]> git.proxmox.com Git - mirror_qemu.git/blame - hw/scsi-disk.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Use glib memory allocation and free functions
[mirror_qemu.git] / hw / scsi-disk.c
CommitLineData
2e5d83bb
PB		 1/*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
ad3cea42
AT		 8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
2e5d83bb 14 *
8e31bf38 15 * This code is licensed under the LGPL.
a917d384
PB		 16 *
17 * Note that this file only handles the SCSI architecture model and device
1d4db89c
AZ		 18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
2e5d83bb
PB		 20 */
21
22//#define DEBUG_SCSI
23
24#ifdef DEBUG_SCSI
001faf32
BS		 25#define DPRINTF(fmt, ...) \
26do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
2e5d83bb 27#else
001faf32 28#define DPRINTF(fmt, ...) do {} while(0)
2e5d83bb
PB		 29#endif
30
001faf32
BS		 31#define BADF(fmt, ...) \
32do { fprintf(stderr, "scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
2e5d83bb 33
87ecb68b 34#include "qemu-common.h"
2f792016 35#include "qemu-error.h"
43b443b6 36#include "scsi.h"
0d65e1f8 37#include "scsi-defs.h"
666daa68 38#include "sysemu.h"
2446333c 39#include "blockdev.h"
22864256 40
f0f72ffe 41#define SCSI_DMA_BUF_SIZE 131072
57575058 42#define SCSI_MAX_INQUIRY_LEN 256
a917d384 43
5dba48a8
KW		 44#define SCSI_REQ_STATUS_RETRY 0x01
45#define SCSI_REQ_STATUS_RETRY_TYPE_MASK 0x06
46#define SCSI_REQ_STATUS_RETRY_READ 0x00
47#define SCSI_REQ_STATUS_RETRY_WRITE 0x02
78ced65e 48#define SCSI_REQ_STATUS_RETRY_FLUSH 0x04
ea8a5d7f 49
d52affa7
GH		 50typedef struct SCSIDiskState SCSIDiskState;
51
4c41d2ef
GH		 52typedef struct SCSIDiskReq {
53 SCSIRequest req;
a917d384 54 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
e035b43d
AL		 55 uint64_t sector;
56 uint32_t sector_count;
c87c0672
AL		 57 struct iovec iov;
58 QEMUIOVector qiov;
ea8a5d7f 59 uint32_t status;
4c41d2ef 60} SCSIDiskReq;
a917d384 61
d52affa7 62struct SCSIDiskState
a917d384 63{
d52affa7 64 SCSIDevice qdev;
428c149b 65 BlockDriverState *bs;
a917d384
PB		 66 /* The qemu block layer uses a fixed 512 byte sector size.
67 This is the number of 512 byte blocks in a single scsi sector. */
68 int cluster_size;
419e691f 69 uint32_t removable;
274fb0e1 70 uint64_t max_lba;
213189ab 71 QEMUBH *bh;
383b4d9b 72 char *version;
a0fef654 73 char *serial;
2e5d83bb
PB		 74};
75
5dba48a8 76static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type);
78ced65e 77static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf);
5dba48a8 78
ad2d30f7 79static void scsi_free_request(SCSIRequest *req)
4d611c9a 80{
ad2d30f7
PB		 81 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
82
f8a83245 83 qemu_vfree(r->iov.iov_base);
4d611c9a
PB		 84}
85
b45ef674
PB		 86/* Helper function for command completion with sense. */
87static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
ed3a34a3 88{
02fa69b6
BS		 89 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n",
90 r->req.tag, sense.key, sense.asc, sense.ascq);
b45ef674
PB		 91 scsi_req_build_sense(&r->req, sense);
92 scsi_req_complete(&r->req, CHECK_CONDITION);
4d611c9a
PB		 93}
94
95/* Cancel a pending data transfer. */
5c6c0e51 96static void scsi_cancel_io(SCSIRequest *req)
4d611c9a 97{
5c6c0e51
HR		 98 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
99
100 DPRINTF("Cancel tag=0x%x\n", req->tag);
101 if (r->req.aiocb) {
102 bdrv_aio_cancel(r->req.aiocb);
a917d384 103 }
5c6c0e51 104 r->req.aiocb = NULL;
a917d384
PB		 105}
106
107static void scsi_read_complete(void * opaque, int ret)
108{
4c41d2ef 109 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
5dba48a8 110 int n;
a917d384 111
3e94cb02
JK		 112 r->req.aiocb = NULL;
113
a917d384 114 if (ret) {
5dba48a8
KW		 115 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_READ)) {
116 return;
117 }
4d611c9a 118 }
5dba48a8 119
aa2b1e89 120 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->iov.iov_len);
a917d384 121
5dba48a8
KW		 122 n = r->iov.iov_len / 512;
123 r->sector += n;
124 r->sector_count -= n;
ab9adc88 125 scsi_req_data(&r->req, r->iov.iov_len);
4d611c9a
PB		 126}
127
5dba48a8 128
5c6c0e51
HR		 129/* Read more data from scsi device into buffer. */
130static void scsi_read_data(SCSIRequest *req)
2e5d83bb 131{
5c6c0e51 132 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
5dba48a8 133 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2e5d83bb
PB		 134 uint32_t n;
135
a917d384 136 if (r->sector_count == (uint32_t)-1) {
aa2b1e89 137 DPRINTF("Read buf_len=%zd\n", r->iov.iov_len);
a917d384 138 r->sector_count = 0;
ab9adc88 139 scsi_req_data(&r->req, r->iov.iov_len);
a917d384 140 return;
2e5d83bb 141 }
a917d384
PB		 142 DPRINTF("Read sector_count=%d\n", r->sector_count);
143 if (r->sector_count == 0) {
b45ef674
PB		 144 /* This also clears the sense buffer for REQUEST SENSE. */
145 scsi_req_complete(&r->req, GOOD);
a917d384 146 return;
2e5d83bb
PB		 147 }
148
6fa2c95f
SH		 149 /* No data transfer may already be in progress */
150 assert(r->req.aiocb == NULL);
151
efb9ee02
HR		 152 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
153 DPRINTF("Data transfer direction invalid\n");
154 scsi_read_complete(r, -EINVAL);
155 return;
156 }
157
a917d384
PB		 158 n = r->sector_count;
159 if (n > SCSI_DMA_BUF_SIZE / 512)
160 n = SCSI_DMA_BUF_SIZE / 512;
161
c87c0672
AL		 162 r->iov.iov_len = n * 512;
163 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
428c149b 164 r->req.aiocb = bdrv_aio_readv(s->bs, r->sector, &r->qiov, n,
c87c0672 165 scsi_read_complete, r);
d33ea50a
KW		 166 if (r->req.aiocb == NULL) {
167 scsi_read_complete(r, -EIO);
168 }
2e5d83bb
PB		 169}
170
5dba48a8
KW		 171static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type)
172{
173 int is_read = (type == SCSI_REQ_STATUS_RETRY_READ);
4c41d2ef 174 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
5dba48a8 175 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
ea8a5d7f 176
380f640f 177 if (action == BLOCK_ERR_IGNORE) {
5dba48a8 178 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
ea8a5d7f 179 return 0;
380f640f 180 }
ea8a5d7f
AL		 181
182 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
183 || action == BLOCK_ERR_STOP_ANY) {
5dba48a8
KW		 184
185 type &= SCSI_REQ_STATUS_RETRY_TYPE_MASK;
186 r->status |= SCSI_REQ_STATUS_RETRY | type;
187
188 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
e07bbac5 189 vm_stop(VMSTOP_DISKFULL);
ea8a5d7f 190 } else {
efb9ee02
HR		 191 switch (error) {
192 case ENOMEM:
b45ef674 193 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
efb9ee02
HR		 194 break;
195 case EINVAL:
b45ef674 196 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
efb9ee02
HR		 197 break;
198 default:
b45ef674 199 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
efb9ee02 200 break;
a1f0cce2 201 }
5dba48a8 202 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
ea8a5d7f 203 }
ea8a5d7f
AL		 204 return 1;
205}
206
4d611c9a
PB		 207static void scsi_write_complete(void * opaque, int ret)
208{
4c41d2ef 209 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
a917d384 210 uint32_t len;
ea8a5d7f
AL		 211 uint32_t n;
212
4c41d2ef 213 r->req.aiocb = NULL;
4d611c9a
PB		 214
215 if (ret) {
5dba48a8 216 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_WRITE)) {
ea8a5d7f 217 return;
5dba48a8 218 }
4d611c9a
PB		 219 }
220
c87c0672 221 n = r->iov.iov_len / 512;
ea8a5d7f
AL		 222 r->sector += n;
223 r->sector_count -= n;
a917d384 224 if (r->sector_count == 0) {
b45ef674 225 scsi_req_complete(&r->req, GOOD);
a917d384
PB		 226 } else {
227 len = r->sector_count * 512;
228 if (len > SCSI_DMA_BUF_SIZE) {
229 len = SCSI_DMA_BUF_SIZE;
230 }
c87c0672 231 r->iov.iov_len = len;
4c41d2ef 232 DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, len);
ab9adc88 233 scsi_req_data(&r->req, len);
4d611c9a 234 }
4d611c9a
PB		 235}
236
42741212 237static void scsi_write_data(SCSIRequest *req)
ea8a5d7f 238{
5c6c0e51 239 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
4c41d2ef 240 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ea8a5d7f
AL		 241 uint32_t n;
242
6fa2c95f
SH		 243 /* No data transfer may already be in progress */
244 assert(r->req.aiocb == NULL);
245
efb9ee02
HR		 246 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
247 DPRINTF("Data transfer direction invalid\n");
248 scsi_write_complete(r, -EINVAL);
42741212 249 return;
efb9ee02
HR		 250 }
251
c87c0672 252 n = r->iov.iov_len / 512;
ea8a5d7f 253 if (n) {
c87c0672 254 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
428c149b 255 r->req.aiocb = bdrv_aio_writev(s->bs, r->sector, &r->qiov, n,
c87c0672 256 scsi_write_complete, r);
d33ea50a 257 if (r->req.aiocb == NULL) {
a1f0cce2 258 scsi_write_complete(r, -ENOMEM);
d33ea50a 259 }
ea8a5d7f
AL		 260 } else {
261 /* Invoke completion routine to fetch data from host. */
262 scsi_write_complete(r, 0);
263 }
a917d384 264}
2e5d83bb 265
213189ab 266static void scsi_dma_restart_bh(void *opaque)
ea8a5d7f 267{
d52affa7 268 SCSIDiskState *s = opaque;
9af99d98
GH		 269 SCSIRequest *req;
270 SCSIDiskReq *r;
213189ab
MA		 271
272 qemu_bh_delete(s->bh);
273 s->bh = NULL;
ea8a5d7f 274
9af99d98
GH		 275 QTAILQ_FOREACH(req, &s->qdev.requests, next) {
276 r = DO_UPCAST(SCSIDiskReq, req, req);
ea8a5d7f 277 if (r->status & SCSI_REQ_STATUS_RETRY) {
5dba48a8 278 int status = r->status;
78ced65e
KW		 279 int ret;
280
5dba48a8
KW		 281 r->status &=
282 ~(SCSI_REQ_STATUS_RETRY | SCSI_REQ_STATUS_RETRY_TYPE_MASK);
283
284 switch (status & SCSI_REQ_STATUS_RETRY_TYPE_MASK) {
285 case SCSI_REQ_STATUS_RETRY_READ:
5c6c0e51 286 scsi_read_data(&r->req);
5dba48a8
KW		 287 break;
288 case SCSI_REQ_STATUS_RETRY_WRITE:
5c6c0e51 289 scsi_write_data(&r->req);
5dba48a8 290 break;
78ced65e
KW		 291 case SCSI_REQ_STATUS_RETRY_FLUSH:
292 ret = scsi_disk_emulate_command(r, r->iov.iov_base);
293 if (ret == 0) {
b45ef674 294 scsi_req_complete(&r->req, GOOD);
78ced65e 295 }
5dba48a8 296 }
ea8a5d7f 297 }
ea8a5d7f
AL		 298 }
299}
300
213189ab
MA		 301static void scsi_dma_restart_cb(void *opaque, int running, int reason)
302{
d52affa7 303 SCSIDiskState *s = opaque;
213189ab
MA		 304
305 if (!running)
306 return;
307
308 if (!s->bh) {
309 s->bh = qemu_bh_new(scsi_dma_restart_bh, s);
310 qemu_bh_schedule(s->bh);
311 }
312}
313
a917d384 314/* Return a pointer to the data buffer. */
5c6c0e51 315static uint8_t *scsi_get_buf(SCSIRequest *req)
a917d384 316{
5c6c0e51 317 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2e5d83bb 318
3f4cb3d3 319 return (uint8_t *)r->iov.iov_base;
2e5d83bb
PB		 320}
321
0b06c059
GH		 322static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
323{
383b4d9b 324 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
0b06c059
GH		 325 int buflen = 0;
326
327 if (req->cmd.buf[1] & 0x2) {
328 /* Command support data - optional, not implemented */
329 BADF("optional INQUIRY command support request not implemented\n");
330 return -1;
331 }
332
333 if (req->cmd.buf[1] & 0x1) {
334 /* Vital product data */
335 uint8_t page_code = req->cmd.buf[2];
336 if (req->cmd.xfer < 4) {
337 BADF("Error: Inquiry (EVPD[%02X]) buffer size %zd is "
338 "less than 4\n", page_code, req->cmd.xfer);
339 return -1;
340 }
341
f37bd73b 342 if (s->qdev.type == TYPE_ROM) {
0b06c059
GH		 343 outbuf[buflen++] = 5;
344 } else {
345 outbuf[buflen++] = 0;
346 }
347 outbuf[buflen++] = page_code ; // this page
348 outbuf[buflen++] = 0x00;
349
350 switch (page_code) {
351 case 0x00: /* Supported page codes, mandatory */
39d98982
HR		 352 {
353 int pages;
0b06c059
GH		 354 DPRINTF("Inquiry EVPD[Supported pages] "
355 "buffer size %zd\n", req->cmd.xfer);
39d98982 356 pages = buflen++;
0b06c059 357 outbuf[buflen++] = 0x00; // list of supported pages (this page)
3e1c0c9a
HR		 358 if (s->serial)
359 outbuf[buflen++] = 0x80; // unit serial number
0b06c059 360 outbuf[buflen++] = 0x83; // device identification
f37bd73b 361 if (s->qdev.type == TYPE_DISK) {
ea3bd56f
CH		 362 outbuf[buflen++] = 0xb0; // block limits
363 outbuf[buflen++] = 0xb2; // thin provisioning
39d98982
HR		 364 }
365 outbuf[pages] = buflen - pages - 1; // number of pages
0b06c059 366 break;
39d98982 367 }
0b06c059
GH		 368 case 0x80: /* Device serial number, optional */
369 {
3e1c0c9a 370 int l;
0b06c059 371
3e1c0c9a
HR		 372 if (!s->serial) {
373 DPRINTF("Inquiry (EVPD[Serial number] not supported\n");
374 return -1;
375 }
376
377 l = strlen(s->serial);
0b06c059
GH		 378 if (l > req->cmd.xfer)
379 l = req->cmd.xfer;
380 if (l > 20)
381 l = 20;
382
383 DPRINTF("Inquiry EVPD[Serial number] "
384 "buffer size %zd\n", req->cmd.xfer);
385 outbuf[buflen++] = l;
a0fef654 386 memcpy(outbuf+buflen, s->serial, l);
0b06c059
GH		 387 buflen += l;
388 break;
389 }
390
391 case 0x83: /* Device identification page, mandatory */
392 {
393 int max_len = 255 - 8;
428c149b 394 int id_len = strlen(bdrv_get_device_name(s->bs));
0b06c059
GH		 395
396 if (id_len > max_len)
397 id_len = max_len;
398 DPRINTF("Inquiry EVPD[Device identification] "
399 "buffer size %zd\n", req->cmd.xfer);
400
39d98982 401 outbuf[buflen++] = 4 + id_len;
0b06c059
GH		 402 outbuf[buflen++] = 0x2; // ASCII
403 outbuf[buflen++] = 0; // not officially assigned
404 outbuf[buflen++] = 0; // reserved
405 outbuf[buflen++] = id_len; // length of data following
406
428c149b 407 memcpy(outbuf+buflen, bdrv_get_device_name(s->bs), id_len);
0b06c059
GH		 408 buflen += id_len;
409 break;
410 }
ea3bd56f 411 case 0xb0: /* block limits */
ee3659e3 412 {
ea3bd56f
CH		 413 unsigned int unmap_sectors =
414 s->qdev.conf.discard_granularity / s->qdev.blocksize;
8cfacf07
CH		 415 unsigned int min_io_size =
416 s->qdev.conf.min_io_size / s->qdev.blocksize;
417 unsigned int opt_io_size =
418 s->qdev.conf.opt_io_size / s->qdev.blocksize;
ee3659e3 419
f37bd73b 420 if (s->qdev.type == TYPE_ROM) {
39d98982
HR		 421 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
422 page_code);
423 return -1;
424 }
ee3659e3
CH		 425 /* required VPD size with unmap support */
426 outbuf[3] = buflen = 0x3c;
427
428 memset(outbuf + 4, 0, buflen - 4);
429
430 /* optimal transfer length granularity */
431 outbuf[6] = (min_io_size >> 8) & 0xff;
432 outbuf[7] = min_io_size & 0xff;
433
434 /* optimal transfer length */
435 outbuf[12] = (opt_io_size >> 24) & 0xff;
436 outbuf[13] = (opt_io_size >> 16) & 0xff;
437 outbuf[14] = (opt_io_size >> 8) & 0xff;
438 outbuf[15] = opt_io_size & 0xff;
ea3bd56f
CH		 439
440 /* optimal unmap granularity */
441 outbuf[28] = (unmap_sectors >> 24) & 0xff;
442 outbuf[29] = (unmap_sectors >> 16) & 0xff;
443 outbuf[30] = (unmap_sectors >> 8) & 0xff;
444 outbuf[31] = unmap_sectors & 0xff;
445 break;
446 }
447 case 0xb2: /* thin provisioning */
448 {
449 outbuf[3] = buflen = 8;
450 outbuf[4] = 0;
451 outbuf[5] = 0x40; /* write same with unmap supported */
452 outbuf[6] = 0;
453 outbuf[7] = 0;
ee3659e3
CH		 454 break;
455 }
0b06c059
GH		 456 default:
457 BADF("Error: unsupported Inquiry (EVPD[%02X]) "
458 "buffer size %zd\n", page_code, req->cmd.xfer);
459 return -1;
460 }
461 /* done with EVPD */
462 return buflen;
463 }
464
465 /* Standard INQUIRY data */
466 if (req->cmd.buf[2] != 0) {
467 BADF("Error: Inquiry (STANDARD) page or code "
468 "is non-zero [%02X]\n", req->cmd.buf[2]);
469 return -1;
470 }
471
472 /* PAGE CODE == 0 */
473 if (req->cmd.xfer < 5) {
474 BADF("Error: Inquiry (STANDARD) buffer size %zd "
475 "is less than 5\n", req->cmd.xfer);
476 return -1;
477 }
478
0b06c059
GH		 479 buflen = req->cmd.xfer;
480 if (buflen > SCSI_MAX_INQUIRY_LEN)
481 buflen = SCSI_MAX_INQUIRY_LEN;
482
483 memset(outbuf, 0, buflen);
484
f37bd73b
HR		 485 outbuf[0] = s->qdev.type & 0x1f;
486 if (s->qdev.type == TYPE_ROM) {
0b06c059 487 outbuf[1] = 0x80;
550fe6c6 488 memcpy(&outbuf[16], "QEMU CD-ROM ", 16);
0b06c059 489 } else {
419e691f 490 outbuf[1] = s->removable ? 0x80 : 0;
550fe6c6 491 memcpy(&outbuf[16], "QEMU HARDDISK ", 16);
0b06c059 492 }
550fe6c6 493 memcpy(&outbuf[8], "QEMU ", 8);
314b1811 494 memset(&outbuf[32], 0, 4);
552fee93 495 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
99aba0c4
CH		 496 /*
497 * We claim conformance to SPC-3, which is required for guests
498 * to ask for modern features like READ CAPACITY(16) or the
499 * block characteristics VPD page by default. Not all of SPC-3
500 * is actually implemented, but we're good enough.
501 */
ee3659e3 502 outbuf[2] = 5;
0b06c059 503 outbuf[3] = 2; /* Format 2 */
ad3cea42
AT		 504
505 if (buflen > 36) {
506 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
507 } else {
508 /* If the allocation length of CDB is too small,
509 the additional length is not adjusted */
510 outbuf[4] = 36 - 5;
511 }
512
0b06c059
GH		 513 /* Sync data transfer and TCQ. */
514 outbuf[7] = 0x10 | (req->bus->tcq ? 0x02 : 0);
515 return buflen;
516}
517
282ab04e
BK		 518static int mode_sense_page(SCSIRequest *req, int page, uint8_t *p,
519 int page_control)
ebddfcbe
GH		 520{
521 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
428c149b 522 BlockDriverState *bdrv = s->bs;
ebddfcbe
GH		 523 int cylinders, heads, secs;
524
282ab04e
BK		 525 /*
526 * If Changeable Values are requested, a mask denoting those mode parameters
527 * that are changeable shall be returned. As we currently don't support
528 * parameter changes via MODE_SELECT all bits are returned set to zero.
529 * The buffer was already menset to zero by the caller of this function.
530 */
ebddfcbe
GH		 531 switch (page) {
532 case 4: /* Rigid disk device geometry page. */
533 p[0] = 4;
534 p[1] = 0x16;
282ab04e
BK		 535 if (page_control == 1) { /* Changeable Values */
536 return p[1] + 2;
537 }
ebddfcbe
GH		 538 /* if a geometry hint is available, use it */
539 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
540 p[2] = (cylinders >> 16) & 0xff;
541 p[3] = (cylinders >> 8) & 0xff;
542 p[4] = cylinders & 0xff;
543 p[5] = heads & 0xff;
544 /* Write precomp start cylinder, disabled */
545 p[6] = (cylinders >> 16) & 0xff;
546 p[7] = (cylinders >> 8) & 0xff;
547 p[8] = cylinders & 0xff;
548 /* Reduced current start cylinder, disabled */
549 p[9] = (cylinders >> 16) & 0xff;
550 p[10] = (cylinders >> 8) & 0xff;
551 p[11] = cylinders & 0xff;
552 /* Device step rate [ns], 200ns */
553 p[12] = 0;
554 p[13] = 200;
555 /* Landing zone cylinder */
556 p[14] = 0xff;
557 p[15] = 0xff;
558 p[16] = 0xff;
559 /* Medium rotation rate [rpm], 5400 rpm */
560 p[20] = (5400 >> 8) & 0xff;
561 p[21] = 5400 & 0xff;
282ab04e 562 return p[1] + 2;
ebddfcbe
GH		 563
564 case 5: /* Flexible disk device geometry page. */
565 p[0] = 5;
566 p[1] = 0x1e;
282ab04e
BK		 567 if (page_control == 1) { /* Changeable Values */
568 return p[1] + 2;
569 }
ebddfcbe
GH		 570 /* Transfer rate [kbit/s], 5Mbit/s */
571 p[2] = 5000 >> 8;
572 p[3] = 5000 & 0xff;
573 /* if a geometry hint is available, use it */
574 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
575 p[4] = heads & 0xff;
576 p[5] = secs & 0xff;
577 p[6] = s->cluster_size * 2;
578 p[8] = (cylinders >> 8) & 0xff;
579 p[9] = cylinders & 0xff;
580 /* Write precomp start cylinder, disabled */
581 p[10] = (cylinders >> 8) & 0xff;
582 p[11] = cylinders & 0xff;
583 /* Reduced current start cylinder, disabled */
584 p[12] = (cylinders >> 8) & 0xff;
585 p[13] = cylinders & 0xff;
586 /* Device step rate [100us], 100us */
587 p[14] = 0;
588 p[15] = 1;
589 /* Device step pulse width [us], 1us */
590 p[16] = 1;
591 /* Device head settle delay [100us], 100us */
592 p[17] = 0;
593 p[18] = 1;
594 /* Motor on delay [0.1s], 0.1s */
595 p[19] = 1;
596 /* Motor off delay [0.1s], 0.1s */
597 p[20] = 1;
598 /* Medium rotation rate [rpm], 5400 rpm */
599 p[28] = (5400 >> 8) & 0xff;
600 p[29] = 5400 & 0xff;
282ab04e 601 return p[1] + 2;
ebddfcbe
GH		 602
603 case 8: /* Caching page. */
604 p[0] = 8;
605 p[1] = 0x12;
282ab04e
BK		 606 if (page_control == 1) { /* Changeable Values */
607 return p[1] + 2;
608 }
428c149b 609 if (bdrv_enable_write_cache(s->bs)) {
ebddfcbe
GH		 610 p[2] = 4; /* WCE */
611 }
282ab04e 612 return p[1] + 2;
ebddfcbe
GH		 613
614 case 0x2a: /* CD Capabilities and Mechanical Status page. */
f37bd73b 615 if (s->qdev.type != TYPE_ROM)
ebddfcbe
GH		 616 return 0;
617 p[0] = 0x2a;
618 p[1] = 0x14;
282ab04e
BK		 619 if (page_control == 1) { /* Changeable Values */
620 return p[1] + 2;
621 }
ebddfcbe
GH		 622 p[2] = 3; // CD-R & CD-RW read
623 p[3] = 0; // Writing not supported
624 p[4] = 0x7f; /* Audio, composite, digital out,
625 mode 2 form 1&2, multi session */
626 p[5] = 0xff; /* CD DA, DA accurate, RW supported,
627 RW corrected, C2 errors, ISRC,
628 UPC, Bar code */
428c149b 629 p[6] = 0x2d | (bdrv_is_locked(s->bs)? 2 : 0);
ebddfcbe
GH		 630 /* Locking supported, jumper present, eject, tray */
631 p[7] = 0; /* no volume & mute control, no
632 changer */
633 p[8] = (50 * 176) >> 8; // 50x read speed
634 p[9] = (50 * 176) & 0xff;
635 p[10] = 0 >> 8; // No volume
636 p[11] = 0 & 0xff;
637 p[12] = 2048 >> 8; // 2M buffer
638 p[13] = 2048 & 0xff;
639 p[14] = (16 * 176) >> 8; // 16x read speed current
640 p[15] = (16 * 176) & 0xff;
641 p[18] = (16 * 176) >> 8; // 16x write speed
642 p[19] = (16 * 176) & 0xff;
643 p[20] = (16 * 176) >> 8; // 16x write speed current
644 p[21] = (16 * 176) & 0xff;
282ab04e 645 return p[1] + 2;
ebddfcbe
GH		 646
647 default:
648 return 0;
649 }
650}
651
652static int scsi_disk_emulate_mode_sense(SCSIRequest *req, uint8_t *outbuf)
653{
654 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
ebddfcbe 655 uint64_t nb_sectors;
282ab04e 656 int page, dbd, buflen, page_control;
ebddfcbe 657 uint8_t *p;
ce512ee1 658 uint8_t dev_specific_param;
ebddfcbe
GH		 659
660 dbd = req->cmd.buf[1] & 0x8;
661 page = req->cmd.buf[2] & 0x3f;
282ab04e 662 page_control = (req->cmd.buf[2] & 0xc0) >> 6;
aa2b1e89
BK		 663 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
664 (req->cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, req->cmd.xfer, page_control);
ebddfcbe
GH		 665 memset(outbuf, 0, req->cmd.xfer);
666 p = outbuf;
667
0056dcc1 668 if (bdrv_is_read_only(s->bs)) {
ce512ee1
BK		 669 dev_specific_param = 0x80; /* Readonly. */
670 } else {
671 dev_specific_param = 0x00;
672 }
673
674 if (req->cmd.buf[0] == MODE_SENSE) {
675 p[1] = 0; /* Default media type. */
676 p[2] = dev_specific_param;
677 p[3] = 0; /* Block descriptor length. */
678 p += 4;
679 } else { /* MODE_SENSE_10 */
680 p[2] = 0; /* Default media type. */
681 p[3] = dev_specific_param;
682 p[6] = p[7] = 0; /* Block descriptor length. */
683 p += 8;
ebddfcbe 684 }
ebddfcbe 685
428c149b 686 bdrv_get_geometry(s->bs, &nb_sectors);
333d50fe 687 if (!dbd && nb_sectors) {
ce512ee1
BK		 688 if (req->cmd.buf[0] == MODE_SENSE) {
689 outbuf[3] = 8; /* Block descriptor length */
690 } else { /* MODE_SENSE_10 */
691 outbuf[7] = 8; /* Block descriptor length */
692 }
ebddfcbe 693 nb_sectors /= s->cluster_size;
ebddfcbe 694 if (nb_sectors > 0xffffff)
2488b740 695 nb_sectors = 0;
ebddfcbe
GH		 696 p[0] = 0; /* media density code */
697 p[1] = (nb_sectors >> 16) & 0xff;
698 p[2] = (nb_sectors >> 8) & 0xff;
699 p[3] = nb_sectors & 0xff;
700 p[4] = 0; /* reserved */
701 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
702 p[6] = s->cluster_size * 2;
703 p[7] = 0;
704 p += 8;
705 }
706
282ab04e
BK		 707 if (page_control == 3) { /* Saved Values */
708 return -1; /* ILLEGAL_REQUEST */
709 }
710
ebddfcbe
GH		 711 switch (page) {
712 case 0x04:
713 case 0x05:
714 case 0x08:
715 case 0x2a:
282ab04e 716 p += mode_sense_page(req, page, p, page_control);
ebddfcbe
GH		 717 break;
718 case 0x3f:
282ab04e
BK		 719 p += mode_sense_page(req, 0x08, p, page_control);
720 p += mode_sense_page(req, 0x2a, p, page_control);
ebddfcbe 721 break;
a9c17b2b
BK		 722 default:
723 return -1; /* ILLEGAL_REQUEST */
ebddfcbe
GH		 724 }
725
726 buflen = p - outbuf;
ce512ee1
BK		 727 /*
728 * The mode data length field specifies the length in bytes of the
729 * following data that is available to be transferred. The mode data
730 * length does not include itself.
731 */
732 if (req->cmd.buf[0] == MODE_SENSE) {
733 outbuf[0] = buflen - 1;
734 } else { /* MODE_SENSE_10 */
735 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
736 outbuf[1] = (buflen - 2) & 0xff;
737 }
ebddfcbe
GH		 738 if (buflen > req->cmd.xfer)
739 buflen = req->cmd.xfer;
740 return buflen;
741}
742
02880f43
GH		 743static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
744{
745 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
02880f43
GH		 746 int start_track, format, msf, toclen;
747 uint64_t nb_sectors;
748
749 msf = req->cmd.buf[1] & 2;
750 format = req->cmd.buf[2] & 0xf;
751 start_track = req->cmd.buf[6];
428c149b 752 bdrv_get_geometry(s->bs, &nb_sectors);
02880f43
GH		 753 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
754 nb_sectors /= s->cluster_size;
755 switch (format) {
756 case 0:
757 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
758 break;
759 case 1:
760 /* multi session : only a single session defined */
761 toclen = 12;
762 memset(outbuf, 0, 12);
763 outbuf[1] = 0x0a;
764 outbuf[2] = 0x01;
765 outbuf[3] = 0x01;
766 break;
767 case 2:
768 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
769 break;
770 default:
771 return -1;
772 }
773 if (toclen > req->cmd.xfer)
774 toclen = req->cmd.xfer;
775 return toclen;
776}
777
8af7a3ab 778static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf)
aa5dbdc1 779{
8af7a3ab 780 SCSIRequest *req = &r->req;
e7e25e32 781 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
e7e25e32 782 uint64_t nb_sectors;
aa5dbdc1 783 int buflen = 0;
78ced65e 784 int ret;
aa5dbdc1
GH		 785
786 switch (req->cmd.buf[0]) {
787 case TEST_UNIT_READY:
428c149b 788 if (!bdrv_is_inserted(s->bs))
aa5dbdc1 789 goto not_ready;
5f71d32f 790 break;
0b06c059
GH		 791 case INQUIRY:
792 buflen = scsi_disk_emulate_inquiry(req, outbuf);
793 if (buflen < 0)
794 goto illegal_request;
5f71d32f 795 break;
ebddfcbe
GH		 796 case MODE_SENSE:
797 case MODE_SENSE_10:
798 buflen = scsi_disk_emulate_mode_sense(req, outbuf);
799 if (buflen < 0)
800 goto illegal_request;
801 break;
02880f43
GH		 802 case READ_TOC:
803 buflen = scsi_disk_emulate_read_toc(req, outbuf);
804 if (buflen < 0)
805 goto illegal_request;
806 break;
3d53ba18
GH		 807 case RESERVE:
808 if (req->cmd.buf[1] & 1)
809 goto illegal_request;
810 break;
811 case RESERVE_10:
812 if (req->cmd.buf[1] & 3)
813 goto illegal_request;
814 break;
815 case RELEASE:
816 if (req->cmd.buf[1] & 1)
817 goto illegal_request;
818 break;
819 case RELEASE_10:
820 if (req->cmd.buf[1] & 3)
821 goto illegal_request;
822 break;
8d3628ff 823 case START_STOP:
f37bd73b 824 if (s->qdev.type == TYPE_ROM && (req->cmd.buf[4] & 2)) {
8d3628ff 825 /* load/eject medium */
428c149b 826 bdrv_eject(s->bs, !(req->cmd.buf[4] & 1));
8d3628ff 827 }
5f71d32f 828 break;
c68b9f34 829 case ALLOW_MEDIUM_REMOVAL:
428c149b 830 bdrv_set_locked(s->bs, req->cmd.buf[4] & 1);
5f71d32f 831 break;
5e30a07d 832 case READ_CAPACITY_10:
e7e25e32 833 /* The normal LEN field for this command is zero. */
5f71d32f
HR		 834 memset(outbuf, 0, 8);
835 bdrv_get_geometry(s->bs, &nb_sectors);
e7e25e32
GH		 836 if (!nb_sectors)
837 goto not_ready;
838 nb_sectors /= s->cluster_size;
839 /* Returned value is the address of the last sector. */
840 nb_sectors--;
841 /* Remember the new size for read/write sanity checking. */
842 s->max_lba = nb_sectors;
843 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
844 if (nb_sectors > UINT32_MAX)
845 nb_sectors = UINT32_MAX;
846 outbuf[0] = (nb_sectors >> 24) & 0xff;
847 outbuf[1] = (nb_sectors >> 16) & 0xff;
848 outbuf[2] = (nb_sectors >> 8) & 0xff;
849 outbuf[3] = nb_sectors & 0xff;
850 outbuf[4] = 0;
851 outbuf[5] = 0;
852 outbuf[6] = s->cluster_size * 2;
853 outbuf[7] = 0;
854 buflen = 8;
5f71d32f 855 break;
fc903943 856 case SYNCHRONIZE_CACHE:
78ced65e
KW		 857 ret = bdrv_flush(s->bs);
858 if (ret < 0) {
859 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_FLUSH)) {
860 return -1;
861 }
862 }
fc903943 863 break;
38215553
GH		 864 case GET_CONFIGURATION:
865 memset(outbuf, 0, 8);
866 /* ??? This should probably return much more information. For now
867 just return the basic header indicating the CD-ROM profile. */
868 outbuf[7] = 8; // CD-ROM
869 buflen = 8;
870 break;
5dd90e2a
GH		 871 case SERVICE_ACTION_IN:
872 /* Service Action In subcommands. */
873 if ((req->cmd.buf[1] & 31) == 0x10) {
874 DPRINTF("SAI READ CAPACITY(16)\n");
875 memset(outbuf, 0, req->cmd.xfer);
428c149b 876 bdrv_get_geometry(s->bs, &nb_sectors);
5dd90e2a
GH		 877 if (!nb_sectors)
878 goto not_ready;
879 nb_sectors /= s->cluster_size;
880 /* Returned value is the address of the last sector. */
881 nb_sectors--;
882 /* Remember the new size for read/write sanity checking. */
883 s->max_lba = nb_sectors;
884 outbuf[0] = (nb_sectors >> 56) & 0xff;
885 outbuf[1] = (nb_sectors >> 48) & 0xff;
886 outbuf[2] = (nb_sectors >> 40) & 0xff;
887 outbuf[3] = (nb_sectors >> 32) & 0xff;
888 outbuf[4] = (nb_sectors >> 24) & 0xff;
889 outbuf[5] = (nb_sectors >> 16) & 0xff;
890 outbuf[6] = (nb_sectors >> 8) & 0xff;
891 outbuf[7] = nb_sectors & 0xff;
892 outbuf[8] = 0;
893 outbuf[9] = 0;
894 outbuf[10] = s->cluster_size * 2;
895 outbuf[11] = 0;
ee3659e3
CH		 896 outbuf[12] = 0;
897 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
ea3bd56f
CH		 898
899 /* set TPE bit if the format supports discard */
900 if (s->qdev.conf.discard_granularity) {
901 outbuf[14] = 0x80;
902 }
903
5dd90e2a
GH		 904 /* Protection, exponent and lowest lba field left blank. */
905 buflen = req->cmd.xfer;
906 break;
907 }
908 DPRINTF("Unsupported Service Action In\n");
909 goto illegal_request;
5e30a07d 910 case VERIFY_10:
88f8a5ed 911 break;
aa5dbdc1 912 default:
b45ef674 913 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
a1f0cce2 914 return -1;
aa5dbdc1 915 }
aa5dbdc1
GH		 916 return buflen;
917
918not_ready:
a1f0cce2 919 if (!bdrv_is_inserted(s->bs)) {
b45ef674 920 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
a1f0cce2 921 } else {
b45ef674 922 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
a1f0cce2 923 }
8af7a3ab 924 return -1;
aa5dbdc1
GH		 925
926illegal_request:
b45ef674 927 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
8af7a3ab 928 return -1;
aa5dbdc1
GH		 929}
930
2e5d83bb
PB		 931/* Execute a scsi command. Returns the length of the data expected by the
932 command. This will be Positive for data transfers from the device
933 (eg. disk reads), negative for transfers to the device (eg. disk writes),
934 and zero if the command does not transfer any data. */
935
5c6c0e51 936static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf)
2e5d83bb 937{
5c6c0e51
HR		 938 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
939 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
ad2d30f7 940 int32_t len;
a917d384
PB		 941 uint8_t command;
942 uint8_t *outbuf;
aa5dbdc1 943 int rc;
a917d384
PB		 944
945 command = buf[0];
3f4cb3d3 946 outbuf = (uint8_t *)r->iov.iov_base;
653c1c3f 947 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", req->lun, req->tag, buf[0]);
2dd791b6 948
2e5d83bb
PB		 949#ifdef DEBUG_SCSI
950 {
951 int i;
2dd791b6 952 for (i = 1; i < r->req.cmd.len; i++) {
2e5d83bb
PB		 953 printf(" 0x%02x", buf[i]);
954 }
955 printf("\n");
956 }
957#endif
aa5dbdc1 958
a917d384 959 switch (command) {
ebf46023 960 case TEST_UNIT_READY:
0b06c059 961 case INQUIRY:
ebddfcbe
GH		 962 case MODE_SENSE:
963 case MODE_SENSE_10:
3d53ba18
GH		 964 case RESERVE:
965 case RESERVE_10:
966 case RELEASE:
967 case RELEASE_10:
8d3628ff 968 case START_STOP:
c68b9f34 969 case ALLOW_MEDIUM_REMOVAL:
5e30a07d 970 case READ_CAPACITY_10:
fc903943 971 case SYNCHRONIZE_CACHE:
02880f43 972 case READ_TOC:
38215553 973 case GET_CONFIGURATION:
5dd90e2a 974 case SERVICE_ACTION_IN:
5e30a07d 975 case VERIFY_10:
8af7a3ab
KW		 976 rc = scsi_disk_emulate_command(r, outbuf);
977 if (rc < 0) {
0b06c059 978 return 0;
aa5dbdc1 979 }
8af7a3ab
KW		 980
981 r->iov.iov_len = rc;
0b06c059 982 break;
ebf46023
GH		 983 case READ_6:
984 case READ_10:
bd536cf3
GH		 985 case READ_12:
986 case READ_16:
5c6c0e51 987 len = r->req.cmd.xfer / s->qdev.blocksize;
2dd791b6
HR		 988 DPRINTF("Read (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len);
989 if (r->req.cmd.lba > s->max_lba)
274fb0e1 990 goto illegal_lba;
2dd791b6 991 r->sector = r->req.cmd.lba * s->cluster_size;
a917d384 992 r->sector_count = len * s->cluster_size;
2e5d83bb 993 break;
ebf46023
GH		 994 case WRITE_6:
995 case WRITE_10:
bd536cf3
GH		 996 case WRITE_12:
997 case WRITE_16:
5e30a07d 998 case WRITE_VERIFY_10:
ebef0bbb
BK		 999 case WRITE_VERIFY_12:
1000 case WRITE_VERIFY_16:
5c6c0e51 1001 len = r->req.cmd.xfer / s->qdev.blocksize;
ebef0bbb 1002 DPRINTF("Write %s(sector %" PRId64 ", count %d)\n",
2dd791b6
HR		 1003 (command & 0xe) == 0xe ? "And Verify " : "",
1004 r->req.cmd.lba, len);
1005 if (r->req.cmd.lba > s->max_lba)
274fb0e1 1006 goto illegal_lba;
2dd791b6 1007 r->sector = r->req.cmd.lba * s->cluster_size;
a917d384 1008 r->sector_count = len * s->cluster_size;
2e5d83bb 1009 break;
ebef0bbb 1010 case MODE_SELECT:
2dd791b6 1011 DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
ebef0bbb
BK		 1012 /* We don't support mode parameter changes.
1013 Allow the mode parameter header + block descriptors only. */
2dd791b6 1014 if (r->req.cmd.xfer > 12) {
ebef0bbb
BK		 1015 goto fail;
1016 }
1017 break;
1018 case MODE_SELECT_10:
2dd791b6 1019 DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
ebef0bbb
BK		 1020 /* We don't support mode parameter changes.
1021 Allow the mode parameter header + block descriptors only. */
2dd791b6 1022 if (r->req.cmd.xfer > 16) {
ebef0bbb
BK		 1023 goto fail;
1024 }
1025 break;
1026 case SEEK_6:
1027 case SEEK_10:
2dd791b6
HR		 1028 DPRINTF("Seek(%d) (sector %" PRId64 ")\n", command == SEEK_6 ? 6 : 10,
1029 r->req.cmd.lba);
1030 if (r->req.cmd.lba > s->max_lba) {
ebef0bbb
BK		 1031 goto illegal_lba;
1032 }
ea3bd56f
CH		 1033 break;
1034 case WRITE_SAME_16:
5c6c0e51 1035 len = r->req.cmd.xfer / s->qdev.blocksize;
ea3bd56f
CH		 1036
1037 DPRINTF("WRITE SAME(16) (sector %" PRId64 ", count %d)\n",
1038 r->req.cmd.lba, len);
1039
1040 if (r->req.cmd.lba > s->max_lba) {
1041 goto illegal_lba;
1042 }
1043
1044 /*
1045 * We only support WRITE SAME with the unmap bit set for now.
1046 */
1047 if (!(buf[1] & 0x8)) {
1048 goto fail;
1049 }
1050
1051 rc = bdrv_discard(s->bs, r->req.cmd.lba * s->cluster_size,
1052 len * s->cluster_size);
1053 if (rc < 0) {
1054 /* XXX: better error code ?*/
1055 goto fail;
1056 }
1057
ebef0bbb 1058 break;
739df215
PB		 1059 case REQUEST_SENSE:
1060 abort();
2e5d83bb 1061 default:
2dd791b6 1062 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
b45ef674 1063 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
a1f0cce2 1064 return 0;
2e5d83bb 1065 fail:
b45ef674 1066 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2dd791b6 1067 return 0;
274fb0e1 1068 illegal_lba:
b45ef674 1069 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
274fb0e1 1070 return 0;
2e5d83bb 1071 }
c87c0672 1072 if (r->sector_count == 0 && r->iov.iov_len == 0) {
b45ef674 1073 scsi_req_complete(&r->req, GOOD);
a917d384 1074 }
c87c0672 1075 len = r->sector_count * 512 + r->iov.iov_len;
efb9ee02
HR		 1076 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
1077 return -len;
a917d384
PB		 1078 } else {
1079 if (!r->sector_count)
1080 r->sector_count = -1;
efb9ee02 1081 return len;
2e5d83bb 1082 }
2e5d83bb
PB		 1083}
1084
e9447f35
JK		 1085static void scsi_disk_reset(DeviceState *dev)
1086{
1087 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
1088 uint64_t nb_sectors;
1089
c7b48872 1090 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
e9447f35
JK		 1091
1092 bdrv_get_geometry(s->bs, &nb_sectors);
1093 nb_sectors /= s->cluster_size;
1094 if (nb_sectors) {
1095 nb_sectors--;
1096 }
1097 s->max_lba = nb_sectors;
1098}
1099
1100static void scsi_destroy(SCSIDevice *dev)
1101{
1102 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1103
c7b48872 1104 scsi_device_purge_requests(&s->qdev, SENSE_CODE(NO_SENSE));
f8b6cc00 1105 blockdev_mark_auto_del(s->qdev.conf.bs);
56a14938
GH		 1106}
1107
f37bd73b 1108static int scsi_initfn(SCSIDevice *dev, uint8_t scsi_type)
2e5d83bb 1109{
d52affa7 1110 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
f8b6cc00 1111 DriveInfo *dinfo;
2e5d83bb 1112
f8b6cc00 1113 if (!s->qdev.conf.bs) {
1ecda02b 1114 error_report("scsi-disk: drive property not set");
d52affa7
GH		 1115 return -1;
1116 }
f8b6cc00 1117 s->bs = s->qdev.conf.bs;
d52affa7 1118
f37bd73b 1119 if (scsi_type == TYPE_DISK && !bdrv_is_inserted(s->bs)) {
98f28ad7
MA		 1120 error_report("Device needs media, but drive is empty");
1121 return -1;
1122 }
1123
a0fef654 1124 if (!s->serial) {
f8b6cc00
MA		 1125 /* try to fall back to value set with legacy -drive serial=... */
1126 dinfo = drive_get_by_blockdev(s->bs);
3e1c0c9a 1127 if (*dinfo->serial) {
7267c094 1128 s->serial = g_strdup(dinfo->serial);
3e1c0c9a 1129 }
a0fef654
MA		 1130 }
1131
552fee93 1132 if (!s->version) {
7267c094 1133 s->version = g_strdup(QEMU_VERSION);
552fee93
MA		 1134 }
1135
32bb404a 1136 if (bdrv_is_sg(s->bs)) {
1ecda02b 1137 error_report("scsi-disk: unwanted /dev/sg*");
32bb404a
MA		 1138 return -1;
1139 }
1140
f37bd73b 1141 if (scsi_type == TYPE_ROM) {
8cfacf07 1142 s->qdev.blocksize = 2048;
f37bd73b 1143 } else if (scsi_type == TYPE_DISK) {
8cfacf07 1144 s->qdev.blocksize = s->qdev.conf.logical_block_size;
f37bd73b
HR		 1145 } else {
1146 error_report("scsi-disk: Unhandled SCSI type %02x", scsi_type);
1147 return -1;
2e5d83bb 1148 }
8cfacf07 1149 s->cluster_size = s->qdev.blocksize / 512;
73fdb1e1 1150 s->bs->buffer_alignment = s->qdev.blocksize;
8cfacf07 1151
f37bd73b 1152 s->qdev.type = scsi_type;
ea8a5d7f 1153 qemu_add_vm_change_state_handler(scsi_dma_restart_cb, s);
f37bd73b 1154 bdrv_set_removable(s->bs, scsi_type == TYPE_ROM);
1ca4d09a 1155 add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, ",0");
d52affa7
GH		 1156 return 0;
1157}
1158
b443ae67
MA		 1159static int scsi_hd_initfn(SCSIDevice *dev)
1160{
f37bd73b 1161 return scsi_initfn(dev, TYPE_DISK);
b443ae67
MA		 1162}
1163
1164static int scsi_cd_initfn(SCSIDevice *dev)
1165{
f37bd73b 1166 return scsi_initfn(dev, TYPE_ROM);
b443ae67
MA		 1167}
1168
1169static int scsi_disk_initfn(SCSIDevice *dev)
1170{
95b5edcd 1171 DriveInfo *dinfo;
f37bd73b 1172 uint8_t scsi_type;
b443ae67
MA		 1173
1174 if (!dev->conf.bs) {
f37bd73b 1175 scsi_type = TYPE_DISK; /* will die in scsi_initfn() */
b443ae67 1176 } else {
95b5edcd 1177 dinfo = drive_get_by_blockdev(dev->conf.bs);
f37bd73b 1178 scsi_type = dinfo->media_cd ? TYPE_ROM : TYPE_DISK;
b443ae67
MA		 1179 }
1180
f37bd73b 1181 return scsi_initfn(dev, scsi_type);
b443ae67
MA		 1182}
1183
8dbd4574
PB		 1184static SCSIReqOps scsi_disk_reqops = {
1185 .size = sizeof(SCSIDiskReq),
12010e7b
PB		 1186 .free_req = scsi_free_request,
1187 .send_command = scsi_send_command,
1188 .read_data = scsi_read_data,
1189 .write_data = scsi_write_data,
1190 .cancel_io = scsi_cancel_io,
1191 .get_buf = scsi_get_buf,
8dbd4574
PB		 1192};
1193
1194static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag,
1195 uint32_t lun, void *hba_private)
1196{
1197 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
1198 SCSIRequest *req;
1199 SCSIDiskReq *r;
1200
1201 req = scsi_req_alloc(&scsi_disk_reqops, &s->qdev, tag, lun, hba_private);
1202 r = DO_UPCAST(SCSIDiskReq, req, req);
1203 r->iov.iov_base = qemu_blockalign(s->bs, SCSI_DMA_BUF_SIZE);
1204 return req;
1205}
1206
b443ae67
MA		 1207#define DEFINE_SCSI_DISK_PROPERTIES() \
1208 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \
1209 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
1210 DEFINE_PROP_STRING("serial", SCSIDiskState, serial)
1211
1212static SCSIDeviceInfo scsi_disk_info[] = {
1213 {
1214 .qdev.name = "scsi-hd",
1215 .qdev.fw_name = "disk",
1216 .qdev.desc = "virtual SCSI disk",
1217 .qdev.size = sizeof(SCSIDiskState),
1218 .qdev.reset = scsi_disk_reset,
1219 .init = scsi_hd_initfn,
1220 .destroy = scsi_destroy,
5c6c0e51 1221 .alloc_req = scsi_new_request,
b443ae67
MA		 1222 .qdev.props = (Property[]) {
1223 DEFINE_SCSI_DISK_PROPERTIES(),
1224 DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false),
1225 DEFINE_PROP_END_OF_LIST(),
1226 }
1227 },{
1228 .qdev.name = "scsi-cd",
1229 .qdev.fw_name = "disk",
1230 .qdev.desc = "virtual SCSI CD-ROM",
1231 .qdev.size = sizeof(SCSIDiskState),
1232 .qdev.reset = scsi_disk_reset,
1233 .init = scsi_cd_initfn,
1234 .destroy = scsi_destroy,
5c6c0e51 1235 .alloc_req = scsi_new_request,
b443ae67
MA		 1236 .qdev.props = (Property[]) {
1237 DEFINE_SCSI_DISK_PROPERTIES(),
1238 DEFINE_PROP_END_OF_LIST(),
1239 },
1240 },{
1241 .qdev.name = "scsi-disk", /* legacy -device scsi-disk */
1242 .qdev.fw_name = "disk",
1243 .qdev.desc = "virtual SCSI disk or CD-ROM (legacy)",
1244 .qdev.size = sizeof(SCSIDiskState),
1245 .qdev.reset = scsi_disk_reset,
1246 .init = scsi_disk_initfn,
1247 .destroy = scsi_destroy,
5c6c0e51 1248 .alloc_req = scsi_new_request,
b443ae67
MA		 1249 .qdev.props = (Property[]) {
1250 DEFINE_SCSI_DISK_PROPERTIES(),
1251 DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false),
1252 DEFINE_PROP_END_OF_LIST(),
1253 }
1254 }
d52affa7
GH		 1255};
1256
1257static void scsi_disk_register_devices(void)
1258{
b443ae67
MA		 1259 int i;
1260
1261 for (i = 0; i < ARRAY_SIZE(scsi_disk_info); i++) {
1262 scsi_qdev_register(&scsi_disk_info[i]);
1263 }
8ccc2ace 1264}
d52affa7 1265device_init(scsi_disk_register_devices)
QEMU mirror