]> git.proxmox.com Git - qemu.git/blob - hw/scsi-disk.c
projects / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
RunState: Rename enum values as generated by the QAPI
[qemu.git] / hw / scsi-disk.c
1 /*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
14 *
15 * This code is licensed under the LGPL.
16 *
17 * Note that this file only handles the SCSI architecture model and device
18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
20 */
21
22 //#define DEBUG_SCSI
23
24 #ifdef DEBUG_SCSI
25 #define DPRINTF(fmt, ...) \
26 do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
27 #else
28 #define DPRINTF(fmt, ...) do {} while(0)
29 #endif
30
31 #define BADF(fmt, ...) \
32 do { fprintf(stderr, "scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
33
34 #include "qemu-common.h"
35 #include "qemu-error.h"
36 #include "scsi.h"
37 #include "scsi-defs.h"
38 #include "sysemu.h"
39 #include "blockdev.h"
40 #include "block_int.h"
41
42 #define SCSI_DMA_BUF_SIZE 131072
43 #define SCSI_MAX_INQUIRY_LEN 256
44
45 #define SCSI_REQ_STATUS_RETRY 0x01
46 #define SCSI_REQ_STATUS_RETRY_TYPE_MASK 0x06
47 #define SCSI_REQ_STATUS_RETRY_READ 0x00
48 #define SCSI_REQ_STATUS_RETRY_WRITE 0x02
49 #define SCSI_REQ_STATUS_RETRY_FLUSH 0x04
50
51 typedef struct SCSIDiskState SCSIDiskState;
52
53 typedef struct SCSIDiskReq {
54 SCSIRequest req;
55 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
56 uint64_t sector;
57 uint32_t sector_count;
58 uint32_t buflen;
59 struct iovec iov;
60 QEMUIOVector qiov;
61 uint32_t status;
62 BlockAcctCookie acct;
63 } SCSIDiskReq;
64
65 struct SCSIDiskState
66 {
67 SCSIDevice qdev;
68 BlockDriverState *bs;
69 /* The qemu block layer uses a fixed 512 byte sector size.
70 This is the number of 512 byte blocks in a single scsi sector. */
71 int cluster_size;
72 uint32_t removable;
73 uint64_t max_lba;
74 QEMUBH *bh;
75 char *version;
76 char *serial;
77 bool tray_open;
78 bool tray_locked;
79 };
80
81 static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type);
82 static int scsi_disk_emulate_command(SCSIDiskReq *r);
83
84 static void scsi_free_request(SCSIRequest *req)
85 {
86 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
87
88 if (r->iov.iov_base) {
89 qemu_vfree(r->iov.iov_base);
90 }
91 }
92
93 /* Helper function for command completion with sense. */
94 static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
95 {
96 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n",
97 r->req.tag, sense.key, sense.asc, sense.ascq);
98 scsi_req_build_sense(&r->req, sense);
99 scsi_req_complete(&r->req, CHECK_CONDITION);
100 }
101
102 /* Cancel a pending data transfer. */
103 static void scsi_cancel_io(SCSIRequest *req)
104 {
105 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
106
107 DPRINTF("Cancel tag=0x%x\n", req->tag);
108 if (r->req.aiocb) {
109 bdrv_aio_cancel(r->req.aiocb);
110 }
111 r->req.aiocb = NULL;
112 }
113
114 static uint32_t scsi_init_iovec(SCSIDiskReq *r)
115 {
116 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
117
118 if (!r->iov.iov_base) {
119 r->buflen = SCSI_DMA_BUF_SIZE;
120 r->iov.iov_base = qemu_blockalign(s->bs, r->buflen);
121 }
122 r->iov.iov_len = MIN(r->sector_count * 512, r->buflen);
123 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
124 return r->qiov.size / 512;
125 }
126
127 static void scsi_read_complete(void * opaque, int ret)
128 {
129 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
130 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
131 int n;
132
133 if (r->req.aiocb != NULL) {
134 r->req.aiocb = NULL;
135 bdrv_acct_done(s->bs, &r->acct);
136 }
137
138 if (ret) {
139 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_READ)) {
140 return;
141 }
142 }
143
144 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->qiov.size);
145
146 n = r->qiov.size / 512;
147 r->sector += n;
148 r->sector_count -= n;
149 scsi_req_data(&r->req, r->qiov.size);
150 }
151
152 static void scsi_flush_complete(void * opaque, int ret)
153 {
154 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
155 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
156
157 if (r->req.aiocb != NULL) {
158 r->req.aiocb = NULL;
159 bdrv_acct_done(s->bs, &r->acct);
160 }
161
162 if (ret < 0) {
163 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_FLUSH)) {
164 return;
165 }
166 }
167
168 scsi_req_complete(&r->req, GOOD);
169 }
170
171 /* Read more data from scsi device into buffer. */
172 static void scsi_read_data(SCSIRequest *req)
173 {
174 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
175 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
176 uint32_t n;
177
178 if (r->sector_count == (uint32_t)-1) {
179 DPRINTF("Read buf_len=%zd\n", r->iov.iov_len);
180 r->sector_count = 0;
181 scsi_req_data(&r->req, r->iov.iov_len);
182 return;
183 }
184 DPRINTF("Read sector_count=%d\n", r->sector_count);
185 if (r->sector_count == 0) {
186 /* This also clears the sense buffer for REQUEST SENSE. */
187 scsi_req_complete(&r->req, GOOD);
188 return;
189 }
190
191 /* No data transfer may already be in progress */
192 assert(r->req.aiocb == NULL);
193
194 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
195 DPRINTF("Data transfer direction invalid\n");
196 scsi_read_complete(r, -EINVAL);
197 return;
198 }
199
200 if (s->tray_open) {
201 scsi_read_complete(r, -ENOMEDIUM);
202 }
203 n = scsi_init_iovec(r);
204 bdrv_acct_start(s->bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
205 r->req.aiocb = bdrv_aio_readv(s->bs, r->sector, &r->qiov, n,
206 scsi_read_complete, r);
207 if (r->req.aiocb == NULL) {
208 scsi_read_complete(r, -EIO);
209 }
210 }
211
212 static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type)
213 {
214 int is_read = (type == SCSI_REQ_STATUS_RETRY_READ);
215 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
216 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
217
218 if (action == BLOCK_ERR_IGNORE) {
219 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
220 return 0;
221 }
222
223 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
224 || action == BLOCK_ERR_STOP_ANY) {
225
226 type &= SCSI_REQ_STATUS_RETRY_TYPE_MASK;
227 r->status |= SCSI_REQ_STATUS_RETRY | type;
228
229 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
230 vm_stop(RUN_STATE_IO_ERROR);
231 } else {
232 switch (error) {
233 case ENOMEM:
234 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
235 break;
236 case EINVAL:
237 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
238 break;
239 default:
240 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
241 break;
242 }
243 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
244 }
245 return 1;
246 }
247
248 static void scsi_write_complete(void * opaque, int ret)
249 {
250 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
251 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
252 uint32_t n;
253
254 if (r->req.aiocb != NULL) {
255 r->req.aiocb = NULL;
256 bdrv_acct_done(s->bs, &r->acct);
257 }
258
259 if (ret) {
260 if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_WRITE)) {
261 return;
262 }
263 }
264
265 n = r->qiov.size / 512;
266 r->sector += n;
267 r->sector_count -= n;
268 if (r->sector_count == 0) {
269 scsi_req_complete(&r->req, GOOD);
270 } else {
271 scsi_init_iovec(r);
272 DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, r->qiov.size);
273 scsi_req_data(&r->req, r->qiov.size);
274 }
275 }
276
277 static void scsi_write_data(SCSIRequest *req)
278 {
279 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
280 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
281 uint32_t n;
282
283 /* No data transfer may already be in progress */
284 assert(r->req.aiocb == NULL);
285
286 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
287 DPRINTF("Data transfer direction invalid\n");
288 scsi_write_complete(r, -EINVAL);
289 return;
290 }
291
292 n = r->qiov.size / 512;
293 if (n) {
294 if (s->tray_open) {
295 scsi_write_complete(r, -ENOMEDIUM);
296 }
297 bdrv_acct_start(s->bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_WRITE);
298 r->req.aiocb = bdrv_aio_writev(s->bs, r->sector, &r->qiov, n,
299 scsi_write_complete, r);
300 if (r->req.aiocb == NULL) {
301 scsi_write_complete(r, -ENOMEM);
302 }
303 } else {
304 /* Called for the first time. Ask the driver to send us more data. */
305 scsi_write_complete(r, 0);
306 }
307 }
308
309 static void scsi_dma_restart_bh(void *opaque)
310 {
311 SCSIDiskState *s = opaque;
312 SCSIRequest *req;
313 SCSIDiskReq *r;
314
315 qemu_bh_delete(s->bh);
316 s->bh = NULL;
317
318 QTAILQ_FOREACH(req, &s->qdev.requests, next) {
319 r = DO_UPCAST(SCSIDiskReq, req, req);
320 if (r->status & SCSI_REQ_STATUS_RETRY) {
321 int status = r->status;
322 int ret;
323
324 r->status &=
325 ~(SCSI_REQ_STATUS_RETRY | SCSI_REQ_STATUS_RETRY_TYPE_MASK);
326
327 switch (status & SCSI_REQ_STATUS_RETRY_TYPE_MASK) {
328 case SCSI_REQ_STATUS_RETRY_READ:
329 scsi_read_data(&r->req);
330 break;
331 case SCSI_REQ_STATUS_RETRY_WRITE:
332 scsi_write_data(&r->req);
333 break;
334 case SCSI_REQ_STATUS_RETRY_FLUSH:
335 ret = scsi_disk_emulate_command(r);
336 if (ret == 0) {
337 scsi_req_complete(&r->req, GOOD);
338 }
339 }
340 }
341 }
342 }
343
344 static void scsi_dma_restart_cb(void *opaque, int running, RunState state)
345 {
346 SCSIDiskState *s = opaque;
347
348 if (!running)
349 return;
350
351 if (!s->bh) {
352 s->bh = qemu_bh_new(scsi_dma_restart_bh, s);
353 qemu_bh_schedule(s->bh);
354 }
355 }
356
357 /* Return a pointer to the data buffer. */
358 static uint8_t *scsi_get_buf(SCSIRequest *req)
359 {
360 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
361
362 return (uint8_t *)r->iov.iov_base;
363 }
364
365 static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
366 {
367 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
368 int buflen = 0;
369
370 if (req->cmd.buf[1] & 0x2) {
371 /* Command support data - optional, not implemented */
372 BADF("optional INQUIRY command support request not implemented\n");
373 return -1;
374 }
375
376 if (req->cmd.buf[1] & 0x1) {
377 /* Vital product data */
378 uint8_t page_code = req->cmd.buf[2];
379 if (req->cmd.xfer < 4) {
380 BADF("Error: Inquiry (EVPD[%02X]) buffer size %zd is "
381 "less than 4\n", page_code, req->cmd.xfer);
382 return -1;
383 }
384
385 if (s->qdev.type == TYPE_ROM) {
386 outbuf[buflen++] = 5;
387 } else {
388 outbuf[buflen++] = 0;
389 }
390 outbuf[buflen++] = page_code ; // this page
391 outbuf[buflen++] = 0x00;
392
393 switch (page_code) {
394 case 0x00: /* Supported page codes, mandatory */
395 {
396 int pages;
397 DPRINTF("Inquiry EVPD[Supported pages] "
398 "buffer size %zd\n", req->cmd.xfer);
399 pages = buflen++;
400 outbuf[buflen++] = 0x00; // list of supported pages (this page)
401 if (s->serial)
402 outbuf[buflen++] = 0x80; // unit serial number
403 outbuf[buflen++] = 0x83; // device identification
404 if (s->qdev.type == TYPE_DISK) {
405 outbuf[buflen++] = 0xb0; // block limits
406 outbuf[buflen++] = 0xb2; // thin provisioning
407 }
408 outbuf[pages] = buflen - pages - 1; // number of pages
409 break;
410 }
411 case 0x80: /* Device serial number, optional */
412 {
413 int l;
414
415 if (!s->serial) {
416 DPRINTF("Inquiry (EVPD[Serial number] not supported\n");
417 return -1;
418 }
419
420 l = strlen(s->serial);
421 if (l > req->cmd.xfer)
422 l = req->cmd.xfer;
423 if (l > 20)
424 l = 20;
425
426 DPRINTF("Inquiry EVPD[Serial number] "
427 "buffer size %zd\n", req->cmd.xfer);
428 outbuf[buflen++] = l;
429 memcpy(outbuf+buflen, s->serial, l);
430 buflen += l;
431 break;
432 }
433
434 case 0x83: /* Device identification page, mandatory */
435 {
436 int max_len = 255 - 8;
437 int id_len = strlen(bdrv_get_device_name(s->bs));
438
439 if (id_len > max_len)
440 id_len = max_len;
441 DPRINTF("Inquiry EVPD[Device identification] "
442 "buffer size %zd\n", req->cmd.xfer);
443
444 outbuf[buflen++] = 4 + id_len;
445 outbuf[buflen++] = 0x2; // ASCII
446 outbuf[buflen++] = 0; // not officially assigned
447 outbuf[buflen++] = 0; // reserved
448 outbuf[buflen++] = id_len; // length of data following
449
450 memcpy(outbuf+buflen, bdrv_get_device_name(s->bs), id_len);
451 buflen += id_len;
452 break;
453 }
454 case 0xb0: /* block limits */
455 {
456 unsigned int unmap_sectors =
457 s->qdev.conf.discard_granularity / s->qdev.blocksize;
458 unsigned int min_io_size =
459 s->qdev.conf.min_io_size / s->qdev.blocksize;
460 unsigned int opt_io_size =
461 s->qdev.conf.opt_io_size / s->qdev.blocksize;
462
463 if (s->qdev.type == TYPE_ROM) {
464 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
465 page_code);
466 return -1;
467 }
468 /* required VPD size with unmap support */
469 outbuf[3] = buflen = 0x3c;
470
471 memset(outbuf + 4, 0, buflen - 4);
472
473 /* optimal transfer length granularity */
474 outbuf[6] = (min_io_size >> 8) & 0xff;
475 outbuf[7] = min_io_size & 0xff;
476
477 /* optimal transfer length */
478 outbuf[12] = (opt_io_size >> 24) & 0xff;
479 outbuf[13] = (opt_io_size >> 16) & 0xff;
480 outbuf[14] = (opt_io_size >> 8) & 0xff;
481 outbuf[15] = opt_io_size & 0xff;
482
483 /* optimal unmap granularity */
484 outbuf[28] = (unmap_sectors >> 24) & 0xff;
485 outbuf[29] = (unmap_sectors >> 16) & 0xff;
486 outbuf[30] = (unmap_sectors >> 8) & 0xff;
487 outbuf[31] = unmap_sectors & 0xff;
488 break;
489 }
490 case 0xb2: /* thin provisioning */
491 {
492 outbuf[3] = buflen = 8;
493 outbuf[4] = 0;
494 outbuf[5] = 0x40; /* write same with unmap supported */
495 outbuf[6] = 0;
496 outbuf[7] = 0;
497 break;
498 }
499 default:
500 BADF("Error: unsupported Inquiry (EVPD[%02X]) "
501 "buffer size %zd\n", page_code, req->cmd.xfer);
502 return -1;
503 }
504 /* done with EVPD */
505 return buflen;
506 }
507
508 /* Standard INQUIRY data */
509 if (req->cmd.buf[2] != 0) {
510 BADF("Error: Inquiry (STANDARD) page or code "
511 "is non-zero [%02X]\n", req->cmd.buf[2]);
512 return -1;
513 }
514
515 /* PAGE CODE == 0 */
516 if (req->cmd.xfer < 5) {
517 BADF("Error: Inquiry (STANDARD) buffer size %zd "
518 "is less than 5\n", req->cmd.xfer);
519 return -1;
520 }
521
522 buflen = req->cmd.xfer;
523 if (buflen > SCSI_MAX_INQUIRY_LEN)
524 buflen = SCSI_MAX_INQUIRY_LEN;
525
526 memset(outbuf, 0, buflen);
527
528 outbuf[0] = s->qdev.type & 0x1f;
529 if (s->qdev.type == TYPE_ROM) {
530 outbuf[1] = 0x80;
531 memcpy(&outbuf[16], "QEMU CD-ROM ", 16);
532 } else {
533 outbuf[1] = s->removable ? 0x80 : 0;
534 memcpy(&outbuf[16], "QEMU HARDDISK ", 16);
535 }
536 memcpy(&outbuf[8], "QEMU ", 8);
537 memset(&outbuf[32], 0, 4);
538 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
539 /*
540 * We claim conformance to SPC-3, which is required for guests
541 * to ask for modern features like READ CAPACITY(16) or the
542 * block characteristics VPD page by default. Not all of SPC-3
543 * is actually implemented, but we're good enough.
544 */
545 outbuf[2] = 5;
546 outbuf[3] = 2; /* Format 2 */
547
548 if (buflen > 36) {
549 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
550 } else {
551 /* If the allocation length of CDB is too small,
552 the additional length is not adjusted */
553 outbuf[4] = 36 - 5;
554 }
555
556 /* Sync data transfer and TCQ. */
557 outbuf[7] = 0x10 | (req->bus->tcq ? 0x02 : 0);
558 return buflen;
559 }
560
561 static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
562 int page_control)
563 {
564 BlockDriverState *bdrv = s->bs;
565 int cylinders, heads, secs;
566 uint8_t *p = *p_outbuf;
567
568 /*
569 * If Changeable Values are requested, a mask denoting those mode parameters
570 * that are changeable shall be returned. As we currently don't support
571 * parameter changes via MODE_SELECT all bits are returned set to zero.
572 * The buffer was already menset to zero by the caller of this function.
573 */
574 switch (page) {
575 case 4: /* Rigid disk device geometry page. */
576 if (s->qdev.type == TYPE_ROM) {
577 return -1;
578 }
579 p[0] = 4;
580 p[1] = 0x16;
581 if (page_control == 1) { /* Changeable Values */
582 break;
583 }
584 /* if a geometry hint is available, use it */
585 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
586 p[2] = (cylinders >> 16) & 0xff;
587 p[3] = (cylinders >> 8) & 0xff;
588 p[4] = cylinders & 0xff;
589 p[5] = heads & 0xff;
590 /* Write precomp start cylinder, disabled */
591 p[6] = (cylinders >> 16) & 0xff;
592 p[7] = (cylinders >> 8) & 0xff;
593 p[8] = cylinders & 0xff;
594 /* Reduced current start cylinder, disabled */
595 p[9] = (cylinders >> 16) & 0xff;
596 p[10] = (cylinders >> 8) & 0xff;
597 p[11] = cylinders & 0xff;
598 /* Device step rate [ns], 200ns */
599 p[12] = 0;
600 p[13] = 200;
601 /* Landing zone cylinder */
602 p[14] = 0xff;
603 p[15] = 0xff;
604 p[16] = 0xff;
605 /* Medium rotation rate [rpm], 5400 rpm */
606 p[20] = (5400 >> 8) & 0xff;
607 p[21] = 5400 & 0xff;
608 break;
609
610 case 5: /* Flexible disk device geometry page. */
611 if (s->qdev.type == TYPE_ROM) {
612 return -1;
613 }
614 p[0] = 5;
615 p[1] = 0x1e;
616 if (page_control == 1) { /* Changeable Values */
617 break;
618 }
619 /* Transfer rate [kbit/s], 5Mbit/s */
620 p[2] = 5000 >> 8;
621 p[3] = 5000 & 0xff;
622 /* if a geometry hint is available, use it */
623 bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs);
624 p[4] = heads & 0xff;
625 p[5] = secs & 0xff;
626 p[6] = s->cluster_size * 2;
627 p[8] = (cylinders >> 8) & 0xff;
628 p[9] = cylinders & 0xff;
629 /* Write precomp start cylinder, disabled */
630 p[10] = (cylinders >> 8) & 0xff;
631 p[11] = cylinders & 0xff;
632 /* Reduced current start cylinder, disabled */
633 p[12] = (cylinders >> 8) & 0xff;
634 p[13] = cylinders & 0xff;
635 /* Device step rate [100us], 100us */
636 p[14] = 0;
637 p[15] = 1;
638 /* Device step pulse width [us], 1us */
639 p[16] = 1;
640 /* Device head settle delay [100us], 100us */
641 p[17] = 0;
642 p[18] = 1;
643 /* Motor on delay [0.1s], 0.1s */
644 p[19] = 1;
645 /* Motor off delay [0.1s], 0.1s */
646 p[20] = 1;
647 /* Medium rotation rate [rpm], 5400 rpm */
648 p[28] = (5400 >> 8) & 0xff;
649 p[29] = 5400 & 0xff;
650 break;
651
652 case 8: /* Caching page. */
653 p[0] = 8;
654 p[1] = 0x12;
655 if (page_control == 1) { /* Changeable Values */
656 break;
657 }
658 if (bdrv_enable_write_cache(s->bs)) {
659 p[2] = 4; /* WCE */
660 }
661 break;
662
663 case 0x2a: /* CD Capabilities and Mechanical Status page. */
664 if (s->qdev.type != TYPE_ROM) {
665 return -1;
666 }
667 p[0] = 0x2a;
668 p[1] = 0x14;
669 if (page_control == 1) { /* Changeable Values */
670 break;
671 }
672 p[2] = 3; // CD-R & CD-RW read
673 p[3] = 0; // Writing not supported
674 p[4] = 0x7f; /* Audio, composite, digital out,
675 mode 2 form 1&2, multi session */
676 p[5] = 0xff; /* CD DA, DA accurate, RW supported,
677 RW corrected, C2 errors, ISRC,
678 UPC, Bar code */
679 p[6] = 0x2d | (s->tray_locked ? 2 : 0);
680 /* Locking supported, jumper present, eject, tray */
681 p[7] = 0; /* no volume & mute control, no
682 changer */
683 p[8] = (50 * 176) >> 8; // 50x read speed
684 p[9] = (50 * 176) & 0xff;
685 p[10] = 0 >> 8; // No volume
686 p[11] = 0 & 0xff;
687 p[12] = 2048 >> 8; // 2M buffer
688 p[13] = 2048 & 0xff;
689 p[14] = (16 * 176) >> 8; // 16x read speed current
690 p[15] = (16 * 176) & 0xff;
691 p[18] = (16 * 176) >> 8; // 16x write speed
692 p[19] = (16 * 176) & 0xff;
693 p[20] = (16 * 176) >> 8; // 16x write speed current
694 p[21] = (16 * 176) & 0xff;
695 break;
696
697 default:
698 return -1;
699 }
700
701 *p_outbuf += p[1] + 2;
702 return p[1] + 2;
703 }
704
705 static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
706 {
707 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
708 uint64_t nb_sectors;
709 int page, dbd, buflen, ret, page_control;
710 uint8_t *p;
711 uint8_t dev_specific_param;
712
713 dbd = r->req.cmd.buf[1] & 0x8;
714 page = r->req.cmd.buf[2] & 0x3f;
715 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
716 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
717 (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control);
718 memset(outbuf, 0, r->req.cmd.xfer);
719 p = outbuf;
720
721 if (bdrv_is_read_only(s->bs)) {
722 dev_specific_param = 0x80; /* Readonly. */
723 } else {
724 dev_specific_param = 0x00;
725 }
726
727 if (r->req.cmd.buf[0] == MODE_SENSE) {
728 p[1] = 0; /* Default media type. */
729 p[2] = dev_specific_param;
730 p[3] = 0; /* Block descriptor length. */
731 p += 4;
732 } else { /* MODE_SENSE_10 */
733 p[2] = 0; /* Default media type. */
734 p[3] = dev_specific_param;
735 p[6] = p[7] = 0; /* Block descriptor length. */
736 p += 8;
737 }
738
739 bdrv_get_geometry(s->bs, &nb_sectors);
740 if (!dbd && nb_sectors) {
741 if (r->req.cmd.buf[0] == MODE_SENSE) {
742 outbuf[3] = 8; /* Block descriptor length */
743 } else { /* MODE_SENSE_10 */
744 outbuf[7] = 8; /* Block descriptor length */
745 }
746 nb_sectors /= s->cluster_size;
747 if (nb_sectors > 0xffffff)
748 nb_sectors = 0;
749 p[0] = 0; /* media density code */
750 p[1] = (nb_sectors >> 16) & 0xff;
751 p[2] = (nb_sectors >> 8) & 0xff;
752 p[3] = nb_sectors & 0xff;
753 p[4] = 0; /* reserved */
754 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
755 p[6] = s->cluster_size * 2;
756 p[7] = 0;
757 p += 8;
758 }
759
760 if (page_control == 3) {
761 /* Saved Values */
762 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
763 return -1;
764 }
765
766 if (page == 0x3f) {
767 for (page = 0; page <= 0x3e; page++) {
768 mode_sense_page(s, page, &p, page_control);
769 }
770 } else {
771 ret = mode_sense_page(s, page, &p, page_control);
772 if (ret == -1) {
773 return -1;
774 }
775 }
776
777 buflen = p - outbuf;
778 /*
779 * The mode data length field specifies the length in bytes of the
780 * following data that is available to be transferred. The mode data
781 * length does not include itself.
782 */
783 if (r->req.cmd.buf[0] == MODE_SENSE) {
784 outbuf[0] = buflen - 1;
785 } else { /* MODE_SENSE_10 */
786 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
787 outbuf[1] = (buflen - 2) & 0xff;
788 }
789 if (buflen > r->req.cmd.xfer)
790 buflen = r->req.cmd.xfer;
791 return buflen;
792 }
793
794 static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
795 {
796 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
797 int start_track, format, msf, toclen;
798 uint64_t nb_sectors;
799
800 msf = req->cmd.buf[1] & 2;
801 format = req->cmd.buf[2] & 0xf;
802 start_track = req->cmd.buf[6];
803 bdrv_get_geometry(s->bs, &nb_sectors);
804 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
805 nb_sectors /= s->cluster_size;
806 switch (format) {
807 case 0:
808 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
809 break;
810 case 1:
811 /* multi session : only a single session defined */
812 toclen = 12;
813 memset(outbuf, 0, 12);
814 outbuf[1] = 0x0a;
815 outbuf[2] = 0x01;
816 outbuf[3] = 0x01;
817 break;
818 case 2:
819 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
820 break;
821 default:
822 return -1;
823 }
824 if (toclen > req->cmd.xfer)
825 toclen = req->cmd.xfer;
826 return toclen;
827 }
828
829 static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
830 {
831 SCSIRequest *req = &r->req;
832 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
833 bool start = req->cmd.buf[4] & 1;
834 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
835
836 if (s->qdev.type == TYPE_ROM && loej) {
837 if (!start && !s->tray_open && s->tray_locked) {
838 scsi_check_condition(r,
839 bdrv_is_inserted(s->bs)
840 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
841 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
842 return -1;
843 }
844 bdrv_eject(s->bs, !start);
845 s->tray_open = !start;
846 }
847 return 0;
848 }
849
850 static int scsi_disk_emulate_command(SCSIDiskReq *r)
851 {
852 SCSIRequest *req = &r->req;
853 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
854 uint64_t nb_sectors;
855 uint8_t *outbuf;
856 int buflen = 0;
857
858 if (!r->iov.iov_base) {
859 /*
860 * FIXME: we shouldn't return anything bigger than 4k, but the code
861 * requires the buffer to be as big as req->cmd.xfer in several
862 * places. So, do not allow CDBs with a very large ALLOCATION
863 * LENGTH. The real fix would be to modify scsi_read_data and
864 * dma_buf_read, so that they return data beyond the buflen
865 * as all zeros.
866 */
867 if (req->cmd.xfer > 65536) {
868 goto illegal_request;
869 }
870 r->buflen = MAX(4096, req->cmd.xfer);
871 r->iov.iov_base = qemu_blockalign(s->bs, r->buflen);
872 }
873
874 outbuf = r->iov.iov_base;
875 switch (req->cmd.buf[0]) {
876 case TEST_UNIT_READY:
877 if (s->tray_open || !bdrv_is_inserted(s->bs))
878 goto not_ready;
879 break;
880 case INQUIRY:
881 buflen = scsi_disk_emulate_inquiry(req, outbuf);
882 if (buflen < 0)
883 goto illegal_request;
884 break;
885 case MODE_SENSE:
886 case MODE_SENSE_10:
887 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
888 if (buflen < 0)
889 goto illegal_request;
890 break;
891 case READ_TOC:
892 buflen = scsi_disk_emulate_read_toc(req, outbuf);
893 if (buflen < 0)
894 goto illegal_request;
895 break;
896 case RESERVE:
897 if (req->cmd.buf[1] & 1)
898 goto illegal_request;
899 break;
900 case RESERVE_10:
901 if (req->cmd.buf[1] & 3)
902 goto illegal_request;
903 break;
904 case RELEASE:
905 if (req->cmd.buf[1] & 1)
906 goto illegal_request;
907 break;
908 case RELEASE_10:
909 if (req->cmd.buf[1] & 3)
910 goto illegal_request;
911 break;
912 case START_STOP:
913 if (scsi_disk_emulate_start_stop(r) < 0) {
914 return -1;
915 }
916 break;
917 case ALLOW_MEDIUM_REMOVAL:
918 s->tray_locked = req->cmd.buf[4] & 1;
919 bdrv_lock_medium(s->bs, req->cmd.buf[4] & 1);
920 break;
921 case READ_CAPACITY_10:
922 /* The normal LEN field for this command is zero. */
923 memset(outbuf, 0, 8);
924 bdrv_get_geometry(s->bs, &nb_sectors);
925 if (!nb_sectors)
926 goto not_ready;
927 nb_sectors /= s->cluster_size;
928 /* Returned value is the address of the last sector. */
929 nb_sectors--;
930 /* Remember the new size for read/write sanity checking. */
931 s->max_lba = nb_sectors;
932 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
933 if (nb_sectors > UINT32_MAX)
934 nb_sectors = UINT32_MAX;
935 outbuf[0] = (nb_sectors >> 24) & 0xff;
936 outbuf[1] = (nb_sectors >> 16) & 0xff;
937 outbuf[2] = (nb_sectors >> 8) & 0xff;
938 outbuf[3] = nb_sectors & 0xff;
939 outbuf[4] = 0;
940 outbuf[5] = 0;
941 outbuf[6] = s->cluster_size * 2;
942 outbuf[7] = 0;
943 buflen = 8;
944 break;
945 case GET_CONFIGURATION:
946 memset(outbuf, 0, 8);
947 /* ??? This should probably return much more information. For now
948 just return the basic header indicating the CD-ROM profile. */
949 outbuf[7] = 8; // CD-ROM
950 buflen = 8;
951 break;
952 case SERVICE_ACTION_IN_16:
953 /* Service Action In subcommands. */
954 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
955 DPRINTF("SAI READ CAPACITY(16)\n");
956 memset(outbuf, 0, req->cmd.xfer);
957 bdrv_get_geometry(s->bs, &nb_sectors);
958 if (!nb_sectors)
959 goto not_ready;
960 nb_sectors /= s->cluster_size;
961 /* Returned value is the address of the last sector. */
962 nb_sectors--;
963 /* Remember the new size for read/write sanity checking. */
964 s->max_lba = nb_sectors;
965 outbuf[0] = (nb_sectors >> 56) & 0xff;
966 outbuf[1] = (nb_sectors >> 48) & 0xff;
967 outbuf[2] = (nb_sectors >> 40) & 0xff;
968 outbuf[3] = (nb_sectors >> 32) & 0xff;
969 outbuf[4] = (nb_sectors >> 24) & 0xff;
970 outbuf[5] = (nb_sectors >> 16) & 0xff;
971 outbuf[6] = (nb_sectors >> 8) & 0xff;
972 outbuf[7] = nb_sectors & 0xff;
973 outbuf[8] = 0;
974 outbuf[9] = 0;
975 outbuf[10] = s->cluster_size * 2;
976 outbuf[11] = 0;
977 outbuf[12] = 0;
978 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
979
980 /* set TPE bit if the format supports discard */
981 if (s->qdev.conf.discard_granularity) {
982 outbuf[14] = 0x80;
983 }
984
985 /* Protection, exponent and lowest lba field left blank. */
986 buflen = req->cmd.xfer;
987 break;
988 }
989 DPRINTF("Unsupported Service Action In\n");
990 goto illegal_request;
991 case VERIFY_10:
992 break;
993 default:
994 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
995 return -1;
996 }
997 return buflen;
998
999 not_ready:
1000 if (s->tray_open || !bdrv_is_inserted(s->bs)) {
1001 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1002 } else {
1003 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
1004 }
1005 return -1;
1006
1007 illegal_request:
1008 if (r->req.status == -1) {
1009 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1010 }
1011 return -1;
1012 }
1013
1014 /* Execute a scsi command. Returns the length of the data expected by the
1015 command. This will be Positive for data transfers from the device
1016 (eg. disk reads), negative for transfers to the device (eg. disk writes),
1017 and zero if the command does not transfer any data. */
1018
1019 static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf)
1020 {
1021 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1022 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1023 int32_t len;
1024 uint8_t command;
1025 int rc;
1026
1027 command = buf[0];
1028 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", req->lun, req->tag, buf[0]);
1029
1030 #ifdef DEBUG_SCSI
1031 {
1032 int i;
1033 for (i = 1; i < r->req.cmd.len; i++) {
1034 printf(" 0x%02x", buf[i]);
1035 }
1036 printf("\n");
1037 }
1038 #endif
1039
1040 switch (command) {
1041 case TEST_UNIT_READY:
1042 case INQUIRY:
1043 case MODE_SENSE:
1044 case MODE_SENSE_10:
1045 case RESERVE:
1046 case RESERVE_10:
1047 case RELEASE:
1048 case RELEASE_10:
1049 case START_STOP:
1050 case ALLOW_MEDIUM_REMOVAL:
1051 case READ_CAPACITY_10:
1052 case READ_TOC:
1053 case GET_CONFIGURATION:
1054 case SERVICE_ACTION_IN_16:
1055 case VERIFY_10:
1056 rc = scsi_disk_emulate_command(r);
1057 if (rc < 0) {
1058 return 0;
1059 }
1060
1061 r->iov.iov_len = rc;
1062 break;
1063 case SYNCHRONIZE_CACHE:
1064 bdrv_acct_start(s->bs, &r->acct, 0, BDRV_ACCT_FLUSH);
1065 r->req.aiocb = bdrv_aio_flush(s->bs, scsi_flush_complete, r);
1066 if (r->req.aiocb == NULL) {
1067 scsi_flush_complete(r, -EIO);
1068 }
1069 return 0;
1070 case READ_6:
1071 case READ_10:
1072 case READ_12:
1073 case READ_16:
1074 len = r->req.cmd.xfer / s->qdev.blocksize;
1075 DPRINTF("Read (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len);
1076 if (r->req.cmd.lba > s->max_lba)
1077 goto illegal_lba;
1078 r->sector = r->req.cmd.lba * s->cluster_size;
1079 r->sector_count = len * s->cluster_size;
1080 break;
1081 case WRITE_6:
1082 case WRITE_10:
1083 case WRITE_12:
1084 case WRITE_16:
1085 case WRITE_VERIFY_10:
1086 case WRITE_VERIFY_12:
1087 case WRITE_VERIFY_16:
1088 len = r->req.cmd.xfer / s->qdev.blocksize;
1089 DPRINTF("Write %s(sector %" PRId64 ", count %d)\n",
1090 (command & 0xe) == 0xe ? "And Verify " : "",
1091 r->req.cmd.lba, len);
1092 if (r->req.cmd.lba > s->max_lba)
1093 goto illegal_lba;
1094 r->sector = r->req.cmd.lba * s->cluster_size;
1095 r->sector_count = len * s->cluster_size;
1096 break;
1097 case MODE_SELECT:
1098 DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
1099 /* We don't support mode parameter changes.
1100 Allow the mode parameter header + block descriptors only. */
1101 if (r->req.cmd.xfer > 12) {
1102 goto fail;
1103 }
1104 break;
1105 case MODE_SELECT_10:
1106 DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
1107 /* We don't support mode parameter changes.
1108 Allow the mode parameter header + block descriptors only. */
1109 if (r->req.cmd.xfer > 16) {
1110 goto fail;
1111 }
1112 break;
1113 case SEEK_6:
1114 case SEEK_10:
1115 DPRINTF("Seek(%d) (sector %" PRId64 ")\n", command == SEEK_6 ? 6 : 10,
1116 r->req.cmd.lba);
1117 if (r->req.cmd.lba > s->max_lba) {
1118 goto illegal_lba;
1119 }
1120 break;
1121 case WRITE_SAME_16:
1122 len = r->req.cmd.xfer / s->qdev.blocksize;
1123
1124 DPRINTF("WRITE SAME(16) (sector %" PRId64 ", count %d)\n",
1125 r->req.cmd.lba, len);
1126
1127 if (r->req.cmd.lba > s->max_lba) {
1128 goto illegal_lba;
1129 }
1130
1131 /*
1132 * We only support WRITE SAME with the unmap bit set for now.
1133 */
1134 if (!(buf[1] & 0x8)) {
1135 goto fail;
1136 }
1137
1138 rc = bdrv_discard(s->bs, r->req.cmd.lba * s->cluster_size,
1139 len * s->cluster_size);
1140 if (rc < 0) {
1141 /* XXX: better error code ?*/
1142 goto fail;
1143 }
1144
1145 break;
1146 case REQUEST_SENSE:
1147 abort();
1148 default:
1149 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
1150 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
1151 return 0;
1152 fail:
1153 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1154 return 0;
1155 illegal_lba:
1156 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1157 return 0;
1158 }
1159 if (r->sector_count == 0 && r->iov.iov_len == 0) {
1160 scsi_req_complete(&r->req, GOOD);
1161 }
1162 len = r->sector_count * 512 + r->iov.iov_len;
1163 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
1164 return -len;
1165 } else {
1166 if (!r->sector_count)
1167 r->sector_count = -1;
1168 return len;
1169 }
1170 }
1171
1172 static void scsi_disk_reset(DeviceState *dev)
1173 {
1174 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
1175 uint64_t nb_sectors;
1176
1177 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
1178
1179 bdrv_get_geometry(s->bs, &nb_sectors);
1180 nb_sectors /= s->cluster_size;
1181 if (nb_sectors) {
1182 nb_sectors--;
1183 }
1184 s->max_lba = nb_sectors;
1185 }
1186
1187 static void scsi_destroy(SCSIDevice *dev)
1188 {
1189 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1190
1191 scsi_device_purge_requests(&s->qdev, SENSE_CODE(NO_SENSE));
1192 blockdev_mark_auto_del(s->qdev.conf.bs);
1193 }
1194
1195 static void scsi_cd_change_media_cb(void *opaque, bool load)
1196 {
1197 ((SCSIDiskState *)opaque)->tray_open = !load;
1198 }
1199
1200 static bool scsi_cd_is_tray_open(void *opaque)
1201 {
1202 return ((SCSIDiskState *)opaque)->tray_open;
1203 }
1204
1205 static bool scsi_cd_is_medium_locked(void *opaque)
1206 {
1207 return ((SCSIDiskState *)opaque)->tray_locked;
1208 }
1209
1210 static const BlockDevOps scsi_cd_block_ops = {
1211 .change_media_cb = scsi_cd_change_media_cb,
1212 .is_tray_open = scsi_cd_is_tray_open,
1213 .is_medium_locked = scsi_cd_is_medium_locked,
1214 };
1215
1216 static int scsi_initfn(SCSIDevice *dev, uint8_t scsi_type)
1217 {
1218 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1219 DriveInfo *dinfo;
1220
1221 if (!s->qdev.conf.bs) {
1222 error_report("scsi-disk: drive property not set");
1223 return -1;
1224 }
1225 s->bs = s->qdev.conf.bs;
1226
1227 if (scsi_type == TYPE_DISK && !bdrv_is_inserted(s->bs)) {
1228 error_report("Device needs media, but drive is empty");
1229 return -1;
1230 }
1231
1232 if (!s->serial) {
1233 /* try to fall back to value set with legacy -drive serial=... */
1234 dinfo = drive_get_by_blockdev(s->bs);
1235 if (*dinfo->serial) {
1236 s->serial = g_strdup(dinfo->serial);
1237 }
1238 }
1239
1240 if (!s->version) {
1241 s->version = g_strdup(QEMU_VERSION);
1242 }
1243
1244 if (bdrv_is_sg(s->bs)) {
1245 error_report("scsi-disk: unwanted /dev/sg*");
1246 return -1;
1247 }
1248
1249 if (scsi_type == TYPE_ROM) {
1250 bdrv_set_dev_ops(s->bs, &scsi_cd_block_ops, s);
1251 s->qdev.blocksize = 2048;
1252 } else if (scsi_type == TYPE_DISK) {
1253 s->qdev.blocksize = s->qdev.conf.logical_block_size;
1254 } else {
1255 error_report("scsi-disk: Unhandled SCSI type %02x", scsi_type);
1256 return -1;
1257 }
1258 s->cluster_size = s->qdev.blocksize / 512;
1259 bdrv_set_buffer_alignment(s->bs, s->qdev.blocksize);
1260
1261 s->qdev.type = scsi_type;
1262 qemu_add_vm_change_state_handler(scsi_dma_restart_cb, s);
1263 add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, ",0");
1264 return 0;
1265 }
1266
1267 static int scsi_hd_initfn(SCSIDevice *dev)
1268 {
1269 return scsi_initfn(dev, TYPE_DISK);
1270 }
1271
1272 static int scsi_cd_initfn(SCSIDevice *dev)
1273 {
1274 return scsi_initfn(dev, TYPE_ROM);
1275 }
1276
1277 static int scsi_disk_initfn(SCSIDevice *dev)
1278 {
1279 DriveInfo *dinfo;
1280 uint8_t scsi_type;
1281
1282 if (!dev->conf.bs) {
1283 scsi_type = TYPE_DISK; /* will die in scsi_initfn() */
1284 } else {
1285 dinfo = drive_get_by_blockdev(dev->conf.bs);
1286 scsi_type = dinfo->media_cd ? TYPE_ROM : TYPE_DISK;
1287 }
1288
1289 return scsi_initfn(dev, scsi_type);
1290 }
1291
1292 static SCSIReqOps scsi_disk_reqops = {
1293 .size = sizeof(SCSIDiskReq),
1294 .free_req = scsi_free_request,
1295 .send_command = scsi_send_command,
1296 .read_data = scsi_read_data,
1297 .write_data = scsi_write_data,
1298 .cancel_io = scsi_cancel_io,
1299 .get_buf = scsi_get_buf,
1300 };
1301
1302 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag,
1303 uint32_t lun, void *hba_private)
1304 {
1305 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
1306 SCSIRequest *req;
1307
1308 req = scsi_req_alloc(&scsi_disk_reqops, &s->qdev, tag, lun, hba_private);
1309 return req;
1310 }
1311
1312 #define DEFINE_SCSI_DISK_PROPERTIES() \
1313 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \
1314 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
1315 DEFINE_PROP_STRING("serial", SCSIDiskState, serial)
1316
1317 static SCSIDeviceInfo scsi_disk_info[] = {
1318 {
1319 .qdev.name = "scsi-hd",
1320 .qdev.fw_name = "disk",
1321 .qdev.desc = "virtual SCSI disk",
1322 .qdev.size = sizeof(SCSIDiskState),
1323 .qdev.reset = scsi_disk_reset,
1324 .init = scsi_hd_initfn,
1325 .destroy = scsi_destroy,
1326 .alloc_req = scsi_new_request,
1327 .qdev.props = (Property[]) {
1328 DEFINE_SCSI_DISK_PROPERTIES(),
1329 DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false),
1330 DEFINE_PROP_END_OF_LIST(),
1331 }
1332 },{
1333 .qdev.name = "scsi-cd",
1334 .qdev.fw_name = "disk",
1335 .qdev.desc = "virtual SCSI CD-ROM",
1336 .qdev.size = sizeof(SCSIDiskState),
1337 .qdev.reset = scsi_disk_reset,
1338 .init = scsi_cd_initfn,
1339 .destroy = scsi_destroy,
1340 .alloc_req = scsi_new_request,
1341 .qdev.props = (Property[]) {
1342 DEFINE_SCSI_DISK_PROPERTIES(),
1343 DEFINE_PROP_END_OF_LIST(),
1344 },
1345 },{
1346 .qdev.name = "scsi-disk", /* legacy -device scsi-disk */
1347 .qdev.fw_name = "disk",
1348 .qdev.desc = "virtual SCSI disk or CD-ROM (legacy)",
1349 .qdev.size = sizeof(SCSIDiskState),
1350 .qdev.reset = scsi_disk_reset,
1351 .init = scsi_disk_initfn,
1352 .destroy = scsi_destroy,
1353 .alloc_req = scsi_new_request,
1354 .qdev.props = (Property[]) {
1355 DEFINE_SCSI_DISK_PROPERTIES(),
1356 DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false),
1357 DEFINE_PROP_END_OF_LIST(),
1358 }
1359 }
1360 };
1361
1362 static void scsi_disk_register_devices(void)
1363 {
1364 int i;
1365
1366 for (i = 0; i < ARRAY_SIZE(scsi_disk_info); i++) {
1367 scsi_qdev_register(&scsi_disk_info[i]);
1368 }
1369 }
1370 device_init(scsi_disk_register_devices)
Qemu copy for testing