projects / qemu.git / blame
| Commit | Line | Data |
|---|---|---|
| 2e5d83bb PB |
1 | /* |
| 2 | * SCSI Device emulation | |
| 3 | * | |
| 4 | * Copyright (c) 2006 CodeSourcery. | |
| 5 | * Based on code by Fabrice Bellard | |
| 6 | * | |
| 7 | * Written by Paul Brook | |
| ad3cea42 AT |
8 | * Modifications: |
| 9 | * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case | |
| 10 | * when the allocation length of CDB is smaller | |
| 11 | * than 36. | |
| 12 | * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the | |
| 13 | * MODE SENSE response. | |
| 2e5d83bb | 14 | * |
| 8e31bf38 | 15 | * This code is licensed under the LGPL. |
| a917d384 PB |
16 | * |
| 17 | * Note that this file only handles the SCSI architecture model and device | |
| 1d4db89c AZ |
18 | * commands. Emulation of interface/link layer protocols is handled by |
| 19 | * the host adapter emulator. | |
| 2e5d83bb PB |
20 | */ |
| 21 | ||
| 22 | //#define DEBUG_SCSI | |
| 23 | ||
| 24 | #ifdef DEBUG_SCSI | |
| 001faf32 BS |
25 | #define DPRINTF(fmt, ...) \ |
| 26 | do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0) | |
| 2e5d83bb | 27 | #else |
| 001faf32 | 28 | #define DPRINTF(fmt, ...) do {} while(0) |
| 2e5d83bb PB |
29 | #endif |
| 30 | ||
| 87ecb68b | 31 | #include "qemu-common.h" |
| 2f792016 | 32 | #include "qemu-error.h" |
| 43b443b6 | 33 | #include "scsi.h" |
| 0d65e1f8 | 34 | #include "scsi-defs.h" |
| 666daa68 | 35 | #include "sysemu.h" |
| 2446333c | 36 | #include "blockdev.h" |
| 5d0d2467 | 37 | #include "dma.h" |
| 22864256 | 38 | |
| 336a6915 PB |
39 | #ifdef __linux |
| 40 | #include <scsi/sg.h> | |
| 41 | #endif | |
| 42 | ||
| f0f72ffe | 43 | #define SCSI_DMA_BUF_SIZE 131072 |
| 57575058 | 44 | #define SCSI_MAX_INQUIRY_LEN 256 |
| a917d384 | 45 | |
| d52affa7 GH |
46 | typedef struct SCSIDiskState SCSIDiskState; |
| 47 | ||
| 4c41d2ef GH |
48 | typedef struct SCSIDiskReq { |
| 49 | SCSIRequest req; | |
| a917d384 | 50 | /* Both sector and sector_count are in terms of qemu 512 byte blocks. */ |
| e035b43d AL |
51 | uint64_t sector; |
| 52 | uint32_t sector_count; | |
| 7285477a | 53 | uint32_t buflen; |
| a0e66a69 | 54 | bool started; |
| c87c0672 AL |
55 | struct iovec iov; |
| 56 | QEMUIOVector qiov; | |
| a597e79c | 57 | BlockAcctCookie acct; |
| 4c41d2ef | 58 | } SCSIDiskReq; |
| a917d384 | 59 | |
| bfe3d7ac | 60 | #define SCSI_DISK_F_REMOVABLE 0 |
| da8365db | 61 | #define SCSI_DISK_F_DPOFUA 1 |
| bfe3d7ac | 62 | |
| d52affa7 | 63 | struct SCSIDiskState |
| a917d384 | 64 | { |
| d52affa7 | 65 | SCSIDevice qdev; |
| bfe3d7ac | 66 | uint32_t features; |
| 8a9c16f6 | 67 | bool media_changed; |
| 3c2f7c12 | 68 | bool media_event; |
| 4480de19 | 69 | bool eject_request; |
| 27395add | 70 | uint64_t wwn; |
| 213189ab | 71 | QEMUBH *bh; |
| 383b4d9b | 72 | char *version; |
| a0fef654 | 73 | char *serial; |
| ece0d5e9 | 74 | bool tray_open; |
| 81b1008d | 75 | bool tray_locked; |
| 2e5d83bb PB |
76 | }; |
| 77 | ||
| 71544d30 | 78 | static int scsi_handle_rw_error(SCSIDiskReq *r, int error); |
| 5dba48a8 | 79 | |
| ad2d30f7 | 80 | static void scsi_free_request(SCSIRequest *req) |
| 4d611c9a | 81 | { |
| ad2d30f7 PB |
82 | SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); |
| 83 | ||
| 7285477a PB |
84 | if (r->iov.iov_base) { |
| 85 | qemu_vfree(r->iov.iov_base); | |
| 86 | } | |
| 4d611c9a PB |
87 | } |
| 88 | ||
| b45ef674 PB |
89 | /* Helper function for command completion with sense. */ |
| 90 | static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense) | |
| ed3a34a3 | 91 | { |
| 02fa69b6 BS |
92 | DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n", |
| 93 | r->req.tag, sense.key, sense.asc, sense.ascq); | |
| b45ef674 PB |
94 | scsi_req_build_sense(&r->req, sense); |
| 95 | scsi_req_complete(&r->req, CHECK_CONDITION); | |
| 4d611c9a PB |
96 | } |
| 97 | ||
| 98 | /* Cancel a pending data transfer. */ | |
| 5c6c0e51 | 99 | static void scsi_cancel_io(SCSIRequest *req) |
| 4d611c9a | 100 | { |
| 5c6c0e51 HR |
101 | SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); |
| 102 | ||
| 103 | DPRINTF("Cancel tag=0x%x\n", req->tag); | |
| 104 | if (r->req.aiocb) { | |
| 105 | bdrv_aio_cancel(r->req.aiocb); | |
| c7bae6a7 PB |
106 | |
| 107 | /* This reference was left in by scsi_*_data. We take ownership of | |
| 108 | * it the moment scsi_req_cancel is called, independent of whether | |
| 109 | * bdrv_aio_cancel completes the request or not. */ | |
| 110 | scsi_req_unref(&r->req); | |
| a917d384 | 111 | } |
| 5c6c0e51 | 112 | r->req.aiocb = NULL; |
| a917d384 PB |
113 | } |
| 114 | ||
| 43b978b9 | 115 | static uint32_t scsi_init_iovec(SCSIDiskReq *r, size_t size) |
| 103b40f5 | 116 | { |
| 7285477a PB |
117 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); |
| 118 | ||
| 119 | if (!r->iov.iov_base) { | |
| 43b978b9 | 120 | r->buflen = size; |
| 44740c38 | 121 | r->iov.iov_base = qemu_blockalign(s->qdev.conf.bs, r->buflen); |
| 7285477a PB |
122 | } |
| 123 | r->iov.iov_len = MIN(r->sector_count * 512, r->buflen); | |
| 103b40f5 PB |
124 | qemu_iovec_init_external(&r->qiov, &r->iov, 1); |
| 125 | return r->qiov.size / 512; | |
| 126 | } | |
| 127 | ||
| 43b978b9 PB |
128 | static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req) |
| 129 | { | |
| 130 | SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); | |
| 131 | ||
| 132 | qemu_put_be64s(f, &r->sector); | |
| 133 | qemu_put_be32s(f, &r->sector_count); | |
| 134 | qemu_put_be32s(f, &r->buflen); | |
| 18eef3bc GH |
135 | if (r->buflen) { |
| 136 | if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { | |
| 137 | qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len); | |
| 138 | } else if (!req->retry) { | |
| 139 | uint32_t len = r->iov.iov_len; | |
| 140 | qemu_put_be32s(f, &len); | |
| 141 | qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len); | |
| 142 | } | |
| 43b978b9 PB |
143 | } |
| 144 | } | |
| 145 | ||
| 146 | static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req) | |
| 147 | { | |
| 148 | SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); | |
| 149 | ||
| 150 | qemu_get_be64s(f, &r->sector); | |
| 151 | qemu_get_be32s(f, &r->sector_count); | |
| 152 | qemu_get_be32s(f, &r->buflen); | |
| 153 | if (r->buflen) { | |
| 154 | scsi_init_iovec(r, r->buflen); | |
| 155 | if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { | |
| 156 | qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len); | |
| 18eef3bc GH |
157 | } else if (!r->req.retry) { |
| 158 | uint32_t len; | |
| 159 | qemu_get_be32s(f, &len); | |
| 160 | r->iov.iov_len = len; | |
| 161 | assert(r->iov.iov_len <= r->buflen); | |
| 162 | qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len); | |
| 43b978b9 PB |
163 | } |
| 164 | } | |
| 165 | ||
| 166 | qemu_iovec_init_external(&r->qiov, &r->iov, 1); | |
| 167 | } | |
| 168 | ||
| b77912a7 | 169 | static void scsi_flush_complete(void * opaque, int ret) |
| 5d0d2467 PB |
170 | { |
| 171 | SCSIDiskReq *r = (SCSIDiskReq *)opaque; | |
| 172 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); | |
| 173 | ||
| 174 | bdrv_acct_done(s->qdev.conf.bs, &r->acct); | |
| 175 | ||
| 80624c93 | 176 | if (ret < 0) { |
| 5d0d2467 PB |
177 | if (scsi_handle_rw_error(r, -ret)) { |
| 178 | goto done; | |
| 179 | } | |
| 180 | } | |
| 181 | ||
| 5d0d2467 PB |
182 | scsi_req_complete(&r->req, GOOD); |
| 183 | ||
| 184 | done: | |
| b8aba8d7 PB |
185 | if (!r->req.io_canceled) { |
| 186 | scsi_req_unref(&r->req); | |
| 187 | } | |
| 5d0d2467 PB |
188 | } |
| 189 | ||
| 7e8c49c5 PB |
190 | static bool scsi_is_cmd_fua(SCSICommand *cmd) |
| 191 | { | |
| 192 | switch (cmd->buf[0]) { | |
| 193 | case READ_10: | |
| 194 | case READ_12: | |
| 195 | case READ_16: | |
| 196 | case WRITE_10: | |
| 197 | case WRITE_12: | |
| 198 | case WRITE_16: | |
| 199 | return (cmd->buf[1] & 8) != 0; | |
| 200 | ||
| 7f64f8e2 PB |
201 | case VERIFY_10: |
| 202 | case VERIFY_12: | |
| 203 | case VERIFY_16: | |
| 7e8c49c5 PB |
204 | case WRITE_VERIFY_10: |
| 205 | case WRITE_VERIFY_12: | |
| 206 | case WRITE_VERIFY_16: | |
| 207 | return true; | |
| 208 | ||
| 209 | case READ_6: | |
| 210 | case WRITE_6: | |
| 211 | default: | |
| 212 | return false; | |
| 213 | } | |
| 214 | } | |
| 215 | ||
| 216 | static void scsi_write_do_fua(SCSIDiskReq *r) | |
| 217 | { | |
| 218 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); | |
| 219 | ||
| 220 | if (scsi_is_cmd_fua(&r->req.cmd)) { | |
| 221 | bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH); | |
| 222 | r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_flush_complete, r); | |
| 223 | return; | |
| 224 | } | |
| 225 | ||
| 226 | scsi_req_complete(&r->req, GOOD); | |
| 227 | if (!r->req.io_canceled) { | |
| 228 | scsi_req_unref(&r->req); | |
| 229 | } | |
| 230 | } | |
| 231 | ||
| b77912a7 | 232 | static void scsi_dma_complete(void *opaque, int ret) |
| a917d384 | 233 | { |
| 4c41d2ef | 234 | SCSIDiskReq *r = (SCSIDiskReq *)opaque; |
| a597e79c | 235 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); |
| a917d384 | 236 | |
| 7f64f8e2 PB |
237 | if (r->req.aiocb != NULL) { |
| 238 | r->req.aiocb = NULL; | |
| 239 | bdrv_acct_done(s->qdev.conf.bs, &r->acct); | |
| 240 | } | |
| a597e79c | 241 | |
| 80624c93 | 242 | if (ret < 0) { |
| 71544d30 | 243 | if (scsi_handle_rw_error(r, -ret)) { |
| c7bae6a7 | 244 | goto done; |
| 5dba48a8 | 245 | } |
| 4d611c9a | 246 | } |
| 5dba48a8 | 247 | |
| b77912a7 PB |
248 | r->sector += r->sector_count; |
| 249 | r->sector_count = 0; | |
| 7e8c49c5 PB |
250 | if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { |
| 251 | scsi_write_do_fua(r); | |
| 252 | return; | |
| 253 | } else { | |
| 254 | scsi_req_complete(&r->req, GOOD); | |
| 255 | } | |
| c7bae6a7 PB |
256 | |
| 257 | done: | |
| 258 | if (!r->req.io_canceled) { | |
| 259 | scsi_req_unref(&r->req); | |
| 260 | } | |
| 4d611c9a PB |
261 | } |
| 262 | ||
| b77912a7 | 263 | static void scsi_read_complete(void * opaque, int ret) |
| 0a4ac106 PB |
264 | { |
| 265 | SCSIDiskReq *r = (SCSIDiskReq *)opaque; | |
| 266 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); | |
| b77912a7 | 267 | int n; |
| 0a4ac106 | 268 | |
| b77912a7 PB |
269 | if (r->req.aiocb != NULL) { |
| 270 | r->req.aiocb = NULL; | |
| 271 | bdrv_acct_done(s->qdev.conf.bs, &r->acct); | |
| 272 | } | |
| 0a4ac106 PB |
273 | |
| 274 | if (ret < 0) { | |
| 71544d30 | 275 | if (scsi_handle_rw_error(r, -ret)) { |
| c7bae6a7 | 276 | goto done; |
| 0a4ac106 PB |
277 | } |
| 278 | } | |
| 279 | ||
| b77912a7 PB |
280 | DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->qiov.size); |
| 281 | ||
| 282 | n = r->qiov.size / 512; | |
| 283 | r->sector += n; | |
| 284 | r->sector_count -= n; | |
| 285 | scsi_req_data(&r->req, r->qiov.size); | |
| c7bae6a7 PB |
286 | |
| 287 | done: | |
| 288 | if (!r->req.io_canceled) { | |
| 289 | scsi_req_unref(&r->req); | |
| 290 | } | |
| 0a4ac106 | 291 | } |
| 5dba48a8 | 292 | |
| ac668426 PB |
293 | /* Actually issue a read to the block device. */ |
| 294 | static void scsi_do_read(void *opaque, int ret) | |
| 295 | { | |
| 296 | SCSIDiskReq *r = opaque; | |
| 297 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); | |
| 298 | uint32_t n; | |
| 299 | ||
| 300 | if (r->req.aiocb != NULL) { | |
| 301 | r->req.aiocb = NULL; | |
| 302 | bdrv_acct_done(s->qdev.conf.bs, &r->acct); | |
| 303 | } | |
| 304 | ||
| 305 | if (ret < 0) { | |
| 306 | if (scsi_handle_rw_error(r, -ret)) { | |
| 307 | goto done; | |
| 308 | } | |
| 309 | } | |
| 310 | ||
| 31e8fd86 PB |
311 | if (r->req.io_canceled) { |
| 312 | return; | |
| 313 | } | |
| 314 | ||
| 315 | /* The request is used as the AIO opaque value, so add a ref. */ | |
| 316 | scsi_req_ref(&r->req); | |
| 317 | ||
| ac668426 PB |
318 | if (r->req.sg) { |
| 319 | dma_acct_start(s->qdev.conf.bs, &r->acct, r->req.sg, BDRV_ACCT_READ); | |
| 320 | r->req.resid -= r->req.sg->size; | |
| 321 | r->req.aiocb = dma_bdrv_read(s->qdev.conf.bs, r->req.sg, r->sector, | |
| 322 | scsi_dma_complete, r); | |
| 323 | } else { | |
| 324 | n = scsi_init_iovec(r, SCSI_DMA_BUF_SIZE); | |
| 325 | bdrv_acct_start(s->qdev.conf.bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ); | |
| 326 | r->req.aiocb = bdrv_aio_readv(s->qdev.conf.bs, r->sector, &r->qiov, n, | |
| 327 | scsi_read_complete, r); | |
| 328 | } | |
| 329 | ||
| 330 | done: | |
| 331 | if (!r->req.io_canceled) { | |
| 332 | scsi_req_unref(&r->req); | |
| 333 | } | |
| 334 | } | |
| 335 | ||
| 5c6c0e51 HR |
336 | /* Read more data from scsi device into buffer. */ |
| 337 | static void scsi_read_data(SCSIRequest *req) | |
| 2e5d83bb | 338 | { |
| 5c6c0e51 | 339 | SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); |
| 5dba48a8 | 340 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); |
| ac668426 | 341 | bool first; |
| 2e5d83bb | 342 | |
| a917d384 | 343 | if (r->sector_count == (uint32_t)-1) { |
| aa2b1e89 | 344 | DPRINTF("Read buf_len=%zd\n", r->iov.iov_len); |
| a917d384 | 345 | r->sector_count = 0; |
| a0e66a69 | 346 | r->started = true; |
| ab9adc88 | 347 | scsi_req_data(&r->req, r->iov.iov_len); |
| a917d384 | 348 | return; |
| 2e5d83bb | 349 | } |
| a917d384 PB |
350 | DPRINTF("Read sector_count=%d\n", r->sector_count); |
| 351 | if (r->sector_count == 0) { | |
| b45ef674 PB |
352 | /* This also clears the sense buffer for REQUEST SENSE. */ |
| 353 | scsi_req_complete(&r->req, GOOD); | |
| a917d384 | 354 | return; |
| 2e5d83bb PB |
355 | } |
| 356 | ||
| 6fa2c95f SH |
357 | /* No data transfer may already be in progress */ |
| 358 | assert(r->req.aiocb == NULL); | |
| 359 | ||
| c7bae6a7 PB |
360 | /* The request is used as the AIO opaque value, so add a ref. */ |
| 361 | scsi_req_ref(&r->req); | |
| efb9ee02 HR |
362 | if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { |
| 363 | DPRINTF("Data transfer direction invalid\n"); | |
| 364 | scsi_read_complete(r, -EINVAL); | |
| 365 | return; | |
| 366 | } | |
| 367 | ||
| a1aff5bf MA |
368 | if (s->tray_open) { |
| 369 | scsi_read_complete(r, -ENOMEDIUM); | |
| c7bae6a7 | 370 | return; |
| a1aff5bf | 371 | } |
| c7bae6a7 | 372 | |
| ac668426 | 373 | first = !r->started; |
| a0e66a69 | 374 | r->started = true; |
| ac668426 PB |
375 | if (first && scsi_is_cmd_fua(&r->req.cmd)) { |
| 376 | bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH); | |
| 377 | r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_do_read, r); | |
| 5d0d2467 | 378 | } else { |
| ac668426 | 379 | scsi_do_read(r, 0); |
| 5d0d2467 | 380 | } |
| 2e5d83bb PB |
381 | } |
| 382 | ||
| c7bae6a7 PB |
383 | /* |
| 384 | * scsi_handle_rw_error has two return values. 0 means that the error | |
| 385 | * must be ignored, 1 means that the error has been processed and the | |
| 386 | * caller should not do anything else for this request. Note that | |
| 387 | * scsi_handle_rw_error always manages its reference counts, independent | |
| 388 | * of the return value. | |
| 389 | */ | |
| 71544d30 | 390 | static int scsi_handle_rw_error(SCSIDiskReq *r, int error) |
| 5dba48a8 | 391 | { |
| 71544d30 | 392 | int is_read = (r->req.cmd.xfer == SCSI_XFER_FROM_DEV); |
| 4c41d2ef | 393 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); |
| 44740c38 | 394 | BlockErrorAction action = bdrv_get_on_error(s->qdev.conf.bs, is_read); |
| ea8a5d7f | 395 | |
| 380f640f | 396 | if (action == BLOCK_ERR_IGNORE) { |
| 329c0a48 | 397 | bdrv_emit_qmp_error_event(s->qdev.conf.bs, BDRV_ACTION_IGNORE, is_read); |
| ea8a5d7f | 398 | return 0; |
| 380f640f | 399 | } |
| ea8a5d7f AL |
400 | |
| 401 | if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC) | |
| 402 | || action == BLOCK_ERR_STOP_ANY) { | |
| 5dba48a8 | 403 | |
| 329c0a48 | 404 | bdrv_emit_qmp_error_event(s->qdev.conf.bs, BDRV_ACTION_STOP, is_read); |
| 0461d5a6 | 405 | vm_stop(RUN_STATE_IO_ERROR); |
| 44740c38 | 406 | bdrv_iostatus_set_err(s->qdev.conf.bs, error); |
| 71544d30 | 407 | scsi_req_retry(&r->req); |
| ea8a5d7f | 408 | } else { |
| efb9ee02 | 409 | switch (error) { |
| 7e218df5 PB |
410 | case ENOMEDIUM: |
| 411 | scsi_check_condition(r, SENSE_CODE(NO_MEDIUM)); | |
| 412 | break; | |
| efb9ee02 | 413 | case ENOMEM: |
| b45ef674 | 414 | scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE)); |
| efb9ee02 HR |
415 | break; |
| 416 | case EINVAL: | |
| b45ef674 | 417 | scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); |
| efb9ee02 HR |
418 | break; |
| 419 | default: | |
| b45ef674 | 420 | scsi_check_condition(r, SENSE_CODE(IO_ERROR)); |
| efb9ee02 | 421 | break; |
| a1f0cce2 | 422 | } |
| 329c0a48 | 423 | bdrv_emit_qmp_error_event(s->qdev.conf.bs, BDRV_ACTION_REPORT, is_read); |
| ea8a5d7f | 424 | } |
| ea8a5d7f AL |
425 | return 1; |
| 426 | } | |
| 427 | ||
| 4d611c9a PB |
428 | static void scsi_write_complete(void * opaque, int ret) |
| 429 | { | |
| 4c41d2ef | 430 | SCSIDiskReq *r = (SCSIDiskReq *)opaque; |
| a597e79c | 431 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); |
| ea8a5d7f AL |
432 | uint32_t n; |
| 433 | ||
| 8e321cc6 PB |
434 | if (r->req.aiocb != NULL) { |
| 435 | r->req.aiocb = NULL; | |
| 44740c38 | 436 | bdrv_acct_done(s->qdev.conf.bs, &r->acct); |
| 8e321cc6 | 437 | } |
| a597e79c | 438 | |
| 80624c93 | 439 | if (ret < 0) { |
| 71544d30 | 440 | if (scsi_handle_rw_error(r, -ret)) { |
| c7bae6a7 | 441 | goto done; |
| 5dba48a8 | 442 | } |
| 4d611c9a PB |
443 | } |
| 444 | ||
| 103b40f5 | 445 | n = r->qiov.size / 512; |
| ea8a5d7f AL |
446 | r->sector += n; |
| 447 | r->sector_count -= n; | |
| a917d384 | 448 | if (r->sector_count == 0) { |
| 7e8c49c5 PB |
449 | scsi_write_do_fua(r); |
| 450 | return; | |
| a917d384 | 451 | } else { |
| 43b978b9 | 452 | scsi_init_iovec(r, SCSI_DMA_BUF_SIZE); |
| 103b40f5 PB |
453 | DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, r->qiov.size); |
| 454 | scsi_req_data(&r->req, r->qiov.size); | |
| 4d611c9a | 455 | } |
| c7bae6a7 PB |
456 | |
| 457 | done: | |
| 458 | if (!r->req.io_canceled) { | |
| 459 | scsi_req_unref(&r->req); | |
| 460 | } | |
| 4d611c9a PB |
461 | } |
| 462 | ||
| 42741212 | 463 | static void scsi_write_data(SCSIRequest *req) |
| ea8a5d7f | 464 | { |
| 5c6c0e51 | 465 | SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); |
| 4c41d2ef | 466 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); |
| ea8a5d7f AL |
467 | uint32_t n; |
| 468 | ||
| 6fa2c95f SH |
469 | /* No data transfer may already be in progress */ |
| 470 | assert(r->req.aiocb == NULL); | |
| 471 | ||
| c7bae6a7 PB |
472 | /* The request is used as the AIO opaque value, so add a ref. */ |
| 473 | scsi_req_ref(&r->req); | |
| efb9ee02 HR |
474 | if (r->req.cmd.mode != SCSI_XFER_TO_DEV) { |
| 475 | DPRINTF("Data transfer direction invalid\n"); | |
| 476 | scsi_write_complete(r, -EINVAL); | |
| 42741212 | 477 | return; |
| efb9ee02 HR |
478 | } |
| 479 | ||
| 5d0d2467 PB |
480 | if (!r->req.sg && !r->qiov.size) { |
| 481 | /* Called for the first time. Ask the driver to send us more data. */ | |
| a0e66a69 | 482 | r->started = true; |
| 5d0d2467 PB |
483 | scsi_write_complete(r, 0); |
| 484 | return; | |
| 485 | } | |
| 486 | if (s->tray_open) { | |
| 487 | scsi_write_complete(r, -ENOMEDIUM); | |
| 488 | return; | |
| 489 | } | |
| 490 | ||
| 7f64f8e2 PB |
491 | if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 || |
| 492 | r->req.cmd.buf[0] == VERIFY_16) { | |
| 493 | if (r->req.sg) { | |
| 494 | scsi_dma_complete(r, 0); | |
| 495 | } else { | |
| 496 | scsi_write_complete(r, 0); | |
| 497 | } | |
| 498 | return; | |
| 499 | } | |
| 500 | ||
| 5d0d2467 PB |
501 | if (r->req.sg) { |
| 502 | dma_acct_start(s->qdev.conf.bs, &r->acct, r->req.sg, BDRV_ACCT_WRITE); | |
| 503 | r->req.resid -= r->req.sg->size; | |
| 504 | r->req.aiocb = dma_bdrv_write(s->qdev.conf.bs, r->req.sg, r->sector, | |
| 505 | scsi_dma_complete, r); | |
| 506 | } else { | |
| 507 | n = r->qiov.size / 512; | |
| 44740c38 PB |
508 | bdrv_acct_start(s->qdev.conf.bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_WRITE); |
| 509 | r->req.aiocb = bdrv_aio_writev(s->qdev.conf.bs, r->sector, &r->qiov, n, | |
| 103b40f5 | 510 | scsi_write_complete, r); |
| ea8a5d7f | 511 | } |
| a917d384 | 512 | } |
| 2e5d83bb | 513 | |
| a917d384 | 514 | /* Return a pointer to the data buffer. */ |
| 5c6c0e51 | 515 | static uint8_t *scsi_get_buf(SCSIRequest *req) |
| a917d384 | 516 | { |
| 5c6c0e51 | 517 | SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); |
| 2e5d83bb | 518 | |
| 3f4cb3d3 | 519 | return (uint8_t *)r->iov.iov_base; |
| 2e5d83bb PB |
520 | } |
| 521 | ||
| 0b06c059 GH |
522 | static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf) |
| 523 | { | |
| 383b4d9b | 524 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); |
| 0b06c059 | 525 | int buflen = 0; |
| 82579390 | 526 | int start; |
| 0b06c059 | 527 | |
| 0b06c059 GH |
528 | if (req->cmd.buf[1] & 0x1) { |
| 529 | /* Vital product data */ | |
| 530 | uint8_t page_code = req->cmd.buf[2]; | |
| 0b06c059 | 531 | |
| e39be482 | 532 | outbuf[buflen++] = s->qdev.type & 0x1f; |
| 0b06c059 GH |
533 | outbuf[buflen++] = page_code ; // this page |
| 534 | outbuf[buflen++] = 0x00; | |
| 82579390 PB |
535 | outbuf[buflen++] = 0x00; |
| 536 | start = buflen; | |
| 0b06c059 GH |
537 | |
| 538 | switch (page_code) { | |
| 539 | case 0x00: /* Supported page codes, mandatory */ | |
| 39d98982 | 540 | { |
| 0b06c059 GH |
541 | DPRINTF("Inquiry EVPD[Supported pages] " |
| 542 | "buffer size %zd\n", req->cmd.xfer); | |
| 0b06c059 | 543 | outbuf[buflen++] = 0x00; // list of supported pages (this page) |
| f01b5931 | 544 | if (s->serial) { |
| 3e1c0c9a | 545 | outbuf[buflen++] = 0x80; // unit serial number |
| f01b5931 | 546 | } |
| 0b06c059 | 547 | outbuf[buflen++] = 0x83; // device identification |
| f37bd73b | 548 | if (s->qdev.type == TYPE_DISK) { |
| ea3bd56f CH |
549 | outbuf[buflen++] = 0xb0; // block limits |
| 550 | outbuf[buflen++] = 0xb2; // thin provisioning | |
| 39d98982 | 551 | } |
| 0b06c059 | 552 | break; |
| 39d98982 | 553 | } |
| 0b06c059 GH |
554 | case 0x80: /* Device serial number, optional */ |
| 555 | { | |
| 3e1c0c9a | 556 | int l; |
| 0b06c059 | 557 | |
| 3e1c0c9a HR |
558 | if (!s->serial) { |
| 559 | DPRINTF("Inquiry (EVPD[Serial number] not supported\n"); | |
| 560 | return -1; | |
| 561 | } | |
| 562 | ||
| 563 | l = strlen(s->serial); | |
| f01b5931 | 564 | if (l > 20) { |
| 0b06c059 | 565 | l = 20; |
| f01b5931 | 566 | } |
| 0b06c059 GH |
567 | |
| 568 | DPRINTF("Inquiry EVPD[Serial number] " | |
| 569 | "buffer size %zd\n", req->cmd.xfer); | |
| a0fef654 | 570 | memcpy(outbuf+buflen, s->serial, l); |
| 0b06c059 GH |
571 | buflen += l; |
| 572 | break; | |
| 573 | } | |
| 574 | ||
| 575 | case 0x83: /* Device identification page, mandatory */ | |
| 576 | { | |
| fd930791 PB |
577 | const char *str = s->serial ?: bdrv_get_device_name(s->qdev.conf.bs); |
| 578 | int max_len = s->serial ? 20 : 255 - 8; | |
| 579 | int id_len = strlen(str); | |
| 0b06c059 | 580 | |
| f01b5931 | 581 | if (id_len > max_len) { |
| 0b06c059 | 582 | id_len = max_len; |
| f01b5931 | 583 | } |
| 0b06c059 GH |
584 | DPRINTF("Inquiry EVPD[Device identification] " |
| 585 | "buffer size %zd\n", req->cmd.xfer); | |
| 586 | ||
| 0b06c059 GH |
587 | outbuf[buflen++] = 0x2; // ASCII |
| 588 | outbuf[buflen++] = 0; // not officially assigned | |
| 589 | outbuf[buflen++] = 0; // reserved | |
| 590 | outbuf[buflen++] = id_len; // length of data following | |
| fd930791 | 591 | memcpy(outbuf+buflen, str, id_len); |
| 0b06c059 | 592 | buflen += id_len; |
| 27395add PB |
593 | |
| 594 | if (s->wwn) { | |
| 595 | outbuf[buflen++] = 0x1; // Binary | |
| 596 | outbuf[buflen++] = 0x3; // NAA | |
| 597 | outbuf[buflen++] = 0; // reserved | |
| 598 | outbuf[buflen++] = 8; | |
| 599 | stq_be_p(&outbuf[buflen], s->wwn); | |
| 600 | buflen += 8; | |
| 601 | } | |
| 0b06c059 GH |
602 | break; |
| 603 | } | |
| ea3bd56f | 604 | case 0xb0: /* block limits */ |
| ee3659e3 | 605 | { |
| ea3bd56f CH |
606 | unsigned int unmap_sectors = |
| 607 | s->qdev.conf.discard_granularity / s->qdev.blocksize; | |
| 8cfacf07 CH |
608 | unsigned int min_io_size = |
| 609 | s->qdev.conf.min_io_size / s->qdev.blocksize; | |
| 610 | unsigned int opt_io_size = | |
| 611 | s->qdev.conf.opt_io_size / s->qdev.blocksize; | |
| ee3659e3 | 612 | |
| f37bd73b | 613 | if (s->qdev.type == TYPE_ROM) { |
| 39d98982 HR |
614 | DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n", |
| 615 | page_code); | |
| 616 | return -1; | |
| 617 | } | |
| ee3659e3 | 618 | /* required VPD size with unmap support */ |
| 82579390 | 619 | buflen = 0x40; |
| ee3659e3 CH |
620 | memset(outbuf + 4, 0, buflen - 4); |
| 621 | ||
| 622 | /* optimal transfer length granularity */ | |
| 623 | outbuf[6] = (min_io_size >> 8) & 0xff; | |
| 624 | outbuf[7] = min_io_size & 0xff; | |
| 625 | ||
| 626 | /* optimal transfer length */ | |
| 627 | outbuf[12] = (opt_io_size >> 24) & 0xff; | |
| 628 | outbuf[13] = (opt_io_size >> 16) & 0xff; | |
| 629 | outbuf[14] = (opt_io_size >> 8) & 0xff; | |
| 630 | outbuf[15] = opt_io_size & 0xff; | |
| ea3bd56f CH |
631 | |
| 632 | /* optimal unmap granularity */ | |
| 633 | outbuf[28] = (unmap_sectors >> 24) & 0xff; | |
| 634 | outbuf[29] = (unmap_sectors >> 16) & 0xff; | |
| 635 | outbuf[30] = (unmap_sectors >> 8) & 0xff; | |
| 636 | outbuf[31] = unmap_sectors & 0xff; | |
| 637 | break; | |
| 638 | } | |
| 639 | case 0xb2: /* thin provisioning */ | |
| 640 | { | |
| 82579390 | 641 | buflen = 8; |
| ea3bd56f | 642 | outbuf[4] = 0; |
| c9e4d828 | 643 | outbuf[5] = 0x60; /* write_same 10/16 supported */ |
| f644a290 | 644 | outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1; |
| ea3bd56f | 645 | outbuf[7] = 0; |
| ee3659e3 CH |
646 | break; |
| 647 | } | |
| 0b06c059 | 648 | default: |
| 0b06c059 GH |
649 | return -1; |
| 650 | } | |
| 651 | /* done with EVPD */ | |
| 82579390 PB |
652 | assert(buflen - start <= 255); |
| 653 | outbuf[start - 1] = buflen - start; | |
| 0b06c059 GH |
654 | return buflen; |
| 655 | } | |
| 656 | ||
| 657 | /* Standard INQUIRY data */ | |
| 658 | if (req->cmd.buf[2] != 0) { | |
| 0b06c059 GH |
659 | return -1; |
| 660 | } | |
| 661 | ||
| 662 | /* PAGE CODE == 0 */ | |
| 0b06c059 | 663 | buflen = req->cmd.xfer; |
| f01b5931 | 664 | if (buflen > SCSI_MAX_INQUIRY_LEN) { |
| 0b06c059 | 665 | buflen = SCSI_MAX_INQUIRY_LEN; |
| f01b5931 | 666 | } |
| 0b06c059 GH |
667 | memset(outbuf, 0, buflen); |
| 668 | ||
| f37bd73b | 669 | outbuf[0] = s->qdev.type & 0x1f; |
| bfe3d7ac | 670 | outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0; |
| f37bd73b | 671 | if (s->qdev.type == TYPE_ROM) { |
| 550fe6c6 | 672 | memcpy(&outbuf[16], "QEMU CD-ROM ", 16); |
| 0b06c059 | 673 | } else { |
| 550fe6c6 | 674 | memcpy(&outbuf[16], "QEMU HARDDISK ", 16); |
| 0b06c059 | 675 | } |
| 550fe6c6 | 676 | memcpy(&outbuf[8], "QEMU ", 8); |
| 314b1811 | 677 | memset(&outbuf[32], 0, 4); |
| 552fee93 | 678 | memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version))); |
| 99aba0c4 CH |
679 | /* |
| 680 | * We claim conformance to SPC-3, which is required for guests | |
| 681 | * to ask for modern features like READ CAPACITY(16) or the | |
| 682 | * block characteristics VPD page by default. Not all of SPC-3 | |
| 683 | * is actually implemented, but we're good enough. | |
| 684 | */ | |
| ee3659e3 | 685 | outbuf[2] = 5; |
| 0b06c059 | 686 | outbuf[3] = 2; /* Format 2 */ |
| ad3cea42 AT |
687 | |
| 688 | if (buflen > 36) { | |
| 689 | outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */ | |
| 690 | } else { | |
| 691 | /* If the allocation length of CDB is too small, | |
| 692 | the additional length is not adjusted */ | |
| 693 | outbuf[4] = 36 - 5; | |
| 694 | } | |
| 695 | ||
| 0b06c059 | 696 | /* Sync data transfer and TCQ. */ |
| afd4030c | 697 | outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0); |
| 0b06c059 GH |
698 | return buflen; |
| 699 | } | |
| 700 | ||
| 430ee2f2 PB |
701 | static inline bool media_is_dvd(SCSIDiskState *s) |
| 702 | { | |
| 703 | uint64_t nb_sectors; | |
| 704 | if (s->qdev.type != TYPE_ROM) { | |
| 705 | return false; | |
| 706 | } | |
| 44740c38 | 707 | if (!bdrv_is_inserted(s->qdev.conf.bs)) { |
| 430ee2f2 PB |
708 | return false; |
| 709 | } | |
| 44740c38 | 710 | bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); |
| 430ee2f2 PB |
711 | return nb_sectors > CD_MAX_SECTORS; |
| 712 | } | |
| 713 | ||
| ceb792ef PB |
714 | static inline bool media_is_cd(SCSIDiskState *s) |
| 715 | { | |
| 716 | uint64_t nb_sectors; | |
| 717 | if (s->qdev.type != TYPE_ROM) { | |
| 718 | return false; | |
| 719 | } | |
| 44740c38 | 720 | if (!bdrv_is_inserted(s->qdev.conf.bs)) { |
| ceb792ef PB |
721 | return false; |
| 722 | } | |
| 44740c38 | 723 | bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); |
| ceb792ef PB |
724 | return nb_sectors <= CD_MAX_SECTORS; |
| 725 | } | |
| 726 | ||
| b6c251ab PB |
727 | static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r, |
| 728 | uint8_t *outbuf) | |
| 729 | { | |
| ceb792ef PB |
730 | static const int rds_caps_size[5] = { |
| 731 | [0] = 2048 + 4, | |
| 732 | [1] = 4 + 4, | |
| 733 | [3] = 188 + 4, | |
| 734 | [4] = 2048 + 4, | |
| 735 | }; | |
| 736 | ||
| 737 | uint8_t media = r->req.cmd.buf[1]; | |
| 738 | uint8_t layer = r->req.cmd.buf[6]; | |
| 739 | uint8_t format = r->req.cmd.buf[7]; | |
| 740 | int size = -1; | |
| 741 | ||
| 742 | if (s->qdev.type != TYPE_ROM) { | |
| 743 | return -1; | |
| 744 | } | |
| 745 | if (media != 0) { | |
| 746 | scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); | |
| 747 | return -1; | |
| 748 | } | |
| 749 | ||
| 750 | if (format != 0xff) { | |
| 44740c38 | 751 | if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) { |
| ceb792ef PB |
752 | scsi_check_condition(r, SENSE_CODE(NO_MEDIUM)); |
| 753 | return -1; | |
| 754 | } | |
| 755 | if (media_is_cd(s)) { | |
| 756 | scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT)); | |
| 757 | return -1; | |
| 758 | } | |
| 759 | if (format >= ARRAY_SIZE(rds_caps_size)) { | |
| 760 | return -1; | |
| 761 | } | |
| 762 | size = rds_caps_size[format]; | |
| 763 | memset(outbuf, 0, size); | |
| 764 | } | |
| 765 | ||
| 766 | switch (format) { | |
| 767 | case 0x00: { | |
| 768 | /* Physical format information */ | |
| 769 | uint64_t nb_sectors; | |
| 770 | if (layer != 0) { | |
| 771 | goto fail; | |
| 772 | } | |
| 44740c38 | 773 | bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); |
| ceb792ef PB |
774 | |
| 775 | outbuf[4] = 1; /* DVD-ROM, part version 1 */ | |
| 776 | outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */ | |
| 777 | outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */ | |
| 778 | outbuf[7] = 0; /* default densities */ | |
| 779 | ||
| 780 | stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */ | |
| 781 | stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */ | |
| 782 | break; | |
| 783 | } | |
| 784 | ||
| 785 | case 0x01: /* DVD copyright information, all zeros */ | |
| 786 | break; | |
| 787 | ||
| 788 | case 0x03: /* BCA information - invalid field for no BCA info */ | |
| 789 | return -1; | |
| 790 | ||
| 791 | case 0x04: /* DVD disc manufacturing information, all zeros */ | |
| 792 | break; | |
| 793 | ||
| 794 | case 0xff: { /* List capabilities */ | |
| 795 | int i; | |
| 796 | size = 4; | |
| 797 | for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) { | |
| 798 | if (!rds_caps_size[i]) { | |
| 799 | continue; | |
| 800 | } | |
| 801 | outbuf[size] = i; | |
| 802 | outbuf[size + 1] = 0x40; /* Not writable, readable */ | |
| 803 | stw_be_p(&outbuf[size + 2], rds_caps_size[i]); | |
| 804 | size += 4; | |
| 805 | } | |
| 806 | break; | |
| 807 | } | |
| 808 | ||
| 809 | default: | |
| 810 | return -1; | |
| 811 | } | |
| 812 | ||
| 813 | /* Size of buffer, not including 2 byte size field */ | |
| 814 | stw_be_p(outbuf, size - 2); | |
| 815 | return size; | |
| 816 | ||
| 817 | fail: | |
| b6c251ab PB |
818 | return -1; |
| 819 | } | |
| 820 | ||
| 3c2f7c12 | 821 | static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf) |
| b6c251ab | 822 | { |
| 3c2f7c12 PB |
823 | uint8_t event_code, media_status; |
| 824 | ||
| 825 | media_status = 0; | |
| 826 | if (s->tray_open) { | |
| 827 | media_status = MS_TRAY_OPEN; | |
| 44740c38 | 828 | } else if (bdrv_is_inserted(s->qdev.conf.bs)) { |
| 3c2f7c12 PB |
829 | media_status = MS_MEDIA_PRESENT; |
| 830 | } | |
| 831 | ||
| 832 | /* Event notification descriptor */ | |
| 833 | event_code = MEC_NO_CHANGE; | |
| 4480de19 PB |
834 | if (media_status != MS_TRAY_OPEN) { |
| 835 | if (s->media_event) { | |
| 836 | event_code = MEC_NEW_MEDIA; | |
| 837 | s->media_event = false; | |
| 838 | } else if (s->eject_request) { | |
| 839 | event_code = MEC_EJECT_REQUESTED; | |
| 840 | s->eject_request = false; | |
| 841 | } | |
| 3c2f7c12 PB |
842 | } |
| 843 | ||
| 844 | outbuf[0] = event_code; | |
| 845 | outbuf[1] = media_status; | |
| 846 | ||
| 847 | /* These fields are reserved, just clear them. */ | |
| 848 | outbuf[2] = 0; | |
| 849 | outbuf[3] = 0; | |
| 850 | return 4; | |
| 851 | } | |
| 852 | ||
| 853 | static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r, | |
| 854 | uint8_t *outbuf) | |
| 855 | { | |
| 856 | int size; | |
| 857 | uint8_t *buf = r->req.cmd.buf; | |
| 858 | uint8_t notification_class_request = buf[4]; | |
| 859 | if (s->qdev.type != TYPE_ROM) { | |
| 860 | return -1; | |
| 861 | } | |
| 862 | if ((buf[1] & 1) == 0) { | |
| 863 | /* asynchronous */ | |
| 864 | return -1; | |
| 865 | } | |
| 866 | ||
| 867 | size = 4; | |
| 868 | outbuf[0] = outbuf[1] = 0; | |
| 869 | outbuf[3] = 1 << GESN_MEDIA; /* supported events */ | |
| 870 | if (notification_class_request & (1 << GESN_MEDIA)) { | |
| 871 | outbuf[2] = GESN_MEDIA; | |
| 872 | size += scsi_event_status_media(s, &outbuf[size]); | |
| 873 | } else { | |
| 874 | outbuf[2] = 0x80; | |
| 875 | } | |
| 876 | stw_be_p(outbuf, size - 4); | |
| 877 | return size; | |
| b6c251ab PB |
878 | } |
| 879 | ||
| 430ee2f2 | 880 | static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf) |
| b6c251ab | 881 | { |
| 430ee2f2 PB |
882 | int current; |
| 883 | ||
| b6c251ab PB |
884 | if (s->qdev.type != TYPE_ROM) { |
| 885 | return -1; | |
| 886 | } | |
| 430ee2f2 PB |
887 | current = media_is_dvd(s) ? MMC_PROFILE_DVD_ROM : MMC_PROFILE_CD_ROM; |
| 888 | memset(outbuf, 0, 40); | |
| 889 | stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */ | |
| 890 | stw_be_p(&outbuf[6], current); | |
| 891 | /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */ | |
| 892 | outbuf[10] = 0x03; /* persistent, current */ | |
| 893 | outbuf[11] = 8; /* two profiles */ | |
| 894 | stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM); | |
| 895 | outbuf[14] = (current == MMC_PROFILE_DVD_ROM); | |
| 896 | stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM); | |
| 897 | outbuf[18] = (current == MMC_PROFILE_CD_ROM); | |
| 898 | /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */ | |
| 899 | stw_be_p(&outbuf[20], 1); | |
| 900 | outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */ | |
| 901 | outbuf[23] = 8; | |
| 902 | stl_be_p(&outbuf[24], 1); /* SCSI */ | |
| 903 | outbuf[28] = 1; /* DBE = 1, mandatory */ | |
| 904 | /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */ | |
| 905 | stw_be_p(&outbuf[32], 3); | |
| 906 | outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */ | |
| 907 | outbuf[35] = 4; | |
| 908 | outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */ | |
| 909 | /* TODO: Random readable, CD read, DVD read, drive serial number, | |
| 910 | power management */ | |
| 911 | return 40; | |
| b6c251ab PB |
912 | } |
| 913 | ||
| 914 | static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf) | |
| 915 | { | |
| 916 | if (s->qdev.type != TYPE_ROM) { | |
| 917 | return -1; | |
| 918 | } | |
| 919 | memset(outbuf, 0, 8); | |
| 920 | outbuf[5] = 1; /* CD-ROM */ | |
| 921 | return 8; | |
| 922 | } | |
| 923 | ||
| cfc606da | 924 | static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf, |
| 282ab04e | 925 | int page_control) |
| ebddfcbe | 926 | { |
| a8f4bbe2 PB |
927 | static const int mode_sense_valid[0x3f] = { |
| 928 | [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK), | |
| 929 | [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK), | |
| 930 | [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM), | |
| a07c7dcd PB |
931 | [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM), |
| 932 | [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM), | |
| a8f4bbe2 PB |
933 | [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM), |
| 934 | }; | |
| 935 | ||
| 44740c38 | 936 | BlockDriverState *bdrv = s->qdev.conf.bs; |
| ebddfcbe | 937 | int cylinders, heads, secs; |
| cfc606da | 938 | uint8_t *p = *p_outbuf; |
| ebddfcbe | 939 | |
| a8f4bbe2 PB |
940 | if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) { |
| 941 | return -1; | |
| 942 | } | |
| 943 | ||
| 944 | p[0] = page; | |
| 945 | ||
| 282ab04e BK |
946 | /* |
| 947 | * If Changeable Values are requested, a mask denoting those mode parameters | |
| 948 | * that are changeable shall be returned. As we currently don't support | |
| 949 | * parameter changes via MODE_SELECT all bits are returned set to zero. | |
| 950 | * The buffer was already menset to zero by the caller of this function. | |
| 951 | */ | |
| ebddfcbe | 952 | switch (page) { |
| 67cc61e4 | 953 | case MODE_PAGE_HD_GEOMETRY: |
| ebddfcbe | 954 | p[1] = 0x16; |
| 282ab04e | 955 | if (page_control == 1) { /* Changeable Values */ |
| cfc606da | 956 | break; |
| 282ab04e | 957 | } |
| ebddfcbe | 958 | /* if a geometry hint is available, use it */ |
| 245d0049 | 959 | bdrv_guess_geometry(bdrv, &cylinders, &heads, &secs); |
| ebddfcbe GH |
960 | p[2] = (cylinders >> 16) & 0xff; |
| 961 | p[3] = (cylinders >> 8) & 0xff; | |
| 962 | p[4] = cylinders & 0xff; | |
| 963 | p[5] = heads & 0xff; | |
| 964 | /* Write precomp start cylinder, disabled */ | |
| 965 | p[6] = (cylinders >> 16) & 0xff; | |
| 966 | p[7] = (cylinders >> 8) & 0xff; | |
| 967 | p[8] = cylinders & 0xff; | |
| 968 | /* Reduced current start cylinder, disabled */ | |
| 969 | p[9] = (cylinders >> 16) & 0xff; | |
| 970 | p[10] = (cylinders >> 8) & 0xff; | |
| 971 | p[11] = cylinders & 0xff; | |
| 972 | /* Device step rate [ns], 200ns */ | |
| 973 | p[12] = 0; | |
| 974 | p[13] = 200; | |
| 975 | /* Landing zone cylinder */ | |
| 976 | p[14] = 0xff; | |
| 977 | p[15] = 0xff; | |
| 978 | p[16] = 0xff; | |
| 979 | /* Medium rotation rate [rpm], 5400 rpm */ | |
| 980 | p[20] = (5400 >> 8) & 0xff; | |
| 981 | p[21] = 5400 & 0xff; | |
| cfc606da | 982 | break; |
| ebddfcbe | 983 | |
| 67cc61e4 | 984 | case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY: |
| ebddfcbe | 985 | p[1] = 0x1e; |
| 282ab04e | 986 | if (page_control == 1) { /* Changeable Values */ |
| cfc606da | 987 | break; |
| 282ab04e | 988 | } |
| ebddfcbe GH |
989 | /* Transfer rate [kbit/s], 5Mbit/s */ |
| 990 | p[2] = 5000 >> 8; | |
| 991 | p[3] = 5000 & 0xff; | |
| 992 | /* if a geometry hint is available, use it */ | |
| 245d0049 | 993 | bdrv_guess_geometry(bdrv, &cylinders, &heads, &secs); |
| ebddfcbe GH |
994 | p[4] = heads & 0xff; |
| 995 | p[5] = secs & 0xff; | |
| 69377307 | 996 | p[6] = s->qdev.blocksize >> 8; |
| ebddfcbe GH |
997 | p[8] = (cylinders >> 8) & 0xff; |
| 998 | p[9] = cylinders & 0xff; | |
| 999 | /* Write precomp start cylinder, disabled */ | |
| 1000 | p[10] = (cylinders >> 8) & 0xff; | |
| 1001 | p[11] = cylinders & 0xff; | |
| 1002 | /* Reduced current start cylinder, disabled */ | |
| 1003 | p[12] = (cylinders >> 8) & 0xff; | |
| 1004 | p[13] = cylinders & 0xff; | |
| 1005 | /* Device step rate [100us], 100us */ | |
| 1006 | p[14] = 0; | |
| 1007 | p[15] = 1; | |
| 1008 | /* Device step pulse width [us], 1us */ | |
| 1009 | p[16] = 1; | |
| 1010 | /* Device head settle delay [100us], 100us */ | |
| 1011 | p[17] = 0; | |
| 1012 | p[18] = 1; | |
| 1013 | /* Motor on delay [0.1s], 0.1s */ | |
| 1014 | p[19] = 1; | |
| 1015 | /* Motor off delay [0.1s], 0.1s */ | |
| 1016 | p[20] = 1; | |
| 1017 | /* Medium rotation rate [rpm], 5400 rpm */ | |
| 1018 | p[28] = (5400 >> 8) & 0xff; | |
| 1019 | p[29] = 5400 & 0xff; | |
| cfc606da | 1020 | break; |
| ebddfcbe | 1021 | |
| 67cc61e4 | 1022 | case MODE_PAGE_CACHING: |
| ebddfcbe GH |
1023 | p[0] = 8; |
| 1024 | p[1] = 0x12; | |
| 282ab04e | 1025 | if (page_control == 1) { /* Changeable Values */ |
| cfc606da | 1026 | break; |
| 282ab04e | 1027 | } |
| 44740c38 | 1028 | if (bdrv_enable_write_cache(s->qdev.conf.bs)) { |
| ebddfcbe GH |
1029 | p[2] = 4; /* WCE */ |
| 1030 | } | |
| cfc606da | 1031 | break; |
| ebddfcbe | 1032 | |
| a07c7dcd PB |
1033 | case MODE_PAGE_R_W_ERROR: |
| 1034 | p[1] = 10; | |
| 1035 | p[2] = 0x80; /* Automatic Write Reallocation Enabled */ | |
| 1036 | if (s->qdev.type == TYPE_ROM) { | |
| 1037 | p[3] = 0x20; /* Read Retry Count */ | |
| 1038 | } | |
| 1039 | break; | |
| 1040 | ||
| 1041 | case MODE_PAGE_AUDIO_CTL: | |
| 1042 | p[1] = 14; | |
| 1043 | break; | |
| 1044 | ||
| 67cc61e4 | 1045 | case MODE_PAGE_CAPABILITIES: |
| ebddfcbe | 1046 | p[1] = 0x14; |
| 282ab04e | 1047 | if (page_control == 1) { /* Changeable Values */ |
| cfc606da | 1048 | break; |
| 282ab04e | 1049 | } |
| a07c7dcd PB |
1050 | |
| 1051 | p[2] = 0x3b; /* CD-R & CD-RW read */ | |
| 1052 | p[3] = 0; /* Writing not supported */ | |
| ebddfcbe GH |
1053 | p[4] = 0x7f; /* Audio, composite, digital out, |
| 1054 | mode 2 form 1&2, multi session */ | |
| 1055 | p[5] = 0xff; /* CD DA, DA accurate, RW supported, | |
| 1056 | RW corrected, C2 errors, ISRC, | |
| 1057 | UPC, Bar code */ | |
| 81b1008d | 1058 | p[6] = 0x2d | (s->tray_locked ? 2 : 0); |
| ebddfcbe GH |
1059 | /* Locking supported, jumper present, eject, tray */ |
| 1060 | p[7] = 0; /* no volume & mute control, no | |
| 1061 | changer */ | |
| a07c7dcd | 1062 | p[8] = (50 * 176) >> 8; /* 50x read speed */ |
| ebddfcbe | 1063 | p[9] = (50 * 176) & 0xff; |
| a07c7dcd PB |
1064 | p[10] = 2 >> 8; /* Two volume levels */ |
| 1065 | p[11] = 2 & 0xff; | |
| 1066 | p[12] = 2048 >> 8; /* 2M buffer */ | |
| ebddfcbe | 1067 | p[13] = 2048 & 0xff; |
| a07c7dcd | 1068 | p[14] = (16 * 176) >> 8; /* 16x read speed current */ |
| ebddfcbe | 1069 | p[15] = (16 * 176) & 0xff; |
| a07c7dcd | 1070 | p[18] = (16 * 176) >> 8; /* 16x write speed */ |
| ebddfcbe | 1071 | p[19] = (16 * 176) & 0xff; |
| a07c7dcd | 1072 | p[20] = (16 * 176) >> 8; /* 16x write speed current */ |
| ebddfcbe | 1073 | p[21] = (16 * 176) & 0xff; |
| cfc606da | 1074 | break; |
| ebddfcbe GH |
1075 | |
| 1076 | default: | |
| cfc606da | 1077 | return -1; |
| ebddfcbe | 1078 | } |
| cfc606da PB |
1079 | |
| 1080 | *p_outbuf += p[1] + 2; | |
| 1081 | return p[1] + 2; | |
| ebddfcbe GH |
1082 | } |
| 1083 | ||
| cfc606da | 1084 | static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf) |
| ebddfcbe | 1085 | { |
| cfc606da | 1086 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); |
| ebddfcbe | 1087 | uint64_t nb_sectors; |
| e590ecbe PB |
1088 | bool dbd; |
| 1089 | int page, buflen, ret, page_control; | |
| ebddfcbe | 1090 | uint8_t *p; |
| ce512ee1 | 1091 | uint8_t dev_specific_param; |
| ebddfcbe | 1092 | |
| e590ecbe | 1093 | dbd = (r->req.cmd.buf[1] & 0x8) != 0; |
| cfc606da PB |
1094 | page = r->req.cmd.buf[2] & 0x3f; |
| 1095 | page_control = (r->req.cmd.buf[2] & 0xc0) >> 6; | |
| aa2b1e89 | 1096 | DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n", |
| cfc606da PB |
1097 | (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control); |
| 1098 | memset(outbuf, 0, r->req.cmd.xfer); | |
| ebddfcbe GH |
1099 | p = outbuf; |
| 1100 | ||
| e590ecbe | 1101 | if (s->qdev.type == TYPE_DISK) { |
| da8365db | 1102 | dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0; |
| e590ecbe PB |
1103 | if (bdrv_is_read_only(s->qdev.conf.bs)) { |
| 1104 | dev_specific_param |= 0x80; /* Readonly. */ | |
| 1105 | } | |
| ce512ee1 | 1106 | } else { |
| e590ecbe PB |
1107 | /* MMC prescribes that CD/DVD drives have no block descriptors, |
| 1108 | * and defines no device-specific parameter. */ | |
| 6a2de0f2 | 1109 | dev_specific_param = 0x00; |
| e590ecbe | 1110 | dbd = true; |
| ce512ee1 BK |
1111 | } |
| 1112 | ||
| cfc606da | 1113 | if (r->req.cmd.buf[0] == MODE_SENSE) { |
| ce512ee1 BK |
1114 | p[1] = 0; /* Default media type. */ |
| 1115 | p[2] = dev_specific_param; | |
| 1116 | p[3] = 0; /* Block descriptor length. */ | |
| 1117 | p += 4; | |
| 1118 | } else { /* MODE_SENSE_10 */ | |
| 1119 | p[2] = 0; /* Default media type. */ | |
| 1120 | p[3] = dev_specific_param; | |
| 1121 | p[6] = p[7] = 0; /* Block descriptor length. */ | |
| 1122 | p += 8; | |
| ebddfcbe | 1123 | } |
| ebddfcbe | 1124 | |
| 44740c38 | 1125 | bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); |
| e590ecbe | 1126 | if (!dbd && nb_sectors) { |
| cfc606da | 1127 | if (r->req.cmd.buf[0] == MODE_SENSE) { |
| ce512ee1 BK |
1128 | outbuf[3] = 8; /* Block descriptor length */ |
| 1129 | } else { /* MODE_SENSE_10 */ | |
| 1130 | outbuf[7] = 8; /* Block descriptor length */ | |
| 1131 | } | |
| 69377307 | 1132 | nb_sectors /= (s->qdev.blocksize / 512); |
| f01b5931 | 1133 | if (nb_sectors > 0xffffff) { |
| 2488b740 | 1134 | nb_sectors = 0; |
| f01b5931 | 1135 | } |
| ebddfcbe GH |
1136 | p[0] = 0; /* media density code */ |
| 1137 | p[1] = (nb_sectors >> 16) & 0xff; | |
| 1138 | p[2] = (nb_sectors >> 8) & 0xff; | |
| 1139 | p[3] = nb_sectors & 0xff; | |
| 1140 | p[4] = 0; /* reserved */ | |
| 1141 | p[5] = 0; /* bytes 5-7 are the sector size in bytes */ | |
| 69377307 | 1142 | p[6] = s->qdev.blocksize >> 8; |
| ebddfcbe GH |
1143 | p[7] = 0; |
| 1144 | p += 8; | |
| 1145 | } | |
| 1146 | ||
| cfc606da PB |
1147 | if (page_control == 3) { |
| 1148 | /* Saved Values */ | |
| 1149 | scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED)); | |
| 1150 | return -1; | |
| 282ab04e BK |
1151 | } |
| 1152 | ||
| cfc606da PB |
1153 | if (page == 0x3f) { |
| 1154 | for (page = 0; page <= 0x3e; page++) { | |
| 1155 | mode_sense_page(s, page, &p, page_control); | |
| 1156 | } | |
| 1157 | } else { | |
| 1158 | ret = mode_sense_page(s, page, &p, page_control); | |
| 1159 | if (ret == -1) { | |
| 1160 | return -1; | |
| 1161 | } | |
| ebddfcbe GH |
1162 | } |
| 1163 | ||
| 1164 | buflen = p - outbuf; | |
| ce512ee1 BK |
1165 | /* |
| 1166 | * The mode data length field specifies the length in bytes of the | |
| 1167 | * following data that is available to be transferred. The mode data | |
| 1168 | * length does not include itself. | |
| 1169 | */ | |
| cfc606da | 1170 | if (r->req.cmd.buf[0] == MODE_SENSE) { |
| ce512ee1 BK |
1171 | outbuf[0] = buflen - 1; |
| 1172 | } else { /* MODE_SENSE_10 */ | |
| 1173 | outbuf[0] = ((buflen - 2) >> 8) & 0xff; | |
| 1174 | outbuf[1] = (buflen - 2) & 0xff; | |
| 1175 | } | |
| ebddfcbe GH |
1176 | return buflen; |
| 1177 | } | |
| 1178 | ||
| 02880f43 GH |
1179 | static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf) |
| 1180 | { | |
| 1181 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); | |
| 02880f43 GH |
1182 | int start_track, format, msf, toclen; |
| 1183 | uint64_t nb_sectors; | |
| 1184 | ||
| 1185 | msf = req->cmd.buf[1] & 2; | |
| 1186 | format = req->cmd.buf[2] & 0xf; | |
| 1187 | start_track = req->cmd.buf[6]; | |
| 44740c38 | 1188 | bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); |
| 02880f43 | 1189 | DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1); |
| 69377307 | 1190 | nb_sectors /= s->qdev.blocksize / 512; |
| 02880f43 GH |
1191 | switch (format) { |
| 1192 | case 0: | |
| 1193 | toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track); | |
| 1194 | break; | |
| 1195 | case 1: | |
| 1196 | /* multi session : only a single session defined */ | |
| 1197 | toclen = 12; | |
| 1198 | memset(outbuf, 0, 12); | |
| 1199 | outbuf[1] = 0x0a; | |
| 1200 | outbuf[2] = 0x01; | |
| 1201 | outbuf[3] = 0x01; | |
| 1202 | break; | |
| 1203 | case 2: | |
| 1204 | toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track); | |
| 1205 | break; | |
| 1206 | default: | |
| 1207 | return -1; | |
| 1208 | } | |
| 02880f43 GH |
1209 | return toclen; |
| 1210 | } | |
| 1211 | ||
| 68bb01f3 | 1212 | static int scsi_disk_emulate_start_stop(SCSIDiskReq *r) |
| bfd52647 MA |
1213 | { |
| 1214 | SCSIRequest *req = &r->req; | |
| 1215 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); | |
| 1216 | bool start = req->cmd.buf[4] & 1; | |
| 1217 | bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */ | |
| 1218 | ||
| 1219 | if (s->qdev.type == TYPE_ROM && loej) { | |
| 68bb01f3 MA |
1220 | if (!start && !s->tray_open && s->tray_locked) { |
| 1221 | scsi_check_condition(r, | |
| 44740c38 | 1222 | bdrv_is_inserted(s->qdev.conf.bs) |
| 68bb01f3 MA |
1223 | ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED) |
| 1224 | : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED)); | |
| 1225 | return -1; | |
| fdec4404 | 1226 | } |
| d88b1819 LC |
1227 | |
| 1228 | if (s->tray_open != !start) { | |
| 1229 | bdrv_eject(s->qdev.conf.bs, !start); | |
| 1230 | s->tray_open = !start; | |
| 1231 | } | |
| bfd52647 | 1232 | } |
| 68bb01f3 | 1233 | return 0; |
| bfd52647 MA |
1234 | } |
| 1235 | ||
| 7285477a | 1236 | static int scsi_disk_emulate_command(SCSIDiskReq *r) |
| aa5dbdc1 | 1237 | { |
| 8af7a3ab | 1238 | SCSIRequest *req = &r->req; |
| e7e25e32 | 1239 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); |
| e7e25e32 | 1240 | uint64_t nb_sectors; |
| 7285477a | 1241 | uint8_t *outbuf; |
| aa5dbdc1 GH |
1242 | int buflen = 0; |
| 1243 | ||
| 7285477a PB |
1244 | if (!r->iov.iov_base) { |
| 1245 | /* | |
| 1246 | * FIXME: we shouldn't return anything bigger than 4k, but the code | |
| 1247 | * requires the buffer to be as big as req->cmd.xfer in several | |
| 1248 | * places. So, do not allow CDBs with a very large ALLOCATION | |
| 1249 | * LENGTH. The real fix would be to modify scsi_read_data and | |
| 1250 | * dma_buf_read, so that they return data beyond the buflen | |
| 1251 | * as all zeros. | |
| 1252 | */ | |
| 1253 | if (req->cmd.xfer > 65536) { | |
| 1254 | goto illegal_request; | |
| 1255 | } | |
| 1256 | r->buflen = MAX(4096, req->cmd.xfer); | |
| 44740c38 | 1257 | r->iov.iov_base = qemu_blockalign(s->qdev.conf.bs, r->buflen); |
| 7285477a PB |
1258 | } |
| 1259 | ||
| 1260 | outbuf = r->iov.iov_base; | |
| aa5dbdc1 GH |
1261 | switch (req->cmd.buf[0]) { |
| 1262 | case TEST_UNIT_READY: | |
| 9bcaf4fe | 1263 | assert(!s->tray_open && bdrv_is_inserted(s->qdev.conf.bs)); |
| 5f71d32f | 1264 | break; |
| 0b06c059 GH |
1265 | case INQUIRY: |
| 1266 | buflen = scsi_disk_emulate_inquiry(req, outbuf); | |
| f01b5931 | 1267 | if (buflen < 0) { |
| 0b06c059 | 1268 | goto illegal_request; |
| f01b5931 | 1269 | } |
| 5f71d32f | 1270 | break; |
| ebddfcbe GH |
1271 | case MODE_SENSE: |
| 1272 | case MODE_SENSE_10: | |
| cfc606da | 1273 | buflen = scsi_disk_emulate_mode_sense(r, outbuf); |
| f01b5931 | 1274 | if (buflen < 0) { |
| ebddfcbe | 1275 | goto illegal_request; |
| f01b5931 | 1276 | } |
| ebddfcbe | 1277 | break; |
| 02880f43 GH |
1278 | case READ_TOC: |
| 1279 | buflen = scsi_disk_emulate_read_toc(req, outbuf); | |
| f01b5931 | 1280 | if (buflen < 0) { |
| 02880f43 | 1281 | goto illegal_request; |
| f01b5931 | 1282 | } |
| 02880f43 | 1283 | break; |
| 3d53ba18 | 1284 | case RESERVE: |
| f01b5931 | 1285 | if (req->cmd.buf[1] & 1) { |
| 3d53ba18 | 1286 | goto illegal_request; |
| f01b5931 | 1287 | } |
| 3d53ba18 GH |
1288 | break; |
| 1289 | case RESERVE_10: | |
| f01b5931 | 1290 | if (req->cmd.buf[1] & 3) { |
| 3d53ba18 | 1291 | goto illegal_request; |
| f01b5931 | 1292 | } |
| 3d53ba18 GH |
1293 | break; |
| 1294 | case RELEASE: | |
| f01b5931 | 1295 | if (req->cmd.buf[1] & 1) { |
| 3d53ba18 | 1296 | goto illegal_request; |
| f01b5931 | 1297 | } |
| 3d53ba18 GH |
1298 | break; |
| 1299 | case RELEASE_10: | |
| f01b5931 | 1300 | if (req->cmd.buf[1] & 3) { |
| 3d53ba18 | 1301 | goto illegal_request; |
| f01b5931 | 1302 | } |
| 3d53ba18 | 1303 | break; |
| 8d3628ff | 1304 | case START_STOP: |
| 68bb01f3 MA |
1305 | if (scsi_disk_emulate_start_stop(r) < 0) { |
| 1306 | return -1; | |
| 1307 | } | |
| 5f71d32f | 1308 | break; |
| c68b9f34 | 1309 | case ALLOW_MEDIUM_REMOVAL: |
| 81b1008d | 1310 | s->tray_locked = req->cmd.buf[4] & 1; |
| 44740c38 | 1311 | bdrv_lock_medium(s->qdev.conf.bs, req->cmd.buf[4] & 1); |
| 5f71d32f | 1312 | break; |
| 5e30a07d | 1313 | case READ_CAPACITY_10: |
| e7e25e32 | 1314 | /* The normal LEN field for this command is zero. */ |
| 5f71d32f | 1315 | memset(outbuf, 0, 8); |
| 44740c38 | 1316 | bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); |
| f01b5931 | 1317 | if (!nb_sectors) { |
| 9bcaf4fe PB |
1318 | scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY)); |
| 1319 | return -1; | |
| f01b5931 | 1320 | } |
| 7cec78b6 PB |
1321 | if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) { |
| 1322 | goto illegal_request; | |
| 1323 | } | |
| 69377307 | 1324 | nb_sectors /= s->qdev.blocksize / 512; |
| e7e25e32 GH |
1325 | /* Returned value is the address of the last sector. */ |
| 1326 | nb_sectors--; | |
| 1327 | /* Remember the new size for read/write sanity checking. */ | |
| 7877903a | 1328 | s->qdev.max_lba = nb_sectors; |
| e7e25e32 | 1329 | /* Clip to 2TB, instead of returning capacity modulo 2TB. */ |
| f01b5931 | 1330 | if (nb_sectors > UINT32_MAX) { |
| e7e25e32 | 1331 | nb_sectors = UINT32_MAX; |
| f01b5931 | 1332 | } |
| e7e25e32 GH |
1333 | outbuf[0] = (nb_sectors >> 24) & 0xff; |
| 1334 | outbuf[1] = (nb_sectors >> 16) & 0xff; | |
| 1335 | outbuf[2] = (nb_sectors >> 8) & 0xff; | |
| 1336 | outbuf[3] = nb_sectors & 0xff; | |
| 1337 | outbuf[4] = 0; | |
| 1338 | outbuf[5] = 0; | |
| 69377307 | 1339 | outbuf[6] = s->qdev.blocksize >> 8; |
| e7e25e32 GH |
1340 | outbuf[7] = 0; |
| 1341 | buflen = 8; | |
| 5f71d32f | 1342 | break; |
| f3b338ef PB |
1343 | case REQUEST_SENSE: |
| 1344 | /* Just return "NO SENSE". */ | |
| 1345 | buflen = scsi_build_sense(NULL, 0, outbuf, r->buflen, | |
| 1346 | (req->cmd.buf[1] & 1) == 0); | |
| 1347 | break; | |
| b6c251ab PB |
1348 | case MECHANISM_STATUS: |
| 1349 | buflen = scsi_emulate_mechanism_status(s, outbuf); | |
| 1350 | if (buflen < 0) { | |
| 1351 | goto illegal_request; | |
| 1352 | } | |
| 1353 | break; | |
| 38215553 | 1354 | case GET_CONFIGURATION: |
| 430ee2f2 | 1355 | buflen = scsi_get_configuration(s, outbuf); |
| b6c251ab PB |
1356 | if (buflen < 0) { |
| 1357 | goto illegal_request; | |
| 1358 | } | |
| 1359 | break; | |
| 1360 | case GET_EVENT_STATUS_NOTIFICATION: | |
| 1361 | buflen = scsi_get_event_status_notification(s, r, outbuf); | |
| 1362 | if (buflen < 0) { | |
| 1363 | goto illegal_request; | |
| 1364 | } | |
| 1365 | break; | |
| 1366 | case READ_DVD_STRUCTURE: | |
| 1367 | buflen = scsi_read_dvd_structure(s, r, outbuf); | |
| 1368 | if (buflen < 0) { | |
| 1369 | goto illegal_request; | |
| 1370 | } | |
| 38215553 | 1371 | break; |
| f6515262 | 1372 | case SERVICE_ACTION_IN_16: |
| 5dd90e2a | 1373 | /* Service Action In subcommands. */ |
| f6515262 | 1374 | if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) { |
| 5dd90e2a GH |
1375 | DPRINTF("SAI READ CAPACITY(16)\n"); |
| 1376 | memset(outbuf, 0, req->cmd.xfer); | |
| 44740c38 | 1377 | bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); |
| f01b5931 | 1378 | if (!nb_sectors) { |
| 9bcaf4fe PB |
1379 | scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY)); |
| 1380 | return -1; | |
| f01b5931 | 1381 | } |
| 7cec78b6 PB |
1382 | if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) { |
| 1383 | goto illegal_request; | |
| 1384 | } | |
| 69377307 | 1385 | nb_sectors /= s->qdev.blocksize / 512; |
| 5dd90e2a GH |
1386 | /* Returned value is the address of the last sector. */ |
| 1387 | nb_sectors--; | |
| 1388 | /* Remember the new size for read/write sanity checking. */ | |
| 7877903a | 1389 | s->qdev.max_lba = nb_sectors; |
| 5dd90e2a GH |
1390 | outbuf[0] = (nb_sectors >> 56) & 0xff; |
| 1391 | outbuf[1] = (nb_sectors >> 48) & 0xff; | |
| 1392 | outbuf[2] = (nb_sectors >> 40) & 0xff; | |
| 1393 | outbuf[3] = (nb_sectors >> 32) & 0xff; | |
| 1394 | outbuf[4] = (nb_sectors >> 24) & 0xff; | |
| 1395 | outbuf[5] = (nb_sectors >> 16) & 0xff; | |
| 1396 | outbuf[6] = (nb_sectors >> 8) & 0xff; | |
| 1397 | outbuf[7] = nb_sectors & 0xff; | |
| 1398 | outbuf[8] = 0; | |
| 1399 | outbuf[9] = 0; | |
| 69377307 | 1400 | outbuf[10] = s->qdev.blocksize >> 8; |
| 5dd90e2a | 1401 | outbuf[11] = 0; |
| ee3659e3 CH |
1402 | outbuf[12] = 0; |
| 1403 | outbuf[13] = get_physical_block_exp(&s->qdev.conf); | |
| ea3bd56f CH |
1404 | |
| 1405 | /* set TPE bit if the format supports discard */ | |
| 1406 | if (s->qdev.conf.discard_granularity) { | |
| 1407 | outbuf[14] = 0x80; | |
| 1408 | } | |
| 1409 | ||
| 5dd90e2a GH |
1410 | /* Protection, exponent and lowest lba field left blank. */ |
| 1411 | buflen = req->cmd.xfer; | |
| 1412 | break; | |
| 1413 | } | |
| 1414 | DPRINTF("Unsupported Service Action In\n"); | |
| 1415 | goto illegal_request; | |
| aa5dbdc1 | 1416 | default: |
| b45ef674 | 1417 | scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE)); |
| a1f0cce2 | 1418 | return -1; |
| aa5dbdc1 | 1419 | } |
| e2f0c49f | 1420 | buflen = MIN(buflen, req->cmd.xfer); |
| aa5dbdc1 GH |
1421 | return buflen; |
| 1422 | ||
| aa5dbdc1 | 1423 | illegal_request: |
| cfc606da PB |
1424 | if (r->req.status == -1) { |
| 1425 | scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); | |
| 1426 | } | |
| 8af7a3ab | 1427 | return -1; |
| aa5dbdc1 GH |
1428 | } |
| 1429 | ||
| 2e5d83bb PB |
1430 | /* Execute a scsi command. Returns the length of the data expected by the |
| 1431 | command. This will be Positive for data transfers from the device | |
| 1432 | (eg. disk reads), negative for transfers to the device (eg. disk writes), | |
| 1433 | and zero if the command does not transfer any data. */ | |
| 1434 | ||
| 5c6c0e51 | 1435 | static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf) |
| 2e5d83bb | 1436 | { |
| 5c6c0e51 HR |
1437 | SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); |
| 1438 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); | |
| ad2d30f7 | 1439 | int32_t len; |
| a917d384 | 1440 | uint8_t command; |
| aa5dbdc1 | 1441 | int rc; |
| a917d384 PB |
1442 | |
| 1443 | command = buf[0]; | |
| 653c1c3f | 1444 | DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", req->lun, req->tag, buf[0]); |
| 2dd791b6 | 1445 | |
| 2e5d83bb PB |
1446 | #ifdef DEBUG_SCSI |
| 1447 | { | |
| 1448 | int i; | |
| 2dd791b6 | 1449 | for (i = 1; i < r->req.cmd.len; i++) { |
| 2e5d83bb PB |
1450 | printf(" 0x%02x", buf[i]); |
| 1451 | } | |
| 1452 | printf("\n"); | |
| 1453 | } | |
| 1454 | #endif | |
| aa5dbdc1 | 1455 | |
| 9bcaf4fe PB |
1456 | switch (command) { |
| 1457 | case INQUIRY: | |
| 1458 | case MODE_SENSE: | |
| 1459 | case MODE_SENSE_10: | |
| 1460 | case RESERVE: | |
| 1461 | case RESERVE_10: | |
| 1462 | case RELEASE: | |
| 1463 | case RELEASE_10: | |
| 1464 | case START_STOP: | |
| 1465 | case ALLOW_MEDIUM_REMOVAL: | |
| 1466 | case GET_CONFIGURATION: | |
| 1467 | case GET_EVENT_STATUS_NOTIFICATION: | |
| 1468 | case MECHANISM_STATUS: | |
| 1469 | case REQUEST_SENSE: | |
| 1470 | break; | |
| 1471 | ||
| 1472 | default: | |
| 1473 | if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) { | |
| 1474 | scsi_check_condition(r, SENSE_CODE(NO_MEDIUM)); | |
| 1475 | return 0; | |
| 1476 | } | |
| 1477 | break; | |
| 1478 | } | |
| 1479 | ||
| a917d384 | 1480 | switch (command) { |
| ebf46023 | 1481 | case TEST_UNIT_READY: |
| 0b06c059 | 1482 | case INQUIRY: |
| ebddfcbe GH |
1483 | case MODE_SENSE: |
| 1484 | case MODE_SENSE_10: | |
| 3d53ba18 GH |
1485 | case RESERVE: |
| 1486 | case RESERVE_10: | |
| 1487 | case RELEASE: | |
| 1488 | case RELEASE_10: | |
| 8d3628ff | 1489 | case START_STOP: |
| c68b9f34 | 1490 | case ALLOW_MEDIUM_REMOVAL: |
| 5e30a07d | 1491 | case READ_CAPACITY_10: |
| 02880f43 | 1492 | case READ_TOC: |
| b6c251ab | 1493 | case READ_DVD_STRUCTURE: |
| 38215553 | 1494 | case GET_CONFIGURATION: |
| b6c251ab PB |
1495 | case GET_EVENT_STATUS_NOTIFICATION: |
| 1496 | case MECHANISM_STATUS: | |
| f6515262 | 1497 | case SERVICE_ACTION_IN_16: |
| f3b338ef | 1498 | case REQUEST_SENSE: |
| 7285477a | 1499 | rc = scsi_disk_emulate_command(r); |
| 8af7a3ab | 1500 | if (rc < 0) { |
| 0b06c059 | 1501 | return 0; |
| aa5dbdc1 | 1502 | } |
| 8af7a3ab KW |
1503 | |
| 1504 | r->iov.iov_len = rc; | |
| 0b06c059 | 1505 | break; |
| 0a4ac106 | 1506 | case SYNCHRONIZE_CACHE: |
| c7bae6a7 PB |
1507 | /* The request is used as the AIO opaque value, so add a ref. */ |
| 1508 | scsi_req_ref(&r->req); | |
| 44740c38 PB |
1509 | bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH); |
| 1510 | r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_flush_complete, r); | |
| 0a4ac106 | 1511 | return 0; |
| ebf46023 GH |
1512 | case READ_6: |
| 1513 | case READ_10: | |
| bd536cf3 GH |
1514 | case READ_12: |
| 1515 | case READ_16: | |
| 5c6c0e51 | 1516 | len = r->req.cmd.xfer / s->qdev.blocksize; |
| 2dd791b6 | 1517 | DPRINTF("Read (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len); |
| 7877903a | 1518 | if (r->req.cmd.lba > s->qdev.max_lba) { |
| 274fb0e1 | 1519 | goto illegal_lba; |
| f01b5931 | 1520 | } |
| 69377307 PB |
1521 | r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512); |
| 1522 | r->sector_count = len * (s->qdev.blocksize / 512); | |
| 2e5d83bb | 1523 | break; |
| 7f64f8e2 PB |
1524 | case VERIFY_10: |
| 1525 | case VERIFY_12: | |
| 1526 | case VERIFY_16: | |
| ebf46023 GH |
1527 | case WRITE_6: |
| 1528 | case WRITE_10: | |
| bd536cf3 GH |
1529 | case WRITE_12: |
| 1530 | case WRITE_16: | |
| 5e30a07d | 1531 | case WRITE_VERIFY_10: |
| ebef0bbb BK |
1532 | case WRITE_VERIFY_12: |
| 1533 | case WRITE_VERIFY_16: | |
| 5c6c0e51 | 1534 | len = r->req.cmd.xfer / s->qdev.blocksize; |
| ebef0bbb | 1535 | DPRINTF("Write %s(sector %" PRId64 ", count %d)\n", |
| 2dd791b6 HR |
1536 | (command & 0xe) == 0xe ? "And Verify " : "", |
| 1537 | r->req.cmd.lba, len); | |
| 7877903a | 1538 | if (r->req.cmd.lba > s->qdev.max_lba) { |
| 274fb0e1 | 1539 | goto illegal_lba; |
| f01b5931 | 1540 | } |
| 69377307 PB |
1541 | r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512); |
| 1542 | r->sector_count = len * (s->qdev.blocksize / 512); | |
| 2e5d83bb | 1543 | break; |
| ebef0bbb | 1544 | case MODE_SELECT: |
| 2dd791b6 | 1545 | DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer); |
| ebef0bbb BK |
1546 | /* We don't support mode parameter changes. |
| 1547 | Allow the mode parameter header + block descriptors only. */ | |
| 2dd791b6 | 1548 | if (r->req.cmd.xfer > 12) { |
| ebef0bbb BK |
1549 | goto fail; |
| 1550 | } | |
| 1551 | break; | |
| 1552 | case MODE_SELECT_10: | |
| 2dd791b6 | 1553 | DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer); |
| ebef0bbb BK |
1554 | /* We don't support mode parameter changes. |
| 1555 | Allow the mode parameter header + block descriptors only. */ | |
| 2dd791b6 | 1556 | if (r->req.cmd.xfer > 16) { |
| ebef0bbb BK |
1557 | goto fail; |
| 1558 | } | |
| 1559 | break; | |
| ebef0bbb | 1560 | case SEEK_10: |
| 00a01ad4 | 1561 | DPRINTF("Seek(10) (sector %" PRId64 ")\n", r->req.cmd.lba); |
| 7877903a | 1562 | if (r->req.cmd.lba > s->qdev.max_lba) { |
| ebef0bbb BK |
1563 | goto illegal_lba; |
| 1564 | } | |
| ea3bd56f | 1565 | break; |
| c9e4d828 | 1566 | case WRITE_SAME_10: |
| a5ee9085 PB |
1567 | len = lduw_be_p(&buf[7]); |
| 1568 | goto write_same; | |
| ea3bd56f | 1569 | case WRITE_SAME_16: |
| a5ee9085 PB |
1570 | len = ldl_be_p(&buf[10]) & 0xffffffffULL; |
| 1571 | write_same: | |
| ea3bd56f | 1572 | |
| c9e4d828 | 1573 | DPRINTF("WRITE SAME() (sector %" PRId64 ", count %d)\n", |
| ea3bd56f CH |
1574 | r->req.cmd.lba, len); |
| 1575 | ||
| 7877903a | 1576 | if (r->req.cmd.lba > s->qdev.max_lba) { |
| ea3bd56f CH |
1577 | goto illegal_lba; |
| 1578 | } | |
| 1579 | ||
| 1580 | /* | |
| 1581 | * We only support WRITE SAME with the unmap bit set for now. | |
| 1582 | */ | |
| 1583 | if (!(buf[1] & 0x8)) { | |
| 1584 | goto fail; | |
| 1585 | } | |
| 1586 | ||
| 69377307 PB |
1587 | rc = bdrv_discard(s->qdev.conf.bs, |
| 1588 | r->req.cmd.lba * (s->qdev.blocksize / 512), | |
| 1589 | len * (s->qdev.blocksize / 512)); | |
| ea3bd56f CH |
1590 | if (rc < 0) { |
| 1591 | /* XXX: better error code ?*/ | |
| 1592 | goto fail; | |
| 1593 | } | |
| 1594 | ||
| ebef0bbb | 1595 | break; |
| 2e5d83bb | 1596 | default: |
| 2dd791b6 | 1597 | DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]); |
| b45ef674 | 1598 | scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE)); |
| a1f0cce2 | 1599 | return 0; |
| 2e5d83bb | 1600 | fail: |
| b45ef674 | 1601 | scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); |
| 2dd791b6 | 1602 | return 0; |
| 274fb0e1 | 1603 | illegal_lba: |
| b45ef674 | 1604 | scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE)); |
| 274fb0e1 | 1605 | return 0; |
| 2e5d83bb | 1606 | } |
| c87c0672 | 1607 | if (r->sector_count == 0 && r->iov.iov_len == 0) { |
| b45ef674 | 1608 | scsi_req_complete(&r->req, GOOD); |
| a917d384 | 1609 | } |
| c87c0672 | 1610 | len = r->sector_count * 512 + r->iov.iov_len; |
| efb9ee02 HR |
1611 | if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { |
| 1612 | return -len; | |
| a917d384 | 1613 | } else { |
| f01b5931 | 1614 | if (!r->sector_count) { |
| a917d384 | 1615 | r->sector_count = -1; |
| f01b5931 | 1616 | } |
| efb9ee02 | 1617 | return len; |
| 2e5d83bb | 1618 | } |
| 2e5d83bb PB |
1619 | } |
| 1620 | ||
| e9447f35 JK |
1621 | static void scsi_disk_reset(DeviceState *dev) |
| 1622 | { | |
| 1623 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev); | |
| 1624 | uint64_t nb_sectors; | |
| 1625 | ||
| c7b48872 | 1626 | scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET)); |
| e9447f35 | 1627 | |
| 44740c38 | 1628 | bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); |
| 69377307 | 1629 | nb_sectors /= s->qdev.blocksize / 512; |
| e9447f35 JK |
1630 | if (nb_sectors) { |
| 1631 | nb_sectors--; | |
| 1632 | } | |
| 7877903a | 1633 | s->qdev.max_lba = nb_sectors; |
| e9447f35 JK |
1634 | } |
| 1635 | ||
| 1636 | static void scsi_destroy(SCSIDevice *dev) | |
| 1637 | { | |
| 1638 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); | |
| 1639 | ||
| c7b48872 | 1640 | scsi_device_purge_requests(&s->qdev, SENSE_CODE(NO_SENSE)); |
| f8b6cc00 | 1641 | blockdev_mark_auto_del(s->qdev.conf.bs); |
| 56a14938 GH |
1642 | } |
| 1643 | ||
| 7d4b4ba5 | 1644 | static void scsi_cd_change_media_cb(void *opaque, bool load) |
| 2c6942fa | 1645 | { |
| 8a9c16f6 PB |
1646 | SCSIDiskState *s = opaque; |
| 1647 | ||
| 1648 | /* | |
| 1649 | * When a CD gets changed, we have to report an ejected state and | |
| 1650 | * then a loaded state to guests so that they detect tray | |
| 1651 | * open/close and media change events. Guests that do not use | |
| 1652 | * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close | |
| 1653 | * states rely on this behavior. | |
| 1654 | * | |
| 1655 | * media_changed governs the state machine used for unit attention | |
| 1656 | * report. media_event is used by GET EVENT STATUS NOTIFICATION. | |
| 1657 | */ | |
| 1658 | s->media_changed = load; | |
| 1659 | s->tray_open = !load; | |
| 1660 | s->qdev.unit_attention = SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM); | |
| 3c2f7c12 | 1661 | s->media_event = true; |
| 4480de19 PB |
1662 | s->eject_request = false; |
| 1663 | } | |
| 1664 | ||
| 1665 | static void scsi_cd_eject_request_cb(void *opaque, bool force) | |
| 1666 | { | |
| 1667 | SCSIDiskState *s = opaque; | |
| 1668 | ||
| 1669 | s->eject_request = true; | |
| 1670 | if (force) { | |
| 1671 | s->tray_locked = false; | |
| 1672 | } | |
| 2c6942fa MA |
1673 | } |
| 1674 | ||
| e4def80b MA |
1675 | static bool scsi_cd_is_tray_open(void *opaque) |
| 1676 | { | |
| 1677 | return ((SCSIDiskState *)opaque)->tray_open; | |
| 1678 | } | |
| 1679 | ||
| f107639a MA |
1680 | static bool scsi_cd_is_medium_locked(void *opaque) |
| 1681 | { | |
| 1682 | return ((SCSIDiskState *)opaque)->tray_locked; | |
| 1683 | } | |
| 1684 | ||
| 1685 | static const BlockDevOps scsi_cd_block_ops = { | |
| 2c6942fa | 1686 | .change_media_cb = scsi_cd_change_media_cb, |
| 4480de19 | 1687 | .eject_request_cb = scsi_cd_eject_request_cb, |
| e4def80b | 1688 | .is_tray_open = scsi_cd_is_tray_open, |
| f107639a MA |
1689 | .is_medium_locked = scsi_cd_is_medium_locked, |
| 1690 | }; | |
| 1691 | ||
| 8a9c16f6 PB |
1692 | static void scsi_disk_unit_attention_reported(SCSIDevice *dev) |
| 1693 | { | |
| 1694 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); | |
| 1695 | if (s->media_changed) { | |
| 1696 | s->media_changed = false; | |
| 1697 | s->qdev.unit_attention = SENSE_CODE(MEDIUM_CHANGED); | |
| 1698 | } | |
| 1699 | } | |
| 1700 | ||
| e39be482 | 1701 | static int scsi_initfn(SCSIDevice *dev) |
| 2e5d83bb | 1702 | { |
| d52affa7 | 1703 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); |
| f8b6cc00 | 1704 | DriveInfo *dinfo; |
| 2e5d83bb | 1705 | |
| f8b6cc00 | 1706 | if (!s->qdev.conf.bs) { |
| 6a84cb1f | 1707 | error_report("drive property not set"); |
| d52affa7 GH |
1708 | return -1; |
| 1709 | } | |
| 1710 | ||
| bfe3d7ac PB |
1711 | if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) && |
| 1712 | !bdrv_is_inserted(s->qdev.conf.bs)) { | |
| 98f28ad7 MA |
1713 | error_report("Device needs media, but drive is empty"); |
| 1714 | return -1; | |
| 1715 | } | |
| 1716 | ||
| a0fef654 | 1717 | if (!s->serial) { |
| f8b6cc00 | 1718 | /* try to fall back to value set with legacy -drive serial=... */ |
| 44740c38 | 1719 | dinfo = drive_get_by_blockdev(s->qdev.conf.bs); |
| 3e1c0c9a | 1720 | if (*dinfo->serial) { |
| 7267c094 | 1721 | s->serial = g_strdup(dinfo->serial); |
| 3e1c0c9a | 1722 | } |
| a0fef654 MA |
1723 | } |
| 1724 | ||
| 552fee93 | 1725 | if (!s->version) { |
| 93bfef4c | 1726 | s->version = g_strdup(qemu_get_version()); |
| 552fee93 MA |
1727 | } |
| 1728 | ||
| 44740c38 | 1729 | if (bdrv_is_sg(s->qdev.conf.bs)) { |
| 6a84cb1f | 1730 | error_report("unwanted /dev/sg*"); |
| 32bb404a MA |
1731 | return -1; |
| 1732 | } | |
| 1733 | ||
| bfe3d7ac | 1734 | if (s->features & (1 << SCSI_DISK_F_REMOVABLE)) { |
| 44740c38 | 1735 | bdrv_set_dev_ops(s->qdev.conf.bs, &scsi_cd_block_ops, s); |
| 2e5d83bb | 1736 | } |
| 44740c38 | 1737 | bdrv_set_buffer_alignment(s->qdev.conf.bs, s->qdev.blocksize); |
| 8cfacf07 | 1738 | |
| 44740c38 | 1739 | bdrv_iostatus_enable(s->qdev.conf.bs); |
| 7082826e | 1740 | add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, NULL); |
| d52affa7 GH |
1741 | return 0; |
| 1742 | } | |
| 1743 | ||
| b443ae67 MA |
1744 | static int scsi_hd_initfn(SCSIDevice *dev) |
| 1745 | { | |
| e39be482 PB |
1746 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); |
| 1747 | s->qdev.blocksize = s->qdev.conf.logical_block_size; | |
| 1748 | s->qdev.type = TYPE_DISK; | |
| 1749 | return scsi_initfn(&s->qdev); | |
| b443ae67 MA |
1750 | } |
| 1751 | ||
| 1752 | static int scsi_cd_initfn(SCSIDevice *dev) | |
| 1753 | { | |
| e39be482 PB |
1754 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); |
| 1755 | s->qdev.blocksize = 2048; | |
| 1756 | s->qdev.type = TYPE_ROM; | |
| bfe3d7ac | 1757 | s->features |= 1 << SCSI_DISK_F_REMOVABLE; |
| e39be482 | 1758 | return scsi_initfn(&s->qdev); |
| b443ae67 MA |
1759 | } |
| 1760 | ||
| 1761 | static int scsi_disk_initfn(SCSIDevice *dev) | |
| 1762 | { | |
| 95b5edcd | 1763 | DriveInfo *dinfo; |
| b443ae67 MA |
1764 | |
| 1765 | if (!dev->conf.bs) { | |
| e39be482 | 1766 | return scsi_initfn(dev); /* ... and die there */ |
| b443ae67 MA |
1767 | } |
| 1768 | ||
| e39be482 PB |
1769 | dinfo = drive_get_by_blockdev(dev->conf.bs); |
| 1770 | if (dinfo->media_cd) { | |
| 1771 | return scsi_cd_initfn(dev); | |
| 1772 | } else { | |
| 1773 | return scsi_hd_initfn(dev); | |
| 1774 | } | |
| b443ae67 MA |
1775 | } |
| 1776 | ||
| adcf2754 | 1777 | static const SCSIReqOps scsi_disk_reqops = { |
| 8dbd4574 | 1778 | .size = sizeof(SCSIDiskReq), |
| 12010e7b PB |
1779 | .free_req = scsi_free_request, |
| 1780 | .send_command = scsi_send_command, | |
| 1781 | .read_data = scsi_read_data, | |
| 1782 | .write_data = scsi_write_data, | |
| 1783 | .cancel_io = scsi_cancel_io, | |
| 1784 | .get_buf = scsi_get_buf, | |
| 43b978b9 PB |
1785 | .load_request = scsi_disk_load_request, |
| 1786 | .save_request = scsi_disk_save_request, | |
| 8dbd4574 PB |
1787 | }; |
| 1788 | ||
| 63db0f0e PB |
1789 | static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun, |
| 1790 | uint8_t *buf, void *hba_private) | |
| 8dbd4574 PB |
1791 | { |
| 1792 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d); | |
| 1793 | SCSIRequest *req; | |
| 8dbd4574 PB |
1794 | |
| 1795 | req = scsi_req_alloc(&scsi_disk_reqops, &s->qdev, tag, lun, hba_private); | |
| 8dbd4574 PB |
1796 | return req; |
| 1797 | } | |
| 1798 | ||
| 336a6915 PB |
1799 | #ifdef __linux__ |
| 1800 | static int get_device_type(SCSIDiskState *s) | |
| 1801 | { | |
| 1802 | BlockDriverState *bdrv = s->qdev.conf.bs; | |
| 1803 | uint8_t cmd[16]; | |
| 1804 | uint8_t buf[36]; | |
| 1805 | uint8_t sensebuf[8]; | |
| 1806 | sg_io_hdr_t io_header; | |
| 1807 | int ret; | |
| 1808 | ||
| 1809 | memset(cmd, 0, sizeof(cmd)); | |
| 1810 | memset(buf, 0, sizeof(buf)); | |
| 1811 | cmd[0] = INQUIRY; | |
| 1812 | cmd[4] = sizeof(buf); | |
| 1813 | ||
| 1814 | memset(&io_header, 0, sizeof(io_header)); | |
| 1815 | io_header.interface_id = 'S'; | |
| 1816 | io_header.dxfer_direction = SG_DXFER_FROM_DEV; | |
| 1817 | io_header.dxfer_len = sizeof(buf); | |
| 1818 | io_header.dxferp = buf; | |
| 1819 | io_header.cmdp = cmd; | |
| 1820 | io_header.cmd_len = sizeof(cmd); | |
| 1821 | io_header.mx_sb_len = sizeof(sensebuf); | |
| 1822 | io_header.sbp = sensebuf; | |
| 1823 | io_header.timeout = 6000; /* XXX */ | |
| 1824 | ||
| 1825 | ret = bdrv_ioctl(bdrv, SG_IO, &io_header); | |
| 1826 | if (ret < 0 || io_header.driver_status || io_header.host_status) { | |
| 1827 | return -1; | |
| 1828 | } | |
| 1829 | s->qdev.type = buf[0]; | |
| bfe3d7ac PB |
1830 | if (buf[1] & 0x80) { |
| 1831 | s->features |= 1 << SCSI_DISK_F_REMOVABLE; | |
| 1832 | } | |
| 336a6915 PB |
1833 | return 0; |
| 1834 | } | |
| 1835 | ||
| 1836 | static int scsi_block_initfn(SCSIDevice *dev) | |
| 1837 | { | |
| 1838 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); | |
| 1839 | int sg_version; | |
| 1840 | int rc; | |
| 1841 | ||
| 1842 | if (!s->qdev.conf.bs) { | |
| 1843 | error_report("scsi-block: drive property not set"); | |
| 1844 | return -1; | |
| 1845 | } | |
| 1846 | ||
| 1847 | /* check we are using a driver managing SG_IO (version 3 and after) */ | |
| 1848 | if (bdrv_ioctl(s->qdev.conf.bs, SG_GET_VERSION_NUM, &sg_version) < 0 || | |
| 1849 | sg_version < 30000) { | |
| 1850 | error_report("scsi-block: scsi generic interface too old"); | |
| 1851 | return -1; | |
| 1852 | } | |
| 1853 | ||
| 1854 | /* get device type from INQUIRY data */ | |
| 1855 | rc = get_device_type(s); | |
| 1856 | if (rc < 0) { | |
| 1857 | error_report("scsi-block: INQUIRY failed"); | |
| 1858 | return -1; | |
| 1859 | } | |
| 1860 | ||
| 1861 | /* Make a guess for the block size, we'll fix it when the guest sends. | |
| 1862 | * READ CAPACITY. If they don't, they likely would assume these sizes | |
| 1863 | * anyway. (TODO: check in /sys). | |
| 1864 | */ | |
| 1865 | if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) { | |
| 1866 | s->qdev.blocksize = 2048; | |
| 1867 | } else { | |
| 1868 | s->qdev.blocksize = 512; | |
| 1869 | } | |
| 1870 | return scsi_initfn(&s->qdev); | |
| 1871 | } | |
| 1872 | ||
| 1873 | static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag, | |
| 1874 | uint32_t lun, uint8_t *buf, | |
| 1875 | void *hba_private) | |
| 1876 | { | |
| 1877 | SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d); | |
| 1878 | ||
| 1879 | switch (buf[0]) { | |
| 1880 | case READ_6: | |
| 1881 | case READ_10: | |
| 1882 | case READ_12: | |
| 1883 | case READ_16: | |
| 7f64f8e2 PB |
1884 | case VERIFY_10: |
| 1885 | case VERIFY_12: | |
| 1886 | case VERIFY_16: | |
| 336a6915 PB |
1887 | case WRITE_6: |
| 1888 | case WRITE_10: | |
| 1889 | case WRITE_12: | |
| 1890 | case WRITE_16: | |
| 1891 | case WRITE_VERIFY_10: | |
| 1892 | case WRITE_VERIFY_12: | |
| 1893 | case WRITE_VERIFY_16: | |
| eaccf49e PB |
1894 | /* If we are not using O_DIRECT, we might read stale data from the |
| 1895 | * host cache if writes were made using other commands than these | |
| 1896 | * ones (such as WRITE SAME or EXTENDED COPY, etc.). So, without | |
| 1897 | * O_DIRECT everything must go through SG_IO. | |
| 1898 | */ | |
| 137745c5 | 1899 | if (bdrv_get_flags(s->qdev.conf.bs) & BDRV_O_NOCACHE) { |
| eaccf49e PB |
1900 | break; |
| 1901 | } | |
| 1902 | ||
| 33ebad12 PB |
1903 | /* MMC writing cannot be done via pread/pwrite, because it sometimes |
| 1904 | * involves writing beyond the maximum LBA or to negative LBA (lead-in). | |
| 1905 | * And once you do these writes, reading from the block device is | |
| 1906 | * unreliable, too. It is even possible that reads deliver random data | |
| 1907 | * from the host page cache (this is probably a Linux bug). | |
| 1908 | * | |
| 1909 | * We might use scsi_disk_reqops as long as no writing commands are | |
| 1910 | * seen, but performance usually isn't paramount on optical media. So, | |
| 1911 | * just make scsi-block operate the same as scsi-generic for them. | |
| 1912 | */ | |
| eaccf49e PB |
1913 | if (s->qdev.type == TYPE_ROM) { |
| 1914 | break; | |
| 1915 | } | |
| 1916 | return scsi_req_alloc(&scsi_disk_reqops, &s->qdev, tag, lun, | |
| 1917 | hba_private); | |
| 336a6915 PB |
1918 | } |
| 1919 | ||
| 1920 | return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun, | |
| 1921 | hba_private); | |
| 1922 | } | |
| 1923 | #endif | |
| 1924 | ||
| b443ae67 MA |
1925 | #define DEFINE_SCSI_DISK_PROPERTIES() \ |
| 1926 | DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \ | |
| 1927 | DEFINE_PROP_STRING("ver", SCSIDiskState, version), \ | |
| 1928 | DEFINE_PROP_STRING("serial", SCSIDiskState, serial) | |
| 1929 | ||
| 39bffca2 AL |
1930 | static Property scsi_hd_properties[] = { |
| 1931 | DEFINE_SCSI_DISK_PROPERTIES(), | |
| bfe3d7ac PB |
1932 | DEFINE_PROP_BIT("removable", SCSIDiskState, features, |
| 1933 | SCSI_DISK_F_REMOVABLE, false), | |
| da8365db PB |
1934 | DEFINE_PROP_BIT("dpofua", SCSIDiskState, features, |
| 1935 | SCSI_DISK_F_DPOFUA, false), | |
| 27395add | 1936 | DEFINE_PROP_HEX64("wwn", SCSIDiskState, wwn, 0), |
| 39bffca2 AL |
1937 | DEFINE_PROP_END_OF_LIST(), |
| 1938 | }; | |
| 1939 | ||
| 43b978b9 PB |
1940 | static const VMStateDescription vmstate_scsi_disk_state = { |
| 1941 | .name = "scsi-disk", | |
| 1942 | .version_id = 1, | |
| 1943 | .minimum_version_id = 1, | |
| 1944 | .minimum_version_id_old = 1, | |
| 1945 | .fields = (VMStateField[]) { | |
| 1946 | VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState), | |
| 1947 | VMSTATE_BOOL(media_changed, SCSIDiskState), | |
| 1948 | VMSTATE_BOOL(media_event, SCSIDiskState), | |
| 1949 | VMSTATE_BOOL(eject_request, SCSIDiskState), | |
| 1950 | VMSTATE_BOOL(tray_open, SCSIDiskState), | |
| 1951 | VMSTATE_BOOL(tray_locked, SCSIDiskState), | |
| 1952 | VMSTATE_END_OF_LIST() | |
| 1953 | } | |
| 1954 | }; | |
| 1955 | ||
| b9eea3e6 AL |
1956 | static void scsi_hd_class_initfn(ObjectClass *klass, void *data) |
| 1957 | { | |
| 39bffca2 | 1958 | DeviceClass *dc = DEVICE_CLASS(klass); |
| b9eea3e6 AL |
1959 | SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass); |
| 1960 | ||
| 1961 | sc->init = scsi_hd_initfn; | |
| 1962 | sc->destroy = scsi_destroy; | |
| 1963 | sc->alloc_req = scsi_new_request; | |
| 1964 | sc->unit_attention_reported = scsi_disk_unit_attention_reported; | |
| 39bffca2 AL |
1965 | dc->fw_name = "disk"; |
| 1966 | dc->desc = "virtual SCSI disk"; | |
| 1967 | dc->reset = scsi_disk_reset; | |
| 1968 | dc->props = scsi_hd_properties; | |
| 43b978b9 | 1969 | dc->vmsd = &vmstate_scsi_disk_state; |
| b9eea3e6 AL |
1970 | } |
| 1971 | ||
| 39bffca2 AL |
1972 | static TypeInfo scsi_hd_info = { |
| 1973 | .name = "scsi-hd", | |
| 1974 | .parent = TYPE_SCSI_DEVICE, | |
| 1975 | .instance_size = sizeof(SCSIDiskState), | |
| 1976 | .class_init = scsi_hd_class_initfn, | |
| 1977 | }; | |
| 1978 | ||
| 1979 | static Property scsi_cd_properties[] = { | |
| 1980 | DEFINE_SCSI_DISK_PROPERTIES(), | |
| 27395add | 1981 | DEFINE_PROP_HEX64("wwn", SCSIDiskState, wwn, 0), |
| 39bffca2 | 1982 | DEFINE_PROP_END_OF_LIST(), |
| b9eea3e6 AL |
1983 | }; |
| 1984 | ||
| 1985 | static void scsi_cd_class_initfn(ObjectClass *klass, void *data) | |
| 1986 | { | |
| 39bffca2 | 1987 | DeviceClass *dc = DEVICE_CLASS(klass); |
| b9eea3e6 AL |
1988 | SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass); |
| 1989 | ||
| 1990 | sc->init = scsi_cd_initfn; | |
| 1991 | sc->destroy = scsi_destroy; | |
| 1992 | sc->alloc_req = scsi_new_request; | |
| 1993 | sc->unit_attention_reported = scsi_disk_unit_attention_reported; | |
| 39bffca2 AL |
1994 | dc->fw_name = "disk"; |
| 1995 | dc->desc = "virtual SCSI CD-ROM"; | |
| 1996 | dc->reset = scsi_disk_reset; | |
| 1997 | dc->props = scsi_cd_properties; | |
| 43b978b9 | 1998 | dc->vmsd = &vmstate_scsi_disk_state; |
| b9eea3e6 AL |
1999 | } |
| 2000 | ||
| 39bffca2 AL |
2001 | static TypeInfo scsi_cd_info = { |
| 2002 | .name = "scsi-cd", | |
| 2003 | .parent = TYPE_SCSI_DEVICE, | |
| 2004 | .instance_size = sizeof(SCSIDiskState), | |
| 2005 | .class_init = scsi_cd_class_initfn, | |
| b9eea3e6 AL |
2006 | }; |
| 2007 | ||
| 336a6915 | 2008 | #ifdef __linux__ |
| 39bffca2 AL |
2009 | static Property scsi_block_properties[] = { |
| 2010 | DEFINE_SCSI_DISK_PROPERTIES(), | |
| 2011 | DEFINE_PROP_END_OF_LIST(), | |
| 2012 | }; | |
| 2013 | ||
| b9eea3e6 AL |
2014 | static void scsi_block_class_initfn(ObjectClass *klass, void *data) |
| 2015 | { | |
| 39bffca2 | 2016 | DeviceClass *dc = DEVICE_CLASS(klass); |
| b9eea3e6 AL |
2017 | SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass); |
| 2018 | ||
| 2019 | sc->init = scsi_block_initfn; | |
| 2020 | sc->destroy = scsi_destroy; | |
| 2021 | sc->alloc_req = scsi_block_new_request; | |
| 39bffca2 AL |
2022 | dc->fw_name = "disk"; |
| 2023 | dc->desc = "SCSI block device passthrough"; | |
| 2024 | dc->reset = scsi_disk_reset; | |
| 2025 | dc->props = scsi_block_properties; | |
| 43b978b9 | 2026 | dc->vmsd = &vmstate_scsi_disk_state; |
| b9eea3e6 AL |
2027 | } |
| 2028 | ||
| 39bffca2 AL |
2029 | static TypeInfo scsi_block_info = { |
| 2030 | .name = "scsi-block", | |
| 2031 | .parent = TYPE_SCSI_DEVICE, | |
| 2032 | .instance_size = sizeof(SCSIDiskState), | |
| 2033 | .class_init = scsi_block_class_initfn, | |
| b9eea3e6 | 2034 | }; |
| 336a6915 | 2035 | #endif |
| b9eea3e6 | 2036 | |
| 39bffca2 AL |
2037 | static Property scsi_disk_properties[] = { |
| 2038 | DEFINE_SCSI_DISK_PROPERTIES(), | |
| bfe3d7ac PB |
2039 | DEFINE_PROP_BIT("removable", SCSIDiskState, features, |
| 2040 | SCSI_DISK_F_REMOVABLE, false), | |
| da8365db PB |
2041 | DEFINE_PROP_BIT("dpofua", SCSIDiskState, features, |
| 2042 | SCSI_DISK_F_DPOFUA, false), | |
| 27395add | 2043 | DEFINE_PROP_HEX64("wwn", SCSIDiskState, wwn, 0), |
| 39bffca2 AL |
2044 | DEFINE_PROP_END_OF_LIST(), |
| 2045 | }; | |
| 2046 | ||
| b9eea3e6 AL |
2047 | static void scsi_disk_class_initfn(ObjectClass *klass, void *data) |
| 2048 | { | |
| 39bffca2 | 2049 | DeviceClass *dc = DEVICE_CLASS(klass); |
| b9eea3e6 AL |
2050 | SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass); |
| 2051 | ||
| 2052 | sc->init = scsi_disk_initfn; | |
| 2053 | sc->destroy = scsi_destroy; | |
| 2054 | sc->alloc_req = scsi_new_request; | |
| 2055 | sc->unit_attention_reported = scsi_disk_unit_attention_reported; | |
| 39bffca2 AL |
2056 | dc->fw_name = "disk"; |
| 2057 | dc->desc = "virtual SCSI disk or CD-ROM (legacy)"; | |
| 2058 | dc->reset = scsi_disk_reset; | |
| 2059 | dc->props = scsi_disk_properties; | |
| 43b978b9 | 2060 | dc->vmsd = &vmstate_scsi_disk_state; |
| b9eea3e6 AL |
2061 | } |
| 2062 | ||
| 39bffca2 AL |
2063 | static TypeInfo scsi_disk_info = { |
| 2064 | .name = "scsi-disk", | |
| 2065 | .parent = TYPE_SCSI_DEVICE, | |
| 2066 | .instance_size = sizeof(SCSIDiskState), | |
| 2067 | .class_init = scsi_disk_class_initfn, | |
| d52affa7 GH |
2068 | }; |
| 2069 | ||
| 83f7d43a | 2070 | static void scsi_disk_register_types(void) |
| d52affa7 | 2071 | { |
| 39bffca2 AL |
2072 | type_register_static(&scsi_hd_info); |
| 2073 | type_register_static(&scsi_cd_info); | |
| b9eea3e6 | 2074 | #ifdef __linux__ |
| 39bffca2 | 2075 | type_register_static(&scsi_block_info); |
| b9eea3e6 | 2076 | #endif |
| 39bffca2 | 2077 | type_register_static(&scsi_disk_info); |
| 8ccc2ace | 2078 | } |
| 83f7d43a AF |
2079 | |
| 2080 | type_init(scsi_disk_register_types) |