1 /* 2 * SCSI Device emulation 3 * 4 * Copyright (c) 2006 CodeSourcery. 5 * Based on code by Fabrice Bellard 6 * 7 * Written by Paul Brook 8 * Modifications: 9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case 10 * when the allocation length of CDB is smaller 11 * than 36. 12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the 13 * MODE SENSE response. 14 * 15 * This code is licensed under the LGPL. 16 * 17 * Note that this file only handles the SCSI architecture model and device 18 * commands. Emulation of interface/link layer protocols is handled by 19 * the host adapter emulator. 20 */ 21 22 //#define DEBUG_SCSI 23 24 #ifdef DEBUG_SCSI 25 #define DPRINTF(fmt, ...) \ 26 do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0) 27 #else 28 #define DPRINTF(fmt, ...) do {} while(0) 29 #endif 30 31 #include "qemu/osdep.h" 32 #include "qapi/error.h" 33 #include "qemu/error-report.h" 34 #include "hw/scsi/scsi.h" 35 #include "scsi/constants.h" 36 #include "sysemu/sysemu.h" 37 #include "sysemu/block-backend.h" 38 #include "sysemu/blockdev.h" 39 #include "hw/block/block.h" 40 #include "sysemu/dma.h" 41 #include "qemu/cutils.h" 42 43 #ifdef __linux 44 #include <scsi/sg.h> 45 #endif 46 47 #define SCSI_WRITE_SAME_MAX 524288 48 #define SCSI_DMA_BUF_SIZE 131072 49 #define SCSI_MAX_INQUIRY_LEN 256 50 #define SCSI_MAX_MODE_LEN 256 51 52 #define DEFAULT_DISCARD_GRANULARITY 4096 53 #define DEFAULT_MAX_UNMAP_SIZE (1 << 30) /* 1 GB */ 54 #define DEFAULT_MAX_IO_SIZE INT_MAX /* 2 GB - 1 block */ 55 56 #define TYPE_SCSI_DISK_BASE "scsi-disk-base" 57 58 #define SCSI_DISK_BASE(obj) \ 59 OBJECT_CHECK(SCSIDiskState, (obj), TYPE_SCSI_DISK_BASE) 60 #define SCSI_DISK_BASE_CLASS(klass) \ 61 OBJECT_CLASS_CHECK(SCSIDiskClass, (klass), TYPE_SCSI_DISK_BASE) 62 #define SCSI_DISK_BASE_GET_CLASS(obj) \ 63 OBJECT_GET_CLASS(SCSIDiskClass, (obj), TYPE_SCSI_DISK_BASE) 64 65 typedef struct SCSIDiskClass { 66 SCSIDeviceClass parent_class; 67 DMAIOFunc *dma_readv; 68 DMAIOFunc *dma_writev; 69 bool (*need_fua_emulation)(SCSICommand *cmd); 70 } SCSIDiskClass; 71 72 typedef struct SCSIDiskReq { 73 SCSIRequest req; 74 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */ 75 uint64_t sector; 76 uint32_t sector_count; 77 uint32_t buflen; 78 bool started; 79 bool need_fua_emulation; 80 struct iovec iov; 81 QEMUIOVector qiov; 82 BlockAcctCookie acct; 83 unsigned char *status; 84 } SCSIDiskReq; 85 86 #define SCSI_DISK_F_REMOVABLE 0 87 #define SCSI_DISK_F_DPOFUA 1 88 #define SCSI_DISK_F_NO_REMOVABLE_DEVOPS 2 89 90 typedef struct SCSIDiskState 91 { 92 SCSIDevice qdev; 93 uint32_t features; 94 bool media_changed; 95 bool media_event; 96 bool eject_request; 97 uint16_t port_index; 98 uint64_t max_unmap_size; 99 uint64_t max_io_size; 100 QEMUBH *bh; 101 char *version; 102 char *serial; 103 char *vendor; 104 char *product; 105 bool tray_open; 106 bool tray_locked; 107 /* 108 * 0x0000 - rotation rate not reported 109 * 0x0001 - non-rotating medium (SSD) 110 * 0x0002-0x0400 - reserved 111 * 0x0401-0xffe - rotations per minute 112 * 0xffff - reserved 113 */ 114 uint16_t rotation_rate; 115 } SCSIDiskState; 116 117 static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed); 118 119 static void scsi_free_request(SCSIRequest *req) 120 { 121 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); 122 123 qemu_vfree(r->iov.iov_base); 124 } 125 126 /* Helper function for command completion with sense. */ 127 static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense) 128 { 129 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n", 130 r->req.tag, sense.key, sense.asc, sense.ascq); 131 scsi_req_build_sense(&r->req, sense); 132 scsi_req_complete(&r->req, CHECK_CONDITION); 133 } 134 135 static void scsi_init_iovec(SCSIDiskReq *r, size_t size) 136 { 137 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 138 139 if (!r->iov.iov_base) { 140 r->buflen = size; 141 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen); 142 } 143 r->iov.iov_len = MIN(r->sector_count * 512, r->buflen); 144 qemu_iovec_init_external(&r->qiov, &r->iov, 1); 145 } 146 147 static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req) 148 { 149 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); 150 151 qemu_put_be64s(f, &r->sector); 152 qemu_put_be32s(f, &r->sector_count); 153 qemu_put_be32s(f, &r->buflen); 154 if (r->buflen) { 155 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { 156 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len); 157 } else if (!req->retry) { 158 uint32_t len = r->iov.iov_len; 159 qemu_put_be32s(f, &len); 160 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len); 161 } 162 } 163 } 164 165 static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req) 166 { 167 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); 168 169 qemu_get_be64s(f, &r->sector); 170 qemu_get_be32s(f, &r->sector_count); 171 qemu_get_be32s(f, &r->buflen); 172 if (r->buflen) { 173 scsi_init_iovec(r, r->buflen); 174 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { 175 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len); 176 } else if (!r->req.retry) { 177 uint32_t len; 178 qemu_get_be32s(f, &len); 179 r->iov.iov_len = len; 180 assert(r->iov.iov_len <= r->buflen); 181 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len); 182 } 183 } 184 185 qemu_iovec_init_external(&r->qiov, &r->iov, 1); 186 } 187 188 static bool scsi_disk_req_check_error(SCSIDiskReq *r, int ret, bool acct_failed) 189 { 190 if (r->req.io_canceled) { 191 scsi_req_cancel_complete(&r->req); 192 return true; 193 } 194 195 if (ret < 0 || (r->status && *r->status)) { 196 return scsi_handle_rw_error(r, -ret, acct_failed); 197 } 198 199 return false; 200 } 201 202 static void scsi_aio_complete(void *opaque, int ret) 203 { 204 SCSIDiskReq *r = (SCSIDiskReq *)opaque; 205 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 206 207 assert(r->req.aiocb != NULL); 208 r->req.aiocb = NULL; 209 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk)); 210 if (scsi_disk_req_check_error(r, ret, true)) { 211 goto done; 212 } 213 214 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct); 215 scsi_req_complete(&r->req, GOOD); 216 217 done: 218 aio_context_release(blk_get_aio_context(s->qdev.conf.blk)); 219 scsi_req_unref(&r->req); 220 } 221 222 static bool scsi_is_cmd_fua(SCSICommand *cmd) 223 { 224 switch (cmd->buf[0]) { 225 case READ_10: 226 case READ_12: 227 case READ_16: 228 case WRITE_10: 229 case WRITE_12: 230 case WRITE_16: 231 return (cmd->buf[1] & 8) != 0; 232 233 case VERIFY_10: 234 case VERIFY_12: 235 case VERIFY_16: 236 case WRITE_VERIFY_10: 237 case WRITE_VERIFY_12: 238 case WRITE_VERIFY_16: 239 return true; 240 241 case READ_6: 242 case WRITE_6: 243 default: 244 return false; 245 } 246 } 247 248 static void scsi_write_do_fua(SCSIDiskReq *r) 249 { 250 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 251 252 assert(r->req.aiocb == NULL); 253 assert(!r->req.io_canceled); 254 255 if (r->need_fua_emulation) { 256 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0, 257 BLOCK_ACCT_FLUSH); 258 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r); 259 return; 260 } 261 262 scsi_req_complete(&r->req, GOOD); 263 scsi_req_unref(&r->req); 264 } 265 266 static void scsi_dma_complete_noio(SCSIDiskReq *r, int ret) 267 { 268 assert(r->req.aiocb == NULL); 269 if (scsi_disk_req_check_error(r, ret, false)) { 270 goto done; 271 } 272 273 r->sector += r->sector_count; 274 r->sector_count = 0; 275 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { 276 scsi_write_do_fua(r); 277 return; 278 } else { 279 scsi_req_complete(&r->req, GOOD); 280 } 281 282 done: 283 scsi_req_unref(&r->req); 284 } 285 286 static void scsi_dma_complete(void *opaque, int ret) 287 { 288 SCSIDiskReq *r = (SCSIDiskReq *)opaque; 289 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 290 291 assert(r->req.aiocb != NULL); 292 r->req.aiocb = NULL; 293 294 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk)); 295 if (ret < 0) { 296 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct); 297 } else { 298 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct); 299 } 300 scsi_dma_complete_noio(r, ret); 301 aio_context_release(blk_get_aio_context(s->qdev.conf.blk)); 302 } 303 304 static void scsi_read_complete(void * opaque, int ret) 305 { 306 SCSIDiskReq *r = (SCSIDiskReq *)opaque; 307 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 308 int n; 309 310 assert(r->req.aiocb != NULL); 311 r->req.aiocb = NULL; 312 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk)); 313 if (scsi_disk_req_check_error(r, ret, true)) { 314 goto done; 315 } 316 317 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct); 318 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->qiov.size); 319 320 n = r->qiov.size / 512; 321 r->sector += n; 322 r->sector_count -= n; 323 scsi_req_data(&r->req, r->qiov.size); 324 325 done: 326 scsi_req_unref(&r->req); 327 aio_context_release(blk_get_aio_context(s->qdev.conf.blk)); 328 } 329 330 /* Actually issue a read to the block device. */ 331 static void scsi_do_read(SCSIDiskReq *r, int ret) 332 { 333 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 334 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s)); 335 336 assert (r->req.aiocb == NULL); 337 if (scsi_disk_req_check_error(r, ret, false)) { 338 goto done; 339 } 340 341 /* The request is used as the AIO opaque value, so add a ref. */ 342 scsi_req_ref(&r->req); 343 344 if (r->req.sg) { 345 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_READ); 346 r->req.resid -= r->req.sg->size; 347 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk), 348 r->req.sg, r->sector << BDRV_SECTOR_BITS, 349 BDRV_SECTOR_SIZE, 350 sdc->dma_readv, r, scsi_dma_complete, r, 351 DMA_DIRECTION_FROM_DEVICE); 352 } else { 353 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE); 354 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 355 r->qiov.size, BLOCK_ACCT_READ); 356 r->req.aiocb = sdc->dma_readv(r->sector << BDRV_SECTOR_BITS, &r->qiov, 357 scsi_read_complete, r, r); 358 } 359 360 done: 361 scsi_req_unref(&r->req); 362 } 363 364 static void scsi_do_read_cb(void *opaque, int ret) 365 { 366 SCSIDiskReq *r = (SCSIDiskReq *)opaque; 367 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 368 369 assert (r->req.aiocb != NULL); 370 r->req.aiocb = NULL; 371 372 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk)); 373 if (ret < 0) { 374 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct); 375 } else { 376 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct); 377 } 378 scsi_do_read(opaque, ret); 379 aio_context_release(blk_get_aio_context(s->qdev.conf.blk)); 380 } 381 382 /* Read more data from scsi device into buffer. */ 383 static void scsi_read_data(SCSIRequest *req) 384 { 385 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); 386 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 387 bool first; 388 389 DPRINTF("Read sector_count=%d\n", r->sector_count); 390 if (r->sector_count == 0) { 391 /* This also clears the sense buffer for REQUEST SENSE. */ 392 scsi_req_complete(&r->req, GOOD); 393 return; 394 } 395 396 /* No data transfer may already be in progress */ 397 assert(r->req.aiocb == NULL); 398 399 /* The request is used as the AIO opaque value, so add a ref. */ 400 scsi_req_ref(&r->req); 401 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { 402 DPRINTF("Data transfer direction invalid\n"); 403 scsi_read_complete(r, -EINVAL); 404 return; 405 } 406 407 if (!blk_is_available(req->dev->conf.blk)) { 408 scsi_read_complete(r, -ENOMEDIUM); 409 return; 410 } 411 412 first = !r->started; 413 r->started = true; 414 if (first && r->need_fua_emulation) { 415 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0, 416 BLOCK_ACCT_FLUSH); 417 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_do_read_cb, r); 418 } else { 419 scsi_do_read(r, 0); 420 } 421 } 422 423 /* 424 * scsi_handle_rw_error has two return values. False means that the error 425 * must be ignored, true means that the error has been processed and the 426 * caller should not do anything else for this request. Note that 427 * scsi_handle_rw_error always manages its reference counts, independent 428 * of the return value. 429 */ 430 static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed) 431 { 432 bool is_read = (r->req.cmd.mode == SCSI_XFER_FROM_DEV); 433 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 434 BlockErrorAction action = blk_get_error_action(s->qdev.conf.blk, 435 is_read, error); 436 437 if (action == BLOCK_ERROR_ACTION_REPORT) { 438 if (acct_failed) { 439 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct); 440 } 441 switch (error) { 442 case 0: 443 /* The command has run, no need to fake sense. */ 444 assert(r->status && *r->status); 445 scsi_req_complete(&r->req, *r->status); 446 break; 447 case ENOMEDIUM: 448 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM)); 449 break; 450 case ENOMEM: 451 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE)); 452 break; 453 case EINVAL: 454 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); 455 break; 456 case ENOSPC: 457 scsi_check_condition(r, SENSE_CODE(SPACE_ALLOC_FAILED)); 458 break; 459 default: 460 scsi_check_condition(r, SENSE_CODE(IO_ERROR)); 461 break; 462 } 463 } 464 if (!error) { 465 assert(r->status && *r->status); 466 error = scsi_sense_buf_to_errno(r->req.sense, sizeof(r->req.sense)); 467 468 if (error == ECANCELED || error == EAGAIN || error == ENOTCONN || 469 error == 0) { 470 /* These errors are handled by guest. */ 471 scsi_req_complete(&r->req, *r->status); 472 return true; 473 } 474 } 475 476 blk_error_action(s->qdev.conf.blk, action, is_read, error); 477 if (action == BLOCK_ERROR_ACTION_STOP) { 478 scsi_req_retry(&r->req); 479 } 480 return action != BLOCK_ERROR_ACTION_IGNORE; 481 } 482 483 static void scsi_write_complete_noio(SCSIDiskReq *r, int ret) 484 { 485 uint32_t n; 486 487 assert (r->req.aiocb == NULL); 488 if (scsi_disk_req_check_error(r, ret, false)) { 489 goto done; 490 } 491 492 n = r->qiov.size / 512; 493 r->sector += n; 494 r->sector_count -= n; 495 if (r->sector_count == 0) { 496 scsi_write_do_fua(r); 497 return; 498 } else { 499 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE); 500 DPRINTF("Write complete tag=0x%x more=%zd\n", r->req.tag, r->qiov.size); 501 scsi_req_data(&r->req, r->qiov.size); 502 } 503 504 done: 505 scsi_req_unref(&r->req); 506 } 507 508 static void scsi_write_complete(void * opaque, int ret) 509 { 510 SCSIDiskReq *r = (SCSIDiskReq *)opaque; 511 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 512 513 assert (r->req.aiocb != NULL); 514 r->req.aiocb = NULL; 515 516 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk)); 517 if (ret < 0) { 518 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct); 519 } else { 520 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct); 521 } 522 scsi_write_complete_noio(r, ret); 523 aio_context_release(blk_get_aio_context(s->qdev.conf.blk)); 524 } 525 526 static void scsi_write_data(SCSIRequest *req) 527 { 528 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); 529 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 530 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s)); 531 532 /* No data transfer may already be in progress */ 533 assert(r->req.aiocb == NULL); 534 535 /* The request is used as the AIO opaque value, so add a ref. */ 536 scsi_req_ref(&r->req); 537 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) { 538 DPRINTF("Data transfer direction invalid\n"); 539 scsi_write_complete_noio(r, -EINVAL); 540 return; 541 } 542 543 if (!r->req.sg && !r->qiov.size) { 544 /* Called for the first time. Ask the driver to send us more data. */ 545 r->started = true; 546 scsi_write_complete_noio(r, 0); 547 return; 548 } 549 if (!blk_is_available(req->dev->conf.blk)) { 550 scsi_write_complete_noio(r, -ENOMEDIUM); 551 return; 552 } 553 554 if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 || 555 r->req.cmd.buf[0] == VERIFY_16) { 556 if (r->req.sg) { 557 scsi_dma_complete_noio(r, 0); 558 } else { 559 scsi_write_complete_noio(r, 0); 560 } 561 return; 562 } 563 564 if (r->req.sg) { 565 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_WRITE); 566 r->req.resid -= r->req.sg->size; 567 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk), 568 r->req.sg, r->sector << BDRV_SECTOR_BITS, 569 BDRV_SECTOR_SIZE, 570 sdc->dma_writev, r, scsi_dma_complete, r, 571 DMA_DIRECTION_TO_DEVICE); 572 } else { 573 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 574 r->qiov.size, BLOCK_ACCT_WRITE); 575 r->req.aiocb = sdc->dma_writev(r->sector << BDRV_SECTOR_BITS, &r->qiov, 576 scsi_write_complete, r, r); 577 } 578 } 579 580 /* Return a pointer to the data buffer. */ 581 static uint8_t *scsi_get_buf(SCSIRequest *req) 582 { 583 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); 584 585 return (uint8_t *)r->iov.iov_base; 586 } 587 588 static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf) 589 { 590 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); 591 int buflen = 0; 592 int start; 593 594 if (req->cmd.buf[1] & 0x1) { 595 /* Vital product data */ 596 uint8_t page_code = req->cmd.buf[2]; 597 598 outbuf[buflen++] = s->qdev.type & 0x1f; 599 outbuf[buflen++] = page_code ; // this page 600 outbuf[buflen++] = 0x00; 601 outbuf[buflen++] = 0x00; 602 start = buflen; 603 604 switch (page_code) { 605 case 0x00: /* Supported page codes, mandatory */ 606 { 607 DPRINTF("Inquiry EVPD[Supported pages] " 608 "buffer size %zd\n", req->cmd.xfer); 609 outbuf[buflen++] = 0x00; // list of supported pages (this page) 610 if (s->serial) { 611 outbuf[buflen++] = 0x80; // unit serial number 612 } 613 outbuf[buflen++] = 0x83; // device identification 614 if (s->qdev.type == TYPE_DISK) { 615 outbuf[buflen++] = 0xb0; // block limits 616 outbuf[buflen++] = 0xb1; /* block device characteristics */ 617 outbuf[buflen++] = 0xb2; // thin provisioning 618 } 619 break; 620 } 621 case 0x80: /* Device serial number, optional */ 622 { 623 int l; 624 625 if (!s->serial) { 626 DPRINTF("Inquiry (EVPD[Serial number] not supported\n"); 627 return -1; 628 } 629 630 l = strlen(s->serial); 631 if (l > 36) { 632 l = 36; 633 } 634 635 DPRINTF("Inquiry EVPD[Serial number] " 636 "buffer size %zd\n", req->cmd.xfer); 637 memcpy(outbuf+buflen, s->serial, l); 638 buflen += l; 639 break; 640 } 641 642 case 0x83: /* Device identification page, mandatory */ 643 { 644 const char *str = s->serial ?: blk_name(s->qdev.conf.blk); 645 int max_len = s->serial ? 20 : 255 - 8; 646 int id_len = strlen(str); 647 648 if (id_len > max_len) { 649 id_len = max_len; 650 } 651 DPRINTF("Inquiry EVPD[Device identification] " 652 "buffer size %zd\n", req->cmd.xfer); 653 654 outbuf[buflen++] = 0x2; // ASCII 655 outbuf[buflen++] = 0; // not officially assigned 656 outbuf[buflen++] = 0; // reserved 657 outbuf[buflen++] = id_len; // length of data following 658 memcpy(outbuf+buflen, str, id_len); 659 buflen += id_len; 660 661 if (s->qdev.wwn) { 662 outbuf[buflen++] = 0x1; // Binary 663 outbuf[buflen++] = 0x3; // NAA 664 outbuf[buflen++] = 0; // reserved 665 outbuf[buflen++] = 8; 666 stq_be_p(&outbuf[buflen], s->qdev.wwn); 667 buflen += 8; 668 } 669 670 if (s->qdev.port_wwn) { 671 outbuf[buflen++] = 0x61; // SAS / Binary 672 outbuf[buflen++] = 0x93; // PIV / Target port / NAA 673 outbuf[buflen++] = 0; // reserved 674 outbuf[buflen++] = 8; 675 stq_be_p(&outbuf[buflen], s->qdev.port_wwn); 676 buflen += 8; 677 } 678 679 if (s->port_index) { 680 outbuf[buflen++] = 0x61; // SAS / Binary 681 outbuf[buflen++] = 0x94; // PIV / Target port / relative target port 682 outbuf[buflen++] = 0; // reserved 683 outbuf[buflen++] = 4; 684 stw_be_p(&outbuf[buflen + 2], s->port_index); 685 buflen += 4; 686 } 687 break; 688 } 689 case 0xb0: /* block limits */ 690 { 691 unsigned int unmap_sectors = 692 s->qdev.conf.discard_granularity / s->qdev.blocksize; 693 unsigned int min_io_size = 694 s->qdev.conf.min_io_size / s->qdev.blocksize; 695 unsigned int opt_io_size = 696 s->qdev.conf.opt_io_size / s->qdev.blocksize; 697 unsigned int max_unmap_sectors = 698 s->max_unmap_size / s->qdev.blocksize; 699 unsigned int max_io_sectors = 700 s->max_io_size / s->qdev.blocksize; 701 702 if (s->qdev.type == TYPE_ROM) { 703 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n", 704 page_code); 705 return -1; 706 } 707 /* required VPD size with unmap support */ 708 buflen = 0x40; 709 memset(outbuf + 4, 0, buflen - 4); 710 711 outbuf[4] = 0x1; /* wsnz */ 712 713 /* optimal transfer length granularity */ 714 outbuf[6] = (min_io_size >> 8) & 0xff; 715 outbuf[7] = min_io_size & 0xff; 716 717 /* maximum transfer length */ 718 outbuf[8] = (max_io_sectors >> 24) & 0xff; 719 outbuf[9] = (max_io_sectors >> 16) & 0xff; 720 outbuf[10] = (max_io_sectors >> 8) & 0xff; 721 outbuf[11] = max_io_sectors & 0xff; 722 723 /* optimal transfer length */ 724 outbuf[12] = (opt_io_size >> 24) & 0xff; 725 outbuf[13] = (opt_io_size >> 16) & 0xff; 726 outbuf[14] = (opt_io_size >> 8) & 0xff; 727 outbuf[15] = opt_io_size & 0xff; 728 729 /* max unmap LBA count, default is 1GB */ 730 outbuf[20] = (max_unmap_sectors >> 24) & 0xff; 731 outbuf[21] = (max_unmap_sectors >> 16) & 0xff; 732 outbuf[22] = (max_unmap_sectors >> 8) & 0xff; 733 outbuf[23] = max_unmap_sectors & 0xff; 734 735 /* max unmap descriptors, 255 fit in 4 kb with an 8-byte header. */ 736 outbuf[24] = 0; 737 outbuf[25] = 0; 738 outbuf[26] = 0; 739 outbuf[27] = 255; 740 741 /* optimal unmap granularity */ 742 outbuf[28] = (unmap_sectors >> 24) & 0xff; 743 outbuf[29] = (unmap_sectors >> 16) & 0xff; 744 outbuf[30] = (unmap_sectors >> 8) & 0xff; 745 outbuf[31] = unmap_sectors & 0xff; 746 747 /* max write same size */ 748 outbuf[36] = 0; 749 outbuf[37] = 0; 750 outbuf[38] = 0; 751 outbuf[39] = 0; 752 753 outbuf[40] = (max_io_sectors >> 24) & 0xff; 754 outbuf[41] = (max_io_sectors >> 16) & 0xff; 755 outbuf[42] = (max_io_sectors >> 8) & 0xff; 756 outbuf[43] = max_io_sectors & 0xff; 757 break; 758 } 759 case 0xb1: /* block device characteristics */ 760 { 761 buflen = 8; 762 outbuf[4] = (s->rotation_rate >> 8) & 0xff; 763 outbuf[5] = s->rotation_rate & 0xff; 764 outbuf[6] = 0; 765 outbuf[7] = 0; 766 break; 767 } 768 case 0xb2: /* thin provisioning */ 769 { 770 buflen = 8; 771 outbuf[4] = 0; 772 outbuf[5] = 0xe0; /* unmap & write_same 10/16 all supported */ 773 outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1; 774 outbuf[7] = 0; 775 break; 776 } 777 default: 778 return -1; 779 } 780 /* done with EVPD */ 781 assert(buflen - start <= 255); 782 outbuf[start - 1] = buflen - start; 783 return buflen; 784 } 785 786 /* Standard INQUIRY data */ 787 if (req->cmd.buf[2] != 0) { 788 return -1; 789 } 790 791 /* PAGE CODE == 0 */ 792 buflen = req->cmd.xfer; 793 if (buflen > SCSI_MAX_INQUIRY_LEN) { 794 buflen = SCSI_MAX_INQUIRY_LEN; 795 } 796 797 outbuf[0] = s->qdev.type & 0x1f; 798 outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0; 799 800 strpadcpy((char *) &outbuf[16], 16, s->product, ' '); 801 strpadcpy((char *) &outbuf[8], 8, s->vendor, ' '); 802 803 memset(&outbuf[32], 0, 4); 804 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version))); 805 /* 806 * We claim conformance to SPC-3, which is required for guests 807 * to ask for modern features like READ CAPACITY(16) or the 808 * block characteristics VPD page by default. Not all of SPC-3 809 * is actually implemented, but we're good enough. 810 */ 811 outbuf[2] = 5; 812 outbuf[3] = 2 | 0x10; /* Format 2, HiSup */ 813 814 if (buflen > 36) { 815 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */ 816 } else { 817 /* If the allocation length of CDB is too small, 818 the additional length is not adjusted */ 819 outbuf[4] = 36 - 5; 820 } 821 822 /* Sync data transfer and TCQ. */ 823 outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0); 824 return buflen; 825 } 826 827 static inline bool media_is_dvd(SCSIDiskState *s) 828 { 829 uint64_t nb_sectors; 830 if (s->qdev.type != TYPE_ROM) { 831 return false; 832 } 833 if (!blk_is_available(s->qdev.conf.blk)) { 834 return false; 835 } 836 blk_get_geometry(s->qdev.conf.blk, &nb_sectors); 837 return nb_sectors > CD_MAX_SECTORS; 838 } 839 840 static inline bool media_is_cd(SCSIDiskState *s) 841 { 842 uint64_t nb_sectors; 843 if (s->qdev.type != TYPE_ROM) { 844 return false; 845 } 846 if (!blk_is_available(s->qdev.conf.blk)) { 847 return false; 848 } 849 blk_get_geometry(s->qdev.conf.blk, &nb_sectors); 850 return nb_sectors <= CD_MAX_SECTORS; 851 } 852 853 static int scsi_read_disc_information(SCSIDiskState *s, SCSIDiskReq *r, 854 uint8_t *outbuf) 855 { 856 uint8_t type = r->req.cmd.buf[1] & 7; 857 858 if (s->qdev.type != TYPE_ROM) { 859 return -1; 860 } 861 862 /* Types 1/2 are only defined for Blu-Ray. */ 863 if (type != 0) { 864 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); 865 return -1; 866 } 867 868 memset(outbuf, 0, 34); 869 outbuf[1] = 32; 870 outbuf[2] = 0xe; /* last session complete, disc finalized */ 871 outbuf[3] = 1; /* first track on disc */ 872 outbuf[4] = 1; /* # of sessions */ 873 outbuf[5] = 1; /* first track of last session */ 874 outbuf[6] = 1; /* last track of last session */ 875 outbuf[7] = 0x20; /* unrestricted use */ 876 outbuf[8] = 0x00; /* CD-ROM or DVD-ROM */ 877 /* 9-10-11: most significant byte corresponding bytes 4-5-6 */ 878 /* 12-23: not meaningful for CD-ROM or DVD-ROM */ 879 /* 24-31: disc bar code */ 880 /* 32: disc application code */ 881 /* 33: number of OPC tables */ 882 883 return 34; 884 } 885 886 static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r, 887 uint8_t *outbuf) 888 { 889 static const int rds_caps_size[5] = { 890 [0] = 2048 + 4, 891 [1] = 4 + 4, 892 [3] = 188 + 4, 893 [4] = 2048 + 4, 894 }; 895 896 uint8_t media = r->req.cmd.buf[1]; 897 uint8_t layer = r->req.cmd.buf[6]; 898 uint8_t format = r->req.cmd.buf[7]; 899 int size = -1; 900 901 if (s->qdev.type != TYPE_ROM) { 902 return -1; 903 } 904 if (media != 0) { 905 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); 906 return -1; 907 } 908 909 if (format != 0xff) { 910 if (!blk_is_available(s->qdev.conf.blk)) { 911 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM)); 912 return -1; 913 } 914 if (media_is_cd(s)) { 915 scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT)); 916 return -1; 917 } 918 if (format >= ARRAY_SIZE(rds_caps_size)) { 919 return -1; 920 } 921 size = rds_caps_size[format]; 922 memset(outbuf, 0, size); 923 } 924 925 switch (format) { 926 case 0x00: { 927 /* Physical format information */ 928 uint64_t nb_sectors; 929 if (layer != 0) { 930 goto fail; 931 } 932 blk_get_geometry(s->qdev.conf.blk, &nb_sectors); 933 934 outbuf[4] = 1; /* DVD-ROM, part version 1 */ 935 outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */ 936 outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */ 937 outbuf[7] = 0; /* default densities */ 938 939 stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */ 940 stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */ 941 break; 942 } 943 944 case 0x01: /* DVD copyright information, all zeros */ 945 break; 946 947 case 0x03: /* BCA information - invalid field for no BCA info */ 948 return -1; 949 950 case 0x04: /* DVD disc manufacturing information, all zeros */ 951 break; 952 953 case 0xff: { /* List capabilities */ 954 int i; 955 size = 4; 956 for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) { 957 if (!rds_caps_size[i]) { 958 continue; 959 } 960 outbuf[size] = i; 961 outbuf[size + 1] = 0x40; /* Not writable, readable */ 962 stw_be_p(&outbuf[size + 2], rds_caps_size[i]); 963 size += 4; 964 } 965 break; 966 } 967 968 default: 969 return -1; 970 } 971 972 /* Size of buffer, not including 2 byte size field */ 973 stw_be_p(outbuf, size - 2); 974 return size; 975 976 fail: 977 return -1; 978 } 979 980 static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf) 981 { 982 uint8_t event_code, media_status; 983 984 media_status = 0; 985 if (s->tray_open) { 986 media_status = MS_TRAY_OPEN; 987 } else if (blk_is_inserted(s->qdev.conf.blk)) { 988 media_status = MS_MEDIA_PRESENT; 989 } 990 991 /* Event notification descriptor */ 992 event_code = MEC_NO_CHANGE; 993 if (media_status != MS_TRAY_OPEN) { 994 if (s->media_event) { 995 event_code = MEC_NEW_MEDIA; 996 s->media_event = false; 997 } else if (s->eject_request) { 998 event_code = MEC_EJECT_REQUESTED; 999 s->eject_request = false; 1000 } 1001 } 1002 1003 outbuf[0] = event_code; 1004 outbuf[1] = media_status; 1005 1006 /* These fields are reserved, just clear them. */ 1007 outbuf[2] = 0; 1008 outbuf[3] = 0; 1009 return 4; 1010 } 1011 1012 static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r, 1013 uint8_t *outbuf) 1014 { 1015 int size; 1016 uint8_t *buf = r->req.cmd.buf; 1017 uint8_t notification_class_request = buf[4]; 1018 if (s->qdev.type != TYPE_ROM) { 1019 return -1; 1020 } 1021 if ((buf[1] & 1) == 0) { 1022 /* asynchronous */ 1023 return -1; 1024 } 1025 1026 size = 4; 1027 outbuf[0] = outbuf[1] = 0; 1028 outbuf[3] = 1 << GESN_MEDIA; /* supported events */ 1029 if (notification_class_request & (1 << GESN_MEDIA)) { 1030 outbuf[2] = GESN_MEDIA; 1031 size += scsi_event_status_media(s, &outbuf[size]); 1032 } else { 1033 outbuf[2] = 0x80; 1034 } 1035 stw_be_p(outbuf, size - 4); 1036 return size; 1037 } 1038 1039 static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf) 1040 { 1041 int current; 1042 1043 if (s->qdev.type != TYPE_ROM) { 1044 return -1; 1045 } 1046 1047 if (media_is_dvd(s)) { 1048 current = MMC_PROFILE_DVD_ROM; 1049 } else if (media_is_cd(s)) { 1050 current = MMC_PROFILE_CD_ROM; 1051 } else { 1052 current = MMC_PROFILE_NONE; 1053 } 1054 1055 memset(outbuf, 0, 40); 1056 stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */ 1057 stw_be_p(&outbuf[6], current); 1058 /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */ 1059 outbuf[10] = 0x03; /* persistent, current */ 1060 outbuf[11] = 8; /* two profiles */ 1061 stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM); 1062 outbuf[14] = (current == MMC_PROFILE_DVD_ROM); 1063 stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM); 1064 outbuf[18] = (current == MMC_PROFILE_CD_ROM); 1065 /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */ 1066 stw_be_p(&outbuf[20], 1); 1067 outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */ 1068 outbuf[23] = 8; 1069 stl_be_p(&outbuf[24], 1); /* SCSI */ 1070 outbuf[28] = 1; /* DBE = 1, mandatory */ 1071 /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */ 1072 stw_be_p(&outbuf[32], 3); 1073 outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */ 1074 outbuf[35] = 4; 1075 outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */ 1076 /* TODO: Random readable, CD read, DVD read, drive serial number, 1077 power management */ 1078 return 40; 1079 } 1080 1081 static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf) 1082 { 1083 if (s->qdev.type != TYPE_ROM) { 1084 return -1; 1085 } 1086 memset(outbuf, 0, 8); 1087 outbuf[5] = 1; /* CD-ROM */ 1088 return 8; 1089 } 1090 1091 static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf, 1092 int page_control) 1093 { 1094 static const int mode_sense_valid[0x3f] = { 1095 [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK), 1096 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK), 1097 [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM), 1098 [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM), 1099 [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM), 1100 [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM), 1101 }; 1102 1103 uint8_t *p = *p_outbuf + 2; 1104 int length; 1105 1106 if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) { 1107 return -1; 1108 } 1109 1110 /* 1111 * If Changeable Values are requested, a mask denoting those mode parameters 1112 * that are changeable shall be returned. As we currently don't support 1113 * parameter changes via MODE_SELECT all bits are returned set to zero. 1114 * The buffer was already menset to zero by the caller of this function. 1115 * 1116 * The offsets here are off by two compared to the descriptions in the 1117 * SCSI specs, because those include a 2-byte header. This is unfortunate, 1118 * but it is done so that offsets are consistent within our implementation 1119 * of MODE SENSE and MODE SELECT. MODE SELECT has to deal with both 1120 * 2-byte and 4-byte headers. 1121 */ 1122 switch (page) { 1123 case MODE_PAGE_HD_GEOMETRY: 1124 length = 0x16; 1125 if (page_control == 1) { /* Changeable Values */ 1126 break; 1127 } 1128 /* if a geometry hint is available, use it */ 1129 p[0] = (s->qdev.conf.cyls >> 16) & 0xff; 1130 p[1] = (s->qdev.conf.cyls >> 8) & 0xff; 1131 p[2] = s->qdev.conf.cyls & 0xff; 1132 p[3] = s->qdev.conf.heads & 0xff; 1133 /* Write precomp start cylinder, disabled */ 1134 p[4] = (s->qdev.conf.cyls >> 16) & 0xff; 1135 p[5] = (s->qdev.conf.cyls >> 8) & 0xff; 1136 p[6] = s->qdev.conf.cyls & 0xff; 1137 /* Reduced current start cylinder, disabled */ 1138 p[7] = (s->qdev.conf.cyls >> 16) & 0xff; 1139 p[8] = (s->qdev.conf.cyls >> 8) & 0xff; 1140 p[9] = s->qdev.conf.cyls & 0xff; 1141 /* Device step rate [ns], 200ns */ 1142 p[10] = 0; 1143 p[11] = 200; 1144 /* Landing zone cylinder */ 1145 p[12] = 0xff; 1146 p[13] = 0xff; 1147 p[14] = 0xff; 1148 /* Medium rotation rate [rpm], 5400 rpm */ 1149 p[18] = (5400 >> 8) & 0xff; 1150 p[19] = 5400 & 0xff; 1151 break; 1152 1153 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY: 1154 length = 0x1e; 1155 if (page_control == 1) { /* Changeable Values */ 1156 break; 1157 } 1158 /* Transfer rate [kbit/s], 5Mbit/s */ 1159 p[0] = 5000 >> 8; 1160 p[1] = 5000 & 0xff; 1161 /* if a geometry hint is available, use it */ 1162 p[2] = s->qdev.conf.heads & 0xff; 1163 p[3] = s->qdev.conf.secs & 0xff; 1164 p[4] = s->qdev.blocksize >> 8; 1165 p[6] = (s->qdev.conf.cyls >> 8) & 0xff; 1166 p[7] = s->qdev.conf.cyls & 0xff; 1167 /* Write precomp start cylinder, disabled */ 1168 p[8] = (s->qdev.conf.cyls >> 8) & 0xff; 1169 p[9] = s->qdev.conf.cyls & 0xff; 1170 /* Reduced current start cylinder, disabled */ 1171 p[10] = (s->qdev.conf.cyls >> 8) & 0xff; 1172 p[11] = s->qdev.conf.cyls & 0xff; 1173 /* Device step rate [100us], 100us */ 1174 p[12] = 0; 1175 p[13] = 1; 1176 /* Device step pulse width [us], 1us */ 1177 p[14] = 1; 1178 /* Device head settle delay [100us], 100us */ 1179 p[15] = 0; 1180 p[16] = 1; 1181 /* Motor on delay [0.1s], 0.1s */ 1182 p[17] = 1; 1183 /* Motor off delay [0.1s], 0.1s */ 1184 p[18] = 1; 1185 /* Medium rotation rate [rpm], 5400 rpm */ 1186 p[26] = (5400 >> 8) & 0xff; 1187 p[27] = 5400 & 0xff; 1188 break; 1189 1190 case MODE_PAGE_CACHING: 1191 length = 0x12; 1192 if (page_control == 1 || /* Changeable Values */ 1193 blk_enable_write_cache(s->qdev.conf.blk)) { 1194 p[0] = 4; /* WCE */ 1195 } 1196 break; 1197 1198 case MODE_PAGE_R_W_ERROR: 1199 length = 10; 1200 if (page_control == 1) { /* Changeable Values */ 1201 break; 1202 } 1203 p[0] = 0x80; /* Automatic Write Reallocation Enabled */ 1204 if (s->qdev.type == TYPE_ROM) { 1205 p[1] = 0x20; /* Read Retry Count */ 1206 } 1207 break; 1208 1209 case MODE_PAGE_AUDIO_CTL: 1210 length = 14; 1211 break; 1212 1213 case MODE_PAGE_CAPABILITIES: 1214 length = 0x14; 1215 if (page_control == 1) { /* Changeable Values */ 1216 break; 1217 } 1218 1219 p[0] = 0x3b; /* CD-R & CD-RW read */ 1220 p[1] = 0; /* Writing not supported */ 1221 p[2] = 0x7f; /* Audio, composite, digital out, 1222 mode 2 form 1&2, multi session */ 1223 p[3] = 0xff; /* CD DA, DA accurate, RW supported, 1224 RW corrected, C2 errors, ISRC, 1225 UPC, Bar code */ 1226 p[4] = 0x2d | (s->tray_locked ? 2 : 0); 1227 /* Locking supported, jumper present, eject, tray */ 1228 p[5] = 0; /* no volume & mute control, no 1229 changer */ 1230 p[6] = (50 * 176) >> 8; /* 50x read speed */ 1231 p[7] = (50 * 176) & 0xff; 1232 p[8] = 2 >> 8; /* Two volume levels */ 1233 p[9] = 2 & 0xff; 1234 p[10] = 2048 >> 8; /* 2M buffer */ 1235 p[11] = 2048 & 0xff; 1236 p[12] = (16 * 176) >> 8; /* 16x read speed current */ 1237 p[13] = (16 * 176) & 0xff; 1238 p[16] = (16 * 176) >> 8; /* 16x write speed */ 1239 p[17] = (16 * 176) & 0xff; 1240 p[18] = (16 * 176) >> 8; /* 16x write speed current */ 1241 p[19] = (16 * 176) & 0xff; 1242 break; 1243 1244 default: 1245 return -1; 1246 } 1247 1248 assert(length < 256); 1249 (*p_outbuf)[0] = page; 1250 (*p_outbuf)[1] = length; 1251 *p_outbuf += length + 2; 1252 return length + 2; 1253 } 1254 1255 static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf) 1256 { 1257 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 1258 uint64_t nb_sectors; 1259 bool dbd; 1260 int page, buflen, ret, page_control; 1261 uint8_t *p; 1262 uint8_t dev_specific_param; 1263 1264 dbd = (r->req.cmd.buf[1] & 0x8) != 0; 1265 page = r->req.cmd.buf[2] & 0x3f; 1266 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6; 1267 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n", 1268 (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control); 1269 memset(outbuf, 0, r->req.cmd.xfer); 1270 p = outbuf; 1271 1272 if (s->qdev.type == TYPE_DISK) { 1273 dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0; 1274 if (blk_is_read_only(s->qdev.conf.blk)) { 1275 dev_specific_param |= 0x80; /* Readonly. */ 1276 } 1277 } else { 1278 /* MMC prescribes that CD/DVD drives have no block descriptors, 1279 * and defines no device-specific parameter. */ 1280 dev_specific_param = 0x00; 1281 dbd = true; 1282 } 1283 1284 if (r->req.cmd.buf[0] == MODE_SENSE) { 1285 p[1] = 0; /* Default media type. */ 1286 p[2] = dev_specific_param; 1287 p[3] = 0; /* Block descriptor length. */ 1288 p += 4; 1289 } else { /* MODE_SENSE_10 */ 1290 p[2] = 0; /* Default media type. */ 1291 p[3] = dev_specific_param; 1292 p[6] = p[7] = 0; /* Block descriptor length. */ 1293 p += 8; 1294 } 1295 1296 blk_get_geometry(s->qdev.conf.blk, &nb_sectors); 1297 if (!dbd && nb_sectors) { 1298 if (r->req.cmd.buf[0] == MODE_SENSE) { 1299 outbuf[3] = 8; /* Block descriptor length */ 1300 } else { /* MODE_SENSE_10 */ 1301 outbuf[7] = 8; /* Block descriptor length */ 1302 } 1303 nb_sectors /= (s->qdev.blocksize / 512); 1304 if (nb_sectors > 0xffffff) { 1305 nb_sectors = 0; 1306 } 1307 p[0] = 0; /* media density code */ 1308 p[1] = (nb_sectors >> 16) & 0xff; 1309 p[2] = (nb_sectors >> 8) & 0xff; 1310 p[3] = nb_sectors & 0xff; 1311 p[4] = 0; /* reserved */ 1312 p[5] = 0; /* bytes 5-7 are the sector size in bytes */ 1313 p[6] = s->qdev.blocksize >> 8; 1314 p[7] = 0; 1315 p += 8; 1316 } 1317 1318 if (page_control == 3) { 1319 /* Saved Values */ 1320 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED)); 1321 return -1; 1322 } 1323 1324 if (page == 0x3f) { 1325 for (page = 0; page <= 0x3e; page++) { 1326 mode_sense_page(s, page, &p, page_control); 1327 } 1328 } else { 1329 ret = mode_sense_page(s, page, &p, page_control); 1330 if (ret == -1) { 1331 return -1; 1332 } 1333 } 1334 1335 buflen = p - outbuf; 1336 /* 1337 * The mode data length field specifies the length in bytes of the 1338 * following data that is available to be transferred. The mode data 1339 * length does not include itself. 1340 */ 1341 if (r->req.cmd.buf[0] == MODE_SENSE) { 1342 outbuf[0] = buflen - 1; 1343 } else { /* MODE_SENSE_10 */ 1344 outbuf[0] = ((buflen - 2) >> 8) & 0xff; 1345 outbuf[1] = (buflen - 2) & 0xff; 1346 } 1347 return buflen; 1348 } 1349 1350 static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf) 1351 { 1352 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); 1353 int start_track, format, msf, toclen; 1354 uint64_t nb_sectors; 1355 1356 msf = req->cmd.buf[1] & 2; 1357 format = req->cmd.buf[2] & 0xf; 1358 start_track = req->cmd.buf[6]; 1359 blk_get_geometry(s->qdev.conf.blk, &nb_sectors); 1360 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1); 1361 nb_sectors /= s->qdev.blocksize / 512; 1362 switch (format) { 1363 case 0: 1364 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track); 1365 break; 1366 case 1: 1367 /* multi session : only a single session defined */ 1368 toclen = 12; 1369 memset(outbuf, 0, 12); 1370 outbuf[1] = 0x0a; 1371 outbuf[2] = 0x01; 1372 outbuf[3] = 0x01; 1373 break; 1374 case 2: 1375 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track); 1376 break; 1377 default: 1378 return -1; 1379 } 1380 return toclen; 1381 } 1382 1383 static int scsi_disk_emulate_start_stop(SCSIDiskReq *r) 1384 { 1385 SCSIRequest *req = &r->req; 1386 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); 1387 bool start = req->cmd.buf[4] & 1; 1388 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */ 1389 int pwrcnd = req->cmd.buf[4] & 0xf0; 1390 1391 if (pwrcnd) { 1392 /* eject/load only happens for power condition == 0 */ 1393 return 0; 1394 } 1395 1396 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) && loej) { 1397 if (!start && !s->tray_open && s->tray_locked) { 1398 scsi_check_condition(r, 1399 blk_is_inserted(s->qdev.conf.blk) 1400 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED) 1401 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED)); 1402 return -1; 1403 } 1404 1405 if (s->tray_open != !start) { 1406 blk_eject(s->qdev.conf.blk, !start); 1407 s->tray_open = !start; 1408 } 1409 } 1410 return 0; 1411 } 1412 1413 static void scsi_disk_emulate_read_data(SCSIRequest *req) 1414 { 1415 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); 1416 int buflen = r->iov.iov_len; 1417 1418 if (buflen) { 1419 DPRINTF("Read buf_len=%d\n", buflen); 1420 r->iov.iov_len = 0; 1421 r->started = true; 1422 scsi_req_data(&r->req, buflen); 1423 return; 1424 } 1425 1426 /* This also clears the sense buffer for REQUEST SENSE. */ 1427 scsi_req_complete(&r->req, GOOD); 1428 } 1429 1430 static int scsi_disk_check_mode_select(SCSIDiskState *s, int page, 1431 uint8_t *inbuf, int inlen) 1432 { 1433 uint8_t mode_current[SCSI_MAX_MODE_LEN]; 1434 uint8_t mode_changeable[SCSI_MAX_MODE_LEN]; 1435 uint8_t *p; 1436 int len, expected_len, changeable_len, i; 1437 1438 /* The input buffer does not include the page header, so it is 1439 * off by 2 bytes. 1440 */ 1441 expected_len = inlen + 2; 1442 if (expected_len > SCSI_MAX_MODE_LEN) { 1443 return -1; 1444 } 1445 1446 p = mode_current; 1447 memset(mode_current, 0, inlen + 2); 1448 len = mode_sense_page(s, page, &p, 0); 1449 if (len < 0 || len != expected_len) { 1450 return -1; 1451 } 1452 1453 p = mode_changeable; 1454 memset(mode_changeable, 0, inlen + 2); 1455 changeable_len = mode_sense_page(s, page, &p, 1); 1456 assert(changeable_len == len); 1457 1458 /* Check that unchangeable bits are the same as what MODE SENSE 1459 * would return. 1460 */ 1461 for (i = 2; i < len; i++) { 1462 if (((mode_current[i] ^ inbuf[i - 2]) & ~mode_changeable[i]) != 0) { 1463 return -1; 1464 } 1465 } 1466 return 0; 1467 } 1468 1469 static void scsi_disk_apply_mode_select(SCSIDiskState *s, int page, uint8_t *p) 1470 { 1471 switch (page) { 1472 case MODE_PAGE_CACHING: 1473 blk_set_enable_write_cache(s->qdev.conf.blk, (p[0] & 4) != 0); 1474 break; 1475 1476 default: 1477 break; 1478 } 1479 } 1480 1481 static int mode_select_pages(SCSIDiskReq *r, uint8_t *p, int len, bool change) 1482 { 1483 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 1484 1485 while (len > 0) { 1486 int page, subpage, page_len; 1487 1488 /* Parse both possible formats for the mode page headers. */ 1489 page = p[0] & 0x3f; 1490 if (p[0] & 0x40) { 1491 if (len < 4) { 1492 goto invalid_param_len; 1493 } 1494 subpage = p[1]; 1495 page_len = lduw_be_p(&p[2]); 1496 p += 4; 1497 len -= 4; 1498 } else { 1499 if (len < 2) { 1500 goto invalid_param_len; 1501 } 1502 subpage = 0; 1503 page_len = p[1]; 1504 p += 2; 1505 len -= 2; 1506 } 1507 1508 if (subpage) { 1509 goto invalid_param; 1510 } 1511 if (page_len > len) { 1512 goto invalid_param_len; 1513 } 1514 1515 if (!change) { 1516 if (scsi_disk_check_mode_select(s, page, p, page_len) < 0) { 1517 goto invalid_param; 1518 } 1519 } else { 1520 scsi_disk_apply_mode_select(s, page, p); 1521 } 1522 1523 p += page_len; 1524 len -= page_len; 1525 } 1526 return 0; 1527 1528 invalid_param: 1529 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM)); 1530 return -1; 1531 1532 invalid_param_len: 1533 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN)); 1534 return -1; 1535 } 1536 1537 static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf) 1538 { 1539 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 1540 uint8_t *p = inbuf; 1541 int cmd = r->req.cmd.buf[0]; 1542 int len = r->req.cmd.xfer; 1543 int hdr_len = (cmd == MODE_SELECT ? 4 : 8); 1544 int bd_len; 1545 int pass; 1546 1547 /* We only support PF=1, SP=0. */ 1548 if ((r->req.cmd.buf[1] & 0x11) != 0x10) { 1549 goto invalid_field; 1550 } 1551 1552 if (len < hdr_len) { 1553 goto invalid_param_len; 1554 } 1555 1556 bd_len = (cmd == MODE_SELECT ? p[3] : lduw_be_p(&p[6])); 1557 len -= hdr_len; 1558 p += hdr_len; 1559 if (len < bd_len) { 1560 goto invalid_param_len; 1561 } 1562 if (bd_len != 0 && bd_len != 8) { 1563 goto invalid_param; 1564 } 1565 1566 len -= bd_len; 1567 p += bd_len; 1568 1569 /* Ensure no change is made if there is an error! */ 1570 for (pass = 0; pass < 2; pass++) { 1571 if (mode_select_pages(r, p, len, pass == 1) < 0) { 1572 assert(pass == 0); 1573 return; 1574 } 1575 } 1576 if (!blk_enable_write_cache(s->qdev.conf.blk)) { 1577 /* The request is used as the AIO opaque value, so add a ref. */ 1578 scsi_req_ref(&r->req); 1579 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0, 1580 BLOCK_ACCT_FLUSH); 1581 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r); 1582 return; 1583 } 1584 1585 scsi_req_complete(&r->req, GOOD); 1586 return; 1587 1588 invalid_param: 1589 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM)); 1590 return; 1591 1592 invalid_param_len: 1593 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN)); 1594 return; 1595 1596 invalid_field: 1597 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); 1598 } 1599 1600 static inline bool check_lba_range(SCSIDiskState *s, 1601 uint64_t sector_num, uint32_t nb_sectors) 1602 { 1603 /* 1604 * The first line tests that no overflow happens when computing the last 1605 * sector. The second line tests that the last accessed sector is in 1606 * range. 1607 * 1608 * Careful, the computations should not underflow for nb_sectors == 0, 1609 * and a 0-block read to the first LBA beyond the end of device is 1610 * valid. 1611 */ 1612 return (sector_num <= sector_num + nb_sectors && 1613 sector_num + nb_sectors <= s->qdev.max_lba + 1); 1614 } 1615 1616 typedef struct UnmapCBData { 1617 SCSIDiskReq *r; 1618 uint8_t *inbuf; 1619 int count; 1620 } UnmapCBData; 1621 1622 static void scsi_unmap_complete(void *opaque, int ret); 1623 1624 static void scsi_unmap_complete_noio(UnmapCBData *data, int ret) 1625 { 1626 SCSIDiskReq *r = data->r; 1627 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 1628 uint64_t sector_num; 1629 uint32_t nb_sectors; 1630 1631 assert(r->req.aiocb == NULL); 1632 if (scsi_disk_req_check_error(r, ret, false)) { 1633 goto done; 1634 } 1635 1636 if (data->count > 0) { 1637 sector_num = ldq_be_p(&data->inbuf[0]); 1638 nb_sectors = ldl_be_p(&data->inbuf[8]) & 0xffffffffULL; 1639 if (!check_lba_range(s, sector_num, nb_sectors)) { 1640 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE)); 1641 goto done; 1642 } 1643 1644 r->req.aiocb = blk_aio_pdiscard(s->qdev.conf.blk, 1645 sector_num * s->qdev.blocksize, 1646 nb_sectors * s->qdev.blocksize, 1647 scsi_unmap_complete, data); 1648 data->count--; 1649 data->inbuf += 16; 1650 return; 1651 } 1652 1653 scsi_req_complete(&r->req, GOOD); 1654 1655 done: 1656 scsi_req_unref(&r->req); 1657 g_free(data); 1658 } 1659 1660 static void scsi_unmap_complete(void *opaque, int ret) 1661 { 1662 UnmapCBData *data = opaque; 1663 SCSIDiskReq *r = data->r; 1664 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 1665 1666 assert(r->req.aiocb != NULL); 1667 r->req.aiocb = NULL; 1668 1669 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk)); 1670 scsi_unmap_complete_noio(data, ret); 1671 aio_context_release(blk_get_aio_context(s->qdev.conf.blk)); 1672 } 1673 1674 static void scsi_disk_emulate_unmap(SCSIDiskReq *r, uint8_t *inbuf) 1675 { 1676 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 1677 uint8_t *p = inbuf; 1678 int len = r->req.cmd.xfer; 1679 UnmapCBData *data; 1680 1681 /* Reject ANCHOR=1. */ 1682 if (r->req.cmd.buf[1] & 0x1) { 1683 goto invalid_field; 1684 } 1685 1686 if (len < 8) { 1687 goto invalid_param_len; 1688 } 1689 if (len < lduw_be_p(&p[0]) + 2) { 1690 goto invalid_param_len; 1691 } 1692 if (len < lduw_be_p(&p[2]) + 8) { 1693 goto invalid_param_len; 1694 } 1695 if (lduw_be_p(&p[2]) & 15) { 1696 goto invalid_param_len; 1697 } 1698 1699 if (blk_is_read_only(s->qdev.conf.blk)) { 1700 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED)); 1701 return; 1702 } 1703 1704 data = g_new0(UnmapCBData, 1); 1705 data->r = r; 1706 data->inbuf = &p[8]; 1707 data->count = lduw_be_p(&p[2]) >> 4; 1708 1709 /* The matching unref is in scsi_unmap_complete, before data is freed. */ 1710 scsi_req_ref(&r->req); 1711 scsi_unmap_complete_noio(data, 0); 1712 return; 1713 1714 invalid_param_len: 1715 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN)); 1716 return; 1717 1718 invalid_field: 1719 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); 1720 } 1721 1722 typedef struct WriteSameCBData { 1723 SCSIDiskReq *r; 1724 int64_t sector; 1725 int nb_sectors; 1726 QEMUIOVector qiov; 1727 struct iovec iov; 1728 } WriteSameCBData; 1729 1730 static void scsi_write_same_complete(void *opaque, int ret) 1731 { 1732 WriteSameCBData *data = opaque; 1733 SCSIDiskReq *r = data->r; 1734 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 1735 1736 assert(r->req.aiocb != NULL); 1737 r->req.aiocb = NULL; 1738 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk)); 1739 if (scsi_disk_req_check_error(r, ret, true)) { 1740 goto done; 1741 } 1742 1743 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct); 1744 1745 data->nb_sectors -= data->iov.iov_len / 512; 1746 data->sector += data->iov.iov_len / 512; 1747 data->iov.iov_len = MIN(data->nb_sectors * 512, data->iov.iov_len); 1748 if (data->iov.iov_len) { 1749 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 1750 data->iov.iov_len, BLOCK_ACCT_WRITE); 1751 /* Reinitialize qiov, to handle unaligned WRITE SAME request 1752 * where final qiov may need smaller size */ 1753 qemu_iovec_init_external(&data->qiov, &data->iov, 1); 1754 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk, 1755 data->sector << BDRV_SECTOR_BITS, 1756 &data->qiov, 0, 1757 scsi_write_same_complete, data); 1758 return; 1759 } 1760 1761 scsi_req_complete(&r->req, GOOD); 1762 1763 done: 1764 scsi_req_unref(&r->req); 1765 qemu_vfree(data->iov.iov_base); 1766 g_free(data); 1767 aio_context_release(blk_get_aio_context(s->qdev.conf.blk)); 1768 } 1769 1770 static void scsi_disk_emulate_write_same(SCSIDiskReq *r, uint8_t *inbuf) 1771 { 1772 SCSIRequest *req = &r->req; 1773 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); 1774 uint32_t nb_sectors = scsi_data_cdb_xfer(r->req.cmd.buf); 1775 WriteSameCBData *data; 1776 uint8_t *buf; 1777 int i; 1778 1779 /* Fail if PBDATA=1 or LBDATA=1 or ANCHOR=1. */ 1780 if (nb_sectors == 0 || (req->cmd.buf[1] & 0x16)) { 1781 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); 1782 return; 1783 } 1784 1785 if (blk_is_read_only(s->qdev.conf.blk)) { 1786 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED)); 1787 return; 1788 } 1789 if (!check_lba_range(s, r->req.cmd.lba, nb_sectors)) { 1790 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE)); 1791 return; 1792 } 1793 1794 if (buffer_is_zero(inbuf, s->qdev.blocksize)) { 1795 int flags = (req->cmd.buf[1] & 0x8) ? BDRV_REQ_MAY_UNMAP : 0; 1796 1797 /* The request is used as the AIO opaque value, so add a ref. */ 1798 scsi_req_ref(&r->req); 1799 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 1800 nb_sectors * s->qdev.blocksize, 1801 BLOCK_ACCT_WRITE); 1802 r->req.aiocb = blk_aio_pwrite_zeroes(s->qdev.conf.blk, 1803 r->req.cmd.lba * s->qdev.blocksize, 1804 nb_sectors * s->qdev.blocksize, 1805 flags, scsi_aio_complete, r); 1806 return; 1807 } 1808 1809 data = g_new0(WriteSameCBData, 1); 1810 data->r = r; 1811 data->sector = r->req.cmd.lba * (s->qdev.blocksize / 512); 1812 data->nb_sectors = nb_sectors * (s->qdev.blocksize / 512); 1813 data->iov.iov_len = MIN(data->nb_sectors * 512, SCSI_WRITE_SAME_MAX); 1814 data->iov.iov_base = buf = blk_blockalign(s->qdev.conf.blk, 1815 data->iov.iov_len); 1816 qemu_iovec_init_external(&data->qiov, &data->iov, 1); 1817 1818 for (i = 0; i < data->iov.iov_len; i += s->qdev.blocksize) { 1819 memcpy(&buf[i], inbuf, s->qdev.blocksize); 1820 } 1821 1822 scsi_req_ref(&r->req); 1823 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 1824 data->iov.iov_len, BLOCK_ACCT_WRITE); 1825 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk, 1826 data->sector << BDRV_SECTOR_BITS, 1827 &data->qiov, 0, 1828 scsi_write_same_complete, data); 1829 } 1830 1831 static void scsi_disk_emulate_write_data(SCSIRequest *req) 1832 { 1833 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); 1834 1835 if (r->iov.iov_len) { 1836 int buflen = r->iov.iov_len; 1837 DPRINTF("Write buf_len=%d\n", buflen); 1838 r->iov.iov_len = 0; 1839 scsi_req_data(&r->req, buflen); 1840 return; 1841 } 1842 1843 switch (req->cmd.buf[0]) { 1844 case MODE_SELECT: 1845 case MODE_SELECT_10: 1846 /* This also clears the sense buffer for REQUEST SENSE. */ 1847 scsi_disk_emulate_mode_select(r, r->iov.iov_base); 1848 break; 1849 1850 case UNMAP: 1851 scsi_disk_emulate_unmap(r, r->iov.iov_base); 1852 break; 1853 1854 case VERIFY_10: 1855 case VERIFY_12: 1856 case VERIFY_16: 1857 if (r->req.status == -1) { 1858 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); 1859 } 1860 break; 1861 1862 case WRITE_SAME_10: 1863 case WRITE_SAME_16: 1864 scsi_disk_emulate_write_same(r, r->iov.iov_base); 1865 break; 1866 1867 default: 1868 abort(); 1869 } 1870 } 1871 1872 static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf) 1873 { 1874 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); 1875 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); 1876 uint64_t nb_sectors; 1877 uint8_t *outbuf; 1878 int buflen; 1879 1880 switch (req->cmd.buf[0]) { 1881 case INQUIRY: 1882 case MODE_SENSE: 1883 case MODE_SENSE_10: 1884 case RESERVE: 1885 case RESERVE_10: 1886 case RELEASE: 1887 case RELEASE_10: 1888 case START_STOP: 1889 case ALLOW_MEDIUM_REMOVAL: 1890 case GET_CONFIGURATION: 1891 case GET_EVENT_STATUS_NOTIFICATION: 1892 case MECHANISM_STATUS: 1893 case REQUEST_SENSE: 1894 break; 1895 1896 default: 1897 if (!blk_is_available(s->qdev.conf.blk)) { 1898 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM)); 1899 return 0; 1900 } 1901 break; 1902 } 1903 1904 /* 1905 * FIXME: we shouldn't return anything bigger than 4k, but the code 1906 * requires the buffer to be as big as req->cmd.xfer in several 1907 * places. So, do not allow CDBs with a very large ALLOCATION 1908 * LENGTH. The real fix would be to modify scsi_read_data and 1909 * dma_buf_read, so that they return data beyond the buflen 1910 * as all zeros. 1911 */ 1912 if (req->cmd.xfer > 65536) { 1913 goto illegal_request; 1914 } 1915 r->buflen = MAX(4096, req->cmd.xfer); 1916 1917 if (!r->iov.iov_base) { 1918 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen); 1919 } 1920 1921 buflen = req->cmd.xfer; 1922 outbuf = r->iov.iov_base; 1923 memset(outbuf, 0, r->buflen); 1924 switch (req->cmd.buf[0]) { 1925 case TEST_UNIT_READY: 1926 assert(blk_is_available(s->qdev.conf.blk)); 1927 break; 1928 case INQUIRY: 1929 buflen = scsi_disk_emulate_inquiry(req, outbuf); 1930 if (buflen < 0) { 1931 goto illegal_request; 1932 } 1933 break; 1934 case MODE_SENSE: 1935 case MODE_SENSE_10: 1936 buflen = scsi_disk_emulate_mode_sense(r, outbuf); 1937 if (buflen < 0) { 1938 goto illegal_request; 1939 } 1940 break; 1941 case READ_TOC: 1942 buflen = scsi_disk_emulate_read_toc(req, outbuf); 1943 if (buflen < 0) { 1944 goto illegal_request; 1945 } 1946 break; 1947 case RESERVE: 1948 if (req->cmd.buf[1] & 1) { 1949 goto illegal_request; 1950 } 1951 break; 1952 case RESERVE_10: 1953 if (req->cmd.buf[1] & 3) { 1954 goto illegal_request; 1955 } 1956 break; 1957 case RELEASE: 1958 if (req->cmd.buf[1] & 1) { 1959 goto illegal_request; 1960 } 1961 break; 1962 case RELEASE_10: 1963 if (req->cmd.buf[1] & 3) { 1964 goto illegal_request; 1965 } 1966 break; 1967 case START_STOP: 1968 if (scsi_disk_emulate_start_stop(r) < 0) { 1969 return 0; 1970 } 1971 break; 1972 case ALLOW_MEDIUM_REMOVAL: 1973 s->tray_locked = req->cmd.buf[4] & 1; 1974 blk_lock_medium(s->qdev.conf.blk, req->cmd.buf[4] & 1); 1975 break; 1976 case READ_CAPACITY_10: 1977 /* The normal LEN field for this command is zero. */ 1978 memset(outbuf, 0, 8); 1979 blk_get_geometry(s->qdev.conf.blk, &nb_sectors); 1980 if (!nb_sectors) { 1981 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY)); 1982 return 0; 1983 } 1984 if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) { 1985 goto illegal_request; 1986 } 1987 nb_sectors /= s->qdev.blocksize / 512; 1988 /* Returned value is the address of the last sector. */ 1989 nb_sectors--; 1990 /* Remember the new size for read/write sanity checking. */ 1991 s->qdev.max_lba = nb_sectors; 1992 /* Clip to 2TB, instead of returning capacity modulo 2TB. */ 1993 if (nb_sectors > UINT32_MAX) { 1994 nb_sectors = UINT32_MAX; 1995 } 1996 outbuf[0] = (nb_sectors >> 24) & 0xff; 1997 outbuf[1] = (nb_sectors >> 16) & 0xff; 1998 outbuf[2] = (nb_sectors >> 8) & 0xff; 1999 outbuf[3] = nb_sectors & 0xff; 2000 outbuf[4] = 0; 2001 outbuf[5] = 0; 2002 outbuf[6] = s->qdev.blocksize >> 8; 2003 outbuf[7] = 0; 2004 break; 2005 case REQUEST_SENSE: 2006 /* Just return "NO SENSE". */ 2007 buflen = scsi_convert_sense(NULL, 0, outbuf, r->buflen, 2008 (req->cmd.buf[1] & 1) == 0); 2009 if (buflen < 0) { 2010 goto illegal_request; 2011 } 2012 break; 2013 case MECHANISM_STATUS: 2014 buflen = scsi_emulate_mechanism_status(s, outbuf); 2015 if (buflen < 0) { 2016 goto illegal_request; 2017 } 2018 break; 2019 case GET_CONFIGURATION: 2020 buflen = scsi_get_configuration(s, outbuf); 2021 if (buflen < 0) { 2022 goto illegal_request; 2023 } 2024 break; 2025 case GET_EVENT_STATUS_NOTIFICATION: 2026 buflen = scsi_get_event_status_notification(s, r, outbuf); 2027 if (buflen < 0) { 2028 goto illegal_request; 2029 } 2030 break; 2031 case READ_DISC_INFORMATION: 2032 buflen = scsi_read_disc_information(s, r, outbuf); 2033 if (buflen < 0) { 2034 goto illegal_request; 2035 } 2036 break; 2037 case READ_DVD_STRUCTURE: 2038 buflen = scsi_read_dvd_structure(s, r, outbuf); 2039 if (buflen < 0) { 2040 goto illegal_request; 2041 } 2042 break; 2043 case SERVICE_ACTION_IN_16: 2044 /* Service Action In subcommands. */ 2045 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) { 2046 DPRINTF("SAI READ CAPACITY(16)\n"); 2047 memset(outbuf, 0, req->cmd.xfer); 2048 blk_get_geometry(s->qdev.conf.blk, &nb_sectors); 2049 if (!nb_sectors) { 2050 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY)); 2051 return 0; 2052 } 2053 if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) { 2054 goto illegal_request; 2055 } 2056 nb_sectors /= s->qdev.blocksize / 512; 2057 /* Returned value is the address of the last sector. */ 2058 nb_sectors--; 2059 /* Remember the new size for read/write sanity checking. */ 2060 s->qdev.max_lba = nb_sectors; 2061 outbuf[0] = (nb_sectors >> 56) & 0xff; 2062 outbuf[1] = (nb_sectors >> 48) & 0xff; 2063 outbuf[2] = (nb_sectors >> 40) & 0xff; 2064 outbuf[3] = (nb_sectors >> 32) & 0xff; 2065 outbuf[4] = (nb_sectors >> 24) & 0xff; 2066 outbuf[5] = (nb_sectors >> 16) & 0xff; 2067 outbuf[6] = (nb_sectors >> 8) & 0xff; 2068 outbuf[7] = nb_sectors & 0xff; 2069 outbuf[8] = 0; 2070 outbuf[9] = 0; 2071 outbuf[10] = s->qdev.blocksize >> 8; 2072 outbuf[11] = 0; 2073 outbuf[12] = 0; 2074 outbuf[13] = get_physical_block_exp(&s->qdev.conf); 2075 2076 /* set TPE bit if the format supports discard */ 2077 if (s->qdev.conf.discard_granularity) { 2078 outbuf[14] = 0x80; 2079 } 2080 2081 /* Protection, exponent and lowest lba field left blank. */ 2082 break; 2083 } 2084 DPRINTF("Unsupported Service Action In\n"); 2085 goto illegal_request; 2086 case SYNCHRONIZE_CACHE: 2087 /* The request is used as the AIO opaque value, so add a ref. */ 2088 scsi_req_ref(&r->req); 2089 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0, 2090 BLOCK_ACCT_FLUSH); 2091 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r); 2092 return 0; 2093 case SEEK_10: 2094 DPRINTF("Seek(10) (sector %" PRId64 ")\n", r->req.cmd.lba); 2095 if (r->req.cmd.lba > s->qdev.max_lba) { 2096 goto illegal_lba; 2097 } 2098 break; 2099 case MODE_SELECT: 2100 DPRINTF("Mode Select(6) (len %lu)\n", (unsigned long)r->req.cmd.xfer); 2101 break; 2102 case MODE_SELECT_10: 2103 DPRINTF("Mode Select(10) (len %lu)\n", (unsigned long)r->req.cmd.xfer); 2104 break; 2105 case UNMAP: 2106 DPRINTF("Unmap (len %lu)\n", (unsigned long)r->req.cmd.xfer); 2107 break; 2108 case VERIFY_10: 2109 case VERIFY_12: 2110 case VERIFY_16: 2111 DPRINTF("Verify (bytchk %d)\n", (req->cmd.buf[1] >> 1) & 3); 2112 if (req->cmd.buf[1] & 6) { 2113 goto illegal_request; 2114 } 2115 break; 2116 case WRITE_SAME_10: 2117 case WRITE_SAME_16: 2118 DPRINTF("WRITE SAME %d (len %lu)\n", 2119 req->cmd.buf[0] == WRITE_SAME_10 ? 10 : 16, 2120 (unsigned long)r->req.cmd.xfer); 2121 break; 2122 default: 2123 DPRINTF("Unknown SCSI command (%2.2x=%s)\n", buf[0], 2124 scsi_command_name(buf[0])); 2125 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE)); 2126 return 0; 2127 } 2128 assert(!r->req.aiocb); 2129 r->iov.iov_len = MIN(r->buflen, req->cmd.xfer); 2130 if (r->iov.iov_len == 0) { 2131 scsi_req_complete(&r->req, GOOD); 2132 } 2133 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { 2134 assert(r->iov.iov_len == req->cmd.xfer); 2135 return -r->iov.iov_len; 2136 } else { 2137 return r->iov.iov_len; 2138 } 2139 2140 illegal_request: 2141 if (r->req.status == -1) { 2142 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); 2143 } 2144 return 0; 2145 2146 illegal_lba: 2147 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE)); 2148 return 0; 2149 } 2150 2151 /* Execute a scsi command. Returns the length of the data expected by the 2152 command. This will be Positive for data transfers from the device 2153 (eg. disk reads), negative for transfers to the device (eg. disk writes), 2154 and zero if the command does not transfer any data. */ 2155 2156 static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf) 2157 { 2158 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req); 2159 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev); 2160 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s)); 2161 uint32_t len; 2162 uint8_t command; 2163 2164 command = buf[0]; 2165 2166 if (!blk_is_available(s->qdev.conf.blk)) { 2167 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM)); 2168 return 0; 2169 } 2170 2171 len = scsi_data_cdb_xfer(r->req.cmd.buf); 2172 switch (command) { 2173 case READ_6: 2174 case READ_10: 2175 case READ_12: 2176 case READ_16: 2177 DPRINTF("Read (sector %" PRId64 ", count %u)\n", r->req.cmd.lba, len); 2178 if (r->req.cmd.buf[1] & 0xe0) { 2179 goto illegal_request; 2180 } 2181 if (!check_lba_range(s, r->req.cmd.lba, len)) { 2182 goto illegal_lba; 2183 } 2184 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512); 2185 r->sector_count = len * (s->qdev.blocksize / 512); 2186 break; 2187 case WRITE_6: 2188 case WRITE_10: 2189 case WRITE_12: 2190 case WRITE_16: 2191 case WRITE_VERIFY_10: 2192 case WRITE_VERIFY_12: 2193 case WRITE_VERIFY_16: 2194 if (blk_is_read_only(s->qdev.conf.blk)) { 2195 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED)); 2196 return 0; 2197 } 2198 DPRINTF("Write %s(sector %" PRId64 ", count %u)\n", 2199 (command & 0xe) == 0xe ? "And Verify " : "", 2200 r->req.cmd.lba, len); 2201 /* fall through */ 2202 case VERIFY_10: 2203 case VERIFY_12: 2204 case VERIFY_16: 2205 /* We get here only for BYTCHK == 0x01 and only for scsi-block. 2206 * As far as DMA is concerned, we can treat it the same as a write; 2207 * scsi_block_do_sgio will send VERIFY commands. 2208 */ 2209 if (r->req.cmd.buf[1] & 0xe0) { 2210 goto illegal_request; 2211 } 2212 if (!check_lba_range(s, r->req.cmd.lba, len)) { 2213 goto illegal_lba; 2214 } 2215 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512); 2216 r->sector_count = len * (s->qdev.blocksize / 512); 2217 break; 2218 default: 2219 abort(); 2220 illegal_request: 2221 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); 2222 return 0; 2223 illegal_lba: 2224 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE)); 2225 return 0; 2226 } 2227 r->need_fua_emulation = sdc->need_fua_emulation(&r->req.cmd); 2228 if (r->sector_count == 0) { 2229 scsi_req_complete(&r->req, GOOD); 2230 } 2231 assert(r->iov.iov_len == 0); 2232 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { 2233 return -r->sector_count * 512; 2234 } else { 2235 return r->sector_count * 512; 2236 } 2237 } 2238 2239 static void scsi_disk_reset(DeviceState *dev) 2240 { 2241 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev); 2242 uint64_t nb_sectors; 2243 2244 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET)); 2245 2246 blk_get_geometry(s->qdev.conf.blk, &nb_sectors); 2247 nb_sectors /= s->qdev.blocksize / 512; 2248 if (nb_sectors) { 2249 nb_sectors--; 2250 } 2251 s->qdev.max_lba = nb_sectors; 2252 /* reset tray statuses */ 2253 s->tray_locked = 0; 2254 s->tray_open = 0; 2255 } 2256 2257 static void scsi_disk_resize_cb(void *opaque) 2258 { 2259 SCSIDiskState *s = opaque; 2260 2261 /* SPC lists this sense code as available only for 2262 * direct-access devices. 2263 */ 2264 if (s->qdev.type == TYPE_DISK) { 2265 scsi_device_report_change(&s->qdev, SENSE_CODE(CAPACITY_CHANGED)); 2266 } 2267 } 2268 2269 static void scsi_cd_change_media_cb(void *opaque, bool load, Error **errp) 2270 { 2271 SCSIDiskState *s = opaque; 2272 2273 /* 2274 * When a CD gets changed, we have to report an ejected state and 2275 * then a loaded state to guests so that they detect tray 2276 * open/close and media change events. Guests that do not use 2277 * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close 2278 * states rely on this behavior. 2279 * 2280 * media_changed governs the state machine used for unit attention 2281 * report. media_event is used by GET EVENT STATUS NOTIFICATION. 2282 */ 2283 s->media_changed = load; 2284 s->tray_open = !load; 2285 scsi_device_set_ua(&s->qdev, SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM)); 2286 s->media_event = true; 2287 s->eject_request = false; 2288 } 2289 2290 static void scsi_cd_eject_request_cb(void *opaque, bool force) 2291 { 2292 SCSIDiskState *s = opaque; 2293 2294 s->eject_request = true; 2295 if (force) { 2296 s->tray_locked = false; 2297 } 2298 } 2299 2300 static bool scsi_cd_is_tray_open(void *opaque) 2301 { 2302 return ((SCSIDiskState *)opaque)->tray_open; 2303 } 2304 2305 static bool scsi_cd_is_medium_locked(void *opaque) 2306 { 2307 return ((SCSIDiskState *)opaque)->tray_locked; 2308 } 2309 2310 static const BlockDevOps scsi_disk_removable_block_ops = { 2311 .change_media_cb = scsi_cd_change_media_cb, 2312 .eject_request_cb = scsi_cd_eject_request_cb, 2313 .is_tray_open = scsi_cd_is_tray_open, 2314 .is_medium_locked = scsi_cd_is_medium_locked, 2315 2316 .resize_cb = scsi_disk_resize_cb, 2317 }; 2318 2319 static const BlockDevOps scsi_disk_block_ops = { 2320 .resize_cb = scsi_disk_resize_cb, 2321 }; 2322 2323 static void scsi_disk_unit_attention_reported(SCSIDevice *dev) 2324 { 2325 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); 2326 if (s->media_changed) { 2327 s->media_changed = false; 2328 scsi_device_set_ua(&s->qdev, SENSE_CODE(MEDIUM_CHANGED)); 2329 } 2330 } 2331 2332 static void scsi_realize(SCSIDevice *dev, Error **errp) 2333 { 2334 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); 2335 Error *err = NULL; 2336 2337 if (!s->qdev.conf.blk) { 2338 error_setg(errp, "drive property not set"); 2339 return; 2340 } 2341 2342 if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) && 2343 !blk_is_inserted(s->qdev.conf.blk)) { 2344 error_setg(errp, "Device needs media, but drive is empty"); 2345 return; 2346 } 2347 2348 blkconf_serial(&s->qdev.conf, &s->serial); 2349 blkconf_blocksizes(&s->qdev.conf); 2350 2351 if (s->qdev.conf.logical_block_size > 2352 s->qdev.conf.physical_block_size) { 2353 error_setg(errp, 2354 "logical_block_size > physical_block_size not supported"); 2355 return; 2356 } 2357 2358 if (dev->type == TYPE_DISK) { 2359 blkconf_geometry(&dev->conf, NULL, 65535, 255, 255, &err); 2360 if (err) { 2361 error_propagate(errp, err); 2362 return; 2363 } 2364 } 2365 blkconf_apply_backend_options(&dev->conf, 2366 blk_is_read_only(s->qdev.conf.blk), 2367 dev->type == TYPE_DISK, &err); 2368 if (err) { 2369 error_propagate(errp, err); 2370 return; 2371 } 2372 2373 if (s->qdev.conf.discard_granularity == -1) { 2374 s->qdev.conf.discard_granularity = 2375 MAX(s->qdev.conf.logical_block_size, DEFAULT_DISCARD_GRANULARITY); 2376 } 2377 2378 if (!s->version) { 2379 s->version = g_strdup(qemu_hw_version()); 2380 } 2381 if (!s->vendor) { 2382 s->vendor = g_strdup("QEMU"); 2383 } 2384 2385 if (blk_is_sg(s->qdev.conf.blk)) { 2386 error_setg(errp, "unwanted /dev/sg*"); 2387 return; 2388 } 2389 2390 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) && 2391 !(s->features & (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS))) { 2392 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_removable_block_ops, s); 2393 } else { 2394 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_block_ops, s); 2395 } 2396 blk_set_guest_block_size(s->qdev.conf.blk, s->qdev.blocksize); 2397 2398 blk_iostatus_enable(s->qdev.conf.blk); 2399 } 2400 2401 static void scsi_hd_realize(SCSIDevice *dev, Error **errp) 2402 { 2403 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); 2404 /* can happen for devices without drive. The error message for missing 2405 * backend will be issued in scsi_realize 2406 */ 2407 if (s->qdev.conf.blk) { 2408 blkconf_blocksizes(&s->qdev.conf); 2409 } 2410 s->qdev.blocksize = s->qdev.conf.logical_block_size; 2411 s->qdev.type = TYPE_DISK; 2412 if (!s->product) { 2413 s->product = g_strdup("QEMU HARDDISK"); 2414 } 2415 scsi_realize(&s->qdev, errp); 2416 } 2417 2418 static void scsi_cd_realize(SCSIDevice *dev, Error **errp) 2419 { 2420 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); 2421 int ret; 2422 2423 if (!dev->conf.blk) { 2424 /* Anonymous BlockBackend for an empty drive. As we put it into 2425 * dev->conf, qdev takes care of detaching on unplug. */ 2426 dev->conf.blk = blk_new(0, BLK_PERM_ALL); 2427 ret = blk_attach_dev(dev->conf.blk, &dev->qdev); 2428 assert(ret == 0); 2429 } 2430 2431 s->qdev.blocksize = 2048; 2432 s->qdev.type = TYPE_ROM; 2433 s->features |= 1 << SCSI_DISK_F_REMOVABLE; 2434 if (!s->product) { 2435 s->product = g_strdup("QEMU CD-ROM"); 2436 } 2437 scsi_realize(&s->qdev, errp); 2438 } 2439 2440 static void scsi_disk_realize(SCSIDevice *dev, Error **errp) 2441 { 2442 DriveInfo *dinfo; 2443 Error *local_err = NULL; 2444 2445 if (!dev->conf.blk) { 2446 scsi_realize(dev, &local_err); 2447 assert(local_err); 2448 error_propagate(errp, local_err); 2449 return; 2450 } 2451 2452 dinfo = blk_legacy_dinfo(dev->conf.blk); 2453 if (dinfo && dinfo->media_cd) { 2454 scsi_cd_realize(dev, errp); 2455 } else { 2456 scsi_hd_realize(dev, errp); 2457 } 2458 } 2459 2460 static const SCSIReqOps scsi_disk_emulate_reqops = { 2461 .size = sizeof(SCSIDiskReq), 2462 .free_req = scsi_free_request, 2463 .send_command = scsi_disk_emulate_command, 2464 .read_data = scsi_disk_emulate_read_data, 2465 .write_data = scsi_disk_emulate_write_data, 2466 .get_buf = scsi_get_buf, 2467 }; 2468 2469 static const SCSIReqOps scsi_disk_dma_reqops = { 2470 .size = sizeof(SCSIDiskReq), 2471 .free_req = scsi_free_request, 2472 .send_command = scsi_disk_dma_command, 2473 .read_data = scsi_read_data, 2474 .write_data = scsi_write_data, 2475 .get_buf = scsi_get_buf, 2476 .load_request = scsi_disk_load_request, 2477 .save_request = scsi_disk_save_request, 2478 }; 2479 2480 static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = { 2481 [TEST_UNIT_READY] = &scsi_disk_emulate_reqops, 2482 [INQUIRY] = &scsi_disk_emulate_reqops, 2483 [MODE_SENSE] = &scsi_disk_emulate_reqops, 2484 [MODE_SENSE_10] = &scsi_disk_emulate_reqops, 2485 [START_STOP] = &scsi_disk_emulate_reqops, 2486 [ALLOW_MEDIUM_REMOVAL] = &scsi_disk_emulate_reqops, 2487 [READ_CAPACITY_10] = &scsi_disk_emulate_reqops, 2488 [READ_TOC] = &scsi_disk_emulate_reqops, 2489 [READ_DVD_STRUCTURE] = &scsi_disk_emulate_reqops, 2490 [READ_DISC_INFORMATION] = &scsi_disk_emulate_reqops, 2491 [GET_CONFIGURATION] = &scsi_disk_emulate_reqops, 2492 [GET_EVENT_STATUS_NOTIFICATION] = &scsi_disk_emulate_reqops, 2493 [MECHANISM_STATUS] = &scsi_disk_emulate_reqops, 2494 [SERVICE_ACTION_IN_16] = &scsi_disk_emulate_reqops, 2495 [REQUEST_SENSE] = &scsi_disk_emulate_reqops, 2496 [SYNCHRONIZE_CACHE] = &scsi_disk_emulate_reqops, 2497 [SEEK_10] = &scsi_disk_emulate_reqops, 2498 [MODE_SELECT] = &scsi_disk_emulate_reqops, 2499 [MODE_SELECT_10] = &scsi_disk_emulate_reqops, 2500 [UNMAP] = &scsi_disk_emulate_reqops, 2501 [WRITE_SAME_10] = &scsi_disk_emulate_reqops, 2502 [WRITE_SAME_16] = &scsi_disk_emulate_reqops, 2503 [VERIFY_10] = &scsi_disk_emulate_reqops, 2504 [VERIFY_12] = &scsi_disk_emulate_reqops, 2505 [VERIFY_16] = &scsi_disk_emulate_reqops, 2506 2507 [READ_6] = &scsi_disk_dma_reqops, 2508 [READ_10] = &scsi_disk_dma_reqops, 2509 [READ_12] = &scsi_disk_dma_reqops, 2510 [READ_16] = &scsi_disk_dma_reqops, 2511 [WRITE_6] = &scsi_disk_dma_reqops, 2512 [WRITE_10] = &scsi_disk_dma_reqops, 2513 [WRITE_12] = &scsi_disk_dma_reqops, 2514 [WRITE_16] = &scsi_disk_dma_reqops, 2515 [WRITE_VERIFY_10] = &scsi_disk_dma_reqops, 2516 [WRITE_VERIFY_12] = &scsi_disk_dma_reqops, 2517 [WRITE_VERIFY_16] = &scsi_disk_dma_reqops, 2518 }; 2519 2520 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun, 2521 uint8_t *buf, void *hba_private) 2522 { 2523 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d); 2524 SCSIRequest *req; 2525 const SCSIReqOps *ops; 2526 uint8_t command; 2527 2528 command = buf[0]; 2529 ops = scsi_disk_reqops_dispatch[command]; 2530 if (!ops) { 2531 ops = &scsi_disk_emulate_reqops; 2532 } 2533 req = scsi_req_alloc(ops, &s->qdev, tag, lun, hba_private); 2534 2535 #ifdef DEBUG_SCSI 2536 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]); 2537 { 2538 int i; 2539 for (i = 1; i < scsi_cdb_length(buf); i++) { 2540 printf(" 0x%02x", buf[i]); 2541 } 2542 printf("\n"); 2543 } 2544 #endif 2545 2546 return req; 2547 } 2548 2549 #ifdef __linux__ 2550 static int get_device_type(SCSIDiskState *s) 2551 { 2552 uint8_t cmd[16]; 2553 uint8_t buf[36]; 2554 uint8_t sensebuf[8]; 2555 sg_io_hdr_t io_header; 2556 int ret; 2557 2558 memset(cmd, 0, sizeof(cmd)); 2559 memset(buf, 0, sizeof(buf)); 2560 cmd[0] = INQUIRY; 2561 cmd[4] = sizeof(buf); 2562 2563 memset(&io_header, 0, sizeof(io_header)); 2564 io_header.interface_id = 'S'; 2565 io_header.dxfer_direction = SG_DXFER_FROM_DEV; 2566 io_header.dxfer_len = sizeof(buf); 2567 io_header.dxferp = buf; 2568 io_header.cmdp = cmd; 2569 io_header.cmd_len = sizeof(cmd); 2570 io_header.mx_sb_len = sizeof(sensebuf); 2571 io_header.sbp = sensebuf; 2572 io_header.timeout = 6000; /* XXX */ 2573 2574 ret = blk_ioctl(s->qdev.conf.blk, SG_IO, &io_header); 2575 if (ret < 0 || io_header.driver_status || io_header.host_status) { 2576 return -1; 2577 } 2578 s->qdev.type = buf[0]; 2579 if (buf[1] & 0x80) { 2580 s->features |= 1 << SCSI_DISK_F_REMOVABLE; 2581 } 2582 return 0; 2583 } 2584 2585 static void scsi_block_realize(SCSIDevice *dev, Error **errp) 2586 { 2587 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); 2588 int sg_version; 2589 int rc; 2590 2591 if (!s->qdev.conf.blk) { 2592 error_setg(errp, "drive property not set"); 2593 return; 2594 } 2595 2596 /* check we are using a driver managing SG_IO (version 3 and after) */ 2597 rc = blk_ioctl(s->qdev.conf.blk, SG_GET_VERSION_NUM, &sg_version); 2598 if (rc < 0) { 2599 error_setg(errp, "cannot get SG_IO version number: %s. " 2600 "Is this a SCSI device?", 2601 strerror(-rc)); 2602 return; 2603 } 2604 if (sg_version < 30000) { 2605 error_setg(errp, "scsi generic interface too old"); 2606 return; 2607 } 2608 2609 /* get device type from INQUIRY data */ 2610 rc = get_device_type(s); 2611 if (rc < 0) { 2612 error_setg(errp, "INQUIRY failed"); 2613 return; 2614 } 2615 2616 /* Make a guess for the block size, we'll fix it when the guest sends. 2617 * READ CAPACITY. If they don't, they likely would assume these sizes 2618 * anyway. (TODO: check in /sys). 2619 */ 2620 if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) { 2621 s->qdev.blocksize = 2048; 2622 } else { 2623 s->qdev.blocksize = 512; 2624 } 2625 2626 /* Makes the scsi-block device not removable by using HMP and QMP eject 2627 * command. 2628 */ 2629 s->features |= (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS); 2630 2631 scsi_realize(&s->qdev, errp); 2632 scsi_generic_read_device_identification(&s->qdev); 2633 } 2634 2635 typedef struct SCSIBlockReq { 2636 SCSIDiskReq req; 2637 sg_io_hdr_t io_header; 2638 2639 /* Selected bytes of the original CDB, copied into our own CDB. */ 2640 uint8_t cmd, cdb1, group_number; 2641 2642 /* CDB passed to SG_IO. */ 2643 uint8_t cdb[16]; 2644 } SCSIBlockReq; 2645 2646 static BlockAIOCB *scsi_block_do_sgio(SCSIBlockReq *req, 2647 int64_t offset, QEMUIOVector *iov, 2648 int direction, 2649 BlockCompletionFunc *cb, void *opaque) 2650 { 2651 sg_io_hdr_t *io_header = &req->io_header; 2652 SCSIDiskReq *r = &req->req; 2653 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 2654 int nb_logical_blocks; 2655 uint64_t lba; 2656 BlockAIOCB *aiocb; 2657 2658 /* This is not supported yet. It can only happen if the guest does 2659 * reads and writes that are not aligned to one logical sectors 2660 * _and_ cover multiple MemoryRegions. 2661 */ 2662 assert(offset % s->qdev.blocksize == 0); 2663 assert(iov->size % s->qdev.blocksize == 0); 2664 2665 io_header->interface_id = 'S'; 2666 2667 /* The data transfer comes from the QEMUIOVector. */ 2668 io_header->dxfer_direction = direction; 2669 io_header->dxfer_len = iov->size; 2670 io_header->dxferp = (void *)iov->iov; 2671 io_header->iovec_count = iov->niov; 2672 assert(io_header->iovec_count == iov->niov); /* no overflow! */ 2673 2674 /* Build a new CDB with the LBA and length patched in, in case 2675 * DMA helpers split the transfer in multiple segments. Do not 2676 * build a CDB smaller than what the guest wanted, and only build 2677 * a larger one if strictly necessary. 2678 */ 2679 io_header->cmdp = req->cdb; 2680 lba = offset / s->qdev.blocksize; 2681 nb_logical_blocks = io_header->dxfer_len / s->qdev.blocksize; 2682 2683 if ((req->cmd >> 5) == 0 && lba <= 0x1ffff) { 2684 /* 6-byte CDB */ 2685 stl_be_p(&req->cdb[0], lba | (req->cmd << 24)); 2686 req->cdb[4] = nb_logical_blocks; 2687 req->cdb[5] = 0; 2688 io_header->cmd_len = 6; 2689 } else if ((req->cmd >> 5) <= 1 && lba <= 0xffffffffULL) { 2690 /* 10-byte CDB */ 2691 req->cdb[0] = (req->cmd & 0x1f) | 0x20; 2692 req->cdb[1] = req->cdb1; 2693 stl_be_p(&req->cdb[2], lba); 2694 req->cdb[6] = req->group_number; 2695 stw_be_p(&req->cdb[7], nb_logical_blocks); 2696 req->cdb[9] = 0; 2697 io_header->cmd_len = 10; 2698 } else if ((req->cmd >> 5) != 4 && lba <= 0xffffffffULL) { 2699 /* 12-byte CDB */ 2700 req->cdb[0] = (req->cmd & 0x1f) | 0xA0; 2701 req->cdb[1] = req->cdb1; 2702 stl_be_p(&req->cdb[2], lba); 2703 stl_be_p(&req->cdb[6], nb_logical_blocks); 2704 req->cdb[10] = req->group_number; 2705 req->cdb[11] = 0; 2706 io_header->cmd_len = 12; 2707 } else { 2708 /* 16-byte CDB */ 2709 req->cdb[0] = (req->cmd & 0x1f) | 0x80; 2710 req->cdb[1] = req->cdb1; 2711 stq_be_p(&req->cdb[2], lba); 2712 stl_be_p(&req->cdb[10], nb_logical_blocks); 2713 req->cdb[14] = req->group_number; 2714 req->cdb[15] = 0; 2715 io_header->cmd_len = 16; 2716 } 2717 2718 /* The rest is as in scsi-generic.c. */ 2719 io_header->mx_sb_len = sizeof(r->req.sense); 2720 io_header->sbp = r->req.sense; 2721 io_header->timeout = UINT_MAX; 2722 io_header->usr_ptr = r; 2723 io_header->flags |= SG_FLAG_DIRECT_IO; 2724 2725 aiocb = blk_aio_ioctl(s->qdev.conf.blk, SG_IO, io_header, cb, opaque); 2726 assert(aiocb != NULL); 2727 return aiocb; 2728 } 2729 2730 static bool scsi_block_no_fua(SCSICommand *cmd) 2731 { 2732 return false; 2733 } 2734 2735 static BlockAIOCB *scsi_block_dma_readv(int64_t offset, 2736 QEMUIOVector *iov, 2737 BlockCompletionFunc *cb, void *cb_opaque, 2738 void *opaque) 2739 { 2740 SCSIBlockReq *r = opaque; 2741 return scsi_block_do_sgio(r, offset, iov, 2742 SG_DXFER_FROM_DEV, cb, cb_opaque); 2743 } 2744 2745 static BlockAIOCB *scsi_block_dma_writev(int64_t offset, 2746 QEMUIOVector *iov, 2747 BlockCompletionFunc *cb, void *cb_opaque, 2748 void *opaque) 2749 { 2750 SCSIBlockReq *r = opaque; 2751 return scsi_block_do_sgio(r, offset, iov, 2752 SG_DXFER_TO_DEV, cb, cb_opaque); 2753 } 2754 2755 static bool scsi_block_is_passthrough(SCSIDiskState *s, uint8_t *buf) 2756 { 2757 switch (buf[0]) { 2758 case VERIFY_10: 2759 case VERIFY_12: 2760 case VERIFY_16: 2761 /* Check if BYTCHK == 0x01 (data-out buffer contains data 2762 * for the number of logical blocks specified in the length 2763 * field). For other modes, do not use scatter/gather operation. 2764 */ 2765 if ((buf[1] & 6) == 2) { 2766 return false; 2767 } 2768 break; 2769 2770 case READ_6: 2771 case READ_10: 2772 case READ_12: 2773 case READ_16: 2774 case WRITE_6: 2775 case WRITE_10: 2776 case WRITE_12: 2777 case WRITE_16: 2778 case WRITE_VERIFY_10: 2779 case WRITE_VERIFY_12: 2780 case WRITE_VERIFY_16: 2781 /* MMC writing cannot be done via DMA helpers, because it sometimes 2782 * involves writing beyond the maximum LBA or to negative LBA (lead-in). 2783 * We might use scsi_block_dma_reqops as long as no writing commands are 2784 * seen, but performance usually isn't paramount on optical media. So, 2785 * just make scsi-block operate the same as scsi-generic for them. 2786 */ 2787 if (s->qdev.type != TYPE_ROM) { 2788 return false; 2789 } 2790 break; 2791 2792 default: 2793 break; 2794 } 2795 2796 return true; 2797 } 2798 2799 2800 static int32_t scsi_block_dma_command(SCSIRequest *req, uint8_t *buf) 2801 { 2802 SCSIBlockReq *r = (SCSIBlockReq *)req; 2803 r->cmd = req->cmd.buf[0]; 2804 switch (r->cmd >> 5) { 2805 case 0: 2806 /* 6-byte CDB. */ 2807 r->cdb1 = r->group_number = 0; 2808 break; 2809 case 1: 2810 /* 10-byte CDB. */ 2811 r->cdb1 = req->cmd.buf[1]; 2812 r->group_number = req->cmd.buf[6]; 2813 break; 2814 case 4: 2815 /* 12-byte CDB. */ 2816 r->cdb1 = req->cmd.buf[1]; 2817 r->group_number = req->cmd.buf[10]; 2818 break; 2819 case 5: 2820 /* 16-byte CDB. */ 2821 r->cdb1 = req->cmd.buf[1]; 2822 r->group_number = req->cmd.buf[14]; 2823 break; 2824 default: 2825 abort(); 2826 } 2827 2828 if (r->cdb1 & 0xe0) { 2829 /* Protection information is not supported. */ 2830 scsi_check_condition(&r->req, SENSE_CODE(INVALID_FIELD)); 2831 return 0; 2832 } 2833 2834 r->req.status = &r->io_header.status; 2835 return scsi_disk_dma_command(req, buf); 2836 } 2837 2838 static const SCSIReqOps scsi_block_dma_reqops = { 2839 .size = sizeof(SCSIBlockReq), 2840 .free_req = scsi_free_request, 2841 .send_command = scsi_block_dma_command, 2842 .read_data = scsi_read_data, 2843 .write_data = scsi_write_data, 2844 .get_buf = scsi_get_buf, 2845 .load_request = scsi_disk_load_request, 2846 .save_request = scsi_disk_save_request, 2847 }; 2848 2849 static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag, 2850 uint32_t lun, uint8_t *buf, 2851 void *hba_private) 2852 { 2853 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d); 2854 2855 if (scsi_block_is_passthrough(s, buf)) { 2856 return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun, 2857 hba_private); 2858 } else { 2859 return scsi_req_alloc(&scsi_block_dma_reqops, &s->qdev, tag, lun, 2860 hba_private); 2861 } 2862 } 2863 2864 static int scsi_block_parse_cdb(SCSIDevice *d, SCSICommand *cmd, 2865 uint8_t *buf, void *hba_private) 2866 { 2867 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d); 2868 2869 if (scsi_block_is_passthrough(s, buf)) { 2870 return scsi_bus_parse_cdb(&s->qdev, cmd, buf, hba_private); 2871 } else { 2872 return scsi_req_parse_cdb(&s->qdev, cmd, buf); 2873 } 2874 } 2875 2876 #endif 2877 2878 static 2879 BlockAIOCB *scsi_dma_readv(int64_t offset, QEMUIOVector *iov, 2880 BlockCompletionFunc *cb, void *cb_opaque, 2881 void *opaque) 2882 { 2883 SCSIDiskReq *r = opaque; 2884 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 2885 return blk_aio_preadv(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque); 2886 } 2887 2888 static 2889 BlockAIOCB *scsi_dma_writev(int64_t offset, QEMUIOVector *iov, 2890 BlockCompletionFunc *cb, void *cb_opaque, 2891 void *opaque) 2892 { 2893 SCSIDiskReq *r = opaque; 2894 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); 2895 return blk_aio_pwritev(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque); 2896 } 2897 2898 static void scsi_disk_base_class_initfn(ObjectClass *klass, void *data) 2899 { 2900 DeviceClass *dc = DEVICE_CLASS(klass); 2901 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass); 2902 2903 dc->fw_name = "disk"; 2904 dc->reset = scsi_disk_reset; 2905 sdc->dma_readv = scsi_dma_readv; 2906 sdc->dma_writev = scsi_dma_writev; 2907 sdc->need_fua_emulation = scsi_is_cmd_fua; 2908 } 2909 2910 static const TypeInfo scsi_disk_base_info = { 2911 .name = TYPE_SCSI_DISK_BASE, 2912 .parent = TYPE_SCSI_DEVICE, 2913 .class_init = scsi_disk_base_class_initfn, 2914 .instance_size = sizeof(SCSIDiskState), 2915 .class_size = sizeof(SCSIDiskClass), 2916 .abstract = true, 2917 }; 2918 2919 #define DEFINE_SCSI_DISK_PROPERTIES() \ 2920 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \ 2921 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf), \ 2922 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \ 2923 DEFINE_PROP_STRING("serial", SCSIDiskState, serial), \ 2924 DEFINE_PROP_STRING("vendor", SCSIDiskState, vendor), \ 2925 DEFINE_PROP_STRING("product", SCSIDiskState, product) 2926 2927 static Property scsi_hd_properties[] = { 2928 DEFINE_SCSI_DISK_PROPERTIES(), 2929 DEFINE_PROP_BIT("removable", SCSIDiskState, features, 2930 SCSI_DISK_F_REMOVABLE, false), 2931 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features, 2932 SCSI_DISK_F_DPOFUA, false), 2933 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0), 2934 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0), 2935 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0), 2936 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size, 2937 DEFAULT_MAX_UNMAP_SIZE), 2938 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size, 2939 DEFAULT_MAX_IO_SIZE), 2940 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0), 2941 DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState, qdev.conf), 2942 DEFINE_PROP_END_OF_LIST(), 2943 }; 2944 2945 static const VMStateDescription vmstate_scsi_disk_state = { 2946 .name = "scsi-disk", 2947 .version_id = 1, 2948 .minimum_version_id = 1, 2949 .fields = (VMStateField[]) { 2950 VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState), 2951 VMSTATE_BOOL(media_changed, SCSIDiskState), 2952 VMSTATE_BOOL(media_event, SCSIDiskState), 2953 VMSTATE_BOOL(eject_request, SCSIDiskState), 2954 VMSTATE_BOOL(tray_open, SCSIDiskState), 2955 VMSTATE_BOOL(tray_locked, SCSIDiskState), 2956 VMSTATE_END_OF_LIST() 2957 } 2958 }; 2959 2960 static void scsi_hd_class_initfn(ObjectClass *klass, void *data) 2961 { 2962 DeviceClass *dc = DEVICE_CLASS(klass); 2963 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass); 2964 2965 sc->realize = scsi_hd_realize; 2966 sc->alloc_req = scsi_new_request; 2967 sc->unit_attention_reported = scsi_disk_unit_attention_reported; 2968 dc->desc = "virtual SCSI disk"; 2969 dc->props = scsi_hd_properties; 2970 dc->vmsd = &vmstate_scsi_disk_state; 2971 } 2972 2973 static const TypeInfo scsi_hd_info = { 2974 .name = "scsi-hd", 2975 .parent = TYPE_SCSI_DISK_BASE, 2976 .class_init = scsi_hd_class_initfn, 2977 }; 2978 2979 static Property scsi_cd_properties[] = { 2980 DEFINE_SCSI_DISK_PROPERTIES(), 2981 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0), 2982 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0), 2983 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0), 2984 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size, 2985 DEFAULT_MAX_IO_SIZE), 2986 DEFINE_PROP_END_OF_LIST(), 2987 }; 2988 2989 static void scsi_cd_class_initfn(ObjectClass *klass, void *data) 2990 { 2991 DeviceClass *dc = DEVICE_CLASS(klass); 2992 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass); 2993 2994 sc->realize = scsi_cd_realize; 2995 sc->alloc_req = scsi_new_request; 2996 sc->unit_attention_reported = scsi_disk_unit_attention_reported; 2997 dc->desc = "virtual SCSI CD-ROM"; 2998 dc->props = scsi_cd_properties; 2999 dc->vmsd = &vmstate_scsi_disk_state; 3000 } 3001 3002 static const TypeInfo scsi_cd_info = { 3003 .name = "scsi-cd", 3004 .parent = TYPE_SCSI_DISK_BASE, 3005 .class_init = scsi_cd_class_initfn, 3006 }; 3007 3008 #ifdef __linux__ 3009 static Property scsi_block_properties[] = { 3010 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf), \ 3011 DEFINE_PROP_DRIVE("drive", SCSIDiskState, qdev.conf.blk), 3012 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0), 3013 DEFINE_PROP_END_OF_LIST(), 3014 }; 3015 3016 static void scsi_block_class_initfn(ObjectClass *klass, void *data) 3017 { 3018 DeviceClass *dc = DEVICE_CLASS(klass); 3019 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass); 3020 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass); 3021 3022 sc->realize = scsi_block_realize; 3023 sc->alloc_req = scsi_block_new_request; 3024 sc->parse_cdb = scsi_block_parse_cdb; 3025 sdc->dma_readv = scsi_block_dma_readv; 3026 sdc->dma_writev = scsi_block_dma_writev; 3027 sdc->need_fua_emulation = scsi_block_no_fua; 3028 dc->desc = "SCSI block device passthrough"; 3029 dc->props = scsi_block_properties; 3030 dc->vmsd = &vmstate_scsi_disk_state; 3031 } 3032 3033 static const TypeInfo scsi_block_info = { 3034 .name = "scsi-block", 3035 .parent = TYPE_SCSI_DISK_BASE, 3036 .class_init = scsi_block_class_initfn, 3037 }; 3038 #endif 3039 3040 static Property scsi_disk_properties[] = { 3041 DEFINE_SCSI_DISK_PROPERTIES(), 3042 DEFINE_PROP_BIT("removable", SCSIDiskState, features, 3043 SCSI_DISK_F_REMOVABLE, false), 3044 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features, 3045 SCSI_DISK_F_DPOFUA, false), 3046 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0), 3047 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0), 3048 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0), 3049 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size, 3050 DEFAULT_MAX_UNMAP_SIZE), 3051 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size, 3052 DEFAULT_MAX_IO_SIZE), 3053 DEFINE_PROP_END_OF_LIST(), 3054 }; 3055 3056 static void scsi_disk_class_initfn(ObjectClass *klass, void *data) 3057 { 3058 DeviceClass *dc = DEVICE_CLASS(klass); 3059 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass); 3060 3061 sc->realize = scsi_disk_realize; 3062 sc->alloc_req = scsi_new_request; 3063 sc->unit_attention_reported = scsi_disk_unit_attention_reported; 3064 dc->fw_name = "disk"; 3065 dc->desc = "virtual SCSI disk or CD-ROM (legacy)"; 3066 dc->reset = scsi_disk_reset; 3067 dc->props = scsi_disk_properties; 3068 dc->vmsd = &vmstate_scsi_disk_state; 3069 } 3070 3071 static const TypeInfo scsi_disk_info = { 3072 .name = "scsi-disk", 3073 .parent = TYPE_SCSI_DISK_BASE, 3074 .class_init = scsi_disk_class_initfn, 3075 }; 3076 3077 static void scsi_disk_register_types(void) 3078 { 3079 type_register_static(&scsi_disk_base_info); 3080 type_register_static(&scsi_hd_info); 3081 type_register_static(&scsi_cd_info); 3082 #ifdef __linux__ 3083 type_register_static(&scsi_block_info); 3084 #endif 3085 type_register_static(&scsi_disk_info); 3086 } 3087 3088 type_init(scsi_disk_register_types) 3089