1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22#include "qemu/osdep.h"
23#include "qemu/units.h"
24#include "qapi/error.h"
25#include "qemu/error-report.h"
26#include "qemu/main-loop.h"
27#include "qemu/module.h"
28#include "hw/scsi/scsi.h"
29#include "migration/qemu-file-types.h"
30#include "migration/vmstate.h"
31#include "hw/scsi/emulation.h"
32#include "scsi/constants.h"
33#include "sysemu/block-backend.h"
34#include "sysemu/blockdev.h"
35#include "hw/block/block.h"
36#include "hw/qdev-properties.h"
37#include "sysemu/dma.h"
38#include "sysemu/sysemu.h"
39#include "qemu/cutils.h"
40#include "trace.h"
41
42#ifdef __linux
43#include <scsi/sg.h>
44#endif
45
46#define SCSI_WRITE_SAME_MAX (512 * KiB)
47#define SCSI_DMA_BUF_SIZE (128 * KiB)
48#define SCSI_MAX_INQUIRY_LEN 256
49#define SCSI_MAX_MODE_LEN 256
50
51#define DEFAULT_DISCARD_GRANULARITY (4 * KiB)
52#define DEFAULT_MAX_UNMAP_SIZE (1 * GiB)
53#define DEFAULT_MAX_IO_SIZE INT_MAX
54
55#define TYPE_SCSI_DISK_BASE "scsi-disk-base"
56
57#define SCSI_DISK_BASE(obj) \
58 OBJECT_CHECK(SCSIDiskState, (obj), TYPE_SCSI_DISK_BASE)
59#define SCSI_DISK_BASE_CLASS(klass) \
60 OBJECT_CLASS_CHECK(SCSIDiskClass, (klass), TYPE_SCSI_DISK_BASE)
61#define SCSI_DISK_BASE_GET_CLASS(obj) \
62 OBJECT_GET_CLASS(SCSIDiskClass, (obj), TYPE_SCSI_DISK_BASE)
63
64typedef struct SCSIDiskClass {
65 SCSIDeviceClass parent_class;
66 DMAIOFunc *dma_readv;
67 DMAIOFunc *dma_writev;
68 bool (*need_fua_emulation)(SCSICommand *cmd);
69 void (*update_sense)(SCSIRequest *r);
70} SCSIDiskClass;
71
72typedef struct SCSIDiskReq {
73 SCSIRequest req;
74
75 uint64_t sector;
76 uint32_t sector_count;
77 uint32_t buflen;
78 bool started;
79 bool need_fua_emulation;
80 struct iovec iov;
81 QEMUIOVector qiov;
82 BlockAcctCookie acct;
83 unsigned char *status;
84} SCSIDiskReq;
85
86#define SCSI_DISK_F_REMOVABLE 0
87#define SCSI_DISK_F_DPOFUA 1
88#define SCSI_DISK_F_NO_REMOVABLE_DEVOPS 2
89
90typedef struct SCSIDiskState
91{
92 SCSIDevice qdev;
93 uint32_t features;
94 bool media_changed;
95 bool media_event;
96 bool eject_request;
97 uint16_t port_index;
98 uint64_t max_unmap_size;
99 uint64_t max_io_size;
100 QEMUBH *bh;
101 char *version;
102 char *serial;
103 char *vendor;
104 char *product;
105 char *device_id;
106 bool tray_open;
107 bool tray_locked;
108
109
110
111
112
113
114
115 uint16_t rotation_rate;
116} SCSIDiskState;
117
118static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed);
119
120static void scsi_free_request(SCSIRequest *req)
121{
122 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
123
124 qemu_vfree(r->iov.iov_base);
125}
126
127
128static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
129{
130 trace_scsi_disk_check_condition(r->req.tag, sense.key, sense.asc,
131 sense.ascq);
132 scsi_req_build_sense(&r->req, sense);
133 scsi_req_complete(&r->req, CHECK_CONDITION);
134}
135
136static void scsi_init_iovec(SCSIDiskReq *r, size_t size)
137{
138 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
139
140 if (!r->iov.iov_base) {
141 r->buflen = size;
142 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
143 }
144 r->iov.iov_len = MIN(r->sector_count * 512, r->buflen);
145 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
146}
147
148static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req)
149{
150 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
151
152 qemu_put_be64s(f, &r->sector);
153 qemu_put_be32s(f, &r->sector_count);
154 qemu_put_be32s(f, &r->buflen);
155 if (r->buflen) {
156 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
157 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
158 } else if (!req->retry) {
159 uint32_t len = r->iov.iov_len;
160 qemu_put_be32s(f, &len);
161 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
162 }
163 }
164}
165
166static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req)
167{
168 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
169
170 qemu_get_be64s(f, &r->sector);
171 qemu_get_be32s(f, &r->sector_count);
172 qemu_get_be32s(f, &r->buflen);
173 if (r->buflen) {
174 scsi_init_iovec(r, r->buflen);
175 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
176 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
177 } else if (!r->req.retry) {
178 uint32_t len;
179 qemu_get_be32s(f, &len);
180 r->iov.iov_len = len;
181 assert(r->iov.iov_len <= r->buflen);
182 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
183 }
184 }
185
186 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
187}
188
189static bool scsi_disk_req_check_error(SCSIDiskReq *r, int ret, bool acct_failed)
190{
191 if (r->req.io_canceled) {
192 scsi_req_cancel_complete(&r->req);
193 return true;
194 }
195
196 if (ret < 0 || (r->status && *r->status)) {
197 return scsi_handle_rw_error(r, -ret, acct_failed);
198 }
199
200 return false;
201}
202
203static void scsi_aio_complete(void *opaque, int ret)
204{
205 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
206 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
207
208 assert(r->req.aiocb != NULL);
209 r->req.aiocb = NULL;
210 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
211 if (scsi_disk_req_check_error(r, ret, true)) {
212 goto done;
213 }
214
215 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
216 scsi_req_complete(&r->req, GOOD);
217
218done:
219 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
220 scsi_req_unref(&r->req);
221}
222
223static bool scsi_is_cmd_fua(SCSICommand *cmd)
224{
225 switch (cmd->buf[0]) {
226 case READ_10:
227 case READ_12:
228 case READ_16:
229 case WRITE_10:
230 case WRITE_12:
231 case WRITE_16:
232 return (cmd->buf[1] & 8) != 0;
233
234 case VERIFY_10:
235 case VERIFY_12:
236 case VERIFY_16:
237 case WRITE_VERIFY_10:
238 case WRITE_VERIFY_12:
239 case WRITE_VERIFY_16:
240 return true;
241
242 case READ_6:
243 case WRITE_6:
244 default:
245 return false;
246 }
247}
248
249static void scsi_write_do_fua(SCSIDiskReq *r)
250{
251 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
252
253 assert(r->req.aiocb == NULL);
254 assert(!r->req.io_canceled);
255
256 if (r->need_fua_emulation) {
257 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
258 BLOCK_ACCT_FLUSH);
259 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
260 return;
261 }
262
263 scsi_req_complete(&r->req, GOOD);
264 scsi_req_unref(&r->req);
265}
266
267static void scsi_dma_complete_noio(SCSIDiskReq *r, int ret)
268{
269 assert(r->req.aiocb == NULL);
270 if (scsi_disk_req_check_error(r, ret, false)) {
271 goto done;
272 }
273
274 r->sector += r->sector_count;
275 r->sector_count = 0;
276 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
277 scsi_write_do_fua(r);
278 return;
279 } else {
280 scsi_req_complete(&r->req, GOOD);
281 }
282
283done:
284 scsi_req_unref(&r->req);
285}
286
287static void scsi_dma_complete(void *opaque, int ret)
288{
289 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
290 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
291
292 assert(r->req.aiocb != NULL);
293 r->req.aiocb = NULL;
294
295 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
296 if (ret < 0) {
297 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
298 } else {
299 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
300 }
301 scsi_dma_complete_noio(r, ret);
302 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
303}
304
305static void scsi_read_complete_noio(SCSIDiskReq *r, int ret)
306{
307 uint32_t n;
308
309 assert(r->req.aiocb == NULL);
310 if (scsi_disk_req_check_error(r, ret, false)) {
311 goto done;
312 }
313
314 n = r->qiov.size / 512;
315 r->sector += n;
316 r->sector_count -= n;
317 scsi_req_data(&r->req, r->qiov.size);
318
319done:
320 scsi_req_unref(&r->req);
321}
322
323static void scsi_read_complete(void *opaque, int ret)
324{
325 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
326 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
327
328 assert(r->req.aiocb != NULL);
329 r->req.aiocb = NULL;
330
331 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
332 if (ret < 0) {
333 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
334 } else {
335 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
336 trace_scsi_disk_read_complete(r->req.tag, r->qiov.size);
337 }
338 scsi_read_complete_noio(r, ret);
339 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
340}
341
342
343static void scsi_do_read(SCSIDiskReq *r, int ret)
344{
345 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
346 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
347
348 assert (r->req.aiocb == NULL);
349 if (scsi_disk_req_check_error(r, ret, false)) {
350 goto done;
351 }
352
353
354 scsi_req_ref(&r->req);
355
356 if (r->req.sg) {
357 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_READ);
358 r->req.resid -= r->req.sg->size;
359 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
360 r->req.sg, r->sector << BDRV_SECTOR_BITS,
361 BDRV_SECTOR_SIZE,
362 sdc->dma_readv, r, scsi_dma_complete, r,
363 DMA_DIRECTION_FROM_DEVICE);
364 } else {
365 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
366 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
367 r->qiov.size, BLOCK_ACCT_READ);
368 r->req.aiocb = sdc->dma_readv(r->sector << BDRV_SECTOR_BITS, &r->qiov,
369 scsi_read_complete, r, r);
370 }
371
372done:
373 scsi_req_unref(&r->req);
374}
375
376static void scsi_do_read_cb(void *opaque, int ret)
377{
378 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
379 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
380
381 assert (r->req.aiocb != NULL);
382 r->req.aiocb = NULL;
383
384 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
385 if (ret < 0) {
386 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
387 } else {
388 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
389 }
390 scsi_do_read(opaque, ret);
391 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
392}
393
394
395static void scsi_read_data(SCSIRequest *req)
396{
397 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
398 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
399 bool first;
400
401 trace_scsi_disk_read_data_count(r->sector_count);
402 if (r->sector_count == 0) {
403
404 scsi_req_complete(&r->req, GOOD);
405 return;
406 }
407
408
409 assert(r->req.aiocb == NULL);
410
411
412 scsi_req_ref(&r->req);
413 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
414 trace_scsi_disk_read_data_invalid();
415 scsi_read_complete_noio(r, -EINVAL);
416 return;
417 }
418
419 if (!blk_is_available(req->dev->conf.blk)) {
420 scsi_read_complete_noio(r, -ENOMEDIUM);
421 return;
422 }
423
424 first = !r->started;
425 r->started = true;
426 if (first && r->need_fua_emulation) {
427 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
428 BLOCK_ACCT_FLUSH);
429 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_do_read_cb, r);
430 } else {
431 scsi_do_read(r, 0);
432 }
433}
434
435
436
437
438
439
440
441
442static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed)
443{
444 bool is_read = (r->req.cmd.mode == SCSI_XFER_FROM_DEV);
445 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
446 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
447 BlockErrorAction action = blk_get_error_action(s->qdev.conf.blk,
448 is_read, error);
449
450 if (action == BLOCK_ERROR_ACTION_REPORT) {
451 if (acct_failed) {
452 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
453 }
454 switch (error) {
455 case 0:
456
457
458
459
460 assert(r->status && *r->status);
461 if (scsi_sense_buf_is_guest_recoverable(r->req.sense, sizeof(r->req.sense))) {
462
463 sdc->update_sense(&r->req);
464 scsi_req_complete(&r->req, *r->status);
465 return true;
466 }
467 error = scsi_sense_buf_to_errno(r->req.sense, sizeof(r->req.sense));
468 break;
469 case ENOMEDIUM:
470 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
471 break;
472 case ENOMEM:
473 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
474 break;
475 case EINVAL:
476 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
477 break;
478 case ENOSPC:
479 scsi_check_condition(r, SENSE_CODE(SPACE_ALLOC_FAILED));
480 break;
481 default:
482 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
483 break;
484 }
485 }
486
487 blk_error_action(s->qdev.conf.blk, action, is_read, error);
488 if (action == BLOCK_ERROR_ACTION_IGNORE) {
489 scsi_req_complete(&r->req, 0);
490 return true;
491 }
492
493 if (action == BLOCK_ERROR_ACTION_STOP) {
494 scsi_req_retry(&r->req);
495 }
496 return true;
497}
498
499static void scsi_write_complete_noio(SCSIDiskReq *r, int ret)
500{
501 uint32_t n;
502
503 assert (r->req.aiocb == NULL);
504 if (scsi_disk_req_check_error(r, ret, false)) {
505 goto done;
506 }
507
508 n = r->qiov.size / 512;
509 r->sector += n;
510 r->sector_count -= n;
511 if (r->sector_count == 0) {
512 scsi_write_do_fua(r);
513 return;
514 } else {
515 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
516 trace_scsi_disk_write_complete_noio(r->req.tag, r->qiov.size);
517 scsi_req_data(&r->req, r->qiov.size);
518 }
519
520done:
521 scsi_req_unref(&r->req);
522}
523
524static void scsi_write_complete(void * opaque, int ret)
525{
526 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
527 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
528
529 assert (r->req.aiocb != NULL);
530 r->req.aiocb = NULL;
531
532 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
533 if (ret < 0) {
534 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
535 } else {
536 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
537 }
538 scsi_write_complete_noio(r, ret);
539 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
540}
541
542static void scsi_write_data(SCSIRequest *req)
543{
544 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
545 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
546 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
547
548
549 assert(r->req.aiocb == NULL);
550
551
552 scsi_req_ref(&r->req);
553 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
554 trace_scsi_disk_write_data_invalid();
555 scsi_write_complete_noio(r, -EINVAL);
556 return;
557 }
558
559 if (!r->req.sg && !r->qiov.size) {
560
561 r->started = true;
562 scsi_write_complete_noio(r, 0);
563 return;
564 }
565 if (!blk_is_available(req->dev->conf.blk)) {
566 scsi_write_complete_noio(r, -ENOMEDIUM);
567 return;
568 }
569
570 if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 ||
571 r->req.cmd.buf[0] == VERIFY_16) {
572 if (r->req.sg) {
573 scsi_dma_complete_noio(r, 0);
574 } else {
575 scsi_write_complete_noio(r, 0);
576 }
577 return;
578 }
579
580 if (r->req.sg) {
581 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_WRITE);
582 r->req.resid -= r->req.sg->size;
583 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
584 r->req.sg, r->sector << BDRV_SECTOR_BITS,
585 BDRV_SECTOR_SIZE,
586 sdc->dma_writev, r, scsi_dma_complete, r,
587 DMA_DIRECTION_TO_DEVICE);
588 } else {
589 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
590 r->qiov.size, BLOCK_ACCT_WRITE);
591 r->req.aiocb = sdc->dma_writev(r->sector << BDRV_SECTOR_BITS, &r->qiov,
592 scsi_write_complete, r, r);
593 }
594}
595
596
597static uint8_t *scsi_get_buf(SCSIRequest *req)
598{
599 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
600
601 return (uint8_t *)r->iov.iov_base;
602}
603
604static int scsi_disk_emulate_vpd_page(SCSIRequest *req, uint8_t *outbuf)
605{
606 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
607 uint8_t page_code = req->cmd.buf[2];
608 int start, buflen = 0;
609
610 outbuf[buflen++] = s->qdev.type & 0x1f;
611 outbuf[buflen++] = page_code;
612 outbuf[buflen++] = 0x00;
613 outbuf[buflen++] = 0x00;
614 start = buflen;
615
616 switch (page_code) {
617 case 0x00:
618 {
619 trace_scsi_disk_emulate_vpd_page_00(req->cmd.xfer);
620 outbuf[buflen++] = 0x00;
621 if (s->serial) {
622 outbuf[buflen++] = 0x80;
623 }
624 outbuf[buflen++] = 0x83;
625 if (s->qdev.type == TYPE_DISK) {
626 outbuf[buflen++] = 0xb0;
627 outbuf[buflen++] = 0xb1;
628 outbuf[buflen++] = 0xb2;
629 }
630 break;
631 }
632 case 0x80:
633 {
634 int l;
635
636 if (!s->serial) {
637 trace_scsi_disk_emulate_vpd_page_80_not_supported();
638 return -1;
639 }
640
641 l = strlen(s->serial);
642 if (l > 36) {
643 l = 36;
644 }
645
646 trace_scsi_disk_emulate_vpd_page_80(req->cmd.xfer);
647 memcpy(outbuf + buflen, s->serial, l);
648 buflen += l;
649 break;
650 }
651
652 case 0x83:
653 {
654 int id_len = s->device_id ? MIN(strlen(s->device_id), 255 - 8) : 0;
655
656 trace_scsi_disk_emulate_vpd_page_83(req->cmd.xfer);
657
658 if (id_len) {
659 outbuf[buflen++] = 0x2;
660 outbuf[buflen++] = 0;
661 outbuf[buflen++] = 0;
662 outbuf[buflen++] = id_len;
663 memcpy(outbuf + buflen, s->device_id, id_len);
664 buflen += id_len;
665 }
666
667 if (s->qdev.wwn) {
668 outbuf[buflen++] = 0x1;
669 outbuf[buflen++] = 0x3;
670 outbuf[buflen++] = 0;
671 outbuf[buflen++] = 8;
672 stq_be_p(&outbuf[buflen], s->qdev.wwn);
673 buflen += 8;
674 }
675
676 if (s->qdev.port_wwn) {
677 outbuf[buflen++] = 0x61;
678 outbuf[buflen++] = 0x93;
679 outbuf[buflen++] = 0;
680 outbuf[buflen++] = 8;
681 stq_be_p(&outbuf[buflen], s->qdev.port_wwn);
682 buflen += 8;
683 }
684
685 if (s->port_index) {
686 outbuf[buflen++] = 0x61;
687
688
689 outbuf[buflen++] = 0x94;
690
691 outbuf[buflen++] = 0;
692 outbuf[buflen++] = 4;
693 stw_be_p(&outbuf[buflen + 2], s->port_index);
694 buflen += 4;
695 }
696 break;
697 }
698 case 0xb0:
699 {
700 SCSIBlockLimits bl = {};
701
702 if (s->qdev.type == TYPE_ROM) {
703 trace_scsi_disk_emulate_vpd_page_b0_not_supported();
704 return -1;
705 }
706 bl.wsnz = 1;
707 bl.unmap_sectors =
708 s->qdev.conf.discard_granularity / s->qdev.blocksize;
709 bl.min_io_size =
710 s->qdev.conf.min_io_size / s->qdev.blocksize;
711 bl.opt_io_size =
712 s->qdev.conf.opt_io_size / s->qdev.blocksize;
713 bl.max_unmap_sectors =
714 s->max_unmap_size / s->qdev.blocksize;
715 bl.max_io_sectors =
716 s->max_io_size / s->qdev.blocksize;
717
718 bl.max_unmap_descr = 255;
719
720 if (s->qdev.type == TYPE_DISK) {
721 int max_transfer_blk = blk_get_max_transfer(s->qdev.conf.blk);
722 int max_io_sectors_blk =
723 max_transfer_blk / s->qdev.blocksize;
724
725 bl.max_io_sectors =
726 MIN_NON_ZERO(max_io_sectors_blk, bl.max_io_sectors);
727 }
728 buflen += scsi_emulate_block_limits(outbuf + buflen, &bl);
729 break;
730 }
731 case 0xb1:
732 {
733 buflen = 0x40;
734 outbuf[4] = (s->rotation_rate >> 8) & 0xff;
735 outbuf[5] = s->rotation_rate & 0xff;
736 outbuf[6] = 0;
737 outbuf[7] = 0;
738 outbuf[8] = 0;
739 break;
740 }
741 case 0xb2:
742 {
743 buflen = 8;
744 outbuf[4] = 0;
745 outbuf[5] = 0xe0;
746 outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1;
747 outbuf[7] = 0;
748 break;
749 }
750 default:
751 return -1;
752 }
753
754 assert(buflen - start <= 255);
755 outbuf[start - 1] = buflen - start;
756 return buflen;
757}
758
759static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
760{
761 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
762 int buflen = 0;
763
764 if (req->cmd.buf[1] & 0x1) {
765
766 return scsi_disk_emulate_vpd_page(req, outbuf);
767 }
768
769
770 if (req->cmd.buf[2] != 0) {
771 return -1;
772 }
773
774
775 buflen = req->cmd.xfer;
776 if (buflen > SCSI_MAX_INQUIRY_LEN) {
777 buflen = SCSI_MAX_INQUIRY_LEN;
778 }
779
780 outbuf[0] = s->qdev.type & 0x1f;
781 outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0;
782
783 strpadcpy((char *) &outbuf[16], 16, s->product, ' ');
784 strpadcpy((char *) &outbuf[8], 8, s->vendor, ' ');
785
786 memset(&outbuf[32], 0, 4);
787 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
788
789
790
791
792
793
794 outbuf[2] = s->qdev.default_scsi_version;
795 outbuf[3] = 2 | 0x10;
796
797 if (buflen > 36) {
798 outbuf[4] = buflen - 5;
799 } else {
800
801
802 outbuf[4] = 36 - 5;
803 }
804
805
806 outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0);
807 return buflen;
808}
809
810static inline bool media_is_dvd(SCSIDiskState *s)
811{
812 uint64_t nb_sectors;
813 if (s->qdev.type != TYPE_ROM) {
814 return false;
815 }
816 if (!blk_is_available(s->qdev.conf.blk)) {
817 return false;
818 }
819 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
820 return nb_sectors > CD_MAX_SECTORS;
821}
822
823static inline bool media_is_cd(SCSIDiskState *s)
824{
825 uint64_t nb_sectors;
826 if (s->qdev.type != TYPE_ROM) {
827 return false;
828 }
829 if (!blk_is_available(s->qdev.conf.blk)) {
830 return false;
831 }
832 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
833 return nb_sectors <= CD_MAX_SECTORS;
834}
835
836static int scsi_read_disc_information(SCSIDiskState *s, SCSIDiskReq *r,
837 uint8_t *outbuf)
838{
839 uint8_t type = r->req.cmd.buf[1] & 7;
840
841 if (s->qdev.type != TYPE_ROM) {
842 return -1;
843 }
844
845
846 if (type != 0) {
847 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
848 return -1;
849 }
850
851 memset(outbuf, 0, 34);
852 outbuf[1] = 32;
853 outbuf[2] = 0xe;
854 outbuf[3] = 1;
855 outbuf[4] = 1;
856 outbuf[5] = 1;
857 outbuf[6] = 1;
858 outbuf[7] = 0x20;
859 outbuf[8] = 0x00;
860
861
862
863
864
865
866 return 34;
867}
868
869static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r,
870 uint8_t *outbuf)
871{
872 static const int rds_caps_size[5] = {
873 [0] = 2048 + 4,
874 [1] = 4 + 4,
875 [3] = 188 + 4,
876 [4] = 2048 + 4,
877 };
878
879 uint8_t media = r->req.cmd.buf[1];
880 uint8_t layer = r->req.cmd.buf[6];
881 uint8_t format = r->req.cmd.buf[7];
882 int size = -1;
883
884 if (s->qdev.type != TYPE_ROM) {
885 return -1;
886 }
887 if (media != 0) {
888 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
889 return -1;
890 }
891
892 if (format != 0xff) {
893 if (!blk_is_available(s->qdev.conf.blk)) {
894 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
895 return -1;
896 }
897 if (media_is_cd(s)) {
898 scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT));
899 return -1;
900 }
901 if (format >= ARRAY_SIZE(rds_caps_size)) {
902 return -1;
903 }
904 size = rds_caps_size[format];
905 memset(outbuf, 0, size);
906 }
907
908 switch (format) {
909 case 0x00: {
910
911 uint64_t nb_sectors;
912 if (layer != 0) {
913 goto fail;
914 }
915 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
916
917 outbuf[4] = 1;
918 outbuf[5] = 0xf;
919 outbuf[6] = 1;
920 outbuf[7] = 0;
921
922 stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1);
923 stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1);
924 break;
925 }
926
927 case 0x01:
928 break;
929
930 case 0x03:
931 return -1;
932
933 case 0x04:
934 break;
935
936 case 0xff: {
937 int i;
938 size = 4;
939 for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) {
940 if (!rds_caps_size[i]) {
941 continue;
942 }
943 outbuf[size] = i;
944 outbuf[size + 1] = 0x40;
945 stw_be_p(&outbuf[size + 2], rds_caps_size[i]);
946 size += 4;
947 }
948 break;
949 }
950
951 default:
952 return -1;
953 }
954
955
956 stw_be_p(outbuf, size - 2);
957 return size;
958
959fail:
960 return -1;
961}
962
963static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf)
964{
965 uint8_t event_code, media_status;
966
967 media_status = 0;
968 if (s->tray_open) {
969 media_status = MS_TRAY_OPEN;
970 } else if (blk_is_inserted(s->qdev.conf.blk)) {
971 media_status = MS_MEDIA_PRESENT;
972 }
973
974
975 event_code = MEC_NO_CHANGE;
976 if (media_status != MS_TRAY_OPEN) {
977 if (s->media_event) {
978 event_code = MEC_NEW_MEDIA;
979 s->media_event = false;
980 } else if (s->eject_request) {
981 event_code = MEC_EJECT_REQUESTED;
982 s->eject_request = false;
983 }
984 }
985
986 outbuf[0] = event_code;
987 outbuf[1] = media_status;
988
989
990 outbuf[2] = 0;
991 outbuf[3] = 0;
992 return 4;
993}
994
995static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r,
996 uint8_t *outbuf)
997{
998 int size;
999 uint8_t *buf = r->req.cmd.buf;
1000 uint8_t notification_class_request = buf[4];
1001 if (s->qdev.type != TYPE_ROM) {
1002 return -1;
1003 }
1004 if ((buf[1] & 1) == 0) {
1005
1006 return -1;
1007 }
1008
1009 size = 4;
1010 outbuf[0] = outbuf[1] = 0;
1011 outbuf[3] = 1 << GESN_MEDIA;
1012 if (notification_class_request & (1 << GESN_MEDIA)) {
1013 outbuf[2] = GESN_MEDIA;
1014 size += scsi_event_status_media(s, &outbuf[size]);
1015 } else {
1016 outbuf[2] = 0x80;
1017 }
1018 stw_be_p(outbuf, size - 4);
1019 return size;
1020}
1021
1022static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf)
1023{
1024 int current;
1025
1026 if (s->qdev.type != TYPE_ROM) {
1027 return -1;
1028 }
1029
1030 if (media_is_dvd(s)) {
1031 current = MMC_PROFILE_DVD_ROM;
1032 } else if (media_is_cd(s)) {
1033 current = MMC_PROFILE_CD_ROM;
1034 } else {
1035 current = MMC_PROFILE_NONE;
1036 }
1037
1038 memset(outbuf, 0, 40);
1039 stl_be_p(&outbuf[0], 36);
1040 stw_be_p(&outbuf[6], current);
1041
1042 outbuf[10] = 0x03;
1043 outbuf[11] = 8;
1044 stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM);
1045 outbuf[14] = (current == MMC_PROFILE_DVD_ROM);
1046 stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM);
1047 outbuf[18] = (current == MMC_PROFILE_CD_ROM);
1048
1049 stw_be_p(&outbuf[20], 1);
1050 outbuf[22] = 0x08 | 0x03;
1051 outbuf[23] = 8;
1052 stl_be_p(&outbuf[24], 1);
1053 outbuf[28] = 1;
1054
1055 stw_be_p(&outbuf[32], 3);
1056 outbuf[34] = 0x08 | 0x03;
1057 outbuf[35] = 4;
1058 outbuf[36] = 0x39;
1059
1060
1061 return 40;
1062}
1063
1064static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf)
1065{
1066 if (s->qdev.type != TYPE_ROM) {
1067 return -1;
1068 }
1069 memset(outbuf, 0, 8);
1070 outbuf[5] = 1;
1071 return 8;
1072}
1073
1074static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
1075 int page_control)
1076{
1077 static const int mode_sense_valid[0x3f] = {
1078 [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK),
1079 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK),
1080 [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
1081 [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
1082 [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM),
1083 [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM),
1084 };
1085
1086 uint8_t *p = *p_outbuf + 2;
1087 int length;
1088
1089 if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) {
1090 return -1;
1091 }
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105 switch (page) {
1106 case MODE_PAGE_HD_GEOMETRY:
1107 length = 0x16;
1108 if (page_control == 1) {
1109 break;
1110 }
1111
1112 p[0] = (s->qdev.conf.cyls >> 16) & 0xff;
1113 p[1] = (s->qdev.conf.cyls >> 8) & 0xff;
1114 p[2] = s->qdev.conf.cyls & 0xff;
1115 p[3] = s->qdev.conf.heads & 0xff;
1116
1117 p[4] = (s->qdev.conf.cyls >> 16) & 0xff;
1118 p[5] = (s->qdev.conf.cyls >> 8) & 0xff;
1119 p[6] = s->qdev.conf.cyls & 0xff;
1120
1121 p[7] = (s->qdev.conf.cyls >> 16) & 0xff;
1122 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1123 p[9] = s->qdev.conf.cyls & 0xff;
1124
1125 p[10] = 0;
1126 p[11] = 200;
1127
1128 p[12] = 0xff;
1129 p[13] = 0xff;
1130 p[14] = 0xff;
1131
1132 p[18] = (5400 >> 8) & 0xff;
1133 p[19] = 5400 & 0xff;
1134 break;
1135
1136 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY:
1137 length = 0x1e;
1138 if (page_control == 1) {
1139 break;
1140 }
1141
1142 p[0] = 5000 >> 8;
1143 p[1] = 5000 & 0xff;
1144
1145 p[2] = s->qdev.conf.heads & 0xff;
1146 p[3] = s->qdev.conf.secs & 0xff;
1147 p[4] = s->qdev.blocksize >> 8;
1148 p[6] = (s->qdev.conf.cyls >> 8) & 0xff;
1149 p[7] = s->qdev.conf.cyls & 0xff;
1150
1151 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1152 p[9] = s->qdev.conf.cyls & 0xff;
1153
1154 p[10] = (s->qdev.conf.cyls >> 8) & 0xff;
1155 p[11] = s->qdev.conf.cyls & 0xff;
1156
1157 p[12] = 0;
1158 p[13] = 1;
1159
1160 p[14] = 1;
1161
1162 p[15] = 0;
1163 p[16] = 1;
1164
1165 p[17] = 1;
1166
1167 p[18] = 1;
1168
1169 p[26] = (5400 >> 8) & 0xff;
1170 p[27] = 5400 & 0xff;
1171 break;
1172
1173 case MODE_PAGE_CACHING:
1174 length = 0x12;
1175 if (page_control == 1 ||
1176 blk_enable_write_cache(s->qdev.conf.blk)) {
1177 p[0] = 4;
1178 }
1179 break;
1180
1181 case MODE_PAGE_R_W_ERROR:
1182 length = 10;
1183 if (page_control == 1) {
1184 break;
1185 }
1186 p[0] = 0x80;
1187 if (s->qdev.type == TYPE_ROM) {
1188 p[1] = 0x20;
1189 }
1190 break;
1191
1192 case MODE_PAGE_AUDIO_CTL:
1193 length = 14;
1194 break;
1195
1196 case MODE_PAGE_CAPABILITIES:
1197 length = 0x14;
1198 if (page_control == 1) {
1199 break;
1200 }
1201
1202 p[0] = 0x3b;
1203 p[1] = 0;
1204 p[2] = 0x7f;
1205
1206 p[3] = 0xff;
1207
1208
1209 p[4] = 0x2d | (s->tray_locked ? 2 : 0);
1210
1211 p[5] = 0;
1212
1213 p[6] = (50 * 176) >> 8;
1214 p[7] = (50 * 176) & 0xff;
1215 p[8] = 2 >> 8;
1216 p[9] = 2 & 0xff;
1217 p[10] = 2048 >> 8;
1218 p[11] = 2048 & 0xff;
1219 p[12] = (16 * 176) >> 8;
1220 p[13] = (16 * 176) & 0xff;
1221 p[16] = (16 * 176) >> 8;
1222 p[17] = (16 * 176) & 0xff;
1223 p[18] = (16 * 176) >> 8;
1224 p[19] = (16 * 176) & 0xff;
1225 break;
1226
1227 default:
1228 return -1;
1229 }
1230
1231 assert(length < 256);
1232 (*p_outbuf)[0] = page;
1233 (*p_outbuf)[1] = length;
1234 *p_outbuf += length + 2;
1235 return length + 2;
1236}
1237
1238static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
1239{
1240 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1241 uint64_t nb_sectors;
1242 bool dbd;
1243 int page, buflen, ret, page_control;
1244 uint8_t *p;
1245 uint8_t dev_specific_param;
1246
1247 dbd = (r->req.cmd.buf[1] & 0x8) != 0;
1248 page = r->req.cmd.buf[2] & 0x3f;
1249 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
1250
1251 trace_scsi_disk_emulate_mode_sense((r->req.cmd.buf[0] == MODE_SENSE) ? 6 :
1252 10, page, r->req.cmd.xfer, page_control);
1253 memset(outbuf, 0, r->req.cmd.xfer);
1254 p = outbuf;
1255
1256 if (s->qdev.type == TYPE_DISK) {
1257 dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0;
1258 if (blk_is_read_only(s->qdev.conf.blk)) {
1259 dev_specific_param |= 0x80;
1260 }
1261 } else {
1262
1263
1264 dev_specific_param = 0x00;
1265 dbd = true;
1266 }
1267
1268 if (r->req.cmd.buf[0] == MODE_SENSE) {
1269 p[1] = 0;
1270 p[2] = dev_specific_param;
1271 p[3] = 0;
1272 p += 4;
1273 } else {
1274 p[2] = 0;
1275 p[3] = dev_specific_param;
1276 p[6] = p[7] = 0;
1277 p += 8;
1278 }
1279
1280 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
1281 if (!dbd && nb_sectors) {
1282 if (r->req.cmd.buf[0] == MODE_SENSE) {
1283 outbuf[3] = 8;
1284 } else {
1285 outbuf[7] = 8;
1286 }
1287 nb_sectors /= (s->qdev.blocksize / 512);
1288 if (nb_sectors > 0xffffff) {
1289 nb_sectors = 0;
1290 }
1291 p[0] = 0;
1292 p[1] = (nb_sectors >> 16) & 0xff;
1293 p[2] = (nb_sectors >> 8) & 0xff;
1294 p[3] = nb_sectors & 0xff;
1295 p[4] = 0;
1296 p[5] = 0;
1297 p[6] = s->qdev.blocksize >> 8;
1298 p[7] = 0;
1299 p += 8;
1300 }
1301
1302 if (page_control == 3) {
1303
1304 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
1305 return -1;
1306 }
1307
1308 if (page == 0x3f) {
1309 for (page = 0; page <= 0x3e; page++) {
1310 mode_sense_page(s, page, &p, page_control);
1311 }
1312 } else {
1313 ret = mode_sense_page(s, page, &p, page_control);
1314 if (ret == -1) {
1315 return -1;
1316 }
1317 }
1318
1319 buflen = p - outbuf;
1320
1321
1322
1323
1324
1325 if (r->req.cmd.buf[0] == MODE_SENSE) {
1326 outbuf[0] = buflen - 1;
1327 } else {
1328 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
1329 outbuf[1] = (buflen - 2) & 0xff;
1330 }
1331 return buflen;
1332}
1333
1334static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
1335{
1336 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1337 int start_track, format, msf, toclen;
1338 uint64_t nb_sectors;
1339
1340 msf = req->cmd.buf[1] & 2;
1341 format = req->cmd.buf[2] & 0xf;
1342 start_track = req->cmd.buf[6];
1343 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
1344 trace_scsi_disk_emulate_read_toc(start_track, format, msf >> 1);
1345 nb_sectors /= s->qdev.blocksize / 512;
1346 switch (format) {
1347 case 0:
1348 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
1349 break;
1350 case 1:
1351
1352 toclen = 12;
1353 memset(outbuf, 0, 12);
1354 outbuf[1] = 0x0a;
1355 outbuf[2] = 0x01;
1356 outbuf[3] = 0x01;
1357 break;
1358 case 2:
1359 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
1360 break;
1361 default:
1362 return -1;
1363 }
1364 return toclen;
1365}
1366
1367static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
1368{
1369 SCSIRequest *req = &r->req;
1370 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1371 bool start = req->cmd.buf[4] & 1;
1372 bool loej = req->cmd.buf[4] & 2;
1373 int pwrcnd = req->cmd.buf[4] & 0xf0;
1374
1375 if (pwrcnd) {
1376
1377 return 0;
1378 }
1379
1380 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) && loej) {
1381 if (!start && !s->tray_open && s->tray_locked) {
1382 scsi_check_condition(r,
1383 blk_is_inserted(s->qdev.conf.blk)
1384 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
1385 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
1386 return -1;
1387 }
1388
1389 if (s->tray_open != !start) {
1390 blk_eject(s->qdev.conf.blk, !start);
1391 s->tray_open = !start;
1392 }
1393 }
1394 return 0;
1395}
1396
1397static void scsi_disk_emulate_read_data(SCSIRequest *req)
1398{
1399 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1400 int buflen = r->iov.iov_len;
1401
1402 if (buflen) {
1403 trace_scsi_disk_emulate_read_data(buflen);
1404 r->iov.iov_len = 0;
1405 r->started = true;
1406 scsi_req_data(&r->req, buflen);
1407 return;
1408 }
1409
1410
1411 scsi_req_complete(&r->req, GOOD);
1412}
1413
1414static int scsi_disk_check_mode_select(SCSIDiskState *s, int page,
1415 uint8_t *inbuf, int inlen)
1416{
1417 uint8_t mode_current[SCSI_MAX_MODE_LEN];
1418 uint8_t mode_changeable[SCSI_MAX_MODE_LEN];
1419 uint8_t *p;
1420 int len, expected_len, changeable_len, i;
1421
1422
1423
1424
1425 expected_len = inlen + 2;
1426 if (expected_len > SCSI_MAX_MODE_LEN) {
1427 return -1;
1428 }
1429
1430 p = mode_current;
1431 memset(mode_current, 0, inlen + 2);
1432 len = mode_sense_page(s, page, &p, 0);
1433 if (len < 0 || len != expected_len) {
1434 return -1;
1435 }
1436
1437 p = mode_changeable;
1438 memset(mode_changeable, 0, inlen + 2);
1439 changeable_len = mode_sense_page(s, page, &p, 1);
1440 assert(changeable_len == len);
1441
1442
1443
1444
1445 for (i = 2; i < len; i++) {
1446 if (((mode_current[i] ^ inbuf[i - 2]) & ~mode_changeable[i]) != 0) {
1447 return -1;
1448 }
1449 }
1450 return 0;
1451}
1452
1453static void scsi_disk_apply_mode_select(SCSIDiskState *s, int page, uint8_t *p)
1454{
1455 switch (page) {
1456 case MODE_PAGE_CACHING:
1457 blk_set_enable_write_cache(s->qdev.conf.blk, (p[0] & 4) != 0);
1458 break;
1459
1460 default:
1461 break;
1462 }
1463}
1464
1465static int mode_select_pages(SCSIDiskReq *r, uint8_t *p, int len, bool change)
1466{
1467 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1468
1469 while (len > 0) {
1470 int page, subpage, page_len;
1471
1472
1473 page = p[0] & 0x3f;
1474 if (p[0] & 0x40) {
1475 if (len < 4) {
1476 goto invalid_param_len;
1477 }
1478 subpage = p[1];
1479 page_len = lduw_be_p(&p[2]);
1480 p += 4;
1481 len -= 4;
1482 } else {
1483 if (len < 2) {
1484 goto invalid_param_len;
1485 }
1486 subpage = 0;
1487 page_len = p[1];
1488 p += 2;
1489 len -= 2;
1490 }
1491
1492 if (subpage) {
1493 goto invalid_param;
1494 }
1495 if (page_len > len) {
1496 goto invalid_param_len;
1497 }
1498
1499 if (!change) {
1500 if (scsi_disk_check_mode_select(s, page, p, page_len) < 0) {
1501 goto invalid_param;
1502 }
1503 } else {
1504 scsi_disk_apply_mode_select(s, page, p);
1505 }
1506
1507 p += page_len;
1508 len -= page_len;
1509 }
1510 return 0;
1511
1512invalid_param:
1513 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1514 return -1;
1515
1516invalid_param_len:
1517 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1518 return -1;
1519}
1520
1521static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf)
1522{
1523 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1524 uint8_t *p = inbuf;
1525 int cmd = r->req.cmd.buf[0];
1526 int len = r->req.cmd.xfer;
1527 int hdr_len = (cmd == MODE_SELECT ? 4 : 8);
1528 int bd_len;
1529 int pass;
1530
1531
1532 if ((r->req.cmd.buf[1] & 0x11) != 0x10) {
1533 goto invalid_field;
1534 }
1535
1536 if (len < hdr_len) {
1537 goto invalid_param_len;
1538 }
1539
1540 bd_len = (cmd == MODE_SELECT ? p[3] : lduw_be_p(&p[6]));
1541 len -= hdr_len;
1542 p += hdr_len;
1543 if (len < bd_len) {
1544 goto invalid_param_len;
1545 }
1546 if (bd_len != 0 && bd_len != 8) {
1547 goto invalid_param;
1548 }
1549
1550 len -= bd_len;
1551 p += bd_len;
1552
1553
1554 for (pass = 0; pass < 2; pass++) {
1555 if (mode_select_pages(r, p, len, pass == 1) < 0) {
1556 assert(pass == 0);
1557 return;
1558 }
1559 }
1560 if (!blk_enable_write_cache(s->qdev.conf.blk)) {
1561
1562 scsi_req_ref(&r->req);
1563 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
1564 BLOCK_ACCT_FLUSH);
1565 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
1566 return;
1567 }
1568
1569 scsi_req_complete(&r->req, GOOD);
1570 return;
1571
1572invalid_param:
1573 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1574 return;
1575
1576invalid_param_len:
1577 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1578 return;
1579
1580invalid_field:
1581 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1582}
1583
1584static inline bool check_lba_range(SCSIDiskState *s,
1585 uint64_t sector_num, uint32_t nb_sectors)
1586{
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596 return (sector_num <= sector_num + nb_sectors &&
1597 sector_num + nb_sectors <= s->qdev.max_lba + 1);
1598}
1599
1600typedef struct UnmapCBData {
1601 SCSIDiskReq *r;
1602 uint8_t *inbuf;
1603 int count;
1604} UnmapCBData;
1605
1606static void scsi_unmap_complete(void *opaque, int ret);
1607
1608static void scsi_unmap_complete_noio(UnmapCBData *data, int ret)
1609{
1610 SCSIDiskReq *r = data->r;
1611 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1612
1613 assert(r->req.aiocb == NULL);
1614
1615 if (data->count > 0) {
1616 r->sector = ldq_be_p(&data->inbuf[0])
1617 * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1618 r->sector_count = (ldl_be_p(&data->inbuf[8]) & 0xffffffffULL)
1619 * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1620 if (!check_lba_range(s, r->sector, r->sector_count)) {
1621 block_acct_invalid(blk_get_stats(s->qdev.conf.blk),
1622 BLOCK_ACCT_UNMAP);
1623 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1624 goto done;
1625 }
1626
1627 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1628 r->sector_count * BDRV_SECTOR_SIZE,
1629 BLOCK_ACCT_UNMAP);
1630
1631 r->req.aiocb = blk_aio_pdiscard(s->qdev.conf.blk,
1632 r->sector * BDRV_SECTOR_SIZE,
1633 r->sector_count * BDRV_SECTOR_SIZE,
1634 scsi_unmap_complete, data);
1635 data->count--;
1636 data->inbuf += 16;
1637 return;
1638 }
1639
1640 scsi_req_complete(&r->req, GOOD);
1641
1642done:
1643 scsi_req_unref(&r->req);
1644 g_free(data);
1645}
1646
1647static void scsi_unmap_complete(void *opaque, int ret)
1648{
1649 UnmapCBData *data = opaque;
1650 SCSIDiskReq *r = data->r;
1651 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1652
1653 assert(r->req.aiocb != NULL);
1654 r->req.aiocb = NULL;
1655
1656 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
1657 if (scsi_disk_req_check_error(r, ret, true)) {
1658 scsi_req_unref(&r->req);
1659 g_free(data);
1660 } else {
1661 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
1662 scsi_unmap_complete_noio(data, ret);
1663 }
1664 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
1665}
1666
1667static void scsi_disk_emulate_unmap(SCSIDiskReq *r, uint8_t *inbuf)
1668{
1669 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1670 uint8_t *p = inbuf;
1671 int len = r->req.cmd.xfer;
1672 UnmapCBData *data;
1673
1674
1675 if (r->req.cmd.buf[1] & 0x1) {
1676 goto invalid_field;
1677 }
1678
1679 if (len < 8) {
1680 goto invalid_param_len;
1681 }
1682 if (len < lduw_be_p(&p[0]) + 2) {
1683 goto invalid_param_len;
1684 }
1685 if (len < lduw_be_p(&p[2]) + 8) {
1686 goto invalid_param_len;
1687 }
1688 if (lduw_be_p(&p[2]) & 15) {
1689 goto invalid_param_len;
1690 }
1691
1692 if (blk_is_read_only(s->qdev.conf.blk)) {
1693 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
1694 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1695 return;
1696 }
1697
1698 data = g_new0(UnmapCBData, 1);
1699 data->r = r;
1700 data->inbuf = &p[8];
1701 data->count = lduw_be_p(&p[2]) >> 4;
1702
1703
1704 scsi_req_ref(&r->req);
1705 scsi_unmap_complete_noio(data, 0);
1706 return;
1707
1708invalid_param_len:
1709 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
1710 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1711 return;
1712
1713invalid_field:
1714 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
1715 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1716}
1717
1718typedef struct WriteSameCBData {
1719 SCSIDiskReq *r;
1720 int64_t sector;
1721 int nb_sectors;
1722 QEMUIOVector qiov;
1723 struct iovec iov;
1724} WriteSameCBData;
1725
1726static void scsi_write_same_complete(void *opaque, int ret)
1727{
1728 WriteSameCBData *data = opaque;
1729 SCSIDiskReq *r = data->r;
1730 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1731
1732 assert(r->req.aiocb != NULL);
1733 r->req.aiocb = NULL;
1734 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
1735 if (scsi_disk_req_check_error(r, ret, true)) {
1736 goto done;
1737 }
1738
1739 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
1740
1741 data->nb_sectors -= data->iov.iov_len / 512;
1742 data->sector += data->iov.iov_len / 512;
1743 data->iov.iov_len = MIN(data->nb_sectors * 512, data->iov.iov_len);
1744 if (data->iov.iov_len) {
1745 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1746 data->iov.iov_len, BLOCK_ACCT_WRITE);
1747
1748
1749 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
1750 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1751 data->sector << BDRV_SECTOR_BITS,
1752 &data->qiov, 0,
1753 scsi_write_same_complete, data);
1754 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
1755 return;
1756 }
1757
1758 scsi_req_complete(&r->req, GOOD);
1759
1760done:
1761 scsi_req_unref(&r->req);
1762 qemu_vfree(data->iov.iov_base);
1763 g_free(data);
1764 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
1765}
1766
1767static void scsi_disk_emulate_write_same(SCSIDiskReq *r, uint8_t *inbuf)
1768{
1769 SCSIRequest *req = &r->req;
1770 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1771 uint32_t nb_sectors = scsi_data_cdb_xfer(r->req.cmd.buf);
1772 WriteSameCBData *data;
1773 uint8_t *buf;
1774 int i;
1775
1776
1777 if (nb_sectors == 0 || (req->cmd.buf[1] & 0x16)) {
1778 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1779 return;
1780 }
1781
1782 if (blk_is_read_only(s->qdev.conf.blk)) {
1783 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1784 return;
1785 }
1786 if (!check_lba_range(s, r->req.cmd.lba, nb_sectors)) {
1787 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1788 return;
1789 }
1790
1791 if ((req->cmd.buf[1] & 0x1) || buffer_is_zero(inbuf, s->qdev.blocksize)) {
1792 int flags = (req->cmd.buf[1] & 0x8) ? BDRV_REQ_MAY_UNMAP : 0;
1793
1794
1795 scsi_req_ref(&r->req);
1796 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1797 nb_sectors * s->qdev.blocksize,
1798 BLOCK_ACCT_WRITE);
1799 r->req.aiocb = blk_aio_pwrite_zeroes(s->qdev.conf.blk,
1800 r->req.cmd.lba * s->qdev.blocksize,
1801 nb_sectors * s->qdev.blocksize,
1802 flags, scsi_aio_complete, r);
1803 return;
1804 }
1805
1806 data = g_new0(WriteSameCBData, 1);
1807 data->r = r;
1808 data->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
1809 data->nb_sectors = nb_sectors * (s->qdev.blocksize / 512);
1810 data->iov.iov_len = MIN(data->nb_sectors * 512, SCSI_WRITE_SAME_MAX);
1811 data->iov.iov_base = buf = blk_blockalign(s->qdev.conf.blk,
1812 data->iov.iov_len);
1813 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
1814
1815 for (i = 0; i < data->iov.iov_len; i += s->qdev.blocksize) {
1816 memcpy(&buf[i], inbuf, s->qdev.blocksize);
1817 }
1818
1819 scsi_req_ref(&r->req);
1820 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1821 data->iov.iov_len, BLOCK_ACCT_WRITE);
1822 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1823 data->sector << BDRV_SECTOR_BITS,
1824 &data->qiov, 0,
1825 scsi_write_same_complete, data);
1826}
1827
1828static void scsi_disk_emulate_write_data(SCSIRequest *req)
1829{
1830 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1831
1832 if (r->iov.iov_len) {
1833 int buflen = r->iov.iov_len;
1834 trace_scsi_disk_emulate_write_data(buflen);
1835 r->iov.iov_len = 0;
1836 scsi_req_data(&r->req, buflen);
1837 return;
1838 }
1839
1840 switch (req->cmd.buf[0]) {
1841 case MODE_SELECT:
1842 case MODE_SELECT_10:
1843
1844 scsi_disk_emulate_mode_select(r, r->iov.iov_base);
1845 break;
1846
1847 case UNMAP:
1848 scsi_disk_emulate_unmap(r, r->iov.iov_base);
1849 break;
1850
1851 case VERIFY_10:
1852 case VERIFY_12:
1853 case VERIFY_16:
1854 if (r->req.status == -1) {
1855 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1856 }
1857 break;
1858
1859 case WRITE_SAME_10:
1860 case WRITE_SAME_16:
1861 scsi_disk_emulate_write_same(r, r->iov.iov_base);
1862 break;
1863
1864 default:
1865 abort();
1866 }
1867}
1868
1869static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
1870{
1871 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1872 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1873 uint64_t nb_sectors;
1874 uint8_t *outbuf;
1875 int buflen;
1876
1877 switch (req->cmd.buf[0]) {
1878 case INQUIRY:
1879 case MODE_SENSE:
1880 case MODE_SENSE_10:
1881 case RESERVE:
1882 case RESERVE_10:
1883 case RELEASE:
1884 case RELEASE_10:
1885 case START_STOP:
1886 case ALLOW_MEDIUM_REMOVAL:
1887 case GET_CONFIGURATION:
1888 case GET_EVENT_STATUS_NOTIFICATION:
1889 case MECHANISM_STATUS:
1890 case REQUEST_SENSE:
1891 break;
1892
1893 default:
1894 if (!blk_is_available(s->qdev.conf.blk)) {
1895 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1896 return 0;
1897 }
1898 break;
1899 }
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909 if (req->cmd.xfer > 65536) {
1910 goto illegal_request;
1911 }
1912 r->buflen = MAX(4096, req->cmd.xfer);
1913
1914 if (!r->iov.iov_base) {
1915 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
1916 }
1917
1918 outbuf = r->iov.iov_base;
1919 memset(outbuf, 0, r->buflen);
1920 switch (req->cmd.buf[0]) {
1921 case TEST_UNIT_READY:
1922 assert(blk_is_available(s->qdev.conf.blk));
1923 break;
1924 case INQUIRY:
1925 buflen = scsi_disk_emulate_inquiry(req, outbuf);
1926 if (buflen < 0) {
1927 goto illegal_request;
1928 }
1929 break;
1930 case MODE_SENSE:
1931 case MODE_SENSE_10:
1932 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
1933 if (buflen < 0) {
1934 goto illegal_request;
1935 }
1936 break;
1937 case READ_TOC:
1938 buflen = scsi_disk_emulate_read_toc(req, outbuf);
1939 if (buflen < 0) {
1940 goto illegal_request;
1941 }
1942 break;
1943 case RESERVE:
1944 if (req->cmd.buf[1] & 1) {
1945 goto illegal_request;
1946 }
1947 break;
1948 case RESERVE_10:
1949 if (req->cmd.buf[1] & 3) {
1950 goto illegal_request;
1951 }
1952 break;
1953 case RELEASE:
1954 if (req->cmd.buf[1] & 1) {
1955 goto illegal_request;
1956 }
1957 break;
1958 case RELEASE_10:
1959 if (req->cmd.buf[1] & 3) {
1960 goto illegal_request;
1961 }
1962 break;
1963 case START_STOP:
1964 if (scsi_disk_emulate_start_stop(r) < 0) {
1965 return 0;
1966 }
1967 break;
1968 case ALLOW_MEDIUM_REMOVAL:
1969 s->tray_locked = req->cmd.buf[4] & 1;
1970 blk_lock_medium(s->qdev.conf.blk, req->cmd.buf[4] & 1);
1971 break;
1972 case READ_CAPACITY_10:
1973
1974 memset(outbuf, 0, 8);
1975 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
1976 if (!nb_sectors) {
1977 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
1978 return 0;
1979 }
1980 if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) {
1981 goto illegal_request;
1982 }
1983 nb_sectors /= s->qdev.blocksize / 512;
1984
1985 nb_sectors--;
1986
1987 s->qdev.max_lba = nb_sectors;
1988
1989 if (nb_sectors > UINT32_MAX) {
1990 nb_sectors = UINT32_MAX;
1991 }
1992 outbuf[0] = (nb_sectors >> 24) & 0xff;
1993 outbuf[1] = (nb_sectors >> 16) & 0xff;
1994 outbuf[2] = (nb_sectors >> 8) & 0xff;
1995 outbuf[3] = nb_sectors & 0xff;
1996 outbuf[4] = 0;
1997 outbuf[5] = 0;
1998 outbuf[6] = s->qdev.blocksize >> 8;
1999 outbuf[7] = 0;
2000 break;
2001 case REQUEST_SENSE:
2002
2003 buflen = scsi_convert_sense(NULL, 0, outbuf, r->buflen,
2004 (req->cmd.buf[1] & 1) == 0);
2005 if (buflen < 0) {
2006 goto illegal_request;
2007 }
2008 break;
2009 case MECHANISM_STATUS:
2010 buflen = scsi_emulate_mechanism_status(s, outbuf);
2011 if (buflen < 0) {
2012 goto illegal_request;
2013 }
2014 break;
2015 case GET_CONFIGURATION:
2016 buflen = scsi_get_configuration(s, outbuf);
2017 if (buflen < 0) {
2018 goto illegal_request;
2019 }
2020 break;
2021 case GET_EVENT_STATUS_NOTIFICATION:
2022 buflen = scsi_get_event_status_notification(s, r, outbuf);
2023 if (buflen < 0) {
2024 goto illegal_request;
2025 }
2026 break;
2027 case READ_DISC_INFORMATION:
2028 buflen = scsi_read_disc_information(s, r, outbuf);
2029 if (buflen < 0) {
2030 goto illegal_request;
2031 }
2032 break;
2033 case READ_DVD_STRUCTURE:
2034 buflen = scsi_read_dvd_structure(s, r, outbuf);
2035 if (buflen < 0) {
2036 goto illegal_request;
2037 }
2038 break;
2039 case SERVICE_ACTION_IN_16:
2040
2041 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
2042 trace_scsi_disk_emulate_command_SAI_16();
2043 memset(outbuf, 0, req->cmd.xfer);
2044 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
2045 if (!nb_sectors) {
2046 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
2047 return 0;
2048 }
2049 if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) {
2050 goto illegal_request;
2051 }
2052 nb_sectors /= s->qdev.blocksize / 512;
2053
2054 nb_sectors--;
2055
2056 s->qdev.max_lba = nb_sectors;
2057 outbuf[0] = (nb_sectors >> 56) & 0xff;
2058 outbuf[1] = (nb_sectors >> 48) & 0xff;
2059 outbuf[2] = (nb_sectors >> 40) & 0xff;
2060 outbuf[3] = (nb_sectors >> 32) & 0xff;
2061 outbuf[4] = (nb_sectors >> 24) & 0xff;
2062 outbuf[5] = (nb_sectors >> 16) & 0xff;
2063 outbuf[6] = (nb_sectors >> 8) & 0xff;
2064 outbuf[7] = nb_sectors & 0xff;
2065 outbuf[8] = 0;
2066 outbuf[9] = 0;
2067 outbuf[10] = s->qdev.blocksize >> 8;
2068 outbuf[11] = 0;
2069 outbuf[12] = 0;
2070 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
2071
2072
2073 if (s->qdev.conf.discard_granularity) {
2074 outbuf[14] = 0x80;
2075 }
2076
2077
2078 break;
2079 }
2080 trace_scsi_disk_emulate_command_SAI_unsupported();
2081 goto illegal_request;
2082 case SYNCHRONIZE_CACHE:
2083
2084 scsi_req_ref(&r->req);
2085 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
2086 BLOCK_ACCT_FLUSH);
2087 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
2088 return 0;
2089 case SEEK_10:
2090 trace_scsi_disk_emulate_command_SEEK_10(r->req.cmd.lba);
2091 if (r->req.cmd.lba > s->qdev.max_lba) {
2092 goto illegal_lba;
2093 }
2094 break;
2095 case MODE_SELECT:
2096 trace_scsi_disk_emulate_command_MODE_SELECT(r->req.cmd.xfer);
2097 break;
2098 case MODE_SELECT_10:
2099 trace_scsi_disk_emulate_command_MODE_SELECT_10(r->req.cmd.xfer);
2100 break;
2101 case UNMAP:
2102 trace_scsi_disk_emulate_command_UNMAP(r->req.cmd.xfer);
2103 break;
2104 case VERIFY_10:
2105 case VERIFY_12:
2106 case VERIFY_16:
2107 trace_scsi_disk_emulate_command_VERIFY((req->cmd.buf[1] >> 1) & 3);
2108 if (req->cmd.buf[1] & 6) {
2109 goto illegal_request;
2110 }
2111 break;
2112 case WRITE_SAME_10:
2113 case WRITE_SAME_16:
2114 trace_scsi_disk_emulate_command_WRITE_SAME(
2115 req->cmd.buf[0] == WRITE_SAME_10 ? 10 : 16, r->req.cmd.xfer);
2116 break;
2117 default:
2118 trace_scsi_disk_emulate_command_UNKNOWN(buf[0],
2119 scsi_command_name(buf[0]));
2120 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
2121 return 0;
2122 }
2123 assert(!r->req.aiocb);
2124 r->iov.iov_len = MIN(r->buflen, req->cmd.xfer);
2125 if (r->iov.iov_len == 0) {
2126 scsi_req_complete(&r->req, GOOD);
2127 }
2128 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
2129 assert(r->iov.iov_len == req->cmd.xfer);
2130 return -r->iov.iov_len;
2131 } else {
2132 return r->iov.iov_len;
2133 }
2134
2135illegal_request:
2136 if (r->req.status == -1) {
2137 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2138 }
2139 return 0;
2140
2141illegal_lba:
2142 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
2143 return 0;
2144}
2145
2146
2147
2148
2149
2150
2151static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf)
2152{
2153 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2154 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
2155 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
2156 uint32_t len;
2157 uint8_t command;
2158
2159 command = buf[0];
2160
2161 if (!blk_is_available(s->qdev.conf.blk)) {
2162 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
2163 return 0;
2164 }
2165
2166 len = scsi_data_cdb_xfer(r->req.cmd.buf);
2167 switch (command) {
2168 case READ_6:
2169 case READ_10:
2170 case READ_12:
2171 case READ_16:
2172 trace_scsi_disk_dma_command_READ(r->req.cmd.lba, len);
2173
2174
2175
2176
2177 if (s->qdev.scsi_version > 2 && (r->req.cmd.buf[1] & 0xe0)) {
2178 goto illegal_request;
2179 }
2180 if (!check_lba_range(s, r->req.cmd.lba, len)) {
2181 goto illegal_lba;
2182 }
2183 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
2184 r->sector_count = len * (s->qdev.blocksize / 512);
2185 break;
2186 case WRITE_6:
2187 case WRITE_10:
2188 case WRITE_12:
2189 case WRITE_16:
2190 case WRITE_VERIFY_10:
2191 case WRITE_VERIFY_12:
2192 case WRITE_VERIFY_16:
2193 if (blk_is_read_only(s->qdev.conf.blk)) {
2194 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
2195 return 0;
2196 }
2197 trace_scsi_disk_dma_command_WRITE(
2198 (command & 0xe) == 0xe ? "And Verify " : "",
2199 r->req.cmd.lba, len);
2200
2201 case VERIFY_10:
2202 case VERIFY_12:
2203 case VERIFY_16:
2204
2205
2206
2207
2208 if (s->qdev.scsi_version > 2 && (r->req.cmd.buf[1] & 0xe0)) {
2209 goto illegal_request;
2210 }
2211 if (!check_lba_range(s, r->req.cmd.lba, len)) {
2212 goto illegal_lba;
2213 }
2214 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
2215 r->sector_count = len * (s->qdev.blocksize / 512);
2216 break;
2217 default:
2218 abort();
2219 illegal_request:
2220 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2221 return 0;
2222 illegal_lba:
2223 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
2224 return 0;
2225 }
2226 r->need_fua_emulation = sdc->need_fua_emulation(&r->req.cmd);
2227 if (r->sector_count == 0) {
2228 scsi_req_complete(&r->req, GOOD);
2229 }
2230 assert(r->iov.iov_len == 0);
2231 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
2232 return -r->sector_count * 512;
2233 } else {
2234 return r->sector_count * 512;
2235 }
2236}
2237
2238static void scsi_disk_reset(DeviceState *dev)
2239{
2240 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
2241 uint64_t nb_sectors;
2242
2243 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
2244
2245 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
2246 nb_sectors /= s->qdev.blocksize / 512;
2247 if (nb_sectors) {
2248 nb_sectors--;
2249 }
2250 s->qdev.max_lba = nb_sectors;
2251
2252 s->tray_locked = 0;
2253 s->tray_open = 0;
2254
2255 s->qdev.scsi_version = s->qdev.default_scsi_version;
2256}
2257
2258static void scsi_disk_resize_cb(void *opaque)
2259{
2260 SCSIDiskState *s = opaque;
2261
2262
2263
2264
2265 if (s->qdev.type == TYPE_DISK) {
2266 scsi_device_report_change(&s->qdev, SENSE_CODE(CAPACITY_CHANGED));
2267 }
2268}
2269
2270static void scsi_cd_change_media_cb(void *opaque, bool load, Error **errp)
2271{
2272 SCSIDiskState *s = opaque;
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284 s->media_changed = load;
2285 s->tray_open = !load;
2286 scsi_device_set_ua(&s->qdev, SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM));
2287 s->media_event = true;
2288 s->eject_request = false;
2289}
2290
2291static void scsi_cd_eject_request_cb(void *opaque, bool force)
2292{
2293 SCSIDiskState *s = opaque;
2294
2295 s->eject_request = true;
2296 if (force) {
2297 s->tray_locked = false;
2298 }
2299}
2300
2301static bool scsi_cd_is_tray_open(void *opaque)
2302{
2303 return ((SCSIDiskState *)opaque)->tray_open;
2304}
2305
2306static bool scsi_cd_is_medium_locked(void *opaque)
2307{
2308 return ((SCSIDiskState *)opaque)->tray_locked;
2309}
2310
2311static const BlockDevOps scsi_disk_removable_block_ops = {
2312 .change_media_cb = scsi_cd_change_media_cb,
2313 .eject_request_cb = scsi_cd_eject_request_cb,
2314 .is_tray_open = scsi_cd_is_tray_open,
2315 .is_medium_locked = scsi_cd_is_medium_locked,
2316
2317 .resize_cb = scsi_disk_resize_cb,
2318};
2319
2320static const BlockDevOps scsi_disk_block_ops = {
2321 .resize_cb = scsi_disk_resize_cb,
2322};
2323
2324static void scsi_disk_unit_attention_reported(SCSIDevice *dev)
2325{
2326 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2327 if (s->media_changed) {
2328 s->media_changed = false;
2329 scsi_device_set_ua(&s->qdev, SENSE_CODE(MEDIUM_CHANGED));
2330 }
2331}
2332
2333static void scsi_realize(SCSIDevice *dev, Error **errp)
2334{
2335 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2336 bool read_only;
2337
2338 if (!s->qdev.conf.blk) {
2339 error_setg(errp, "drive property not set");
2340 return;
2341 }
2342
2343 if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2344 !blk_is_inserted(s->qdev.conf.blk)) {
2345 error_setg(errp, "Device needs media, but drive is empty");
2346 return;
2347 }
2348
2349 blkconf_blocksizes(&s->qdev.conf);
2350
2351 if (s->qdev.conf.logical_block_size >
2352 s->qdev.conf.physical_block_size) {
2353 error_setg(errp,
2354 "logical_block_size > physical_block_size not supported");
2355 return;
2356 }
2357
2358 if (blk_get_aio_context(s->qdev.conf.blk) != qemu_get_aio_context() &&
2359 !s->qdev.hba_supports_iothread)
2360 {
2361 error_setg(errp, "HBA does not support iothreads");
2362 return;
2363 }
2364
2365 if (dev->type == TYPE_DISK) {
2366 if (!blkconf_geometry(&dev->conf, NULL, 65535, 255, 255, errp)) {
2367 return;
2368 }
2369 }
2370
2371 read_only = blk_is_read_only(s->qdev.conf.blk);
2372 if (dev->type == TYPE_ROM) {
2373 read_only = true;
2374 }
2375
2376 if (!blkconf_apply_backend_options(&dev->conf, read_only,
2377 dev->type == TYPE_DISK, errp)) {
2378 return;
2379 }
2380
2381 if (s->qdev.conf.discard_granularity == -1) {
2382 s->qdev.conf.discard_granularity =
2383 MAX(s->qdev.conf.logical_block_size, DEFAULT_DISCARD_GRANULARITY);
2384 }
2385
2386 if (!s->version) {
2387 s->version = g_strdup(qemu_hw_version());
2388 }
2389 if (!s->vendor) {
2390 s->vendor = g_strdup("QEMU");
2391 }
2392 if (!s->device_id) {
2393 if (s->serial) {
2394 s->device_id = g_strdup_printf("%.20s", s->serial);
2395 } else {
2396 const char *str = blk_name(s->qdev.conf.blk);
2397 if (str && *str) {
2398 s->device_id = g_strdup(str);
2399 }
2400 }
2401 }
2402
2403 if (blk_is_sg(s->qdev.conf.blk)) {
2404 error_setg(errp, "unwanted /dev/sg*");
2405 return;
2406 }
2407
2408 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2409 !(s->features & (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS))) {
2410 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_removable_block_ops, s);
2411 } else {
2412 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_block_ops, s);
2413 }
2414 blk_set_guest_block_size(s->qdev.conf.blk, s->qdev.blocksize);
2415
2416 blk_iostatus_enable(s->qdev.conf.blk);
2417
2418 add_boot_device_lchs(&dev->qdev, NULL,
2419 dev->conf.lcyls,
2420 dev->conf.lheads,
2421 dev->conf.lsecs);
2422}
2423
2424static void scsi_unrealize(SCSIDevice *dev, Error **errp)
2425{
2426 del_boot_device_lchs(&dev->qdev, NULL);
2427}
2428
2429static void scsi_hd_realize(SCSIDevice *dev, Error **errp)
2430{
2431 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2432 AioContext *ctx = NULL;
2433
2434
2435
2436 if (s->qdev.conf.blk) {
2437 ctx = blk_get_aio_context(s->qdev.conf.blk);
2438 aio_context_acquire(ctx);
2439 blkconf_blocksizes(&s->qdev.conf);
2440 }
2441 s->qdev.blocksize = s->qdev.conf.logical_block_size;
2442 s->qdev.type = TYPE_DISK;
2443 if (!s->product) {
2444 s->product = g_strdup("QEMU HARDDISK");
2445 }
2446 scsi_realize(&s->qdev, errp);
2447 if (ctx) {
2448 aio_context_release(ctx);
2449 }
2450}
2451
2452static void scsi_cd_realize(SCSIDevice *dev, Error **errp)
2453{
2454 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2455 AioContext *ctx;
2456 int ret;
2457
2458 if (!dev->conf.blk) {
2459
2460
2461 dev->conf.blk = blk_new(qemu_get_aio_context(), 0, BLK_PERM_ALL);
2462 ret = blk_attach_dev(dev->conf.blk, &dev->qdev);
2463 assert(ret == 0);
2464 }
2465
2466 ctx = blk_get_aio_context(dev->conf.blk);
2467 aio_context_acquire(ctx);
2468 s->qdev.blocksize = 2048;
2469 s->qdev.type = TYPE_ROM;
2470 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2471 if (!s->product) {
2472 s->product = g_strdup("QEMU CD-ROM");
2473 }
2474 scsi_realize(&s->qdev, errp);
2475 aio_context_release(ctx);
2476}
2477
2478static void scsi_disk_realize(SCSIDevice *dev, Error **errp)
2479{
2480 DriveInfo *dinfo;
2481 Error *local_err = NULL;
2482
2483 warn_report("'scsi-disk' is deprecated, "
2484 "please use 'scsi-hd' or 'scsi-cd' instead");
2485
2486 if (!dev->conf.blk) {
2487 scsi_realize(dev, &local_err);
2488 assert(local_err);
2489 error_propagate(errp, local_err);
2490 return;
2491 }
2492
2493 dinfo = blk_legacy_dinfo(dev->conf.blk);
2494 if (dinfo && dinfo->media_cd) {
2495 scsi_cd_realize(dev, errp);
2496 } else {
2497 scsi_hd_realize(dev, errp);
2498 }
2499}
2500
2501static const SCSIReqOps scsi_disk_emulate_reqops = {
2502 .size = sizeof(SCSIDiskReq),
2503 .free_req = scsi_free_request,
2504 .send_command = scsi_disk_emulate_command,
2505 .read_data = scsi_disk_emulate_read_data,
2506 .write_data = scsi_disk_emulate_write_data,
2507 .get_buf = scsi_get_buf,
2508};
2509
2510static const SCSIReqOps scsi_disk_dma_reqops = {
2511 .size = sizeof(SCSIDiskReq),
2512 .free_req = scsi_free_request,
2513 .send_command = scsi_disk_dma_command,
2514 .read_data = scsi_read_data,
2515 .write_data = scsi_write_data,
2516 .get_buf = scsi_get_buf,
2517 .load_request = scsi_disk_load_request,
2518 .save_request = scsi_disk_save_request,
2519};
2520
2521static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = {
2522 [TEST_UNIT_READY] = &scsi_disk_emulate_reqops,
2523 [INQUIRY] = &scsi_disk_emulate_reqops,
2524 [MODE_SENSE] = &scsi_disk_emulate_reqops,
2525 [MODE_SENSE_10] = &scsi_disk_emulate_reqops,
2526 [START_STOP] = &scsi_disk_emulate_reqops,
2527 [ALLOW_MEDIUM_REMOVAL] = &scsi_disk_emulate_reqops,
2528 [READ_CAPACITY_10] = &scsi_disk_emulate_reqops,
2529 [READ_TOC] = &scsi_disk_emulate_reqops,
2530 [READ_DVD_STRUCTURE] = &scsi_disk_emulate_reqops,
2531 [READ_DISC_INFORMATION] = &scsi_disk_emulate_reqops,
2532 [GET_CONFIGURATION] = &scsi_disk_emulate_reqops,
2533 [GET_EVENT_STATUS_NOTIFICATION] = &scsi_disk_emulate_reqops,
2534 [MECHANISM_STATUS] = &scsi_disk_emulate_reqops,
2535 [SERVICE_ACTION_IN_16] = &scsi_disk_emulate_reqops,
2536 [REQUEST_SENSE] = &scsi_disk_emulate_reqops,
2537 [SYNCHRONIZE_CACHE] = &scsi_disk_emulate_reqops,
2538 [SEEK_10] = &scsi_disk_emulate_reqops,
2539 [MODE_SELECT] = &scsi_disk_emulate_reqops,
2540 [MODE_SELECT_10] = &scsi_disk_emulate_reqops,
2541 [UNMAP] = &scsi_disk_emulate_reqops,
2542 [WRITE_SAME_10] = &scsi_disk_emulate_reqops,
2543 [WRITE_SAME_16] = &scsi_disk_emulate_reqops,
2544 [VERIFY_10] = &scsi_disk_emulate_reqops,
2545 [VERIFY_12] = &scsi_disk_emulate_reqops,
2546 [VERIFY_16] = &scsi_disk_emulate_reqops,
2547
2548 [READ_6] = &scsi_disk_dma_reqops,
2549 [READ_10] = &scsi_disk_dma_reqops,
2550 [READ_12] = &scsi_disk_dma_reqops,
2551 [READ_16] = &scsi_disk_dma_reqops,
2552 [WRITE_6] = &scsi_disk_dma_reqops,
2553 [WRITE_10] = &scsi_disk_dma_reqops,
2554 [WRITE_12] = &scsi_disk_dma_reqops,
2555 [WRITE_16] = &scsi_disk_dma_reqops,
2556 [WRITE_VERIFY_10] = &scsi_disk_dma_reqops,
2557 [WRITE_VERIFY_12] = &scsi_disk_dma_reqops,
2558 [WRITE_VERIFY_16] = &scsi_disk_dma_reqops,
2559};
2560
2561static void scsi_disk_new_request_dump(uint32_t lun, uint32_t tag, uint8_t *buf)
2562{
2563 int i;
2564 int len = scsi_cdb_length(buf);
2565 char *line_buffer, *p;
2566
2567 line_buffer = g_malloc(len * 5 + 1);
2568
2569 for (i = 0, p = line_buffer; i < len; i++) {
2570 p += sprintf(p, " 0x%02x", buf[i]);
2571 }
2572 trace_scsi_disk_new_request(lun, tag, line_buffer);
2573
2574 g_free(line_buffer);
2575}
2576
2577static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
2578 uint8_t *buf, void *hba_private)
2579{
2580 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2581 SCSIRequest *req;
2582 const SCSIReqOps *ops;
2583 uint8_t command;
2584
2585 command = buf[0];
2586 ops = scsi_disk_reqops_dispatch[command];
2587 if (!ops) {
2588 ops = &scsi_disk_emulate_reqops;
2589 }
2590 req = scsi_req_alloc(ops, &s->qdev, tag, lun, hba_private);
2591
2592 if (trace_event_get_state_backends(TRACE_SCSI_DISK_NEW_REQUEST)) {
2593 scsi_disk_new_request_dump(lun, tag, buf);
2594 }
2595
2596 return req;
2597}
2598
2599#ifdef __linux__
2600static int get_device_type(SCSIDiskState *s)
2601{
2602 uint8_t cmd[16];
2603 uint8_t buf[36];
2604 int ret;
2605
2606 memset(cmd, 0, sizeof(cmd));
2607 memset(buf, 0, sizeof(buf));
2608 cmd[0] = INQUIRY;
2609 cmd[4] = sizeof(buf);
2610
2611 ret = scsi_SG_IO_FROM_DEV(s->qdev.conf.blk, cmd, sizeof(cmd),
2612 buf, sizeof(buf));
2613 if (ret < 0) {
2614 return -1;
2615 }
2616 s->qdev.type = buf[0];
2617 if (buf[1] & 0x80) {
2618 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2619 }
2620 return 0;
2621}
2622
2623static void scsi_block_realize(SCSIDevice *dev, Error **errp)
2624{
2625 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2626 AioContext *ctx;
2627 int sg_version;
2628 int rc;
2629
2630 if (!s->qdev.conf.blk) {
2631 error_setg(errp, "drive property not set");
2632 return;
2633 }
2634
2635 if (s->rotation_rate) {
2636 error_report_once("rotation_rate is specified for scsi-block but is "
2637 "not implemented. This option is deprecated and will "
2638 "be removed in a future version");
2639 }
2640
2641 ctx = blk_get_aio_context(s->qdev.conf.blk);
2642 aio_context_acquire(ctx);
2643
2644
2645 rc = blk_ioctl(s->qdev.conf.blk, SG_GET_VERSION_NUM, &sg_version);
2646 if (rc < 0) {
2647 error_setg_errno(errp, -rc, "cannot get SG_IO version number");
2648 if (rc != -EPERM) {
2649 error_append_hint(errp, "Is this a SCSI device?\n");
2650 }
2651 goto out;
2652 }
2653 if (sg_version < 30000) {
2654 error_setg(errp, "scsi generic interface too old");
2655 goto out;
2656 }
2657
2658
2659 rc = get_device_type(s);
2660 if (rc < 0) {
2661 error_setg(errp, "INQUIRY failed");
2662 goto out;
2663 }
2664
2665
2666
2667
2668
2669 if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) {
2670 s->qdev.blocksize = 2048;
2671 } else {
2672 s->qdev.blocksize = 512;
2673 }
2674
2675
2676
2677
2678 s->features |= (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS);
2679
2680 scsi_realize(&s->qdev, errp);
2681 scsi_generic_read_device_inquiry(&s->qdev);
2682
2683out:
2684 aio_context_release(ctx);
2685}
2686
2687typedef struct SCSIBlockReq {
2688 SCSIDiskReq req;
2689 sg_io_hdr_t io_header;
2690
2691
2692 uint8_t cmd, cdb1, group_number;
2693
2694
2695 uint8_t cdb[16];
2696} SCSIBlockReq;
2697
2698static BlockAIOCB *scsi_block_do_sgio(SCSIBlockReq *req,
2699 int64_t offset, QEMUIOVector *iov,
2700 int direction,
2701 BlockCompletionFunc *cb, void *opaque)
2702{
2703 sg_io_hdr_t *io_header = &req->io_header;
2704 SCSIDiskReq *r = &req->req;
2705 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2706 int nb_logical_blocks;
2707 uint64_t lba;
2708 BlockAIOCB *aiocb;
2709
2710
2711
2712
2713
2714 assert(offset % s->qdev.blocksize == 0);
2715 assert(iov->size % s->qdev.blocksize == 0);
2716
2717 io_header->interface_id = 'S';
2718
2719
2720 io_header->dxfer_direction = direction;
2721 io_header->dxfer_len = iov->size;
2722 io_header->dxferp = (void *)iov->iov;
2723 io_header->iovec_count = iov->niov;
2724 assert(io_header->iovec_count == iov->niov);
2725
2726
2727
2728
2729
2730
2731 io_header->cmdp = req->cdb;
2732 lba = offset / s->qdev.blocksize;
2733 nb_logical_blocks = io_header->dxfer_len / s->qdev.blocksize;
2734
2735 if ((req->cmd >> 5) == 0 && lba <= 0x1ffff) {
2736
2737 stl_be_p(&req->cdb[0], lba | (req->cmd << 24));
2738 req->cdb[4] = nb_logical_blocks;
2739 req->cdb[5] = 0;
2740 io_header->cmd_len = 6;
2741 } else if ((req->cmd >> 5) <= 1 && lba <= 0xffffffffULL) {
2742
2743 req->cdb[0] = (req->cmd & 0x1f) | 0x20;
2744 req->cdb[1] = req->cdb1;
2745 stl_be_p(&req->cdb[2], lba);
2746 req->cdb[6] = req->group_number;
2747 stw_be_p(&req->cdb[7], nb_logical_blocks);
2748 req->cdb[9] = 0;
2749 io_header->cmd_len = 10;
2750 } else if ((req->cmd >> 5) != 4 && lba <= 0xffffffffULL) {
2751
2752 req->cdb[0] = (req->cmd & 0x1f) | 0xA0;
2753 req->cdb[1] = req->cdb1;
2754 stl_be_p(&req->cdb[2], lba);
2755 stl_be_p(&req->cdb[6], nb_logical_blocks);
2756 req->cdb[10] = req->group_number;
2757 req->cdb[11] = 0;
2758 io_header->cmd_len = 12;
2759 } else {
2760
2761 req->cdb[0] = (req->cmd & 0x1f) | 0x80;
2762 req->cdb[1] = req->cdb1;
2763 stq_be_p(&req->cdb[2], lba);
2764 stl_be_p(&req->cdb[10], nb_logical_blocks);
2765 req->cdb[14] = req->group_number;
2766 req->cdb[15] = 0;
2767 io_header->cmd_len = 16;
2768 }
2769
2770
2771 io_header->mx_sb_len = sizeof(r->req.sense);
2772 io_header->sbp = r->req.sense;
2773 io_header->timeout = UINT_MAX;
2774 io_header->usr_ptr = r;
2775 io_header->flags |= SG_FLAG_DIRECT_IO;
2776
2777 aiocb = blk_aio_ioctl(s->qdev.conf.blk, SG_IO, io_header, cb, opaque);
2778 assert(aiocb != NULL);
2779 return aiocb;
2780}
2781
2782static bool scsi_block_no_fua(SCSICommand *cmd)
2783{
2784 return false;
2785}
2786
2787static BlockAIOCB *scsi_block_dma_readv(int64_t offset,
2788 QEMUIOVector *iov,
2789 BlockCompletionFunc *cb, void *cb_opaque,
2790 void *opaque)
2791{
2792 SCSIBlockReq *r = opaque;
2793 return scsi_block_do_sgio(r, offset, iov,
2794 SG_DXFER_FROM_DEV, cb, cb_opaque);
2795}
2796
2797static BlockAIOCB *scsi_block_dma_writev(int64_t offset,
2798 QEMUIOVector *iov,
2799 BlockCompletionFunc *cb, void *cb_opaque,
2800 void *opaque)
2801{
2802 SCSIBlockReq *r = opaque;
2803 return scsi_block_do_sgio(r, offset, iov,
2804 SG_DXFER_TO_DEV, cb, cb_opaque);
2805}
2806
2807static bool scsi_block_is_passthrough(SCSIDiskState *s, uint8_t *buf)
2808{
2809 switch (buf[0]) {
2810 case VERIFY_10:
2811 case VERIFY_12:
2812 case VERIFY_16:
2813
2814
2815
2816
2817 if ((buf[1] & 6) == 2) {
2818 return false;
2819 }
2820 break;
2821
2822 case READ_6:
2823 case READ_10:
2824 case READ_12:
2825 case READ_16:
2826 case WRITE_6:
2827 case WRITE_10:
2828 case WRITE_12:
2829 case WRITE_16:
2830 case WRITE_VERIFY_10:
2831 case WRITE_VERIFY_12:
2832 case WRITE_VERIFY_16:
2833
2834
2835
2836
2837
2838
2839 if (s->qdev.type != TYPE_ROM) {
2840 return false;
2841 }
2842 break;
2843
2844 default:
2845 break;
2846 }
2847
2848 return true;
2849}
2850
2851
2852static int32_t scsi_block_dma_command(SCSIRequest *req, uint8_t *buf)
2853{
2854 SCSIBlockReq *r = (SCSIBlockReq *)req;
2855 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
2856
2857 r->cmd = req->cmd.buf[0];
2858 switch (r->cmd >> 5) {
2859 case 0:
2860
2861 r->cdb1 = r->group_number = 0;
2862 break;
2863 case 1:
2864
2865 r->cdb1 = req->cmd.buf[1];
2866 r->group_number = req->cmd.buf[6];
2867 break;
2868 case 4:
2869
2870 r->cdb1 = req->cmd.buf[1];
2871 r->group_number = req->cmd.buf[10];
2872 break;
2873 case 5:
2874
2875 r->cdb1 = req->cmd.buf[1];
2876 r->group_number = req->cmd.buf[14];
2877 break;
2878 default:
2879 abort();
2880 }
2881
2882
2883
2884
2885
2886 if (s->qdev.scsi_version > 2 && (req->cmd.buf[1] & 0xe0)) {
2887 scsi_check_condition(&r->req, SENSE_CODE(INVALID_FIELD));
2888 return 0;
2889 }
2890
2891 r->req.status = &r->io_header.status;
2892 return scsi_disk_dma_command(req, buf);
2893}
2894
2895static const SCSIReqOps scsi_block_dma_reqops = {
2896 .size = sizeof(SCSIBlockReq),
2897 .free_req = scsi_free_request,
2898 .send_command = scsi_block_dma_command,
2899 .read_data = scsi_read_data,
2900 .write_data = scsi_write_data,
2901 .get_buf = scsi_get_buf,
2902 .load_request = scsi_disk_load_request,
2903 .save_request = scsi_disk_save_request,
2904};
2905
2906static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag,
2907 uint32_t lun, uint8_t *buf,
2908 void *hba_private)
2909{
2910 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2911
2912 if (scsi_block_is_passthrough(s, buf)) {
2913 return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun,
2914 hba_private);
2915 } else {
2916 return scsi_req_alloc(&scsi_block_dma_reqops, &s->qdev, tag, lun,
2917 hba_private);
2918 }
2919}
2920
2921static int scsi_block_parse_cdb(SCSIDevice *d, SCSICommand *cmd,
2922 uint8_t *buf, void *hba_private)
2923{
2924 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2925
2926 if (scsi_block_is_passthrough(s, buf)) {
2927 return scsi_bus_parse_cdb(&s->qdev, cmd, buf, hba_private);
2928 } else {
2929 return scsi_req_parse_cdb(&s->qdev, cmd, buf);
2930 }
2931}
2932
2933static void scsi_block_update_sense(SCSIRequest *req)
2934{
2935 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2936 SCSIBlockReq *br = DO_UPCAST(SCSIBlockReq, req, r);
2937 r->req.sense_len = MIN(br->io_header.sb_len_wr, sizeof(r->req.sense));
2938}
2939#endif
2940
2941static
2942BlockAIOCB *scsi_dma_readv(int64_t offset, QEMUIOVector *iov,
2943 BlockCompletionFunc *cb, void *cb_opaque,
2944 void *opaque)
2945{
2946 SCSIDiskReq *r = opaque;
2947 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2948 return blk_aio_preadv(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2949}
2950
2951static
2952BlockAIOCB *scsi_dma_writev(int64_t offset, QEMUIOVector *iov,
2953 BlockCompletionFunc *cb, void *cb_opaque,
2954 void *opaque)
2955{
2956 SCSIDiskReq *r = opaque;
2957 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2958 return blk_aio_pwritev(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2959}
2960
2961static void scsi_disk_base_class_initfn(ObjectClass *klass, void *data)
2962{
2963 DeviceClass *dc = DEVICE_CLASS(klass);
2964 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
2965
2966 dc->fw_name = "disk";
2967 dc->reset = scsi_disk_reset;
2968 sdc->dma_readv = scsi_dma_readv;
2969 sdc->dma_writev = scsi_dma_writev;
2970 sdc->need_fua_emulation = scsi_is_cmd_fua;
2971}
2972
2973static const TypeInfo scsi_disk_base_info = {
2974 .name = TYPE_SCSI_DISK_BASE,
2975 .parent = TYPE_SCSI_DEVICE,
2976 .class_init = scsi_disk_base_class_initfn,
2977 .instance_size = sizeof(SCSIDiskState),
2978 .class_size = sizeof(SCSIDiskClass),
2979 .abstract = true,
2980};
2981
2982#define DEFINE_SCSI_DISK_PROPERTIES() \
2983 DEFINE_PROP_DRIVE_IOTHREAD("drive", SCSIDiskState, qdev.conf.blk), \
2984 DEFINE_BLOCK_PROPERTIES_BASE(SCSIDiskState, qdev.conf), \
2985 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf), \
2986 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
2987 DEFINE_PROP_STRING("serial", SCSIDiskState, serial), \
2988 DEFINE_PROP_STRING("vendor", SCSIDiskState, vendor), \
2989 DEFINE_PROP_STRING("product", SCSIDiskState, product), \
2990 DEFINE_PROP_STRING("device_id", SCSIDiskState, device_id)
2991
2992
2993static Property scsi_hd_properties[] = {
2994 DEFINE_SCSI_DISK_PROPERTIES(),
2995 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2996 SCSI_DISK_F_REMOVABLE, false),
2997 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2998 SCSI_DISK_F_DPOFUA, false),
2999 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3000 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
3001 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
3002 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3003 DEFAULT_MAX_UNMAP_SIZE),
3004 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3005 DEFAULT_MAX_IO_SIZE),
3006 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),
3007 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3008 5),
3009 DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState, qdev.conf),
3010 DEFINE_PROP_END_OF_LIST(),
3011};
3012
3013static const VMStateDescription vmstate_scsi_disk_state = {
3014 .name = "scsi-disk",
3015 .version_id = 1,
3016 .minimum_version_id = 1,
3017 .fields = (VMStateField[]) {
3018 VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState),
3019 VMSTATE_BOOL(media_changed, SCSIDiskState),
3020 VMSTATE_BOOL(media_event, SCSIDiskState),
3021 VMSTATE_BOOL(eject_request, SCSIDiskState),
3022 VMSTATE_BOOL(tray_open, SCSIDiskState),
3023 VMSTATE_BOOL(tray_locked, SCSIDiskState),
3024 VMSTATE_END_OF_LIST()
3025 }
3026};
3027
3028static void scsi_hd_class_initfn(ObjectClass *klass, void *data)
3029{
3030 DeviceClass *dc = DEVICE_CLASS(klass);
3031 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3032
3033 sc->realize = scsi_hd_realize;
3034 sc->unrealize = scsi_unrealize;
3035 sc->alloc_req = scsi_new_request;
3036 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
3037 dc->desc = "virtual SCSI disk";
3038 device_class_set_props(dc, scsi_hd_properties);
3039 dc->vmsd = &vmstate_scsi_disk_state;
3040}
3041
3042static const TypeInfo scsi_hd_info = {
3043 .name = "scsi-hd",
3044 .parent = TYPE_SCSI_DISK_BASE,
3045 .class_init = scsi_hd_class_initfn,
3046};
3047
3048static Property scsi_cd_properties[] = {
3049 DEFINE_SCSI_DISK_PROPERTIES(),
3050 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3051 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
3052 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
3053 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3054 DEFAULT_MAX_IO_SIZE),
3055 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3056 5),
3057 DEFINE_PROP_END_OF_LIST(),
3058};
3059
3060static void scsi_cd_class_initfn(ObjectClass *klass, void *data)
3061{
3062 DeviceClass *dc = DEVICE_CLASS(klass);
3063 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3064
3065 sc->realize = scsi_cd_realize;
3066 sc->alloc_req = scsi_new_request;
3067 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
3068 dc->desc = "virtual SCSI CD-ROM";
3069 device_class_set_props(dc, scsi_cd_properties);
3070 dc->vmsd = &vmstate_scsi_disk_state;
3071}
3072
3073static const TypeInfo scsi_cd_info = {
3074 .name = "scsi-cd",
3075 .parent = TYPE_SCSI_DISK_BASE,
3076 .class_init = scsi_cd_class_initfn,
3077};
3078
3079#ifdef __linux__
3080static Property scsi_block_properties[] = {
3081 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf), \
3082 DEFINE_PROP_DRIVE("drive", SCSIDiskState, qdev.conf.blk),
3083 DEFINE_PROP_BOOL("share-rw", SCSIDiskState, qdev.conf.share_rw, false),
3084 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),
3085 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3086 DEFAULT_MAX_UNMAP_SIZE),
3087 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3088 DEFAULT_MAX_IO_SIZE),
3089 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3090 -1),
3091 DEFINE_PROP_END_OF_LIST(),
3092};
3093
3094static void scsi_block_class_initfn(ObjectClass *klass, void *data)
3095{
3096 DeviceClass *dc = DEVICE_CLASS(klass);
3097 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3098 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
3099
3100 sc->realize = scsi_block_realize;
3101 sc->alloc_req = scsi_block_new_request;
3102 sc->parse_cdb = scsi_block_parse_cdb;
3103 sdc->dma_readv = scsi_block_dma_readv;
3104 sdc->dma_writev = scsi_block_dma_writev;
3105 sdc->update_sense = scsi_block_update_sense;
3106 sdc->need_fua_emulation = scsi_block_no_fua;
3107 dc->desc = "SCSI block device passthrough";
3108 device_class_set_props(dc, scsi_block_properties);
3109 dc->vmsd = &vmstate_scsi_disk_state;
3110}
3111
3112static const TypeInfo scsi_block_info = {
3113 .name = "scsi-block",
3114 .parent = TYPE_SCSI_DISK_BASE,
3115 .class_init = scsi_block_class_initfn,
3116};
3117#endif
3118
3119static Property scsi_disk_properties[] = {
3120 DEFINE_SCSI_DISK_PROPERTIES(),
3121 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
3122 SCSI_DISK_F_REMOVABLE, false),
3123 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
3124 SCSI_DISK_F_DPOFUA, false),
3125 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3126 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
3127 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
3128 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3129 DEFAULT_MAX_UNMAP_SIZE),
3130 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3131 DEFAULT_MAX_IO_SIZE),
3132 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3133 5),
3134 DEFINE_PROP_END_OF_LIST(),
3135};
3136
3137static void scsi_disk_class_initfn(ObjectClass *klass, void *data)
3138{
3139 DeviceClass *dc = DEVICE_CLASS(klass);
3140 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3141
3142 sc->realize = scsi_disk_realize;
3143 sc->alloc_req = scsi_new_request;
3144 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
3145 dc->fw_name = "disk";
3146 dc->desc = "virtual SCSI disk or CD-ROM (legacy)";
3147 dc->reset = scsi_disk_reset;
3148 device_class_set_props(dc, scsi_disk_properties);
3149 dc->vmsd = &vmstate_scsi_disk_state;
3150}
3151
3152static const TypeInfo scsi_disk_info = {
3153 .name = "scsi-disk",
3154 .parent = TYPE_SCSI_DISK_BASE,
3155 .class_init = scsi_disk_class_initfn,
3156};
3157
3158static void scsi_disk_register_types(void)
3159{
3160 type_register_static(&scsi_disk_base_info);
3161 type_register_static(&scsi_hd_info);
3162 type_register_static(&scsi_cd_info);
3163#ifdef __linux__
3164 type_register_static(&scsi_block_info);
3165#endif
3166 type_register_static(&scsi_disk_info);
3167}
3168
3169type_init(scsi_disk_register_types)
3170
