1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16#include "qemu/osdep.h"
17#include "qapi/error.h"
18#include "standard-headers/linux/virtio_ids.h"
19#include "hw/virtio/virtio-scsi.h"
20#include "migration/qemu-file-types.h"
21#include "qemu/error-report.h"
22#include "qemu/iov.h"
23#include "qemu/module.h"
24#include "sysemu/block-backend.h"
25#include "hw/qdev-properties.h"
26#include "hw/scsi/scsi.h"
27#include "scsi/constants.h"
28#include "hw/virtio/virtio-bus.h"
29#include "hw/virtio/virtio-access.h"
30
31static inline int virtio_scsi_get_lun(uint8_t *lun)
32{
33 return ((lun[2] << 8) | lun[3]) & 0x3FFF;
34}
35
36static inline SCSIDevice *virtio_scsi_device_get(VirtIOSCSI *s, uint8_t *lun)
37{
38 if (lun[0] != 1) {
39 return NULL;
40 }
41 if (lun[2] != 0 && !(lun[2] >= 0x40 && lun[2] < 0x80)) {
42 return NULL;
43 }
44 return scsi_device_get(&s->bus, 0, lun[1], virtio_scsi_get_lun(lun));
45}
46
47void virtio_scsi_init_req(VirtIOSCSI *s, VirtQueue *vq, VirtIOSCSIReq *req)
48{
49 VirtIODevice *vdev = VIRTIO_DEVICE(s);
50 const size_t zero_skip =
51 offsetof(VirtIOSCSIReq, resp_iov) + sizeof(req->resp_iov);
52
53 req->vq = vq;
54 req->dev = s;
55 qemu_sglist_init(&req->qsgl, DEVICE(s), 8, vdev->dma_as);
56 qemu_iovec_init(&req->resp_iov, 1);
57 memset((uint8_t *)req + zero_skip, 0, sizeof(*req) - zero_skip);
58}
59
60void virtio_scsi_free_req(VirtIOSCSIReq *req)
61{
62 qemu_iovec_destroy(&req->resp_iov);
63 qemu_sglist_destroy(&req->qsgl);
64 g_free(req);
65}
66
67static void virtio_scsi_complete_req(VirtIOSCSIReq *req)
68{
69 VirtIOSCSI *s = req->dev;
70 VirtQueue *vq = req->vq;
71 VirtIODevice *vdev = VIRTIO_DEVICE(s);
72
73 qemu_iovec_from_buf(&req->resp_iov, 0, &req->resp, req->resp_size);
74 virtqueue_push(vq, &req->elem, req->qsgl.size + req->resp_iov.size);
75 if (s->dataplane_started && !s->dataplane_fenced) {
76 virtio_notify_irqfd(vdev, vq);
77 } else {
78 virtio_notify(vdev, vq);
79 }
80
81 if (req->sreq) {
82 req->sreq->hba_private = NULL;
83 scsi_req_unref(req->sreq);
84 }
85 virtio_scsi_free_req(req);
86}
87
88static void virtio_scsi_bad_req(VirtIOSCSIReq *req)
89{
90 virtio_error(VIRTIO_DEVICE(req->dev), "wrong size for virtio-scsi headers");
91 virtqueue_detach_element(req->vq, &req->elem, 0);
92 virtio_scsi_free_req(req);
93}
94
95static size_t qemu_sgl_concat(VirtIOSCSIReq *req, struct iovec *iov,
96 hwaddr *addr, int num, size_t skip)
97{
98 QEMUSGList *qsgl = &req->qsgl;
99 size_t copied = 0;
100
101 while (num) {
102 if (skip >= iov->iov_len) {
103 skip -= iov->iov_len;
104 } else {
105 qemu_sglist_add(qsgl, *addr + skip, iov->iov_len - skip);
106 copied += iov->iov_len - skip;
107 skip = 0;
108 }
109 iov++;
110 addr++;
111 num--;
112 }
113
114 assert(skip == 0);
115 return copied;
116}
117
118static int virtio_scsi_parse_req(VirtIOSCSIReq *req,
119 unsigned req_size, unsigned resp_size)
120{
121 VirtIODevice *vdev = (VirtIODevice *) req->dev;
122 size_t in_size, out_size;
123
124 if (iov_to_buf(req->elem.out_sg, req->elem.out_num, 0,
125 &req->req, req_size) < req_size) {
126 return -EINVAL;
127 }
128
129 if (qemu_iovec_concat_iov(&req->resp_iov,
130 req->elem.in_sg, req->elem.in_num, 0,
131 resp_size) < resp_size) {
132 return -EINVAL;
133 }
134
135 req->resp_size = resp_size;
136
137
138
139
140
141
142
143
144
145
146
147 if (!virtio_vdev_has_feature(vdev, VIRTIO_F_ANY_LAYOUT)) {
148 if (req->elem.out_num) {
149 req_size = req->elem.out_sg[0].iov_len;
150 }
151 if (req->elem.in_num) {
152 resp_size = req->elem.in_sg[0].iov_len;
153 }
154 }
155
156 out_size = qemu_sgl_concat(req, req->elem.out_sg,
157 &req->elem.out_addr[0], req->elem.out_num,
158 req_size);
159 in_size = qemu_sgl_concat(req, req->elem.in_sg,
160 &req->elem.in_addr[0], req->elem.in_num,
161 resp_size);
162
163 if (out_size && in_size) {
164 return -ENOTSUP;
165 }
166
167 if (out_size) {
168 req->mode = SCSI_XFER_TO_DEV;
169 } else if (in_size) {
170 req->mode = SCSI_XFER_FROM_DEV;
171 }
172
173 return 0;
174}
175
176static VirtIOSCSIReq *virtio_scsi_pop_req(VirtIOSCSI *s, VirtQueue *vq)
177{
178 VirtIOSCSICommon *vs = (VirtIOSCSICommon *)s;
179 VirtIOSCSIReq *req;
180
181 req = virtqueue_pop(vq, sizeof(VirtIOSCSIReq) + vs->cdb_size);
182 if (!req) {
183 return NULL;
184 }
185 virtio_scsi_init_req(s, vq, req);
186 return req;
187}
188
189static void virtio_scsi_save_request(QEMUFile *f, SCSIRequest *sreq)
190{
191 VirtIOSCSIReq *req = sreq->hba_private;
192 VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(req->dev);
193 VirtIODevice *vdev = VIRTIO_DEVICE(req->dev);
194 uint32_t n = virtio_get_queue_index(req->vq) - VIRTIO_SCSI_VQ_NUM_FIXED;
195
196 assert(n < vs->conf.num_queues);
197 qemu_put_be32s(f, &n);
198 qemu_put_virtqueue_element(vdev, f, &req->elem);
199}
200
201static void *virtio_scsi_load_request(QEMUFile *f, SCSIRequest *sreq)
202{
203 SCSIBus *bus = sreq->bus;
204 VirtIOSCSI *s = container_of(bus, VirtIOSCSI, bus);
205 VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(s);
206 VirtIODevice *vdev = VIRTIO_DEVICE(s);
207 VirtIOSCSIReq *req;
208 uint32_t n;
209
210 qemu_get_be32s(f, &n);
211 assert(n < vs->conf.num_queues);
212 req = qemu_get_virtqueue_element(vdev, f,
213 sizeof(VirtIOSCSIReq) + vs->cdb_size);
214 virtio_scsi_init_req(s, vs->cmd_vqs[n], req);
215
216 if (virtio_scsi_parse_req(req, sizeof(VirtIOSCSICmdReq) + vs->cdb_size,
217 sizeof(VirtIOSCSICmdResp) + vs->sense_size) < 0) {
218 error_report("invalid SCSI request migration data");
219 exit(1);
220 }
221
222 scsi_req_ref(sreq);
223 req->sreq = sreq;
224 if (req->sreq->cmd.mode != SCSI_XFER_NONE) {
225 assert(req->sreq->cmd.mode == req->mode);
226 }
227 return req;
228}
229
230typedef struct {
231 Notifier notifier;
232 VirtIOSCSIReq *tmf_req;
233} VirtIOSCSICancelNotifier;
234
235static void virtio_scsi_cancel_notify(Notifier *notifier, void *data)
236{
237 VirtIOSCSICancelNotifier *n = container_of(notifier,
238 VirtIOSCSICancelNotifier,
239 notifier);
240
241 if (--n->tmf_req->remaining == 0) {
242 virtio_scsi_complete_req(n->tmf_req);
243 }
244 g_free(n);
245}
246
247static inline void virtio_scsi_ctx_check(VirtIOSCSI *s, SCSIDevice *d)
248{
249 if (s->dataplane_started && d && blk_is_available(d->conf.blk)) {
250 assert(blk_get_aio_context(d->conf.blk) == s->ctx);
251 }
252}
253
254
255
256
257static int virtio_scsi_do_tmf(VirtIOSCSI *s, VirtIOSCSIReq *req)
258{
259 SCSIDevice *d = virtio_scsi_device_get(s, req->req.tmf.lun);
260 SCSIRequest *r, *next;
261 BusChild *kid;
262 int target;
263 int ret = 0;
264
265 virtio_scsi_ctx_check(s, d);
266
267 req->resp.tmf.response = VIRTIO_SCSI_S_OK;
268
269
270
271
272
273 req->req.tmf.subtype =
274 virtio_tswap32(VIRTIO_DEVICE(s), req->req.tmf.subtype);
275
276 switch (req->req.tmf.subtype) {
277 case VIRTIO_SCSI_T_TMF_ABORT_TASK:
278 case VIRTIO_SCSI_T_TMF_QUERY_TASK:
279 if (!d) {
280 goto fail;
281 }
282 if (d->lun != virtio_scsi_get_lun(req->req.tmf.lun)) {
283 goto incorrect_lun;
284 }
285 QTAILQ_FOREACH_SAFE(r, &d->requests, next, next) {
286 VirtIOSCSIReq *cmd_req = r->hba_private;
287 if (cmd_req && cmd_req->req.cmd.tag == req->req.tmf.tag) {
288 break;
289 }
290 }
291 if (r) {
292
293
294
295
296 assert(r->hba_private);
297 if (req->req.tmf.subtype == VIRTIO_SCSI_T_TMF_QUERY_TASK) {
298
299
300
301 req->resp.tmf.response = VIRTIO_SCSI_S_FUNCTION_SUCCEEDED;
302 } else {
303 VirtIOSCSICancelNotifier *notifier;
304
305 req->remaining = 1;
306 notifier = g_new(VirtIOSCSICancelNotifier, 1);
307 notifier->tmf_req = req;
308 notifier->notifier.notify = virtio_scsi_cancel_notify;
309 scsi_req_cancel_async(r, ¬ifier->notifier);
310 ret = -EINPROGRESS;
311 }
312 }
313 break;
314
315 case VIRTIO_SCSI_T_TMF_LOGICAL_UNIT_RESET:
316 if (!d) {
317 goto fail;
318 }
319 if (d->lun != virtio_scsi_get_lun(req->req.tmf.lun)) {
320 goto incorrect_lun;
321 }
322 s->resetting++;
323 qdev_reset_all(&d->qdev);
324 s->resetting--;
325 break;
326
327 case VIRTIO_SCSI_T_TMF_ABORT_TASK_SET:
328 case VIRTIO_SCSI_T_TMF_CLEAR_TASK_SET:
329 case VIRTIO_SCSI_T_TMF_QUERY_TASK_SET:
330 if (!d) {
331 goto fail;
332 }
333 if (d->lun != virtio_scsi_get_lun(req->req.tmf.lun)) {
334 goto incorrect_lun;
335 }
336
337
338
339
340
341
342 req->remaining = 1;
343 QTAILQ_FOREACH_SAFE(r, &d->requests, next, next) {
344 if (r->hba_private) {
345 if (req->req.tmf.subtype == VIRTIO_SCSI_T_TMF_QUERY_TASK_SET) {
346
347
348
349 req->resp.tmf.response = VIRTIO_SCSI_S_FUNCTION_SUCCEEDED;
350 break;
351 } else {
352 VirtIOSCSICancelNotifier *notifier;
353
354 req->remaining++;
355 notifier = g_new(VirtIOSCSICancelNotifier, 1);
356 notifier->notifier.notify = virtio_scsi_cancel_notify;
357 notifier->tmf_req = req;
358 scsi_req_cancel_async(r, ¬ifier->notifier);
359 }
360 }
361 }
362 if (--req->remaining > 0) {
363 ret = -EINPROGRESS;
364 }
365 break;
366
367 case VIRTIO_SCSI_T_TMF_I_T_NEXUS_RESET:
368 target = req->req.tmf.lun[1];
369 s->resetting++;
370
371 rcu_read_lock();
372 QTAILQ_FOREACH_RCU(kid, &s->bus.qbus.children, sibling) {
373 SCSIDevice *d1 = SCSI_DEVICE(kid->child);
374 if (d1->channel == 0 && d1->id == target) {
375 qdev_reset_all(&d1->qdev);
376 }
377 }
378 rcu_read_unlock();
379
380 s->resetting--;
381 break;
382
383 case VIRTIO_SCSI_T_TMF_CLEAR_ACA:
384 default:
385 req->resp.tmf.response = VIRTIO_SCSI_S_FUNCTION_REJECTED;
386 break;
387 }
388
389 object_unref(OBJECT(d));
390 return ret;
391
392incorrect_lun:
393 req->resp.tmf.response = VIRTIO_SCSI_S_INCORRECT_LUN;
394 object_unref(OBJECT(d));
395 return ret;
396
397fail:
398 req->resp.tmf.response = VIRTIO_SCSI_S_BAD_TARGET;
399 object_unref(OBJECT(d));
400 return ret;
401}
402
403static void virtio_scsi_handle_ctrl_req(VirtIOSCSI *s, VirtIOSCSIReq *req)
404{
405 VirtIODevice *vdev = (VirtIODevice *)s;
406 uint32_t type;
407 int r = 0;
408
409 if (iov_to_buf(req->elem.out_sg, req->elem.out_num, 0,
410 &type, sizeof(type)) < sizeof(type)) {
411 virtio_scsi_bad_req(req);
412 return;
413 }
414
415 virtio_tswap32s(vdev, &type);
416 if (type == VIRTIO_SCSI_T_TMF) {
417 if (virtio_scsi_parse_req(req, sizeof(VirtIOSCSICtrlTMFReq),
418 sizeof(VirtIOSCSICtrlTMFResp)) < 0) {
419 virtio_scsi_bad_req(req);
420 return;
421 } else {
422 r = virtio_scsi_do_tmf(s, req);
423 }
424
425 } else if (type == VIRTIO_SCSI_T_AN_QUERY ||
426 type == VIRTIO_SCSI_T_AN_SUBSCRIBE) {
427 if (virtio_scsi_parse_req(req, sizeof(VirtIOSCSICtrlANReq),
428 sizeof(VirtIOSCSICtrlANResp)) < 0) {
429 virtio_scsi_bad_req(req);
430 return;
431 } else {
432 req->resp.an.event_actual = 0;
433 req->resp.an.response = VIRTIO_SCSI_S_OK;
434 }
435 }
436 if (r == 0) {
437 virtio_scsi_complete_req(req);
438 } else {
439 assert(r == -EINPROGRESS);
440 }
441}
442
443bool virtio_scsi_handle_ctrl_vq(VirtIOSCSI *s, VirtQueue *vq)
444{
445 VirtIOSCSIReq *req;
446 bool progress = false;
447
448 while ((req = virtio_scsi_pop_req(s, vq))) {
449 progress = true;
450 virtio_scsi_handle_ctrl_req(s, req);
451 }
452 return progress;
453}
454
455static void virtio_scsi_handle_ctrl(VirtIODevice *vdev, VirtQueue *vq)
456{
457 VirtIOSCSI *s = (VirtIOSCSI *)vdev;
458
459 if (s->ctx) {
460 virtio_device_start_ioeventfd(vdev);
461 if (!s->dataplane_fenced) {
462 return;
463 }
464 }
465 virtio_scsi_acquire(s);
466 virtio_scsi_handle_ctrl_vq(s, vq);
467 virtio_scsi_release(s);
468}
469
470static void virtio_scsi_complete_cmd_req(VirtIOSCSIReq *req)
471{
472
473
474
475 req->resp_size = sizeof(VirtIOSCSICmdResp);
476 virtio_scsi_complete_req(req);
477}
478
479static void virtio_scsi_command_complete(SCSIRequest *r, uint32_t status,
480 size_t resid)
481{
482 VirtIOSCSIReq *req = r->hba_private;
483 uint8_t sense[SCSI_SENSE_BUF_SIZE];
484 uint32_t sense_len;
485 VirtIODevice *vdev = VIRTIO_DEVICE(req->dev);
486
487 if (r->io_canceled) {
488 return;
489 }
490
491 req->resp.cmd.response = VIRTIO_SCSI_S_OK;
492 req->resp.cmd.status = status;
493 if (req->resp.cmd.status == GOOD) {
494 req->resp.cmd.resid = virtio_tswap32(vdev, resid);
495 } else {
496 req->resp.cmd.resid = 0;
497 sense_len = scsi_req_get_sense(r, sense, sizeof(sense));
498 sense_len = MIN(sense_len, req->resp_iov.size - sizeof(req->resp.cmd));
499 qemu_iovec_from_buf(&req->resp_iov, sizeof(req->resp.cmd),
500 sense, sense_len);
501 req->resp.cmd.sense_len = virtio_tswap32(vdev, sense_len);
502 }
503 virtio_scsi_complete_cmd_req(req);
504}
505
506static int virtio_scsi_parse_cdb(SCSIDevice *dev, SCSICommand *cmd,
507 uint8_t *buf, void *hba_private)
508{
509 VirtIOSCSIReq *req = hba_private;
510
511 if (cmd->len == 0) {
512 cmd->len = MIN(VIRTIO_SCSI_CDB_DEFAULT_SIZE, SCSI_CMD_BUF_SIZE);
513 memcpy(cmd->buf, buf, cmd->len);
514 }
515
516
517
518
519 cmd->xfer = req->qsgl.size;
520 cmd->mode = req->mode;
521 return 0;
522}
523
524static QEMUSGList *virtio_scsi_get_sg_list(SCSIRequest *r)
525{
526 VirtIOSCSIReq *req = r->hba_private;
527
528 return &req->qsgl;
529}
530
531static void virtio_scsi_request_cancelled(SCSIRequest *r)
532{
533 VirtIOSCSIReq *req = r->hba_private;
534
535 if (!req) {
536 return;
537 }
538 if (req->dev->resetting) {
539 req->resp.cmd.response = VIRTIO_SCSI_S_RESET;
540 } else {
541 req->resp.cmd.response = VIRTIO_SCSI_S_ABORTED;
542 }
543 virtio_scsi_complete_cmd_req(req);
544}
545
546static void virtio_scsi_fail_cmd_req(VirtIOSCSIReq *req)
547{
548 req->resp.cmd.response = VIRTIO_SCSI_S_FAILURE;
549 virtio_scsi_complete_cmd_req(req);
550}
551
552static int virtio_scsi_handle_cmd_req_prepare(VirtIOSCSI *s, VirtIOSCSIReq *req)
553{
554 VirtIOSCSICommon *vs = &s->parent_obj;
555 SCSIDevice *d;
556 int rc;
557
558 rc = virtio_scsi_parse_req(req, sizeof(VirtIOSCSICmdReq) + vs->cdb_size,
559 sizeof(VirtIOSCSICmdResp) + vs->sense_size);
560 if (rc < 0) {
561 if (rc == -ENOTSUP) {
562 virtio_scsi_fail_cmd_req(req);
563 return -ENOTSUP;
564 } else {
565 virtio_scsi_bad_req(req);
566 return -EINVAL;
567 }
568 }
569
570 d = virtio_scsi_device_get(s, req->req.cmd.lun);
571 if (!d) {
572 req->resp.cmd.response = VIRTIO_SCSI_S_BAD_TARGET;
573 virtio_scsi_complete_cmd_req(req);
574 return -ENOENT;
575 }
576 virtio_scsi_ctx_check(s, d);
577 req->sreq = scsi_req_new(d, req->req.cmd.tag,
578 virtio_scsi_get_lun(req->req.cmd.lun),
579 req->req.cmd.cdb, req);
580
581 if (req->sreq->cmd.mode != SCSI_XFER_NONE
582 && (req->sreq->cmd.mode != req->mode ||
583 req->sreq->cmd.xfer > req->qsgl.size)) {
584 req->resp.cmd.response = VIRTIO_SCSI_S_OVERRUN;
585 virtio_scsi_complete_cmd_req(req);
586 object_unref(OBJECT(d));
587 return -ENOBUFS;
588 }
589 scsi_req_ref(req->sreq);
590 blk_io_plug(d->conf.blk);
591 object_unref(OBJECT(d));
592 return 0;
593}
594
595static void virtio_scsi_handle_cmd_req_submit(VirtIOSCSI *s, VirtIOSCSIReq *req)
596{
597 SCSIRequest *sreq = req->sreq;
598 if (scsi_req_enqueue(sreq)) {
599 scsi_req_continue(sreq);
600 }
601 blk_io_unplug(sreq->dev->conf.blk);
602 scsi_req_unref(sreq);
603}
604
605bool virtio_scsi_handle_cmd_vq(VirtIOSCSI *s, VirtQueue *vq)
606{
607 VirtIOSCSIReq *req, *next;
608 int ret = 0;
609 bool suppress_notifications = virtio_queue_get_notification(vq);
610 bool progress = false;
611
612 QTAILQ_HEAD(, VirtIOSCSIReq) reqs = QTAILQ_HEAD_INITIALIZER(reqs);
613
614 do {
615 if (suppress_notifications) {
616 virtio_queue_set_notification(vq, 0);
617 }
618
619 while ((req = virtio_scsi_pop_req(s, vq))) {
620 progress = true;
621 ret = virtio_scsi_handle_cmd_req_prepare(s, req);
622 if (!ret) {
623 QTAILQ_INSERT_TAIL(&reqs, req, next);
624 } else if (ret == -EINVAL) {
625
626 while (!QTAILQ_EMPTY(&reqs)) {
627 req = QTAILQ_FIRST(&reqs);
628 QTAILQ_REMOVE(&reqs, req, next);
629 blk_io_unplug(req->sreq->dev->conf.blk);
630 scsi_req_unref(req->sreq);
631 virtqueue_detach_element(req->vq, &req->elem, 0);
632 virtio_scsi_free_req(req);
633 }
634 }
635 }
636
637 if (suppress_notifications) {
638 virtio_queue_set_notification(vq, 1);
639 }
640 } while (ret != -EINVAL && !virtio_queue_empty(vq));
641
642 QTAILQ_FOREACH_SAFE(req, &reqs, next, next) {
643 virtio_scsi_handle_cmd_req_submit(s, req);
644 }
645 return progress;
646}
647
648static void virtio_scsi_handle_cmd(VirtIODevice *vdev, VirtQueue *vq)
649{
650
651 VirtIOSCSI *s = (VirtIOSCSI *)vdev;
652
653 if (s->ctx) {
654 virtio_device_start_ioeventfd(vdev);
655 if (!s->dataplane_fenced) {
656 return;
657 }
658 }
659 virtio_scsi_acquire(s);
660 virtio_scsi_handle_cmd_vq(s, vq);
661 virtio_scsi_release(s);
662}
663
664static void virtio_scsi_get_config(VirtIODevice *vdev,
665 uint8_t *config)
666{
667 VirtIOSCSIConfig *scsiconf = (VirtIOSCSIConfig *)config;
668 VirtIOSCSICommon *s = VIRTIO_SCSI_COMMON(vdev);
669
670 virtio_stl_p(vdev, &scsiconf->num_queues, s->conf.num_queues);
671 virtio_stl_p(vdev, &scsiconf->seg_max,
672 s->conf.seg_max_adjust ? s->conf.virtqueue_size - 2 : 128 - 2);
673 virtio_stl_p(vdev, &scsiconf->max_sectors, s->conf.max_sectors);
674 virtio_stl_p(vdev, &scsiconf->cmd_per_lun, s->conf.cmd_per_lun);
675 virtio_stl_p(vdev, &scsiconf->event_info_size, sizeof(VirtIOSCSIEvent));
676 virtio_stl_p(vdev, &scsiconf->sense_size, s->sense_size);
677 virtio_stl_p(vdev, &scsiconf->cdb_size, s->cdb_size);
678 virtio_stw_p(vdev, &scsiconf->max_channel, VIRTIO_SCSI_MAX_CHANNEL);
679 virtio_stw_p(vdev, &scsiconf->max_target, VIRTIO_SCSI_MAX_TARGET);
680 virtio_stl_p(vdev, &scsiconf->max_lun, VIRTIO_SCSI_MAX_LUN);
681}
682
683static void virtio_scsi_set_config(VirtIODevice *vdev,
684 const uint8_t *config)
685{
686 VirtIOSCSIConfig *scsiconf = (VirtIOSCSIConfig *)config;
687 VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(vdev);
688
689 if ((uint32_t) virtio_ldl_p(vdev, &scsiconf->sense_size) >= 65536 ||
690 (uint32_t) virtio_ldl_p(vdev, &scsiconf->cdb_size) >= 256) {
691 virtio_error(vdev,
692 "bad data written to virtio-scsi configuration space");
693 return;
694 }
695
696 vs->sense_size = virtio_ldl_p(vdev, &scsiconf->sense_size);
697 vs->cdb_size = virtio_ldl_p(vdev, &scsiconf->cdb_size);
698}
699
700static uint64_t virtio_scsi_get_features(VirtIODevice *vdev,
701 uint64_t requested_features,
702 Error **errp)
703{
704 VirtIOSCSI *s = VIRTIO_SCSI(vdev);
705
706
707 requested_features |= s->host_features;
708 return requested_features;
709}
710
711static void virtio_scsi_reset(VirtIODevice *vdev)
712{
713 VirtIOSCSI *s = VIRTIO_SCSI(vdev);
714 VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(vdev);
715
716 assert(!s->dataplane_started);
717 s->resetting++;
718 qbus_reset_all(BUS(&s->bus));
719 s->resetting--;
720
721 vs->sense_size = VIRTIO_SCSI_SENSE_DEFAULT_SIZE;
722 vs->cdb_size = VIRTIO_SCSI_CDB_DEFAULT_SIZE;
723 s->events_dropped = false;
724}
725
726void virtio_scsi_push_event(VirtIOSCSI *s, SCSIDevice *dev,
727 uint32_t event, uint32_t reason)
728{
729 VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(s);
730 VirtIOSCSIReq *req;
731 VirtIOSCSIEvent *evt;
732 VirtIODevice *vdev = VIRTIO_DEVICE(s);
733
734 if (!(vdev->status & VIRTIO_CONFIG_S_DRIVER_OK)) {
735 return;
736 }
737
738 req = virtio_scsi_pop_req(s, vs->event_vq);
739 if (!req) {
740 s->events_dropped = true;
741 return;
742 }
743
744 if (s->events_dropped) {
745 event |= VIRTIO_SCSI_T_EVENTS_MISSED;
746 s->events_dropped = false;
747 }
748
749 if (virtio_scsi_parse_req(req, 0, sizeof(VirtIOSCSIEvent))) {
750 virtio_scsi_bad_req(req);
751 return;
752 }
753
754 evt = &req->resp.event;
755 memset(evt, 0, sizeof(VirtIOSCSIEvent));
756 evt->event = virtio_tswap32(vdev, event);
757 evt->reason = virtio_tswap32(vdev, reason);
758 if (!dev) {
759 assert(event == VIRTIO_SCSI_T_EVENTS_MISSED);
760 } else {
761 evt->lun[0] = 1;
762 evt->lun[1] = dev->id;
763
764
765 if (dev->lun >= 256) {
766 evt->lun[2] = (dev->lun >> 8) | 0x40;
767 }
768 evt->lun[3] = dev->lun & 0xFF;
769 }
770 virtio_scsi_complete_req(req);
771}
772
773bool virtio_scsi_handle_event_vq(VirtIOSCSI *s, VirtQueue *vq)
774{
775 if (s->events_dropped) {
776 virtio_scsi_push_event(s, NULL, VIRTIO_SCSI_T_NO_EVENT, 0);
777 return true;
778 }
779 return false;
780}
781
782static void virtio_scsi_handle_event(VirtIODevice *vdev, VirtQueue *vq)
783{
784 VirtIOSCSI *s = VIRTIO_SCSI(vdev);
785
786 if (s->ctx) {
787 virtio_device_start_ioeventfd(vdev);
788 if (!s->dataplane_fenced) {
789 return;
790 }
791 }
792 virtio_scsi_acquire(s);
793 virtio_scsi_handle_event_vq(s, vq);
794 virtio_scsi_release(s);
795}
796
797static void virtio_scsi_change(SCSIBus *bus, SCSIDevice *dev, SCSISense sense)
798{
799 VirtIOSCSI *s = container_of(bus, VirtIOSCSI, bus);
800 VirtIODevice *vdev = VIRTIO_DEVICE(s);
801
802 if (virtio_vdev_has_feature(vdev, VIRTIO_SCSI_F_CHANGE) &&
803 dev->type != TYPE_ROM) {
804 virtio_scsi_acquire(s);
805 virtio_scsi_push_event(s, dev, VIRTIO_SCSI_T_PARAM_CHANGE,
806 sense.asc | (sense.ascq << 8));
807 virtio_scsi_release(s);
808 }
809}
810
811static void virtio_scsi_pre_hotplug(HotplugHandler *hotplug_dev,
812 DeviceState *dev, Error **errp)
813{
814 SCSIDevice *sd = SCSI_DEVICE(dev);
815 sd->hba_supports_iothread = true;
816}
817
818static void virtio_scsi_hotplug(HotplugHandler *hotplug_dev, DeviceState *dev,
819 Error **errp)
820{
821 VirtIODevice *vdev = VIRTIO_DEVICE(hotplug_dev);
822 VirtIOSCSI *s = VIRTIO_SCSI(vdev);
823 SCSIDevice *sd = SCSI_DEVICE(dev);
824 int ret;
825
826 if (s->ctx && !s->dataplane_fenced) {
827 if (blk_op_is_blocked(sd->conf.blk, BLOCK_OP_TYPE_DATAPLANE, errp)) {
828 return;
829 }
830 virtio_scsi_acquire(s);
831 ret = blk_set_aio_context(sd->conf.blk, s->ctx, errp);
832 virtio_scsi_release(s);
833 if (ret < 0) {
834 return;
835 }
836 }
837
838 if (virtio_vdev_has_feature(vdev, VIRTIO_SCSI_F_HOTPLUG)) {
839 virtio_scsi_acquire(s);
840 virtio_scsi_push_event(s, sd,
841 VIRTIO_SCSI_T_TRANSPORT_RESET,
842 VIRTIO_SCSI_EVT_RESET_RESCAN);
843 virtio_scsi_release(s);
844 }
845}
846
847static void virtio_scsi_hotunplug(HotplugHandler *hotplug_dev, DeviceState *dev,
848 Error **errp)
849{
850 VirtIODevice *vdev = VIRTIO_DEVICE(hotplug_dev);
851 VirtIOSCSI *s = VIRTIO_SCSI(vdev);
852 SCSIDevice *sd = SCSI_DEVICE(dev);
853 AioContext *ctx = s->ctx ?: qemu_get_aio_context();
854
855 if (virtio_vdev_has_feature(vdev, VIRTIO_SCSI_F_HOTPLUG)) {
856 virtio_scsi_acquire(s);
857 virtio_scsi_push_event(s, sd,
858 VIRTIO_SCSI_T_TRANSPORT_RESET,
859 VIRTIO_SCSI_EVT_RESET_REMOVED);
860 virtio_scsi_release(s);
861 }
862
863 aio_disable_external(ctx);
864 qdev_simple_device_unplug_cb(hotplug_dev, dev, errp);
865 aio_enable_external(ctx);
866
867 if (s->ctx) {
868 virtio_scsi_acquire(s);
869
870 blk_set_aio_context(sd->conf.blk, qemu_get_aio_context(), NULL);
871 virtio_scsi_release(s);
872 }
873}
874
875static struct SCSIBusInfo virtio_scsi_scsi_info = {
876 .tcq = true,
877 .max_channel = VIRTIO_SCSI_MAX_CHANNEL,
878 .max_target = VIRTIO_SCSI_MAX_TARGET,
879 .max_lun = VIRTIO_SCSI_MAX_LUN,
880
881 .complete = virtio_scsi_command_complete,
882 .cancel = virtio_scsi_request_cancelled,
883 .change = virtio_scsi_change,
884 .parse_cdb = virtio_scsi_parse_cdb,
885 .get_sg_list = virtio_scsi_get_sg_list,
886 .save_request = virtio_scsi_save_request,
887 .load_request = virtio_scsi_load_request,
888};
889
890void virtio_scsi_common_realize(DeviceState *dev,
891 VirtIOHandleOutput ctrl,
892 VirtIOHandleOutput evt,
893 VirtIOHandleOutput cmd,
894 Error **errp)
895{
896 VirtIODevice *vdev = VIRTIO_DEVICE(dev);
897 VirtIOSCSICommon *s = VIRTIO_SCSI_COMMON(dev);
898 int i;
899
900 virtio_init(vdev, "virtio-scsi", VIRTIO_ID_SCSI,
901 sizeof(VirtIOSCSIConfig));
902
903 if (s->conf.num_queues == VIRTIO_SCSI_AUTO_NUM_QUEUES) {
904 s->conf.num_queues = 1;
905 }
906 if (s->conf.num_queues == 0 ||
907 s->conf.num_queues > VIRTIO_QUEUE_MAX - VIRTIO_SCSI_VQ_NUM_FIXED) {
908 error_setg(errp, "Invalid number of queues (= %" PRIu32 "), "
909 "must be a positive integer less than %d.",
910 s->conf.num_queues,
911 VIRTIO_QUEUE_MAX - VIRTIO_SCSI_VQ_NUM_FIXED);
912 virtio_cleanup(vdev);
913 return;
914 }
915 if (s->conf.virtqueue_size <= 2) {
916 error_setg(errp, "invalid virtqueue_size property (= %" PRIu32 "), "
917 "must be > 2", s->conf.virtqueue_size);
918 return;
919 }
920 s->cmd_vqs = g_new0(VirtQueue *, s->conf.num_queues);
921 s->sense_size = VIRTIO_SCSI_SENSE_DEFAULT_SIZE;
922 s->cdb_size = VIRTIO_SCSI_CDB_DEFAULT_SIZE;
923
924 s->ctrl_vq = virtio_add_queue(vdev, s->conf.virtqueue_size, ctrl);
925 s->event_vq = virtio_add_queue(vdev, s->conf.virtqueue_size, evt);
926 for (i = 0; i < s->conf.num_queues; i++) {
927 s->cmd_vqs[i] = virtio_add_queue(vdev, s->conf.virtqueue_size, cmd);
928 }
929}
930
931static void virtio_scsi_device_realize(DeviceState *dev, Error **errp)
932{
933 VirtIODevice *vdev = VIRTIO_DEVICE(dev);
934 VirtIOSCSI *s = VIRTIO_SCSI(dev);
935 Error *err = NULL;
936
937 virtio_scsi_common_realize(dev,
938 virtio_scsi_handle_ctrl,
939 virtio_scsi_handle_event,
940 virtio_scsi_handle_cmd,
941 &err);
942 if (err != NULL) {
943 error_propagate(errp, err);
944 return;
945 }
946
947 scsi_bus_new(&s->bus, sizeof(s->bus), dev,
948 &virtio_scsi_scsi_info, vdev->bus_name);
949
950 qbus_set_hotplug_handler(BUS(&s->bus), OBJECT(dev));
951
952 virtio_scsi_dataplane_setup(s, errp);
953}
954
955void virtio_scsi_common_unrealize(DeviceState *dev)
956{
957 VirtIODevice *vdev = VIRTIO_DEVICE(dev);
958 VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(dev);
959 int i;
960
961 virtio_delete_queue(vs->ctrl_vq);
962 virtio_delete_queue(vs->event_vq);
963 for (i = 0; i < vs->conf.num_queues; i++) {
964 virtio_delete_queue(vs->cmd_vqs[i]);
965 }
966 g_free(vs->cmd_vqs);
967 virtio_cleanup(vdev);
968}
969
970static void virtio_scsi_device_unrealize(DeviceState *dev)
971{
972 VirtIOSCSI *s = VIRTIO_SCSI(dev);
973
974 qbus_set_hotplug_handler(BUS(&s->bus), NULL);
975 virtio_scsi_common_unrealize(dev);
976}
977
978static Property virtio_scsi_properties[] = {
979 DEFINE_PROP_UINT32("num_queues", VirtIOSCSI, parent_obj.conf.num_queues,
980 VIRTIO_SCSI_AUTO_NUM_QUEUES),
981 DEFINE_PROP_UINT32("virtqueue_size", VirtIOSCSI,
982 parent_obj.conf.virtqueue_size, 256),
983 DEFINE_PROP_BOOL("seg_max_adjust", VirtIOSCSI,
984 parent_obj.conf.seg_max_adjust, true),
985 DEFINE_PROP_UINT32("max_sectors", VirtIOSCSI, parent_obj.conf.max_sectors,
986 0xFFFF),
987 DEFINE_PROP_UINT32("cmd_per_lun", VirtIOSCSI, parent_obj.conf.cmd_per_lun,
988 128),
989 DEFINE_PROP_BIT("hotplug", VirtIOSCSI, host_features,
990 VIRTIO_SCSI_F_HOTPLUG, true),
991 DEFINE_PROP_BIT("param_change", VirtIOSCSI, host_features,
992 VIRTIO_SCSI_F_CHANGE, true),
993 DEFINE_PROP_LINK("iothread", VirtIOSCSI, parent_obj.conf.iothread,
994 TYPE_IOTHREAD, IOThread *),
995 DEFINE_PROP_END_OF_LIST(),
996};
997
998static const VMStateDescription vmstate_virtio_scsi = {
999 .name = "virtio-scsi",
1000 .minimum_version_id = 1,
1001 .version_id = 1,
1002 .fields = (VMStateField[]) {
1003 VMSTATE_VIRTIO_DEVICE,
1004 VMSTATE_END_OF_LIST()
1005 },
1006};
1007
1008static void virtio_scsi_common_class_init(ObjectClass *klass, void *data)
1009{
1010 VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);
1011 DeviceClass *dc = DEVICE_CLASS(klass);
1012
1013 vdc->get_config = virtio_scsi_get_config;
1014 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
1015}
1016
1017static void virtio_scsi_class_init(ObjectClass *klass, void *data)
1018{
1019 DeviceClass *dc = DEVICE_CLASS(klass);
1020 VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);
1021 HotplugHandlerClass *hc = HOTPLUG_HANDLER_CLASS(klass);
1022
1023 device_class_set_props(dc, virtio_scsi_properties);
1024 dc->vmsd = &vmstate_virtio_scsi;
1025 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
1026 vdc->realize = virtio_scsi_device_realize;
1027 vdc->unrealize = virtio_scsi_device_unrealize;
1028 vdc->set_config = virtio_scsi_set_config;
1029 vdc->get_features = virtio_scsi_get_features;
1030 vdc->reset = virtio_scsi_reset;
1031 vdc->start_ioeventfd = virtio_scsi_dataplane_start;
1032 vdc->stop_ioeventfd = virtio_scsi_dataplane_stop;
1033 hc->pre_plug = virtio_scsi_pre_hotplug;
1034 hc->plug = virtio_scsi_hotplug;
1035 hc->unplug = virtio_scsi_hotunplug;
1036}
1037
1038static const TypeInfo virtio_scsi_common_info = {
1039 .name = TYPE_VIRTIO_SCSI_COMMON,
1040 .parent = TYPE_VIRTIO_DEVICE,
1041 .instance_size = sizeof(VirtIOSCSICommon),
1042 .abstract = true,
1043 .class_init = virtio_scsi_common_class_init,
1044};
1045
1046static const TypeInfo virtio_scsi_info = {
1047 .name = TYPE_VIRTIO_SCSI,
1048 .parent = TYPE_VIRTIO_SCSI_COMMON,
1049 .instance_size = sizeof(VirtIOSCSI),
1050 .class_init = virtio_scsi_class_init,
1051 .interfaces = (InterfaceInfo[]) {
1052 { TYPE_HOTPLUG_HANDLER },
1053 { }
1054 }
1055};
1056
1057static void virtio_register_types(void)
1058{
1059 type_register_static(&virtio_scsi_common_info);
1060 type_register_static(&virtio_scsi_info);
1061}
1062
1063type_init(virtio_register_types)
1064
