xref: /openbmc/qemu/hw/scsi/scsi-generic.c (revision 953ea14d)
1 /*
2  * Generic SCSI Device support
3  *
4  * Copyright (c) 2007 Bull S.A.S.
5  * Based on code by Paul Brook
6  * Based on code by Fabrice Bellard
7  *
8  * Written by Laurent Vivier <Laurent.Vivier@bull.net>
9  *
10  * This code is licensed under the LGPL.
11  *
12  */
13 
14 #include "qemu-common.h"
15 #include "qemu/error-report.h"
16 #include "hw/scsi/scsi.h"
17 #include "sysemu/block-backend.h"
18 #include "sysemu/blockdev.h"
19 
20 #ifdef __linux__
21 
22 //#define DEBUG_SCSI
23 
24 #ifdef DEBUG_SCSI
25 #define DPRINTF(fmt, ...) \
26 do { printf("scsi-generic: " fmt , ## __VA_ARGS__); } while (0)
27 #else
28 #define DPRINTF(fmt, ...) do {} while(0)
29 #endif
30 
31 #define BADF(fmt, ...) \
32 do { fprintf(stderr, "scsi-generic: " fmt , ## __VA_ARGS__); } while (0)
33 
34 #include <stdio.h>
35 #include <sys/types.h>
36 #include <sys/stat.h>
37 #include <unistd.h>
38 #include <scsi/sg.h>
39 #include "block/scsi.h"
40 
41 #define SG_ERR_DRIVER_TIMEOUT  0x06
42 #define SG_ERR_DRIVER_SENSE    0x08
43 
44 #define SG_ERR_DID_OK          0x00
45 #define SG_ERR_DID_NO_CONNECT  0x01
46 #define SG_ERR_DID_BUS_BUSY    0x02
47 #define SG_ERR_DID_TIME_OUT    0x03
48 
49 #ifndef MAX_UINT
50 #define MAX_UINT ((unsigned int)-1)
51 #endif
52 
53 typedef struct SCSIGenericReq {
54     SCSIRequest req;
55     uint8_t *buf;
56     int buflen;
57     int len;
58     sg_io_hdr_t io_header;
59 } SCSIGenericReq;
60 
61 static void scsi_generic_save_request(QEMUFile *f, SCSIRequest *req)
62 {
63     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
64 
65     qemu_put_sbe32s(f, &r->buflen);
66     if (r->buflen && r->req.cmd.mode == SCSI_XFER_TO_DEV) {
67         assert(!r->req.sg);
68         qemu_put_buffer(f, r->buf, r->req.cmd.xfer);
69     }
70 }
71 
72 static void scsi_generic_load_request(QEMUFile *f, SCSIRequest *req)
73 {
74     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
75 
76     qemu_get_sbe32s(f, &r->buflen);
77     if (r->buflen && r->req.cmd.mode == SCSI_XFER_TO_DEV) {
78         assert(!r->req.sg);
79         qemu_get_buffer(f, r->buf, r->req.cmd.xfer);
80     }
81 }
82 
83 static void scsi_free_request(SCSIRequest *req)
84 {
85     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
86 
87     g_free(r->buf);
88 }
89 
90 /* Helper function for command completion.  */
91 static void scsi_command_complete(void *opaque, int ret)
92 {
93     int status;
94     SCSIGenericReq *r = (SCSIGenericReq *)opaque;
95 
96     r->req.aiocb = NULL;
97     if (r->req.io_canceled) {
98         scsi_req_cancel_complete(&r->req);
99         goto done;
100     }
101     if (r->io_header.driver_status & SG_ERR_DRIVER_SENSE) {
102         r->req.sense_len = r->io_header.sb_len_wr;
103     }
104 
105     if (ret != 0) {
106         switch (ret) {
107         case -EDOM:
108             status = TASK_SET_FULL;
109             break;
110         case -ENOMEM:
111             status = CHECK_CONDITION;
112             scsi_req_build_sense(&r->req, SENSE_CODE(TARGET_FAILURE));
113             break;
114         default:
115             status = CHECK_CONDITION;
116             scsi_req_build_sense(&r->req, SENSE_CODE(IO_ERROR));
117             break;
118         }
119     } else {
120         if (r->io_header.host_status == SG_ERR_DID_NO_CONNECT ||
121             r->io_header.host_status == SG_ERR_DID_BUS_BUSY ||
122             r->io_header.host_status == SG_ERR_DID_TIME_OUT ||
123             (r->io_header.driver_status & SG_ERR_DRIVER_TIMEOUT)) {
124             status = BUSY;
125             BADF("Driver Timeout\n");
126         } else if (r->io_header.host_status) {
127             status = CHECK_CONDITION;
128             scsi_req_build_sense(&r->req, SENSE_CODE(I_T_NEXUS_LOSS));
129         } else if (r->io_header.status) {
130             status = r->io_header.status;
131         } else if (r->io_header.driver_status & SG_ERR_DRIVER_SENSE) {
132             status = CHECK_CONDITION;
133         } else {
134             status = GOOD;
135         }
136     }
137     DPRINTF("Command complete 0x%p tag=0x%x status=%d\n",
138             r, r->req.tag, status);
139 
140     scsi_req_complete(&r->req, status);
141 done:
142     scsi_req_unref(&r->req);
143 }
144 
145 static int execute_command(BlockBackend *blk,
146                            SCSIGenericReq *r, int direction,
147                            BlockCompletionFunc *complete)
148 {
149     r->io_header.interface_id = 'S';
150     r->io_header.dxfer_direction = direction;
151     r->io_header.dxferp = r->buf;
152     r->io_header.dxfer_len = r->buflen;
153     r->io_header.cmdp = r->req.cmd.buf;
154     r->io_header.cmd_len = r->req.cmd.len;
155     r->io_header.mx_sb_len = sizeof(r->req.sense);
156     r->io_header.sbp = r->req.sense;
157     r->io_header.timeout = MAX_UINT;
158     r->io_header.usr_ptr = r;
159     r->io_header.flags |= SG_FLAG_DIRECT_IO;
160 
161     r->req.aiocb = blk_aio_ioctl(blk, SG_IO, &r->io_header, complete, r);
162     if (r->req.aiocb == NULL) {
163         return -EIO;
164     }
165 
166     return 0;
167 }
168 
169 static void scsi_read_complete(void * opaque, int ret)
170 {
171     SCSIGenericReq *r = (SCSIGenericReq *)opaque;
172     SCSIDevice *s = r->req.dev;
173     int len;
174 
175     r->req.aiocb = NULL;
176     if (ret || r->req.io_canceled) {
177         scsi_command_complete(r, ret);
178         return;
179     }
180     len = r->io_header.dxfer_len - r->io_header.resid;
181     DPRINTF("Data ready tag=0x%x len=%d\n", r->req.tag, len);
182 
183     r->len = -1;
184     if (len == 0) {
185         scsi_command_complete(r, 0);
186     } else {
187         /* Snoop READ CAPACITY output to set the blocksize.  */
188         if (r->req.cmd.buf[0] == READ_CAPACITY_10 &&
189             (ldl_be_p(&r->buf[0]) != 0xffffffffU || s->max_lba == 0)) {
190             s->blocksize = ldl_be_p(&r->buf[4]);
191             s->max_lba = ldl_be_p(&r->buf[0]) & 0xffffffffULL;
192         } else if (r->req.cmd.buf[0] == SERVICE_ACTION_IN_16 &&
193                    (r->req.cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
194             s->blocksize = ldl_be_p(&r->buf[8]);
195             s->max_lba = ldq_be_p(&r->buf[0]);
196         }
197         blk_set_guest_block_size(s->conf.blk, s->blocksize);
198 
199         scsi_req_data(&r->req, len);
200         scsi_req_unref(&r->req);
201     }
202 }
203 
204 /* Read more data from scsi device into buffer.  */
205 static void scsi_read_data(SCSIRequest *req)
206 {
207     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
208     SCSIDevice *s = r->req.dev;
209     int ret;
210 
211     DPRINTF("scsi_read_data 0x%x\n", req->tag);
212 
213     /* The request is used as the AIO opaque value, so add a ref.  */
214     scsi_req_ref(&r->req);
215     if (r->len == -1) {
216         scsi_command_complete(r, 0);
217         return;
218     }
219 
220     ret = execute_command(s->conf.blk, r, SG_DXFER_FROM_DEV,
221                           scsi_read_complete);
222     if (ret < 0) {
223         scsi_command_complete(r, ret);
224     }
225 }
226 
227 static void scsi_write_complete(void * opaque, int ret)
228 {
229     SCSIGenericReq *r = (SCSIGenericReq *)opaque;
230     SCSIDevice *s = r->req.dev;
231 
232     DPRINTF("scsi_write_complete() ret = %d\n", ret);
233     r->req.aiocb = NULL;
234     if (ret || r->req.io_canceled) {
235         scsi_command_complete(r, ret);
236         return;
237     }
238 
239     if (r->req.cmd.buf[0] == MODE_SELECT && r->req.cmd.buf[4] == 12 &&
240         s->type == TYPE_TAPE) {
241         s->blocksize = (r->buf[9] << 16) | (r->buf[10] << 8) | r->buf[11];
242         DPRINTF("block size %d\n", s->blocksize);
243     }
244 
245     scsi_command_complete(r, ret);
246 }
247 
248 /* Write data to a scsi device.  Returns nonzero on failure.
249    The transfer may complete asynchronously.  */
250 static void scsi_write_data(SCSIRequest *req)
251 {
252     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
253     SCSIDevice *s = r->req.dev;
254     int ret;
255 
256     DPRINTF("scsi_write_data 0x%x\n", req->tag);
257     if (r->len == 0) {
258         r->len = r->buflen;
259         scsi_req_data(&r->req, r->len);
260         return;
261     }
262 
263     /* The request is used as the AIO opaque value, so add a ref.  */
264     scsi_req_ref(&r->req);
265     ret = execute_command(s->conf.blk, r, SG_DXFER_TO_DEV, scsi_write_complete);
266     if (ret < 0) {
267         scsi_command_complete(r, ret);
268     }
269 }
270 
271 /* Return a pointer to the data buffer.  */
272 static uint8_t *scsi_get_buf(SCSIRequest *req)
273 {
274     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
275 
276     return r->buf;
277 }
278 
279 /* Execute a scsi command.  Returns the length of the data expected by the
280    command.  This will be Positive for data transfers from the device
281    (eg. disk reads), negative for transfers to the device (eg. disk writes),
282    and zero if the command does not transfer any data.  */
283 
284 static int32_t scsi_send_command(SCSIRequest *req, uint8_t *cmd)
285 {
286     SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
287     SCSIDevice *s = r->req.dev;
288     int ret;
289 
290 #ifdef DEBUG_SCSI
291     {
292         int i;
293         for (i = 1; i < r->req.cmd.len; i++) {
294             printf(" 0x%02x", cmd[i]);
295         }
296         printf("\n");
297     }
298 #endif
299 
300     if (r->req.cmd.xfer == 0) {
301         if (r->buf != NULL)
302             g_free(r->buf);
303         r->buflen = 0;
304         r->buf = NULL;
305         /* The request is used as the AIO opaque value, so add a ref.  */
306         scsi_req_ref(&r->req);
307         ret = execute_command(s->conf.blk, r, SG_DXFER_NONE,
308                               scsi_command_complete);
309         if (ret < 0) {
310             scsi_command_complete(r, ret);
311             return 0;
312         }
313         return 0;
314     }
315 
316     if (r->buflen != r->req.cmd.xfer) {
317         if (r->buf != NULL)
318             g_free(r->buf);
319         r->buf = g_malloc(r->req.cmd.xfer);
320         r->buflen = r->req.cmd.xfer;
321     }
322 
323     memset(r->buf, 0, r->buflen);
324     r->len = r->req.cmd.xfer;
325     if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
326         r->len = 0;
327         return -r->req.cmd.xfer;
328     } else {
329         return r->req.cmd.xfer;
330     }
331 }
332 
333 static int get_stream_blocksize(BlockBackend *blk)
334 {
335     uint8_t cmd[6];
336     uint8_t buf[12];
337     uint8_t sensebuf[8];
338     sg_io_hdr_t io_header;
339     int ret;
340 
341     memset(cmd, 0, sizeof(cmd));
342     memset(buf, 0, sizeof(buf));
343     cmd[0] = MODE_SENSE;
344     cmd[4] = sizeof(buf);
345 
346     memset(&io_header, 0, sizeof(io_header));
347     io_header.interface_id = 'S';
348     io_header.dxfer_direction = SG_DXFER_FROM_DEV;
349     io_header.dxfer_len = sizeof(buf);
350     io_header.dxferp = buf;
351     io_header.cmdp = cmd;
352     io_header.cmd_len = sizeof(cmd);
353     io_header.mx_sb_len = sizeof(sensebuf);
354     io_header.sbp = sensebuf;
355     io_header.timeout = 6000; /* XXX */
356 
357     ret = blk_ioctl(blk, SG_IO, &io_header);
358     if (ret < 0 || io_header.driver_status || io_header.host_status) {
359         return -1;
360     }
361     return (buf[9] << 16) | (buf[10] << 8) | buf[11];
362 }
363 
364 static void scsi_generic_reset(DeviceState *dev)
365 {
366     SCSIDevice *s = SCSI_DEVICE(dev);
367 
368     scsi_device_purge_requests(s, SENSE_CODE(RESET));
369 }
370 
371 static void scsi_generic_realize(SCSIDevice *s, Error **errp)
372 {
373     int rc;
374     int sg_version;
375     struct sg_scsi_id scsiid;
376 
377     if (!s->conf.blk) {
378         error_setg(errp, "drive property not set");
379         return;
380     }
381 
382     if (blk_get_on_error(s->conf.blk, 0) != BLOCKDEV_ON_ERROR_ENOSPC) {
383         error_setg(errp, "Device doesn't support drive option werror");
384         return;
385     }
386     if (blk_get_on_error(s->conf.blk, 1) != BLOCKDEV_ON_ERROR_REPORT) {
387         error_setg(errp, "Device doesn't support drive option rerror");
388         return;
389     }
390 
391     /* check we are using a driver managing SG_IO (version 3 and after */
392     rc = blk_ioctl(s->conf.blk, SG_GET_VERSION_NUM, &sg_version);
393     if (rc < 0) {
394         error_setg(errp, "cannot get SG_IO version number: %s.  "
395                          "Is this a SCSI device?",
396                          strerror(-rc));
397         return;
398     }
399     if (sg_version < 30000) {
400         error_setg(errp, "scsi generic interface too old");
401         return;
402     }
403 
404     /* get LUN of the /dev/sg? */
405     if (blk_ioctl(s->conf.blk, SG_GET_SCSI_ID, &scsiid)) {
406         error_setg(errp, "SG_GET_SCSI_ID ioctl failed");
407         return;
408     }
409 
410     /* define device state */
411     s->type = scsiid.scsi_type;
412     DPRINTF("device type %d\n", s->type);
413 
414     switch (s->type) {
415     case TYPE_TAPE:
416         s->blocksize = get_stream_blocksize(s->conf.blk);
417         if (s->blocksize == -1) {
418             s->blocksize = 0;
419         }
420         break;
421 
422         /* Make a guess for block devices, we'll fix it when the guest sends.
423          * READ CAPACITY.  If they don't, they likely would assume these sizes
424          * anyway. (TODO: they could also send MODE SENSE).
425          */
426     case TYPE_ROM:
427     case TYPE_WORM:
428         s->blocksize = 2048;
429         break;
430     default:
431         s->blocksize = 512;
432         break;
433     }
434 
435     DPRINTF("block size %d\n", s->blocksize);
436 }
437 
438 const SCSIReqOps scsi_generic_req_ops = {
439     .size         = sizeof(SCSIGenericReq),
440     .free_req     = scsi_free_request,
441     .send_command = scsi_send_command,
442     .read_data    = scsi_read_data,
443     .write_data   = scsi_write_data,
444     .get_buf      = scsi_get_buf,
445     .load_request = scsi_generic_load_request,
446     .save_request = scsi_generic_save_request,
447 };
448 
449 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
450                                      uint8_t *buf, void *hba_private)
451 {
452     SCSIRequest *req;
453 
454     req = scsi_req_alloc(&scsi_generic_req_ops, d, tag, lun, hba_private);
455     return req;
456 }
457 
458 static Property scsi_generic_properties[] = {
459     DEFINE_PROP_DRIVE("drive", SCSIDevice, conf.blk),
460     DEFINE_PROP_END_OF_LIST(),
461 };
462 
463 static int scsi_generic_parse_cdb(SCSIDevice *dev, SCSICommand *cmd,
464                                   uint8_t *buf, void *hba_private)
465 {
466     return scsi_bus_parse_cdb(dev, cmd, buf, hba_private);
467 }
468 
469 static void scsi_generic_class_initfn(ObjectClass *klass, void *data)
470 {
471     DeviceClass *dc = DEVICE_CLASS(klass);
472     SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
473 
474     sc->realize      = scsi_generic_realize;
475     sc->alloc_req    = scsi_new_request;
476     sc->parse_cdb    = scsi_generic_parse_cdb;
477     dc->fw_name = "disk";
478     dc->desc = "pass through generic scsi device (/dev/sg*)";
479     dc->reset = scsi_generic_reset;
480     dc->props = scsi_generic_properties;
481     dc->vmsd  = &vmstate_scsi_device;
482 }
483 
484 static const TypeInfo scsi_generic_info = {
485     .name          = "scsi-generic",
486     .parent        = TYPE_SCSI_DEVICE,
487     .instance_size = sizeof(SCSIDevice),
488     .class_init    = scsi_generic_class_initfn,
489 };
490 
491 static void scsi_generic_register_types(void)
492 {
493     type_register_static(&scsi_generic_info);
494 }
495 
496 type_init(scsi_generic_register_types)
497 
498 #endif /* __linux__ */
499