]> git.proxmox.com Git - mirror_qemu.git/blame - hw/scsi/scsi-disk.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
chardev: tcp: let TLS run on chardev context
[mirror_qemu.git] / hw / scsi / scsi-disk.c
CommitLineData
2e5d83bb
PB		 1/*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
ad3cea42
AT		 8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
2e5d83bb 14 *
8e31bf38 15 * This code is licensed under the LGPL.
a917d384
PB		 16 *
17 * Note that this file only handles the SCSI architecture model and device
1d4db89c
AZ		 18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
2e5d83bb
PB		 20 */
21
22//#define DEBUG_SCSI
23
24#ifdef DEBUG_SCSI
001faf32
BS		 25#define DPRINTF(fmt, ...) \
26do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
2e5d83bb 27#else
001faf32 28#define DPRINTF(fmt, ...) do {} while(0)
2e5d83bb
PB		 29#endif
30
a4ab4792 31#include "qemu/osdep.h"
da34e65c 32#include "qapi/error.h"
1de7afc9 33#include "qemu/error-report.h"
0d09e41a 34#include "hw/scsi/scsi.h"
08e2c9f1 35#include "scsi/constants.h"
9c17d615 36#include "sysemu/sysemu.h"
4be74634 37#include "sysemu/block-backend.h"
9c17d615 38#include "sysemu/blockdev.h"
0d09e41a 39#include "hw/block/block.h"
9c17d615 40#include "sysemu/dma.h"
f348b6d1 41#include "qemu/cutils.h"
22864256 42
336a6915
PB		 43#ifdef __linux
44#include <scsi/sg.h>
45#endif
46
84f94a9a 47#define SCSI_WRITE_SAME_MAX 524288
215e47b9
PB		 48#define SCSI_DMA_BUF_SIZE 131072
49#define SCSI_MAX_INQUIRY_LEN 256
50#define SCSI_MAX_MODE_LEN 256
51
52#define DEFAULT_DISCARD_GRANULARITY 4096
8a1bd297 53#define DEFAULT_MAX_UNMAP_SIZE (1 << 30) /* 1 GB */
f8e1f533 54#define DEFAULT_MAX_IO_SIZE INT_MAX /* 2 GB - 1 block */
a917d384 55
993935f3
PB		 56#define TYPE_SCSI_DISK_BASE "scsi-disk-base"
57
fcaafb10
PB		 58#define SCSI_DISK_BASE(obj) \
59 OBJECT_CHECK(SCSIDiskState, (obj), TYPE_SCSI_DISK_BASE)
60#define SCSI_DISK_BASE_CLASS(klass) \
61 OBJECT_CLASS_CHECK(SCSIDiskClass, (klass), TYPE_SCSI_DISK_BASE)
62#define SCSI_DISK_BASE_GET_CLASS(obj) \
63 OBJECT_GET_CLASS(SCSIDiskClass, (obj), TYPE_SCSI_DISK_BASE)
64
65typedef struct SCSIDiskClass {
66 SCSIDeviceClass parent_class;
67 DMAIOFunc *dma_readv;
68 DMAIOFunc *dma_writev;
94f8ba11 69 bool (*need_fua_emulation)(SCSICommand *cmd);
fcaafb10 70} SCSIDiskClass;
d52affa7 71
4c41d2ef
GH		 72typedef struct SCSIDiskReq {
73 SCSIRequest req;
a917d384 74 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
e035b43d
AL		 75 uint64_t sector;
76 uint32_t sector_count;
7285477a 77 uint32_t buflen;
a0e66a69 78 bool started;
94f8ba11 79 bool need_fua_emulation;
c87c0672
AL		 80 struct iovec iov;
81 QEMUIOVector qiov;
a597e79c 82 BlockAcctCookie acct;
8fdc7839 83 unsigned char *status;
4c41d2ef 84} SCSIDiskReq;
a917d384 85
18e673b8
PH		 86#define SCSI_DISK_F_REMOVABLE 0
87#define SCSI_DISK_F_DPOFUA 1
88#define SCSI_DISK_F_NO_REMOVABLE_DEVOPS 2
bfe3d7ac 89
fcaafb10 90typedef struct SCSIDiskState
a917d384 91{
d52affa7 92 SCSIDevice qdev;
bfe3d7ac 93 uint32_t features;
8a9c16f6 94 bool media_changed;
3c2f7c12 95 bool media_event;
4480de19 96 bool eject_request;
64cc2284 97 uint16_t port_index;
8a1bd297 98 uint64_t max_unmap_size;
f8e1f533 99 uint64_t max_io_size;
213189ab 100 QEMUBH *bh;
383b4d9b 101 char *version;
a0fef654 102 char *serial;
353815aa
DF		 103 char *vendor;
104 char *product;
ece0d5e9 105 bool tray_open;
81b1008d 106 bool tray_locked;
070f8009
DB		 107 /*
108 * 0x0000 - rotation rate not reported
109 * 0x0001 - non-rotating medium (SSD)
110 * 0x0002-0x0400 - reserved
111 * 0x0401-0xffe - rotations per minute
112 * 0xffff - reserved
113 */
114 uint16_t rotation_rate;
fcaafb10 115} SCSIDiskState;
2e5d83bb 116
14b20748 117static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed);
5dba48a8 118
ad2d30f7 119static void scsi_free_request(SCSIRequest *req)
4d611c9a 120{
ad2d30f7
PB		 121 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
122
db4c34c3 123 qemu_vfree(r->iov.iov_base);
4d611c9a
PB		 124}
125
b45ef674
PB		 126/* Helper function for command completion with sense. */
127static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
ed3a34a3 128{
02fa69b6
BS		 129 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n",
130 r->req.tag, sense.key, sense.asc, sense.ascq);
b45ef674
PB		 131 scsi_req_build_sense(&r->req, sense);
132 scsi_req_complete(&r->req, CHECK_CONDITION);
4d611c9a
PB		 133}
134
03c90063 135static void scsi_init_iovec(SCSIDiskReq *r, size_t size)
103b40f5 136{
7285477a
PB		 137 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
138
139 if (!r->iov.iov_base) {
43b978b9 140 r->buflen = size;
4be74634 141 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
7285477a
PB		 142 }
143 r->iov.iov_len = MIN(r->sector_count * 512, r->buflen);
103b40f5 144 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
103b40f5
PB		 145}
146
43b978b9
PB		 147static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req)
148{
149 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
150
151 qemu_put_be64s(f, &r->sector);
152 qemu_put_be32s(f, &r->sector_count);
153 qemu_put_be32s(f, &r->buflen);
18eef3bc
GH		 154 if (r->buflen) {
155 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
156 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
157 } else if (!req->retry) {
158 uint32_t len = r->iov.iov_len;
159 qemu_put_be32s(f, &len);
160 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
161 }
43b978b9
PB		 162 }
163}
164
165static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req)
166{
167 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
168
169 qemu_get_be64s(f, &r->sector);
170 qemu_get_be32s(f, &r->sector_count);
171 qemu_get_be32s(f, &r->buflen);
172 if (r->buflen) {
173 scsi_init_iovec(r, r->buflen);
174 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
175 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
18eef3bc
GH		 176 } else if (!r->req.retry) {
177 uint32_t len;
178 qemu_get_be32s(f, &len);
179 r->iov.iov_len = len;
180 assert(r->iov.iov_len <= r->buflen);
181 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
43b978b9
PB		 182 }
183 }
184
185 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
186}
187
5b956f41
PB		 188static bool scsi_disk_req_check_error(SCSIDiskReq *r, int ret, bool acct_failed)
189{
190 if (r->req.io_canceled) {
191 scsi_req_cancel_complete(&r->req);
192 return true;
193 }
194
14b20748 195 if (ret < 0 || (r->status && *r->status)) {
5b956f41
PB		 196 return scsi_handle_rw_error(r, -ret, acct_failed);
197 }
198
199 return false;
200}
201
c1b35247 202static void scsi_aio_complete(void *opaque, int ret)
5d0d2467
PB		 203{
204 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
205 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
206
46e3f30e
PB		 207 assert(r->req.aiocb != NULL);
208 r->req.aiocb = NULL;
b9e413dd 209 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
5b956f41 210 if (scsi_disk_req_check_error(r, ret, true)) {
0c92e0e6
PB		 211 goto done;
212 }
5d0d2467 213
d7628080 214 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
5d0d2467
PB		 215 scsi_req_complete(&r->req, GOOD);
216
217done:
b9e413dd 218 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
3df9caf8 219 scsi_req_unref(&r->req);
5d0d2467
PB		 220}
221
7e8c49c5
PB		 222static bool scsi_is_cmd_fua(SCSICommand *cmd)
223{
224 switch (cmd->buf[0]) {
225 case READ_10:
226 case READ_12:
227 case READ_16:
228 case WRITE_10:
229 case WRITE_12:
230 case WRITE_16:
231 return (cmd->buf[1] & 8) != 0;
232
7f64f8e2
PB		 233 case VERIFY_10:
234 case VERIFY_12:
235 case VERIFY_16:
7e8c49c5
PB		 236 case WRITE_VERIFY_10:
237 case WRITE_VERIFY_12:
238 case WRITE_VERIFY_16:
239 return true;
240
241 case READ_6:
242 case WRITE_6:
243 default:
244 return false;
245 }
246}
247
248static void scsi_write_do_fua(SCSIDiskReq *r)
249{
250 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
251
5fd2b563 252 assert(r->req.aiocb == NULL);
5b956f41 253 assert(!r->req.io_canceled);
0c92e0e6 254
94f8ba11 255 if (r->need_fua_emulation) {
4be74634 256 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 257 BLOCK_ACCT_FLUSH);
4be74634 258 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
7e8c49c5
PB		 259 return;
260 }
261
262 scsi_req_complete(&r->req, GOOD);
3df9caf8 263 scsi_req_unref(&r->req);
7e8c49c5
PB		 264}
265
5fd2b563 266static void scsi_dma_complete_noio(SCSIDiskReq *r, int ret)
a917d384 267{
5fd2b563 268 assert(r->req.aiocb == NULL);
5b956f41 269 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 270 goto done;
271 }
a597e79c 272
b77912a7
PB		 273 r->sector += r->sector_count;
274 r->sector_count = 0;
7e8c49c5
PB		 275 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
276 scsi_write_do_fua(r);
277 return;
278 } else {
279 scsi_req_complete(&r->req, GOOD);
280 }
c7bae6a7
PB		 281
282done:
3df9caf8 283 scsi_req_unref(&r->req);
4d611c9a
PB		 284}
285
ef8489d4
PB		 286static void scsi_dma_complete(void *opaque, int ret)
287{
288 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
5fd2b563 289 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ef8489d4
PB		 290
291 assert(r->req.aiocb != NULL);
5fd2b563
PB		 292 r->req.aiocb = NULL;
293
b9e413dd 294 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
d7628080
AG		 295 if (ret < 0) {
296 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
297 } else {
298 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
299 }
5fd2b563 300 scsi_dma_complete_noio(r, ret);
b9e413dd 301 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
ef8489d4
PB		 302}
303
b77912a7 304static void scsi_read_complete(void * opaque, int ret)
0a4ac106
PB		 305{
306 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
307 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
b77912a7 308 int n;
0a4ac106 309
46e3f30e
PB		 310 assert(r->req.aiocb != NULL);
311 r->req.aiocb = NULL;
b9e413dd 312 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
5b956f41 313 if (scsi_disk_req_check_error(r, ret, true)) {
0c92e0e6
PB		 314 goto done;
315 }
0a4ac106 316
d7628080 317 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
b77912a7
PB		 318 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->qiov.size);
319
320 n = r->qiov.size / 512;
321 r->sector += n;
322 r->sector_count -= n;
323 scsi_req_data(&r->req, r->qiov.size);
c7bae6a7
PB		 324
325done:
3df9caf8 326 scsi_req_unref(&r->req);
b9e413dd 327 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
0a4ac106 328}
5dba48a8 329
ac668426 330/* Actually issue a read to the block device. */
5fd2b563 331static void scsi_do_read(SCSIDiskReq *r, int ret)
ac668426 332{
ac668426 333 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
fcaafb10 334 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
ac668426 335
5fd2b563 336 assert (r->req.aiocb == NULL);
5b956f41 337 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 338 goto done;
339 }
ac668426 340
31e8fd86
PB		 341 /* The request is used as the AIO opaque value, so add a ref. */
342 scsi_req_ref(&r->req);
343
ac668426 344 if (r->req.sg) {
4be74634 345 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_READ);
ac668426 346 r->req.resid -= r->req.sg->size;
fcaafb10
PB		 347 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
348 r->req.sg, r->sector << BDRV_SECTOR_BITS,
99868af3 349 BDRV_SECTOR_SIZE,
fcaafb10
PB		 350 sdc->dma_readv, r, scsi_dma_complete, r,
351 DMA_DIRECTION_FROM_DEVICE);
ac668426 352 } else {
03c90063 353 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
4be74634 354 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
03c90063 355 r->qiov.size, BLOCK_ACCT_READ);
890e48d7 356 r->req.aiocb = sdc->dma_readv(r->sector << BDRV_SECTOR_BITS, &r->qiov,
fcaafb10 357 scsi_read_complete, r, r);
ac668426
PB		 358 }
359
360done:
3df9caf8 361 scsi_req_unref(&r->req);
ac668426
PB		 362}
363
5fd2b563
PB		 364static void scsi_do_read_cb(void *opaque, int ret)
365{
366 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
367 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
368
369 assert (r->req.aiocb != NULL);
370 r->req.aiocb = NULL;
371
b9e413dd 372 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
d7628080
AG		 373 if (ret < 0) {
374 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
375 } else {
376 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
377 }
5fd2b563 378 scsi_do_read(opaque, ret);
b9e413dd 379 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
5fd2b563
PB		 380}
381
5c6c0e51
HR		 382/* Read more data from scsi device into buffer. */
383static void scsi_read_data(SCSIRequest *req)
2e5d83bb 384{
5c6c0e51 385 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
5dba48a8 386 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ac668426 387 bool first;
2e5d83bb 388
a917d384
PB		 389 DPRINTF("Read sector_count=%d\n", r->sector_count);
390 if (r->sector_count == 0) {
b45ef674
PB		 391 /* This also clears the sense buffer for REQUEST SENSE. */
392 scsi_req_complete(&r->req, GOOD);
a917d384 393 return;
2e5d83bb
PB		 394 }
395
6fa2c95f
SH		 396 /* No data transfer may already be in progress */
397 assert(r->req.aiocb == NULL);
398
c7bae6a7
PB		 399 /* The request is used as the AIO opaque value, so add a ref. */
400 scsi_req_ref(&r->req);
efb9ee02
HR		 401 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
402 DPRINTF("Data transfer direction invalid\n");
403 scsi_read_complete(r, -EINVAL);
404 return;
405 }
406
cd723b85 407 if (!blk_is_available(req->dev->conf.blk)) {
a1aff5bf 408 scsi_read_complete(r, -ENOMEDIUM);
c7bae6a7 409 return;
a1aff5bf 410 }
c7bae6a7 411
ac668426 412 first = !r->started;
a0e66a69 413 r->started = true;
94f8ba11 414 if (first && r->need_fua_emulation) {
4be74634 415 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 416 BLOCK_ACCT_FLUSH);
5fd2b563 417 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_do_read_cb, r);
5d0d2467 418 } else {
ac668426 419 scsi_do_read(r, 0);
5d0d2467 420 }
2e5d83bb
PB		 421}
422
c7bae6a7 423/*
14b20748
FZ		 424 * scsi_handle_rw_error has two return values. False means that the error
425 * must be ignored, true means that the error has been processed and the
c7bae6a7
PB		 426 * caller should not do anything else for this request. Note that
427 * scsi_handle_rw_error always manages its reference counts, independent
428 * of the return value.
429 */
14b20748 430static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed)
5dba48a8 431{
c85a7a00 432 bool is_read = (r->req.cmd.mode == SCSI_XFER_FROM_DEV);
4c41d2ef 433 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
4be74634
MA		 434 BlockErrorAction action = blk_get_error_action(s->qdev.conf.blk,
435 is_read, error);
ea8a5d7f 436
a589569f 437 if (action == BLOCK_ERROR_ACTION_REPORT) {
d7628080
AG		 438 if (acct_failed) {
439 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
440 }
efb9ee02 441 switch (error) {
14b20748
FZ		 442 case 0:
443 /* The command has run, no need to fake sense. */
444 assert(r->status && *r->status);
445 scsi_req_complete(&r->req, *r->status);
446 break;
7e218df5
PB		 447 case ENOMEDIUM:
448 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
449 break;
efb9ee02 450 case ENOMEM:
b45ef674 451 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
efb9ee02
HR		 452 break;
453 case EINVAL:
b45ef674 454 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
efb9ee02 455 break;
703dd81a
PB		 456 case ENOSPC:
457 scsi_check_condition(r, SENSE_CODE(SPACE_ALLOC_FAILED));
458 break;
efb9ee02 459 default:
b45ef674 460 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
efb9ee02 461 break;
a1f0cce2 462 }
ea8a5d7f 463 }
14b20748
FZ		 464 if (!error) {
465 assert(r->status && *r->status);
466 error = scsi_sense_buf_to_errno(r->req.sense, sizeof(r->req.sense));
467
468 if (error == ECANCELED || error == EAGAIN || error == ENOTCONN ||
469 error == 0) {
470 /* These errors are handled by guest. */
471 scsi_req_complete(&r->req, *r->status);
472 return true;
473 }
474 }
475
4be74634 476 blk_error_action(s->qdev.conf.blk, action, is_read, error);
a589569f 477 if (action == BLOCK_ERROR_ACTION_STOP) {
3e1caa5f
PB		 478 scsi_req_retry(&r->req);
479 }
a589569f 480 return action != BLOCK_ERROR_ACTION_IGNORE;
ea8a5d7f
AL		 481}
482
5fd2b563 483static void scsi_write_complete_noio(SCSIDiskReq *r, int ret)
4d611c9a 484{
ea8a5d7f
AL		 485 uint32_t n;
486
5fd2b563 487 assert (r->req.aiocb == NULL);
5b956f41 488 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 489 goto done;
490 }
a597e79c 491
103b40f5 492 n = r->qiov.size / 512;
ea8a5d7f
AL		 493 r->sector += n;
494 r->sector_count -= n;
a917d384 495 if (r->sector_count == 0) {
7e8c49c5
PB		 496 scsi_write_do_fua(r);
497 return;
a917d384 498 } else {
43b978b9 499 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
79fb50bb 500 DPRINTF("Write complete tag=0x%x more=%zd\n", r->req.tag, r->qiov.size);
103b40f5 501 scsi_req_data(&r->req, r->qiov.size);
4d611c9a 502 }
c7bae6a7
PB		 503
504done:
3df9caf8 505 scsi_req_unref(&r->req);
4d611c9a
PB		 506}
507
5fd2b563
PB		 508static void scsi_write_complete(void * opaque, int ret)
509{
510 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
511 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
512
513 assert (r->req.aiocb != NULL);
514 r->req.aiocb = NULL;
515
b9e413dd 516 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
d7628080
AG		 517 if (ret < 0) {
518 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
519 } else {
520 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
521 }
5fd2b563 522 scsi_write_complete_noio(r, ret);
b9e413dd 523 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
5fd2b563
PB		 524}
525
42741212 526static void scsi_write_data(SCSIRequest *req)
ea8a5d7f 527{
5c6c0e51 528 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
4c41d2ef 529 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
fcaafb10 530 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
ea8a5d7f 531
6fa2c95f
SH		 532 /* No data transfer may already be in progress */
533 assert(r->req.aiocb == NULL);
534
c7bae6a7
PB		 535 /* The request is used as the AIO opaque value, so add a ref. */
536 scsi_req_ref(&r->req);
efb9ee02
HR		 537 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
538 DPRINTF("Data transfer direction invalid\n");
5fd2b563 539 scsi_write_complete_noio(r, -EINVAL);
42741212 540 return;
efb9ee02
HR		 541 }
542
5d0d2467
PB		 543 if (!r->req.sg && !r->qiov.size) {
544 /* Called for the first time. Ask the driver to send us more data. */
a0e66a69 545 r->started = true;
5fd2b563 546 scsi_write_complete_noio(r, 0);
5d0d2467
PB		 547 return;
548 }
cd723b85 549 if (!blk_is_available(req->dev->conf.blk)) {
5fd2b563 550 scsi_write_complete_noio(r, -ENOMEDIUM);
5d0d2467
PB		 551 return;
552 }
553
7f64f8e2
PB		 554 if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 ||
555 r->req.cmd.buf[0] == VERIFY_16) {
556 if (r->req.sg) {
ef8489d4 557 scsi_dma_complete_noio(r, 0);
7f64f8e2 558 } else {
5fd2b563 559 scsi_write_complete_noio(r, 0);
7f64f8e2
PB		 560 }
561 return;
562 }
563
5d0d2467 564 if (r->req.sg) {
4be74634 565 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_WRITE);
5d0d2467 566 r->req.resid -= r->req.sg->size;
fcaafb10
PB		 567 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
568 r->req.sg, r->sector << BDRV_SECTOR_BITS,
99868af3 569 BDRV_SECTOR_SIZE,
fcaafb10
PB		 570 sdc->dma_writev, r, scsi_dma_complete, r,
571 DMA_DIRECTION_TO_DEVICE);
5d0d2467 572 } else {
4be74634 573 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
03c90063 574 r->qiov.size, BLOCK_ACCT_WRITE);
fcaafb10
PB		 575 r->req.aiocb = sdc->dma_writev(r->sector << BDRV_SECTOR_BITS, &r->qiov,
576 scsi_write_complete, r, r);
ea8a5d7f 577 }
a917d384 578}
2e5d83bb 579
a917d384 580/* Return a pointer to the data buffer. */
5c6c0e51 581static uint8_t *scsi_get_buf(SCSIRequest *req)
a917d384 582{
5c6c0e51 583 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2e5d83bb 584
3f4cb3d3 585 return (uint8_t *)r->iov.iov_base;
2e5d83bb
PB		 586}
587
0b06c059
GH		 588static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
589{
383b4d9b 590 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
0b06c059 591 int buflen = 0;
82579390 592 int start;
0b06c059 593
0b06c059
GH		 594 if (req->cmd.buf[1] & 0x1) {
595 /* Vital product data */
596 uint8_t page_code = req->cmd.buf[2];
0b06c059 597
e39be482 598 outbuf[buflen++] = s->qdev.type & 0x1f;
0b06c059
GH		 599 outbuf[buflen++] = page_code ; // this page
600 outbuf[buflen++] = 0x00;
82579390
PB		 601 outbuf[buflen++] = 0x00;
602 start = buflen;
0b06c059
GH		 603
604 switch (page_code) {
605 case 0x00: /* Supported page codes, mandatory */
39d98982 606 {
0b06c059
GH		 607 DPRINTF("Inquiry EVPD[Supported pages] "
608 "buffer size %zd\n", req->cmd.xfer);
0b06c059 609 outbuf[buflen++] = 0x00; // list of supported pages (this page)
f01b5931 610 if (s->serial) {
3e1c0c9a 611 outbuf[buflen++] = 0x80; // unit serial number
f01b5931 612 }
0b06c059 613 outbuf[buflen++] = 0x83; // device identification
f37bd73b 614 if (s->qdev.type == TYPE_DISK) {
ea3bd56f 615 outbuf[buflen++] = 0xb0; // block limits
070f8009 616 outbuf[buflen++] = 0xb1; /* block device characteristics */
ea3bd56f 617 outbuf[buflen++] = 0xb2; // thin provisioning
39d98982 618 }
0b06c059 619 break;
39d98982 620 }
0b06c059
GH		 621 case 0x80: /* Device serial number, optional */
622 {
3e1c0c9a 623 int l;
0b06c059 624
3e1c0c9a
HR		 625 if (!s->serial) {
626 DPRINTF("Inquiry (EVPD[Serial number] not supported\n");
627 return -1;
628 }
629
630 l = strlen(s->serial);
48b62063
RW		 631 if (l > 36) {
632 l = 36;
f01b5931 633 }
0b06c059
GH		 634
635 DPRINTF("Inquiry EVPD[Serial number] "
636 "buffer size %zd\n", req->cmd.xfer);
a0fef654 637 memcpy(outbuf+buflen, s->serial, l);
0b06c059
GH		 638 buflen += l;
639 break;
640 }
641
642 case 0x83: /* Device identification page, mandatory */
643 {
4be74634 644 const char *str = s->serial ?: blk_name(s->qdev.conf.blk);
fd930791
PB		 645 int max_len = s->serial ? 20 : 255 - 8;
646 int id_len = strlen(str);
0b06c059 647
f01b5931 648 if (id_len > max_len) {
0b06c059 649 id_len = max_len;
f01b5931 650 }
0b06c059
GH		 651 DPRINTF("Inquiry EVPD[Device identification] "
652 "buffer size %zd\n", req->cmd.xfer);
653
0b06c059
GH		 654 outbuf[buflen++] = 0x2; // ASCII
655 outbuf[buflen++] = 0; // not officially assigned
656 outbuf[buflen++] = 0; // reserved
657 outbuf[buflen++] = id_len; // length of data following
fd930791 658 memcpy(outbuf+buflen, str, id_len);
0b06c059 659 buflen += id_len;
27395add 660
2ecab408 661 if (s->qdev.wwn) {
27395add
PB		 662 outbuf[buflen++] = 0x1; // Binary
663 outbuf[buflen++] = 0x3; // NAA
664 outbuf[buflen++] = 0; // reserved
665 outbuf[buflen++] = 8;
2ecab408 666 stq_be_p(&outbuf[buflen], s->qdev.wwn);
27395add
PB		 667 buflen += 8;
668 }
64cc2284 669
2ecab408 670 if (s->qdev.port_wwn) {
64cc2284
RD		 671 outbuf[buflen++] = 0x61; // SAS / Binary
672 outbuf[buflen++] = 0x93; // PIV / Target port / NAA
673 outbuf[buflen++] = 0; // reserved
674 outbuf[buflen++] = 8;
2ecab408 675 stq_be_p(&outbuf[buflen], s->qdev.port_wwn);
64cc2284
RD		 676 buflen += 8;
677 }
678
679 if (s->port_index) {
680 outbuf[buflen++] = 0x61; // SAS / Binary
681 outbuf[buflen++] = 0x94; // PIV / Target port / relative target port
682 outbuf[buflen++] = 0; // reserved
683 outbuf[buflen++] = 4;
684 stw_be_p(&outbuf[buflen + 2], s->port_index);
685 buflen += 4;
686 }
0b06c059
GH		 687 break;
688 }
ea3bd56f 689 case 0xb0: /* block limits */
ee3659e3 690 {
ea3bd56f
CH		 691 unsigned int unmap_sectors =
692 s->qdev.conf.discard_granularity / s->qdev.blocksize;
8cfacf07
CH		 693 unsigned int min_io_size =
694 s->qdev.conf.min_io_size / s->qdev.blocksize;
695 unsigned int opt_io_size =
696 s->qdev.conf.opt_io_size / s->qdev.blocksize;
8a1bd297
PB		 697 unsigned int max_unmap_sectors =
698 s->max_unmap_size / s->qdev.blocksize;
f8e1f533
PB		 699 unsigned int max_io_sectors =
700 s->max_io_size / s->qdev.blocksize;
ee3659e3 701
f37bd73b 702 if (s->qdev.type == TYPE_ROM) {
39d98982
HR		 703 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
704 page_code);
705 return -1;
706 }
d082d16a
DHB		 707 if (s->qdev.type == TYPE_DISK) {
708 int max_transfer_blk = blk_get_max_transfer(s->qdev.conf.blk);
709 int max_io_sectors_blk =
710 max_transfer_blk / s->qdev.blocksize;
711
712 max_io_sectors =
713 MIN_NON_ZERO(max_io_sectors_blk, max_io_sectors);
714
715 /* min_io_size and opt_io_size can't be greater than
716 * max_io_sectors */
717 min_io_size =
718 MIN_NON_ZERO(min_io_size, max_io_sectors);
719 opt_io_size =
720 MIN_NON_ZERO(opt_io_size, max_io_sectors);
721 }
ee3659e3 722 /* required VPD size with unmap support */
82579390 723 buflen = 0x40;
ee3659e3
CH		 724 memset(outbuf + 4, 0, buflen - 4);
725
84f94a9a
PB		 726 outbuf[4] = 0x1; /* wsnz */
727
ee3659e3
CH		 728 /* optimal transfer length granularity */
729 outbuf[6] = (min_io_size >> 8) & 0xff;
730 outbuf[7] = min_io_size & 0xff;
731
f8e1f533
PB		 732 /* maximum transfer length */
733 outbuf[8] = (max_io_sectors >> 24) & 0xff;
734 outbuf[9] = (max_io_sectors >> 16) & 0xff;
735 outbuf[10] = (max_io_sectors >> 8) & 0xff;
736 outbuf[11] = max_io_sectors & 0xff;
737
ee3659e3
CH		 738 /* optimal transfer length */
739 outbuf[12] = (opt_io_size >> 24) & 0xff;
740 outbuf[13] = (opt_io_size >> 16) & 0xff;
741 outbuf[14] = (opt_io_size >> 8) & 0xff;
742 outbuf[15] = opt_io_size & 0xff;
ea3bd56f 743
8a1bd297
PB		 744 /* max unmap LBA count, default is 1GB */
745 outbuf[20] = (max_unmap_sectors >> 24) & 0xff;
746 outbuf[21] = (max_unmap_sectors >> 16) & 0xff;
747 outbuf[22] = (max_unmap_sectors >> 8) & 0xff;
748 outbuf[23] = max_unmap_sectors & 0xff;
749
750 /* max unmap descriptors, 255 fit in 4 kb with an 8-byte header. */
751 outbuf[24] = 0;
752 outbuf[25] = 0;
753 outbuf[26] = 0;
754 outbuf[27] = 255;
755
ea3bd56f
CH		 756 /* optimal unmap granularity */
757 outbuf[28] = (unmap_sectors >> 24) & 0xff;
758 outbuf[29] = (unmap_sectors >> 16) & 0xff;
759 outbuf[30] = (unmap_sectors >> 8) & 0xff;
760 outbuf[31] = unmap_sectors & 0xff;
f8e1f533
PB		 761
762 /* max write same size */
763 outbuf[36] = 0;
764 outbuf[37] = 0;
765 outbuf[38] = 0;
766 outbuf[39] = 0;
767
768 outbuf[40] = (max_io_sectors >> 24) & 0xff;
769 outbuf[41] = (max_io_sectors >> 16) & 0xff;
770 outbuf[42] = (max_io_sectors >> 8) & 0xff;
771 outbuf[43] = max_io_sectors & 0xff;
ea3bd56f
CH		 772 break;
773 }
070f8009
DB		 774 case 0xb1: /* block device characteristics */
775 {
776 buflen = 8;
777 outbuf[4] = (s->rotation_rate >> 8) & 0xff;
778 outbuf[5] = s->rotation_rate & 0xff;
779 outbuf[6] = 0;
780 outbuf[7] = 0;
781 break;
782 }
ea3bd56f
CH		 783 case 0xb2: /* thin provisioning */
784 {
82579390 785 buflen = 8;
ea3bd56f 786 outbuf[4] = 0;
5222aaf2 787 outbuf[5] = 0xe0; /* unmap & write_same 10/16 all supported */
f644a290 788 outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1;
ea3bd56f 789 outbuf[7] = 0;
ee3659e3
CH		 790 break;
791 }
0b06c059 792 default:
0b06c059
GH		 793 return -1;
794 }
795 /* done with EVPD */
82579390
PB		 796 assert(buflen - start <= 255);
797 outbuf[start - 1] = buflen - start;
0b06c059
GH		 798 return buflen;
799 }
800
801 /* Standard INQUIRY data */
802 if (req->cmd.buf[2] != 0) {
0b06c059
GH		 803 return -1;
804 }
805
806 /* PAGE CODE == 0 */
0b06c059 807 buflen = req->cmd.xfer;
f01b5931 808 if (buflen > SCSI_MAX_INQUIRY_LEN) {
0b06c059 809 buflen = SCSI_MAX_INQUIRY_LEN;
f01b5931 810 }
0b06c059 811
f37bd73b 812 outbuf[0] = s->qdev.type & 0x1f;
bfe3d7ac 813 outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0;
353815aa
DF		 814
815 strpadcpy((char *) &outbuf[16], 16, s->product, ' ');
816 strpadcpy((char *) &outbuf[8], 8, s->vendor, ' ');
817
314b1811 818 memset(&outbuf[32], 0, 4);
552fee93 819 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
99aba0c4
CH		 820 /*
821 * We claim conformance to SPC-3, which is required for guests
822 * to ask for modern features like READ CAPACITY(16) or the
823 * block characteristics VPD page by default. Not all of SPC-3
824 * is actually implemented, but we're good enough.
825 */
ee3659e3 826 outbuf[2] = 5;
1109c894 827 outbuf[3] = 2 | 0x10; /* Format 2, HiSup */
ad3cea42
AT		 828
829 if (buflen > 36) {
830 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
831 } else {
832 /* If the allocation length of CDB is too small,
833 the additional length is not adjusted */
834 outbuf[4] = 36 - 5;
835 }
836
0b06c059 837 /* Sync data transfer and TCQ. */
afd4030c 838 outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0);
0b06c059
GH		 839 return buflen;
840}
841
430ee2f2
PB		 842static inline bool media_is_dvd(SCSIDiskState *s)
843{
844 uint64_t nb_sectors;
845 if (s->qdev.type != TYPE_ROM) {
846 return false;
847 }
cd723b85 848 if (!blk_is_available(s->qdev.conf.blk)) {
7d99f4c1
MR		 849 return false;
850 }
4be74634 851 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
430ee2f2
PB		 852 return nb_sectors > CD_MAX_SECTORS;
853}
854
ceb792ef
PB		 855static inline bool media_is_cd(SCSIDiskState *s)
856{
857 uint64_t nb_sectors;
858 if (s->qdev.type != TYPE_ROM) {
859 return false;
860 }
cd723b85 861 if (!blk_is_available(s->qdev.conf.blk)) {
7d99f4c1
MR		 862 return false;
863 }
4be74634 864 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
ceb792ef
PB		 865 return nb_sectors <= CD_MAX_SECTORS;
866}
867
1a4f0c3a
PB		 868static int scsi_read_disc_information(SCSIDiskState *s, SCSIDiskReq *r,
869 uint8_t *outbuf)
870{
871 uint8_t type = r->req.cmd.buf[1] & 7;
872
873 if (s->qdev.type != TYPE_ROM) {
874 return -1;
875 }
876
877 /* Types 1/2 are only defined for Blu-Ray. */
878 if (type != 0) {
879 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
880 return -1;
881 }
882
883 memset(outbuf, 0, 34);
884 outbuf[1] = 32;
885 outbuf[2] = 0xe; /* last session complete, disc finalized */
886 outbuf[3] = 1; /* first track on disc */
887 outbuf[4] = 1; /* # of sessions */
888 outbuf[5] = 1; /* first track of last session */
889 outbuf[6] = 1; /* last track of last session */
890 outbuf[7] = 0x20; /* unrestricted use */
891 outbuf[8] = 0x00; /* CD-ROM or DVD-ROM */
892 /* 9-10-11: most significant byte corresponding bytes 4-5-6 */
893 /* 12-23: not meaningful for CD-ROM or DVD-ROM */
894 /* 24-31: disc bar code */
895 /* 32: disc application code */
896 /* 33: number of OPC tables */
897
898 return 34;
899}
900
b6c251ab
PB		 901static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r,
902 uint8_t *outbuf)
903{
ceb792ef
PB		 904 static const int rds_caps_size[5] = {
905 [0] = 2048 + 4,
906 [1] = 4 + 4,
907 [3] = 188 + 4,
908 [4] = 2048 + 4,
909 };
910
911 uint8_t media = r->req.cmd.buf[1];
912 uint8_t layer = r->req.cmd.buf[6];
913 uint8_t format = r->req.cmd.buf[7];
914 int size = -1;
915
916 if (s->qdev.type != TYPE_ROM) {
917 return -1;
918 }
919 if (media != 0) {
920 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
921 return -1;
922 }
923
924 if (format != 0xff) {
cd723b85 925 if (!blk_is_available(s->qdev.conf.blk)) {
ceb792ef
PB		 926 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
927 return -1;
928 }
929 if (media_is_cd(s)) {
930 scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT));
931 return -1;
932 }
933 if (format >= ARRAY_SIZE(rds_caps_size)) {
934 return -1;
935 }
936 size = rds_caps_size[format];
937 memset(outbuf, 0, size);
938 }
939
940 switch (format) {
941 case 0x00: {
942 /* Physical format information */
943 uint64_t nb_sectors;
944 if (layer != 0) {
945 goto fail;
946 }
4be74634 947 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
ceb792ef
PB		 948
949 outbuf[4] = 1; /* DVD-ROM, part version 1 */
950 outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
951 outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
952 outbuf[7] = 0; /* default densities */
953
954 stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */
955 stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */
956 break;
957 }
958
959 case 0x01: /* DVD copyright information, all zeros */
960 break;
961
962 case 0x03: /* BCA information - invalid field for no BCA info */
963 return -1;
964
965 case 0x04: /* DVD disc manufacturing information, all zeros */
966 break;
967
968 case 0xff: { /* List capabilities */
969 int i;
970 size = 4;
971 for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) {
972 if (!rds_caps_size[i]) {
973 continue;
974 }
975 outbuf[size] = i;
976 outbuf[size + 1] = 0x40; /* Not writable, readable */
977 stw_be_p(&outbuf[size + 2], rds_caps_size[i]);
978 size += 4;
979 }
980 break;
981 }
982
983 default:
984 return -1;
985 }
986
987 /* Size of buffer, not including 2 byte size field */
988 stw_be_p(outbuf, size - 2);
989 return size;
990
991fail:
b6c251ab
PB		 992 return -1;
993}
994
3c2f7c12 995static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf)
b6c251ab 996{
3c2f7c12
PB		 997 uint8_t event_code, media_status;
998
999 media_status = 0;
1000 if (s->tray_open) {
1001 media_status = MS_TRAY_OPEN;
4be74634 1002 } else if (blk_is_inserted(s->qdev.conf.blk)) {
3c2f7c12
PB		 1003 media_status = MS_MEDIA_PRESENT;
1004 }
1005
1006 /* Event notification descriptor */
1007 event_code = MEC_NO_CHANGE;
4480de19
PB		 1008 if (media_status != MS_TRAY_OPEN) {
1009 if (s->media_event) {
1010 event_code = MEC_NEW_MEDIA;
1011 s->media_event = false;
1012 } else if (s->eject_request) {
1013 event_code = MEC_EJECT_REQUESTED;
1014 s->eject_request = false;
1015 }
3c2f7c12
PB		 1016 }
1017
1018 outbuf[0] = event_code;
1019 outbuf[1] = media_status;
1020
1021 /* These fields are reserved, just clear them. */
1022 outbuf[2] = 0;
1023 outbuf[3] = 0;
1024 return 4;
1025}
1026
1027static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r,
1028 uint8_t *outbuf)
1029{
1030 int size;
1031 uint8_t *buf = r->req.cmd.buf;
1032 uint8_t notification_class_request = buf[4];
1033 if (s->qdev.type != TYPE_ROM) {
1034 return -1;
1035 }
1036 if ((buf[1] & 1) == 0) {
1037 /* asynchronous */
1038 return -1;
1039 }
1040
1041 size = 4;
1042 outbuf[0] = outbuf[1] = 0;
1043 outbuf[3] = 1 << GESN_MEDIA; /* supported events */
1044 if (notification_class_request & (1 << GESN_MEDIA)) {
1045 outbuf[2] = GESN_MEDIA;
1046 size += scsi_event_status_media(s, &outbuf[size]);
1047 } else {
1048 outbuf[2] = 0x80;
1049 }
1050 stw_be_p(outbuf, size - 4);
1051 return size;
b6c251ab
PB		 1052}
1053
430ee2f2 1054static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf)
b6c251ab 1055{
430ee2f2
PB		 1056 int current;
1057
b6c251ab
PB		 1058 if (s->qdev.type != TYPE_ROM) {
1059 return -1;
1060 }
7d99f4c1
MR		 1061
1062 if (media_is_dvd(s)) {
1063 current = MMC_PROFILE_DVD_ROM;
1064 } else if (media_is_cd(s)) {
1065 current = MMC_PROFILE_CD_ROM;
1066 } else {
1067 current = MMC_PROFILE_NONE;
1068 }
1069
430ee2f2
PB		 1070 memset(outbuf, 0, 40);
1071 stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */
1072 stw_be_p(&outbuf[6], current);
1073 /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */
1074 outbuf[10] = 0x03; /* persistent, current */
1075 outbuf[11] = 8; /* two profiles */
1076 stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM);
1077 outbuf[14] = (current == MMC_PROFILE_DVD_ROM);
1078 stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM);
1079 outbuf[18] = (current == MMC_PROFILE_CD_ROM);
1080 /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */
1081 stw_be_p(&outbuf[20], 1);
1082 outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */
1083 outbuf[23] = 8;
1084 stl_be_p(&outbuf[24], 1); /* SCSI */
1085 outbuf[28] = 1; /* DBE = 1, mandatory */
1086 /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */
1087 stw_be_p(&outbuf[32], 3);
1088 outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */
1089 outbuf[35] = 4;
1090 outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */
1091 /* TODO: Random readable, CD read, DVD read, drive serial number,
1092 power management */
1093 return 40;
b6c251ab
PB		 1094}
1095
1096static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf)
1097{
1098 if (s->qdev.type != TYPE_ROM) {
1099 return -1;
1100 }
1101 memset(outbuf, 0, 8);
1102 outbuf[5] = 1; /* CD-ROM */
1103 return 8;
1104}
1105
cfc606da 1106static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
282ab04e 1107 int page_control)
ebddfcbe 1108{
a8f4bbe2
PB		 1109 static const int mode_sense_valid[0x3f] = {
1110 [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK),
1111 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK),
1112 [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
a07c7dcd
PB		 1113 [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
1114 [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM),
a8f4bbe2
PB		 1115 [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM),
1116 };
ef405611
PB		 1117
1118 uint8_t *p = *p_outbuf + 2;
1119 int length;
ebddfcbe 1120
a8f4bbe2
PB		 1121 if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) {
1122 return -1;
1123 }
1124
282ab04e
BK		 1125 /*
1126 * If Changeable Values are requested, a mask denoting those mode parameters
1127 * that are changeable shall be returned. As we currently don't support
1128 * parameter changes via MODE_SELECT all bits are returned set to zero.
1129 * The buffer was already menset to zero by the caller of this function.
ef405611
PB		 1130 *
1131 * The offsets here are off by two compared to the descriptions in the
1132 * SCSI specs, because those include a 2-byte header. This is unfortunate,
1133 * but it is done so that offsets are consistent within our implementation
1134 * of MODE SENSE and MODE SELECT. MODE SELECT has to deal with both
1135 * 2-byte and 4-byte headers.
282ab04e 1136 */
ebddfcbe 1137 switch (page) {
67cc61e4 1138 case MODE_PAGE_HD_GEOMETRY:
ef405611 1139 length = 0x16;
282ab04e 1140 if (page_control == 1) { /* Changeable Values */
cfc606da 1141 break;
282ab04e 1142 }
ebddfcbe 1143 /* if a geometry hint is available, use it */
ef405611
PB		 1144 p[0] = (s->qdev.conf.cyls >> 16) & 0xff;
1145 p[1] = (s->qdev.conf.cyls >> 8) & 0xff;
1146 p[2] = s->qdev.conf.cyls & 0xff;
1147 p[3] = s->qdev.conf.heads & 0xff;
ebddfcbe 1148 /* Write precomp start cylinder, disabled */
ef405611
PB		 1149 p[4] = (s->qdev.conf.cyls >> 16) & 0xff;
1150 p[5] = (s->qdev.conf.cyls >> 8) & 0xff;
1151 p[6] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1152 /* Reduced current start cylinder, disabled */
ef405611
PB		 1153 p[7] = (s->qdev.conf.cyls >> 16) & 0xff;
1154 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1155 p[9] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1156 /* Device step rate [ns], 200ns */
ef405611
PB		 1157 p[10] = 0;
1158 p[11] = 200;
ebddfcbe 1159 /* Landing zone cylinder */
ef405611
PB		 1160 p[12] = 0xff;
1161 p[13] = 0xff;
ebddfcbe 1162 p[14] = 0xff;
ebddfcbe 1163 /* Medium rotation rate [rpm], 5400 rpm */
ef405611
PB		 1164 p[18] = (5400 >> 8) & 0xff;
1165 p[19] = 5400 & 0xff;
cfc606da 1166 break;
ebddfcbe 1167
67cc61e4 1168 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY:
ef405611 1169 length = 0x1e;
282ab04e 1170 if (page_control == 1) { /* Changeable Values */
cfc606da 1171 break;
282ab04e 1172 }
ebddfcbe 1173 /* Transfer rate [kbit/s], 5Mbit/s */
ef405611
PB		 1174 p[0] = 5000 >> 8;
1175 p[1] = 5000 & 0xff;
ebddfcbe 1176 /* if a geometry hint is available, use it */
ef405611
PB		 1177 p[2] = s->qdev.conf.heads & 0xff;
1178 p[3] = s->qdev.conf.secs & 0xff;
1179 p[4] = s->qdev.blocksize >> 8;
1180 p[6] = (s->qdev.conf.cyls >> 8) & 0xff;
1181 p[7] = s->qdev.conf.cyls & 0xff;
1182 /* Write precomp start cylinder, disabled */
d252df48
MA		 1183 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1184 p[9] = s->qdev.conf.cyls & 0xff;
ef405611 1185 /* Reduced current start cylinder, disabled */
d252df48
MA		 1186 p[10] = (s->qdev.conf.cyls >> 8) & 0xff;
1187 p[11] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1188 /* Device step rate [100us], 100us */
ef405611
PB		 1189 p[12] = 0;
1190 p[13] = 1;
ebddfcbe 1191 /* Device step pulse width [us], 1us */
ef405611 1192 p[14] = 1;
ebddfcbe 1193 /* Device head settle delay [100us], 100us */
ef405611
PB		 1194 p[15] = 0;
1195 p[16] = 1;
ebddfcbe 1196 /* Motor on delay [0.1s], 0.1s */
ef405611 1197 p[17] = 1;
ebddfcbe 1198 /* Motor off delay [0.1s], 0.1s */
ef405611 1199 p[18] = 1;
ebddfcbe 1200 /* Medium rotation rate [rpm], 5400 rpm */
ef405611
PB		 1201 p[26] = (5400 >> 8) & 0xff;
1202 p[27] = 5400 & 0xff;
cfc606da 1203 break;
ebddfcbe 1204
67cc61e4 1205 case MODE_PAGE_CACHING:
ef405611 1206 length = 0x12;
96c91bbf 1207 if (page_control == 1 || /* Changeable Values */
4be74634 1208 blk_enable_write_cache(s->qdev.conf.blk)) {
ef405611 1209 p[0] = 4; /* WCE */
ebddfcbe 1210 }
cfc606da 1211 break;
ebddfcbe 1212
a07c7dcd 1213 case MODE_PAGE_R_W_ERROR:
ef405611 1214 length = 10;
4f588b15
PB		 1215 if (page_control == 1) { /* Changeable Values */
1216 break;
1217 }
ef405611 1218 p[0] = 0x80; /* Automatic Write Reallocation Enabled */
a07c7dcd 1219 if (s->qdev.type == TYPE_ROM) {
ef405611 1220 p[1] = 0x20; /* Read Retry Count */
a07c7dcd
PB		 1221 }
1222 break;
1223
1224 case MODE_PAGE_AUDIO_CTL:
ef405611 1225 length = 14;
a07c7dcd
PB		 1226 break;
1227
67cc61e4 1228 case MODE_PAGE_CAPABILITIES:
ef405611 1229 length = 0x14;
282ab04e 1230 if (page_control == 1) { /* Changeable Values */
cfc606da 1231 break;
282ab04e 1232 }
a07c7dcd 1233
ef405611
PB		 1234 p[0] = 0x3b; /* CD-R & CD-RW read */
1235 p[1] = 0; /* Writing not supported */
1236 p[2] = 0x7f; /* Audio, composite, digital out,
ebddfcbe 1237 mode 2 form 1&2, multi session */
ef405611 1238 p[3] = 0xff; /* CD DA, DA accurate, RW supported,
ebddfcbe
GH		 1239 RW corrected, C2 errors, ISRC,
1240 UPC, Bar code */
ef405611 1241 p[4] = 0x2d | (s->tray_locked ? 2 : 0);
ebddfcbe 1242 /* Locking supported, jumper present, eject, tray */
ef405611 1243 p[5] = 0; /* no volume & mute control, no
ebddfcbe 1244 changer */
ef405611
PB		 1245 p[6] = (50 * 176) >> 8; /* 50x read speed */
1246 p[7] = (50 * 176) & 0xff;
1247 p[8] = 2 >> 8; /* Two volume levels */
1248 p[9] = 2 & 0xff;
1249 p[10] = 2048 >> 8; /* 2M buffer */
1250 p[11] = 2048 & 0xff;
1251 p[12] = (16 * 176) >> 8; /* 16x read speed current */
1252 p[13] = (16 * 176) & 0xff;
1253 p[16] = (16 * 176) >> 8; /* 16x write speed */
1254 p[17] = (16 * 176) & 0xff;
1255 p[18] = (16 * 176) >> 8; /* 16x write speed current */
ebddfcbe 1256 p[19] = (16 * 176) & 0xff;
cfc606da 1257 break;
ebddfcbe
GH		 1258
1259 default:
cfc606da 1260 return -1;
ebddfcbe 1261 }
cfc606da 1262
ef405611
PB		 1263 assert(length < 256);
1264 (*p_outbuf)[0] = page;
1265 (*p_outbuf)[1] = length;
1266 *p_outbuf += length + 2;
1267 return length + 2;
ebddfcbe
GH		 1268}
1269
cfc606da 1270static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
ebddfcbe 1271{
cfc606da 1272 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ebddfcbe 1273 uint64_t nb_sectors;
e590ecbe
PB		 1274 bool dbd;
1275 int page, buflen, ret, page_control;
ebddfcbe 1276 uint8_t *p;
ce512ee1 1277 uint8_t dev_specific_param;
ebddfcbe 1278
e590ecbe 1279 dbd = (r->req.cmd.buf[1] & 0x8) != 0;
cfc606da
PB		 1280 page = r->req.cmd.buf[2] & 0x3f;
1281 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
aa2b1e89 1282 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
cfc606da
PB		 1283 (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control);
1284 memset(outbuf, 0, r->req.cmd.xfer);
ebddfcbe
GH		 1285 p = outbuf;
1286
e590ecbe 1287 if (s->qdev.type == TYPE_DISK) {
da8365db 1288 dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0;
4be74634 1289 if (blk_is_read_only(s->qdev.conf.blk)) {
e590ecbe
PB		 1290 dev_specific_param |= 0x80; /* Readonly. */
1291 }
ce512ee1 1292 } else {
e590ecbe
PB		 1293 /* MMC prescribes that CD/DVD drives have no block descriptors,
1294 * and defines no device-specific parameter. */
6a2de0f2 1295 dev_specific_param = 0x00;
e590ecbe 1296 dbd = true;
ce512ee1
BK		 1297 }
1298
cfc606da 1299 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1300 p[1] = 0; /* Default media type. */
1301 p[2] = dev_specific_param;
1302 p[3] = 0; /* Block descriptor length. */
1303 p += 4;
1304 } else { /* MODE_SENSE_10 */
1305 p[2] = 0; /* Default media type. */
1306 p[3] = dev_specific_param;
1307 p[6] = p[7] = 0; /* Block descriptor length. */
1308 p += 8;
ebddfcbe 1309 }
ebddfcbe 1310
4be74634 1311 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
e590ecbe 1312 if (!dbd && nb_sectors) {
cfc606da 1313 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1314 outbuf[3] = 8; /* Block descriptor length */
1315 } else { /* MODE_SENSE_10 */
1316 outbuf[7] = 8; /* Block descriptor length */
1317 }
69377307 1318 nb_sectors /= (s->qdev.blocksize / 512);
f01b5931 1319 if (nb_sectors > 0xffffff) {
2488b740 1320 nb_sectors = 0;
f01b5931 1321 }
ebddfcbe
GH		 1322 p[0] = 0; /* media density code */
1323 p[1] = (nb_sectors >> 16) & 0xff;
1324 p[2] = (nb_sectors >> 8) & 0xff;
1325 p[3] = nb_sectors & 0xff;
1326 p[4] = 0; /* reserved */
1327 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
69377307 1328 p[6] = s->qdev.blocksize >> 8;
ebddfcbe
GH		 1329 p[7] = 0;
1330 p += 8;
1331 }
1332
cfc606da
PB		 1333 if (page_control == 3) {
1334 /* Saved Values */
1335 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
1336 return -1;
282ab04e
BK		 1337 }
1338
cfc606da
PB		 1339 if (page == 0x3f) {
1340 for (page = 0; page <= 0x3e; page++) {
1341 mode_sense_page(s, page, &p, page_control);
1342 }
1343 } else {
1344 ret = mode_sense_page(s, page, &p, page_control);
1345 if (ret == -1) {
1346 return -1;
1347 }
ebddfcbe
GH		 1348 }
1349
1350 buflen = p - outbuf;
ce512ee1
BK		 1351 /*
1352 * The mode data length field specifies the length in bytes of the
1353 * following data that is available to be transferred. The mode data
1354 * length does not include itself.
1355 */
cfc606da 1356 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1357 outbuf[0] = buflen - 1;
1358 } else { /* MODE_SENSE_10 */
1359 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
1360 outbuf[1] = (buflen - 2) & 0xff;
1361 }
ebddfcbe
GH		 1362 return buflen;
1363}
1364
02880f43
GH		 1365static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
1366{
1367 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
02880f43
GH		 1368 int start_track, format, msf, toclen;
1369 uint64_t nb_sectors;
1370
1371 msf = req->cmd.buf[1] & 2;
1372 format = req->cmd.buf[2] & 0xf;
1373 start_track = req->cmd.buf[6];
4be74634 1374 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
02880f43 1375 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
69377307 1376 nb_sectors /= s->qdev.blocksize / 512;
02880f43
GH		 1377 switch (format) {
1378 case 0:
1379 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
1380 break;
1381 case 1:
1382 /* multi session : only a single session defined */
1383 toclen = 12;
1384 memset(outbuf, 0, 12);
1385 outbuf[1] = 0x0a;
1386 outbuf[2] = 0x01;
1387 outbuf[3] = 0x01;
1388 break;
1389 case 2:
1390 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
1391 break;
1392 default:
1393 return -1;
1394 }
02880f43
GH		 1395 return toclen;
1396}
1397
68bb01f3 1398static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
bfd52647
MA		 1399{
1400 SCSIRequest *req = &r->req;
1401 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1402 bool start = req->cmd.buf[4] & 1;
1403 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
ae5708b3
RS		 1404 int pwrcnd = req->cmd.buf[4] & 0xf0;
1405
1406 if (pwrcnd) {
1407 /* eject/load only happens for power condition == 0 */
1408 return 0;
1409 }
bfd52647 1410
b456a71c 1411 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) && loej) {
68bb01f3
MA		 1412 if (!start && !s->tray_open && s->tray_locked) {
1413 scsi_check_condition(r,
4be74634 1414 blk_is_inserted(s->qdev.conf.blk)
68bb01f3
MA		 1415 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
1416 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
1417 return -1;
fdec4404 1418 }
d88b1819
LC		 1419
1420 if (s->tray_open != !start) {
4be74634 1421 blk_eject(s->qdev.conf.blk, !start);
d88b1819
LC		 1422 s->tray_open = !start;
1423 }
bfd52647 1424 }
68bb01f3 1425 return 0;
bfd52647
MA		 1426}
1427
314a3299
PB		 1428static void scsi_disk_emulate_read_data(SCSIRequest *req)
1429{
1430 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1431 int buflen = r->iov.iov_len;
1432
1433 if (buflen) {
79fb50bb 1434 DPRINTF("Read buf_len=%d\n", buflen);
314a3299
PB		 1435 r->iov.iov_len = 0;
1436 r->started = true;
1437 scsi_req_data(&r->req, buflen);
1438 return;
1439 }
1440
1441 /* This also clears the sense buffer for REQUEST SENSE. */
1442 scsi_req_complete(&r->req, GOOD);
1443}
1444
380feaff
PB		 1445static int scsi_disk_check_mode_select(SCSIDiskState *s, int page,
1446 uint8_t *inbuf, int inlen)
1447{
1448 uint8_t mode_current[SCSI_MAX_MODE_LEN];
1449 uint8_t mode_changeable[SCSI_MAX_MODE_LEN];
1450 uint8_t *p;
1451 int len, expected_len, changeable_len, i;
1452
1453 /* The input buffer does not include the page header, so it is
1454 * off by 2 bytes.
1455 */
1456 expected_len = inlen + 2;
1457 if (expected_len > SCSI_MAX_MODE_LEN) {
1458 return -1;
1459 }
1460
1461 p = mode_current;
1462 memset(mode_current, 0, inlen + 2);
1463 len = mode_sense_page(s, page, &p, 0);
1464 if (len < 0 || len != expected_len) {
1465 return -1;
1466 }
1467
1468 p = mode_changeable;
1469 memset(mode_changeable, 0, inlen + 2);
1470 changeable_len = mode_sense_page(s, page, &p, 1);
1471 assert(changeable_len == len);
1472
1473 /* Check that unchangeable bits are the same as what MODE SENSE
1474 * would return.
1475 */
1476 for (i = 2; i < len; i++) {
1477 if (((mode_current[i] ^ inbuf[i - 2]) & ~mode_changeable[i]) != 0) {
1478 return -1;
1479 }
1480 }
1481 return 0;
1482}
1483
1484static void scsi_disk_apply_mode_select(SCSIDiskState *s, int page, uint8_t *p)
1485{
96c91bbf
PB		 1486 switch (page) {
1487 case MODE_PAGE_CACHING:
4be74634 1488 blk_set_enable_write_cache(s->qdev.conf.blk, (p[0] & 4) != 0);
96c91bbf
PB		 1489 break;
1490
1491 default:
1492 break;
1493 }
380feaff
PB		 1494}
1495
1496static int mode_select_pages(SCSIDiskReq *r, uint8_t *p, int len, bool change)
1497{
1498 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1499
1500 while (len > 0) {
1501 int page, subpage, page_len;
1502
1503 /* Parse both possible formats for the mode page headers. */
1504 page = p[0] & 0x3f;
1505 if (p[0] & 0x40) {
1506 if (len < 4) {
1507 goto invalid_param_len;
1508 }
1509 subpage = p[1];
1510 page_len = lduw_be_p(&p[2]);
1511 p += 4;
1512 len -= 4;
1513 } else {
1514 if (len < 2) {
1515 goto invalid_param_len;
1516 }
1517 subpage = 0;
1518 page_len = p[1];
1519 p += 2;
1520 len -= 2;
1521 }
1522
1523 if (subpage) {
1524 goto invalid_param;
1525 }
1526 if (page_len > len) {
1527 goto invalid_param_len;
1528 }
1529
1530 if (!change) {
1531 if (scsi_disk_check_mode_select(s, page, p, page_len) < 0) {
1532 goto invalid_param;
1533 }
1534 } else {
1535 scsi_disk_apply_mode_select(s, page, p);
1536 }
1537
1538 p += page_len;
1539 len -= page_len;
1540 }
1541 return 0;
1542
1543invalid_param:
1544 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1545 return -1;
1546
1547invalid_param_len:
1548 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1549 return -1;
1550}
1551
1552static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf)
1553{
accfeb2d 1554 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
380feaff
PB		 1555 uint8_t *p = inbuf;
1556 int cmd = r->req.cmd.buf[0];
1557 int len = r->req.cmd.xfer;
1558 int hdr_len = (cmd == MODE_SELECT ? 4 : 8);
1559 int bd_len;
1560 int pass;
1561
1562 /* We only support PF=1, SP=0. */
1563 if ((r->req.cmd.buf[1] & 0x11) != 0x10) {
1564 goto invalid_field;
1565 }
1566
1567 if (len < hdr_len) {
1568 goto invalid_param_len;
1569 }
1570
1571 bd_len = (cmd == MODE_SELECT ? p[3] : lduw_be_p(&p[6]));
1572 len -= hdr_len;
1573 p += hdr_len;
1574 if (len < bd_len) {
1575 goto invalid_param_len;
1576 }
1577 if (bd_len != 0 && bd_len != 8) {
1578 goto invalid_param;
1579 }
1580
1581 len -= bd_len;
1582 p += bd_len;
1583
1584 /* Ensure no change is made if there is an error! */
1585 for (pass = 0; pass < 2; pass++) {
1586 if (mode_select_pages(r, p, len, pass == 1) < 0) {
1587 assert(pass == 0);
1588 return;
1589 }
1590 }
4be74634 1591 if (!blk_enable_write_cache(s->qdev.conf.blk)) {
accfeb2d
PB		 1592 /* The request is used as the AIO opaque value, so add a ref. */
1593 scsi_req_ref(&r->req);
4be74634 1594 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 1595 BLOCK_ACCT_FLUSH);
4be74634 1596 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
accfeb2d
PB		 1597 return;
1598 }
1599
380feaff
PB		 1600 scsi_req_complete(&r->req, GOOD);
1601 return;
1602
1603invalid_param:
1604 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1605 return;
1606
1607invalid_param_len:
1608 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1609 return;
1610
1611invalid_field:
1612 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
380feaff
PB		 1613}
1614
444bc908
PB		 1615static inline bool check_lba_range(SCSIDiskState *s,
1616 uint64_t sector_num, uint32_t nb_sectors)
1617{
1618 /*
1619 * The first line tests that no overflow happens when computing the last
1620 * sector. The second line tests that the last accessed sector is in
1621 * range.
12ca76fc
PB		 1622 *
1623 * Careful, the computations should not underflow for nb_sectors == 0,
1624 * and a 0-block read to the first LBA beyond the end of device is
1625 * valid.
444bc908
PB		 1626 */
1627 return (sector_num <= sector_num + nb_sectors &&
12ca76fc 1628 sector_num + nb_sectors <= s->qdev.max_lba + 1);
444bc908
PB		 1629}
1630
5222aaf2
PB		 1631typedef struct UnmapCBData {
1632 SCSIDiskReq *r;
1633 uint8_t *inbuf;
1634 int count;
1635} UnmapCBData;
1636
5fd2b563
PB		 1637static void scsi_unmap_complete(void *opaque, int ret);
1638
1639static void scsi_unmap_complete_noio(UnmapCBData *data, int ret)
5222aaf2 1640{
5222aaf2
PB		 1641 SCSIDiskReq *r = data->r;
1642 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1643 uint64_t sector_num;
5bb0b62e 1644 uint32_t nb_sectors;
5222aaf2 1645
5fd2b563 1646 assert(r->req.aiocb == NULL);
5b956f41 1647 if (scsi_disk_req_check_error(r, ret, false)) {
d0242ead
PB		 1648 goto done;
1649 }
1650
d0242ead 1651 if (data->count > 0) {
5222aaf2
PB		 1652 sector_num = ldq_be_p(&data->inbuf[0]);
1653 nb_sectors = ldl_be_p(&data->inbuf[8]) & 0xffffffffULL;
444bc908 1654 if (!check_lba_range(s, sector_num, nb_sectors)) {
5222aaf2
PB		 1655 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1656 goto done;
1657 }
1658
1c6c4bb7
EB		 1659 r->req.aiocb = blk_aio_pdiscard(s->qdev.conf.blk,
1660 sector_num * s->qdev.blocksize,
1661 nb_sectors * s->qdev.blocksize,
1662 scsi_unmap_complete, data);
5222aaf2
PB		 1663 data->count--;
1664 data->inbuf += 16;
1665 return;
1666 }
1667
d0242ead
PB		 1668 scsi_req_complete(&r->req, GOOD);
1669
5222aaf2 1670done:
3df9caf8 1671 scsi_req_unref(&r->req);
5222aaf2
PB		 1672 g_free(data);
1673}
1674
5fd2b563
PB		 1675static void scsi_unmap_complete(void *opaque, int ret)
1676{
1677 UnmapCBData *data = opaque;
1678 SCSIDiskReq *r = data->r;
b9e413dd 1679 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
5fd2b563
PB		 1680
1681 assert(r->req.aiocb != NULL);
1682 r->req.aiocb = NULL;
1683
b9e413dd 1684 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
5fd2b563 1685 scsi_unmap_complete_noio(data, ret);
b9e413dd 1686 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
5fd2b563
PB		 1687}
1688
5222aaf2
PB		 1689static void scsi_disk_emulate_unmap(SCSIDiskReq *r, uint8_t *inbuf)
1690{
c5fd1fb0 1691 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
5222aaf2
PB		 1692 uint8_t *p = inbuf;
1693 int len = r->req.cmd.xfer;
1694 UnmapCBData *data;
1695
823bd739
PB		 1696 /* Reject ANCHOR=1. */
1697 if (r->req.cmd.buf[1] & 0x1) {
1698 goto invalid_field;
1699 }
1700
5222aaf2
PB		 1701 if (len < 8) {
1702 goto invalid_param_len;
1703 }
1704 if (len < lduw_be_p(&p[0]) + 2) {
1705 goto invalid_param_len;
1706 }
1707 if (len < lduw_be_p(&p[2]) + 8) {
1708 goto invalid_param_len;
1709 }
1710 if (lduw_be_p(&p[2]) & 15) {
1711 goto invalid_param_len;
1712 }
1713
4be74634 1714 if (blk_is_read_only(s->qdev.conf.blk)) {
c5fd1fb0
PB		 1715 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1716 return;
1717 }
1718
5222aaf2
PB		 1719 data = g_new0(UnmapCBData, 1);
1720 data->r = r;
1721 data->inbuf = &p[8];
1722 data->count = lduw_be_p(&p[2]) >> 4;
1723
1724 /* The matching unref is in scsi_unmap_complete, before data is freed. */
1725 scsi_req_ref(&r->req);
5fd2b563 1726 scsi_unmap_complete_noio(data, 0);
5222aaf2
PB		 1727 return;
1728
1729invalid_param_len:
1730 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
823bd739
PB		 1731 return;
1732
1733invalid_field:
1734 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
5222aaf2
PB		 1735}
1736
84f94a9a
PB		 1737typedef struct WriteSameCBData {
1738 SCSIDiskReq *r;
1739 int64_t sector;
1740 int nb_sectors;
1741 QEMUIOVector qiov;
1742 struct iovec iov;
1743} WriteSameCBData;
1744
1745static void scsi_write_same_complete(void *opaque, int ret)
1746{
1747 WriteSameCBData *data = opaque;
1748 SCSIDiskReq *r = data->r;
1749 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1750
1751 assert(r->req.aiocb != NULL);
1752 r->req.aiocb = NULL;
b9e413dd 1753 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
5b956f41 1754 if (scsi_disk_req_check_error(r, ret, true)) {
84f94a9a
PB		 1755 goto done;
1756 }
1757
d7628080
AG		 1758 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
1759
84f94a9a
PB		 1760 data->nb_sectors -= data->iov.iov_len / 512;
1761 data->sector += data->iov.iov_len / 512;
1762 data->iov.iov_len = MIN(data->nb_sectors * 512, data->iov.iov_len);
1763 if (data->iov.iov_len) {
4be74634 1764 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8 1765 data->iov.iov_len, BLOCK_ACCT_WRITE);
03c90063
EB		 1766 /* Reinitialize qiov, to handle unaligned WRITE SAME request
1767 * where final qiov may need smaller size */
a56537a1 1768 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
03c90063
EB		 1769 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1770 data->sector << BDRV_SECTOR_BITS,
1771 &data->qiov, 0,
1772 scsi_write_same_complete, data);
24355b79 1773 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
84f94a9a
PB		 1774 return;
1775 }
1776
1777 scsi_req_complete(&r->req, GOOD);
1778
1779done:
3df9caf8 1780 scsi_req_unref(&r->req);
84f94a9a
PB		 1781 qemu_vfree(data->iov.iov_base);
1782 g_free(data);
b9e413dd 1783 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
84f94a9a
PB		 1784}
1785
1786static void scsi_disk_emulate_write_same(SCSIDiskReq *r, uint8_t *inbuf)
1787{
1788 SCSIRequest *req = &r->req;
1789 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1894df02 1790 uint32_t nb_sectors = scsi_data_cdb_xfer(r->req.cmd.buf);
84f94a9a
PB		 1791 WriteSameCBData *data;
1792 uint8_t *buf;
1793 int i;
1794
1795 /* Fail if PBDATA=1 or LBDATA=1 or ANCHOR=1. */
1796 if (nb_sectors == 0 || (req->cmd.buf[1] & 0x16)) {
1797 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1798 return;
1799 }
1800
4be74634 1801 if (blk_is_read_only(s->qdev.conf.blk)) {
84f94a9a
PB		 1802 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1803 return;
1804 }
1805 if (!check_lba_range(s, r->req.cmd.lba, nb_sectors)) {
1806 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1807 return;
1808 }
1809
1810 if (buffer_is_zero(inbuf, s->qdev.blocksize)) {
1811 int flags = (req->cmd.buf[1] & 0x8) ? BDRV_REQ_MAY_UNMAP : 0;
1812
1813 /* The request is used as the AIO opaque value, so add a ref. */
1814 scsi_req_ref(&r->req);
4be74634 1815 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8
BC		 1816 nb_sectors * s->qdev.blocksize,
1817 BLOCK_ACCT_WRITE);
d004bd52 1818 r->req.aiocb = blk_aio_pwrite_zeroes(s->qdev.conf.blk,
983a1600
EB		 1819 r->req.cmd.lba * s->qdev.blocksize,
1820 nb_sectors * s->qdev.blocksize,
4be74634 1821 flags, scsi_aio_complete, r);
84f94a9a
PB		 1822 return;
1823 }
1824
1825 data = g_new0(WriteSameCBData, 1);
1826 data->r = r;
1827 data->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
1828 data->nb_sectors = nb_sectors * (s->qdev.blocksize / 512);
1829 data->iov.iov_len = MIN(data->nb_sectors * 512, SCSI_WRITE_SAME_MAX);
4be74634
MA		 1830 data->iov.iov_base = buf = blk_blockalign(s->qdev.conf.blk,
1831 data->iov.iov_len);
84f94a9a
PB		 1832 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
1833
1834 for (i = 0; i < data->iov.iov_len; i += s->qdev.blocksize) {
1835 memcpy(&buf[i], inbuf, s->qdev.blocksize);
1836 }
1837
1838 scsi_req_ref(&r->req);
4be74634 1839 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8 1840 data->iov.iov_len, BLOCK_ACCT_WRITE);
03c90063
EB		 1841 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1842 data->sector << BDRV_SECTOR_BITS,
1843 &data->qiov, 0,
1844 scsi_write_same_complete, data);
84f94a9a
PB		 1845}
1846
314a3299
PB		 1847static void scsi_disk_emulate_write_data(SCSIRequest *req)
1848{
af6d510d
PB		 1849 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1850
1851 if (r->iov.iov_len) {
1852 int buflen = r->iov.iov_len;
79fb50bb 1853 DPRINTF("Write buf_len=%d\n", buflen);
af6d510d
PB		 1854 r->iov.iov_len = 0;
1855 scsi_req_data(&r->req, buflen);
1856 return;
1857 }
1858
1859 switch (req->cmd.buf[0]) {
1860 case MODE_SELECT:
1861 case MODE_SELECT_10:
1862 /* This also clears the sense buffer for REQUEST SENSE. */
380feaff 1863 scsi_disk_emulate_mode_select(r, r->iov.iov_base);
af6d510d
PB		 1864 break;
1865
5222aaf2
PB		 1866 case UNMAP:
1867 scsi_disk_emulate_unmap(r, r->iov.iov_base);
1868 break;
1869
d97e7730
PB		 1870 case VERIFY_10:
1871 case VERIFY_12:
1872 case VERIFY_16:
1873 if (r->req.status == -1) {
1874 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1875 }
1876 break;
1877
84f94a9a
PB		 1878 case WRITE_SAME_10:
1879 case WRITE_SAME_16:
1880 scsi_disk_emulate_write_same(r, r->iov.iov_base);
1881 break;
d97e7730 1882
af6d510d
PB		 1883 default:
1884 abort();
1885 }
314a3299
PB		 1886}
1887
b08d0ea0 1888static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
aa5dbdc1 1889{
b08d0ea0 1890 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
e7e25e32 1891 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
e7e25e32 1892 uint64_t nb_sectors;
7285477a 1893 uint8_t *outbuf;
af6d510d 1894 int buflen;
aa5dbdc1 1895
b08d0ea0
PB		 1896 switch (req->cmd.buf[0]) {
1897 case INQUIRY:
1898 case MODE_SENSE:
1899 case MODE_SENSE_10:
1900 case RESERVE:
1901 case RESERVE_10:
1902 case RELEASE:
1903 case RELEASE_10:
1904 case START_STOP:
1905 case ALLOW_MEDIUM_REMOVAL:
1906 case GET_CONFIGURATION:
1907 case GET_EVENT_STATUS_NOTIFICATION:
1908 case MECHANISM_STATUS:
1909 case REQUEST_SENSE:
1910 break;
1911
1912 default:
cd723b85 1913 if (!blk_is_available(s->qdev.conf.blk)) {
b08d0ea0
PB		 1914 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1915 return 0;
1916 }
1917 break;
1918 }
1919
c8dcb531
PB		 1920 /*
1921 * FIXME: we shouldn't return anything bigger than 4k, but the code
1922 * requires the buffer to be as big as req->cmd.xfer in several
1923 * places. So, do not allow CDBs with a very large ALLOCATION
1924 * LENGTH. The real fix would be to modify scsi_read_data and
1925 * dma_buf_read, so that they return data beyond the buflen
1926 * as all zeros.
1927 */
1928 if (req->cmd.xfer > 65536) {
1929 goto illegal_request;
1930 }
1931 r->buflen = MAX(4096, req->cmd.xfer);
1932
7285477a 1933 if (!r->iov.iov_base) {
4be74634 1934 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
7285477a
PB		 1935 }
1936
af6d510d 1937 buflen = req->cmd.xfer;
7285477a 1938 outbuf = r->iov.iov_base;
c8dcb531 1939 memset(outbuf, 0, r->buflen);
aa5dbdc1
GH		 1940 switch (req->cmd.buf[0]) {
1941 case TEST_UNIT_READY:
cd723b85 1942 assert(blk_is_available(s->qdev.conf.blk));
5f71d32f 1943 break;
0b06c059
GH		 1944 case INQUIRY:
1945 buflen = scsi_disk_emulate_inquiry(req, outbuf);
f01b5931 1946 if (buflen < 0) {
0b06c059 1947 goto illegal_request;
f01b5931 1948 }
5f71d32f 1949 break;
ebddfcbe
GH		 1950 case MODE_SENSE:
1951 case MODE_SENSE_10:
cfc606da 1952 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
f01b5931 1953 if (buflen < 0) {
ebddfcbe 1954 goto illegal_request;
f01b5931 1955 }
ebddfcbe 1956 break;
02880f43
GH		 1957 case READ_TOC:
1958 buflen = scsi_disk_emulate_read_toc(req, outbuf);
f01b5931 1959 if (buflen < 0) {
02880f43 1960 goto illegal_request;
f01b5931 1961 }
02880f43 1962 break;
3d53ba18 1963 case RESERVE:
f01b5931 1964 if (req->cmd.buf[1] & 1) {
3d53ba18 1965 goto illegal_request;
f01b5931 1966 }
3d53ba18
GH		 1967 break;
1968 case RESERVE_10:
f01b5931 1969 if (req->cmd.buf[1] & 3) {
3d53ba18 1970 goto illegal_request;
f01b5931 1971 }
3d53ba18
GH		 1972 break;
1973 case RELEASE:
f01b5931 1974 if (req->cmd.buf[1] & 1) {
3d53ba18 1975 goto illegal_request;
f01b5931 1976 }
3d53ba18
GH		 1977 break;
1978 case RELEASE_10:
f01b5931 1979 if (req->cmd.buf[1] & 3) {
3d53ba18 1980 goto illegal_request;
f01b5931 1981 }
3d53ba18 1982 break;
8d3628ff 1983 case START_STOP:
68bb01f3 1984 if (scsi_disk_emulate_start_stop(r) < 0) {
b08d0ea0 1985 return 0;
68bb01f3 1986 }
5f71d32f 1987 break;
c68b9f34 1988 case ALLOW_MEDIUM_REMOVAL:
81b1008d 1989 s->tray_locked = req->cmd.buf[4] & 1;
4be74634 1990 blk_lock_medium(s->qdev.conf.blk, req->cmd.buf[4] & 1);
5f71d32f 1991 break;
5e30a07d 1992 case READ_CAPACITY_10:
e7e25e32 1993 /* The normal LEN field for this command is zero. */
5f71d32f 1994 memset(outbuf, 0, 8);
4be74634 1995 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
f01b5931 1996 if (!nb_sectors) {
9bcaf4fe 1997 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
0369f06f 1998 return 0;
f01b5931 1999 }
7cec78b6
PB		 2000 if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) {
2001 goto illegal_request;
2002 }
69377307 2003 nb_sectors /= s->qdev.blocksize / 512;
e7e25e32
GH		 2004 /* Returned value is the address of the last sector. */
2005 nb_sectors--;
2006 /* Remember the new size for read/write sanity checking. */
7877903a 2007 s->qdev.max_lba = nb_sectors;
e7e25e32 2008 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
f01b5931 2009 if (nb_sectors > UINT32_MAX) {
e7e25e32 2010 nb_sectors = UINT32_MAX;
f01b5931 2011 }
e7e25e32
GH		 2012 outbuf[0] = (nb_sectors >> 24) & 0xff;
2013 outbuf[1] = (nb_sectors >> 16) & 0xff;
2014 outbuf[2] = (nb_sectors >> 8) & 0xff;
2015 outbuf[3] = nb_sectors & 0xff;
2016 outbuf[4] = 0;
2017 outbuf[5] = 0;
69377307 2018 outbuf[6] = s->qdev.blocksize >> 8;
e7e25e32 2019 outbuf[7] = 0;
5f71d32f 2020 break;
f3b338ef
PB		 2021 case REQUEST_SENSE:
2022 /* Just return "NO SENSE". */
37b6045c
PB		 2023 buflen = scsi_convert_sense(NULL, 0, outbuf, r->buflen,
2024 (req->cmd.buf[1] & 1) == 0);
c8dcb531
PB		 2025 if (buflen < 0) {
2026 goto illegal_request;
2027 }
f3b338ef 2028 break;
b6c251ab
PB		 2029 case MECHANISM_STATUS:
2030 buflen = scsi_emulate_mechanism_status(s, outbuf);
2031 if (buflen < 0) {
2032 goto illegal_request;
2033 }
2034 break;
38215553 2035 case GET_CONFIGURATION:
430ee2f2 2036 buflen = scsi_get_configuration(s, outbuf);
b6c251ab
PB		 2037 if (buflen < 0) {
2038 goto illegal_request;
2039 }
2040 break;
2041 case GET_EVENT_STATUS_NOTIFICATION:
2042 buflen = scsi_get_event_status_notification(s, r, outbuf);
2043 if (buflen < 0) {
2044 goto illegal_request;
2045 }
2046 break;
1a4f0c3a
PB		 2047 case READ_DISC_INFORMATION:
2048 buflen = scsi_read_disc_information(s, r, outbuf);
2049 if (buflen < 0) {
2050 goto illegal_request;
2051 }
2052 break;
b6c251ab
PB		 2053 case READ_DVD_STRUCTURE:
2054 buflen = scsi_read_dvd_structure(s, r, outbuf);
2055 if (buflen < 0) {
2056 goto illegal_request;
2057 }
38215553 2058 break;
f6515262 2059 case SERVICE_ACTION_IN_16:
5dd90e2a 2060 /* Service Action In subcommands. */
f6515262 2061 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
5dd90e2a
GH		 2062 DPRINTF("SAI READ CAPACITY(16)\n");
2063 memset(outbuf, 0, req->cmd.xfer);
4be74634 2064 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
f01b5931 2065 if (!nb_sectors) {
9bcaf4fe 2066 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
0369f06f 2067 return 0;
f01b5931 2068 }
7cec78b6
PB		 2069 if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) {
2070 goto illegal_request;
2071 }
69377307 2072 nb_sectors /= s->qdev.blocksize / 512;
5dd90e2a
GH		 2073 /* Returned value is the address of the last sector. */
2074 nb_sectors--;
2075 /* Remember the new size for read/write sanity checking. */
7877903a 2076 s->qdev.max_lba = nb_sectors;
5dd90e2a
GH		 2077 outbuf[0] = (nb_sectors >> 56) & 0xff;
2078 outbuf[1] = (nb_sectors >> 48) & 0xff;
2079 outbuf[2] = (nb_sectors >> 40) & 0xff;
2080 outbuf[3] = (nb_sectors >> 32) & 0xff;
2081 outbuf[4] = (nb_sectors >> 24) & 0xff;
2082 outbuf[5] = (nb_sectors >> 16) & 0xff;
2083 outbuf[6] = (nb_sectors >> 8) & 0xff;
2084 outbuf[7] = nb_sectors & 0xff;
2085 outbuf[8] = 0;
2086 outbuf[9] = 0;
69377307 2087 outbuf[10] = s->qdev.blocksize >> 8;
5dd90e2a 2088 outbuf[11] = 0;
ee3659e3
CH		 2089 outbuf[12] = 0;
2090 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
ea3bd56f
CH		 2091
2092 /* set TPE bit if the format supports discard */
2093 if (s->qdev.conf.discard_granularity) {
2094 outbuf[14] = 0x80;
2095 }
2096
5dd90e2a 2097 /* Protection, exponent and lowest lba field left blank. */
5dd90e2a
GH		 2098 break;
2099 }
2100 DPRINTF("Unsupported Service Action In\n");
2101 goto illegal_request;
101aa85f
PB		 2102 case SYNCHRONIZE_CACHE:
2103 /* The request is used as the AIO opaque value, so add a ref. */
2104 scsi_req_ref(&r->req);
4be74634 2105 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 2106 BLOCK_ACCT_FLUSH);
4be74634 2107 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
101aa85f
PB		 2108 return 0;
2109 case SEEK_10:
2110 DPRINTF("Seek(10) (sector %" PRId64 ")\n", r->req.cmd.lba);
2111 if (r->req.cmd.lba > s->qdev.max_lba) {
2112 goto illegal_lba;
2113 }
2114 break;
101aa85f 2115 case MODE_SELECT:
142c2145 2116 DPRINTF("Mode Select(6) (len %lu)\n", (unsigned long)r->req.cmd.xfer);
101aa85f
PB		 2117 break;
2118 case MODE_SELECT_10:
142c2145 2119 DPRINTF("Mode Select(10) (len %lu)\n", (unsigned long)r->req.cmd.xfer);
101aa85f 2120 break;
5222aaf2 2121 case UNMAP:
142c2145 2122 DPRINTF("Unmap (len %lu)\n", (unsigned long)r->req.cmd.xfer);
5222aaf2 2123 break;
d97e7730
PB		 2124 case VERIFY_10:
2125 case VERIFY_12:
2126 case VERIFY_16:
4525c133 2127 DPRINTF("Verify (bytchk %d)\n", (req->cmd.buf[1] >> 1) & 3);
d97e7730
PB		 2128 if (req->cmd.buf[1] & 6) {
2129 goto illegal_request;
2130 }
2131 break;
101aa85f 2132 case WRITE_SAME_10:
101aa85f 2133 case WRITE_SAME_16:
84f94a9a
PB		 2134 DPRINTF("WRITE SAME %d (len %lu)\n",
2135 req->cmd.buf[0] == WRITE_SAME_10 ? 10 : 16,
142c2145 2136 (unsigned long)r->req.cmd.xfer);
84f94a9a 2137 break;
aa5dbdc1 2138 default:
b9e77bc7
AK		 2139 DPRINTF("Unknown SCSI command (%2.2x=%s)\n", buf[0],
2140 scsi_command_name(buf[0]));
b45ef674 2141 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
b08d0ea0 2142 return 0;
aa5dbdc1 2143 }
314a3299 2144 assert(!r->req.aiocb);
c8dcb531 2145 r->iov.iov_len = MIN(r->buflen, req->cmd.xfer);
b08d0ea0
PB		 2146 if (r->iov.iov_len == 0) {
2147 scsi_req_complete(&r->req, GOOD);
2148 }
af6d510d
PB		 2149 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
2150 assert(r->iov.iov_len == req->cmd.xfer);
2151 return -r->iov.iov_len;
2152 } else {
2153 return r->iov.iov_len;
2154 }
aa5dbdc1 2155
aa5dbdc1 2156illegal_request:
cfc606da
PB		 2157 if (r->req.status == -1) {
2158 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2159 }
b08d0ea0 2160 return 0;
101aa85f
PB		 2161
2162illegal_lba:
2163 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
2164 return 0;
aa5dbdc1
GH		 2165}
2166
2e5d83bb
PB		 2167/* Execute a scsi command. Returns the length of the data expected by the
2168 command. This will be Positive for data transfers from the device
2169 (eg. disk reads), negative for transfers to the device (eg. disk writes),
2170 and zero if the command does not transfer any data. */
2171
b08d0ea0 2172static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf)
2e5d83bb 2173{
5c6c0e51
HR		 2174 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2175 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
94f8ba11 2176 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
e93176d5 2177 uint32_t len;
a917d384 2178 uint8_t command;
a917d384
PB		 2179
2180 command = buf[0];
aa5dbdc1 2181
cd723b85 2182 if (!blk_is_available(s->qdev.conf.blk)) {
b08d0ea0
PB		 2183 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
2184 return 0;
9bcaf4fe
PB		 2185 }
2186
1894df02 2187 len = scsi_data_cdb_xfer(r->req.cmd.buf);
a917d384 2188 switch (command) {
ebf46023
GH		 2189 case READ_6:
2190 case READ_10:
bd536cf3
GH		 2191 case READ_12:
2192 case READ_16:
e93176d5 2193 DPRINTF("Read (sector %" PRId64 ", count %u)\n", r->req.cmd.lba, len);
96bdbbab
RS		 2194 if (r->req.cmd.buf[1] & 0xe0) {
2195 goto illegal_request;
2196 }
444bc908 2197 if (!check_lba_range(s, r->req.cmd.lba, len)) {
274fb0e1 2198 goto illegal_lba;
f01b5931 2199 }
69377307
PB		 2200 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
2201 r->sector_count = len * (s->qdev.blocksize / 512);
2e5d83bb 2202 break;
ebf46023
GH		 2203 case WRITE_6:
2204 case WRITE_10:
bd536cf3
GH		 2205 case WRITE_12:
2206 case WRITE_16:
5e30a07d 2207 case WRITE_VERIFY_10:
ebef0bbb
BK		 2208 case WRITE_VERIFY_12:
2209 case WRITE_VERIFY_16:
4be74634 2210 if (blk_is_read_only(s->qdev.conf.blk)) {
6a8a685c
RS		 2211 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
2212 return 0;
2213 }
e93176d5 2214 DPRINTF("Write %s(sector %" PRId64 ", count %u)\n",
2dd791b6
HR		 2215 (command & 0xe) == 0xe ? "And Verify " : "",
2216 r->req.cmd.lba, len);
4f04560b 2217 /* fall through */
166dbda7
PB		 2218 case VERIFY_10:
2219 case VERIFY_12:
2220 case VERIFY_16:
2221 /* We get here only for BYTCHK == 0x01 and only for scsi-block.
2222 * As far as DMA is concerned, we can treat it the same as a write;
2223 * scsi_block_do_sgio will send VERIFY commands.
2224 */
96bdbbab
RS		 2225 if (r->req.cmd.buf[1] & 0xe0) {
2226 goto illegal_request;
2227 }
444bc908 2228 if (!check_lba_range(s, r->req.cmd.lba, len)) {
274fb0e1 2229 goto illegal_lba;
f01b5931 2230 }
69377307
PB		 2231 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
2232 r->sector_count = len * (s->qdev.blocksize / 512);
2e5d83bb 2233 break;
101aa85f 2234 default:
b08d0ea0 2235 abort();
96bdbbab
RS		 2236 illegal_request:
2237 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2238 return 0;
274fb0e1 2239 illegal_lba:
b45ef674 2240 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
274fb0e1 2241 return 0;
2e5d83bb 2242 }
94f8ba11 2243 r->need_fua_emulation = sdc->need_fua_emulation(&r->req.cmd);
b08d0ea0 2244 if (r->sector_count == 0) {
b45ef674 2245 scsi_req_complete(&r->req, GOOD);
a917d384 2246 }
b08d0ea0 2247 assert(r->iov.iov_len == 0);
efb9ee02 2248 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
b08d0ea0 2249 return -r->sector_count * 512;
a917d384 2250 } else {
b08d0ea0 2251 return r->sector_count * 512;
2e5d83bb 2252 }
2e5d83bb
PB		 2253}
2254
e9447f35
JK		 2255static void scsi_disk_reset(DeviceState *dev)
2256{
2257 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
2258 uint64_t nb_sectors;
2259
c7b48872 2260 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
e9447f35 2261
4be74634 2262 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
69377307 2263 nb_sectors /= s->qdev.blocksize / 512;
e9447f35
JK		 2264 if (nb_sectors) {
2265 nb_sectors--;
2266 }
7877903a 2267 s->qdev.max_lba = nb_sectors;
7721c7f7
PH		 2268 /* reset tray statuses */
2269 s->tray_locked = 0;
2270 s->tray_open = 0;
e9447f35
JK		 2271}
2272
aaebacef
PB		 2273static void scsi_disk_resize_cb(void *opaque)
2274{
2275 SCSIDiskState *s = opaque;
2276
2277 /* SPC lists this sense code as available only for
2278 * direct-access devices.
2279 */
2280 if (s->qdev.type == TYPE_DISK) {
53200fad 2281 scsi_device_report_change(&s->qdev, SENSE_CODE(CAPACITY_CHANGED));
aaebacef
PB		 2282 }
2283}
2284
39829a01 2285static void scsi_cd_change_media_cb(void *opaque, bool load, Error **errp)
2c6942fa 2286{
8a9c16f6
PB		 2287 SCSIDiskState *s = opaque;
2288
2289 /*
2290 * When a CD gets changed, we have to report an ejected state and
2291 * then a loaded state to guests so that they detect tray
2292 * open/close and media change events. Guests that do not use
2293 * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close
2294 * states rely on this behavior.
2295 *
2296 * media_changed governs the state machine used for unit attention
2297 * report. media_event is used by GET EVENT STATUS NOTIFICATION.
2298 */
2299 s->media_changed = load;
2300 s->tray_open = !load;
e48e84ea 2301 scsi_device_set_ua(&s->qdev, SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM));
3c2f7c12 2302 s->media_event = true;
4480de19
PB		 2303 s->eject_request = false;
2304}
2305
2306static void scsi_cd_eject_request_cb(void *opaque, bool force)
2307{
2308 SCSIDiskState *s = opaque;
2309
2310 s->eject_request = true;
2311 if (force) {
2312 s->tray_locked = false;
2313 }
2c6942fa
MA		 2314}
2315
e4def80b
MA		 2316static bool scsi_cd_is_tray_open(void *opaque)
2317{
2318 return ((SCSIDiskState *)opaque)->tray_open;
2319}
2320
f107639a
MA		 2321static bool scsi_cd_is_medium_locked(void *opaque)
2322{
2323 return ((SCSIDiskState *)opaque)->tray_locked;
2324}
2325
aaebacef 2326static const BlockDevOps scsi_disk_removable_block_ops = {
2c6942fa 2327 .change_media_cb = scsi_cd_change_media_cb,
4480de19 2328 .eject_request_cb = scsi_cd_eject_request_cb,
e4def80b 2329 .is_tray_open = scsi_cd_is_tray_open,
f107639a 2330 .is_medium_locked = scsi_cd_is_medium_locked,
aaebacef
PB		 2331
2332 .resize_cb = scsi_disk_resize_cb,
2333};
2334
2335static const BlockDevOps scsi_disk_block_ops = {
2336 .resize_cb = scsi_disk_resize_cb,
f107639a
MA		 2337};
2338
8a9c16f6
PB		 2339static void scsi_disk_unit_attention_reported(SCSIDevice *dev)
2340{
2341 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2342 if (s->media_changed) {
2343 s->media_changed = false;
e48e84ea 2344 scsi_device_set_ua(&s->qdev, SENSE_CODE(MEDIUM_CHANGED));
8a9c16f6
PB		 2345 }
2346}
2347
a818a4b6 2348static void scsi_realize(SCSIDevice *dev, Error **errp)
2e5d83bb 2349{
d52affa7 2350 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2e5d83bb 2351
4be74634 2352 if (!s->qdev.conf.blk) {
a818a4b6
FZ		 2353 error_setg(errp, "drive property not set");
2354 return;
d52affa7
GH		 2355 }
2356
bfe3d7ac 2357 if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
4be74634 2358 !blk_is_inserted(s->qdev.conf.blk)) {
a818a4b6
FZ		 2359 error_setg(errp, "Device needs media, but drive is empty");
2360 return;
98f28ad7
MA		 2361 }
2362
911525db 2363 blkconf_serial(&s->qdev.conf, &s->serial);
0eb28a42 2364 blkconf_blocksizes(&s->qdev.conf);
3da023b5
MK		 2365
2366 if (s->qdev.conf.logical_block_size >
2367 s->qdev.conf.physical_block_size) {
2368 error_setg(errp,
2369 "logical_block_size > physical_block_size not supported");
2370 return;
2371 }
2372
5ff5efb4 2373 if (dev->type == TYPE_DISK) {
ceff3e1f 2374 if (!blkconf_geometry(&dev->conf, NULL, 65535, 255, 255, errp)) {
a818a4b6 2375 return;
5ff5efb4 2376 }
b7eb0c9f 2377 }
ceff3e1f
MZ		 2378 if (!blkconf_apply_backend_options(&dev->conf,
2379 blk_is_read_only(s->qdev.conf.blk),
2380 dev->type == TYPE_DISK, errp)) {
a17c17a2
KW		 2381 return;
2382 }
a0fef654 2383
215e47b9
PB		 2384 if (s->qdev.conf.discard_granularity == -1) {
2385 s->qdev.conf.discard_granularity =
2386 MAX(s->qdev.conf.logical_block_size, DEFAULT_DISCARD_GRANULARITY);
2387 }
2388
552fee93 2389 if (!s->version) {
35c2c8dc 2390 s->version = g_strdup(qemu_hw_version());
552fee93 2391 }
353815aa
DF		 2392 if (!s->vendor) {
2393 s->vendor = g_strdup("QEMU");
2394 }
552fee93 2395
4be74634 2396 if (blk_is_sg(s->qdev.conf.blk)) {
a818a4b6
FZ		 2397 error_setg(errp, "unwanted /dev/sg*");
2398 return;
32bb404a
MA		 2399 }
2400
18e673b8
PH		 2401 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2402 !(s->features & (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS))) {
4be74634 2403 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_removable_block_ops, s);
aaebacef 2404 } else {
4be74634 2405 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_block_ops, s);
2e5d83bb 2406 }
4be74634 2407 blk_set_guest_block_size(s->qdev.conf.blk, s->qdev.blocksize);
8cfacf07 2408
4be74634 2409 blk_iostatus_enable(s->qdev.conf.blk);
d52affa7
GH		 2410}
2411
a818a4b6 2412static void scsi_hd_realize(SCSIDevice *dev, Error **errp)
b443ae67 2413{
e39be482 2414 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
df1d4c34
ET		 2415 /* can happen for devices without drive. The error message for missing
2416 * backend will be issued in scsi_realize
2417 */
2418 if (s->qdev.conf.blk) {
2419 blkconf_blocksizes(&s->qdev.conf);
2420 }
e39be482
PB		 2421 s->qdev.blocksize = s->qdev.conf.logical_block_size;
2422 s->qdev.type = TYPE_DISK;
353815aa
DF		 2423 if (!s->product) {
2424 s->product = g_strdup("QEMU HARDDISK");
2425 }
a818a4b6 2426 scsi_realize(&s->qdev, errp);
b443ae67
MA		 2427}
2428
a818a4b6 2429static void scsi_cd_realize(SCSIDevice *dev, Error **errp)
b443ae67 2430{
e39be482 2431 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
83b4fe0e 2432 int ret;
9ef6e505
KW		 2433
2434 if (!dev->conf.blk) {
83b4fe0e
KW		 2435 /* Anonymous BlockBackend for an empty drive. As we put it into
2436 * dev->conf, qdev takes care of detaching on unplug. */
6d0eb64d 2437 dev->conf.blk = blk_new(0, BLK_PERM_ALL);
83b4fe0e
KW		 2438 ret = blk_attach_dev(dev->conf.blk, &dev->qdev);
2439 assert(ret == 0);
9ef6e505
KW		 2440 }
2441
e39be482
PB		 2442 s->qdev.blocksize = 2048;
2443 s->qdev.type = TYPE_ROM;
bfe3d7ac 2444 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
353815aa
DF		 2445 if (!s->product) {
2446 s->product = g_strdup("QEMU CD-ROM");
2447 }
a818a4b6 2448 scsi_realize(&s->qdev, errp);
b443ae67
MA		 2449}
2450
a818a4b6 2451static void scsi_disk_realize(SCSIDevice *dev, Error **errp)
b443ae67 2452{
95b5edcd 2453 DriveInfo *dinfo;
a818a4b6 2454 Error *local_err = NULL;
b443ae67 2455
4be74634 2456 if (!dev->conf.blk) {
a818a4b6
FZ		 2457 scsi_realize(dev, &local_err);
2458 assert(local_err);
2459 error_propagate(errp, local_err);
2460 return;
b443ae67
MA		 2461 }
2462
4be74634 2463 dinfo = blk_legacy_dinfo(dev->conf.blk);
26f8b3a8 2464 if (dinfo && dinfo->media_cd) {
a818a4b6 2465 scsi_cd_realize(dev, errp);
e39be482 2466 } else {
a818a4b6 2467 scsi_hd_realize(dev, errp);
e39be482 2468 }
b443ae67
MA		 2469}
2470
b08d0ea0 2471static const SCSIReqOps scsi_disk_emulate_reqops = {
8dbd4574 2472 .size = sizeof(SCSIDiskReq),
12010e7b 2473 .free_req = scsi_free_request,
b08d0ea0 2474 .send_command = scsi_disk_emulate_command,
314a3299
PB		 2475 .read_data = scsi_disk_emulate_read_data,
2476 .write_data = scsi_disk_emulate_write_data,
b08d0ea0
PB		 2477 .get_buf = scsi_get_buf,
2478};
2479
2480static const SCSIReqOps scsi_disk_dma_reqops = {
2481 .size = sizeof(SCSIDiskReq),
2482 .free_req = scsi_free_request,
2483 .send_command = scsi_disk_dma_command,
12010e7b
PB		 2484 .read_data = scsi_read_data,
2485 .write_data = scsi_write_data,
12010e7b 2486 .get_buf = scsi_get_buf,
43b978b9
PB		 2487 .load_request = scsi_disk_load_request,
2488 .save_request = scsi_disk_save_request,
8dbd4574
PB		 2489};
2490
b08d0ea0
PB		 2491static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = {
2492 [TEST_UNIT_READY] = &scsi_disk_emulate_reqops,
2493 [INQUIRY] = &scsi_disk_emulate_reqops,
2494 [MODE_SENSE] = &scsi_disk_emulate_reqops,
2495 [MODE_SENSE_10] = &scsi_disk_emulate_reqops,
2496 [START_STOP] = &scsi_disk_emulate_reqops,
2497 [ALLOW_MEDIUM_REMOVAL] = &scsi_disk_emulate_reqops,
2498 [READ_CAPACITY_10] = &scsi_disk_emulate_reqops,
2499 [READ_TOC] = &scsi_disk_emulate_reqops,
2500 [READ_DVD_STRUCTURE] = &scsi_disk_emulate_reqops,
2501 [READ_DISC_INFORMATION] = &scsi_disk_emulate_reqops,
2502 [GET_CONFIGURATION] = &scsi_disk_emulate_reqops,
2503 [GET_EVENT_STATUS_NOTIFICATION] = &scsi_disk_emulate_reqops,
2504 [MECHANISM_STATUS] = &scsi_disk_emulate_reqops,
2505 [SERVICE_ACTION_IN_16] = &scsi_disk_emulate_reqops,
2506 [REQUEST_SENSE] = &scsi_disk_emulate_reqops,
2507 [SYNCHRONIZE_CACHE] = &scsi_disk_emulate_reqops,
2508 [SEEK_10] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2509 [MODE_SELECT] = &scsi_disk_emulate_reqops,
2510 [MODE_SELECT_10] = &scsi_disk_emulate_reqops,
5222aaf2 2511 [UNMAP] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2512 [WRITE_SAME_10] = &scsi_disk_emulate_reqops,
2513 [WRITE_SAME_16] = &scsi_disk_emulate_reqops,
d97e7730
PB		 2514 [VERIFY_10] = &scsi_disk_emulate_reqops,
2515 [VERIFY_12] = &scsi_disk_emulate_reqops,
2516 [VERIFY_16] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2517
2518 [READ_6] = &scsi_disk_dma_reqops,
2519 [READ_10] = &scsi_disk_dma_reqops,
2520 [READ_12] = &scsi_disk_dma_reqops,
2521 [READ_16] = &scsi_disk_dma_reqops,
b08d0ea0
PB		 2522 [WRITE_6] = &scsi_disk_dma_reqops,
2523 [WRITE_10] = &scsi_disk_dma_reqops,
2524 [WRITE_12] = &scsi_disk_dma_reqops,
2525 [WRITE_16] = &scsi_disk_dma_reqops,
2526 [WRITE_VERIFY_10] = &scsi_disk_dma_reqops,
2527 [WRITE_VERIFY_12] = &scsi_disk_dma_reqops,
2528 [WRITE_VERIFY_16] = &scsi_disk_dma_reqops,
2529};
2530
63db0f0e
PB		 2531static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
2532 uint8_t *buf, void *hba_private)
8dbd4574
PB		 2533{
2534 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2535 SCSIRequest *req;
b08d0ea0
PB		 2536 const SCSIReqOps *ops;
2537 uint8_t command;
8dbd4574 2538
79fb50bb
PB		 2539 command = buf[0];
2540 ops = scsi_disk_reqops_dispatch[command];
2541 if (!ops) {
2542 ops = &scsi_disk_emulate_reqops;
2543 }
2544 req = scsi_req_alloc(ops, &s->qdev, tag, lun, hba_private);
2545
b08d0ea0 2546#ifdef DEBUG_SCSI
79fb50bb 2547 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
b08d0ea0
PB		 2548 {
2549 int i;
1894df02 2550 for (i = 1; i < scsi_cdb_length(buf); i++) {
b08d0ea0
PB		 2551 printf(" 0x%02x", buf[i]);
2552 }
2553 printf("\n");
2554 }
2555#endif
2556
8dbd4574
PB		 2557 return req;
2558}
2559
336a6915
PB		 2560#ifdef __linux__
2561static int get_device_type(SCSIDiskState *s)
2562{
336a6915
PB		 2563 uint8_t cmd[16];
2564 uint8_t buf[36];
2565 uint8_t sensebuf[8];
2566 sg_io_hdr_t io_header;
2567 int ret;
2568
2569 memset(cmd, 0, sizeof(cmd));
2570 memset(buf, 0, sizeof(buf));
2571 cmd[0] = INQUIRY;
2572 cmd[4] = sizeof(buf);
2573
2574 memset(&io_header, 0, sizeof(io_header));
2575 io_header.interface_id = 'S';
2576 io_header.dxfer_direction = SG_DXFER_FROM_DEV;
2577 io_header.dxfer_len = sizeof(buf);
2578 io_header.dxferp = buf;
2579 io_header.cmdp = cmd;
2580 io_header.cmd_len = sizeof(cmd);
2581 io_header.mx_sb_len = sizeof(sensebuf);
2582 io_header.sbp = sensebuf;
2583 io_header.timeout = 6000; /* XXX */
2584
4be74634 2585 ret = blk_ioctl(s->qdev.conf.blk, SG_IO, &io_header);
336a6915
PB		 2586 if (ret < 0 || io_header.driver_status || io_header.host_status) {
2587 return -1;
2588 }
2589 s->qdev.type = buf[0];
bfe3d7ac
PB		 2590 if (buf[1] & 0x80) {
2591 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2592 }
336a6915
PB		 2593 return 0;
2594}
2595
a818a4b6 2596static void scsi_block_realize(SCSIDevice *dev, Error **errp)
336a6915
PB		 2597{
2598 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2599 int sg_version;
2600 int rc;
2601
4be74634 2602 if (!s->qdev.conf.blk) {
a818a4b6
FZ		 2603 error_setg(errp, "drive property not set");
2604 return;
336a6915
PB		 2605 }
2606
2607 /* check we are using a driver managing SG_IO (version 3 and after) */
4be74634 2608 rc = blk_ioctl(s->qdev.conf.blk, SG_GET_VERSION_NUM, &sg_version);
4bbeb8b1 2609 if (rc < 0) {
a818a4b6 2610 error_setg(errp, "cannot get SG_IO version number: %s. "
6ee143a0 2611 "Is this a SCSI device?",
4bbeb8b1 2612 strerror(-rc));
a818a4b6 2613 return;
4bbeb8b1
FZ		 2614 }
2615 if (sg_version < 30000) {
a818a4b6
FZ		 2616 error_setg(errp, "scsi generic interface too old");
2617 return;
336a6915
PB		 2618 }
2619
2620 /* get device type from INQUIRY data */
2621 rc = get_device_type(s);
2622 if (rc < 0) {
a818a4b6
FZ		 2623 error_setg(errp, "INQUIRY failed");
2624 return;
336a6915
PB		 2625 }
2626
2627 /* Make a guess for the block size, we'll fix it when the guest sends.
2628 * READ CAPACITY. If they don't, they likely would assume these sizes
2629 * anyway. (TODO: check in /sys).
2630 */
2631 if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) {
2632 s->qdev.blocksize = 2048;
2633 } else {
2634 s->qdev.blocksize = 512;
2635 }
18e673b8
PH		 2636
2637 /* Makes the scsi-block device not removable by using HMP and QMP eject
2638 * command.
2639 */
2640 s->features |= (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS);
2641
a818a4b6 2642 scsi_realize(&s->qdev, errp);
9fd7e859 2643 scsi_generic_read_device_identification(&s->qdev);
336a6915
PB		 2644}
2645
8fdc7839
PB		 2646typedef struct SCSIBlockReq {
2647 SCSIDiskReq req;
2648 sg_io_hdr_t io_header;
2649
2650 /* Selected bytes of the original CDB, copied into our own CDB. */
2651 uint8_t cmd, cdb1, group_number;
2652
2653 /* CDB passed to SG_IO. */
2654 uint8_t cdb[16];
2655} SCSIBlockReq;
2656
2657static BlockAIOCB *scsi_block_do_sgio(SCSIBlockReq *req,
2658 int64_t offset, QEMUIOVector *iov,
2659 int direction,
2660 BlockCompletionFunc *cb, void *opaque)
2661{
2662 sg_io_hdr_t *io_header = &req->io_header;
2663 SCSIDiskReq *r = &req->req;
2664 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2665 int nb_logical_blocks;
2666 uint64_t lba;
2667 BlockAIOCB *aiocb;
2668
2669 /* This is not supported yet. It can only happen if the guest does
2670 * reads and writes that are not aligned to one logical sectors
2671 * _and_ cover multiple MemoryRegions.
2672 */
2673 assert(offset % s->qdev.blocksize == 0);
2674 assert(iov->size % s->qdev.blocksize == 0);
2675
2676 io_header->interface_id = 'S';
2677
2678 /* The data transfer comes from the QEMUIOVector. */
2679 io_header->dxfer_direction = direction;
2680 io_header->dxfer_len = iov->size;
2681 io_header->dxferp = (void *)iov->iov;
2682 io_header->iovec_count = iov->niov;
2683 assert(io_header->iovec_count == iov->niov); /* no overflow! */
2684
2685 /* Build a new CDB with the LBA and length patched in, in case
2686 * DMA helpers split the transfer in multiple segments. Do not
2687 * build a CDB smaller than what the guest wanted, and only build
2688 * a larger one if strictly necessary.
2689 */
2690 io_header->cmdp = req->cdb;
2691 lba = offset / s->qdev.blocksize;
2692 nb_logical_blocks = io_header->dxfer_len / s->qdev.blocksize;
2693
2694 if ((req->cmd >> 5) == 0 && lba <= 0x1ffff) {
2695 /* 6-byte CDB */
2696 stl_be_p(&req->cdb[0], lba | (req->cmd << 24));
2697 req->cdb[4] = nb_logical_blocks;
2698 req->cdb[5] = 0;
2699 io_header->cmd_len = 6;
2700 } else if ((req->cmd >> 5) <= 1 && lba <= 0xffffffffULL) {
2701 /* 10-byte CDB */
2702 req->cdb[0] = (req->cmd & 0x1f) | 0x20;
2703 req->cdb[1] = req->cdb1;
2704 stl_be_p(&req->cdb[2], lba);
2705 req->cdb[6] = req->group_number;
2706 stw_be_p(&req->cdb[7], nb_logical_blocks);
2707 req->cdb[9] = 0;
2708 io_header->cmd_len = 10;
2709 } else if ((req->cmd >> 5) != 4 && lba <= 0xffffffffULL) {
2710 /* 12-byte CDB */
2711 req->cdb[0] = (req->cmd & 0x1f) | 0xA0;
2712 req->cdb[1] = req->cdb1;
2713 stl_be_p(&req->cdb[2], lba);
2714 stl_be_p(&req->cdb[6], nb_logical_blocks);
2715 req->cdb[10] = req->group_number;
2716 req->cdb[11] = 0;
2717 io_header->cmd_len = 12;
2718 } else {
2719 /* 16-byte CDB */
2720 req->cdb[0] = (req->cmd & 0x1f) | 0x80;
2721 req->cdb[1] = req->cdb1;
2722 stq_be_p(&req->cdb[2], lba);
2723 stl_be_p(&req->cdb[10], nb_logical_blocks);
2724 req->cdb[14] = req->group_number;
2725 req->cdb[15] = 0;
2726 io_header->cmd_len = 16;
2727 }
2728
2729 /* The rest is as in scsi-generic.c. */
2730 io_header->mx_sb_len = sizeof(r->req.sense);
2731 io_header->sbp = r->req.sense;
2732 io_header->timeout = UINT_MAX;
2733 io_header->usr_ptr = r;
2734 io_header->flags |= SG_FLAG_DIRECT_IO;
2735
2736 aiocb = blk_aio_ioctl(s->qdev.conf.blk, SG_IO, io_header, cb, opaque);
2737 assert(aiocb != NULL);
2738 return aiocb;
2739}
2740
2741static bool scsi_block_no_fua(SCSICommand *cmd)
2742{
2743 return false;
2744}
2745
2746static BlockAIOCB *scsi_block_dma_readv(int64_t offset,
2747 QEMUIOVector *iov,
2748 BlockCompletionFunc *cb, void *cb_opaque,
2749 void *opaque)
2750{
2751 SCSIBlockReq *r = opaque;
2752 return scsi_block_do_sgio(r, offset, iov,
2753 SG_DXFER_FROM_DEV, cb, cb_opaque);
2754}
2755
2756static BlockAIOCB *scsi_block_dma_writev(int64_t offset,
2757 QEMUIOVector *iov,
2758 BlockCompletionFunc *cb, void *cb_opaque,
2759 void *opaque)
2760{
2761 SCSIBlockReq *r = opaque;
2762 return scsi_block_do_sgio(r, offset, iov,
2763 SG_DXFER_TO_DEV, cb, cb_opaque);
2764}
2765
592c3b28 2766static bool scsi_block_is_passthrough(SCSIDiskState *s, uint8_t *buf)
336a6915 2767{
336a6915 2768 switch (buf[0]) {
8fdc7839
PB		 2769 case VERIFY_10:
2770 case VERIFY_12:
2771 case VERIFY_16:
2772 /* Check if BYTCHK == 0x01 (data-out buffer contains data
2773 * for the number of logical blocks specified in the length
2774 * field). For other modes, do not use scatter/gather operation.
2775 */
1f8af0d1 2776 if ((buf[1] & 6) == 2) {
8fdc7839
PB		 2777 return false;
2778 }
2779 break;
2780
336a6915
PB		 2781 case READ_6:
2782 case READ_10:
2783 case READ_12:
2784 case READ_16:
2785 case WRITE_6:
2786 case WRITE_10:
2787 case WRITE_12:
2788 case WRITE_16:
2789 case WRITE_VERIFY_10:
2790 case WRITE_VERIFY_12:
2791 case WRITE_VERIFY_16:
8fdc7839 2792 /* MMC writing cannot be done via DMA helpers, because it sometimes
33ebad12 2793 * involves writing beyond the maximum LBA or to negative LBA (lead-in).
166dbda7 2794 * We might use scsi_block_dma_reqops as long as no writing commands are
33ebad12
PB		 2795 * seen, but performance usually isn't paramount on optical media. So,
2796 * just make scsi-block operate the same as scsi-generic for them.
2797 */
b08d0ea0 2798 if (s->qdev.type != TYPE_ROM) {
592c3b28 2799 return false;
b08d0ea0 2800 }
592c3b28
PB		 2801 break;
2802
2803 default:
2804 break;
336a6915
PB		 2805 }
2806
592c3b28
PB		 2807 return true;
2808}
2809
2810
8fdc7839
PB		 2811static int32_t scsi_block_dma_command(SCSIRequest *req, uint8_t *buf)
2812{
2813 SCSIBlockReq *r = (SCSIBlockReq *)req;
2814 r->cmd = req->cmd.buf[0];
2815 switch (r->cmd >> 5) {
2816 case 0:
2817 /* 6-byte CDB. */
2818 r->cdb1 = r->group_number = 0;
2819 break;
2820 case 1:
2821 /* 10-byte CDB. */
2822 r->cdb1 = req->cmd.buf[1];
2823 r->group_number = req->cmd.buf[6];
ed45cae3 2824 break;
8fdc7839
PB		 2825 case 4:
2826 /* 12-byte CDB. */
2827 r->cdb1 = req->cmd.buf[1];
2828 r->group_number = req->cmd.buf[10];
2829 break;
2830 case 5:
2831 /* 16-byte CDB. */
2832 r->cdb1 = req->cmd.buf[1];
2833 r->group_number = req->cmd.buf[14];
2834 break;
2835 default:
2836 abort();
2837 }
2838
2839 if (r->cdb1 & 0xe0) {
2840 /* Protection information is not supported. */
2841 scsi_check_condition(&r->req, SENSE_CODE(INVALID_FIELD));
2842 return 0;
2843 }
2844
2845 r->req.status = &r->io_header.status;
2846 return scsi_disk_dma_command(req, buf);
2847}
2848
2849static const SCSIReqOps scsi_block_dma_reqops = {
2850 .size = sizeof(SCSIBlockReq),
2851 .free_req = scsi_free_request,
2852 .send_command = scsi_block_dma_command,
2853 .read_data = scsi_read_data,
2854 .write_data = scsi_write_data,
2855 .get_buf = scsi_get_buf,
2856 .load_request = scsi_disk_load_request,
2857 .save_request = scsi_disk_save_request,
2858};
2859
592c3b28
PB		 2860static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag,
2861 uint32_t lun, uint8_t *buf,
2862 void *hba_private)
2863{
2864 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2865
2866 if (scsi_block_is_passthrough(s, buf)) {
2867 return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun,
2868 hba_private);
2869 } else {
8fdc7839 2870 return scsi_req_alloc(&scsi_block_dma_reqops, &s->qdev, tag, lun,
592c3b28
PB		 2871 hba_private);
2872 }
336a6915 2873}
3e7e180a
PB		 2874
2875static int scsi_block_parse_cdb(SCSIDevice *d, SCSICommand *cmd,
2876 uint8_t *buf, void *hba_private)
2877{
2878 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2879
2880 if (scsi_block_is_passthrough(s, buf)) {
2881 return scsi_bus_parse_cdb(&s->qdev, cmd, buf, hba_private);
2882 } else {
2883 return scsi_req_parse_cdb(&s->qdev, cmd, buf);
2884 }
2885}
2886
336a6915
PB		 2887#endif
2888
fcaafb10
PB		 2889static
2890BlockAIOCB *scsi_dma_readv(int64_t offset, QEMUIOVector *iov,
2891 BlockCompletionFunc *cb, void *cb_opaque,
2892 void *opaque)
2893{
2894 SCSIDiskReq *r = opaque;
2895 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2896 return blk_aio_preadv(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2897}
2898
2899static
2900BlockAIOCB *scsi_dma_writev(int64_t offset, QEMUIOVector *iov,
2901 BlockCompletionFunc *cb, void *cb_opaque,
2902 void *opaque)
2903{
2904 SCSIDiskReq *r = opaque;
2905 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2906 return blk_aio_pwritev(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2907}
2908
993935f3
PB		 2909static void scsi_disk_base_class_initfn(ObjectClass *klass, void *data)
2910{
2911 DeviceClass *dc = DEVICE_CLASS(klass);
fcaafb10 2912 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
993935f3
PB		 2913
2914 dc->fw_name = "disk";
2915 dc->reset = scsi_disk_reset;
fcaafb10
PB		 2916 sdc->dma_readv = scsi_dma_readv;
2917 sdc->dma_writev = scsi_dma_writev;
94f8ba11 2918 sdc->need_fua_emulation = scsi_is_cmd_fua;
993935f3
PB		 2919}
2920
2921static const TypeInfo scsi_disk_base_info = {
2922 .name = TYPE_SCSI_DISK_BASE,
2923 .parent = TYPE_SCSI_DEVICE,
2924 .class_init = scsi_disk_base_class_initfn,
2925 .instance_size = sizeof(SCSIDiskState),
fcaafb10 2926 .class_size = sizeof(SCSIDiskClass),
6214a11a 2927 .abstract = true,
993935f3
PB		 2928};
2929
353815aa
DF		 2930#define DEFINE_SCSI_DISK_PROPERTIES() \
2931 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \
8c398252 2932 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf), \
353815aa
DF		 2933 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
2934 DEFINE_PROP_STRING("serial", SCSIDiskState, serial), \
2935 DEFINE_PROP_STRING("vendor", SCSIDiskState, vendor), \
2936 DEFINE_PROP_STRING("product", SCSIDiskState, product)
b443ae67 2937
39bffca2
AL		 2938static Property scsi_hd_properties[] = {
2939 DEFINE_SCSI_DISK_PROPERTIES(),
bfe3d7ac
PB		 2940 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2941 SCSI_DISK_F_REMOVABLE, false),
da8365db
PB		 2942 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2943 SCSI_DISK_F_DPOFUA, false),
2ecab408
PB		 2944 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
2945 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
64cc2284 2946 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
8a1bd297
PB		 2947 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
2948 DEFAULT_MAX_UNMAP_SIZE),
f8e1f533
PB		 2949 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
2950 DEFAULT_MAX_IO_SIZE),
070f8009 2951 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),
d252df48 2952 DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState, qdev.conf),
39bffca2
AL		 2953 DEFINE_PROP_END_OF_LIST(),
2954};
2955
43b978b9
PB		 2956static const VMStateDescription vmstate_scsi_disk_state = {
2957 .name = "scsi-disk",
2958 .version_id = 1,
2959 .minimum_version_id = 1,
43b978b9
PB		 2960 .fields = (VMStateField[]) {
2961 VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState),
2962 VMSTATE_BOOL(media_changed, SCSIDiskState),
2963 VMSTATE_BOOL(media_event, SCSIDiskState),
2964 VMSTATE_BOOL(eject_request, SCSIDiskState),
2965 VMSTATE_BOOL(tray_open, SCSIDiskState),
2966 VMSTATE_BOOL(tray_locked, SCSIDiskState),
2967 VMSTATE_END_OF_LIST()
2968 }
2969};
2970
b9eea3e6
AL		 2971static void scsi_hd_class_initfn(ObjectClass *klass, void *data)
2972{
39bffca2 2973 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 2974 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2975
a818a4b6 2976 sc->realize = scsi_hd_realize;
b9eea3e6
AL		 2977 sc->alloc_req = scsi_new_request;
2978 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2 2979 dc->desc = "virtual SCSI disk";
39bffca2 2980 dc->props = scsi_hd_properties;
43b978b9 2981 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 2982}
2983
8c43a6f0 2984static const TypeInfo scsi_hd_info = {
39bffca2 2985 .name = "scsi-hd",
993935f3 2986 .parent = TYPE_SCSI_DISK_BASE,
39bffca2
AL		 2987 .class_init = scsi_hd_class_initfn,
2988};
2989
2990static Property scsi_cd_properties[] = {
2991 DEFINE_SCSI_DISK_PROPERTIES(),
2ecab408
PB		 2992 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
2993 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
64cc2284 2994 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
f8e1f533
PB		 2995 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
2996 DEFAULT_MAX_IO_SIZE),
39bffca2 2997 DEFINE_PROP_END_OF_LIST(),
b9eea3e6
AL		 2998};
2999
3000static void scsi_cd_class_initfn(ObjectClass *klass, void *data)
3001{
39bffca2 3002 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 3003 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3004
a818a4b6 3005 sc->realize = scsi_cd_realize;
b9eea3e6
AL		 3006 sc->alloc_req = scsi_new_request;
3007 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2 3008 dc->desc = "virtual SCSI CD-ROM";
39bffca2 3009 dc->props = scsi_cd_properties;
43b978b9 3010 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 3011}
3012
8c43a6f0 3013static const TypeInfo scsi_cd_info = {
39bffca2 3014 .name = "scsi-cd",
993935f3 3015 .parent = TYPE_SCSI_DISK_BASE,
39bffca2 3016 .class_init = scsi_cd_class_initfn,
b9eea3e6
AL		 3017};
3018
336a6915 3019#ifdef __linux__
39bffca2 3020static Property scsi_block_properties[] = {
14b20748 3021 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf), \
4be74634 3022 DEFINE_PROP_DRIVE("drive", SCSIDiskState, qdev.conf.blk),
07488549 3023 DEFINE_PROP_BOOL("share-rw", SCSIDiskState, qdev.conf.share_rw, false),
070f8009 3024 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),
39bffca2
AL		 3025 DEFINE_PROP_END_OF_LIST(),
3026};
3027
b9eea3e6
AL		 3028static void scsi_block_class_initfn(ObjectClass *klass, void *data)
3029{
39bffca2 3030 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6 3031 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
8fdc7839 3032 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
b9eea3e6 3033
a818a4b6 3034 sc->realize = scsi_block_realize;
b9eea3e6 3035 sc->alloc_req = scsi_block_new_request;
3e7e180a 3036 sc->parse_cdb = scsi_block_parse_cdb;
8fdc7839
PB		 3037 sdc->dma_readv = scsi_block_dma_readv;
3038 sdc->dma_writev = scsi_block_dma_writev;
3039 sdc->need_fua_emulation = scsi_block_no_fua;
39bffca2 3040 dc->desc = "SCSI block device passthrough";
39bffca2 3041 dc->props = scsi_block_properties;
43b978b9 3042 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 3043}
3044
8c43a6f0 3045static const TypeInfo scsi_block_info = {
39bffca2 3046 .name = "scsi-block",
993935f3 3047 .parent = TYPE_SCSI_DISK_BASE,
39bffca2 3048 .class_init = scsi_block_class_initfn,
b9eea3e6 3049};
336a6915 3050#endif
b9eea3e6 3051
39bffca2
AL		 3052static Property scsi_disk_properties[] = {
3053 DEFINE_SCSI_DISK_PROPERTIES(),
bfe3d7ac
PB		 3054 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
3055 SCSI_DISK_F_REMOVABLE, false),
da8365db
PB		 3056 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
3057 SCSI_DISK_F_DPOFUA, false),
2ecab408
PB		 3058 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3059 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
64cc2284 3060 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
8a1bd297
PB		 3061 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3062 DEFAULT_MAX_UNMAP_SIZE),
f8e1f533
PB		 3063 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3064 DEFAULT_MAX_IO_SIZE),
39bffca2
AL		 3065 DEFINE_PROP_END_OF_LIST(),
3066};
3067
b9eea3e6
AL		 3068static void scsi_disk_class_initfn(ObjectClass *klass, void *data)
3069{
39bffca2 3070 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 3071 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3072
a818a4b6 3073 sc->realize = scsi_disk_realize;
b9eea3e6
AL		 3074 sc->alloc_req = scsi_new_request;
3075 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2
AL		 3076 dc->fw_name = "disk";
3077 dc->desc = "virtual SCSI disk or CD-ROM (legacy)";
3078 dc->reset = scsi_disk_reset;
3079 dc->props = scsi_disk_properties;
43b978b9 3080 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 3081}
3082
8c43a6f0 3083static const TypeInfo scsi_disk_info = {
39bffca2 3084 .name = "scsi-disk",
993935f3 3085 .parent = TYPE_SCSI_DISK_BASE,
39bffca2 3086 .class_init = scsi_disk_class_initfn,
d52affa7
GH		 3087};
3088
83f7d43a 3089static void scsi_disk_register_types(void)
d52affa7 3090{
993935f3 3091 type_register_static(&scsi_disk_base_info);
39bffca2
AL		 3092 type_register_static(&scsi_hd_info);
3093 type_register_static(&scsi_cd_info);
b9eea3e6 3094#ifdef __linux__
39bffca2 3095 type_register_static(&scsi_block_info);
b9eea3e6 3096#endif
39bffca2 3097 type_register_static(&scsi_disk_info);
8ccc2ace 3098}
83f7d43a
AF		 3099
3100type_init(scsi_disk_register_types)
QEMU mirror