xref: /openbmc/qemu/hw/scsi/scsi-generic.c (revision 91bfcdb0)
1 /*
2  * Generic SCSI Device support
3  *
4  * Copyright (c) 2007 Bull S.A.S.
5  * Based on code by Paul Brook
6  * Based on code by Fabrice Bellard
7  *
8  * Written by Laurent Vivier <Laurent.Vivier@bull.net>
9  *
10  * This code is licensed under the LGPL.
11  *
12  */
13 
14 #include "qemu-common.h"
15 #include "qemu/error-report.h"
16 #include "hw/scsi/scsi.h"
17 #include "sysemu/block-backend.h"
18 #include "sysemu/blockdev.h"
19 
20 #ifdef __linux__
21 
22 //#define DEBUG_SCSI
23 
24 #ifdef DEBUG_SCSI
25 #define DPRINTF(fmt, ...) \
26 do { printf("scsi-generic: " fmt , ## __VA_ARGS__); } while (0)
27 #else
28 #define DPRINTF(fmt, ...) do {} while(0)
29 #endif
30 
31 #define BADF(fmt, ...) \
32 do { fprintf(stderr, "scsi-generic: " fmt , ## __VA_ARGS__); } while (0)
33 
34 #include <stdio.h>
35 #include <sys/types.h>
36 #include <sys/stat.h>
37 #include <unistd.h>
38 #include <scsi/sg.h>
39 #include "block/scsi.h"
40 
41 #define SG_ERR_DRIVER_TIMEOUT  0x06
42 #define SG_ERR_DRIVER_SENSE    0x08
43 
44 #define SG_ERR_DID_OK          0x00
45 #define SG_ERR_DID_NO_CONNECT  0x01
46 #define SG_ERR_DID_BUS_BUSY    0x02
47 #define SG_ERR_DID_TIME_OUT    0x03
48 
49 #ifndef MAX_UINT
50 #define MAX_UINT ((unsigned int)-1)
51 #endif
52 
53 typedef struct SCSIGenericReq {
54     SCSIRequest req;
55     uint8_t *buf;
56     int buflen;
57     int len;
58     sg_io_hdr_t io_header;
59 } SCSIGenericReq;
60 
61 static void scsi_generic_save_request(QEMUFile *f, SCSIRequest *req)
62 {
63     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
64 
65     qemu_put_sbe32s(f, &r->buflen);
66     if (r->buflen && r->req.cmd.mode == SCSI_XFER_TO_DEV) {
67         assert(!r->req.sg);
68         qemu_put_buffer(f, r->buf, r->req.cmd.xfer);
69     }
70 }
71 
72 static void scsi_generic_load_request(QEMUFile *f, SCSIRequest *req)
73 {
74     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
75 
76     qemu_get_sbe32s(f, &r->buflen);
77     if (r->buflen && r->req.cmd.mode == SCSI_XFER_TO_DEV) {
78         assert(!r->req.sg);
79         qemu_get_buffer(f, r->buf, r->req.cmd.xfer);
80     }
81 }
82 
83 static void scsi_free_request(SCSIRequest *req)
84 {
85     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
86 
87     g_free(r->buf);
88 }
89 
90 /* Helper function for command completion.  */
91 static void scsi_command_complete_noio(SCSIGenericReq *r, int ret)
92 {
93     int status;
94 
95     assert(r->req.aiocb == NULL);
96 
97     if (r->req.io_canceled) {
98         scsi_req_cancel_complete(&r->req);
99         goto done;
100     }
101     if (r->io_header.driver_status & SG_ERR_DRIVER_SENSE) {
102         r->req.sense_len = r->io_header.sb_len_wr;
103     }
104 
105     if (ret != 0) {
106         switch (ret) {
107         case -EDOM:
108             status = TASK_SET_FULL;
109             break;
110         case -ENOMEM:
111             status = CHECK_CONDITION;
112             scsi_req_build_sense(&r->req, SENSE_CODE(TARGET_FAILURE));
113             break;
114         default:
115             status = CHECK_CONDITION;
116             scsi_req_build_sense(&r->req, SENSE_CODE(IO_ERROR));
117             break;
118         }
119     } else {
120         if (r->io_header.host_status == SG_ERR_DID_NO_CONNECT ||
121             r->io_header.host_status == SG_ERR_DID_BUS_BUSY ||
122             r->io_header.host_status == SG_ERR_DID_TIME_OUT ||
123             (r->io_header.driver_status & SG_ERR_DRIVER_TIMEOUT)) {
124             status = BUSY;
125             BADF("Driver Timeout\n");
126         } else if (r->io_header.host_status) {
127             status = CHECK_CONDITION;
128             scsi_req_build_sense(&r->req, SENSE_CODE(I_T_NEXUS_LOSS));
129         } else if (r->io_header.status) {
130             status = r->io_header.status;
131         } else if (r->io_header.driver_status & SG_ERR_DRIVER_SENSE) {
132             status = CHECK_CONDITION;
133         } else {
134             status = GOOD;
135         }
136     }
137     DPRINTF("Command complete 0x%p tag=0x%x status=%d\n",
138             r, r->req.tag, status);
139 
140     scsi_req_complete(&r->req, status);
141 done:
142     scsi_req_unref(&r->req);
143 }
144 
145 static void scsi_command_complete(void *opaque, int ret)
146 {
147     SCSIGenericReq *r = (SCSIGenericReq *)opaque;
148 
149     assert(r->req.aiocb != NULL);
150     r->req.aiocb = NULL;
151     scsi_command_complete_noio(r, ret);
152 }
153 
154 static int execute_command(BlockBackend *blk,
155                            SCSIGenericReq *r, int direction,
156                            BlockCompletionFunc *complete)
157 {
158     r->io_header.interface_id = 'S';
159     r->io_header.dxfer_direction = direction;
160     r->io_header.dxferp = r->buf;
161     r->io_header.dxfer_len = r->buflen;
162     r->io_header.cmdp = r->req.cmd.buf;
163     r->io_header.cmd_len = r->req.cmd.len;
164     r->io_header.mx_sb_len = sizeof(r->req.sense);
165     r->io_header.sbp = r->req.sense;
166     r->io_header.timeout = MAX_UINT;
167     r->io_header.usr_ptr = r;
168     r->io_header.flags |= SG_FLAG_DIRECT_IO;
169 
170     r->req.aiocb = blk_aio_ioctl(blk, SG_IO, &r->io_header, complete, r);
171     if (r->req.aiocb == NULL) {
172         return -EIO;
173     }
174 
175     return 0;
176 }
177 
178 static void scsi_read_complete(void * opaque, int ret)
179 {
180     SCSIGenericReq *r = (SCSIGenericReq *)opaque;
181     SCSIDevice *s = r->req.dev;
182     int len;
183 
184     assert(r->req.aiocb != NULL);
185     r->req.aiocb = NULL;
186 
187     if (ret || r->req.io_canceled) {
188         scsi_command_complete_noio(r, ret);
189         return;
190     }
191 
192     len = r->io_header.dxfer_len - r->io_header.resid;
193     DPRINTF("Data ready tag=0x%x len=%d\n", r->req.tag, len);
194 
195     r->len = -1;
196     if (len == 0) {
197         scsi_command_complete_noio(r, 0);
198         return;
199     }
200 
201     /* Snoop READ CAPACITY output to set the blocksize.  */
202     if (r->req.cmd.buf[0] == READ_CAPACITY_10 &&
203         (ldl_be_p(&r->buf[0]) != 0xffffffffU || s->max_lba == 0)) {
204         s->blocksize = ldl_be_p(&r->buf[4]);
205         s->max_lba = ldl_be_p(&r->buf[0]) & 0xffffffffULL;
206     } else if (r->req.cmd.buf[0] == SERVICE_ACTION_IN_16 &&
207                (r->req.cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
208         s->blocksize = ldl_be_p(&r->buf[8]);
209         s->max_lba = ldq_be_p(&r->buf[0]);
210     }
211     blk_set_guest_block_size(s->conf.blk, s->blocksize);
212 
213     /* Patch MODE SENSE device specific parameters if the BDS is opened
214      * readonly.
215      */
216     if ((s->type == TYPE_DISK || s->type == TYPE_TAPE) &&
217         blk_is_read_only(s->conf.blk) &&
218         (r->req.cmd.buf[0] == MODE_SENSE ||
219          r->req.cmd.buf[0] == MODE_SENSE_10) &&
220         (r->req.cmd.buf[1] & 0x8) == 0) {
221         if (r->req.cmd.buf[0] == MODE_SENSE) {
222             r->buf[2] |= 0x80;
223         } else  {
224             r->buf[3] |= 0x80;
225         }
226     }
227     scsi_req_data(&r->req, len);
228     scsi_req_unref(&r->req);
229 }
230 
231 /* Read more data from scsi device into buffer.  */
232 static void scsi_read_data(SCSIRequest *req)
233 {
234     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
235     SCSIDevice *s = r->req.dev;
236     int ret;
237 
238     DPRINTF("scsi_read_data 0x%x\n", req->tag);
239 
240     /* The request is used as the AIO opaque value, so add a ref.  */
241     scsi_req_ref(&r->req);
242     if (r->len == -1) {
243         scsi_command_complete_noio(r, 0);
244         return;
245     }
246 
247     ret = execute_command(s->conf.blk, r, SG_DXFER_FROM_DEV,
248                           scsi_read_complete);
249     if (ret < 0) {
250         scsi_command_complete_noio(r, ret);
251     }
252 }
253 
254 static void scsi_write_complete(void * opaque, int ret)
255 {
256     SCSIGenericReq *r = (SCSIGenericReq *)opaque;
257     SCSIDevice *s = r->req.dev;
258 
259     DPRINTF("scsi_write_complete() ret = %d\n", ret);
260 
261     assert(r->req.aiocb != NULL);
262     r->req.aiocb = NULL;
263 
264     if (ret || r->req.io_canceled) {
265         scsi_command_complete_noio(r, ret);
266         return;
267     }
268 
269     if (r->req.cmd.buf[0] == MODE_SELECT && r->req.cmd.buf[4] == 12 &&
270         s->type == TYPE_TAPE) {
271         s->blocksize = (r->buf[9] << 16) | (r->buf[10] << 8) | r->buf[11];
272         DPRINTF("block size %d\n", s->blocksize);
273     }
274 
275     scsi_command_complete_noio(r, ret);
276 }
277 
278 /* Write data to a scsi device.  Returns nonzero on failure.
279    The transfer may complete asynchronously.  */
280 static void scsi_write_data(SCSIRequest *req)
281 {
282     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
283     SCSIDevice *s = r->req.dev;
284     int ret;
285 
286     DPRINTF("scsi_write_data 0x%x\n", req->tag);
287     if (r->len == 0) {
288         r->len = r->buflen;
289         scsi_req_data(&r->req, r->len);
290         return;
291     }
292 
293     /* The request is used as the AIO opaque value, so add a ref.  */
294     scsi_req_ref(&r->req);
295     ret = execute_command(s->conf.blk, r, SG_DXFER_TO_DEV, scsi_write_complete);
296     if (ret < 0) {
297         scsi_command_complete_noio(r, ret);
298     }
299 }
300 
301 /* Return a pointer to the data buffer.  */
302 static uint8_t *scsi_get_buf(SCSIRequest *req)
303 {
304     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
305 
306     return r->buf;
307 }
308 
309 /* Execute a scsi command.  Returns the length of the data expected by the
310    command.  This will be Positive for data transfers from the device
311    (eg. disk reads), negative for transfers to the device (eg. disk writes),
312    and zero if the command does not transfer any data.  */
313 
314 static int32_t scsi_send_command(SCSIRequest *req, uint8_t *cmd)
315 {
316     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
317     SCSIDevice *s = r->req.dev;
318     int ret;
319 
320 #ifdef DEBUG_SCSI
321     {
322         int i;
323         for (i = 1; i < r->req.cmd.len; i++) {
324             printf(" 0x%02x", cmd[i]);
325         }
326         printf("\n");
327     }
328 #endif
329 
330     if (r->req.cmd.xfer == 0) {
331         g_free(r->buf);
332         r->buflen = 0;
333         r->buf = NULL;
334         /* The request is used as the AIO opaque value, so add a ref.  */
335         scsi_req_ref(&r->req);
336         ret = execute_command(s->conf.blk, r, SG_DXFER_NONE,
337                               scsi_command_complete);
338         if (ret < 0) {
339             scsi_command_complete_noio(r, ret);
340             return 0;
341         }
342         return 0;
343     }
344 
345     if (r->buflen != r->req.cmd.xfer) {
346         g_free(r->buf);
347         r->buf = g_malloc(r->req.cmd.xfer);
348         r->buflen = r->req.cmd.xfer;
349     }
350 
351     memset(r->buf, 0, r->buflen);
352     r->len = r->req.cmd.xfer;
353     if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
354         r->len = 0;
355         return -r->req.cmd.xfer;
356     } else {
357         return r->req.cmd.xfer;
358     }
359 }
360 
361 static int get_stream_blocksize(BlockBackend *blk)
362 {
363     uint8_t cmd[6];
364     uint8_t buf[12];
365     uint8_t sensebuf[8];
366     sg_io_hdr_t io_header;
367     int ret;
368 
369     memset(cmd, 0, sizeof(cmd));
370     memset(buf, 0, sizeof(buf));
371     cmd[0] = MODE_SENSE;
372     cmd[4] = sizeof(buf);
373 
374     memset(&io_header, 0, sizeof(io_header));
375     io_header.interface_id = 'S';
376     io_header.dxfer_direction = SG_DXFER_FROM_DEV;
377     io_header.dxfer_len = sizeof(buf);
378     io_header.dxferp = buf;
379     io_header.cmdp = cmd;
380     io_header.cmd_len = sizeof(cmd);
381     io_header.mx_sb_len = sizeof(sensebuf);
382     io_header.sbp = sensebuf;
383     io_header.timeout = 6000; /* XXX */
384 
385     ret = blk_ioctl(blk, SG_IO, &io_header);
386     if (ret < 0 || io_header.driver_status || io_header.host_status) {
387         return -1;
388     }
389     return (buf[9] << 16) | (buf[10] << 8) | buf[11];
390 }
391 
392 static void scsi_generic_reset(DeviceState *dev)
393 {
394     SCSIDevice *s = SCSI_DEVICE(dev);
395 
396     scsi_device_purge_requests(s, SENSE_CODE(RESET));
397 }
398 
399 static void scsi_generic_realize(SCSIDevice *s, Error **errp)
400 {
401     int rc;
402     int sg_version;
403     struct sg_scsi_id scsiid;
404 
405     if (!s->conf.blk) {
406         error_setg(errp, "drive property not set");
407         return;
408     }
409 
410     if (blk_get_on_error(s->conf.blk, 0) != BLOCKDEV_ON_ERROR_ENOSPC) {
411         error_setg(errp, "Device doesn't support drive option werror");
412         return;
413     }
414     if (blk_get_on_error(s->conf.blk, 1) != BLOCKDEV_ON_ERROR_REPORT) {
415         error_setg(errp, "Device doesn't support drive option rerror");
416         return;
417     }
418 
419     /* check we are using a driver managing SG_IO (version 3 and after */
420     rc = blk_ioctl(s->conf.blk, SG_GET_VERSION_NUM, &sg_version);
421     if (rc < 0) {
422         error_setg(errp, "cannot get SG_IO version number: %s.  "
423                          "Is this a SCSI device?",
424                          strerror(-rc));
425         return;
426     }
427     if (sg_version < 30000) {
428         error_setg(errp, "scsi generic interface too old");
429         return;
430     }
431 
432     /* get LUN of the /dev/sg? */
433     if (blk_ioctl(s->conf.blk, SG_GET_SCSI_ID, &scsiid)) {
434         error_setg(errp, "SG_GET_SCSI_ID ioctl failed");
435         return;
436     }
437 
438     /* define device state */
439     s->type = scsiid.scsi_type;
440     DPRINTF("device type %d\n", s->type);
441 
442     switch (s->type) {
443     case TYPE_TAPE:
444         s->blocksize = get_stream_blocksize(s->conf.blk);
445         if (s->blocksize == -1) {
446             s->blocksize = 0;
447         }
448         break;
449 
450         /* Make a guess for block devices, we'll fix it when the guest sends.
451          * READ CAPACITY.  If they don't, they likely would assume these sizes
452          * anyway. (TODO: they could also send MODE SENSE).
453          */
454     case TYPE_ROM:
455     case TYPE_WORM:
456         s->blocksize = 2048;
457         break;
458     default:
459         s->blocksize = 512;
460         break;
461     }
462 
463     DPRINTF("block size %d\n", s->blocksize);
464 }
465 
466 const SCSIReqOps scsi_generic_req_ops = {
467     .size         = sizeof(SCSIGenericReq),
468     .free_req     = scsi_free_request,
469     .send_command = scsi_send_command,
470     .read_data    = scsi_read_data,
471     .write_data   = scsi_write_data,
472     .get_buf      = scsi_get_buf,
473     .load_request = scsi_generic_load_request,
474     .save_request = scsi_generic_save_request,
475 };
476 
477 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
478                                      uint8_t *buf, void *hba_private)
479 {
480     SCSIRequest *req;
481 
482     req = scsi_req_alloc(&scsi_generic_req_ops, d, tag, lun, hba_private);
483     return req;
484 }
485 
486 static Property scsi_generic_properties[] = {
487     DEFINE_PROP_DRIVE("drive", SCSIDevice, conf.blk),
488     DEFINE_PROP_END_OF_LIST(),
489 };
490 
491 static int scsi_generic_parse_cdb(SCSIDevice *dev, SCSICommand *cmd,
492                                   uint8_t *buf, void *hba_private)
493 {
494     return scsi_bus_parse_cdb(dev, cmd, buf, hba_private);
495 }
496 
497 static void scsi_generic_class_initfn(ObjectClass *klass, void *data)
498 {
499     DeviceClass *dc = DEVICE_CLASS(klass);
500     SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
501 
502     sc->realize      = scsi_generic_realize;
503     sc->alloc_req    = scsi_new_request;
504     sc->parse_cdb    = scsi_generic_parse_cdb;
505     dc->fw_name = "disk";
506     dc->desc = "pass through generic scsi device (/dev/sg*)";
507     dc->reset = scsi_generic_reset;
508     dc->props = scsi_generic_properties;
509     dc->vmsd  = &vmstate_scsi_device;
510 }
511 
512 static const TypeInfo scsi_generic_info = {
513     .name          = "scsi-generic",
514     .parent        = TYPE_SCSI_DEVICE,
515     .instance_size = sizeof(SCSIDevice),
516     .class_init    = scsi_generic_class_initfn,
517 };
518 
519 static void scsi_generic_register_types(void)
520 {
521     type_register_static(&scsi_generic_info);
522 }
523 
524 type_init(scsi_generic_register_types)
525 
526 #endif /* __linux__ */
527