2 * SCSI Device emulation
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
7 * Written by Paul Brook
9 * This code is licenced under the LGPL.
11 * Note that this file only handles the SCSI architecture model and device
12 * commands. Emulation of interface/link layer protocols is handled by
13 * the host adapter emulator.
16 #include <qemu-common.h>
21 #define DPRINTF(fmt, args...) \
22 do { printf("scsi-disk: " fmt , ##args); } while (0)
24 #define DPRINTF(fmt, args...) do {} while(0)
27 #define BADF(fmt, args...) \
28 do { fprintf(stderr, "scsi-disk: " fmt , ##args); } while (0)
30 #include "qemu-common.h"
32 #include "scsi-disk.h"
34 #define SENSE_NO_SENSE 0
35 #define SENSE_NOT_READY 2
36 #define SENSE_HARDWARE_ERROR 4
37 #define SENSE_ILLEGAL_REQUEST 5
40 #define STATUS_CHECK_CONDITION 2
42 #define SCSI_DMA_BUF_SIZE 131072
43 #define SCSI_MAX_INQUIRY_LEN 256
45 #define SCSI_REQ_STATUS_RETRY 0x01
47 typedef struct SCSIRequest {
50 /* ??? We should probably keep track of whether the data transfer is
51 a read or a write. Currently we rely on the host getting it right. */
52 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
54 uint32_t sector_count;
55 /* The amounnt of data in the buffer. */
58 BlockDriverAIOCB *aiocb;
59 struct SCSIRequest *next;
63 struct SCSIDeviceState
65 BlockDriverState *bdrv;
66 SCSIRequest *requests;
67 /* The qemu block layer uses a fixed 512 byte sector size.
68 This is the number of 512 byte blocks in a single scsi sector. */
72 /* Completion functions may be called from either scsi_{read,write}_data
73 or from the AIO completion routines. */
74 scsi_completionfn completion;
76 char drive_serial_str[21];
79 /* Global pool of SCSIRequest structures. */
80 static SCSIRequest *free_requests = NULL;
82 static SCSIRequest *scsi_new_request(SCSIDeviceState *s, uint32_t tag)
88 free_requests = r->next;
90 r = qemu_malloc(sizeof(SCSIRequest));
91 r->dma_buf = qemu_memalign(512, SCSI_DMA_BUF_SIZE);
100 r->next = s->requests;
105 static void scsi_remove_request(SCSIRequest *r)
108 SCSIDeviceState *s = r->dev;
110 if (s->requests == r) {
111 s->requests = r->next;
114 while (last && last->next != r)
117 last->next = r->next;
119 BADF("Orphaned request\n");
122 r->next = free_requests;
126 static SCSIRequest *scsi_find_request(SCSIDeviceState *s, uint32_t tag)
131 while (r && r->tag != tag)
137 /* Helper function for command completion. */
138 static void scsi_command_complete(SCSIRequest *r, int status, int sense)
140 SCSIDeviceState *s = r->dev;
142 DPRINTF("Command complete tag=0x%x status=%d sense=%d\n", r->tag, status, sense);
145 scsi_remove_request(r);
146 s->completion(s->opaque, SCSI_REASON_DONE, tag, status);
149 /* Cancel a pending data transfer. */
150 static void scsi_cancel_io(SCSIDevice *d, uint32_t tag)
152 SCSIDeviceState *s = d->state;
154 DPRINTF("Cancel tag=0x%x\n", tag);
155 r = scsi_find_request(s, tag);
158 bdrv_aio_cancel(r->aiocb);
160 scsi_remove_request(r);
164 static void scsi_read_complete(void * opaque, int ret)
166 SCSIRequest *r = (SCSIRequest *)opaque;
167 SCSIDeviceState *s = r->dev;
170 DPRINTF("IO error\n");
171 s->completion(s->opaque, SCSI_REASON_DATA, r->tag, 0);
172 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_NO_SENSE);
175 DPRINTF("Data ready tag=0x%x len=%d\n", r->tag, r->buf_len);
177 s->completion(s->opaque, SCSI_REASON_DATA, r->tag, r->buf_len);
180 /* Read more data from scsi device into buffer. */
181 static void scsi_read_data(SCSIDevice *d, uint32_t tag)
183 SCSIDeviceState *s = d->state;
187 r = scsi_find_request(s, tag);
189 BADF("Bad read tag 0x%x\n", tag);
190 /* ??? This is the wrong error. */
191 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_HARDWARE_ERROR);
194 if (r->sector_count == (uint32_t)-1) {
195 DPRINTF("Read buf_len=%d\n", r->buf_len);
197 s->completion(s->opaque, SCSI_REASON_DATA, r->tag, r->buf_len);
200 DPRINTF("Read sector_count=%d\n", r->sector_count);
201 if (r->sector_count == 0) {
202 scsi_command_complete(r, STATUS_GOOD, SENSE_NO_SENSE);
207 if (n > SCSI_DMA_BUF_SIZE / 512)
208 n = SCSI_DMA_BUF_SIZE / 512;
210 r->buf_len = n * 512;
211 r->aiocb = bdrv_aio_read(s->bdrv, r->sector, r->dma_buf, n,
212 scsi_read_complete, r);
213 if (r->aiocb == NULL)
214 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_HARDWARE_ERROR);
216 r->sector_count -= n;
219 static int scsi_handle_write_error(SCSIRequest *r, int error)
221 BlockInterfaceErrorAction action = drive_get_onerror(r->dev->bdrv);
223 if (action == BLOCK_ERR_IGNORE)
226 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
227 || action == BLOCK_ERR_STOP_ANY) {
228 r->status |= SCSI_REQ_STATUS_RETRY;
231 scsi_command_complete(r, STATUS_CHECK_CONDITION,
232 SENSE_HARDWARE_ERROR);
238 static void scsi_write_complete(void * opaque, int ret)
240 SCSIRequest *r = (SCSIRequest *)opaque;
241 SCSIDeviceState *s = r->dev;
248 if (scsi_handle_write_error(r, -ret))
252 n = r->buf_len / 512;
254 r->sector_count -= n;
255 if (r->sector_count == 0) {
256 scsi_command_complete(r, STATUS_GOOD, SENSE_NO_SENSE);
258 len = r->sector_count * 512;
259 if (len > SCSI_DMA_BUF_SIZE) {
260 len = SCSI_DMA_BUF_SIZE;
263 DPRINTF("Write complete tag=0x%x more=%d\n", r->tag, len);
264 s->completion(s->opaque, SCSI_REASON_DATA, r->tag, len);
268 static void scsi_write_request(SCSIRequest *r)
270 SCSIDeviceState *s = r->dev;
273 n = r->buf_len / 512;
275 r->aiocb = bdrv_aio_write(s->bdrv, r->sector, r->dma_buf, n,
276 scsi_write_complete, r);
277 if (r->aiocb == NULL)
278 scsi_command_complete(r, STATUS_CHECK_CONDITION,
279 SENSE_HARDWARE_ERROR);
281 /* Invoke completion routine to fetch data from host. */
282 scsi_write_complete(r, 0);
286 /* Write data to a scsi device. Returns nonzero on failure.
287 The transfer may complete asynchronously. */
288 static int scsi_write_data(SCSIDevice *d, uint32_t tag)
290 SCSIDeviceState *s = d->state;
293 DPRINTF("Write data tag=0x%x\n", tag);
294 r = scsi_find_request(s, tag);
296 BADF("Bad write tag 0x%x\n", tag);
297 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_HARDWARE_ERROR);
302 BADF("Data transfer already in progress\n");
304 scsi_write_request(r);
309 static void scsi_dma_restart_cb(void *opaque, int running, int reason)
311 SCSIDeviceState *s = opaque;
312 SCSIRequest *r = s->requests;
317 if (r->status & SCSI_REQ_STATUS_RETRY) {
318 r->status &= ~SCSI_REQ_STATUS_RETRY;
319 scsi_write_request(r);
325 /* Return a pointer to the data buffer. */
326 static uint8_t *scsi_get_buf(SCSIDevice *d, uint32_t tag)
328 SCSIDeviceState *s = d->state;
331 r = scsi_find_request(s, tag);
333 BADF("Bad buffer tag 0x%x\n", tag);
339 /* Execute a scsi command. Returns the length of the data expected by the
340 command. This will be Positive for data transfers from the device
341 (eg. disk reads), negative for transfers to the device (eg. disk writes),
342 and zero if the command does not transfer any data. */
344 static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
345 uint8_t *buf, int lun)
347 SCSIDeviceState *s = d->state;
358 r = scsi_find_request(s, tag);
360 BADF("Tag 0x%x already in use\n", tag);
361 scsi_cancel_io(d, tag);
363 /* ??? Tags are not unique for different luns. We only implement a
364 single lun, so this should not matter. */
365 r = scsi_new_request(s, tag);
368 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
369 switch (command >> 5) {
371 lba = (uint64_t) buf[3] | ((uint64_t) buf[2] << 8) |
372 (((uint64_t) buf[1] & 0x1f) << 16);
378 lba = (uint64_t) buf[5] | ((uint64_t) buf[4] << 8) |
379 ((uint64_t) buf[3] << 16) | ((uint64_t) buf[2] << 24);
380 len = buf[8] | (buf[7] << 8);
384 lba = (uint64_t) buf[9] | ((uint64_t) buf[8] << 8) |
385 ((uint64_t) buf[7] << 16) | ((uint64_t) buf[6] << 24) |
386 ((uint64_t) buf[5] << 32) | ((uint64_t) buf[4] << 40) |
387 ((uint64_t) buf[3] << 48) | ((uint64_t) buf[2] << 56);
388 len = buf[13] | (buf[12] << 8) | (buf[11] << 16) | (buf[10] << 24);
392 lba = (uint64_t) buf[5] | ((uint64_t) buf[4] << 8) |
393 ((uint64_t) buf[3] << 16) | ((uint64_t) buf[2] << 24);
394 len = buf[9] | (buf[8] << 8) | (buf[7] << 16) | (buf[6] << 24);
398 BADF("Unsupported command length, command %x\n", command);
404 for (i = 1; i < cmdlen; i++) {
405 printf(" 0x%02x", buf[i]);
410 if (lun || buf[1] >> 5) {
411 /* Only LUN 0 supported. */
412 DPRINTF("Unimplemented LUN %d\n", lun ? lun : buf[1] >> 5);
413 if (command != 0x03 && command != 0x12) /* REQUEST SENSE and INQUIRY */
418 DPRINTF("Test Unit Ready\n");
421 DPRINTF("Request Sense (len %d)\n", len);
424 memset(outbuf, 0, 4);
427 outbuf[2] = s->sense;
431 DPRINTF("Inquiry (len %d)\n", len);
433 /* Command support data - optional, not implemented */
434 BADF("optional INQUIRY command support request not implemented\n");
437 else if (buf[1] & 0x1) {
438 /* Vital product data */
439 uint8_t page_code = buf[2];
441 BADF("Error: Inquiry (EVPD[%02X]) buffer size %d is "
442 "less than 4\n", page_code, len);
449 /* Supported page codes, mandatory */
450 DPRINTF("Inquiry EVPD[Supported pages] "
451 "buffer size %d\n", len);
455 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
456 outbuf[r->buf_len++] = 5;
458 outbuf[r->buf_len++] = 0;
461 outbuf[r->buf_len++] = 0x00; // this page
462 outbuf[r->buf_len++] = 0x00;
463 outbuf[r->buf_len++] = 3; // number of pages
464 outbuf[r->buf_len++] = 0x00; // list of supported pages (this page)
465 outbuf[r->buf_len++] = 0x80; // unit serial number
466 outbuf[r->buf_len++] = 0x83; // device identification
473 /* Device serial number, optional */
475 BADF("Error: EVPD[Serial number] Inquiry buffer "
476 "size %d too small, %d needed\n", len, 4);
480 DPRINTF("Inquiry EVPD[Serial number] buffer size %d\n", len);
481 l = MIN(len, strlen(s->drive_serial_str));
485 /* Supported page codes */
486 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
487 outbuf[r->buf_len++] = 5;
489 outbuf[r->buf_len++] = 0;
492 outbuf[r->buf_len++] = 0x80; // this page
493 outbuf[r->buf_len++] = 0x00;
494 outbuf[r->buf_len++] = l;
495 memcpy(&outbuf[r->buf_len], s->drive_serial_str, l);
502 /* Device identification page, mandatory */
503 int max_len = 255 - 8;
504 int id_len = strlen(bdrv_get_device_name(s->bdrv));
505 if (id_len > max_len)
508 DPRINTF("Inquiry EVPD[Device identification] "
509 "buffer size %d\n", len);
511 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
512 outbuf[r->buf_len++] = 5;
514 outbuf[r->buf_len++] = 0;
517 outbuf[r->buf_len++] = 0x83; // this page
518 outbuf[r->buf_len++] = 0x00;
519 outbuf[r->buf_len++] = 3 + id_len;
521 outbuf[r->buf_len++] = 0x2; // ASCII
522 outbuf[r->buf_len++] = 0; // not officially assigned
523 outbuf[r->buf_len++] = 0; // reserved
524 outbuf[r->buf_len++] = id_len; // length of data following
526 memcpy(&outbuf[r->buf_len],
527 bdrv_get_device_name(s->bdrv), id_len);
528 r->buf_len += id_len;
532 BADF("Error: unsupported Inquiry (EVPD[%02X]) "
533 "buffer size %d\n", page_code, len);
540 /* Standard INQUIRY data */
542 BADF("Error: Inquiry (STANDARD) page or code "
543 "is non-zero [%02X]\n", buf[2]);
549 BADF("Error: Inquiry (STANDARD) buffer size %d "
550 "is less than 5\n", len);
555 BADF("Error: Inquiry (STANDARD) buffer size %d "
556 "is less than 36 (TODO: only 5 required)\n", len);
560 if(len > SCSI_MAX_INQUIRY_LEN)
561 len = SCSI_MAX_INQUIRY_LEN;
563 memset(outbuf, 0, len);
565 if (lun || buf[1] >> 5) {
566 outbuf[0] = 0x7f; /* LUN not supported */
567 } else if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
570 memcpy(&outbuf[16], "QEMU CD-ROM ", 16);
573 memcpy(&outbuf[16], "QEMU HARDDISK ", 16);
575 memcpy(&outbuf[8], "QEMU ", 8);
576 memcpy(&outbuf[32], QEMU_VERSION, 4);
577 /* Identify device as SCSI-3 rev 1.
578 Some later commands are also implemented. */
580 outbuf[3] = 2; /* Format 2 */
581 outbuf[4] = len - 5; /* Additional Length = (Len - 1) - 4 */
582 /* Sync data transfer and TCQ. */
583 outbuf[7] = 0x10 | (s->tcq ? 0x02 : 0);
587 DPRINTF("Reserve(6)\n");
592 DPRINTF("Release(6)\n");
602 page = buf[2] & 0x3f;
603 DPRINTF("Mode Sense (page %d, len %d)\n", page, len);
606 outbuf[1] = 0; /* Default media type. */
607 outbuf[3] = 0; /* Block descriptor length. */
608 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
609 outbuf[2] = 0x80; /* Readonly. */
613 int cylinders, heads, secs;
615 /* Rigid disk device geometry page. */
618 /* if a geometry hint is available, use it */
619 bdrv_get_geometry_hint(s->bdrv, &cylinders, &heads, &secs);
620 p[2] = (cylinders >> 16) & 0xff;
621 p[3] = (cylinders >> 8) & 0xff;
622 p[4] = cylinders & 0xff;
624 /* Write precomp start cylinder, disabled */
625 p[6] = (cylinders >> 16) & 0xff;
626 p[7] = (cylinders >> 8) & 0xff;
627 p[8] = cylinders & 0xff;
628 /* Reduced current start cylinder, disabled */
629 p[9] = (cylinders >> 16) & 0xff;
630 p[10] = (cylinders >> 8) & 0xff;
631 p[11] = cylinders & 0xff;
632 /* Device step rate [ns], 200ns */
635 /* Landing zone cylinder */
639 /* Medium rotation rate [rpm], 5400 rpm */
640 p[20] = (5400 >> 8) & 0xff;
643 } else if (page == 5) {
644 int cylinders, heads, secs;
646 /* Flexible disk device geometry page. */
649 /* Transfer rate [kbit/s], 5Mbit/s */
652 /* if a geometry hint is available, use it */
653 bdrv_get_geometry_hint(s->bdrv, &cylinders, &heads, &secs);
656 p[6] = s->cluster_size * 2;
657 p[8] = (cylinders >> 8) & 0xff;
658 p[9] = cylinders & 0xff;
659 /* Write precomp start cylinder, disabled */
660 p[10] = (cylinders >> 8) & 0xff;
661 p[11] = cylinders & 0xff;
662 /* Reduced current start cylinder, disabled */
663 p[12] = (cylinders >> 8) & 0xff;
664 p[13] = cylinders & 0xff;
665 /* Device step rate [100us], 100us */
668 /* Device step pulse width [us], 1us */
670 /* Device head settle delay [100us], 100us */
673 /* Motor on delay [0.1s], 0.1s */
675 /* Motor off delay [0.1s], 0.1s */
677 /* Medium rotation rate [rpm], 5400 rpm */
678 p[28] = (5400 >> 8) & 0xff;
681 } else if ((page == 8 || page == 0x3f)) {
689 if ((page == 0x3f || page == 0x2a)
690 && (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM)) {
691 /* CD Capabilities and Mechanical Status page. */
694 p[2] = 3; // CD-R & CD-RW read
695 p[3] = 0; // Writing not supported
696 p[4] = 0x7f; /* Audio, composite, digital out,
697 mode 2 form 1&2, multi session */
698 p[5] = 0xff; /* CD DA, DA accurate, RW supported,
699 RW corrected, C2 errors, ISRC,
701 p[6] = 0x2d | (bdrv_is_locked(s->bdrv)? 2 : 0);
702 /* Locking supported, jumper present, eject, tray */
703 p[7] = 0; /* no volume & mute control, no
705 p[8] = (50 * 176) >> 8; // 50x read speed
706 p[9] = (50 * 176) & 0xff;
707 p[10] = 0 >> 8; // No volume
709 p[12] = 2048 >> 8; // 2M buffer
711 p[14] = (16 * 176) >> 8; // 16x read speed current
712 p[15] = (16 * 176) & 0xff;
713 p[18] = (16 * 176) >> 8; // 16x write speed
714 p[19] = (16 * 176) & 0xff;
715 p[20] = (16 * 176) >> 8; // 16x write speed current
716 p[21] = (16 * 176) & 0xff;
719 r->buf_len = p - outbuf;
720 outbuf[0] = r->buf_len - 4;
721 if (r->buf_len > len)
726 DPRINTF("Start Stop Unit\n");
729 DPRINTF("Prevent Allow Medium Removal (prevent = %d)\n", buf[4] & 3);
730 bdrv_set_locked(s->bdrv, buf[4] & 1);
733 DPRINTF("Read Capacity\n");
734 /* The normal LEN field for this command is zero. */
735 memset(outbuf, 0, 8);
736 bdrv_get_geometry(s->bdrv, &nb_sectors);
737 nb_sectors /= s->cluster_size;
738 /* Returned value is the address of the last sector. */
741 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
742 if (nb_sectors > UINT32_MAX)
743 nb_sectors = UINT32_MAX;
744 outbuf[0] = (nb_sectors >> 24) & 0xff;
745 outbuf[1] = (nb_sectors >> 16) & 0xff;
746 outbuf[2] = (nb_sectors >> 8) & 0xff;
747 outbuf[3] = nb_sectors & 0xff;
750 outbuf[6] = s->cluster_size * 2;
754 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_NOT_READY);
761 DPRINTF("Read (sector %lld, count %d)\n", lba, len);
762 r->sector = lba * s->cluster_size;
763 r->sector_count = len * s->cluster_size;
768 DPRINTF("Write (sector %lld, count %d)\n", lba, len);
769 r->sector = lba * s->cluster_size;
770 r->sector_count = len * s->cluster_size;
774 DPRINTF("Synchronise cache (sector %d, count %d)\n", lba, len);
779 int start_track, format, msf, toclen;
782 format = buf[2] & 0xf;
783 start_track = buf[6];
784 bdrv_get_geometry(s->bdrv, &nb_sectors);
785 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
788 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
791 /* multi session : only a single session defined */
793 memset(outbuf, 0, 12);
799 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
811 DPRINTF("Read TOC error\n");
815 DPRINTF("Get Configuration (rt %d, maxlen %d)\n", buf[1] & 3, len);
816 memset(outbuf, 0, 8);
817 /* ??? This should probably return much more information. For now
818 just return the basic header indicating the CD-ROM profile. */
819 outbuf[7] = 8; // CD-ROM
823 DPRINTF("Reserve(10)\n");
828 DPRINTF("Release(10)\n");
833 /* Service Action In subcommands. */
834 if ((buf[1] & 31) == 0x10) {
835 DPRINTF("SAI READ CAPACITY(16)\n");
836 memset(outbuf, 0, len);
837 bdrv_get_geometry(s->bdrv, &nb_sectors);
838 nb_sectors /= s->cluster_size;
839 /* Returned value is the address of the last sector. */
842 outbuf[0] = (nb_sectors >> 56) & 0xff;
843 outbuf[1] = (nb_sectors >> 48) & 0xff;
844 outbuf[2] = (nb_sectors >> 40) & 0xff;
845 outbuf[3] = (nb_sectors >> 32) & 0xff;
846 outbuf[4] = (nb_sectors >> 24) & 0xff;
847 outbuf[5] = (nb_sectors >> 16) & 0xff;
848 outbuf[6] = (nb_sectors >> 8) & 0xff;
849 outbuf[7] = nb_sectors & 0xff;
852 outbuf[10] = s->cluster_size * 2;
854 /* Protection, exponent and lowest lba field left blank. */
857 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_NOT_READY);
862 DPRINTF("Unsupported Service Action In\n");
865 DPRINTF("Report LUNs (len %d)\n", len);
868 memset(outbuf, 0, 16);
873 DPRINTF("Verify (sector %d, count %d)\n", lba, len);
876 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
878 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_ILLEGAL_REQUEST);
881 if (r->sector_count == 0 && r->buf_len == 0) {
882 scsi_command_complete(r, STATUS_GOOD, SENSE_NO_SENSE);
884 len = r->sector_count * 512 + r->buf_len;
888 if (!r->sector_count)
889 r->sector_count = -1;
894 static void scsi_destroy(SCSIDevice *d)
900 SCSIDevice *scsi_disk_init(BlockDriverState *bdrv, int tcq,
901 scsi_completionfn completion, void *opaque)
906 s = (SCSIDeviceState *)qemu_mallocz(sizeof(SCSIDeviceState));
909 s->completion = completion;
911 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
916 strncpy(s->drive_serial_str, drive_get_serial(s->bdrv),
917 sizeof(s->drive_serial_str));
918 if (strlen(s->drive_serial_str) == 0)
919 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), "0");
920 qemu_add_vm_change_state_handler(scsi_dma_restart_cb, s);
921 d = (SCSIDevice *)qemu_mallocz(sizeof(SCSIDevice));
923 d->destroy = scsi_destroy;
924 d->send_command = scsi_send_command;
925 d->read_data = scsi_read_data;
926 d->write_data = scsi_write_data;
927 d->cancel_io = scsi_cancel_io;
928 d->get_buf = scsi_get_buf;
projects / qemu / blob