diff options
author | Anthony Liguori <aliguori@us.ibm.com> | 2011-10-31 11:09:00 -0500 |
---|---|---|
committer | Anthony Liguori <aliguori@us.ibm.com> | 2011-10-31 11:09:00 -0500 |
commit | 8494a397b68124f9898e7912173d460ee99ba3e2 (patch) | |
tree | 2c3ff12f56cb2587d00bab448a226d3cf0042d64 /hw | |
parent | d439b79d730bf219e47c14ab94f1546bcc5045ab (diff) | |
parent | 336a6915bc7089fb20fea4ba99972ad9a97c5f52 (diff) |
Merge remote-tracking branch 'kwolf/for-anthony' into staging
Conflicts:
block/vmdk.c
Diffstat (limited to 'hw')
-rw-r--r-- | hw/acpi_piix4.c | 4 | ||||
-rw-r--r-- | hw/esp.c | 16 | ||||
-rw-r--r-- | hw/i2c.c | 2 | ||||
-rw-r--r-- | hw/ide/atapi.c | 119 | ||||
-rw-r--r-- | hw/ide/core.c | 6 | ||||
-rw-r--r-- | hw/ide/internal.h | 71 | ||||
-rw-r--r-- | hw/ide/macio.c | 2 | ||||
-rw-r--r-- | hw/intel-hda.c | 6 | ||||
-rw-r--r-- | hw/lsi53c895a.c | 30 | ||||
-rw-r--r-- | hw/qdev.c | 24 | ||||
-rw-r--r-- | hw/qdev.h | 4 | ||||
-rw-r--r-- | hw/s390-virtio-bus.c | 4 | ||||
-rw-r--r-- | hw/scsi-bus.c | 279 | ||||
-rw-r--r-- | hw/scsi-defs.h | 90 | ||||
-rw-r--r-- | hw/scsi-disk.c | 824 | ||||
-rw-r--r-- | hw/scsi-generic.c | 201 | ||||
-rw-r--r-- | hw/scsi.h | 39 | ||||
-rw-r--r-- | hw/spapr_vio.c | 6 | ||||
-rw-r--r-- | hw/spapr_vscsi.c | 54 | ||||
-rw-r--r-- | hw/ssi.c | 6 | ||||
-rw-r--r-- | hw/usb-msd.c | 8 |
21 files changed, 1188 insertions, 607 deletions
diff --git a/hw/acpi_piix4.c b/hw/acpi_piix4.c index 29f0f76c35..d9075e6611 100644 --- a/hw/acpi_piix4.c +++ b/hw/acpi_piix4.c @@ -276,7 +276,7 @@ static void piix4_update_hotplug(PIIX4PMState *s) s->pci0_hotplug_enable = ~0; - QLIST_FOREACH_SAFE(qdev, &bus->children, sibling, next) { + QTAILQ_FOREACH_SAFE(qdev, &bus->children, sibling, next) { PCIDeviceInfo *info = container_of(qdev->info, PCIDeviceInfo, qdev); PCIDevice *pdev = DO_UPCAST(PCIDevice, qdev, qdev); int slot = PCI_SLOT(pdev->devfn); @@ -486,7 +486,7 @@ static void pciej_write(void *opaque, uint32_t addr, uint32_t val) PCIDeviceInfo *info; int slot = ffs(val) - 1; - QLIST_FOREACH_SAFE(qdev, &bus->children, sibling, next) { + QTAILQ_FOREACH_SAFE(qdev, &bus->children, sibling, next) { dev = DO_UPCAST(PCIDevice, qdev, qdev); info = container_of(qdev->info, PCIDeviceInfo, qdev); if (PCI_SLOT(dev->devfn) == slot && !info->no_hotplug) { @@ -217,7 +217,8 @@ static uint32_t get_cmd(ESPState *s, uint8_t *buf) s->async_len = 0; } - if (target >= ESP_MAX_DEVS || !s->bus.devs[target]) { + s->current_dev = scsi_device_find(&s->bus, 0, target, 0); + if (!s->current_dev) { // No such drive s->rregs[ESP_RSTAT] = 0; s->rregs[ESP_RINTR] = INTR_DC; @@ -225,7 +226,6 @@ static uint32_t get_cmd(ESPState *s, uint8_t *buf) esp_raise_irq(s); return 0; } - s->current_dev = s->bus.devs[target]; return dmalen; } @@ -233,10 +233,12 @@ static void do_busid_cmd(ESPState *s, uint8_t *buf, uint8_t busid) { int32_t datalen; int lun; + SCSIDevice *current_lun; trace_esp_do_busid_cmd(busid); lun = busid & 7; - s->current_req = scsi_req_new(s->current_dev, 0, lun, buf, NULL); + current_lun = scsi_device_find(&s->bus, 0, s->current_dev->id, lun); + s->current_req = scsi_req_new(current_lun, 0, lun, buf, NULL); datalen = scsi_req_enqueue(s->current_req); s->ti_size = datalen; if (datalen != 0) { @@ -720,7 +722,11 @@ void esp_init(target_phys_addr_t espaddr, int it_shift, *dma_enable = qdev_get_gpio_in(dev, 1); } -static const struct SCSIBusOps esp_scsi_ops = { +static const struct SCSIBusInfo esp_scsi_info = { + .tcq = false, + .max_target = ESP_MAX_DEVS, + .max_lun = 7, + .transfer_data = esp_transfer_data, .complete = esp_command_complete, .cancel = esp_request_cancelled @@ -740,7 +746,7 @@ static int esp_init1(SysBusDevice *dev) qdev_init_gpio_in(&dev->qdev, esp_gpio_demux, 2); - scsi_bus_new(&s->bus, &dev->qdev, 0, ESP_MAX_DEVS, &esp_scsi_ops); + scsi_bus_new(&s->bus, &dev->qdev, &esp_scsi_info); return scsi_bus_legacy_handle_cmdline(&s->bus); } @@ -84,7 +84,7 @@ int i2c_start_transfer(i2c_bus *bus, uint8_t address, int recv) DeviceState *qdev; i2c_slave *slave = NULL; - QLIST_FOREACH(qdev, &bus->qbus.children, sibling) { + QTAILQ_FOREACH(qdev, &bus->qbus.children, sibling) { i2c_slave *candidate = I2C_SLAVE_FROM_QDEV(qdev); if (candidate->address == address) { slave = candidate; diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c index 3f909c3a99..90b6729692 100644 --- a/hw/ide/atapi.c +++ b/hw/ide/atapi.c @@ -154,10 +154,10 @@ void ide_atapi_io_error(IDEState *s, int ret) { /* XXX: handle more errors */ if (ret == -ENOMEDIUM) { - ide_atapi_cmd_error(s, SENSE_NOT_READY, + ide_atapi_cmd_error(s, NOT_READY, ASC_MEDIUM_NOT_PRESENT); } else { - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, + ide_atapi_cmd_error(s, ILLEGAL_REQUEST, ASC_LOGICAL_BLOCK_OOR); } } @@ -282,7 +282,7 @@ static void ide_atapi_cmd_check_status(IDEState *s) #ifdef DEBUG_IDE_ATAPI printf("atapi_cmd_check_status\n"); #endif - s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4); + s->error = MC_ERR | (UNIT_ATTENTION << 4); s->status = ERR_STAT; s->nsector = 0; ide_set_irq(s->bus); @@ -354,7 +354,7 @@ static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret) ide_atapi_cmd_read_dma_cb, s); if (!s->bus->dma->aiocb) { /* Note: media not present is the most likely case */ - ide_atapi_cmd_error(s, SENSE_NOT_READY, + ide_atapi_cmd_error(s, NOT_READY, ASC_MEDIUM_NOT_PRESENT); goto eot; } @@ -505,19 +505,6 @@ static int ide_dvd_read_structure(IDEState *s, int format, static unsigned int event_status_media(IDEState *s, uint8_t *buf) { - enum media_event_code { - MEC_NO_CHANGE = 0, /* Status unchanged */ - MEC_EJECT_REQUESTED, /* received a request from user to eject */ - MEC_NEW_MEDIA, /* new media inserted and ready for access */ - MEC_MEDIA_REMOVAL, /* only for media changers */ - MEC_MEDIA_CHANGED, /* only for media changers */ - MEC_BG_FORMAT_COMPLETED, /* MRW or DVD+RW b/g format completed */ - MEC_BG_FORMAT_RESTARTED, /* MRW or DVD+RW b/g format restarted */ - }; - enum media_status { - MS_TRAY_OPEN = 1, - MS_MEDIA_PRESENT = 2, - }; uint8_t event_code, media_status; media_status = 0; @@ -564,27 +551,6 @@ static void cmd_get_event_status_notification(IDEState *s, uint8_t notification_class; uint8_t supported_events; } QEMU_PACKED *gesn_event_header; - - enum notification_class_request_type { - NCR_RESERVED1 = 1 << 0, - NCR_OPERATIONAL_CHANGE = 1 << 1, - NCR_POWER_MANAGEMENT = 1 << 2, - NCR_EXTERNAL_REQUEST = 1 << 3, - NCR_MEDIA = 1 << 4, - NCR_MULTI_HOST = 1 << 5, - NCR_DEVICE_BUSY = 1 << 6, - NCR_RESERVED2 = 1 << 7, - }; - enum event_notification_class_field { - ENC_NO_EVENTS = 0, - ENC_OPERATIONAL_CHANGE, - ENC_POWER_MANAGEMENT, - ENC_EXTERNAL_REQUEST, - ENC_MEDIA, - ENC_MULTIPLE_HOSTS, - ENC_DEVICE_BUSY, - ENC_RESERVED, - }; unsigned int max_len, used_len; gesn_cdb = (void *)packet; @@ -595,7 +561,7 @@ static void cmd_get_event_status_notification(IDEState *s, /* It is fine by the MMC spec to not support async mode operations */ if (!(gesn_cdb->polled & 0x01)) { /* asynchronous mode */ /* Only polling is supported, asynchronous mode is not. */ - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, + ide_atapi_cmd_error(s, ILLEGAL_REQUEST, ASC_INV_FIELD_IN_CMD_PACKET); return; } @@ -606,8 +572,11 @@ static void cmd_get_event_status_notification(IDEState *s, * These are the supported events. * * We currently only support requests of the 'media' type. + * Notification class requests and supported event classes are bitmasks, + * but they are build from the same values as the "notification class" + * field. */ - gesn_event_header->supported_events = NCR_MEDIA; + gesn_event_header->supported_events = 1 << GESN_MEDIA; /* * We use |= below to set the class field; other bits in this byte @@ -621,8 +590,8 @@ static void cmd_get_event_status_notification(IDEState *s, * notification_class_request_type enum above specifies the * priority: upper elements are higher prio than lower ones. */ - if (gesn_cdb->class & NCR_MEDIA) { - gesn_event_header->notification_class |= ENC_MEDIA; + if (gesn_cdb->class & (1 << GESN_MEDIA)) { + gesn_event_header->notification_class |= GESN_MEDIA; used_len = event_status_media(s, buf); } else { gesn_event_header->notification_class = 0x80; /* No event available */ @@ -643,8 +612,8 @@ static void cmd_request_sense(IDEState *s, uint8_t *buf) buf[7] = 10; buf[12] = s->asc; - if (s->sense_key == SENSE_UNIT_ATTENTION) { - s->sense_key = SENSE_NONE; + if (s->sense_key == UNIT_ATTENTION) { + s->sense_key = NO_SENSE; } ide_atapi_cmd_reply(s, 18, max_len); @@ -676,7 +645,7 @@ static void cmd_get_configuration(IDEState *s, uint8_t *buf) /* only feature 0 is supported */ if (buf[2] != 0 || buf[3] != 0) { - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, + ide_atapi_cmd_error(s, ILLEGAL_REQUEST, ASC_INV_FIELD_IN_CMD_PACKET); return; } @@ -733,7 +702,7 @@ static void cmd_mode_sense(IDEState *s, uint8_t *buf) switch(action) { case 0: /* current values */ switch(code) { - case GPMODE_R_W_ERROR_PAGE: /* error recovery */ + case MODE_PAGE_R_W_ERROR: /* error recovery */ cpu_to_ube16(&buf[0], 16 + 6); buf[2] = 0x70; buf[3] = 0; @@ -742,8 +711,8 @@ static void cmd_mode_sense(IDEState *s, uint8_t *buf) buf[6] = 0; buf[7] = 0; - buf[8] = 0x01; - buf[9] = 0x06; + buf[8] = MODE_PAGE_R_W_ERROR; + buf[9] = 16 - 10; buf[10] = 0x00; buf[11] = 0x05; buf[12] = 0x00; @@ -752,7 +721,7 @@ static void cmd_mode_sense(IDEState *s, uint8_t *buf) buf[15] = 0x00; ide_atapi_cmd_reply(s, 16, max_len); break; - case GPMODE_AUDIO_CTL_PAGE: + case MODE_PAGE_AUDIO_CTL: cpu_to_ube16(&buf[0], 24 + 6); buf[2] = 0x70; buf[3] = 0; @@ -761,6 +730,8 @@ static void cmd_mode_sense(IDEState *s, uint8_t *buf) buf[6] = 0; buf[7] = 0; + buf[8] = MODE_PAGE_AUDIO_CTL; + buf[9] = 24 - 10; /* Fill with CDROM audio volume */ buf[17] = 0; buf[19] = 0; @@ -769,7 +740,7 @@ static void cmd_mode_sense(IDEState *s, uint8_t *buf) ide_atapi_cmd_reply(s, 24, max_len); break; - case GPMODE_CAPABILITIES_PAGE: + case MODE_PAGE_CAPABILITIES: cpu_to_ube16(&buf[0], 28 + 6); buf[2] = 0x70; buf[3] = 0; @@ -778,9 +749,9 @@ static void cmd_mode_sense(IDEState *s, uint8_t *buf) buf[6] = 0; buf[7] = 0; - buf[8] = 0x2a; - buf[9] = 0x12; - buf[10] = 0x00; + buf[8] = MODE_PAGE_CAPABILITIES; + buf[9] = 28 - 10; + buf[10] = 0x3b; /* read CDR/CDRW/DVDROM/DVDR/DVDRAM */ buf[11] = 0x00; /* Claim PLAY_AUDIO capability (0x01) since some Linux @@ -789,14 +760,14 @@ static void cmd_mode_sense(IDEState *s, uint8_t *buf) buf[13] = 3 << 5; buf[14] = (1 << 0) | (1 << 3) | (1 << 5); if (s->tray_locked) { - buf[6] |= 1 << 1; + buf[14] |= 1 << 1; } - buf[15] = 0x00; - cpu_to_ube16(&buf[16], 706); - buf[18] = 0; + buf[15] = 0x00; /* No volume & mute control, no changer */ + cpu_to_ube16(&buf[16], 704); /* 4x read speed */ + buf[18] = 0; /* Two volume levels */ buf[19] = 2; - cpu_to_ube16(&buf[20], 512); - cpu_to_ube16(&buf[22], 706); + cpu_to_ube16(&buf[20], 512); /* 512k buffer */ + cpu_to_ube16(&buf[22], 704); /* 4x read speed current */ buf[24] = 0; buf[25] = 0; buf[26] = 0; @@ -813,14 +784,14 @@ static void cmd_mode_sense(IDEState *s, uint8_t *buf) goto error_cmd; default: case 3: /* saved values */ - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, + ide_atapi_cmd_error(s, ILLEGAL_REQUEST, ASC_SAVING_PARAMETERS_NOT_SUPPORTED); break; } return; error_cmd: - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, ASC_INV_FIELD_IN_CMD_PACKET); + ide_atapi_cmd_error(s, ILLEGAL_REQUEST, ASC_INV_FIELD_IN_CMD_PACKET); } static void cmd_test_unit_ready(IDEState *s, uint8_t *buf) @@ -883,7 +854,7 @@ static void cmd_read_cd(IDEState *s, uint8_t* buf) ide_atapi_cmd_read(s, lba, nb_sectors, 2352); break; default: - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, + ide_atapi_cmd_error(s, ILLEGAL_REQUEST, ASC_INV_FIELD_IN_CMD_PACKET); break; } @@ -896,7 +867,7 @@ static void cmd_seek(IDEState *s, uint8_t* buf) lba = ube32_to_cpu(buf + 2); if (lba >= total_sectors) { - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, ASC_LOGICAL_BLOCK_OOR); + ide_atapi_cmd_error(s, ILLEGAL_REQUEST, ASC_LOGICAL_BLOCK_OOR); return; } @@ -912,7 +883,7 @@ static void cmd_start_stop_unit(IDEState *s, uint8_t* buf) if (loej) { if (!start && !s->tray_open && s->tray_locked) { sense = bdrv_is_inserted(s->bs) - ? SENSE_NOT_READY : SENSE_ILLEGAL_REQUEST; + ? NOT_READY : ILLEGAL_REQUEST; ide_atapi_cmd_error(s, sense, ASC_MEDIA_REMOVAL_PREVENTED); return; } @@ -971,7 +942,7 @@ static void cmd_read_toc_pma_atip(IDEState *s, uint8_t* buf) break; default: error_cmd: - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, + ide_atapi_cmd_error(s, ILLEGAL_REQUEST, ASC_INV_FIELD_IN_CMD_PACKET); } } @@ -997,11 +968,11 @@ static void cmd_read_dvd_structure(IDEState *s, uint8_t* buf) if (format < 0xff) { if (media_is_cd(s)) { - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, + ide_atapi_cmd_error(s, ILLEGAL_REQUEST, ASC_INCOMPATIBLE_FORMAT); return; } else if (!media_present(s)) { - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, + ide_atapi_cmd_error(s, ILLEGAL_REQUEST, ASC_INV_FIELD_IN_CMD_PACKET); return; } @@ -1017,7 +988,7 @@ static void cmd_read_dvd_structure(IDEState *s, uint8_t* buf) ret = ide_dvd_read_structure(s, format, buf, buf); if (ret < 0) { - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret); + ide_atapi_cmd_error(s, ILLEGAL_REQUEST, -ret); } else { ide_atapi_cmd_reply(s, ret, max_len); } @@ -1034,7 +1005,7 @@ static void cmd_read_dvd_structure(IDEState *s, uint8_t* buf) case 0x90: /* TODO: List of recognized format layers */ case 0xc0: /* TODO: Write protection status */ default: - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, + ide_atapi_cmd_error(s, ILLEGAL_REQUEST, ASC_INV_FIELD_IN_CMD_PACKET); break; } @@ -1106,7 +1077,7 @@ void ide_atapi_cmd(IDEState *s) * condition response unless a higher priority status, defined by the drive * here, is pending. */ - if (s->sense_key == SENSE_UNIT_ATTENTION && + if (s->sense_key == UNIT_ATTENTION && !(atapi_cmd_table[s->io_buffer[0]].flags & ALLOW_UA)) { ide_atapi_cmd_check_status(s); return; @@ -1119,10 +1090,10 @@ void ide_atapi_cmd(IDEState *s) * states rely on this behavior. */ if (!s->tray_open && bdrv_is_inserted(s->bs) && s->cdrom_changed) { - ide_atapi_cmd_error(s, SENSE_NOT_READY, ASC_MEDIUM_NOT_PRESENT); + ide_atapi_cmd_error(s, NOT_READY, ASC_MEDIUM_NOT_PRESENT); s->cdrom_changed = 0; - s->sense_key = SENSE_UNIT_ATTENTION; + s->sense_key = UNIT_ATTENTION; s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED; return; } @@ -1131,7 +1102,7 @@ void ide_atapi_cmd(IDEState *s) if ((atapi_cmd_table[s->io_buffer[0]].flags & CHECK_READY) && (!media_present(s) || !bdrv_is_inserted(s->bs))) { - ide_atapi_cmd_error(s, SENSE_NOT_READY, ASC_MEDIUM_NOT_PRESENT); + ide_atapi_cmd_error(s, NOT_READY, ASC_MEDIUM_NOT_PRESENT); return; } @@ -1141,5 +1112,5 @@ void ide_atapi_cmd(IDEState *s) return; } - ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, ASC_ILLEGAL_OPCODE); + ide_atapi_cmd_error(s, ILLEGAL_REQUEST, ASC_ILLEGAL_OPCODE); } diff --git a/hw/ide/core.c b/hw/ide/core.c index 280a117fe2..9a2fd30607 100644 --- a/hw/ide/core.c +++ b/hw/ide/core.c @@ -799,7 +799,7 @@ static void ide_cd_change_cb(void *opaque, bool load) * First indicate to the guest that a CD has been removed. That's * done on the next command the guest sends us. * - * Then we set SENSE_UNIT_ATTENTION, by which the guest will + * Then we set UNIT_ATTENTION, by which the guest will * detect a new CD in the drive. See ide_atapi_cmd() for details. */ s->cdrom_changed = 1; @@ -2027,7 +2027,7 @@ static int ide_drive_post_load(void *opaque, int version_id) IDEState *s = opaque; if (version_id < 3) { - if (s->sense_key == SENSE_UNIT_ATTENTION && + if (s->sense_key == UNIT_ATTENTION && s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) { s->cdrom_changed = 1; } @@ -2039,7 +2039,7 @@ static int ide_drive_pio_post_load(void *opaque, int version_id) { IDEState *s = opaque; - if (s->end_transfer_fn_idx > ARRAY_SIZE(transfer_end_table)) { + if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) { return -EINVAL; } s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx]; diff --git a/hw/ide/internal.h b/hw/ide/internal.h index c39dc058f4..00b28dfdbc 100644 --- a/hw/ide/internal.h +++ b/hw/ide/internal.h @@ -11,6 +11,7 @@ #include "iorange.h" #include "dma.h" #include "sysemu.h" +#include "hw/scsi-defs.h" /* debug IDE devices */ //#define DEBUG_IDE @@ -280,71 +281,6 @@ typedef struct IDEDMAOps IDEDMAOps; #define GPCMD_GET_MEDIA_STATUS 0xda #define GPCMD_MODE_SENSE_6 0x1a -/* Mode page codes for mode sense/set */ -#define GPMODE_R_W_ERROR_PAGE 0x01 -#define GPMODE_WRITE_PARMS_PAGE 0x05 -#define GPMODE_AUDIO_CTL_PAGE 0x0e -#define GPMODE_POWER_PAGE 0x1a -#define GPMODE_FAULT_FAIL_PAGE 0x1c -#define GPMODE_TO_PROTECT_PAGE 0x1d -#define GPMODE_CAPABILITIES_PAGE 0x2a -#define GPMODE_ALL_PAGES 0x3f -/* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor - * of MODE_SENSE_POWER_PAGE */ -#define GPMODE_CDROM_PAGE 0x0d - -/* - * Based on values from <linux/cdrom.h> but extending CD_MINS - * to the maximum common size allowed by the Orange's Book ATIP - * - * 90 and 99 min CDs are also available but using them as the - * upper limit reduces the effectiveness of the heuristic to - * detect DVDs burned to less than 25% of their maximum capacity - */ - -/* Some generally useful CD-ROM information */ -#define CD_MINS 80 /* max. minutes per CD */ -#define CD_SECS 60 /* seconds per minute */ -#define CD_FRAMES 75 /* frames per second */ -#define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */ -#define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE) -#define CD_MAX_SECTORS (CD_MAX_BYTES / 512) - -/* - * The MMC values are not IDE specific and might need to be moved - * to a common header if they are also needed for the SCSI emulation - */ - -/* Profile list from MMC-6 revision 1 table 91 */ -#define MMC_PROFILE_NONE 0x0000 -#define MMC_PROFILE_CD_ROM 0x0008 -#define MMC_PROFILE_CD_R 0x0009 -#define MMC_PROFILE_CD_RW 0x000A -#define MMC_PROFILE_DVD_ROM 0x0010 -#define MMC_PROFILE_DVD_R_SR 0x0011 -#define MMC_PROFILE_DVD_RAM 0x0012 -#define MMC_PROFILE_DVD_RW_RO 0x0013 -#define MMC_PROFILE_DVD_RW_SR 0x0014 -#define MMC_PROFILE_DVD_R_DL_SR 0x0015 -#define MMC_PROFILE_DVD_R_DL_JR 0x0016 -#define MMC_PROFILE_DVD_RW_DL 0x0017 -#define MMC_PROFILE_DVD_DDR 0x0018 -#define MMC_PROFILE_DVD_PLUS_RW 0x001A -#define MMC_PROFILE_DVD_PLUS_R 0x001B -#define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A -#define MMC_PROFILE_DVD_PLUS_R_DL 0x002B -#define MMC_PROFILE_BD_ROM 0x0040 -#define MMC_PROFILE_BD_R_SRM 0x0041 -#define MMC_PROFILE_BD_R_RRM 0x0042 -#define MMC_PROFILE_BD_RE 0x0043 -#define MMC_PROFILE_HDDVD_ROM 0x0050 -#define MMC_PROFILE_HDDVD_R 0x0051 -#define MMC_PROFILE_HDDVD_RAM 0x0052 -#define MMC_PROFILE_HDDVD_RW 0x0053 -#define MMC_PROFILE_HDDVD_R_DL 0x0058 -#define MMC_PROFILE_HDDVD_RW_DL 0x005A -#define MMC_PROFILE_INVALID 0xFFFF - #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */ #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */ #define ATAPI_INT_REASON_REL 0x04 @@ -366,11 +302,6 @@ typedef struct IDEDMAOps IDEDMAOps; #define CFA_INVALID_ADDRESS 0x21 #define CFA_ADDRESS_OVERFLOW 0x2f -#define SENSE_NONE 0 -#define SENSE_NOT_READY 2 -#define SENSE_ILLEGAL_REQUEST 5 -#define SENSE_UNIT_ATTENTION 6 - #define SMART_READ_DATA 0xd0 #define SMART_READ_THRESH 0xd1 #define SMART_ATTR_AUTOSAVE 0xd2 diff --git a/hw/ide/macio.c b/hw/ide/macio.c index 37b8239b4d..70b33422d2 100644 --- a/hw/ide/macio.c +++ b/hw/ide/macio.c @@ -87,7 +87,7 @@ static void pmac_ide_atapi_transfer_cb(void *opaque, int ret) if (!m->aiocb) { qemu_sglist_destroy(&s->sg); /* Note: media not present is the most likely case */ - ide_atapi_cmd_error(s, SENSE_NOT_READY, + ide_atapi_cmd_error(s, NOT_READY, ASC_MEDIUM_NOT_PRESENT); goto done; } diff --git a/hw/intel-hda.c b/hw/intel-hda.c index f97775c235..675b6591e9 100644 --- a/hw/intel-hda.c +++ b/hw/intel-hda.c @@ -86,7 +86,7 @@ HDACodecDevice *hda_codec_find(HDACodecBus *bus, uint32_t cad) DeviceState *qdev; HDACodecDevice *cdev; - QLIST_FOREACH(qdev, &bus->qbus.children, sibling) { + QTAILQ_FOREACH(qdev, &bus->qbus.children, sibling) { cdev = DO_UPCAST(HDACodecDevice, qdev, qdev); if (cdev->cad == cad) { return cdev; @@ -490,7 +490,7 @@ static void intel_hda_notify_codecs(IntelHDAState *d, uint32_t stream, bool runn DeviceState *qdev; HDACodecDevice *cdev; - QLIST_FOREACH(qdev, &d->codecs.qbus.children, sibling) { + QTAILQ_FOREACH(qdev, &d->codecs.qbus.children, sibling) { cdev = DO_UPCAST(HDACodecDevice, qdev, qdev); if (cdev->info->stream) { cdev->info->stream(cdev, stream, running, output); @@ -1114,7 +1114,7 @@ static void intel_hda_reset(DeviceState *dev) d->wall_base_ns = qemu_get_clock_ns(vm_clock); /* reset codecs */ - QLIST_FOREACH(qdev, &d->codecs.qbus.children, sibling) { + QTAILQ_FOREACH(qdev, &d->codecs.qbus.children, sibling) { cdev = DO_UPCAST(HDACodecDevice, qdev, qdev); if (qdev->info->reset) { qdev->info->reset(qdev); diff --git a/hw/lsi53c895a.c b/hw/lsi53c895a.c index e077ec07cc..2984cea633 100644 --- a/hw/lsi53c895a.c +++ b/hw/lsi53c895a.c @@ -531,7 +531,7 @@ static void lsi_bad_selection(LSIState *s, uint32_t id) /* Initiate a SCSI layer data transfer. */ static void lsi_do_dma(LSIState *s, int out) { - uint32_t count, id; + uint32_t count; target_phys_addr_t addr; SCSIDevice *dev; @@ -542,12 +542,8 @@ static void lsi_do_dma(LSIState *s, int out) return; } - id = (s->current->tag >> 8) & 0xf; - dev = s->bus.devs[id]; - if (!dev) { - lsi_bad_selection(s, id); - return; - } + dev = s->current->req->dev; + assert(dev); count = s->dbc; if (count > s->current->dma_len) @@ -771,7 +767,7 @@ static void lsi_do_command(LSIState *s) s->command_complete = 0; id = (s->select_tag >> 8) & 0xf; - dev = s->bus.devs[id]; + dev = scsi_device_find(&s->bus, 0, id, s->current_lun); if (!dev) { lsi_bad_selection(s, id); return; @@ -1202,7 +1198,7 @@ again: } s->sstat0 |= LSI_SSTAT0_WOA; s->scntl1 &= ~LSI_SCNTL1_IARB; - if (id >= LSI_MAX_DEVS || !s->bus.devs[id]) { + if (!scsi_device_find(&s->bus, 0, id, 0)) { lsi_bad_selection(s, id); break; } @@ -1684,13 +1680,9 @@ static void lsi_reg_writeb(LSIState *s, int offset, uint8_t val) if (val & LSI_SCNTL1_RST) { if (!(s->sstat0 & LSI_SSTAT0_RST)) { DeviceState *dev; - int id; - for (id = 0; id < s->bus.ndev; id++) { - if (s->bus.devs[id]) { - dev = &s->bus.devs[id]->qdev; - dev->info->reset(dev); - } + QTAILQ_FOREACH(dev, &s->bus.qbus.children, sibling) { + dev->info->reset(dev); } s->sstat0 |= LSI_SSTAT0_RST; lsi_script_scsi_interrupt(s, LSI_SIST0_RST, 0); @@ -2091,7 +2083,11 @@ static int lsi_scsi_uninit(PCIDevice *d) return 0; } -static const struct SCSIBusOps lsi_scsi_ops = { +static const struct SCSIBusInfo lsi_scsi_info = { + .tcq = true, + .max_target = LSI_MAX_DEVS, + .max_lun = 0, /* LUN support is buggy */ + .transfer_data = lsi_transfer_data, .complete = lsi_command_complete, .cancel = lsi_request_cancelled @@ -2118,7 +2114,7 @@ static int lsi_scsi_init(PCIDevice *dev) pci_register_bar(&s->dev, 2, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->ram_io); QTAILQ_INIT(&s->queue); - scsi_bus_new(&s->bus, &dev->qdev, 1, LSI_MAX_DEVS, &lsi_scsi_ops); + scsi_bus_new(&s->bus, &dev->qdev, &lsi_scsi_info); if (!dev->qdev.hotplugged) { return scsi_bus_legacy_handle_cmdline(&s->bus); } @@ -91,7 +91,7 @@ static DeviceState *qdev_create_from_info(BusState *bus, DeviceInfo *info) qdev_prop_set_defaults(dev, dev->info->props); qdev_prop_set_defaults(dev, dev->parent_bus->info->props); qdev_prop_set_globals(dev); - QLIST_INSERT_HEAD(&bus->children, dev, sibling); + QTAILQ_INSERT_HEAD(&bus->children, dev, sibling); if (qdev_hotplug) { assert(bus->allow_hotplug); dev->hotplugged = 1; @@ -408,7 +408,7 @@ void qdev_free(DeviceState *dev) if (dev->opts) qemu_opts_del(dev->opts); } - QLIST_REMOVE(dev, sibling); + QTAILQ_REMOVE(&dev->parent_bus->children, dev, sibling); for (prop = dev->info->props; prop && prop->name; prop++) { if (prop->info->free) { prop->info->free(dev, prop); @@ -510,7 +510,7 @@ int qbus_walk_children(BusState *bus, qdev_walkerfn *devfn, } } - QLIST_FOREACH(dev, &bus->children, sibling) { + QTAILQ_FOREACH(dev, &bus->children, sibling) { err = qdev_walk_children(dev, devfn, busfn, opaque); if (err < 0) { return err; @@ -560,7 +560,7 @@ static BusState *qbus_find_recursive(BusState *bus, const char *name, return bus; } - QLIST_FOREACH(dev, &bus->children, sibling) { + QTAILQ_FOREACH(dev, &bus->children, sibling) { QLIST_FOREACH(child, &dev->child_bus, sibling) { ret = qbus_find_recursive(child, name, info); if (ret) { @@ -576,7 +576,7 @@ DeviceState *qdev_find_recursive(BusState *bus, const char *id) DeviceState *dev, *ret; BusState *child; - QLIST_FOREACH(dev, &bus->children, sibling) { + QTAILQ_FOREACH(dev, &bus->children, sibling) { if (dev->id && strcmp(dev->id, id) == 0) return dev; QLIST_FOREACH(child, &dev->child_bus, sibling) { @@ -609,7 +609,7 @@ static void qbus_list_dev(BusState *bus) const char *sep = " "; error_printf("devices at \"%s\":", bus->name); - QLIST_FOREACH(dev, &bus->children, sibling) { + QTAILQ_FOREACH(dev, &bus->children, sibling) { error_printf("%s\"%s\"", sep, dev->info->name); if (dev->id) error_printf("/\"%s\"", dev->id); @@ -640,17 +640,17 @@ static DeviceState *qbus_find_dev(BusState *bus, char *elem) * (2) driver name * (3) driver alias, if present */ - QLIST_FOREACH(dev, &bus->children, sibling) { + QTAILQ_FOREACH(dev, &bus->children, sibling) { if (dev->id && strcmp(dev->id, elem) == 0) { return dev; } } - QLIST_FOREACH(dev, &bus->children, sibling) { + QTAILQ_FOREACH(dev, &bus->children, sibling) { if (strcmp(dev->info->name, elem) == 0) { return dev; } } - QLIST_FOREACH(dev, &bus->children, sibling) { + QTAILQ_FOREACH(dev, &bus->children, sibling) { if (dev->info->alias && strcmp(dev->info->alias, elem) == 0) { return dev; } @@ -774,7 +774,7 @@ void qbus_create_inplace(BusState *bus, BusInfo *info, bus->name = buf; } - QLIST_INIT(&bus->children); + QTAILQ_INIT(&bus->children); if (parent) { QLIST_INSERT_HEAD(&parent->child_bus, bus, sibling); parent->num_child_bus++; @@ -809,7 +809,7 @@ void qbus_free(BusState *bus) { DeviceState *dev; - while ((dev = QLIST_FIRST(&bus->children)) != NULL) { + while ((dev = QTAILQ_FIRST(&bus->children)) != NULL) { qdev_free(dev); } if (bus->parent) { @@ -878,7 +878,7 @@ static void qbus_print(Monitor *mon, BusState *bus, int indent) qdev_printf("bus: %s\n", bus->name); indent += 2; qdev_printf("type %s\n", bus->info->name); - QLIST_FOREACH(dev, &bus->children, sibling) { + QTAILQ_FOREACH(dev, &bus->children, sibling) { qdev_print(mon, dev, indent); } } @@ -42,7 +42,7 @@ struct DeviceState { qemu_irq *gpio_in; QLIST_HEAD(, BusState) child_bus; int num_child_bus; - QLIST_ENTRY(DeviceState) sibling; + QTAILQ_ENTRY(DeviceState) sibling; int instance_id_alias; int alias_required_for_version; }; @@ -73,7 +73,7 @@ struct BusState { const char *name; int allow_hotplug; int qdev_allocated; - QLIST_HEAD(, DeviceState) children; + QTAILQ_HEAD(ChildrenHead, DeviceState) children; QLIST_ENTRY(BusState) sibling; }; diff --git a/hw/s390-virtio-bus.c b/hw/s390-virtio-bus.c index e2f3e32aca..0ce6406b6d 100644 --- a/hw/s390-virtio-bus.c +++ b/hw/s390-virtio-bus.c @@ -274,7 +274,7 @@ VirtIOS390Device *s390_virtio_bus_find_vring(VirtIOS390Bus *bus, DeviceState *dev; int i; - QLIST_FOREACH(dev, &bus->bus.children, sibling) { + QTAILQ_FOREACH(dev, &bus->bus.children, sibling) { _dev = (VirtIOS390Device *)dev; for(i = 0; i < VIRTIO_PCI_QUEUE_MAX; i++) { if (!virtio_queue_get_addr(_dev->vdev, i)) @@ -297,7 +297,7 @@ VirtIOS390Device *s390_virtio_bus_find_mem(VirtIOS390Bus *bus, ram_addr_t mem) VirtIOS390Device *_dev; DeviceState *dev; - QLIST_FOREACH(dev, &bus->bus.children, sibling) { + QTAILQ_FOREACH(dev, &bus->bus.children, sibling) { _dev = (VirtIOS390Device *)dev; if (_dev->dev_offs == mem) { return _dev; diff --git a/hw/scsi-bus.c b/hw/scsi-bus.c index aca65a16df..e6ebbd594e 100644 --- a/hw/scsi-bus.c +++ b/hw/scsi-bus.c @@ -8,6 +8,7 @@ static char *scsibus_get_fw_dev_path(DeviceState *dev); static int scsi_req_parse(SCSICommand *cmd, SCSIDevice *dev, uint8_t *buf); +static void scsi_req_dequeue(SCSIRequest *req); static int scsi_build_sense(uint8_t *in_buf, int in_len, uint8_t *buf, int len, bool fixed); @@ -16,53 +17,123 @@ static struct BusInfo scsi_bus_info = { .size = sizeof(SCSIBus), .get_fw_dev_path = scsibus_get_fw_dev_path, .props = (Property[]) { + DEFINE_PROP_UINT32("channel", SCSIDevice, channel, 0), DEFINE_PROP_UINT32("scsi-id", SCSIDevice, id, -1), - DEFINE_PROP_UINT32("lun", SCSIDevice, lun, 0), + DEFINE_PROP_UINT32("lun", SCSIDevice, lun, -1), DEFINE_PROP_END_OF_LIST(), }, }; static int next_scsi_bus; /* Create a scsi bus, and attach devices to it. */ -void scsi_bus_new(SCSIBus *bus, DeviceState *host, int tcq, int ndev, - const SCSIBusOps *ops) +void scsi_bus_new(SCSIBus *bus, DeviceState *host, const SCSIBusInfo *info) { qbus_create_inplace(&bus->qbus, &scsi_bus_info, host, NULL); bus->busnr = next_scsi_bus++; - bus->tcq = tcq; - bus->ndev = ndev; - bus->ops = ops; + bus->info = info; bus->qbus.allow_hotplug = 1; } +static void scsi_dma_restart_bh(void *opaque) +{ + SCSIDevice *s = opaque; + SCSIRequest *req, *next; + + qemu_bh_delete(s->bh); + s->bh = NULL; + + QTAILQ_FOREACH_SAFE(req, &s->requests, next, next) { + scsi_req_ref(req); + if (req->retry) { + req->retry = false; + switch (req->cmd.mode) { + case SCSI_XFER_FROM_DEV: + case SCSI_XFER_TO_DEV: + scsi_req_continue(req); + break; + case SCSI_XFER_NONE: + scsi_req_dequeue(req); + scsi_req_enqueue(req); + break; + } + } + scsi_req_unref(req); + } +} + +void scsi_req_retry(SCSIRequest *req) +{ + /* No need to save a reference, because scsi_dma_restart_bh just + * looks at the request list. */ + req->retry = true; +} + +static void scsi_dma_restart_cb(void *opaque, int running, RunState state) +{ + SCSIDevice *s = opaque; + + if (!running) { + return; + } + if (!s->bh) { + s->bh = qemu_bh_new(scsi_dma_restart_bh, s); + qemu_bh_schedule(s->bh); + } +} + static int scsi_qdev_init(DeviceState *qdev, DeviceInfo *base) { SCSIDevice *dev = DO_UPCAST(SCSIDevice, qdev, qdev); SCSIDeviceInfo *info = DO_UPCAST(SCSIDeviceInfo, qdev, base); SCSIBus *bus = DO_UPCAST(SCSIBus, qbus, dev->qdev.parent_bus); + SCSIDevice *d; int rc = -1; - if (dev->id == -1) { - for (dev->id = 0; dev->id < bus->ndev; dev->id++) { - if (bus->devs[dev->id] == NULL) - break; - } + if (dev->channel > bus->info->max_channel) { + error_report("bad scsi channel id: %d", dev->channel); + goto err; } - if (dev->id >= bus->ndev) { + if (dev->id != -1 && dev->id > bus->info->max_target) { error_report("bad scsi device id: %d", dev->id); goto err; } - if (bus->devs[dev->id]) { - qdev_free(&bus->devs[dev->id]->qdev); + if (dev->id == -1) { + int id = -1; + if (dev->lun == -1) { + dev->lun = 0; + } + do { + d = scsi_device_find(bus, dev->channel, ++id, dev->lun); + } while (d && d->lun == dev->lun && id <= bus->info->max_target); + if (id > bus->info->max_target) { + error_report("no free target"); + goto err; + } + dev->id = id; + } else if (dev->lun == -1) { + int lun = -1; + do { + d = scsi_device_find(bus, dev->channel, dev->id, ++lun); + } while (d && d->lun == lun && lun < bus->info->max_lun); + if (lun > bus->info->max_lun) { + error_report("no free lun"); + goto err; + } + dev->lun = lun; + } else { + d = scsi_device_find(bus, dev->channel, dev->id, dev->lun); + if (dev->lun == d->lun && dev != d) { + qdev_free(&d->qdev); + } } - bus->devs[dev->id] = dev; dev->info = info; QTAILQ_INIT(&dev->requests); rc = dev->info->init(dev); - if (rc != 0) { - bus->devs[dev->id] = NULL; + if (rc == 0) { + dev->vmsentry = qemu_add_vm_change_state_handler(scsi_dma_restart_cb, + dev); } err: @@ -72,13 +143,13 @@ err: static int scsi_qdev_exit(DeviceState *qdev) { SCSIDevice *dev = DO_UPCAST(SCSIDevice, qdev, qdev); - SCSIBus *bus = DO_UPCAST(SCSIBus, qbus, dev->qdev.parent_bus); - assert(bus->devs[dev->id] != NULL); - if (bus->devs[dev->id]->info->destroy) { - bus->devs[dev->id]->info->destroy(bus->devs[dev->id]); + if (dev->vmsentry) { + qemu_del_vm_change_state_handler(dev->vmsentry); + } + if (dev->info->destroy) { + dev->info->destroy(dev); } - bus->devs[dev->id] = NULL; return 0; } @@ -120,7 +191,7 @@ int scsi_bus_legacy_handle_cmdline(SCSIBus *bus) int res = 0, unit; loc_push_none(&loc); - for (unit = 0; unit < bus->ndev; unit++) { + for (unit = 0; unit < bus->info->max_target; unit++) { dinfo = drive_get(IF_SCSI, bus->busnr, unit); if (dinfo == NULL) { continue; @@ -144,7 +215,7 @@ static int32_t scsi_invalid_command(SCSIRequest *req, uint8_t *buf) return 0; } -struct SCSIReqOps reqops_invalid_opcode = { +static const struct SCSIReqOps reqops_invalid_opcode = { .size = sizeof(SCSIRequest), .send_command = scsi_invalid_command }; @@ -162,7 +233,7 @@ static int32_t scsi_unit_attention(SCSIRequest *req, uint8_t *buf) return 0; } -struct SCSIReqOps reqops_unit_attention = { +static const struct SCSIReqOps reqops_unit_attention = { .size = sizeof(SCSIRequest), .send_command = scsi_unit_attention }; @@ -175,7 +246,7 @@ typedef struct SCSITargetReq SCSITargetReq; struct SCSITargetReq { SCSIRequest req; int len; - uint8_t buf[64]; + uint8_t buf[2056]; }; static void store_lun(uint8_t *outbuf, int lun) @@ -190,23 +261,53 @@ static void store_lun(uint8_t *outbuf, int lun) static bool scsi_target_emulate_report_luns(SCSITargetReq *r) { - int len; + DeviceState *qdev; + int i, len, n; + int channel, id; + bool found_lun0; + if (r->req.cmd.xfer < 16) { return false; } if (r->req.cmd.buf[2] > 2) { return false; } - len = MIN(sizeof r->buf, r->req.cmd.xfer); + channel = r->req.dev->channel; + id = r->req.dev->id; + found_lun0 = false; + n = 0; + QTAILQ_FOREACH(qdev, &r->req.bus->qbus.children, sibling) { + SCSIDevice *dev = DO_UPCAST(SCSIDevice, qdev, qdev); + + if (dev->channel == channel && dev->id == id) { + if (dev->lun == 0) { + found_lun0 = true; + } + n += 8; + } + } + if (!found_lun0) { + n += 8; + } + len = MIN(n + 8, r->req.cmd.xfer & ~7); + if (len > sizeof(r->buf)) { + /* TODO: > 256 LUNs? */ + return false; + } + memset(r->buf, 0, len); - if (r->req.dev->lun != 0) { - r->buf[3] = 16; - r->len = 24; - store_lun(&r->buf[16], r->req.dev->lun); - } else { - r->buf[3] = 8; - r->len = 16; + stl_be_p(&r->buf, n); + i = found_lun0 ? 8 : 16; + QTAILQ_FOREACH(qdev, &r->req.bus->qbus.children, sibling) { + SCSIDevice *dev = DO_UPCAST(SCSIDevice, qdev, qdev); + + if (dev->channel == channel && dev->id == id) { + store_lun(&r->buf[i], dev->lun); + i += 8; + } } + assert(i == n + 8); + r->len = len; return true; } @@ -265,7 +366,7 @@ static bool scsi_target_emulate_inquiry(SCSITargetReq *r) r->buf[2] = 5; /* Version */ r->buf[3] = 2 | 0x10; /* HiSup, response data format */ r->buf[4] = r->len - 5; /* Additional Length = (Len - 1) - 4 */ - r->buf[7] = 0x10 | (r->req.bus->tcq ? 0x02 : 0); /* Sync, TCQ. */ + r->buf[7] = 0x10 | (r->req.bus->info->tcq ? 0x02 : 0); /* Sync, TCQ. */ memcpy(&r->buf[8], "QEMU ", 8); memcpy(&r->buf[16], "QEMU TARGET ", 16); strncpy((char *) &r->buf[32], QEMU_VERSION, 4); @@ -295,6 +396,13 @@ static int32_t scsi_target_send_command(SCSIRequest *req, uint8_t *buf) r->len = scsi_device_get_sense(r->req.dev, r->buf, MIN(req->cmd.xfer, sizeof r->buf), (req->cmd.buf[1] & 1) == 0); + if (r->req.dev->sense_is_ua) { + if (r->req.dev->info->unit_attention_reported) { + r->req.dev->info->unit_attention_reported(req->dev); + } + r->req.dev->sense_len = 0; + r->req.dev->sense_is_ua = false; + } break; default: scsi_req_build_sense(req, SENSE_CODE(LUN_NOT_SUPPORTED)); @@ -333,7 +441,7 @@ static uint8_t *scsi_target_get_buf(SCSIRequest *req) return r->buf; } -struct SCSIReqOps reqops_target_command = { +static const struct SCSIReqOps reqops_target_command = { .size = sizeof(SCSITargetReq), .send_command = scsi_target_send_command, .read_data = scsi_target_read_data, @@ -341,8 +449,8 @@ struct SCSIReqOps reqops_target_command = { }; -SCSIRequest *scsi_req_alloc(SCSIReqOps *reqops, SCSIDevice *d, uint32_t tag, - uint32_t lun, void *hba_private) +SCSIRequest *scsi_req_alloc(const SCSIReqOps *reqops, SCSIDevice *d, + uint32_t tag, uint32_t lun, void *hba_private) { SCSIRequest *req; @@ -383,7 +491,13 @@ SCSIRequest *scsi_req_new(SCSIDevice *d, uint32_t tag, uint32_t lun, (buf[0] != INQUIRY && buf[0] != REPORT_LUNS && buf[0] != GET_CONFIGURATION && - buf[0] != GET_EVENT_STATUS_NOTIFICATION)) { + buf[0] != GET_EVENT_STATUS_NOTIFICATION && + + /* + * If we already have a pending unit attention condition, + * report this one before triggering another one. + */ + !(buf[0] == REQUEST_SENSE && d->sense_is_ua))) { req = scsi_req_alloc(&reqops_unit_attention, d, tag, lun, hba_private); } else if (lun != d->lun || @@ -392,7 +506,7 @@ SCSIRequest *scsi_req_new(SCSIDevice *d, uint32_t tag, uint32_t lun, req = scsi_req_alloc(&reqops_target_command, d, tag, lun, hba_private); } else { - req = d->info->alloc_req(d, tag, lun, hba_private); + req = d->info->alloc_req(d, tag, lun, buf, hba_private); } } @@ -479,10 +593,15 @@ int scsi_req_get_sense(SCSIRequest *req, uint8_t *buf, int len) * * We assume UA_INTLCK_CTRL to be 00b for HBAs that support autosense, and * 10b for HBAs that do not support it (do not call scsi_req_get_sense). - * In the latter case, scsi_req_complete clears unit attention conditions - * after moving them to the device's sense buffer. + * Here we handle unit attention clearing for UA_INTLCK_CTRL == 00b. */ - scsi_clear_unit_attention(req); + if (req->dev->sense_is_ua) { + if (req->dev->info->unit_attention_reported) { + req->dev->info->unit_attention_reported(req->dev); + } + req->dev->sense_len = 0; + req->dev->sense_is_ua = false; + } return ret; } @@ -522,6 +641,7 @@ int32_t scsi_req_enqueue(SCSIRequest *req) static void scsi_req_dequeue(SCSIRequest *req) { trace_scsi_req_dequeue(req->dev->id, req->lun, req->tag); + req->retry = false; if (req->enqueued) { QTAILQ_REMOVE(&req->dev->requests, req, next); req->enqueued = false; @@ -800,7 +920,7 @@ const struct SCSISense sense_code_SAVING_PARAMS_NOT_SUPPORTED = { }; /* Illegal request, Incompatible medium installed */ -const struct SCSISense sense_code_INCOMPATIBLE_MEDIUM = { +const struct SCSISense sense_code_INCOMPATIBLE_FORMAT = { .key = ILLEGAL_REQUEST, .asc = 0x30, .ascq = 0x00 }; @@ -829,6 +949,11 @@ const struct SCSISense sense_code_RESET = { .key = UNIT_ATTENTION, .asc = 0x29, .ascq = 0x00 }; +/* Unit attention, No medium */ +const struct SCSISense sense_code_UNIT_ATTENTION_NO_MEDIUM = { + .key = UNIT_ATTENTION, .asc = 0x3a, .ascq = 0x00 +}; + /* Unit attention, Medium may have changed */ const struct SCSISense sense_code_MEDIUM_CHANGED = { .key = UNIT_ATTENTION, .asc = 0x28, .ascq = 0x00 @@ -1038,8 +1163,12 @@ void scsi_req_continue(SCSIRequest *req) Once it completes, calling scsi_req_continue will restart I/O. */ void scsi_req_data(SCSIRequest *req, int len) { - trace_scsi_req_data(req->dev->id, req->lun, req->tag, len); - req->bus->ops->transfer_data(req, len); + if (req->io_canceled) { + trace_scsi_req_data_canceled(req->dev->id, req->lun, req->tag, len); + } else { + trace_scsi_req_data(req->dev->id, req->lun, req->tag, len); + req->bus->info->transfer_data(req, len); + } } void scsi_req_print(SCSIRequest *req) @@ -1082,8 +1211,12 @@ void scsi_req_complete(SCSIRequest *req, int status) if (req->sense_len) { memcpy(req->dev->sense, req->sense, req->sense_len); + req->dev->sense_len = req->sense_len; + req->dev->sense_is_ua = (req->ops == &reqops_unit_attention); + } else { + req->dev->sense_len = 0; + req->dev->sense_is_ua = false; } - req->dev->sense_len = req->sense_len; /* * Unit attention state is now stored in the device's sense buffer @@ -1094,29 +1227,40 @@ void scsi_req_complete(SCSIRequest *req, int status) scsi_req_ref(req); scsi_req_dequeue(req); - req->bus->ops->complete(req, req->status); + req->bus->info->complete(req, req->status); scsi_req_unref(req); } void scsi_req_cancel(SCSIRequest *req) { - if (req->ops->cancel_io) { - req->ops->cancel_io(req); + if (!req->enqueued) { + return; } scsi_req_ref(req); scsi_req_dequeue(req); - if (req->bus->ops->cancel) { - req->bus->ops->cancel(req); + req->io_canceled = true; + if (req->ops->cancel_io) { + req->ops->cancel_io(req); + } + if (req->bus->info->cancel) { + req->bus->info->cancel(req); } scsi_req_unref(req); } void scsi_req_abort(SCSIRequest *req, int status) { + if (!req->enqueued) { + return; + } + scsi_req_ref(req); + scsi_req_dequeue(req); + req->io_canceled = true; if (req->ops->cancel_io) { req->ops->cancel_io(req); } scsi_req_complete(req, status); + scsi_req_unref(req); } void scsi_device_purge_requests(SCSIDevice *sdev, SCSISense sense) @@ -1133,19 +1277,28 @@ void scsi_device_purge_requests(SCSIDevice *sdev, SCSISense sense) static char *scsibus_get_fw_dev_path(DeviceState *dev) { SCSIDevice *d = DO_UPCAST(SCSIDevice, qdev, dev); - SCSIBus *bus = scsi_bus_from_device(d); char path[100]; - int i; - for (i = 0; i < bus->ndev; i++) { - if (bus->devs[i] == d) { - break; - } - } + snprintf(path, sizeof(path), "%s@%d:%d:%d", qdev_fw_name(dev), + d->channel, d->id, d->lun); - assert(i != bus->ndev); + return strdup(path); +} - snprintf(path, sizeof(path), "%s@%x", qdev_fw_name(dev), i); +SCSIDevice *scsi_device_find(SCSIBus *bus, int channel, int id, int lun) +{ + DeviceState *qdev; + SCSIDevice *target_dev = NULL; - return strdup(path); + QTAILQ_FOREACH_REVERSE(qdev, &bus->qbus.children, ChildrenHead, sibling) { + SCSIDevice *dev = DO_UPCAST(SCSIDevice, qdev, qdev); + + if (dev->channel == channel && dev->id == id) { + if (dev->lun == lun) { + return dev; + } + target_dev = dev; + } + } + return target_dev; } diff --git a/hw/scsi-defs.h b/hw/scsi-defs.h index bfe93922d4..d0a467aab7 100644 --- a/hw/scsi-defs.h +++ b/hw/scsi-defs.h @@ -113,6 +113,7 @@ #define READ_12 0xa8 #define WRITE_12 0xaa #define SERVICE_ACTION_IN_12 0xab +#define READ_DVD_STRUCTURE 0xad #define WRITE_VERIFY_12 0xae #define VERIFY_12 0xaf #define SEARCH_HIGH_12 0xb0 @@ -122,6 +123,8 @@ #define SEND_VOLUME_TAG 0xb6 #define READ_DEFECT_DATA_12 0xb7 #define SET_CD_SPEED 0xbb +#define MECHANISM_STATUS 0xbd +#define READ_CD 0xbe /* * SERVICE ACTION IN subcodes @@ -188,3 +191,90 @@ #define TYPE_INACTIVE 0x20 #define TYPE_NO_LUN 0x7f +/* Mode page codes for mode sense/set */ +#define MODE_PAGE_R_W_ERROR 0x01 +#define MODE_PAGE_HD_GEOMETRY 0x04 +#define MODE_PAGE_FLEXIBLE_DISK_GEOMETRY 0x05 +#define MODE_PAGE_CACHING 0x08 +#define MODE_PAGE_AUDIO_CTL 0x0e +#define MODE_PAGE_POWER 0x1a +#define MODE_PAGE_FAULT_FAIL 0x1c +#define MODE_PAGE_TO_PROTECT 0x1d +#define MODE_PAGE_CAPABILITIES 0x2a +#define MODE_PAGE_ALLS 0x3f +/* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor + * of MODE_PAGE_SENSE_POWER */ +#define MODE_PAGE_CDROM 0x0d + +/* Event notification classes for GET EVENT STATUS NOTIFICATION */ +#define GESN_NO_EVENTS 0 +#define GESN_OPERATIONAL_CHANGE 1 +#define GESN_POWER_MANAGEMENT 2 +#define GESN_EXTERNAL_REQUEST 3 +#define GESN_MEDIA 4 +#define GESN_MULTIPLE_HOSTS 5 +#define GESN_DEVICE_BUSY 6 + +/* Event codes for MEDIA event status notification */ +#define MEC_NO_CHANGE 0 +#define MEC_EJECT_REQUESTED 1 +#define MEC_NEW_MEDIA 2 +#define MEC_MEDIA_REMOVAL 3 /* only for media changers */ +#define MEC_MEDIA_CHANGED 4 /* only for media changers */ +#define MEC_BG_FORMAT_COMPLETED 5 /* MRW or DVD+RW b/g format completed */ +#define MEC_BG_FORMAT_RESTARTED 6 /* MRW or DVD+RW b/g format restarted */ + +#define MS_TRAY_OPEN 1 +#define MS_MEDIA_PRESENT 2 + +/* + * Based on values from <linux/cdrom.h> but extending CD_MINS + * to the maximum common size allowed by the Orange's Book ATIP + * + * 90 and 99 min CDs are also available but using them as the + * upper limit reduces the effectiveness of the heuristic to + * detect DVDs burned to less than 25% of their maximum capacity + */ + +/* Some generally useful CD-ROM information */ +#define CD_MINS 80 /* max. minutes per CD */ +#define CD_SECS 60 /* seconds per minute */ +#define CD_FRAMES 75 /* frames per second */ +#define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */ +#define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE) +#define CD_MAX_SECTORS (CD_MAX_BYTES / 512) + +/* + * The MMC values are not IDE specific and might need to be moved + * to a common header if they are also needed for the SCSI emulation + */ + +/* Profile list from MMC-6 revision 1 table 91 */ +#define MMC_PROFILE_NONE 0x0000 +#define MMC_PROFILE_CD_ROM 0x0008 +#define MMC_PROFILE_CD_R 0x0009 +#define MMC_PROFILE_CD_RW 0x000A +#define MMC_PROFILE_DVD_ROM 0x0010 +#define MMC_PROFILE_DVD_R_SR 0x0011 +#define MMC_PROFILE_DVD_RAM 0x0012 +#define MMC_PROFILE_DVD_RW_RO 0x0013 +#define MMC_PROFILE_DVD_RW_SR 0x0014 +#define MMC_PROFILE_DVD_R_DL_SR 0x0015 +#define MMC_PROFILE_DVD_R_DL_JR 0x0016 +#define MMC_PROFILE_DVD_RW_DL 0x0017 +#define MMC_PROFILE_DVD_DDR 0x0018 +#define MMC_PROFILE_DVD_PLUS_RW 0x001A +#define MMC_PROFILE_DVD_PLUS_R 0x001B +#define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A +#define MMC_PROFILE_DVD_PLUS_R_DL 0x002B +#define MMC_PROFILE_BD_ROM 0x0040 +#define MMC_PROFILE_BD_R_SRM 0x0041 +#define MMC_PROFILE_BD_R_RRM 0x0042 +#define MMC_PROFILE_BD_RE 0x0043 +#define MMC_PROFILE_HDDVD_ROM 0x0050 +#define MMC_PROFILE_HDDVD_R 0x0051 +#define MMC_PROFILE_HDDVD_RAM 0x0052 +#define MMC_PROFILE_HDDVD_RW 0x0053 +#define MMC_PROFILE_HDDVD_R_DL 0x0058 +#define MMC_PROFILE_HDDVD_RW_DL 0x005A +#define MMC_PROFILE_INVALID 0xFFFF diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c index 69095780ac..1c04872af7 100644 --- a/hw/scsi-disk.c +++ b/hw/scsi-disk.c @@ -39,15 +39,13 @@ do { fprintf(stderr, "scsi-disk: " fmt , ## __VA_ARGS__); } while (0) #include "blockdev.h" #include "block_int.h" +#ifdef __linux +#include <scsi/sg.h> +#endif + #define SCSI_DMA_BUF_SIZE 131072 #define SCSI_MAX_INQUIRY_LEN 256 -#define SCSI_REQ_STATUS_RETRY 0x01 -#define SCSI_REQ_STATUS_RETRY_TYPE_MASK 0x06 -#define SCSI_REQ_STATUS_RETRY_READ 0x00 -#define SCSI_REQ_STATUS_RETRY_WRITE 0x02 -#define SCSI_REQ_STATUS_RETRY_FLUSH 0x04 - typedef struct SCSIDiskState SCSIDiskState; typedef struct SCSIDiskReq { @@ -58,19 +56,15 @@ typedef struct SCSIDiskReq { uint32_t buflen; struct iovec iov; QEMUIOVector qiov; - uint32_t status; BlockAcctCookie acct; } SCSIDiskReq; struct SCSIDiskState { SCSIDevice qdev; - BlockDriverState *bs; - /* The qemu block layer uses a fixed 512 byte sector size. - This is the number of 512 byte blocks in a single scsi sector. */ - int cluster_size; uint32_t removable; - uint64_t max_lba; + bool media_changed; + bool media_event; QEMUBH *bh; char *version; char *serial; @@ -78,8 +72,7 @@ struct SCSIDiskState bool tray_locked; }; -static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type); -static int scsi_disk_emulate_command(SCSIDiskReq *r); +static int scsi_handle_rw_error(SCSIDiskReq *r, int error); static void scsi_free_request(SCSIRequest *req) { @@ -107,6 +100,11 @@ static void scsi_cancel_io(SCSIRequest *req) DPRINTF("Cancel tag=0x%x\n", req->tag); if (r->req.aiocb) { bdrv_aio_cancel(r->req.aiocb); + + /* This reference was left in by scsi_*_data. We take ownership of + * it the moment scsi_req_cancel is called, independent of whether + * bdrv_aio_cancel completes the request or not. */ + scsi_req_unref(&r->req); } r->req.aiocb = NULL; } @@ -117,7 +115,7 @@ static uint32_t scsi_init_iovec(SCSIDiskReq *r) if (!r->iov.iov_base) { r->buflen = SCSI_DMA_BUF_SIZE; - r->iov.iov_base = qemu_blockalign(s->bs, r->buflen); + r->iov.iov_base = qemu_blockalign(s->qdev.conf.bs, r->buflen); } r->iov.iov_len = MIN(r->sector_count * 512, r->buflen); qemu_iovec_init_external(&r->qiov, &r->iov, 1); @@ -132,12 +130,12 @@ static void scsi_read_complete(void * opaque, int ret) if (r->req.aiocb != NULL) { r->req.aiocb = NULL; - bdrv_acct_done(s->bs, &r->acct); + bdrv_acct_done(s->qdev.conf.bs, &r->acct); } if (ret) { - if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_READ)) { - return; + if (scsi_handle_rw_error(r, -ret)) { + goto done; } } @@ -147,6 +145,11 @@ static void scsi_read_complete(void * opaque, int ret) r->sector += n; r->sector_count -= n; scsi_req_data(&r->req, r->qiov.size); + +done: + if (!r->req.io_canceled) { + scsi_req_unref(&r->req); + } } static void scsi_flush_complete(void * opaque, int ret) @@ -156,16 +159,21 @@ static void scsi_flush_complete(void * opaque, int ret) if (r->req.aiocb != NULL) { r->req.aiocb = NULL; - bdrv_acct_done(s->bs, &r->acct); + bdrv_acct_done(s->qdev.conf.bs, &r->acct); } if (ret < 0) { - if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_FLUSH)) { - return; + if (scsi_handle_rw_error(r, -ret)) { + goto done; } } scsi_req_complete(&r->req, GOOD); + +done: + if (!r->req.io_canceled) { + scsi_req_unref(&r->req); + } } /* Read more data from scsi device into buffer. */ @@ -191,6 +199,8 @@ static void scsi_read_data(SCSIRequest *req) /* No data transfer may already be in progress */ assert(r->req.aiocb == NULL); + /* The request is used as the AIO opaque value, so add a ref. */ + scsi_req_ref(&r->req); if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { DPRINTF("Data transfer direction invalid\n"); scsi_read_complete(r, -EINVAL); @@ -199,38 +209,48 @@ static void scsi_read_data(SCSIRequest *req) if (s->tray_open) { scsi_read_complete(r, -ENOMEDIUM); + return; } + n = scsi_init_iovec(r); - bdrv_acct_start(s->bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ); - r->req.aiocb = bdrv_aio_readv(s->bs, r->sector, &r->qiov, n, + bdrv_acct_start(s->qdev.conf.bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ); + r->req.aiocb = bdrv_aio_readv(s->qdev.conf.bs, r->sector, &r->qiov, n, scsi_read_complete, r); if (r->req.aiocb == NULL) { scsi_read_complete(r, -EIO); } } -static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type) +/* + * scsi_handle_rw_error has two return values. 0 means that the error + * must be ignored, 1 means that the error has been processed and the + * caller should not do anything else for this request. Note that + * scsi_handle_rw_error always manages its reference counts, independent + * of the return value. + */ +static int scsi_handle_rw_error(SCSIDiskReq *r, int error) { - int is_read = (type == SCSI_REQ_STATUS_RETRY_READ); + int is_read = (r->req.cmd.xfer == SCSI_XFER_FROM_DEV); SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev); - BlockErrorAction action = bdrv_get_on_error(s->bs, is_read); + BlockErrorAction action = bdrv_get_on_error(s->qdev.conf.bs, is_read); if (action == BLOCK_ERR_IGNORE) { - bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read); + bdrv_mon_event(s->qdev.conf.bs, BDRV_ACTION_IGNORE, is_read); return 0; } if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC) || action == BLOCK_ERR_STOP_ANY) { - type &= SCSI_REQ_STATUS_RETRY_TYPE_MASK; - r->status |= SCSI_REQ_STATUS_RETRY | type; - - bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read); + bdrv_mon_event(s->qdev.conf.bs, BDRV_ACTION_STOP, is_read); vm_stop(RUN_STATE_IO_ERROR); - bdrv_iostatus_set_err(s->bs, error); + bdrv_iostatus_set_err(s->qdev.conf.bs, error); + scsi_req_retry(&r->req); } else { switch (error) { + case ENOMEDIUM: + scsi_check_condition(r, SENSE_CODE(NO_MEDIUM)); + break; case ENOMEM: scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE)); break; @@ -241,7 +261,7 @@ static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type) scsi_check_condition(r, SENSE_CODE(IO_ERROR)); break; } - bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read); + bdrv_mon_event(s->qdev.conf.bs, BDRV_ACTION_REPORT, is_read); } return 1; } @@ -254,12 +274,12 @@ static void scsi_write_complete(void * opaque, int ret) if (r->req.aiocb != NULL) { r->req.aiocb = NULL; - bdrv_acct_done(s->bs, &r->acct); + bdrv_acct_done(s->qdev.conf.bs, &r->acct); } if (ret) { - if (scsi_handle_rw_error(r, -ret, SCSI_REQ_STATUS_RETRY_WRITE)) { - return; + if (scsi_handle_rw_error(r, -ret)) { + goto done; } } @@ -273,6 +293,11 @@ static void scsi_write_complete(void * opaque, int ret) DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, r->qiov.size); scsi_req_data(&r->req, r->qiov.size); } + +done: + if (!r->req.io_canceled) { + scsi_req_unref(&r->req); + } } static void scsi_write_data(SCSIRequest *req) @@ -284,6 +309,8 @@ static void scsi_write_data(SCSIRequest *req) /* No data transfer may already be in progress */ assert(r->req.aiocb == NULL); + /* The request is used as the AIO opaque value, so add a ref. */ + scsi_req_ref(&r->req); if (r->req.cmd.mode != SCSI_XFER_TO_DEV) { DPRINTF("Data transfer direction invalid\n"); scsi_write_complete(r, -EINVAL); @@ -294,9 +321,10 @@ static void scsi_write_data(SCSIRequest *req) if (n) { if (s->tray_open) { scsi_write_complete(r, -ENOMEDIUM); + return; } - bdrv_acct_start(s->bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_WRITE); - r->req.aiocb = bdrv_aio_writev(s->bs, r->sector, &r->qiov, n, + bdrv_acct_start(s->qdev.conf.bs, &r->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_WRITE); + r->req.aiocb = bdrv_aio_writev(s->qdev.conf.bs, r->sector, &r->qiov, n, scsi_write_complete, r); if (r->req.aiocb == NULL) { scsi_write_complete(r, -ENOMEM); @@ -307,54 +335,6 @@ static void scsi_write_data(SCSIRequest *req) } } -static void scsi_dma_restart_bh(void *opaque) -{ - SCSIDiskState *s = opaque; - SCSIRequest *req; - SCSIDiskReq *r; - - qemu_bh_delete(s->bh); - s->bh = NULL; - - QTAILQ_FOREACH(req, &s->qdev.requests, next) { - r = DO_UPCAST(SCSIDiskReq, req, req); - if (r->status & SCSI_REQ_STATUS_RETRY) { - int status = r->status; - int ret; - - r->status &= - ~(SCSI_REQ_STATUS_RETRY | SCSI_REQ_STATUS_RETRY_TYPE_MASK); - - switch (status & SCSI_REQ_STATUS_RETRY_TYPE_MASK) { - case SCSI_REQ_STATUS_RETRY_READ: - scsi_read_data(&r->req); - break; - case SCSI_REQ_STATUS_RETRY_WRITE: - scsi_write_data(&r->req); - break; - case SCSI_REQ_STATUS_RETRY_FLUSH: - ret = scsi_disk_emulate_command(r); - if (ret == 0) { - scsi_req_complete(&r->req, GOOD); - } - } - } - } -} - -static void scsi_dma_restart_cb(void *opaque, int running, RunState state) -{ - SCSIDiskState *s = opaque; - - if (!running) - return; - - if (!s->bh) { - s->bh = qemu_bh_new(scsi_dma_restart_bh, s); - qemu_bh_schedule(s->bh); - } -} - /* Return a pointer to the data buffer. */ static uint8_t *scsi_get_buf(SCSIRequest *req) { @@ -383,11 +363,7 @@ static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf) return -1; } - if (s->qdev.type == TYPE_ROM) { - outbuf[buflen++] = 5; - } else { - outbuf[buflen++] = 0; - } + outbuf[buflen++] = s->qdev.type & 0x1f; outbuf[buflen++] = page_code ; // this page outbuf[buflen++] = 0x00; @@ -399,8 +375,9 @@ static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf) "buffer size %zd\n", req->cmd.xfer); pages = buflen++; outbuf[buflen++] = 0x00; // list of supported pages (this page) - if (s->serial) + if (s->serial) { outbuf[buflen++] = 0x80; // unit serial number + } outbuf[buflen++] = 0x83; // device identification if (s->qdev.type == TYPE_DISK) { outbuf[buflen++] = 0xb0; // block limits @@ -419,10 +396,12 @@ static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf) } l = strlen(s->serial); - if (l > req->cmd.xfer) + if (l > req->cmd.xfer) { l = req->cmd.xfer; - if (l > 20) + } + if (l > 20) { l = 20; + } DPRINTF("Inquiry EVPD[Serial number] " "buffer size %zd\n", req->cmd.xfer); @@ -435,10 +414,11 @@ static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf) case 0x83: /* Device identification page, mandatory */ { int max_len = 255 - 8; - int id_len = strlen(bdrv_get_device_name(s->bs)); + int id_len = strlen(bdrv_get_device_name(s->qdev.conf.bs)); - if (id_len > max_len) + if (id_len > max_len) { id_len = max_len; + } DPRINTF("Inquiry EVPD[Device identification] " "buffer size %zd\n", req->cmd.xfer); @@ -448,7 +428,7 @@ static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf) outbuf[buflen++] = 0; // reserved outbuf[buflen++] = id_len; // length of data following - memcpy(outbuf+buflen, bdrv_get_device_name(s->bs), id_len); + memcpy(outbuf+buflen, bdrv_get_device_name(s->qdev.conf.bs), id_len); buflen += id_len; break; } @@ -521,17 +501,16 @@ static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf) } buflen = req->cmd.xfer; - if (buflen > SCSI_MAX_INQUIRY_LEN) + if (buflen > SCSI_MAX_INQUIRY_LEN) { buflen = SCSI_MAX_INQUIRY_LEN; - + } memset(outbuf, 0, buflen); outbuf[0] = s->qdev.type & 0x1f; + outbuf[1] = s->removable ? 0x80 : 0; if (s->qdev.type == TYPE_ROM) { - outbuf[1] = 0x80; memcpy(&outbuf[16], "QEMU CD-ROM ", 16); } else { - outbuf[1] = s->removable ? 0x80 : 0; memcpy(&outbuf[16], "QEMU HARDDISK ", 16); } memcpy(&outbuf[8], "QEMU ", 8); @@ -555,17 +534,250 @@ static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf) } /* Sync data transfer and TCQ. */ - outbuf[7] = 0x10 | (req->bus->tcq ? 0x02 : 0); + outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0); return buflen; } +static inline bool media_is_dvd(SCSIDiskState *s) +{ + uint64_t nb_sectors; + if (s->qdev.type != TYPE_ROM) { + return false; + } + if (!bdrv_is_inserted(s->qdev.conf.bs)) { + return false; + } + bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); + return nb_sectors > CD_MAX_SECTORS; +} + +static inline bool media_is_cd(SCSIDiskState *s) +{ + uint64_t nb_sectors; + if (s->qdev.type != TYPE_ROM) { + return false; + } + if (!bdrv_is_inserted(s->qdev.conf.bs)) { + return false; + } + bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); + return nb_sectors <= CD_MAX_SECTORS; +} + +static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r, + uint8_t *outbuf) +{ + static const int rds_caps_size[5] = { + [0] = 2048 + 4, + [1] = 4 + 4, + [3] = 188 + 4, + [4] = 2048 + 4, + }; + + uint8_t media = r->req.cmd.buf[1]; + uint8_t layer = r->req.cmd.buf[6]; + uint8_t format = r->req.cmd.buf[7]; + int size = -1; + + if (s->qdev.type != TYPE_ROM) { + return -1; + } + if (media != 0) { + scsi_check_condition(r, SENSE_CODE(INVALID_FIELD)); + return -1; + } + + if (format != 0xff) { + if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) { + scsi_check_condition(r, SENSE_CODE(NO_MEDIUM)); + return -1; + } + if (media_is_cd(s)) { + scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT)); + return -1; + } + if (format >= ARRAY_SIZE(rds_caps_size)) { + return -1; + } + size = rds_caps_size[format]; + memset(outbuf, 0, size); + } + + switch (format) { + case 0x00: { + /* Physical format information */ + uint64_t nb_sectors; + if (layer != 0) { + goto fail; + } + bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); + + outbuf[4] = 1; /* DVD-ROM, part version 1 */ + outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */ + outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */ + outbuf[7] = 0; /* default densities */ + + stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */ + stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */ + break; + } + + case 0x01: /* DVD copyright information, all zeros */ + break; + + case 0x03: /* BCA information - invalid field for no BCA info */ + return -1; + + case 0x04: /* DVD disc manufacturing information, all zeros */ + break; + + case 0xff: { /* List capabilities */ + int i; + size = 4; + for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) { + if (!rds_caps_size[i]) { + continue; + } + outbuf[size] = i; + outbuf[size + 1] = 0x40; /* Not writable, readable */ + stw_be_p(&outbuf[size + 2], rds_caps_size[i]); + size += 4; + } + break; + } + + default: + return -1; + } + + /* Size of buffer, not including 2 byte size field */ + stw_be_p(outbuf, size - 2); + return size; + +fail: + return -1; +} + +static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf) +{ + uint8_t event_code, media_status; + + media_status = 0; + if (s->tray_open) { + media_status = MS_TRAY_OPEN; + } else if (bdrv_is_inserted(s->qdev.conf.bs)) { + media_status = MS_MEDIA_PRESENT; + } + + /* Event notification descriptor */ + event_code = MEC_NO_CHANGE; + if (media_status != MS_TRAY_OPEN && s->media_event) { + event_code = MEC_NEW_MEDIA; + s->media_event = false; + } + + outbuf[0] = event_code; + outbuf[1] = media_status; + + /* These fields are reserved, just clear them. */ + outbuf[2] = 0; + outbuf[3] = 0; + return 4; +} + +static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r, + uint8_t *outbuf) +{ + int size; + uint8_t *buf = r->req.cmd.buf; + uint8_t notification_class_request = buf[4]; + if (s->qdev.type != TYPE_ROM) { + return -1; + } + if ((buf[1] & 1) == 0) { + /* asynchronous */ + return -1; + } + + size = 4; + outbuf[0] = outbuf[1] = 0; + outbuf[3] = 1 << GESN_MEDIA; /* supported events */ + if (notification_class_request & (1 << GESN_MEDIA)) { + outbuf[2] = GESN_MEDIA; + size += scsi_event_status_media(s, &outbuf[size]); + } else { + outbuf[2] = 0x80; + } + stw_be_p(outbuf, size - 4); + return size; +} + +static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf) +{ + int current; + + if (s->qdev.type != TYPE_ROM) { + return -1; + } + current = media_is_dvd(s) ? MMC_PROFILE_DVD_ROM : MMC_PROFILE_CD_ROM; + memset(outbuf, 0, 40); + stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */ + stw_be_p(&outbuf[6], current); + /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */ + outbuf[10] = 0x03; /* persistent, current */ + outbuf[11] = 8; /* two profiles */ + stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM); + outbuf[14] = (current == MMC_PROFILE_DVD_ROM); + stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM); + outbuf[18] = (current == MMC_PROFILE_CD_ROM); + /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */ + stw_be_p(&outbuf[20], 1); + outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */ + outbuf[23] = 8; + stl_be_p(&outbuf[24], 1); /* SCSI */ + outbuf[28] = 1; /* DBE = 1, mandatory */ + /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */ + stw_be_p(&outbuf[32], 3); + outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */ + outbuf[35] = 4; + outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */ + /* TODO: Random readable, CD read, DVD read, drive serial number, + power management */ + return 40; +} + +static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf) +{ + if (s->qdev.type != TYPE_ROM) { + return -1; + } + memset(outbuf, 0, 8); + outbuf[5] = 1; /* CD-ROM */ + return 8; +} + static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf, int page_control) { - BlockDriverState *bdrv = s->bs; + static const int mode_sense_valid[0x3f] = { + [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK), + [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK), + [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM), + [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM), + [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM), + [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM), + }; + + BlockDriverState *bdrv = s->qdev.conf.bs; int cylinders, heads, secs; uint8_t *p = *p_outbuf; + if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) { + return -1; + } + + p[0] = page; + /* * If Changeable Values are requested, a mask denoting those mode parameters * that are changeable shall be returned. As we currently don't support @@ -573,11 +785,7 @@ static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf, * The buffer was already menset to zero by the caller of this function. */ switch (page) { - case 4: /* Rigid disk device geometry page. */ - if (s->qdev.type == TYPE_ROM) { - return -1; - } - p[0] = 4; + case MODE_PAGE_HD_GEOMETRY: p[1] = 0x16; if (page_control == 1) { /* Changeable Values */ break; @@ -608,11 +816,7 @@ static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf, p[21] = 5400 & 0xff; break; - case 5: /* Flexible disk device geometry page. */ - if (s->qdev.type == TYPE_ROM) { - return -1; - } - p[0] = 5; + case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY: p[1] = 0x1e; if (page_control == 1) { /* Changeable Values */ break; @@ -624,7 +828,7 @@ static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf, bdrv_get_geometry_hint(bdrv, &cylinders, &heads, &secs); p[4] = heads & 0xff; p[5] = secs & 0xff; - p[6] = s->cluster_size * 2; + p[6] = s->qdev.blocksize >> 8; p[8] = (cylinders >> 8) & 0xff; p[9] = cylinders & 0xff; /* Write precomp start cylinder, disabled */ @@ -650,28 +854,37 @@ static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf, p[29] = 5400 & 0xff; break; - case 8: /* Caching page. */ + case MODE_PAGE_CACHING: p[0] = 8; p[1] = 0x12; if (page_control == 1) { /* Changeable Values */ break; } - if (bdrv_enable_write_cache(s->bs)) { + if (bdrv_enable_write_cache(s->qdev.conf.bs)) { p[2] = 4; /* WCE */ } break; - case 0x2a: /* CD Capabilities and Mechanical Status page. */ - if (s->qdev.type != TYPE_ROM) { - return -1; + case MODE_PAGE_R_W_ERROR: + p[1] = 10; + p[2] = 0x80; /* Automatic Write Reallocation Enabled */ + if (s->qdev.type == TYPE_ROM) { + p[3] = 0x20; /* Read Retry Count */ } - p[0] = 0x2a; + break; + + case MODE_PAGE_AUDIO_CTL: + p[1] = 14; + break; + + case MODE_PAGE_CAPABILITIES: p[1] = 0x14; if (page_control == 1) { /* Changeable Values */ break; } - p[2] = 3; // CD-R & CD-RW read - p[3] = 0; // Writing not supported + + p[2] = 0x3b; /* CD-R & CD-RW read */ + p[3] = 0; /* Writing not supported */ p[4] = 0x7f; /* Audio, composite, digital out, mode 2 form 1&2, multi session */ p[5] = 0xff; /* CD DA, DA accurate, RW supported, @@ -681,17 +894,17 @@ static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf, /* Locking supported, jumper present, eject, tray */ p[7] = 0; /* no volume & mute control, no changer */ - p[8] = (50 * 176) >> 8; // 50x read speed + p[8] = (50 * 176) >> 8; /* 50x read speed */ p[9] = (50 * 176) & 0xff; - p[10] = 0 >> 8; // No volume - p[11] = 0 & 0xff; - p[12] = 2048 >> 8; // 2M buffer + p[10] = 2 >> 8; /* Two volume levels */ + p[11] = 2 & 0xff; + p[12] = 2048 >> 8; /* 2M buffer */ p[13] = 2048 & 0xff; - p[14] = (16 * 176) >> 8; // 16x read speed current + p[14] = (16 * 176) >> 8; /* 16x read speed current */ p[15] = (16 * 176) & 0xff; - p[18] = (16 * 176) >> 8; // 16x write speed + p[18] = (16 * 176) >> 8; /* 16x write speed */ p[19] = (16 * 176) & 0xff; - p[20] = (16 * 176) >> 8; // 16x write speed current + p[20] = (16 * 176) >> 8; /* 16x write speed current */ p[21] = (16 * 176) & 0xff; break; @@ -719,7 +932,7 @@ static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf) memset(outbuf, 0, r->req.cmd.xfer); p = outbuf; - if (bdrv_is_read_only(s->bs)) { + if (bdrv_is_read_only(s->qdev.conf.bs)) { dev_specific_param = 0x80; /* Readonly. */ } else { dev_specific_param = 0x00; @@ -737,23 +950,24 @@ static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf) p += 8; } - bdrv_get_geometry(s->bs, &nb_sectors); + bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); if (!dbd && nb_sectors) { if (r->req.cmd.buf[0] == MODE_SENSE) { outbuf[3] = 8; /* Block descriptor length */ } else { /* MODE_SENSE_10 */ outbuf[7] = 8; /* Block descriptor length */ } - nb_sectors /= s->cluster_size; - if (nb_sectors > 0xffffff) + nb_sectors /= (s->qdev.blocksize / 512); + if (nb_sectors > 0xffffff) { nb_sectors = 0; + } p[0] = 0; /* media density code */ p[1] = (nb_sectors >> 16) & 0xff; p[2] = (nb_sectors >> 8) & 0xff; p[3] = nb_sectors & 0xff; p[4] = 0; /* reserved */ p[5] = 0; /* bytes 5-7 are the sector size in bytes */ - p[6] = s->cluster_size * 2; + p[6] = s->qdev.blocksize >> 8; p[7] = 0; p += 8; } @@ -787,8 +1001,9 @@ static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf) outbuf[0] = ((buflen - 2) >> 8) & 0xff; outbuf[1] = (buflen - 2) & 0xff; } - if (buflen > r->req.cmd.xfer) + if (buflen > r->req.cmd.xfer) { buflen = r->req.cmd.xfer; + } return buflen; } @@ -801,9 +1016,9 @@ static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf) msf = req->cmd.buf[1] & 2; format = req->cmd.buf[2] & 0xf; start_track = req->cmd.buf[6]; - bdrv_get_geometry(s->bs, &nb_sectors); + bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1); - nb_sectors /= s->cluster_size; + nb_sectors /= s->qdev.blocksize / 512; switch (format) { case 0: toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track); @@ -822,8 +1037,9 @@ static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf) default: return -1; } - if (toclen > req->cmd.xfer) + if (toclen > req->cmd.xfer) { toclen = req->cmd.xfer; + } return toclen; } @@ -837,12 +1053,12 @@ static int scsi_disk_emulate_start_stop(SCSIDiskReq *r) if (s->qdev.type == TYPE_ROM && loej) { if (!start && !s->tray_open && s->tray_locked) { scsi_check_condition(r, - bdrv_is_inserted(s->bs) + bdrv_is_inserted(s->qdev.conf.bs) ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED) : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED)); return -1; } - bdrv_eject(s->bs, !start); + bdrv_eject(s->qdev.conf.bs, !start); s->tray_open = !start; } return 0; @@ -869,46 +1085,54 @@ static int scsi_disk_emulate_command(SCSIDiskReq *r) goto illegal_request; } r->buflen = MAX(4096, req->cmd.xfer); - r->iov.iov_base = qemu_blockalign(s->bs, r->buflen); + r->iov.iov_base = qemu_blockalign(s->qdev.conf.bs, r->buflen); } outbuf = r->iov.iov_base; switch (req->cmd.buf[0]) { case TEST_UNIT_READY: - if (s->tray_open || !bdrv_is_inserted(s->bs)) + if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) { goto not_ready; + } break; case INQUIRY: buflen = scsi_disk_emulate_inquiry(req, outbuf); - if (buflen < 0) + if (buflen < 0) { goto illegal_request; + } break; case MODE_SENSE: case MODE_SENSE_10: buflen = scsi_disk_emulate_mode_sense(r, outbuf); - if (buflen < 0) + if (buflen < 0) { goto illegal_request; + } break; case READ_TOC: buflen = scsi_disk_emulate_read_toc(req, outbuf); - if (buflen < 0) + if (buflen < 0) { goto illegal_request; + } break; case RESERVE: - if (req->cmd.buf[1] & 1) + if (req->cmd.buf[1] & 1) { goto illegal_request; + } break; case RESERVE_10: - if (req->cmd.buf[1] & 3) + if (req->cmd.buf[1] & 3) { goto illegal_request; + } break; case RELEASE: - if (req->cmd.buf[1] & 1) + if (req->cmd.buf[1] & 1) { goto illegal_request; + } break; case RELEASE_10: - if (req->cmd.buf[1] & 3) + if (req->cmd.buf[1] & 3) { goto illegal_request; + } break; case START_STOP: if (scsi_disk_emulate_start_stop(r) < 0) { @@ -917,52 +1141,78 @@ static int scsi_disk_emulate_command(SCSIDiskReq *r) break; case ALLOW_MEDIUM_REMOVAL: s->tray_locked = req->cmd.buf[4] & 1; - bdrv_lock_medium(s->bs, req->cmd.buf[4] & 1); + bdrv_lock_medium(s->qdev.conf.bs, req->cmd.buf[4] & 1); break; case READ_CAPACITY_10: /* The normal LEN field for this command is zero. */ memset(outbuf, 0, 8); - bdrv_get_geometry(s->bs, &nb_sectors); - if (!nb_sectors) + bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); + if (!nb_sectors) { goto not_ready; - nb_sectors /= s->cluster_size; + } + if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) { + goto illegal_request; + } + nb_sectors /= s->qdev.blocksize / 512; /* Returned value is the address of the last sector. */ nb_sectors--; /* Remember the new size for read/write sanity checking. */ - s->max_lba = nb_sectors; + s->qdev.max_lba = nb_sectors; /* Clip to 2TB, instead of returning capacity modulo 2TB. */ - if (nb_sectors > UINT32_MAX) + if (nb_sectors > UINT32_MAX) { nb_sectors = UINT32_MAX; + } outbuf[0] = (nb_sectors >> 24) & 0xff; outbuf[1] = (nb_sectors >> 16) & 0xff; outbuf[2] = (nb_sectors >> 8) & 0xff; outbuf[3] = nb_sectors & 0xff; outbuf[4] = 0; outbuf[5] = 0; - outbuf[6] = s->cluster_size * 2; + outbuf[6] = s->qdev.blocksize >> 8; outbuf[7] = 0; buflen = 8; break; + case MECHANISM_STATUS: + buflen = scsi_emulate_mechanism_status(s, outbuf); + if (buflen < 0) { + goto illegal_request; + } + break; case GET_CONFIGURATION: - memset(outbuf, 0, 8); - /* ??? This should probably return much more information. For now - just return the basic header indicating the CD-ROM profile. */ - outbuf[7] = 8; // CD-ROM - buflen = 8; + buflen = scsi_get_configuration(s, outbuf); + if (buflen < 0) { + goto illegal_request; + } + break; + case GET_EVENT_STATUS_NOTIFICATION: + buflen = scsi_get_event_status_notification(s, r, outbuf); + if (buflen < 0) { + goto illegal_request; + } + break; + case READ_DVD_STRUCTURE: + buflen = scsi_read_dvd_structure(s, r, outbuf); + if (buflen < 0) { + goto illegal_request; + } break; case SERVICE_ACTION_IN_16: /* Service Action In subcommands. */ if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) { DPRINTF("SAI READ CAPACITY(16)\n"); memset(outbuf, 0, req->cmd.xfer); - bdrv_get_geometry(s->bs, &nb_sectors); - if (!nb_sectors) + bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); + if (!nb_sectors) { goto not_ready; - nb_sectors /= s->cluster_size; + } + if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) { + goto illegal_request; + } + nb_sectors /= s->qdev.blocksize / 512; /* Returned value is the address of the last sector. */ nb_sectors--; /* Remember the new size for read/write sanity checking. */ - s->max_lba = nb_sectors; + s->qdev.max_lba = nb_sectors; outbuf[0] = (nb_sectors >> 56) & 0xff; outbuf[1] = (nb_sectors >> 48) & 0xff; outbuf[2] = (nb_sectors >> 40) & 0xff; @@ -973,7 +1223,7 @@ static int scsi_disk_emulate_command(SCSIDiskReq *r) outbuf[7] = nb_sectors & 0xff; outbuf[8] = 0; outbuf[9] = 0; - outbuf[10] = s->cluster_size * 2; + outbuf[10] = s->qdev.blocksize >> 8; outbuf[11] = 0; outbuf[12] = 0; outbuf[13] = get_physical_block_exp(&s->qdev.conf); @@ -998,7 +1248,7 @@ static int scsi_disk_emulate_command(SCSIDiskReq *r) return buflen; not_ready: - if (s->tray_open || !bdrv_is_inserted(s->bs)) { + if (s->tray_open || !bdrv_is_inserted(s->qdev.conf.bs)) { scsi_check_condition(r, SENSE_CODE(NO_MEDIUM)); } else { scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY)); @@ -1051,7 +1301,10 @@ static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf) case ALLOW_MEDIUM_REMOVAL: case READ_CAPACITY_10: case READ_TOC: + case READ_DVD_STRUCTURE: case GET_CONFIGURATION: + case GET_EVENT_STATUS_NOTIFICATION: + case MECHANISM_STATUS: case SERVICE_ACTION_IN_16: case VERIFY_10: rc = scsi_disk_emulate_command(r); @@ -1062,8 +1315,10 @@ static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf) r->iov.iov_len = rc; break; case SYNCHRONIZE_CACHE: - bdrv_acct_start(s->bs, &r->acct, 0, BDRV_ACCT_FLUSH); - r->req.aiocb = bdrv_aio_flush(s->bs, scsi_flush_complete, r); + /* The request is used as the AIO opaque value, so add a ref. */ + scsi_req_ref(&r->req); + bdrv_acct_start(s->qdev.conf.bs, &r->acct, 0, BDRV_ACCT_FLUSH); + r->req.aiocb = bdrv_aio_flush(s->qdev.conf.bs, scsi_flush_complete, r); if (r->req.aiocb == NULL) { scsi_flush_complete(r, -EIO); } @@ -1074,10 +1329,11 @@ static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf) case READ_16: len = r->req.cmd.xfer / s->qdev.blocksize; DPRINTF("Read (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len); - if (r->req.cmd.lba > s->max_lba) + if (r->req.cmd.lba > s->qdev.max_lba) { goto illegal_lba; - r->sector = r->req.cmd.lba * s->cluster_size; - r->sector_count = len * s->cluster_size; + } + r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512); + r->sector_count = len * (s->qdev.blocksize / 512); break; case WRITE_6: case WRITE_10: @@ -1090,10 +1346,11 @@ static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf) DPRINTF("Write %s(sector %" PRId64 ", count %d)\n", (command & 0xe) == 0xe ? "And Verify " : "", r->req.cmd.lba, len); - if (r->req.cmd.lba > s->max_lba) + if (r->req.cmd.lba > s->qdev.max_lba) { goto illegal_lba; - r->sector = r->req.cmd.lba * s->cluster_size; - r->sector_count = len * s->cluster_size; + } + r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512); + r->sector_count = len * (s->qdev.blocksize / 512); break; case MODE_SELECT: DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer); @@ -1115,7 +1372,7 @@ static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf) case SEEK_10: DPRINTF("Seek(%d) (sector %" PRId64 ")\n", command == SEEK_6 ? 6 : 10, r->req.cmd.lba); - if (r->req.cmd.lba > s->max_lba) { + if (r->req.cmd.lba > s->qdev.max_lba) { goto illegal_lba; } break; @@ -1125,7 +1382,7 @@ static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf) DPRINTF("WRITE SAME(16) (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len); - if (r->req.cmd.lba > s->max_lba) { + if (r->req.cmd.lba > s->qdev.max_lba) { goto illegal_lba; } @@ -1136,8 +1393,9 @@ static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf) goto fail; } - rc = bdrv_discard(s->bs, r->req.cmd.lba * s->cluster_size, - len * s->cluster_size); + rc = bdrv_discard(s->qdev.conf.bs, + r->req.cmd.lba * (s->qdev.blocksize / 512), + len * (s->qdev.blocksize / 512)); if (rc < 0) { /* XXX: better error code ?*/ goto fail; @@ -1164,8 +1422,9 @@ static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf) if (r->req.cmd.mode == SCSI_XFER_TO_DEV) { return -len; } else { - if (!r->sector_count) + if (!r->sector_count) { r->sector_count = -1; + } return len; } } @@ -1177,12 +1436,12 @@ static void scsi_disk_reset(DeviceState *dev) scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET)); - bdrv_get_geometry(s->bs, &nb_sectors); - nb_sectors /= s->cluster_size; + bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors); + nb_sectors /= s->qdev.blocksize / 512; if (nb_sectors) { nb_sectors--; } - s->max_lba = nb_sectors; + s->qdev.max_lba = nb_sectors; } static void scsi_destroy(SCSIDevice *dev) @@ -1195,7 +1454,22 @@ static void scsi_destroy(SCSIDevice *dev) static void scsi_cd_change_media_cb(void *opaque, bool load) { - ((SCSIDiskState *)opaque)->tray_open = !load; + SCSIDiskState *s = opaque; + + /* + * When a CD gets changed, we have to report an ejected state and + * then a loaded state to guests so that they detect tray + * open/close and media change events. Guests that do not use + * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close + * states rely on this behavior. + * + * media_changed governs the state machine used for unit attention + * report. media_event is used by GET EVENT STATUS NOTIFICATION. + */ + s->media_changed = load; + s->tray_open = !load; + s->qdev.unit_attention = SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM); + s->media_event = true; } static bool scsi_cd_is_tray_open(void *opaque) @@ -1214,7 +1488,16 @@ static const BlockDevOps scsi_cd_block_ops = { .is_medium_locked = scsi_cd_is_medium_locked, }; -static int scsi_initfn(SCSIDevice *dev, uint8_t scsi_type) +static void scsi_disk_unit_attention_reported(SCSIDevice *dev) +{ + SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); + if (s->media_changed) { + s->media_changed = false; + s->qdev.unit_attention = SENSE_CODE(MEDIUM_CHANGED); + } +} + +static int scsi_initfn(SCSIDevice *dev) { SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); DriveInfo *dinfo; @@ -1223,16 +1506,15 @@ static int scsi_initfn(SCSIDevice *dev, uint8_t scsi_type) error_report("scsi-disk: drive property not set"); return -1; } - s->bs = s->qdev.conf.bs; - if (scsi_type == TYPE_DISK && !bdrv_is_inserted(s->bs)) { + if (!s->removable && !bdrv_is_inserted(s->qdev.conf.bs)) { error_report("Device needs media, but drive is empty"); return -1; } if (!s->serial) { /* try to fall back to value set with legacy -drive serial=... */ - dinfo = drive_get_by_blockdev(s->bs); + dinfo = drive_get_by_blockdev(s->qdev.conf.bs); if (*dinfo->serial) { s->serial = g_strdup(dinfo->serial); } @@ -1242,56 +1524,55 @@ static int scsi_initfn(SCSIDevice *dev, uint8_t scsi_type) s->version = g_strdup(QEMU_VERSION); } - if (bdrv_is_sg(s->bs)) { + if (bdrv_is_sg(s->qdev.conf.bs)) { error_report("scsi-disk: unwanted /dev/sg*"); return -1; } - if (scsi_type == TYPE_ROM) { - bdrv_set_dev_ops(s->bs, &scsi_cd_block_ops, s); - s->qdev.blocksize = 2048; - } else if (scsi_type == TYPE_DISK) { - s->qdev.blocksize = s->qdev.conf.logical_block_size; - } else { - error_report("scsi-disk: Unhandled SCSI type %02x", scsi_type); - return -1; + if (s->removable) { + bdrv_set_dev_ops(s->qdev.conf.bs, &scsi_cd_block_ops, s); } - s->cluster_size = s->qdev.blocksize / 512; - bdrv_set_buffer_alignment(s->bs, s->qdev.blocksize); + bdrv_set_buffer_alignment(s->qdev.conf.bs, s->qdev.blocksize); - s->qdev.type = scsi_type; - qemu_add_vm_change_state_handler(scsi_dma_restart_cb, s); - bdrv_iostatus_enable(s->bs); + bdrv_iostatus_enable(s->qdev.conf.bs); add_boot_device_path(s->qdev.conf.bootindex, &dev->qdev, ",0"); return 0; } static int scsi_hd_initfn(SCSIDevice *dev) { - return scsi_initfn(dev, TYPE_DISK); + SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); + s->qdev.blocksize = s->qdev.conf.logical_block_size; + s->qdev.type = TYPE_DISK; + return scsi_initfn(&s->qdev); } static int scsi_cd_initfn(SCSIDevice *dev) { - return scsi_initfn(dev, TYPE_ROM); + SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); + s->qdev.blocksize = 2048; + s->qdev.type = TYPE_ROM; + s->removable = true; + return scsi_initfn(&s->qdev); } static int scsi_disk_initfn(SCSIDevice *dev) { DriveInfo *dinfo; - uint8_t scsi_type; if (!dev->conf.bs) { - scsi_type = TYPE_DISK; /* will die in scsi_initfn() */ - } else { - dinfo = drive_get_by_blockdev(dev->conf.bs); - scsi_type = dinfo->media_cd ? TYPE_ROM : TYPE_DISK; + return scsi_initfn(dev); /* ... and die there */ } - return scsi_initfn(dev, scsi_type); + dinfo = drive_get_by_blockdev(dev->conf.bs); + if (dinfo->media_cd) { + return scsi_cd_initfn(dev); + } else { + return scsi_hd_initfn(dev); + } } -static SCSIReqOps scsi_disk_reqops = { +static const SCSIReqOps scsi_disk_reqops = { .size = sizeof(SCSIDiskReq), .free_req = scsi_free_request, .send_command = scsi_send_command, @@ -1301,8 +1582,8 @@ static SCSIReqOps scsi_disk_reqops = { .get_buf = scsi_get_buf, }; -static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, - uint32_t lun, void *hba_private) +static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun, + uint8_t *buf, void *hba_private) { SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d); SCSIRequest *req; @@ -1311,6 +1592,105 @@ static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, return req; } +#ifdef __linux__ +static int get_device_type(SCSIDiskState *s) +{ + BlockDriverState *bdrv = s->qdev.conf.bs; + uint8_t cmd[16]; + uint8_t buf[36]; + uint8_t sensebuf[8]; + sg_io_hdr_t io_header; + int ret; + + memset(cmd, 0, sizeof(cmd)); + memset(buf, 0, sizeof(buf)); + cmd[0] = INQUIRY; + cmd[4] = sizeof(buf); + + memset(&io_header, 0, sizeof(io_header)); + io_header.interface_id = 'S'; + io_header.dxfer_direction = SG_DXFER_FROM_DEV; + io_header.dxfer_len = sizeof(buf); + io_header.dxferp = buf; + io_header.cmdp = cmd; + io_header.cmd_len = sizeof(cmd); + io_header.mx_sb_len = sizeof(sensebuf); + io_header.sbp = sensebuf; + io_header.timeout = 6000; /* XXX */ + + ret = bdrv_ioctl(bdrv, SG_IO, &io_header); + if (ret < 0 || io_header.driver_status || io_header.host_status) { + return -1; + } + s->qdev.type = buf[0]; + s->removable = (buf[1] & 0x80) != 0; + return 0; +} + +static int scsi_block_initfn(SCSIDevice *dev) +{ + SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev); + int sg_version; + int rc; + + if (!s->qdev.conf.bs) { + error_report("scsi-block: drive property not set"); + return -1; + } + + /* check we are using a driver managing SG_IO (version 3 and after) */ + if (bdrv_ioctl(s->qdev.conf.bs, SG_GET_VERSION_NUM, &sg_version) < 0 || + sg_version < 30000) { + error_report("scsi-block: scsi generic interface too old"); + return -1; + } + + /* get device type from INQUIRY data */ + rc = get_device_type(s); + if (rc < 0) { + error_report("scsi-block: INQUIRY failed"); + return -1; + } + + /* Make a guess for the block size, we'll fix it when the guest sends. + * READ CAPACITY. If they don't, they likely would assume these sizes + * anyway. (TODO: check in /sys). + */ + if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) { + s->qdev.blocksize = 2048; + } else { + s->qdev.blocksize = 512; + } + return scsi_initfn(&s->qdev); +} + +static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag, + uint32_t lun, uint8_t *buf, + void *hba_private) +{ + SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d); + + switch (buf[0]) { + case READ_6: + case READ_10: + case READ_12: + case READ_16: + case WRITE_6: + case WRITE_10: + case WRITE_12: + case WRITE_16: + case WRITE_VERIFY_10: + case WRITE_VERIFY_12: + case WRITE_VERIFY_16: + return scsi_req_alloc(&scsi_disk_reqops, &s->qdev, tag, lun, + hba_private); + } + + return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun, + hba_private); +} +#endif + #define DEFINE_SCSI_DISK_PROPERTIES() \ DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \ DEFINE_PROP_STRING("ver", SCSIDiskState, version), \ @@ -1326,6 +1706,7 @@ static SCSIDeviceInfo scsi_disk_info[] = { .init = scsi_hd_initfn, .destroy = scsi_destroy, .alloc_req = scsi_new_request, + .unit_attention_reported = scsi_disk_unit_attention_reported, .qdev.props = (Property[]) { DEFINE_SCSI_DISK_PROPERTIES(), DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false), @@ -1340,10 +1721,26 @@ static SCSIDeviceInfo scsi_disk_info[] = { .init = scsi_cd_initfn, .destroy = scsi_destroy, .alloc_req = scsi_new_request, + .unit_attention_reported = scsi_disk_unit_attention_reported, .qdev.props = (Property[]) { DEFINE_SCSI_DISK_PROPERTIES(), DEFINE_PROP_END_OF_LIST(), }, +#ifdef __linux__ + },{ + .qdev.name = "scsi-block", + .qdev.fw_name = "disk", + .qdev.desc = "SCSI block device passthrough", + .qdev.size = sizeof(SCSIDiskState), + .qdev.reset = scsi_disk_reset, + .init = scsi_block_initfn, + .destroy = scsi_destroy, + .alloc_req = scsi_block_new_request, + .qdev.props = (Property[]) { + DEFINE_SCSI_DISK_PROPERTIES(), + DEFINE_PROP_END_OF_LIST(), + }, +#endif },{ .qdev.name = "scsi-disk", /* legacy -device scsi-disk */ .qdev.fw_name = "disk", @@ -1353,6 +1750,7 @@ static SCSIDeviceInfo scsi_disk_info[] = { .init = scsi_disk_initfn, .destroy = scsi_destroy, .alloc_req = scsi_new_request, + .unit_attention_reported = scsi_disk_unit_attention_reported, .qdev.props = (Property[]) { DEFINE_SCSI_DISK_PROPERTIES(), DEFINE_PROP_BIT("removable", SCSIDiskState, removable, 0, false), diff --git a/hw/scsi-generic.c b/hw/scsi-generic.c index 8f6b70df2b..9594cc1276 100644 --- a/hw/scsi-generic.c +++ b/hw/scsi-generic.c @@ -39,15 +39,18 @@ do { fprintf(stderr, "scsi-generic: " fmt , ## __VA_ARGS__); } while (0) #define SCSI_SENSE_BUF_SIZE 96 -#define SG_ERR_DRIVER_TIMEOUT 0x06 -#define SG_ERR_DRIVER_SENSE 0x08 +#define SG_ERR_DRIVER_TIMEOUT 0x06 +#define SG_ERR_DRIVER_SENSE 0x08 + +#define SG_ERR_DID_OK 0x00 +#define SG_ERR_DID_NO_CONNECT 0x01 +#define SG_ERR_DID_BUS_BUSY 0x02 +#define SG_ERR_DID_TIME_OUT 0x03 #ifndef MAX_UINT #define MAX_UINT ((unsigned int)-1) #endif -typedef struct SCSIGenericState SCSIGenericState; - typedef struct SCSIGenericReq { SCSIRequest req; uint8_t *buf; @@ -56,12 +59,6 @@ typedef struct SCSIGenericReq { sg_io_hdr_t io_header; } SCSIGenericReq; -struct SCSIGenericState -{ - SCSIDevice qdev; - BlockDriverState *bs; -}; - static void scsi_free_request(SCSIRequest *req) { SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req); @@ -76,8 +73,9 @@ static void scsi_command_complete(void *opaque, int ret) SCSIGenericReq *r = (SCSIGenericReq *)opaque; r->req.aiocb = NULL; - if (r->io_header.driver_status & SG_ERR_DRIVER_SENSE) + if (r->io_header.driver_status & SG_ERR_DRIVER_SENSE) { r->req.sense_len = r->io_header.sb_len_wr; + } if (ret != 0) { switch (ret) { @@ -94,9 +92,15 @@ static void scsi_command_complete(void *opaque, int ret) break; } } else { - if (r->io_header.driver_status & SG_ERR_DRIVER_TIMEOUT) { + if (r->io_header.host_status == SG_ERR_DID_NO_CONNECT || + r->io_header.host_status == SG_ERR_DID_BUS_BUSY || + r->io_header.host_status == SG_ERR_DID_TIME_OUT || + (r->io_header.driver_status & SG_ERR_DRIVER_TIMEOUT)) { status = BUSY; BADF("Driver Timeout\n"); + } else if (r->io_header.host_status) { + status = CHECK_CONDITION; + scsi_req_build_sense(&r->req, SENSE_CODE(I_T_NEXUS_LOSS)); } else if (r->io_header.status) { status = r->io_header.status; } else if (r->io_header.driver_status & SG_ERR_DRIVER_SENSE) { @@ -109,6 +113,9 @@ static void scsi_command_complete(void *opaque, int ret) r, r->req.tag, status); scsi_req_complete(&r->req, status); + if (!r->req.io_canceled) { + scsi_req_unref(&r->req); + } } /* Cancel a pending data transfer. */ @@ -119,6 +126,11 @@ static void scsi_cancel_io(SCSIRequest *req) DPRINTF("Cancel tag=0x%x\n", req->tag); if (r->req.aiocb) { bdrv_aio_cancel(r->req.aiocb); + + /* This reference was left in by scsi_*_data. We take ownership of + * it independent of whether bdrv_aio_cancel completes the request + * or not. */ + scsi_req_unref(&r->req); } r->req.aiocb = NULL; } @@ -151,6 +163,7 @@ static int execute_command(BlockDriverState *bdrv, static void scsi_read_complete(void * opaque, int ret) { SCSIGenericReq *r = (SCSIGenericReq *)opaque; + SCSIDevice *s = r->req.dev; int len; r->req.aiocb = NULL; @@ -166,7 +179,21 @@ static void scsi_read_complete(void * opaque, int ret) if (len == 0) { scsi_command_complete(r, 0); } else { + /* Snoop READ CAPACITY output to set the blocksize. */ + if (r->req.cmd.buf[0] == READ_CAPACITY_10) { + s->blocksize = ldl_be_p(&r->buf[4]); + s->max_lba = ldl_be_p(&r->buf[0]); + } else if (r->req.cmd.buf[0] == SERVICE_ACTION_IN_16 && + (r->req.cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) { + s->blocksize = ldl_be_p(&r->buf[8]); + s->max_lba = ldq_be_p(&r->buf[0]); + } + bdrv_set_buffer_alignment(s->conf.bs, s->blocksize); + scsi_req_data(&r->req, len); + if (!r->req.io_canceled) { + scsi_req_unref(&r->req); + } } } @@ -174,26 +201,28 @@ static void scsi_read_complete(void * opaque, int ret) static void scsi_read_data(SCSIRequest *req) { SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req); - SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, r->req.dev); + SCSIDevice *s = r->req.dev; int ret; DPRINTF("scsi_read_data 0x%x\n", req->tag); + + /* The request is used as the AIO opaque value, so add a ref. */ + scsi_req_ref(&r->req); if (r->len == -1) { scsi_command_complete(r, 0); return; } - ret = execute_command(s->bs, r, SG_DXFER_FROM_DEV, scsi_read_complete); + ret = execute_command(s->conf.bs, r, SG_DXFER_FROM_DEV, scsi_read_complete); if (ret < 0) { scsi_command_complete(r, ret); - return; } } static void scsi_write_complete(void * opaque, int ret) { SCSIGenericReq *r = (SCSIGenericReq *)opaque; - SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, r->req.dev); + SCSIDevice *s = r->req.dev; DPRINTF("scsi_write_complete() ret = %d\n", ret); r->req.aiocb = NULL; @@ -204,9 +233,9 @@ static void scsi_write_complete(void * opaque, int ret) } if (r->req.cmd.buf[0] == MODE_SELECT && r->req.cmd.buf[4] == 12 && - s->qdev.type == TYPE_TAPE) { - s->qdev.blocksize = (r->buf[9] << 16) | (r->buf[10] << 8) | r->buf[11]; - DPRINTF("block size %d\n", s->qdev.blocksize); + s->type == TYPE_TAPE) { + s->blocksize = (r->buf[9] << 16) | (r->buf[10] << 8) | r->buf[11]; + DPRINTF("block size %d\n", s->blocksize); } scsi_command_complete(r, ret); @@ -216,8 +245,8 @@ static void scsi_write_complete(void * opaque, int ret) The transfer may complete asynchronously. */ static void scsi_write_data(SCSIRequest *req) { - SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, req->dev); SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req); + SCSIDevice *s = r->req.dev; int ret; DPRINTF("scsi_write_data 0x%x\n", req->tag); @@ -227,7 +256,9 @@ static void scsi_write_data(SCSIRequest *req) return; } - ret = execute_command(s->bs, r, SG_DXFER_TO_DEV, scsi_write_complete); + /* The request is used as the AIO opaque value, so add a ref. */ + scsi_req_ref(&r->req); + ret = execute_command(s->conf.bs, r, SG_DXFER_TO_DEV, scsi_write_complete); if (ret < 0) { scsi_command_complete(r, ret); } @@ -241,19 +272,6 @@ static uint8_t *scsi_get_buf(SCSIRequest *req) return r->buf; } -static void scsi_req_fixup(SCSIRequest *req) -{ - switch(req->cmd.buf[0]) { - case REWIND: - case START_STOP: - if (req->dev->type == TYPE_TAPE) { - /* force IMMED, otherwise qemu waits end of command */ - req->cmd.buf[1] = 0x01; - } - break; - } -} - /* Execute a scsi command. Returns the length of the data expected by the command. This will be Positive for data transfers from the device (eg. disk reads), negative for transfers to the device (eg. disk writes), @@ -261,12 +279,10 @@ static void scsi_req_fixup(SCSIRequest *req) static int32_t scsi_send_command(SCSIRequest *req, uint8_t *cmd) { - SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, req->dev); SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req); + SCSIDevice *s = r->req.dev; int ret; - scsi_req_fixup(&r->req); - DPRINTF("Command: lun=%d tag=0x%x len %zd data=0x%02x", lun, tag, r->req.cmd.xfer, cmd[0]); @@ -285,7 +301,9 @@ static int32_t scsi_send_command(SCSIRequest *req, uint8_t *cmd) g_free(r->buf); r->buflen = 0; r->buf = NULL; - ret = execute_command(s->bs, r, SG_DXFER_NONE, scsi_command_complete); + /* The request is used as the AIO opaque value, so add a ref. */ + scsi_req_ref(&r->req); + ret = execute_command(s->conf.bs, r, SG_DXFER_NONE, scsi_command_complete); if (ret < 0) { scsi_command_complete(r, ret); return 0; @@ -310,36 +328,6 @@ static int32_t scsi_send_command(SCSIRequest *req, uint8_t *cmd) } } -static int get_blocksize(BlockDriverState *bdrv) -{ - uint8_t cmd[10]; - uint8_t buf[8]; - uint8_t sensebuf[8]; - sg_io_hdr_t io_header; - int ret; - - memset(cmd, 0, sizeof(cmd)); - memset(buf, 0, sizeof(buf)); - cmd[0] = READ_CAPACITY_10; - - memset(&io_header, 0, sizeof(io_header)); - io_header.interface_id = 'S'; - io_header.dxfer_direction = SG_DXFER_FROM_DEV; - io_header.dxfer_len = sizeof(buf); - io_header.dxferp = buf; - io_header.cmdp = cmd; - io_header.cmd_len = sizeof(cmd); - io_header.mx_sb_len = sizeof(sensebuf); - io_header.sbp = sensebuf; - io_header.timeout = 6000; /* XXX */ - - ret = bdrv_ioctl(bdrv, SG_IO, &io_header); - if (ret < 0) - return -1; - - return (buf[4] << 24) | (buf[5] << 16) | (buf[6] << 8) | buf[7]; -} - static int get_stream_blocksize(BlockDriverState *bdrv) { uint8_t cmd[6]; @@ -365,89 +353,92 @@ static int get_stream_blocksize(BlockDriverState *bdrv) io_header.timeout = 6000; /* XXX */ ret = bdrv_ioctl(bdrv, SG_IO, &io_header); - if (ret < 0) + if (ret < 0 || io_header.driver_status || io_header.host_status) { return -1; - + } return (buf[9] << 16) | (buf[10] << 8) | buf[11]; } static void scsi_generic_reset(DeviceState *dev) { - SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev.qdev, dev); + SCSIDevice *s = DO_UPCAST(SCSIDevice, qdev, dev); - scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET)); + scsi_device_purge_requests(s, SENSE_CODE(RESET)); } -static void scsi_destroy(SCSIDevice *d) +static void scsi_destroy(SCSIDevice *s) { - SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, d); - - scsi_device_purge_requests(&s->qdev, SENSE_CODE(NO_SENSE)); - blockdev_mark_auto_del(s->qdev.conf.bs); + scsi_device_purge_requests(s, SENSE_CODE(NO_SENSE)); + blockdev_mark_auto_del(s->conf.bs); } -static int scsi_generic_initfn(SCSIDevice *dev) +static int scsi_generic_initfn(SCSIDevice *s) { - SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, dev); int sg_version; struct sg_scsi_id scsiid; - if (!s->qdev.conf.bs) { + if (!s->conf.bs) { error_report("scsi-generic: drive property not set"); return -1; } - s->bs = s->qdev.conf.bs; /* check we are really using a /dev/sg* file */ - if (!bdrv_is_sg(s->bs)) { + if (!bdrv_is_sg(s->conf.bs)) { error_report("scsi-generic: not /dev/sg*"); return -1; } - if (bdrv_get_on_error(s->bs, 0) != BLOCK_ERR_STOP_ENOSPC) { + if (bdrv_get_on_error(s->conf.bs, 0) != BLOCK_ERR_STOP_ENOSPC) { error_report("Device doesn't support drive option werror"); return -1; } - if (bdrv_get_on_error(s->bs, 1) != BLOCK_ERR_REPORT) { + if (bdrv_get_on_error(s->conf.bs, 1) != BLOCK_ERR_REPORT) { error_report("Device doesn't support drive option rerror"); return -1; } /* check we are using a driver managing SG_IO (version 3 and after */ - if (bdrv_ioctl(s->bs, SG_GET_VERSION_NUM, &sg_version) < 0 || + if (bdrv_ioctl(s->conf.bs, SG_GET_VERSION_NUM, &sg_version) < 0 || sg_version < 30000) { error_report("scsi-generic: scsi generic interface too old"); return -1; } /* get LUN of the /dev/sg? */ - if (bdrv_ioctl(s->bs, SG_GET_SCSI_ID, &scsiid)) { + if (bdrv_ioctl(s->conf.bs, SG_GET_SCSI_ID, &scsiid)) { error_report("scsi-generic: SG_GET_SCSI_ID ioctl failed"); return -1; } /* define device state */ - s->qdev.type = scsiid.scsi_type; - DPRINTF("device type %d\n", s->qdev.type); - if (s->qdev.type == TYPE_TAPE) { - s->qdev.blocksize = get_stream_blocksize(s->bs); - if (s->qdev.blocksize == -1) - s->qdev.blocksize = 0; - } else { - s->qdev.blocksize = get_blocksize(s->bs); - /* removable media returns 0 if not present */ - if (s->qdev.blocksize <= 0) { - if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) - s->qdev.blocksize = 2048; - else - s->qdev.blocksize = 512; + s->type = scsiid.scsi_type; + DPRINTF("device type %d\n", s->type); + switch (s->type) { + case TYPE_TAPE: + s->blocksize = get_stream_blocksize(s->conf.bs); + if (s->blocksize == -1) { + s->blocksize = 0; } + break; + + /* Make a guess for block devices, we'll fix it when the guest sends. + * READ CAPACITY. If they don't, they likely would assume these sizes + * anyway. (TODO: they could also send MODE SENSE). + */ + case TYPE_ROM: + case TYPE_WORM: + s->blocksize = 2048; + break; + default: + s->blocksize = 512; + break; } - DPRINTF("block size %d\n", s->qdev.blocksize); + + DPRINTF("block size %d\n", s->blocksize); return 0; } -static SCSIReqOps scsi_generic_req_ops = { +const SCSIReqOps scsi_generic_req_ops = { .size = sizeof(SCSIGenericReq), .free_req = scsi_free_request, .send_command = scsi_send_command, @@ -458,7 +449,7 @@ static SCSIReqOps scsi_generic_req_ops = { }; static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun, - void *hba_private) + uint8_t *buf, void *hba_private) { SCSIRequest *req; @@ -469,13 +460,13 @@ static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun, static SCSIDeviceInfo scsi_generic_info = { .qdev.name = "scsi-generic", .qdev.desc = "pass through generic scsi device (/dev/sg*)", - .qdev.size = sizeof(SCSIGenericState), + .qdev.size = sizeof(SCSIDevice), .qdev.reset = scsi_generic_reset, .init = scsi_generic_initfn, .destroy = scsi_destroy, .alloc_req = scsi_new_request, .qdev.props = (Property[]) { - DEFINE_BLOCK_PROPERTIES(SCSIGenericState, qdev.conf), + DEFINE_BLOCK_PROPERTIES(SCSIDevice, conf), DEFINE_PROP_END_OF_LIST(), }, }; @@ -3,13 +3,14 @@ #include "qdev.h" #include "block.h" +#include "sysemu.h" #define MAX_SCSI_DEVS 255 #define SCSI_CMD_BUF_SIZE 16 typedef struct SCSIBus SCSIBus; -typedef struct SCSIBusOps SCSIBusOps; +typedef struct SCSIBusInfo SCSIBusInfo; typedef struct SCSICommand SCSICommand; typedef struct SCSIDevice SCSIDevice; typedef struct SCSIDeviceInfo SCSIDeviceInfo; @@ -41,7 +42,7 @@ struct SCSICommand { struct SCSIRequest { SCSIBus *bus; SCSIDevice *dev; - SCSIReqOps *ops; + const SCSIReqOps *ops; uint32_t refcount; uint32_t tag; uint32_t lun; @@ -51,6 +52,8 @@ struct SCSIRequest { uint8_t sense[SCSI_SENSE_BUF_SIZE]; uint32_t sense_len; bool enqueued; + bool io_canceled; + bool retry; void *hba_private; QTAILQ_ENTRY(SCSIRequest) next; }; @@ -58,16 +61,21 @@ struct SCSIRequest { struct SCSIDevice { DeviceState qdev; + VMChangeStateEntry *vmsentry; + QEMUBH *bh; uint32_t id; BlockConf conf; SCSIDeviceInfo *info; SCSISense unit_attention; + bool sense_is_ua; uint8_t sense[SCSI_SENSE_BUF_SIZE]; uint32_t sense_len; QTAILQ_HEAD(, SCSIRequest) requests; + uint32_t channel; uint32_t lun; int blocksize; int type; + uint64_t max_lba; }; /* cdrom.c */ @@ -91,11 +99,13 @@ struct SCSIDeviceInfo { scsi_qdev_initfn init; void (*destroy)(SCSIDevice *s); SCSIRequest *(*alloc_req)(SCSIDevice *s, uint32_t tag, uint32_t lun, - void *hba_private); - SCSIReqOps reqops; + uint8_t *buf, void *hba_private); + void (*unit_attention_reported)(SCSIDevice *s); }; -struct SCSIBusOps { +struct SCSIBusInfo { + int tcq; + int max_channel, max_target, max_lun; void (*transfer_data)(SCSIRequest *req, uint32_t arg); void (*complete)(SCSIRequest *req, uint32_t arg); void (*cancel)(SCSIRequest *req); @@ -106,14 +116,10 @@ struct SCSIBus { int busnr; SCSISense unit_attention; - int tcq, ndev; - const SCSIBusOps *ops; - - SCSIDevice *devs[MAX_SCSI_DEVS]; + const SCSIBusInfo *info; }; -void scsi_bus_new(SCSIBus *bus, DeviceState *host, int tcq, int ndev, - const SCSIBusOps *ops); +void scsi_bus_new(SCSIBus *bus, DeviceState *host, const SCSIBusInfo *info); void scsi_qdev_register(SCSIDeviceInfo *info); static inline SCSIBus *scsi_bus_from_device(SCSIDevice *d) @@ -159,6 +165,8 @@ extern const struct SCSISense sense_code_IO_ERROR; extern const struct SCSISense sense_code_I_T_NEXUS_LOSS; /* Command aborted, Logical Unit failure */ extern const struct SCSISense sense_code_LUN_FAILURE; +/* LUN not ready, Medium not present */ +extern const struct SCSISense sense_code_UNIT_ATTENTION_NO_MEDIUM; /* Unit attention, Power on, reset or bus device reset occurred */ extern const struct SCSISense sense_code_RESET; /* Unit attention, Medium may have changed*/ @@ -172,8 +180,8 @@ extern const struct SCSISense sense_code_DEVICE_INTERNAL_RESET; int scsi_sense_valid(SCSISense sense); -SCSIRequest *scsi_req_alloc(SCSIReqOps *reqops, SCSIDevice *d, uint32_t tag, - uint32_t lun, void *hba_private); +SCSIRequest *scsi_req_alloc(const SCSIReqOps *reqops, SCSIDevice *d, + uint32_t tag, uint32_t lun, void *hba_private); SCSIRequest *scsi_req_new(SCSIDevice *d, uint32_t tag, uint32_t lun, uint8_t *buf, void *hba_private); int32_t scsi_req_enqueue(SCSIRequest *req); @@ -190,7 +198,12 @@ uint8_t *scsi_req_get_buf(SCSIRequest *req); int scsi_req_get_sense(SCSIRequest *req, uint8_t *buf, int len); void scsi_req_abort(SCSIRequest *req, int status); void scsi_req_cancel(SCSIRequest *req); +void scsi_req_retry(SCSIRequest *req); void scsi_device_purge_requests(SCSIDevice *sdev, SCSISense sense); int scsi_device_get_sense(SCSIDevice *dev, uint8_t *buf, int len, bool fixed); +SCSIDevice *scsi_device_find(SCSIBus *bus, int channel, int target, int lun); + +/* scsi-generic.c. */ +extern const SCSIReqOps scsi_generic_req_ops; #endif diff --git a/hw/spapr_vio.c b/hw/spapr_vio.c index 35818e18f1..977603f81e 100644 --- a/hw/spapr_vio.c +++ b/hw/spapr_vio.c @@ -63,7 +63,7 @@ VIOsPAPRDevice *spapr_vio_find_by_reg(VIOsPAPRBus *bus, uint32_t reg) DeviceState *qdev; VIOsPAPRDevice *dev = NULL; - QLIST_FOREACH(qdev, &bus->bus.children, sibling) { + QTAILQ_FOREACH(qdev, &bus->bus.children, sibling) { dev = (VIOsPAPRDevice *)qdev; if (dev->reg == reg) { break; @@ -588,7 +588,7 @@ static void rtas_quiesce(sPAPREnvironment *spapr, uint32_t token, return; } - QLIST_FOREACH(qdev, &bus->bus.children, sibling) { + QTAILQ_FOREACH(qdev, &bus->bus.children, sibling) { dev = (VIOsPAPRDevice *)qdev; spapr_vio_quiesce_one(dev); } @@ -726,7 +726,7 @@ int spapr_populate_vdevice(VIOsPAPRBus *bus, void *fdt) DeviceState *qdev; int ret = 0; - QLIST_FOREACH(qdev, &bus->bus.children, sibling) { + QTAILQ_FOREACH(qdev, &bus->bus.children, sibling) { VIOsPAPRDevice *dev = (VIOsPAPRDevice *)qdev; ret = vio_make_devnode(dev, fdt); diff --git a/hw/spapr_vscsi.c b/hw/spapr_vscsi.c index e8426d7c5e..00e2d2d5d3 100644 --- a/hw/spapr_vscsi.c +++ b/hw/spapr_vscsi.c @@ -129,11 +129,38 @@ static void vscsi_put_req(vscsi_req *req) req->active = 0; } -static void vscsi_decode_id_lun(uint64_t srp_lun, int *id, int *lun) +static SCSIDevice *vscsi_device_find(SCSIBus *bus, uint64_t srp_lun, int *lun) { - /* XXX Figure that one out properly ! This is crackpot */ - *id = (srp_lun >> 56) & 0x7f; - *lun = (srp_lun >> 48) & 0xff; + int channel = 0, id = 0; + +retry: + switch (srp_lun >> 62) { + case 0: + if ((srp_lun >> 56) != 0) { + channel = (srp_lun >> 56) & 0x3f; + id = (srp_lun >> 48) & 0xff; + srp_lun <<= 16; + goto retry; + } + *lun = (srp_lun >> 48) & 0xff; + break; + + case 1: + *lun = (srp_lun >> 48) & 0x3fff; + break; + case 2: + channel = (srp_lun >> 53) & 0x7; + id = (srp_lun >> 56) & 0x3f; + *lun = (srp_lun >> 48) & 0x1f; + break; + case 3: + *lun = -1; + return NULL; + default: + abort(); + } + + return scsi_device_find(bus, channel, id, *lun); } static int vscsi_send_iu(VSCSIState *s, vscsi_req *req, @@ -582,14 +609,11 @@ static int vscsi_queue_cmd(VSCSIState *s, vscsi_req *req) { union srp_iu *srp = &req->iu.srp; SCSIDevice *sdev; - int n, id, lun; + int n, lun; - vscsi_decode_id_lun(be64_to_cpu(srp->cmd.lun), &id, &lun); - - /* Qemu vs. linux issue with LUNs to be sorted out ... */ - sdev = (id < 8 && lun < 16) ? s->bus.devs[id] : NULL; + sdev = vscsi_device_find(&s->bus, be64_to_cpu(srp->cmd.lun), &lun); if (!sdev) { - dprintf("VSCSI: Command for id %d with no drive\n", id); + dprintf("VSCSI: Command for lun %08" PRIx64 " with no drive\n", be64_to_cpu(srp->cmd.lun)); if (srp->cmd.cdb[0] == INQUIRY) { vscsi_inquiry_no_target(s, req); } else { @@ -862,7 +886,12 @@ static int vscsi_do_crq(struct VIOsPAPRDevice *dev, uint8_t *crq_data) return 0; } -static const struct SCSIBusOps vscsi_scsi_ops = { +static const struct SCSIBusInfo vscsi_scsi_info = { + .tcq = true, + .max_channel = 7, /* logical unit addressing format */ + .max_target = 63, + .max_lun = 31, + .transfer_data = vscsi_transfer_data, .complete = vscsi_command_complete, .cancel = vscsi_request_cancelled @@ -883,8 +912,7 @@ static int spapr_vscsi_init(VIOsPAPRDevice *dev) dev->crq.SendFunc = vscsi_do_crq; - scsi_bus_new(&s->bus, &dev->qdev, 1, VSCSI_REQ_LIMIT, - &vscsi_scsi_ops); + scsi_bus_new(&s->bus, &dev->qdev, &vscsi_scsi_info); if (!dev->qdev.hotplugged) { scsi_bus_legacy_handle_cmdline(&s->bus); } @@ -25,8 +25,8 @@ static int ssi_slave_init(DeviceState *dev, DeviceInfo *base_info) SSIBus *bus; bus = FROM_QBUS(SSIBus, qdev_get_parent_bus(dev)); - if (QLIST_FIRST(&bus->qbus.children) != dev - || QLIST_NEXT(dev, sibling) != NULL) { + if (QTAILQ_FIRST(&bus->qbus.children) != dev + || QTAILQ_NEXT(dev, sibling) != NULL) { hw_error("Too many devices on SSI bus"); } @@ -61,7 +61,7 @@ uint32_t ssi_transfer(SSIBus *bus, uint32_t val) { DeviceState *dev; SSISlave *slave; - dev = QLIST_FIRST(&bus->qbus.children); + dev = QTAILQ_FIRST(&bus->qbus.children); if (!dev) { return 0; } diff --git a/hw/usb-msd.c b/hw/usb-msd.c index 08d2d2ac77..1a0815a136 100644 --- a/hw/usb-msd.c +++ b/hw/usb-msd.c @@ -495,7 +495,11 @@ static void usb_msd_password_cb(void *opaque, int err) qdev_unplug(&s->dev.qdev); } -static const struct SCSIBusOps usb_msd_scsi_ops = { +static const struct SCSIBusInfo usb_msd_scsi_info = { + .tcq = false, + .max_target = 0, + .max_lun = 0, + .transfer_data = usb_msd_transfer_data, .complete = usb_msd_command_complete, .cancel = usb_msd_request_cancelled @@ -536,7 +540,7 @@ static int usb_msd_initfn(USBDevice *dev) } usb_desc_init(dev); - scsi_bus_new(&s->bus, &s->dev.qdev, 0, 1, &usb_msd_scsi_ops); + scsi_bus_new(&s->bus, &s->dev.qdev, &usb_msd_scsi_info); s->scsi_dev = scsi_bus_legacy_add_drive(&s->bus, bs, 0, !!s->removable); if (!s->scsi_dev) { return -1; |