projects / qemu.git / blame
| Commit | Line | Data |
|---|---|---|
| 2e5d83bb PB |
1 | /* |
| 2 | * SCSI Device emulation | |
| 3 | * | |
| 4 | * Copyright (c) 2006 CodeSourcery. | |
| 5 | * Based on code by Fabrice Bellard | |
| 6 | * | |
| 7 | * Written by Paul Brook | |
| ad3cea42 AT |
8 | * Modifications: |
| 9 | * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case | |
| 10 | * when the allocation length of CDB is smaller | |
| 11 | * than 36. | |
| 12 | * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the | |
| 13 | * MODE SENSE response. | |
| 2e5d83bb | 14 | * |
| 8e31bf38 | 15 | * This code is licensed under the LGPL. |
| a917d384 PB |
16 | * |
| 17 | * Note that this file only handles the SCSI architecture model and device | |
| 1d4db89c AZ |
18 | * commands. Emulation of interface/link layer protocols is handled by |
| 19 | * the host adapter emulator. | |
| 2e5d83bb PB |
20 | */ |
| 21 | ||
| 22 | //#define DEBUG_SCSI | |
| 23 | ||
| 24 | #ifdef DEBUG_SCSI | |
| 001faf32 BS |
25 | #define DPRINTF(fmt, ...) \ |
| 26 | do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0) | |
| 2e5d83bb | 27 | #else |
| 001faf32 | 28 | #define DPRINTF(fmt, ...) do {} while(0) |
| 2e5d83bb PB |
29 | #endif |
| 30 | ||
| 87ecb68b | 31 | #include "qemu-common.h" |
| 2f792016 | 32 | #include "qemu-error.h" |
| 43b443b6 | 33 | #include "scsi.h" |
| 0d65e1f8 | 34 | #include "scsi-defs.h" |
| 666daa68 | 35 | #include "sysemu.h" |
| 2446333c | 36 | #include "blockdev.h" |
| d1a0739d | 37 | #include "block_int.h" |
| 5d0d2467 | 38 | #include "dma.h" |
| 22864256 | 39 | |
| 336a6915 PB |
40 | #ifdef __linux |
| 41 | #include <scsi/sg.h> | |
| 42 | #endif | |
| 43 | ||
| f0f72ffe | 44 | #define SCSI_DMA_BUF_SIZE 131072 |
| 57575058 | 45 | #define SCSI_MAX_INQUIRY_LEN 256 |
| a917d384 | 46 | |
| d52affa7 GH |
47 | typedef struct SCSIDiskState SCSIDiskState; |
| 48 | ||
| 4c41d2ef GH |
49 | typedef struct SCSIDiskReq { |
| 50 | SCSIRequest req; | |
| a917d384 | 51 | /* Both sector and sector_count are in terms of qemu 512 byte blocks. */ |
| e035b43d AL |
52 | uint64_t sector; |
| 53 | uint32_t sector_count; | |
| 7285477a | 54 | uint32_t buflen; |
| a0e66a69 | 55 | bool started; |
| c87c0672 AL |
56 | struct iovec iov; |
| 57 | QEMUIOVector qiov; | |
| a597e79c | 58 | BlockAcctCookie acct; |
| 4c41d2ef | 59 | } SCSIDiskReq; |
| a917d384 | 60 | |
| bfe3d7ac | 61 | #define SCSI_DISK_F_REMOVABLE 0 |
| da8365db | 62 | #define SCSI_DISK_F_DPOFUA 1 |
| bfe3d7ac | 63 | |
| d52affa7 | 64 | struct SCSIDiskState |
| a917d384 | 65 | { |
| d52affa7 | 66 | SCSIDevice qdev; |
| bfe3d7ac | 67 | uint32_t features; |
| 8a9c16f6 | 68 | bool media_changed; |
| 3c2f7c12 | 69 | bool media_event; |
| 4480de19 | 70 | bool eject_request; |
| 213189ab | 71 | QEMUBH *bh; |
| 383b4d9b | 72 | char *version; |
| a0fef654 | 73 | char *serial; |
| ece0d5e9 | 74 | bool tray_open; |
| 81b1008d | 75 | bool tray_locked; |
| 2e5d83bb PB |
76 | }; |
| 77 | ||
| 71544d30 | 78 | static int scsi_handle_rw_error(SCSIDiskReq *r, int error); |
| 5dba48a8 | 79 | |
| ad2d30f7 | 80 | static void scsi_free_request(SCSIRequest *req) |
| 4d611c9a | 81 | { |
| ad2d30f7 PB |
82 | SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); |
| 83 | ||
| 7285477a PB |
84 | if (r->iov.iov_base) { |
| 85 | qemu_vfree(r->iov.iov_base); | |
| 86 | } | |
| 4d611c9a PB |
87 | } |
| 88 | ||
| b45ef674 PB |
89 | /* Helper function for command completion with sense. */ |
| 90 | static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense) | |
| ed3a34a3 | 91 | { |
| 02fa69b6 BS |
92 | DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n", |
| 93 | r->req.tag, sense.key, sense.asc, sense.ascq); | |
| b45ef674 PB |
94 | scsi_req_build_sense(&r->req, sense); |
| 95 | scsi_req_complete(&r->req, CHECK_CONDITION); | |
| 4d611c9a PB |
96 | } |
| 97 | ||
| 98 | /* Cancel a pending data transfer. */ | |
| 5c6c0e51 | 99 | static void scsi_cancel_io(SCSIRequest *req) |
| 4d611c9a | 100 | { |
| 5c6c0e51 HR |
101 | SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); |
| 102 | ||
| 103 | DPRINTF("Cancel tag=0x%x\n", req->tag); | |
| 104 | if (r->req.aiocb) { | |
| 105 | bdrv_aio_cancel(r->req.aiocb); | |
| c7bae6a7 PB |
106 | |
| 107 | /* This reference was left in by scsi_*_data. We take ownership of | |
| 108 | * it the moment scsi_req_cancel is called, independent of whether | |
| 109 | * bdrv_aio_cancel completes the request or not. */ | |
| 110 | scsi_req_unref(&r->req); | |
| a917d384 | 111 | } |
| 5c6c0e51 | 112 | r->req.aiocb = NULL; |
| a917d384 PB |
113 | } |
| 114 | ||
| 43b978b9 | 115 | static uint32_t scsi_init_iovec(SCSIDiskReq *r, size_t size) |
| 103b40f5 | 116 | { |
| 7285477a PB |
117 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); |
| 118 | ||
| 119 | if (!r->iov.iov_base) { | |
| 43b978b9 | 120 | r->buflen = size; |
| 44740c38 | 121 | r->iov.iov_base = qemu_blockalign(s->qdev.conf.bs, r->buflen); |
| 7285477a PB |
122 | } |
| 123 | r->iov.iov_len = MIN(r->sector_count * 512, r->buflen); | |
| 103b40f5 PB |
124 | qemu_iovec_init_external(&r->qiov, &r->iov, 1); |
| 125 | return r->qiov.size / 512; | |
| 126 | } | |
| 127 | ||
| 43b978b9 PB |
128 | static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req) |
| 129 | { | |
| 130 | SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); | |
| 131 | ||
| 132 | qemu_put_be64s(f, &r->sector); | |
| 133 | qemu_put_be32s(f, &r->sector_count); | |
| 134 | qemu_put_be32s(f, &r->buflen); | |
| 135 | if (r->buflen && r->req.cmd.mode == SCSI_XFER_TO_DEV) { | |
| 136 | qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len); | |
| 137 | } | |
| 138 | } | |
| 139 | ||
| 140 | static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req) | |
| 141 | { | |
| 142 | SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); | |
| 143 | ||
| 144 | qemu_get_be64s(f, &r->sector); | |
| 145 | qemu_get_be32s(f, &r->sector_count); | |
| 146 | qemu_get_be32s(f, &r->buflen); | |
| 147 | if (r->buflen) { | |
| 148 | scsi_init_iovec(r, r->buflen); | |
| 149 | if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { | |
| 150 | qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len); | |
| 151 | } | |
| 152 | } | |
| 153 | ||
| 154 | qemu_iovec_init_external(&r->qiov, &r->iov, 1); | |
| 155 | } | |
| 156 | ||
| b77912a7 | 157 | static void scsi_flush_complete(void * opaque, int ret) |
| 5d0d2467 PB |
158 | { |
| 159 | SCSIDiskReq *r = (SCSIDiskReq *)opaque; | |
| 160 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); | |
| 161 | ||
| 162 | bdrv_acct_done(s->qdev.conf.bs, &r->acct); | |
| 163 | ||
| 80624c93 | 164 | if (ret < 0) { |
| 5d0d2467 PB |
165 | if (scsi_handle_rw_error(r, -ret)) { |
| 166 | goto done; | |
| 167 | } | |
| 168 | } | |
| 169 | ||
| 5d0d2467 PB |
170 | scsi_req_complete(&r->req, GOOD); |
| 171 | ||
| 172 | done: | |
| b8aba8d7 PB |
173 | if (!r->req.io_canceled) { |
| 174 | scsi_req_unref(&r->req); | |
| 175 | } | |
| 5d0d2467 PB |
176 | } |
| 177 | ||
| 7e8c49c5 PB |
178 | static bool scsi_is_cmd_fua(SCSICommand *cmd) |
| 179 | { | |
| 180 | switch (cmd->buf[0]) { | |
| 181 | case READ_10: | |
| 182 | case READ_12: | |
| 183 | case READ_16: | |
| 184 | case WRITE_10: | |
| 185 | case WRITE_12: | |
| 186 | case WRITE_16: | |
| 187 | return (cmd->buf[1] & 8) != 0; | |
| 188 | ||
| 7f64f8e2 PB |
189 | case VERIFY_10: |
| 190 | case VERIFY_12: | |
| 191 | case VERIFY_16: | |
| 7e8c49c5 PB |
192 | case WRITE_VERIFY_10: |
| 193 | case WRITE_VERIFY_12: | |
| 194 | case WRITE_VERIFY_16: | |
| 195 | return true; | |
| 196 | ||
| 197 | case READ_6: | |
| 198 | case WRITE_6: | |
| 199 | default: | |
| 200 | return false; | |
| 201 | } | |
| 202 | } | |
| 203 | ||
| 204 | static void scsi_write_do_fua(SCSIDiskReq *r) | |
| 205 | { | |
| 206 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); | |
| 207 | ||
| 208 | if (scsi_is_cmd_fua(&r->req.cmd)) { | |
| 209 | bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH); | |
| 210 | r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_flush_complete, r); | |
| 211 | return; | |
| 212 | } | |
| 213 | ||
| 214 | scsi_req_complete(&r->req, GOOD); | |
| 215 | if (!r->req.io_canceled) { | |
| 216 | scsi_req_unref(&r->req); | |
| 217 | } | |
| 218 | } | |
| 219 | ||
| b77912a7 | 220 | static void scsi_dma_complete(void *opaque, int ret) |
| a917d384 | 221 | { |
| 4c41d2ef | 222 | SCSIDiskReq *r = (SCSIDiskReq *)opaque; |
| a597e79c | 223 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); |
| a917d384 | 224 | |
| 7f64f8e2 PB |
225 | if (r->req.aiocb != NULL) { |
| 226 | r->req.aiocb = NULL; | |
| 227 | bdrv_acct_done(s->qdev.conf.bs, &r->acct); | |
| 228 | } | |
| a597e79c | 229 | |
| 80624c93 | 230 | if (ret < 0) { |
| 71544d30 | 231 | if (scsi_handle_rw_error(r, -ret)) { |
| c7bae6a7 | 232 | goto done; |
| 5dba48a8 | 233 | } |
| 4d611c9a | 234 | } |
| 5dba48a8 | 235 | |
| b77912a7 PB |
236 | r->sector += r->sector_count; |
| 237 | r->sector_count = 0; | |
| 7e8c49c5 PB |
238 | if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { |
| 239 | scsi_write_do_fua(r); | |
| 240 | return; | |
| 241 | } else { | |
| 242 | scsi_req_complete(&r->req, GOOD); | |
| 243 | } | |
| c7bae6a7 PB |
244 | |
| 245 | done: | |
| 246 | if (!r->req.io_canceled) { | |
| 247 | scsi_req_unref(&r->req); | |
| 248 | } | |
| 4d611c9a PB |
249 | } |
| 250 | ||
| b77912a7 | 251 | static void scsi_read_complete(void * opaque, int ret) |
| 0a4ac106 PB |
252 | { |
| 253 | SCSIDiskReq *r = (SCSIDiskReq *)opaque; | |
| 254 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); | |
| b77912a7 | 255 | int n; |
| 0a4ac106 | 256 | |
| b77912a7 PB |
257 | if (r->req.aiocb != NULL) { |
| 258 | r->req.aiocb = NULL; | |
| 259 | bdrv_acct_done(s->qdev.conf.bs, &r->acct); | |
| 260 | } | |
| 0a4ac106 PB |
261 | |
| 262 | if (ret < 0) { | |
| 71544d30 | 263 | if (scsi_handle_rw_error(r, -ret)) { |
| c7bae6a7 | 264 | goto done; |
| 0a4ac106 PB |
265 | } |
| 266 | } | |
| 267 | ||
| b77912a7 PB |
268 | DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->qiov.size); |
| 269 | ||
| 270 | n = r->qiov.size / 512; | |
| 271 | r->sector += n; | |
| 272 | r->sector_count -= n; | |
| 273 | scsi_req_data(&r->req, r->qiov.size); | |
| c7bae6a7 PB |
274 | |
| 275 | done: | |
| 276 | if (!r->req.io_canceled) { | |
| 277 | scsi_req_unref(&r->req); | |
| 278 | } | |
| 0a4ac106 | 279 | } |
| 5dba48a8 | 280 | |
| ac668426 PB |
281 | /* Actually issue a read to the block device. */ |
| 282 | static void scsi_do_read(void *opaque, int ret) | |
| 283 | { | |
| 284 | SCSIDiskReq *r = opaque; | |
| 285 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); | |
| 286 | uint32_t n; | |
| 287 | ||
| 288 | if (r->req.aiocb != NULL) { | |
| 289 | r->req.aiocb = NULL; | |
| 290 | bdrv_acct_done(s->qdev.conf.bs, &r->acct); | |
| 291 | } | |
| 292 | ||
| 293 | if (ret < 0) { | |
| 294 | if (scsi_handle_rw_error(r, -ret)) { | |
| 295 | goto done; | |
| 296 | } | |
| 297 | } | |
| 298 | ||
| 31e8fd86 PB |
299 | if (r->req.io_canceled) { |
| 300 | return; | |
| 301 | } | |
| 302 | ||
| 303 | /* The request is used as the AIO opaque value, so add a ref. */ | |
| 304 | scsi_req_ref(&r->req); | |
| 305 | ||
| ac668426 PB |
306 | if (r->req.sg) { |
| 307 | dma_acct_start(s->qdev.conf.bs, &r->acct, r->req.sg, BDRV_ACCT_READ); | |
| 308 | r->req.resid -= r->req.sg->size; | |
| 309 | r->req.aiocb = dma_bdrv_read(s->qdev.conf.bs, r->req.sg, r->sector, | |
| 310 | scsi_dma_complete, r); | |
| 311 | } else { | |
| 312 | n = scsi_init_iovec(r, SCSI_DMA_BUF_SIZE); | |
| 313 | bdrv_acct_start(s->qdev.conf.bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ); | |
| 314 | r->req.aiocb = bdrv_aio_readv(s->qdev.conf.bs, r->sector, &r->qiov, n, | |
| 315 | scsi_read_complete, r); | |
| 316 | } | |
| 317 | ||
| 318 | done: | |
| 319 | if (!r->req.io_canceled) { | |
| 320 | scsi_req_unref(&r->req); | |
| 321 | } | |
| 322 | } | |
| 323 | ||
| 5c6c0e51 HR |
324 | /* Read more data from scsi device into buffer. */ |
| 325 | static void scsi_read_data(SCSIRequest *req) | |
| 2e5d83bb | 326 | { |
| 5c6c0e51 | 327 | SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); |
| 5dba48a8 | 328 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); |
| ac668426 | 329 | bool first; |
| 2e5d83bb | 330 | |
| a917d384 | 331 | if (r->sector_count == (uint32_t)-1) { |
| aa2b1e89 | 332 | DPRINTF("Read buf_len=%zd\n", r->iov.iov_len); |
| a917d384 | 333 | r->sector_count = 0; |
| a0e66a69 | 334 | r->started = true; |
| ab9adc88 | 335 | scsi_req_data(&r->req, r->iov.iov_len); |
| a917d384 | 336 | return; |
| 2e5d83bb | 337 | } |
| a917d384 PB |
338 | DPRINTF("Read sector_count=%d\n", r->sector_count); |
| 339 | if (r->sector_count == 0) { | |
| b45ef674 PB |
340 | /* This also clears the sense buffer for REQUEST SENSE. */ |
| 341 | scsi_req_complete(&r->req, GOOD); | |
| a917d384 | 342 | return; |
| 2e5d83bb PB |
343 | } |
| 344 | ||
| 6fa2c95f SH |
345 | /* No data transfer may already be in progress */ |
| 346 | assert(r->req.aiocb == NULL); | |
| 347 | ||
| c7bae6a7 PB |
348 | /* The request is used as the AIO opaque value, so add a ref. */ |
| 349 | scsi_req_ref(&r->req); | |
| efb9ee02 HR |
350 | if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { |
| 351 | DPRINTF("Data transfer direction invalid\n"); | |
| 352 | scsi_read_complete(r, -EINVAL); | |
| 353 | return; | |
| 354 | } | |
| 355 | ||
| a1aff5bf MA |
356 | if (s->tray_open) { |
| 357 | scsi_read_complete(r, -ENOMEDIUM); | |
| c7bae6a7 | 358 | return; |
| a1aff5bf | 359 | } |
| c7bae6a7 | 360 | |
| ac668426 | 361 | first = !r->started; |
| a0e66a69 | 362 | r->started = true; |
| ac668426 PB |
363 | if (first && scsi_is_cmd_fua(&r->req.cmd)) { |
| 364 | bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH); | |
| 365 | r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_do_read, r); | |
| 5d0d2467 | 366 | } else { |
| ac668426 | 367 | scsi_do_read(r, 0); |
| 5d0d2467 | 368 | } |
| 2e5d83bb PB |
369 | } |
| 370 | ||
| c7bae6a7 PB |
371 | /* |
| 372 | * scsi_handle_rw_error has two return values. 0 means that the error | |
| 373 | * must be ignored, 1 means that the error has been processed and the | |
| 374 | * caller should not do anything else for this request. Note that | |
| 375 | * scsi_handle_rw_error always manages its reference counts, independent | |
| 376 | * of the return value. | |
| 377 | */ | |
| 71544d30 | 378 | static int scsi_handle_rw_error(SCSIDiskReq *r, int error) |
| 5dba48a8 | 379 | { |
| 71544d30 | 380 | int is_read = (r->req.cmd.xfer == SCSI_XFER_FROM_DEV); |
| 4c41d2ef | 381 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); |
| 44740c38 | 382 | BlockErrorAction action = bdrv_get_on_error(s->qdev.conf.bs, is_read); |
| ea8a5d7f | 383 | |
| 380f640f | 384 | if (action == BLOCK_ERR_IGNORE) { |
| 329c0a48 | 385 | bdrv_emit_qmp_error_event(s->qdev.conf.bs, BDRV_ACTION_IGNORE, is_read); |
| ea8a5d7f | 386 | return 0; |
| 380f640f | 387 | } |
| ea8a5d7f AL |
388 | |
| 389 | if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC) | |
| 390 | || action == BLOCK_ERR_STOP_ANY) { | |
| 5dba48a8 | 391 | |
| 329c0a48 | 392 | bdrv_emit_qmp_error_event(s->qdev.conf.bs, BDRV_ACTION_STOP, is_read); |
| 0461d5a6 | 393 | vm_stop(RUN_STATE_IO_ERROR); |
| 44740c38 | 394 | bdrv_iostatus_set_err(s->qdev.conf.bs, error); |
| 71544d30 | 395 | scsi_req_retry(&r->req); |
| ea8a5d7f | 396 | } else { |
| efb9ee02 | 397 | switch (error) { |
| 7e218df5 PB |
398 | case ENOMEDIUM: |
| 399 | scsi_check_condition(r, SENSE_CODE(NO_MEDIUM)); | |
| 400 | break; | |
| efb9ee02 | 401 | case ENOMEM: |
| b45ef674 | 402 | scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE)); |
| efb9ee02 HR |
403 | break; |
| 404 | case EINVAL: | |
| b45ef674 | 405 | scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); |
| efb9ee02 HR |
406 | break; |
| 407 | default: | |
| b45ef674 | 408 | scsi_check_condition(r, SENSE_CODE(IO_ERROR)); |
| efb9ee02 | 409 | break; |
| a1f0cce2 | 410 | } |
| 329c0a48 | 411 | bdrv_emit_qmp_error_event(s->qdev.conf.bs, BDRV_ACTION_REPORT, is_read); |
| ea8a5d7f | 412 | } |
| ea8a5d7f AL |
413 | return 1; |
| 414 | } | |
| 415 | ||
| 4d611c9a PB |
416 | static void scsi_write_complete(void * opaque, int ret) |
| 417 | { | |
| 4c41d2ef | 418 | SCSIDiskReq *r = (SCSIDiskReq *)opaque; |
| a597e79c | 419 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); |
| ea8a5d7f AL |
420 | uint32_t n; |
| 421 | ||
| 8e321cc6 PB |
422 | if (r->req.aiocb != NULL) { |
| 423 | r->req.aiocb = NULL; | |
| 44740c38 | 424 | bdrv_acct_done(s->qdev.conf.bs, &r->acct); |
| 8e321cc6 | 425 | } |
| a597e79c | 426 | |
| 80624c93 | 427 | if (ret < 0) { |
| 71544d30 | 428 | if (scsi_handle_rw_error(r, -ret)) { |
| c7bae6a7 | 429 | goto done; |
| 5dba48a8 | 430 | } |
| 4d611c9a PB |
431 | } |
| 432 | ||
| 103b40f5 | 433 | n = r->qiov.size / 512; |
| ea8a5d7f AL |
434 | r->sector += n; |
| 435 | r->sector_count -= n; | |
| a917d384 | 436 | if (r->sector_count == 0) { |
| 7e8c49c5 PB |
437 | scsi_write_do_fua(r); |
| 438 | return; | |
| a917d384 | 439 | } else { |
| 43b978b9 | 440 | scsi_init_iovec(r, SCSI_DMA_BUF_SIZE); |
| 103b40f5 PB |
441 | DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, r->qiov.size); |
| 442 | scsi_req_data(&r->req, r->qiov.size); | |
| 4d611c9a | 443 | } |
| c7bae6a7 PB |
444 | |
| 445 | done: | |
| 446 | if (!r->req.io_canceled) { | |
| 447 | scsi_req_unref(&r->req); | |
| 448 | } | |
| 4d611c9a PB |
449 | } |
| 450 | ||
| 42741212 | 451 | static void scsi_write_data(SCSIRequest *req) |
| ea8a5d7f | 452 | { |
| 5c6c0e51 | 453 | SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); |
| 4c41d2ef | 454 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); |
| ea8a5d7f AL |
455 | uint32_t n; |
| 456 | ||
| 6fa2c95f SH |
457 | /* No data transfer may already be in progress */ |
| 458 | assert(r->req.aiocb == NULL); | |
| 459 | ||
| c7bae6a7 PB |
460 | /* The request is used as the AIO opaque value, so add a ref. */ |
| 461 | scsi_req_ref(&r->req); | |
| efb9ee02 HR |
462 | if (r->req.cmd.mode != SCSI_XFER_TO_DEV) { |
| 463 | DPRINTF("Data transfer direction invalid\n"); | |
| 464 | scsi_write_complete(r, -EINVAL); | |
| 42741212 | 465 | return; |
| efb9ee02 HR |
466 | } |
| 467 | ||
| 5d0d2467 PB |
468 | if (!r->req.sg && !r->qiov.size) { |
| 469 | /* Called for the first time. Ask the driver to send us more data. */ | |
| a0e66a69 | 470 | r->started = true; |
| 5d0d2467 PB |
471 | scsi_write_complete(r, 0); |
| 472 | return; | |
| 473 | } | |
| 474 | if (s->tray_open) { | |
| 475 | scsi_write_complete(r, -ENOMEDIUM); | |
| 476 | return; | |
| 477 | } | |
| 478 | ||
| 7f64f8e2 PB |
479 | if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 || |
| 480 | r->req.cmd.buf[0] == VERIFY_16) { | |
| 481 | if (r->req.sg) { | |
| 482 | scsi_dma_complete(r, 0); | |
| 483 | } else { | |
| 484 | scsi_write_complete(r, 0); | |
| 485 | } | |
| 486 | return; | |
| 487 | } | |
| 488 | ||
| 5d0d2467 PB |
489 | if (r->req.sg) { |
| 490 | dma_acct_start(s->qdev.conf.bs, &r->acct, r->req.sg, BDRV_ACCT_WRITE); | |
| 491 | r->req.resid -= r->req.sg->size; | |
| 492 | r->req.aiocb = dma_bdrv_write(s->qdev.conf.bs, r->req.sg, r->sector, | |
| 493 | scsi_dma_complete, r); | |
| 494 | } else { | |
| 495 | n = r->qiov.size / 512; | |
| 44740c38 PB |
496 | bdrv_acct_start(s->qdev.conf.bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_WRITE); |
| 497 | r->req.aiocb = bdrv_aio_writev(s->qdev.conf.bs, r->sector, &r->qiov, n, | |
| 103b40f5 | 498 | scsi_write_complete, r); |
| ea8a5d7f | 499 | } |
| a917d384 | 500 | } |
| 2e5d83bb | 501 | |
| a917d384 | 502 | /* Return a pointer to the data buffer. */ |
| 5c6c0e51 | 503 | static uint8_t *scsi_get_buf(SCSIRequest *req) |
| a917d384 | 504 | { |
| 5c6c0e51 | 505 | SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); |
| 2e5d83bb | 506 | |
| 3f4cb3d3 | 507 | return (uint8_t *)r->iov.iov_base; |
| 2e5d83bb PB |
508 | } |
| 509 | ||
| 0b06c059 GH |
510 | static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf) |
| 511 | { | |
| 383b4d9b | 512 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); |
| 0b06c059 GH |
513 | int buflen = 0; |
| 514 | ||
| 0b06c059 GH |
515 | if (req->cmd.buf[1] & 0x1) { |
| 516 | /* Vital product data */ | |
| 517 | uint8_t page_code = req->cmd.buf[2]; | |
| 0b06c059 | 518 | |
| e39be482 | 519 | outbuf[buflen++] = s->qdev.type & 0x1f; |
| 0b06c059 GH |
520 | outbuf[buflen++] = page_code ; // this page |
| 521 | outbuf[buflen++] = 0x00; | |
| 522 | ||
| 523 | switch (page_code) { | |
| 524 | case 0x00: /* Supported page codes, mandatory */ | |
| 39d98982 HR |
525 | { |
| 526 | int pages; | |
| 0b06c059 GH |
527 | DPRINTF("Inquiry EVPD[Supported pages] " |
| 528 | "buffer size %zd\n", req->cmd.xfer); | |
| 39d98982 | 529 | pages = buflen++; |
| 0b06c059 | 530 | outbuf[buflen++] = 0x00; // list of supported pages (this page) |
| f01b5931 | 531 | if (s->serial) { |
| 3e1c0c9a | 532 | outbuf[buflen++] = 0x80; // unit serial number |
| f01b5931 | 533 | } |
| 0b06c059 | 534 | outbuf[buflen++] = 0x83; // device identification |
| f37bd73b | 535 | if (s->qdev.type == TYPE_DISK) { |
| ea3bd56f CH |
536 | outbuf[buflen++] = 0xb0; // block limits |
| 537 | outbuf[buflen++] = 0xb2; // thin provisioning | |
| 39d98982 HR |
538 | } |
| 539 | outbuf[pages] = buflen - pages - 1; // number of pages | |
| 0b06c059 | 540 | break; |
| 39d98982 | 541 | } |
| 0b06c059 GH |
542 | case 0x80: /* Device serial number, optional */ |
| 543 | { | |
| 3e1c0c9a | 544 | int l; |
| 0b06c059 | 545 | |
| 3e1c0c9a HR |
546 | if (!s->serial) { |
| 547 | DPRINTF("Inquiry (EVPD[Serial number] not supported\n"); | |
| 548 | return -1; | |
| 549 | } | |
| 550 | ||
| 551 | l = strlen(s->serial); | |
| f01b5931 | 552 | if (l > 20) { |
| 0b06c059 | 553 | l = 20; |
| f01b5931 | 554 | } |
| 0b06c059 GH |
555 | |
| 556 | DPRINTF("Inquiry EVPD[Serial number] " | |
| 557 | "buffer size %zd\n", req->cmd.xfer); | |
| 558 | outbuf[buflen++] = l; | |
| a0fef654 | 559 | memcpy(outbuf+buflen, s->serial, l); |
| 0b06c059 GH |
560 | buflen += l; |
| 561 | break; | |
| 562 | } | |
| 563 | ||
| 564 | case 0x83: /* Device identification page, mandatory */ | |
| 565 | { | |
| fd930791 PB |
566 | const char *str = s->serial ?: bdrv_get_device_name(s->qdev.conf.bs); |
| 567 | int max_len = s->serial ? 20 : 255 - 8; | |
| 568 | int id_len = strlen(str); | |
| 0b06c059 | 569 | |
| f01b5931 | 570 | if (id_len > max_len) { |
| 0b06c059 | 571 | id_len = max_len; |
| f01b5931 | 572 | } |
| 0b06c059 GH |
573 | DPRINTF("Inquiry EVPD[Device identification] " |
| 574 | "buffer size %zd\n", req->cmd.xfer); | |
| 575 | ||
| 39d98982 | 576 | outbuf[buflen++] = 4 + id_len; |
| 0b06c059 GH |
577 | outbuf[buflen++] = 0x2; // ASCII |
| 578 | outbuf[buflen++] = 0; // not officially assigned | |
| 579 | outbuf[buflen++] = 0; // reserved | |
| 580 | outbuf[buflen++] = id_len; // length of data following | |
| 581 | ||
| fd930791 | 582 | memcpy(outbuf+buflen, str, id_len); |
| 0b06c059 GH |
583 | buflen += id_len; |
| 584 | break; | |
| 585 | } | |
| ea3bd56f | 586 | case 0xb0: /* block limits */ |
| ee3659e3 | 587 | { |
| ea3bd56f CH |
588 | unsigned int unmap_sectors = |
| 589 | s->qdev.conf.discard_granularity / s->qdev.blocksize; | |
| 8cfacf07 CH |
590 | unsigned int min_io_size = |
| 591 | s->qdev.conf.min_io_size / s->qdev.blocksize; | |
| 592 | unsigned int opt_io_size = | |
| 593 | s->qdev.conf.opt_io_size / s->qdev.blocksize; | |
| ee3659e3 | 594 | |
| f37bd73b | 595 | if (s->qdev.type == TYPE_ROM) { |
| 39d98982 HR |
596 | DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n", |
| 597 | page_code); | |
| 598 | return -1; | |
| 599 | } | |
| ee3659e3 CH |
600 | /* required VPD size with unmap support */ |
| 601 | outbuf[3] = buflen = 0x3c; | |
| 602 | ||
| 603 | memset(outbuf + 4, 0, buflen - 4); | |
| 604 | ||
| 605 | /* optimal transfer length granularity */ | |
| 606 | outbuf[6] = (min_io_size >> 8) & 0xff; | |
| 607 | outbuf[7] = min_io_size & 0xff; | |
| 608 | ||
| 609 | /* optimal transfer length */ | |
| 610 | outbuf[12] = (opt_io_size >> 24) & 0xff; | |
| 611 | outbuf[13] = (opt_io_size >> 16) & 0xff; | |
| 612 | outbuf[14] = (opt_io_size >> 8) & 0xff; | |
| 613 | outbuf[15] = opt_io_size & 0xff; | |
| ea3bd56f CH |
614 | |
| 615 | /* optimal unmap granularity */ | |
| 616 | outbuf[28] = (unmap_sectors >> 24) & 0xff; | |
| 617 | outbuf[29] = (unmap_sectors >> 16) & 0xff; | |
| 618 | outbuf[30] = (unmap_sectors >> 8) & 0xff; | |
| 619 | outbuf[31] = unmap_sectors & 0xff; | |
| 620 | break; | |
| 621 | } | |
| 622 | case 0xb2: /* thin provisioning */ | |
| 623 | { | |
| 624 | outbuf[3] = buflen = 8; | |
| 625 | outbuf[4] = 0; | |
| c9e4d828 | 626 | outbuf[5] = 0x60; /* write_same 10/16 supported */ |
| f644a290 | 627 | outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1; |
| ea3bd56f | 628 | outbuf[7] = 0; |
| ee3659e3 CH |
629 | break; |
| 630 | } | |
| 0b06c059 | 631 | default: |
| 0b06c059 GH |
632 | return -1; |
| 633 | } | |
| 634 | /* done with EVPD */ | |
| 635 | return buflen; | |
| 636 | } | |
| 637 | ||
| 638 | /* Standard INQUIRY data */ | |
| 639 | if (req->cmd.buf[2] != 0) { | |
| 0b06c059 GH |
640 | return -1; |
| 641 | } | |
| 642 | ||
| 643 | /* PAGE CODE == 0 */ | |
| 0b06c059 | 644 | buflen = req->cmd.xfer; |
| f01b5931 | 645 | if (buflen > SCSI_MAX_INQUIRY_LEN) { |
| 0b06c059 | 646 | buflen = SCSI_MAX_INQUIRY_LEN; |
| f01b5931 | 647 | } |
| 0b06c059 GH |
648 | memset(outbuf, 0, buflen); |
| 649 | ||
| f37bd73b | 650 | outbuf[0] = s->qdev.type & 0x1f; |
| bfe3d7ac | 651 | outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0; |
| f37bd73b | 652 | if (s->qdev.type == TYPE_ROM) { |
| 550fe6c6 | 653 | memcpy(&outbuf[16], "QEMU CD-ROM ", 16); |
| 0b06c059 | 654 | } else { |
| 550fe6c6 | 655 | memcpy(&outbuf[16], "QEMU HARDDISK ", 16); |
| 0b06c059 | 656 | } |
| 550fe6c6 | 657 | memcpy(&outbuf[8], "QEMU ", 8); |
| 314b1811 | 658 | memset(&outbuf[32], 0, 4); |
| 552fee93 | 659 | memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version))); |
| 99aba0c4 CH |
660 | /* |
| 661 | * We claim conformance to SPC-3, which is required for guests | |
| 662 | * to ask for modern features like READ CAPACITY(16) or the | |
| 663 | * block characteristics VPD page by default. Not all of SPC-3 | |
| 664 | * is actually implemented, but we're good enough. | |
| 665 | */ | |
| ee3659e3 | 666 | outbuf[2] = 5; |
| 0b06c059 | 667 | outbuf[3] = 2; /* Format 2 */ |
| ad3cea42 AT |
668 | |
| 669 | if (buflen > 36) { | |
| 670 | outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */ | |
| 671 | } else { | |
| 672 | /* If the allocation length of CDB is too small, | |
| 673 | the additional length is not adjusted */ | |
| 674 | outbuf[4] = 36 - 5; | |
| 675 | } | |
| 676 | ||
| 0b06c059 | 677 | /* Sync data transfer and TCQ. */ |
| afd4030c | 678 | outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0); |
| 0b06c059 GH |
679 | return buflen; |
| 680 | } | |
| 681 | ||
| 430ee2f2 PB |
682 | static inline bool media_is_dvd(SCSIDiskState *s) |
| 683 | { | |
| 684 | uint64_t nb_sectors; | |
| 685 | if (s->qdev.type != TYPE_ROM) { | |
| 686 | return false; | |
| 687 | } | |
| 44740c38 | 688 | if (!bdrv_is_inserted(s->qdev.conf.bs)) { |
| 430ee2f2 PB |
689 | return false; |
| 690 | } | |
| 44740c38 | 691 | bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); |
| 430ee2f2 PB |
692 | return nb_sectors > CD_MAX_SECTORS; |
| 693 | } | |
| 694 | ||
| ceb792ef PB |
695 | static inline bool media_is_cd(SCSIDiskState *s) |
| 696 | { | |
| 697 | uint64_t nb_sectors; | |
| 698 | if (s->qdev.type != TYPE_ROM) { | |
| 699 | return false; | |
| 700 | } | |
| 44740c38 | 701 | if (!bdrv_is_inserted(s->qdev.conf.bs)) { |
| ceb792ef PB |
702 | return false; |
| 703 | } | |
| 44740c38 | 704 | bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); |
| ceb792ef PB |
705 | return nb_sectors <= CD_MAX_SECTORS; |
| 706 | } | |
| 707 | ||
| b6c251ab PB |
708 | static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r, |
| 709 | uint8_t *outbuf) | |
| 710 | { | |
| ceb792ef PB |
711 | static const int rds_caps_size[5] = { |
| 712 | [0] = 2048 + 4, | |
| 713 | [1] = 4 + 4, | |
| 714 | [3] = 188 + 4, | |
| 715 | [4] = 2048 + 4, | |
| 716 | }; | |
| 717 | ||
| 718 | uint8_t media = r->req.cmd.buf[1]; | |
| 719 | uint8_t layer = r->req.cmd.buf[6]; | |
| 720 | uint8_t format = r->req.cmd.buf[7]; | |
| 721 | int size = -1; | |
| 722 | ||
| 723 | if (s->qdev.type != TYPE_ROM) { | |
| 724 | return -1; | |
| 725 | } | |
| 726 | if (media != 0) { | |
| 727 | scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); | |
| 728 | return -1; | |
| 729 | } | |
| 730 | ||
| 731 | if (format != 0xff) { | |
| 44740c38 | 732 | if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) { |
| ceb792ef PB |
733 | scsi_check_condition(r, SENSE_CODE(NO_MEDIUM)); |
| 734 | return -1; | |
| 735 | } | |
| 736 | if (media_is_cd(s)) { | |
| 737 | scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT)); | |
| 738 | return -1; | |
| 739 | } | |
| 740 | if (format >= ARRAY_SIZE(rds_caps_size)) { | |
| 741 | return -1; | |
| 742 | } | |
| 743 | size = rds_caps_size[format]; | |
| 744 | memset(outbuf, 0, size); | |
| 745 | } | |
| 746 | ||
| 747 | switch (format) { | |
| 748 | case 0x00: { | |
| 749 | /* Physical format information */ | |
| 750 | uint64_t nb_sectors; | |
| 751 | if (layer != 0) { | |
| 752 | goto fail; | |
| 753 | } | |
| 44740c38 | 754 | bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); |
| ceb792ef PB |
755 | |
| 756 | outbuf[4] = 1; /* DVD-ROM, part version 1 */ | |
| 757 | outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */ | |
| 758 | outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */ | |
| 759 | outbuf[7] = 0; /* default densities */ | |
| 760 | ||
| 761 | stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */ | |
| 762 | stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */ | |
| 763 | break; | |
| 764 | } | |
| 765 | ||
| 766 | case 0x01: /* DVD copyright information, all zeros */ | |
| 767 | break; | |
| 768 | ||
| 769 | case 0x03: /* BCA information - invalid field for no BCA info */ | |
| 770 | return -1; | |
| 771 | ||
| 772 | case 0x04: /* DVD disc manufacturing information, all zeros */ | |
| 773 | break; | |
| 774 | ||
| 775 | case 0xff: { /* List capabilities */ | |
| 776 | int i; | |
| 777 | size = 4; | |
| 778 | for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) { | |
| 779 | if (!rds_caps_size[i]) { | |
| 780 | continue; | |
| 781 | } | |
| 782 | outbuf[size] = i; | |
| 783 | outbuf[size + 1] = 0x40; /* Not writable, readable */ | |
| 784 | stw_be_p(&outbuf[size + 2], rds_caps_size[i]); | |
| 785 | size += 4; | |
| 786 | } | |
| 787 | break; | |
| 788 | } | |
| 789 | ||
| 790 | default: | |
| 791 | return -1; | |
| 792 | } | |
| 793 | ||
| 794 | /* Size of buffer, not including 2 byte size field */ | |
| 795 | stw_be_p(outbuf, size - 2); | |
| 796 | return size; | |
| 797 | ||
| 798 | fail: | |
| b6c251ab PB |
799 | return -1; |
| 800 | } | |
| 801 | ||
| 3c2f7c12 | 802 | static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf) |
| b6c251ab | 803 | { |
| 3c2f7c12 PB |
804 | uint8_t event_code, media_status; |
| 805 | ||
| 806 | media_status = 0; | |
| 807 | if (s->tray_open) { | |
| 808 | media_status = MS_TRAY_OPEN; | |
| 44740c38 | 809 | } else if (bdrv_is_inserted(s->qdev.conf.bs)) { |
| 3c2f7c12 PB |
810 | media_status = MS_MEDIA_PRESENT; |
| 811 | } | |
| 812 | ||
| 813 | /* Event notification descriptor */ | |
| 814 | event_code = MEC_NO_CHANGE; | |
| 4480de19 PB |
815 | if (media_status != MS_TRAY_OPEN) { |
| 816 | if (s->media_event) { | |
| 817 | event_code = MEC_NEW_MEDIA; | |
| 818 | s->media_event = false; | |
| 819 | } else if (s->eject_request) { | |
| 820 | event_code = MEC_EJECT_REQUESTED; | |
| 821 | s->eject_request = false; | |
| 822 | } | |
| 3c2f7c12 PB |
823 | } |
| 824 | ||
| 825 | outbuf[0] = event_code; | |
| 826 | outbuf[1] = media_status; | |
| 827 | ||
| 828 | /* These fields are reserved, just clear them. */ | |
| 829 | outbuf[2] = 0; | |
| 830 | outbuf[3] = 0; | |
| 831 | return 4; | |
| 832 | } | |
| 833 | ||
| 834 | static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r, | |
| 835 | uint8_t *outbuf) | |
| 836 | { | |
| 837 | int size; | |
| 838 | uint8_t *buf = r->req.cmd.buf; | |
| 839 | uint8_t notification_class_request = buf[4]; | |
| 840 | if (s->qdev.type != TYPE_ROM) { | |
| 841 | return -1; | |
| 842 | } | |
| 843 | if ((buf[1] & 1) == 0) { | |
| 844 | /* asynchronous */ | |
| 845 | return -1; | |
| 846 | } | |
| 847 | ||
| 848 | size = 4; | |
| 849 | outbuf[0] = outbuf[1] = 0; | |
| 850 | outbuf[3] = 1 << GESN_MEDIA; /* supported events */ | |
| 851 | if (notification_class_request & (1 << GESN_MEDIA)) { | |
| 852 | outbuf[2] = GESN_MEDIA; | |
| 853 | size += scsi_event_status_media(s, &outbuf[size]); | |
| 854 | } else { | |
| 855 | outbuf[2] = 0x80; | |
| 856 | } | |
| 857 | stw_be_p(outbuf, size - 4); | |
| 858 | return size; | |
| b6c251ab PB |
859 | } |
| 860 | ||
| 430ee2f2 | 861 | static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf) |
| b6c251ab | 862 | { |
| 430ee2f2 PB |
863 | int current; |
| 864 | ||
| b6c251ab PB |
865 | if (s->qdev.type != TYPE_ROM) { |
| 866 | return -1; | |
| 867 | } | |
| 430ee2f2 PB |
868 | current = media_is_dvd(s) ? MMC_PROFILE_DVD_ROM : MMC_PROFILE_CD_ROM; |
| 869 | memset(outbuf, 0, 40); | |
| 870 | stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */ | |
| 871 | stw_be_p(&outbuf[6], current); | |
| 872 | /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */ | |
| 873 | outbuf[10] = 0x03; /* persistent, current */ | |
| 874 | outbuf[11] = 8; /* two profiles */ | |
| 875 | stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM); | |
| 876 | outbuf[14] = (current == MMC_PROFILE_DVD_ROM); | |
| 877 | stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM); | |
| 878 | outbuf[18] = (current == MMC_PROFILE_CD_ROM); | |
| 879 | /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */ | |
| 880 | stw_be_p(&outbuf[20], 1); | |
| 881 | outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */ | |
| 882 | outbuf[23] = 8; | |
| 883 | stl_be_p(&outbuf[24], 1); /* SCSI */ | |
| 884 | outbuf[28] = 1; /* DBE = 1, mandatory */ | |
| 885 | /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */ | |
| 886 | stw_be_p(&outbuf[32], 3); | |
| 887 | outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */ | |
| 888 | outbuf[35] = 4; | |
| 889 | outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */ | |
| 890 | /* TODO: Random readable, CD read, DVD read, drive serial number, | |
| 891 | power management */ | |
| 892 | return 40; | |
| b6c251ab PB |
893 | } |
| 894 | ||
| 895 | static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf) | |
| 896 | { | |
| 897 | if (s->qdev.type != TYPE_ROM) { | |
| 898 | return -1; | |
| 899 | } | |
| 900 | memset(outbuf, 0, 8); | |
| 901 | outbuf[5] = 1; /* CD-ROM */ | |
| 902 | return 8; | |
| 903 | } | |
| 904 | ||
| cfc606da | 905 | static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf, |
| 282ab04e | 906 | int page_control) |
| ebddfcbe | 907 | { |
| a8f4bbe2 PB |
908 | static const int mode_sense_valid[0x3f] = { |
| 909 | [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK), | |
| 910 | [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK), | |
| 911 | [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM), | |
| a07c7dcd PB |
912 | [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM), |
| 913 | [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM), | |
| a8f4bbe2 PB |
914 | [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM), |
| 915 | }; | |
| 916 | ||
| 44740c38 | 917 | BlockDriverState *bdrv = s->qdev.conf.bs; |
| ebddfcbe | 918 | int cylinders, heads, secs; |
| cfc606da | 919 | uint8_t *p = *p_outbuf; |
| ebddfcbe | 920 | |
| a8f4bbe2 PB |
921 | if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) { |
| 922 | return -1; | |
| 923 | } | |
| 924 | ||
| 925 | p[0] = page; | |
| 926 | ||
| 282ab04e BK |
927 | /* |
| 928 | * If Changeable Values are requested, a mask denoting those mode parameters | |
| 929 | * that are changeable shall be returned. As we currently don't support | |
| 930 | * parameter changes via MODE_SELECT all bits are returned set to zero. | |
| 931 | * The buffer was already menset to zero by the caller of this function. | |
| 932 | */ | |
| ebddfcbe | 933 | switch (page) { |
| 67cc61e4 | 934 | case MODE_PAGE_HD_GEOMETRY: |
| ebddfcbe | 935 | p[1] = 0x16; |
| 282ab04e | 936 | if (page_control == 1) { /* Changeable Values */ |
| cfc606da | 937 | break; |
| 282ab04e | 938 | } |
| ebddfcbe | 939 | /* if a geometry hint is available, use it */ |
| 245d0049 | 940 | bdrv_guess_geometry(bdrv, &cylinders, &heads, &secs); |
| ebddfcbe GH |
941 | p[2] = (cylinders >> 16) & 0xff; |
| 942 | p[3] = (cylinders >> 8) & 0xff; | |
| 943 | p[4] = cylinders & 0xff; | |
| 944 | p[5] = heads & 0xff; | |
| 945 | /* Write precomp start cylinder, disabled */ | |
| 946 | p[6] = (cylinders >> 16) & 0xff; | |
| 947 | p[7] = (cylinders >> 8) & 0xff; | |
| 948 | p[8] = cylinders & 0xff; | |
| 949 | /* Reduced current start cylinder, disabled */ | |
| 950 | p[9] = (cylinders >> 16) & 0xff; | |
| 951 | p[10] = (cylinders >> 8) & 0xff; | |
| 952 | p[11] = cylinders & 0xff; | |
| 953 | /* Device step rate [ns], 200ns */ | |
| 954 | p[12] = 0; | |
| 955 | p[13] = 200; | |
| 956 | /* Landing zone cylinder */ | |
| 957 | p[14] = 0xff; | |
| 958 | p[15] = 0xff; | |
| 959 | p[16] = 0xff; | |
| 960 | /* Medium rotation rate [rpm], 5400 rpm */ | |
| 961 | p[20] = (5400 >> 8) & 0xff; | |
| 962 | p[21] = 5400 & 0xff; | |
| cfc606da | 963 | break; |
| ebddfcbe | 964 | |
| 67cc61e4 | 965 | case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY: |
| ebddfcbe | 966 | p[1] = 0x1e; |
| 282ab04e | 967 | if (page_control == 1) { /* Changeable Values */ |
| cfc606da | 968 | break; |
| 282ab04e | 969 | } |
| ebddfcbe GH |
970 | /* Transfer rate [kbit/s], 5Mbit/s */ |
| 971 | p[2] = 5000 >> 8; | |
| 972 | p[3] = 5000 & 0xff; | |
| 973 | /* if a geometry hint is available, use it */ | |
| 245d0049 | 974 | bdrv_guess_geometry(bdrv, &cylinders, &heads, &secs); |
| ebddfcbe GH |
975 | p[4] = heads & 0xff; |
| 976 | p[5] = secs & 0xff; | |
| 69377307 | 977 | p[6] = s->qdev.blocksize >> 8; |
| ebddfcbe GH |
978 | p[8] = (cylinders >> 8) & 0xff; |
| 979 | p[9] = cylinders & 0xff; | |
| 980 | /* Write precomp start cylinder, disabled */ | |
| 981 | p[10] = (cylinders >> 8) & 0xff; | |
| 982 | p[11] = cylinders & 0xff; | |
| 983 | /* Reduced current start cylinder, disabled */ | |
| 984 | p[12] = (cylinders >> 8) & 0xff; | |
| 985 | p[13] = cylinders & 0xff; | |
| 986 | /* Device step rate [100us], 100us */ | |
| 987 | p[14] = 0; | |
| 988 | p[15] = 1; | |
| 989 | /* Device step pulse width [us], 1us */ | |
| 990 | p[16] = 1; | |
| 991 | /* Device head settle delay [100us], 100us */ | |
| 992 | p[17] = 0; | |
| 993 | p[18] = 1; | |
| 994 | /* Motor on delay [0.1s], 0.1s */ | |
| 995 | p[19] = 1; | |
| 996 | /* Motor off delay [0.1s], 0.1s */ | |
| 997 | p[20] = 1; | |
| 998 | /* Medium rotation rate [rpm], 5400 rpm */ | |
| 999 | p[28] = (5400 >> 8) & 0xff; | |
| 1000 | p[29] = 5400 & 0xff; | |
| cfc606da | 1001 | break; |
| ebddfcbe | 1002 | |
| 67cc61e4 | 1003 | case MODE_PAGE_CACHING: |
| ebddfcbe GH |
1004 | p[0] = 8; |
| 1005 | p[1] = 0x12; | |
| 282ab04e | 1006 | if (page_control == 1) { /* Changeable Values */ |
| cfc606da | 1007 | break; |
| 282ab04e | 1008 | } |
| 44740c38 | 1009 | if (bdrv_enable_write_cache(s->qdev.conf.bs)) { |
| ebddfcbe GH |
1010 | p[2] = 4; /* WCE */ |
| 1011 | } | |
| cfc606da | 1012 | break; |
| ebddfcbe | 1013 | |
| a07c7dcd PB |
1014 | case MODE_PAGE_R_W_ERROR: |
| 1015 | p[1] = 10; | |
| 1016 | p[2] = 0x80; /* Automatic Write Reallocation Enabled */ | |
| 1017 | if (s->qdev.type == TYPE_ROM) { | |
| 1018 | p[3] = 0x20; /* Read Retry Count */ | |
| 1019 | } | |
| 1020 | break; | |
| 1021 | ||
| 1022 | case MODE_PAGE_AUDIO_CTL: | |
| 1023 | p[1] = 14; | |
| 1024 | break; | |
| 1025 | ||
| 67cc61e4 | 1026 | case MODE_PAGE_CAPABILITIES: |
| ebddfcbe | 1027 | p[1] = 0x14; |
| 282ab04e | 1028 | if (page_control == 1) { /* Changeable Values */ |
| cfc606da | 1029 | break; |
| 282ab04e | 1030 | } |
| a07c7dcd PB |
1031 | |
| 1032 | p[2] = 0x3b; /* CD-R & CD-RW read */ | |
| 1033 | p[3] = 0; /* Writing not supported */ | |
| ebddfcbe GH |
1034 | p[4] = 0x7f; /* Audio, composite, digital out, |
| 1035 | mode 2 form 1&2, multi session */ | |
| 1036 | p[5] = 0xff; /* CD DA, DA accurate, RW supported, | |
| 1037 | RW corrected, C2 errors, ISRC, | |
| 1038 | UPC, Bar code */ | |
| 81b1008d | 1039 | p[6] = 0x2d | (s->tray_locked ? 2 : 0); |
| ebddfcbe GH |
1040 | /* Locking supported, jumper present, eject, tray */ |
| 1041 | p[7] = 0; /* no volume & mute control, no | |
| 1042 | changer */ | |
| a07c7dcd | 1043 | p[8] = (50 * 176) >> 8; /* 50x read speed */ |
| ebddfcbe | 1044 | p[9] = (50 * 176) & 0xff; |
| a07c7dcd PB |
1045 | p[10] = 2 >> 8; /* Two volume levels */ |
| 1046 | p[11] = 2 & 0xff; | |
| 1047 | p[12] = 2048 >> 8; /* 2M buffer */ | |
| ebddfcbe | 1048 | p[13] = 2048 & 0xff; |
| a07c7dcd | 1049 | p[14] = (16 * 176) >> 8; /* 16x read speed current */ |
| ebddfcbe | 1050 | p[15] = (16 * 176) & 0xff; |
| a07c7dcd | 1051 | p[18] = (16 * 176) >> 8; /* 16x write speed */ |
| ebddfcbe | 1052 | p[19] = (16 * 176) & 0xff; |
| a07c7dcd | 1053 | p[20] = (16 * 176) >> 8; /* 16x write speed current */ |
| ebddfcbe | 1054 | p[21] = (16 * 176) & 0xff; |
| cfc606da | 1055 | break; |
| ebddfcbe GH |
1056 | |
| 1057 | default: | |
| cfc606da | 1058 | return -1; |
| ebddfcbe | 1059 | } |
| cfc606da PB |
1060 | |
| 1061 | *p_outbuf += p[1] + 2; | |
| 1062 | return p[1] + 2; | |
| ebddfcbe GH |
1063 | } |
| 1064 | ||
| cfc606da | 1065 | static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf) |
| ebddfcbe | 1066 | { |
| cfc606da | 1067 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); |
| ebddfcbe | 1068 | uint64_t nb_sectors; |
| e590ecbe PB |
1069 | bool dbd; |
| 1070 | int page, buflen, ret, page_control; | |
| ebddfcbe | 1071 | uint8_t *p; |
| ce512ee1 | 1072 | uint8_t dev_specific_param; |
| ebddfcbe | 1073 | |
| e590ecbe | 1074 | dbd = (r->req.cmd.buf[1] & 0x8) != 0; |
| cfc606da PB |
1075 | page = r->req.cmd.buf[2] & 0x3f; |
| 1076 | page_control = (r->req.cmd.buf[2] & 0xc0) >> 6; | |
| aa2b1e89 | 1077 | DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n", |
| cfc606da PB |
1078 | (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control); |
| 1079 | memset(outbuf, 0, r->req.cmd.xfer); | |
| ebddfcbe GH |
1080 | p = outbuf; |
| 1081 | ||
| e590ecbe | 1082 | if (s->qdev.type == TYPE_DISK) { |
| da8365db | 1083 | dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0; |
| e590ecbe PB |
1084 | if (bdrv_is_read_only(s->qdev.conf.bs)) { |
| 1085 | dev_specific_param |= 0x80; /* Readonly. */ | |
| 1086 | } | |
| ce512ee1 | 1087 | } else { |
| e590ecbe PB |
1088 | /* MMC prescribes that CD/DVD drives have no block descriptors, |
| 1089 | * and defines no device-specific parameter. */ | |
| 6a2de0f2 | 1090 | dev_specific_param = 0x00; |
| e590ecbe | 1091 | dbd = true; |
| ce512ee1 BK |
1092 | } |
| 1093 | ||
| cfc606da | 1094 | if (r->req.cmd.buf[0] == MODE_SENSE) { |
| ce512ee1 BK |
1095 | p[1] = 0; /* Default media type. */ |
| 1096 | p[2] = dev_specific_param; | |
| 1097 | p[3] = 0; /* Block descriptor length. */ | |
| 1098 | p += 4; | |
| 1099 | } else { /* MODE_SENSE_10 */ | |
| 1100 | p[2] = 0; /* Default media type. */ | |
| 1101 | p[3] = dev_specific_param; | |
| 1102 | p[6] = p[7] = 0; /* Block descriptor length. */ | |
| 1103 | p += 8; | |
| ebddfcbe | 1104 | } |
| ebddfcbe | 1105 | |
| 44740c38 | 1106 | bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); |
| e590ecbe | 1107 | if (!dbd && nb_sectors) { |
| cfc606da | 1108 | if (r->req.cmd.buf[0] == MODE_SENSE) { |
| ce512ee1 BK |
1109 | outbuf[3] = 8; /* Block descriptor length */ |
| 1110 | } else { /* MODE_SENSE_10 */ | |
| 1111 | outbuf[7] = 8; /* Block descriptor length */ | |
| 1112 | } | |
| 69377307 | 1113 | nb_sectors /= (s->qdev.blocksize / 512); |
| f01b5931 | 1114 | if (nb_sectors > 0xffffff) { |
| 2488b740 | 1115 | nb_sectors = 0; |
| f01b5931 | 1116 | } |
| ebddfcbe GH |
1117 | p[0] = 0; /* media density code */ |
| 1118 | p[1] = (nb_sectors >> 16) & 0xff; | |
| 1119 | p[2] = (nb_sectors >> 8) & 0xff; | |
| 1120 | p[3] = nb_sectors & 0xff; | |
| 1121 | p[4] = 0; /* reserved */ | |
| 1122 | p[5] = 0; /* bytes 5-7 are the sector size in bytes */ | |
| 69377307 | 1123 | p[6] = s->qdev.blocksize >> 8; |
| ebddfcbe GH |
1124 | p[7] = 0; |
| 1125 | p += 8; | |
| 1126 | } | |
| 1127 | ||
| cfc606da PB |
1128 | if (page_control == 3) { |
| 1129 | /* Saved Values */ | |
| 1130 | scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED)); | |
| 1131 | return -1; | |
| 282ab04e BK |
1132 | } |
| 1133 | ||
| cfc606da PB |
1134 | if (page == 0x3f) { |
| 1135 | for (page = 0; page <= 0x3e; page++) { | |
| 1136 | mode_sense_page(s, page, &p, page_control); | |
| 1137 | } | |
| 1138 | } else { | |
| 1139 | ret = mode_sense_page(s, page, &p, page_control); | |
| 1140 | if (ret == -1) { | |
| 1141 | return -1; | |
| 1142 | } | |
| ebddfcbe GH |
1143 | } |
| 1144 | ||
| 1145 | buflen = p - outbuf; | |
| ce512ee1 BK |
1146 | /* |
| 1147 | * The mode data length field specifies the length in bytes of the | |
| 1148 | * following data that is available to be transferred. The mode data | |
| 1149 | * length does not include itself. | |
| 1150 | */ | |
| cfc606da | 1151 | if (r->req.cmd.buf[0] == MODE_SENSE) { |
| ce512ee1 BK |
1152 | outbuf[0] = buflen - 1; |
| 1153 | } else { /* MODE_SENSE_10 */ | |
| 1154 | outbuf[0] = ((buflen - 2) >> 8) & 0xff; | |
| 1155 | outbuf[1] = (buflen - 2) & 0xff; | |
| 1156 | } | |
| ebddfcbe GH |
1157 | return buflen; |
| 1158 | } | |
| 1159 | ||
| 02880f43 GH |
1160 | static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf) |
| 1161 | { | |
| 1162 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); | |
| 02880f43 GH |
1163 | int start_track, format, msf, toclen; |
| 1164 | uint64_t nb_sectors; | |
| 1165 | ||
| 1166 | msf = req->cmd.buf[1] & 2; | |
| 1167 | format = req->cmd.buf[2] & 0xf; | |
| 1168 | start_track = req->cmd.buf[6]; | |
| 44740c38 | 1169 | bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); |
| 02880f43 | 1170 | DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1); |
| 69377307 | 1171 | nb_sectors /= s->qdev.blocksize / 512; |
| 02880f43 GH |
1172 | switch (format) { |
| 1173 | case 0: | |
| 1174 | toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track); | |
| 1175 | break; | |
| 1176 | case 1: | |
| 1177 | /* multi session : only a single session defined */ | |
| 1178 | toclen = 12; | |
| 1179 | memset(outbuf, 0, 12); | |
| 1180 | outbuf[1] = 0x0a; | |
| 1181 | outbuf[2] = 0x01; | |
| 1182 | outbuf[3] = 0x01; | |
| 1183 | break; | |
| 1184 | case 2: | |
| 1185 | toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track); | |
| 1186 | break; | |
| 1187 | default: | |
| 1188 | return -1; | |
| 1189 | } | |
| 02880f43 GH |
1190 | return toclen; |
| 1191 | } | |
| 1192 | ||
| 68bb01f3 | 1193 | static int scsi_disk_emulate_start_stop(SCSIDiskReq *r) |
| bfd52647 MA |
1194 | { |
| 1195 | SCSIRequest *req = &r->req; | |
| 1196 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); | |
| 1197 | bool start = req->cmd.buf[4] & 1; | |
| 1198 | bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */ | |
| 1199 | ||
| 1200 | if (s->qdev.type == TYPE_ROM && loej) { | |
| 68bb01f3 MA |
1201 | if (!start && !s->tray_open && s->tray_locked) { |
| 1202 | scsi_check_condition(r, | |
| 44740c38 | 1203 | bdrv_is_inserted(s->qdev.conf.bs) |
| 68bb01f3 MA |
1204 | ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED) |
| 1205 | : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED)); | |
| 1206 | return -1; | |
| fdec4404 | 1207 | } |
| d88b1819 LC |
1208 | |
| 1209 | if (s->tray_open != !start) { | |
| 1210 | bdrv_eject(s->qdev.conf.bs, !start); | |
| 1211 | s->tray_open = !start; | |
| 1212 | } | |
| bfd52647 | 1213 | } |
| 68bb01f3 | 1214 | return 0; |
| bfd52647 MA |
1215 | } |
| 1216 | ||
| 7285477a | 1217 | static int scsi_disk_emulate_command(SCSIDiskReq *r) |
| aa5dbdc1 | 1218 | { |
| 8af7a3ab | 1219 | SCSIRequest *req = &r->req; |
| e7e25e32 | 1220 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); |
| e7e25e32 | 1221 | uint64_t nb_sectors; |
| 7285477a | 1222 | uint8_t *outbuf; |
| aa5dbdc1 GH |
1223 | int buflen = 0; |
| 1224 | ||
| 7285477a PB |
1225 | if (!r->iov.iov_base) { |
| 1226 | /* | |
| 1227 | * FIXME: we shouldn't return anything bigger than 4k, but the code | |
| 1228 | * requires the buffer to be as big as req->cmd.xfer in several | |
| 1229 | * places. So, do not allow CDBs with a very large ALLOCATION | |
| 1230 | * LENGTH. The real fix would be to modify scsi_read_data and | |
| 1231 | * dma_buf_read, so that they return data beyond the buflen | |
| 1232 | * as all zeros. | |
| 1233 | */ | |
| 1234 | if (req->cmd.xfer > 65536) { | |
| 1235 | goto illegal_request; | |
| 1236 | } | |
| 1237 | r->buflen = MAX(4096, req->cmd.xfer); | |
| 44740c38 | 1238 | r->iov.iov_base = qemu_blockalign(s->qdev.conf.bs, r->buflen); |
| 7285477a PB |
1239 | } |
| 1240 | ||
| 1241 | outbuf = r->iov.iov_base; | |
| aa5dbdc1 GH |
1242 | switch (req->cmd.buf[0]) { |
| 1243 | case TEST_UNIT_READY: | |
| 9bcaf4fe | 1244 | assert(!s->tray_open && bdrv_is_inserted(s->qdev.conf.bs)); |
| 5f71d32f | 1245 | break; |
| 0b06c059 GH |
1246 | case INQUIRY: |
| 1247 | buflen = scsi_disk_emulate_inquiry(req, outbuf); | |
| f01b5931 | 1248 | if (buflen < 0) { |
| 0b06c059 | 1249 | goto illegal_request; |
| f01b5931 | 1250 | } |
| 5f71d32f | 1251 | break; |
| ebddfcbe GH |
1252 | case MODE_SENSE: |
| 1253 | case MODE_SENSE_10: | |
| cfc606da | 1254 | buflen = scsi_disk_emulate_mode_sense(r, outbuf); |
| f01b5931 | 1255 | if (buflen < 0) { |
| ebddfcbe | 1256 | goto illegal_request; |
| f01b5931 | 1257 | } |
| ebddfcbe | 1258 | break; |
| 02880f43 GH |
1259 | case READ_TOC: |
| 1260 | buflen = scsi_disk_emulate_read_toc(req, outbuf); | |
| f01b5931 | 1261 | if (buflen < 0) { |
| 02880f43 | 1262 | goto illegal_request; |
| f01b5931 | 1263 | } |
| 02880f43 | 1264 | break; |
| 3d53ba18 | 1265 | case RESERVE: |
| f01b5931 | 1266 | if (req->cmd.buf[1] & 1) { |
| 3d53ba18 | 1267 | goto illegal_request; |
| f01b5931 | 1268 | } |
| 3d53ba18 GH |
1269 | break; |
| 1270 | case RESERVE_10: | |
| f01b5931 | 1271 | if (req->cmd.buf[1] & 3) { |
| 3d53ba18 | 1272 | goto illegal_request; |
| f01b5931 | 1273 | } |
| 3d53ba18 GH |
1274 | break; |
| 1275 | case RELEASE: | |
| f01b5931 | 1276 | if (req->cmd.buf[1] & 1) { |
| 3d53ba18 | 1277 | goto illegal_request; |
| f01b5931 | 1278 | } |
| 3d53ba18 GH |
1279 | break; |
| 1280 | case RELEASE_10: | |
| f01b5931 | 1281 | if (req->cmd.buf[1] & 3) { |
| 3d53ba18 | 1282 | goto illegal_request; |
| f01b5931 | 1283 | } |
| 3d53ba18 | 1284 | break; |
| 8d3628ff | 1285 | case START_STOP: |
| 68bb01f3 MA |
1286 | if (scsi_disk_emulate_start_stop(r) < 0) { |
| 1287 | return -1; | |
| 1288 | } | |
| 5f71d32f | 1289 | break; |
| c68b9f34 | 1290 | case ALLOW_MEDIUM_REMOVAL: |
| 81b1008d | 1291 | s->tray_locked = req->cmd.buf[4] & 1; |
| 44740c38 | 1292 | bdrv_lock_medium(s->qdev.conf.bs, req->cmd.buf[4] & 1); |
| 5f71d32f | 1293 | break; |
| 5e30a07d | 1294 | case READ_CAPACITY_10: |
| e7e25e32 | 1295 | /* The normal LEN field for this command is zero. */ |
| 5f71d32f | 1296 | memset(outbuf, 0, 8); |
| 44740c38 | 1297 | bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); |
| f01b5931 | 1298 | if (!nb_sectors) { |
| 9bcaf4fe PB |
1299 | scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY)); |
| 1300 | return -1; | |
| f01b5931 | 1301 | } |
| 7cec78b6 PB |
1302 | if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) { |
| 1303 | goto illegal_request; | |
| 1304 | } | |
| 69377307 | 1305 | nb_sectors /= s->qdev.blocksize / 512; |
| e7e25e32 GH |
1306 | /* Returned value is the address of the last sector. */ |
| 1307 | nb_sectors--; | |
| 1308 | /* Remember the new size for read/write sanity checking. */ | |
| 7877903a | 1309 | s->qdev.max_lba = nb_sectors; |
| e7e25e32 | 1310 | /* Clip to 2TB, instead of returning capacity modulo 2TB. */ |
| f01b5931 | 1311 | if (nb_sectors > UINT32_MAX) { |
| e7e25e32 | 1312 | nb_sectors = UINT32_MAX; |
| f01b5931 | 1313 | } |
| e7e25e32 GH |
1314 | outbuf[0] = (nb_sectors >> 24) & 0xff; |
| 1315 | outbuf[1] = (nb_sectors >> 16) & 0xff; | |
| 1316 | outbuf[2] = (nb_sectors >> 8) & 0xff; | |
| 1317 | outbuf[3] = nb_sectors & 0xff; | |
| 1318 | outbuf[4] = 0; | |
| 1319 | outbuf[5] = 0; | |
| 69377307 | 1320 | outbuf[6] = s->qdev.blocksize >> 8; |
| e7e25e32 GH |
1321 | outbuf[7] = 0; |
| 1322 | buflen = 8; | |
| 5f71d32f | 1323 | break; |
| f3b338ef PB |
1324 | case REQUEST_SENSE: |
| 1325 | /* Just return "NO SENSE". */ | |
| 1326 | buflen = scsi_build_sense(NULL, 0, outbuf, r->buflen, | |
| 1327 | (req->cmd.buf[1] & 1) == 0); | |
| 1328 | break; | |
| b6c251ab PB |
1329 | case MECHANISM_STATUS: |
| 1330 | buflen = scsi_emulate_mechanism_status(s, outbuf); | |
| 1331 | if (buflen < 0) { | |
| 1332 | goto illegal_request; | |
| 1333 | } | |
| 1334 | break; | |
| 38215553 | 1335 | case GET_CONFIGURATION: |
| 430ee2f2 | 1336 | buflen = scsi_get_configuration(s, outbuf); |
| b6c251ab PB |
1337 | if (buflen < 0) { |
| 1338 | goto illegal_request; | |
| 1339 | } | |
| 1340 | break; | |
| 1341 | case GET_EVENT_STATUS_NOTIFICATION: | |
| 1342 | buflen = scsi_get_event_status_notification(s, r, outbuf); | |
| 1343 | if (buflen < 0) { | |
| 1344 | goto illegal_request; | |
| 1345 | } | |
| 1346 | break; | |
| 1347 | case READ_DVD_STRUCTURE: | |
| 1348 | buflen = scsi_read_dvd_structure(s, r, outbuf); | |
| 1349 | if (buflen < 0) { | |
| 1350 | goto illegal_request; | |
| 1351 | } | |
| 38215553 | 1352 | break; |
| f6515262 | 1353 | case SERVICE_ACTION_IN_16: |
| 5dd90e2a | 1354 | /* Service Action In subcommands. */ |
| f6515262 | 1355 | if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) { |
| 5dd90e2a GH |
1356 | DPRINTF("SAI READ CAPACITY(16)\n"); |
| 1357 | memset(outbuf, 0, req->cmd.xfer); | |
| 44740c38 | 1358 | bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); |
| f01b5931 | 1359 | if (!nb_sectors) { |
| 9bcaf4fe PB |
1360 | scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY)); |
| 1361 | return -1; | |
| f01b5931 | 1362 | } |
| 7cec78b6 PB |
1363 | if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) { |
| 1364 | goto illegal_request; | |
| 1365 | } | |
| 69377307 | 1366 | nb_sectors /= s->qdev.blocksize / 512; |
| 5dd90e2a GH |
1367 | /* Returned value is the address of the last sector. */ |
| 1368 | nb_sectors--; | |
| 1369 | /* Remember the new size for read/write sanity checking. */ | |
| 7877903a | 1370 | s->qdev.max_lba = nb_sectors; |
| 5dd90e2a GH |
1371 | outbuf[0] = (nb_sectors >> 56) & 0xff; |
| 1372 | outbuf[1] = (nb_sectors >> 48) & 0xff; | |
| 1373 | outbuf[2] = (nb_sectors >> 40) & 0xff; | |
| 1374 | outbuf[3] = (nb_sectors >> 32) & 0xff; | |
| 1375 | outbuf[4] = (nb_sectors >> 24) & 0xff; | |
| 1376 | outbuf[5] = (nb_sectors >> 16) & 0xff; | |
| 1377 | outbuf[6] = (nb_sectors >> 8) & 0xff; | |
| 1378 | outbuf[7] = nb_sectors & 0xff; | |
| 1379 | outbuf[8] = 0; | |
| 1380 | outbuf[9] = 0; | |
| 69377307 | 1381 | outbuf[10] = s->qdev.blocksize >> 8; |
| 5dd90e2a | 1382 | outbuf[11] = 0; |
| ee3659e3 CH |
1383 | outbuf[12] = 0; |
| 1384 | outbuf[13] = get_physical_block_exp(&s->qdev.conf); | |
| ea3bd56f CH |
1385 | |
| 1386 | /* set TPE bit if the format supports discard */ | |
| 1387 | if (s->qdev.conf.discard_granularity) { | |
| 1388 | outbuf[14] = 0x80; | |
| 1389 | } | |
| 1390 | ||
| 5dd90e2a GH |
1391 | /* Protection, exponent and lowest lba field left blank. */ |
| 1392 | buflen = req->cmd.xfer; | |
| 1393 | break; | |
| 1394 | } | |
| 1395 | DPRINTF("Unsupported Service Action In\n"); | |
| 1396 | goto illegal_request; | |
| aa5dbdc1 | 1397 | default: |
| b45ef674 | 1398 | scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE)); |
| a1f0cce2 | 1399 | return -1; |
| aa5dbdc1 | 1400 | } |
| e2f0c49f | 1401 | buflen = MIN(buflen, req->cmd.xfer); |
| aa5dbdc1 GH |
1402 | return buflen; |
| 1403 | ||
| aa5dbdc1 | 1404 | illegal_request: |
| cfc606da PB |
1405 | if (r->req.status == -1) { |
| 1406 | scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); | |
| 1407 | } | |
| 8af7a3ab | 1408 | return -1; |
| aa5dbdc1 GH |
1409 | } |
| 1410 | ||
| 2e5d83bb PB |
1411 | /* Execute a scsi command. Returns the length of the data expected by the |
| 1412 | command. This will be Positive for data transfers from the device | |
| 1413 | (eg. disk reads), negative for transfers to the device (eg. disk writes), | |
| 1414 | and zero if the command does not transfer any data. */ | |
| 1415 | ||
| 5c6c0e51 | 1416 | static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf) |
| 2e5d83bb | 1417 | { |
| 5c6c0e51 HR |
1418 | SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); |
| 1419 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); | |
| ad2d30f7 | 1420 | int32_t len; |
| a917d384 | 1421 | uint8_t command; |
| aa5dbdc1 | 1422 | int rc; |
| a917d384 PB |
1423 | |
| 1424 | command = buf[0]; | |
| 653c1c3f | 1425 | DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", req->lun, req->tag, buf[0]); |
| 2dd791b6 | 1426 | |
| 2e5d83bb PB |
1427 | #ifdef DEBUG_SCSI |
| 1428 | { | |
| 1429 | int i; | |
| 2dd791b6 | 1430 | for (i = 1; i < r->req.cmd.len; i++) { |
| 2e5d83bb PB |
1431 | printf(" 0x%02x", buf[i]); |
| 1432 | } | |
| 1433 | printf("\n"); | |
| 1434 | } | |
| 1435 | #endif | |
| aa5dbdc1 | 1436 | |
| 9bcaf4fe PB |
1437 | switch (command) { |
| 1438 | case INQUIRY: | |
| 1439 | case MODE_SENSE: | |
| 1440 | case MODE_SENSE_10: | |
| 1441 | case RESERVE: | |
| 1442 | case RESERVE_10: | |
| 1443 | case RELEASE: | |
| 1444 | case RELEASE_10: | |
| 1445 | case START_STOP: | |
| 1446 | case ALLOW_MEDIUM_REMOVAL: | |
| 1447 | case GET_CONFIGURATION: | |
| 1448 | case GET_EVENT_STATUS_NOTIFICATION: | |
| 1449 | case MECHANISM_STATUS: | |
| 1450 | case REQUEST_SENSE: | |
| 1451 | break; | |
| 1452 | ||
| 1453 | default: | |
| 1454 | if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) { | |
| 1455 | scsi_check_condition(r, SENSE_CODE(NO_MEDIUM)); | |
| 1456 | return 0; | |
| 1457 | } | |
| 1458 | break; | |
| 1459 | } | |
| 1460 | ||
| a917d384 | 1461 | switch (command) { |
| ebf46023 | 1462 | case TEST_UNIT_READY: |
| 0b06c059 | 1463 | case INQUIRY: |
| ebddfcbe GH |
1464 | case MODE_SENSE: |
| 1465 | case MODE_SENSE_10: | |
| 3d53ba18 GH |
1466 | case RESERVE: |
| 1467 | case RESERVE_10: | |
| 1468 | case RELEASE: | |
| 1469 | case RELEASE_10: | |
| 8d3628ff | 1470 | case START_STOP: |
| c68b9f34 | 1471 | case ALLOW_MEDIUM_REMOVAL: |
| 5e30a07d | 1472 | case READ_CAPACITY_10: |
| 02880f43 | 1473 | case READ_TOC: |
| b6c251ab | 1474 | case READ_DVD_STRUCTURE: |
| 38215553 | 1475 | case GET_CONFIGURATION: |
| b6c251ab PB |
1476 | case GET_EVENT_STATUS_NOTIFICATION: |
| 1477 | case MECHANISM_STATUS: | |
| f6515262 | 1478 | case SERVICE_ACTION_IN_16: |
| f3b338ef | 1479 | case REQUEST_SENSE: |
| 7285477a | 1480 | rc = scsi_disk_emulate_command(r); |
| 8af7a3ab | 1481 | if (rc < 0) { |
| 0b06c059 | 1482 | return 0; |
| aa5dbdc1 | 1483 | } |
| 8af7a3ab KW |
1484 | |
| 1485 | r->iov.iov_len = rc; | |
| 0b06c059 | 1486 | break; |
| 0a4ac106 | 1487 | case SYNCHRONIZE_CACHE: |
| c7bae6a7 PB |
1488 | /* The request is used as the AIO opaque value, so add a ref. */ |
| 1489 | scsi_req_ref(&r->req); | |
| 44740c38 PB |
1490 | bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH); |
| 1491 | r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_flush_complete, r); | |
| 0a4ac106 | 1492 | return 0; |
| ebf46023 GH |
1493 | case READ_6: |
| 1494 | case READ_10: | |
| bd536cf3 GH |
1495 | case READ_12: |
| 1496 | case READ_16: | |
| 5c6c0e51 | 1497 | len = r->req.cmd.xfer / s->qdev.blocksize; |
| 2dd791b6 | 1498 | DPRINTF("Read (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len); |
| 7877903a | 1499 | if (r->req.cmd.lba > s->qdev.max_lba) { |
| 274fb0e1 | 1500 | goto illegal_lba; |
| f01b5931 | 1501 | } |
| 69377307 PB |
1502 | r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512); |
| 1503 | r->sector_count = len * (s->qdev.blocksize / 512); | |
| 2e5d83bb | 1504 | break; |
| 7f64f8e2 PB |
1505 | case VERIFY_10: |
| 1506 | case VERIFY_12: | |
| 1507 | case VERIFY_16: | |
| ebf46023 GH |
1508 | case WRITE_6: |
| 1509 | case WRITE_10: | |
| bd536cf3 GH |
1510 | case WRITE_12: |
| 1511 | case WRITE_16: | |
| 5e30a07d | 1512 | case WRITE_VERIFY_10: |
| ebef0bbb BK |
1513 | case WRITE_VERIFY_12: |
| 1514 | case WRITE_VERIFY_16: | |
| 5c6c0e51 | 1515 | len = r->req.cmd.xfer / s->qdev.blocksize; |
| ebef0bbb | 1516 | DPRINTF("Write %s(sector %" PRId64 ", count %d)\n", |
| 2dd791b6 HR |
1517 | (command & 0xe) == 0xe ? "And Verify " : "", |
| 1518 | r->req.cmd.lba, len); | |
| 7877903a | 1519 | if (r->req.cmd.lba > s->qdev.max_lba) { |
| 274fb0e1 | 1520 | goto illegal_lba; |
| f01b5931 | 1521 | } |
| 69377307 PB |
1522 | r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512); |
| 1523 | r->sector_count = len * (s->qdev.blocksize / 512); | |
| 2e5d83bb | 1524 | break; |
| ebef0bbb | 1525 | case MODE_SELECT: |
| 2dd791b6 | 1526 | DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer); |
| ebef0bbb BK |
1527 | /* We don't support mode parameter changes. |
| 1528 | Allow the mode parameter header + block descriptors only. */ | |
| 2dd791b6 | 1529 | if (r->req.cmd.xfer > 12) { |
| ebef0bbb BK |
1530 | goto fail; |
| 1531 | } | |
| 1532 | break; | |
| 1533 | case MODE_SELECT_10: | |
| 2dd791b6 | 1534 | DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer); |
| ebef0bbb BK |
1535 | /* We don't support mode parameter changes. |
| 1536 | Allow the mode parameter header + block descriptors only. */ | |
| 2dd791b6 | 1537 | if (r->req.cmd.xfer > 16) { |
| ebef0bbb BK |
1538 | goto fail; |
| 1539 | } | |
| 1540 | break; | |
| ebef0bbb | 1541 | case SEEK_10: |
| 00a01ad4 | 1542 | DPRINTF("Seek(10) (sector %" PRId64 ")\n", r->req.cmd.lba); |
| 7877903a | 1543 | if (r->req.cmd.lba > s->qdev.max_lba) { |
| ebef0bbb BK |
1544 | goto illegal_lba; |
| 1545 | } | |
| ea3bd56f | 1546 | break; |
| c9e4d828 | 1547 | case WRITE_SAME_10: |
| a5ee9085 PB |
1548 | len = lduw_be_p(&buf[7]); |
| 1549 | goto write_same; | |
| ea3bd56f | 1550 | case WRITE_SAME_16: |
| a5ee9085 PB |
1551 | len = ldl_be_p(&buf[10]) & 0xffffffffULL; |
| 1552 | write_same: | |
| ea3bd56f | 1553 | |
| c9e4d828 | 1554 | DPRINTF("WRITE SAME() (sector %" PRId64 ", count %d)\n", |
| ea3bd56f CH |
1555 | r->req.cmd.lba, len); |
| 1556 | ||
| 7877903a | 1557 | if (r->req.cmd.lba > s->qdev.max_lba) { |
| ea3bd56f CH |
1558 | goto illegal_lba; |
| 1559 | } | |
| 1560 | ||
| 1561 | /* | |
| 1562 | * We only support WRITE SAME with the unmap bit set for now. | |
| 1563 | */ | |
| 1564 | if (!(buf[1] & 0x8)) { | |
| 1565 | goto fail; | |
| 1566 | } | |
| 1567 | ||
| 69377307 PB |
1568 | rc = bdrv_discard(s->qdev.conf.bs, |
| 1569 | r->req.cmd.lba * (s->qdev.blocksize / 512), | |
| 1570 | len * (s->qdev.blocksize / 512)); | |
| ea3bd56f CH |
1571 | if (rc < 0) { |
| 1572 | /* XXX: better error code ?*/ | |
| 1573 | goto fail; | |
| 1574 | } | |
| 1575 | ||
| ebef0bbb | 1576 | break; |
| 2e5d83bb | 1577 | default: |
| 2dd791b6 | 1578 | DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]); |
| b45ef674 | 1579 | scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE)); |
| a1f0cce2 | 1580 | return 0; |
| 2e5d83bb | 1581 | fail: |
| b45ef674 | 1582 | scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); |
| 2dd791b6 | 1583 | return 0; |
| 274fb0e1 | 1584 | illegal_lba: |
| b45ef674 | 1585 | scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE)); |
| 274fb0e1 | 1586 | return 0; |
| 2e5d83bb | 1587 | } |
| c87c0672 | 1588 | if (r->sector_count == 0 && r->iov.iov_len == 0) { |
| b45ef674 | 1589 | scsi_req_complete(&r->req, GOOD); |
| a917d384 | 1590 | } |
| c87c0672 | 1591 | len = r->sector_count * 512 + r->iov.iov_len; |
| efb9ee02 HR |
1592 | if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { |
| 1593 | return -len; | |
| a917d384 | 1594 | } else { |
| f01b5931 | 1595 | if (!r->sector_count) { |
| a917d384 | 1596 | r->sector_count = -1; |
| f01b5931 | 1597 | } |
| efb9ee02 | 1598 | return len; |
| 2e5d83bb | 1599 | } |
| 2e5d83bb PB |
1600 | } |
| 1601 | ||
| e9447f35 JK |
1602 | static void scsi_disk_reset(DeviceState *dev) |
| 1603 | { | |
| 1604 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev); | |
| 1605 | uint64_t nb_sectors; | |
| 1606 | ||
| c7b48872 | 1607 | scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET)); |
| e9447f35 | 1608 | |
| 44740c38 | 1609 | bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); |
| 69377307 | 1610 | nb_sectors /= s->qdev.blocksize / 512; |
| e9447f35 JK |
1611 | if (nb_sectors) { |
| 1612 | nb_sectors--; | |
| 1613 | } | |
| 7877903a | 1614 | s->qdev.max_lba = nb_sectors; |
| e9447f35 JK |
1615 | } |
| 1616 | ||
| 1617 | static void scsi_destroy(SCSIDevice *dev) | |
| 1618 | { | |
| 1619 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); | |
| 1620 | ||
| c7b48872 | 1621 | scsi_device_purge_requests(&s->qdev, SENSE_CODE(NO_SENSE)); |
| f8b6cc00 | 1622 | blockdev_mark_auto_del(s->qdev.conf.bs); |
| 56a14938 GH |
1623 | } |
| 1624 | ||
| 7d4b4ba5 | 1625 | static void scsi_cd_change_media_cb(void *opaque, bool load) |
| 2c6942fa | 1626 | { |
| 8a9c16f6 PB |
1627 | SCSIDiskState *s = opaque; |
| 1628 | ||
| 1629 | /* | |
| 1630 | * When a CD gets changed, we have to report an ejected state and | |
| 1631 | * then a loaded state to guests so that they detect tray | |
| 1632 | * open/close and media change events. Guests that do not use | |
| 1633 | * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close | |
| 1634 | * states rely on this behavior. | |
| 1635 | * | |
| 1636 | * media_changed governs the state machine used for unit attention | |
| 1637 | * report. media_event is used by GET EVENT STATUS NOTIFICATION. | |
| 1638 | */ | |
| 1639 | s->media_changed = load; | |
| 1640 | s->tray_open = !load; | |
| 1641 | s->qdev.unit_attention = SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM); | |
| 3c2f7c12 | 1642 | s->media_event = true; |
| 4480de19 PB |
1643 | s->eject_request = false; |
| 1644 | } | |
| 1645 | ||
| 1646 | static void scsi_cd_eject_request_cb(void *opaque, bool force) | |
| 1647 | { | |
| 1648 | SCSIDiskState *s = opaque; | |
| 1649 | ||
| 1650 | s->eject_request = true; | |
| 1651 | if (force) { | |
| 1652 | s->tray_locked = false; | |
| 1653 | } | |
| 2c6942fa MA |
1654 | } |
| 1655 | ||
| e4def80b MA |
1656 | static bool scsi_cd_is_tray_open(void *opaque) |
| 1657 | { | |
| 1658 | return ((SCSIDiskState *)opaque)->tray_open; | |
| 1659 | } | |
| 1660 | ||
| f107639a MA |
1661 | static bool scsi_cd_is_medium_locked(void *opaque) |
| 1662 | { | |
| 1663 | return ((SCSIDiskState *)opaque)->tray_locked; | |
| 1664 | } | |
| 1665 | ||
| 1666 | static const BlockDevOps scsi_cd_block_ops = { | |
| 2c6942fa | 1667 | .change_media_cb = scsi_cd_change_media_cb, |
| 4480de19 | 1668 | .eject_request_cb = scsi_cd_eject_request_cb, |
| e4def80b | 1669 | .is_tray_open = scsi_cd_is_tray_open, |
| f107639a MA |
1670 | .is_medium_locked = scsi_cd_is_medium_locked, |
| 1671 | }; | |
| 1672 | ||
| 8a9c16f6 PB |
1673 | static void scsi_disk_unit_attention_reported(SCSIDevice *dev) |
| 1674 | { | |
| 1675 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); | |
| 1676 | if (s->media_changed) { | |
| 1677 | s->media_changed = false; | |
| 1678 | s->qdev.unit_attention = SENSE_CODE(MEDIUM_CHANGED); | |
| 1679 | } | |
| 1680 | } | |
| 1681 | ||
| e39be482 | 1682 | static int scsi_initfn(SCSIDevice *dev) |
| 2e5d83bb | 1683 | { |
| d52affa7 | 1684 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); |
| f8b6cc00 | 1685 | DriveInfo *dinfo; |
| 2e5d83bb | 1686 | |
| f8b6cc00 | 1687 | if (!s->qdev.conf.bs) { |
| 6a84cb1f | 1688 | error_report("drive property not set"); |
| d52affa7 GH |
1689 | return -1; |
| 1690 | } | |
| 1691 | ||
| bfe3d7ac PB |
1692 | if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) && |
| 1693 | !bdrv_is_inserted(s->qdev.conf.bs)) { | |
| 98f28ad7 MA |
1694 | error_report("Device needs media, but drive is empty"); |
| 1695 | return -1; | |
| 1696 | } | |
| 1697 | ||
| a0fef654 | 1698 | if (!s->serial) { |
| f8b6cc00 | 1699 | /* try to fall back to value set with legacy -drive serial=... */ |
| 44740c38 | 1700 | dinfo = drive_get_by_blockdev(s->qdev.conf.bs); |
| 3e1c0c9a | 1701 | if (*dinfo->serial) { |
| 7267c094 | 1702 | s->serial = g_strdup(dinfo->serial); |
| 3e1c0c9a | 1703 | } |
| a0fef654 MA |
1704 | } |
| 1705 | ||
| 552fee93 | 1706 | if (!s->version) { |
| 7267c094 | 1707 | s->version = g_strdup(QEMU_VERSION); |
| 552fee93 MA |
1708 | } |
| 1709 | ||
| 44740c38 | 1710 | if (bdrv_is_sg(s->qdev.conf.bs)) { |
| 6a84cb1f | 1711 | error_report("unwanted /dev/sg*"); |
| 32bb404a MA |
1712 | return -1; |
| 1713 | } | |
| 1714 | ||
| bfe3d7ac | 1715 | if (s->features & (1 << SCSI_DISK_F_REMOVABLE)) { |
| 44740c38 | 1716 | bdrv_set_dev_ops(s->qdev.conf.bs, &scsi_cd_block_ops, s); |
| 2e5d83bb | 1717 | } |
| 44740c38 | 1718 | bdrv_set_buffer_alignment(s->qdev.conf.bs, s->qdev.blocksize); |
| 8cfacf07 | 1719 | |
| 44740c38 | 1720 | bdrv_iostatus_enable(s->qdev.conf.bs); |
| 7082826e | 1721 | add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, NULL); |
| d52affa7 GH |
1722 | return 0; |
| 1723 | } | |
| 1724 | ||
| b443ae67 MA |
1725 | static int scsi_hd_initfn(SCSIDevice *dev) |
| 1726 | { | |
| e39be482 PB |
1727 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); |
| 1728 | s->qdev.blocksize = s->qdev.conf.logical_block_size; | |
| 1729 | s->qdev.type = TYPE_DISK; | |
| 1730 | return scsi_initfn(&s->qdev); | |
| b443ae67 MA |
1731 | } |
| 1732 | ||
| 1733 | static int scsi_cd_initfn(SCSIDevice *dev) | |
| 1734 | { | |
| e39be482 PB |
1735 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); |
| 1736 | s->qdev.blocksize = 2048; | |
| 1737 | s->qdev.type = TYPE_ROM; | |
| bfe3d7ac | 1738 | s->features |= 1 << SCSI_DISK_F_REMOVABLE; |
| e39be482 | 1739 | return scsi_initfn(&s->qdev); |
| b443ae67 MA |
1740 | } |
| 1741 | ||
| 1742 | static int scsi_disk_initfn(SCSIDevice *dev) | |
| 1743 | { | |
| 95b5edcd | 1744 | DriveInfo *dinfo; |
| b443ae67 MA |
1745 | |
| 1746 | if (!dev->conf.bs) { | |
| e39be482 | 1747 | return scsi_initfn(dev); /* ... and die there */ |
| b443ae67 MA |
1748 | } |
| 1749 | ||
| e39be482 PB |
1750 | dinfo = drive_get_by_blockdev(dev->conf.bs); |
| 1751 | if (dinfo->media_cd) { | |
| 1752 | return scsi_cd_initfn(dev); | |
| 1753 | } else { | |
| 1754 | return scsi_hd_initfn(dev); | |
| 1755 | } | |
| b443ae67 MA |
1756 | } |
| 1757 | ||
| adcf2754 | 1758 | static const SCSIReqOps scsi_disk_reqops = { |
| 8dbd4574 | 1759 | .size = sizeof(SCSIDiskReq), |
| 12010e7b PB |
1760 | .free_req = scsi_free_request, |
| 1761 | .send_command = scsi_send_command, | |
| 1762 | .read_data = scsi_read_data, | |
| 1763 | .write_data = scsi_write_data, | |
| 1764 | .cancel_io = scsi_cancel_io, | |
| 1765 | .get_buf = scsi_get_buf, | |
| 43b978b9 PB |
1766 | .load_request = scsi_disk_load_request, |
| 1767 | .save_request = scsi_disk_save_request, | |
| 8dbd4574 PB |
1768 | }; |
| 1769 | ||
| 63db0f0e PB |
1770 | static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun, |
| 1771 | uint8_t *buf, void *hba_private) | |
| 8dbd4574 PB |
1772 | { |
| 1773 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d); | |
| 1774 | SCSIRequest *req; | |
| 8dbd4574 PB |
1775 | |
| 1776 | req = scsi_req_alloc(&scsi_disk_reqops, &s->qdev, tag, lun, hba_private); | |
| 8dbd4574 PB |
1777 | return req; |
| 1778 | } | |
| 1779 | ||
| 336a6915 PB |
1780 | #ifdef __linux__ |
| 1781 | static int get_device_type(SCSIDiskState *s) | |
| 1782 | { | |
| 1783 | BlockDriverState *bdrv = s->qdev.conf.bs; | |
| 1784 | uint8_t cmd[16]; | |
| 1785 | uint8_t buf[36]; | |
| 1786 | uint8_t sensebuf[8]; | |
| 1787 | sg_io_hdr_t io_header; | |
| 1788 | int ret; | |
| 1789 | ||
| 1790 | memset(cmd, 0, sizeof(cmd)); | |
| 1791 | memset(buf, 0, sizeof(buf)); | |
| 1792 | cmd[0] = INQUIRY; | |
| 1793 | cmd[4] = sizeof(buf); | |
| 1794 | ||
| 1795 | memset(&io_header, 0, sizeof(io_header)); | |
| 1796 | io_header.interface_id = 'S'; | |
| 1797 | io_header.dxfer_direction = SG_DXFER_FROM_DEV; | |
| 1798 | io_header.dxfer_len = sizeof(buf); | |
| 1799 | io_header.dxferp = buf; | |
| 1800 | io_header.cmdp = cmd; | |
| 1801 | io_header.cmd_len = sizeof(cmd); | |
| 1802 | io_header.mx_sb_len = sizeof(sensebuf); | |
| 1803 | io_header.sbp = sensebuf; | |
| 1804 | io_header.timeout = 6000; /* XXX */ | |
| 1805 | ||
| 1806 | ret = bdrv_ioctl(bdrv, SG_IO, &io_header); | |
| 1807 | if (ret < 0 || io_header.driver_status || io_header.host_status) { | |
| 1808 | return -1; | |
| 1809 | } | |
| 1810 | s->qdev.type = buf[0]; | |
| bfe3d7ac PB |
1811 | if (buf[1] & 0x80) { |
| 1812 | s->features |= 1 << SCSI_DISK_F_REMOVABLE; | |
| 1813 | } | |
| 336a6915 PB |
1814 | return 0; |
| 1815 | } | |
| 1816 | ||
| 1817 | static int scsi_block_initfn(SCSIDevice *dev) | |
| 1818 | { | |
| 1819 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); | |
| 1820 | int sg_version; | |
| 1821 | int rc; | |
| 1822 | ||
| 1823 | if (!s->qdev.conf.bs) { | |
| 1824 | error_report("scsi-block: drive property not set"); | |
| 1825 | return -1; | |
| 1826 | } | |
| 1827 | ||
| 1828 | /* check we are using a driver managing SG_IO (version 3 and after) */ | |
| 1829 | if (bdrv_ioctl(s->qdev.conf.bs, SG_GET_VERSION_NUM, &sg_version) < 0 || | |
| 1830 | sg_version < 30000) { | |
| 1831 | error_report("scsi-block: scsi generic interface too old"); | |
| 1832 | return -1; | |
| 1833 | } | |
| 1834 | ||
| 1835 | /* get device type from INQUIRY data */ | |
| 1836 | rc = get_device_type(s); | |
| 1837 | if (rc < 0) { | |
| 1838 | error_report("scsi-block: INQUIRY failed"); | |
| 1839 | return -1; | |
| 1840 | } | |
| 1841 | ||
| 1842 | /* Make a guess for the block size, we'll fix it when the guest sends. | |
| 1843 | * READ CAPACITY. If they don't, they likely would assume these sizes | |
| 1844 | * anyway. (TODO: check in /sys). | |
| 1845 | */ | |
| 1846 | if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) { | |
| 1847 | s->qdev.blocksize = 2048; | |
| 1848 | } else { | |
| 1849 | s->qdev.blocksize = 512; | |
| 1850 | } | |
| 1851 | return scsi_initfn(&s->qdev); | |
| 1852 | } | |
| 1853 | ||
| 1854 | static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag, | |
| 1855 | uint32_t lun, uint8_t *buf, | |
| 1856 | void *hba_private) | |
| 1857 | { | |
| 1858 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d); | |
| 1859 | ||
| 1860 | switch (buf[0]) { | |
| 1861 | case READ_6: | |
| 1862 | case READ_10: | |
| 1863 | case READ_12: | |
| 1864 | case READ_16: | |
| 7f64f8e2 PB |
1865 | case VERIFY_10: |
| 1866 | case VERIFY_12: | |
| 1867 | case VERIFY_16: | |
| 336a6915 PB |
1868 | case WRITE_6: |
| 1869 | case WRITE_10: | |
| 1870 | case WRITE_12: | |
| 1871 | case WRITE_16: | |
| 1872 | case WRITE_VERIFY_10: | |
| 1873 | case WRITE_VERIFY_12: | |
| 1874 | case WRITE_VERIFY_16: | |
| eaccf49e PB |
1875 | /* If we are not using O_DIRECT, we might read stale data from the |
| 1876 | * host cache if writes were made using other commands than these | |
| 1877 | * ones (such as WRITE SAME or EXTENDED COPY, etc.). So, without | |
| 1878 | * O_DIRECT everything must go through SG_IO. | |
| 1879 | */ | |
| 1880 | if (!(s->qdev.conf.bs->open_flags & BDRV_O_NOCACHE)) { | |
| 1881 | break; | |
| 1882 | } | |
| 1883 | ||
| 33ebad12 PB |
1884 | /* MMC writing cannot be done via pread/pwrite, because it sometimes |
| 1885 | * involves writing beyond the maximum LBA or to negative LBA (lead-in). | |
| 1886 | * And once you do these writes, reading from the block device is | |
| 1887 | * unreliable, too. It is even possible that reads deliver random data | |
| 1888 | * from the host page cache (this is probably a Linux bug). | |
| 1889 | * | |
| 1890 | * We might use scsi_disk_reqops as long as no writing commands are | |
| 1891 | * seen, but performance usually isn't paramount on optical media. So, | |
| 1892 | * just make scsi-block operate the same as scsi-generic for them. | |
| 1893 | */ | |
| eaccf49e PB |
1894 | if (s->qdev.type == TYPE_ROM) { |
| 1895 | break; | |
| 1896 | } | |
| 1897 | return scsi_req_alloc(&scsi_disk_reqops, &s->qdev, tag, lun, | |
| 1898 | hba_private); | |
| 336a6915 PB |
1899 | } |
| 1900 | ||
| 1901 | return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun, | |
| 1902 | hba_private); | |
| 1903 | } | |
| 1904 | #endif | |
| 1905 | ||
| b443ae67 MA |
1906 | #define DEFINE_SCSI_DISK_PROPERTIES() \ |
| 1907 | DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \ | |
| 1908 | DEFINE_PROP_STRING("ver", SCSIDiskState, version), \ | |
| 1909 | DEFINE_PROP_STRING("serial", SCSIDiskState, serial) | |
| 1910 | ||
| 39bffca2 AL |
1911 | static Property scsi_hd_properties[] = { |
| 1912 | DEFINE_SCSI_DISK_PROPERTIES(), | |
| bfe3d7ac PB |
1913 | DEFINE_PROP_BIT("removable", SCSIDiskState, features, |
| 1914 | SCSI_DISK_F_REMOVABLE, false), | |
| da8365db PB |
1915 | DEFINE_PROP_BIT("dpofua", SCSIDiskState, features, |
| 1916 | SCSI_DISK_F_DPOFUA, false), | |
| 39bffca2 AL |
1917 | DEFINE_PROP_END_OF_LIST(), |
| 1918 | }; | |
| 1919 | ||
| 43b978b9 PB |
1920 | static const VMStateDescription vmstate_scsi_disk_state = { |
| 1921 | .name = "scsi-disk", | |
| 1922 | .version_id = 1, | |
| 1923 | .minimum_version_id = 1, | |
| 1924 | .minimum_version_id_old = 1, | |
| 1925 | .fields = (VMStateField[]) { | |
| 1926 | VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState), | |
| 1927 | VMSTATE_BOOL(media_changed, SCSIDiskState), | |
| 1928 | VMSTATE_BOOL(media_event, SCSIDiskState), | |
| 1929 | VMSTATE_BOOL(eject_request, SCSIDiskState), | |
| 1930 | VMSTATE_BOOL(tray_open, SCSIDiskState), | |
| 1931 | VMSTATE_BOOL(tray_locked, SCSIDiskState), | |
| 1932 | VMSTATE_END_OF_LIST() | |
| 1933 | } | |
| 1934 | }; | |
| 1935 | ||
| b9eea3e6 AL |
1936 | static void scsi_hd_class_initfn(ObjectClass *klass, void *data) |
| 1937 | { | |
| 39bffca2 | 1938 | DeviceClass *dc = DEVICE_CLASS(klass); |
| b9eea3e6 AL |
1939 | SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass); |
| 1940 | ||
| 1941 | sc->init = scsi_hd_initfn; | |
| 1942 | sc->destroy = scsi_destroy; | |
| 1943 | sc->alloc_req = scsi_new_request; | |
| 1944 | sc->unit_attention_reported = scsi_disk_unit_attention_reported; | |
| 39bffca2 AL |
1945 | dc->fw_name = "disk"; |
| 1946 | dc->desc = "virtual SCSI disk"; | |
| 1947 | dc->reset = scsi_disk_reset; | |
| 1948 | dc->props = scsi_hd_properties; | |
| 43b978b9 | 1949 | dc->vmsd = &vmstate_scsi_disk_state; |
| b9eea3e6 AL |
1950 | } |
| 1951 | ||
| 39bffca2 AL |
1952 | static TypeInfo scsi_hd_info = { |
| 1953 | .name = "scsi-hd", | |
| 1954 | .parent = TYPE_SCSI_DEVICE, | |
| 1955 | .instance_size = sizeof(SCSIDiskState), | |
| 1956 | .class_init = scsi_hd_class_initfn, | |
| 1957 | }; | |
| 1958 | ||
| 1959 | static Property scsi_cd_properties[] = { | |
| 1960 | DEFINE_SCSI_DISK_PROPERTIES(), | |
| 1961 | DEFINE_PROP_END_OF_LIST(), | |
| b9eea3e6 AL |
1962 | }; |
| 1963 | ||
| 1964 | static void scsi_cd_class_initfn(ObjectClass *klass, void *data) | |
| 1965 | { | |
| 39bffca2 | 1966 | DeviceClass *dc = DEVICE_CLASS(klass); |
| b9eea3e6 AL |
1967 | SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass); |
| 1968 | ||
| 1969 | sc->init = scsi_cd_initfn; | |
| 1970 | sc->destroy = scsi_destroy; | |
| 1971 | sc->alloc_req = scsi_new_request; | |
| 1972 | sc->unit_attention_reported = scsi_disk_unit_attention_reported; | |
| 39bffca2 AL |
1973 | dc->fw_name = "disk"; |
| 1974 | dc->desc = "virtual SCSI CD-ROM"; | |
| 1975 | dc->reset = scsi_disk_reset; | |
| 1976 | dc->props = scsi_cd_properties; | |
| 43b978b9 | 1977 | dc->vmsd = &vmstate_scsi_disk_state; |
| b9eea3e6 AL |
1978 | } |
| 1979 | ||
| 39bffca2 AL |
1980 | static TypeInfo scsi_cd_info = { |
| 1981 | .name = "scsi-cd", | |
| 1982 | .parent = TYPE_SCSI_DEVICE, | |
| 1983 | .instance_size = sizeof(SCSIDiskState), | |
| 1984 | .class_init = scsi_cd_class_initfn, | |
| b9eea3e6 AL |
1985 | }; |
| 1986 | ||
| 336a6915 | 1987 | #ifdef __linux__ |
| 39bffca2 AL |
1988 | static Property scsi_block_properties[] = { |
| 1989 | DEFINE_SCSI_DISK_PROPERTIES(), | |
| 1990 | DEFINE_PROP_END_OF_LIST(), | |
| 1991 | }; | |
| 1992 | ||
| b9eea3e6 AL |
1993 | static void scsi_block_class_initfn(ObjectClass *klass, void *data) |
| 1994 | { | |
| 39bffca2 | 1995 | DeviceClass *dc = DEVICE_CLASS(klass); |
| b9eea3e6 AL |
1996 | SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass); |
| 1997 | ||
| 1998 | sc->init = scsi_block_initfn; | |
| 1999 | sc->destroy = scsi_destroy; | |
| 2000 | sc->alloc_req = scsi_block_new_request; | |
| 39bffca2 AL |
2001 | dc->fw_name = "disk"; |
| 2002 | dc->desc = "SCSI block device passthrough"; | |
| 2003 | dc->reset = scsi_disk_reset; | |
| 2004 | dc->props = scsi_block_properties; | |
| 43b978b9 | 2005 | dc->vmsd = &vmstate_scsi_disk_state; |
| b9eea3e6 AL |
2006 | } |
| 2007 | ||
| 39bffca2 AL |
2008 | static TypeInfo scsi_block_info = { |
| 2009 | .name = "scsi-block", | |
| 2010 | .parent = TYPE_SCSI_DEVICE, | |
| 2011 | .instance_size = sizeof(SCSIDiskState), | |
| 2012 | .class_init = scsi_block_class_initfn, | |
| b9eea3e6 | 2013 | }; |
| 336a6915 | 2014 | #endif |
| b9eea3e6 | 2015 | |
| 39bffca2 AL |
2016 | static Property scsi_disk_properties[] = { |
| 2017 | DEFINE_SCSI_DISK_PROPERTIES(), | |
| bfe3d7ac PB |
2018 | DEFINE_PROP_BIT("removable", SCSIDiskState, features, |
| 2019 | SCSI_DISK_F_REMOVABLE, false), | |
| da8365db PB |
2020 | DEFINE_PROP_BIT("dpofua", SCSIDiskState, features, |
| 2021 | SCSI_DISK_F_DPOFUA, false), | |
| 39bffca2 AL |
2022 | DEFINE_PROP_END_OF_LIST(), |
| 2023 | }; | |
| 2024 | ||
| b9eea3e6 AL |
2025 | static void scsi_disk_class_initfn(ObjectClass *klass, void *data) |
| 2026 | { | |
| 39bffca2 | 2027 | DeviceClass *dc = DEVICE_CLASS(klass); |
| b9eea3e6 AL |
2028 | SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass); |
| 2029 | ||
| 2030 | sc->init = scsi_disk_initfn; | |
| 2031 | sc->destroy = scsi_destroy; | |
| 2032 | sc->alloc_req = scsi_new_request; | |
| 2033 | sc->unit_attention_reported = scsi_disk_unit_attention_reported; | |
| 39bffca2 AL |
2034 | dc->fw_name = "disk"; |
| 2035 | dc->desc = "virtual SCSI disk or CD-ROM (legacy)"; | |
| 2036 | dc->reset = scsi_disk_reset; | |
| 2037 | dc->props = scsi_disk_properties; | |
| 43b978b9 | 2038 | dc->vmsd = &vmstate_scsi_disk_state; |
| b9eea3e6 AL |
2039 | } |
| 2040 | ||
| 39bffca2 AL |
2041 | static TypeInfo scsi_disk_info = { |
| 2042 | .name = "scsi-disk", | |
| 2043 | .parent = TYPE_SCSI_DEVICE, | |
| 2044 | .instance_size = sizeof(SCSIDiskState), | |
| 2045 | .class_init = scsi_disk_class_initfn, | |
| d52affa7 GH |
2046 | }; |
| 2047 | ||
| 83f7d43a | 2048 | static void scsi_disk_register_types(void) |
| d52affa7 | 2049 | { |
| 39bffca2 AL |
2050 | type_register_static(&scsi_hd_info); |
| 2051 | type_register_static(&scsi_cd_info); | |
| b9eea3e6 | 2052 | #ifdef __linux__ |
| 39bffca2 | 2053 | type_register_static(&scsi_block_info); |
| b9eea3e6 | 2054 | #endif |
| 39bffca2 | 2055 | type_register_static(&scsi_disk_info); |
| 8ccc2ace | 2056 | } |
| 83f7d43a AF |
2057 | |
| 2058 | type_init(scsi_disk_register_types) |