]> git.proxmox.com Git - mirror_qemu.git/blame - hw/scsi/scsi-disk.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge remote-tracking branch 'remotes/hdeller/tags/hppa-updates-pull-request' into...
[mirror_qemu.git] / hw / scsi / scsi-disk.c
CommitLineData
2e5d83bb
PB		 1/*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
ad3cea42
AT		 8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
2e5d83bb 14 *
8e31bf38 15 * This code is licensed under the LGPL.
a917d384
PB		 16 *
17 * Note that this file only handles the SCSI architecture model and device
1d4db89c
AZ		 18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
2e5d83bb
PB		 20 */
21
a4ab4792 22#include "qemu/osdep.h"
7e462605 23#include "qemu/units.h"
da34e65c 24#include "qapi/error.h"
1de7afc9 25#include "qemu/error-report.h"
db725815 26#include "qemu/main-loop.h"
0b8fa32f 27#include "qemu/module.h"
0d09e41a 28#include "hw/scsi/scsi.h"
ca77ee28 29#include "migration/qemu-file-types.h"
d6454270 30#include "migration/vmstate.h"
3d4a8bf0 31#include "hw/scsi/emulation.h"
08e2c9f1 32#include "scsi/constants.h"
4be74634 33#include "sysemu/block-backend.h"
9c17d615 34#include "sysemu/blockdev.h"
0d09e41a 35#include "hw/block/block.h"
a27bd6c7 36#include "hw/qdev-properties.h"
ce35e229 37#include "hw/qdev-properties-system.h"
9c17d615 38#include "sysemu/dma.h"
71f571a2 39#include "sysemu/sysemu.h"
f348b6d1 40#include "qemu/cutils.h"
59ee9500 41#include "trace.h"
db1015e9 42#include "qom/object.h"
22864256 43
336a6915
PB		 44#ifdef __linux
45#include <scsi/sg.h>
46#endif
47
7e462605
PMD		 48#define SCSI_WRITE_SAME_MAX (512 * KiB)
49#define SCSI_DMA_BUF_SIZE (128 * KiB)
215e47b9
PB		 50#define SCSI_MAX_INQUIRY_LEN 256
51#define SCSI_MAX_MODE_LEN 256
52
7e462605
PMD		 53#define DEFAULT_DISCARD_GRANULARITY (4 * KiB)
54#define DEFAULT_MAX_UNMAP_SIZE (1 * GiB)
f8e1f533 55#define DEFAULT_MAX_IO_SIZE INT_MAX /* 2 GB - 1 block */
a917d384 56
993935f3
PB		 57#define TYPE_SCSI_DISK_BASE "scsi-disk-base"
58
a489d195 59OBJECT_DECLARE_TYPE(SCSIDiskState, SCSIDiskClass, SCSI_DISK_BASE)
fcaafb10 60
db1015e9 61struct SCSIDiskClass {
fcaafb10
PB		 62 SCSIDeviceClass parent_class;
63 DMAIOFunc *dma_readv;
64 DMAIOFunc *dma_writev;
94f8ba11 65 bool (*need_fua_emulation)(SCSICommand *cmd);
d31347f5 66 void (*update_sense)(SCSIRequest *r);
db1015e9 67};
d52affa7 68
4c41d2ef
GH		 69typedef struct SCSIDiskReq {
70 SCSIRequest req;
3dc516bf 71 /* Both sector and sector_count are in terms of BDRV_SECTOR_SIZE bytes. */
e035b43d
AL		 72 uint64_t sector;
73 uint32_t sector_count;
7285477a 74 uint32_t buflen;
a0e66a69 75 bool started;
94f8ba11 76 bool need_fua_emulation;
c87c0672
AL		 77 struct iovec iov;
78 QEMUIOVector qiov;
a597e79c 79 BlockAcctCookie acct;
4c41d2ef 80} SCSIDiskReq;
a917d384 81
18e673b8
PH		 82#define SCSI_DISK_F_REMOVABLE 0
83#define SCSI_DISK_F_DPOFUA 1
84#define SCSI_DISK_F_NO_REMOVABLE_DEVOPS 2
bfe3d7ac 85
db1015e9 86struct SCSIDiskState {
d52affa7 87 SCSIDevice qdev;
bfe3d7ac 88 uint32_t features;
8a9c16f6 89 bool media_changed;
3c2f7c12 90 bool media_event;
4480de19 91 bool eject_request;
64cc2284 92 uint16_t port_index;
8a1bd297 93 uint64_t max_unmap_size;
f8e1f533 94 uint64_t max_io_size;
213189ab 95 QEMUBH *bh;
383b4d9b 96 char *version;
a0fef654 97 char *serial;
353815aa
DF		 98 char *vendor;
99 char *product;
7471a649 100 char *device_id;
ece0d5e9 101 bool tray_open;
81b1008d 102 bool tray_locked;
070f8009
DB		 103 /*
104 * 0x0000 - rotation rate not reported
105 * 0x0001 - non-rotating medium (SSD)
106 * 0x0002-0x0400 - reserved
107 * 0x0401-0xffe - rotations per minute
108 * 0xffff - reserved
109 */
110 uint16_t rotation_rate;
db1015e9 111};
2e5d83bb 112
ad2d30f7 113static void scsi_free_request(SCSIRequest *req)
4d611c9a 114{
ad2d30f7
PB		 115 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
116
db4c34c3 117 qemu_vfree(r->iov.iov_base);
4d611c9a
PB		 118}
119
b45ef674
PB		 120/* Helper function for command completion with sense. */
121static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
ed3a34a3 122{
59ee9500
LV		 123 trace_scsi_disk_check_condition(r->req.tag, sense.key, sense.asc,
124 sense.ascq);
b45ef674
PB		 125 scsi_req_build_sense(&r->req, sense);
126 scsi_req_complete(&r->req, CHECK_CONDITION);
4d611c9a
PB		 127}
128
03c90063 129static void scsi_init_iovec(SCSIDiskReq *r, size_t size)
103b40f5 130{
7285477a
PB		 131 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
132
133 if (!r->iov.iov_base) {
43b978b9 134 r->buflen = size;
4be74634 135 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
7285477a 136 }
3dc516bf 137 r->iov.iov_len = MIN(r->sector_count * BDRV_SECTOR_SIZE, r->buflen);
103b40f5 138 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
103b40f5
PB		 139}
140
43b978b9
PB		 141static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req)
142{
143 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
144
145 qemu_put_be64s(f, &r->sector);
146 qemu_put_be32s(f, &r->sector_count);
147 qemu_put_be32s(f, &r->buflen);
18eef3bc
GH		 148 if (r->buflen) {
149 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
150 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
151 } else if (!req->retry) {
152 uint32_t len = r->iov.iov_len;
153 qemu_put_be32s(f, &len);
154 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
155 }
43b978b9
PB		 156 }
157}
158
159static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req)
160{
161 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
162
163 qemu_get_be64s(f, &r->sector);
164 qemu_get_be32s(f, &r->sector_count);
165 qemu_get_be32s(f, &r->buflen);
166 if (r->buflen) {
167 scsi_init_iovec(r, r->buflen);
168 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
169 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
18eef3bc
GH		 170 } else if (!r->req.retry) {
171 uint32_t len;
172 qemu_get_be32s(f, &len);
173 r->iov.iov_len = len;
174 assert(r->iov.iov_len <= r->buflen);
175 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
43b978b9
PB		 176 }
177 }
178
179 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
180}
181
f95f61c2
PB		 182/*
183 * scsi_handle_rw_error has two return values. False means that the error
184 * must be ignored, true means that the error has been processed and the
185 * caller should not do anything else for this request. Note that
186 * scsi_handle_rw_error always manages its reference counts, independent
187 * of the return value.
188 */
f63c68bc 189static bool scsi_handle_rw_error(SCSIDiskReq *r, int ret, bool acct_failed)
f95f61c2
PB		 190{
191 bool is_read = (r->req.cmd.mode == SCSI_XFER_FROM_DEV);
192 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
193 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
f63c68bc
PB		 194 SCSISense sense = SENSE_CODE(NO_SENSE);
195 int error = 0;
196 bool req_has_sense = false;
197 BlockErrorAction action;
198 int status;
f95f61c2 199
f63c68bc
PB		 200 if (ret < 0) {
201 status = scsi_sense_from_errno(-ret, &sense);
202 error = -ret;
203 } else {
204 /* A passthrough command has completed with nonzero status. */
205 status = ret;
206 if (status == CHECK_CONDITION) {
207 req_has_sense = true;
208 error = scsi_sense_buf_to_errno(r->req.sense, sizeof(r->req.sense));
209 } else {
210 error = EINVAL;
211 }
212 }
213
782a78c9
PB		 214 /*
215 * Check whether the error has to be handled by the guest or should
216 * rather follow the rerror=/werror= settings. Guest-handled errors
217 * are usually retried immediately, so do not post them to QMP and
218 * do not account them as failed I/O.
219 */
220 if (req_has_sense &&
221 scsi_sense_buf_is_guest_recoverable(r->req.sense, sizeof(r->req.sense))) {
222 action = BLOCK_ERROR_ACTION_REPORT;
223 acct_failed = false;
224 } else {
225 action = blk_get_error_action(s->qdev.conf.blk, is_read, error);
226 blk_error_action(s->qdev.conf.blk, action, is_read, error);
227 }
228
229 switch (action) {
230 case BLOCK_ERROR_ACTION_REPORT:
f95f61c2
PB		 231 if (acct_failed) {
232 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
233 }
f63c68bc 234 if (req_has_sense) {
782a78c9
PB		 235 sdc->update_sense(&r->req);
236 } else if (status == CHECK_CONDITION) {
237 scsi_req_build_sense(&r->req, sense);
f95f61c2 238 }
782a78c9
PB		 239 scsi_req_complete(&r->req, status);
240 return true;
f95f61c2 241
782a78c9 242 case BLOCK_ERROR_ACTION_IGNORE:
424740de 243 return false;
f95f61c2 244
782a78c9 245 case BLOCK_ERROR_ACTION_STOP:
f95f61c2 246 scsi_req_retry(&r->req);
782a78c9
PB		 247 return true;
248
249 default:
250 g_assert_not_reached();
f95f61c2 251 }
f95f61c2
PB		 252}
253
5b956f41
PB		 254static bool scsi_disk_req_check_error(SCSIDiskReq *r, int ret, bool acct_failed)
255{
256 if (r->req.io_canceled) {
257 scsi_req_cancel_complete(&r->req);
258 return true;
259 }
260
f63c68bc
PB		 261 if (ret < 0) {
262 return scsi_handle_rw_error(r, ret, acct_failed);
5b956f41
PB		 263 }
264
265 return false;
266}
267
c1b35247 268static void scsi_aio_complete(void *opaque, int ret)
5d0d2467
PB		 269{
270 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
271 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
272
46e3f30e
PB		 273 assert(r->req.aiocb != NULL);
274 r->req.aiocb = NULL;
b9e413dd 275 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
5b956f41 276 if (scsi_disk_req_check_error(r, ret, true)) {
0c92e0e6
PB		 277 goto done;
278 }
5d0d2467 279
d7628080 280 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
5d0d2467
PB		 281 scsi_req_complete(&r->req, GOOD);
282
283done:
b9e413dd 284 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
3df9caf8 285 scsi_req_unref(&r->req);
5d0d2467
PB		 286}
287
7e8c49c5
PB		 288static bool scsi_is_cmd_fua(SCSICommand *cmd)
289{
290 switch (cmd->buf[0]) {
291 case READ_10:
292 case READ_12:
293 case READ_16:
294 case WRITE_10:
295 case WRITE_12:
296 case WRITE_16:
297 return (cmd->buf[1] & 8) != 0;
298
7f64f8e2
PB		 299 case VERIFY_10:
300 case VERIFY_12:
301 case VERIFY_16:
7e8c49c5
PB		 302 case WRITE_VERIFY_10:
303 case WRITE_VERIFY_12:
304 case WRITE_VERIFY_16:
305 return true;
306
307 case READ_6:
308 case WRITE_6:
309 default:
310 return false;
311 }
312}
313
314static void scsi_write_do_fua(SCSIDiskReq *r)
315{
316 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
317
5fd2b563 318 assert(r->req.aiocb == NULL);
5b956f41 319 assert(!r->req.io_canceled);
0c92e0e6 320
94f8ba11 321 if (r->need_fua_emulation) {
4be74634 322 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 323 BLOCK_ACCT_FLUSH);
4be74634 324 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
7e8c49c5
PB		 325 return;
326 }
327
328 scsi_req_complete(&r->req, GOOD);
3df9caf8 329 scsi_req_unref(&r->req);
7e8c49c5
PB		 330}
331
5fd2b563 332static void scsi_dma_complete_noio(SCSIDiskReq *r, int ret)
a917d384 333{
5fd2b563 334 assert(r->req.aiocb == NULL);
5b956f41 335 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 336 goto done;
337 }
a597e79c 338
b77912a7
PB		 339 r->sector += r->sector_count;
340 r->sector_count = 0;
7e8c49c5
PB		 341 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
342 scsi_write_do_fua(r);
343 return;
344 } else {
345 scsi_req_complete(&r->req, GOOD);
346 }
c7bae6a7
PB		 347
348done:
3df9caf8 349 scsi_req_unref(&r->req);
4d611c9a
PB		 350}
351
ef8489d4
PB		 352static void scsi_dma_complete(void *opaque, int ret)
353{
354 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
5fd2b563 355 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ef8489d4
PB		 356
357 assert(r->req.aiocb != NULL);
5fd2b563
PB		 358 r->req.aiocb = NULL;
359
b9e413dd 360 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
d7628080
AG		 361 if (ret < 0) {
362 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
363 } else {
364 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
365 }
5fd2b563 366 scsi_dma_complete_noio(r, ret);
b9e413dd 367 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
ef8489d4
PB		 368}
369
1505421a 370static void scsi_read_complete_noio(SCSIDiskReq *r, int ret)
0a4ac106 371{
1505421a 372 uint32_t n;
0a4ac106 373
1505421a
ZL		 374 assert(r->req.aiocb == NULL);
375 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 376 goto done;
377 }
0a4ac106 378
3dc516bf 379 n = r->qiov.size / BDRV_SECTOR_SIZE;
b77912a7
PB		 380 r->sector += n;
381 r->sector_count -= n;
382 scsi_req_data(&r->req, r->qiov.size);
c7bae6a7
PB		 383
384done:
3df9caf8 385 scsi_req_unref(&r->req);
1505421a
ZL		 386}
387
388static void scsi_read_complete(void *opaque, int ret)
389{
390 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
391 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
392
393 assert(r->req.aiocb != NULL);
394 r->req.aiocb = NULL;
395
396 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
397 if (ret < 0) {
398 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
399 } else {
400 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
401 trace_scsi_disk_read_complete(r->req.tag, r->qiov.size);
402 }
403 scsi_read_complete_noio(r, ret);
b9e413dd 404 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
0a4ac106 405}
5dba48a8 406
ac668426 407/* Actually issue a read to the block device. */
5fd2b563 408static void scsi_do_read(SCSIDiskReq *r, int ret)
ac668426 409{
ac668426 410 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
fcaafb10 411 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
ac668426 412
5fd2b563 413 assert (r->req.aiocb == NULL);
5b956f41 414 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 415 goto done;
416 }
ac668426 417
31e8fd86
PB		 418 /* The request is used as the AIO opaque value, so add a ref. */
419 scsi_req_ref(&r->req);
420
ac668426 421 if (r->req.sg) {
4be74634 422 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_READ);
5f412602 423 r->req.residual -= r->req.sg->size;
fcaafb10
PB		 424 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
425 r->req.sg, r->sector << BDRV_SECTOR_BITS,
99868af3 426 BDRV_SECTOR_SIZE,
fcaafb10
PB		 427 sdc->dma_readv, r, scsi_dma_complete, r,
428 DMA_DIRECTION_FROM_DEVICE);
ac668426 429 } else {
03c90063 430 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
4be74634 431 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
03c90063 432 r->qiov.size, BLOCK_ACCT_READ);
890e48d7 433 r->req.aiocb = sdc->dma_readv(r->sector << BDRV_SECTOR_BITS, &r->qiov,
fcaafb10 434 scsi_read_complete, r, r);
ac668426
PB		 435 }
436
437done:
3df9caf8 438 scsi_req_unref(&r->req);
ac668426
PB		 439}
440
5fd2b563
PB		 441static void scsi_do_read_cb(void *opaque, int ret)
442{
443 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
444 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
445
446 assert (r->req.aiocb != NULL);
447 r->req.aiocb = NULL;
448
b9e413dd 449 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
d7628080
AG		 450 if (ret < 0) {
451 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
452 } else {
453 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
454 }
5fd2b563 455 scsi_do_read(opaque, ret);
b9e413dd 456 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
5fd2b563
PB		 457}
458
5c6c0e51
HR		 459/* Read more data from scsi device into buffer. */
460static void scsi_read_data(SCSIRequest *req)
2e5d83bb 461{
5c6c0e51 462 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
5dba48a8 463 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ac668426 464 bool first;
2e5d83bb 465
59ee9500 466 trace_scsi_disk_read_data_count(r->sector_count);
a917d384 467 if (r->sector_count == 0) {
b45ef674
PB		 468 /* This also clears the sense buffer for REQUEST SENSE. */
469 scsi_req_complete(&r->req, GOOD);
a917d384 470 return;
2e5d83bb
PB		 471 }
472
6fa2c95f
SH		 473 /* No data transfer may already be in progress */
474 assert(r->req.aiocb == NULL);
475
c7bae6a7
PB		 476 /* The request is used as the AIO opaque value, so add a ref. */
477 scsi_req_ref(&r->req);
efb9ee02 478 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
59ee9500 479 trace_scsi_disk_read_data_invalid();
1505421a 480 scsi_read_complete_noio(r, -EINVAL);
efb9ee02
HR		 481 return;
482 }
483
cd723b85 484 if (!blk_is_available(req->dev->conf.blk)) {
1505421a 485 scsi_read_complete_noio(r, -ENOMEDIUM);
c7bae6a7 486 return;
a1aff5bf 487 }
c7bae6a7 488
ac668426 489 first = !r->started;
a0e66a69 490 r->started = true;
94f8ba11 491 if (first && r->need_fua_emulation) {
4be74634 492 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 493 BLOCK_ACCT_FLUSH);
5fd2b563 494 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_do_read_cb, r);
5d0d2467 495 } else {
ac668426 496 scsi_do_read(r, 0);
5d0d2467 497 }
2e5d83bb
PB		 498}
499
5fd2b563 500static void scsi_write_complete_noio(SCSIDiskReq *r, int ret)
4d611c9a 501{
ea8a5d7f
AL		 502 uint32_t n;
503
5fd2b563 504 assert (r->req.aiocb == NULL);
5b956f41 505 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 506 goto done;
507 }
a597e79c 508
3dc516bf 509 n = r->qiov.size / BDRV_SECTOR_SIZE;
ea8a5d7f
AL		 510 r->sector += n;
511 r->sector_count -= n;
a917d384 512 if (r->sector_count == 0) {
7e8c49c5
PB		 513 scsi_write_do_fua(r);
514 return;
a917d384 515 } else {
43b978b9 516 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
59ee9500 517 trace_scsi_disk_write_complete_noio(r->req.tag, r->qiov.size);
103b40f5 518 scsi_req_data(&r->req, r->qiov.size);
4d611c9a 519 }
c7bae6a7
PB		 520
521done:
3df9caf8 522 scsi_req_unref(&r->req);
4d611c9a
PB		 523}
524
5fd2b563
PB		 525static void scsi_write_complete(void * opaque, int ret)
526{
527 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
528 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
529
530 assert (r->req.aiocb != NULL);
531 r->req.aiocb = NULL;
532
b9e413dd 533 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
d7628080
AG		 534 if (ret < 0) {
535 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
536 } else {
537 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
538 }
5fd2b563 539 scsi_write_complete_noio(r, ret);
b9e413dd 540 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
5fd2b563
PB		 541}
542
42741212 543static void scsi_write_data(SCSIRequest *req)
ea8a5d7f 544{
5c6c0e51 545 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
4c41d2ef 546 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
fcaafb10 547 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
ea8a5d7f 548
6fa2c95f
SH		 549 /* No data transfer may already be in progress */
550 assert(r->req.aiocb == NULL);
551
c7bae6a7
PB		 552 /* The request is used as the AIO opaque value, so add a ref. */
553 scsi_req_ref(&r->req);
efb9ee02 554 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
59ee9500 555 trace_scsi_disk_write_data_invalid();
5fd2b563 556 scsi_write_complete_noio(r, -EINVAL);
42741212 557 return;
efb9ee02
HR		 558 }
559
5d0d2467
PB		 560 if (!r->req.sg && !r->qiov.size) {
561 /* Called for the first time. Ask the driver to send us more data. */
a0e66a69 562 r->started = true;
5fd2b563 563 scsi_write_complete_noio(r, 0);
5d0d2467
PB		 564 return;
565 }
cd723b85 566 if (!blk_is_available(req->dev->conf.blk)) {
5fd2b563 567 scsi_write_complete_noio(r, -ENOMEDIUM);
5d0d2467
PB		 568 return;
569 }
570
7f64f8e2
PB		 571 if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 ||
572 r->req.cmd.buf[0] == VERIFY_16) {
573 if (r->req.sg) {
ef8489d4 574 scsi_dma_complete_noio(r, 0);
7f64f8e2 575 } else {
5fd2b563 576 scsi_write_complete_noio(r, 0);
7f64f8e2
PB		 577 }
578 return;
579 }
580
5d0d2467 581 if (r->req.sg) {
4be74634 582 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_WRITE);
5f412602 583 r->req.residual -= r->req.sg->size;
fcaafb10
PB		 584 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
585 r->req.sg, r->sector << BDRV_SECTOR_BITS,
99868af3 586 BDRV_SECTOR_SIZE,
fcaafb10
PB		 587 sdc->dma_writev, r, scsi_dma_complete, r,
588 DMA_DIRECTION_TO_DEVICE);
5d0d2467 589 } else {
4be74634 590 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
03c90063 591 r->qiov.size, BLOCK_ACCT_WRITE);
fcaafb10
PB		 592 r->req.aiocb = sdc->dma_writev(r->sector << BDRV_SECTOR_BITS, &r->qiov,
593 scsi_write_complete, r, r);
ea8a5d7f 594 }
a917d384 595}
2e5d83bb 596
a917d384 597/* Return a pointer to the data buffer. */
5c6c0e51 598static uint8_t *scsi_get_buf(SCSIRequest *req)
a917d384 599{
5c6c0e51 600 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2e5d83bb 601
3f4cb3d3 602 return (uint8_t *)r->iov.iov_base;
2e5d83bb
PB		 603}
604
3d4a8bf0 605static int scsi_disk_emulate_vpd_page(SCSIRequest *req, uint8_t *outbuf)
0b06c059 606{
383b4d9b 607 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
0a96ca24
DHB		 608 uint8_t page_code = req->cmd.buf[2];
609 int start, buflen = 0;
0b06c059 610
0a96ca24
DHB		 611 outbuf[buflen++] = s->qdev.type & 0x1f;
612 outbuf[buflen++] = page_code;
613 outbuf[buflen++] = 0x00;
614 outbuf[buflen++] = 0x00;
615 start = buflen;
3e1c0c9a 616
0a96ca24
DHB		 617 switch (page_code) {
618 case 0x00: /* Supported page codes, mandatory */
619 {
59ee9500 620 trace_scsi_disk_emulate_vpd_page_00(req->cmd.xfer);
0a96ca24
DHB		 621 outbuf[buflen++] = 0x00; /* list of supported pages (this page) */
622 if (s->serial) {
623 outbuf[buflen++] = 0x80; /* unit serial number */
624 }
625 outbuf[buflen++] = 0x83; /* device identification */
626 if (s->qdev.type == TYPE_DISK) {
627 outbuf[buflen++] = 0xb0; /* block limits */
628 outbuf[buflen++] = 0xb1; /* block device characteristics */
629 outbuf[buflen++] = 0xb2; /* thin provisioning */
630 }
631 break;
632 }
633 case 0x80: /* Device serial number, optional */
634 {
635 int l;
0b06c059 636
0a96ca24 637 if (!s->serial) {
59ee9500 638 trace_scsi_disk_emulate_vpd_page_80_not_supported();
0a96ca24 639 return -1;
0b06c059
GH		 640 }
641
0a96ca24
DHB		 642 l = strlen(s->serial);
643 if (l > 36) {
644 l = 36;
645 }
0b06c059 646
59ee9500 647 trace_scsi_disk_emulate_vpd_page_80(req->cmd.xfer);
0a96ca24
DHB		 648 memcpy(outbuf + buflen, s->serial, l);
649 buflen += l;
650 break;
651 }
64cc2284 652
0a96ca24
DHB		 653 case 0x83: /* Device identification page, mandatory */
654 {
7471a649 655 int id_len = s->device_id ? MIN(strlen(s->device_id), 255 - 8) : 0;
64cc2284 656
59ee9500 657 trace_scsi_disk_emulate_vpd_page_83(req->cmd.xfer);
0a96ca24 658
a8f58afc
KW		 659 if (id_len) {
660 outbuf[buflen++] = 0x2; /* ASCII */
661 outbuf[buflen++] = 0; /* not officially assigned */
662 outbuf[buflen++] = 0; /* reserved */
663 outbuf[buflen++] = id_len; /* length of data following */
7471a649 664 memcpy(outbuf + buflen, s->device_id, id_len);
a8f58afc
KW		 665 buflen += id_len;
666 }
0a96ca24
DHB		 667
668 if (s->qdev.wwn) {
669 outbuf[buflen++] = 0x1; /* Binary */
670 outbuf[buflen++] = 0x3; /* NAA */
671 outbuf[buflen++] = 0; /* reserved */
672 outbuf[buflen++] = 8;
673 stq_be_p(&outbuf[buflen], s->qdev.wwn);
674 buflen += 8;
ea3bd56f 675 }
0a96ca24
DHB		 676
677 if (s->qdev.port_wwn) {
678 outbuf[buflen++] = 0x61; /* SAS / Binary */
679 outbuf[buflen++] = 0x93; /* PIV / Target port / NAA */
680 outbuf[buflen++] = 0; /* reserved */
681 outbuf[buflen++] = 8;
682 stq_be_p(&outbuf[buflen], s->qdev.port_wwn);
683 buflen += 8;
070f8009 684 }
0a96ca24
DHB		 685
686 if (s->port_index) {
687 outbuf[buflen++] = 0x61; /* SAS / Binary */
688
689 /* PIV/Target port/relative target port */
690 outbuf[buflen++] = 0x94;
691
692 outbuf[buflen++] = 0; /* reserved */
693 outbuf[buflen++] = 4;
694 stw_be_p(&outbuf[buflen + 2], s->port_index);
695 buflen += 4;
ee3659e3 696 }
0a96ca24
DHB		 697 break;
698 }
699 case 0xb0: /* block limits */
700 {
3d4a8bf0 701 SCSIBlockLimits bl = {};
0a96ca24
DHB		 702
703 if (s->qdev.type == TYPE_ROM) {
59ee9500 704 trace_scsi_disk_emulate_vpd_page_b0_not_supported();
0b06c059
GH		 705 return -1;
706 }
3d4a8bf0
PB		 707 bl.wsnz = 1;
708 bl.unmap_sectors =
709 s->qdev.conf.discard_granularity / s->qdev.blocksize;
710 bl.min_io_size =
711 s->qdev.conf.min_io_size / s->qdev.blocksize;
712 bl.opt_io_size =
713 s->qdev.conf.opt_io_size / s->qdev.blocksize;
714 bl.max_unmap_sectors =
715 s->max_unmap_size / s->qdev.blocksize;
716 bl.max_io_sectors =
717 s->max_io_size / s->qdev.blocksize;
718 /* 255 descriptors fit in 4 KiB with an 8-byte header */
719 bl.max_unmap_descr = 255;
720
0a96ca24
DHB		 721 if (s->qdev.type == TYPE_DISK) {
722 int max_transfer_blk = blk_get_max_transfer(s->qdev.conf.blk);
723 int max_io_sectors_blk =
724 max_transfer_blk / s->qdev.blocksize;
725
3d4a8bf0
PB		 726 bl.max_io_sectors =
727 MIN_NON_ZERO(max_io_sectors_blk, bl.max_io_sectors);
0a96ca24 728 }
3d4a8bf0 729 buflen += scsi_emulate_block_limits(outbuf + buflen, &bl);
0a96ca24
DHB		 730 break;
731 }
732 case 0xb1: /* block device characteristics */
733 {
740842c9 734 buflen = 0x40;
0a96ca24
DHB		 735 outbuf[4] = (s->rotation_rate >> 8) & 0xff;
736 outbuf[5] = s->rotation_rate & 0xff;
740842c9
DHB		 737 outbuf[6] = 0; /* PRODUCT TYPE */
738 outbuf[7] = 0; /* WABEREQ | WACEREQ | NOMINAL FORM FACTOR */
739 outbuf[8] = 0; /* VBULS */
0a96ca24
DHB		 740 break;
741 }
742 case 0xb2: /* thin provisioning */
743 {
744 buflen = 8;
745 outbuf[4] = 0;
746 outbuf[5] = 0xe0; /* unmap & write_same 10/16 all supported */
747 outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1;
748 outbuf[7] = 0;
749 break;
750 }
751 default:
752 return -1;
753 }
754 /* done with EVPD */
755 assert(buflen - start <= 255);
756 outbuf[start - 1] = buflen - start;
757 return buflen;
758}
759
760static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
761{
762 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
763 int buflen = 0;
764
765 if (req->cmd.buf[1] & 0x1) {
766 /* Vital product data */
767 return scsi_disk_emulate_vpd_page(req, outbuf);
0b06c059
GH		 768 }
769
770 /* Standard INQUIRY data */
771 if (req->cmd.buf[2] != 0) {
0b06c059
GH		 772 return -1;
773 }
774
775 /* PAGE CODE == 0 */
0b06c059 776 buflen = req->cmd.xfer;
f01b5931 777 if (buflen > SCSI_MAX_INQUIRY_LEN) {
0b06c059 778 buflen = SCSI_MAX_INQUIRY_LEN;
f01b5931 779 }
0b06c059 780
f37bd73b 781 outbuf[0] = s->qdev.type & 0x1f;
bfe3d7ac 782 outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0;
353815aa
DF		 783
784 strpadcpy((char *) &outbuf[16], 16, s->product, ' ');
785 strpadcpy((char *) &outbuf[8], 8, s->vendor, ' ');
786
314b1811 787 memset(&outbuf[32], 0, 4);
552fee93 788 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
99aba0c4
CH		 789 /*
790 * We claim conformance to SPC-3, which is required for guests
791 * to ask for modern features like READ CAPACITY(16) or the
792 * block characteristics VPD page by default. Not all of SPC-3
793 * is actually implemented, but we're good enough.
794 */
2343be0d 795 outbuf[2] = s->qdev.default_scsi_version;
1109c894 796 outbuf[3] = 2 | 0x10; /* Format 2, HiSup */
ad3cea42
AT		 797
798 if (buflen > 36) {
799 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
800 } else {
801 /* If the allocation length of CDB is too small,
802 the additional length is not adjusted */
803 outbuf[4] = 36 - 5;
804 }
805
0b06c059 806 /* Sync data transfer and TCQ. */
afd4030c 807 outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0);
0b06c059
GH		 808 return buflen;
809}
810
430ee2f2
PB		 811static inline bool media_is_dvd(SCSIDiskState *s)
812{
813 uint64_t nb_sectors;
814 if (s->qdev.type != TYPE_ROM) {
815 return false;
816 }
cd723b85 817 if (!blk_is_available(s->qdev.conf.blk)) {
7d99f4c1
MR		 818 return false;
819 }
4be74634 820 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
430ee2f2
PB		 821 return nb_sectors > CD_MAX_SECTORS;
822}
823
ceb792ef
PB		 824static inline bool media_is_cd(SCSIDiskState *s)
825{
826 uint64_t nb_sectors;
827 if (s->qdev.type != TYPE_ROM) {
828 return false;
829 }
cd723b85 830 if (!blk_is_available(s->qdev.conf.blk)) {
7d99f4c1
MR		 831 return false;
832 }
4be74634 833 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
ceb792ef
PB		 834 return nb_sectors <= CD_MAX_SECTORS;
835}
836
1a4f0c3a
PB		 837static int scsi_read_disc_information(SCSIDiskState *s, SCSIDiskReq *r,
838 uint8_t *outbuf)
839{
840 uint8_t type = r->req.cmd.buf[1] & 7;
841
842 if (s->qdev.type != TYPE_ROM) {
843 return -1;
844 }
845
846 /* Types 1/2 are only defined for Blu-Ray. */
847 if (type != 0) {
848 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
849 return -1;
850 }
851
852 memset(outbuf, 0, 34);
853 outbuf[1] = 32;
854 outbuf[2] = 0xe; /* last session complete, disc finalized */
855 outbuf[3] = 1; /* first track on disc */
856 outbuf[4] = 1; /* # of sessions */
857 outbuf[5] = 1; /* first track of last session */
858 outbuf[6] = 1; /* last track of last session */
859 outbuf[7] = 0x20; /* unrestricted use */
860 outbuf[8] = 0x00; /* CD-ROM or DVD-ROM */
861 /* 9-10-11: most significant byte corresponding bytes 4-5-6 */
862 /* 12-23: not meaningful for CD-ROM or DVD-ROM */
863 /* 24-31: disc bar code */
864 /* 32: disc application code */
865 /* 33: number of OPC tables */
866
867 return 34;
868}
869
b6c251ab
PB		 870static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r,
871 uint8_t *outbuf)
872{
ceb792ef
PB		 873 static const int rds_caps_size[5] = {
874 [0] = 2048 + 4,
875 [1] = 4 + 4,
876 [3] = 188 + 4,
877 [4] = 2048 + 4,
878 };
879
880 uint8_t media = r->req.cmd.buf[1];
881 uint8_t layer = r->req.cmd.buf[6];
882 uint8_t format = r->req.cmd.buf[7];
883 int size = -1;
884
885 if (s->qdev.type != TYPE_ROM) {
886 return -1;
887 }
888 if (media != 0) {
889 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
890 return -1;
891 }
892
893 if (format != 0xff) {
cd723b85 894 if (!blk_is_available(s->qdev.conf.blk)) {
ceb792ef
PB		 895 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
896 return -1;
897 }
898 if (media_is_cd(s)) {
899 scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT));
900 return -1;
901 }
902 if (format >= ARRAY_SIZE(rds_caps_size)) {
903 return -1;
904 }
905 size = rds_caps_size[format];
906 memset(outbuf, 0, size);
907 }
908
909 switch (format) {
910 case 0x00: {
911 /* Physical format information */
912 uint64_t nb_sectors;
913 if (layer != 0) {
914 goto fail;
915 }
4be74634 916 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
ceb792ef
PB		 917
918 outbuf[4] = 1; /* DVD-ROM, part version 1 */
919 outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
920 outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
921 outbuf[7] = 0; /* default densities */
922
923 stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */
924 stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */
925 break;
926 }
927
928 case 0x01: /* DVD copyright information, all zeros */
929 break;
930
931 case 0x03: /* BCA information - invalid field for no BCA info */
932 return -1;
933
934 case 0x04: /* DVD disc manufacturing information, all zeros */
935 break;
936
937 case 0xff: { /* List capabilities */
938 int i;
939 size = 4;
940 for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) {
941 if (!rds_caps_size[i]) {
942 continue;
943 }
944 outbuf[size] = i;
945 outbuf[size + 1] = 0x40; /* Not writable, readable */
946 stw_be_p(&outbuf[size + 2], rds_caps_size[i]);
947 size += 4;
948 }
949 break;
950 }
951
952 default:
953 return -1;
954 }
955
956 /* Size of buffer, not including 2 byte size field */
957 stw_be_p(outbuf, size - 2);
958 return size;
959
960fail:
b6c251ab
PB		 961 return -1;
962}
963
3c2f7c12 964static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf)
b6c251ab 965{
3c2f7c12
PB		 966 uint8_t event_code, media_status;
967
968 media_status = 0;
969 if (s->tray_open) {
970 media_status = MS_TRAY_OPEN;
4be74634 971 } else if (blk_is_inserted(s->qdev.conf.blk)) {
3c2f7c12
PB		 972 media_status = MS_MEDIA_PRESENT;
973 }
974
975 /* Event notification descriptor */
976 event_code = MEC_NO_CHANGE;
4480de19
PB		 977 if (media_status != MS_TRAY_OPEN) {
978 if (s->media_event) {
979 event_code = MEC_NEW_MEDIA;
980 s->media_event = false;
981 } else if (s->eject_request) {
982 event_code = MEC_EJECT_REQUESTED;
983 s->eject_request = false;
984 }
3c2f7c12
PB		 985 }
986
987 outbuf[0] = event_code;
988 outbuf[1] = media_status;
989
990 /* These fields are reserved, just clear them. */
991 outbuf[2] = 0;
992 outbuf[3] = 0;
993 return 4;
994}
995
996static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r,
997 uint8_t *outbuf)
998{
999 int size;
1000 uint8_t *buf = r->req.cmd.buf;
1001 uint8_t notification_class_request = buf[4];
1002 if (s->qdev.type != TYPE_ROM) {
1003 return -1;
1004 }
1005 if ((buf[1] & 1) == 0) {
1006 /* asynchronous */
1007 return -1;
1008 }
1009
1010 size = 4;
1011 outbuf[0] = outbuf[1] = 0;
1012 outbuf[3] = 1 << GESN_MEDIA; /* supported events */
1013 if (notification_class_request & (1 << GESN_MEDIA)) {
1014 outbuf[2] = GESN_MEDIA;
1015 size += scsi_event_status_media(s, &outbuf[size]);
1016 } else {
1017 outbuf[2] = 0x80;
1018 }
1019 stw_be_p(outbuf, size - 4);
1020 return size;
b6c251ab
PB		 1021}
1022
430ee2f2 1023static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf)
b6c251ab 1024{
430ee2f2
PB		 1025 int current;
1026
b6c251ab
PB		 1027 if (s->qdev.type != TYPE_ROM) {
1028 return -1;
1029 }
7d99f4c1
MR		 1030
1031 if (media_is_dvd(s)) {
1032 current = MMC_PROFILE_DVD_ROM;
1033 } else if (media_is_cd(s)) {
1034 current = MMC_PROFILE_CD_ROM;
1035 } else {
1036 current = MMC_PROFILE_NONE;
1037 }
1038
430ee2f2
PB		 1039 memset(outbuf, 0, 40);
1040 stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */
1041 stw_be_p(&outbuf[6], current);
1042 /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */
1043 outbuf[10] = 0x03; /* persistent, current */
1044 outbuf[11] = 8; /* two profiles */
1045 stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM);
1046 outbuf[14] = (current == MMC_PROFILE_DVD_ROM);
1047 stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM);
1048 outbuf[18] = (current == MMC_PROFILE_CD_ROM);
1049 /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */
1050 stw_be_p(&outbuf[20], 1);
1051 outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */
1052 outbuf[23] = 8;
1053 stl_be_p(&outbuf[24], 1); /* SCSI */
1054 outbuf[28] = 1; /* DBE = 1, mandatory */
1055 /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */
1056 stw_be_p(&outbuf[32], 3);
1057 outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */
1058 outbuf[35] = 4;
1059 outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */
1060 /* TODO: Random readable, CD read, DVD read, drive serial number,
1061 power management */
1062 return 40;
b6c251ab
PB		 1063}
1064
1065static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf)
1066{
1067 if (s->qdev.type != TYPE_ROM) {
1068 return -1;
1069 }
1070 memset(outbuf, 0, 8);
1071 outbuf[5] = 1; /* CD-ROM */
1072 return 8;
1073}
1074
cfc606da 1075static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
282ab04e 1076 int page_control)
ebddfcbe 1077{
a8f4bbe2
PB		 1078 static const int mode_sense_valid[0x3f] = {
1079 [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK),
1080 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK),
1081 [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
a07c7dcd
PB		 1082 [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
1083 [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM),
a8f4bbe2
PB		 1084 [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM),
1085 };
ef405611
PB		 1086
1087 uint8_t *p = *p_outbuf + 2;
1088 int length;
ebddfcbe 1089
b3af7fdf 1090 assert(page < ARRAY_SIZE(mode_sense_valid));
a8f4bbe2
PB		 1091 if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) {
1092 return -1;
1093 }
1094
282ab04e
BK		 1095 /*
1096 * If Changeable Values are requested, a mask denoting those mode parameters
1097 * that are changeable shall be returned. As we currently don't support
1098 * parameter changes via MODE_SELECT all bits are returned set to zero.
1099 * The buffer was already menset to zero by the caller of this function.
ef405611
PB		 1100 *
1101 * The offsets here are off by two compared to the descriptions in the
1102 * SCSI specs, because those include a 2-byte header. This is unfortunate,
1103 * but it is done so that offsets are consistent within our implementation
1104 * of MODE SENSE and MODE SELECT. MODE SELECT has to deal with both
1105 * 2-byte and 4-byte headers.
282ab04e 1106 */
ebddfcbe 1107 switch (page) {
67cc61e4 1108 case MODE_PAGE_HD_GEOMETRY:
ef405611 1109 length = 0x16;
282ab04e 1110 if (page_control == 1) { /* Changeable Values */
cfc606da 1111 break;
282ab04e 1112 }
ebddfcbe 1113 /* if a geometry hint is available, use it */
ef405611
PB		 1114 p[0] = (s->qdev.conf.cyls >> 16) & 0xff;
1115 p[1] = (s->qdev.conf.cyls >> 8) & 0xff;
1116 p[2] = s->qdev.conf.cyls & 0xff;
1117 p[3] = s->qdev.conf.heads & 0xff;
ebddfcbe 1118 /* Write precomp start cylinder, disabled */
ef405611
PB		 1119 p[4] = (s->qdev.conf.cyls >> 16) & 0xff;
1120 p[5] = (s->qdev.conf.cyls >> 8) & 0xff;
1121 p[6] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1122 /* Reduced current start cylinder, disabled */
ef405611
PB		 1123 p[7] = (s->qdev.conf.cyls >> 16) & 0xff;
1124 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1125 p[9] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1126 /* Device step rate [ns], 200ns */
ef405611
PB		 1127 p[10] = 0;
1128 p[11] = 200;
ebddfcbe 1129 /* Landing zone cylinder */
ef405611
PB		 1130 p[12] = 0xff;
1131 p[13] = 0xff;
ebddfcbe 1132 p[14] = 0xff;
ebddfcbe 1133 /* Medium rotation rate [rpm], 5400 rpm */
ef405611
PB		 1134 p[18] = (5400 >> 8) & 0xff;
1135 p[19] = 5400 & 0xff;
cfc606da 1136 break;
ebddfcbe 1137
67cc61e4 1138 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY:
ef405611 1139 length = 0x1e;
282ab04e 1140 if (page_control == 1) { /* Changeable Values */
cfc606da 1141 break;
282ab04e 1142 }
ebddfcbe 1143 /* Transfer rate [kbit/s], 5Mbit/s */
ef405611
PB		 1144 p[0] = 5000 >> 8;
1145 p[1] = 5000 & 0xff;
ebddfcbe 1146 /* if a geometry hint is available, use it */
ef405611
PB		 1147 p[2] = s->qdev.conf.heads & 0xff;
1148 p[3] = s->qdev.conf.secs & 0xff;
1149 p[4] = s->qdev.blocksize >> 8;
1150 p[6] = (s->qdev.conf.cyls >> 8) & 0xff;
1151 p[7] = s->qdev.conf.cyls & 0xff;
1152 /* Write precomp start cylinder, disabled */
d252df48
MA		 1153 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1154 p[9] = s->qdev.conf.cyls & 0xff;
ef405611 1155 /* Reduced current start cylinder, disabled */
d252df48
MA		 1156 p[10] = (s->qdev.conf.cyls >> 8) & 0xff;
1157 p[11] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1158 /* Device step rate [100us], 100us */
ef405611
PB		 1159 p[12] = 0;
1160 p[13] = 1;
ebddfcbe 1161 /* Device step pulse width [us], 1us */
ef405611 1162 p[14] = 1;
ebddfcbe 1163 /* Device head settle delay [100us], 100us */
ef405611
PB		 1164 p[15] = 0;
1165 p[16] = 1;
ebddfcbe 1166 /* Motor on delay [0.1s], 0.1s */
ef405611 1167 p[17] = 1;
ebddfcbe 1168 /* Motor off delay [0.1s], 0.1s */
ef405611 1169 p[18] = 1;
ebddfcbe 1170 /* Medium rotation rate [rpm], 5400 rpm */
ef405611
PB		 1171 p[26] = (5400 >> 8) & 0xff;
1172 p[27] = 5400 & 0xff;
cfc606da 1173 break;
ebddfcbe 1174
67cc61e4 1175 case MODE_PAGE_CACHING:
ef405611 1176 length = 0x12;
96c91bbf 1177 if (page_control == 1 || /* Changeable Values */
4be74634 1178 blk_enable_write_cache(s->qdev.conf.blk)) {
ef405611 1179 p[0] = 4; /* WCE */
ebddfcbe 1180 }
cfc606da 1181 break;
ebddfcbe 1182
a07c7dcd 1183 case MODE_PAGE_R_W_ERROR:
ef405611 1184 length = 10;
4f588b15
PB		 1185 if (page_control == 1) { /* Changeable Values */
1186 break;
1187 }
ef405611 1188 p[0] = 0x80; /* Automatic Write Reallocation Enabled */
a07c7dcd 1189 if (s->qdev.type == TYPE_ROM) {
ef405611 1190 p[1] = 0x20; /* Read Retry Count */
a07c7dcd
PB		 1191 }
1192 break;
1193
1194 case MODE_PAGE_AUDIO_CTL:
ef405611 1195 length = 14;
a07c7dcd
PB		 1196 break;
1197
67cc61e4 1198 case MODE_PAGE_CAPABILITIES:
ef405611 1199 length = 0x14;
282ab04e 1200 if (page_control == 1) { /* Changeable Values */
cfc606da 1201 break;
282ab04e 1202 }
a07c7dcd 1203
ef405611
PB		 1204 p[0] = 0x3b; /* CD-R & CD-RW read */
1205 p[1] = 0; /* Writing not supported */
1206 p[2] = 0x7f; /* Audio, composite, digital out,
ebddfcbe 1207 mode 2 form 1&2, multi session */
ef405611 1208 p[3] = 0xff; /* CD DA, DA accurate, RW supported,
ebddfcbe
GH		 1209 RW corrected, C2 errors, ISRC,
1210 UPC, Bar code */
ef405611 1211 p[4] = 0x2d | (s->tray_locked ? 2 : 0);
ebddfcbe 1212 /* Locking supported, jumper present, eject, tray */
ef405611 1213 p[5] = 0; /* no volume & mute control, no
ebddfcbe 1214 changer */
ef405611
PB		 1215 p[6] = (50 * 176) >> 8; /* 50x read speed */
1216 p[7] = (50 * 176) & 0xff;
1217 p[8] = 2 >> 8; /* Two volume levels */
1218 p[9] = 2 & 0xff;
1219 p[10] = 2048 >> 8; /* 2M buffer */
1220 p[11] = 2048 & 0xff;
1221 p[12] = (16 * 176) >> 8; /* 16x read speed current */
1222 p[13] = (16 * 176) & 0xff;
1223 p[16] = (16 * 176) >> 8; /* 16x write speed */
1224 p[17] = (16 * 176) & 0xff;
1225 p[18] = (16 * 176) >> 8; /* 16x write speed current */
ebddfcbe 1226 p[19] = (16 * 176) & 0xff;
cfc606da 1227 break;
ebddfcbe
GH		 1228
1229 default:
cfc606da 1230 return -1;
ebddfcbe 1231 }
cfc606da 1232
ef405611
PB		 1233 assert(length < 256);
1234 (*p_outbuf)[0] = page;
1235 (*p_outbuf)[1] = length;
1236 *p_outbuf += length + 2;
1237 return length + 2;
ebddfcbe
GH		 1238}
1239
cfc606da 1240static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
ebddfcbe 1241{
cfc606da 1242 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ebddfcbe 1243 uint64_t nb_sectors;
e590ecbe
PB		 1244 bool dbd;
1245 int page, buflen, ret, page_control;
ebddfcbe 1246 uint8_t *p;
ce512ee1 1247 uint8_t dev_specific_param;
ebddfcbe 1248
e590ecbe 1249 dbd = (r->req.cmd.buf[1] & 0x8) != 0;
cfc606da
PB		 1250 page = r->req.cmd.buf[2] & 0x3f;
1251 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
59ee9500
LV		 1252
1253 trace_scsi_disk_emulate_mode_sense((r->req.cmd.buf[0] == MODE_SENSE) ? 6 :
1254 10, page, r->req.cmd.xfer, page_control);
cfc606da 1255 memset(outbuf, 0, r->req.cmd.xfer);
ebddfcbe
GH		 1256 p = outbuf;
1257
e590ecbe 1258 if (s->qdev.type == TYPE_DISK) {
da8365db 1259 dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0;
86b1cf32 1260 if (!blk_is_writable(s->qdev.conf.blk)) {
e590ecbe
PB		 1261 dev_specific_param |= 0x80; /* Readonly. */
1262 }
ce512ee1 1263 } else {
e590ecbe
PB		 1264 /* MMC prescribes that CD/DVD drives have no block descriptors,
1265 * and defines no device-specific parameter. */
6a2de0f2 1266 dev_specific_param = 0x00;
e590ecbe 1267 dbd = true;
ce512ee1
BK		 1268 }
1269
cfc606da 1270 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1271 p[1] = 0; /* Default media type. */
1272 p[2] = dev_specific_param;
1273 p[3] = 0; /* Block descriptor length. */
1274 p += 4;
1275 } else { /* MODE_SENSE_10 */
1276 p[2] = 0; /* Default media type. */
1277 p[3] = dev_specific_param;
1278 p[6] = p[7] = 0; /* Block descriptor length. */
1279 p += 8;
ebddfcbe 1280 }
ebddfcbe 1281
4be74634 1282 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
e590ecbe 1283 if (!dbd && nb_sectors) {
cfc606da 1284 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1285 outbuf[3] = 8; /* Block descriptor length */
1286 } else { /* MODE_SENSE_10 */
1287 outbuf[7] = 8; /* Block descriptor length */
1288 }
3dc516bf 1289 nb_sectors /= (s->qdev.blocksize / BDRV_SECTOR_SIZE);
f01b5931 1290 if (nb_sectors > 0xffffff) {
2488b740 1291 nb_sectors = 0;
f01b5931 1292 }
ebddfcbe
GH		 1293 p[0] = 0; /* media density code */
1294 p[1] = (nb_sectors >> 16) & 0xff;
1295 p[2] = (nb_sectors >> 8) & 0xff;
1296 p[3] = nb_sectors & 0xff;
1297 p[4] = 0; /* reserved */
1298 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
69377307 1299 p[6] = s->qdev.blocksize >> 8;
ebddfcbe
GH		 1300 p[7] = 0;
1301 p += 8;
1302 }
1303
cfc606da
PB		 1304 if (page_control == 3) {
1305 /* Saved Values */
1306 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
1307 return -1;
282ab04e
BK		 1308 }
1309
cfc606da
PB		 1310 if (page == 0x3f) {
1311 for (page = 0; page <= 0x3e; page++) {
1312 mode_sense_page(s, page, &p, page_control);
1313 }
1314 } else {
1315 ret = mode_sense_page(s, page, &p, page_control);
1316 if (ret == -1) {
1317 return -1;
1318 }
ebddfcbe
GH		 1319 }
1320
1321 buflen = p - outbuf;
ce512ee1
BK		 1322 /*
1323 * The mode data length field specifies the length in bytes of the
1324 * following data that is available to be transferred. The mode data
1325 * length does not include itself.
1326 */
cfc606da 1327 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1328 outbuf[0] = buflen - 1;
1329 } else { /* MODE_SENSE_10 */
1330 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
1331 outbuf[1] = (buflen - 2) & 0xff;
1332 }
ebddfcbe
GH		 1333 return buflen;
1334}
1335
02880f43
GH		 1336static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
1337{
1338 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
02880f43
GH		 1339 int start_track, format, msf, toclen;
1340 uint64_t nb_sectors;
1341
1342 msf = req->cmd.buf[1] & 2;
1343 format = req->cmd.buf[2] & 0xf;
1344 start_track = req->cmd.buf[6];
4be74634 1345 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
59ee9500 1346 trace_scsi_disk_emulate_read_toc(start_track, format, msf >> 1);
3dc516bf 1347 nb_sectors /= s->qdev.blocksize / BDRV_SECTOR_SIZE;
02880f43
GH		 1348 switch (format) {
1349 case 0:
1350 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
1351 break;
1352 case 1:
1353 /* multi session : only a single session defined */
1354 toclen = 12;
1355 memset(outbuf, 0, 12);
1356 outbuf[1] = 0x0a;
1357 outbuf[2] = 0x01;
1358 outbuf[3] = 0x01;
1359 break;
1360 case 2:
1361 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
1362 break;
1363 default:
1364 return -1;
1365 }
02880f43
GH		 1366 return toclen;
1367}
1368
68bb01f3 1369static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
bfd52647
MA		 1370{
1371 SCSIRequest *req = &r->req;
1372 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1373 bool start = req->cmd.buf[4] & 1;
1374 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
ae5708b3
RS		 1375 int pwrcnd = req->cmd.buf[4] & 0xf0;
1376
1377 if (pwrcnd) {
1378 /* eject/load only happens for power condition == 0 */
1379 return 0;
1380 }
bfd52647 1381
b456a71c 1382 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) && loej) {
68bb01f3
MA		 1383 if (!start && !s->tray_open && s->tray_locked) {
1384 scsi_check_condition(r,
4be74634 1385 blk_is_inserted(s->qdev.conf.blk)
68bb01f3
MA		 1386 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
1387 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
1388 return -1;
fdec4404 1389 }
d88b1819
LC		 1390
1391 if (s->tray_open != !start) {
4be74634 1392 blk_eject(s->qdev.conf.blk, !start);
d88b1819
LC		 1393 s->tray_open = !start;
1394 }
bfd52647 1395 }
68bb01f3 1396 return 0;
bfd52647
MA		 1397}
1398
314a3299
PB		 1399static void scsi_disk_emulate_read_data(SCSIRequest *req)
1400{
1401 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1402 int buflen = r->iov.iov_len;
1403
1404 if (buflen) {
59ee9500 1405 trace_scsi_disk_emulate_read_data(buflen);
314a3299
PB		 1406 r->iov.iov_len = 0;
1407 r->started = true;
1408 scsi_req_data(&r->req, buflen);
1409 return;
1410 }
1411
1412 /* This also clears the sense buffer for REQUEST SENSE. */
1413 scsi_req_complete(&r->req, GOOD);
1414}
1415
380feaff
PB		 1416static int scsi_disk_check_mode_select(SCSIDiskState *s, int page,
1417 uint8_t *inbuf, int inlen)
1418{
1419 uint8_t mode_current[SCSI_MAX_MODE_LEN];
1420 uint8_t mode_changeable[SCSI_MAX_MODE_LEN];
1421 uint8_t *p;
1422 int len, expected_len, changeable_len, i;
1423
1424 /* The input buffer does not include the page header, so it is
1425 * off by 2 bytes.
1426 */
1427 expected_len = inlen + 2;
1428 if (expected_len > SCSI_MAX_MODE_LEN) {
1429 return -1;
1430 }
1431
b3af7fdf
MMC		 1432 /* MODE_PAGE_ALLS is only valid for MODE SENSE commands */
1433 if (page == MODE_PAGE_ALLS) {
1434 return -1;
1435 }
1436
380feaff
PB		 1437 p = mode_current;
1438 memset(mode_current, 0, inlen + 2);
1439 len = mode_sense_page(s, page, &p, 0);
1440 if (len < 0 || len != expected_len) {
1441 return -1;
1442 }
1443
1444 p = mode_changeable;
1445 memset(mode_changeable, 0, inlen + 2);
1446 changeable_len = mode_sense_page(s, page, &p, 1);
1447 assert(changeable_len == len);
1448
1449 /* Check that unchangeable bits are the same as what MODE SENSE
1450 * would return.
1451 */
1452 for (i = 2; i < len; i++) {
1453 if (((mode_current[i] ^ inbuf[i - 2]) & ~mode_changeable[i]) != 0) {
1454 return -1;
1455 }
1456 }
1457 return 0;
1458}
1459
1460static void scsi_disk_apply_mode_select(SCSIDiskState *s, int page, uint8_t *p)
1461{
96c91bbf
PB		 1462 switch (page) {
1463 case MODE_PAGE_CACHING:
4be74634 1464 blk_set_enable_write_cache(s->qdev.conf.blk, (p[0] & 4) != 0);
96c91bbf
PB		 1465 break;
1466
1467 default:
1468 break;
1469 }
380feaff
PB		 1470}
1471
1472static int mode_select_pages(SCSIDiskReq *r, uint8_t *p, int len, bool change)
1473{
1474 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1475
1476 while (len > 0) {
1477 int page, subpage, page_len;
1478
1479 /* Parse both possible formats for the mode page headers. */
1480 page = p[0] & 0x3f;
1481 if (p[0] & 0x40) {
1482 if (len < 4) {
1483 goto invalid_param_len;
1484 }
1485 subpage = p[1];
1486 page_len = lduw_be_p(&p[2]);
1487 p += 4;
1488 len -= 4;
1489 } else {
1490 if (len < 2) {
1491 goto invalid_param_len;
1492 }
1493 subpage = 0;
1494 page_len = p[1];
1495 p += 2;
1496 len -= 2;
1497 }
1498
1499 if (subpage) {
1500 goto invalid_param;
1501 }
1502 if (page_len > len) {
1503 goto invalid_param_len;
1504 }
1505
1506 if (!change) {
1507 if (scsi_disk_check_mode_select(s, page, p, page_len) < 0) {
1508 goto invalid_param;
1509 }
1510 } else {
1511 scsi_disk_apply_mode_select(s, page, p);
1512 }
1513
1514 p += page_len;
1515 len -= page_len;
1516 }
1517 return 0;
1518
1519invalid_param:
1520 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1521 return -1;
1522
1523invalid_param_len:
1524 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1525 return -1;
1526}
1527
1528static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf)
1529{
accfeb2d 1530 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
380feaff
PB		 1531 uint8_t *p = inbuf;
1532 int cmd = r->req.cmd.buf[0];
1533 int len = r->req.cmd.xfer;
1534 int hdr_len = (cmd == MODE_SELECT ? 4 : 8);
1535 int bd_len;
1536 int pass;
1537
1538 /* We only support PF=1, SP=0. */
1539 if ((r->req.cmd.buf[1] & 0x11) != 0x10) {
1540 goto invalid_field;
1541 }
1542
1543 if (len < hdr_len) {
1544 goto invalid_param_len;
1545 }
1546
1547 bd_len = (cmd == MODE_SELECT ? p[3] : lduw_be_p(&p[6]));
1548 len -= hdr_len;
1549 p += hdr_len;
1550 if (len < bd_len) {
1551 goto invalid_param_len;
1552 }
1553 if (bd_len != 0 && bd_len != 8) {
1554 goto invalid_param;
1555 }
1556
1557 len -= bd_len;
1558 p += bd_len;
1559
1560 /* Ensure no change is made if there is an error! */
1561 for (pass = 0; pass < 2; pass++) {
1562 if (mode_select_pages(r, p, len, pass == 1) < 0) {
1563 assert(pass == 0);
1564 return;
1565 }
1566 }
4be74634 1567 if (!blk_enable_write_cache(s->qdev.conf.blk)) {
accfeb2d
PB		 1568 /* The request is used as the AIO opaque value, so add a ref. */
1569 scsi_req_ref(&r->req);
4be74634 1570 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 1571 BLOCK_ACCT_FLUSH);
4be74634 1572 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
accfeb2d
PB		 1573 return;
1574 }
1575
380feaff
PB		 1576 scsi_req_complete(&r->req, GOOD);
1577 return;
1578
1579invalid_param:
1580 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1581 return;
1582
1583invalid_param_len:
1584 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1585 return;
1586
1587invalid_field:
1588 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
380feaff
PB		 1589}
1590
b802d14d 1591/* sector_num and nb_sectors expected to be in qdev blocksize */
444bc908
PB		 1592static inline bool check_lba_range(SCSIDiskState *s,
1593 uint64_t sector_num, uint32_t nb_sectors)
1594{
1595 /*
1596 * The first line tests that no overflow happens when computing the last
1597 * sector. The second line tests that the last accessed sector is in
1598 * range.
12ca76fc
PB		 1599 *
1600 * Careful, the computations should not underflow for nb_sectors == 0,
1601 * and a 0-block read to the first LBA beyond the end of device is
1602 * valid.
444bc908
PB		 1603 */
1604 return (sector_num <= sector_num + nb_sectors &&
12ca76fc 1605 sector_num + nb_sectors <= s->qdev.max_lba + 1);
444bc908
PB		 1606}
1607
5222aaf2
PB		 1608typedef struct UnmapCBData {
1609 SCSIDiskReq *r;
1610 uint8_t *inbuf;
1611 int count;
1612} UnmapCBData;
1613
5fd2b563
PB		 1614static void scsi_unmap_complete(void *opaque, int ret);
1615
1616static void scsi_unmap_complete_noio(UnmapCBData *data, int ret)
5222aaf2 1617{
5222aaf2
PB		 1618 SCSIDiskReq *r = data->r;
1619 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
5222aaf2 1620
5fd2b563 1621 assert(r->req.aiocb == NULL);
d0242ead 1622
d0242ead 1623 if (data->count > 0) {
b802d14d
KW		 1624 uint64_t sector_num = ldq_be_p(&data->inbuf[0]);
1625 uint32_t nb_sectors = ldl_be_p(&data->inbuf[8]) & 0xffffffffULL;
1626 r->sector = sector_num * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1627 r->sector_count = nb_sectors * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1628
1629 if (!check_lba_range(s, sector_num, nb_sectors)) {
4989ef57
AN		 1630 block_acct_invalid(blk_get_stats(s->qdev.conf.blk),
1631 BLOCK_ACCT_UNMAP);
5222aaf2
PB		 1632 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1633 goto done;
1634 }
1635
4989ef57
AN		 1636 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1637 r->sector_count * BDRV_SECTOR_SIZE,
1638 BLOCK_ACCT_UNMAP);
1639
1c6c4bb7 1640 r->req.aiocb = blk_aio_pdiscard(s->qdev.conf.blk,
6d068082
AN		 1641 r->sector * BDRV_SECTOR_SIZE,
1642 r->sector_count * BDRV_SECTOR_SIZE,
1c6c4bb7 1643 scsi_unmap_complete, data);
5222aaf2
PB		 1644 data->count--;
1645 data->inbuf += 16;
1646 return;
1647 }
1648
d0242ead
PB		 1649 scsi_req_complete(&r->req, GOOD);
1650
5222aaf2 1651done:
3df9caf8 1652 scsi_req_unref(&r->req);
5222aaf2
PB		 1653 g_free(data);
1654}
1655
5fd2b563
PB		 1656static void scsi_unmap_complete(void *opaque, int ret)
1657{
1658 UnmapCBData *data = opaque;
1659 SCSIDiskReq *r = data->r;
b9e413dd 1660 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
5fd2b563
PB		 1661
1662 assert(r->req.aiocb != NULL);
1663 r->req.aiocb = NULL;
1664
b9e413dd 1665 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
4989ef57 1666 if (scsi_disk_req_check_error(r, ret, true)) {
90ebf843
AN		 1667 scsi_req_unref(&r->req);
1668 g_free(data);
1669 } else {
4989ef57 1670 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
90ebf843
AN		 1671 scsi_unmap_complete_noio(data, ret);
1672 }
b9e413dd 1673 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
5fd2b563
PB		 1674}
1675
5222aaf2
PB		 1676static void scsi_disk_emulate_unmap(SCSIDiskReq *r, uint8_t *inbuf)
1677{
c5fd1fb0 1678 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
5222aaf2
PB		 1679 uint8_t *p = inbuf;
1680 int len = r->req.cmd.xfer;
1681 UnmapCBData *data;
1682
823bd739
PB		 1683 /* Reject ANCHOR=1. */
1684 if (r->req.cmd.buf[1] & 0x1) {
1685 goto invalid_field;
1686 }
1687
5222aaf2
PB		 1688 if (len < 8) {
1689 goto invalid_param_len;
1690 }
1691 if (len < lduw_be_p(&p[0]) + 2) {
1692 goto invalid_param_len;
1693 }
1694 if (len < lduw_be_p(&p[2]) + 8) {
1695 goto invalid_param_len;
1696 }
1697 if (lduw_be_p(&p[2]) & 15) {
1698 goto invalid_param_len;
1699 }
1700
86b1cf32 1701 if (!blk_is_writable(s->qdev.conf.blk)) {
4989ef57 1702 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
c5fd1fb0
PB		 1703 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1704 return;
1705 }
1706
5222aaf2
PB		 1707 data = g_new0(UnmapCBData, 1);
1708 data->r = r;
1709 data->inbuf = &p[8];
1710 data->count = lduw_be_p(&p[2]) >> 4;
1711
1712 /* The matching unref is in scsi_unmap_complete, before data is freed. */
1713 scsi_req_ref(&r->req);
5fd2b563 1714 scsi_unmap_complete_noio(data, 0);
5222aaf2
PB		 1715 return;
1716
1717invalid_param_len:
4989ef57 1718 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
5222aaf2 1719 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
823bd739
PB		 1720 return;
1721
1722invalid_field:
4989ef57 1723 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
823bd739 1724 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
5222aaf2
PB		 1725}
1726
84f94a9a
PB		 1727typedef struct WriteSameCBData {
1728 SCSIDiskReq *r;
1729 int64_t sector;
1730 int nb_sectors;
1731 QEMUIOVector qiov;
1732 struct iovec iov;
1733} WriteSameCBData;
1734
1735static void scsi_write_same_complete(void *opaque, int ret)
1736{
1737 WriteSameCBData *data = opaque;
1738 SCSIDiskReq *r = data->r;
1739 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1740
1741 assert(r->req.aiocb != NULL);
1742 r->req.aiocb = NULL;
b9e413dd 1743 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
5b956f41 1744 if (scsi_disk_req_check_error(r, ret, true)) {
84f94a9a
PB		 1745 goto done;
1746 }
1747
d7628080
AG		 1748 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
1749
3dc516bf
PMD		 1750 data->nb_sectors -= data->iov.iov_len / BDRV_SECTOR_SIZE;
1751 data->sector += data->iov.iov_len / BDRV_SECTOR_SIZE;
1752 data->iov.iov_len = MIN(data->nb_sectors * BDRV_SECTOR_SIZE,
1753 data->iov.iov_len);
84f94a9a 1754 if (data->iov.iov_len) {
4be74634 1755 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8 1756 data->iov.iov_len, BLOCK_ACCT_WRITE);
03c90063
EB		 1757 /* Reinitialize qiov, to handle unaligned WRITE SAME request
1758 * where final qiov may need smaller size */
a56537a1 1759 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
03c90063
EB		 1760 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1761 data->sector << BDRV_SECTOR_BITS,
1762 &data->qiov, 0,
1763 scsi_write_same_complete, data);
24355b79 1764 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
84f94a9a
PB		 1765 return;
1766 }
1767
1768 scsi_req_complete(&r->req, GOOD);
1769
1770done:
3df9caf8 1771 scsi_req_unref(&r->req);
84f94a9a
PB		 1772 qemu_vfree(data->iov.iov_base);
1773 g_free(data);
b9e413dd 1774 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
84f94a9a
PB		 1775}
1776
1777static void scsi_disk_emulate_write_same(SCSIDiskReq *r, uint8_t *inbuf)
1778{
1779 SCSIRequest *req = &r->req;
1780 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1894df02 1781 uint32_t nb_sectors = scsi_data_cdb_xfer(r->req.cmd.buf);
84f94a9a
PB		 1782 WriteSameCBData *data;
1783 uint8_t *buf;
1784 int i;
1785
1786 /* Fail if PBDATA=1 or LBDATA=1 or ANCHOR=1. */
1787 if (nb_sectors == 0 || (req->cmd.buf[1] & 0x16)) {
1788 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1789 return;
1790 }
1791
86b1cf32 1792 if (!blk_is_writable(s->qdev.conf.blk)) {
84f94a9a
PB		 1793 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1794 return;
1795 }
1796 if (!check_lba_range(s, r->req.cmd.lba, nb_sectors)) {
1797 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1798 return;
1799 }
1800
4397a018 1801 if ((req->cmd.buf[1] & 0x1) || buffer_is_zero(inbuf, s->qdev.blocksize)) {
84f94a9a
PB		 1802 int flags = (req->cmd.buf[1] & 0x8) ? BDRV_REQ_MAY_UNMAP : 0;
1803
1804 /* The request is used as the AIO opaque value, so add a ref. */
1805 scsi_req_ref(&r->req);
4be74634 1806 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8
BC		 1807 nb_sectors * s->qdev.blocksize,
1808 BLOCK_ACCT_WRITE);
d004bd52 1809 r->req.aiocb = blk_aio_pwrite_zeroes(s->qdev.conf.blk,
983a1600
EB		 1810 r->req.cmd.lba * s->qdev.blocksize,
1811 nb_sectors * s->qdev.blocksize,
4be74634 1812 flags, scsi_aio_complete, r);
84f94a9a
PB		 1813 return;
1814 }
1815
1816 data = g_new0(WriteSameCBData, 1);
1817 data->r = r;
3dc516bf
PMD		 1818 data->sector = r->req.cmd.lba * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1819 data->nb_sectors = nb_sectors * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1820 data->iov.iov_len = MIN(data->nb_sectors * BDRV_SECTOR_SIZE,
1821 SCSI_WRITE_SAME_MAX);
4be74634
MA		 1822 data->iov.iov_base = buf = blk_blockalign(s->qdev.conf.blk,
1823 data->iov.iov_len);
84f94a9a
PB		 1824 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
1825
1826 for (i = 0; i < data->iov.iov_len; i += s->qdev.blocksize) {
1827 memcpy(&buf[i], inbuf, s->qdev.blocksize);
1828 }
1829
1830 scsi_req_ref(&r->req);
4be74634 1831 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8 1832 data->iov.iov_len, BLOCK_ACCT_WRITE);
03c90063
EB		 1833 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1834 data->sector << BDRV_SECTOR_BITS,
1835 &data->qiov, 0,
1836 scsi_write_same_complete, data);
84f94a9a
PB		 1837}
1838
314a3299
PB		 1839static void scsi_disk_emulate_write_data(SCSIRequest *req)
1840{
af6d510d
PB		 1841 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1842
1843 if (r->iov.iov_len) {
1844 int buflen = r->iov.iov_len;
59ee9500 1845 trace_scsi_disk_emulate_write_data(buflen);
af6d510d
PB		 1846 r->iov.iov_len = 0;
1847 scsi_req_data(&r->req, buflen);
1848 return;
1849 }
1850
1851 switch (req->cmd.buf[0]) {
1852 case MODE_SELECT:
1853 case MODE_SELECT_10:
1854 /* This also clears the sense buffer for REQUEST SENSE. */
380feaff 1855 scsi_disk_emulate_mode_select(r, r->iov.iov_base);
af6d510d
PB		 1856 break;
1857
5222aaf2
PB		 1858 case UNMAP:
1859 scsi_disk_emulate_unmap(r, r->iov.iov_base);
1860 break;
1861
d97e7730
PB		 1862 case VERIFY_10:
1863 case VERIFY_12:
1864 case VERIFY_16:
1865 if (r->req.status == -1) {
1866 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1867 }
1868 break;
1869
84f94a9a
PB		 1870 case WRITE_SAME_10:
1871 case WRITE_SAME_16:
1872 scsi_disk_emulate_write_same(r, r->iov.iov_base);
1873 break;
d97e7730 1874
af6d510d
PB		 1875 default:
1876 abort();
1877 }
314a3299
PB		 1878}
1879
b08d0ea0 1880static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
aa5dbdc1 1881{
b08d0ea0 1882 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
e7e25e32 1883 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
e7e25e32 1884 uint64_t nb_sectors;
7285477a 1885 uint8_t *outbuf;
af6d510d 1886 int buflen;
aa5dbdc1 1887
b08d0ea0
PB		 1888 switch (req->cmd.buf[0]) {
1889 case INQUIRY:
1890 case MODE_SENSE:
1891 case MODE_SENSE_10:
1892 case RESERVE:
1893 case RESERVE_10:
1894 case RELEASE:
1895 case RELEASE_10:
1896 case START_STOP:
1897 case ALLOW_MEDIUM_REMOVAL:
1898 case GET_CONFIGURATION:
1899 case GET_EVENT_STATUS_NOTIFICATION:
1900 case MECHANISM_STATUS:
1901 case REQUEST_SENSE:
1902 break;
1903
1904 default:
cd723b85 1905 if (!blk_is_available(s->qdev.conf.blk)) {
b08d0ea0
PB		 1906 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1907 return 0;
1908 }
1909 break;
1910 }
1911
c8dcb531
PB		 1912 /*
1913 * FIXME: we shouldn't return anything bigger than 4k, but the code
1914 * requires the buffer to be as big as req->cmd.xfer in several
1915 * places. So, do not allow CDBs with a very large ALLOCATION
1916 * LENGTH. The real fix would be to modify scsi_read_data and
1917 * dma_buf_read, so that they return data beyond the buflen
1918 * as all zeros.
1919 */
1920 if (req->cmd.xfer > 65536) {
1921 goto illegal_request;
1922 }
1923 r->buflen = MAX(4096, req->cmd.xfer);
1924
7285477a 1925 if (!r->iov.iov_base) {
4be74634 1926 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
7285477a
PB		 1927 }
1928
1929 outbuf = r->iov.iov_base;
c8dcb531 1930 memset(outbuf, 0, r->buflen);
aa5dbdc1
GH		 1931 switch (req->cmd.buf[0]) {
1932 case TEST_UNIT_READY:
cd723b85 1933 assert(blk_is_available(s->qdev.conf.blk));
5f71d32f 1934 break;
0b06c059
GH		 1935 case INQUIRY:
1936 buflen = scsi_disk_emulate_inquiry(req, outbuf);
f01b5931 1937 if (buflen < 0) {
0b06c059 1938 goto illegal_request;
f01b5931 1939 }
5f71d32f 1940 break;
ebddfcbe
GH		 1941 case MODE_SENSE:
1942 case MODE_SENSE_10:
cfc606da 1943 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
f01b5931 1944 if (buflen < 0) {
ebddfcbe 1945 goto illegal_request;
f01b5931 1946 }
ebddfcbe 1947 break;
02880f43
GH		 1948 case READ_TOC:
1949 buflen = scsi_disk_emulate_read_toc(req, outbuf);
f01b5931 1950 if (buflen < 0) {
02880f43 1951 goto illegal_request;
f01b5931 1952 }
02880f43 1953 break;
3d53ba18 1954 case RESERVE:
f01b5931 1955 if (req->cmd.buf[1] & 1) {
3d53ba18 1956 goto illegal_request;
f01b5931 1957 }
3d53ba18
GH		 1958 break;
1959 case RESERVE_10:
f01b5931 1960 if (req->cmd.buf[1] & 3) {
3d53ba18 1961 goto illegal_request;
f01b5931 1962 }
3d53ba18
GH		 1963 break;
1964 case RELEASE:
f01b5931 1965 if (req->cmd.buf[1] & 1) {
3d53ba18 1966 goto illegal_request;
f01b5931 1967 }
3d53ba18
GH		 1968 break;
1969 case RELEASE_10:
f01b5931 1970 if (req->cmd.buf[1] & 3) {
3d53ba18 1971 goto illegal_request;
f01b5931 1972 }
3d53ba18 1973 break;
8d3628ff 1974 case START_STOP:
68bb01f3 1975 if (scsi_disk_emulate_start_stop(r) < 0) {
b08d0ea0 1976 return 0;
68bb01f3 1977 }
5f71d32f 1978 break;
c68b9f34 1979 case ALLOW_MEDIUM_REMOVAL:
81b1008d 1980 s->tray_locked = req->cmd.buf[4] & 1;
4be74634 1981 blk_lock_medium(s->qdev.conf.blk, req->cmd.buf[4] & 1);
5f71d32f 1982 break;
5e30a07d 1983 case READ_CAPACITY_10:
e7e25e32 1984 /* The normal LEN field for this command is zero. */
5f71d32f 1985 memset(outbuf, 0, 8);
4be74634 1986 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
f01b5931 1987 if (!nb_sectors) {
9bcaf4fe 1988 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
0369f06f 1989 return 0;
f01b5931 1990 }
7cec78b6
PB		 1991 if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) {
1992 goto illegal_request;
1993 }
3dc516bf 1994 nb_sectors /= s->qdev.blocksize / BDRV_SECTOR_SIZE;
e7e25e32
GH		 1995 /* Returned value is the address of the last sector. */
1996 nb_sectors--;
1997 /* Remember the new size for read/write sanity checking. */
7877903a 1998 s->qdev.max_lba = nb_sectors;
e7e25e32 1999 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
f01b5931 2000 if (nb_sectors > UINT32_MAX) {
e7e25e32 2001 nb_sectors = UINT32_MAX;
f01b5931 2002 }
e7e25e32
GH		 2003 outbuf[0] = (nb_sectors >> 24) & 0xff;
2004 outbuf[1] = (nb_sectors >> 16) & 0xff;
2005 outbuf[2] = (nb_sectors >> 8) & 0xff;
2006 outbuf[3] = nb_sectors & 0xff;
2007 outbuf[4] = 0;
2008 outbuf[5] = 0;
69377307 2009 outbuf[6] = s->qdev.blocksize >> 8;
e7e25e32 2010 outbuf[7] = 0;
5f71d32f 2011 break;
f3b338ef
PB		 2012 case REQUEST_SENSE:
2013 /* Just return "NO SENSE". */
37b6045c
PB		 2014 buflen = scsi_convert_sense(NULL, 0, outbuf, r->buflen,
2015 (req->cmd.buf[1] & 1) == 0);
c8dcb531
PB		 2016 if (buflen < 0) {
2017 goto illegal_request;
2018 }
f3b338ef 2019 break;
b6c251ab
PB		 2020 case MECHANISM_STATUS:
2021 buflen = scsi_emulate_mechanism_status(s, outbuf);
2022 if (buflen < 0) {
2023 goto illegal_request;
2024 }
2025 break;
38215553 2026 case GET_CONFIGURATION:
430ee2f2 2027 buflen = scsi_get_configuration(s, outbuf);
b6c251ab
PB		 2028 if (buflen < 0) {
2029 goto illegal_request;
2030 }
2031 break;
2032 case GET_EVENT_STATUS_NOTIFICATION:
2033 buflen = scsi_get_event_status_notification(s, r, outbuf);
2034 if (buflen < 0) {
2035 goto illegal_request;
2036 }
2037 break;
1a4f0c3a
PB		 2038 case READ_DISC_INFORMATION:
2039 buflen = scsi_read_disc_information(s, r, outbuf);
2040 if (buflen < 0) {
2041 goto illegal_request;
2042 }
2043 break;
b6c251ab
PB		 2044 case READ_DVD_STRUCTURE:
2045 buflen = scsi_read_dvd_structure(s, r, outbuf);
2046 if (buflen < 0) {
2047 goto illegal_request;
2048 }
38215553 2049 break;
f6515262 2050 case SERVICE_ACTION_IN_16:
5dd90e2a 2051 /* Service Action In subcommands. */
f6515262 2052 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
59ee9500 2053 trace_scsi_disk_emulate_command_SAI_16();
5dd90e2a 2054 memset(outbuf, 0, req->cmd.xfer);
4be74634 2055 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
f01b5931 2056 if (!nb_sectors) {
9bcaf4fe 2057 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
0369f06f 2058 return 0;
f01b5931 2059 }
7cec78b6
PB		 2060 if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) {
2061 goto illegal_request;
2062 }
3dc516bf 2063 nb_sectors /= s->qdev.blocksize / BDRV_SECTOR_SIZE;
5dd90e2a
GH		 2064 /* Returned value is the address of the last sector. */
2065 nb_sectors--;
2066 /* Remember the new size for read/write sanity checking. */
7877903a 2067 s->qdev.max_lba = nb_sectors;
5dd90e2a
GH		 2068 outbuf[0] = (nb_sectors >> 56) & 0xff;
2069 outbuf[1] = (nb_sectors >> 48) & 0xff;
2070 outbuf[2] = (nb_sectors >> 40) & 0xff;
2071 outbuf[3] = (nb_sectors >> 32) & 0xff;
2072 outbuf[4] = (nb_sectors >> 24) & 0xff;
2073 outbuf[5] = (nb_sectors >> 16) & 0xff;
2074 outbuf[6] = (nb_sectors >> 8) & 0xff;
2075 outbuf[7] = nb_sectors & 0xff;
2076 outbuf[8] = 0;
2077 outbuf[9] = 0;
69377307 2078 outbuf[10] = s->qdev.blocksize >> 8;
5dd90e2a 2079 outbuf[11] = 0;
ee3659e3
CH		 2080 outbuf[12] = 0;
2081 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
ea3bd56f
CH		 2082
2083 /* set TPE bit if the format supports discard */
2084 if (s->qdev.conf.discard_granularity) {
2085 outbuf[14] = 0x80;
2086 }
2087
5dd90e2a 2088 /* Protection, exponent and lowest lba field left blank. */
5dd90e2a
GH		 2089 break;
2090 }
59ee9500 2091 trace_scsi_disk_emulate_command_SAI_unsupported();
5dd90e2a 2092 goto illegal_request;
101aa85f
PB		 2093 case SYNCHRONIZE_CACHE:
2094 /* The request is used as the AIO opaque value, so add a ref. */
2095 scsi_req_ref(&r->req);
4be74634 2096 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 2097 BLOCK_ACCT_FLUSH);
4be74634 2098 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
101aa85f
PB		 2099 return 0;
2100 case SEEK_10:
59ee9500 2101 trace_scsi_disk_emulate_command_SEEK_10(r->req.cmd.lba);
101aa85f
PB		 2102 if (r->req.cmd.lba > s->qdev.max_lba) {
2103 goto illegal_lba;
2104 }
2105 break;
101aa85f 2106 case MODE_SELECT:
59ee9500 2107 trace_scsi_disk_emulate_command_MODE_SELECT(r->req.cmd.xfer);
101aa85f
PB		 2108 break;
2109 case MODE_SELECT_10:
59ee9500 2110 trace_scsi_disk_emulate_command_MODE_SELECT_10(r->req.cmd.xfer);
101aa85f 2111 break;
5222aaf2 2112 case UNMAP:
59ee9500 2113 trace_scsi_disk_emulate_command_UNMAP(r->req.cmd.xfer);
5222aaf2 2114 break;
d97e7730
PB		 2115 case VERIFY_10:
2116 case VERIFY_12:
2117 case VERIFY_16:
59ee9500 2118 trace_scsi_disk_emulate_command_VERIFY((req->cmd.buf[1] >> 1) & 3);
d97e7730
PB		 2119 if (req->cmd.buf[1] & 6) {
2120 goto illegal_request;
2121 }
2122 break;
101aa85f 2123 case WRITE_SAME_10:
101aa85f 2124 case WRITE_SAME_16:
59ee9500
LV		 2125 trace_scsi_disk_emulate_command_WRITE_SAME(
2126 req->cmd.buf[0] == WRITE_SAME_10 ? 10 : 16, r->req.cmd.xfer);
84f94a9a 2127 break;
aa5dbdc1 2128 default:
59ee9500
LV		 2129 trace_scsi_disk_emulate_command_UNKNOWN(buf[0],
2130 scsi_command_name(buf[0]));
b45ef674 2131 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
b08d0ea0 2132 return 0;
aa5dbdc1 2133 }
314a3299 2134 assert(!r->req.aiocb);
c8dcb531 2135 r->iov.iov_len = MIN(r->buflen, req->cmd.xfer);
b08d0ea0
PB		 2136 if (r->iov.iov_len == 0) {
2137 scsi_req_complete(&r->req, GOOD);
2138 }
af6d510d
PB		 2139 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
2140 assert(r->iov.iov_len == req->cmd.xfer);
2141 return -r->iov.iov_len;
2142 } else {
2143 return r->iov.iov_len;
2144 }
aa5dbdc1 2145
aa5dbdc1 2146illegal_request:
cfc606da
PB		 2147 if (r->req.status == -1) {
2148 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2149 }
b08d0ea0 2150 return 0;
101aa85f
PB		 2151
2152illegal_lba:
2153 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
2154 return 0;
aa5dbdc1
GH		 2155}
2156
2e5d83bb
PB		 2157/* Execute a scsi command. Returns the length of the data expected by the
2158 command. This will be Positive for data transfers from the device
2159 (eg. disk reads), negative for transfers to the device (eg. disk writes),
2160 and zero if the command does not transfer any data. */
2161
b08d0ea0 2162static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf)
2e5d83bb 2163{
5c6c0e51
HR		 2164 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2165 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
94f8ba11 2166 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
e93176d5 2167 uint32_t len;
a917d384 2168 uint8_t command;
a917d384
PB		 2169
2170 command = buf[0];
aa5dbdc1 2171
cd723b85 2172 if (!blk_is_available(s->qdev.conf.blk)) {
b08d0ea0
PB		 2173 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
2174 return 0;
9bcaf4fe
PB		 2175 }
2176
1894df02 2177 len = scsi_data_cdb_xfer(r->req.cmd.buf);
a917d384 2178 switch (command) {
ebf46023
GH		 2179 case READ_6:
2180 case READ_10:
bd536cf3
GH		 2181 case READ_12:
2182 case READ_16:
59ee9500 2183 trace_scsi_disk_dma_command_READ(r->req.cmd.lba, len);
2343be0d
PB		 2184 /* Protection information is not supported. For SCSI versions 2 and
2185 * older (as determined by snooping the guest's INQUIRY commands),
2186 * there is no RD/WR/VRPROTECT, so skip this check in these versions.
2187 */
2188 if (s->qdev.scsi_version > 2 && (r->req.cmd.buf[1] & 0xe0)) {
96bdbbab
RS		 2189 goto illegal_request;
2190 }
444bc908 2191 if (!check_lba_range(s, r->req.cmd.lba, len)) {
274fb0e1 2192 goto illegal_lba;
f01b5931 2193 }
3dc516bf
PMD		 2194 r->sector = r->req.cmd.lba * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
2195 r->sector_count = len * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
2e5d83bb 2196 break;
ebf46023
GH		 2197 case WRITE_6:
2198 case WRITE_10:
bd536cf3
GH		 2199 case WRITE_12:
2200 case WRITE_16:
5e30a07d 2201 case WRITE_VERIFY_10:
ebef0bbb
BK		 2202 case WRITE_VERIFY_12:
2203 case WRITE_VERIFY_16:
86b1cf32 2204 if (!blk_is_writable(s->qdev.conf.blk)) {
6a8a685c
RS		 2205 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
2206 return 0;
2207 }
59ee9500 2208 trace_scsi_disk_dma_command_WRITE(
2dd791b6
HR		 2209 (command & 0xe) == 0xe ? "And Verify " : "",
2210 r->req.cmd.lba, len);
4f04560b 2211 /* fall through */
166dbda7
PB		 2212 case VERIFY_10:
2213 case VERIFY_12:
2214 case VERIFY_16:
2215 /* We get here only for BYTCHK == 0x01 and only for scsi-block.
2216 * As far as DMA is concerned, we can treat it the same as a write;
2217 * scsi_block_do_sgio will send VERIFY commands.
2218 */
2343be0d 2219 if (s->qdev.scsi_version > 2 && (r->req.cmd.buf[1] & 0xe0)) {
96bdbbab
RS		 2220 goto illegal_request;
2221 }
444bc908 2222 if (!check_lba_range(s, r->req.cmd.lba, len)) {
274fb0e1 2223 goto illegal_lba;
f01b5931 2224 }
3dc516bf
PMD		 2225 r->sector = r->req.cmd.lba * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
2226 r->sector_count = len * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
2e5d83bb 2227 break;
101aa85f 2228 default:
b08d0ea0 2229 abort();
96bdbbab
RS		 2230 illegal_request:
2231 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2232 return 0;
274fb0e1 2233 illegal_lba:
b45ef674 2234 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
274fb0e1 2235 return 0;
2e5d83bb 2236 }
94f8ba11 2237 r->need_fua_emulation = sdc->need_fua_emulation(&r->req.cmd);
b08d0ea0 2238 if (r->sector_count == 0) {
b45ef674 2239 scsi_req_complete(&r->req, GOOD);
a917d384 2240 }
b08d0ea0 2241 assert(r->iov.iov_len == 0);
efb9ee02 2242 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
3dc516bf 2243 return -r->sector_count * BDRV_SECTOR_SIZE;
a917d384 2244 } else {
3dc516bf 2245 return r->sector_count * BDRV_SECTOR_SIZE;
2e5d83bb 2246 }
2e5d83bb
PB		 2247}
2248
e9447f35
JK		 2249static void scsi_disk_reset(DeviceState *dev)
2250{
2251 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
2252 uint64_t nb_sectors;
2253
c7b48872 2254 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
e9447f35 2255
4be74634 2256 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
3dc516bf 2257 nb_sectors /= s->qdev.blocksize / BDRV_SECTOR_SIZE;
e9447f35
JK		 2258 if (nb_sectors) {
2259 nb_sectors--;
2260 }
7877903a 2261 s->qdev.max_lba = nb_sectors;
7721c7f7
PH		 2262 /* reset tray statuses */
2263 s->tray_locked = 0;
2264 s->tray_open = 0;
2343be0d
PB		 2265
2266 s->qdev.scsi_version = s->qdev.default_scsi_version;
e9447f35
JK		 2267}
2268
aaebacef
PB		 2269static void scsi_disk_resize_cb(void *opaque)
2270{
2271 SCSIDiskState *s = opaque;
2272
2273 /* SPC lists this sense code as available only for
2274 * direct-access devices.
2275 */
2276 if (s->qdev.type == TYPE_DISK) {
53200fad 2277 scsi_device_report_change(&s->qdev, SENSE_CODE(CAPACITY_CHANGED));
aaebacef
PB		 2278 }
2279}
2280
39829a01 2281static void scsi_cd_change_media_cb(void *opaque, bool load, Error **errp)
2c6942fa 2282{
8a9c16f6
PB		 2283 SCSIDiskState *s = opaque;
2284
2285 /*
2286 * When a CD gets changed, we have to report an ejected state and
2287 * then a loaded state to guests so that they detect tray
2288 * open/close and media change events. Guests that do not use
2289 * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close
2290 * states rely on this behavior.
2291 *
2292 * media_changed governs the state machine used for unit attention
2293 * report. media_event is used by GET EVENT STATUS NOTIFICATION.
2294 */
2295 s->media_changed = load;
2296 s->tray_open = !load;
e48e84ea 2297 scsi_device_set_ua(&s->qdev, SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM));
3c2f7c12 2298 s->media_event = true;
4480de19
PB		 2299 s->eject_request = false;
2300}
2301
2302static void scsi_cd_eject_request_cb(void *opaque, bool force)
2303{
2304 SCSIDiskState *s = opaque;
2305
2306 s->eject_request = true;
2307 if (force) {
2308 s->tray_locked = false;
2309 }
2c6942fa
MA		 2310}
2311
e4def80b
MA		 2312static bool scsi_cd_is_tray_open(void *opaque)
2313{
2314 return ((SCSIDiskState *)opaque)->tray_open;
2315}
2316
f107639a
MA		 2317static bool scsi_cd_is_medium_locked(void *opaque)
2318{
2319 return ((SCSIDiskState *)opaque)->tray_locked;
2320}
2321
aaebacef 2322static const BlockDevOps scsi_disk_removable_block_ops = {
2c6942fa 2323 .change_media_cb = scsi_cd_change_media_cb,
4480de19 2324 .eject_request_cb = scsi_cd_eject_request_cb,
e4def80b 2325 .is_tray_open = scsi_cd_is_tray_open,
f107639a 2326 .is_medium_locked = scsi_cd_is_medium_locked,
aaebacef
PB		 2327
2328 .resize_cb = scsi_disk_resize_cb,
2329};
2330
2331static const BlockDevOps scsi_disk_block_ops = {
2332 .resize_cb = scsi_disk_resize_cb,
f107639a
MA		 2333};
2334
8a9c16f6
PB		 2335static void scsi_disk_unit_attention_reported(SCSIDevice *dev)
2336{
2337 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2338 if (s->media_changed) {
2339 s->media_changed = false;
e48e84ea 2340 scsi_device_set_ua(&s->qdev, SENSE_CODE(MEDIUM_CHANGED));
8a9c16f6
PB		 2341 }
2342}
2343
a818a4b6 2344static void scsi_realize(SCSIDevice *dev, Error **errp)
2e5d83bb 2345{
d52affa7 2346 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
7cef3d12 2347 bool read_only;
2e5d83bb 2348
4be74634 2349 if (!s->qdev.conf.blk) {
a818a4b6
FZ		 2350 error_setg(errp, "drive property not set");
2351 return;
d52affa7
GH		 2352 }
2353
bfe3d7ac 2354 if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
4be74634 2355 !blk_is_inserted(s->qdev.conf.blk)) {
a818a4b6
FZ		 2356 error_setg(errp, "Device needs media, but drive is empty");
2357 return;
98f28ad7
MA		 2358 }
2359
c56ee92f 2360 if (!blkconf_blocksizes(&s->qdev.conf, errp)) {
3da023b5
MK		 2361 return;
2362 }
2363
4f71fb43
KW		 2364 if (blk_get_aio_context(s->qdev.conf.blk) != qemu_get_aio_context() &&
2365 !s->qdev.hba_supports_iothread)
2366 {
2367 error_setg(errp, "HBA does not support iothreads");
2368 return;
2369 }
2370
5ff5efb4 2371 if (dev->type == TYPE_DISK) {
ceff3e1f 2372 if (!blkconf_geometry(&dev->conf, NULL, 65535, 255, 255, errp)) {
a818a4b6 2373 return;
5ff5efb4 2374 }
b7eb0c9f 2375 }
7cef3d12 2376
86b1cf32 2377 read_only = !blk_supports_write_perm(s->qdev.conf.blk);
7cef3d12
KW		 2378 if (dev->type == TYPE_ROM) {
2379 read_only = true;
2380 }
2381
2382 if (!blkconf_apply_backend_options(&dev->conf, read_only,
ceff3e1f 2383 dev->type == TYPE_DISK, errp)) {
a17c17a2
KW		 2384 return;
2385 }
a0fef654 2386
215e47b9
PB		 2387 if (s->qdev.conf.discard_granularity == -1) {
2388 s->qdev.conf.discard_granularity =
2389 MAX(s->qdev.conf.logical_block_size, DEFAULT_DISCARD_GRANULARITY);
2390 }
2391
552fee93 2392 if (!s->version) {
35c2c8dc 2393 s->version = g_strdup(qemu_hw_version());
552fee93 2394 }
353815aa
DF		 2395 if (!s->vendor) {
2396 s->vendor = g_strdup("QEMU");
2397 }
7471a649
KW		 2398 if (!s->device_id) {
2399 if (s->serial) {
2400 s->device_id = g_strdup_printf("%.20s", s->serial);
2401 } else {
2402 const char *str = blk_name(s->qdev.conf.blk);
2403 if (str && *str) {
2404 s->device_id = g_strdup(str);
2405 }
2406 }
2407 }
552fee93 2408
4be74634 2409 if (blk_is_sg(s->qdev.conf.blk)) {
a818a4b6
FZ		 2410 error_setg(errp, "unwanted /dev/sg*");
2411 return;
32bb404a
MA		 2412 }
2413
18e673b8
PH		 2414 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2415 !(s->features & (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS))) {
4be74634 2416 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_removable_block_ops, s);
aaebacef 2417 } else {
4be74634 2418 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_block_ops, s);
2e5d83bb 2419 }
4be74634 2420 blk_set_guest_block_size(s->qdev.conf.blk, s->qdev.blocksize);
8cfacf07 2421
4be74634 2422 blk_iostatus_enable(s->qdev.conf.blk);
71f571a2
SE		 2423
2424 add_boot_device_lchs(&dev->qdev, NULL,
2425 dev->conf.lcyls,
2426 dev->conf.lheads,
2427 dev->conf.lsecs);
2428}
2429
b69c3c21 2430static void scsi_unrealize(SCSIDevice *dev)
71f571a2
SE		 2431{
2432 del_boot_device_lchs(&dev->qdev, NULL);
d52affa7
GH		 2433}
2434
a818a4b6 2435static void scsi_hd_realize(SCSIDevice *dev, Error **errp)
b443ae67 2436{
e39be482 2437 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
3ff35ba3 2438 AioContext *ctx = NULL;
df1d4c34
ET		 2439 /* can happen for devices without drive. The error message for missing
2440 * backend will be issued in scsi_realize
2441 */
2442 if (s->qdev.conf.blk) {
3ff35ba3
AG		 2443 ctx = blk_get_aio_context(s->qdev.conf.blk);
2444 aio_context_acquire(ctx);
c56ee92f
RK		 2445 if (!blkconf_blocksizes(&s->qdev.conf, errp)) {
2446 goto out;
2447 }
df1d4c34 2448 }
e39be482
PB		 2449 s->qdev.blocksize = s->qdev.conf.logical_block_size;
2450 s->qdev.type = TYPE_DISK;
353815aa
DF		 2451 if (!s->product) {
2452 s->product = g_strdup("QEMU HARDDISK");
2453 }
a818a4b6 2454 scsi_realize(&s->qdev, errp);
c56ee92f 2455out:
3ff35ba3
AG		 2456 if (ctx) {
2457 aio_context_release(ctx);
2458 }
b443ae67
MA		 2459}
2460
a818a4b6 2461static void scsi_cd_realize(SCSIDevice *dev, Error **errp)
b443ae67 2462{
e39be482 2463 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
3ff35ba3 2464 AioContext *ctx;
83b4fe0e 2465 int ret;
9ef6e505
KW		 2466
2467 if (!dev->conf.blk) {
83b4fe0e
KW		 2468 /* Anonymous BlockBackend for an empty drive. As we put it into
2469 * dev->conf, qdev takes care of detaching on unplug. */
d861ab3a 2470 dev->conf.blk = blk_new(qemu_get_aio_context(), 0, BLK_PERM_ALL);
83b4fe0e
KW		 2471 ret = blk_attach_dev(dev->conf.blk, &dev->qdev);
2472 assert(ret == 0);
9ef6e505
KW		 2473 }
2474
3ff35ba3
AG		 2475 ctx = blk_get_aio_context(dev->conf.blk);
2476 aio_context_acquire(ctx);
e39be482
PB		 2477 s->qdev.blocksize = 2048;
2478 s->qdev.type = TYPE_ROM;
bfe3d7ac 2479 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
353815aa
DF		 2480 if (!s->product) {
2481 s->product = g_strdup("QEMU CD-ROM");
2482 }
a818a4b6 2483 scsi_realize(&s->qdev, errp);
3ff35ba3 2484 aio_context_release(ctx);
b443ae67
MA		 2485}
2486
b443ae67 2487
b08d0ea0 2488static const SCSIReqOps scsi_disk_emulate_reqops = {
8dbd4574 2489 .size = sizeof(SCSIDiskReq),
12010e7b 2490 .free_req = scsi_free_request,
b08d0ea0 2491 .send_command = scsi_disk_emulate_command,
314a3299
PB		 2492 .read_data = scsi_disk_emulate_read_data,
2493 .write_data = scsi_disk_emulate_write_data,
b08d0ea0
PB		 2494 .get_buf = scsi_get_buf,
2495};
2496
2497static const SCSIReqOps scsi_disk_dma_reqops = {
2498 .size = sizeof(SCSIDiskReq),
2499 .free_req = scsi_free_request,
2500 .send_command = scsi_disk_dma_command,
12010e7b
PB		 2501 .read_data = scsi_read_data,
2502 .write_data = scsi_write_data,
12010e7b 2503 .get_buf = scsi_get_buf,
43b978b9
PB		 2504 .load_request = scsi_disk_load_request,
2505 .save_request = scsi_disk_save_request,
8dbd4574
PB		 2506};
2507
b08d0ea0
PB		 2508static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = {
2509 [TEST_UNIT_READY] = &scsi_disk_emulate_reqops,
2510 [INQUIRY] = &scsi_disk_emulate_reqops,
2511 [MODE_SENSE] = &scsi_disk_emulate_reqops,
2512 [MODE_SENSE_10] = &scsi_disk_emulate_reqops,
2513 [START_STOP] = &scsi_disk_emulate_reqops,
2514 [ALLOW_MEDIUM_REMOVAL] = &scsi_disk_emulate_reqops,
2515 [READ_CAPACITY_10] = &scsi_disk_emulate_reqops,
2516 [READ_TOC] = &scsi_disk_emulate_reqops,
2517 [READ_DVD_STRUCTURE] = &scsi_disk_emulate_reqops,
2518 [READ_DISC_INFORMATION] = &scsi_disk_emulate_reqops,
2519 [GET_CONFIGURATION] = &scsi_disk_emulate_reqops,
2520 [GET_EVENT_STATUS_NOTIFICATION] = &scsi_disk_emulate_reqops,
2521 [MECHANISM_STATUS] = &scsi_disk_emulate_reqops,
2522 [SERVICE_ACTION_IN_16] = &scsi_disk_emulate_reqops,
2523 [REQUEST_SENSE] = &scsi_disk_emulate_reqops,
2524 [SYNCHRONIZE_CACHE] = &scsi_disk_emulate_reqops,
2525 [SEEK_10] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2526 [MODE_SELECT] = &scsi_disk_emulate_reqops,
2527 [MODE_SELECT_10] = &scsi_disk_emulate_reqops,
5222aaf2 2528 [UNMAP] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2529 [WRITE_SAME_10] = &scsi_disk_emulate_reqops,
2530 [WRITE_SAME_16] = &scsi_disk_emulate_reqops,
d97e7730
PB		 2531 [VERIFY_10] = &scsi_disk_emulate_reqops,
2532 [VERIFY_12] = &scsi_disk_emulate_reqops,
2533 [VERIFY_16] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2534
2535 [READ_6] = &scsi_disk_dma_reqops,
2536 [READ_10] = &scsi_disk_dma_reqops,
2537 [READ_12] = &scsi_disk_dma_reqops,
2538 [READ_16] = &scsi_disk_dma_reqops,
b08d0ea0
PB		 2539 [WRITE_6] = &scsi_disk_dma_reqops,
2540 [WRITE_10] = &scsi_disk_dma_reqops,
2541 [WRITE_12] = &scsi_disk_dma_reqops,
2542 [WRITE_16] = &scsi_disk_dma_reqops,
2543 [WRITE_VERIFY_10] = &scsi_disk_dma_reqops,
2544 [WRITE_VERIFY_12] = &scsi_disk_dma_reqops,
2545 [WRITE_VERIFY_16] = &scsi_disk_dma_reqops,
2546};
2547
59ee9500
LV		 2548static void scsi_disk_new_request_dump(uint32_t lun, uint32_t tag, uint8_t *buf)
2549{
2550 int i;
2551 int len = scsi_cdb_length(buf);
2552 char *line_buffer, *p;
2553
e91bae8e 2554 assert(len > 0 && len <= 16);
59ee9500
LV		 2555 line_buffer = g_malloc(len * 5 + 1);
2556
2557 for (i = 0, p = line_buffer; i < len; i++) {
2558 p += sprintf(p, " 0x%02x", buf[i]);
2559 }
2560 trace_scsi_disk_new_request(lun, tag, line_buffer);
2561
2562 g_free(line_buffer);
2563}
2564
63db0f0e
PB		 2565static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
2566 uint8_t *buf, void *hba_private)
8dbd4574
PB		 2567{
2568 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2569 SCSIRequest *req;
b08d0ea0
PB		 2570 const SCSIReqOps *ops;
2571 uint8_t command;
8dbd4574 2572
79fb50bb
PB		 2573 command = buf[0];
2574 ops = scsi_disk_reqops_dispatch[command];
2575 if (!ops) {
2576 ops = &scsi_disk_emulate_reqops;
2577 }
2578 req = scsi_req_alloc(ops, &s->qdev, tag, lun, hba_private);
2579
59ee9500
LV		 2580 if (trace_event_get_state_backends(TRACE_SCSI_DISK_NEW_REQUEST)) {
2581 scsi_disk_new_request_dump(lun, tag, buf);
b08d0ea0 2582 }
b08d0ea0 2583
8dbd4574
PB		 2584 return req;
2585}
2586
336a6915
PB		 2587#ifdef __linux__
2588static int get_device_type(SCSIDiskState *s)
2589{
336a6915
PB		 2590 uint8_t cmd[16];
2591 uint8_t buf[36];
336a6915
PB		 2592 int ret;
2593
2594 memset(cmd, 0, sizeof(cmd));
2595 memset(buf, 0, sizeof(buf));
2596 cmd[0] = INQUIRY;
2597 cmd[4] = sizeof(buf);
2598
a0c7e35b 2599 ret = scsi_SG_IO_FROM_DEV(s->qdev.conf.blk, cmd, sizeof(cmd),
c9b6609b 2600 buf, sizeof(buf), s->qdev.io_timeout);
a0c7e35b 2601 if (ret < 0) {
336a6915
PB		 2602 return -1;
2603 }
2604 s->qdev.type = buf[0];
bfe3d7ac
PB		 2605 if (buf[1] & 0x80) {
2606 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2607 }
336a6915
PB		 2608 return 0;
2609}
2610
a818a4b6 2611static void scsi_block_realize(SCSIDevice *dev, Error **errp)
336a6915
PB		 2612{
2613 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
3ff35ba3 2614 AioContext *ctx;
336a6915
PB		 2615 int sg_version;
2616 int rc;
2617
4be74634 2618 if (!s->qdev.conf.blk) {
a818a4b6
FZ		 2619 error_setg(errp, "drive property not set");
2620 return;
336a6915
PB		 2621 }
2622
51f43d57
FZ		 2623 if (s->rotation_rate) {
2624 error_report_once("rotation_rate is specified for scsi-block but is "
2625 "not implemented. This option is deprecated and will "
2626 "be removed in a future version");
2627 }
2628
3ff35ba3
AG		 2629 ctx = blk_get_aio_context(s->qdev.conf.blk);
2630 aio_context_acquire(ctx);
2631
336a6915 2632 /* check we are using a driver managing SG_IO (version 3 and after) */
4be74634 2633 rc = blk_ioctl(s->qdev.conf.blk, SG_GET_VERSION_NUM, &sg_version);
4bbeb8b1 2634 if (rc < 0) {
09c2c6ff
PB		 2635 error_setg_errno(errp, -rc, "cannot get SG_IO version number");
2636 if (rc != -EPERM) {
2637 error_append_hint(errp, "Is this a SCSI device?\n");
2638 }
3ff35ba3 2639 goto out;
4bbeb8b1
FZ		 2640 }
2641 if (sg_version < 30000) {
a818a4b6 2642 error_setg(errp, "scsi generic interface too old");
3ff35ba3 2643 goto out;
336a6915
PB		 2644 }
2645
2646 /* get device type from INQUIRY data */
2647 rc = get_device_type(s);
2648 if (rc < 0) {
a818a4b6 2649 error_setg(errp, "INQUIRY failed");
3ff35ba3 2650 goto out;
336a6915
PB		 2651 }
2652
2653 /* Make a guess for the block size, we'll fix it when the guest sends.
2654 * READ CAPACITY. If they don't, they likely would assume these sizes
2655 * anyway. (TODO: check in /sys).
2656 */
2657 if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) {
2658 s->qdev.blocksize = 2048;
2659 } else {
2660 s->qdev.blocksize = 512;
2661 }
18e673b8
PH		 2662
2663 /* Makes the scsi-block device not removable by using HMP and QMP eject
2664 * command.
2665 */
2666 s->features |= (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS);
2667
a818a4b6 2668 scsi_realize(&s->qdev, errp);
a71c775b 2669 scsi_generic_read_device_inquiry(&s->qdev);
3ff35ba3
AG		 2670
2671out:
2672 aio_context_release(ctx);
336a6915
PB		 2673}
2674
8fdc7839
PB		 2675typedef struct SCSIBlockReq {
2676 SCSIDiskReq req;
2677 sg_io_hdr_t io_header;
2678
2679 /* Selected bytes of the original CDB, copied into our own CDB. */
2680 uint8_t cmd, cdb1, group_number;
2681
2682 /* CDB passed to SG_IO. */
2683 uint8_t cdb[16];
a108557b
HR		 2684 BlockCompletionFunc *cb;
2685 void *cb_opaque;
8fdc7839
PB		 2686} SCSIBlockReq;
2687
a108557b
HR		 2688static void scsi_block_sgio_complete(void *opaque, int ret)
2689{
2690 SCSIBlockReq *req = (SCSIBlockReq *)opaque;
2691 SCSIDiskReq *r = &req->req;
2692 SCSIDevice *s = r->req.dev;
2693 sg_io_hdr_t *io_hdr = &req->io_header;
a108557b
HR		 2694
2695 if (ret == 0) {
2696 if (io_hdr->host_status != SCSI_HOST_OK) {
f3126d65
HR		 2697 scsi_req_complete_failed(&r->req, io_hdr->host_status);
2698 scsi_req_unref(&r->req);
2699 return;
2700 }
2701
2702 if (io_hdr->driver_status & SG_ERR_DRIVER_TIMEOUT) {
a108557b
HR		 2703 ret = BUSY;
2704 } else {
2705 ret = io_hdr->status;
2706 }
2707
2708 if (ret > 0) {
2709 aio_context_acquire(blk_get_aio_context(s->conf.blk));
2710 if (scsi_handle_rw_error(r, ret, true)) {
2711 aio_context_release(blk_get_aio_context(s->conf.blk));
2712 scsi_req_unref(&r->req);
2713 return;
2714 }
2715 aio_context_release(blk_get_aio_context(s->conf.blk));
2716
2717 /* Ignore error. */
2718 ret = 0;
2719 }
2720 }
2721
2722 req->cb(req->cb_opaque, ret);
2723}
2724
8fdc7839
PB		 2725static BlockAIOCB *scsi_block_do_sgio(SCSIBlockReq *req,
2726 int64_t offset, QEMUIOVector *iov,
2727 int direction,
2728 BlockCompletionFunc *cb, void *opaque)
2729{
2730 sg_io_hdr_t *io_header = &req->io_header;
2731 SCSIDiskReq *r = &req->req;
2732 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2733 int nb_logical_blocks;
2734 uint64_t lba;
2735 BlockAIOCB *aiocb;
2736
2737 /* This is not supported yet. It can only happen if the guest does
2738 * reads and writes that are not aligned to one logical sectors
2739 * _and_ cover multiple MemoryRegions.
2740 */
2741 assert(offset % s->qdev.blocksize == 0);
2742 assert(iov->size % s->qdev.blocksize == 0);
2743
2744 io_header->interface_id = 'S';
2745
2746 /* The data transfer comes from the QEMUIOVector. */
2747 io_header->dxfer_direction = direction;
2748 io_header->dxfer_len = iov->size;
2749 io_header->dxferp = (void *)iov->iov;
2750 io_header->iovec_count = iov->niov;
2751 assert(io_header->iovec_count == iov->niov); /* no overflow! */
2752
2753 /* Build a new CDB with the LBA and length patched in, in case
2754 * DMA helpers split the transfer in multiple segments. Do not
2755 * build a CDB smaller than what the guest wanted, and only build
2756 * a larger one if strictly necessary.
2757 */
2758 io_header->cmdp = req->cdb;
2759 lba = offset / s->qdev.blocksize;
2760 nb_logical_blocks = io_header->dxfer_len / s->qdev.blocksize;
2761
2762 if ((req->cmd >> 5) == 0 && lba <= 0x1ffff) {
2763 /* 6-byte CDB */
2764 stl_be_p(&req->cdb[0], lba | (req->cmd << 24));
2765 req->cdb[4] = nb_logical_blocks;
2766 req->cdb[5] = 0;
2767 io_header->cmd_len = 6;
2768 } else if ((req->cmd >> 5) <= 1 && lba <= 0xffffffffULL) {
2769 /* 10-byte CDB */
2770 req->cdb[0] = (req->cmd & 0x1f) | 0x20;
2771 req->cdb[1] = req->cdb1;
2772 stl_be_p(&req->cdb[2], lba);
2773 req->cdb[6] = req->group_number;
2774 stw_be_p(&req->cdb[7], nb_logical_blocks);
2775 req->cdb[9] = 0;
2776 io_header->cmd_len = 10;
2777 } else if ((req->cmd >> 5) != 4 && lba <= 0xffffffffULL) {
2778 /* 12-byte CDB */
2779 req->cdb[0] = (req->cmd & 0x1f) | 0xA0;
2780 req->cdb[1] = req->cdb1;
2781 stl_be_p(&req->cdb[2], lba);
2782 stl_be_p(&req->cdb[6], nb_logical_blocks);
2783 req->cdb[10] = req->group_number;
2784 req->cdb[11] = 0;
2785 io_header->cmd_len = 12;
2786 } else {
2787 /* 16-byte CDB */
2788 req->cdb[0] = (req->cmd & 0x1f) | 0x80;
2789 req->cdb[1] = req->cdb1;
2790 stq_be_p(&req->cdb[2], lba);
2791 stl_be_p(&req->cdb[10], nb_logical_blocks);
2792 req->cdb[14] = req->group_number;
2793 req->cdb[15] = 0;
2794 io_header->cmd_len = 16;
2795 }
2796
2797 /* The rest is as in scsi-generic.c. */
2798 io_header->mx_sb_len = sizeof(r->req.sense);
2799 io_header->sbp = r->req.sense;
c9b6609b 2800 io_header->timeout = s->qdev.io_timeout * 1000;
8fdc7839
PB		 2801 io_header->usr_ptr = r;
2802 io_header->flags |= SG_FLAG_DIRECT_IO;
a108557b
HR		 2803 req->cb = cb;
2804 req->cb_opaque = opaque;
b2d50a33
HR		 2805 trace_scsi_disk_aio_sgio_command(r->req.tag, req->cdb[0], lba,
2806 nb_logical_blocks, io_header->timeout);
a108557b 2807 aiocb = blk_aio_ioctl(s->qdev.conf.blk, SG_IO, io_header, scsi_block_sgio_complete, req);
8fdc7839
PB		 2808 assert(aiocb != NULL);
2809 return aiocb;
2810}
2811
2812static bool scsi_block_no_fua(SCSICommand *cmd)
2813{
2814 return false;
2815}
2816
2817static BlockAIOCB *scsi_block_dma_readv(int64_t offset,
2818 QEMUIOVector *iov,
2819 BlockCompletionFunc *cb, void *cb_opaque,
2820 void *opaque)
2821{
2822 SCSIBlockReq *r = opaque;
2823 return scsi_block_do_sgio(r, offset, iov,
2824 SG_DXFER_FROM_DEV, cb, cb_opaque);
2825}
2826
2827static BlockAIOCB *scsi_block_dma_writev(int64_t offset,
2828 QEMUIOVector *iov,
2829 BlockCompletionFunc *cb, void *cb_opaque,
2830 void *opaque)
2831{
2832 SCSIBlockReq *r = opaque;
2833 return scsi_block_do_sgio(r, offset, iov,
2834 SG_DXFER_TO_DEV, cb, cb_opaque);
2835}
2836
592c3b28 2837static bool scsi_block_is_passthrough(SCSIDiskState *s, uint8_t *buf)
336a6915 2838{
336a6915 2839 switch (buf[0]) {
8fdc7839
PB		 2840 case VERIFY_10:
2841 case VERIFY_12:
2842 case VERIFY_16:
2843 /* Check if BYTCHK == 0x01 (data-out buffer contains data
2844 * for the number of logical blocks specified in the length
2845 * field). For other modes, do not use scatter/gather operation.
2846 */
1f8af0d1 2847 if ((buf[1] & 6) == 2) {
8fdc7839
PB		 2848 return false;
2849 }
2850 break;
2851
336a6915
PB		 2852 case READ_6:
2853 case READ_10:
2854 case READ_12:
2855 case READ_16:
2856 case WRITE_6:
2857 case WRITE_10:
2858 case WRITE_12:
2859 case WRITE_16:
2860 case WRITE_VERIFY_10:
2861 case WRITE_VERIFY_12:
2862 case WRITE_VERIFY_16:
8fdc7839 2863 /* MMC writing cannot be done via DMA helpers, because it sometimes
33ebad12 2864 * involves writing beyond the maximum LBA or to negative LBA (lead-in).
166dbda7 2865 * We might use scsi_block_dma_reqops as long as no writing commands are
33ebad12
PB		 2866 * seen, but performance usually isn't paramount on optical media. So,
2867 * just make scsi-block operate the same as scsi-generic for them.
2868 */
b08d0ea0 2869 if (s->qdev.type != TYPE_ROM) {
592c3b28 2870 return false;
b08d0ea0 2871 }
592c3b28
PB		 2872 break;
2873
2874 default:
2875 break;
336a6915
PB		 2876 }
2877
592c3b28
PB		 2878 return true;
2879}
2880
2881
8fdc7839
PB		 2882static int32_t scsi_block_dma_command(SCSIRequest *req, uint8_t *buf)
2883{
2884 SCSIBlockReq *r = (SCSIBlockReq *)req;
2343be0d
PB		 2885 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
2886
8fdc7839
PB		 2887 r->cmd = req->cmd.buf[0];
2888 switch (r->cmd >> 5) {
2889 case 0:
2890 /* 6-byte CDB. */
2891 r->cdb1 = r->group_number = 0;
2892 break;
2893 case 1:
2894 /* 10-byte CDB. */
2895 r->cdb1 = req->cmd.buf[1];
2896 r->group_number = req->cmd.buf[6];
ed45cae3 2897 break;
8fdc7839
PB		 2898 case 4:
2899 /* 12-byte CDB. */
2900 r->cdb1 = req->cmd.buf[1];
2901 r->group_number = req->cmd.buf[10];
2902 break;
2903 case 5:
2904 /* 16-byte CDB. */
2905 r->cdb1 = req->cmd.buf[1];
2906 r->group_number = req->cmd.buf[14];
2907 break;
2908 default:
2909 abort();
2910 }
2911
2343be0d
PB		 2912 /* Protection information is not supported. For SCSI versions 2 and
2913 * older (as determined by snooping the guest's INQUIRY commands),
2914 * there is no RD/WR/VRPROTECT, so skip this check in these versions.
2915 */
2916 if (s->qdev.scsi_version > 2 && (req->cmd.buf[1] & 0xe0)) {
8fdc7839
PB		 2917 scsi_check_condition(&r->req, SENSE_CODE(INVALID_FIELD));
2918 return 0;
2919 }
2920
8fdc7839
PB		 2921 return scsi_disk_dma_command(req, buf);
2922}
2923
2924static const SCSIReqOps scsi_block_dma_reqops = {
2925 .size = sizeof(SCSIBlockReq),
2926 .free_req = scsi_free_request,
2927 .send_command = scsi_block_dma_command,
2928 .read_data = scsi_read_data,
2929 .write_data = scsi_write_data,
2930 .get_buf = scsi_get_buf,
2931 .load_request = scsi_disk_load_request,
2932 .save_request = scsi_disk_save_request,
2933};
2934
592c3b28
PB		 2935static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag,
2936 uint32_t lun, uint8_t *buf,
2937 void *hba_private)
2938{
2939 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2940
2941 if (scsi_block_is_passthrough(s, buf)) {
2942 return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun,
2943 hba_private);
2944 } else {
8fdc7839 2945 return scsi_req_alloc(&scsi_block_dma_reqops, &s->qdev, tag, lun,
592c3b28
PB		 2946 hba_private);
2947 }
336a6915 2948}
3e7e180a
PB		 2949
2950static int scsi_block_parse_cdb(SCSIDevice *d, SCSICommand *cmd,
2951 uint8_t *buf, void *hba_private)
2952{
2953 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2954
2955 if (scsi_block_is_passthrough(s, buf)) {
2956 return scsi_bus_parse_cdb(&s->qdev, cmd, buf, hba_private);
2957 } else {
2958 return scsi_req_parse_cdb(&s->qdev, cmd, buf);
2959 }
2960}
2961
d31347f5
SK		 2962static void scsi_block_update_sense(SCSIRequest *req)
2963{
2964 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2965 SCSIBlockReq *br = DO_UPCAST(SCSIBlockReq, req, r);
2966 r->req.sense_len = MIN(br->io_header.sb_len_wr, sizeof(r->req.sense));
2967}
336a6915
PB		 2968#endif
2969
fcaafb10
PB		 2970static
2971BlockAIOCB *scsi_dma_readv(int64_t offset, QEMUIOVector *iov,
2972 BlockCompletionFunc *cb, void *cb_opaque,
2973 void *opaque)
2974{
2975 SCSIDiskReq *r = opaque;
2976 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2977 return blk_aio_preadv(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2978}
2979
2980static
2981BlockAIOCB *scsi_dma_writev(int64_t offset, QEMUIOVector *iov,
2982 BlockCompletionFunc *cb, void *cb_opaque,
2983 void *opaque)
2984{
2985 SCSIDiskReq *r = opaque;
2986 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2987 return blk_aio_pwritev(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2988}
2989
993935f3
PB		 2990static void scsi_disk_base_class_initfn(ObjectClass *klass, void *data)
2991{
2992 DeviceClass *dc = DEVICE_CLASS(klass);
fcaafb10 2993 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
993935f3
PB		 2994
2995 dc->fw_name = "disk";
2996 dc->reset = scsi_disk_reset;
fcaafb10
PB		 2997 sdc->dma_readv = scsi_dma_readv;
2998 sdc->dma_writev = scsi_dma_writev;
94f8ba11 2999 sdc->need_fua_emulation = scsi_is_cmd_fua;
993935f3
PB		 3000}
3001
3002static const TypeInfo scsi_disk_base_info = {
3003 .name = TYPE_SCSI_DISK_BASE,
3004 .parent = TYPE_SCSI_DEVICE,
3005 .class_init = scsi_disk_base_class_initfn,
3006 .instance_size = sizeof(SCSIDiskState),
fcaafb10 3007 .class_size = sizeof(SCSIDiskClass),
6214a11a 3008 .abstract = true,
993935f3
PB		 3009};
3010
4f71fb43
KW		 3011#define DEFINE_SCSI_DISK_PROPERTIES() \
3012 DEFINE_PROP_DRIVE_IOTHREAD("drive", SCSIDiskState, qdev.conf.blk), \
3013 DEFINE_BLOCK_PROPERTIES_BASE(SCSIDiskState, qdev.conf), \
3014 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf), \
3015 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
3016 DEFINE_PROP_STRING("serial", SCSIDiskState, serial), \
3017 DEFINE_PROP_STRING("vendor", SCSIDiskState, vendor), \
3018 DEFINE_PROP_STRING("product", SCSIDiskState, product), \
7471a649
KW		 3019 DEFINE_PROP_STRING("device_id", SCSIDiskState, device_id)
3020
b443ae67 3021
39bffca2
AL		 3022static Property scsi_hd_properties[] = {
3023 DEFINE_SCSI_DISK_PROPERTIES(),
bfe3d7ac
PB		 3024 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
3025 SCSI_DISK_F_REMOVABLE, false),
da8365db
PB		 3026 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
3027 SCSI_DISK_F_DPOFUA, false),
2ecab408
PB		 3028 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3029 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
64cc2284 3030 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
8a1bd297
PB		 3031 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3032 DEFAULT_MAX_UNMAP_SIZE),
f8e1f533
PB		 3033 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3034 DEFAULT_MAX_IO_SIZE),
070f8009 3035 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),
2343be0d
PB		 3036 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3037 5),
d252df48 3038 DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState, qdev.conf),
39bffca2
AL		 3039 DEFINE_PROP_END_OF_LIST(),
3040};
3041
43b978b9
PB		 3042static const VMStateDescription vmstate_scsi_disk_state = {
3043 .name = "scsi-disk",
3044 .version_id = 1,
3045 .minimum_version_id = 1,
43b978b9
PB		 3046 .fields = (VMStateField[]) {
3047 VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState),
3048 VMSTATE_BOOL(media_changed, SCSIDiskState),
3049 VMSTATE_BOOL(media_event, SCSIDiskState),
3050 VMSTATE_BOOL(eject_request, SCSIDiskState),
3051 VMSTATE_BOOL(tray_open, SCSIDiskState),
3052 VMSTATE_BOOL(tray_locked, SCSIDiskState),
3053 VMSTATE_END_OF_LIST()
3054 }
3055};
3056
b9eea3e6
AL		 3057static void scsi_hd_class_initfn(ObjectClass *klass, void *data)
3058{
39bffca2 3059 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 3060 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3061
a818a4b6 3062 sc->realize = scsi_hd_realize;
71f571a2 3063 sc->unrealize = scsi_unrealize;
b9eea3e6
AL		 3064 sc->alloc_req = scsi_new_request;
3065 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2 3066 dc->desc = "virtual SCSI disk";
4f67d30b 3067 device_class_set_props(dc, scsi_hd_properties);
43b978b9 3068 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 3069}
3070
8c43a6f0 3071static const TypeInfo scsi_hd_info = {
39bffca2 3072 .name = "scsi-hd",
993935f3 3073 .parent = TYPE_SCSI_DISK_BASE,
39bffca2
AL		 3074 .class_init = scsi_hd_class_initfn,
3075};
3076
3077static Property scsi_cd_properties[] = {
3078 DEFINE_SCSI_DISK_PROPERTIES(),
2ecab408
PB		 3079 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3080 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
64cc2284 3081 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
f8e1f533
PB		 3082 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3083 DEFAULT_MAX_IO_SIZE),
2343be0d
PB		 3084 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3085 5),
39bffca2 3086 DEFINE_PROP_END_OF_LIST(),
b9eea3e6
AL		 3087};
3088
3089static void scsi_cd_class_initfn(ObjectClass *klass, void *data)
3090{
39bffca2 3091 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 3092 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3093
a818a4b6 3094 sc->realize = scsi_cd_realize;
b9eea3e6
AL		 3095 sc->alloc_req = scsi_new_request;
3096 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2 3097 dc->desc = "virtual SCSI CD-ROM";
4f67d30b 3098 device_class_set_props(dc, scsi_cd_properties);
43b978b9 3099 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 3100}
3101
8c43a6f0 3102static const TypeInfo scsi_cd_info = {
39bffca2 3103 .name = "scsi-cd",
993935f3 3104 .parent = TYPE_SCSI_DISK_BASE,
39bffca2 3105 .class_init = scsi_cd_class_initfn,
b9eea3e6
AL		 3106};
3107
336a6915 3108#ifdef __linux__
39bffca2 3109static Property scsi_block_properties[] = {
78ee6bd0 3110 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf),
4be74634 3111 DEFINE_PROP_DRIVE("drive", SCSIDiskState, qdev.conf.blk),
07488549 3112 DEFINE_PROP_BOOL("share-rw", SCSIDiskState, qdev.conf.share_rw, false),
070f8009 3113 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),
0a96ca24
DHB		 3114 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3115 DEFAULT_MAX_UNMAP_SIZE),
3116 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3117 DEFAULT_MAX_IO_SIZE),
2343be0d 3118 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
29e560f0 3119 -1),
c9b6609b
HR		 3120 DEFINE_PROP_UINT32("io_timeout", SCSIDiskState, qdev.io_timeout,
3121 DEFAULT_IO_TIMEOUT),
39bffca2
AL		 3122 DEFINE_PROP_END_OF_LIST(),
3123};
3124
b9eea3e6
AL		 3125static void scsi_block_class_initfn(ObjectClass *klass, void *data)
3126{
39bffca2 3127 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6 3128 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
8fdc7839 3129 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
b9eea3e6 3130
a818a4b6 3131 sc->realize = scsi_block_realize;
b9eea3e6 3132 sc->alloc_req = scsi_block_new_request;
3e7e180a 3133 sc->parse_cdb = scsi_block_parse_cdb;
8fdc7839
PB		 3134 sdc->dma_readv = scsi_block_dma_readv;
3135 sdc->dma_writev = scsi_block_dma_writev;
d31347f5 3136 sdc->update_sense = scsi_block_update_sense;
8fdc7839 3137 sdc->need_fua_emulation = scsi_block_no_fua;
39bffca2 3138 dc->desc = "SCSI block device passthrough";
4f67d30b 3139 device_class_set_props(dc, scsi_block_properties);
43b978b9 3140 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 3141}
3142
8c43a6f0 3143static const TypeInfo scsi_block_info = {
39bffca2 3144 .name = "scsi-block",
993935f3 3145 .parent = TYPE_SCSI_DISK_BASE,
39bffca2 3146 .class_init = scsi_block_class_initfn,
b9eea3e6 3147};
336a6915 3148#endif
b9eea3e6 3149
83f7d43a 3150static void scsi_disk_register_types(void)
d52affa7 3151{
993935f3 3152 type_register_static(&scsi_disk_base_info);
39bffca2
AL		 3153 type_register_static(&scsi_hd_info);
3154 type_register_static(&scsi_cd_info);
b9eea3e6 3155#ifdef __linux__
39bffca2 3156 type_register_static(&scsi_block_info);
b9eea3e6 3157#endif
8ccc2ace 3158}
83f7d43a
AF		 3159
3160type_init(scsi_disk_register_types)
QEMU mirror