676 goto invalid_field;
1677 }
1678
5222aaf2
PB		 1679 if (len < 8) {
1680 goto invalid_param_len;
1681 }
1682 if (len < lduw_be_p(&p[0]) + 2) {
1683 goto invalid_param_len;
1684 }
1685 if (len < lduw_be_p(&p[2]) + 8) {
1686 goto invalid_param_len;
1687 }
1688 if (lduw_be_p(&p[2]) & 15) {
1689 goto invalid_param_len;
1690 }
1691
4be74634 1692 if (blk_is_read_only(s->qdev.conf.blk)) {
4989ef57 1693 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
c5fd1fb0
PB		 1694 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1695 return;
1696 }
1697
5222aaf2
PB		 1698 data = g_new0(UnmapCBData, 1);
1699 data->r = r;
1700 data->inbuf = &p[8];
1701 data->count = lduw_be_p(&p[2]) >> 4;
1702
1703 /* The matching unref is in scsi_unmap_complete, before data is freed. */
1704 scsi_req_ref(&r->req);
5fd2b563 1705 scsi_unmap_complete_noio(data, 0);
5222aaf2
PB		 1706 return;
1707
1708invalid_param_len:
4989ef57 1709 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
5222aaf2 1710 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
823bd739
PB		 1711 return;
1712
1713invalid_field:
4989ef57 1714 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
823bd739 1715 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
5222aaf2
PB		 1716}
1717
84f94a9a
PB		 1718typedef struct WriteSameCBData {
1719 SCSIDiskReq *r;
1720 int64_t sector;
1721 int nb_sectors;
1722 QEMUIOVector qiov;
1723 struct iovec iov;
1724} WriteSameCBData;
1725
1726static void scsi_write_same_complete(void *opaque, int ret)
1727{
1728 WriteSameCBData *data = opaque;
1729 SCSIDiskReq *r = data->r;
1730 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1731
1732 assert(r->req.aiocb != NULL);
1733 r->req.aiocb = NULL;
b9e413dd 1734 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
5b956f41 1735 if (scsi_disk_req_check_error(r, ret, true)) {
84f94a9a
PB		 1736 goto done;
1737 }
1738
d7628080
AG		 1739 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
1740
84f94a9a
PB		 1741 data->nb_sectors -= data->iov.iov_len / 512;
1742 data->sector += data->iov.iov_len / 512;
1743 data->iov.iov_len = MIN(data->nb_sectors * 512, data->iov.iov_len);
1744 if (data->iov.iov_len) {
4be74634 1745 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8 1746 data->iov.iov_len, BLOCK_ACCT_WRITE);
03c90063
EB		 1747 /* Reinitialize qiov, to handle unaligned WRITE SAME request
1748 * where final qiov may need smaller size */
a56537a1 1749 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
03c90063
EB		 1750 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1751 data->sector << BDRV_SECTOR_BITS,
1752 &data->qiov, 0,
1753 scsi_write_same_complete, data);
24355b79 1754 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
84f94a9a
PB		 1755 return;
1756 }
1757
1758 scsi_req_complete(&r->req, GOOD);
1759
1760done:
3df9caf8 1761 scsi_req_unref(&r->req);
84f94a9a
PB		 1762 qemu_vfree(data->iov.iov_base);
1763 g_free(data);
b9e413dd 1764 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
84f94a9a
PB		 1765}
1766
1767static void scsi_disk_emulate_write_same(SCSIDiskReq *r, uint8_t *inbuf)
1768{
1769 SCSIRequest *req = &r->req;
1770 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1894df02 1771 uint32_t nb_sectors = scsi_data_cdb_xfer(r->req.cmd.buf);
84f94a9a
PB		 1772 WriteSameCBData *data;
1773 uint8_t *buf;
1774 int i;
1775
1776 /* Fail if PBDATA=1 or LBDATA=1 or ANCHOR=1. */
1777 if (nb_sectors == 0 || (req->cmd.buf[1] & 0x16)) {
1778 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1779 return;
1780 }
1781
4be74634 1782 if (blk_is_read_only(s->qdev.conf.blk)) {
84f94a9a
PB		 1783 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1784 return;
1785 }
1786 if (!check_lba_range(s, r->req.cmd.lba, nb_sectors)) {
1787 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1788 return;
1789 }
1790
4397a018 1791 if ((req->cmd.buf[1] & 0x1) || buffer_is_zero(inbuf, s->qdev.blocksize)) {
84f94a9a
PB		 1792 int flags = (req->cmd.buf[1] & 0x8) ? BDRV_REQ_MAY_UNMAP : 0;
1793
1794 /* The request is used as the AIO opaque value, so add a ref. */
1795 scsi_req_ref(&r->req);
4be74634 1796 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8
BC		 1797 nb_sectors * s->qdev.blocksize,
1798 BLOCK_ACCT_WRITE);
d004bd52 1799 r->req.aiocb = blk_aio_pwrite_zeroes(s->qdev.conf.blk,
983a1600
EB		 1800 r->req.cmd.lba * s->qdev.blocksize,
1801 nb_sectors * s->qdev.blocksize,
4be74634 1802 flags, scsi_aio_complete, r);
84f94a9a
PB		 1803 return;
1804 }
1805
1806 data = g_new0(WriteSameCBData, 1);
1807 data->r = r;
1808 data->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
1809 data->nb_sectors = nb_sectors * (s->qdev.blocksize / 512);
1810 data->iov.iov_len = MIN(data->nb_sectors * 512, SCSI_WRITE_SAME_MAX);
4be74634
MA		 1811 data->iov.iov_base = buf = blk_blockalign(s->qdev.conf.blk,
1812 data->iov.iov_len);
84f94a9a
PB		 1813 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
1814
1815 for (i = 0; i < data->iov.iov_len; i += s->qdev.blocksize) {
1816 memcpy(&buf[i], inbuf, s->qdev.blocksize);
1817 }
1818
1819 scsi_req_ref(&r->req);
4be74634 1820 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8 1821 data->iov.iov_len, BLOCK_ACCT_WRITE);
03c90063
EB		 1822 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1823 data->sector << BDRV_SECTOR_BITS,
1824 &data->qiov, 0,
1825 scsi_write_same_complete, data);
84f94a9a
PB		 1826}
1827
314a3299
PB		 1828static void scsi_disk_emulate_write_data(SCSIRequest *req)
1829{
af6d510d
PB		 1830 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1831
1832 if (r->iov.iov_len) {
1833 int buflen = r->iov.iov_len;
59ee9500 1834 trace_scsi_disk_emulate_write_data(buflen);
af6d510d
PB		 1835 r->iov.iov_len = 0;
1836 scsi_req_data(&r->req, buflen);
1837 return;
1838 }
1839
1840 switch (req->cmd.buf[0]) {
1841 case MODE_SELECT:
1842 case MODE_SELECT_10:
1843 /* This also clears the sense buffer for REQUEST SENSE. */
380feaff 1844 scsi_disk_emulate_mode_select(r, r->iov.iov_base);
af6d510d
PB		 1845 break;
1846
5222aaf2
PB		 1847 case UNMAP:
1848 scsi_disk_emulate_unmap(r, r->iov.iov_base);
1849 break;
1850
d97e7730
PB		 1851 case VERIFY_10:
1852 case VERIFY_12:
1853 case VERIFY_16:
1854 if (r->req.status == -1) {
1855 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1856 }
1857 break;
1858
84f94a9a
PB		 1859 case WRITE_SAME_10:
1860 case WRITE_SAME_16:
1861 scsi_disk_emulate_write_same(r, r->iov.iov_base);
1862 break;
d97e7730 1863
af6d510d
PB		 1864 default:
1865 abort();
1866 }
314a3299
PB		 1867}
1868
b08d0ea0 1869static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
aa5dbdc1 1870{
b08d0ea0 1871 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
e7e25e32 1872 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
e7e25e32 1873 uint64_t nb_sectors;
7285477a 1874 uint8_t *outbuf;
af6d510d 1875 int buflen;
aa5dbdc1 1876
b08d0ea0
PB		 1877 switch (req->cmd.buf[0]) {
1878 case INQUIRY:
1879 case MODE_SENSE:
1880 case MODE_SENSE_10:
1881 case RESERVE:
1882 case RESERVE_10:
1883 case RELEASE:
1884 case RELEASE_10:
1885 case START_STOP:
1886 case ALLOW_MEDIUM_REMOVAL:
1887 case GET_CONFIGURATION:
1888 case GET_EVENT_STATUS_NOTIFICATION:
1889 case MECHANISM_STATUS:
1890 case REQUEST_SENSE:
1891 break;
1892
1893 default:
cd723b85 1894 if (!blk_is_available(s->qdev.conf.blk)) {
b08d0ea0
PB		 1895 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1896 return 0;
1897 }
1898 break;
1899 }
1900
c8dcb531
PB		 1901 /*
1902 * FIXME: we shouldn't return anything bigger than 4k, but the code
1903 * requires the buffer to be as big as req->cmd.xfer in several
1904 * places. So, do not allow CDBs with a very large ALLOCATION
1905 * LENGTH. The real fix would be to modify scsi_read_data and
1906 * dma_buf_read, so that they return data beyond the buflen
1907 * as all zeros.
1908 */
1909 if (req->cmd.xfer > 65536) {
1910 goto illegal_request;
1911 }
1912 r->buflen = MAX(4096, req->cmd.xfer);
1913
7285477a 1914 if (!r->iov.iov_base) {
4be74634 1915 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
7285477a
PB		 1916 }
1917
1918 outbuf = r->iov.iov_base;
c8dcb531 1919 memset(outbuf, 0, r->buflen);
aa5dbdc1
GH		 1920 switch (req->cmd.buf[0]) {
1921 case TEST_UNIT_READY:
cd723b85 1922 assert(blk_is_available(s->qdev.conf.blk));
5f71d32f 1923 break;
0b06c059
GH		 1924 case INQUIRY:
1925 buflen = scsi_disk_emulate_inquiry(req, outbuf);
f01b5931 1926 if (buflen < 0) {
0b06c059 1927 goto illegal_request;
f01b5931 1928 }
5f71d32f 1929 break;
ebddfcbe
GH		 1930 case MODE_SENSE:
1931 case MODE_SENSE_10:
cfc606da 1932 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
f01b5931 1933 if (buflen < 0) {
ebddfcbe 1934 goto illegal_request;
f01b5931 1935 }
ebddfcbe 1936 break;
02880f43
GH		 1937 case READ_TOC:
1938 buflen = scsi_disk_emulate_read_toc(req, outbuf);
f01b5931 1939 if (buflen < 0) {
02880f43 1940 goto illegal_request;
f01b5931 1941 }
02880f43 1942 break;
3d53ba18 1943 case RESERVE:
f01b5931 1944 if (req->cmd.buf[1] & 1) {
3d53ba18 1945 goto illegal_request;
f01b5931 1946 }
3d53ba18
GH		 1947 break;
1948 case RESERVE_10:
f01b5931 1949 if (req->cmd.buf[1] & 3) {
3d53ba18 1950 goto illegal_request;
f01b5931 1951 }
3d53ba18
GH		 1952 break;
1953 case RELEASE:
f01b5931 1954 if (req->cmd.buf[1] & 1) {
3d53ba18 1955 goto illegal_request;
f01b5931 1956 }
3d53ba18
GH		 1957 break;
1958 case RELEASE_10:
f01b5931 1959 if (req->cmd.buf[1] & 3) {
3d53ba18 1960 goto illegal_request;
f01b5931 1961 }
3d53ba18 1962 break;
8d3628ff 1963 case START_STOP:
68bb01f3 1964 if (scsi_disk_emulate_start_stop(r) < 0) {
b08d0ea0 1965 return 0;
68bb01f3 1966 }
5f71d32f 1967 break;
c68b9f34 1968 case ALLOW_MEDIUM_REMOVAL:
81b1008d 1969 s->tray_locked = req->cmd.buf[4] & 1;
4be74634 1970 blk_lock_medium(s->qdev.conf.blk, req->cmd.buf[4] & 1);
5f71d32f 1971 break;
5e30a07d 1972 case READ_CAPACITY_10:
e7e25e32 1973 /* The normal LEN field for this command is zero. */
5f71d32f 1974 memset(outbuf, 0, 8);
4be74634 1975 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
f01b5931 1976 if (!nb_sectors) {
9bcaf4fe 1977 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
0369f06f 1978 return 0;
f01b5931 1979 }
7cec78b6
PB		 1980 if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) {
1981 goto illegal_request;
1982 }
69377307 1983 nb_sectors /= s->qdev.blocksize / 512;
e7e25e32
GH		 1984 /* Returned value is the address of the last sector. */
1985 nb_sectors--;
1986 /* Remember the new size for read/write sanity checking. */
7877903a 1987 s->qdev.max_lba = nb_sectors;
e7e25e32 1988 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
f01b5931 1989 if (nb_sectors > UINT32_MAX) {
e7e25e32 1990 nb_sectors = UINT32_MAX;
f01b5931 1991 }
e7e25e32
GH		 1992 outbuf[0] = (nb_sectors >> 24) & 0xff;
1993 outbuf[1] = (nb_sectors >> 16) & 0xff;
1994 outbuf[2] = (nb_sectors >> 8) & 0xff;
1995 outbuf[3] = nb_sectors & 0xff;
1996 outbuf[4] = 0;
1997 outbuf[5] = 0;
69377307 1998 outbuf[6] = s->qdev.blocksize >> 8;
e7e25e32 1999 outbuf[7] = 0;
5f71d32f 2000 break;
f3b338ef
PB		 2001 case REQUEST_SENSE:
2002 /* Just return "NO SENSE". */
37b6045c
PB		 2003 buflen = scsi_convert_sense(NULL, 0, outbuf, r->buflen,
2004 (req->cmd.buf[1] & 1) == 0);
c8dcb531
PB		 2005 if (buflen < 0) {
2006 goto illegal_request;
2007 }
f3b338ef 2008 break;
b6c251ab
PB		 2009 case MECHANISM_STATUS:
2010 buflen = scsi_emulate_mechanism_status(s, outbuf);
2011 if (buflen < 0) {
2012 goto illegal_request;
2013 }
2014 break;
38215553 2015 case GET_CONFIGURATION:
430ee2f2 2016 buflen = scsi_get_configuration(s, outbuf);
b6c251ab
PB		 2017 if (buflen < 0) {
2018 goto illegal_request;
2019 }
2020 break;
2021 case GET_EVENT_STATUS_NOTIFICATION:
2022 buflen = scsi_get_event_status_notification(s, r, outbuf);
2023 if (buflen < 0) {
2024 goto illegal_request;
2025 }
2026 break;
1a4f0c3a
PB		 2027 case READ_DISC_INFORMATION:
2028 buflen = scsi_read_disc_information(s, r, outbuf);
2029 if (buflen < 0) {
2030 goto illegal_request;
2031 }
2032 break;
b6c251ab
PB		 2033 case READ_DVD_STRUCTURE:
2034 buflen = scsi_read_dvd_structure(s, r, outbuf);
2035 if (buflen < 0) {
2036 goto illegal_request;
2037 }
38215553 2038 break;
f6515262 2039 case SERVICE_ACTION_IN_16:
5dd90e2a 2040 /* Service Action In subcommands. */
f6515262 2041 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
59ee9500 2042 trace_scsi_disk_emulate_command_SAI_16();
5dd90e2a 2043 memset(outbuf, 0, req->cmd.xfer);
4be74634 2044 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
f01b5931 2045 if (!nb_sectors) {
9bcaf4fe 2046 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
0369f06f 2047 return 0;
f01b5931 2048 }
7cec78b6
PB		 2049 if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) {
2050 goto illegal_request;
2051 }
69377307 2052 nb_sectors /= s->qdev.blocksize / 512;
5dd90e2a
GH		 2053 /* Returned value is the address of the last sector. */
2054 nb_sectors--;
2055 /* Remember the new size for read/write sanity checking. */
7877903a 2056 s->qdev.max_lba = nb_sectors;
5dd90e2a
GH		 2057 outbuf[0] = (nb_sectors >> 56) & 0xff;
2058 outbuf[1] = (nb_sectors >> 48) & 0xff;
2059 outbuf[2] = (nb_sectors >> 40) & 0xff;
2060 outbuf[3] = (nb_sectors >> 32) & 0xff;
2061 outbuf[4] = (nb_sectors >> 24) & 0xff;
2062 outbuf[5] = (nb_sectors >> 16) & 0xff;
2063 outbuf[6] = (nb_sectors >> 8) & 0xff;
2064 outbuf[7] = nb_sectors & 0xff;
2065 outbuf[8] = 0;
2066 outbuf[9] = 0;
69377307 2067 outbuf[10] = s->qdev.blocksize >> 8;
5dd90e2a 2068 outbuf[11] = 0;
ee3659e3
CH		 2069 outbuf[12] = 0;
2070 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
ea3bd56f
CH		 2071
2072 /* set TPE bit if the format supports discard */
2073 if (s->qdev.conf.discard_granularity) {
2074 outbuf[14] = 0x80;
2075 }
2076
5dd90e2a 2077 /* Protection, exponent and lowest lba field left blank. */
5dd90e2a
GH		 2078 break;
2079 }
59ee9500 2080 trace_scsi_disk_emulate_command_SAI_unsupported();
5dd90e2a 2081 goto illegal_request;
101aa85f
PB		 2082 case SYNCHRONIZE_CACHE:
2083 /* The request is used as the AIO opaque value, so add a ref. */
2084 scsi_req_ref(&r->req);
4be74634 2085 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 2086 BLOCK_ACCT_FLUSH);
4be74634 2087 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
101aa85f
PB		 2088 return 0;
2089 case SEEK_10:
59ee9500 2090 trace_scsi_disk_emulate_command_SEEK_10(r->req.cmd.lba);
101aa85f
PB		 2091 if (r->req.cmd.lba > s->qdev.max_lba) {
2092 goto illegal_lba;
2093 }
2094 break;
101aa85f 2095 case MODE_SELECT:
59ee9500 2096 trace_scsi_disk_emulate_command_MODE_SELECT(r->req.cmd.xfer);
101aa85f
PB		 2097 break;
2098 case MODE_SELECT_10:
59ee9500 2099 trace_scsi_disk_emulate_command_MODE_SELECT_10(r->req.cmd.xfer);
101aa85f 2100 break;
5222aaf2 2101 case UNMAP:
59ee9500 2102 trace_scsi_disk_emulate_command_UNMAP(r->req.cmd.xfer);
5222aaf2 2103 break;
d97e7730
PB		 2104 case VERIFY_10:
2105 case VERIFY_12:
2106 case VERIFY_16:
59ee9500 2107 trace_scsi_disk_emulate_command_VERIFY((req->cmd.buf[1] >> 1) & 3);
d97e7730
PB		 2108 if (req->cmd.buf[1] & 6) {
2109 goto illegal_request;
2110 }
2111 break;
101aa85f 2112 case WRITE_SAME_10:
101aa85f 2113 case WRITE_SAME_16:
59ee9500
LV		 2114 trace_scsi_disk_emulate_command_WRITE_SAME(
2115 req->cmd.buf[0] == WRITE_SAME_10 ? 10 : 16, r->req.cmd.xfer);
84f94a9a 2116 break;
aa5dbdc1 2117 default:
59ee9500
LV		 2118 trace_scsi_disk_emulate_command_UNKNOWN(buf[0],
2119 scsi_command_name(buf[0]));
b45ef674 2120 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
b08d0ea0 2121 return 0;
aa5dbdc1 2122 }
314a3299 2123 assert(!r->req.aiocb);
c8dcb531 2124 r->iov.iov_len = MIN(r->buflen, req->cmd.xfer);
b08d0ea0
PB		 2125 if (r->iov.iov_len == 0) {
2126 scsi_req_complete(&r->req, GOOD);
2127 }
af6d510d
PB		 2128 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
2129 assert(r->iov.iov_len == req->cmd.xfer);
2130 return -r->iov.iov_len;
2131 } else {
2132 return r->iov.iov_len;
2133 }
aa5dbdc1 2134
aa5dbdc1 2135illegal_request:
cfc606da
PB		 2136 if (r->req.status == -1) {
2137 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2138 }
b08d0ea0 2139 return 0;
101aa85f
PB		 2140
2141illegal_lba:
2142 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
2143 return 0;
aa5dbdc1
GH		 2144}
2145
2e5d83bb
PB		 2146/* Execute a scsi command. Returns the length of the data expected by the
2147 command. This will be Positive for data transfers from the device
2148 (eg. disk reads), negative for transfers to the device (eg. disk writes),
2149 and zero if the command does not transfer any data. */
2150
b08d0ea0 2151static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf)
2e5d83bb 2152{
5c6c0e51
HR		 2153 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2154 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
94f8ba11 2155 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
e93176d5 2156 uint32_t len;
a917d384 2157 uint8_t command;
a917d384
PB		 2158
2159 command = buf[0];
aa5dbdc1 2160
cd723b85 2161 if (!blk_is_available(s->qdev.conf.blk)) {
b08d0ea0
PB		 2162 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
2163 return 0;
9bcaf4fe
PB		 2164 }
2165
1894df02 2166 len = scsi_data_cdb_xfer(r->req.cmd.buf);
a917d384 2167 switch (command) {
ebf46023
GH		 2168 case READ_6:
2169 case READ_10:
bd536cf3
GH		 2170 case READ_12:
2171 case READ_16:
59ee9500 2172 trace_scsi_disk_dma_command_READ(r->req.cmd.lba, len);
2343be0d
PB		 2173 /* Protection information is not supported. For SCSI versions 2 and
2174 * older (as determined by snooping the guest's INQUIRY commands),
2175 * there is no RD/WR/VRPROTECT, so skip this check in these versions.
2176 */
2177 if (s->qdev.scsi_version > 2 && (r->req.cmd.buf[1] & 0xe0)) {
96bdbbab
RS		 2178 goto illegal_request;
2179 }
444bc908 2180 if (!check_lba_range(s, r->req.cmd.lba, len)) {
274fb0e1 2181 goto illegal_lba;
f01b5931 2182 }
69377307
PB		 2183 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
2184 r->sector_count = len * (s->qdev.blocksize / 512);
2e5d83bb 2185 break;
ebf46023
GH		 2186 case WRITE_6:
2187 case WRITE_10:
bd536cf3
GH		 2188 case WRITE_12:
2189 case WRITE_16:
5e30a07d 2190 case WRITE_VERIFY_10:
ebef0bbb
BK		 2191 case WRITE_VERIFY_12:
2192 case WRITE_VERIFY_16:
4be74634 2193 if (blk_is_read_only(s->qdev.conf.blk)) {
6a8a685c
RS		 2194 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
2195 return 0;
2196 }
59ee9500 2197 trace_scsi_disk_dma_command_WRITE(
2dd791b6
HR		 2198 (command & 0xe) == 0xe ? "And Verify " : "",
2199 r->req.cmd.lba, len);
4f04560b 2200 /* fall through */
166dbda7
PB		 2201 case VERIFY_10:
2202 case VERIFY_12:
2203 case VERIFY_16:
2204 /* We get here only for BYTCHK == 0x01 and only for scsi-block.
2205 * As far as DMA is concerned, we can treat it the same as a write;
2206 * scsi_block_do_sgio will send VERIFY commands.
2207 */
2343be0d 2208 if (s->qdev.scsi_version > 2 && (r->req.cmd.buf[1] & 0xe0)) {
96bdbbab
RS		 2209 goto illegal_request;
2210 }
444bc908 2211 if (!check_lba_range(s, r->req.cmd.lba, len)) {
274fb0e1 2212 goto illegal_lba;
f01b5931 2213 }
69377307
PB		 2214 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
2215 r->sector_count = len * (s->qdev.blocksize / 512);
2e5d83bb 2216 break;
101aa85f 2217 default:
b08d0ea0 2218 abort();
96bdbbab
RS		 2219 illegal_request:
2220 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2221 return 0;
274fb0e1 2222 illegal_lba:
b45ef674 2223 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
274fb0e1 2224 return 0;
2e5d83bb 2225 }
94f8ba11 2226 r->need_fua_emulation = sdc->need_fua_emulation(&r->req.cmd);
b08d0ea0 2227 if (r->sector_count == 0) {
b45ef674 2228 scsi_req_complete(&r->req, GOOD);
a917d384 2229 }
b08d0ea0 2230 assert(r->iov.iov_len == 0);
efb9ee02 2231 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
b08d0ea0 2232 return -r->sector_count * 512;
a917d384 2233 } else {
b08d0ea0 2234 return r->sector_count * 512;
2e5d83bb 2235 }
2e5d83bb
PB		 2236}
2237
e9447f35
JK		 2238static void scsi_disk_reset(DeviceState *dev)
2239{
2240 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
2241 uint64_t nb_sectors;
2242
c7b48872 2243 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
e9447f35 2244
4be74634 2245 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
69377307 2246 nb_sectors /= s->qdev.blocksize / 512;
e9447f35
JK		 2247 if (nb_sectors) {
2248 nb_sectors--;
2249 }
7877903a 2250 s->qdev.max_lba = nb_sectors;
7721c7f7
PH		 2251 /* reset tray statuses */
2252 s->tray_locked = 0;
2253 s->tray_open = 0;
2343be0d
PB		 2254
2255 s->qdev.scsi_version = s->qdev.default_scsi_version;
e9447f35
JK		 2256}
2257
aaebacef
PB		 2258static void scsi_disk_resize_cb(void *opaque)
2259{
2260 SCSIDiskState *s = opaque;
2261
2262 /* SPC lists this sense code as available only for
2263 * direct-access devices.
2264 */
2265 if (s->qdev.type == TYPE_DISK) {
53200fad 2266 scsi_device_report_change(&s->qdev, SENSE_CODE(CAPACITY_CHANGED));
aaebacef
PB		 2267 }
2268}
2269
39829a01 2270static void scsi_cd_change_media_cb(void *opaque, bool load, Error **errp)
2c6942fa 2271{
8a9c16f6
PB		 2272 SCSIDiskState *s = opaque;
2273
2274 /*
2275 * When a CD gets changed, we have to report an ejected state and
2276 * then a loaded state to guests so that they detect tray
2277 * open/close and media change events. Guests that do not use
2278 * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close
2279 * states rely on this behavior.
2280 *
2281 * media_changed governs the state machine used for unit attention
2282 * report. media_event is used by GET EVENT STATUS NOTIFICATION.
2283 */
2284 s->media_changed = load;
2285 s->tray_open = !load;
e48e84ea 2286 scsi_device_set_ua(&s->qdev, SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM));
3c2f7c12 2287 s->media_event = true;
4480de19
PB		 2288 s->eject_request = false;
2289}
2290
2291static void scsi_cd_eject_request_cb(void *opaque, bool force)
2292{
2293 SCSIDiskState *s = opaque;
2294
2295 s->eject_request = true;
2296 if (force) {
2297 s->tray_locked = false;
2298 }
2c6942fa
MA		 2299}
2300
e4def80b
MA		 2301static bool scsi_cd_is_tray_open(void *opaque)
2302{
2303 return ((SCSIDiskState *)opaque)->tray_open;
2304}
2305
f107639a
MA		 2306static bool scsi_cd_is_medium_locked(void *opaque)
2307{
2308 return ((SCSIDiskState *)opaque)->tray_locked;
2309}
2310
aaebacef 2311static const BlockDevOps scsi_disk_removable_block_ops = {
2c6942fa 2312 .change_media_cb = scsi_cd_change_media_cb,
4480de19 2313 .eject_request_cb = scsi_cd_eject_request_cb,
e4def80b 2314 .is_tray_open = scsi_cd_is_tray_open,
f107639a 2315 .is_medium_locked = scsi_cd_is_medium_locked,
aaebacef
PB		 2316
2317 .resize_cb = scsi_disk_resize_cb,
2318};
2319
2320static const BlockDevOps scsi_disk_block_ops = {
2321 .resize_cb = scsi_disk_resize_cb,
f107639a
MA		 2322};
2323
8a9c16f6
PB		 2324static void scsi_disk_unit_attention_reported(SCSIDevice *dev)
2325{
2326 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2327 if (s->media_changed) {
2328 s->media_changed = false;
e48e84ea 2329 scsi_device_set_ua(&s->qdev, SENSE_CODE(MEDIUM_CHANGED));
8a9c16f6
PB		 2330 }
2331}
2332
a818a4b6 2333static void scsi_realize(SCSIDevice *dev, Error **errp)
2e5d83bb 2334{
d52affa7 2335 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
7cef3d12 2336 bool read_only;
2e5d83bb 2337
4be74634 2338 if (!s->qdev.conf.blk) {
a818a4b6
FZ		 2339 error_setg(errp, "drive property not set");
2340 return;
d52affa7
GH		 2341 }
2342
bfe3d7ac 2343 if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
4be74634 2344 !blk_is_inserted(s->qdev.conf.blk)) {
a818a4b6
FZ		 2345 error_setg(errp, "Device needs media, but drive is empty");
2346 return;
98f28ad7
MA		 2347 }
2348
c56ee92f 2349 if (!blkconf_blocksizes(&s->qdev.conf, errp)) {
3da023b5
MK		 2350 return;
2351 }
2352
4f71fb43
KW		 2353 if (blk_get_aio_context(s->qdev.conf.blk) != qemu_get_aio_context() &&
2354 !s->qdev.hba_supports_iothread)
2355 {
2356 error_setg(errp, "HBA does not support iothreads");
2357 return;
2358 }
2359
5ff5efb4 2360 if (dev->type == TYPE_DISK) {
ceff3e1f 2361 if (!blkconf_geometry(&dev->conf, NULL, 65535, 255, 255, errp)) {
a818a4b6 2362 return;
5ff5efb4 2363 }
b7eb0c9f 2364 }
7cef3d12
KW		 2365
2366 read_only = blk_is_read_only(s->qdev.conf.blk);
2367 if (dev->type == TYPE_ROM) {
2368 read_only = true;
2369 }
2370
2371 if (!blkconf_apply_backend_options(&dev->conf, read_only,
ceff3e1f 2372 dev->type == TYPE_DISK, errp)) {
a17c17a2
KW		 2373 return;
2374 }
a0fef654 2375
215e47b9
PB		 2376 if (s->qdev.conf.discard_granularity == -1) {
2377 s->qdev.conf.discard_granularity =
2378 MAX(s->qdev.conf.logical_block_size, DEFAULT_DISCARD_GRANULARITY);
2379 }
2380
552fee93 2381 if (!s->version) {
35c2c8dc 2382 s->version = g_strdup(qemu_hw_version());
552fee93 2383 }
353815aa
DF		 2384 if (!s->vendor) {
2385 s->vendor = g_strdup("QEMU");
2386 }
7471a649
KW		 2387 if (!s->device_id) {
2388 if (s->serial) {
2389 s->device_id = g_strdup_printf("%.20s", s->serial);
2390 } else {
2391 const char *str = blk_name(s->qdev.conf.blk);
2392 if (str && *str) {
2393 s->device_id = g_strdup(str);
2394 }
2395 }
2396 }
552fee93 2397
4be74634 2398 if (blk_is_sg(s->qdev.conf.blk)) {
a818a4b6
FZ		 2399 error_setg(errp, "unwanted /dev/sg*");
2400 return;
32bb404a
MA		 2401 }
2402
18e673b8
PH		 2403 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2404 !(s->features & (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS))) {
4be74634 2405 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_removable_block_ops, s);
aaebacef 2406 } else {
4be74634 2407 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_block_ops, s);
2e5d83bb 2408 }
4be74634 2409 blk_set_guest_block_size(s->qdev.conf.blk, s->qdev.blocksize);
8cfacf07 2410
4be74634 2411 blk_iostatus_enable(s->qdev.conf.blk);
71f571a2
SE		 2412
2413 add_boot_device_lchs(&dev->qdev, NULL,
2414 dev->conf.lcyls,
2415 dev->conf.lheads,
2416 dev->conf.lsecs);
2417}
2418
b69c3c21 2419static void scsi_unrealize(SCSIDevice *dev)
71f571a2
SE		 2420{
2421 del_boot_device_lchs(&dev->qdev, NULL);
d52affa7
GH		 2422}
2423
a818a4b6 2424static void scsi_hd_realize(SCSIDevice *dev, Error **errp)
b443ae67 2425{
e39be482 2426 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
3ff35ba3 2427 AioContext *ctx = NULL;
df1d4c34
ET		 2428 /* can happen for devices without drive. The error message for missing
2429 * backend will be issued in scsi_realize
2430 */
2431 if (s->qdev.conf.blk) {
3ff35ba3
AG		 2432 ctx = blk_get_aio_context(s->qdev.conf.blk);
2433 aio_context_acquire(ctx);
c56ee92f
RK		 2434 if (!blkconf_blocksizes(&s->qdev.conf, errp)) {
2435 goto out;
2436 }
df1d4c34 2437 }
e39be482
PB		 2438 s->qdev.blocksize = s->qdev.conf.logical_block_size;
2439 s->qdev.type = TYPE_DISK;
353815aa
DF		 2440 if (!s->product) {
2441 s->product = g_strdup("QEMU HARDDISK");
2442 }
a818a4b6 2443 scsi_realize(&s->qdev, errp);
c56ee92f 2444out:
3ff35ba3
AG		 2445 if (ctx) {
2446 aio_context_release(ctx);
2447 }
b443ae67
MA		 2448}
2449
a818a4b6 2450static void scsi_cd_realize(SCSIDevice *dev, Error **errp)
b443ae67 2451{
e39be482 2452 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
3ff35ba3 2453 AioContext *ctx;
83b4fe0e 2454 int ret;
9ef6e505
KW		 2455
2456 if (!dev->conf.blk) {
83b4fe0e
KW		 2457 /* Anonymous BlockBackend for an empty drive. As we put it into
2458 * dev->conf, qdev takes care of detaching on unplug. */
d861ab3a 2459 dev->conf.blk = blk_new(qemu_get_aio_context(), 0, BLK_PERM_ALL);
83b4fe0e
KW		 2460 ret = blk_attach_dev(dev->conf.blk, &dev->qdev);
2461 assert(ret == 0);
9ef6e505
KW		 2462 }
2463
3ff35ba3
AG		 2464 ctx = blk_get_aio_context(dev->conf.blk);
2465 aio_context_acquire(ctx);
e39be482
PB		 2466 s->qdev.blocksize = 2048;
2467 s->qdev.type = TYPE_ROM;
bfe3d7ac 2468 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
353815aa
DF		 2469 if (!s->product) {
2470 s->product = g_strdup("QEMU CD-ROM");
2471 }
a818a4b6 2472 scsi_realize(&s->qdev, errp);
3ff35ba3 2473 aio_context_release(ctx);
b443ae67
MA		 2474}
2475
a818a4b6 2476static void scsi_disk_realize(SCSIDevice *dev, Error **errp)
b443ae67 2477{
95b5edcd 2478 DriveInfo *dinfo;
a818a4b6 2479 Error *local_err = NULL;
b443ae67 2480
0d074bf8
PB		 2481 warn_report("'scsi-disk' is deprecated, "
2482 "please use 'scsi-hd' or 'scsi-cd' instead");
2483
4be74634 2484 if (!dev->conf.blk) {
a818a4b6
FZ		 2485 scsi_realize(dev, &local_err);
2486 assert(local_err);
2487 error_propagate(errp, local_err);
2488 return;
b443ae67
MA		 2489 }
2490
4be74634 2491 dinfo = blk_legacy_dinfo(dev->conf.blk);
26f8b3a8 2492 if (dinfo && dinfo->media_cd) {
a818a4b6 2493 scsi_cd_realize(dev, errp);
e39be482 2494 } else {
a818a4b6 2495 scsi_hd_realize(dev, errp);
e39be482 2496 }
b443ae67
MA		 2497}
2498
b08d0ea0 2499static const SCSIReqOps scsi_disk_emulate_reqops = {
8dbd4574 2500 .size = sizeof(SCSIDiskReq),
12010e7b 2501 .free_req = scsi_free_request,
b08d0ea0 2502 .send_command = scsi_disk_emulate_command,
314a3299
PB		 2503 .read_data = scsi_disk_emulate_read_data,
2504 .write_data = scsi_disk_emulate_write_data,
b08d0ea0
PB		 2505 .get_buf = scsi_get_buf,
2506};
2507
2508static const SCSIReqOps scsi_disk_dma_reqops = {
2509 .size = sizeof(SCSIDiskReq),
2510 .free_req = scsi_free_request,
2511 .send_command = scsi_disk_dma_command,
12010e7b
PB		 2512 .read_data = scsi_read_data,
2513 .write_data = scsi_write_data,
12010e7b 2514 .get_buf = scsi_get_buf,
43b978b9
PB		 2515 .load_request = scsi_disk_load_request,
2516 .save_request = scsi_disk_save_request,
8dbd4574
PB		 2517};
2518
b08d0ea0
PB		 2519static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = {
2520 [TEST_UNIT_READY] = &scsi_disk_emulate_reqops,
2521 [INQUIRY] = &scsi_disk_emulate_reqops,
2522 [MODE_SENSE] = &scsi_disk_emulate_reqops,
2523 [MODE_SENSE_10] = &scsi_disk_emulate_reqops,
2524 [START_STOP] = &scsi_disk_emulate_reqops,
2525 [ALLOW_MEDIUM_REMOVAL] = &scsi_disk_emulate_reqops,
2526 [READ_CAPACITY_10] = &scsi_disk_emulate_reqops,
2527 [READ_TOC] = &scsi_disk_emulate_reqops,
2528 [READ_DVD_STRUCTURE] = &scsi_disk_emulate_reqops,
2529 [READ_DISC_INFORMATION] = &scsi_disk_emulate_reqops,
2530 [GET_CONFIGURATION] = &scsi_disk_emulate_reqops,
2531 [GET_EVENT_STATUS_NOTIFICATION] = &scsi_disk_emulate_reqops,
2532 [MECHANISM_STATUS] = &scsi_disk_emulate_reqops,
2533 [SERVICE_ACTION_IN_16] = &scsi_disk_emulate_reqops,
2534 [REQUEST_SENSE] = &scsi_disk_emulate_reqops,
2535 [SYNCHRONIZE_CACHE] = &scsi_disk_emulate_reqops,
2536 [SEEK_10] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2537 [MODE_SELECT] = &scsi_disk_emulate_reqops,
2538 [MODE_SELECT_10] = &scsi_disk_emulate_reqops,
5222aaf2 2539 [UNMAP] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2540 [WRITE_SAME_10] = &scsi_disk_emulate_reqops,
2541 [WRITE_SAME_16] = &scsi_disk_emulate_reqops,
d97e7730
PB		 2542 [VERIFY_10] = &scsi_disk_emulate_reqops,
2543 [VERIFY_12] = &scsi_disk_emulate_reqops,
2544 [VERIFY_16] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2545
2546 [READ_6] = &scsi_disk_dma_reqops,
2547 [READ_10] = &scsi_disk_dma_reqops,
2548 [READ_12] = &scsi_disk_dma_reqops,
2549 [READ_16] = &scsi_disk_dma_reqops,
b08d0ea0
PB		 2550 [WRITE_6] = &scsi_disk_dma_reqops,
2551 [WRITE_10] = &scsi_disk_dma_reqops,
2552 [WRITE_12] = &scsi_disk_dma_reqops,
2553 [WRITE_16] = &scsi_disk_dma_reqops,
2554 [WRITE_VERIFY_10] = &scsi_disk_dma_reqops,
2555 [WRITE_VERIFY_12] = &scsi_disk_dma_reqops,
2556 [WRITE_VERIFY_16] = &scsi_disk_dma_reqops,
2557};
2558
59ee9500
LV		 2559static void scsi_disk_new_request_dump(uint32_t lun, uint32_t tag, uint8_t *buf)
2560{
2561 int i;
2562 int len = scsi_cdb_length(buf);
2563 char *line_buffer, *p;
2564
2565 line_buffer = g_malloc(len * 5 + 1);
2566
2567 for (i = 0, p = line_buffer; i < len; i++) {
2568 p += sprintf(p, " 0x%02x", buf[i]);
2569 }
2570 trace_scsi_disk_new_request(lun, tag, line_buffer);
2571
2572 g_free(line_buffer);
2573}
2574
63db0f0e
PB		 2575static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
2576 uint8_t *buf, void *hba_private)
8dbd4574
PB		 2577{
2578 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2579 SCSIRequest *req;
b08d0ea0
PB		 2580 const SCSIReqOps *ops;
2581 uint8_t command;
8dbd4574 2582
79fb50bb
PB		 2583 command = buf[0];
2584 ops = scsi_disk_reqops_dispatch[command];
2585 if (!ops) {
2586 ops = &scsi_disk_emulate_reqops;
2587 }
2588 req = scsi_req_alloc(ops, &s->qdev, tag, lun, hba_private);
2589
59ee9500
LV		 2590 if (trace_event_get_state_backends(TRACE_SCSI_DISK_NEW_REQUEST)) {
2591 scsi_disk_new_request_dump(lun, tag, buf);
b08d0ea0 2592 }
b08d0ea0 2593
8dbd4574
PB		 2594 return req;
2595}
2596
336a6915
PB		 2597#ifdef __linux__
2598static int get_device_type(SCSIDiskState *s)
2599{
336a6915
PB		 2600 uint8_t cmd[16];
2601 uint8_t buf[36];
336a6915
PB		 2602 int ret;
2603
2604 memset(cmd, 0, sizeof(cmd));
2605 memset(buf, 0, sizeof(buf));
2606 cmd[0] = INQUIRY;
2607 cmd[4] = sizeof(buf);
2608
a0c7e35b
DHB		 2609 ret = scsi_SG_IO_FROM_DEV(s->qdev.conf.blk, cmd, sizeof(cmd),
2610 buf, sizeof(buf));
2611 if (ret < 0) {
336a6915
PB		 2612 return -1;
2613 }
2614 s->qdev.type = buf[0];
bfe3d7ac
PB		 2615 if (buf[1] & 0x80) {
2616 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2617 }
336a6915
PB		 2618 return 0;
2619}
2620
a818a4b6 2621static void scsi_block_realize(SCSIDevice *dev, Error **errp)
336a6915
PB		 2622{
2623 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
3ff35ba3 2624 AioContext *ctx;
336a6915
PB		 2625 int sg_version;
2626 int rc;
2627
4be74634 2628 if (!s->qdev.conf.blk) {
a818a4b6
FZ		 2629 error_setg(errp, "drive property not set");
2630 return;
336a6915
PB		 2631 }
2632
51f43d57
FZ		 2633 if (s->rotation_rate) {
2634 error_report_once("rotation_rate is specified for scsi-block but is "
2635 "not implemented. This option is deprecated and will "
2636 "be removed in a future version");
2637 }
2638
3ff35ba3
AG		 2639 ctx = blk_get_aio_context(s->qdev.conf.blk);
2640 aio_context_acquire(ctx);
2641
336a6915 2642 /* check we are using a driver managing SG_IO (version 3 and after) */
4be74634 2643 rc = blk_ioctl(s->qdev.conf.blk, SG_GET_VERSION_NUM, &sg_version);
4bbeb8b1 2644 if (rc < 0) {
09c2c6ff
PB		 2645 error_setg_errno(errp, -rc, "cannot get SG_IO version number");
2646 if (rc != -EPERM) {
2647 error_append_hint(errp, "Is this a SCSI device?\n");
2648 }
3ff35ba3 2649 goto out;
4bbeb8b1
FZ		 2650 }
2651 if (sg_version < 30000) {
a818a4b6 2652 error_setg(errp, "scsi generic interface too old");
3ff35ba3 2653 goto out;
336a6915
PB		 2654 }
2655
2656 /* get device type from INQUIRY data */
2657 rc = get_device_type(s);
2658 if (rc < 0) {
a818a4b6 2659 error_setg(errp, "INQUIRY failed");
3ff35ba3 2660 goto out;
336a6915
PB		 2661 }
2662
2663 /* Make a guess for the block size, we'll fix it when the guest sends.
2664 * READ CAPACITY. If they don't, they likely would assume these sizes
2665 * anyway. (TODO: check in /sys).
2666 */
2667 if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) {
2668 s->qdev.blocksize = 2048;
2669 } else {
2670 s->qdev.blocksize = 512;
2671 }
18e673b8
PH		 2672
2673 /* Makes the scsi-block device not removable by using HMP and QMP eject
2674 * command.
2675 */
2676 s->features |= (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS);
2677
a818a4b6 2678 scsi_realize(&s->qdev, errp);
a71c775b 2679 scsi_generic_read_device_inquiry(&s->qdev);
3ff35ba3
AG		 2680
2681out:
2682 aio_context_release(ctx);
336a6915
PB		 2683}
2684
8fdc7839
PB		 2685typedef struct SCSIBlockReq {
2686 SCSIDiskReq req;
2687 sg_io_hdr_t io_header;
2688
2689 /* Selected bytes of the original CDB, copied into our own CDB. */
2690 uint8_t cmd, cdb1, group_number;
2691
2692 /* CDB passed to SG_IO. */
2693 uint8_t cdb[16];
2694} SCSIBlockReq;
2695
2696static BlockAIOCB *scsi_block_do_sgio(SCSIBlockReq *req,
2697 int64_t offset, QEMUIOVector *iov,
2698 int direction,
2699 BlockCompletionFunc *cb, void *opaque)
2700{
2701 sg_io_hdr_t *io_header = &req->io_header;
2702 SCSIDiskReq *r = &req->req;
2703 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2704 int nb_logical_blocks;
2705 uint64_t lba;
2706 BlockAIOCB *aiocb;
2707
2708 /* This is not supported yet. It can only happen if the guest does
2709 * reads and writes that are not aligned to one logical sectors
2710 * _and_ cover multiple MemoryRegions.
2711 */
2712 assert(offset % s->qdev.blocksize == 0);
2713 assert(iov->size % s->qdev.blocksize == 0);
2714
2715 io_header->interface_id = 'S';
2716
2717 /* The data transfer comes from the QEMUIOVector. */
2718 io_header->dxfer_direction = direction;
2719 io_header->dxfer_len = iov->size;
2720 io_header->dxferp = (void *)iov->iov;
2721 io_header->iovec_count = iov->niov;
2722 assert(io_header->iovec_count == iov->niov); /* no overflow! */
2723
2724 /* Build a new CDB with the LBA and length patched in, in case
2725 * DMA helpers split the transfer in multiple segments. Do not
2726 * build a CDB smaller than what the guest wanted, and only build
2727 * a larger one if strictly necessary.
2728 */
2729 io_header->cmdp = req->cdb;
2730 lba = offset / s->qdev.blocksize;
2731 nb_logical_blocks = io_header->dxfer_len / s->qdev.blocksize;
2732
2733 if ((req->cmd >> 5) == 0 && lba <= 0x1ffff) {
2734 /* 6-byte CDB */
2735 stl_be_p(&req->cdb[0], lba | (req->cmd << 24));
2736 req->cdb[4] = nb_logical_blocks;
2737 req->cdb[5] = 0;
2738 io_header->cmd_len = 6;
2739 } else if ((req->cmd >> 5) <= 1 && lba <= 0xffffffffULL) {
2740 /* 10-byte CDB */
2741 req->cdb[0] = (req->cmd & 0x1f) | 0x20;
2742 req->cdb[1] = req->cdb1;
2743 stl_be_p(&req->cdb[2], lba);
2744 req->cdb[6] = req->group_number;
2745 stw_be_p(&req->cdb[7], nb_logical_blocks);
2746 req->cdb[9] = 0;
2747 io_header->cmd_len = 10;
2748 } else if ((req->cmd >> 5) != 4 && lba <= 0xffffffffULL) {
2749 /* 12-byte CDB */
2750 req->cdb[0] = (req->cmd & 0x1f) | 0xA0;
2751 req->cdb[1] = req->cdb1;
2752 stl_be_p(&req->cdb[2], lba);
2753 stl_be_p(&req->cdb[6], nb_logical_blocks);
2754 req->cdb[10] = req->group_number;
2755 req->cdb[11] = 0;
2756 io_header->cmd_len = 12;
2757 } else {
2758 /* 16-byte CDB */
2759 req->cdb[0] = (req->cmd & 0x1f) | 0x80;
2760 req->cdb[1] = req->cdb1;
2761 stq_be_p(&req->cdb[2], lba);
2762 stl_be_p(&req->cdb[10], nb_logical_blocks);
2763 req->cdb[14] = req->group_number;
2764 req->cdb[15] = 0;
2765 io_header->cmd_len = 16;
2766 }
2767
2768 /* The rest is as in scsi-generic.c. */
2769 io_header->mx_sb_len = sizeof(r->req.sense);
2770 io_header->sbp = r->req.sense;
2771 io_header->timeout = UINT_MAX;
2772 io_header->usr_ptr = r;
2773 io_header->flags |= SG_FLAG_DIRECT_IO;
2774
2775 aiocb = blk_aio_ioctl(s->qdev.conf.blk, SG_IO, io_header, cb, opaque);
2776 assert(aiocb != NULL);
2777 return aiocb;
2778}
2779
2780static bool scsi_block_no_fua(SCSICommand *cmd)
2781{
2782 return false;
2783}
2784
2785static BlockAIOCB *scsi_block_dma_readv(int64_t offset,
2786 QEMUIOVector *iov,
2787 BlockCompletionFunc *cb, void *cb_opaque,
2788 void *opaque)
2789{
2790 SCSIBlockReq *r = opaque;
2791 return scsi_block_do_sgio(r, offset, iov,
2792 SG_DXFER_FROM_DEV, cb, cb_opaque);
2793}
2794
2795static BlockAIOCB *scsi_block_dma_writev(int64_t offset,
2796 QEMUIOVector *iov,
2797 BlockCompletionFunc *cb, void *cb_opaque,
2798 void *opaque)
2799{
2800 SCSIBlockReq *r = opaque;
2801 return scsi_block_do_sgio(r, offset, iov,
2802 SG_DXFER_TO_DEV, cb, cb_opaque);
2803}
2804
592c3b28 2805static bool scsi_block_is_passthrough(SCSIDiskState *s, uint8_t *buf)
336a6915 2806{
336a6915 2807 switch (buf[0]) {
8fdc7839
PB		 2808 case VERIFY_10:
2809 case VERIFY_12:
2810 case VERIFY_16:
2811 /* Check if BYTCHK == 0x01 (data-out buffer contains data
2812 * for the number of logical blocks specified in the length
2813 * field). For other modes, do not use scatter/gather operation.
2814 */
1f8af0d1 2815 if ((buf[1] & 6) == 2) {
8fdc7839
PB		 2816 return false;
2817 }
2818 break;
2819
336a6915
PB		 2820 case READ_6:
2821 case READ_10:
2822 case READ_12:
2823 case READ_16:
2824 case WRITE_6:
2825 case WRITE_10:
2826 case WRITE_12:
2827 case WRITE_16:
2828 case WRITE_VERIFY_10:
2829 case WRITE_VERIFY_12:
2830 case WRITE_VERIFY_16:
8fdc7839 2831 /* MMC writing cannot be done via DMA helpers, because it sometimes
33ebad12 2832 * involves writing beyond the maximum LBA or to negative LBA (lead-in).
166dbda7 2833 * We might use scsi_block_dma_reqops as long as no writing commands are
33ebad12
PB		 2834 * seen, but performance usually isn't paramount on optical media. So,
2835 * just make scsi-block operate the same as scsi-generic for them.
2836 */
b08d0ea0 2837 if (s->qdev.type != TYPE_ROM) {
592c3b28 2838 return false;
b08d0ea0 2839 }
592c3b28
PB		 2840 break;
2841
2842 default:
2843 break;
336a6915
PB		 2844 }
2845
592c3b28
PB		 2846 return true;
2847}
2848
2849
8fdc7839
PB		 2850static int32_t scsi_block_dma_command(SCSIRequest *req, uint8_t *buf)
2851{
2852 SCSIBlockReq *r = (SCSIBlockReq *)req;
2343be0d
PB		 2853 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
2854
8fdc7839
PB		 2855 r->cmd = req->cmd.buf[0];
2856 switch (r->cmd >> 5) {
2857 case 0:
2858 /* 6-byte CDB. */
2859 r->cdb1 = r->group_number = 0;
2860 break;
2861 case 1:
2862 /* 10-byte CDB. */
2863 r->cdb1 = req->cmd.buf[1];
2864 r->group_number = req->cmd.buf[6];
ed45cae3 2865 break;
8fdc7839
PB		 2866 case 4:
2867 /* 12-byte CDB. */
2868 r->cdb1 = req->cmd.buf[1];
2869 r->group_number = req->cmd.buf[10];
2870 break;
2871 case 5:
2872 /* 16-byte CDB. */
2873 r->cdb1 = req->cmd.buf[1];
2874 r->group_number = req->cmd.buf[14];
2875 break;
2876 default:
2877 abort();
2878 }
2879
2343be0d
PB		 2880 /* Protection information is not supported. For SCSI versions 2 and
2881 * older (as determined by snooping the guest's INQUIRY commands),
2882 * there is no RD/WR/VRPROTECT, so skip this check in these versions.
2883 */
2884 if (s->qdev.scsi_version > 2 && (req->cmd.buf[1] & 0xe0)) {
8fdc7839
PB		 2885 scsi_check_condition(&r->req, SENSE_CODE(INVALID_FIELD));
2886 return 0;
2887 }
2888
2889 r->req.status = &r->io_header.status;
2890 return scsi_disk_dma_command(req, buf);
2891}
2892
2893static const SCSIReqOps scsi_block_dma_reqops = {
2894 .size = sizeof(SCSIBlockReq),
2895 .free_req = scsi_free_request,
2896 .send_command = scsi_block_dma_command,
2897 .read_data = scsi_read_data,
2898 .write_data = scsi_write_data,
2899 .get_buf = scsi_get_buf,
2900 .load_request = scsi_disk_load_request,
2901 .save_request = scsi_disk_save_request,
2902};
2903
592c3b28
PB		 2904static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag,
2905 uint32_t lun, uint8_t *buf,
2906 void *hba_private)
2907{
2908 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2909
2910 if (scsi_block_is_passthrough(s, buf)) {
2911 return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun,
2912 hba_private);
2913 } else {
8fdc7839 2914 return scsi_req_alloc(&scsi_block_dma_reqops, &s->qdev, tag, lun,
592c3b28
PB		 2915 hba_private);
2916 }
336a6915 2917}
3e7e180a
PB		 2918
2919static int scsi_block_parse_cdb(SCSIDevice *d, SCSICommand *cmd,
2920 uint8_t *buf, void *hba_private)
2921{
2922 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2923
2924 if (scsi_block_is_passthrough(s, buf)) {
2925 return scsi_bus_parse_cdb(&s->qdev, cmd, buf, hba_private);
2926 } else {
2927 return scsi_req_parse_cdb(&s->qdev, cmd, buf);
2928 }
2929}
2930
d31347f5
SK		 2931static void scsi_block_update_sense(SCSIRequest *req)
2932{
2933 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2934 SCSIBlockReq *br = DO_UPCAST(SCSIBlockReq, req, r);
2935 r->req.sense_len = MIN(br->io_header.sb_len_wr, sizeof(r->req.sense));
2936}
336a6915
PB		 2937#endif
2938
fcaafb10
PB		 2939static
2940BlockAIOCB *scsi_dma_readv(int64_t offset, QEMUIOVector *iov,
2941 BlockCompletionFunc *cb, void *cb_opaque,
2942 void *opaque)
2943{
2944 SCSIDiskReq *r = opaque;
2945 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2946 return blk_aio_preadv(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2947}
2948
2949static
2950BlockAIOCB *scsi_dma_writev(int64_t offset, QEMUIOVector *iov,
2951 BlockCompletionFunc *cb, void *cb_opaque,
2952 void *opaque)
2953{
2954 SCSIDiskReq *r = opaque;
2955 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2956 return blk_aio_pwritev(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2957}
2958
993935f3
PB		 2959static void scsi_disk_base_class_initfn(ObjectClass *klass, void *data)
2960{
2961 DeviceClass *dc = DEVICE_CLASS(klass);
fcaafb10 2962 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
993935f3
PB		 2963
2964 dc->fw_name = "disk";
2965 dc->reset = scsi_disk_reset;
fcaafb10
PB		 2966 sdc->dma_readv = scsi_dma_readv;
2967 sdc->dma_writev = scsi_dma_writev;
94f8ba11 2968 sdc->need_fua_emulation = scsi_is_cmd_fua;
993935f3
PB		 2969}
2970
2971static const TypeInfo scsi_disk_base_info = {
2972 .name = TYPE_SCSI_DISK_BASE,
2973 .parent = TYPE_SCSI_DEVICE,
2974 .class_init = scsi_disk_base_class_initfn,
2975 .instance_size = sizeof(SCSIDiskState),
fcaafb10 2976 .class_size = sizeof(SCSIDiskClass),
6214a11a 2977 .abstract = true,
993935f3
PB		 2978};
2979
4f71fb43
KW		 2980#define DEFINE_SCSI_DISK_PROPERTIES() \
2981 DEFINE_PROP_DRIVE_IOTHREAD("drive", SCSIDiskState, qdev.conf.blk), \
2982 DEFINE_BLOCK_PROPERTIES_BASE(SCSIDiskState, qdev.conf), \
2983 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf), \
2984 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
2985 DEFINE_PROP_STRING("serial", SCSIDiskState, serial), \
2986 DEFINE_PROP_STRING("vendor", SCSIDiskState, vendor), \
2987 DEFINE_PROP_STRING("product", SCSIDiskState, product), \
7471a649
KW		 2988 DEFINE_PROP_STRING("device_id", SCSIDiskState, device_id)
2989
b443ae67 2990
39bffca2
AL		 2991static Property scsi_hd_properties[] = {
2992 DEFINE_SCSI_DISK_PROPERTIES(),
bfe3d7ac
PB		 2993 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2994 SCSI_DISK_F_REMOVABLE, false),
da8365db
PB		 2995 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2996 SCSI_DISK_F_DPOFUA, false),
2ecab408
PB		 2997 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
2998 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
64cc2284 2999 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
8a1bd297
PB		 3000 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3001 DEFAULT_MAX_UNMAP_SIZE),
f8e1f533
PB		 3002 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3003 DEFAULT_MAX_IO_SIZE),
070f8009 3004 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),
2343be0d
PB		 3005 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3006 5),
d252df48 3007 DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState, qdev.conf),
39bffca2
AL		 3008 DEFINE_PROP_END_OF_LIST(),
3009};
3010
43b978b9
PB		 3011static const VMStateDescription vmstate_scsi_disk_state = {
3012 .name = "scsi-disk",
3013 .version_id = 1,
3014 .minimum_version_id = 1,
43b978b9
PB		 3015 .fields = (VMStateField[]) {
3016 VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState),
3017 VMSTATE_BOOL(media_changed, SCSIDiskState),
3018 VMSTATE_BOOL(media_event, SCSIDiskState),
3019 VMSTATE_BOOL(eject_request, SCSIDiskState),
3020 VMSTATE_BOOL(tray_open, SCSIDiskState),
3021 VMSTATE_BOOL(tray_locked, SCSIDiskState),
3022 VMSTATE_END_OF_LIST()
3023 }
3024};
3025
b9eea3e6
AL		 3026static void scsi_hd_class_initfn(ObjectClass *klass, void *data)
3027{
39bffca2 3028 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 3029 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3030
a818a4b6 3031 sc->realize = scsi_hd_realize;
71f571a2 3032 sc->unrealize = scsi_unrealize;
b9eea3e6
AL		 3033 sc->alloc_req = scsi_new_request;
3034 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2 3035 dc->desc = "virtual SCSI disk";
4f67d30b 3036 device_class_set_props(dc, scsi_hd_properties);
43b978b9 3037 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 3038}
3039
8c43a6f0 3040static const TypeInfo scsi_hd_info = {
39bffca2 3041 .name = "scsi-hd",
993935f3 3042 .parent = TYPE_SCSI_DISK_BASE,
39bffca2
AL		 3043 .class_init = scsi_hd_class_initfn,
3044};
3045
3046static Property scsi_cd_properties[] = {
3047 DEFINE_SCSI_DISK_PROPERTIES(),
2ecab408
PB		 3048 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3049 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
64cc2284 3050 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
f8e1f533
PB		 3051 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3052 DEFAULT_MAX_IO_SIZE),
2343be0d
PB		 3053 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3054 5),
39bffca2 3055 DEFINE_PROP_END_OF_LIST(),
b9eea3e6
AL		 3056};
3057
3058static void scsi_cd_class_initfn(ObjectClass *klass, void *data)
3059{
39bffca2 3060 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 3061 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3062
a818a4b6 3063 sc->realize = scsi_cd_realize;
b9eea3e6
AL		 3064 sc->alloc_req = scsi_new_request;
3065 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2 3066 dc->desc = "virtual SCSI CD-ROM";
4f67d30b 3067 device_class_set_props(dc, scsi_cd_properties);
43b978b9 3068 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 3069}
3070
8c43a6f0 3071static const TypeInfo scsi_cd_info = {
39bffca2 3072 .name = "scsi-cd",
993935f3 3073 .parent = TYPE_SCSI_DISK_BASE,
39bffca2 3074 .class_init = scsi_cd_class_initfn,
b9eea3e6
AL		 3075};
3076
336a6915 3077#ifdef __linux__
39bffca2 3078static Property scsi_block_properties[] = {
78ee6bd0 3079 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf),
4be74634 3080 DEFINE_PROP_DRIVE("drive", SCSIDiskState, qdev.conf.blk),
07488549 3081 DEFINE_PROP_BOOL("share-rw", SCSIDiskState, qdev.conf.share_rw, false),
070f8009 3082 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),
0a96ca24
DHB		 3083 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3084 DEFAULT_MAX_UNMAP_SIZE),
3085 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3086 DEFAULT_MAX_IO_SIZE),
2343be0d 3087 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
29e560f0 3088 -1),
39bffca2
AL		 3089 DEFINE_PROP_END_OF_LIST(),
3090};
3091
b9eea3e6
AL		 3092static void scsi_block_class_initfn(ObjectClass *klass, void *data)
3093{
39bffca2 3094 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6 3095 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
8fdc7839 3096 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
b9eea3e6 3097
a818a4b6 3098 sc->realize = scsi_block_realize;
b9eea3e6 3099 sc->alloc_req = scsi_block_new_request;
3e7e180a 3100 sc->parse_cdb = scsi_block_parse_cdb;
8fdc7839
PB		 3101 sdc->dma_readv = scsi_block_dma_readv;
3102 sdc->dma_writev = scsi_block_dma_writev;
d31347f5 3103 sdc->update_sense = scsi_block_update_sense;
8fdc7839 3104 sdc->need_fua_emulation = scsi_block_no_fua;
39bffca2 3105 dc->desc = "SCSI block device passthrough";
4f67d30b 3106 device_class_set_props(dc, scsi_block_properties);
43b978b9 3107 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 3108}
3109
8c43a6f0 3110static const TypeInfo scsi_block_info = {
39bffca2 3111 .name = "scsi-block",
993935f3 3112 .parent = TYPE_SCSI_DISK_BASE,
39bffca2 3113 .class_init = scsi_block_class_initfn,
b9eea3e6 3114};
336a6915 3115#endif
b9eea3e6 3116
39bffca2
AL		 3117static Property scsi_disk_properties[] = {
3118 DEFINE_SCSI_DISK_PROPERTIES(),
bfe3d7ac
PB		 3119 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
3120 SCSI_DISK_F_REMOVABLE, false),
da8365db
PB		 3121 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
3122 SCSI_DISK_F_DPOFUA, false),
2ecab408
PB		 3123 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3124 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
64cc2284 3125 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
8a1bd297
PB		 3126 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3127 DEFAULT_MAX_UNMAP_SIZE),
f8e1f533
PB		 3128 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3129 DEFAULT_MAX_IO_SIZE),
2343be0d
PB		 3130 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3131 5),
39bffca2
AL		 3132 DEFINE_PROP_END_OF_LIST(),
3133};
3134
b9eea3e6
AL		 3135static void scsi_disk_class_initfn(ObjectClass *klass, void *data)
3136{
39bffca2 3137 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 3138 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3139
a818a4b6 3140 sc->realize = scsi_disk_realize;
b9eea3e6
AL		 3141 sc->alloc_req = scsi_new_request;
3142 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2
AL		 3143 dc->fw_name = "disk";
3144 dc->desc = "virtual SCSI disk or CD-ROM (legacy)";
3145 dc->reset = scsi_disk_reset;
4f67d30b 3146 device_class_set_props(dc, scsi_disk_properties);
43b978b9 3147 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 3148}
3149
8c43a6f0 3150static const TypeInfo scsi_disk_info = {
39bffca2 3151 .name = "scsi-disk",
993935f3 3152 .parent = TYPE_SCSI_DISK_BASE,
39bffca2 3153 .class_init = scsi_disk_class_initfn,
d52affa7
GH		 3154};
3155
83f7d43a 3156static void scsi_disk_register_types(void)
d52affa7 3157{
993935f3 3158 type_register_static(&scsi_disk_base_info);
39bffca2
AL		 3159 type_register_static(&scsi_hd_info);
3160 type_register_static(&scsi_cd_info);
b9eea3e6 3161#ifdef __linux__
39bffca2 3162 type_register_static(&scsi_block_info);
b9eea3e6 3163#endif
39bffca2 3164 type_register_static(&scsi_disk_info);
8ccc2ace 3165}
83f7d43a
AF		 3166
3167type_init(scsi_disk_register_types)
QEMU mirror