1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22#include "qemu/osdep.h"
23#include "qemu/units.h"
24#include "qapi/error.h"
25#include "qemu/error-report.h"
26#include "qemu/main-loop.h"
27#include "qemu/module.h"
28#include "hw/scsi/scsi.h"
29#include "migration/qemu-file-types.h"
30#include "migration/vmstate.h"
31#include "hw/scsi/emulation.h"
32#include "scsi/constants.h"
33#include "sysemu/block-backend.h"
34#include "sysemu/blockdev.h"
35#include "hw/block/block.h"
36#include "hw/qdev-properties.h"
37#include "sysemu/dma.h"
38#include "sysemu/sysemu.h"
39#include "qemu/cutils.h"
40#include "trace.h"
41#include "qom/object.h"
42
43#ifdef __linux
44#include <scsi/sg.h>
45#endif
46
47#define SCSI_WRITE_SAME_MAX (512 * KiB)
48#define SCSI_DMA_BUF_SIZE (128 * KiB)
49#define SCSI_MAX_INQUIRY_LEN 256
50#define SCSI_MAX_MODE_LEN 256
51
52#define DEFAULT_DISCARD_GRANULARITY (4 * KiB)
53#define DEFAULT_MAX_UNMAP_SIZE (1 * GiB)
54#define DEFAULT_MAX_IO_SIZE INT_MAX
55
56#define TYPE_SCSI_DISK_BASE "scsi-disk-base"
57
58OBJECT_DECLARE_TYPE(SCSIDiskState, SCSIDiskClass, SCSI_DISK_BASE)
59
60struct SCSIDiskClass {
61 SCSIDeviceClass parent_class;
62 DMAIOFunc *dma_readv;
63 DMAIOFunc *dma_writev;
64 bool (*need_fua_emulation)(SCSICommand *cmd);
65 void (*update_sense)(SCSIRequest *r);
66};
67
68typedef struct SCSIDiskReq {
69 SCSIRequest req;
70
71 uint64_t sector;
72 uint32_t sector_count;
73 uint32_t buflen;
74 bool started;
75 bool need_fua_emulation;
76 struct iovec iov;
77 QEMUIOVector qiov;
78 BlockAcctCookie acct;
79 unsigned char *status;
80} SCSIDiskReq;
81
82#define SCSI_DISK_F_REMOVABLE 0
83#define SCSI_DISK_F_DPOFUA 1
84#define SCSI_DISK_F_NO_REMOVABLE_DEVOPS 2
85
86struct SCSIDiskState {
87 SCSIDevice qdev;
88 uint32_t features;
89 bool media_changed;
90 bool media_event;
91 bool eject_request;
92 uint16_t port_index;
93 uint64_t max_unmap_size;
94 uint64_t max_io_size;
95 QEMUBH *bh;
96 char *version;
97 char *serial;
98 char *vendor;
99 char *product;
100 char *device_id;
101 bool tray_open;
102 bool tray_locked;
103
104
105
106
107
108
109
110 uint16_t rotation_rate;
111};
112
113static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed);
114
115static void scsi_free_request(SCSIRequest *req)
116{
117 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
118
119 qemu_vfree(r->iov.iov_base);
120}
121
122
123static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
124{
125 trace_scsi_disk_check_condition(r->req.tag, sense.key, sense.asc,
126 sense.ascq);
127 scsi_req_build_sense(&r->req, sense);
128 scsi_req_complete(&r->req, CHECK_CONDITION);
129}
130
131static void scsi_init_iovec(SCSIDiskReq *r, size_t size)
132{
133 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
134
135 if (!r->iov.iov_base) {
136 r->buflen = size;
137 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
138 }
139 r->iov.iov_len = MIN(r->sector_count * BDRV_SECTOR_SIZE, r->buflen);
140 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
141}
142
143static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req)
144{
145 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
146
147 qemu_put_be64s(f, &r->sector);
148 qemu_put_be32s(f, &r->sector_count);
149 qemu_put_be32s(f, &r->buflen);
150 if (r->buflen) {
151 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
152 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
153 } else if (!req->retry) {
154 uint32_t len = r->iov.iov_len;
155 qemu_put_be32s(f, &len);
156 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
157 }
158 }
159}
160
161static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req)
162{
163 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
164
165 qemu_get_be64s(f, &r->sector);
166 qemu_get_be32s(f, &r->sector_count);
167 qemu_get_be32s(f, &r->buflen);
168 if (r->buflen) {
169 scsi_init_iovec(r, r->buflen);
170 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
171 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
172 } else if (!r->req.retry) {
173 uint32_t len;
174 qemu_get_be32s(f, &len);
175 r->iov.iov_len = len;
176 assert(r->iov.iov_len <= r->buflen);
177 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
178 }
179 }
180
181 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
182}
183
184static bool scsi_disk_req_check_error(SCSIDiskReq *r, int ret, bool acct_failed)
185{
186 if (r->req.io_canceled) {
187 scsi_req_cancel_complete(&r->req);
188 return true;
189 }
190
191 if (ret < 0 || (r->status && *r->status)) {
192 return scsi_handle_rw_error(r, -ret, acct_failed);
193 }
194
195 return false;
196}
197
198static void scsi_aio_complete(void *opaque, int ret)
199{
200 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
201 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
202
203 assert(r->req.aiocb != NULL);
204 r->req.aiocb = NULL;
205 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
206 if (scsi_disk_req_check_error(r, ret, true)) {
207 goto done;
208 }
209
210 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
211 scsi_req_complete(&r->req, GOOD);
212
213done:
214 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
215 scsi_req_unref(&r->req);
216}
217
218static bool scsi_is_cmd_fua(SCSICommand *cmd)
219{
220 switch (cmd->buf[0]) {
221 case READ_10:
222 case READ_12:
223 case READ_16:
224 case WRITE_10:
225 case WRITE_12:
226 case WRITE_16:
227 return (cmd->buf[1] & 8) != 0;
228
229 case VERIFY_10:
230 case VERIFY_12:
231 case VERIFY_16:
232 case WRITE_VERIFY_10:
233 case WRITE_VERIFY_12:
234 case WRITE_VERIFY_16:
235 return true;
236
237 case READ_6:
238 case WRITE_6:
239 default:
240 return false;
241 }
242}
243
244static void scsi_write_do_fua(SCSIDiskReq *r)
245{
246 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
247
248 assert(r->req.aiocb == NULL);
249 assert(!r->req.io_canceled);
250
251 if (r->need_fua_emulation) {
252 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
253 BLOCK_ACCT_FLUSH);
254 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
255 return;
256 }
257
258 scsi_req_complete(&r->req, GOOD);
259 scsi_req_unref(&r->req);
260}
261
262static void scsi_dma_complete_noio(SCSIDiskReq *r, int ret)
263{
264 assert(r->req.aiocb == NULL);
265 if (scsi_disk_req_check_error(r, ret, false)) {
266 goto done;
267 }
268
269 r->sector += r->sector_count;
270 r->sector_count = 0;
271 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
272 scsi_write_do_fua(r);
273 return;
274 } else {
275 scsi_req_complete(&r->req, GOOD);
276 }
277
278done:
279 scsi_req_unref(&r->req);
280}
281
282static void scsi_dma_complete(void *opaque, int ret)
283{
284 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
285 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
286
287 assert(r->req.aiocb != NULL);
288 r->req.aiocb = NULL;
289
290 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
291 if (ret < 0) {
292 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
293 } else {
294 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
295 }
296 scsi_dma_complete_noio(r, ret);
297 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
298}
299
300static void scsi_read_complete_noio(SCSIDiskReq *r, int ret)
301{
302 uint32_t n;
303
304 assert(r->req.aiocb == NULL);
305 if (scsi_disk_req_check_error(r, ret, false)) {
306 goto done;
307 }
308
309 n = r->qiov.size / BDRV_SECTOR_SIZE;
310 r->sector += n;
311 r->sector_count -= n;
312 scsi_req_data(&r->req, r->qiov.size);
313
314done:
315 scsi_req_unref(&r->req);
316}
317
318static void scsi_read_complete(void *opaque, int ret)
319{
320 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
321 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
322
323 assert(r->req.aiocb != NULL);
324 r->req.aiocb = NULL;
325
326 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
327 if (ret < 0) {
328 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
329 } else {
330 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
331 trace_scsi_disk_read_complete(r->req.tag, r->qiov.size);
332 }
333 scsi_read_complete_noio(r, ret);
334 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
335}
336
337
338static void scsi_do_read(SCSIDiskReq *r, int ret)
339{
340 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
341 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
342
343 assert (r->req.aiocb == NULL);
344 if (scsi_disk_req_check_error(r, ret, false)) {
345 goto done;
346 }
347
348
349 scsi_req_ref(&r->req);
350
351 if (r->req.sg) {
352 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_READ);
353 r->req.resid -= r->req.sg->size;
354 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
355 r->req.sg, r->sector << BDRV_SECTOR_BITS,
356 BDRV_SECTOR_SIZE,
357 sdc->dma_readv, r, scsi_dma_complete, r,
358 DMA_DIRECTION_FROM_DEVICE);
359 } else {
360 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
361 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
362 r->qiov.size, BLOCK_ACCT_READ);
363 r->req.aiocb = sdc->dma_readv(r->sector << BDRV_SECTOR_BITS, &r->qiov,
364 scsi_read_complete, r, r);
365 }
366
367done:
368 scsi_req_unref(&r->req);
369}
370
371static void scsi_do_read_cb(void *opaque, int ret)
372{
373 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
374 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
375
376 assert (r->req.aiocb != NULL);
377 r->req.aiocb = NULL;
378
379 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
380 if (ret < 0) {
381 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
382 } else {
383 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
384 }
385 scsi_do_read(opaque, ret);
386 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
387}
388
389
390static void scsi_read_data(SCSIRequest *req)
391{
392 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
393 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
394 bool first;
395
396 trace_scsi_disk_read_data_count(r->sector_count);
397 if (r->sector_count == 0) {
398
399 scsi_req_complete(&r->req, GOOD);
400 return;
401 }
402
403
404 assert(r->req.aiocb == NULL);
405
406
407 scsi_req_ref(&r->req);
408 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
409 trace_scsi_disk_read_data_invalid();
410 scsi_read_complete_noio(r, -EINVAL);
411 return;
412 }
413
414 if (!blk_is_available(req->dev->conf.blk)) {
415 scsi_read_complete_noio(r, -ENOMEDIUM);
416 return;
417 }
418
419 first = !r->started;
420 r->started = true;
421 if (first && r->need_fua_emulation) {
422 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
423 BLOCK_ACCT_FLUSH);
424 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_do_read_cb, r);
425 } else {
426 scsi_do_read(r, 0);
427 }
428}
429
430
431
432
433
434
435
436
437static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed)
438{
439 bool is_read = (r->req.cmd.mode == SCSI_XFER_FROM_DEV);
440 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
441 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
442 BlockErrorAction action = blk_get_error_action(s->qdev.conf.blk,
443 is_read, error);
444
445 if (action == BLOCK_ERROR_ACTION_REPORT) {
446 if (acct_failed) {
447 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
448 }
449 switch (error) {
450 case 0:
451
452
453
454
455 assert(r->status && *r->status);
456 if (scsi_sense_buf_is_guest_recoverable(r->req.sense, sizeof(r->req.sense))) {
457
458 sdc->update_sense(&r->req);
459 scsi_req_complete(&r->req, *r->status);
460 return true;
461 }
462 error = scsi_sense_buf_to_errno(r->req.sense, sizeof(r->req.sense));
463 break;
464#ifdef CONFIG_LINUX
465
466
467
468
469
470 case EBADE:
471
472 scsi_req_complete(&r->req, RESERVATION_CONFLICT);
473 break;
474 case ENODATA:
475
476 scsi_check_condition(r, SENSE_CODE(READ_ERROR));
477 break;
478 case EREMOTEIO:
479
480 scsi_req_complete(&r->req, HARDWARE_ERROR);
481 break;
482#endif
483 case ENOMEDIUM:
484 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
485 break;
486 case ENOMEM:
487 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
488 break;
489 case EINVAL:
490 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
491 break;
492 case ENOSPC:
493 scsi_check_condition(r, SENSE_CODE(SPACE_ALLOC_FAILED));
494 break;
495 default:
496 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
497 break;
498 }
499 }
500
501 blk_error_action(s->qdev.conf.blk, action, is_read, error);
502 if (action == BLOCK_ERROR_ACTION_IGNORE) {
503 scsi_req_complete(&r->req, 0);
504 return true;
505 }
506
507 if (action == BLOCK_ERROR_ACTION_STOP) {
508 scsi_req_retry(&r->req);
509 }
510 return true;
511}
512
513static void scsi_write_complete_noio(SCSIDiskReq *r, int ret)
514{
515 uint32_t n;
516
517 assert (r->req.aiocb == NULL);
518 if (scsi_disk_req_check_error(r, ret, false)) {
519 goto done;
520 }
521
522 n = r->qiov.size / BDRV_SECTOR_SIZE;
523 r->sector += n;
524 r->sector_count -= n;
525 if (r->sector_count == 0) {
526 scsi_write_do_fua(r);
527 return;
528 } else {
529 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
530 trace_scsi_disk_write_complete_noio(r->req.tag, r->qiov.size);
531 scsi_req_data(&r->req, r->qiov.size);
532 }
533
534done:
535 scsi_req_unref(&r->req);
536}
537
538static void scsi_write_complete(void * opaque, int ret)
539{
540 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
541 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
542
543 assert (r->req.aiocb != NULL);
544 r->req.aiocb = NULL;
545
546 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
547 if (ret < 0) {
548 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
549 } else {
550 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
551 }
552 scsi_write_complete_noio(r, ret);
553 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
554}
555
556static void scsi_write_data(SCSIRequest *req)
557{
558 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
559 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
560 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
561
562
563 assert(r->req.aiocb == NULL);
564
565
566 scsi_req_ref(&r->req);
567 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
568 trace_scsi_disk_write_data_invalid();
569 scsi_write_complete_noio(r, -EINVAL);
570 return;
571 }
572
573 if (!r->req.sg && !r->qiov.size) {
574
575 r->started = true;
576 scsi_write_complete_noio(r, 0);
577 return;
578 }
579 if (!blk_is_available(req->dev->conf.blk)) {
580 scsi_write_complete_noio(r, -ENOMEDIUM);
581 return;
582 }
583
584 if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 ||
585 r->req.cmd.buf[0] == VERIFY_16) {
586 if (r->req.sg) {
587 scsi_dma_complete_noio(r, 0);
588 } else {
589 scsi_write_complete_noio(r, 0);
590 }
591 return;
592 }
593
594 if (r->req.sg) {
595 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_WRITE);
596 r->req.resid -= r->req.sg->size;
597 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
598 r->req.sg, r->sector << BDRV_SECTOR_BITS,
599 BDRV_SECTOR_SIZE,
600 sdc->dma_writev, r, scsi_dma_complete, r,
601 DMA_DIRECTION_TO_DEVICE);
602 } else {
603 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
604 r->qiov.size, BLOCK_ACCT_WRITE);
605 r->req.aiocb = sdc->dma_writev(r->sector << BDRV_SECTOR_BITS, &r->qiov,
606 scsi_write_complete, r, r);
607 }
608}
609
610
611static uint8_t *scsi_get_buf(SCSIRequest *req)
612{
613 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
614
615 return (uint8_t *)r->iov.iov_base;
616}
617
618static int scsi_disk_emulate_vpd_page(SCSIRequest *req, uint8_t *outbuf)
619{
620 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
621 uint8_t page_code = req->cmd.buf[2];
622 int start, buflen = 0;
623
624 outbuf[buflen++] = s->qdev.type & 0x1f;
625 outbuf[buflen++] = page_code;
626 outbuf[buflen++] = 0x00;
627 outbuf[buflen++] = 0x00;
628 start = buflen;
629
630 switch (page_code) {
631 case 0x00:
632 {
633 trace_scsi_disk_emulate_vpd_page_00(req->cmd.xfer);
634 outbuf[buflen++] = 0x00;
635 if (s->serial) {
636 outbuf[buflen++] = 0x80;
637 }
638 outbuf[buflen++] = 0x83;
639 if (s->qdev.type == TYPE_DISK) {
640 outbuf[buflen++] = 0xb0;
641 outbuf[buflen++] = 0xb1;
642 outbuf[buflen++] = 0xb2;
643 }
644 break;
645 }
646 case 0x80:
647 {
648 int l;
649
650 if (!s->serial) {
651 trace_scsi_disk_emulate_vpd_page_80_not_supported();
652 return -1;
653 }
654
655 l = strlen(s->serial);
656 if (l > 36) {
657 l = 36;
658 }
659
660 trace_scsi_disk_emulate_vpd_page_80(req->cmd.xfer);
661 memcpy(outbuf + buflen, s->serial, l);
662 buflen += l;
663 break;
664 }
665
666 case 0x83:
667 {
668 int id_len = s->device_id ? MIN(strlen(s->device_id), 255 - 8) : 0;
669
670 trace_scsi_disk_emulate_vpd_page_83(req->cmd.xfer);
671
672 if (id_len) {
673 outbuf[buflen++] = 0x2;
674 outbuf[buflen++] = 0;
675 outbuf[buflen++] = 0;
676 outbuf[buflen++] = id_len;
677 memcpy(outbuf + buflen, s->device_id, id_len);
678 buflen += id_len;
679 }
680
681 if (s->qdev.wwn) {
682 outbuf[buflen++] = 0x1;
683 outbuf[buflen++] = 0x3;
684 outbuf[buflen++] = 0;
685 outbuf[buflen++] = 8;
686 stq_be_p(&outbuf[buflen], s->qdev.wwn);
687 buflen += 8;
688 }
689
690 if (s->qdev.port_wwn) {
691 outbuf[buflen++] = 0x61;
692 outbuf[buflen++] = 0x93;
693 outbuf[buflen++] = 0;
694 outbuf[buflen++] = 8;
695 stq_be_p(&outbuf[buflen], s->qdev.port_wwn);
696 buflen += 8;
697 }
698
699 if (s->port_index) {
700 outbuf[buflen++] = 0x61;
701
702
703 outbuf[buflen++] = 0x94;
704
705 outbuf[buflen++] = 0;
706 outbuf[buflen++] = 4;
707 stw_be_p(&outbuf[buflen + 2], s->port_index);
708 buflen += 4;
709 }
710 break;
711 }
712 case 0xb0:
713 {
714 SCSIBlockLimits bl = {};
715
716 if (s->qdev.type == TYPE_ROM) {
717 trace_scsi_disk_emulate_vpd_page_b0_not_supported();
718 return -1;
719 }
720 bl.wsnz = 1;
721 bl.unmap_sectors =
722 s->qdev.conf.discard_granularity / s->qdev.blocksize;
723 bl.min_io_size =
724 s->qdev.conf.min_io_size / s->qdev.blocksize;
725 bl.opt_io_size =
726 s->qdev.conf.opt_io_size / s->qdev.blocksize;
727 bl.max_unmap_sectors =
728 s->max_unmap_size / s->qdev.blocksize;
729 bl.max_io_sectors =
730 s->max_io_size / s->qdev.blocksize;
731
732 bl.max_unmap_descr = 255;
733
734 if (s->qdev.type == TYPE_DISK) {
735 int max_transfer_blk = blk_get_max_transfer(s->qdev.conf.blk);
736 int max_io_sectors_blk =
737 max_transfer_blk / s->qdev.blocksize;
738
739 bl.max_io_sectors =
740 MIN_NON_ZERO(max_io_sectors_blk, bl.max_io_sectors);
741 }
742 buflen += scsi_emulate_block_limits(outbuf + buflen, &bl);
743 break;
744 }
745 case 0xb1:
746 {
747 buflen = 0x40;
748 outbuf[4] = (s->rotation_rate >> 8) & 0xff;
749 outbuf[5] = s->rotation_rate & 0xff;
750 outbuf[6] = 0;
751 outbuf[7] = 0;
752 outbuf[8] = 0;
753 break;
754 }
755 case 0xb2:
756 {
757 buflen = 8;
758 outbuf[4] = 0;
759 outbuf[5] = 0xe0;
760 outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1;
761 outbuf[7] = 0;
762 break;
763 }
764 default:
765 return -1;
766 }
767
768 assert(buflen - start <= 255);
769 outbuf[start - 1] = buflen - start;
770 return buflen;
771}
772
773static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
774{
775 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
776 int buflen = 0;
777
778 if (req->cmd.buf[1] & 0x1) {
779
780 return scsi_disk_emulate_vpd_page(req, outbuf);
781 }
782
783
784 if (req->cmd.buf[2] != 0) {
785 return -1;
786 }
787
788
789 buflen = req->cmd.xfer;
790 if (buflen > SCSI_MAX_INQUIRY_LEN) {
791 buflen = SCSI_MAX_INQUIRY_LEN;
792 }
793
794 outbuf[0] = s->qdev.type & 0x1f;
795 outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0;
796
797 strpadcpy((char *) &outbuf[16], 16, s->product, ' ');
798 strpadcpy((char *) &outbuf[8], 8, s->vendor, ' ');
799
800 memset(&outbuf[32], 0, 4);
801 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
802
803
804
805
806
807
808 outbuf[2] = s->qdev.default_scsi_version;
809 outbuf[3] = 2 | 0x10;
810
811 if (buflen > 36) {
812 outbuf[4] = buflen - 5;
813 } else {
814
815
816 outbuf[4] = 36 - 5;
817 }
818
819
820 outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0);
821 return buflen;
822}
823
824static inline bool media_is_dvd(SCSIDiskState *s)
825{
826 uint64_t nb_sectors;
827 if (s->qdev.type != TYPE_ROM) {
828 return false;
829 }
830 if (!blk_is_available(s->qdev.conf.blk)) {
831 return false;
832 }
833 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
834 return nb_sectors > CD_MAX_SECTORS;
835}
836
837static inline bool media_is_cd(SCSIDiskState *s)
838{
839 uint64_t nb_sectors;
840 if (s->qdev.type != TYPE_ROM) {
841 return false;
842 }
843 if (!blk_is_available(s->qdev.conf.blk)) {
844 return false;
845 }
846 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
847 return nb_sectors <= CD_MAX_SECTORS;
848}
849
850static int scsi_read_disc_information(SCSIDiskState *s, SCSIDiskReq *r,
851 uint8_t *outbuf)
852{
853 uint8_t type = r->req.cmd.buf[1] & 7;
854
855 if (s->qdev.type != TYPE_ROM) {
856 return -1;
857 }
858
859
860 if (type != 0) {
861 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
862 return -1;
863 }
864
865 memset(outbuf, 0, 34);
866 outbuf[1] = 32;
867 outbuf[2] = 0xe;
868 outbuf[3] = 1;
869 outbuf[4] = 1;
870 outbuf[5] = 1;
871 outbuf[6] = 1;
872 outbuf[7] = 0x20;
873 outbuf[8] = 0x00;
874
875
876
877
878
879
880 return 34;
881}
882
883static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r,
884 uint8_t *outbuf)
885{
886 static const int rds_caps_size[5] = {
887 [0] = 2048 + 4,
888 [1] = 4 + 4,
889 [3] = 188 + 4,
890 [4] = 2048 + 4,
891 };
892
893 uint8_t media = r->req.cmd.buf[1];
894 uint8_t layer = r->req.cmd.buf[6];
895 uint8_t format = r->req.cmd.buf[7];
896 int size = -1;
897
898 if (s->qdev.type != TYPE_ROM) {
899 return -1;
900 }
901 if (media != 0) {
902 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
903 return -1;
904 }
905
906 if (format != 0xff) {
907 if (!blk_is_available(s->qdev.conf.blk)) {
908 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
909 return -1;
910 }
911 if (media_is_cd(s)) {
912 scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT));
913 return -1;
914 }
915 if (format >= ARRAY_SIZE(rds_caps_size)) {
916 return -1;
917 }
918 size = rds_caps_size[format];
919 memset(outbuf, 0, size);
920 }
921
922 switch (format) {
923 case 0x00: {
924
925 uint64_t nb_sectors;
926 if (layer != 0) {
927 goto fail;
928 }
929 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
930
931 outbuf[4] = 1;
932 outbuf[5] = 0xf;
933 outbuf[6] = 1;
934 outbuf[7] = 0;
935
936 stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1);
937 stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1);
938 break;
939 }
940
941 case 0x01:
942 break;
943
944 case 0x03:
945 return -1;
946
947 case 0x04:
948 break;
949
950 case 0xff: {
951 int i;
952 size = 4;
953 for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) {
954 if (!rds_caps_size[i]) {
955 continue;
956 }
957 outbuf[size] = i;
958 outbuf[size + 1] = 0x40;
959 stw_be_p(&outbuf[size + 2], rds_caps_size[i]);
960 size += 4;
961 }
962 break;
963 }
964
965 default:
966 return -1;
967 }
968
969
970 stw_be_p(outbuf, size - 2);
971 return size;
972
973fail:
974 return -1;
975}
976
977static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf)
978{
979 uint8_t event_code, media_status;
980
981 media_status = 0;
982 if (s->tray_open) {
983 media_status = MS_TRAY_OPEN;
984 } else if (blk_is_inserted(s->qdev.conf.blk)) {
985 media_status = MS_MEDIA_PRESENT;
986 }
987
988
989 event_code = MEC_NO_CHANGE;
990 if (media_status != MS_TRAY_OPEN) {
991 if (s->media_event) {
992 event_code = MEC_NEW_MEDIA;
993 s->media_event = false;
994 } else if (s->eject_request) {
995 event_code = MEC_EJECT_REQUESTED;
996 s->eject_request = false;
997 }
998 }
999
1000 outbuf[0] = event_code;
1001 outbuf[1] = media_status;
1002
1003
1004 outbuf[2] = 0;
1005 outbuf[3] = 0;
1006 return 4;
1007}
1008
1009static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r,
1010 uint8_t *outbuf)
1011{
1012 int size;
1013 uint8_t *buf = r->req.cmd.buf;
1014 uint8_t notification_class_request = buf[4];
1015 if (s->qdev.type != TYPE_ROM) {
1016 return -1;
1017 }
1018 if ((buf[1] & 1) == 0) {
1019
1020 return -1;
1021 }
1022
1023 size = 4;
1024 outbuf[0] = outbuf[1] = 0;
1025 outbuf[3] = 1 << GESN_MEDIA;
1026 if (notification_class_request & (1 << GESN_MEDIA)) {
1027 outbuf[2] = GESN_MEDIA;
1028 size += scsi_event_status_media(s, &outbuf[size]);
1029 } else {
1030 outbuf[2] = 0x80;
1031 }
1032 stw_be_p(outbuf, size - 4);
1033 return size;
1034}
1035
1036static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf)
1037{
1038 int current;
1039
1040 if (s->qdev.type != TYPE_ROM) {
1041 return -1;
1042 }
1043
1044 if (media_is_dvd(s)) {
1045 current = MMC_PROFILE_DVD_ROM;
1046 } else if (media_is_cd(s)) {
1047 current = MMC_PROFILE_CD_ROM;
1048 } else {
1049 current = MMC_PROFILE_NONE;
1050 }
1051
1052 memset(outbuf, 0, 40);
1053 stl_be_p(&outbuf[0], 36);
1054 stw_be_p(&outbuf[6], current);
1055
1056 outbuf[10] = 0x03;
1057 outbuf[11] = 8;
1058 stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM);
1059 outbuf[14] = (current == MMC_PROFILE_DVD_ROM);
1060 stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM);
1061 outbuf[18] = (current == MMC_PROFILE_CD_ROM);
1062
1063 stw_be_p(&outbuf[20], 1);
1064 outbuf[22] = 0x08 | 0x03;
1065 outbuf[23] = 8;
1066 stl_be_p(&outbuf[24], 1);
1067 outbuf[28] = 1;
1068
1069 stw_be_p(&outbuf[32], 3);
1070 outbuf[34] = 0x08 | 0x03;
1071 outbuf[35] = 4;
1072 outbuf[36] = 0x39;
1073
1074
1075 return 40;
1076}
1077
1078static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf)
1079{
1080 if (s->qdev.type != TYPE_ROM) {
1081 return -1;
1082 }
1083 memset(outbuf, 0, 8);
1084 outbuf[5] = 1;
1085 return 8;
1086}
1087
1088static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
1089 int page_control)
1090{
1091 static const int mode_sense_valid[0x3f] = {
1092 [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK),
1093 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK),
1094 [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
1095 [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
1096 [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM),
1097 [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM),
1098 };
1099
1100 uint8_t *p = *p_outbuf + 2;
1101 int length;
1102
1103 if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) {
1104 return -1;
1105 }
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119 switch (page) {
1120 case MODE_PAGE_HD_GEOMETRY:
1121 length = 0x16;
1122 if (page_control == 1) {
1123 break;
1124 }
1125
1126 p[0] = (s->qdev.conf.cyls >> 16) & 0xff;
1127 p[1] = (s->qdev.conf.cyls >> 8) & 0xff;
1128 p[2] = s->qdev.conf.cyls & 0xff;
1129 p[3] = s->qdev.conf.heads & 0xff;
1130
1131 p[4] = (s->qdev.conf.cyls >> 16) & 0xff;
1132 p[5] = (s->qdev.conf.cyls >> 8) & 0xff;
1133 p[6] = s->qdev.conf.cyls & 0xff;
1134
1135 p[7] = (s->qdev.conf.cyls >> 16) & 0xff;
1136 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1137 p[9] = s->qdev.conf.cyls & 0xff;
1138
1139 p[10] = 0;
1140 p[11] = 200;
1141
1142 p[12] = 0xff;
1143 p[13] = 0xff;
1144 p[14] = 0xff;
1145
1146 p[18] = (5400 >> 8) & 0xff;
1147 p[19] = 5400 & 0xff;
1148 break;
1149
1150 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY:
1151 length = 0x1e;
1152 if (page_control == 1) {
1153 break;
1154 }
1155
1156 p[0] = 5000 >> 8;
1157 p[1] = 5000 & 0xff;
1158
1159 p[2] = s->qdev.conf.heads & 0xff;
1160 p[3] = s->qdev.conf.secs & 0xff;
1161 p[4] = s->qdev.blocksize >> 8;
1162 p[6] = (s->qdev.conf.cyls >> 8) & 0xff;
1163 p[7] = s->qdev.conf.cyls & 0xff;
1164
1165 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1166 p[9] = s->qdev.conf.cyls & 0xff;
1167
1168 p[10] = (s->qdev.conf.cyls >> 8) & 0xff;
1169 p[11] = s->qdev.conf.cyls & 0xff;
1170
1171 p[12] = 0;
1172 p[13] = 1;
1173
1174 p[14] = 1;
1175
1176 p[15] = 0;
1177 p[16] = 1;
1178
1179 p[17] = 1;
1180
1181 p[18] = 1;
1182
1183 p[26] = (5400 >> 8) & 0xff;
1184 p[27] = 5400 & 0xff;
1185 break;
1186
1187 case MODE_PAGE_CACHING:
1188 length = 0x12;
1189 if (page_control == 1 ||
1190 blk_enable_write_cache(s->qdev.conf.blk)) {
1191 p[0] = 4;
1192 }
1193 break;
1194
1195 case MODE_PAGE_R_W_ERROR:
1196 length = 10;
1197 if (page_control == 1) {
1198 break;
1199 }
1200 p[0] = 0x80;
1201 if (s->qdev.type == TYPE_ROM) {
1202 p[1] = 0x20;
1203 }
1204 break;
1205
1206 case MODE_PAGE_AUDIO_CTL:
1207 length = 14;
1208 break;
1209
1210 case MODE_PAGE_CAPABILITIES:
1211 length = 0x14;
1212 if (page_control == 1) {
1213 break;
1214 }
1215
1216 p[0] = 0x3b;
1217 p[1] = 0;
1218 p[2] = 0x7f;
1219
1220 p[3] = 0xff;
1221
1222
1223 p[4] = 0x2d | (s->tray_locked ? 2 : 0);
1224
1225 p[5] = 0;
1226
1227 p[6] = (50 * 176) >> 8;
1228 p[7] = (50 * 176) & 0xff;
1229 p[8] = 2 >> 8;
1230 p[9] = 2 & 0xff;
1231 p[10] = 2048 >> 8;
1232 p[11] = 2048 & 0xff;
1233 p[12] = (16 * 176) >> 8;
1234 p[13] = (16 * 176) & 0xff;
1235 p[16] = (16 * 176) >> 8;
1236 p[17] = (16 * 176) & 0xff;
1237 p[18] = (16 * 176) >> 8;
1238 p[19] = (16 * 176) & 0xff;
1239 break;
1240
1241 default:
1242 return -1;
1243 }
1244
1245 assert(length < 256);
1246 (*p_outbuf)[0] = page;
1247 (*p_outbuf)[1] = length;
1248 *p_outbuf += length + 2;
1249 return length + 2;
1250}
1251
1252static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
1253{
1254 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1255 uint64_t nb_sectors;
1256 bool dbd;
1257 int page, buflen, ret, page_control;
1258 uint8_t *p;
1259 uint8_t dev_specific_param;
1260
1261 dbd = (r->req.cmd.buf[1] & 0x8) != 0;
1262 page = r->req.cmd.buf[2] & 0x3f;
1263 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
1264
1265 trace_scsi_disk_emulate_mode_sense((r->req.cmd.buf[0] == MODE_SENSE) ? 6 :
1266 10, page, r->req.cmd.xfer, page_control);
1267 memset(outbuf, 0, r->req.cmd.xfer);
1268 p = outbuf;
1269
1270 if (s->qdev.type == TYPE_DISK) {
1271 dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0;
1272 if (blk_is_read_only(s->qdev.conf.blk)) {
1273 dev_specific_param |= 0x80;
1274 }
1275 } else {
1276
1277
1278 dev_specific_param = 0x00;
1279 dbd = true;
1280 }
1281
1282 if (r->req.cmd.buf[0] == MODE_SENSE) {
1283 p[1] = 0;
1284 p[2] = dev_specific_param;
1285 p[3] = 0;
1286 p += 4;
1287 } else {
1288 p[2] = 0;
1289 p[3] = dev_specific_param;
1290 p[6] = p[7] = 0;
1291 p += 8;
1292 }
1293
1294 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
1295 if (!dbd && nb_sectors) {
1296 if (r->req.cmd.buf[0] == MODE_SENSE) {
1297 outbuf[3] = 8;
1298 } else {
1299 outbuf[7] = 8;
1300 }
1301 nb_sectors /= (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1302 if (nb_sectors > 0xffffff) {
1303 nb_sectors = 0;
1304 }
1305 p[0] = 0;
1306 p[1] = (nb_sectors >> 16) & 0xff;
1307 p[2] = (nb_sectors >> 8) & 0xff;
1308 p[3] = nb_sectors & 0xff;
1309 p[4] = 0;
1310 p[5] = 0;
1311 p[6] = s->qdev.blocksize >> 8;
1312 p[7] = 0;
1313 p += 8;
1314 }
1315
1316 if (page_control == 3) {
1317
1318 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
1319 return -1;
1320 }
1321
1322 if (page == 0x3f) {
1323 for (page = 0; page <= 0x3e; page++) {
1324 mode_sense_page(s, page, &p, page_control);
1325 }
1326 } else {
1327 ret = mode_sense_page(s, page, &p, page_control);
1328 if (ret == -1) {
1329 return -1;
1330 }
1331 }
1332
1333 buflen = p - outbuf;
1334
1335
1336
1337
1338
1339 if (r->req.cmd.buf[0] == MODE_SENSE) {
1340 outbuf[0] = buflen - 1;
1341 } else {
1342 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
1343 outbuf[1] = (buflen - 2) & 0xff;
1344 }
1345 return buflen;
1346}
1347
1348static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
1349{
1350 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1351 int start_track, format, msf, toclen;
1352 uint64_t nb_sectors;
1353
1354 msf = req->cmd.buf[1] & 2;
1355 format = req->cmd.buf[2] & 0xf;
1356 start_track = req->cmd.buf[6];
1357 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
1358 trace_scsi_disk_emulate_read_toc(start_track, format, msf >> 1);
1359 nb_sectors /= s->qdev.blocksize / BDRV_SECTOR_SIZE;
1360 switch (format) {
1361 case 0:
1362 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
1363 break;
1364 case 1:
1365
1366 toclen = 12;
1367 memset(outbuf, 0, 12);
1368 outbuf[1] = 0x0a;
1369 outbuf[2] = 0x01;
1370 outbuf[3] = 0x01;
1371 break;
1372 case 2:
1373 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
1374 break;
1375 default:
1376 return -1;
1377 }
1378 return toclen;
1379}
1380
1381static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
1382{
1383 SCSIRequest *req = &r->req;
1384 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1385 bool start = req->cmd.buf[4] & 1;
1386 bool loej = req->cmd.buf[4] & 2;
1387 int pwrcnd = req->cmd.buf[4] & 0xf0;
1388
1389 if (pwrcnd) {
1390
1391 return 0;
1392 }
1393
1394 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) && loej) {
1395 if (!start && !s->tray_open && s->tray_locked) {
1396 scsi_check_condition(r,
1397 blk_is_inserted(s->qdev.conf.blk)
1398 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
1399 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
1400 return -1;
1401 }
1402
1403 if (s->tray_open != !start) {
1404 blk_eject(s->qdev.conf.blk, !start);
1405 s->tray_open = !start;
1406 }
1407 }
1408 return 0;
1409}
1410
1411static void scsi_disk_emulate_read_data(SCSIRequest *req)
1412{
1413 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1414 int buflen = r->iov.iov_len;
1415
1416 if (buflen) {
1417 trace_scsi_disk_emulate_read_data(buflen);
1418 r->iov.iov_len = 0;
1419 r->started = true;
1420 scsi_req_data(&r->req, buflen);
1421 return;
1422 }
1423
1424
1425 scsi_req_complete(&r->req, GOOD);
1426}
1427
1428static int scsi_disk_check_mode_select(SCSIDiskState *s, int page,
1429 uint8_t *inbuf, int inlen)
1430{
1431 uint8_t mode_current[SCSI_MAX_MODE_LEN];
1432 uint8_t mode_changeable[SCSI_MAX_MODE_LEN];
1433 uint8_t *p;
1434 int len, expected_len, changeable_len, i;
1435
1436
1437
1438
1439 expected_len = inlen + 2;
1440 if (expected_len > SCSI_MAX_MODE_LEN) {
1441 return -1;
1442 }
1443
1444 p = mode_current;
1445 memset(mode_current, 0, inlen + 2);
1446 len = mode_sense_page(s, page, &p, 0);
1447 if (len < 0 || len != expected_len) {
1448 return -1;
1449 }
1450
1451 p = mode_changeable;
1452 memset(mode_changeable, 0, inlen + 2);
1453 changeable_len = mode_sense_page(s, page, &p, 1);
1454 assert(changeable_len == len);
1455
1456
1457
1458
1459 for (i = 2; i < len; i++) {
1460 if (((mode_current[i] ^ inbuf[i - 2]) & ~mode_changeable[i]) != 0) {
1461 return -1;
1462 }
1463 }
1464 return 0;
1465}
1466
1467static void scsi_disk_apply_mode_select(SCSIDiskState *s, int page, uint8_t *p)
1468{
1469 switch (page) {
1470 case MODE_PAGE_CACHING:
1471 blk_set_enable_write_cache(s->qdev.conf.blk, (p[0] & 4) != 0);
1472 break;
1473
1474 default:
1475 break;
1476 }
1477}
1478
1479static int mode_select_pages(SCSIDiskReq *r, uint8_t *p, int len, bool change)
1480{
1481 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1482
1483 while (len > 0) {
1484 int page, subpage, page_len;
1485
1486
1487 page = p[0] & 0x3f;
1488 if (p[0] & 0x40) {
1489 if (len < 4) {
1490 goto invalid_param_len;
1491 }
1492 subpage = p[1];
1493 page_len = lduw_be_p(&p[2]);
1494 p += 4;
1495 len -= 4;
1496 } else {
1497 if (len < 2) {
1498 goto invalid_param_len;
1499 }
1500 subpage = 0;
1501 page_len = p[1];
1502 p += 2;
1503 len -= 2;
1504 }
1505
1506 if (subpage) {
1507 goto invalid_param;
1508 }
1509 if (page_len > len) {
1510 goto invalid_param_len;
1511 }
1512
1513 if (!change) {
1514 if (scsi_disk_check_mode_select(s, page, p, page_len) < 0) {
1515 goto invalid_param;
1516 }
1517 } else {
1518 scsi_disk_apply_mode_select(s, page, p);
1519 }
1520
1521 p += page_len;
1522 len -= page_len;
1523 }
1524 return 0;
1525
1526invalid_param:
1527 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1528 return -1;
1529
1530invalid_param_len:
1531 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1532 return -1;
1533}
1534
1535static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf)
1536{
1537 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1538 uint8_t *p = inbuf;
1539 int cmd = r->req.cmd.buf[0];
1540 int len = r->req.cmd.xfer;
1541 int hdr_len = (cmd == MODE_SELECT ? 4 : 8);
1542 int bd_len;
1543 int pass;
1544
1545
1546 if ((r->req.cmd.buf[1] & 0x11) != 0x10) {
1547 goto invalid_field;
1548 }
1549
1550 if (len < hdr_len) {
1551 goto invalid_param_len;
1552 }
1553
1554 bd_len = (cmd == MODE_SELECT ? p[3] : lduw_be_p(&p[6]));
1555 len -= hdr_len;
1556 p += hdr_len;
1557 if (len < bd_len) {
1558 goto invalid_param_len;
1559 }
1560 if (bd_len != 0 && bd_len != 8) {
1561 goto invalid_param;
1562 }
1563
1564 len -= bd_len;
1565 p += bd_len;
1566
1567
1568 for (pass = 0; pass < 2; pass++) {
1569 if (mode_select_pages(r, p, len, pass == 1) < 0) {
1570 assert(pass == 0);
1571 return;
1572 }
1573 }
1574 if (!blk_enable_write_cache(s->qdev.conf.blk)) {
1575
1576 scsi_req_ref(&r->req);
1577 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
1578 BLOCK_ACCT_FLUSH);
1579 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
1580 return;
1581 }
1582
1583 scsi_req_complete(&r->req, GOOD);
1584 return;
1585
1586invalid_param:
1587 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1588 return;
1589
1590invalid_param_len:
1591 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1592 return;
1593
1594invalid_field:
1595 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1596}
1597
1598static inline bool check_lba_range(SCSIDiskState *s,
1599 uint64_t sector_num, uint32_t nb_sectors)
1600{
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610 return (sector_num <= sector_num + nb_sectors &&
1611 sector_num + nb_sectors <= s->qdev.max_lba + 1);
1612}
1613
1614typedef struct UnmapCBData {
1615 SCSIDiskReq *r;
1616 uint8_t *inbuf;
1617 int count;
1618} UnmapCBData;
1619
1620static void scsi_unmap_complete(void *opaque, int ret);
1621
1622static void scsi_unmap_complete_noio(UnmapCBData *data, int ret)
1623{
1624 SCSIDiskReq *r = data->r;
1625 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1626
1627 assert(r->req.aiocb == NULL);
1628
1629 if (data->count > 0) {
1630 r->sector = ldq_be_p(&data->inbuf[0])
1631 * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1632 r->sector_count = (ldl_be_p(&data->inbuf[8]) & 0xffffffffULL)
1633 * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1634 if (!check_lba_range(s, r->sector, r->sector_count)) {
1635 block_acct_invalid(blk_get_stats(s->qdev.conf.blk),
1636 BLOCK_ACCT_UNMAP);
1637 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1638 goto done;
1639 }
1640
1641 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1642 r->sector_count * BDRV_SECTOR_SIZE,
1643 BLOCK_ACCT_UNMAP);
1644
1645 r->req.aiocb = blk_aio_pdiscard(s->qdev.conf.blk,
1646 r->sector * BDRV_SECTOR_SIZE,
1647 r->sector_count * BDRV_SECTOR_SIZE,
1648 scsi_unmap_complete, data);
1649 data->count--;
1650 data->inbuf += 16;
1651 return;
1652 }
1653
1654 scsi_req_complete(&r->req, GOOD);
1655
1656done:
1657 scsi_req_unref(&r->req);
1658 g_free(data);
1659}
1660
1661static void scsi_unmap_complete(void *opaque, int ret)
1662{
1663 UnmapCBData *data = opaque;
1664 SCSIDiskReq *r = data->r;
1665 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1666
1667 assert(r->req.aiocb != NULL);
1668 r->req.aiocb = NULL;
1669
1670 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
1671 if (scsi_disk_req_check_error(r, ret, true)) {
1672 scsi_req_unref(&r->req);
1673 g_free(data);
1674 } else {
1675 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
1676 scsi_unmap_complete_noio(data, ret);
1677 }
1678 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
1679}
1680
1681static void scsi_disk_emulate_unmap(SCSIDiskReq *r, uint8_t *inbuf)
1682{
1683 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1684 uint8_t *p = inbuf;
1685 int len = r->req.cmd.xfer;
1686 UnmapCBData *data;
1687
1688
1689 if (r->req.cmd.buf[1] & 0x1) {
1690 goto invalid_field;
1691 }
1692
1693 if (len < 8) {
1694 goto invalid_param_len;
1695 }
1696 if (len < lduw_be_p(&p[0]) + 2) {
1697 goto invalid_param_len;
1698 }
1699 if (len < lduw_be_p(&p[2]) + 8) {
1700 goto invalid_param_len;
1701 }
1702 if (lduw_be_p(&p[2]) & 15) {
1703 goto invalid_param_len;
1704 }
1705
1706 if (blk_is_read_only(s->qdev.conf.blk)) {
1707 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
1708 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1709 return;
1710 }
1711
1712 data = g_new0(UnmapCBData, 1);
1713 data->r = r;
1714 data->inbuf = &p[8];
1715 data->count = lduw_be_p(&p[2]) >> 4;
1716
1717
1718 scsi_req_ref(&r->req);
1719 scsi_unmap_complete_noio(data, 0);
1720 return;
1721
1722invalid_param_len:
1723 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
1724 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1725 return;
1726
1727invalid_field:
1728 block_acct_invalid(blk_get_stats(s->qdev.conf.blk), BLOCK_ACCT_UNMAP);
1729 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1730}
1731
1732typedef struct WriteSameCBData {
1733 SCSIDiskReq *r;
1734 int64_t sector;
1735 int nb_sectors;
1736 QEMUIOVector qiov;
1737 struct iovec iov;
1738} WriteSameCBData;
1739
1740static void scsi_write_same_complete(void *opaque, int ret)
1741{
1742 WriteSameCBData *data = opaque;
1743 SCSIDiskReq *r = data->r;
1744 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1745
1746 assert(r->req.aiocb != NULL);
1747 r->req.aiocb = NULL;
1748 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
1749 if (scsi_disk_req_check_error(r, ret, true)) {
1750 goto done;
1751 }
1752
1753 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
1754
1755 data->nb_sectors -= data->iov.iov_len / BDRV_SECTOR_SIZE;
1756 data->sector += data->iov.iov_len / BDRV_SECTOR_SIZE;
1757 data->iov.iov_len = MIN(data->nb_sectors * BDRV_SECTOR_SIZE,
1758 data->iov.iov_len);
1759 if (data->iov.iov_len) {
1760 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1761 data->iov.iov_len, BLOCK_ACCT_WRITE);
1762
1763
1764 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
1765 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1766 data->sector << BDRV_SECTOR_BITS,
1767 &data->qiov, 0,
1768 scsi_write_same_complete, data);
1769 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
1770 return;
1771 }
1772
1773 scsi_req_complete(&r->req, GOOD);
1774
1775done:
1776 scsi_req_unref(&r->req);
1777 qemu_vfree(data->iov.iov_base);
1778 g_free(data);
1779 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
1780}
1781
1782static void scsi_disk_emulate_write_same(SCSIDiskReq *r, uint8_t *inbuf)
1783{
1784 SCSIRequest *req = &r->req;
1785 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1786 uint32_t nb_sectors = scsi_data_cdb_xfer(r->req.cmd.buf);
1787 WriteSameCBData *data;
1788 uint8_t *buf;
1789 int i;
1790
1791
1792 if (nb_sectors == 0 || (req->cmd.buf[1] & 0x16)) {
1793 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1794 return;
1795 }
1796
1797 if (blk_is_read_only(s->qdev.conf.blk)) {
1798 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1799 return;
1800 }
1801 if (!check_lba_range(s, r->req.cmd.lba, nb_sectors)) {
1802 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1803 return;
1804 }
1805
1806 if ((req->cmd.buf[1] & 0x1) || buffer_is_zero(inbuf, s->qdev.blocksize)) {
1807 int flags = (req->cmd.buf[1] & 0x8) ? BDRV_REQ_MAY_UNMAP : 0;
1808
1809
1810 scsi_req_ref(&r->req);
1811 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1812 nb_sectors * s->qdev.blocksize,
1813 BLOCK_ACCT_WRITE);
1814 r->req.aiocb = blk_aio_pwrite_zeroes(s->qdev.conf.blk,
1815 r->req.cmd.lba * s->qdev.blocksize,
1816 nb_sectors * s->qdev.blocksize,
1817 flags, scsi_aio_complete, r);
1818 return;
1819 }
1820
1821 data = g_new0(WriteSameCBData, 1);
1822 data->r = r;
1823 data->sector = r->req.cmd.lba * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1824 data->nb_sectors = nb_sectors * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
1825 data->iov.iov_len = MIN(data->nb_sectors * BDRV_SECTOR_SIZE,
1826 SCSI_WRITE_SAME_MAX);
1827 data->iov.iov_base = buf = blk_blockalign(s->qdev.conf.blk,
1828 data->iov.iov_len);
1829 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
1830
1831 for (i = 0; i < data->iov.iov_len; i += s->qdev.blocksize) {
1832 memcpy(&buf[i], inbuf, s->qdev.blocksize);
1833 }
1834
1835 scsi_req_ref(&r->req);
1836 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
1837 data->iov.iov_len, BLOCK_ACCT_WRITE);
1838 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1839 data->sector << BDRV_SECTOR_BITS,
1840 &data->qiov, 0,
1841 scsi_write_same_complete, data);
1842}
1843
1844static void scsi_disk_emulate_write_data(SCSIRequest *req)
1845{
1846 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1847
1848 if (r->iov.iov_len) {
1849 int buflen = r->iov.iov_len;
1850 trace_scsi_disk_emulate_write_data(buflen);
1851 r->iov.iov_len = 0;
1852 scsi_req_data(&r->req, buflen);
1853 return;
1854 }
1855
1856 switch (req->cmd.buf[0]) {
1857 case MODE_SELECT:
1858 case MODE_SELECT_10:
1859
1860 scsi_disk_emulate_mode_select(r, r->iov.iov_base);
1861 break;
1862
1863 case UNMAP:
1864 scsi_disk_emulate_unmap(r, r->iov.iov_base);
1865 break;
1866
1867 case VERIFY_10:
1868 case VERIFY_12:
1869 case VERIFY_16:
1870 if (r->req.status == -1) {
1871 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1872 }
1873 break;
1874
1875 case WRITE_SAME_10:
1876 case WRITE_SAME_16:
1877 scsi_disk_emulate_write_same(r, r->iov.iov_base);
1878 break;
1879
1880 default:
1881 abort();
1882 }
1883}
1884
1885static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
1886{
1887 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1888 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1889 uint64_t nb_sectors;
1890 uint8_t *outbuf;
1891 int buflen;
1892
1893 switch (req->cmd.buf[0]) {
1894 case INQUIRY:
1895 case MODE_SENSE:
1896 case MODE_SENSE_10:
1897 case RESERVE:
1898 case RESERVE_10:
1899 case RELEASE:
1900 case RELEASE_10:
1901 case START_STOP:
1902 case ALLOW_MEDIUM_REMOVAL:
1903 case GET_CONFIGURATION:
1904 case GET_EVENT_STATUS_NOTIFICATION:
1905 case MECHANISM_STATUS:
1906 case REQUEST_SENSE:
1907 break;
1908
1909 default:
1910 if (!blk_is_available(s->qdev.conf.blk)) {
1911 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1912 return 0;
1913 }
1914 break;
1915 }
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925 if (req->cmd.xfer > 65536) {
1926 goto illegal_request;
1927 }
1928 r->buflen = MAX(4096, req->cmd.xfer);
1929
1930 if (!r->iov.iov_base) {
1931 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
1932 }
1933
1934 outbuf = r->iov.iov_base;
1935 memset(outbuf, 0, r->buflen);
1936 switch (req->cmd.buf[0]) {
1937 case TEST_UNIT_READY:
1938 assert(blk_is_available(s->qdev.conf.blk));
1939 break;
1940 case INQUIRY:
1941 buflen = scsi_disk_emulate_inquiry(req, outbuf);
1942 if (buflen < 0) {
1943 goto illegal_request;
1944 }
1945 break;
1946 case MODE_SENSE:
1947 case MODE_SENSE_10:
1948 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
1949 if (buflen < 0) {
1950 goto illegal_request;
1951 }
1952 break;
1953 case READ_TOC:
1954 buflen = scsi_disk_emulate_read_toc(req, outbuf);
1955 if (buflen < 0) {
1956 goto illegal_request;
1957 }
1958 break;
1959 case RESERVE:
1960 if (req->cmd.buf[1] & 1) {
1961 goto illegal_request;
1962 }
1963 break;
1964 case RESERVE_10:
1965 if (req->cmd.buf[1] & 3) {
1966 goto illegal_request;
1967 }
1968 break;
1969 case RELEASE:
1970 if (req->cmd.buf[1] & 1) {
1971 goto illegal_request;
1972 }
1973 break;
1974 case RELEASE_10:
1975 if (req->cmd.buf[1] & 3) {
1976 goto illegal_request;
1977 }
1978 break;
1979 case START_STOP:
1980 if (scsi_disk_emulate_start_stop(r) < 0) {
1981 return 0;
1982 }
1983 break;
1984 case ALLOW_MEDIUM_REMOVAL:
1985 s->tray_locked = req->cmd.buf[4] & 1;
1986 blk_lock_medium(s->qdev.conf.blk, req->cmd.buf[4] & 1);
1987 break;
1988 case READ_CAPACITY_10:
1989
1990 memset(outbuf, 0, 8);
1991 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
1992 if (!nb_sectors) {
1993 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
1994 return 0;
1995 }
1996 if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) {
1997 goto illegal_request;
1998 }
1999 nb_sectors /= s->qdev.blocksize / BDRV_SECTOR_SIZE;
2000
2001 nb_sectors--;
2002
2003 s->qdev.max_lba = nb_sectors;
2004
2005 if (nb_sectors > UINT32_MAX) {
2006 nb_sectors = UINT32_MAX;
2007 }
2008 outbuf[0] = (nb_sectors >> 24) & 0xff;
2009 outbuf[1] = (nb_sectors >> 16) & 0xff;
2010 outbuf[2] = (nb_sectors >> 8) & 0xff;
2011 outbuf[3] = nb_sectors & 0xff;
2012 outbuf[4] = 0;
2013 outbuf[5] = 0;
2014 outbuf[6] = s->qdev.blocksize >> 8;
2015 outbuf[7] = 0;
2016 break;
2017 case REQUEST_SENSE:
2018
2019 buflen = scsi_convert_sense(NULL, 0, outbuf, r->buflen,
2020 (req->cmd.buf[1] & 1) == 0);
2021 if (buflen < 0) {
2022 goto illegal_request;
2023 }
2024 break;
2025 case MECHANISM_STATUS:
2026 buflen = scsi_emulate_mechanism_status(s, outbuf);
2027 if (buflen < 0) {
2028 goto illegal_request;
2029 }
2030 break;
2031 case GET_CONFIGURATION:
2032 buflen = scsi_get_configuration(s, outbuf);
2033 if (buflen < 0) {
2034 goto illegal_request;
2035 }
2036 break;
2037 case GET_EVENT_STATUS_NOTIFICATION:
2038 buflen = scsi_get_event_status_notification(s, r, outbuf);
2039 if (buflen < 0) {
2040 goto illegal_request;
2041 }
2042 break;
2043 case READ_DISC_INFORMATION:
2044 buflen = scsi_read_disc_information(s, r, outbuf);
2045 if (buflen < 0) {
2046 goto illegal_request;
2047 }
2048 break;
2049 case READ_DVD_STRUCTURE:
2050 buflen = scsi_read_dvd_structure(s, r, outbuf);
2051 if (buflen < 0) {
2052 goto illegal_request;
2053 }
2054 break;
2055 case SERVICE_ACTION_IN_16:
2056
2057 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
2058 trace_scsi_disk_emulate_command_SAI_16();
2059 memset(outbuf, 0, req->cmd.xfer);
2060 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
2061 if (!nb_sectors) {
2062 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
2063 return 0;
2064 }
2065 if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) {
2066 goto illegal_request;
2067 }
2068 nb_sectors /= s->qdev.blocksize / BDRV_SECTOR_SIZE;
2069
2070 nb_sectors--;
2071
2072 s->qdev.max_lba = nb_sectors;
2073 outbuf[0] = (nb_sectors >> 56) & 0xff;
2074 outbuf[1] = (nb_sectors >> 48) & 0xff;
2075 outbuf[2] = (nb_sectors >> 40) & 0xff;
2076 outbuf[3] = (nb_sectors >> 32) & 0xff;
2077 outbuf[4] = (nb_sectors >> 24) & 0xff;
2078 outbuf[5] = (nb_sectors >> 16) & 0xff;
2079 outbuf[6] = (nb_sectors >> 8) & 0xff;
2080 outbuf[7] = nb_sectors & 0xff;
2081 outbuf[8] = 0;
2082 outbuf[9] = 0;
2083 outbuf[10] = s->qdev.blocksize >> 8;
2084 outbuf[11] = 0;
2085 outbuf[12] = 0;
2086 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
2087
2088
2089 if (s->qdev.conf.discard_granularity) {
2090 outbuf[14] = 0x80;
2091 }
2092
2093
2094 break;
2095 }
2096 trace_scsi_disk_emulate_command_SAI_unsupported();
2097 goto illegal_request;
2098 case SYNCHRONIZE_CACHE:
2099
2100 scsi_req_ref(&r->req);
2101 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
2102 BLOCK_ACCT_FLUSH);
2103 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
2104 return 0;
2105 case SEEK_10:
2106 trace_scsi_disk_emulate_command_SEEK_10(r->req.cmd.lba);
2107 if (r->req.cmd.lba > s->qdev.max_lba) {
2108 goto illegal_lba;
2109 }
2110 break;
2111 case MODE_SELECT:
2112 trace_scsi_disk_emulate_command_MODE_SELECT(r->req.cmd.xfer);
2113 break;
2114 case MODE_SELECT_10:
2115 trace_scsi_disk_emulate_command_MODE_SELECT_10(r->req.cmd.xfer);
2116 break;
2117 case UNMAP:
2118 trace_scsi_disk_emulate_command_UNMAP(r->req.cmd.xfer);
2119 break;
2120 case VERIFY_10:
2121 case VERIFY_12:
2122 case VERIFY_16:
2123 trace_scsi_disk_emulate_command_VERIFY((req->cmd.buf[1] >> 1) & 3);
2124 if (req->cmd.buf[1] & 6) {
2125 goto illegal_request;
2126 }
2127 break;
2128 case WRITE_SAME_10:
2129 case WRITE_SAME_16:
2130 trace_scsi_disk_emulate_command_WRITE_SAME(
2131 req->cmd.buf[0] == WRITE_SAME_10 ? 10 : 16, r->req.cmd.xfer);
2132 break;
2133 default:
2134 trace_scsi_disk_emulate_command_UNKNOWN(buf[0],
2135 scsi_command_name(buf[0]));
2136 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
2137 return 0;
2138 }
2139 assert(!r->req.aiocb);
2140 r->iov.iov_len = MIN(r->buflen, req->cmd.xfer);
2141 if (r->iov.iov_len == 0) {
2142 scsi_req_complete(&r->req, GOOD);
2143 }
2144 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
2145 assert(r->iov.iov_len == req->cmd.xfer);
2146 return -r->iov.iov_len;
2147 } else {
2148 return r->iov.iov_len;
2149 }
2150
2151illegal_request:
2152 if (r->req.status == -1) {
2153 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2154 }
2155 return 0;
2156
2157illegal_lba:
2158 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
2159 return 0;
2160}
2161
2162
2163
2164
2165
2166
2167static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf)
2168{
2169 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2170 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
2171 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
2172 uint32_t len;
2173 uint8_t command;
2174
2175 command = buf[0];
2176
2177 if (!blk_is_available(s->qdev.conf.blk)) {
2178 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
2179 return 0;
2180 }
2181
2182 len = scsi_data_cdb_xfer(r->req.cmd.buf);
2183 switch (command) {
2184 case READ_6:
2185 case READ_10:
2186 case READ_12:
2187 case READ_16:
2188 trace_scsi_disk_dma_command_READ(r->req.cmd.lba, len);
2189
2190
2191
2192
2193 if (s->qdev.scsi_version > 2 && (r->req.cmd.buf[1] & 0xe0)) {
2194 goto illegal_request;
2195 }
2196 if (!check_lba_range(s, r->req.cmd.lba, len)) {
2197 goto illegal_lba;
2198 }
2199 r->sector = r->req.cmd.lba * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
2200 r->sector_count = len * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
2201 break;
2202 case WRITE_6:
2203 case WRITE_10:
2204 case WRITE_12:
2205 case WRITE_16:
2206 case WRITE_VERIFY_10:
2207 case WRITE_VERIFY_12:
2208 case WRITE_VERIFY_16:
2209 if (blk_is_read_only(s->qdev.conf.blk)) {
2210 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
2211 return 0;
2212 }
2213 trace_scsi_disk_dma_command_WRITE(
2214 (command & 0xe) == 0xe ? "And Verify " : "",
2215 r->req.cmd.lba, len);
2216
2217 case VERIFY_10:
2218 case VERIFY_12:
2219 case VERIFY_16:
2220
2221
2222
2223
2224 if (s->qdev.scsi_version > 2 && (r->req.cmd.buf[1] & 0xe0)) {
2225 goto illegal_request;
2226 }
2227 if (!check_lba_range(s, r->req.cmd.lba, len)) {
2228 goto illegal_lba;
2229 }
2230 r->sector = r->req.cmd.lba * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
2231 r->sector_count = len * (s->qdev.blocksize / BDRV_SECTOR_SIZE);
2232 break;
2233 default:
2234 abort();
2235 illegal_request:
2236 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2237 return 0;
2238 illegal_lba:
2239 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
2240 return 0;
2241 }
2242 r->need_fua_emulation = sdc->need_fua_emulation(&r->req.cmd);
2243 if (r->sector_count == 0) {
2244 scsi_req_complete(&r->req, GOOD);
2245 }
2246 assert(r->iov.iov_len == 0);
2247 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
2248 return -r->sector_count * BDRV_SECTOR_SIZE;
2249 } else {
2250 return r->sector_count * BDRV_SECTOR_SIZE;
2251 }
2252}
2253
2254static void scsi_disk_reset(DeviceState *dev)
2255{
2256 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
2257 uint64_t nb_sectors;
2258
2259 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
2260
2261 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
2262 nb_sectors /= s->qdev.blocksize / BDRV_SECTOR_SIZE;
2263 if (nb_sectors) {
2264 nb_sectors--;
2265 }
2266 s->qdev.max_lba = nb_sectors;
2267
2268 s->tray_locked = 0;
2269 s->tray_open = 0;
2270
2271 s->qdev.scsi_version = s->qdev.default_scsi_version;
2272}
2273
2274static void scsi_disk_resize_cb(void *opaque)
2275{
2276 SCSIDiskState *s = opaque;
2277
2278
2279
2280
2281 if (s->qdev.type == TYPE_DISK) {
2282 scsi_device_report_change(&s->qdev, SENSE_CODE(CAPACITY_CHANGED));
2283 }
2284}
2285
2286static void scsi_cd_change_media_cb(void *opaque, bool load, Error **errp)
2287{
2288 SCSIDiskState *s = opaque;
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300 s->media_changed = load;
2301 s->tray_open = !load;
2302 scsi_device_set_ua(&s->qdev, SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM));
2303 s->media_event = true;
2304 s->eject_request = false;
2305}
2306
2307static void scsi_cd_eject_request_cb(void *opaque, bool force)
2308{
2309 SCSIDiskState *s = opaque;
2310
2311 s->eject_request = true;
2312 if (force) {
2313 s->tray_locked = false;
2314 }
2315}
2316
2317static bool scsi_cd_is_tray_open(void *opaque)
2318{
2319 return ((SCSIDiskState *)opaque)->tray_open;
2320}
2321
2322static bool scsi_cd_is_medium_locked(void *opaque)
2323{
2324 return ((SCSIDiskState *)opaque)->tray_locked;
2325}
2326
2327static const BlockDevOps scsi_disk_removable_block_ops = {
2328 .change_media_cb = scsi_cd_change_media_cb,
2329 .eject_request_cb = scsi_cd_eject_request_cb,
2330 .is_tray_open = scsi_cd_is_tray_open,
2331 .is_medium_locked = scsi_cd_is_medium_locked,
2332
2333 .resize_cb = scsi_disk_resize_cb,
2334};
2335
2336static const BlockDevOps scsi_disk_block_ops = {
2337 .resize_cb = scsi_disk_resize_cb,
2338};
2339
2340static void scsi_disk_unit_attention_reported(SCSIDevice *dev)
2341{
2342 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2343 if (s->media_changed) {
2344 s->media_changed = false;
2345 scsi_device_set_ua(&s->qdev, SENSE_CODE(MEDIUM_CHANGED));
2346 }
2347}
2348
2349static void scsi_realize(SCSIDevice *dev, Error **errp)
2350{
2351 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2352 bool read_only;
2353
2354 if (!s->qdev.conf.blk) {
2355 error_setg(errp, "drive property not set");
2356 return;
2357 }
2358
2359 if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2360 !blk_is_inserted(s->qdev.conf.blk)) {
2361 error_setg(errp, "Device needs media, but drive is empty");
2362 return;
2363 }
2364
2365 if (!blkconf_blocksizes(&s->qdev.conf, errp)) {
2366 return;
2367 }
2368
2369 if (blk_get_aio_context(s->qdev.conf.blk) != qemu_get_aio_context() &&
2370 !s->qdev.hba_supports_iothread)
2371 {
2372 error_setg(errp, "HBA does not support iothreads");
2373 return;
2374 }
2375
2376 if (dev->type == TYPE_DISK) {
2377 if (!blkconf_geometry(&dev->conf, NULL, 65535, 255, 255, errp)) {
2378 return;
2379 }
2380 }
2381
2382 read_only = blk_is_read_only(s->qdev.conf.blk);
2383 if (dev->type == TYPE_ROM) {
2384 read_only = true;
2385 }
2386
2387 if (!blkconf_apply_backend_options(&dev->conf, read_only,
2388 dev->type == TYPE_DISK, errp)) {
2389 return;
2390 }
2391
2392 if (s->qdev.conf.discard_granularity == -1) {
2393 s->qdev.conf.discard_granularity =
2394 MAX(s->qdev.conf.logical_block_size, DEFAULT_DISCARD_GRANULARITY);
2395 }
2396
2397 if (!s->version) {
2398 s->version = g_strdup(qemu_hw_version());
2399 }
2400 if (!s->vendor) {
2401 s->vendor = g_strdup("QEMU");
2402 }
2403 if (!s->device_id) {
2404 if (s->serial) {
2405 s->device_id = g_strdup_printf("%.20s", s->serial);
2406 } else {
2407 const char *str = blk_name(s->qdev.conf.blk);
2408 if (str && *str) {
2409 s->device_id = g_strdup(str);
2410 }
2411 }
2412 }
2413
2414 if (blk_is_sg(s->qdev.conf.blk)) {
2415 error_setg(errp, "unwanted /dev/sg*");
2416 return;
2417 }
2418
2419 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2420 !(s->features & (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS))) {
2421 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_removable_block_ops, s);
2422 } else {
2423 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_block_ops, s);
2424 }
2425 blk_set_guest_block_size(s->qdev.conf.blk, s->qdev.blocksize);
2426
2427 blk_iostatus_enable(s->qdev.conf.blk);
2428
2429 add_boot_device_lchs(&dev->qdev, NULL,
2430 dev->conf.lcyls,
2431 dev->conf.lheads,
2432 dev->conf.lsecs);
2433}
2434
2435static void scsi_unrealize(SCSIDevice *dev)
2436{
2437 del_boot_device_lchs(&dev->qdev, NULL);
2438}
2439
2440static void scsi_hd_realize(SCSIDevice *dev, Error **errp)
2441{
2442 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2443 AioContext *ctx = NULL;
2444
2445
2446
2447 if (s->qdev.conf.blk) {
2448 ctx = blk_get_aio_context(s->qdev.conf.blk);
2449 aio_context_acquire(ctx);
2450 if (!blkconf_blocksizes(&s->qdev.conf, errp)) {
2451 goto out;
2452 }
2453 }
2454 s->qdev.blocksize = s->qdev.conf.logical_block_size;
2455 s->qdev.type = TYPE_DISK;
2456 if (!s->product) {
2457 s->product = g_strdup("QEMU HARDDISK");
2458 }
2459 scsi_realize(&s->qdev, errp);
2460out:
2461 if (ctx) {
2462 aio_context_release(ctx);
2463 }
2464}
2465
2466static void scsi_cd_realize(SCSIDevice *dev, Error **errp)
2467{
2468 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2469 AioContext *ctx;
2470 int ret;
2471
2472 if (!dev->conf.blk) {
2473
2474
2475 dev->conf.blk = blk_new(qemu_get_aio_context(), 0, BLK_PERM_ALL);
2476 ret = blk_attach_dev(dev->conf.blk, &dev->qdev);
2477 assert(ret == 0);
2478 }
2479
2480 ctx = blk_get_aio_context(dev->conf.blk);
2481 aio_context_acquire(ctx);
2482 s->qdev.blocksize = 2048;
2483 s->qdev.type = TYPE_ROM;
2484 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2485 if (!s->product) {
2486 s->product = g_strdup("QEMU CD-ROM");
2487 }
2488 scsi_realize(&s->qdev, errp);
2489 aio_context_release(ctx);
2490}
2491
2492static void scsi_disk_realize(SCSIDevice *dev, Error **errp)
2493{
2494 DriveInfo *dinfo;
2495 Error *local_err = NULL;
2496
2497 warn_report("'scsi-disk' is deprecated, "
2498 "please use 'scsi-hd' or 'scsi-cd' instead");
2499
2500 if (!dev->conf.blk) {
2501 scsi_realize(dev, &local_err);
2502 assert(local_err);
2503 error_propagate(errp, local_err);
2504 return;
2505 }
2506
2507 dinfo = blk_legacy_dinfo(dev->conf.blk);
2508 if (dinfo && dinfo->media_cd) {
2509 scsi_cd_realize(dev, errp);
2510 } else {
2511 scsi_hd_realize(dev, errp);
2512 }
2513}
2514
2515static const SCSIReqOps scsi_disk_emulate_reqops = {
2516 .size = sizeof(SCSIDiskReq),
2517 .free_req = scsi_free_request,
2518 .send_command = scsi_disk_emulate_command,
2519 .read_data = scsi_disk_emulate_read_data,
2520 .write_data = scsi_disk_emulate_write_data,
2521 .get_buf = scsi_get_buf,
2522};
2523
2524static const SCSIReqOps scsi_disk_dma_reqops = {
2525 .size = sizeof(SCSIDiskReq),
2526 .free_req = scsi_free_request,
2527 .send_command = scsi_disk_dma_command,
2528 .read_data = scsi_read_data,
2529 .write_data = scsi_write_data,
2530 .get_buf = scsi_get_buf,
2531 .load_request = scsi_disk_load_request,
2532 .save_request = scsi_disk_save_request,
2533};
2534
2535static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = {
2536 [TEST_UNIT_READY] = &scsi_disk_emulate_reqops,
2537 [INQUIRY] = &scsi_disk_emulate_reqops,
2538 [MODE_SENSE] = &scsi_disk_emulate_reqops,
2539 [MODE_SENSE_10] = &scsi_disk_emulate_reqops,
2540 [START_STOP] = &scsi_disk_emulate_reqops,
2541 [ALLOW_MEDIUM_REMOVAL] = &scsi_disk_emulate_reqops,
2542 [READ_CAPACITY_10] = &scsi_disk_emulate_reqops,
2543 [READ_TOC] = &scsi_disk_emulate_reqops,
2544 [READ_DVD_STRUCTURE] = &scsi_disk_emulate_reqops,
2545 [READ_DISC_INFORMATION] = &scsi_disk_emulate_reqops,
2546 [GET_CONFIGURATION] = &scsi_disk_emulate_reqops,
2547 [GET_EVENT_STATUS_NOTIFICATION] = &scsi_disk_emulate_reqops,
2548 [MECHANISM_STATUS] = &scsi_disk_emulate_reqops,
2549 [SERVICE_ACTION_IN_16] = &scsi_disk_emulate_reqops,
2550 [REQUEST_SENSE] = &scsi_disk_emulate_reqops,
2551 [SYNCHRONIZE_CACHE] = &scsi_disk_emulate_reqops,
2552 [SEEK_10] = &scsi_disk_emulate_reqops,
2553 [MODE_SELECT] = &scsi_disk_emulate_reqops,
2554 [MODE_SELECT_10] = &scsi_disk_emulate_reqops,
2555 [UNMAP] = &scsi_disk_emulate_reqops,
2556 [WRITE_SAME_10] = &scsi_disk_emulate_reqops,
2557 [WRITE_SAME_16] = &scsi_disk_emulate_reqops,
2558 [VERIFY_10] = &scsi_disk_emulate_reqops,
2559 [VERIFY_12] = &scsi_disk_emulate_reqops,
2560 [VERIFY_16] = &scsi_disk_emulate_reqops,
2561
2562 [READ_6] = &scsi_disk_dma_reqops,
2563 [READ_10] = &scsi_disk_dma_reqops,
2564 [READ_12] = &scsi_disk_dma_reqops,
2565 [READ_16] = &scsi_disk_dma_reqops,
2566 [WRITE_6] = &scsi_disk_dma_reqops,
2567 [WRITE_10] = &scsi_disk_dma_reqops,
2568 [WRITE_12] = &scsi_disk_dma_reqops,
2569 [WRITE_16] = &scsi_disk_dma_reqops,
2570 [WRITE_VERIFY_10] = &scsi_disk_dma_reqops,
2571 [WRITE_VERIFY_12] = &scsi_disk_dma_reqops,
2572 [WRITE_VERIFY_16] = &scsi_disk_dma_reqops,
2573};
2574
2575static void scsi_disk_new_request_dump(uint32_t lun, uint32_t tag, uint8_t *buf)
2576{
2577 int i;
2578 int len = scsi_cdb_length(buf);
2579 char *line_buffer, *p;
2580
2581 line_buffer = g_malloc(len * 5 + 1);
2582
2583 for (i = 0, p = line_buffer; i < len; i++) {
2584 p += sprintf(p, " 0x%02x", buf[i]);
2585 }
2586 trace_scsi_disk_new_request(lun, tag, line_buffer);
2587
2588 g_free(line_buffer);
2589}
2590
2591static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
2592 uint8_t *buf, void *hba_private)
2593{
2594 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2595 SCSIRequest *req;
2596 const SCSIReqOps *ops;
2597 uint8_t command;
2598
2599 command = buf[0];
2600 ops = scsi_disk_reqops_dispatch[command];
2601 if (!ops) {
2602 ops = &scsi_disk_emulate_reqops;
2603 }
2604 req = scsi_req_alloc(ops, &s->qdev, tag, lun, hba_private);
2605
2606 if (trace_event_get_state_backends(TRACE_SCSI_DISK_NEW_REQUEST)) {
2607 scsi_disk_new_request_dump(lun, tag, buf);
2608 }
2609
2610 return req;
2611}
2612
2613#ifdef __linux__
2614static int get_device_type(SCSIDiskState *s)
2615{
2616 uint8_t cmd[16];
2617 uint8_t buf[36];
2618 int ret;
2619
2620 memset(cmd, 0, sizeof(cmd));
2621 memset(buf, 0, sizeof(buf));
2622 cmd[0] = INQUIRY;
2623 cmd[4] = sizeof(buf);
2624
2625 ret = scsi_SG_IO_FROM_DEV(s->qdev.conf.blk, cmd, sizeof(cmd),
2626 buf, sizeof(buf));
2627 if (ret < 0) {
2628 return -1;
2629 }
2630 s->qdev.type = buf[0];
2631 if (buf[1] & 0x80) {
2632 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2633 }
2634 return 0;
2635}
2636
2637static void scsi_block_realize(SCSIDevice *dev, Error **errp)
2638{
2639 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2640 AioContext *ctx;
2641 int sg_version;
2642 int rc;
2643
2644 if (!s->qdev.conf.blk) {
2645 error_setg(errp, "drive property not set");
2646 return;
2647 }
2648
2649 if (s->rotation_rate) {
2650 error_report_once("rotation_rate is specified for scsi-block but is "
2651 "not implemented. This option is deprecated and will "
2652 "be removed in a future version");
2653 }
2654
2655 ctx = blk_get_aio_context(s->qdev.conf.blk);
2656 aio_context_acquire(ctx);
2657
2658
2659 rc = blk_ioctl(s->qdev.conf.blk, SG_GET_VERSION_NUM, &sg_version);
2660 if (rc < 0) {
2661 error_setg_errno(errp, -rc, "cannot get SG_IO version number");
2662 if (rc != -EPERM) {
2663 error_append_hint(errp, "Is this a SCSI device?\n");
2664 }
2665 goto out;
2666 }
2667 if (sg_version < 30000) {
2668 error_setg(errp, "scsi generic interface too old");
2669 goto out;
2670 }
2671
2672
2673 rc = get_device_type(s);
2674 if (rc < 0) {
2675 error_setg(errp, "INQUIRY failed");
2676 goto out;
2677 }
2678
2679
2680
2681
2682
2683 if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) {
2684 s->qdev.blocksize = 2048;
2685 } else {
2686 s->qdev.blocksize = 512;
2687 }
2688
2689
2690
2691
2692 s->features |= (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS);
2693
2694 scsi_realize(&s->qdev, errp);
2695 scsi_generic_read_device_inquiry(&s->qdev);
2696
2697out:
2698 aio_context_release(ctx);
2699}
2700
2701typedef struct SCSIBlockReq {
2702 SCSIDiskReq req;
2703 sg_io_hdr_t io_header;
2704
2705
2706 uint8_t cmd, cdb1, group_number;
2707
2708
2709 uint8_t cdb[16];
2710} SCSIBlockReq;
2711
2712static BlockAIOCB *scsi_block_do_sgio(SCSIBlockReq *req,
2713 int64_t offset, QEMUIOVector *iov,
2714 int direction,
2715 BlockCompletionFunc *cb, void *opaque)
2716{
2717 sg_io_hdr_t *io_header = &req->io_header;
2718 SCSIDiskReq *r = &req->req;
2719 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2720 int nb_logical_blocks;
2721 uint64_t lba;
2722 BlockAIOCB *aiocb;
2723
2724
2725
2726
2727
2728 assert(offset % s->qdev.blocksize == 0);
2729 assert(iov->size % s->qdev.blocksize == 0);
2730
2731 io_header->interface_id = 'S';
2732
2733
2734 io_header->dxfer_direction = direction;
2735 io_header->dxfer_len = iov->size;
2736 io_header->dxferp = (void *)iov->iov;
2737 io_header->iovec_count = iov->niov;
2738 assert(io_header->iovec_count == iov->niov);
2739
2740
2741
2742
2743
2744
2745 io_header->cmdp = req->cdb;
2746 lba = offset / s->qdev.blocksize;
2747 nb_logical_blocks = io_header->dxfer_len / s->qdev.blocksize;
2748
2749 if ((req->cmd >> 5) == 0 && lba <= 0x1ffff) {
2750
2751 stl_be_p(&req->cdb[0], lba | (req->cmd << 24));
2752 req->cdb[4] = nb_logical_blocks;
2753 req->cdb[5] = 0;
2754 io_header->cmd_len = 6;
2755 } else if ((req->cmd >> 5) <= 1 && lba <= 0xffffffffULL) {
2756
2757 req->cdb[0] = (req->cmd & 0x1f) | 0x20;
2758 req->cdb[1] = req->cdb1;
2759 stl_be_p(&req->cdb[2], lba);
2760 req->cdb[6] = req->group_number;
2761 stw_be_p(&req->cdb[7], nb_logical_blocks);
2762 req->cdb[9] = 0;
2763 io_header->cmd_len = 10;
2764 } else if ((req->cmd >> 5) != 4 && lba <= 0xffffffffULL) {
2765
2766 req->cdb[0] = (req->cmd & 0x1f) | 0xA0;
2767 req->cdb[1] = req->cdb1;
2768 stl_be_p(&req->cdb[2], lba);
2769 stl_be_p(&req->cdb[6], nb_logical_blocks);
2770 req->cdb[10] = req->group_number;
2771 req->cdb[11] = 0;
2772 io_header->cmd_len = 12;
2773 } else {
2774
2775 req->cdb[0] = (req->cmd & 0x1f) | 0x80;
2776 req->cdb[1] = req->cdb1;
2777 stq_be_p(&req->cdb[2], lba);
2778 stl_be_p(&req->cdb[10], nb_logical_blocks);
2779 req->cdb[14] = req->group_number;
2780 req->cdb[15] = 0;
2781 io_header->cmd_len = 16;
2782 }
2783
2784
2785 io_header->mx_sb_len = sizeof(r->req.sense);
2786 io_header->sbp = r->req.sense;
2787 io_header->timeout = UINT_MAX;
2788 io_header->usr_ptr = r;
2789 io_header->flags |= SG_FLAG_DIRECT_IO;
2790
2791 aiocb = blk_aio_ioctl(s->qdev.conf.blk, SG_IO, io_header, cb, opaque);
2792 assert(aiocb != NULL);
2793 return aiocb;
2794}
2795
2796static bool scsi_block_no_fua(SCSICommand *cmd)
2797{
2798 return false;
2799}
2800
2801static BlockAIOCB *scsi_block_dma_readv(int64_t offset,
2802 QEMUIOVector *iov,
2803 BlockCompletionFunc *cb, void *cb_opaque,
2804 void *opaque)
2805{
2806 SCSIBlockReq *r = opaque;
2807 return scsi_block_do_sgio(r, offset, iov,
2808 SG_DXFER_FROM_DEV, cb, cb_opaque);
2809}
2810
2811static BlockAIOCB *scsi_block_dma_writev(int64_t offset,
2812 QEMUIOVector *iov,
2813 BlockCompletionFunc *cb, void *cb_opaque,
2814 void *opaque)
2815{
2816 SCSIBlockReq *r = opaque;
2817 return scsi_block_do_sgio(r, offset, iov,
2818 SG_DXFER_TO_DEV, cb, cb_opaque);
2819}
2820
2821static bool scsi_block_is_passthrough(SCSIDiskState *s, uint8_t *buf)
2822{
2823 switch (buf[0]) {
2824 case VERIFY_10:
2825 case VERIFY_12:
2826 case VERIFY_16:
2827
2828
2829
2830
2831 if ((buf[1] & 6) == 2) {
2832 return false;
2833 }
2834 break;
2835
2836 case READ_6:
2837 case READ_10:
2838 case READ_12:
2839 case READ_16:
2840 case WRITE_6:
2841 case WRITE_10:
2842 case WRITE_12:
2843 case WRITE_16:
2844 case WRITE_VERIFY_10:
2845 case WRITE_VERIFY_12:
2846 case WRITE_VERIFY_16:
2847
2848
2849
2850
2851
2852
2853 if (s->qdev.type != TYPE_ROM) {
2854 return false;
2855 }
2856 break;
2857
2858 default:
2859 break;
2860 }
2861
2862 return true;
2863}
2864
2865
2866static int32_t scsi_block_dma_command(SCSIRequest *req, uint8_t *buf)
2867{
2868 SCSIBlockReq *r = (SCSIBlockReq *)req;
2869 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
2870
2871 r->cmd = req->cmd.buf[0];
2872 switch (r->cmd >> 5) {
2873 case 0:
2874
2875 r->cdb1 = r->group_number = 0;
2876 break;
2877 case 1:
2878
2879 r->cdb1 = req->cmd.buf[1];
2880 r->group_number = req->cmd.buf[6];
2881 break;
2882 case 4:
2883
2884 r->cdb1 = req->cmd.buf[1];
2885 r->group_number = req->cmd.buf[10];
2886 break;
2887 case 5:
2888
2889 r->cdb1 = req->cmd.buf[1];
2890 r->group_number = req->cmd.buf[14];
2891 break;
2892 default:
2893 abort();
2894 }
2895
2896
2897
2898
2899
2900 if (s->qdev.scsi_version > 2 && (req->cmd.buf[1] & 0xe0)) {
2901 scsi_check_condition(&r->req, SENSE_CODE(INVALID_FIELD));
2902 return 0;
2903 }
2904
2905 r->req.status = &r->io_header.status;
2906 return scsi_disk_dma_command(req, buf);
2907}
2908
2909static const SCSIReqOps scsi_block_dma_reqops = {
2910 .size = sizeof(SCSIBlockReq),
2911 .free_req = scsi_free_request,
2912 .send_command = scsi_block_dma_command,
2913 .read_data = scsi_read_data,
2914 .write_data = scsi_write_data,
2915 .get_buf = scsi_get_buf,
2916 .load_request = scsi_disk_load_request,
2917 .save_request = scsi_disk_save_request,
2918};
2919
2920static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag,
2921 uint32_t lun, uint8_t *buf,
2922 void *hba_private)
2923{
2924 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2925
2926 if (scsi_block_is_passthrough(s, buf)) {
2927 return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun,
2928 hba_private);
2929 } else {
2930 return scsi_req_alloc(&scsi_block_dma_reqops, &s->qdev, tag, lun,
2931 hba_private);
2932 }
2933}
2934
2935static int scsi_block_parse_cdb(SCSIDevice *d, SCSICommand *cmd,
2936 uint8_t *buf, void *hba_private)
2937{
2938 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2939
2940 if (scsi_block_is_passthrough(s, buf)) {
2941 return scsi_bus_parse_cdb(&s->qdev, cmd, buf, hba_private);
2942 } else {
2943 return scsi_req_parse_cdb(&s->qdev, cmd, buf);
2944 }
2945}
2946
2947static void scsi_block_update_sense(SCSIRequest *req)
2948{
2949 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2950 SCSIBlockReq *br = DO_UPCAST(SCSIBlockReq, req, r);
2951 r->req.sense_len = MIN(br->io_header.sb_len_wr, sizeof(r->req.sense));
2952}
2953#endif
2954
2955static
2956BlockAIOCB *scsi_dma_readv(int64_t offset, QEMUIOVector *iov,
2957 BlockCompletionFunc *cb, void *cb_opaque,
2958 void *opaque)
2959{
2960 SCSIDiskReq *r = opaque;
2961 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2962 return blk_aio_preadv(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2963}
2964
2965static
2966BlockAIOCB *scsi_dma_writev(int64_t offset, QEMUIOVector *iov,
2967 BlockCompletionFunc *cb, void *cb_opaque,
2968 void *opaque)
2969{
2970 SCSIDiskReq *r = opaque;
2971 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2972 return blk_aio_pwritev(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2973}
2974
2975static void scsi_disk_base_class_initfn(ObjectClass *klass, void *data)
2976{
2977 DeviceClass *dc = DEVICE_CLASS(klass);
2978 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
2979
2980 dc->fw_name = "disk";
2981 dc->reset = scsi_disk_reset;
2982 sdc->dma_readv = scsi_dma_readv;
2983 sdc->dma_writev = scsi_dma_writev;
2984 sdc->need_fua_emulation = scsi_is_cmd_fua;
2985}
2986
2987static const TypeInfo scsi_disk_base_info = {
2988 .name = TYPE_SCSI_DISK_BASE,
2989 .parent = TYPE_SCSI_DEVICE,
2990 .class_init = scsi_disk_base_class_initfn,
2991 .instance_size = sizeof(SCSIDiskState),
2992 .class_size = sizeof(SCSIDiskClass),
2993 .abstract = true,
2994};
2995
2996#define DEFINE_SCSI_DISK_PROPERTIES() \
2997 DEFINE_PROP_DRIVE_IOTHREAD("drive", SCSIDiskState, qdev.conf.blk), \
2998 DEFINE_BLOCK_PROPERTIES_BASE(SCSIDiskState, qdev.conf), \
2999 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf), \
3000 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
3001 DEFINE_PROP_STRING("serial", SCSIDiskState, serial), \
3002 DEFINE_PROP_STRING("vendor", SCSIDiskState, vendor), \
3003 DEFINE_PROP_STRING("product", SCSIDiskState, product), \
3004 DEFINE_PROP_STRING("device_id", SCSIDiskState, device_id)
3005
3006
3007static Property scsi_hd_properties[] = {
3008 DEFINE_SCSI_DISK_PROPERTIES(),
3009 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
3010 SCSI_DISK_F_REMOVABLE, false),
3011 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
3012 SCSI_DISK_F_DPOFUA, false),
3013 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3014 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
3015 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
3016 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3017 DEFAULT_MAX_UNMAP_SIZE),
3018 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3019 DEFAULT_MAX_IO_SIZE),
3020 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),
3021 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3022 5),
3023 DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState, qdev.conf),
3024 DEFINE_PROP_END_OF_LIST(),
3025};
3026
3027static const VMStateDescription vmstate_scsi_disk_state = {
3028 .name = "scsi-disk",
3029 .version_id = 1,
3030 .minimum_version_id = 1,
3031 .fields = (VMStateField[]) {
3032 VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState),
3033 VMSTATE_BOOL(media_changed, SCSIDiskState),
3034 VMSTATE_BOOL(media_event, SCSIDiskState),
3035 VMSTATE_BOOL(eject_request, SCSIDiskState),
3036 VMSTATE_BOOL(tray_open, SCSIDiskState),
3037 VMSTATE_BOOL(tray_locked, SCSIDiskState),
3038 VMSTATE_END_OF_LIST()
3039 }
3040};
3041
3042static void scsi_hd_class_initfn(ObjectClass *klass, void *data)
3043{
3044 DeviceClass *dc = DEVICE_CLASS(klass);
3045 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3046
3047 sc->realize = scsi_hd_realize;
3048 sc->unrealize = scsi_unrealize;
3049 sc->alloc_req = scsi_new_request;
3050 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
3051 dc->desc = "virtual SCSI disk";
3052 device_class_set_props(dc, scsi_hd_properties);
3053 dc->vmsd = &vmstate_scsi_disk_state;
3054}
3055
3056static const TypeInfo scsi_hd_info = {
3057 .name = "scsi-hd",
3058 .parent = TYPE_SCSI_DISK_BASE,
3059 .class_init = scsi_hd_class_initfn,
3060};
3061
3062static Property scsi_cd_properties[] = {
3063 DEFINE_SCSI_DISK_PROPERTIES(),
3064 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3065 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
3066 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
3067 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3068 DEFAULT_MAX_IO_SIZE),
3069 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3070 5),
3071 DEFINE_PROP_END_OF_LIST(),
3072};
3073
3074static void scsi_cd_class_initfn(ObjectClass *klass, void *data)
3075{
3076 DeviceClass *dc = DEVICE_CLASS(klass);
3077 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3078
3079 sc->realize = scsi_cd_realize;
3080 sc->alloc_req = scsi_new_request;
3081 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
3082 dc->desc = "virtual SCSI CD-ROM";
3083 device_class_set_props(dc, scsi_cd_properties);
3084 dc->vmsd = &vmstate_scsi_disk_state;
3085}
3086
3087static const TypeInfo scsi_cd_info = {
3088 .name = "scsi-cd",
3089 .parent = TYPE_SCSI_DISK_BASE,
3090 .class_init = scsi_cd_class_initfn,
3091};
3092
3093#ifdef __linux__
3094static Property scsi_block_properties[] = {
3095 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf),
3096 DEFINE_PROP_DRIVE("drive", SCSIDiskState, qdev.conf.blk),
3097 DEFINE_PROP_BOOL("share-rw", SCSIDiskState, qdev.conf.share_rw, false),
3098 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),
3099 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3100 DEFAULT_MAX_UNMAP_SIZE),
3101 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3102 DEFAULT_MAX_IO_SIZE),
3103 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3104 -1),
3105 DEFINE_PROP_END_OF_LIST(),
3106};
3107
3108static void scsi_block_class_initfn(ObjectClass *klass, void *data)
3109{
3110 DeviceClass *dc = DEVICE_CLASS(klass);
3111 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3112 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
3113
3114 sc->realize = scsi_block_realize;
3115 sc->alloc_req = scsi_block_new_request;
3116 sc->parse_cdb = scsi_block_parse_cdb;
3117 sdc->dma_readv = scsi_block_dma_readv;
3118 sdc->dma_writev = scsi_block_dma_writev;
3119 sdc->update_sense = scsi_block_update_sense;
3120 sdc->need_fua_emulation = scsi_block_no_fua;
3121 dc->desc = "SCSI block device passthrough";
3122 device_class_set_props(dc, scsi_block_properties);
3123 dc->vmsd = &vmstate_scsi_disk_state;
3124}
3125
3126static const TypeInfo scsi_block_info = {
3127 .name = "scsi-block",
3128 .parent = TYPE_SCSI_DISK_BASE,
3129 .class_init = scsi_block_class_initfn,
3130};
3131#endif
3132
3133static Property scsi_disk_properties[] = {
3134 DEFINE_SCSI_DISK_PROPERTIES(),
3135 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
3136 SCSI_DISK_F_REMOVABLE, false),
3137 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
3138 SCSI_DISK_F_DPOFUA, false),
3139 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3140 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
3141 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
3142 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3143 DEFAULT_MAX_UNMAP_SIZE),
3144 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3145 DEFAULT_MAX_IO_SIZE),
3146 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3147 5),
3148 DEFINE_PROP_END_OF_LIST(),
3149};
3150
3151static void scsi_disk_class_initfn(ObjectClass *klass, void *data)
3152{
3153 DeviceClass *dc = DEVICE_CLASS(klass);
3154 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3155
3156 sc->realize = scsi_disk_realize;
3157 sc->alloc_req = scsi_new_request;
3158 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
3159 dc->fw_name = "disk";
3160 dc->desc = "virtual SCSI disk or CD-ROM (legacy)";
3161 dc->reset = scsi_disk_reset;
3162 device_class_set_props(dc, scsi_disk_properties);
3163 dc->vmsd = &vmstate_scsi_disk_state;
3164}
3165
3166static const TypeInfo scsi_disk_info = {
3167 .name = "scsi-disk",
3168 .parent = TYPE_SCSI_DISK_BASE,
3169 .class_init = scsi_disk_class_initfn,
3170};
3171
3172static void scsi_disk_register_types(void)
3173{
3174 type_register_static(&scsi_disk_base_info);
3175 type_register_static(&scsi_hd_info);
3176 type_register_static(&scsi_cd_info);
3177#ifdef __linux__
3178 type_register_static(&scsi_block_info);
3179#endif
3180 type_register_static(&scsi_disk_info);
3181}
3182
3183type_init(scsi_disk_register_types)
3184
