2 * SCSI Device emulation
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
7 * Written by Paul Brook
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
15 * This code is licensed under the LGPL.
17 * Note that this file only handles the SCSI architecture model and device
18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
25 #define DPRINTF(fmt, ...) \
26 do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
28 #define DPRINTF(fmt, ...) do {} while(0)
31 #include "qemu-common.h"
32 #include "qemu/error-report.h"
33 #include "hw/scsi/scsi.h"
34 #include "block/scsi.h"
35 #include "sysemu/sysemu.h"
36 #include "sysemu/blockdev.h"
37 #include "hw/block/block.h"
38 #include "sysemu/dma.h"
44 #define SCSI_DMA_BUF_SIZE 131072
45 #define SCSI_MAX_INQUIRY_LEN 256
46 #define SCSI_MAX_MODE_LEN 256
48 #define DEFAULT_DISCARD_GRANULARITY 4096
50 typedef struct SCSIDiskState SCSIDiskState;
52 typedef struct SCSIDiskReq {
54 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
56 uint32_t sector_count;
64 #define SCSI_DISK_F_REMOVABLE 0
65 #define SCSI_DISK_F_DPOFUA 1
66 #define SCSI_DISK_F_NO_REMOVABLE_DEVOPS 2
85 static int scsi_handle_rw_error(SCSIDiskReq *r, int error);
87 static void scsi_free_request(SCSIRequest *req)
89 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
91 qemu_vfree(r->iov.iov_base);
94 /* Helper function for command completion with sense. */
95 static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
97 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n",
98 r->req.tag, sense.key, sense.asc, sense.ascq);
99 scsi_req_build_sense(&r->req, sense);
100 scsi_req_complete(&r->req, CHECK_CONDITION);
103 /* Cancel a pending data transfer. */
104 static void scsi_cancel_io(SCSIRequest *req)
106 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
108 DPRINTF("Cancel tag=0x%x\n", req->tag);
110 bdrv_aio_cancel(r->req.aiocb);
112 /* This reference was left in by scsi_*_data. We take ownership of
113 * it the moment scsi_req_cancel is called, independent of whether
114 * bdrv_aio_cancel completes the request or not. */
115 scsi_req_unref(&r->req);
120 static uint32_t scsi_init_iovec(SCSIDiskReq *r, size_t size)
122 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
124 if (!r->iov.iov_base) {
126 r->iov.iov_base = qemu_blockalign(s->qdev.conf.bs, r->buflen);
128 r->iov.iov_len = MIN(r->sector_count * 512, r->buflen);
129 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
130 return r->qiov.size / 512;
133 static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req)
135 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
137 qemu_put_be64s(f, &r->sector);
138 qemu_put_be32s(f, &r->sector_count);
139 qemu_put_be32s(f, &r->buflen);
141 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
142 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
143 } else if (!req->retry) {
144 uint32_t len = r->iov.iov_len;
145 qemu_put_be32s(f, &len);
146 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
151 static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req)
153 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
155 qemu_get_be64s(f, &r->sector);
156 qemu_get_be32s(f, &r->sector_count);
157 qemu_get_be32s(f, &r->buflen);
159 scsi_init_iovec(r, r->buflen);
160 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
161 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
162 } else if (!r->req.retry) {
164 qemu_get_be32s(f, &len);
165 r->iov.iov_len = len;
166 assert(r->iov.iov_len <= r->buflen);
167 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
171 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
174 static void scsi_aio_complete(void *opaque, int ret)
176 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
177 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
179 assert(r->req.aiocb != NULL);
181 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
182 if (r->req.io_canceled) {
187 if (scsi_handle_rw_error(r, -ret)) {
192 scsi_req_complete(&r->req, GOOD);
195 if (!r->req.io_canceled) {
196 scsi_req_unref(&r->req);
200 static bool scsi_is_cmd_fua(SCSICommand *cmd)
202 switch (cmd->buf[0]) {
209 return (cmd->buf[1] & 8) != 0;
214 case WRITE_VERIFY_10:
215 case WRITE_VERIFY_12:
216 case WRITE_VERIFY_16:
226 static void scsi_write_do_fua(SCSIDiskReq *r)
228 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
230 if (r->req.io_canceled) {
234 if (scsi_is_cmd_fua(&r->req.cmd)) {
235 bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH);
236 r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_aio_complete, r);
240 scsi_req_complete(&r->req, GOOD);
243 if (!r->req.io_canceled) {
244 scsi_req_unref(&r->req);
248 static void scsi_dma_complete_noio(void *opaque, int ret)
250 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
251 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
253 if (r->req.aiocb != NULL) {
255 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
257 if (r->req.io_canceled) {
262 if (scsi_handle_rw_error(r, -ret)) {
267 r->sector += r->sector_count;
269 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
270 scsi_write_do_fua(r);
273 scsi_req_complete(&r->req, GOOD);
277 if (!r->req.io_canceled) {
278 scsi_req_unref(&r->req);
282 static void scsi_dma_complete(void *opaque, int ret)
284 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
286 assert(r->req.aiocb != NULL);
287 scsi_dma_complete_noio(opaque, ret);
290 static void scsi_read_complete(void * opaque, int ret)
292 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
293 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
296 assert(r->req.aiocb != NULL);
298 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
299 if (r->req.io_canceled) {
304 if (scsi_handle_rw_error(r, -ret)) {
309 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->qiov.size);
311 n = r->qiov.size / 512;
313 r->sector_count -= n;
314 scsi_req_data(&r->req, r->qiov.size);
317 if (!r->req.io_canceled) {
318 scsi_req_unref(&r->req);
322 /* Actually issue a read to the block device. */
323 static void scsi_do_read(void *opaque, int ret)
325 SCSIDiskReq *r = opaque;
326 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
329 if (r->req.aiocb != NULL) {
331 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
333 if (r->req.io_canceled) {
338 if (scsi_handle_rw_error(r, -ret)) {
343 /* The request is used as the AIO opaque value, so add a ref. */
344 scsi_req_ref(&r->req);
347 dma_acct_start(s->qdev.conf.bs, &r->acct, r->req.sg, BDRV_ACCT_READ);
348 r->req.resid -= r->req.sg->size;
349 r->req.aiocb = dma_bdrv_read(s->qdev.conf.bs, r->req.sg, r->sector,
350 scsi_dma_complete, r);
352 n = scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
353 bdrv_acct_start(s->qdev.conf.bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
354 r->req.aiocb = bdrv_aio_readv(s->qdev.conf.bs, r->sector, &r->qiov, n,
355 scsi_read_complete, r);
359 if (!r->req.io_canceled) {
360 scsi_req_unref(&r->req);
364 /* Read more data from scsi device into buffer. */
365 static void scsi_read_data(SCSIRequest *req)
367 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
368 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
371 DPRINTF("Read sector_count=%d\n", r->sector_count);
372 if (r->sector_count == 0) {
373 /* This also clears the sense buffer for REQUEST SENSE. */
374 scsi_req_complete(&r->req, GOOD);
378 /* No data transfer may already be in progress */
379 assert(r->req.aiocb == NULL);
381 /* The request is used as the AIO opaque value, so add a ref. */
382 scsi_req_ref(&r->req);
383 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
384 DPRINTF("Data transfer direction invalid\n");
385 scsi_read_complete(r, -EINVAL);
390 scsi_read_complete(r, -ENOMEDIUM);
396 if (first && scsi_is_cmd_fua(&r->req.cmd)) {
397 bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH);
398 r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_do_read, r);
405 * scsi_handle_rw_error has two return values. 0 means that the error
406 * must be ignored, 1 means that the error has been processed and the
407 * caller should not do anything else for this request. Note that
408 * scsi_handle_rw_error always manages its reference counts, independent
409 * of the return value.
411 static int scsi_handle_rw_error(SCSIDiskReq *r, int error)
413 bool is_read = (r->req.cmd.xfer == SCSI_XFER_FROM_DEV);
414 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
415 BlockErrorAction action = bdrv_get_error_action(s->qdev.conf.bs, is_read, error);
417 if (action == BDRV_ACTION_REPORT) {
420 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
423 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
426 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
429 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
433 bdrv_error_action(s->qdev.conf.bs, action, is_read, error);
434 if (action == BDRV_ACTION_STOP) {
435 scsi_req_retry(&r->req);
437 return action != BDRV_ACTION_IGNORE;
440 static void scsi_write_complete(void * opaque, int ret)
442 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
443 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
446 if (r->req.aiocb != NULL) {
448 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
450 if (r->req.io_canceled) {
455 if (scsi_handle_rw_error(r, -ret)) {
460 n = r->qiov.size / 512;
462 r->sector_count -= n;
463 if (r->sector_count == 0) {
464 scsi_write_do_fua(r);
467 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
468 DPRINTF("Write complete tag=0x%x more=%zd\n", r->req.tag, r->qiov.size);
469 scsi_req_data(&r->req, r->qiov.size);
473 if (!r->req.io_canceled) {
474 scsi_req_unref(&r->req);
478 static void scsi_write_data(SCSIRequest *req)
480 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
481 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
484 /* No data transfer may already be in progress */
485 assert(r->req.aiocb == NULL);
487 /* The request is used as the AIO opaque value, so add a ref. */
488 scsi_req_ref(&r->req);
489 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
490 DPRINTF("Data transfer direction invalid\n");
491 scsi_write_complete(r, -EINVAL);
495 if (!r->req.sg && !r->qiov.size) {
496 /* Called for the first time. Ask the driver to send us more data. */
498 scsi_write_complete(r, 0);
502 scsi_write_complete(r, -ENOMEDIUM);
506 if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 ||
507 r->req.cmd.buf[0] == VERIFY_16) {
509 scsi_dma_complete_noio(r, 0);
511 scsi_write_complete(r, 0);
517 dma_acct_start(s->qdev.conf.bs, &r->acct, r->req.sg, BDRV_ACCT_WRITE);
518 r->req.resid -= r->req.sg->size;
519 r->req.aiocb = dma_bdrv_write(s->qdev.conf.bs, r->req.sg, r->sector,
520 scsi_dma_complete, r);
522 n = r->qiov.size / 512;
523 bdrv_acct_start(s->qdev.conf.bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_WRITE);
524 r->req.aiocb = bdrv_aio_writev(s->qdev.conf.bs, r->sector, &r->qiov, n,
525 scsi_write_complete, r);
529 /* Return a pointer to the data buffer. */
530 static uint8_t *scsi_get_buf(SCSIRequest *req)
532 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
534 return (uint8_t *)r->iov.iov_base;
537 static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
539 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
543 if (req->cmd.buf[1] & 0x1) {
544 /* Vital product data */
545 uint8_t page_code = req->cmd.buf[2];
547 outbuf[buflen++] = s->qdev.type & 0x1f;
548 outbuf[buflen++] = page_code ; // this page
549 outbuf[buflen++] = 0x00;
550 outbuf[buflen++] = 0x00;
554 case 0x00: /* Supported page codes, mandatory */
556 DPRINTF("Inquiry EVPD[Supported pages] "
557 "buffer size %zd\n", req->cmd.xfer);
558 outbuf[buflen++] = 0x00; // list of supported pages (this page)
560 outbuf[buflen++] = 0x80; // unit serial number
562 outbuf[buflen++] = 0x83; // device identification
563 if (s->qdev.type == TYPE_DISK) {
564 outbuf[buflen++] = 0xb0; // block limits
565 outbuf[buflen++] = 0xb2; // thin provisioning
569 case 0x80: /* Device serial number, optional */
574 DPRINTF("Inquiry (EVPD[Serial number] not supported\n");
578 l = strlen(s->serial);
583 DPRINTF("Inquiry EVPD[Serial number] "
584 "buffer size %zd\n", req->cmd.xfer);
585 memcpy(outbuf+buflen, s->serial, l);
590 case 0x83: /* Device identification page, mandatory */
592 const char *str = s->serial ?: bdrv_get_device_name(s->qdev.conf.bs);
593 int max_len = s->serial ? 20 : 255 - 8;
594 int id_len = strlen(str);
596 if (id_len > max_len) {
599 DPRINTF("Inquiry EVPD[Device identification] "
600 "buffer size %zd\n", req->cmd.xfer);
602 outbuf[buflen++] = 0x2; // ASCII
603 outbuf[buflen++] = 0; // not officially assigned
604 outbuf[buflen++] = 0; // reserved
605 outbuf[buflen++] = id_len; // length of data following
606 memcpy(outbuf+buflen, str, id_len);
610 outbuf[buflen++] = 0x1; // Binary
611 outbuf[buflen++] = 0x3; // NAA
612 outbuf[buflen++] = 0; // reserved
613 outbuf[buflen++] = 8;
614 stq_be_p(&outbuf[buflen], s->wwn);
619 case 0xb0: /* block limits */
621 unsigned int unmap_sectors =
622 s->qdev.conf.discard_granularity / s->qdev.blocksize;
623 unsigned int min_io_size =
624 s->qdev.conf.min_io_size / s->qdev.blocksize;
625 unsigned int opt_io_size =
626 s->qdev.conf.opt_io_size / s->qdev.blocksize;
628 if (s->qdev.type == TYPE_ROM) {
629 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
633 /* required VPD size with unmap support */
635 memset(outbuf + 4, 0, buflen - 4);
637 /* optimal transfer length granularity */
638 outbuf[6] = (min_io_size >> 8) & 0xff;
639 outbuf[7] = min_io_size & 0xff;
641 /* optimal transfer length */
642 outbuf[12] = (opt_io_size >> 24) & 0xff;
643 outbuf[13] = (opt_io_size >> 16) & 0xff;
644 outbuf[14] = (opt_io_size >> 8) & 0xff;
645 outbuf[15] = opt_io_size & 0xff;
647 /* optimal unmap granularity */
648 outbuf[28] = (unmap_sectors >> 24) & 0xff;
649 outbuf[29] = (unmap_sectors >> 16) & 0xff;
650 outbuf[30] = (unmap_sectors >> 8) & 0xff;
651 outbuf[31] = unmap_sectors & 0xff;
654 case 0xb2: /* thin provisioning */
658 outbuf[5] = 0xe0; /* unmap & write_same 10/16 all supported */
659 outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1;
667 assert(buflen - start <= 255);
668 outbuf[start - 1] = buflen - start;
672 /* Standard INQUIRY data */
673 if (req->cmd.buf[2] != 0) {
678 buflen = req->cmd.xfer;
679 if (buflen > SCSI_MAX_INQUIRY_LEN) {
680 buflen = SCSI_MAX_INQUIRY_LEN;
683 outbuf[0] = s->qdev.type & 0x1f;
684 outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0;
686 strpadcpy((char *) &outbuf[16], 16, s->product, ' ');
687 strpadcpy((char *) &outbuf[8], 8, s->vendor, ' ');
689 memset(&outbuf[32], 0, 4);
690 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
692 * We claim conformance to SPC-3, which is required for guests
693 * to ask for modern features like READ CAPACITY(16) or the
694 * block characteristics VPD page by default. Not all of SPC-3
695 * is actually implemented, but we're good enough.
698 outbuf[3] = 2 | 0x10; /* Format 2, HiSup */
701 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
703 /* If the allocation length of CDB is too small,
704 the additional length is not adjusted */
708 /* Sync data transfer and TCQ. */
709 outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0);
713 static inline bool media_is_dvd(SCSIDiskState *s)
716 if (s->qdev.type != TYPE_ROM) {
719 if (!bdrv_is_inserted(s->qdev.conf.bs)) {
722 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
723 return nb_sectors > CD_MAX_SECTORS;
726 static inline bool media_is_cd(SCSIDiskState *s)
729 if (s->qdev.type != TYPE_ROM) {
732 if (!bdrv_is_inserted(s->qdev.conf.bs)) {
735 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
736 return nb_sectors <= CD_MAX_SECTORS;
739 static int scsi_read_disc_information(SCSIDiskState *s, SCSIDiskReq *r,
742 uint8_t type = r->req.cmd.buf[1] & 7;
744 if (s->qdev.type != TYPE_ROM) {
748 /* Types 1/2 are only defined for Blu-Ray. */
750 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
754 memset(outbuf, 0, 34);
756 outbuf[2] = 0xe; /* last session complete, disc finalized */
757 outbuf[3] = 1; /* first track on disc */
758 outbuf[4] = 1; /* # of sessions */
759 outbuf[5] = 1; /* first track of last session */
760 outbuf[6] = 1; /* last track of last session */
761 outbuf[7] = 0x20; /* unrestricted use */
762 outbuf[8] = 0x00; /* CD-ROM or DVD-ROM */
763 /* 9-10-11: most significant byte corresponding bytes 4-5-6 */
764 /* 12-23: not meaningful for CD-ROM or DVD-ROM */
765 /* 24-31: disc bar code */
766 /* 32: disc application code */
767 /* 33: number of OPC tables */
772 static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r,
775 static const int rds_caps_size[5] = {
782 uint8_t media = r->req.cmd.buf[1];
783 uint8_t layer = r->req.cmd.buf[6];
784 uint8_t format = r->req.cmd.buf[7];
787 if (s->qdev.type != TYPE_ROM) {
791 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
795 if (format != 0xff) {
796 if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) {
797 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
800 if (media_is_cd(s)) {
801 scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT));
804 if (format >= ARRAY_SIZE(rds_caps_size)) {
807 size = rds_caps_size[format];
808 memset(outbuf, 0, size);
813 /* Physical format information */
818 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
820 outbuf[4] = 1; /* DVD-ROM, part version 1 */
821 outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
822 outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
823 outbuf[7] = 0; /* default densities */
825 stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */
826 stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */
830 case 0x01: /* DVD copyright information, all zeros */
833 case 0x03: /* BCA information - invalid field for no BCA info */
836 case 0x04: /* DVD disc manufacturing information, all zeros */
839 case 0xff: { /* List capabilities */
842 for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) {
843 if (!rds_caps_size[i]) {
847 outbuf[size + 1] = 0x40; /* Not writable, readable */
848 stw_be_p(&outbuf[size + 2], rds_caps_size[i]);
858 /* Size of buffer, not including 2 byte size field */
859 stw_be_p(outbuf, size - 2);
866 static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf)
868 uint8_t event_code, media_status;
872 media_status = MS_TRAY_OPEN;
873 } else if (bdrv_is_inserted(s->qdev.conf.bs)) {
874 media_status = MS_MEDIA_PRESENT;
877 /* Event notification descriptor */
878 event_code = MEC_NO_CHANGE;
879 if (media_status != MS_TRAY_OPEN) {
880 if (s->media_event) {
881 event_code = MEC_NEW_MEDIA;
882 s->media_event = false;
883 } else if (s->eject_request) {
884 event_code = MEC_EJECT_REQUESTED;
885 s->eject_request = false;
889 outbuf[0] = event_code;
890 outbuf[1] = media_status;
892 /* These fields are reserved, just clear them. */
898 static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r,
902 uint8_t *buf = r->req.cmd.buf;
903 uint8_t notification_class_request = buf[4];
904 if (s->qdev.type != TYPE_ROM) {
907 if ((buf[1] & 1) == 0) {
913 outbuf[0] = outbuf[1] = 0;
914 outbuf[3] = 1 << GESN_MEDIA; /* supported events */
915 if (notification_class_request & (1 << GESN_MEDIA)) {
916 outbuf[2] = GESN_MEDIA;
917 size += scsi_event_status_media(s, &outbuf[size]);
921 stw_be_p(outbuf, size - 4);
925 static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf)
929 if (s->qdev.type != TYPE_ROM) {
932 current = media_is_dvd(s) ? MMC_PROFILE_DVD_ROM : MMC_PROFILE_CD_ROM;
933 memset(outbuf, 0, 40);
934 stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */
935 stw_be_p(&outbuf[6], current);
936 /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */
937 outbuf[10] = 0x03; /* persistent, current */
938 outbuf[11] = 8; /* two profiles */
939 stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM);
940 outbuf[14] = (current == MMC_PROFILE_DVD_ROM);
941 stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM);
942 outbuf[18] = (current == MMC_PROFILE_CD_ROM);
943 /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */
944 stw_be_p(&outbuf[20], 1);
945 outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */
947 stl_be_p(&outbuf[24], 1); /* SCSI */
948 outbuf[28] = 1; /* DBE = 1, mandatory */
949 /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */
950 stw_be_p(&outbuf[32], 3);
951 outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */
953 outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */
954 /* TODO: Random readable, CD read, DVD read, drive serial number,
959 static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf)
961 if (s->qdev.type != TYPE_ROM) {
964 memset(outbuf, 0, 8);
965 outbuf[5] = 1; /* CD-ROM */
969 static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
972 static const int mode_sense_valid[0x3f] = {
973 [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK),
974 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK),
975 [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
976 [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
977 [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM),
978 [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM),
981 uint8_t *p = *p_outbuf + 2;
984 if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) {
989 * If Changeable Values are requested, a mask denoting those mode parameters
990 * that are changeable shall be returned. As we currently don't support
991 * parameter changes via MODE_SELECT all bits are returned set to zero.
992 * The buffer was already menset to zero by the caller of this function.
994 * The offsets here are off by two compared to the descriptions in the
995 * SCSI specs, because those include a 2-byte header. This is unfortunate,
996 * but it is done so that offsets are consistent within our implementation
997 * of MODE SENSE and MODE SELECT. MODE SELECT has to deal with both
998 * 2-byte and 4-byte headers.
1001 case MODE_PAGE_HD_GEOMETRY:
1003 if (page_control == 1) { /* Changeable Values */
1006 /* if a geometry hint is available, use it */
1007 p[0] = (s->qdev.conf.cyls >> 16) & 0xff;
1008 p[1] = (s->qdev.conf.cyls >> 8) & 0xff;
1009 p[2] = s->qdev.conf.cyls & 0xff;
1010 p[3] = s->qdev.conf.heads & 0xff;
1011 /* Write precomp start cylinder, disabled */
1012 p[4] = (s->qdev.conf.cyls >> 16) & 0xff;
1013 p[5] = (s->qdev.conf.cyls >> 8) & 0xff;
1014 p[6] = s->qdev.conf.cyls & 0xff;
1015 /* Reduced current start cylinder, disabled */
1016 p[7] = (s->qdev.conf.cyls >> 16) & 0xff;
1017 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1018 p[9] = s->qdev.conf.cyls & 0xff;
1019 /* Device step rate [ns], 200ns */
1022 /* Landing zone cylinder */
1026 /* Medium rotation rate [rpm], 5400 rpm */
1027 p[18] = (5400 >> 8) & 0xff;
1028 p[19] = 5400 & 0xff;
1031 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY:
1033 if (page_control == 1) { /* Changeable Values */
1036 /* Transfer rate [kbit/s], 5Mbit/s */
1039 /* if a geometry hint is available, use it */
1040 p[2] = s->qdev.conf.heads & 0xff;
1041 p[3] = s->qdev.conf.secs & 0xff;
1042 p[4] = s->qdev.blocksize >> 8;
1043 p[6] = (s->qdev.conf.cyls >> 8) & 0xff;
1044 p[7] = s->qdev.conf.cyls & 0xff;
1045 /* Write precomp start cylinder, disabled */
1046 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1047 p[9] = s->qdev.conf.cyls & 0xff;
1048 /* Reduced current start cylinder, disabled */
1049 p[10] = (s->qdev.conf.cyls >> 8) & 0xff;
1050 p[11] = s->qdev.conf.cyls & 0xff;
1051 /* Device step rate [100us], 100us */
1054 /* Device step pulse width [us], 1us */
1056 /* Device head settle delay [100us], 100us */
1059 /* Motor on delay [0.1s], 0.1s */
1061 /* Motor off delay [0.1s], 0.1s */
1063 /* Medium rotation rate [rpm], 5400 rpm */
1064 p[26] = (5400 >> 8) & 0xff;
1065 p[27] = 5400 & 0xff;
1068 case MODE_PAGE_CACHING:
1070 if (page_control == 1 || /* Changeable Values */
1071 bdrv_enable_write_cache(s->qdev.conf.bs)) {
1076 case MODE_PAGE_R_W_ERROR:
1078 if (page_control == 1) { /* Changeable Values */
1081 p[0] = 0x80; /* Automatic Write Reallocation Enabled */
1082 if (s->qdev.type == TYPE_ROM) {
1083 p[1] = 0x20; /* Read Retry Count */
1087 case MODE_PAGE_AUDIO_CTL:
1091 case MODE_PAGE_CAPABILITIES:
1093 if (page_control == 1) { /* Changeable Values */
1097 p[0] = 0x3b; /* CD-R & CD-RW read */
1098 p[1] = 0; /* Writing not supported */
1099 p[2] = 0x7f; /* Audio, composite, digital out,
1100 mode 2 form 1&2, multi session */
1101 p[3] = 0xff; /* CD DA, DA accurate, RW supported,
1102 RW corrected, C2 errors, ISRC,
1104 p[4] = 0x2d | (s->tray_locked ? 2 : 0);
1105 /* Locking supported, jumper present, eject, tray */
1106 p[5] = 0; /* no volume & mute control, no
1108 p[6] = (50 * 176) >> 8; /* 50x read speed */
1109 p[7] = (50 * 176) & 0xff;
1110 p[8] = 2 >> 8; /* Two volume levels */
1112 p[10] = 2048 >> 8; /* 2M buffer */
1113 p[11] = 2048 & 0xff;
1114 p[12] = (16 * 176) >> 8; /* 16x read speed current */
1115 p[13] = (16 * 176) & 0xff;
1116 p[16] = (16 * 176) >> 8; /* 16x write speed */
1117 p[17] = (16 * 176) & 0xff;
1118 p[18] = (16 * 176) >> 8; /* 16x write speed current */
1119 p[19] = (16 * 176) & 0xff;
1126 assert(length < 256);
1127 (*p_outbuf)[0] = page;
1128 (*p_outbuf)[1] = length;
1129 *p_outbuf += length + 2;
1133 static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
1135 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1136 uint64_t nb_sectors;
1138 int page, buflen, ret, page_control;
1140 uint8_t dev_specific_param;
1142 dbd = (r->req.cmd.buf[1] & 0x8) != 0;
1143 page = r->req.cmd.buf[2] & 0x3f;
1144 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
1145 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
1146 (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control);
1147 memset(outbuf, 0, r->req.cmd.xfer);
1150 if (s->qdev.type == TYPE_DISK) {
1151 dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0;
1152 if (bdrv_is_read_only(s->qdev.conf.bs)) {
1153 dev_specific_param |= 0x80; /* Readonly. */
1156 /* MMC prescribes that CD/DVD drives have no block descriptors,
1157 * and defines no device-specific parameter. */
1158 dev_specific_param = 0x00;
1162 if (r->req.cmd.buf[0] == MODE_SENSE) {
1163 p[1] = 0; /* Default media type. */
1164 p[2] = dev_specific_param;
1165 p[3] = 0; /* Block descriptor length. */
1167 } else { /* MODE_SENSE_10 */
1168 p[2] = 0; /* Default media type. */
1169 p[3] = dev_specific_param;
1170 p[6] = p[7] = 0; /* Block descriptor length. */
1174 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1175 if (!dbd && nb_sectors) {
1176 if (r->req.cmd.buf[0] == MODE_SENSE) {
1177 outbuf[3] = 8; /* Block descriptor length */
1178 } else { /* MODE_SENSE_10 */
1179 outbuf[7] = 8; /* Block descriptor length */
1181 nb_sectors /= (s->qdev.blocksize / 512);
1182 if (nb_sectors > 0xffffff) {
1185 p[0] = 0; /* media density code */
1186 p[1] = (nb_sectors >> 16) & 0xff;
1187 p[2] = (nb_sectors >> 8) & 0xff;
1188 p[3] = nb_sectors & 0xff;
1189 p[4] = 0; /* reserved */
1190 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
1191 p[6] = s->qdev.blocksize >> 8;
1196 if (page_control == 3) {
1198 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
1203 for (page = 0; page <= 0x3e; page++) {
1204 mode_sense_page(s, page, &p, page_control);
1207 ret = mode_sense_page(s, page, &p, page_control);
1213 buflen = p - outbuf;
1215 * The mode data length field specifies the length in bytes of the
1216 * following data that is available to be transferred. The mode data
1217 * length does not include itself.
1219 if (r->req.cmd.buf[0] == MODE_SENSE) {
1220 outbuf[0] = buflen - 1;
1221 } else { /* MODE_SENSE_10 */
1222 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
1223 outbuf[1] = (buflen - 2) & 0xff;
1228 static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
1230 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1231 int start_track, format, msf, toclen;
1232 uint64_t nb_sectors;
1234 msf = req->cmd.buf[1] & 2;
1235 format = req->cmd.buf[2] & 0xf;
1236 start_track = req->cmd.buf[6];
1237 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1238 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
1239 nb_sectors /= s->qdev.blocksize / 512;
1242 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
1245 /* multi session : only a single session defined */
1247 memset(outbuf, 0, 12);
1253 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
1261 static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
1263 SCSIRequest *req = &r->req;
1264 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1265 bool start = req->cmd.buf[4] & 1;
1266 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
1267 int pwrcnd = req->cmd.buf[4] & 0xf0;
1270 /* eject/load only happens for power condition == 0 */
1274 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) && loej) {
1275 if (!start && !s->tray_open && s->tray_locked) {
1276 scsi_check_condition(r,
1277 bdrv_is_inserted(s->qdev.conf.bs)
1278 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
1279 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
1283 if (s->tray_open != !start) {
1284 bdrv_eject(s->qdev.conf.bs, !start);
1285 s->tray_open = !start;
1291 static void scsi_disk_emulate_read_data(SCSIRequest *req)
1293 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1294 int buflen = r->iov.iov_len;
1297 DPRINTF("Read buf_len=%d\n", buflen);
1300 scsi_req_data(&r->req, buflen);
1304 /* This also clears the sense buffer for REQUEST SENSE. */
1305 scsi_req_complete(&r->req, GOOD);
1308 static int scsi_disk_check_mode_select(SCSIDiskState *s, int page,
1309 uint8_t *inbuf, int inlen)
1311 uint8_t mode_current[SCSI_MAX_MODE_LEN];
1312 uint8_t mode_changeable[SCSI_MAX_MODE_LEN];
1314 int len, expected_len, changeable_len, i;
1316 /* The input buffer does not include the page header, so it is
1319 expected_len = inlen + 2;
1320 if (expected_len > SCSI_MAX_MODE_LEN) {
1325 memset(mode_current, 0, inlen + 2);
1326 len = mode_sense_page(s, page, &p, 0);
1327 if (len < 0 || len != expected_len) {
1331 p = mode_changeable;
1332 memset(mode_changeable, 0, inlen + 2);
1333 changeable_len = mode_sense_page(s, page, &p, 1);
1334 assert(changeable_len == len);
1336 /* Check that unchangeable bits are the same as what MODE SENSE
1339 for (i = 2; i < len; i++) {
1340 if (((mode_current[i] ^ inbuf[i - 2]) & ~mode_changeable[i]) != 0) {
1347 static void scsi_disk_apply_mode_select(SCSIDiskState *s, int page, uint8_t *p)
1350 case MODE_PAGE_CACHING:
1351 bdrv_set_enable_write_cache(s->qdev.conf.bs, (p[0] & 4) != 0);
1359 static int mode_select_pages(SCSIDiskReq *r, uint8_t *p, int len, bool change)
1361 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1364 int page, subpage, page_len;
1366 /* Parse both possible formats for the mode page headers. */
1370 goto invalid_param_len;
1373 page_len = lduw_be_p(&p[2]);
1378 goto invalid_param_len;
1389 if (page_len > len) {
1390 goto invalid_param_len;
1394 if (scsi_disk_check_mode_select(s, page, p, page_len) < 0) {
1398 scsi_disk_apply_mode_select(s, page, p);
1407 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1411 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1415 static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf)
1417 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1419 int cmd = r->req.cmd.buf[0];
1420 int len = r->req.cmd.xfer;
1421 int hdr_len = (cmd == MODE_SELECT ? 4 : 8);
1425 /* We only support PF=1, SP=0. */
1426 if ((r->req.cmd.buf[1] & 0x11) != 0x10) {
1430 if (len < hdr_len) {
1431 goto invalid_param_len;
1434 bd_len = (cmd == MODE_SELECT ? p[3] : lduw_be_p(&p[6]));
1438 goto invalid_param_len;
1440 if (bd_len != 0 && bd_len != 8) {
1447 /* Ensure no change is made if there is an error! */
1448 for (pass = 0; pass < 2; pass++) {
1449 if (mode_select_pages(r, p, len, pass == 1) < 0) {
1454 if (!bdrv_enable_write_cache(s->qdev.conf.bs)) {
1455 /* The request is used as the AIO opaque value, so add a ref. */
1456 scsi_req_ref(&r->req);
1457 bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH);
1458 r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_aio_complete, r);
1462 scsi_req_complete(&r->req, GOOD);
1466 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1470 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1474 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1477 static inline bool check_lba_range(SCSIDiskState *s,
1478 uint64_t sector_num, uint32_t nb_sectors)
1481 * The first line tests that no overflow happens when computing the last
1482 * sector. The second line tests that the last accessed sector is in
1485 * Careful, the computations should not underflow for nb_sectors == 0,
1486 * and a 0-block read to the first LBA beyond the end of device is
1489 return (sector_num <= sector_num + nb_sectors &&
1490 sector_num + nb_sectors <= s->qdev.max_lba + 1);
1493 typedef struct UnmapCBData {
1499 static void scsi_unmap_complete(void *opaque, int ret)
1501 UnmapCBData *data = opaque;
1502 SCSIDiskReq *r = data->r;
1503 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1504 uint64_t sector_num;
1505 uint32_t nb_sectors;
1507 r->req.aiocb = NULL;
1508 if (r->req.io_canceled) {
1513 if (scsi_handle_rw_error(r, -ret)) {
1518 if (data->count > 0) {
1519 sector_num = ldq_be_p(&data->inbuf[0]);
1520 nb_sectors = ldl_be_p(&data->inbuf[8]) & 0xffffffffULL;
1521 if (!check_lba_range(s, sector_num, nb_sectors)) {
1522 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1526 r->req.aiocb = bdrv_aio_discard(s->qdev.conf.bs,
1527 sector_num * (s->qdev.blocksize / 512),
1528 nb_sectors * (s->qdev.blocksize / 512),
1529 scsi_unmap_complete, data);
1535 scsi_req_complete(&r->req, GOOD);
1538 if (!r->req.io_canceled) {
1539 scsi_req_unref(&r->req);
1544 static void scsi_disk_emulate_unmap(SCSIDiskReq *r, uint8_t *inbuf)
1547 int len = r->req.cmd.xfer;
1551 goto invalid_param_len;
1553 if (len < lduw_be_p(&p[0]) + 2) {
1554 goto invalid_param_len;
1556 if (len < lduw_be_p(&p[2]) + 8) {
1557 goto invalid_param_len;
1559 if (lduw_be_p(&p[2]) & 15) {
1560 goto invalid_param_len;
1563 data = g_new0(UnmapCBData, 1);
1565 data->inbuf = &p[8];
1566 data->count = lduw_be_p(&p[2]) >> 4;
1568 /* The matching unref is in scsi_unmap_complete, before data is freed. */
1569 scsi_req_ref(&r->req);
1570 scsi_unmap_complete(data, 0);
1574 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1577 static void scsi_disk_emulate_write_data(SCSIRequest *req)
1579 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1581 if (r->iov.iov_len) {
1582 int buflen = r->iov.iov_len;
1583 DPRINTF("Write buf_len=%d\n", buflen);
1585 scsi_req_data(&r->req, buflen);
1589 switch (req->cmd.buf[0]) {
1591 case MODE_SELECT_10:
1592 /* This also clears the sense buffer for REQUEST SENSE. */
1593 scsi_disk_emulate_mode_select(r, r->iov.iov_base);
1597 scsi_disk_emulate_unmap(r, r->iov.iov_base);
1603 if (r->req.status == -1) {
1604 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1613 static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
1615 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1616 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1617 uint64_t nb_sectors;
1621 switch (req->cmd.buf[0]) {
1630 case ALLOW_MEDIUM_REMOVAL:
1631 case GET_CONFIGURATION:
1632 case GET_EVENT_STATUS_NOTIFICATION:
1633 case MECHANISM_STATUS:
1638 if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) {
1639 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1646 * FIXME: we shouldn't return anything bigger than 4k, but the code
1647 * requires the buffer to be as big as req->cmd.xfer in several
1648 * places. So, do not allow CDBs with a very large ALLOCATION
1649 * LENGTH. The real fix would be to modify scsi_read_data and
1650 * dma_buf_read, so that they return data beyond the buflen
1653 if (req->cmd.xfer > 65536) {
1654 goto illegal_request;
1656 r->buflen = MAX(4096, req->cmd.xfer);
1658 if (!r->iov.iov_base) {
1659 r->iov.iov_base = qemu_blockalign(s->qdev.conf.bs, r->buflen);
1662 buflen = req->cmd.xfer;
1663 outbuf = r->iov.iov_base;
1664 memset(outbuf, 0, r->buflen);
1665 switch (req->cmd.buf[0]) {
1666 case TEST_UNIT_READY:
1667 assert(!s->tray_open && bdrv_is_inserted(s->qdev.conf.bs));
1670 buflen = scsi_disk_emulate_inquiry(req, outbuf);
1672 goto illegal_request;
1677 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
1679 goto illegal_request;
1683 buflen = scsi_disk_emulate_read_toc(req, outbuf);
1685 goto illegal_request;
1689 if (req->cmd.buf[1] & 1) {
1690 goto illegal_request;
1694 if (req->cmd.buf[1] & 3) {
1695 goto illegal_request;
1699 if (req->cmd.buf[1] & 1) {
1700 goto illegal_request;
1704 if (req->cmd.buf[1] & 3) {
1705 goto illegal_request;
1709 if (scsi_disk_emulate_start_stop(r) < 0) {
1713 case ALLOW_MEDIUM_REMOVAL:
1714 s->tray_locked = req->cmd.buf[4] & 1;
1715 bdrv_lock_medium(s->qdev.conf.bs, req->cmd.buf[4] & 1);
1717 case READ_CAPACITY_10:
1718 /* The normal LEN field for this command is zero. */
1719 memset(outbuf, 0, 8);
1720 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1722 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
1725 if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) {
1726 goto illegal_request;
1728 nb_sectors /= s->qdev.blocksize / 512;
1729 /* Returned value is the address of the last sector. */
1731 /* Remember the new size for read/write sanity checking. */
1732 s->qdev.max_lba = nb_sectors;
1733 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
1734 if (nb_sectors > UINT32_MAX) {
1735 nb_sectors = UINT32_MAX;
1737 outbuf[0] = (nb_sectors >> 24) & 0xff;
1738 outbuf[1] = (nb_sectors >> 16) & 0xff;
1739 outbuf[2] = (nb_sectors >> 8) & 0xff;
1740 outbuf[3] = nb_sectors & 0xff;
1743 outbuf[6] = s->qdev.blocksize >> 8;
1747 /* Just return "NO SENSE". */
1748 buflen = scsi_build_sense(NULL, 0, outbuf, r->buflen,
1749 (req->cmd.buf[1] & 1) == 0);
1751 goto illegal_request;
1754 case MECHANISM_STATUS:
1755 buflen = scsi_emulate_mechanism_status(s, outbuf);
1757 goto illegal_request;
1760 case GET_CONFIGURATION:
1761 buflen = scsi_get_configuration(s, outbuf);
1763 goto illegal_request;
1766 case GET_EVENT_STATUS_NOTIFICATION:
1767 buflen = scsi_get_event_status_notification(s, r, outbuf);
1769 goto illegal_request;
1772 case READ_DISC_INFORMATION:
1773 buflen = scsi_read_disc_information(s, r, outbuf);
1775 goto illegal_request;
1778 case READ_DVD_STRUCTURE:
1779 buflen = scsi_read_dvd_structure(s, r, outbuf);
1781 goto illegal_request;
1784 case SERVICE_ACTION_IN_16:
1785 /* Service Action In subcommands. */
1786 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
1787 DPRINTF("SAI READ CAPACITY(16)\n");
1788 memset(outbuf, 0, req->cmd.xfer);
1789 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1791 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
1794 if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) {
1795 goto illegal_request;
1797 nb_sectors /= s->qdev.blocksize / 512;
1798 /* Returned value is the address of the last sector. */
1800 /* Remember the new size for read/write sanity checking. */
1801 s->qdev.max_lba = nb_sectors;
1802 outbuf[0] = (nb_sectors >> 56) & 0xff;
1803 outbuf[1] = (nb_sectors >> 48) & 0xff;
1804 outbuf[2] = (nb_sectors >> 40) & 0xff;
1805 outbuf[3] = (nb_sectors >> 32) & 0xff;
1806 outbuf[4] = (nb_sectors >> 24) & 0xff;
1807 outbuf[5] = (nb_sectors >> 16) & 0xff;
1808 outbuf[6] = (nb_sectors >> 8) & 0xff;
1809 outbuf[7] = nb_sectors & 0xff;
1812 outbuf[10] = s->qdev.blocksize >> 8;
1815 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
1817 /* set TPE bit if the format supports discard */
1818 if (s->qdev.conf.discard_granularity) {
1822 /* Protection, exponent and lowest lba field left blank. */
1825 DPRINTF("Unsupported Service Action In\n");
1826 goto illegal_request;
1827 case SYNCHRONIZE_CACHE:
1828 /* The request is used as the AIO opaque value, so add a ref. */
1829 scsi_req_ref(&r->req);
1830 bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH);
1831 r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_aio_complete, r);
1834 DPRINTF("Seek(10) (sector %" PRId64 ")\n", r->req.cmd.lba);
1835 if (r->req.cmd.lba > s->qdev.max_lba) {
1840 DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
1842 case MODE_SELECT_10:
1843 DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
1846 DPRINTF("Unmap (len %lu)\n", (long)r->req.cmd.xfer);
1851 DPRINTF("Verify (bytchk %lu)\n", (r->req.buf[1] >> 1) & 3);
1852 if (req->cmd.buf[1] & 6) {
1853 goto illegal_request;
1858 nb_sectors = scsi_data_cdb_length(r->req.cmd.buf);
1859 if (bdrv_is_read_only(s->qdev.conf.bs)) {
1860 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1863 if (!check_lba_range(s, r->req.cmd.lba, nb_sectors)) {
1868 * We only support WRITE SAME with the unmap bit set for now.
1870 if (!(req->cmd.buf[1] & 0x8)) {
1871 goto illegal_request;
1874 /* The request is used as the AIO opaque value, so add a ref. */
1875 scsi_req_ref(&r->req);
1876 r->req.aiocb = bdrv_aio_discard(s->qdev.conf.bs,
1877 r->req.cmd.lba * (s->qdev.blocksize / 512),
1878 nb_sectors * (s->qdev.blocksize / 512),
1879 scsi_aio_complete, r);
1882 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
1883 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
1886 assert(!r->req.aiocb);
1887 r->iov.iov_len = MIN(r->buflen, req->cmd.xfer);
1888 if (r->iov.iov_len == 0) {
1889 scsi_req_complete(&r->req, GOOD);
1891 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
1892 assert(r->iov.iov_len == req->cmd.xfer);
1893 return -r->iov.iov_len;
1895 return r->iov.iov_len;
1899 if (r->req.status == -1) {
1900 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1905 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1909 /* Execute a scsi command. Returns the length of the data expected by the
1910 command. This will be Positive for data transfers from the device
1911 (eg. disk reads), negative for transfers to the device (eg. disk writes),
1912 and zero if the command does not transfer any data. */
1914 static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf)
1916 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1917 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1923 if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) {
1924 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1928 len = scsi_data_cdb_length(r->req.cmd.buf);
1934 DPRINTF("Read (sector %" PRId64 ", count %u)\n", r->req.cmd.lba, len);
1935 if (r->req.cmd.buf[1] & 0xe0) {
1936 goto illegal_request;
1938 if (!check_lba_range(s, r->req.cmd.lba, len)) {
1941 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
1942 r->sector_count = len * (s->qdev.blocksize / 512);
1948 case WRITE_VERIFY_10:
1949 case WRITE_VERIFY_12:
1950 case WRITE_VERIFY_16:
1951 if (bdrv_is_read_only(s->qdev.conf.bs)) {
1952 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1955 DPRINTF("Write %s(sector %" PRId64 ", count %u)\n",
1956 (command & 0xe) == 0xe ? "And Verify " : "",
1957 r->req.cmd.lba, len);
1958 if (r->req.cmd.buf[1] & 0xe0) {
1959 goto illegal_request;
1961 if (!check_lba_range(s, r->req.cmd.lba, len)) {
1964 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
1965 r->sector_count = len * (s->qdev.blocksize / 512);
1970 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1973 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1976 if (r->sector_count == 0) {
1977 scsi_req_complete(&r->req, GOOD);
1979 assert(r->iov.iov_len == 0);
1980 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
1981 return -r->sector_count * 512;
1983 return r->sector_count * 512;
1987 static void scsi_disk_reset(DeviceState *dev)
1989 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
1990 uint64_t nb_sectors;
1992 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
1994 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1995 nb_sectors /= s->qdev.blocksize / 512;
1999 s->qdev.max_lba = nb_sectors;
2000 /* reset tray statuses */
2005 static void scsi_destroy(SCSIDevice *dev)
2007 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2009 scsi_device_purge_requests(&s->qdev, SENSE_CODE(NO_SENSE));
2010 blockdev_mark_auto_del(s->qdev.conf.bs);
2013 static void scsi_disk_resize_cb(void *opaque)
2015 SCSIDiskState *s = opaque;
2017 /* SPC lists this sense code as available only for
2018 * direct-access devices.
2020 if (s->qdev.type == TYPE_DISK) {
2021 scsi_device_report_change(&s->qdev, SENSE_CODE(CAPACITY_CHANGED));
2025 static void scsi_cd_change_media_cb(void *opaque, bool load)
2027 SCSIDiskState *s = opaque;
2030 * When a CD gets changed, we have to report an ejected state and
2031 * then a loaded state to guests so that they detect tray
2032 * open/close and media change events. Guests that do not use
2033 * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close
2034 * states rely on this behavior.
2036 * media_changed governs the state machine used for unit attention
2037 * report. media_event is used by GET EVENT STATUS NOTIFICATION.
2039 s->media_changed = load;
2040 s->tray_open = !load;
2041 scsi_device_set_ua(&s->qdev, SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM));
2042 s->media_event = true;
2043 s->eject_request = false;
2046 static void scsi_cd_eject_request_cb(void *opaque, bool force)
2048 SCSIDiskState *s = opaque;
2050 s->eject_request = true;
2052 s->tray_locked = false;
2056 static bool scsi_cd_is_tray_open(void *opaque)
2058 return ((SCSIDiskState *)opaque)->tray_open;
2061 static bool scsi_cd_is_medium_locked(void *opaque)
2063 return ((SCSIDiskState *)opaque)->tray_locked;
2066 static const BlockDevOps scsi_disk_removable_block_ops = {
2067 .change_media_cb = scsi_cd_change_media_cb,
2068 .eject_request_cb = scsi_cd_eject_request_cb,
2069 .is_tray_open = scsi_cd_is_tray_open,
2070 .is_medium_locked = scsi_cd_is_medium_locked,
2072 .resize_cb = scsi_disk_resize_cb,
2075 static const BlockDevOps scsi_disk_block_ops = {
2076 .resize_cb = scsi_disk_resize_cb,
2079 static void scsi_disk_unit_attention_reported(SCSIDevice *dev)
2081 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2082 if (s->media_changed) {
2083 s->media_changed = false;
2084 scsi_device_set_ua(&s->qdev, SENSE_CODE(MEDIUM_CHANGED));
2088 static int scsi_initfn(SCSIDevice *dev)
2090 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2092 if (!s->qdev.conf.bs) {
2093 error_report("drive property not set");
2097 if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2098 !bdrv_is_inserted(s->qdev.conf.bs)) {
2099 error_report("Device needs media, but drive is empty");
2103 blkconf_serial(&s->qdev.conf, &s->serial);
2104 if (dev->type == TYPE_DISK
2105 && blkconf_geometry(&dev->conf, NULL, 65535, 255, 255) < 0) {
2109 if (s->qdev.conf.discard_granularity == -1) {
2110 s->qdev.conf.discard_granularity =
2111 MAX(s->qdev.conf.logical_block_size, DEFAULT_DISCARD_GRANULARITY);
2115 s->version = g_strdup(qemu_get_version());
2118 s->vendor = g_strdup("QEMU");
2121 if (bdrv_is_sg(s->qdev.conf.bs)) {
2122 error_report("unwanted /dev/sg*");
2126 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2127 !(s->features & (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS))) {
2128 bdrv_set_dev_ops(s->qdev.conf.bs, &scsi_disk_removable_block_ops, s);
2130 bdrv_set_dev_ops(s->qdev.conf.bs, &scsi_disk_block_ops, s);
2132 bdrv_set_buffer_alignment(s->qdev.conf.bs, s->qdev.blocksize);
2134 bdrv_iostatus_enable(s->qdev.conf.bs);
2135 add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, NULL);
2139 static int scsi_hd_initfn(SCSIDevice *dev)
2141 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2142 s->qdev.blocksize = s->qdev.conf.logical_block_size;
2143 s->qdev.type = TYPE_DISK;
2145 s->product = g_strdup("QEMU HARDDISK");
2147 return scsi_initfn(&s->qdev);
2150 static int scsi_cd_initfn(SCSIDevice *dev)
2152 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2153 s->qdev.blocksize = 2048;
2154 s->qdev.type = TYPE_ROM;
2155 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2157 s->product = g_strdup("QEMU CD-ROM");
2159 return scsi_initfn(&s->qdev);
2162 static int scsi_disk_initfn(SCSIDevice *dev)
2166 if (!dev->conf.bs) {
2167 return scsi_initfn(dev); /* ... and die there */
2170 dinfo = drive_get_by_blockdev(dev->conf.bs);
2171 if (dinfo->media_cd) {
2172 return scsi_cd_initfn(dev);
2174 return scsi_hd_initfn(dev);
2178 static const SCSIReqOps scsi_disk_emulate_reqops = {
2179 .size = sizeof(SCSIDiskReq),
2180 .free_req = scsi_free_request,
2181 .send_command = scsi_disk_emulate_command,
2182 .read_data = scsi_disk_emulate_read_data,
2183 .write_data = scsi_disk_emulate_write_data,
2184 .get_buf = scsi_get_buf,
2187 static const SCSIReqOps scsi_disk_dma_reqops = {
2188 .size = sizeof(SCSIDiskReq),
2189 .free_req = scsi_free_request,
2190 .send_command = scsi_disk_dma_command,
2191 .read_data = scsi_read_data,
2192 .write_data = scsi_write_data,
2193 .cancel_io = scsi_cancel_io,
2194 .get_buf = scsi_get_buf,
2195 .load_request = scsi_disk_load_request,
2196 .save_request = scsi_disk_save_request,
2199 static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = {
2200 [TEST_UNIT_READY] = &scsi_disk_emulate_reqops,
2201 [INQUIRY] = &scsi_disk_emulate_reqops,
2202 [MODE_SENSE] = &scsi_disk_emulate_reqops,
2203 [MODE_SENSE_10] = &scsi_disk_emulate_reqops,
2204 [START_STOP] = &scsi_disk_emulate_reqops,
2205 [ALLOW_MEDIUM_REMOVAL] = &scsi_disk_emulate_reqops,
2206 [READ_CAPACITY_10] = &scsi_disk_emulate_reqops,
2207 [READ_TOC] = &scsi_disk_emulate_reqops,
2208 [READ_DVD_STRUCTURE] = &scsi_disk_emulate_reqops,
2209 [READ_DISC_INFORMATION] = &scsi_disk_emulate_reqops,
2210 [GET_CONFIGURATION] = &scsi_disk_emulate_reqops,
2211 [GET_EVENT_STATUS_NOTIFICATION] = &scsi_disk_emulate_reqops,
2212 [MECHANISM_STATUS] = &scsi_disk_emulate_reqops,
2213 [SERVICE_ACTION_IN_16] = &scsi_disk_emulate_reqops,
2214 [REQUEST_SENSE] = &scsi_disk_emulate_reqops,
2215 [SYNCHRONIZE_CACHE] = &scsi_disk_emulate_reqops,
2216 [SEEK_10] = &scsi_disk_emulate_reqops,
2217 [MODE_SELECT] = &scsi_disk_emulate_reqops,
2218 [MODE_SELECT_10] = &scsi_disk_emulate_reqops,
2219 [UNMAP] = &scsi_disk_emulate_reqops,
2220 [WRITE_SAME_10] = &scsi_disk_emulate_reqops,
2221 [WRITE_SAME_16] = &scsi_disk_emulate_reqops,
2222 [VERIFY_10] = &scsi_disk_emulate_reqops,
2223 [VERIFY_12] = &scsi_disk_emulate_reqops,
2224 [VERIFY_16] = &scsi_disk_emulate_reqops,
2226 [READ_6] = &scsi_disk_dma_reqops,
2227 [READ_10] = &scsi_disk_dma_reqops,
2228 [READ_12] = &scsi_disk_dma_reqops,
2229 [READ_16] = &scsi_disk_dma_reqops,
2230 [WRITE_6] = &scsi_disk_dma_reqops,
2231 [WRITE_10] = &scsi_disk_dma_reqops,
2232 [WRITE_12] = &scsi_disk_dma_reqops,
2233 [WRITE_16] = &scsi_disk_dma_reqops,
2234 [WRITE_VERIFY_10] = &scsi_disk_dma_reqops,
2235 [WRITE_VERIFY_12] = &scsi_disk_dma_reqops,
2236 [WRITE_VERIFY_16] = &scsi_disk_dma_reqops,
2239 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
2240 uint8_t *buf, void *hba_private)
2242 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2244 const SCSIReqOps *ops;
2248 ops = scsi_disk_reqops_dispatch[command];
2250 ops = &scsi_disk_emulate_reqops;
2252 req = scsi_req_alloc(ops, &s->qdev, tag, lun, hba_private);
2255 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
2258 for (i = 1; i < req->cmd.len; i++) {
2259 printf(" 0x%02x", buf[i]);
2269 static int get_device_type(SCSIDiskState *s)
2271 BlockDriverState *bdrv = s->qdev.conf.bs;
2274 uint8_t sensebuf[8];
2275 sg_io_hdr_t io_header;
2278 memset(cmd, 0, sizeof(cmd));
2279 memset(buf, 0, sizeof(buf));
2281 cmd[4] = sizeof(buf);
2283 memset(&io_header, 0, sizeof(io_header));
2284 io_header.interface_id = 'S';
2285 io_header.dxfer_direction = SG_DXFER_FROM_DEV;
2286 io_header.dxfer_len = sizeof(buf);
2287 io_header.dxferp = buf;
2288 io_header.cmdp = cmd;
2289 io_header.cmd_len = sizeof(cmd);
2290 io_header.mx_sb_len = sizeof(sensebuf);
2291 io_header.sbp = sensebuf;
2292 io_header.timeout = 6000; /* XXX */
2294 ret = bdrv_ioctl(bdrv, SG_IO, &io_header);
2295 if (ret < 0 || io_header.driver_status || io_header.host_status) {
2298 s->qdev.type = buf[0];
2299 if (buf[1] & 0x80) {
2300 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2305 static int scsi_block_initfn(SCSIDevice *dev)
2307 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2311 if (!s->qdev.conf.bs) {
2312 error_report("scsi-block: drive property not set");
2316 /* check we are using a driver managing SG_IO (version 3 and after) */
2317 if (bdrv_ioctl(s->qdev.conf.bs, SG_GET_VERSION_NUM, &sg_version) < 0 ||
2318 sg_version < 30000) {
2319 error_report("scsi-block: scsi generic interface too old");
2323 /* get device type from INQUIRY data */
2324 rc = get_device_type(s);
2326 error_report("scsi-block: INQUIRY failed");
2330 /* Make a guess for the block size, we'll fix it when the guest sends.
2331 * READ CAPACITY. If they don't, they likely would assume these sizes
2332 * anyway. (TODO: check in /sys).
2334 if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) {
2335 s->qdev.blocksize = 2048;
2337 s->qdev.blocksize = 512;
2340 /* Makes the scsi-block device not removable by using HMP and QMP eject
2343 s->features |= (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS);
2345 return scsi_initfn(&s->qdev);
2348 static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag,
2349 uint32_t lun, uint8_t *buf,
2352 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2366 case WRITE_VERIFY_10:
2367 case WRITE_VERIFY_12:
2368 case WRITE_VERIFY_16:
2369 /* If we are not using O_DIRECT, we might read stale data from the
2370 * host cache if writes were made using other commands than these
2371 * ones (such as WRITE SAME or EXTENDED COPY, etc.). So, without
2372 * O_DIRECT everything must go through SG_IO.
2374 if (bdrv_get_flags(s->qdev.conf.bs) & BDRV_O_NOCACHE) {
2378 /* MMC writing cannot be done via pread/pwrite, because it sometimes
2379 * involves writing beyond the maximum LBA or to negative LBA (lead-in).
2380 * And once you do these writes, reading from the block device is
2381 * unreliable, too. It is even possible that reads deliver random data
2382 * from the host page cache (this is probably a Linux bug).
2384 * We might use scsi_disk_dma_reqops as long as no writing commands are
2385 * seen, but performance usually isn't paramount on optical media. So,
2386 * just make scsi-block operate the same as scsi-generic for them.
2388 if (s->qdev.type != TYPE_ROM) {
2389 return scsi_req_alloc(&scsi_disk_dma_reqops, &s->qdev, tag, lun,
2394 return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun,
2399 #define DEFINE_SCSI_DISK_PROPERTIES() \
2400 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \
2401 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
2402 DEFINE_PROP_STRING("serial", SCSIDiskState, serial), \
2403 DEFINE_PROP_STRING("vendor", SCSIDiskState, vendor), \
2404 DEFINE_PROP_STRING("product", SCSIDiskState, product)
2406 static Property scsi_hd_properties[] = {
2407 DEFINE_SCSI_DISK_PROPERTIES(),
2408 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2409 SCSI_DISK_F_REMOVABLE, false),
2410 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2411 SCSI_DISK_F_DPOFUA, false),
2412 DEFINE_PROP_HEX64("wwn", SCSIDiskState, wwn, 0),
2413 DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState, qdev.conf),
2414 DEFINE_PROP_END_OF_LIST(),
2417 static const VMStateDescription vmstate_scsi_disk_state = {
2418 .name = "scsi-disk",
2420 .minimum_version_id = 1,
2421 .minimum_version_id_old = 1,
2422 .fields = (VMStateField[]) {
2423 VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState),
2424 VMSTATE_BOOL(media_changed, SCSIDiskState),
2425 VMSTATE_BOOL(media_event, SCSIDiskState),
2426 VMSTATE_BOOL(eject_request, SCSIDiskState),
2427 VMSTATE_BOOL(tray_open, SCSIDiskState),
2428 VMSTATE_BOOL(tray_locked, SCSIDiskState),
2429 VMSTATE_END_OF_LIST()
2433 static void scsi_hd_class_initfn(ObjectClass *klass, void *data)
2435 DeviceClass *dc = DEVICE_CLASS(klass);
2436 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2438 sc->init = scsi_hd_initfn;
2439 sc->destroy = scsi_destroy;
2440 sc->alloc_req = scsi_new_request;
2441 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
2442 dc->fw_name = "disk";
2443 dc->desc = "virtual SCSI disk";
2444 dc->reset = scsi_disk_reset;
2445 dc->props = scsi_hd_properties;
2446 dc->vmsd = &vmstate_scsi_disk_state;
2449 static const TypeInfo scsi_hd_info = {
2451 .parent = TYPE_SCSI_DEVICE,
2452 .instance_size = sizeof(SCSIDiskState),
2453 .class_init = scsi_hd_class_initfn,
2456 static Property scsi_cd_properties[] = {
2457 DEFINE_SCSI_DISK_PROPERTIES(),
2458 DEFINE_PROP_HEX64("wwn", SCSIDiskState, wwn, 0),
2459 DEFINE_PROP_END_OF_LIST(),
2462 static void scsi_cd_class_initfn(ObjectClass *klass, void *data)
2464 DeviceClass *dc = DEVICE_CLASS(klass);
2465 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2467 sc->init = scsi_cd_initfn;
2468 sc->destroy = scsi_destroy;
2469 sc->alloc_req = scsi_new_request;
2470 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
2471 dc->fw_name = "disk";
2472 dc->desc = "virtual SCSI CD-ROM";
2473 dc->reset = scsi_disk_reset;
2474 dc->props = scsi_cd_properties;
2475 dc->vmsd = &vmstate_scsi_disk_state;
2478 static const TypeInfo scsi_cd_info = {
2480 .parent = TYPE_SCSI_DEVICE,
2481 .instance_size = sizeof(SCSIDiskState),
2482 .class_init = scsi_cd_class_initfn,
2486 static Property scsi_block_properties[] = {
2487 DEFINE_PROP_DRIVE("drive", SCSIDiskState, qdev.conf.bs),
2488 DEFINE_PROP_INT32("bootindex", SCSIDiskState, qdev.conf.bootindex, -1),
2489 DEFINE_PROP_END_OF_LIST(),
2492 static void scsi_block_class_initfn(ObjectClass *klass, void *data)
2494 DeviceClass *dc = DEVICE_CLASS(klass);
2495 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2497 sc->init = scsi_block_initfn;
2498 sc->destroy = scsi_destroy;
2499 sc->alloc_req = scsi_block_new_request;
2500 dc->fw_name = "disk";
2501 dc->desc = "SCSI block device passthrough";
2502 dc->reset = scsi_disk_reset;
2503 dc->props = scsi_block_properties;
2504 dc->vmsd = &vmstate_scsi_disk_state;
2507 static const TypeInfo scsi_block_info = {
2508 .name = "scsi-block",
2509 .parent = TYPE_SCSI_DEVICE,
2510 .instance_size = sizeof(SCSIDiskState),
2511 .class_init = scsi_block_class_initfn,
2515 static Property scsi_disk_properties[] = {
2516 DEFINE_SCSI_DISK_PROPERTIES(),
2517 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2518 SCSI_DISK_F_REMOVABLE, false),
2519 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2520 SCSI_DISK_F_DPOFUA, false),
2521 DEFINE_PROP_HEX64("wwn", SCSIDiskState, wwn, 0),
2522 DEFINE_PROP_END_OF_LIST(),
2525 static void scsi_disk_class_initfn(ObjectClass *klass, void *data)
2527 DeviceClass *dc = DEVICE_CLASS(klass);
2528 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2530 sc->init = scsi_disk_initfn;
2531 sc->destroy = scsi_destroy;
2532 sc->alloc_req = scsi_new_request;
2533 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
2534 dc->fw_name = "disk";
2535 dc->desc = "virtual SCSI disk or CD-ROM (legacy)";
2536 dc->reset = scsi_disk_reset;
2537 dc->props = scsi_disk_properties;
2538 dc->vmsd = &vmstate_scsi_disk_state;
2541 static const TypeInfo scsi_disk_info = {
2542 .name = "scsi-disk",
2543 .parent = TYPE_SCSI_DEVICE,
2544 .instance_size = sizeof(SCSIDiskState),
2545 .class_init = scsi_disk_class_initfn,
2548 static void scsi_disk_register_types(void)
2550 type_register_static(&scsi_hd_info);
2551 type_register_static(&scsi_cd_info);
2553 type_register_static(&scsi_block_info);
2555 type_register_static(&scsi_disk_info);
2558 type_init(scsi_disk_register_types)
projects / lisovros / qemu_apohw.git / blob