2 * SCSI Device emulation
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
7 * Written by Paul Brook
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
15 * This code is licensed under the LGPL.
17 * Note that this file only handles the SCSI architecture model and device
18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
25 #define DPRINTF(fmt, ...) \
26 do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
28 #define DPRINTF(fmt, ...) do {} while(0)
31 #include "qemu-common.h"
32 #include "qemu/error-report.h"
34 #include "scsi-defs.h"
35 #include "sysemu/sysemu.h"
36 #include "sysemu/blockdev.h"
37 #include "hw/block-common.h"
38 #include "sysemu/dma.h"
44 #define SCSI_DMA_BUF_SIZE 131072
45 #define SCSI_MAX_INQUIRY_LEN 256
46 #define SCSI_MAX_MODE_LEN 256
48 typedef struct SCSIDiskState SCSIDiskState;
50 typedef struct SCSIDiskReq {
52 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
54 uint32_t sector_count;
62 #define SCSI_DISK_F_REMOVABLE 0
63 #define SCSI_DISK_F_DPOFUA 1
82 static int scsi_handle_rw_error(SCSIDiskReq *r, int error);
84 static void scsi_free_request(SCSIRequest *req)
86 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
88 qemu_vfree(r->iov.iov_base);
91 /* Helper function for command completion with sense. */
92 static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
94 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n",
95 r->req.tag, sense.key, sense.asc, sense.ascq);
96 scsi_req_build_sense(&r->req, sense);
97 scsi_req_complete(&r->req, CHECK_CONDITION);
100 /* Cancel a pending data transfer. */
101 static void scsi_cancel_io(SCSIRequest *req)
103 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
105 DPRINTF("Cancel tag=0x%x\n", req->tag);
107 bdrv_aio_cancel(r->req.aiocb);
109 /* This reference was left in by scsi_*_data. We take ownership of
110 * it the moment scsi_req_cancel is called, independent of whether
111 * bdrv_aio_cancel completes the request or not. */
112 scsi_req_unref(&r->req);
117 static uint32_t scsi_init_iovec(SCSIDiskReq *r, size_t size)
119 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
121 if (!r->iov.iov_base) {
123 r->iov.iov_base = qemu_blockalign(s->qdev.conf.bs, r->buflen);
125 r->iov.iov_len = MIN(r->sector_count * 512, r->buflen);
126 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
127 return r->qiov.size / 512;
130 static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req)
132 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
134 qemu_put_be64s(f, &r->sector);
135 qemu_put_be32s(f, &r->sector_count);
136 qemu_put_be32s(f, &r->buflen);
138 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
139 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
140 } else if (!req->retry) {
141 uint32_t len = r->iov.iov_len;
142 qemu_put_be32s(f, &len);
143 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
148 static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req)
150 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
152 qemu_get_be64s(f, &r->sector);
153 qemu_get_be32s(f, &r->sector_count);
154 qemu_get_be32s(f, &r->buflen);
156 scsi_init_iovec(r, r->buflen);
157 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
158 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
159 } else if (!r->req.retry) {
161 qemu_get_be32s(f, &len);
162 r->iov.iov_len = len;
163 assert(r->iov.iov_len <= r->buflen);
164 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
168 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
171 static void scsi_aio_complete(void *opaque, int ret)
173 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
174 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
176 assert(r->req.aiocb != NULL);
178 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
181 if (scsi_handle_rw_error(r, -ret)) {
186 scsi_req_complete(&r->req, GOOD);
189 if (!r->req.io_canceled) {
190 scsi_req_unref(&r->req);
194 static bool scsi_is_cmd_fua(SCSICommand *cmd)
196 switch (cmd->buf[0]) {
203 return (cmd->buf[1] & 8) != 0;
208 case WRITE_VERIFY_10:
209 case WRITE_VERIFY_12:
210 case WRITE_VERIFY_16:
220 static void scsi_write_do_fua(SCSIDiskReq *r)
222 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
224 if (scsi_is_cmd_fua(&r->req.cmd)) {
225 bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH);
226 r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_aio_complete, r);
230 scsi_req_complete(&r->req, GOOD);
231 if (!r->req.io_canceled) {
232 scsi_req_unref(&r->req);
236 static void scsi_dma_complete(void *opaque, int ret)
238 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
239 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
241 assert(r->req.aiocb != NULL);
243 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
246 if (scsi_handle_rw_error(r, -ret)) {
251 r->sector += r->sector_count;
253 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
254 scsi_write_do_fua(r);
257 scsi_req_complete(&r->req, GOOD);
261 if (!r->req.io_canceled) {
262 scsi_req_unref(&r->req);
266 static void scsi_read_complete(void * opaque, int ret)
268 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
269 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
272 assert(r->req.aiocb != NULL);
274 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
277 if (scsi_handle_rw_error(r, -ret)) {
282 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->qiov.size);
284 n = r->qiov.size / 512;
286 r->sector_count -= n;
287 scsi_req_data(&r->req, r->qiov.size);
290 if (!r->req.io_canceled) {
291 scsi_req_unref(&r->req);
295 /* Actually issue a read to the block device. */
296 static void scsi_do_read(void *opaque, int ret)
298 SCSIDiskReq *r = opaque;
299 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
302 if (r->req.aiocb != NULL) {
304 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
308 if (scsi_handle_rw_error(r, -ret)) {
313 if (r->req.io_canceled) {
317 /* The request is used as the AIO opaque value, so add a ref. */
318 scsi_req_ref(&r->req);
321 dma_acct_start(s->qdev.conf.bs, &r->acct, r->req.sg, BDRV_ACCT_READ);
322 r->req.resid -= r->req.sg->size;
323 r->req.aiocb = dma_bdrv_read(s->qdev.conf.bs, r->req.sg, r->sector,
324 scsi_dma_complete, r);
326 n = scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
327 bdrv_acct_start(s->qdev.conf.bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
328 r->req.aiocb = bdrv_aio_readv(s->qdev.conf.bs, r->sector, &r->qiov, n,
329 scsi_read_complete, r);
333 if (!r->req.io_canceled) {
334 scsi_req_unref(&r->req);
338 /* Read more data from scsi device into buffer. */
339 static void scsi_read_data(SCSIRequest *req)
341 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
342 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
345 DPRINTF("Read sector_count=%d\n", r->sector_count);
346 if (r->sector_count == 0) {
347 /* This also clears the sense buffer for REQUEST SENSE. */
348 scsi_req_complete(&r->req, GOOD);
352 /* No data transfer may already be in progress */
353 assert(r->req.aiocb == NULL);
355 /* The request is used as the AIO opaque value, so add a ref. */
356 scsi_req_ref(&r->req);
357 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
358 DPRINTF("Data transfer direction invalid\n");
359 scsi_read_complete(r, -EINVAL);
364 scsi_read_complete(r, -ENOMEDIUM);
370 if (first && scsi_is_cmd_fua(&r->req.cmd)) {
371 bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH);
372 r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_do_read, r);
379 * scsi_handle_rw_error has two return values. 0 means that the error
380 * must be ignored, 1 means that the error has been processed and the
381 * caller should not do anything else for this request. Note that
382 * scsi_handle_rw_error always manages its reference counts, independent
383 * of the return value.
385 static int scsi_handle_rw_error(SCSIDiskReq *r, int error)
387 bool is_read = (r->req.cmd.xfer == SCSI_XFER_FROM_DEV);
388 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
389 BlockErrorAction action = bdrv_get_error_action(s->qdev.conf.bs, is_read, error);
391 if (action == BDRV_ACTION_REPORT) {
394 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
397 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
400 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
403 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
407 bdrv_error_action(s->qdev.conf.bs, action, is_read, error);
408 if (action == BDRV_ACTION_STOP) {
409 scsi_req_retry(&r->req);
411 return action != BDRV_ACTION_IGNORE;
414 static void scsi_write_complete(void * opaque, int ret)
416 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
417 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
420 if (r->req.aiocb != NULL) {
422 bdrv_acct_done(s->qdev.conf.bs, &r->acct);
426 if (scsi_handle_rw_error(r, -ret)) {
431 n = r->qiov.size / 512;
433 r->sector_count -= n;
434 if (r->sector_count == 0) {
435 scsi_write_do_fua(r);
438 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
439 DPRINTF("Write complete tag=0x%x more=%zd\n", r->req.tag, r->qiov.size);
440 scsi_req_data(&r->req, r->qiov.size);
444 if (!r->req.io_canceled) {
445 scsi_req_unref(&r->req);
449 static void scsi_write_data(SCSIRequest *req)
451 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
452 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
455 /* No data transfer may already be in progress */
456 assert(r->req.aiocb == NULL);
458 /* The request is used as the AIO opaque value, so add a ref. */
459 scsi_req_ref(&r->req);
460 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
461 DPRINTF("Data transfer direction invalid\n");
462 scsi_write_complete(r, -EINVAL);
466 if (!r->req.sg && !r->qiov.size) {
467 /* Called for the first time. Ask the driver to send us more data. */
469 scsi_write_complete(r, 0);
473 scsi_write_complete(r, -ENOMEDIUM);
477 if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 ||
478 r->req.cmd.buf[0] == VERIFY_16) {
480 scsi_dma_complete(r, 0);
482 scsi_write_complete(r, 0);
488 dma_acct_start(s->qdev.conf.bs, &r->acct, r->req.sg, BDRV_ACCT_WRITE);
489 r->req.resid -= r->req.sg->size;
490 r->req.aiocb = dma_bdrv_write(s->qdev.conf.bs, r->req.sg, r->sector,
491 scsi_dma_complete, r);
493 n = r->qiov.size / 512;
494 bdrv_acct_start(s->qdev.conf.bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_WRITE);
495 r->req.aiocb = bdrv_aio_writev(s->qdev.conf.bs, r->sector, &r->qiov, n,
496 scsi_write_complete, r);
500 /* Return a pointer to the data buffer. */
501 static uint8_t *scsi_get_buf(SCSIRequest *req)
503 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
505 return (uint8_t *)r->iov.iov_base;
508 static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
510 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
514 if (req->cmd.buf[1] & 0x1) {
515 /* Vital product data */
516 uint8_t page_code = req->cmd.buf[2];
518 outbuf[buflen++] = s->qdev.type & 0x1f;
519 outbuf[buflen++] = page_code ; // this page
520 outbuf[buflen++] = 0x00;
521 outbuf[buflen++] = 0x00;
525 case 0x00: /* Supported page codes, mandatory */
527 DPRINTF("Inquiry EVPD[Supported pages] "
528 "buffer size %zd\n", req->cmd.xfer);
529 outbuf[buflen++] = 0x00; // list of supported pages (this page)
531 outbuf[buflen++] = 0x80; // unit serial number
533 outbuf[buflen++] = 0x83; // device identification
534 if (s->qdev.type == TYPE_DISK) {
535 outbuf[buflen++] = 0xb0; // block limits
536 outbuf[buflen++] = 0xb2; // thin provisioning
540 case 0x80: /* Device serial number, optional */
545 DPRINTF("Inquiry (EVPD[Serial number] not supported\n");
549 l = strlen(s->serial);
554 DPRINTF("Inquiry EVPD[Serial number] "
555 "buffer size %zd\n", req->cmd.xfer);
556 memcpy(outbuf+buflen, s->serial, l);
561 case 0x83: /* Device identification page, mandatory */
563 const char *str = s->serial ?: bdrv_get_device_name(s->qdev.conf.bs);
564 int max_len = s->serial ? 20 : 255 - 8;
565 int id_len = strlen(str);
567 if (id_len > max_len) {
570 DPRINTF("Inquiry EVPD[Device identification] "
571 "buffer size %zd\n", req->cmd.xfer);
573 outbuf[buflen++] = 0x2; // ASCII
574 outbuf[buflen++] = 0; // not officially assigned
575 outbuf[buflen++] = 0; // reserved
576 outbuf[buflen++] = id_len; // length of data following
577 memcpy(outbuf+buflen, str, id_len);
581 outbuf[buflen++] = 0x1; // Binary
582 outbuf[buflen++] = 0x3; // NAA
583 outbuf[buflen++] = 0; // reserved
584 outbuf[buflen++] = 8;
585 stq_be_p(&outbuf[buflen], s->wwn);
590 case 0xb0: /* block limits */
592 unsigned int unmap_sectors =
593 s->qdev.conf.discard_granularity / s->qdev.blocksize;
594 unsigned int min_io_size =
595 s->qdev.conf.min_io_size / s->qdev.blocksize;
596 unsigned int opt_io_size =
597 s->qdev.conf.opt_io_size / s->qdev.blocksize;
599 if (s->qdev.type == TYPE_ROM) {
600 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
604 /* required VPD size with unmap support */
606 memset(outbuf + 4, 0, buflen - 4);
608 /* optimal transfer length granularity */
609 outbuf[6] = (min_io_size >> 8) & 0xff;
610 outbuf[7] = min_io_size & 0xff;
612 /* optimal transfer length */
613 outbuf[12] = (opt_io_size >> 24) & 0xff;
614 outbuf[13] = (opt_io_size >> 16) & 0xff;
615 outbuf[14] = (opt_io_size >> 8) & 0xff;
616 outbuf[15] = opt_io_size & 0xff;
618 /* optimal unmap granularity */
619 outbuf[28] = (unmap_sectors >> 24) & 0xff;
620 outbuf[29] = (unmap_sectors >> 16) & 0xff;
621 outbuf[30] = (unmap_sectors >> 8) & 0xff;
622 outbuf[31] = unmap_sectors & 0xff;
625 case 0xb2: /* thin provisioning */
629 outbuf[5] = 0xe0; /* unmap & write_same 10/16 all supported */
630 outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1;
638 assert(buflen - start <= 255);
639 outbuf[start - 1] = buflen - start;
643 /* Standard INQUIRY data */
644 if (req->cmd.buf[2] != 0) {
649 buflen = req->cmd.xfer;
650 if (buflen > SCSI_MAX_INQUIRY_LEN) {
651 buflen = SCSI_MAX_INQUIRY_LEN;
654 outbuf[0] = s->qdev.type & 0x1f;
655 outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0;
657 strpadcpy((char *) &outbuf[16], 16, s->product, ' ');
658 strpadcpy((char *) &outbuf[8], 8, s->vendor, ' ');
660 memset(&outbuf[32], 0, 4);
661 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
663 * We claim conformance to SPC-3, which is required for guests
664 * to ask for modern features like READ CAPACITY(16) or the
665 * block characteristics VPD page by default. Not all of SPC-3
666 * is actually implemented, but we're good enough.
669 outbuf[3] = 2 | 0x10; /* Format 2, HiSup */
672 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
674 /* If the allocation length of CDB is too small,
675 the additional length is not adjusted */
679 /* Sync data transfer and TCQ. */
680 outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0);
684 static inline bool media_is_dvd(SCSIDiskState *s)
687 if (s->qdev.type != TYPE_ROM) {
690 if (!bdrv_is_inserted(s->qdev.conf.bs)) {
693 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
694 return nb_sectors > CD_MAX_SECTORS;
697 static inline bool media_is_cd(SCSIDiskState *s)
700 if (s->qdev.type != TYPE_ROM) {
703 if (!bdrv_is_inserted(s->qdev.conf.bs)) {
706 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
707 return nb_sectors <= CD_MAX_SECTORS;
710 static int scsi_read_disc_information(SCSIDiskState *s, SCSIDiskReq *r,
713 uint8_t type = r->req.cmd.buf[1] & 7;
715 if (s->qdev.type != TYPE_ROM) {
719 /* Types 1/2 are only defined for Blu-Ray. */
721 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
725 memset(outbuf, 0, 34);
727 outbuf[2] = 0xe; /* last session complete, disc finalized */
728 outbuf[3] = 1; /* first track on disc */
729 outbuf[4] = 1; /* # of sessions */
730 outbuf[5] = 1; /* first track of last session */
731 outbuf[6] = 1; /* last track of last session */
732 outbuf[7] = 0x20; /* unrestricted use */
733 outbuf[8] = 0x00; /* CD-ROM or DVD-ROM */
734 /* 9-10-11: most significant byte corresponding bytes 4-5-6 */
735 /* 12-23: not meaningful for CD-ROM or DVD-ROM */
736 /* 24-31: disc bar code */
737 /* 32: disc application code */
738 /* 33: number of OPC tables */
743 static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r,
746 static const int rds_caps_size[5] = {
753 uint8_t media = r->req.cmd.buf[1];
754 uint8_t layer = r->req.cmd.buf[6];
755 uint8_t format = r->req.cmd.buf[7];
758 if (s->qdev.type != TYPE_ROM) {
762 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
766 if (format != 0xff) {
767 if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) {
768 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
771 if (media_is_cd(s)) {
772 scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT));
775 if (format >= ARRAY_SIZE(rds_caps_size)) {
778 size = rds_caps_size[format];
779 memset(outbuf, 0, size);
784 /* Physical format information */
789 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
791 outbuf[4] = 1; /* DVD-ROM, part version 1 */
792 outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
793 outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
794 outbuf[7] = 0; /* default densities */
796 stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */
797 stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */
801 case 0x01: /* DVD copyright information, all zeros */
804 case 0x03: /* BCA information - invalid field for no BCA info */
807 case 0x04: /* DVD disc manufacturing information, all zeros */
810 case 0xff: { /* List capabilities */
813 for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) {
814 if (!rds_caps_size[i]) {
818 outbuf[size + 1] = 0x40; /* Not writable, readable */
819 stw_be_p(&outbuf[size + 2], rds_caps_size[i]);
829 /* Size of buffer, not including 2 byte size field */
830 stw_be_p(outbuf, size - 2);
837 static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf)
839 uint8_t event_code, media_status;
843 media_status = MS_TRAY_OPEN;
844 } else if (bdrv_is_inserted(s->qdev.conf.bs)) {
845 media_status = MS_MEDIA_PRESENT;
848 /* Event notification descriptor */
849 event_code = MEC_NO_CHANGE;
850 if (media_status != MS_TRAY_OPEN) {
851 if (s->media_event) {
852 event_code = MEC_NEW_MEDIA;
853 s->media_event = false;
854 } else if (s->eject_request) {
855 event_code = MEC_EJECT_REQUESTED;
856 s->eject_request = false;
860 outbuf[0] = event_code;
861 outbuf[1] = media_status;
863 /* These fields are reserved, just clear them. */
869 static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r,
873 uint8_t *buf = r->req.cmd.buf;
874 uint8_t notification_class_request = buf[4];
875 if (s->qdev.type != TYPE_ROM) {
878 if ((buf[1] & 1) == 0) {
884 outbuf[0] = outbuf[1] = 0;
885 outbuf[3] = 1 << GESN_MEDIA; /* supported events */
886 if (notification_class_request & (1 << GESN_MEDIA)) {
887 outbuf[2] = GESN_MEDIA;
888 size += scsi_event_status_media(s, &outbuf[size]);
892 stw_be_p(outbuf, size - 4);
896 static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf)
900 if (s->qdev.type != TYPE_ROM) {
903 current = media_is_dvd(s) ? MMC_PROFILE_DVD_ROM : MMC_PROFILE_CD_ROM;
904 memset(outbuf, 0, 40);
905 stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */
906 stw_be_p(&outbuf[6], current);
907 /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */
908 outbuf[10] = 0x03; /* persistent, current */
909 outbuf[11] = 8; /* two profiles */
910 stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM);
911 outbuf[14] = (current == MMC_PROFILE_DVD_ROM);
912 stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM);
913 outbuf[18] = (current == MMC_PROFILE_CD_ROM);
914 /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */
915 stw_be_p(&outbuf[20], 1);
916 outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */
918 stl_be_p(&outbuf[24], 1); /* SCSI */
919 outbuf[28] = 1; /* DBE = 1, mandatory */
920 /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */
921 stw_be_p(&outbuf[32], 3);
922 outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */
924 outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */
925 /* TODO: Random readable, CD read, DVD read, drive serial number,
930 static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf)
932 if (s->qdev.type != TYPE_ROM) {
935 memset(outbuf, 0, 8);
936 outbuf[5] = 1; /* CD-ROM */
940 static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
943 static const int mode_sense_valid[0x3f] = {
944 [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK),
945 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK),
946 [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
947 [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
948 [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM),
949 [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM),
952 uint8_t *p = *p_outbuf + 2;
955 if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) {
960 * If Changeable Values are requested, a mask denoting those mode parameters
961 * that are changeable shall be returned. As we currently don't support
962 * parameter changes via MODE_SELECT all bits are returned set to zero.
963 * The buffer was already menset to zero by the caller of this function.
965 * The offsets here are off by two compared to the descriptions in the
966 * SCSI specs, because those include a 2-byte header. This is unfortunate,
967 * but it is done so that offsets are consistent within our implementation
968 * of MODE SENSE and MODE SELECT. MODE SELECT has to deal with both
969 * 2-byte and 4-byte headers.
972 case MODE_PAGE_HD_GEOMETRY:
974 if (page_control == 1) { /* Changeable Values */
977 /* if a geometry hint is available, use it */
978 p[0] = (s->qdev.conf.cyls >> 16) & 0xff;
979 p[1] = (s->qdev.conf.cyls >> 8) & 0xff;
980 p[2] = s->qdev.conf.cyls & 0xff;
981 p[3] = s->qdev.conf.heads & 0xff;
982 /* Write precomp start cylinder, disabled */
983 p[4] = (s->qdev.conf.cyls >> 16) & 0xff;
984 p[5] = (s->qdev.conf.cyls >> 8) & 0xff;
985 p[6] = s->qdev.conf.cyls & 0xff;
986 /* Reduced current start cylinder, disabled */
987 p[7] = (s->qdev.conf.cyls >> 16) & 0xff;
988 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
989 p[9] = s->qdev.conf.cyls & 0xff;
990 /* Device step rate [ns], 200ns */
993 /* Landing zone cylinder */
997 /* Medium rotation rate [rpm], 5400 rpm */
998 p[18] = (5400 >> 8) & 0xff;
1002 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY:
1004 if (page_control == 1) { /* Changeable Values */
1007 /* Transfer rate [kbit/s], 5Mbit/s */
1010 /* if a geometry hint is available, use it */
1011 p[2] = s->qdev.conf.heads & 0xff;
1012 p[3] = s->qdev.conf.secs & 0xff;
1013 p[4] = s->qdev.blocksize >> 8;
1014 p[6] = (s->qdev.conf.cyls >> 8) & 0xff;
1015 p[7] = s->qdev.conf.cyls & 0xff;
1016 /* Write precomp start cylinder, disabled */
1017 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1018 p[9] = s->qdev.conf.cyls & 0xff;
1019 /* Reduced current start cylinder, disabled */
1020 p[10] = (s->qdev.conf.cyls >> 8) & 0xff;
1021 p[11] = s->qdev.conf.cyls & 0xff;
1022 /* Device step rate [100us], 100us */
1025 /* Device step pulse width [us], 1us */
1027 /* Device head settle delay [100us], 100us */
1030 /* Motor on delay [0.1s], 0.1s */
1032 /* Motor off delay [0.1s], 0.1s */
1034 /* Medium rotation rate [rpm], 5400 rpm */
1035 p[26] = (5400 >> 8) & 0xff;
1036 p[27] = 5400 & 0xff;
1039 case MODE_PAGE_CACHING:
1041 if (page_control == 1 || /* Changeable Values */
1042 bdrv_enable_write_cache(s->qdev.conf.bs)) {
1047 case MODE_PAGE_R_W_ERROR:
1049 if (page_control == 1) { /* Changeable Values */
1052 p[0] = 0x80; /* Automatic Write Reallocation Enabled */
1053 if (s->qdev.type == TYPE_ROM) {
1054 p[1] = 0x20; /* Read Retry Count */
1058 case MODE_PAGE_AUDIO_CTL:
1062 case MODE_PAGE_CAPABILITIES:
1064 if (page_control == 1) { /* Changeable Values */
1068 p[0] = 0x3b; /* CD-R & CD-RW read */
1069 p[1] = 0; /* Writing not supported */
1070 p[2] = 0x7f; /* Audio, composite, digital out,
1071 mode 2 form 1&2, multi session */
1072 p[3] = 0xff; /* CD DA, DA accurate, RW supported,
1073 RW corrected, C2 errors, ISRC,
1075 p[4] = 0x2d | (s->tray_locked ? 2 : 0);
1076 /* Locking supported, jumper present, eject, tray */
1077 p[5] = 0; /* no volume & mute control, no
1079 p[6] = (50 * 176) >> 8; /* 50x read speed */
1080 p[7] = (50 * 176) & 0xff;
1081 p[8] = 2 >> 8; /* Two volume levels */
1083 p[10] = 2048 >> 8; /* 2M buffer */
1084 p[11] = 2048 & 0xff;
1085 p[12] = (16 * 176) >> 8; /* 16x read speed current */
1086 p[13] = (16 * 176) & 0xff;
1087 p[16] = (16 * 176) >> 8; /* 16x write speed */
1088 p[17] = (16 * 176) & 0xff;
1089 p[18] = (16 * 176) >> 8; /* 16x write speed current */
1090 p[19] = (16 * 176) & 0xff;
1097 assert(length < 256);
1098 (*p_outbuf)[0] = page;
1099 (*p_outbuf)[1] = length;
1100 *p_outbuf += length + 2;
1104 static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
1106 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1107 uint64_t nb_sectors;
1109 int page, buflen, ret, page_control;
1111 uint8_t dev_specific_param;
1113 dbd = (r->req.cmd.buf[1] & 0x8) != 0;
1114 page = r->req.cmd.buf[2] & 0x3f;
1115 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
1116 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
1117 (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control);
1118 memset(outbuf, 0, r->req.cmd.xfer);
1121 if (s->qdev.type == TYPE_DISK) {
1122 dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0;
1123 if (bdrv_is_read_only(s->qdev.conf.bs)) {
1124 dev_specific_param |= 0x80; /* Readonly. */
1127 /* MMC prescribes that CD/DVD drives have no block descriptors,
1128 * and defines no device-specific parameter. */
1129 dev_specific_param = 0x00;
1133 if (r->req.cmd.buf[0] == MODE_SENSE) {
1134 p[1] = 0; /* Default media type. */
1135 p[2] = dev_specific_param;
1136 p[3] = 0; /* Block descriptor length. */
1138 } else { /* MODE_SENSE_10 */
1139 p[2] = 0; /* Default media type. */
1140 p[3] = dev_specific_param;
1141 p[6] = p[7] = 0; /* Block descriptor length. */
1145 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1146 if (!dbd && nb_sectors) {
1147 if (r->req.cmd.buf[0] == MODE_SENSE) {
1148 outbuf[3] = 8; /* Block descriptor length */
1149 } else { /* MODE_SENSE_10 */
1150 outbuf[7] = 8; /* Block descriptor length */
1152 nb_sectors /= (s->qdev.blocksize / 512);
1153 if (nb_sectors > 0xffffff) {
1156 p[0] = 0; /* media density code */
1157 p[1] = (nb_sectors >> 16) & 0xff;
1158 p[2] = (nb_sectors >> 8) & 0xff;
1159 p[3] = nb_sectors & 0xff;
1160 p[4] = 0; /* reserved */
1161 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
1162 p[6] = s->qdev.blocksize >> 8;
1167 if (page_control == 3) {
1169 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
1174 for (page = 0; page <= 0x3e; page++) {
1175 mode_sense_page(s, page, &p, page_control);
1178 ret = mode_sense_page(s, page, &p, page_control);
1184 buflen = p - outbuf;
1186 * The mode data length field specifies the length in bytes of the
1187 * following data that is available to be transferred. The mode data
1188 * length does not include itself.
1190 if (r->req.cmd.buf[0] == MODE_SENSE) {
1191 outbuf[0] = buflen - 1;
1192 } else { /* MODE_SENSE_10 */
1193 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
1194 outbuf[1] = (buflen - 2) & 0xff;
1199 static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
1201 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1202 int start_track, format, msf, toclen;
1203 uint64_t nb_sectors;
1205 msf = req->cmd.buf[1] & 2;
1206 format = req->cmd.buf[2] & 0xf;
1207 start_track = req->cmd.buf[6];
1208 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1209 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
1210 nb_sectors /= s->qdev.blocksize / 512;
1213 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
1216 /* multi session : only a single session defined */
1218 memset(outbuf, 0, 12);
1224 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
1232 static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
1234 SCSIRequest *req = &r->req;
1235 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1236 bool start = req->cmd.buf[4] & 1;
1237 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
1238 int pwrcnd = req->cmd.buf[4] & 0xf0;
1241 /* eject/load only happens for power condition == 0 */
1245 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) && loej) {
1246 if (!start && !s->tray_open && s->tray_locked) {
1247 scsi_check_condition(r,
1248 bdrv_is_inserted(s->qdev.conf.bs)
1249 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
1250 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
1254 if (s->tray_open != !start) {
1255 bdrv_eject(s->qdev.conf.bs, !start);
1256 s->tray_open = !start;
1262 static void scsi_disk_emulate_read_data(SCSIRequest *req)
1264 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1265 int buflen = r->iov.iov_len;
1268 DPRINTF("Read buf_len=%d\n", buflen);
1271 scsi_req_data(&r->req, buflen);
1275 /* This also clears the sense buffer for REQUEST SENSE. */
1276 scsi_req_complete(&r->req, GOOD);
1279 static int scsi_disk_check_mode_select(SCSIDiskState *s, int page,
1280 uint8_t *inbuf, int inlen)
1282 uint8_t mode_current[SCSI_MAX_MODE_LEN];
1283 uint8_t mode_changeable[SCSI_MAX_MODE_LEN];
1285 int len, expected_len, changeable_len, i;
1287 /* The input buffer does not include the page header, so it is
1290 expected_len = inlen + 2;
1291 if (expected_len > SCSI_MAX_MODE_LEN) {
1296 memset(mode_current, 0, inlen + 2);
1297 len = mode_sense_page(s, page, &p, 0);
1298 if (len < 0 || len != expected_len) {
1302 p = mode_changeable;
1303 memset(mode_changeable, 0, inlen + 2);
1304 changeable_len = mode_sense_page(s, page, &p, 1);
1305 assert(changeable_len == len);
1307 /* Check that unchangeable bits are the same as what MODE SENSE
1310 for (i = 2; i < len; i++) {
1311 if (((mode_current[i] ^ inbuf[i - 2]) & ~mode_changeable[i]) != 0) {
1318 static void scsi_disk_apply_mode_select(SCSIDiskState *s, int page, uint8_t *p)
1321 case MODE_PAGE_CACHING:
1322 bdrv_set_enable_write_cache(s->qdev.conf.bs, (p[0] & 4) != 0);
1330 static int mode_select_pages(SCSIDiskReq *r, uint8_t *p, int len, bool change)
1332 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1335 int page, subpage, page_len;
1337 /* Parse both possible formats for the mode page headers. */
1341 goto invalid_param_len;
1344 page_len = lduw_be_p(&p[2]);
1349 goto invalid_param_len;
1360 if (page_len > len) {
1361 goto invalid_param_len;
1365 if (scsi_disk_check_mode_select(s, page, p, page_len) < 0) {
1369 scsi_disk_apply_mode_select(s, page, p);
1378 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1382 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1386 static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf)
1388 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1390 int cmd = r->req.cmd.buf[0];
1391 int len = r->req.cmd.xfer;
1392 int hdr_len = (cmd == MODE_SELECT ? 4 : 8);
1396 /* We only support PF=1, SP=0. */
1397 if ((r->req.cmd.buf[1] & 0x11) != 0x10) {
1401 if (len < hdr_len) {
1402 goto invalid_param_len;
1405 bd_len = (cmd == MODE_SELECT ? p[3] : lduw_be_p(&p[6]));
1409 goto invalid_param_len;
1411 if (bd_len != 0 && bd_len != 8) {
1418 /* Ensure no change is made if there is an error! */
1419 for (pass = 0; pass < 2; pass++) {
1420 if (mode_select_pages(r, p, len, pass == 1) < 0) {
1425 if (!bdrv_enable_write_cache(s->qdev.conf.bs)) {
1426 /* The request is used as the AIO opaque value, so add a ref. */
1427 scsi_req_ref(&r->req);
1428 bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH);
1429 r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_aio_complete, r);
1433 scsi_req_complete(&r->req, GOOD);
1437 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1441 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1445 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1448 static inline bool check_lba_range(SCSIDiskState *s,
1449 uint64_t sector_num, uint32_t nb_sectors)
1452 * The first line tests that no overflow happens when computing the last
1453 * sector. The second line tests that the last accessed sector is in
1456 * Careful, the computations should not underflow for nb_sectors == 0,
1457 * and a 0-block read to the first LBA beyond the end of device is
1460 return (sector_num <= sector_num + nb_sectors &&
1461 sector_num + nb_sectors <= s->qdev.max_lba + 1);
1464 typedef struct UnmapCBData {
1470 static void scsi_unmap_complete(void *opaque, int ret)
1472 UnmapCBData *data = opaque;
1473 SCSIDiskReq *r = data->r;
1474 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1475 uint64_t sector_num;
1476 uint32_t nb_sectors;
1478 r->req.aiocb = NULL;
1480 if (scsi_handle_rw_error(r, -ret)) {
1485 if (data->count > 0 && !r->req.io_canceled) {
1486 sector_num = ldq_be_p(&data->inbuf[0]);
1487 nb_sectors = ldl_be_p(&data->inbuf[8]) & 0xffffffffULL;
1488 if (!check_lba_range(s, sector_num, nb_sectors)) {
1489 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1493 r->req.aiocb = bdrv_aio_discard(s->qdev.conf.bs,
1494 sector_num * (s->qdev.blocksize / 512),
1495 nb_sectors * (s->qdev.blocksize / 512),
1496 scsi_unmap_complete, data);
1503 if (data->count == 0) {
1504 scsi_req_complete(&r->req, GOOD);
1506 if (!r->req.io_canceled) {
1507 scsi_req_unref(&r->req);
1512 static void scsi_disk_emulate_unmap(SCSIDiskReq *r, uint8_t *inbuf)
1515 int len = r->req.cmd.xfer;
1519 goto invalid_param_len;
1521 if (len < lduw_be_p(&p[0]) + 2) {
1522 goto invalid_param_len;
1524 if (len < lduw_be_p(&p[2]) + 8) {
1525 goto invalid_param_len;
1527 if (lduw_be_p(&p[2]) & 15) {
1528 goto invalid_param_len;
1531 data = g_new0(UnmapCBData, 1);
1533 data->inbuf = &p[8];
1534 data->count = lduw_be_p(&p[2]) >> 4;
1536 /* The matching unref is in scsi_unmap_complete, before data is freed. */
1537 scsi_req_ref(&r->req);
1538 scsi_unmap_complete(data, 0);
1542 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1545 static void scsi_disk_emulate_write_data(SCSIRequest *req)
1547 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1549 if (r->iov.iov_len) {
1550 int buflen = r->iov.iov_len;
1551 DPRINTF("Write buf_len=%d\n", buflen);
1553 scsi_req_data(&r->req, buflen);
1557 switch (req->cmd.buf[0]) {
1559 case MODE_SELECT_10:
1560 /* This also clears the sense buffer for REQUEST SENSE. */
1561 scsi_disk_emulate_mode_select(r, r->iov.iov_base);
1565 scsi_disk_emulate_unmap(r, r->iov.iov_base);
1573 static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
1575 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1576 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1577 uint64_t nb_sectors;
1581 switch (req->cmd.buf[0]) {
1590 case ALLOW_MEDIUM_REMOVAL:
1591 case GET_CONFIGURATION:
1592 case GET_EVENT_STATUS_NOTIFICATION:
1593 case MECHANISM_STATUS:
1598 if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) {
1599 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1606 * FIXME: we shouldn't return anything bigger than 4k, but the code
1607 * requires the buffer to be as big as req->cmd.xfer in several
1608 * places. So, do not allow CDBs with a very large ALLOCATION
1609 * LENGTH. The real fix would be to modify scsi_read_data and
1610 * dma_buf_read, so that they return data beyond the buflen
1613 if (req->cmd.xfer > 65536) {
1614 goto illegal_request;
1616 r->buflen = MAX(4096, req->cmd.xfer);
1618 if (!r->iov.iov_base) {
1619 r->iov.iov_base = qemu_blockalign(s->qdev.conf.bs, r->buflen);
1622 buflen = req->cmd.xfer;
1623 outbuf = r->iov.iov_base;
1624 memset(outbuf, 0, r->buflen);
1625 switch (req->cmd.buf[0]) {
1626 case TEST_UNIT_READY:
1627 assert(!s->tray_open && bdrv_is_inserted(s->qdev.conf.bs));
1630 buflen = scsi_disk_emulate_inquiry(req, outbuf);
1632 goto illegal_request;
1637 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
1639 goto illegal_request;
1643 buflen = scsi_disk_emulate_read_toc(req, outbuf);
1645 goto illegal_request;
1649 if (req->cmd.buf[1] & 1) {
1650 goto illegal_request;
1654 if (req->cmd.buf[1] & 3) {
1655 goto illegal_request;
1659 if (req->cmd.buf[1] & 1) {
1660 goto illegal_request;
1664 if (req->cmd.buf[1] & 3) {
1665 goto illegal_request;
1669 if (scsi_disk_emulate_start_stop(r) < 0) {
1673 case ALLOW_MEDIUM_REMOVAL:
1674 s->tray_locked = req->cmd.buf[4] & 1;
1675 bdrv_lock_medium(s->qdev.conf.bs, req->cmd.buf[4] & 1);
1677 case READ_CAPACITY_10:
1678 /* The normal LEN field for this command is zero. */
1679 memset(outbuf, 0, 8);
1680 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1682 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
1685 if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) {
1686 goto illegal_request;
1688 nb_sectors /= s->qdev.blocksize / 512;
1689 /* Returned value is the address of the last sector. */
1691 /* Remember the new size for read/write sanity checking. */
1692 s->qdev.max_lba = nb_sectors;
1693 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
1694 if (nb_sectors > UINT32_MAX) {
1695 nb_sectors = UINT32_MAX;
1697 outbuf[0] = (nb_sectors >> 24) & 0xff;
1698 outbuf[1] = (nb_sectors >> 16) & 0xff;
1699 outbuf[2] = (nb_sectors >> 8) & 0xff;
1700 outbuf[3] = nb_sectors & 0xff;
1703 outbuf[6] = s->qdev.blocksize >> 8;
1707 /* Just return "NO SENSE". */
1708 buflen = scsi_build_sense(NULL, 0, outbuf, r->buflen,
1709 (req->cmd.buf[1] & 1) == 0);
1711 goto illegal_request;
1714 case MECHANISM_STATUS:
1715 buflen = scsi_emulate_mechanism_status(s, outbuf);
1717 goto illegal_request;
1720 case GET_CONFIGURATION:
1721 buflen = scsi_get_configuration(s, outbuf);
1723 goto illegal_request;
1726 case GET_EVENT_STATUS_NOTIFICATION:
1727 buflen = scsi_get_event_status_notification(s, r, outbuf);
1729 goto illegal_request;
1732 case READ_DISC_INFORMATION:
1733 buflen = scsi_read_disc_information(s, r, outbuf);
1735 goto illegal_request;
1738 case READ_DVD_STRUCTURE:
1739 buflen = scsi_read_dvd_structure(s, r, outbuf);
1741 goto illegal_request;
1744 case SERVICE_ACTION_IN_16:
1745 /* Service Action In subcommands. */
1746 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
1747 DPRINTF("SAI READ CAPACITY(16)\n");
1748 memset(outbuf, 0, req->cmd.xfer);
1749 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1751 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
1754 if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) {
1755 goto illegal_request;
1757 nb_sectors /= s->qdev.blocksize / 512;
1758 /* Returned value is the address of the last sector. */
1760 /* Remember the new size for read/write sanity checking. */
1761 s->qdev.max_lba = nb_sectors;
1762 outbuf[0] = (nb_sectors >> 56) & 0xff;
1763 outbuf[1] = (nb_sectors >> 48) & 0xff;
1764 outbuf[2] = (nb_sectors >> 40) & 0xff;
1765 outbuf[3] = (nb_sectors >> 32) & 0xff;
1766 outbuf[4] = (nb_sectors >> 24) & 0xff;
1767 outbuf[5] = (nb_sectors >> 16) & 0xff;
1768 outbuf[6] = (nb_sectors >> 8) & 0xff;
1769 outbuf[7] = nb_sectors & 0xff;
1772 outbuf[10] = s->qdev.blocksize >> 8;
1775 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
1777 /* set TPE bit if the format supports discard */
1778 if (s->qdev.conf.discard_granularity) {
1782 /* Protection, exponent and lowest lba field left blank. */
1785 DPRINTF("Unsupported Service Action In\n");
1786 goto illegal_request;
1787 case SYNCHRONIZE_CACHE:
1788 /* The request is used as the AIO opaque value, so add a ref. */
1789 scsi_req_ref(&r->req);
1790 bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH);
1791 r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_aio_complete, r);
1794 DPRINTF("Seek(10) (sector %" PRId64 ")\n", r->req.cmd.lba);
1795 if (r->req.cmd.lba > s->qdev.max_lba) {
1800 DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
1802 case MODE_SELECT_10:
1803 DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
1806 DPRINTF("Unmap (len %lu)\n", (long)r->req.cmd.xfer);
1810 nb_sectors = scsi_data_cdb_length(r->req.cmd.buf);
1811 if (bdrv_is_read_only(s->qdev.conf.bs)) {
1812 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1815 if (!check_lba_range(s, r->req.cmd.lba, nb_sectors)) {
1820 * We only support WRITE SAME with the unmap bit set for now.
1822 if (!(req->cmd.buf[1] & 0x8)) {
1823 goto illegal_request;
1826 /* The request is used as the AIO opaque value, so add a ref. */
1827 scsi_req_ref(&r->req);
1828 r->req.aiocb = bdrv_aio_discard(s->qdev.conf.bs,
1829 r->req.cmd.lba * (s->qdev.blocksize / 512),
1830 nb_sectors * (s->qdev.blocksize / 512),
1831 scsi_aio_complete, r);
1834 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
1835 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
1838 assert(!r->req.aiocb);
1839 r->iov.iov_len = MIN(r->buflen, req->cmd.xfer);
1840 if (r->iov.iov_len == 0) {
1841 scsi_req_complete(&r->req, GOOD);
1843 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
1844 assert(r->iov.iov_len == req->cmd.xfer);
1845 return -r->iov.iov_len;
1847 return r->iov.iov_len;
1851 if (r->req.status == -1) {
1852 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1857 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1861 /* Execute a scsi command. Returns the length of the data expected by the
1862 command. This will be Positive for data transfers from the device
1863 (eg. disk reads), negative for transfers to the device (eg. disk writes),
1864 and zero if the command does not transfer any data. */
1866 static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf)
1868 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1869 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1875 if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) {
1876 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1880 len = scsi_data_cdb_length(r->req.cmd.buf);
1886 DPRINTF("Read (sector %" PRId64 ", count %u)\n", r->req.cmd.lba, len);
1887 if (r->req.cmd.buf[1] & 0xe0) {
1888 goto illegal_request;
1890 if (!check_lba_range(s, r->req.cmd.lba, len)) {
1893 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
1894 r->sector_count = len * (s->qdev.blocksize / 512);
1900 case WRITE_VERIFY_10:
1901 case WRITE_VERIFY_12:
1902 case WRITE_VERIFY_16:
1903 if (bdrv_is_read_only(s->qdev.conf.bs)) {
1904 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1911 DPRINTF("Write %s(sector %" PRId64 ", count %u)\n",
1912 (command & 0xe) == 0xe ? "And Verify " : "",
1913 r->req.cmd.lba, len);
1914 if (r->req.cmd.buf[1] & 0xe0) {
1915 goto illegal_request;
1917 if (!check_lba_range(s, r->req.cmd.lba, len)) {
1920 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
1921 r->sector_count = len * (s->qdev.blocksize / 512);
1926 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1929 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1932 if (r->sector_count == 0) {
1933 scsi_req_complete(&r->req, GOOD);
1935 assert(r->iov.iov_len == 0);
1936 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
1937 return -r->sector_count * 512;
1939 return r->sector_count * 512;
1943 static void scsi_disk_reset(DeviceState *dev)
1945 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
1946 uint64_t nb_sectors;
1948 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
1950 bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
1951 nb_sectors /= s->qdev.blocksize / 512;
1955 s->qdev.max_lba = nb_sectors;
1958 static void scsi_destroy(SCSIDevice *dev)
1960 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
1962 scsi_device_purge_requests(&s->qdev, SENSE_CODE(NO_SENSE));
1963 blockdev_mark_auto_del(s->qdev.conf.bs);
1966 static void scsi_disk_resize_cb(void *opaque)
1968 SCSIDiskState *s = opaque;
1970 /* SPC lists this sense code as available only for
1971 * direct-access devices.
1973 if (s->qdev.type == TYPE_DISK) {
1974 scsi_device_report_change(&s->qdev, SENSE_CODE(CAPACITY_CHANGED));
1978 static void scsi_cd_change_media_cb(void *opaque, bool load)
1980 SCSIDiskState *s = opaque;
1983 * When a CD gets changed, we have to report an ejected state and
1984 * then a loaded state to guests so that they detect tray
1985 * open/close and media change events. Guests that do not use
1986 * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close
1987 * states rely on this behavior.
1989 * media_changed governs the state machine used for unit attention
1990 * report. media_event is used by GET EVENT STATUS NOTIFICATION.
1992 s->media_changed = load;
1993 s->tray_open = !load;
1994 scsi_device_set_ua(&s->qdev, SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM));
1995 s->media_event = true;
1996 s->eject_request = false;
1999 static void scsi_cd_eject_request_cb(void *opaque, bool force)
2001 SCSIDiskState *s = opaque;
2003 s->eject_request = true;
2005 s->tray_locked = false;
2009 static bool scsi_cd_is_tray_open(void *opaque)
2011 return ((SCSIDiskState *)opaque)->tray_open;
2014 static bool scsi_cd_is_medium_locked(void *opaque)
2016 return ((SCSIDiskState *)opaque)->tray_locked;
2019 static const BlockDevOps scsi_disk_removable_block_ops = {
2020 .change_media_cb = scsi_cd_change_media_cb,
2021 .eject_request_cb = scsi_cd_eject_request_cb,
2022 .is_tray_open = scsi_cd_is_tray_open,
2023 .is_medium_locked = scsi_cd_is_medium_locked,
2025 .resize_cb = scsi_disk_resize_cb,
2028 static const BlockDevOps scsi_disk_block_ops = {
2029 .resize_cb = scsi_disk_resize_cb,
2032 static void scsi_disk_unit_attention_reported(SCSIDevice *dev)
2034 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2035 if (s->media_changed) {
2036 s->media_changed = false;
2037 scsi_device_set_ua(&s->qdev, SENSE_CODE(MEDIUM_CHANGED));
2041 static int scsi_initfn(SCSIDevice *dev)
2043 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2045 if (!s->qdev.conf.bs) {
2046 error_report("drive property not set");
2050 if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2051 !bdrv_is_inserted(s->qdev.conf.bs)) {
2052 error_report("Device needs media, but drive is empty");
2056 blkconf_serial(&s->qdev.conf, &s->serial);
2057 if (dev->type == TYPE_DISK
2058 && blkconf_geometry(&dev->conf, NULL, 65535, 255, 255) < 0) {
2063 s->version = g_strdup(qemu_get_version());
2066 s->vendor = g_strdup("QEMU");
2069 if (bdrv_is_sg(s->qdev.conf.bs)) {
2070 error_report("unwanted /dev/sg*");
2074 if (s->features & (1 << SCSI_DISK_F_REMOVABLE)) {
2075 bdrv_set_dev_ops(s->qdev.conf.bs, &scsi_disk_removable_block_ops, s);
2077 bdrv_set_dev_ops(s->qdev.conf.bs, &scsi_disk_block_ops, s);
2079 bdrv_set_buffer_alignment(s->qdev.conf.bs, s->qdev.blocksize);
2081 bdrv_iostatus_enable(s->qdev.conf.bs);
2082 add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, NULL);
2086 static int scsi_hd_initfn(SCSIDevice *dev)
2088 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2089 s->qdev.blocksize = s->qdev.conf.logical_block_size;
2090 s->qdev.type = TYPE_DISK;
2092 s->product = g_strdup("QEMU HARDDISK");
2094 return scsi_initfn(&s->qdev);
2097 static int scsi_cd_initfn(SCSIDevice *dev)
2099 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2100 s->qdev.blocksize = 2048;
2101 s->qdev.type = TYPE_ROM;
2102 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2104 s->product = g_strdup("QEMU CD-ROM");
2106 return scsi_initfn(&s->qdev);
2109 static int scsi_disk_initfn(SCSIDevice *dev)
2113 if (!dev->conf.bs) {
2114 return scsi_initfn(dev); /* ... and die there */
2117 dinfo = drive_get_by_blockdev(dev->conf.bs);
2118 if (dinfo->media_cd) {
2119 return scsi_cd_initfn(dev);
2121 return scsi_hd_initfn(dev);
2125 static const SCSIReqOps scsi_disk_emulate_reqops = {
2126 .size = sizeof(SCSIDiskReq),
2127 .free_req = scsi_free_request,
2128 .send_command = scsi_disk_emulate_command,
2129 .read_data = scsi_disk_emulate_read_data,
2130 .write_data = scsi_disk_emulate_write_data,
2131 .get_buf = scsi_get_buf,
2134 static const SCSIReqOps scsi_disk_dma_reqops = {
2135 .size = sizeof(SCSIDiskReq),
2136 .free_req = scsi_free_request,
2137 .send_command = scsi_disk_dma_command,
2138 .read_data = scsi_read_data,
2139 .write_data = scsi_write_data,
2140 .cancel_io = scsi_cancel_io,
2141 .get_buf = scsi_get_buf,
2142 .load_request = scsi_disk_load_request,
2143 .save_request = scsi_disk_save_request,
2146 static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = {
2147 [TEST_UNIT_READY] = &scsi_disk_emulate_reqops,
2148 [INQUIRY] = &scsi_disk_emulate_reqops,
2149 [MODE_SENSE] = &scsi_disk_emulate_reqops,
2150 [MODE_SENSE_10] = &scsi_disk_emulate_reqops,
2151 [START_STOP] = &scsi_disk_emulate_reqops,
2152 [ALLOW_MEDIUM_REMOVAL] = &scsi_disk_emulate_reqops,
2153 [READ_CAPACITY_10] = &scsi_disk_emulate_reqops,
2154 [READ_TOC] = &scsi_disk_emulate_reqops,
2155 [READ_DVD_STRUCTURE] = &scsi_disk_emulate_reqops,
2156 [READ_DISC_INFORMATION] = &scsi_disk_emulate_reqops,
2157 [GET_CONFIGURATION] = &scsi_disk_emulate_reqops,
2158 [GET_EVENT_STATUS_NOTIFICATION] = &scsi_disk_emulate_reqops,
2159 [MECHANISM_STATUS] = &scsi_disk_emulate_reqops,
2160 [SERVICE_ACTION_IN_16] = &scsi_disk_emulate_reqops,
2161 [REQUEST_SENSE] = &scsi_disk_emulate_reqops,
2162 [SYNCHRONIZE_CACHE] = &scsi_disk_emulate_reqops,
2163 [SEEK_10] = &scsi_disk_emulate_reqops,
2164 [MODE_SELECT] = &scsi_disk_emulate_reqops,
2165 [MODE_SELECT_10] = &scsi_disk_emulate_reqops,
2166 [UNMAP] = &scsi_disk_emulate_reqops,
2167 [WRITE_SAME_10] = &scsi_disk_emulate_reqops,
2168 [WRITE_SAME_16] = &scsi_disk_emulate_reqops,
2170 [READ_6] = &scsi_disk_dma_reqops,
2171 [READ_10] = &scsi_disk_dma_reqops,
2172 [READ_12] = &scsi_disk_dma_reqops,
2173 [READ_16] = &scsi_disk_dma_reqops,
2174 [VERIFY_10] = &scsi_disk_dma_reqops,
2175 [VERIFY_12] = &scsi_disk_dma_reqops,
2176 [VERIFY_16] = &scsi_disk_dma_reqops,
2177 [WRITE_6] = &scsi_disk_dma_reqops,
2178 [WRITE_10] = &scsi_disk_dma_reqops,
2179 [WRITE_12] = &scsi_disk_dma_reqops,
2180 [WRITE_16] = &scsi_disk_dma_reqops,
2181 [WRITE_VERIFY_10] = &scsi_disk_dma_reqops,
2182 [WRITE_VERIFY_12] = &scsi_disk_dma_reqops,
2183 [WRITE_VERIFY_16] = &scsi_disk_dma_reqops,
2186 static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
2187 uint8_t *buf, void *hba_private)
2189 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2191 const SCSIReqOps *ops;
2195 ops = scsi_disk_reqops_dispatch[command];
2197 ops = &scsi_disk_emulate_reqops;
2199 req = scsi_req_alloc(ops, &s->qdev, tag, lun, hba_private);
2202 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
2205 for (i = 1; i < req->cmd.len; i++) {
2206 printf(" 0x%02x", buf[i]);
2216 static int get_device_type(SCSIDiskState *s)
2218 BlockDriverState *bdrv = s->qdev.conf.bs;
2221 uint8_t sensebuf[8];
2222 sg_io_hdr_t io_header;
2225 memset(cmd, 0, sizeof(cmd));
2226 memset(buf, 0, sizeof(buf));
2228 cmd[4] = sizeof(buf);
2230 memset(&io_header, 0, sizeof(io_header));
2231 io_header.interface_id = 'S';
2232 io_header.dxfer_direction = SG_DXFER_FROM_DEV;
2233 io_header.dxfer_len = sizeof(buf);
2234 io_header.dxferp = buf;
2235 io_header.cmdp = cmd;
2236 io_header.cmd_len = sizeof(cmd);
2237 io_header.mx_sb_len = sizeof(sensebuf);
2238 io_header.sbp = sensebuf;
2239 io_header.timeout = 6000; /* XXX */
2241 ret = bdrv_ioctl(bdrv, SG_IO, &io_header);
2242 if (ret < 0 || io_header.driver_status || io_header.host_status) {
2245 s->qdev.type = buf[0];
2246 if (buf[1] & 0x80) {
2247 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2252 static int scsi_block_initfn(SCSIDevice *dev)
2254 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2258 if (!s->qdev.conf.bs) {
2259 error_report("scsi-block: drive property not set");
2263 /* check we are using a driver managing SG_IO (version 3 and after) */
2264 if (bdrv_ioctl(s->qdev.conf.bs, SG_GET_VERSION_NUM, &sg_version) < 0 ||
2265 sg_version < 30000) {
2266 error_report("scsi-block: scsi generic interface too old");
2270 /* get device type from INQUIRY data */
2271 rc = get_device_type(s);
2273 error_report("scsi-block: INQUIRY failed");
2277 /* Make a guess for the block size, we'll fix it when the guest sends.
2278 * READ CAPACITY. If they don't, they likely would assume these sizes
2279 * anyway. (TODO: check in /sys).
2281 if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) {
2282 s->qdev.blocksize = 2048;
2284 s->qdev.blocksize = 512;
2286 return scsi_initfn(&s->qdev);
2289 static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag,
2290 uint32_t lun, uint8_t *buf,
2293 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2307 case WRITE_VERIFY_10:
2308 case WRITE_VERIFY_12:
2309 case WRITE_VERIFY_16:
2310 /* If we are not using O_DIRECT, we might read stale data from the
2311 * host cache if writes were made using other commands than these
2312 * ones (such as WRITE SAME or EXTENDED COPY, etc.). So, without
2313 * O_DIRECT everything must go through SG_IO.
2315 if (bdrv_get_flags(s->qdev.conf.bs) & BDRV_O_NOCACHE) {
2319 /* MMC writing cannot be done via pread/pwrite, because it sometimes
2320 * involves writing beyond the maximum LBA or to negative LBA (lead-in).
2321 * And once you do these writes, reading from the block device is
2322 * unreliable, too. It is even possible that reads deliver random data
2323 * from the host page cache (this is probably a Linux bug).
2325 * We might use scsi_disk_dma_reqops as long as no writing commands are
2326 * seen, but performance usually isn't paramount on optical media. So,
2327 * just make scsi-block operate the same as scsi-generic for them.
2329 if (s->qdev.type != TYPE_ROM) {
2330 return scsi_req_alloc(&scsi_disk_dma_reqops, &s->qdev, tag, lun,
2335 return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun,
2340 #define DEFINE_SCSI_DISK_PROPERTIES() \
2341 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \
2342 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
2343 DEFINE_PROP_STRING("serial", SCSIDiskState, serial), \
2344 DEFINE_PROP_STRING("vendor", SCSIDiskState, vendor), \
2345 DEFINE_PROP_STRING("product", SCSIDiskState, product)
2347 static Property scsi_hd_properties[] = {
2348 DEFINE_SCSI_DISK_PROPERTIES(),
2349 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2350 SCSI_DISK_F_REMOVABLE, false),
2351 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2352 SCSI_DISK_F_DPOFUA, false),
2353 DEFINE_PROP_HEX64("wwn", SCSIDiskState, wwn, 0),
2354 DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState, qdev.conf),
2355 DEFINE_PROP_END_OF_LIST(),
2358 static const VMStateDescription vmstate_scsi_disk_state = {
2359 .name = "scsi-disk",
2361 .minimum_version_id = 1,
2362 .minimum_version_id_old = 1,
2363 .fields = (VMStateField[]) {
2364 VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState),
2365 VMSTATE_BOOL(media_changed, SCSIDiskState),
2366 VMSTATE_BOOL(media_event, SCSIDiskState),
2367 VMSTATE_BOOL(eject_request, SCSIDiskState),
2368 VMSTATE_BOOL(tray_open, SCSIDiskState),
2369 VMSTATE_BOOL(tray_locked, SCSIDiskState),
2370 VMSTATE_END_OF_LIST()
2374 static void scsi_hd_class_initfn(ObjectClass *klass, void *data)
2376 DeviceClass *dc = DEVICE_CLASS(klass);
2377 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2379 sc->init = scsi_hd_initfn;
2380 sc->destroy = scsi_destroy;
2381 sc->alloc_req = scsi_new_request;
2382 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
2383 dc->fw_name = "disk";
2384 dc->desc = "virtual SCSI disk";
2385 dc->reset = scsi_disk_reset;
2386 dc->props = scsi_hd_properties;
2387 dc->vmsd = &vmstate_scsi_disk_state;
2390 static const TypeInfo scsi_hd_info = {
2392 .parent = TYPE_SCSI_DEVICE,
2393 .instance_size = sizeof(SCSIDiskState),
2394 .class_init = scsi_hd_class_initfn,
2397 static Property scsi_cd_properties[] = {
2398 DEFINE_SCSI_DISK_PROPERTIES(),
2399 DEFINE_PROP_HEX64("wwn", SCSIDiskState, wwn, 0),
2400 DEFINE_PROP_END_OF_LIST(),
2403 static void scsi_cd_class_initfn(ObjectClass *klass, void *data)
2405 DeviceClass *dc = DEVICE_CLASS(klass);
2406 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2408 sc->init = scsi_cd_initfn;
2409 sc->destroy = scsi_destroy;
2410 sc->alloc_req = scsi_new_request;
2411 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
2412 dc->fw_name = "disk";
2413 dc->desc = "virtual SCSI CD-ROM";
2414 dc->reset = scsi_disk_reset;
2415 dc->props = scsi_cd_properties;
2416 dc->vmsd = &vmstate_scsi_disk_state;
2419 static const TypeInfo scsi_cd_info = {
2421 .parent = TYPE_SCSI_DEVICE,
2422 .instance_size = sizeof(SCSIDiskState),
2423 .class_init = scsi_cd_class_initfn,
2427 static Property scsi_block_properties[] = {
2428 DEFINE_PROP_DRIVE("drive", SCSIDiskState, qdev.conf.bs),
2429 DEFINE_PROP_INT32("bootindex", SCSIDiskState, qdev.conf.bootindex, -1),
2430 DEFINE_PROP_END_OF_LIST(),
2433 static void scsi_block_class_initfn(ObjectClass *klass, void *data)
2435 DeviceClass *dc = DEVICE_CLASS(klass);
2436 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2438 sc->init = scsi_block_initfn;
2439 sc->destroy = scsi_destroy;
2440 sc->alloc_req = scsi_block_new_request;
2441 dc->fw_name = "disk";
2442 dc->desc = "SCSI block device passthrough";
2443 dc->reset = scsi_disk_reset;
2444 dc->props = scsi_block_properties;
2445 dc->vmsd = &vmstate_scsi_disk_state;
2448 static const TypeInfo scsi_block_info = {
2449 .name = "scsi-block",
2450 .parent = TYPE_SCSI_DEVICE,
2451 .instance_size = sizeof(SCSIDiskState),
2452 .class_init = scsi_block_class_initfn,
2456 static Property scsi_disk_properties[] = {
2457 DEFINE_SCSI_DISK_PROPERTIES(),
2458 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2459 SCSI_DISK_F_REMOVABLE, false),
2460 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2461 SCSI_DISK_F_DPOFUA, false),
2462 DEFINE_PROP_HEX64("wwn", SCSIDiskState, wwn, 0),
2463 DEFINE_PROP_END_OF_LIST(),
2466 static void scsi_disk_class_initfn(ObjectClass *klass, void *data)
2468 DeviceClass *dc = DEVICE_CLASS(klass);
2469 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2471 sc->init = scsi_disk_initfn;
2472 sc->destroy = scsi_destroy;
2473 sc->alloc_req = scsi_new_request;
2474 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
2475 dc->fw_name = "disk";
2476 dc->desc = "virtual SCSI disk or CD-ROM (legacy)";
2477 dc->reset = scsi_disk_reset;
2478 dc->props = scsi_disk_properties;
2479 dc->vmsd = &vmstate_scsi_disk_state;
2482 static const TypeInfo scsi_disk_info = {
2483 .name = "scsi-disk",
2484 .parent = TYPE_SCSI_DEVICE,
2485 .instance_size = sizeof(SCSIDiskState),
2486 .class_init = scsi_disk_class_initfn,
2489 static void scsi_disk_register_types(void)
2491 type_register_static(&scsi_hd_info);
2492 type_register_static(&scsi_cd_info);
2494 type_register_static(&scsi_block_info);
2496 type_register_static(&scsi_disk_info);
2499 type_init(scsi_disk_register_types)
projects / sdk / emulator / qemu.git / blob