From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1J0Jkv-0004J9-Oz for qemu-devel@nongnu.org; Thu, 06 Dec 2007 11:39:21 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1J0Jkr-0004Gs-3h for qemu-devel@nongnu.org; Thu, 06 Dec 2007 11:39:21 -0500 Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1J0Jkq-0004Gp-TB for qemu-devel@nongnu.org; Thu, 06 Dec 2007 11:39:16 -0500 Received: from ecfrec.frec.bull.fr ([129.183.4.8]) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1J0Jkp-0007zn-Dt for qemu-devel@nongnu.org; Thu, 06 Dec 2007 11:39:16 -0500 Subject: Re: [Qemu-devel] [PATCH v2] Real SCSI device passthrough From: Laurent Vivier In-Reply-To: <475815A9.60604@codemonkey.ws> References: <11969482641225@bull.net> <475815A9.60604@codemonkey.ws> Date: Thu, 06 Dec 2007 17:38:55 +0100 Message-Id: <1196959135.5006.2.camel@frecb07144> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-thm+pRIl34VxcaVDXn92" Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Anthony Liguori Cc: qemu-devel@nongnu.org --=-thm+pRIl34VxcaVDXn92 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Le jeudi 06 d=C3=A9cembre 2007 =C3=A0 09:30 -0600, Anthony Liguori a =C3=A9= crit : > Hi Laurent, Hi Anthony, > This patch is really neat. I'd like to do the same with virtio-blk. Thank you, > Can you separate out the general cleanups from the function of this patch= ? Yes, of course. I merged all by laziness... =20 > Regards, >=20 > Anthony Liguori Regards, Laurent > Laurent Vivier wrote: > > This patch allows to connect the virtual SCSI interface of Qemu to > > a real SCSI device of the host. > > Using the devices /dev/sg, it allows to send the SCSI commands from the > > virtual SCSI interface to the real device. > > > > It has been tested with a SATA disk and an ATA CD burner with ide-scsi = module=20 > > and wodim to burn a CD-RW. > > > > v2 improves Timeout and management of REQUEST_SENSE command. > > > > Laurent > > --- > > Makefile | 1=20 > > block-raw.c | 28 +- > > block.c | 17 + > > block.h | 2=20 > > block_int.h | 4=20 > > hw/esp.c | 20 - > > hw/lsi53c895a.c | 49 ++- > > hw/scsi-disk.c | 62 +++-- > > hw/scsi-disk.h | 29 +- > > hw/scsi-generic.c | 667 +++++++++++++++++++++++++++++++++++++++++++++= +++++++++ > > hw/usb-msd.c | 16 - > > 11 files changed, 820 insertions(+), 75 deletions(-) > > > > Index: qemu/block-raw.c > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > --- qemu.orig/block-raw.c 2007-12-06 09:30:27.000000000 +0100 > > +++ qemu/block-raw.c 2007-12-06 09:30:37.000000000 +0100 > > @@ -52,6 +52,7 @@ > > #include > > #include > > #include > > +#include > > #endif > > #ifdef __FreeBSD__ > > #include > > @@ -152,7 +153,7 @@ static int raw_pread(BlockDriverState *b > > if (ret < 0) > > return ret; > > =20 > > - if (lseek(s->fd, offset, SEEK_SET) =3D=3D (off_t)-1) { > > + if (offset >=3D 0 && lseek(s->fd, offset, SEEK_SET) =3D=3D (off_t)= -1) { > > ++(s->lseek_err_cnt); > > if(s->lseek_err_cnt <=3D 10) { > > DEBUG_BLOCK_PRINT("raw_pread(%d:%s, %" PRId64 ", %p, %d) [= %" PRId64 > > @@ -205,7 +206,7 @@ static int raw_pwrite(BlockDriverState * > > if (ret < 0) > > return ret; > > =20 > > - if (lseek(s->fd, offset, SEEK_SET) =3D=3D (off_t)-1) { > > + if (offset >=3D 0 && lseek(s->fd, offset, SEEK_SET) =3D=3D (off_t)= -1) { > > ++(s->lseek_err_cnt); > > if(s->lseek_err_cnt) { > > DEBUG_BLOCK_PRINT("raw_pwrite(%d:%s, %" PRId64 ", %p, %d) = [%" > > @@ -277,8 +278,8 @@ void qemu_aio_init(void) > > seems to fix the problem. */ > > struct aioinit ai; > > memset(&ai, 0, sizeof(ai)); > > - ai.aio_threads =3D 1; > > - ai.aio_num =3D 1; > > + ai.aio_threads =3D 16; > > + ai.aio_num =3D 16; > > ai.aio_idle_time =3D 365 * 100000; > > aio_init(&ai); > > } > > @@ -388,7 +389,10 @@ static RawAIOCB *raw_aio_setup(BlockDriv > > acb->aiocb.aio_sigevent.sigev_signo =3D aio_sig_num; > > acb->aiocb.aio_sigevent.sigev_notify =3D SIGEV_SIGNAL; > > acb->aiocb.aio_buf =3D buf; > > - acb->aiocb.aio_nbytes =3D nb_sectors * 512; > > + if (nb_sectors < 0) > > + acb->aiocb.aio_nbytes =3D -nb_sectors; > > + else > > + acb->aiocb.aio_nbytes =3D nb_sectors * 512; > > acb->aiocb.aio_offset =3D sector_num * 512; > > acb->next =3D first_aio; > > first_aio =3D acb; > > @@ -680,6 +684,8 @@ static int hdev_open(BlockDriverState *b > > s->fd_open_flags =3D open_flags; > > /* open will not fail even if no floppy is inserted */ > > open_flags |=3D O_NONBLOCK; > > + } else if (strstart(filename, "/dev/sg", NULL)) { > > + bs->sg =3D 1; > > } > > #endif > > fd =3D open(filename, open_flags, 0644); > > @@ -859,6 +865,12 @@ static int raw_set_locked(BlockDriverSta > > return 0; > > } > > =20 > > +static int raw_ioctl(BlockDriverState *bs, unsigned long int req, void= *buf) > > +{ > > + BDRVRawState *s =3D bs->opaque; > > + > > + return ioctl(s->fd, req, buf); > > +} > > #else > > =20 > > static int raw_is_inserted(BlockDriverState *bs) > > @@ -881,6 +893,10 @@ static int raw_set_locked(BlockDriverSta > > return -ENOTSUP; > > } > > =20 > > +static int raw_ioctl(BlockDriverState *bs, unsigned long int req, void= *buf) > > +{ > > + return -ENOTSUP; > > +} > > #endif /* !linux */ > > =20 > > BlockDriver bdrv_host_device =3D { > > @@ -907,6 +923,8 @@ BlockDriver bdrv_host_device =3D { > > .bdrv_media_changed =3D raw_media_changed, > > .bdrv_eject =3D raw_eject, > > .bdrv_set_locked =3D raw_set_locked, > > + /* generic scsi device */ > > + .bdrv_ioctl =3D raw_ioctl, > > }; > > =20 > > #else /* _WIN32 */ > > Index: qemu/block.c > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > --- qemu.orig/block.c 2007-12-06 09:30:31.000000000 +0100 > > +++ qemu/block.c 2007-12-06 09:30:37.000000000 +0100 > > @@ -303,7 +303,6 @@ int bdrv_file_open(BlockDriverState **pb > > { > > BlockDriverState *bs; > > int ret; > > - > > bs =3D bdrv_new(""); > > if (!bs) > > return -ENOMEM; > > @@ -796,6 +795,11 @@ int bdrv_is_cached(BlockDriverState *bs) > > return bs->cache; > > } > > =20 > > +int bdrv_is_sg(BlockDriverState *bs) > > +{ > > + return bs->sg; > > +} > > + > > /* XXX: no longer used */ > > void bdrv_set_change_cb(BlockDriverState *bs, > > void (*change_cb)(void *opaque), void *opaque) > > @@ -1404,3 +1408,14 @@ void bdrv_set_locked(BlockDriverState *b > > drv->bdrv_set_locked(bs, locked); > > } > > } > > + > > +/* needed for generic scsi interface */ > > + > > +int bdrv_ioctl(BlockDriverState *bs, unsigned long int req, void *buf= ) > > +{ > > + BlockDriver *drv =3D bs->drv; > > + > > + if (drv && drv->bdrv_ioctl) > > + return drv->bdrv_ioctl(bs, req, buf); > > + return -ENOTSUP; > > +} > > Index: qemu/block.h > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > --- qemu.orig/block.h 2007-12-06 09:30:31.000000000 +0100 > > +++ qemu/block.h 2007-12-06 09:30:37.000000000 +0100 > > @@ -120,6 +120,7 @@ int bdrv_get_type_hint(BlockDriverState=20 > > int bdrv_get_translation_hint(BlockDriverState *bs); > > int bdrv_is_removable(BlockDriverState *bs); > > int bdrv_is_read_only(BlockDriverState *bs); > > +int bdrv_is_sg(BlockDriverState *bs); > > int bdrv_is_inserted(BlockDriverState *bs); > > int bdrv_is_cached(BlockDriverState *bs); > > int bdrv_media_changed(BlockDriverState *bs); > > @@ -150,6 +151,7 @@ int bdrv_snapshot_delete(BlockDriverStat > > int bdrv_snapshot_list(BlockDriverState *bs, > > QEMUSnapshotInfo **psn_info); > > char *bdrv_snapshot_dump(char *buf, int buf_size, QEMUSnapshotInfo *sn= ); > > +int bdrv_ioctl(BlockDriverState *bs, unsigned long int req, void *buf)= ; > > =20 > > char *get_human_readable_size(char *buf, int buf_size, int64_t size); > > int path_is_absolute(const char *path); > > Index: qemu/block_int.h > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > --- qemu.orig/block_int.h 2007-12-06 09:30:31.000000000 +0100 > > +++ qemu/block_int.h 2007-12-06 09:30:37.000000000 +0100 > > @@ -82,6 +82,9 @@ struct BlockDriver { > > int (*bdrv_eject)(BlockDriverState *bs, int eject_flag); > > int (*bdrv_set_locked)(BlockDriverState *bs, int locked); > > =20 > > + /* to control generic scsi devices */ > > + int (*bdrv_ioctl)(BlockDriverState *bs, unsigned long int req, cha= r *buf); > > + > > BlockDriverAIOCB *free_aiocb; > > struct BlockDriver *next; > > }; > > @@ -93,6 +96,7 @@ struct BlockDriverState { > > int removable; /* if true, the media can be removed */ > > int locked; /* if true, the media cannot temporarily be ejected= */ > > int encrypted; /* if true, the media is encrypted */ > > + int sg; /* if true, the device is a /dev/sg* */ > > /* event callback when inserting/removing */ > > void (*change_cb)(void *opaque); > > void *change_opaque; > > Index: qemu/hw/scsi-disk.c > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > --- qemu.orig/hw/scsi-disk.c 2007-12-06 09:30:27.000000000 +0100 > > +++ qemu/hw/scsi-disk.c 2007-12-06 09:30:37.000000000 +0100 > > @@ -37,7 +37,7 @@ do { fprintf(stderr, "scsi-disk: " fmt , > > #define SCSI_DMA_BUF_SIZE 65536 > > =20 > > typedef struct SCSIRequest { > > - SCSIDevice *dev; > > + SCSIDeviceState *dev; > > uint32_t tag; > > /* ??? We should probably keep track of whether the data trasfer i= s > > a read or a write. Currently we rely on the host getting it ri= ght. */ > > @@ -51,7 +51,7 @@ typedef struct SCSIRequest { > > struct SCSIRequest *next; > > } SCSIRequest; > > =20 > > -struct SCSIDevice > > +struct SCSIDeviceState > > { > > BlockDriverState *bdrv; > > SCSIRequest *requests; > > @@ -69,7 +69,7 @@ struct SCSIDevice > > /* Global pool of SCSIRequest structures. */ > > static SCSIRequest *free_requests =3D NULL; > > =20 > > -static SCSIRequest *scsi_new_request(SCSIDevice *s, uint32_t tag) > > +static SCSIRequest *scsi_new_request(SCSIDeviceState *s, uint32_t tag) > > { > > SCSIRequest *r; > > =20 > > @@ -94,7 +94,7 @@ static SCSIRequest *scsi_new_request(SCS > > static void scsi_remove_request(SCSIRequest *r) > > { > > SCSIRequest *last; > > - SCSIDevice *s =3D r->dev; > > + SCSIDeviceState *s =3D r->dev; > > =20 > > if (s->requests =3D=3D r) { > > s->requests =3D r->next; > > @@ -112,7 +112,7 @@ static void scsi_remove_request(SCSIRequ > > free_requests =3D r; > > } > > =20 > > -static SCSIRequest *scsi_find_request(SCSIDevice *s, uint32_t tag) > > +static SCSIRequest *scsi_find_request(SCSIDeviceState *s, uint32_t tag= ) > > { > > SCSIRequest *r; > > =20 > > @@ -126,7 +126,7 @@ static SCSIRequest *scsi_find_request(SC > > /* Helper function for command completion. */ > > static void scsi_command_complete(SCSIRequest *r, int sense) > > { > > - SCSIDevice *s =3D r->dev; > > + SCSIDeviceState *s =3D r->dev; > > uint32_t tag; > > DPRINTF("Command complete tag=3D0x%x sense=3D%d\n", r->tag, sense)= ; > > s->sense =3D sense; > > @@ -136,8 +136,9 @@ static void scsi_command_complete(SCSIRe > > } > > =20 > > /* Cancel a pending data transfer. */ > > -void scsi_cancel_io(SCSIDevice *s, uint32_t tag) > > +static void scsi_cancel_io(SCSIDevice *d, uint32_t tag) > > { > > + SCSIDeviceState *s =3D d->state; > > SCSIRequest *r; > > DPRINTF("Cancel tag=3D0x%x\n", tag); > > r =3D scsi_find_request(s, tag); > > @@ -152,7 +153,7 @@ void scsi_cancel_io(SCSIDevice *s, uint3 > > static void scsi_read_complete(void * opaque, int ret) > > { > > SCSIRequest *r =3D (SCSIRequest *)opaque; > > - SCSIDevice *s =3D r->dev; > > + SCSIDeviceState *s =3D r->dev; > > =20 > > if (ret) { > > DPRINTF("IO error\n"); > > @@ -165,8 +166,9 @@ static void scsi_read_complete(void * op > > } > > =20 > > /* Read more data from scsi device into buffer. */ > > -void scsi_read_data(SCSIDevice *s, uint32_t tag) > > +static void scsi_read_data(SCSIDevice *d, uint32_t tag) > > { > > + SCSIDeviceState *s =3D d->state; > > SCSIRequest *r; > > uint32_t n; > > =20 > > @@ -205,7 +207,7 @@ void scsi_read_data(SCSIDevice *s, uint3 > > static void scsi_write_complete(void * opaque, int ret) > > { > > SCSIRequest *r =3D (SCSIRequest *)opaque; > > - SCSIDevice *s =3D r->dev; > > + SCSIDeviceState *s =3D r->dev; > > uint32_t len; > > =20 > > if (ret) { > > @@ -229,8 +231,9 @@ static void scsi_write_complete(void * o > > =20 > > /* Write data to a scsi device. Returns nonzero on failure. > > The transfer may complete asynchronously. */ > > -int scsi_write_data(SCSIDevice *s, uint32_t tag) > > +static int scsi_write_data(SCSIDevice *d, uint32_t tag) > > { > > + SCSIDeviceState *s =3D d->state; > > SCSIRequest *r; > > uint32_t n; > > =20 > > @@ -260,8 +263,9 @@ int scsi_write_data(SCSIDevice *s, uint3 > > } > > =20 > > /* Return a pointer to the data buffer. */ > > -uint8_t *scsi_get_buf(SCSIDevice *s, uint32_t tag) > > +static uint8_t *scsi_get_buf(SCSIDevice *d, uint32_t tag) > > { > > + SCSIDeviceState *s =3D d->state; > > SCSIRequest *r; > > =20 > > r =3D scsi_find_request(s, tag); > > @@ -277,8 +281,10 @@ uint8_t *scsi_get_buf(SCSIDevice *s, uin > > (eg. disk reads), negative for transfers to the device (eg. disk wr= ites), > > and zero if the command does not transfer any data. */ > > =20 > > -int32_t scsi_send_command(SCSIDevice *s, uint32_t tag, uint8_t *buf, i= nt lun) > > +static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag, > > + uint8_t *buf, int lun) > > { > > + SCSIDeviceState *s =3D d->state; > > int64_t nb_sectors; > > uint32_t lba; > > uint32_t len; > > @@ -292,7 +298,7 @@ int32_t scsi_send_command(SCSIDevice *s, > > r =3D scsi_find_request(s, tag); > > if (r) { > > BADF("Tag 0x%x already in use\n", tag); > > - scsi_cancel_io(s, tag); > > + scsi_cancel_io(d, tag); > > } > > /* ??? Tags are not unique for different luns. We only implement = a > > single lun, so this should not matter. */ > > @@ -577,19 +583,19 @@ int32_t scsi_send_command(SCSIDevice *s, > > } > > } > > =20 > > -void scsi_disk_destroy(SCSIDevice *s) > > +static void scsi_destroy(SCSIDevice *d) > > { > > - qemu_free(s); > > + qemu_free(d->state); > > + qemu_free(d); > > } > > =20 > > -SCSIDevice *scsi_disk_init(BlockDriverState *bdrv, > > - int tcq, > > - scsi_completionfn completion, > > - void *opaque) > > +SCSIDevice *scsi_disk_init(BlockDriverState *bdrv, int tcq, > > + scsi_completionfn completion, void *opaque) > > { > > - SCSIDevice *s; > > + SCSIDevice *d; > > + SCSIDeviceState *s; > > =20 > > - s =3D (SCSIDevice *)qemu_mallocz(sizeof(SCSIDevice)); > > + s =3D (SCSIDeviceState *)qemu_mallocz(sizeof(SCSIDeviceState)); > > s->bdrv =3D bdrv; > > s->tcq =3D tcq; > > s->completion =3D completion; > > @@ -600,6 +606,14 @@ SCSIDevice *scsi_disk_init(BlockDriverSt > > s->cluster_size =3D 1; > > } > > =20 > > - return s; > > -} > > + d =3D (SCSIDevice *)qemu_mallocz(sizeof(SCSIDevice)); > > + d->state =3D s; > > + d->destroy =3D scsi_destroy; > > + d->send_command =3D scsi_send_command; > > + d->read_data =3D scsi_read_data; > > + d->write_data =3D scsi_write_data; > > + d->cancel_io =3D scsi_cancel_io; > > + d->get_buf =3D scsi_get_buf; > > =20 > > + return d; > > +} > > Index: qemu/hw/esp.c > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > --- qemu.orig/hw/esp.c 2007-12-06 09:28:36.000000000 +0100 > > +++ qemu/hw/esp.c 2007-12-06 09:30:37.000000000 +0100 > > @@ -165,7 +165,7 @@ static int get_cmd(ESPState *s, uint8_t=20 > > =20 > > if (s->current_dev) { > > /* Started a new command before the old one finished. Cancel = it. */ > > - scsi_cancel_io(s->current_dev, 0); > > + s->current_dev->cancel_io(s->current_dev, 0); > > s->async_len =3D 0; > > } > > =20 > > @@ -188,7 +188,7 @@ static void do_cmd(ESPState *s, uint8_t=20 > > =20 > > DPRINTF("do_cmd: busid 0x%x\n", buf[0]); > > lun =3D buf[0] & 7; > > - datalen =3D scsi_send_command(s->current_dev, 0, &buf[1], lun); > > + datalen =3D s->current_dev->send_command(s->current_dev, 0, &buf[1= ], lun); > > s->ti_size =3D datalen; > > if (datalen !=3D 0) { > > s->rregs[ESP_RSTAT] =3D STAT_IN | STAT_TC; > > @@ -196,10 +196,10 @@ static void do_cmd(ESPState *s, uint8_t=20 > > s->dma_counter =3D 0; > > if (datalen > 0) { > > s->rregs[ESP_RSTAT] |=3D STAT_DI; > > - scsi_read_data(s->current_dev, 0); > > + s->current_dev->read_data(s->current_dev, 0); > > } else { > > s->rregs[ESP_RSTAT] |=3D STAT_DO; > > - scsi_write_data(s->current_dev, 0); > > + s->current_dev->write_data(s->current_dev, 0); > > } > > } > > s->rregs[ESP_RINTR] =3D INTR_BS | INTR_FC; > > @@ -298,9 +298,9 @@ static void esp_do_dma(ESPState *s) > > if (s->async_len =3D=3D 0) { > > if (to_device) { > > // ti_size is negative > > - scsi_write_data(s->current_dev, 0); > > + s->current_dev->write_data(s->current_dev, 0); > > } else { > > - scsi_read_data(s->current_dev, 0); > > + s->current_dev->read_data(s->current_dev, 0); > > /* If there is still data to be read from the device then > > complete the DMA operation immeriately. Otherwise defe= r > > until the scsi layer has completed. */ > > @@ -335,7 +335,7 @@ static void esp_command_complete(void *o > > } else { > > DPRINTF("transfer %d/%d\n", s->dma_left, s->ti_size); > > s->async_len =3D arg; > > - s->async_buf =3D scsi_get_buf(s->current_dev, 0); > > + s->async_buf =3D s->current_dev->get_buf(s->current_dev, 0); > > if (s->dma_left) { > > esp_do_dma(s); > > } else if (s->dma_counter !=3D 0 && s->ti_size <=3D 0) { > > @@ -611,11 +611,13 @@ void esp_scsi_attach(void *opaque, Block > > } > > if (s->scsi_dev[id]) { > > DPRINTF("Destroying device %d\n", id); > > - scsi_disk_destroy(s->scsi_dev[id]); > > + s->scsi_dev[id]->destroy(s->scsi_dev[id]); > > } > > DPRINTF("Attaching block device %d\n", id); > > /* Command queueing is not implemented. */ > > - s->scsi_dev[id] =3D scsi_disk_init(bd, 0, esp_command_complete, s)= ; > > + s->scsi_dev[id] =3D scsi_generic_init(bd, 0, esp_command_complete,= s); > > + if (s->scsi_dev[id] =3D=3D NULL) > > + s->scsi_dev[id] =3D scsi_disk_init(bd, 0, esp_command_complete= , s); > > } > > =20 > > void *esp_init(target_phys_addr_t espaddr, > > Index: qemu/hw/lsi53c895a.c > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > --- qemu.orig/hw/lsi53c895a.c 2007-12-06 09:28:36.000000000 +0100 > > +++ qemu/hw/lsi53c895a.c 2007-12-06 09:30:37.000000000 +0100 > > @@ -187,6 +187,7 @@ typedef struct { > > /* The tag is a combination of the device ID and the SCSI tag. */ > > uint32_t current_tag; > > uint32_t current_dma_len; > > + int command_complete; > > uint8_t *dma_buf; > > lsi_queue *queue; > > int queue_len; > > @@ -465,7 +466,8 @@ static void lsi_do_dma(LSIState *s, int=20 > > s->dbc -=3D count; > > =20 > > if (s->dma_buf =3D=3D NULL) { > > - s->dma_buf =3D scsi_get_buf(s->current_dev, s->current_tag); > > + s->dma_buf =3D s->current_dev->get_buf(s->current_dev, > > + s->current_tag); > > } > > =20 > > /* ??? Set SFBR to first data byte. */ > > @@ -479,10 +481,10 @@ static void lsi_do_dma(LSIState *s, int=20 > > s->dma_buf =3D NULL; > > if (out) { > > /* Write the data. */ > > - scsi_write_data(s->current_dev, s->current_tag); > > + s->current_dev->write_data(s->current_dev, s->current_tag)= ; > > } else { > > /* Request any remaining data. */ > > - scsi_read_data(s->current_dev, s->current_tag); > > + s->current_dev->read_data(s->current_dev, s->current_tag); > > } > > } else { > > s->dma_buf +=3D count; > > @@ -596,6 +598,7 @@ static void lsi_command_complete(void *o > > if (reason =3D=3D SCSI_REASON_DONE) { > > DPRINTF("Command complete sense=3D%d\n", (int)arg); > > s->sense =3D arg; > > + s->command_complete =3D 2; > > if (s->waiting && s->dbc !=3D 0) { > > /* Raise phase mismatch for short transfers. */ > > lsi_bad_phase(s, out, PHASE_ST); > > @@ -612,6 +615,7 @@ static void lsi_command_complete(void *o > > } > > DPRINTF("Data ready tag=3D0x%x len=3D%d\n", tag, arg); > > s->current_dma_len =3D arg; > > + s->command_complete =3D 1; > > if (!s->waiting) > > return; > > if (s->waiting =3D=3D 1 || s->dbc =3D=3D 0) { > > @@ -631,21 +635,30 @@ static void lsi_do_command(LSIState *s) > > s->dbc =3D 16; > > cpu_physical_memory_read(s->dnad, buf, s->dbc); > > s->sfbr =3D buf[0]; > > - n =3D scsi_send_command(s->current_dev, s->current_tag, buf, s->cu= rrent_lun); > > + s->command_complete =3D 0; > > + n =3D s->current_dev->send_command(s->current_dev, s->current_tag,= buf, > > + s->current_lun); > > if (n > 0) { > > lsi_set_phase(s, PHASE_DI); > > - scsi_read_data(s->current_dev, s->current_tag); > > + s->current_dev->read_data(s->current_dev, s->current_tag); > > } else if (n < 0) { > > lsi_set_phase(s, PHASE_DO); > > - scsi_write_data(s->current_dev, s->current_tag); > > + s->current_dev->write_data(s->current_dev, s->current_tag); > > } > > - if (n && s->current_dma_len =3D=3D 0) { > > - /* Command did not complete immediately so disconnect. */ > > - lsi_add_msg_byte(s, 2); /* SAVE DATA POINTER */ > > - lsi_add_msg_byte(s, 4); /* DISCONNECT */ > > - lsi_set_phase(s, PHASE_MI); > > - s->msg_action =3D 1; > > - lsi_queue_command(s); > > + > > + if (!s->command_complete) { > > + if (n) { > > + /* Command did not complete immediately so disconnect. */ > > + lsi_add_msg_byte(s, 2); /* SAVE DATA POINTER */ > > + lsi_add_msg_byte(s, 4); /* DISCONNECT */ > > + /* wait data */ > > + lsi_set_phase(s, PHASE_MI); > > + s->msg_action =3D 1; > > + lsi_queue_command(s); > > + } else { > > + /* wait command complete */ > > + lsi_set_phase(s, PHASE_DI); > > + } > > } > > } > > =20 > > @@ -1223,6 +1236,8 @@ static uint8_t lsi_reg_readb(LSIState *s > > return s->sdid; > > case 0x07: /* GPREG0 */ > > return 0x7f; > > + case 0x08: /* Revision ID */ > > + return 0x00; > > case 0xa: /* SSID */ > > return s->ssid; > > case 0xb: /* SBCL */ > > @@ -1268,6 +1283,8 @@ static uint8_t lsi_reg_readb(LSIState *s > > return s->ctest4; > > case 0x22: /* CTEST5 */ > > return s->ctest5; > > + case 0x23: /* CTEST6 */ > > + return 0; > > case 0x24: /* DBC[0:7] */ > > return s->dbc & 0xff; > > case 0x25: /* DBC[8:15] */ > > @@ -1822,10 +1839,12 @@ void lsi_scsi_attach(void *opaque, Block > > } > > if (s->scsi_dev[id]) { > > DPRINTF("Destroying device %d\n", id); > > - scsi_disk_destroy(s->scsi_dev[id]); > > + s->scsi_dev[id]->destroy(s->scsi_dev[id]); > > } > > DPRINTF("Attaching block device %d\n", id); > > - s->scsi_dev[id] =3D scsi_disk_init(bd, 1, lsi_command_complete, s)= ; > > + s->scsi_dev[id] =3D scsi_generic_init(bd, 1, lsi_command_complete,= s); > > + if (s->scsi_dev[id] =3D=3D NULL) > > + s->scsi_dev[id] =3D scsi_disk_init(bd, 1, lsi_command_complete= , s); > > } > > =20 > > void *lsi_scsi_init(PCIBus *bus, int devfn) > > Index: qemu/hw/usb-msd.c > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > --- qemu.orig/hw/usb-msd.c 2007-12-06 09:28:36.000000000 +0100 > > +++ qemu/hw/usb-msd.c 2007-12-06 09:30:37.000000000 +0100 > > @@ -149,9 +149,9 @@ static void usb_msd_copy_data(MSDState * > > s->data_len -=3D len; > > if (s->scsi_len =3D=3D 0) { > > if (s->mode =3D=3D USB_MSDM_DATAIN) { > > - scsi_read_data(s->scsi_dev, s->tag); > > + s->scsi_dev->read_data(s->scsi_dev, s->tag); > > } else if (s->mode =3D=3D USB_MSDM_DATAOUT) { > > - scsi_write_data(s->scsi_dev, s->tag); > > + s->scsi_dev->write_data(s->scsi_dev, s->tag); > > } > > } > > } > > @@ -204,7 +204,7 @@ static void usb_msd_command_complete(voi > > return; > > } > > s->scsi_len =3D arg; > > - s->scsi_buf =3D scsi_get_buf(s->scsi_dev, tag); > > + s->scsi_buf =3D s->scsi_dev->get_buf(s->scsi_dev, tag); > > if (p) { > > usb_msd_copy_data(s); > > if (s->usb_len =3D=3D 0) { > > @@ -342,7 +342,7 @@ static int usb_msd_handle_control(USBDev > > static void usb_msd_cancel_io(USBPacket *p, void *opaque) > > { > > MSDState *s =3D opaque; > > - scsi_cancel_io(s->scsi_dev, s->tag); > > + s->scsi_dev->cancel_io(s->scsi_dev, s->tag); > > s->packet =3D NULL; > > s->scsi_len =3D 0; > > } > > @@ -390,14 +390,14 @@ static int usb_msd_handle_data(USBDevice > > DPRINTF("Command tag 0x%x flags %08x len %d data %d\n", > > s->tag, cbw.flags, cbw.cmd_len, s->data_len); > > s->residue =3D 0; > > - scsi_send_command(s->scsi_dev, s->tag, cbw.cmd, 0); > > + s->scsi_dev->send_command(s->scsi_dev, s->tag, cbw.cmd, 0)= ; > > /* ??? Should check that USB and SCSI data transfer > > directions match. */ > > if (s->residue =3D=3D 0) { > > if (s->mode =3D=3D USB_MSDM_DATAIN) { > > - scsi_read_data(s->scsi_dev, s->tag); > > + s->scsi_dev->read_data(s->scsi_dev, s->tag); > > } else if (s->mode =3D=3D USB_MSDM_DATAOUT) { > > - scsi_write_data(s->scsi_dev, s->tag); > > + s->scsi_dev->write_data(s->scsi_dev, s->tag); > > } > > } > > ret =3D len; > > @@ -508,7 +508,7 @@ static void usb_msd_handle_destroy(USBDe > > { > > MSDState *s =3D (MSDState *)dev; > > =20 > > - scsi_disk_destroy(s->scsi_dev); > > + s->scsi_dev->destroy(s->scsi_dev); > > bdrv_delete(s->bs); > > qemu_free(s); > > } > > Index: qemu/hw/scsi-generic.c > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > --- /dev/null 1970-01-01 00:00:00.000000000 +0000 > > +++ qemu/hw/scsi-generic.c 2007-12-06 14:01:15.000000000 +0100 > > @@ -0,0 +1,667 @@ > > +/* > > + * Generic SCSI Device support > > + * > > + * Copyright (c) 2007 Bull S.A.S. > > + * Based on code by Paul Brook > > + * Based on code by Fabrice Bellard > > + * > > + * Written by Laurent Vivier > > + * > > + * This code is licenced under the LGPL. > > + * > > + */ > > + > > +#include "qemu-common.h" > > +#include "block.h" > > +#include "scsi-disk.h" > > + > > +#ifndef __linux__ > > + > > +SCSIDevice *scsi_generic_init(BlockDriverState *bdrv, int tcq, > > + scsi_completionfn completion, void *opaq= ue) > > +{ > > + return NULL; > > +} > > + > > +#else /* __linux__ */ > > + > > +//#define DEBUG_SCSI > > + > > +#ifdef DEBUG_SCSI > > +#define DPRINTF(fmt, args...) \ > > +do { printf("scsi-generic: " fmt , ##args); } while (0) > > +#else > > +#define DPRINTF(fmt, args...) do {} while(0) > > +#endif > > + > > +#define BADF(fmt, args...) \ > > +do { fprintf(stderr, "scsi-generic: " fmt , ##args); } while (0) > > + > > +#include > > +#include > > +#include > > +#include > > +#include > > +#include > > + > > +#define LOAD_UNLOAD 0xa6 > > +#define SET_CD_SPEED 0xbb > > +#define BLANK 0xa1 > > + > > +#define SCSI_CMD_BUF_SIZE 16 > > +#define SCSI_SENSE_BUF_SIZE 32 > > + > > +#define SG_ERR_DRIVER_TIMEOUT 0x06 > > +#define SG_ERR_DRIVER_SENSE 0x08 > > + > > +#ifndef MAX_UINT > > +#define MAX_UINT ((unsigned int)-1) > > +#endif > > + > > +typedef struct SCSIRequest { > > + BlockDriverAIOCB *aiocb; > > + struct SCSIRequest *next; > > + SCSIDeviceState *dev; > > + uint32_t tag; > > + uint8_t cmd[SCSI_CMD_BUF_SIZE]; > > + int cmdlen; > > + uint8_t *buf; > > + int buflen; > > + int len; > > + sg_io_hdr_t io_header; > > +} SCSIRequest; > > + > > +struct SCSIDeviceState > > +{ > > + SCSIRequest *requests; > > + BlockDriverState *bdrv; > > + int blocksize; > > + int lun; > > + scsi_completionfn completion; > > + void *opaque; > > + int driver_status; > > + uint8_t sensebuf[SCSI_SENSE_BUF_SIZE]; > > +}; > > + > > +/* Global pool of SCSIRequest structures. */ > > +static SCSIRequest *free_requests =3D NULL; > > + > > +static SCSIRequest *scsi_new_request(SCSIDeviceState *s, uint32_t tag) > > +{ > > + SCSIRequest *r; > > + > > + if (free_requests) { > > + r =3D free_requests; > > + free_requests =3D r->next; > > + } else { > > + r =3D qemu_malloc(sizeof(SCSIRequest)); > > + r->buf =3D NULL; > > + r->buflen =3D 0; > > + } > > + r->dev =3D s; > > + r->tag =3D tag; > > + memset(r->cmd, 0, sizeof(r->cmd)); > > + memset(&r->io_header, 0, sizeof(r->io_header)); > > + r->cmdlen =3D 0; > > + r->len =3D 0; > > + r->aiocb =3D NULL; > > + > > + /* link */ > > + > > + r->next =3D s->requests; > > + s->requests =3D r; > > + DPRINTF("scsi_new_request tag=3D0x%x\n", tag); > > + return r; > > +} > > + > > +static void scsi_remove_request(SCSIRequest *r) > > +{ > > + SCSIRequest *last; > > + SCSIDeviceState *s =3D r->dev; > > + > > + DPRINTF("scsi_remove_request tag=3D0x%x\n", r->tag); > > + if (s->requests =3D=3D r) { > > + s->requests =3D r->next; > > + } else { > > + last =3D s->requests; > > + while (last && last->next !=3D r) > > + last =3D last->next; > > + if (last) { > > + last->next =3D r->next; > > + } else { > > + BADF("Orphaned request\n"); > > + } > > + } > > + r->next =3D free_requests; > > + free_requests =3D r; > > +} > > + > > +static SCSIRequest *scsi_find_request(SCSIDeviceState *s, uint32_t tag= ) > > +{ > > + SCSIRequest *r; > > + > > + r =3D s->requests; > > + while (r && r->tag !=3D tag) > > + r =3D r->next; > > + > > + return r; > > +} > > + > > +/* Helper function for command completion. */ > > +static void scsi_command_complete(void *opaque, int ret) > > +{ > > + SCSIRequest *r =3D (SCSIRequest *)opaque; > > + SCSIDeviceState *s =3D r->dev; > > + uint32_t tag; > > + int sense; > > + > > + if (r !=3D r->io_header.usr_ptr) { > > + BADF("Bad request\n"); > > + exit(1); > > + } > > + > > + s->driver_status =3D r->io_header.driver_status; > > + if (ret !=3D 0) > > + sense =3D HARDWARE_ERROR; > > + else { > > + if (s->driver_status & SG_ERR_DRIVER_TIMEOUT) { > > + sense =3D HARDWARE_ERROR; > > + BADF("Driver Timeout\n"); > > + } else if ((s->driver_status & SG_ERR_DRIVER_SENSE) =3D=3D 0) > > + sense =3D NO_SENSE; > > + else > > + sense =3D s->sensebuf[2] & 0x0f; > > + } > > + > > + DPRINTF("Command complete 0x%p tag=3D0x%x sense=3D%d\n", r, r->tag= , sense); > > + tag =3D r->tag; > > + scsi_remove_request(r); > > + s->completion(s->opaque, SCSI_REASON_DONE, tag, sense); > > +} > > + > > +/* Cancel a pending data transfer. */ > > +static void scsi_cancel_io(SCSIDevice *d, uint32_t tag) > > +{ > > + DPRINTF("scsi_cancel_io 0x%x\n", tag); > > + SCSIDeviceState *s =3D d->state; > > + SCSIRequest *r; > > + DPRINTF("Cancel tag=3D0x%x\n", tag); > > + r =3D scsi_find_request(s, tag); > > + if (r) { > > + if (r->aiocb) > > + bdrv_aio_cancel(r->aiocb); > > + r->aiocb =3D NULL; > > + scsi_remove_request(r); > > + } > > +} > > + > > +static int execute_command(BlockDriverState *bdrv, > > + SCSIRequest *r, int direction, > > + BlockDriverCompletionFunc *complete) > > +{ > > + r->io_header.interface_id =3D 'S'; > > + r->io_header.dxfer_direction =3D direction; > > + r->io_header.dxfer_len =3D r->buflen; > > + r->io_header.dxferp =3D r->buf; > > + r->io_header.cmdp =3D r->cmd; > > + r->io_header.cmd_len =3D r->cmdlen; > > + r->io_header.mx_sb_len =3D sizeof(r->dev->sensebuf); > > + r->io_header.sbp =3D r->dev->sensebuf; > > + r->io_header.timeout =3D MAX_UINT; > > + r->io_header.usr_ptr =3D r; > > + r->io_header.flags |=3D SG_FLAG_DIRECT_IO; > > + > > + if (bdrv_pwrite(bdrv, -1, &r->io_header, sizeof(r->io_header)) =3D= =3D -1) { > > + BADF("execute_command: write failed ! (%d)\n", errno); > > + return -1; > > + } > > + if (complete =3D=3D NULL) { > > + int ret; > > + r->aiocb =3D NULL; > > + while ((ret =3D bdrv_pread(bdrv, -1, &r->io_header, > > + sizeof(r->io_header))) =3D= =3D -1 && > > + errno =3D=3D EINTR); > > + if (ret =3D=3D -1) { > > + BADF("execute_command: read failed !\n"); > > + return -1; > > + } > > + return 0; > > + } > > + > > + r->aiocb =3D bdrv_aio_read(bdrv, 0, (uint8_t*)&r->io_header, > > + -(int64_t)sizeof(r->io_header), complete, r)= ; > > + if (r->aiocb =3D=3D NULL) { > > + BADF("execute_command: read failed !\n"); > > + return -1; > > + } > > + > > + return 0; > > +} > > + > > +static void scsi_read_complete(void * opaque, int ret) > > +{ > > + SCSIRequest *r =3D (SCSIRequest *)opaque; > > + SCSIDeviceState *s =3D r->dev; > > + int len; > > + > > + if (r !=3D r->io_header.usr_ptr) { > > + BADF("Bad request\n"); > > + exit(1); > > + } > > + > > + if (ret) { > > + DPRINTF("IO error\n"); > > + scsi_command_complete(r, ret); > > + return; > > + } > > + len =3D r->io_header.dxfer_len - r->io_header.resid; > > + DPRINTF("Data ready tag=3D0x%x len=3D%d\n", r->tag, len); > > + > > + r->len =3D -1; > > + s->completion(s->opaque, SCSI_REASON_DATA, r->tag, len); > > +} > > + > > +/* Read more data from scsi device into buffer. */ > > +static void scsi_read_data(SCSIDevice *d, uint32_t tag) > > +{ > > + SCSIDeviceState *s =3D d->state; > > + SCSIRequest *r; > > + int ret; > > + > > + DPRINTF("scsi_read_data 0x%x\n", tag); > > + r =3D scsi_find_request(s, tag); > > + if (!r) { > > + BADF("Bad read tag 0x%x\n", tag); > > + /* ??? This is the wrong error. */ > > + scsi_command_complete(r, -EINVAL); > > + return; > > + } > > + > > + if (r->len =3D=3D -1) { > > + scsi_command_complete(r, 0); > > + return; > > + } > > + > > + if (r->cmd[0] =3D=3D REQUEST_SENSE && s->driver_status & SG_ERR_DR= IVER_SENSE) > > + { > > + memcpy(r->buf, s->sensebuf, 16); > > + r->io_header.driver_status =3D 0; > > + r->len =3D -1; > > + s->completion(s->opaque, SCSI_REASON_DATA, r->tag, 16); > > + return; > > + } > > + > > + ret =3D execute_command(s->bdrv, r, SG_DXFER_FROM_DEV, scsi_read_c= omplete); > > + if (ret =3D=3D -1) { > > + scsi_command_complete(r, -EINVAL); > > + return; > > + } > > +} > > + > > +static void scsi_write_complete(void * opaque, int ret) > > +{ > > + SCSIRequest *r =3D (SCSIRequest *)opaque; > > + > > + if (r !=3D r->io_header.usr_ptr) { > > + BADF("Bad request\n"); > > + exit(1); > > + } > > + > > + if (ret) { > > + DPRINTF("IO error\n"); > > + scsi_command_complete(r, ret); > > + return; > > + } > > + > > + scsi_command_complete(r, ret); > > +} > > + > > +/* Write data to a scsi device. Returns nonzero on failure. > > + The transfer may complete asynchronously. */ > > +static int scsi_write_data(SCSIDevice *d, uint32_t tag) > > +{ > > + SCSIDeviceState *s =3D d->state; > > + SCSIRequest *r; > > + int ret; > > + > > + DPRINTF("scsi_write_data 0x%x\n", tag); > > + r =3D scsi_find_request(s, tag); > > + if (!r) { > > + BADF("Bad write tag 0x%x\n", tag); > > + /* ??? This is the wrong error. */ > > + scsi_command_complete(r, -EINVAL); > > + return 0; > > + } > > + > > + if (r->len =3D=3D 0) { > > + r->len =3D r->buflen; > > + s->completion(s->opaque, SCSI_REASON_DATA, r->tag, r->len); > > + return 0; > > + } > > + > > + ret =3D execute_command(s->bdrv, r, SG_DXFER_TO_DEV, scsi_write_co= mplete); > > + if (ret =3D=3D -1) { > > + scsi_command_complete(r, -EINVAL); > > + return 1; > > + } > > + > > + return 0; > > +} > > + > > +/* Return a pointer to the data buffer. */ > > +static uint8_t *scsi_get_buf(SCSIDevice *d, uint32_t tag) > > +{ > > + SCSIDeviceState *s =3D d->state; > > + SCSIRequest *r; > > + DPRINTF("scsi_get_buf 0x%x\n", tag); > > + r =3D scsi_find_request(s, tag); > > + if (!r) { > > + BADF("Bad buffer tag 0x%x\n", tag); > > + return NULL; > > + } > > + return r->buf; > > +} > > + > > +static int scsi_length(uint8_t *cmd, int blocksize, int *cmdlen, uint3= 2_t *len) > > +{ > > + switch (cmd[0] >> 5) { > > + case 0: > > + *len =3D cmd[4]; > > + *cmdlen =3D 6; > > + break; > > + case 1: > > + case 2: > > + *len =3D cmd[8] | (cmd[7] << 8); > > + *cmdlen =3D 10; > > + break; > > + case 4: > > + *len =3D cmd[13] | (cmd[12] << 8) | (cmd[11] << 16) | (cmd[10]= << 24); > > + *cmdlen =3D 16; > > + break; > > + case 5: > > + *len =3D cmd[9] | (cmd[8] << 8) | (cmd[7] << 16) | (cmd[6] << = 24); > > + *cmdlen =3D 12; > > + break; > > + default: > > + return -1; > > + } > > + > > + switch(cmd[0]) { > > + case TEST_UNIT_READY: > > + case REZERO_UNIT: > > + case START_STOP: > > + case SEEK_6: > > + case WRITE_FILEMARKS: > > + case SPACE: > > + case ERASE: > > + case ALLOW_MEDIUM_REMOVAL: > > + case VERIFY: > > + case SEEK_10: > > + case SYNCHRONIZE_CACHE: > > + case LOCK_UNLOCK_CACHE: > > + case LOAD_UNLOAD: > > + case SET_CD_SPEED: > > + case SET_LIMITS: > > + case WRITE_LONG: > > + case MOVE_MEDIUM: > > + case UPDATE_BLOCK: > > + *len =3D 0; > > + break; > > + case MODE_SENSE: > > + break; > > + case WRITE_SAME: > > + *len =3D 1; > > + break; > > + case READ_CAPACITY: > > + *len =3D 8; > > + break; > > + case READ_BLOCK_LIMITS: > > + *len =3D 6; > > + break; > > + case READ_POSITION: > > + *len =3D 20; > > + break; > > + case SEND_VOLUME_TAG: > > + *len *=3D 40; > > + break; > > + case MEDIUM_SCAN: > > + *len *=3D 8; > > + break; > > + case WRITE_VERIFY: > > + case WRITE_6: > > + case WRITE_10: > > + case WRITE_12: > > + case WRITE_VERIFY_12: > > + *len *=3D blocksize; > > + break; > > + case READ_6: > > + case READ_REVERSE: > > + case RECOVER_BUFFERED_DATA: > > + case READ_10: > > + case READ_12: > > + *len *=3D blocksize; > > + break; > > + } > > + return 0; > > +} > > + > > +static int is_write(int command) > > +{ > > + switch (command) { > > + case COPY: > > + case COPY_VERIFY: > > + case COMPARE: > > + case CHANGE_DEFINITION: > > + case LOG_SELECT: > > + case MODE_SELECT: > > + case MODE_SELECT_10: > > + case SEND_DIAGNOSTIC: > > + case WRITE_BUFFER: > > + case FORMAT_UNIT: > > + case REASSIGN_BLOCKS: > > + case RESERVE: > > + case SEARCH_EQUAL: > > + case SEARCH_HIGH: > > + case SEARCH_LOW: > > + case WRITE_6: > > + case WRITE_10: > > + case WRITE_VERIFY: > > + case UPDATE_BLOCK: > > + case WRITE_LONG: > > + case WRITE_SAME: > > + case SEARCH_HIGH_12: > > + case SEARCH_EQUAL_12: > > + case SEARCH_LOW_12: > > + case WRITE_12: > > + case WRITE_VERIFY_12: > > + case SET_WINDOW: > > + case MEDIUM_SCAN: > > + case SEND_VOLUME_TAG: > > + case WRITE_LONG_2: > > + return 1; > > + } > > + return 0; > > +} > > + > > +/* Execute a scsi command. Returns the length of the data expected by= the > > + command. This will be Positive for data transfers from the device > > + (eg. disk reads), negative for transfers to the device (eg. disk wr= ites), > > + and zero if the command does not transfer any data. */ > > + > > +static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag, > > + uint8_t *cmd, int lun) > > +{ > > + SCSIDeviceState *s =3D d->state; > > + uint32_t len; > > + int cmdlen; > > + SCSIRequest *r; > > + int ret; > > + > > + /* ??? Tags are not unique for different luns. We only implement = a > > + single lun, so this should not matter. */ > > + > > + if (lun !=3D s->lun || (cmd[1] >> 5) !=3D s->lun) { > > + DPRINTF("Unimplemented LUN %d\n", lun ? lun : cmd[1] >> 5); > > + s->completion(s->opaque, SCSI_REASON_DONE, tag, HARDWARE_ERROR= ); > > + return 0; > > + } > > + > > + if (scsi_length(cmd, s->blocksize, &cmdlen, &len) =3D=3D -1) { > > + BADF("Unsupported command length, command %x\n", cmd[0]); > > + return 0; > > + } > > + > > + DPRINTF("Command: lun=3D%d tag=3D0x%x data=3D0x%02x len %d\n", lun= , tag, > > + cmd[0], len); > > + > > + r =3D scsi_find_request(s, tag); > > + if (r) { > > + BADF("Tag 0x%x already in use %p\n", tag, r); > > + scsi_cancel_io(d, tag); > > + } > > + r =3D scsi_new_request(s, tag); > > + > > + memcpy(r->cmd, cmd, cmdlen); > > + r->cmdlen =3D cmdlen; > > + > > + if (len =3D=3D 0) { > > + if (r->buf !=3D NULL) > > + free(r->buf); > > + r->buflen =3D 0; > > + r->buf =3D NULL; > > + ret =3D execute_command(s->bdrv, r, SG_DXFER_NONE, scsi_comman= d_complete); > > + if (ret =3D=3D -1) { > > + scsi_command_complete(r, -EINVAL); > > + return 0; > > + } > > + return 0; > > + } > > + > > + if (r->buflen !=3D len) { > > + if (r->buf !=3D NULL) > > + free(r->buf); > > + r->buf =3D qemu_memalign(512, len); > > + r->buflen =3D len; > > + } > > + > > + memset(r->buf, 0, r->buflen); > > + r->len =3D len; > > + if (is_write(cmd[0])) { > > + r->len =3D 0; > > + return -len; > > + } > > + > > + return len; > > +} > > + > > +static int get_blocksize(BlockDriverState *bdrv) > > +{ > > + uint8_t cmd[10]; > > + uint8_t buf[8]; > > + uint8_t sensebuf[8]; > > + sg_io_hdr_t io_header; > > + int ret; > > + > > + memset(cmd, sizeof(cmd), 0); > > + memset(buf, sizeof(buf), 0); > > + cmd[0] =3D READ_CAPACITY; > > + > > + memset(&io_header, 0, sizeof(io_header)); > > + io_header.interface_id =3D 'S'; > > + io_header.dxfer_direction =3D SG_DXFER_FROM_DEV; > > + io_header.dxfer_len =3D sizeof(buf); > > + io_header.dxferp =3D buf; > > + io_header.cmdp =3D cmd; > > + io_header.cmd_len =3D sizeof(cmd); > > + io_header.mx_sb_len =3D sizeof(sensebuf); > > + io_header.sbp =3D sensebuf; > > + io_header.timeout =3D 6000; /* XXX */ > > + > > + ret =3D bdrv_pwrite(bdrv, -1, &io_header, sizeof(io_header)); > > + if (ret =3D=3D -1) > > + return -1; > > + > > + while ((ret =3D bdrv_pread(bdrv, -1, &io_header, sizeof(io_header)= )) =3D=3D -1 && > > + errno =3D=3D EINTR); > > + > > + if (ret =3D=3D -1) > > + return -1; > > + > > + return (buf[4] << 24) | (buf[5] << 16) | (buf[6] << 8) | buf[7]; > > +} > > + > > +static void scsi_destroy(SCSIDevice *d) > > +{ > > + SCSIRequest *r, *n; > > + > > + r =3D d->state->requests; > > + while (r) { > > + n =3D r->next; > > + qemu_free(r); > > + r =3D n; > > + } > > + > > + r =3D free_requests; > > + while (r) { > > + n =3D r->next; > > + qemu_free(r); > > + r =3D n; > > + } > > + > > + qemu_free(d->state); > > + qemu_free(d); > > +} > > + > > +SCSIDevice *scsi_generic_init(BlockDriverState *bdrv, int tcq, > > + scsi_completionfn completion, void *opaq= ue) > > +{ > > + int sg_version; > > + SCSIDevice *d; > > + SCSIDeviceState *s; > > + struct sg_scsi_id scsiid; > > + > > + /* check we are really using a /dev/sg* file */ > > + > > + if (!bdrv_is_sg(bdrv)) > > + return NULL; > > + > > + /* check we are using a driver managing SG_IO (version 3 and after= */ > > + > > + if (bdrv_ioctl(bdrv, SG_GET_VERSION_NUM, (char*)&sg_version) < 0 |= | > > + sg_version < 30000) > > + return NULL; > > + > > + /* get LUN of the /dev/sg? */ > > + > > + if (bdrv_ioctl(bdrv, SG_GET_SCSI_ID, &scsiid)) > > + return NULL; > > + > > + /* define device state */ > > + > > + s =3D (SCSIDeviceState *)qemu_mallocz(sizeof(SCSIDeviceState)); > > + s->bdrv =3D bdrv; > > + s->requests =3D NULL; > > + s->completion =3D completion; > > + s->opaque =3D opaque; > > + s->lun =3D scsiid.lun; > > + s->blocksize =3D get_blocksize(s->bdrv); > > + s->driver_status =3D 0; > > + memset(s->sensebuf, 0, sizeof(s->sensebuf)); > > + /* removable media returns 0 if not present */ > > + if (s->blocksize <=3D 0) > > + s->blocksize =3D 2048; > > + > > + /* define function to manage device */ > > + > > + d =3D (SCSIDevice *)qemu_mallocz(sizeof(SCSIDevice)); > > + d->state =3D s; > > + d->destroy =3D scsi_destroy; > > + d->send_command =3D scsi_send_command; > > + d->read_data =3D scsi_read_data; > > + d->write_data =3D scsi_write_data; > > + d->cancel_io =3D scsi_cancel_io; > > + d->get_buf =3D scsi_get_buf; > > + > > + return d; > > +} > > +#endif /* __linux__ */ > > Index: qemu/Makefile > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > --- qemu.orig/Makefile 2007-12-06 09:28:36.000000000 +0100 > > +++ qemu/Makefile 2007-12-06 09:30:37.000000000 +0100 > > @@ -56,6 +56,7 @@ OBJS+=3Dirq.o > > OBJS+=3Di2c.o smbus.o smbus_eeprom.o max7310.o max111x.o wm8750.o > > OBJS+=3Dssd0303.o ssd0323.o ads7846.o stellaris_input.o > > OBJS+=3Dscsi-disk.o cdrom.o > > +OBJS+=3Dscsi-generic.o > > OBJS+=3Dusb.o usb-hub.o usb-linux.o usb-hid.o usb-msd.o usb-wacom.o > > OBJS+=3Dsd.o ssi-sd.o > > =20 > > Index: qemu/hw/scsi-disk.h > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > --- qemu.orig/hw/scsi-disk.h 2007-12-06 09:28:36.000000000 +0100 > > +++ qemu/hw/scsi-disk.h 2007-12-06 09:30:37.000000000 +0100 > > @@ -7,24 +7,27 @@ enum scsi_reason { > > SCSI_REASON_DATA /* Transfer complete, more data required. */ > > }; > > =20 > > +typedef struct SCSIDeviceState SCSIDeviceState; > > typedef struct SCSIDevice SCSIDevice; > > typedef void (*scsi_completionfn)(void *opaque, int reason, uint32_t t= ag, > > uint32_t arg); > > =20 > > -SCSIDevice *scsi_disk_init(BlockDriverState *bdrv, > > - int tcq, > > - scsi_completionfn completion, > > - void *opaque); > > -void scsi_disk_destroy(SCSIDevice *s); > > +struct SCSIDevice > > +{ > > + SCSIDeviceState *state; > > + void (*destroy)(SCSIDevice *s); > > + int32_t (*send_command)(SCSIDevice *s, uint32_t tag, uint8_t *buf, > > + int lun); > > + void (*read_data)(SCSIDevice *s, uint32_t tag); > > + int (*write_data)(SCSIDevice *s, uint32_t tag); > > + void (*cancel_io)(SCSIDevice *s, uint32_t tag); > > + uint8_t *(*get_buf)(SCSIDevice *s, uint32_t tag); > > +}; > > =20 > > -int32_t scsi_send_command(SCSIDevice *s, uint32_t tag, uint8_t *buf, i= nt lun); > > -/* SCSI data transfers are asynchrnonous. However, unlike the block I= O > > - layer the completion routine may be called directly by > > - scsi_{read,write}_data. */ > > -void scsi_read_data(SCSIDevice *s, uint32_t tag); > > -int scsi_write_data(SCSIDevice *s, uint32_t tag); > > -void scsi_cancel_io(SCSIDevice *s, uint32_t tag); > > -uint8_t *scsi_get_buf(SCSIDevice *s, uint32_t tag); > > +SCSIDevice *scsi_disk_init(BlockDriverState *bdrv, int tcq, > > + scsi_completionfn completion, void *opaque)= ; > > +SCSIDevice *scsi_generic_init(BlockDriverState *bdrv, int tcq, > > + scsi_completionfn completion, void *opaque)= ; > > =20 > > /* cdrom.c */ > > int cdrom_read_toc(int nb_sectors, uint8_t *buf, int msf, int start_tr= ack); > > > > > > > > > > =20 >=20 --=20 ------------- Laurent.Vivier@bull.net -------------- "Any sufficiently advanced technology is indistinguishable from magic." - Arthur C. Clarke --=-thm+pRIl34VxcaVDXn92 Content-Type: application/pgp-signature; name=signature.asc Content-Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?= -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQBHWCWf9Kffa9pFVzwRAp7NAKCsIt0BwalZfH/XZWXmUhxU9mncHwCcDJXN pt369Hy6JP5SyqaS4k1XkiI= =SkKZ -----END PGP SIGNATURE----- --=-thm+pRIl34VxcaVDXn92--