2 * SCSI Device emulation
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
7 * Written by Paul Brook
9 * This code is licenced under the LGPL.
11 * Note that this file only handles the SCSI architecture model and device
12 * commands. Emulation of interface/link layer protocols is handled by
13 * the host adapter emulator.
16 #include <qemu-common.h>
21 #define DPRINTF(fmt, args...) \
22 do { printf("scsi-disk: " fmt , ##args); } while (0)
24 #define DPRINTF(fmt, args...) do {} while(0)
27 #define BADF(fmt, args...) \
28 do { fprintf(stderr, "scsi-disk: " fmt , ##args); } while (0)
30 #include "qemu-common.h"
32 #include "scsi-disk.h"
34 #define SENSE_NO_SENSE 0
35 #define SENSE_NOT_READY 2
36 #define SENSE_HARDWARE_ERROR 4
37 #define SENSE_ILLEGAL_REQUEST 5
40 #define STATUS_CHECK_CONDITION 2
42 #define SCSI_DMA_BUF_SIZE 131072
43 #define SCSI_MAX_INQUIRY_LEN 256
45 #define SCSI_REQ_STATUS_RETRY 0x01
47 typedef struct SCSIRequest {
50 /* ??? We should probably keep track of whether the data transfer is
51 a read or a write. Currently we rely on the host getting it right. */
52 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
54 uint32_t sector_count;
55 /* The amounnt of data in the buffer. */
58 BlockDriverAIOCB *aiocb;
59 struct SCSIRequest *next;
63 struct SCSIDeviceState
65 BlockDriverState *bdrv;
66 SCSIRequest *requests;
67 /* The qemu block layer uses a fixed 512 byte sector size.
68 This is the number of 512 byte blocks in a single scsi sector. */
73 /* Completion functions may be called from either scsi_{read,write}_data
74 or from the AIO completion routines. */
75 scsi_completionfn completion;
77 char drive_serial_str[21];
80 /* Global pool of SCSIRequest structures. */
81 static SCSIRequest *free_requests = NULL;
83 static SCSIRequest *scsi_new_request(SCSIDeviceState *s, uint32_t tag)
89 free_requests = r->next;
91 r = qemu_malloc(sizeof(SCSIRequest));
92 r->dma_buf = qemu_memalign(512, SCSI_DMA_BUF_SIZE);
101 r->next = s->requests;
106 static void scsi_remove_request(SCSIRequest *r)
109 SCSIDeviceState *s = r->dev;
111 if (s->requests == r) {
112 s->requests = r->next;
115 while (last && last->next != r)
118 last->next = r->next;
120 BADF("Orphaned request\n");
123 r->next = free_requests;
127 static SCSIRequest *scsi_find_request(SCSIDeviceState *s, uint32_t tag)
132 while (r && r->tag != tag)
138 /* Helper function for command completion. */
139 static void scsi_command_complete(SCSIRequest *r, int status, int sense)
141 SCSIDeviceState *s = r->dev;
143 DPRINTF("Command complete tag=0x%x status=%d sense=%d\n", r->tag, status, sense);
146 scsi_remove_request(r);
147 s->completion(s->opaque, SCSI_REASON_DONE, tag, status);
150 /* Cancel a pending data transfer. */
151 static void scsi_cancel_io(SCSIDevice *d, uint32_t tag)
153 SCSIDeviceState *s = d->state;
155 DPRINTF("Cancel tag=0x%x\n", tag);
156 r = scsi_find_request(s, tag);
159 bdrv_aio_cancel(r->aiocb);
161 scsi_remove_request(r);
165 static void scsi_read_complete(void * opaque, int ret)
167 SCSIRequest *r = (SCSIRequest *)opaque;
168 SCSIDeviceState *s = r->dev;
171 DPRINTF("IO error\n");
172 s->completion(s->opaque, SCSI_REASON_DATA, r->tag, 0);
173 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_NO_SENSE);
176 DPRINTF("Data ready tag=0x%x len=%d\n", r->tag, r->buf_len);
178 s->completion(s->opaque, SCSI_REASON_DATA, r->tag, r->buf_len);
181 /* Read more data from scsi device into buffer. */
182 static void scsi_read_data(SCSIDevice *d, uint32_t tag)
184 SCSIDeviceState *s = d->state;
188 r = scsi_find_request(s, tag);
190 BADF("Bad read tag 0x%x\n", tag);
191 /* ??? This is the wrong error. */
192 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_HARDWARE_ERROR);
195 if (r->sector_count == (uint32_t)-1) {
196 DPRINTF("Read buf_len=%d\n", r->buf_len);
198 s->completion(s->opaque, SCSI_REASON_DATA, r->tag, r->buf_len);
201 DPRINTF("Read sector_count=%d\n", r->sector_count);
202 if (r->sector_count == 0) {
203 scsi_command_complete(r, STATUS_GOOD, SENSE_NO_SENSE);
208 if (n > SCSI_DMA_BUF_SIZE / 512)
209 n = SCSI_DMA_BUF_SIZE / 512;
211 r->buf_len = n * 512;
212 r->aiocb = bdrv_aio_read(s->bdrv, r->sector, r->dma_buf, n,
213 scsi_read_complete, r);
214 if (r->aiocb == NULL)
215 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_HARDWARE_ERROR);
217 r->sector_count -= n;
220 static int scsi_handle_write_error(SCSIRequest *r, int error)
222 BlockInterfaceErrorAction action = drive_get_onerror(r->dev->bdrv);
224 if (action == BLOCK_ERR_IGNORE)
227 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
228 || action == BLOCK_ERR_STOP_ANY) {
229 r->status |= SCSI_REQ_STATUS_RETRY;
232 scsi_command_complete(r, STATUS_CHECK_CONDITION,
233 SENSE_HARDWARE_ERROR);
239 static void scsi_write_complete(void * opaque, int ret)
241 SCSIRequest *r = (SCSIRequest *)opaque;
242 SCSIDeviceState *s = r->dev;
249 if (scsi_handle_write_error(r, -ret))
253 n = r->buf_len / 512;
255 r->sector_count -= n;
256 if (r->sector_count == 0) {
257 scsi_command_complete(r, STATUS_GOOD, SENSE_NO_SENSE);
259 len = r->sector_count * 512;
260 if (len > SCSI_DMA_BUF_SIZE) {
261 len = SCSI_DMA_BUF_SIZE;
264 DPRINTF("Write complete tag=0x%x more=%d\n", r->tag, len);
265 s->completion(s->opaque, SCSI_REASON_DATA, r->tag, len);
269 static void scsi_write_request(SCSIRequest *r)
271 SCSIDeviceState *s = r->dev;
274 n = r->buf_len / 512;
276 r->aiocb = bdrv_aio_write(s->bdrv, r->sector, r->dma_buf, n,
277 scsi_write_complete, r);
278 if (r->aiocb == NULL)
279 scsi_command_complete(r, STATUS_CHECK_CONDITION,
280 SENSE_HARDWARE_ERROR);
282 /* Invoke completion routine to fetch data from host. */
283 scsi_write_complete(r, 0);
287 /* Write data to a scsi device. Returns nonzero on failure.
288 The transfer may complete asynchronously. */
289 static int scsi_write_data(SCSIDevice *d, uint32_t tag)
291 SCSIDeviceState *s = d->state;
294 DPRINTF("Write data tag=0x%x\n", tag);
295 r = scsi_find_request(s, tag);
297 BADF("Bad write tag 0x%x\n", tag);
298 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_HARDWARE_ERROR);
303 BADF("Data transfer already in progress\n");
305 scsi_write_request(r);
310 static void scsi_dma_restart_cb(void *opaque, int running, int reason)
312 SCSIDeviceState *s = opaque;
313 SCSIRequest *r = s->requests;
318 if (r->status & SCSI_REQ_STATUS_RETRY) {
319 r->status &= ~SCSI_REQ_STATUS_RETRY;
320 scsi_write_request(r);
326 /* Return a pointer to the data buffer. */
327 static uint8_t *scsi_get_buf(SCSIDevice *d, uint32_t tag)
329 SCSIDeviceState *s = d->state;
332 r = scsi_find_request(s, tag);
334 BADF("Bad buffer tag 0x%x\n", tag);
340 /* Execute a scsi command. Returns the length of the data expected by the
341 command. This will be Positive for data transfers from the device
342 (eg. disk reads), negative for transfers to the device (eg. disk writes),
343 and zero if the command does not transfer any data. */
345 static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
346 uint8_t *buf, int lun)
348 SCSIDeviceState *s = d->state;
359 r = scsi_find_request(s, tag);
361 BADF("Tag 0x%x already in use\n", tag);
362 scsi_cancel_io(d, tag);
364 /* ??? Tags are not unique for different luns. We only implement a
365 single lun, so this should not matter. */
366 r = scsi_new_request(s, tag);
369 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
370 switch (command >> 5) {
372 lba = (uint64_t) buf[3] | ((uint64_t) buf[2] << 8) |
373 (((uint64_t) buf[1] & 0x1f) << 16);
379 lba = (uint64_t) buf[5] | ((uint64_t) buf[4] << 8) |
380 ((uint64_t) buf[3] << 16) | ((uint64_t) buf[2] << 24);
381 len = buf[8] | (buf[7] << 8);
385 lba = (uint64_t) buf[9] | ((uint64_t) buf[8] << 8) |
386 ((uint64_t) buf[7] << 16) | ((uint64_t) buf[6] << 24) |
387 ((uint64_t) buf[5] << 32) | ((uint64_t) buf[4] << 40) |
388 ((uint64_t) buf[3] << 48) | ((uint64_t) buf[2] << 56);
389 len = buf[13] | (buf[12] << 8) | (buf[11] << 16) | (buf[10] << 24);
393 lba = (uint64_t) buf[5] | ((uint64_t) buf[4] << 8) |
394 ((uint64_t) buf[3] << 16) | ((uint64_t) buf[2] << 24);
395 len = buf[9] | (buf[8] << 8) | (buf[7] << 16) | (buf[6] << 24);
399 BADF("Unsupported command length, command %x\n", command);
405 for (i = 1; i < cmdlen; i++) {
406 printf(" 0x%02x", buf[i]);
411 if (lun || buf[1] >> 5) {
412 /* Only LUN 0 supported. */
413 DPRINTF("Unimplemented LUN %d\n", lun ? lun : buf[1] >> 5);
414 if (command != 0x03 && command != 0x12) /* REQUEST SENSE and INQUIRY */
419 DPRINTF("Test Unit Ready\n");
422 DPRINTF("Request Sense (len %d)\n", len);
425 memset(outbuf, 0, 4);
427 if (s->sense == SENSE_NOT_READY && len >= 18) {
428 memset(outbuf, 0, 18);
431 /* asc 0x3a, ascq 0: Medium not present */
437 outbuf[2] = s->sense;
440 DPRINTF("Inquiry (len %d)\n", len);
442 /* Command support data - optional, not implemented */
443 BADF("optional INQUIRY command support request not implemented\n");
446 else if (buf[1] & 0x1) {
447 /* Vital product data */
448 uint8_t page_code = buf[2];
450 BADF("Error: Inquiry (EVPD[%02X]) buffer size %d is "
451 "less than 4\n", page_code, len);
458 /* Supported page codes, mandatory */
459 DPRINTF("Inquiry EVPD[Supported pages] "
460 "buffer size %d\n", len);
464 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
465 outbuf[r->buf_len++] = 5;
467 outbuf[r->buf_len++] = 0;
470 outbuf[r->buf_len++] = 0x00; // this page
471 outbuf[r->buf_len++] = 0x00;
472 outbuf[r->buf_len++] = 3; // number of pages
473 outbuf[r->buf_len++] = 0x00; // list of supported pages (this page)
474 outbuf[r->buf_len++] = 0x80; // unit serial number
475 outbuf[r->buf_len++] = 0x83; // device identification
482 /* Device serial number, optional */
484 BADF("Error: EVPD[Serial number] Inquiry buffer "
485 "size %d too small, %d needed\n", len, 4);
489 DPRINTF("Inquiry EVPD[Serial number] buffer size %d\n", len);
490 l = MIN(len, strlen(s->drive_serial_str));
494 /* Supported page codes */
495 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
496 outbuf[r->buf_len++] = 5;
498 outbuf[r->buf_len++] = 0;
501 outbuf[r->buf_len++] = 0x80; // this page
502 outbuf[r->buf_len++] = 0x00;
503 outbuf[r->buf_len++] = l;
504 memcpy(&outbuf[r->buf_len], s->drive_serial_str, l);
511 /* Device identification page, mandatory */
512 int max_len = 255 - 8;
513 int id_len = strlen(bdrv_get_device_name(s->bdrv));
514 if (id_len > max_len)
517 DPRINTF("Inquiry EVPD[Device identification] "
518 "buffer size %d\n", len);
520 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
521 outbuf[r->buf_len++] = 5;
523 outbuf[r->buf_len++] = 0;
526 outbuf[r->buf_len++] = 0x83; // this page
527 outbuf[r->buf_len++] = 0x00;
528 outbuf[r->buf_len++] = 3 + id_len;
530 outbuf[r->buf_len++] = 0x2; // ASCII
531 outbuf[r->buf_len++] = 0; // not officially assigned
532 outbuf[r->buf_len++] = 0; // reserved
533 outbuf[r->buf_len++] = id_len; // length of data following
535 memcpy(&outbuf[r->buf_len],
536 bdrv_get_device_name(s->bdrv), id_len);
537 r->buf_len += id_len;
541 BADF("Error: unsupported Inquiry (EVPD[%02X]) "
542 "buffer size %d\n", page_code, len);
549 /* Standard INQUIRY data */
551 BADF("Error: Inquiry (STANDARD) page or code "
552 "is non-zero [%02X]\n", buf[2]);
558 BADF("Error: Inquiry (STANDARD) buffer size %d "
559 "is less than 5\n", len);
564 BADF("Error: Inquiry (STANDARD) buffer size %d "
565 "is less than 36 (TODO: only 5 required)\n", len);
569 if(len > SCSI_MAX_INQUIRY_LEN)
570 len = SCSI_MAX_INQUIRY_LEN;
572 memset(outbuf, 0, len);
574 if (lun || buf[1] >> 5) {
575 outbuf[0] = 0x7f; /* LUN not supported */
576 } else if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
579 memcpy(&outbuf[16], "QEMU CD-ROM ", 16);
582 memcpy(&outbuf[16], "QEMU HARDDISK ", 16);
584 memcpy(&outbuf[8], "QEMU ", 8);
585 memcpy(&outbuf[32], QEMU_VERSION, 4);
586 /* Identify device as SCSI-3 rev 1.
587 Some later commands are also implemented. */
589 outbuf[3] = 2; /* Format 2 */
590 outbuf[4] = len - 5; /* Additional Length = (Len - 1) - 4 */
591 /* Sync data transfer and TCQ. */
592 outbuf[7] = 0x10 | (s->tcq ? 0x02 : 0);
596 DPRINTF("Reserve(6)\n");
601 DPRINTF("Release(6)\n");
611 page = buf[2] & 0x3f;
612 DPRINTF("Mode Sense (page %d, len %d)\n", page, len);
615 outbuf[1] = 0; /* Default media type. */
616 outbuf[3] = 0; /* Block descriptor length. */
617 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
618 outbuf[2] = 0x80; /* Readonly. */
622 int cylinders, heads, secs;
624 /* Rigid disk device geometry page. */
627 /* if a geometry hint is available, use it */
628 bdrv_get_geometry_hint(s->bdrv, &cylinders, &heads, &secs);
629 p[2] = (cylinders >> 16) & 0xff;
630 p[3] = (cylinders >> 8) & 0xff;
631 p[4] = cylinders & 0xff;
633 /* Write precomp start cylinder, disabled */
634 p[6] = (cylinders >> 16) & 0xff;
635 p[7] = (cylinders >> 8) & 0xff;
636 p[8] = cylinders & 0xff;
637 /* Reduced current start cylinder, disabled */
638 p[9] = (cylinders >> 16) & 0xff;
639 p[10] = (cylinders >> 8) & 0xff;
640 p[11] = cylinders & 0xff;
641 /* Device step rate [ns], 200ns */
644 /* Landing zone cylinder */
648 /* Medium rotation rate [rpm], 5400 rpm */
649 p[20] = (5400 >> 8) & 0xff;
652 } else if (page == 5) {
653 int cylinders, heads, secs;
655 /* Flexible disk device geometry page. */
658 /* Transfer rate [kbit/s], 5Mbit/s */
661 /* if a geometry hint is available, use it */
662 bdrv_get_geometry_hint(s->bdrv, &cylinders, &heads, &secs);
665 p[6] = s->cluster_size * 2;
666 p[8] = (cylinders >> 8) & 0xff;
667 p[9] = cylinders & 0xff;
668 /* Write precomp start cylinder, disabled */
669 p[10] = (cylinders >> 8) & 0xff;
670 p[11] = cylinders & 0xff;
671 /* Reduced current start cylinder, disabled */
672 p[12] = (cylinders >> 8) & 0xff;
673 p[13] = cylinders & 0xff;
674 /* Device step rate [100us], 100us */
677 /* Device step pulse width [us], 1us */
679 /* Device head settle delay [100us], 100us */
682 /* Motor on delay [0.1s], 0.1s */
684 /* Motor off delay [0.1s], 0.1s */
686 /* Medium rotation rate [rpm], 5400 rpm */
687 p[28] = (5400 >> 8) & 0xff;
690 } else if ((page == 8 || page == 0x3f)) {
698 if ((page == 0x3f || page == 0x2a)
699 && (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM)) {
700 /* CD Capabilities and Mechanical Status page. */
703 p[2] = 3; // CD-R & CD-RW read
704 p[3] = 0; // Writing not supported
705 p[4] = 0x7f; /* Audio, composite, digital out,
706 mode 2 form 1&2, multi session */
707 p[5] = 0xff; /* CD DA, DA accurate, RW supported,
708 RW corrected, C2 errors, ISRC,
710 p[6] = 0x2d | (bdrv_is_locked(s->bdrv)? 2 : 0);
711 /* Locking supported, jumper present, eject, tray */
712 p[7] = 0; /* no volume & mute control, no
714 p[8] = (50 * 176) >> 8; // 50x read speed
715 p[9] = (50 * 176) & 0xff;
716 p[10] = 0 >> 8; // No volume
718 p[12] = 2048 >> 8; // 2M buffer
720 p[14] = (16 * 176) >> 8; // 16x read speed current
721 p[15] = (16 * 176) & 0xff;
722 p[18] = (16 * 176) >> 8; // 16x write speed
723 p[19] = (16 * 176) & 0xff;
724 p[20] = (16 * 176) >> 8; // 16x write speed current
725 p[21] = (16 * 176) & 0xff;
728 r->buf_len = p - outbuf;
729 outbuf[0] = r->buf_len - 4;
730 if (r->buf_len > len)
735 DPRINTF("Start Stop Unit\n");
736 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM &&
738 /* load/eject medium */
739 bdrv_eject(s->bdrv, !(buf[4] & 1));
742 DPRINTF("Prevent Allow Medium Removal (prevent = %d)\n", buf[4] & 3);
743 bdrv_set_locked(s->bdrv, buf[4] & 1);
746 DPRINTF("Read Capacity\n");
747 /* The normal LEN field for this command is zero. */
748 memset(outbuf, 0, 8);
749 bdrv_get_geometry(s->bdrv, &nb_sectors);
750 nb_sectors /= s->cluster_size;
751 /* Returned value is the address of the last sector. */
754 /* Remember the new size for read/write sanity checking. */
755 s->max_lba = nb_sectors;
756 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
757 if (nb_sectors > UINT32_MAX)
758 nb_sectors = UINT32_MAX;
759 outbuf[0] = (nb_sectors >> 24) & 0xff;
760 outbuf[1] = (nb_sectors >> 16) & 0xff;
761 outbuf[2] = (nb_sectors >> 8) & 0xff;
762 outbuf[3] = nb_sectors & 0xff;
765 outbuf[6] = s->cluster_size * 2;
769 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_NOT_READY);
776 DPRINTF("Read (sector %lld, count %d)\n", lba, len);
777 if (lba > s->max_lba)
779 r->sector = lba * s->cluster_size;
780 r->sector_count = len * s->cluster_size;
785 DPRINTF("Write (sector %lld, count %d)\n", lba, len);
786 if (lba > s->max_lba)
788 r->sector = lba * s->cluster_size;
789 r->sector_count = len * s->cluster_size;
793 DPRINTF("Synchronise cache (sector %d, count %d)\n", lba, len);
798 int start_track, format, msf, toclen;
801 format = buf[2] & 0xf;
802 start_track = buf[6];
803 bdrv_get_geometry(s->bdrv, &nb_sectors);
804 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
805 nb_sectors /= s->cluster_size;
808 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
811 /* multi session : only a single session defined */
813 memset(outbuf, 0, 12);
819 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
831 DPRINTF("Read TOC error\n");
835 DPRINTF("Get Configuration (rt %d, maxlen %d)\n", buf[1] & 3, len);
836 memset(outbuf, 0, 8);
837 /* ??? This should probably return much more information. For now
838 just return the basic header indicating the CD-ROM profile. */
839 outbuf[7] = 8; // CD-ROM
843 DPRINTF("Reserve(10)\n");
848 DPRINTF("Release(10)\n");
853 /* Service Action In subcommands. */
854 if ((buf[1] & 31) == 0x10) {
855 DPRINTF("SAI READ CAPACITY(16)\n");
856 memset(outbuf, 0, len);
857 bdrv_get_geometry(s->bdrv, &nb_sectors);
858 nb_sectors /= s->cluster_size;
859 /* Returned value is the address of the last sector. */
862 /* Remember the new size for read/write sanity checking. */
863 s->max_lba = nb_sectors;
864 outbuf[0] = (nb_sectors >> 56) & 0xff;
865 outbuf[1] = (nb_sectors >> 48) & 0xff;
866 outbuf[2] = (nb_sectors >> 40) & 0xff;
867 outbuf[3] = (nb_sectors >> 32) & 0xff;
868 outbuf[4] = (nb_sectors >> 24) & 0xff;
869 outbuf[5] = (nb_sectors >> 16) & 0xff;
870 outbuf[6] = (nb_sectors >> 8) & 0xff;
871 outbuf[7] = nb_sectors & 0xff;
874 outbuf[10] = s->cluster_size * 2;
876 /* Protection, exponent and lowest lba field left blank. */
879 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_NOT_READY);
884 DPRINTF("Unsupported Service Action In\n");
887 DPRINTF("Report LUNs (len %d)\n", len);
890 memset(outbuf, 0, 16);
895 DPRINTF("Verify (sector %d, count %d)\n", lba, len);
898 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
900 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_ILLEGAL_REQUEST);
903 scsi_command_complete(r, STATUS_CHECK_CONDITION, SENSE_HARDWARE_ERROR);
906 if (r->sector_count == 0 && r->buf_len == 0) {
907 scsi_command_complete(r, STATUS_GOOD, SENSE_NO_SENSE);
909 len = r->sector_count * 512 + r->buf_len;
913 if (!r->sector_count)
914 r->sector_count = -1;
919 static void scsi_destroy(SCSIDevice *d)
925 SCSIDevice *scsi_disk_init(BlockDriverState *bdrv, int tcq,
926 scsi_completionfn completion, void *opaque)
932 s = (SCSIDeviceState *)qemu_mallocz(sizeof(SCSIDeviceState));
935 s->completion = completion;
937 if (bdrv_get_type_hint(s->bdrv) == BDRV_TYPE_CDROM) {
942 bdrv_get_geometry(s->bdrv, &nb_sectors);
943 nb_sectors /= s->cluster_size;
946 s->max_lba = nb_sectors;
947 strncpy(s->drive_serial_str, drive_get_serial(s->bdrv),
948 sizeof(s->drive_serial_str));
949 if (strlen(s->drive_serial_str) == 0)
950 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), "0");
951 qemu_add_vm_change_state_handler(scsi_dma_restart_cb, s);
952 d = (SCSIDevice *)qemu_mallocz(sizeof(SCSIDevice));
954 d->destroy = scsi_destroy;
955 d->send_command = scsi_send_command;
956 d->read_data = scsi_read_data;
957 d->write_data = scsi_write_data;
958 d->cancel_io = scsi_cancel_io;
959 d->get_buf = scsi_get_buf;
projects / qemu / blob