From: Laurent Vivier <Laurent.Vivier@bull.net>
Cc: qemu-devel@nongnu.org
Subject: [Qemu-devel] [PATCH 1/3] SG support (Synchronous I/O)
Date: Wed, 28 Nov 2007 14:23:37 +0100 [thread overview]
Message-ID: <11962562172906@bull.net> (raw)
In-Reply-To: <1196256214740@bull.net>
This patch allows to connect the virtual SCSI interface of Qemu to
a real SCSI device of the host.
Using the devices /dev/sg, it allows to send the SCSI command from the
virtual SCSI interface to the real device.
This patch uses synchronous SCSI I/O.
block-raw.c has been modified to disable the "lseek()" when offset is less than
0 in raw_pread() and raw_pwrite() to be able to use them on /dev/sg devices.
---
Makefile | 1
block-raw.c | 19 +
block.c | 17 +
block.h | 2
block_int.h | 4
hw/esp.c | 20 +
hw/lsi53c895a.c | 22 +-
hw/scsi-disk.c | 62 +++--
hw/scsi-disk.h | 29 +-
hw/scsi-generic.c | 577 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
hw/usb-msd.c | 16 -
11 files changed, 704 insertions(+), 65 deletions(-)
Index: qemu/block-raw.c
===================================================================
--- qemu.orig/block-raw.c 2007-11-28 11:39:19.000000000 +0100
+++ qemu/block-raw.c 2007-11-28 13:12:02.000000000 +0100
@@ -52,6 +52,7 @@
#include <sys/ioctl.h>
#include <linux/cdrom.h>
#include <linux/fd.h>
+#include <linux/major.h>
#endif
#ifdef __FreeBSD__
#include <sys/disk.h>
@@ -148,7 +149,7 @@ static int raw_pread(BlockDriverState *b
if (ret < 0)
return ret;
- if (lseek(s->fd, offset, SEEK_SET) == (off_t)-1) {
+ if (offset >= 0 && lseek(s->fd, offset, SEEK_SET) == (off_t)-1) {
++(s->lseek_err_cnt);
if(s->lseek_err_cnt <= 10) {
DEBUG_BLOCK_PRINT("raw_pread(%d:%s, %" PRId64 ", %p, %d) [%" PRId64
@@ -201,7 +202,7 @@ static int raw_pwrite(BlockDriverState *
if (ret < 0)
return ret;
- if (lseek(s->fd, offset, SEEK_SET) == (off_t)-1) {
+ if (offset >= 0 && lseek(s->fd, offset, SEEK_SET) == (off_t)-1) {
++(s->lseek_err_cnt);
if(s->lseek_err_cnt) {
DEBUG_BLOCK_PRINT("raw_pwrite(%d:%s, %" PRId64 ", %p, %d) [%"
@@ -672,6 +673,8 @@ static int hdev_open(BlockDriverState *b
s->fd_open_flags = open_flags;
/* open will not fail even if no floppy is inserted */
open_flags |= O_NONBLOCK;
+ } else if (strstart(filename, "/dev/sg", NULL)) {
+ bs->sg = 1;
}
#endif
fd = open(filename, open_flags, 0644);
@@ -851,6 +854,12 @@ static int raw_set_locked(BlockDriverSta
return 0;
}
+static int raw_ioctl(BlockDriverState *bs, unsigned long int req, void *buf)
+{
+ BDRVRawState *s = bs->opaque;
+
+ return ioctl(s->fd, req, buf);
+}
#else
static int raw_is_inserted(BlockDriverState *bs)
@@ -873,6 +882,10 @@ static int raw_set_locked(BlockDriverSta
return -ENOTSUP;
}
+static int raw_ioctl(BlockDriverState *bs, unsigned long int req, void *buf)
+{
+ return -ENOTSUP;
+}
#endif /* !linux */
BlockDriver bdrv_host_device = {
@@ -899,6 +912,8 @@ BlockDriver bdrv_host_device = {
.bdrv_media_changed = raw_media_changed,
.bdrv_eject = raw_eject,
.bdrv_set_locked = raw_set_locked,
+ /* generic scsi device */
+ .bdrv_ioctl = raw_ioctl,
};
#else /* _WIN32 */
Index: qemu/block.c
===================================================================
--- qemu.orig/block.c 2007-11-28 11:39:19.000000000 +0100
+++ qemu/block.c 2007-11-28 11:44:37.000000000 +0100
@@ -303,7 +303,6 @@ int bdrv_file_open(BlockDriverState **pb
{
BlockDriverState *bs;
int ret;
-
bs = bdrv_new("");
if (!bs)
return -ENOMEM;
@@ -780,6 +779,11 @@ int bdrv_is_read_only(BlockDriverState *
return bs->read_only;
}
+int bdrv_is_sg(BlockDriverState *bs)
+{
+ return bs->sg;
+}
+
/* XXX: no longer used */
void bdrv_set_change_cb(BlockDriverState *bs,
void (*change_cb)(void *opaque), void *opaque)
@@ -1352,3 +1356,14 @@ void bdrv_set_locked(BlockDriverState *b
drv->bdrv_set_locked(bs, locked);
}
}
+
+/* needed for generic scsi interface */
+
+int bdrv_ioctl(BlockDriverState *bs, unsigned long int req, void *buf)
+{
+ BlockDriver *drv = bs->drv;
+
+ if (drv && drv->bdrv_ioctl)
+ return drv->bdrv_ioctl(bs, req, buf);
+ return -ENOTSUP;
+}
Index: qemu/block.h
===================================================================
--- qemu.orig/block.h 2007-11-28 11:39:19.000000000 +0100
+++ qemu/block.h 2007-11-28 11:44:37.000000000 +0100
@@ -117,6 +117,7 @@ int bdrv_get_type_hint(BlockDriverState
int bdrv_get_translation_hint(BlockDriverState *bs);
int bdrv_is_removable(BlockDriverState *bs);
int bdrv_is_read_only(BlockDriverState *bs);
+int bdrv_is_sg(BlockDriverState *bs);
int bdrv_is_inserted(BlockDriverState *bs);
int bdrv_media_changed(BlockDriverState *bs);
int bdrv_is_locked(BlockDriverState *bs);
@@ -146,6 +147,7 @@ int bdrv_snapshot_delete(BlockDriverStat
int bdrv_snapshot_list(BlockDriverState *bs,
QEMUSnapshotInfo **psn_info);
char *bdrv_snapshot_dump(char *buf, int buf_size, QEMUSnapshotInfo *sn);
+int bdrv_ioctl(BlockDriverState *bs, unsigned long int req, void *buf);
char *get_human_readable_size(char *buf, int buf_size, int64_t size);
int path_is_absolute(const char *path);
Index: qemu/block_int.h
===================================================================
--- qemu.orig/block_int.h 2007-11-28 11:39:19.000000000 +0100
+++ qemu/block_int.h 2007-11-28 11:44:37.000000000 +0100
@@ -82,6 +82,9 @@ struct BlockDriver {
int (*bdrv_eject)(BlockDriverState *bs, int eject_flag);
int (*bdrv_set_locked)(BlockDriverState *bs, int locked);
+ /* to control generic scsi devices */
+ int (*bdrv_ioctl)(BlockDriverState *bs, unsigned long int req, char *buf);
+
BlockDriverAIOCB *free_aiocb;
struct BlockDriver *next;
};
@@ -93,6 +96,7 @@ struct BlockDriverState {
int removable; /* if true, the media can be removed */
int locked; /* if true, the media cannot temporarily be ejected */
int encrypted; /* if true, the media is encrypted */
+ int sg; /* if true, the device is a /dev/sg* */
/* event callback when inserting/removing */
void (*change_cb)(void *opaque);
void *change_opaque;
Index: qemu/hw/scsi-disk.c
===================================================================
--- qemu.orig/hw/scsi-disk.c 2007-11-28 11:39:19.000000000 +0100
+++ qemu/hw/scsi-disk.c 2007-11-28 11:44:37.000000000 +0100
@@ -37,7 +37,7 @@ do { fprintf(stderr, "scsi-disk: " fmt ,
#define SCSI_DMA_BUF_SIZE 65536
typedef struct SCSIRequest {
- SCSIDevice *dev;
+ SCSIDeviceState *dev;
uint32_t tag;
/* ??? We should probably keep track of whether the data trasfer is
a read or a write. Currently we rely on the host getting it right. */
@@ -51,7 +51,7 @@ typedef struct SCSIRequest {
struct SCSIRequest *next;
} SCSIRequest;
-struct SCSIDevice
+struct SCSIDeviceState
{
BlockDriverState *bdrv;
SCSIRequest *requests;
@@ -69,7 +69,7 @@ struct SCSIDevice
/* Global pool of SCSIRequest structures. */
static SCSIRequest *free_requests = NULL;
-static SCSIRequest *scsi_new_request(SCSIDevice *s, uint32_t tag)
+static SCSIRequest *scsi_new_request(SCSIDeviceState *s, uint32_t tag)
{
SCSIRequest *r;
@@ -93,7 +93,7 @@ static SCSIRequest *scsi_new_request(SCS
static void scsi_remove_request(SCSIRequest *r)
{
SCSIRequest *last;
- SCSIDevice *s = r->dev;
+ SCSIDeviceState *s = r->dev;
if (s->requests == r) {
s->requests = r->next;
@@ -111,7 +111,7 @@ static void scsi_remove_request(SCSIRequ
free_requests = r;
}
-static SCSIRequest *scsi_find_request(SCSIDevice *s, uint32_t tag)
+static SCSIRequest *scsi_find_request(SCSIDeviceState *s, uint32_t tag)
{
SCSIRequest *r;
@@ -125,7 +125,7 @@ static SCSIRequest *scsi_find_request(SC
/* Helper function for command completion. */
static void scsi_command_complete(SCSIRequest *r, int sense)
{
- SCSIDevice *s = r->dev;
+ SCSIDeviceState *s = r->dev;
uint32_t tag;
DPRINTF("Command complete tag=0x%x sense=%d\n", r->tag, sense);
s->sense = sense;
@@ -135,8 +135,9 @@ static void scsi_command_complete(SCSIRe
}
/* Cancel a pending data transfer. */
-void scsi_cancel_io(SCSIDevice *s, uint32_t tag)
+static void scsi_cancel_io(SCSIDevice *d, uint32_t tag)
{
+ SCSIDeviceState *s = d->state;
SCSIRequest *r;
DPRINTF("Cancel tag=0x%x\n", tag);
r = scsi_find_request(s, tag);
@@ -151,7 +152,7 @@ void scsi_cancel_io(SCSIDevice *s, uint3
static void scsi_read_complete(void * opaque, int ret)
{
SCSIRequest *r = (SCSIRequest *)opaque;
- SCSIDevice *s = r->dev;
+ SCSIDeviceState *s = r->dev;
if (ret) {
DPRINTF("IO error\n");
@@ -164,8 +165,9 @@ static void scsi_read_complete(void * op
}
/* Read more data from scsi device into buffer. */
-void scsi_read_data(SCSIDevice *s, uint32_t tag)
+static void scsi_read_data(SCSIDevice *d, uint32_t tag)
{
+ SCSIDeviceState *s = d->state;
SCSIRequest *r;
uint32_t n;
@@ -204,7 +206,7 @@ void scsi_read_data(SCSIDevice *s, uint3
static void scsi_write_complete(void * opaque, int ret)
{
SCSIRequest *r = (SCSIRequest *)opaque;
- SCSIDevice *s = r->dev;
+ SCSIDeviceState *s = r->dev;
uint32_t len;
if (ret) {
@@ -228,8 +230,9 @@ static void scsi_write_complete(void * o
/* Write data to a scsi device. Returns nonzero on failure.
The transfer may complete asynchronously. */
-int scsi_write_data(SCSIDevice *s, uint32_t tag)
+static int scsi_write_data(SCSIDevice *d, uint32_t tag)
{
+ SCSIDeviceState *s = d->state;
SCSIRequest *r;
uint32_t n;
@@ -259,8 +262,9 @@ int scsi_write_data(SCSIDevice *s, uint3
}
/* Return a pointer to the data buffer. */
-uint8_t *scsi_get_buf(SCSIDevice *s, uint32_t tag)
+static uint8_t *scsi_get_buf(SCSIDevice *d, uint32_t tag)
{
+ SCSIDeviceState *s = d->state;
SCSIRequest *r;
r = scsi_find_request(s, tag);
@@ -276,8 +280,10 @@ uint8_t *scsi_get_buf(SCSIDevice *s, uin
(eg. disk reads), negative for transfers to the device (eg. disk writes),
and zero if the command does not transfer any data. */
-int32_t scsi_send_command(SCSIDevice *s, uint32_t tag, uint8_t *buf, int lun)
+static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
+ uint8_t *buf, int lun)
{
+ SCSIDeviceState *s = d->state;
int64_t nb_sectors;
uint32_t lba;
uint32_t len;
@@ -291,7 +297,7 @@ int32_t scsi_send_command(SCSIDevice *s,
r = scsi_find_request(s, tag);
if (r) {
BADF("Tag 0x%x already in use\n", tag);
- scsi_cancel_io(s, tag);
+ scsi_cancel_io(d, tag);
}
/* ??? Tags are not unique for different luns. We only implement a
single lun, so this should not matter. */
@@ -576,19 +582,19 @@ int32_t scsi_send_command(SCSIDevice *s,
}
}
-void scsi_disk_destroy(SCSIDevice *s)
+static void scsi_destroy(SCSIDevice *d)
{
- qemu_free(s);
+ qemu_free(d->state);
+ qemu_free(d);
}
-SCSIDevice *scsi_disk_init(BlockDriverState *bdrv,
- int tcq,
- scsi_completionfn completion,
- void *opaque)
+SCSIDevice *scsi_disk_init(BlockDriverState *bdrv, int tcq,
+ scsi_completionfn completion, void *opaque)
{
- SCSIDevice *s;
+ SCSIDevice *d;
+ SCSIDeviceState *s;
- s = (SCSIDevice *)qemu_mallocz(sizeof(SCSIDevice));
+ s = (SCSIDeviceState *)qemu_mallocz(sizeof(SCSIDeviceState));
s->bdrv = bdrv;
s->tcq = tcq;
s->completion = completion;
@@ -599,6 +605,14 @@ SCSIDevice *scsi_disk_init(BlockDriverSt
s->cluster_size = 1;
}
- return s;
-}
+ d = (SCSIDevice *)qemu_mallocz(sizeof(SCSIDevice));
+ d->state = s;
+ d->destroy = scsi_destroy;
+ d->send_command = scsi_send_command;
+ d->read_data = scsi_read_data;
+ d->write_data = scsi_write_data;
+ d->cancel_io = scsi_cancel_io;
+ d->get_buf = scsi_get_buf;
+ return d;
+}
Index: qemu/hw/esp.c
===================================================================
--- qemu.orig/hw/esp.c 2007-11-28 11:44:31.000000000 +0100
+++ qemu/hw/esp.c 2007-11-28 11:44:37.000000000 +0100
@@ -120,7 +120,7 @@ static int get_cmd(ESPState *s, uint8_t
if (s->current_dev) {
/* Started a new command before the old one finished. Cancel it. */
- scsi_cancel_io(s->current_dev, 0);
+ s->current_dev->cancel_io(s->current_dev, 0);
s->async_len = 0;
}
@@ -143,7 +143,7 @@ static void do_cmd(ESPState *s, uint8_t
DPRINTF("do_cmd: busid 0x%x\n", buf[0]);
lun = buf[0] & 7;
- datalen = scsi_send_command(s->current_dev, 0, &buf[1], lun);
+ datalen = s->current_dev->send_command(s->current_dev, 0, &buf[1], lun);
s->ti_size = datalen;
if (datalen != 0) {
s->rregs[4] = STAT_IN | STAT_TC;
@@ -151,10 +151,10 @@ static void do_cmd(ESPState *s, uint8_t
s->dma_counter = 0;
if (datalen > 0) {
s->rregs[4] |= STAT_DI;
- scsi_read_data(s->current_dev, 0);
+ s->current_dev->read_data(s->current_dev, 0);
} else {
s->rregs[4] |= STAT_DO;
- scsi_write_data(s->current_dev, 0);
+ s->current_dev->write_data(s->current_dev, 0);
}
}
s->rregs[5] = INTR_BS | INTR_FC;
@@ -253,9 +253,9 @@ static void esp_do_dma(ESPState *s)
if (s->async_len == 0) {
if (to_device) {
// ti_size is negative
- scsi_write_data(s->current_dev, 0);
+ s->current_dev->write_data(s->current_dev, 0);
} else {
- scsi_read_data(s->current_dev, 0);
+ s->current_dev->read_data(s->current_dev, 0);
/* If there is still data to be read from the device then
complete the DMA operation immeriately. Otherwise defer
until the scsi layer has completed. */
@@ -290,7 +290,7 @@ static void esp_command_complete(void *o
} else {
DPRINTF("transfer %d/%d\n", s->dma_left, s->ti_size);
s->async_len = arg;
- s->async_buf = scsi_get_buf(s->current_dev, 0);
+ s->async_buf = s->current_dev->get_buf(s->current_dev, 0);
if (s->dma_left) {
esp_do_dma(s);
} else if (s->dma_counter != 0 && s->ti_size <= 0) {
@@ -569,11 +569,13 @@ void esp_scsi_attach(void *opaque, Block
}
if (s->scsi_dev[id]) {
DPRINTF("Destroying device %d\n", id);
- scsi_disk_destroy(s->scsi_dev[id]);
+ s->scsi_dev[id]->destroy(s->scsi_dev[id]);
}
DPRINTF("Attaching block device %d\n", id);
/* Command queueing is not implemented. */
- s->scsi_dev[id] = scsi_disk_init(bd, 0, esp_command_complete, s);
+ s->scsi_dev[id] = scsi_generic_init(bd, 0, esp_command_complete, s);
+ if (s->scsi_dev[id] == NULL)
+ s->scsi_dev[id] = scsi_disk_init(bd, 0, esp_command_complete, s);
}
void *esp_init(target_phys_addr_t espaddr,
Index: qemu/hw/lsi53c895a.c
===================================================================
--- qemu.orig/hw/lsi53c895a.c 2007-11-28 11:44:31.000000000 +0100
+++ qemu/hw/lsi53c895a.c 2007-11-28 13:12:02.000000000 +0100
@@ -465,7 +465,8 @@ static void lsi_do_dma(LSIState *s, int
s->dbc -= count;
if (s->dma_buf == NULL) {
- s->dma_buf = scsi_get_buf(s->current_dev, s->current_tag);
+ s->dma_buf = s->current_dev->get_buf(s->current_dev,
+ s->current_tag);
}
/* ??? Set SFBR to first data byte. */
@@ -479,10 +480,10 @@ static void lsi_do_dma(LSIState *s, int
s->dma_buf = NULL;
if (out) {
/* Write the data. */
- scsi_write_data(s->current_dev, s->current_tag);
+ s->current_dev->write_data(s->current_dev, s->current_tag);
} else {
/* Request any remaining data. */
- scsi_read_data(s->current_dev, s->current_tag);
+ s->current_dev->read_data(s->current_dev, s->current_tag);
}
} else {
s->dma_buf += count;
@@ -631,13 +632,14 @@ static void lsi_do_command(LSIState *s)
s->dbc = 16;
cpu_physical_memory_read(s->dnad, buf, s->dbc);
s->sfbr = buf[0];
- n = scsi_send_command(s->current_dev, s->current_tag, buf, s->current_lun);
+ n = s->current_dev->send_command(s->current_dev, s->current_tag, buf,
+ s->current_lun);
if (n > 0) {
lsi_set_phase(s, PHASE_DI);
- scsi_read_data(s->current_dev, s->current_tag);
+ s->current_dev->read_data(s->current_dev, s->current_tag);
} else if (n < 0) {
lsi_set_phase(s, PHASE_DO);
- scsi_write_data(s->current_dev, s->current_tag);
+ s->current_dev->write_data(s->current_dev, s->current_tag);
}
if (n && s->current_dma_len == 0) {
/* Command did not complete immediately so disconnect. */
@@ -1268,6 +1270,8 @@ static uint8_t lsi_reg_readb(LSIState *s
return s->ctest4;
case 0x22: /* CTEST5 */
return s->ctest5;
+ case 0x23: /* CTEST6 */
+ return 0;
case 0x24: /* DBC[0:7] */
return s->dbc & 0xff;
case 0x25: /* DBC[8:15] */
@@ -1822,10 +1826,12 @@ void lsi_scsi_attach(void *opaque, Block
}
if (s->scsi_dev[id]) {
DPRINTF("Destroying device %d\n", id);
- scsi_disk_destroy(s->scsi_dev[id]);
+ s->scsi_dev[id]->destroy(s->scsi_dev[id]);
}
DPRINTF("Attaching block device %d\n", id);
- s->scsi_dev[id] = scsi_disk_init(bd, 1, lsi_command_complete, s);
+ s->scsi_dev[id] = scsi_generic_init(bd, 1, lsi_command_complete, s);
+ if (s->scsi_dev[id] == NULL)
+ s->scsi_dev[id] = scsi_disk_init(bd, 1, lsi_command_complete, s);
}
void *lsi_scsi_init(PCIBus *bus, int devfn)
Index: qemu/hw/usb-msd.c
===================================================================
--- qemu.orig/hw/usb-msd.c 2007-11-28 11:39:19.000000000 +0100
+++ qemu/hw/usb-msd.c 2007-11-28 11:44:37.000000000 +0100
@@ -149,9 +149,9 @@ static void usb_msd_copy_data(MSDState *
s->data_len -= len;
if (s->scsi_len == 0) {
if (s->mode == USB_MSDM_DATAIN) {
- scsi_read_data(s->scsi_dev, s->tag);
+ s->scsi_dev->read_data(s->scsi_dev, s->tag);
} else if (s->mode == USB_MSDM_DATAOUT) {
- scsi_write_data(s->scsi_dev, s->tag);
+ s->scsi_dev->write_data(s->scsi_dev, s->tag);
}
}
}
@@ -204,7 +204,7 @@ static void usb_msd_command_complete(voi
return;
}
s->scsi_len = arg;
- s->scsi_buf = scsi_get_buf(s->scsi_dev, tag);
+ s->scsi_buf = s->scsi_dev->get_buf(s->scsi_dev, tag);
if (p) {
usb_msd_copy_data(s);
if (s->usb_len == 0) {
@@ -342,7 +342,7 @@ static int usb_msd_handle_control(USBDev
static void usb_msd_cancel_io(USBPacket *p, void *opaque)
{
MSDState *s = opaque;
- scsi_cancel_io(s->scsi_dev, s->tag);
+ s->scsi_dev->cancel_io(s->scsi_dev, s->tag);
s->packet = NULL;
s->scsi_len = 0;
}
@@ -390,14 +390,14 @@ static int usb_msd_handle_data(USBDevice
DPRINTF("Command tag 0x%x flags %08x len %d data %d\n",
s->tag, cbw.flags, cbw.cmd_len, s->data_len);
s->residue = 0;
- scsi_send_command(s->scsi_dev, s->tag, cbw.cmd, 0);
+ s->scsi_dev->send_command(s->scsi_dev, s->tag, cbw.cmd, 0);
/* ??? Should check that USB and SCSI data transfer
directions match. */
if (s->residue == 0) {
if (s->mode == USB_MSDM_DATAIN) {
- scsi_read_data(s->scsi_dev, s->tag);
+ s->scsi_dev->read_data(s->scsi_dev, s->tag);
} else if (s->mode == USB_MSDM_DATAOUT) {
- scsi_write_data(s->scsi_dev, s->tag);
+ s->scsi_dev->write_data(s->scsi_dev, s->tag);
}
}
ret = len;
@@ -508,7 +508,7 @@ static void usb_msd_handle_destroy(USBDe
{
MSDState *s = (MSDState *)dev;
- scsi_disk_destroy(s->scsi_dev);
+ s->scsi_dev->destroy(s->scsi_dev);
bdrv_delete(s->bs);
qemu_free(s);
}
Index: qemu/hw/scsi-generic.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ qemu/hw/scsi-generic.c 2007-11-28 13:12:12.000000000 +0100
@@ -0,0 +1,577 @@
+/*
+ * Generic SCSI Device support
+ *
+ * Copyright (c) 2007 Bull S.A.S.
+ * Based on code by Paul Brook
+ * Based on code by Fabrice Bellard
+ *
+ * Written by Laurent Vivier <Laurent.Vivier@bull.net>
+ *
+ * This code is licenced under the LGPL.
+ *
+ */
+
+#include "qemu-common.h"
+#include "block.h"
+#include "scsi-disk.h"
+
+#ifndef __linux__
+
+SCSIDevice *scsi_generic_init(BlockDriverState *bdrv, int tcq,
+ scsi_completionfn completion, void *opaque)
+{
+ return NULL;
+}
+
+#else /* __linux__ */
+
+//#define DEBUG_SCSI
+
+#ifdef DEBUG_SCSI
+#define DPRINTF(fmt, args...) \
+do { printf("scsi-generic: " fmt , ##args); } while (0)
+#else
+#define DPRINTF(fmt, args...) do {} while(0)
+#endif
+
+#define BADF(fmt, args...) \
+do { fprintf(stderr, "scsi-generic: " fmt , ##args); } while (0)
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <scsi/sg.h>
+#include <scsi/scsi.h>
+
+#define LOAD_UNLOAD 0xa6
+#define SET_CD_SPEED 0xbb
+
+#define SCSI_CMD_BUF_SIZE 16
+#define SCSI_SENSE_BUF_SIZE 32
+
+#define SG_ERR_DRIVER_SENSE 0x08
+
+typedef struct SCSIRequest {
+ struct SCSIRequest *next;
+ SCSIDeviceState *dev;
+ uint32_t tag;
+ uint8_t cmd[SCSI_CMD_BUF_SIZE];
+ int cmdlen;
+ uint8_t *buf;
+ int buflen;
+ int len;
+ int driver_status;
+ uint8_t sensebuf[SCSI_SENSE_BUF_SIZE];
+} SCSIRequest;
+
+struct SCSIDeviceState
+{
+ SCSIRequest *requests;
+ BlockDriverState *bdrv;
+ int blocksize;
+ int lun;
+ scsi_completionfn completion;
+ void *opaque;
+};
+
+/* Global pool of SCSIRequest structures. */
+static SCSIRequest *free_requests = NULL;
+
+static SCSIRequest *scsi_new_request(SCSIDeviceState *s, uint32_t tag)
+{
+ SCSIRequest *r;
+
+ if (free_requests) {
+ r = free_requests;
+ free_requests = r->next;
+ } else {
+ r = qemu_malloc(sizeof(SCSIRequest));
+ r->buf = NULL;
+ r->buflen = 0;
+ }
+ r->dev = s;
+ r->tag = tag;
+ memset(r->cmd, 0, sizeof(r->cmd));
+ memset(r->sensebuf, 0, sizeof(r->sensebuf));
+ r->cmdlen = 0;
+ r->len = 0;
+
+ /* link */
+
+ r->next = s->requests;
+ s->requests = r;
+ return r;
+}
+
+static void scsi_remove_request(SCSIRequest *r)
+{
+ SCSIRequest *last;
+ SCSIDeviceState *s = r->dev;
+
+ if (s->requests == r) {
+ s->requests = r->next;
+ } else {
+ last = s->requests;
+ while (last && last->next != r)
+ last = last->next;
+ if (last) {
+ last->next = r->next;
+ } else {
+ BADF("Orphaned request\n");
+ }
+ }
+ r->next = free_requests;
+ free_requests = r;
+}
+
+static SCSIRequest *scsi_find_request(SCSIDeviceState *s, uint32_t tag)
+{
+ SCSIRequest *r;
+
+ r = s->requests;
+ while (r && r->tag != tag)
+ r = r->next;
+
+ return r;
+}
+
+static int scsi_get_sense(SCSIRequest *r)
+{
+ if ((r->driver_status & SG_ERR_DRIVER_SENSE) == 0)
+ return NO_SENSE;
+ return r->sensebuf[2] & 0x0f;
+}
+
+/* Helper function for command completion. */
+static void scsi_command_complete(SCSIRequest *r, int sense)
+{
+ SCSIDeviceState *s = r->dev;
+ uint32_t tag;
+ DPRINTF("Command complete 0x%p tag=0x%x sense=%d\n", r, r->tag, sense);
+ tag = r->tag;
+ scsi_remove_request(r);
+ s->completion(s->opaque, SCSI_REASON_DONE, tag, sense);
+}
+
+/* Cancel a pending data transfer. */
+static void scsi_cancel_io(SCSIDevice *d, uint32_t tag)
+{
+ DPRINTF("scsi_cancel_io 0x%x\n", tag);
+ SCSIDeviceState *s = d->state;
+ SCSIRequest *r;
+ DPRINTF("Cancel tag=0x%x\n", tag);
+ r = scsi_find_request(s, tag);
+ if (r) {
+ scsi_remove_request(r);
+ }
+}
+
+static int execute_command(BlockDriverState *bdrv, uint8_t *cmdbuf, int cmdlen,
+ uint8_t *outbuf, uint32_t outlen,
+ uint8_t *sensebuf, int senselen,
+ int direction, int *len)
+{
+ sg_io_hdr_t io_header;
+ int ret;
+
+ memset(&io_header, 0, sizeof(io_header));
+ io_header.interface_id = 'S';
+ io_header.dxfer_direction = direction;
+ io_header.dxfer_len = outlen;
+ io_header.dxferp = outbuf;
+ io_header.cmdp = cmdbuf;
+ io_header.cmd_len = cmdlen;
+ io_header.mx_sb_len = senselen;
+ io_header.sbp = sensebuf;
+ io_header.timeout = 6000; /* XXX */
+
+ ret = bdrv_pwrite(bdrv, -1, &io_header, sizeof(io_header));
+ if (ret == -1) {
+ BADF("execute_command: write failed ! (%d)\n", errno);
+ return -1;
+ }
+ while ((ret = bdrv_pread(bdrv, -1, &io_header, sizeof(io_header))) == -1 &&
+ errno == EINTR);
+
+ if (ret == -1) {
+ BADF("execute_command: read failed !\n");
+ return -1;
+ }
+
+ if (len != NULL)
+ *len = io_header.dxfer_len - io_header.resid;
+
+ return io_header.driver_status;
+}
+
+/* Read more data from scsi device into buffer. */
+static void scsi_read_data(SCSIDevice *d, uint32_t tag)
+{
+ SCSIDeviceState *s = d->state;
+ SCSIRequest *r;
+ int len;
+
+ DPRINTF("scsi_read_data 0x%x\n", tag);
+ r = scsi_find_request(s, tag);
+ if (!r) {
+ BADF("Bad read tag 0x%x\n", tag);
+ /* ??? This is the wrong error. */
+ scsi_command_complete(r, HARDWARE_ERROR);
+ return;
+ }
+
+ if (r->len == -1) {
+ scsi_command_complete(r, scsi_get_sense(r));
+ return;
+ }
+
+ len = r->len;
+ r->len = -1;
+ s->completion(s->opaque, SCSI_REASON_DATA, r->tag, len);
+}
+
+/* Write data to a scsi device. Returns nonzero on failure.
+ The transfer may complete asynchronously. */
+static int scsi_write_data(SCSIDevice *d, uint32_t tag)
+{
+ SCSIDeviceState *s = d->state;
+ SCSIRequest *r;
+ int ret;
+
+ DPRINTF("scsi_write_data 0x%x\n", tag);
+ r = scsi_find_request(s, tag);
+ if (!r) {
+ BADF("Bad write tag 0x%x\n", tag);
+ /* ??? This is the wrong error. */
+ scsi_command_complete(r, HARDWARE_ERROR);
+ return 0;
+ }
+
+ if (r->len == 0) {
+ r->len = r->buflen;
+ s->completion(s->opaque, SCSI_REASON_DATA, r->tag, r->len);
+ return 0;
+ }
+
+ ret = execute_command(s->bdrv, r->cmd, r->cmdlen, r->buf, r->len,
+ r->sensebuf, sizeof(r->sensebuf),
+ SG_DXFER_TO_DEV, NULL);
+ if (ret == -1) {
+ scsi_command_complete(r, HARDWARE_ERROR);
+ return 1;
+ }
+ r->driver_status = ret;
+ scsi_command_complete(r, scsi_get_sense(r));
+
+ return 0;
+}
+
+/* Return a pointer to the data buffer. */
+static uint8_t *scsi_get_buf(SCSIDevice *d, uint32_t tag)
+{
+ SCSIDeviceState *s = d->state;
+ SCSIRequest *r;
+ DPRINTF("scsi_get_buf 0x%x\n", tag);
+ r = scsi_find_request(s, tag);
+ if (!r) {
+ BADF("Bad buffer tag 0x%x\n", tag);
+ return NULL;
+ }
+ return r->buf;
+}
+
+static int scsi_length(uint8_t *cmd, int blocksize, int *cmdlen, uint32_t *len)
+{
+ switch (cmd[0] >> 5) {
+ case 0:
+ *len = cmd[4];
+ *cmdlen = 6;
+ break;
+ case 1:
+ case 2:
+ *len = cmd[8] | (cmd[7] << 8);
+ *cmdlen = 10;
+ break;
+ case 4:
+ *len = cmd[13] | (cmd[12] << 8) | (cmd[11] << 16) | (cmd[10] << 24);
+ *cmdlen = 16;
+ break;
+ case 5:
+ *len = cmd[9] | (cmd[8] << 8) | (cmd[7] << 16) | (cmd[6] << 24);
+ *cmdlen = 12;
+ break;
+ default:
+ return -1;
+ }
+
+ switch(cmd[0]) {
+ case TEST_UNIT_READY:
+ case REZERO_UNIT:
+ case START_STOP:
+ case SEEK_6:
+ case WRITE_FILEMARKS:
+ case SPACE:
+ case ERASE:
+ case ALLOW_MEDIUM_REMOVAL:
+ case VERIFY:
+ case SEEK_10:
+ case SYNCHRONIZE_CACHE:
+ case LOCK_UNLOCK_CACHE:
+ case LOAD_UNLOAD:
+ case SET_CD_SPEED:
+ case SET_LIMITS:
+ case WRITE_LONG:
+ case MOVE_MEDIUM:
+ case UPDATE_BLOCK:
+ *len = 0;
+ break;
+ case MODE_SENSE:
+ break;
+ case WRITE_SAME:
+ *len = 1;
+ break;
+ case READ_CAPACITY:
+ *len = 8;
+ break;
+ case READ_BLOCK_LIMITS:
+ *len = 6;
+ break;
+ case READ_POSITION:
+ *len = 20;
+ break;
+ case SEND_VOLUME_TAG:
+ *len *= 40;
+ break;
+ case MEDIUM_SCAN:
+ *len *= 8;
+ break;
+ case WRITE_VERIFY:
+ case WRITE_6:
+ case WRITE_10:
+ case WRITE_12:
+ case WRITE_VERIFY_12:
+ *len *= blocksize;
+ break;
+ case READ_6:
+ case READ_REVERSE:
+ case RECOVER_BUFFERED_DATA:
+ case READ_10:
+ case READ_12:
+ *len *= blocksize;
+ break;
+ }
+ return 0;
+}
+
+static int is_write(int command)
+{
+ switch (command) {
+ case COPY:
+ case COPY_VERIFY:
+ case COMPARE:
+ case CHANGE_DEFINITION:
+ case LOG_SELECT:
+ case MODE_SELECT:
+ case MODE_SELECT_10:
+ case SEND_DIAGNOSTIC:
+ case WRITE_BUFFER:
+ case FORMAT_UNIT:
+ case REASSIGN_BLOCKS:
+ case RESERVE:
+ case SEARCH_EQUAL:
+ case SEARCH_HIGH:
+ case SEARCH_LOW:
+ case WRITE_6:
+ case WRITE_10:
+ case WRITE_VERIFY:
+ case UPDATE_BLOCK:
+ case WRITE_LONG:
+ case WRITE_SAME:
+ case SEARCH_HIGH_12:
+ case SEARCH_EQUAL_12:
+ case SEARCH_LOW_12:
+ case WRITE_12:
+ case WRITE_VERIFY_12:
+ case SET_WINDOW:
+ case MEDIUM_SCAN:
+ case SEND_VOLUME_TAG:
+ case WRITE_LONG_2:
+ return 1;
+ }
+ return 0;
+}
+
+/* Execute a scsi command. Returns the length of the data expected by the
+ command. This will be Positive for data transfers from the device
+ (eg. disk reads), negative for transfers to the device (eg. disk writes),
+ and zero if the command does not transfer any data. */
+
+static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
+ uint8_t *cmd, int lun)
+{
+ SCSIDeviceState *s = d->state;
+ uint32_t len;
+ int cmdlen;
+ SCSIRequest *r;
+ int ret;
+
+ r = scsi_find_request(s, tag);
+ if (r) {
+ BADF("Tag 0x%x already in use %p\n", tag, r);
+ scsi_cancel_io(d, tag);
+ }
+ r = scsi_new_request(s, tag);
+
+ /* ??? Tags are not unique for different luns. We only implement a
+ single lun, so this should not matter. */
+
+ if (lun != s->lun || (cmd[1] >> 5) != s->lun) {
+ DPRINTF("Unimplemented LUN %d\n", lun ? lun : cmd[1] >> 5);
+ scsi_command_complete(r, ILLEGAL_REQUEST);
+ return 0;
+ }
+
+ if (scsi_length(cmd, s->blocksize, &cmdlen, &len) == -1) {
+ BADF("Unsupported command length, command %x\n", cmd[0]);
+ return 0;
+ }
+
+ DPRINTF("Command: lun=%d tag=0x%x data=0x%02x len %d\n", lun, tag,
+ command, len);
+
+ memcpy(r->cmd, cmd, cmdlen);
+ r->cmdlen = cmdlen;
+
+ if (len == 0) {
+ ret = execute_command(s->bdrv, r->cmd, r->cmdlen, NULL, 0,
+ r->sensebuf, sizeof(r->sensebuf),
+ SG_DXFER_NONE, NULL);
+ if (ret == -1) {
+ scsi_command_complete(r, HARDWARE_ERROR);
+ return 0;
+ }
+ r->driver_status = ret;
+
+ scsi_command_complete(r, scsi_get_sense(r));
+ return 0;
+ }
+
+ if (r->buflen != len) {
+ if (r->buf != NULL)
+ free(r->buf);
+ posix_memalign((void**)&r->buf, 512, len);
+ r->buflen = len;
+ }
+
+ memset(r->buf, 0, r->buflen);
+ r->len = len;
+ if (is_write(cmd[0])) {
+ r->len = 0;
+ return -len;
+ }
+
+ ret = execute_command(s->bdrv, r->cmd, r->cmdlen, r->buf, r->len,
+ r->sensebuf, sizeof(r->sensebuf),
+ SG_DXFER_FROM_DEV, &len);
+ if (ret == -1) {
+ scsi_command_complete(r, HARDWARE_ERROR);
+ return 0;
+ }
+ r->len = len;
+ r->driver_status = ret;
+
+ return len;
+}
+
+static int get_blocksize(BlockDriverState *bdrv)
+{
+ uint8_t cmd[10];
+ uint8_t buf[8];
+ uint8_t sensebuf[8];
+ int ret;
+
+ memset(cmd, sizeof(cmd), 0);
+ memset(buf, sizeof(buf), 0);
+ cmd[0] = READ_CAPACITY;
+ ret = execute_command(bdrv, cmd, sizeof(cmd), buf, sizeof(buf),
+ sensebuf, sizeof(sensebuf),
+ SG_DXFER_FROM_DEV, NULL);
+ if (ret < 0)
+ return -1;
+ return (buf[4] << 24) | (buf[5] << 16) | (buf[6] << 8) | buf[7];
+}
+
+static void scsi_destroy(SCSIDevice *d)
+{
+ SCSIRequest *r, *n;
+
+ r = d->state->requests;
+ while (r) {
+ n = r->next;
+ qemu_free(r);
+ r = n;
+ }
+
+ r = free_requests;
+ while (r) {
+ n = r->next;
+ qemu_free(r);
+ r = n;
+ }
+
+ qemu_free(d->state);
+ qemu_free(d);
+}
+
+SCSIDevice *scsi_generic_init(BlockDriverState *bdrv, int tcq,
+ scsi_completionfn completion, void *opaque)
+{
+ int sg_version;
+ SCSIDevice *d;
+ SCSIDeviceState *s;
+ struct sg_scsi_id scsiid;
+
+ /* check we are really using a /dev/sg* file */
+
+ if (!bdrv_is_sg(bdrv))
+ return NULL;
+
+ /* check we are using a driver managing SG_IO (version 3 and after */
+
+ if (bdrv_ioctl(bdrv, SG_GET_VERSION_NUM, (char*)&sg_version) < 0 ||
+ sg_version < 30000)
+ return NULL;
+
+ /* get LUN of the /dev/sg? */
+
+ if (bdrv_ioctl(bdrv, SG_GET_SCSI_ID, &scsiid))
+ return NULL;
+
+ /* define device state */
+
+ s = (SCSIDeviceState *)qemu_mallocz(sizeof(SCSIDeviceState));
+ s->bdrv = bdrv;
+ s->requests = NULL;
+ s->completion = completion;
+ s->opaque = opaque;
+ s->lun = scsiid.lun;
+ s->blocksize = get_blocksize(s->bdrv);
+ /* removable media returns 0 if not present */
+ if (s->blocksize <= 0)
+ s->blocksize = 2048;
+
+ /* define function to manage device */
+
+ d = (SCSIDevice *)qemu_mallocz(sizeof(SCSIDevice));
+ d->state = s;
+ d->destroy = scsi_destroy;
+ d->send_command = scsi_send_command;
+ d->read_data = scsi_read_data;
+ d->write_data = scsi_write_data;
+ d->cancel_io = scsi_cancel_io;
+ d->get_buf = scsi_get_buf;
+
+ return d;
+}
+#endif /* __linux__ */
Index: qemu/Makefile
===================================================================
--- qemu.orig/Makefile 2007-11-28 11:39:19.000000000 +0100
+++ qemu/Makefile 2007-11-28 11:44:37.000000000 +0100
@@ -56,6 +56,7 @@ OBJS+=irq.o
OBJS+=i2c.o smbus.o smbus_eeprom.o max7310.o max111x.o wm8750.o
OBJS+=ssd0303.o ssd0323.o ads7846.o stellaris_input.o
OBJS+=scsi-disk.o cdrom.o
+OBJS+=scsi-generic.o
OBJS+=usb.o usb-hub.o usb-linux.o usb-hid.o usb-msd.o usb-wacom.o
OBJS+=sd.o ssi-sd.o
Index: qemu/hw/scsi-disk.h
===================================================================
--- qemu.orig/hw/scsi-disk.h 2007-11-28 11:39:19.000000000 +0100
+++ qemu/hw/scsi-disk.h 2007-11-28 11:44:37.000000000 +0100
@@ -7,24 +7,27 @@ enum scsi_reason {
SCSI_REASON_DATA /* Transfer complete, more data required. */
};
+typedef struct SCSIDeviceState SCSIDeviceState;
typedef struct SCSIDevice SCSIDevice;
typedef void (*scsi_completionfn)(void *opaque, int reason, uint32_t tag,
uint32_t arg);
-SCSIDevice *scsi_disk_init(BlockDriverState *bdrv,
- int tcq,
- scsi_completionfn completion,
- void *opaque);
-void scsi_disk_destroy(SCSIDevice *s);
+struct SCSIDevice
+{
+ SCSIDeviceState *state;
+ void (*destroy)(SCSIDevice *s);
+ int32_t (*send_command)(SCSIDevice *s, uint32_t tag, uint8_t *buf,
+ int lun);
+ void (*read_data)(SCSIDevice *s, uint32_t tag);
+ int (*write_data)(SCSIDevice *s, uint32_t tag);
+ void (*cancel_io)(SCSIDevice *s, uint32_t tag);
+ uint8_t *(*get_buf)(SCSIDevice *s, uint32_t tag);
+};
-int32_t scsi_send_command(SCSIDevice *s, uint32_t tag, uint8_t *buf, int lun);
-/* SCSI data transfers are asynchrnonous. However, unlike the block IO
- layer the completion routine may be called directly by
- scsi_{read,write}_data. */
-void scsi_read_data(SCSIDevice *s, uint32_t tag);
-int scsi_write_data(SCSIDevice *s, uint32_t tag);
-void scsi_cancel_io(SCSIDevice *s, uint32_t tag);
-uint8_t *scsi_get_buf(SCSIDevice *s, uint32_t tag);
+SCSIDevice *scsi_disk_init(BlockDriverState *bdrv, int tcq,
+ scsi_completionfn completion, void *opaque);
+SCSIDevice *scsi_generic_init(BlockDriverState *bdrv, int tcq,
+ scsi_completionfn completion, void *opaque);
/* cdrom.c */
int cdrom_read_toc(int nb_sectors, uint8_t *buf, int msf, int start_track);
next prev parent reply other threads:[~2007-11-28 13:22 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-11-28 13:23 [Qemu-devel] [PATCH 0/3] Real SCSI device passthrough Laurent Vivier
2007-11-28 13:23 ` Laurent Vivier [this message]
2007-11-28 13:23 ` [Qemu-devel] [PATCH 2/3] SG support (Asynchronous Read/Write) Laurent Vivier
2007-11-28 13:23 ` [Qemu-devel] [PATCH 3/3] SG support (Asynchronous Send Command) Laurent Vivier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=11962562172906@bull.net \
--to=laurent.vivier@bull.net \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.