* [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3
@ 2010-11-24 11:15 Hannes Reinecke
2010-11-24 11:15 ` [Qemu-devel] [PATCH 01/15] scsi: Increase the number of possible devices Hannes Reinecke
` (16 more replies)
0 siblings, 17 replies; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-24 11:15 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, nab, kraxel
The is the third version of the megasas patchset; changes are:
v2 -> v3:
- Include review by Stefan Hajnoczi
- Return SCSI error status on invalid data direction
- Initialize sense code in scsi-generic.c
v1 -> v2:
- Include suggestions (and acked-by) from Christoph Hellwig
- Updated patch description as requested by Gerd Hoffman
- Use generic iov_size() implementation
- Drop old patches
- Make SCSI HBA configurable
This patchset can be found at
git://repo.or.cz/qemu/megasas.git
branch megasas.v3
The original description was:
Due to popular demand here is now the LSI Megaraid HBA emulation.
And an update to the SCSI stack to bring it more in line with
modern standards.
For the SCSI update there are three key points:
- Improved sense code handling: the SCSI standard specifies several
sense codes to be returned on common errors; we should be following
that.
- Reworked SCSI layer: Instead of indirectly addressing a SCSI
request by an abstract 'tag' we're now using the request directly,
thus saving us a lookup on every invocation.
- Add iovec passing: I've added an interface to pass an iovec
to a SCSI request, so that we don't need to use bounce buffers
for data transfer. The old interface is left in place.
And, of course, the megasas driver itself.
A quick 'dd' comparison against virtio on a tmpfs backed sparse file shows:
# dd if=/dev/sdb of=/dev/null bs=16M count=1000 iflag=direct
1000+0 records in
1000+0 records out
16777216000 bytes (17 GB) copied, 9.40123 s, 1.8 GB/s
# dd if=/dev/vda of=/dev/null bs=16M count=1000 iflag=direct
1000+0 records in
1000+0 records out
16777216000 bytes (17 GB) copied, 7.44681 s, 2.3 GB/s
So we're having about 80% virtio speed.
Unoptimized :-)
Hannes Reinecke (15):
scsi: Increase the number of possible devices
scsi: Return SAM status codes
scsi: INQUIRY VPD fixes
scsi: Move sense handling into the driver
scsi-disk: Remove duplicate cdb parsing
scsi: Update sense code handling
lsi53c895a: Rename 'sense' to 'status'
scsi-disk: Allocate iovec dynamically
scsi: Use 'SCSIRequest' directly
scsi-disk: add data direction checking
Remove 'bus' argument from SCSI command completion callbacks
scsi: Implement 'get_sense' callback
scsi: Implement alloc_req_iov callback
megasas: LSI Megaraid SAS emulation
Make SCSI HBA configurable
Makefile.objs | 5 +-
blockdev.h | 2 +-
default-configs/i386-softmmu.mak | 2 +
default-configs/mips-softmmu.mak | 2 +-
default-configs/mips64-softmmu.mak | 2 +-
default-configs/mips64el-softmmu.mak | 2 +-
default-configs/mipsel-softmmu.mak | 2 +-
default-configs/ppc-softmmu.mak | 2 +
default-configs/ppc64-softmmu.mak | 2 +
default-configs/ppcemb-softmmu.mak | 2 +
default-configs/sparc-softmmu.mak | 2 +-
default-configs/sparc64-softmmu.mak | 2 +
default-configs/x86_64-softmmu.mak | 2 +
hw/esp.c | 23 +-
hw/lsi53c895a.c | 47 +-
hw/megasas.c | 1828 ++++++++++++++++++++++++++++++++++
hw/mfi.h | 1197 ++++++++++++++++++++++
hw/pci_ids.h | 2 +
hw/scsi-bus.c | 120 ++-
hw/scsi-defs.h | 20 +-
hw/scsi-disk.c | 459 +++++-----
hw/scsi-generic.c | 239 +++--
hw/scsi.h | 65 +-
hw/usb-msd.c | 26 +-
24 files changed, 3618 insertions(+), 437 deletions(-)
create mode 100644 hw/megasas.c
create mode 100644 hw/mfi.h
^ permalink raw reply [flat|nested] 38+ messages in thread
* [Qemu-devel] [PATCH 01/15] scsi: Increase the number of possible devices
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
@ 2010-11-24 11:15 ` Hannes Reinecke
2010-11-24 11:15 ` [Qemu-devel] [PATCH 02/15] scsi: Return SAM status codes Hannes Reinecke
` (15 subsequent siblings)
16 siblings, 0 replies; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-24 11:15 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, nab, kraxel
The SCSI parallel interface has a limit of 8 devices, but
not the SCSI stack in general. So we should be removing the
hard-coded limit and use MAX_SCSI_DEVS instead.
And we only need to scan those devices which are allocated
by the bus.
Signed-off-by: Hannes Reinecke <hare@suse.de>
Acked-by: Christoph Hellwig <hch@lst.de>
---
blockdev.h | 2 +-
hw/scsi-bus.c | 2 +-
hw/scsi.h | 3 ++-
3 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/blockdev.h b/blockdev.h
index 653affc..451dc06 100644
--- a/blockdev.h
+++ b/blockdev.h
@@ -32,7 +32,7 @@ struct DriveInfo {
};
#define MAX_IDE_DEVS 2
-#define MAX_SCSI_DEVS 7
+#define MAX_SCSI_DEVS 255
DriveInfo *drive_get(BlockInterfaceType type, int bus, int unit);
int drive_get_max_bus(BlockInterfaceType type);
diff --git a/hw/scsi-bus.c b/hw/scsi-bus.c
index 5a3fd4b..74a08b7 100644
--- a/hw/scsi-bus.c
+++ b/hw/scsi-bus.c
@@ -108,7 +108,7 @@ int scsi_bus_legacy_handle_cmdline(SCSIBus *bus)
int res = 0, unit;
loc_push_none(&loc);
- for (unit = 0; unit < MAX_SCSI_DEVS; unit++) {
+ for (unit = 0; unit < bus->ndev; unit++) {
dinfo = drive_get(IF_SCSI, bus->busnr, unit);
if (dinfo == NULL) {
continue;
diff --git a/hw/scsi.h b/hw/scsi.h
index cb06d6d..9c798ae 100644
--- a/hw/scsi.h
+++ b/hw/scsi.h
@@ -3,6 +3,7 @@
#include "qdev.h"
#include "block.h"
+#include "blockdev.h"
#include "block_int.h"
#define SCSI_CMD_BUF_SIZE 16
@@ -86,7 +87,7 @@ struct SCSIBus {
int tcq, ndev;
scsi_completionfn complete;
- SCSIDevice *devs[8];
+ SCSIDevice *devs[MAX_SCSI_DEVS];
};
void scsi_bus_new(SCSIBus *bus, DeviceState *host, int tcq, int ndev,
--
1.6.0.2
^ permalink raw reply related [flat|nested] 38+ messages in thread
* [Qemu-devel] [PATCH 02/15] scsi: Return SAM status codes
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
2010-11-24 11:15 ` [Qemu-devel] [PATCH 01/15] scsi: Increase the number of possible devices Hannes Reinecke
@ 2010-11-24 11:15 ` Hannes Reinecke
2010-11-24 16:51 ` Christoph Hellwig
2010-11-24 11:15 ` [Qemu-devel] [PATCH 03/15] scsi: INQUIRY VPD fixes Hannes Reinecke
` (14 subsequent siblings)
16 siblings, 1 reply; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-24 11:15 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, nab, kraxel
Traditionally, the linux stack is using SCSI status codes
which are shifted by one as compared to those defined in SAM.
A SCSI emulation should naturally return the SAM defined codes,
not the linux ones.
So to avoid any confusion this patch modifies the existing
definitions to match those found in SAM and removes any
(now obsolete) byte-shift from the returned status codes.
Signed-off-by: Hannes Reinecke <hare@suse.de>
---
hw/scsi-defs.h | 20 +++++++++++---------
hw/scsi-generic.c | 10 +++++-----
2 files changed, 16 insertions(+), 14 deletions(-)
diff --git a/hw/scsi-defs.h b/hw/scsi-defs.h
index a4a3518..1473ecb 100644
--- a/hw/scsi-defs.h
+++ b/hw/scsi-defs.h
@@ -111,18 +111,20 @@
#define BLANK 0xa1
/*
- * Status codes
+ * SAM Status codes
*/
#define GOOD 0x00
-#define CHECK_CONDITION 0x01
-#define CONDITION_GOOD 0x02
-#define BUSY 0x04
-#define INTERMEDIATE_GOOD 0x08
-#define INTERMEDIATE_C_GOOD 0x0a
-#define RESERVATION_CONFLICT 0x0c
-#define COMMAND_TERMINATED 0x11
-#define QUEUE_FULL 0x14
+#define CHECK_CONDITION 0x02
+#define CONDITION_GOOD 0x04
+#define BUSY 0x08
+#define INTERMEDIATE_GOOD 0x10
+#define INTERMEDIATE_C_GOOD 0x14
+#define RESERVATION_CONFLICT 0x18
+#define COMMAND_TERMINATED 0x22
+#define TASK_SET_FULL 0x28
+#define ACA_ACTIVE 0x30
+#define TASK_ABORTED 0x40
#define STATUS_MASK 0x3e
diff --git a/hw/scsi-generic.c b/hw/scsi-generic.c
index 7212091..9be1cca 100644
--- a/hw/scsi-generic.c
+++ b/hw/scsi-generic.c
@@ -96,17 +96,17 @@ static void scsi_command_complete(void *opaque, int ret)
s->senselen = r->io_header.sb_len_wr;
if (ret != 0)
- r->req.status = BUSY << 1;
+ r->req.status = BUSY;
else {
if (s->driver_status & SG_ERR_DRIVER_TIMEOUT) {
- r->req.status = BUSY << 1;
+ r->req.status = BUSY;
BADF("Driver Timeout\n");
} else if (r->io_header.status)
r->req.status = r->io_header.status;
else if (s->driver_status & SG_ERR_DRIVER_SENSE)
- r->req.status = CHECK_CONDITION << 1;
+ r->req.status = CHECK_CONDITION;
else
- r->req.status = GOOD << 1;
+ r->req.status = GOOD;
}
DPRINTF("Command complete 0x%p tag=0x%x status=%d\n",
r, r->req.tag, r->req.status);
@@ -333,7 +333,7 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
s->senselen = 7;
s->driver_status = SG_ERR_DRIVER_SENSE;
bus = scsi_bus_from_device(d);
- bus->complete(bus, SCSI_REASON_DONE, tag, CHECK_CONDITION << 1);
+ bus->complete(bus, SCSI_REASON_DONE, tag, CHECK_CONDITION);
return 0;
}
--
1.6.0.2
^ permalink raw reply related [flat|nested] 38+ messages in thread
* [Qemu-devel] [PATCH 03/15] scsi: INQUIRY VPD fixes
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
2010-11-24 11:15 ` [Qemu-devel] [PATCH 01/15] scsi: Increase the number of possible devices Hannes Reinecke
2010-11-24 11:15 ` [Qemu-devel] [PATCH 02/15] scsi: Return SAM status codes Hannes Reinecke
@ 2010-11-24 11:15 ` Hannes Reinecke
2010-11-24 11:15 ` [Qemu-devel] [PATCH 04/15] scsi: Move sense handling into the driver Hannes Reinecke
` (13 subsequent siblings)
16 siblings, 0 replies; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-24 11:15 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, nab, kraxel
We should announce and support the block device characterics page
only on block devices, not on CDROMs. And the VPD page 0x83 has
an off-by-one error.
Signed-off-by: Hannes Reinecke <hare@suse.de>
Acked-by: Christoph Hellwig <hch@lst.de>
---
hw/scsi-disk.c | 18 ++++++++++++++----
1 files changed, 14 insertions(+), 4 deletions(-)
diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c
index dc71957..a76e91c 100644
--- a/hw/scsi-disk.c
+++ b/hw/scsi-disk.c
@@ -398,15 +398,20 @@ static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
switch (page_code) {
case 0x00: /* Supported page codes, mandatory */
+ {
+ int pages;
DPRINTF("Inquiry EVPD[Supported pages] "
"buffer size %zd\n", req->cmd.xfer);
- outbuf[buflen++] = 4; // number of pages
+ pages = buflen++;
outbuf[buflen++] = 0x00; // list of supported pages (this page)
outbuf[buflen++] = 0x80; // unit serial number
outbuf[buflen++] = 0x83; // device identification
- outbuf[buflen++] = 0xb0; // block device characteristics
+ if (bdrv_get_type_hint(s->bs) != BDRV_TYPE_CDROM) {
+ outbuf[buflen++] = 0xb0; // block device characteristics
+ }
+ outbuf[pages] = buflen - pages - 1; // number of pages
break;
-
+ }
case 0x80: /* Device serial number, optional */
{
int l = strlen(s->serial);
@@ -434,7 +439,7 @@ static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
DPRINTF("Inquiry EVPD[Device identification] "
"buffer size %zd\n", req->cmd.xfer);
- outbuf[buflen++] = 3 + id_len;
+ outbuf[buflen++] = 4 + id_len;
outbuf[buflen++] = 0x2; // ASCII
outbuf[buflen++] = 0; // not officially assigned
outbuf[buflen++] = 0; // reserved
@@ -451,6 +456,11 @@ static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
unsigned int opt_io_size =
s->qdev.conf.opt_io_size / s->qdev.blocksize;
+ if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
+ DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
+ page_code);
+ return -1;
+ }
/* required VPD size with unmap support */
outbuf[3] = buflen = 0x3c;
--
1.6.0.2
^ permalink raw reply related [flat|nested] 38+ messages in thread
* [Qemu-devel] [PATCH 04/15] scsi: Move sense handling into the driver
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
` (2 preceding siblings ...)
2010-11-24 11:15 ` [Qemu-devel] [PATCH 03/15] scsi: INQUIRY VPD fixes Hannes Reinecke
@ 2010-11-24 11:15 ` Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 05/15] scsi-disk: Remove duplicate cdb parsing Hannes Reinecke
` (12 subsequent siblings)
16 siblings, 0 replies; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-24 11:15 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, nab, kraxel
The current sense handling in scsi-bus is only used by the
scsi-disk driver; the scsi-generic driver is using its own.
So we should move the current sense handling into the
scsi-disk driver.
Signed-off-by: Hannes Reinecke <hare@suse.de>
Acked-by: Christoph Hellwig <hch@lst.de>
---
hw/scsi-bus.c | 10 ----------
hw/scsi-disk.c | 33 +++++++++++++++++++++++++--------
hw/scsi.h | 8 --------
3 files changed, 25 insertions(+), 26 deletions(-)
diff --git a/hw/scsi-bus.c b/hw/scsi-bus.c
index 74a08b7..93f0e9a 100644
--- a/hw/scsi-bus.c
+++ b/hw/scsi-bus.c
@@ -123,16 +123,6 @@ int scsi_bus_legacy_handle_cmdline(SCSIBus *bus)
return res;
}
-void scsi_dev_clear_sense(SCSIDevice *dev)
-{
- memset(&dev->sense, 0, sizeof(dev->sense));
-}
-
-void scsi_dev_set_sense(SCSIDevice *dev, uint8_t key)
-{
- dev->sense.key = key;
-}
-
SCSIRequest *scsi_req_alloc(size_t size, SCSIDevice *d, uint32_t tag, uint32_t lun)
{
SCSIRequest *req;
diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c
index a76e91c..da6c3f0 100644
--- a/hw/scsi-disk.c
+++ b/hw/scsi-disk.c
@@ -49,6 +49,10 @@ do { fprintf(stderr, "scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
typedef struct SCSIDiskState SCSIDiskState;
+typedef struct SCSISense {
+ uint8_t key;
+} SCSISense;
+
typedef struct SCSIDiskReq {
SCSIRequest req;
/* ??? We should probably keep track of whether the data transfer is
@@ -72,6 +76,7 @@ struct SCSIDiskState
QEMUBH *bh;
char *version;
char *serial;
+ SCSISense sense;
};
static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type);
@@ -100,10 +105,22 @@ static SCSIDiskReq *scsi_find_request(SCSIDiskState *s, uint32_t tag)
return DO_UPCAST(SCSIDiskReq, req, scsi_req_find(&s->qdev, tag));
}
-static void scsi_req_set_status(SCSIRequest *req, int status, int sense_code)
+static void scsi_disk_clear_sense(SCSIDiskState *s)
{
- req->status = status;
- scsi_dev_set_sense(req->dev, sense_code);
+ memset(&s->sense, 0, sizeof(s->sense));
+}
+
+static void scsi_disk_set_sense(SCSIDiskState *s, uint8_t key)
+{
+ s->sense.key = key;
+}
+
+static void scsi_req_set_status(SCSIDiskReq *r, int status, int sense_code)
+{
+ SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
+
+ r->req.status = status;
+ scsi_disk_set_sense(s, sense_code);
}
/* Helper function for command completion. */
@@ -111,7 +128,7 @@ static void scsi_command_complete(SCSIDiskReq *r, int status, int sense)
{
DPRINTF("Command complete tag=0x%x status=%d sense=%d\n",
r->req.tag, status, sense);
- scsi_req_set_status(&r->req, status, sense);
+ scsi_req_set_status(r, status, sense);
scsi_req_complete(&r->req);
scsi_remove_request(r);
}
@@ -822,7 +839,7 @@ static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf)
goto illegal_request;
memset(outbuf, 0, 4);
buflen = 4;
- if (req->dev->sense.key == NOT_READY && req->cmd.xfer >= 18) {
+ if (s->sense.key == NOT_READY && req->cmd.xfer >= 18) {
memset(outbuf, 0, 18);
buflen = 18;
outbuf[7] = 10;
@@ -832,8 +849,8 @@ static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf)
}
outbuf[0] = 0xf0;
outbuf[1] = 0;
- outbuf[2] = req->dev->sense.key;
- scsi_dev_clear_sense(req->dev);
+ outbuf[2] = s->sense.key;
+ scsi_disk_clear_sense(s);
break;
case INQUIRY:
buflen = scsi_disk_emulate_inquiry(req, outbuf);
@@ -966,7 +983,7 @@ static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf)
default:
goto illegal_request;
}
- scsi_req_set_status(req, GOOD, NO_SENSE);
+ scsi_req_set_status(r, GOOD, NO_SENSE);
return buflen;
not_ready:
diff --git a/hw/scsi.h b/hw/scsi.h
index 9c798ae..bf02adf 100644
--- a/hw/scsi.h
+++ b/hw/scsi.h
@@ -26,10 +26,6 @@ enum SCSIXferMode {
SCSI_XFER_TO_DEV, /* WRITE, MODE_SELECT, ... */
};
-typedef struct SCSISense {
- uint8_t key;
-} SCSISense;
-
typedef struct SCSIRequest {
SCSIBus *bus;
SCSIDevice *dev;
@@ -57,7 +53,6 @@ struct SCSIDevice
QTAILQ_HEAD(, SCSIRequest) requests;
int blocksize;
int type;
- struct SCSISense sense;
};
/* cdrom.c */
@@ -102,9 +97,6 @@ static inline SCSIBus *scsi_bus_from_device(SCSIDevice *d)
SCSIDevice *scsi_bus_legacy_add_drive(SCSIBus *bus, BlockDriverState *bdrv, int unit);
int scsi_bus_legacy_handle_cmdline(SCSIBus *bus);
-void scsi_dev_clear_sense(SCSIDevice *dev);
-void scsi_dev_set_sense(SCSIDevice *dev, uint8_t key);
-
SCSIRequest *scsi_req_alloc(size_t size, SCSIDevice *d, uint32_t tag, uint32_t lun);
SCSIRequest *scsi_req_find(SCSIDevice *d, uint32_t tag);
void scsi_req_free(SCSIRequest *req);
--
1.6.0.2
^ permalink raw reply related [flat|nested] 38+ messages in thread
* [Qemu-devel] [PATCH 05/15] scsi-disk: Remove duplicate cdb parsing
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
` (3 preceding siblings ...)
2010-11-24 11:15 ` [Qemu-devel] [PATCH 04/15] scsi: Move sense handling into the driver Hannes Reinecke
@ 2010-11-24 11:16 ` Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 06/15] scsi: Update sense code handling Hannes Reinecke
` (11 subsequent siblings)
16 siblings, 0 replies; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-24 11:16 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, nab, kraxel
We parse the CDB twice, which is completely unnecessary.
Signed-off-by: Hannes Reinecke <hare@suse.de>
Acked-by: Christoph Hellwig <hch@lst.de>
---
hw/scsi-disk.c | 74 ++++++++++++++++----------------------------------------
1 files changed, 21 insertions(+), 53 deletions(-)
diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c
index da6c3f0..58e5f5b 100644
--- a/hw/scsi-disk.c
+++ b/hw/scsi-disk.c
@@ -1004,9 +1004,7 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
uint8_t *buf, int lun)
{
SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
- uint64_t lba;
uint32_t len;
- int cmdlen;
int is_write;
uint8_t command;
uint8_t *outbuf;
@@ -1025,55 +1023,21 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
outbuf = (uint8_t *)r->iov.iov_base;
is_write = 0;
DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
- switch (command >> 5) {
- case 0:
- lba = (uint64_t) buf[3] | ((uint64_t) buf[2] << 8) |
- (((uint64_t) buf[1] & 0x1f) << 16);
- len = buf[4];
- cmdlen = 6;
- break;
- case 1:
- case 2:
- lba = (uint64_t) buf[5] | ((uint64_t) buf[4] << 8) |
- ((uint64_t) buf[3] << 16) | ((uint64_t) buf[2] << 24);
- len = buf[8] | (buf[7] << 8);
- cmdlen = 10;
- break;
- case 4:
- lba = (uint64_t) buf[9] | ((uint64_t) buf[8] << 8) |
- ((uint64_t) buf[7] << 16) | ((uint64_t) buf[6] << 24) |
- ((uint64_t) buf[5] << 32) | ((uint64_t) buf[4] << 40) |
- ((uint64_t) buf[3] << 48) | ((uint64_t) buf[2] << 56);
- len = buf[13] | (buf[12] << 8) | (buf[11] << 16) | (buf[10] << 24);
- cmdlen = 16;
- break;
- case 5:
- lba = (uint64_t) buf[5] | ((uint64_t) buf[4] << 8) |
- ((uint64_t) buf[3] << 16) | ((uint64_t) buf[2] << 24);
- len = buf[9] | (buf[8] << 8) | (buf[7] << 16) | (buf[6] << 24);
- cmdlen = 12;
- break;
- default:
+
+ if (scsi_req_parse(&r->req, buf) != 0) {
BADF("Unsupported command length, command %x\n", command);
goto fail;
}
#ifdef DEBUG_SCSI
{
int i;
- for (i = 1; i < cmdlen; i++) {
+ for (i = 1; i < r->req.cmd.len; i++) {
printf(" 0x%02x", buf[i]);
}
printf("\n");
}
#endif
- if (scsi_req_parse(&r->req, buf) != 0) {
- BADF("Unsupported command length, command %x\n", command);
- goto fail;
- }
- assert(r->req.cmd.len == cmdlen);
- assert(r->req.cmd.lba == lba);
-
if (lun || buf[1] >> 5) {
/* Only LUN 0 supported. */
DPRINTF("Unimplemented LUN %d\n", lun ? lun : buf[1] >> 5);
@@ -1111,10 +1075,11 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
case READ_10:
case READ_12:
case READ_16:
- DPRINTF("Read (sector %" PRId64 ", count %d)\n", lba, len);
- if (lba > s->max_lba)
+ len = r->req.cmd.xfer / d->blocksize;
+ DPRINTF("Read (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len);
+ if (r->req.cmd.lba > s->max_lba)
goto illegal_lba;
- r->sector = lba * s->cluster_size;
+ r->sector = r->req.cmd.lba * s->cluster_size;
r->sector_count = len * s->cluster_size;
break;
case WRITE_6:
@@ -1124,42 +1089,45 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
case WRITE_VERIFY:
case WRITE_VERIFY_12:
case WRITE_VERIFY_16:
+ len = r->req.cmd.xfer / d->blocksize;
DPRINTF("Write %s(sector %" PRId64 ", count %d)\n",
- (command & 0xe) == 0xe ? "And Verify " : "", lba, len);
- if (lba > s->max_lba)
+ (command & 0xe) == 0xe ? "And Verify " : "",
+ r->req.cmd.lba, len);
+ if (r->req.cmd.lba > s->max_lba)
goto illegal_lba;
- r->sector = lba * s->cluster_size;
+ r->sector = r->req.cmd.lba * s->cluster_size;
r->sector_count = len * s->cluster_size;
is_write = 1;
break;
case MODE_SELECT:
- DPRINTF("Mode Select(6) (len %d)\n", len);
+ DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
/* We don't support mode parameter changes.
Allow the mode parameter header + block descriptors only. */
- if (len > 12) {
+ if (r->req.cmd.xfer > 12) {
goto fail;
}
break;
case MODE_SELECT_10:
- DPRINTF("Mode Select(10) (len %d)\n", len);
+ DPRINTF("Mode Select(10) (len %lu)\n", (long)r->req.cmd.xfer);
/* We don't support mode parameter changes.
Allow the mode parameter header + block descriptors only. */
- if (len > 16) {
+ if (r->req.cmd.xfer > 16) {
goto fail;
}
break;
case SEEK_6:
case SEEK_10:
- DPRINTF("Seek(%d) (sector %" PRId64 ")\n", command == SEEK_6 ? 6 : 10, lba);
- if (lba > s->max_lba) {
+ DPRINTF("Seek(%d) (sector %" PRId64 ")\n", command == SEEK_6 ? 6 : 10,
+ r->req.cmd.lba);
+ if (r->req.cmd.lba > s->max_lba) {
goto illegal_lba;
}
break;
default:
- DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
+ DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
fail:
scsi_command_complete(r, CHECK_CONDITION, ILLEGAL_REQUEST);
- return 0;
+ return 0;
illegal_lba:
scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
return 0;
--
1.6.0.2
^ permalink raw reply related [flat|nested] 38+ messages in thread
* [Qemu-devel] [PATCH 06/15] scsi: Update sense code handling
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
` (4 preceding siblings ...)
2010-11-24 11:16 ` [Qemu-devel] [PATCH 05/15] scsi-disk: Remove duplicate cdb parsing Hannes Reinecke
@ 2010-11-24 11:16 ` Hannes Reinecke
2010-11-25 14:33 ` Kevin Wolf
2010-11-24 11:16 ` [Qemu-devel] [PATCH 07/15] lsi53c895a: Rename 'sense' to 'status' Hannes Reinecke
` (10 subsequent siblings)
16 siblings, 1 reply; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-24 11:16 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, nab, kraxel
The SCSI spec has a quite detailed list of sense codes available.
It even mandates the use of specific ones for some failure cases.
The current implementation just has one type of 'generic' error
which is actually a violation of the spec in certain cases.
This patch introduces various predefined sense codes to have the
sense code reporting more in line with the spec.
Signed-off-by: Hannes Reinecke <hare@suse.de>
Acked-by: Christoph Hellwig <hch@lst.de>
---
hw/scsi-bus.c | 92 ++++++++++++++++++++++++++++++++++++++++++++
hw/scsi-disk.c | 109 +++++++++++++++++++++++++++--------------------------
hw/scsi-generic.c | 76 ++++++++++++++++++++++++++-----------
hw/scsi.h | 38 ++++++++++++++++++
4 files changed, 239 insertions(+), 76 deletions(-)
diff --git a/hw/scsi-bus.c b/hw/scsi-bus.c
index 93f0e9a..afdf0ad 100644
--- a/hw/scsi-bus.c
+++ b/hw/scsi-bus.c
@@ -388,6 +388,98 @@ int scsi_req_parse(SCSIRequest *req, uint8_t *buf)
return 0;
}
+/*
+ * Predefined sense codes
+ */
+
+/* No sense data available */
+const struct SCSISense sense_code_NO_SENSE = {
+ .key = NO_SENSE , .asc = 0x00 , .ascq = 0x00
+};
+
+/* LUN not ready, Manual intervention required */
+const struct SCSISense sense_code_LUN_NOT_READY = {
+ .key = NOT_READY, .asc = 0x04, .ascq = 0x03
+};
+
+/* LUN not ready, Medium not present */
+const struct SCSISense sense_code_NO_MEDIUM = {
+ .key = NOT_READY, .asc = 0x3a, .ascq = 0x00
+};
+
+/* Hardware error, internal target failure */
+const struct SCSISense sense_code_TARGET_FAILURE = {
+ .key = HARDWARE_ERROR, .asc = 0x44, .ascq = 0x00
+};
+
+/* Illegal request, invalid command operation code */
+const struct SCSISense sense_code_INVALID_OPCODE = {
+ .key = ILLEGAL_REQUEST, .asc = 0x20, .ascq = 0x00
+};
+
+/* Illegal request, LBA out of range */
+const struct SCSISense sense_code_LBA_OUT_OF_RANGE = {
+ .key = ILLEGAL_REQUEST, .asc = 0x21, .ascq = 0x00
+};
+
+/* Illegal request, Invalid field in CDB */
+const struct SCSISense sense_code_INVALID_FIELD = {
+ .key = ILLEGAL_REQUEST, .asc = 0x24, .ascq = 0x00
+};
+
+/* Illegal request, LUN not supported */
+const struct SCSISense sense_code_LUN_NOT_SUPPORTED = {
+ .key = ILLEGAL_REQUEST, .asc = 0x25, .ascq = 0x00
+};
+
+/* Command aborted, I/O process terminated */
+const struct SCSISense sense_code_IO_ERROR = {
+ .key = ABORTED_COMMAND, .asc = 0x00, .ascq = 0x06
+};
+
+/* Command aborted, I_T Nexus loss occurred */
+const struct SCSISense sense_code_I_T_NEXUS_LOSS = {
+ .key = ABORTED_COMMAND, .asc = 0x29, .ascq = 0x07
+};
+
+/* Command aborted, Logical Unit failure */
+const struct SCSISense sense_code_LUN_FAILURE = {
+ .key = ABORTED_COMMAND, .asc = 0x3e, .ascq = 0x01
+};
+
+/*
+ * scsi_build_sense
+ *
+ * Build a sense buffer
+ */
+int scsi_build_sense(SCSISense sense, uint8_t *buf, int len, int fixed)
+{
+ if (len < 8)
+ return 0;
+ if (fixed && len < 14)
+ return 0;
+
+ memset(buf, 0, len);
+ if (fixed) {
+ /* Return fixed format sense buffer */
+ buf[0] = 0xf0;
+ buf[2] = sense.key;
+ buf[7] = 7;
+ buf[12] = sense.asc;
+ buf[13] = sense.ascq;
+ len = 14;
+ } else {
+ /* Return descriptor format sense buffer */
+ buf[0] = 0x72;
+ buf[1] = sense.key;
+ buf[2] = sense.asc;
+ buf[3] = sense.ascq;
+ len = 8;
+ }
+
+ return len;
+}
+
static const char *scsi_command_name(uint8_t cmd)
{
static const char *names[] = {
diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c
index 58e5f5b..a71607e 100644
--- a/hw/scsi-disk.c
+++ b/hw/scsi-disk.c
@@ -49,10 +49,6 @@ do { fprintf(stderr, "scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
typedef struct SCSIDiskState SCSIDiskState;
-typedef struct SCSISense {
- uint8_t key;
-} SCSISense;
-
typedef struct SCSIDiskReq {
SCSIRequest req;
/* ??? We should probably keep track of whether the data transfer is
@@ -110,24 +106,19 @@ static void scsi_disk_clear_sense(SCSIDiskState *s)
memset(&s->sense, 0, sizeof(s->sense));
}
-static void scsi_disk_set_sense(SCSIDiskState *s, uint8_t key)
-{
- s->sense.key = key;
-}
-
-static void scsi_req_set_status(SCSIDiskReq *r, int status, int sense_code)
+static void scsi_req_set_status(SCSIDiskReq *r, int status, SCSISense sense)
{
SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
r->req.status = status;
- scsi_disk_set_sense(s, sense_code);
+ s->sense = sense;
}
/* Helper function for command completion. */
-static void scsi_command_complete(SCSIDiskReq *r, int status, int sense)
+static void scsi_command_complete(SCSIDiskReq *r, int status, SCSISense sense)
{
- DPRINTF("Command complete tag=0x%x status=%d sense=%d\n",
- r->req.tag, status, sense);
+ DPRINTF("Command complete tag=0x%x status=%d sense=%d/%d/%d\n",
+ r->req.tag, status, sense.key, sense.asc, sense.ascq);
scsi_req_set_status(r, status, sense);
scsi_req_complete(&r->req);
scsi_remove_request(r);
@@ -183,7 +174,7 @@ static void scsi_read_request(SCSIDiskReq *r)
}
DPRINTF("Read sector_count=%d\n", r->sector_count);
if (r->sector_count == 0) {
- scsi_command_complete(r, GOOD, NO_SENSE);
+ scsi_command_complete(r, GOOD, SENSE_CODE(NO_SENSE));
return;
}
@@ -208,9 +199,12 @@ static void scsi_read_data(SCSIDevice *d, uint32_t tag)
r = scsi_find_request(s, tag);
if (!r) {
+ SCSIBus *bus;
+
BADF("Bad read tag 0x%x\n", tag);
- /* ??? This is the wrong error. */
- scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
+ bus = scsi_bus_from_device(d);
+ s->sense = SENSE_CODE(I_T_NEXUS_LOSS);
+ bus->complete(bus, SCSI_REASON_DONE, tag, CHECK_CONDITION);
return;
}
@@ -243,8 +237,13 @@ static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type)
if (type == SCSI_REQ_STATUS_RETRY_READ) {
r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, 0);
}
- scsi_command_complete(r, CHECK_CONDITION,
- HARDWARE_ERROR);
+ if (error == EBADR) {
+ scsi_command_complete(r, CHECK_CONDITION,
+ SENSE_CODE(TARGET_FAILURE));
+ } else {
+ scsi_command_complete(r, CHECK_CONDITION,
+ SENSE_CODE(IO_ERROR));
+ }
bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
}
@@ -269,7 +268,7 @@ static void scsi_write_complete(void * opaque, int ret)
r->sector += n;
r->sector_count -= n;
if (r->sector_count == 0) {
- scsi_command_complete(r, GOOD, NO_SENSE);
+ scsi_command_complete(r, GOOD, SENSE_CODE(NO_SENSE));
} else {
len = r->sector_count * 512;
if (len > SCSI_DMA_BUF_SIZE) {
@@ -292,7 +291,7 @@ static void scsi_write_request(SCSIDiskReq *r)
r->req.aiocb = bdrv_aio_writev(s->bs, r->sector, &r->qiov, n,
scsi_write_complete, r);
if (r->req.aiocb == NULL) {
- scsi_write_complete(r, -EIO);
+ scsi_write_complete(r, -EBADR);
}
} else {
/* Invoke completion routine to fetch data from host. */
@@ -310,8 +309,12 @@ static int scsi_write_data(SCSIDevice *d, uint32_t tag)
DPRINTF("Write data tag=0x%x\n", tag);
r = scsi_find_request(s, tag);
if (!r) {
+ SCSIBus *bus;
+
BADF("Bad write tag 0x%x\n", tag);
- scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
+ bus = scsi_bus_from_device(d);
+ s->sense = SENSE_CODE(I_T_NEXUS_LOSS);
+ bus->complete(bus, SCSI_REASON_DONE, tag, CHECK_CONDITION);
return 1;
}
@@ -351,7 +354,7 @@ static void scsi_dma_restart_bh(void *opaque)
case SCSI_REQ_STATUS_RETRY_FLUSH:
ret = scsi_disk_emulate_command(r, r->iov.iov_base);
if (ret == 0) {
- scsi_command_complete(r, GOOD, NO_SENSE);
+ scsi_command_complete(r, GOOD, SENSE_CODE(NO_SENSE));
}
}
}
@@ -833,30 +836,19 @@ static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf)
case TEST_UNIT_READY:
if (!bdrv_is_inserted(s->bs))
goto not_ready;
- break;
+ break;
case REQUEST_SENSE:
if (req->cmd.xfer < 4)
goto illegal_request;
- memset(outbuf, 0, 4);
- buflen = 4;
- if (s->sense.key == NOT_READY && req->cmd.xfer >= 18) {
- memset(outbuf, 0, 18);
- buflen = 18;
- outbuf[7] = 10;
- /* asc 0x3a, ascq 0: Medium not present */
- outbuf[12] = 0x3a;
- outbuf[13] = 0;
- }
- outbuf[0] = 0xf0;
- outbuf[1] = 0;
- outbuf[2] = s->sense.key;
+ buflen = scsi_build_sense(s->sense, outbuf, req->cmd.xfer,
+ req->cmd.xfer > 13);
scsi_disk_clear_sense(s);
break;
case INQUIRY:
buflen = scsi_disk_emulate_inquiry(req, outbuf);
if (buflen < 0)
goto illegal_request;
- break;
+ break;
case MODE_SENSE:
case MODE_SENSE_10:
buflen = scsi_disk_emulate_mode_sense(req, outbuf);
@@ -889,14 +881,14 @@ static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf)
/* load/eject medium */
bdrv_eject(s->bs, !(req->cmd.buf[4] & 1));
}
- break;
+ break;
case ALLOW_MEDIUM_REMOVAL:
bdrv_set_locked(s->bs, req->cmd.buf[4] & 1);
- break;
+ break;
case READ_CAPACITY:
/* The normal LEN field for this command is zero. */
- memset(outbuf, 0, 8);
- bdrv_get_geometry(s->bs, &nb_sectors);
+ memset(outbuf, 0, 8);
+ bdrv_get_geometry(s->bs, &nb_sectors);
if (!nb_sectors)
goto not_ready;
nb_sectors /= s->cluster_size;
@@ -916,7 +908,7 @@ static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf)
outbuf[6] = s->cluster_size * 2;
outbuf[7] = 0;
buflen = 8;
- break;
+ break;
case SYNCHRONIZE_CACHE:
ret = bdrv_flush(s->bs);
if (ret < 0) {
@@ -981,17 +973,22 @@ static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf)
}
break;
default:
- goto illegal_request;
+ scsi_command_complete(r, CHECK_CONDITION, SENSE_CODE(INVALID_OPCODE));
+ return -1;
}
- scsi_req_set_status(r, GOOD, NO_SENSE);
+ scsi_req_set_status(r, GOOD, SENSE_CODE(NO_SENSE));
return buflen;
not_ready:
- scsi_command_complete(r, CHECK_CONDITION, NOT_READY);
+ if (!bdrv_is_inserted(s->bs)) {
+ scsi_command_complete(r, CHECK_CONDITION, SENSE_CODE(NO_MEDIUM));
+ } else {
+ scsi_command_complete(r, CHECK_CONDITION, SENSE_CODE(LUN_NOT_READY));
+ }
return -1;
illegal_request:
- scsi_command_complete(r, CHECK_CONDITION, ILLEGAL_REQUEST);
+ scsi_command_complete(r, CHECK_CONDITION, SENSE_CODE(INVALID_FIELD));
return -1;
}
@@ -1026,7 +1023,8 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
if (scsi_req_parse(&r->req, buf) != 0) {
BADF("Unsupported command length, command %x\n", command);
- goto fail;
+ scsi_command_complete(r, CHECK_CONDITION, SENSE_CODE(INVALID_OPCODE));
+ return 0;
}
#ifdef DEBUG_SCSI
{
@@ -1041,8 +1039,11 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
if (lun || buf[1] >> 5) {
/* Only LUN 0 supported. */
DPRINTF("Unimplemented LUN %d\n", lun ? lun : buf[1] >> 5);
- if (command != REQUEST_SENSE && command != INQUIRY)
- goto fail;
+ if (command != REQUEST_SENSE && command != INQUIRY) {
+ scsi_command_complete(r, CHECK_CONDITION,
+ SENSE_CODE(LUN_NOT_SUPPORTED));
+ return 0;
+ }
}
switch (command) {
case TEST_UNIT_READY:
@@ -1125,15 +1126,17 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
break;
default:
DPRINTF("Unknown SCSI command (%2.2x)\n", buf[0]);
+ scsi_command_complete(r, CHECK_CONDITION, SENSE_CODE(INVALID_OPCODE));
+ return 0;
fail:
- scsi_command_complete(r, CHECK_CONDITION, ILLEGAL_REQUEST);
+ scsi_command_complete(r, CHECK_CONDITION, SENSE_CODE(INVALID_FIELD));
return 0;
illegal_lba:
- scsi_command_complete(r, CHECK_CONDITION, HARDWARE_ERROR);
+ scsi_command_complete(r, CHECK_CONDITION, SENSE_CODE(LBA_OUT_OF_RANGE));
return 0;
}
if (r->sector_count == 0 && r->iov.iov_len == 0) {
- scsi_command_complete(r, GOOD, NO_SENSE);
+ scsi_command_complete(r, GOOD, SENSE_CODE(NO_SENSE));
}
len = r->sector_count * 512 + r->iov.iov_len;
if (is_write) {
diff --git a/hw/scsi-generic.c b/hw/scsi-generic.c
index 9be1cca..a095f64 100644
--- a/hw/scsi-generic.c
+++ b/hw/scsi-generic.c
@@ -66,6 +66,23 @@ struct SCSIGenericState
uint8_t senselen;
};
+static int scsi_set_sense(SCSIGenericState *s, SCSISense sense)
+{
+ int len;
+
+ len = scsi_build_sense(sense, s->sensebuf, SCSI_SENSE_BUF_SIZE, 0);
+ s->driver_status = SG_ERR_DRIVER_SENSE;
+
+ return len;
+}
+
+static void scsi_clear_sense(SCSIGenericState *s)
+{
+ memset(s->sensebuf, 0, SCSI_SENSE_BUF_SIZE);
+ s->senselen = 0;
+ s->driver_status = 0;
+}
+
static SCSIGenericReq *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun)
{
SCSIRequest *req;
@@ -95,18 +112,31 @@ static void scsi_command_complete(void *opaque, int ret)
if (s->driver_status & SG_ERR_DRIVER_SENSE)
s->senselen = r->io_header.sb_len_wr;
- if (ret != 0)
- r->req.status = BUSY;
- else {
+ if (ret != 0) {
+ switch(ret) {
+ case -EINVAL:
+ s->senselen = scsi_set_sense(s, SENSE_CODE(TARGET_FAILURE));
+ break;
+ case -EBADR:
+ s->senselen = scsi_set_sense(s, SENSE_CODE(TARGET_FAILURE));
+ break;
+ default:
+ s->senselen = scsi_set_sense(s, SENSE_CODE(IO_ERROR));
+ break;
+ }
+ s->driver_status = SG_ERR_DRIVER_SENSE;
+ r->req.status = CHECK_CONDITION;
+ } else {
if (s->driver_status & SG_ERR_DRIVER_TIMEOUT) {
r->req.status = BUSY;
BADF("Driver Timeout\n");
- } else if (r->io_header.status)
+ } else if (r->io_header.status) {
r->req.status = r->io_header.status;
- else if (s->driver_status & SG_ERR_DRIVER_SENSE)
+ } else if (s->driver_status & SG_ERR_DRIVER_SENSE) {
r->req.status = CHECK_CONDITION;
- else
+ } else {
r->req.status = GOOD;
+ }
}
DPRINTF("Command complete 0x%p tag=0x%x status=%d\n",
r, r->req.tag, r->req.status);
@@ -187,9 +217,12 @@ static void scsi_read_data(SCSIDevice *d, uint32_t tag)
DPRINTF("scsi_read_data 0x%x\n", tag);
r = scsi_find_request(s, tag);
if (!r) {
+ SCSIBus *bus;
+
BADF("Bad read tag 0x%x\n", tag);
- /* ??? This is the wrong error. */
- scsi_command_complete(r, -EINVAL);
+ scsi_set_sense(s, SENSE_CODE(I_T_NEXUS_LOSS));
+ bus = scsi_bus_from_device(d);
+ bus->complete(bus, SCSI_REASON_DONE, tag, CHECK_CONDITION);
return;
}
@@ -211,12 +244,14 @@ static void scsi_read_data(SCSIDevice *d, uint32_t tag)
r->buf[0], r->buf[1], r->buf[2], r->buf[3],
r->buf[4], r->buf[5], r->buf[6], r->buf[7]);
r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, s->senselen);
+ /* Clear sensebuf after REQUEST_SENSE */
+ scsi_clear_sense(s);
return;
}
ret = execute_command(s->bs, r, SG_DXFER_FROM_DEV, scsi_read_complete);
if (ret == -1) {
- scsi_command_complete(r, -EINVAL);
+ scsi_command_complete(r, -EBADR);
return;
}
}
@@ -253,9 +288,12 @@ static int scsi_write_data(SCSIDevice *d, uint32_t tag)
DPRINTF("scsi_write_data 0x%x\n", tag);
r = scsi_find_request(s, tag);
if (!r) {
+ SCSIBus *bus;
+
BADF("Bad write tag 0x%x\n", tag);
- /* ??? This is the wrong error. */
- scsi_command_complete(r, -EINVAL);
+ scsi_set_sense(s, SENSE_CODE(I_T_NEXUS_LOSS));
+ bus = scsi_bus_from_device(d);
+ bus->complete(bus, SCSI_REASON_DONE, tag, CHECK_CONDITION);
return 0;
}
@@ -267,7 +305,7 @@ static int scsi_write_data(SCSIDevice *d, uint32_t tag)
ret = execute_command(s->bs, r, SG_DXFER_TO_DEV, scsi_write_complete);
if (ret == -1) {
- scsi_command_complete(r, -EINVAL);
+ scsi_command_complete(r, -EBADR);
return 1;
}
@@ -323,15 +361,7 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
(lun != s->lun || (cmd[1] >> 5) != s->lun)) {
DPRINTF("Unimplemented LUN %d\n", lun ? lun : cmd[1] >> 5);
- s->sensebuf[0] = 0x70;
- s->sensebuf[1] = 0x00;
- s->sensebuf[2] = ILLEGAL_REQUEST;
- s->sensebuf[3] = 0x00;
- s->sensebuf[4] = 0x00;
- s->sensebuf[5] = 0x00;
- s->sensebuf[6] = 0x00;
- s->senselen = 7;
- s->driver_status = SG_ERR_DRIVER_SENSE;
+ scsi_set_sense(s, SENSE_CODE(LUN_NOT_SUPPORTED));
bus = scsi_bus_from_device(d);
bus->complete(bus, SCSI_REASON_DONE, tag, CHECK_CONDITION);
return 0;
@@ -346,7 +376,7 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
if (-1 == scsi_req_parse(&r->req, cmd)) {
BADF("Unsupported command length, command %x\n", cmd[0]);
- scsi_remove_request(r);
+ scsi_command_complete(r, -EINVAL);
return 0;
}
scsi_req_fixup(&r->req);
@@ -371,7 +401,7 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
r->buf = NULL;
ret = execute_command(s->bs, r, SG_DXFER_NONE, scsi_command_complete);
if (ret == -1) {
- scsi_command_complete(r, -EINVAL);
+ scsi_command_complete(r, -EBADR);
return 0;
}
return 0;
diff --git a/hw/scsi.h b/hw/scsi.h
index bf02adf..1196122 100644
--- a/hw/scsi.h
+++ b/hw/scsi.h
@@ -26,6 +26,12 @@ enum SCSIXferMode {
SCSI_XFER_TO_DEV, /* WRITE, MODE_SELECT, ... */
};
+typedef struct SCSISense {
+ uint8_t key;
+ uint8_t asc;
+ uint8_t ascq;
+} SCSISense;
+
typedef struct SCSIRequest {
SCSIBus *bus;
SCSIDevice *dev;
@@ -97,6 +103,38 @@ static inline SCSIBus *scsi_bus_from_device(SCSIDevice *d)
SCSIDevice *scsi_bus_legacy_add_drive(SCSIBus *bus, BlockDriverState *bdrv, int unit);
int scsi_bus_legacy_handle_cmdline(SCSIBus *bus);
+/*
+ * Predefined sense codes
+ */
+
+/* No sense data available */
+extern const struct SCSISense sense_code_NO_SENSE;
+/* LUN not ready, Manual intervention required */
+extern const struct SCSISense sense_code_LUN_NOT_READY;
+/* LUN not ready, Medium not present */
+extern const struct SCSISense sense_code_NO_MEDIUM;
+/* Hardware error, internal target failure */
+extern const struct SCSISense sense_code_TARGET_FAILURE;
+/* Illegal request, invalid command operation code */
+extern const struct SCSISense sense_code_INVALID_OPCODE;
+/* Illegal request, LBA out of range */
+extern const struct SCSISense sense_code_LBA_OUT_OF_RANGE;
+/* Illegal request, Invalid field in CDB */
+extern const struct SCSISense sense_code_INVALID_FIELD;
+/* Illegal request, LUN not supported */
+extern const struct SCSISense sense_code_LUN_NOT_SUPPORTED;
+/* Command aborted, I/O process terminated */
+extern const struct SCSISense sense_code_IO_ERROR;
+/* Command aborted, I_T Nexus loss occurred */
+extern const struct SCSISense sense_code_I_T_NEXUS_LOSS;
+/* Command aborted, Logical Unit failure */
+extern const struct SCSISense sense_code_LUN_FAILURE;
+
+#define SENSE_CODE(x) sense_code_ ## x
+
+int scsi_build_sense(SCSISense sense, uint8_t *buf, int len, int fixed);
+int scsi_sense_valid(SCSISense sense);
+
SCSIRequest *scsi_req_alloc(size_t size, SCSIDevice *d, uint32_t tag, uint32_t lun);
SCSIRequest *scsi_req_find(SCSIDevice *d, uint32_t tag);
void scsi_req_free(SCSIRequest *req);
--
1.6.0.2
^ permalink raw reply related [flat|nested] 38+ messages in thread
* [Qemu-devel] [PATCH 07/15] lsi53c895a: Rename 'sense' to 'status'
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
` (5 preceding siblings ...)
2010-11-24 11:16 ` [Qemu-devel] [PATCH 06/15] scsi: Update sense code handling Hannes Reinecke
@ 2010-11-24 11:16 ` Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 08/15] scsi-disk: Allocate iovec dynamically Hannes Reinecke
` (9 subsequent siblings)
16 siblings, 0 replies; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-24 11:16 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, nab, kraxel
The 'sense' field in the HBA status structure is misnamed, as it
actually carries the SCSI status. Rename it.
Signed-off-by: Hannes Reinecke <hare@suse.de>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
---
hw/lsi53c895a.c | 18 +++++++++---------
1 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/hw/lsi53c895a.c b/hw/lsi53c895a.c
index f97335e..8246ee8 100644
--- a/hw/lsi53c895a.c
+++ b/hw/lsi53c895a.c
@@ -189,7 +189,7 @@ typedef struct {
uint32_t script_ram_base;
int carry; /* ??? Should this be an a visible register somewhere? */
- int sense;
+ int status;
/* Action to take at the end of a MSG IN phase.
0 = COMMAND, 1 = disconnect, 2 = DATA OUT, 3 = DATA IN. */
int msg_action;
@@ -695,8 +695,8 @@ static void lsi_command_complete(SCSIBus *bus, int reason, uint32_t tag,
out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
if (reason == SCSI_REASON_DONE) {
- DPRINTF("Command complete sense=%d\n", (int)arg);
- s->sense = arg;
+ DPRINTF("Command complete status=%d\n", (int)arg);
+ s->status = arg;
s->command_complete = 2;
if (s->waiting && s->dbc != 0) {
/* Raise phase mismatch for short transfers. */
@@ -783,14 +783,14 @@ static void lsi_do_command(LSIState *s)
static void lsi_do_status(LSIState *s)
{
- uint8_t sense;
- DPRINTF("Get status len=%d sense=%d\n", s->dbc, s->sense);
+ uint8_t status;
+ DPRINTF("Get status len=%d status=%d\n", s->dbc, s->status);
if (s->dbc != 1)
BADF("Bad Status move\n");
s->dbc = 1;
- sense = s->sense;
- s->sfbr = sense;
- cpu_physical_memory_write(s->dnad, &sense, 1);
+ status = s->status;
+ s->sfbr = status;
+ cpu_physical_memory_write(s->dnad, &status, 1);
lsi_set_phase(s, PHASE_MI);
s->msg_action = 1;
lsi_add_msg_byte(s, 0); /* COMMAND COMPLETE */
@@ -2067,7 +2067,7 @@ static const VMStateDescription vmstate_lsi_scsi = {
VMSTATE_PCI_DEVICE(dev, LSIState),
VMSTATE_INT32(carry, LSIState),
- VMSTATE_INT32(sense, LSIState),
+ VMSTATE_INT32(status, LSIState),
VMSTATE_INT32(msg_action, LSIState),
VMSTATE_INT32(msg_len, LSIState),
VMSTATE_BUFFER(msg, LSIState),
--
1.6.0.2
^ permalink raw reply related [flat|nested] 38+ messages in thread
* [Qemu-devel] [PATCH 08/15] scsi-disk: Allocate iovec dynamically
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
` (6 preceding siblings ...)
2010-11-24 11:16 ` [Qemu-devel] [PATCH 07/15] lsi53c895a: Rename 'sense' to 'status' Hannes Reinecke
@ 2010-11-24 11:16 ` Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 09/15] scsi: Use 'SCSIRequest' directly Hannes Reinecke
` (8 subsequent siblings)
16 siblings, 0 replies; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-24 11:16 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, nab, kraxel
Rather than have the iovec part of the structure with a fixed size
of '1' we should be allocating it dynamically. This will allow us
to pass in SGLs directly.
Signed-off-by: Hannes Reinecke <hare@suse.de>
---
hw/scsi-disk.c | 102 +++++++++++++++++++++++++++++++++-----------------------
1 files changed, 60 insertions(+), 42 deletions(-)
diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c
index a71607e..deec825 100644
--- a/hw/scsi-disk.c
+++ b/hw/scsi-disk.c
@@ -37,6 +37,7 @@ do { fprintf(stderr, "scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
#include "scsi-defs.h"
#include "sysemu.h"
#include "blockdev.h"
+#include "iov.h"
#define SCSI_DMA_BUF_SIZE 131072
#define SCSI_MAX_INQUIRY_LEN 256
@@ -56,7 +57,10 @@ typedef struct SCSIDiskReq {
/* Both sector and sector_count are in terms of qemu 512 byte blocks. */
uint64_t sector;
uint32_t sector_count;
- struct iovec iov;
+ uint8_t *iov_buf;
+ uint64_t iov_len;
+ struct iovec *iov;
+ int iov_num;
QEMUIOVector qiov;
uint32_t status;
} SCSIDiskReq;
@@ -86,13 +90,19 @@ static SCSIDiskReq *scsi_new_request(SCSIDiskState *s, uint32_t tag,
req = scsi_req_alloc(sizeof(SCSIDiskReq), &s->qdev, tag, lun);
r = DO_UPCAST(SCSIDiskReq, req, req);
- r->iov.iov_base = qemu_blockalign(s->bs, SCSI_DMA_BUF_SIZE);
+ r->iov_buf = qemu_blockalign(s->bs, SCSI_DMA_BUF_SIZE);
+ r->iov = qemu_mallocz(sizeof(struct iovec));
+ r->iov[0].iov_base = r->iov_buf;
+ r->iov_num = 1;
return r;
}
static void scsi_remove_request(SCSIDiskReq *r)
{
- qemu_vfree(r->iov.iov_base);
+ qemu_free(r->iov);
+ r->iov = NULL;
+ qemu_vfree(r->iov_buf);
+ r->iov_buf = NULL;
scsi_req_free(&r->req);
}
@@ -117,7 +127,7 @@ static void scsi_req_set_status(SCSIDiskReq *r, int status, SCSISense sense)
/* Helper function for command completion. */
static void scsi_command_complete(SCSIDiskReq *r, int status, SCSISense sense)
{
- DPRINTF("Command complete tag=0x%x status=%d sense=%d/%d/%d\n",
+ DPRINTF("Command complete tag=0x%x status=%d sense=%02x/%02x/%02x\n",
r->req.tag, status, sense.key, sense.asc, sense.ascq);
scsi_req_set_status(r, status, sense);
scsi_req_complete(&r->req);
@@ -142,7 +152,7 @@ static void scsi_cancel_io(SCSIDevice *d, uint32_t tag)
static void scsi_read_complete(void * opaque, int ret)
{
SCSIDiskReq *r = (SCSIDiskReq *)opaque;
- int n;
+ size_t iov_len = 0;
r->req.aiocb = NULL;
@@ -151,13 +161,11 @@ static void scsi_read_complete(void * opaque, int ret)
return;
}
}
+ iov_len = iov_size(r->iov, r->iov_num);
- DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->iov.iov_len);
+ DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, iov_len);
- n = r->iov.iov_len / 512;
- r->sector += n;
- r->sector_count -= n;
- r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, r->iov.iov_len);
+ r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, iov_len);
}
@@ -167,9 +175,10 @@ static void scsi_read_request(SCSIDiskReq *r)
uint32_t n;
if (r->sector_count == (uint32_t)-1) {
- DPRINTF("Read buf_len=%zd\n", r->iov.iov_len);
+ DPRINTF("Read buf_len=%zd\n", r->iov[0].iov_len);
r->sector_count = 0;
- r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, r->iov.iov_len);
+ r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag,
+ r->iov[0].iov_len);
return;
}
DPRINTF("Read sector_count=%d\n", r->sector_count);
@@ -179,15 +188,21 @@ static void scsi_read_request(SCSIDiskReq *r)
}
n = r->sector_count;
- if (n > SCSI_DMA_BUF_SIZE / 512)
- n = SCSI_DMA_BUF_SIZE / 512;
+ if (r->iov_buf) {
+ /* Reset iovec */
+ if (n > SCSI_DMA_BUF_SIZE / 512)
+ n = SCSI_DMA_BUF_SIZE / 512;
+ r->iov[0].iov_len = n * 512;
+ }
- r->iov.iov_len = n * 512;
- qemu_iovec_init_external(&r->qiov, &r->iov, 1);
+ qemu_iovec_init_external(&r->qiov, r->iov, r->iov_num);
r->req.aiocb = bdrv_aio_readv(s->bs, r->sector, &r->qiov, n,
scsi_read_complete, r);
if (r->req.aiocb == NULL) {
scsi_read_complete(r, -EIO);
+ } else {
+ r->sector += n;
+ r->sector_count -= n;
}
}
@@ -264,17 +279,20 @@ static void scsi_write_complete(void * opaque, int ret)
}
}
- n = r->iov.iov_len / 512;
+ n = iov_size(r->iov, r->iov_num) / 512;
r->sector += n;
r->sector_count -= n;
if (r->sector_count == 0) {
scsi_command_complete(r, GOOD, SENSE_CODE(NO_SENSE));
} else {
len = r->sector_count * 512;
- if (len > SCSI_DMA_BUF_SIZE) {
- len = SCSI_DMA_BUF_SIZE;
+ if (r->iov_buf) {
+ /* Reset iovec */
+ if (len > SCSI_DMA_BUF_SIZE) {
+ len = SCSI_DMA_BUF_SIZE;
+ }
+ r->iov[0].iov_len = len;
}
- r->iov.iov_len = len;
DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, len);
r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, len);
}
@@ -285,9 +303,9 @@ static void scsi_write_request(SCSIDiskReq *r)
SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
uint32_t n;
- n = r->iov.iov_len / 512;
+ n = iov_size(r->iov, r->iov_num) / 512;
if (n) {
- qemu_iovec_init_external(&r->qiov, &r->iov, 1);
+ qemu_iovec_init_external(&r->qiov, r->iov, r->iov_num);
r->req.aiocb = bdrv_aio_writev(s->bs, r->sector, &r->qiov, n,
scsi_write_complete, r);
if (r->req.aiocb == NULL) {
@@ -352,7 +370,7 @@ static void scsi_dma_restart_bh(void *opaque)
scsi_write_request(r);
break;
case SCSI_REQ_STATUS_RETRY_FLUSH:
- ret = scsi_disk_emulate_command(r, r->iov.iov_base);
+ ret = scsi_disk_emulate_command(r, r->iov[0].iov_base);
if (ret == 0) {
scsi_command_complete(r, GOOD, SENSE_CODE(NO_SENSE));
}
@@ -385,7 +403,7 @@ static uint8_t *scsi_get_buf(SCSIDevice *d, uint32_t tag)
BADF("Bad buffer tag 0x%x\n", tag);
return NULL;
}
- return (uint8_t *)r->iov.iov_base;
+ return r->iov_buf;
}
static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
@@ -1001,12 +1019,10 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
uint8_t *buf, int lun)
{
SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
- uint32_t len;
+ ssize_t len = 0;
int is_write;
uint8_t command;
- uint8_t *outbuf;
SCSIDiskReq *r;
- int rc;
command = buf[0];
r = scsi_find_request(s, tag);
@@ -1017,7 +1033,6 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
/* ??? Tags are not unique for different luns. We only implement a
single lun, so this should not matter. */
r = scsi_new_request(s, tag, lun);
- outbuf = (uint8_t *)r->iov.iov_base;
is_write = 0;
DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
@@ -1065,23 +1080,25 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
case REPORT_LUNS:
case VERIFY:
case REZERO_UNIT:
- rc = scsi_disk_emulate_command(r, outbuf);
- if (rc < 0) {
+ len = scsi_disk_emulate_command(r, r->iov[0].iov_base);
+ if (len < 0) {
return 0;
}
- r->iov.iov_len = rc;
+ r->iov[0].iov_len = len;
break;
case READ_6:
case READ_10:
case READ_12:
case READ_16:
- len = r->req.cmd.xfer / d->blocksize;
- DPRINTF("Read (sector %" PRId64 ", count %d)\n", r->req.cmd.lba, len);
- if (r->req.cmd.lba > s->max_lba)
+ r->sector_count = r->req.cmd.xfer / d->blocksize * s->cluster_size;
+ DPRINTF("Read (sector %" PRId64 ", blocks %d)\n", r->req.cmd.lba,
+ r->sector_count);
+ if (r->req.cmd.lba > s->max_lba) {
+ r->sector_count = 0;
goto illegal_lba;
+ }
r->sector = r->req.cmd.lba * s->cluster_size;
- r->sector_count = len * s->cluster_size;
break;
case WRITE_6:
case WRITE_10:
@@ -1090,14 +1107,15 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
case WRITE_VERIFY:
case WRITE_VERIFY_12:
case WRITE_VERIFY_16:
- len = r->req.cmd.xfer / d->blocksize;
- DPRINTF("Write %s(sector %" PRId64 ", count %d)\n",
+ r->sector_count = r->req.cmd.xfer / d->blocksize * s->cluster_size;
+ DPRINTF("Write %s(sector %" PRId64 ", blocks %d)\n",
(command & 0xe) == 0xe ? "And Verify " : "",
- r->req.cmd.lba, len);
- if (r->req.cmd.lba > s->max_lba)
+ r->req.cmd.lba, r->sector_count);
+ if (r->req.cmd.lba > s->max_lba) {
+ r->sector_count = 0;
goto illegal_lba;
+ }
r->sector = r->req.cmd.lba * s->cluster_size;
- r->sector_count = len * s->cluster_size;
is_write = 1;
break;
case MODE_SELECT:
@@ -1135,10 +1153,10 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
scsi_command_complete(r, CHECK_CONDITION, SENSE_CODE(LBA_OUT_OF_RANGE));
return 0;
}
- if (r->sector_count == 0 && r->iov.iov_len == 0) {
+ if (r->sector_count == 0 && len == 0) {
scsi_command_complete(r, GOOD, SENSE_CODE(NO_SENSE));
}
- len = r->sector_count * 512 + r->iov.iov_len;
+ len += r->sector_count * 512;
if (is_write) {
return -len;
} else {
--
1.6.0.2
^ permalink raw reply related [flat|nested] 38+ messages in thread
* [Qemu-devel] [PATCH 09/15] scsi: Use 'SCSIRequest' directly
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
` (7 preceding siblings ...)
2010-11-24 11:16 ` [Qemu-devel] [PATCH 08/15] scsi-disk: Allocate iovec dynamically Hannes Reinecke
@ 2010-11-24 11:16 ` Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 10/15] scsi-disk: add data direction checking Hannes Reinecke
` (7 subsequent siblings)
16 siblings, 0 replies; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-24 11:16 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, nab, kraxel
Currently the SCSIRequest structure is abstracted away and
cannot accessed directly from the driver. This requires
the handler to do a lookup on an abstract 'tag' which
identifies the SCSIRequest structure.
With this patch the SCSIRequest structure is exposed to
the driver. This allows use to use it directly as an
argument to the SCSIDeviceInfo callback functions and
remove the lookup.
Two new callback functions 'alloc_req' and 'free_req'
are introduced, which serve to allocate a new request
and to free up resources after use.
Signed-off-by: Hannes Reinecke <hare@suse.de>
Acked-by: Christoph Hellwig <hch@lst.de>
---
hw/esp.c | 20 ++++---
hw/lsi53c895a.c | 26 +++++----
hw/scsi-bus.c | 15 +-----
hw/scsi-disk.c | 147 ++++++++++++++++------------------------------------
hw/scsi-generic.c | 119 ++++++++++++++-----------------------------
hw/scsi.h | 21 ++++----
hw/usb-msd.c | 23 +++++----
7 files changed, 136 insertions(+), 235 deletions(-)
diff --git a/hw/esp.c b/hw/esp.c
index 910fd31..2784bec 100644
--- a/hw/esp.c
+++ b/hw/esp.c
@@ -65,6 +65,7 @@ struct ESPState {
uint32_t dma;
SCSIBus bus;
SCSIDevice *current_dev;
+ SCSIRequest *current_req;
uint8_t cmdbuf[TI_BUFSZ];
uint32_t cmdlen;
uint32_t do_cmd;
@@ -209,7 +210,7 @@ static uint32_t get_cmd(ESPState *s, uint8_t *buf)
if (s->current_dev) {
/* Started a new command before the old one finished. Cancel it. */
- s->current_dev->info->cancel_io(s->current_dev, 0);
+ s->current_dev->info->cancel_io(s->current_req);
s->async_len = 0;
}
@@ -232,7 +233,8 @@ static void do_busid_cmd(ESPState *s, uint8_t *buf, uint8_t busid)
DPRINTF("do_busid_cmd: busid 0x%x\n", busid);
lun = busid & 7;
- datalen = s->current_dev->info->send_command(s->current_dev, 0, buf, lun);
+ s->current_req = s->current_dev->info->alloc_req(s->current_dev, 0, lun);
+ datalen = s->current_dev->info->send_command(s->current_req, buf);
s->ti_size = datalen;
if (datalen != 0) {
s->rregs[ESP_RSTAT] = STAT_TC;
@@ -240,10 +242,10 @@ static void do_busid_cmd(ESPState *s, uint8_t *buf, uint8_t busid)
s->dma_counter = 0;
if (datalen > 0) {
s->rregs[ESP_RSTAT] |= STAT_DI;
- s->current_dev->info->read_data(s->current_dev, 0);
+ s->current_dev->info->read_data(s->current_req);
} else {
s->rregs[ESP_RSTAT] |= STAT_DO;
- s->current_dev->info->write_data(s->current_dev, 0);
+ s->current_dev->info->write_data(s->current_req);
}
}
s->rregs[ESP_RINTR] = INTR_BS | INTR_FC;
@@ -372,9 +374,9 @@ static void esp_do_dma(ESPState *s)
if (s->async_len == 0) {
if (to_device) {
// ti_size is negative
- s->current_dev->info->write_data(s->current_dev, 0);
+ s->current_dev->info->write_data(s->current_req);
} else {
- s->current_dev->info->read_data(s->current_dev, 0);
+ s->current_dev->info->read_data(s->current_req);
/* If there is still data to be read from the device then
complete the DMA operation immediately. Otherwise defer
until the scsi layer has completed. */
@@ -388,7 +390,7 @@ static void esp_do_dma(ESPState *s)
}
}
-static void esp_command_complete(SCSIBus *bus, int reason, uint32_t tag,
+static void esp_command_complete(SCSIBus *bus, int reason, SCSIRequest *req,
uint32_t arg)
{
ESPState *s = DO_UPCAST(ESPState, busdev.qdev, bus->qbus.parent);
@@ -405,11 +407,13 @@ static void esp_command_complete(SCSIBus *bus, int reason, uint32_t tag,
s->sense = arg;
s->rregs[ESP_RSTAT] = STAT_ST;
esp_dma_done(s);
+ req->dev->info->free_req(req);
+ s->current_req = NULL;
s->current_dev = NULL;
} else {
DPRINTF("transfer %d/%d\n", s->dma_left, s->ti_size);
s->async_len = arg;
- s->async_buf = s->current_dev->info->get_buf(s->current_dev, 0);
+ s->async_buf = s->current_dev->info->get_buf(req);
if (s->dma_left) {
esp_do_dma(s);
} else if (s->dma_counter != 0 && s->ti_size <= 0) {
diff --git a/hw/lsi53c895a.c b/hw/lsi53c895a.c
index 8246ee8..82a5d39 100644
--- a/hw/lsi53c895a.c
+++ b/hw/lsi53c895a.c
@@ -174,6 +174,7 @@ do { fprintf(stderr, "lsi_scsi: error: " fmt , ## __VA_ARGS__);} while (0)
#define LSI_TAG_VALID (1 << 16)
typedef struct lsi_request {
+ SCSIRequest *req;
uint32_t tag;
uint32_t dma_len;
uint8_t *dma_buf;
@@ -569,7 +570,7 @@ static void lsi_do_dma(LSIState *s, int out)
s->dbc -= count;
if (s->current->dma_buf == NULL) {
- s->current->dma_buf = dev->info->get_buf(dev, s->current->tag);
+ s->current->dma_buf = dev->info->get_buf(s->current->req);
}
/* ??? Set SFBR to first data byte. */
@@ -583,10 +584,10 @@ static void lsi_do_dma(LSIState *s, int out)
s->current->dma_buf = NULL;
if (out) {
/* Write the data. */
- dev->info->write_data(dev, s->current->tag);
+ dev->info->write_data(s->current->req);
} else {
/* Request any remaining data. */
- dev->info->read_data(dev, s->current->tag);
+ dev->info->read_data(s->current->req);
}
} else {
s->current->dma_buf += count;
@@ -687,7 +688,7 @@ static int lsi_queue_tag(LSIState *s, uint32_t tag, uint32_t arg)
}
/* Callback to indicate that the SCSI layer has completed a transfer. */
-static void lsi_command_complete(SCSIBus *bus, int reason, uint32_t tag,
+static void lsi_command_complete(SCSIBus *bus, int reason, SCSIRequest *req,
uint32_t arg)
{
LSIState *s = DO_UPCAST(LSIState, dev.qdev, bus->qbus.parent);
@@ -704,7 +705,8 @@ static void lsi_command_complete(SCSIBus *bus, int reason, uint32_t tag,
} else {
lsi_set_phase(s, PHASE_ST);
}
-
+ req->dev->info->free_req(req);
+ s->current->req = NULL;
qemu_free(s->current);
s->current = NULL;
@@ -712,14 +714,14 @@ static void lsi_command_complete(SCSIBus *bus, int reason, uint32_t tag,
return;
}
- if (s->waiting == 1 || !s->current || tag != s->current->tag ||
+ if (s->waiting == 1 || !s->current || req->tag != s->current->tag ||
(lsi_irq_on_rsl(s) && !(s->scntl1 & LSI_SCNTL1_CON))) {
- if (lsi_queue_tag(s, tag, arg))
+ if (lsi_queue_tag(s, req->tag, arg))
return;
}
/* host adapter (re)connected */
- DPRINTF("Data ready tag=0x%x len=%d\n", tag, arg);
+ DPRINTF("Data ready tag=0x%x len=%d\n", req->tag, arg);
s->current->dma_len = arg;
s->command_complete = 1;
if (!s->waiting)
@@ -755,14 +757,16 @@ static void lsi_do_command(LSIState *s)
assert(s->current == NULL);
s->current = qemu_mallocz(sizeof(lsi_request));
s->current->tag = s->select_tag;
+ s->current->req = dev->info->alloc_req(dev, s->current->tag,
+ s->current_lun);
- n = dev->info->send_command(dev, s->current->tag, buf, s->current_lun);
+ n = dev->info->send_command(s->current->req, buf);
if (n > 0) {
lsi_set_phase(s, PHASE_DI);
- dev->info->read_data(dev, s->current->tag);
+ dev->info->read_data(s->current->req);
} else if (n < 0) {
lsi_set_phase(s, PHASE_DO);
- dev->info->write_data(dev, s->current->tag);
+ dev->info->write_data(s->current->req);
}
if (!s->command_complete) {
diff --git a/hw/scsi-bus.c b/hw/scsi-bus.c
index afdf0ad..bb88a56 100644
--- a/hw/scsi-bus.c
+++ b/hw/scsi-bus.c
@@ -138,18 +138,6 @@ SCSIRequest *scsi_req_alloc(size_t size, SCSIDevice *d, uint32_t tag, uint32_t l
return req;
}
-SCSIRequest *scsi_req_find(SCSIDevice *d, uint32_t tag)
-{
- SCSIRequest *req;
-
- QTAILQ_FOREACH(req, &d->requests, next) {
- if (req->tag == tag) {
- return req;
- }
- }
- return NULL;
-}
-
static void scsi_req_dequeue(SCSIRequest *req)
{
if (req->enqueued) {
@@ -607,6 +595,5 @@ void scsi_req_complete(SCSIRequest *req)
assert(req->status != -1);
scsi_req_dequeue(req);
req->bus->complete(req->bus, SCSI_REASON_DONE,
- req->tag,
- req->status);
+ req, req->status);
}
diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c
index deec825..9a5cd8e 100644
--- a/hw/scsi-disk.c
+++ b/hw/scsi-disk.c
@@ -82,23 +82,26 @@ struct SCSIDiskState
static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type);
static int scsi_disk_emulate_command(SCSIDiskReq *r, uint8_t *outbuf);
-static SCSIDiskReq *scsi_new_request(SCSIDiskState *s, uint32_t tag,
+static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag,
uint32_t lun)
{
+ SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
SCSIRequest *req;
SCSIDiskReq *r;
- req = scsi_req_alloc(sizeof(SCSIDiskReq), &s->qdev, tag, lun);
+ req = scsi_req_alloc(sizeof(SCSIDiskReq), d, tag, lun);
r = DO_UPCAST(SCSIDiskReq, req, req);
r->iov_buf = qemu_blockalign(s->bs, SCSI_DMA_BUF_SIZE);
r->iov = qemu_mallocz(sizeof(struct iovec));
r->iov[0].iov_base = r->iov_buf;
r->iov_num = 1;
- return r;
+ return req;
}
-static void scsi_remove_request(SCSIDiskReq *r)
+static void scsi_remove_request(SCSIRequest *req)
{
+ SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
+
qemu_free(r->iov);
r->iov = NULL;
qemu_vfree(r->iov_buf);
@@ -106,11 +109,6 @@ static void scsi_remove_request(SCSIDiskReq *r)
scsi_req_free(&r->req);
}
-static SCSIDiskReq *scsi_find_request(SCSIDiskState *s, uint32_t tag)
-{
- return DO_UPCAST(SCSIDiskReq, req, scsi_req_find(&s->qdev, tag));
-}
-
static void scsi_disk_clear_sense(SCSIDiskState *s)
{
memset(&s->sense, 0, sizeof(s->sense));
@@ -131,22 +129,17 @@ static void scsi_command_complete(SCSIDiskReq *r, int status, SCSISense sense)
r->req.tag, status, sense.key, sense.asc, sense.ascq);
scsi_req_set_status(r, status, sense);
scsi_req_complete(&r->req);
- scsi_remove_request(r);
}
/* Cancel a pending data transfer. */
-static void scsi_cancel_io(SCSIDevice *d, uint32_t tag)
+static void scsi_cancel_io(SCSIRequest *req)
{
- SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
- SCSIDiskReq *r;
- DPRINTF("Cancel tag=0x%x\n", tag);
- r = scsi_find_request(s, tag);
- if (r) {
- if (r->req.aiocb)
- bdrv_aio_cancel(r->req.aiocb);
- r->req.aiocb = NULL;
- scsi_remove_request(r);
- }
+ SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
+
+ DPRINTF("Cancel tag=0x%x\n", req->tag);
+ if (r->req.aiocb)
+ bdrv_aio_cancel(r->req.aiocb);
+ r->req.aiocb = NULL;
}
static void scsi_read_complete(void * opaque, int ret)
@@ -165,19 +158,24 @@ static void scsi_read_complete(void * opaque, int ret)
DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, iov_len);
- r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, iov_len);
+ r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, &r->req, iov_len);
}
-static void scsi_read_request(SCSIDiskReq *r)
+/* Read more data from scsi device into buffer. */
+static void scsi_read_data(SCSIRequest *req)
{
+ SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
uint32_t n;
+ /* No data transfer may already be in progress */
+ assert(r->req.aiocb == NULL);
+
if (r->sector_count == (uint32_t)-1) {
DPRINTF("Read buf_len=%zd\n", r->iov[0].iov_len);
r->sector_count = 0;
- r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag,
+ r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, &r->req,
r->iov[0].iov_len);
return;
}
@@ -206,29 +204,6 @@ static void scsi_read_request(SCSIDiskReq *r)
}
}
-/* Read more data from scsi device into buffer. */
-static void scsi_read_data(SCSIDevice *d, uint32_t tag)
-{
- SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
- SCSIDiskReq *r;
-
- r = scsi_find_request(s, tag);
- if (!r) {
- SCSIBus *bus;
-
- BADF("Bad read tag 0x%x\n", tag);
- bus = scsi_bus_from_device(d);
- s->sense = SENSE_CODE(I_T_NEXUS_LOSS);
- bus->complete(bus, SCSI_REASON_DONE, tag, CHECK_CONDITION);
- return;
- }
-
- /* No data transfer may already be in progress */
- assert(r->req.aiocb == NULL);
-
- scsi_read_request(r);
-}
-
static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type)
{
int is_read = (type == SCSI_REQ_STATUS_RETRY_READ);
@@ -250,7 +225,7 @@ static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type)
vm_stop(0);
} else {
if (type == SCSI_REQ_STATUS_RETRY_READ) {
- r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, 0);
+ r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, &r->req, 0);
}
if (error == EBADR) {
scsi_command_complete(r, CHECK_CONDITION,
@@ -294,15 +269,21 @@ static void scsi_write_complete(void * opaque, int ret)
r->iov[0].iov_len = len;
}
DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, len);
- r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, len);
+ r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, &r->req, len);
}
}
-static void scsi_write_request(SCSIDiskReq *r)
+/* Write data to a scsi device. Returns nonzero on failure.
+ The transfer may complete asynchronously. */
+static int scsi_write_data(SCSIRequest *req)
{
+ SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
uint32_t n;
+ /* No data transfer may already be in progress */
+ assert(r->req.aiocb == NULL);
+
n = iov_size(r->iov, r->iov_num) / 512;
if (n) {
qemu_iovec_init_external(&r->qiov, r->iov, r->iov_num);
@@ -315,31 +296,6 @@ static void scsi_write_request(SCSIDiskReq *r)
/* Invoke completion routine to fetch data from host. */
scsi_write_complete(r, 0);
}
-}
-
-/* Write data to a scsi device. Returns nonzero on failure.
- The transfer may complete asynchronously. */
-static int scsi_write_data(SCSIDevice *d, uint32_t tag)
-{
- SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
- SCSIDiskReq *r;
-
- DPRINTF("Write data tag=0x%x\n", tag);
- r = scsi_find_request(s, tag);
- if (!r) {
- SCSIBus *bus;
-
- BADF("Bad write tag 0x%x\n", tag);
- bus = scsi_bus_from_device(d);
- s->sense = SENSE_CODE(I_T_NEXUS_LOSS);
- bus->complete(bus, SCSI_REASON_DONE, tag, CHECK_CONDITION);
- return 1;
- }
-
- /* No data transfer may already be in progress */
- assert(r->req.aiocb == NULL);
-
- scsi_write_request(r);
return 0;
}
@@ -364,10 +320,10 @@ static void scsi_dma_restart_bh(void *opaque)
switch (status & SCSI_REQ_STATUS_RETRY_TYPE_MASK) {
case SCSI_REQ_STATUS_RETRY_READ:
- scsi_read_request(r);
+ scsi_read_data(&r->req);
break;
case SCSI_REQ_STATUS_RETRY_WRITE:
- scsi_write_request(r);
+ scsi_write_data(&r->req);
break;
case SCSI_REQ_STATUS_RETRY_FLUSH:
ret = scsi_disk_emulate_command(r, r->iov[0].iov_base);
@@ -393,16 +349,10 @@ static void scsi_dma_restart_cb(void *opaque, int running, int reason)
}
/* Return a pointer to the data buffer. */
-static uint8_t *scsi_get_buf(SCSIDevice *d, uint32_t tag)
+static uint8_t *scsi_get_buf(SCSIRequest *req)
{
- SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
- SCSIDiskReq *r;
+ SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
- r = scsi_find_request(s, tag);
- if (!r) {
- BADF("Bad buffer tag 0x%x\n", tag);
- return NULL;
- }
return r->iov_buf;
}
@@ -1015,24 +965,15 @@ illegal_request:
(eg. disk reads), negative for transfers to the device (eg. disk writes),
and zero if the command does not transfer any data. */
-static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
- uint8_t *buf, int lun)
+static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf)
{
- SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
+ SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
+ SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
ssize_t len = 0;
int is_write;
uint8_t command;
- SCSIDiskReq *r;
command = buf[0];
- r = scsi_find_request(s, tag);
- if (r) {
- BADF("Tag 0x%x already in use\n", tag);
- scsi_cancel_io(d, tag);
- }
- /* ??? Tags are not unique for different luns. We only implement a
- single lun, so this should not matter. */
- r = scsi_new_request(s, tag, lun);
is_write = 0;
DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
@@ -1051,9 +992,9 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
}
#endif
- if (lun || buf[1] >> 5) {
+ if (req->lun || buf[1] >> 5) {
/* Only LUN 0 supported. */
- DPRINTF("Unimplemented LUN %d\n", lun ? lun : buf[1] >> 5);
+ DPRINTF("Unimplemented LUN %d\n", req->lun ? req->lun : buf[1] >> 5);
if (command != REQUEST_SENSE && command != INQUIRY) {
scsi_command_complete(r, CHECK_CONDITION,
SENSE_CODE(LUN_NOT_SUPPORTED));
@@ -1091,7 +1032,7 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
case READ_10:
case READ_12:
case READ_16:
- r->sector_count = r->req.cmd.xfer / d->blocksize * s->cluster_size;
+ r->sector_count = r->req.cmd.xfer / s->qdev.blocksize * s->cluster_size;
DPRINTF("Read (sector %" PRId64 ", blocks %d)\n", r->req.cmd.lba,
r->sector_count);
if (r->req.cmd.lba > s->max_lba) {
@@ -1107,7 +1048,7 @@ static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
case WRITE_VERIFY:
case WRITE_VERIFY_12:
case WRITE_VERIFY_16:
- r->sector_count = r->req.cmd.xfer / d->blocksize * s->cluster_size;
+ r->sector_count = r->req.cmd.xfer / s->qdev.blocksize * s->cluster_size;
DPRINTF("Write %s(sector %" PRId64 ", blocks %d)\n",
(command & 0xe) == 0xe ? "And Verify " : "",
r->req.cmd.lba, r->sector_count);
@@ -1175,7 +1116,7 @@ static void scsi_disk_purge_requests(SCSIDiskState *s)
if (r->req.aiocb) {
bdrv_aio_cancel(r->req.aiocb);
}
- scsi_remove_request(r);
+ scsi_remove_request(&r->req);
}
}
@@ -1256,6 +1197,8 @@ static SCSIDeviceInfo scsi_disk_info = {
.qdev.reset = scsi_disk_reset,
.init = scsi_disk_initfn,
.destroy = scsi_destroy,
+ .alloc_req = scsi_new_request,
+ .free_req = scsi_remove_request,
.send_command = scsi_send_command,
.read_data = scsi_read_data,
.write_data = scsi_write_data,
diff --git a/hw/scsi-generic.c b/hw/scsi-generic.c
index a095f64..ed085a1 100644
--- a/hw/scsi-generic.c
+++ b/hw/scsi-generic.c
@@ -83,25 +83,22 @@ static void scsi_clear_sense(SCSIGenericState *s)
s->driver_status = 0;
}
-static SCSIGenericReq *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun)
+static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun)
{
SCSIRequest *req;
req = scsi_req_alloc(sizeof(SCSIGenericReq), d, tag, lun);
- return DO_UPCAST(SCSIGenericReq, req, req);
+ return req;
}
-static void scsi_remove_request(SCSIGenericReq *r)
+static void scsi_remove_request(SCSIRequest *req)
{
+ SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
+
qemu_free(r->buf);
scsi_req_free(&r->req);
}
-static SCSIGenericReq *scsi_find_request(SCSIGenericState *s, uint32_t tag)
-{
- return DO_UPCAST(SCSIGenericReq, req, scsi_req_find(&s->qdev, tag));
-}
-
/* Helper function for command completion. */
static void scsi_command_complete(void *opaque, int ret)
{
@@ -114,8 +111,11 @@ static void scsi_command_complete(void *opaque, int ret)
if (ret != 0) {
switch(ret) {
+ case -ENODEV:
+ s->senselen = scsi_set_sense(s, SENSE_CODE(LUN_NOT_SUPPORTED));
+ break;
case -EINVAL:
- s->senselen = scsi_set_sense(s, SENSE_CODE(TARGET_FAILURE));
+ s->senselen = scsi_set_sense(s, SENSE_CODE(INVALID_FIELD));
break;
case -EBADR:
s->senselen = scsi_set_sense(s, SENSE_CODE(TARGET_FAILURE));
@@ -142,23 +142,17 @@ static void scsi_command_complete(void *opaque, int ret)
r, r->req.tag, r->req.status);
scsi_req_complete(&r->req);
- scsi_remove_request(r);
}
/* Cancel a pending data transfer. */
-static void scsi_cancel_io(SCSIDevice *d, uint32_t tag)
+static void scsi_cancel_io(SCSIRequest *req)
{
- DPRINTF("scsi_cancel_io 0x%x\n", tag);
- SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, d);
- SCSIGenericReq *r;
- DPRINTF("Cancel tag=0x%x\n", tag);
- r = scsi_find_request(s, tag);
- if (r) {
- if (r->req.aiocb)
- bdrv_aio_cancel(r->req.aiocb);
- r->req.aiocb = NULL;
- scsi_remove_request(r);
- }
+ SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
+
+ DPRINTF("Cancel tag=0x%x\n", req->tag);
+ if (r->req.aiocb)
+ bdrv_aio_cancel(r->req.aiocb);
+ r->req.aiocb = NULL;
}
static int execute_command(BlockDriverState *bdrv,
@@ -202,30 +196,19 @@ static void scsi_read_complete(void * opaque, int ret)
DPRINTF("Data ready tag=0x%x len=%d\n", r->req.tag, len);
r->len = -1;
- r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, len);
+ r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, &r->req, len);
if (len == 0)
scsi_command_complete(r, 0);
}
/* Read more data from scsi device into buffer. */
-static void scsi_read_data(SCSIDevice *d, uint32_t tag)
+static void scsi_read_data(SCSIRequest *req)
{
- SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, d);
- SCSIGenericReq *r;
+ SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, req->dev);
+ SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
int ret;
- DPRINTF("scsi_read_data 0x%x\n", tag);
- r = scsi_find_request(s, tag);
- if (!r) {
- SCSIBus *bus;
-
- BADF("Bad read tag 0x%x\n", tag);
- scsi_set_sense(s, SENSE_CODE(I_T_NEXUS_LOSS));
- bus = scsi_bus_from_device(d);
- bus->complete(bus, SCSI_REASON_DONE, tag, CHECK_CONDITION);
- return;
- }
-
+ DPRINTF("scsi_read_data 0x%x\n", req->tag);
if (r->len == -1) {
scsi_command_complete(r, 0);
return;
@@ -243,7 +226,7 @@ static void scsi_read_data(SCSIDevice *d, uint32_t tag)
DPRINTF("Sense: %d %d %d %d %d %d %d %d\n",
r->buf[0], r->buf[1], r->buf[2], r->buf[3],
r->buf[4], r->buf[5], r->buf[6], r->buf[7]);
- r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, s->senselen);
+ r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, &r->req, s->senselen);
/* Clear sensebuf after REQUEST_SENSE */
scsi_clear_sense(s);
return;
@@ -279,27 +262,17 @@ static void scsi_write_complete(void * opaque, int ret)
/* Write data to a scsi device. Returns nonzero on failure.
The transfer may complete asynchronously. */
-static int scsi_write_data(SCSIDevice *d, uint32_t tag)
+static int scsi_write_data(SCSIRequest *req)
{
- SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, d);
- SCSIGenericReq *r;
+ SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, req->dev);
+ SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
int ret;
- DPRINTF("scsi_write_data 0x%x\n", tag);
- r = scsi_find_request(s, tag);
- if (!r) {
- SCSIBus *bus;
-
- BADF("Bad write tag 0x%x\n", tag);
- scsi_set_sense(s, SENSE_CODE(I_T_NEXUS_LOSS));
- bus = scsi_bus_from_device(d);
- bus->complete(bus, SCSI_REASON_DONE, tag, CHECK_CONDITION);
- return 0;
- }
+ DPRINTF("scsi_write_data 0x%x\n", req->tag);
if (r->len == 0) {
r->len = r->buflen;
- r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, r->len);
+ r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, &r->req, r->len);
return 0;
}
@@ -313,15 +286,10 @@ static int scsi_write_data(SCSIDevice *d, uint32_t tag)
}
/* Return a pointer to the data buffer. */
-static uint8_t *scsi_get_buf(SCSIDevice *d, uint32_t tag)
+static uint8_t *scsi_get_buf(SCSIRequest *req)
{
- SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, d);
- SCSIGenericReq *r;
- r = scsi_find_request(s, tag);
- if (!r) {
- BADF("Bad buffer tag 0x%x\n", tag);
- return NULL;
- }
+ SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
+
return r->buf;
}
@@ -349,31 +317,20 @@ static void scsi_req_fixup(SCSIRequest *req)
(eg. disk reads), negative for transfers to the device (eg. disk writes),
and zero if the command does not transfer any data. */
-static int32_t scsi_send_command(SCSIDevice *d, uint32_t tag,
- uint8_t *cmd, int lun)
+static int32_t scsi_send_command(SCSIRequest *req, uint8_t *cmd)
{
- SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, d);
- SCSIGenericReq *r;
- SCSIBus *bus;
+ SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, req->dev);
+ SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
int ret;
if (cmd[0] != REQUEST_SENSE &&
- (lun != s->lun || (cmd[1] >> 5) != s->lun)) {
- DPRINTF("Unimplemented LUN %d\n", lun ? lun : cmd[1] >> 5);
+ (req->lun != s->lun || (cmd[1] >> 5) != s->lun)) {
+ DPRINTF("Unimplemented LUN %d\n", req->lun ? req->lun : cmd[1] >> 5);
- scsi_set_sense(s, SENSE_CODE(LUN_NOT_SUPPORTED));
- bus = scsi_bus_from_device(d);
- bus->complete(bus, SCSI_REASON_DONE, tag, CHECK_CONDITION);
+ scsi_command_complete(r, -ENODEV);
return 0;
}
- r = scsi_find_request(s, tag);
- if (r) {
- BADF("Tag 0x%x already in use %p\n", tag, r);
- scsi_cancel_io(d, tag);
- }
- r = scsi_new_request(d, tag, lun);
-
if (-1 == scsi_req_parse(&r->req, cmd)) {
BADF("Unsupported command length, command %x\n", cmd[0]);
scsi_command_complete(r, -EINVAL);
@@ -494,7 +451,7 @@ static void scsi_generic_purge_requests(SCSIGenericState *s)
if (r->req.aiocb) {
bdrv_aio_cancel(r->req.aiocb);
}
- scsi_remove_request(r);
+ scsi_remove_request(&r->req);
}
}
@@ -586,6 +543,8 @@ static SCSIDeviceInfo scsi_generic_info = {
.qdev.reset = scsi_generic_reset,
.init = scsi_generic_initfn,
.destroy = scsi_destroy,
+ .alloc_req = scsi_new_request,
+ .free_req = scsi_remove_request,
.send_command = scsi_send_command,
.read_data = scsi_read_data,
.write_data = scsi_write_data,
diff --git a/hw/scsi.h b/hw/scsi.h
index 1196122..202d680 100644
--- a/hw/scsi.h
+++ b/hw/scsi.h
@@ -17,7 +17,8 @@ enum scsi_reason {
typedef struct SCSIBus SCSIBus;
typedef struct SCSIDevice SCSIDevice;
typedef struct SCSIDeviceInfo SCSIDeviceInfo;
-typedef void (*scsi_completionfn)(SCSIBus *bus, int reason, uint32_t tag,
+typedef struct SCSIRequest SCSIRequest;
+typedef void (*scsi_completionfn)(SCSIBus *bus, int reason, SCSIRequest *req,
uint32_t arg);
enum SCSIXferMode {
@@ -32,7 +33,7 @@ typedef struct SCSISense {
uint8_t ascq;
} SCSISense;
-typedef struct SCSIRequest {
+struct SCSIRequest {
SCSIBus *bus;
SCSIDevice *dev;
uint32_t tag;
@@ -48,7 +49,7 @@ typedef struct SCSIRequest {
BlockDriverAIOCB *aiocb;
bool enqueued;
QTAILQ_ENTRY(SCSIRequest) next;
-} SCSIRequest;
+};
struct SCSIDevice
{
@@ -71,12 +72,13 @@ struct SCSIDeviceInfo {
DeviceInfo qdev;
scsi_qdev_initfn init;
void (*destroy)(SCSIDevice *s);
- int32_t (*send_command)(SCSIDevice *s, uint32_t tag, uint8_t *buf,
- int lun);
- void (*read_data)(SCSIDevice *s, uint32_t tag);
- int (*write_data)(SCSIDevice *s, uint32_t tag);
- void (*cancel_io)(SCSIDevice *s, uint32_t tag);
- uint8_t *(*get_buf)(SCSIDevice *s, uint32_t tag);
+ SCSIRequest *(*alloc_req)(SCSIDevice *s, uint32_t tag, uint32_t lun);
+ void (*free_req)(SCSIRequest *req);
+ int32_t (*send_command)(SCSIRequest *req, uint8_t *buf);
+ void (*read_data)(SCSIRequest *req);
+ int (*write_data)(SCSIRequest *req);
+ void (*cancel_io)(SCSIRequest *req);
+ uint8_t *(*get_buf)(SCSIRequest *req);
};
typedef void (*SCSIAttachFn)(DeviceState *host, BlockDriverState *bdrv,
@@ -136,7 +138,6 @@ int scsi_build_sense(SCSISense sense, uint8_t *buf, int len, int fixed);
int scsi_sense_valid(SCSISense sense);
SCSIRequest *scsi_req_alloc(size_t size, SCSIDevice *d, uint32_t tag, uint32_t lun);
-SCSIRequest *scsi_req_find(SCSIDevice *d, uint32_t tag);
void scsi_req_free(SCSIRequest *req);
int scsi_req_parse(SCSIRequest *req, uint8_t *buf);
diff --git a/hw/usb-msd.c b/hw/usb-msd.c
index 0a95d8d..b4540c4 100644
--- a/hw/usb-msd.c
+++ b/hw/usb-msd.c
@@ -47,6 +47,7 @@ typedef struct {
uint32_t data_len;
uint32_t residue;
uint32_t tag;
+ SCSIRequest *req;
SCSIBus bus;
BlockConf conf;
SCSIDevice *scsi_dev;
@@ -155,9 +156,9 @@ static void usb_msd_copy_data(MSDState *s)
s->data_len -= len;
if (s->scsi_len == 0) {
if (s->mode == USB_MSDM_DATAIN) {
- s->scsi_dev->info->read_data(s->scsi_dev, s->tag);
+ s->scsi_dev->info->read_data(s->req);
} else if (s->mode == USB_MSDM_DATAOUT) {
- s->scsi_dev->info->write_data(s->scsi_dev, s->tag);
+ s->scsi_dev->info->write_data(s->req);
}
}
}
@@ -173,14 +174,14 @@ static void usb_msd_send_status(MSDState *s)
memcpy(s->usb_buf, &csw, 13);
}
-static void usb_msd_command_complete(SCSIBus *bus, int reason, uint32_t tag,
+static void usb_msd_command_complete(SCSIBus *bus, int reason, SCSIRequest *req,
uint32_t arg)
{
MSDState *s = DO_UPCAST(MSDState, dev.qdev, bus->qbus.parent);
USBPacket *p = s->packet;
- if (tag != s->tag) {
- fprintf(stderr, "usb-msd: Unexpected SCSI Tag 0x%x\n", tag);
+ if (req->tag != s->tag) {
+ fprintf(stderr, "usb-msd: Unexpected SCSI Tag 0x%x\n", req->tag);
}
if (reason == SCSI_REASON_DONE) {
DPRINTF("Command complete %d\n", arg);
@@ -207,10 +208,11 @@ static void usb_msd_command_complete(SCSIBus *bus, int reason, uint32_t tag,
} else if (s->data_len == 0) {
s->mode = USB_MSDM_CSW;
}
+ s->scsi_dev->info->free_req(req);
return;
}
s->scsi_len = arg;
- s->scsi_buf = s->scsi_dev->info->get_buf(s->scsi_dev, tag);
+ s->scsi_buf = s->scsi_dev->info->get_buf(req);
if (p) {
usb_msd_copy_data(s);
if (s->usb_len == 0) {
@@ -348,7 +350,7 @@ static int usb_msd_handle_control(USBDevice *dev, int request, int value,
static void usb_msd_cancel_io(USBPacket *p, void *opaque)
{
MSDState *s = opaque;
- s->scsi_dev->info->cancel_io(s->scsi_dev, s->tag);
+ s->scsi_dev->info->cancel_io(s->req);
s->packet = NULL;
s->scsi_len = 0;
}
@@ -396,14 +398,15 @@ static int usb_msd_handle_data(USBDevice *dev, USBPacket *p)
DPRINTF("Command tag 0x%x flags %08x len %d data %d\n",
s->tag, cbw.flags, cbw.cmd_len, s->data_len);
s->residue = 0;
- s->scsi_dev->info->send_command(s->scsi_dev, s->tag, cbw.cmd, 0);
+ s->req = s->scsi_dev->info->alloc_req(s->scsi_dev, s->tag, 0);
+ s->scsi_dev->info->send_command(s->req, cbw.cmd);
/* ??? Should check that USB and SCSI data transfer
directions match. */
if (s->residue == 0) {
if (s->mode == USB_MSDM_DATAIN) {
- s->scsi_dev->info->read_data(s->scsi_dev, s->tag);
+ s->scsi_dev->info->read_data(s->req);
} else if (s->mode == USB_MSDM_DATAOUT) {
- s->scsi_dev->info->write_data(s->scsi_dev, s->tag);
+ s->scsi_dev->info->write_data(s->req);
}
}
ret = len;
--
1.6.0.2
^ permalink raw reply related [flat|nested] 38+ messages in thread
* [Qemu-devel] [PATCH 10/15] scsi-disk: add data direction checking
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
` (8 preceding siblings ...)
2010-11-24 11:16 ` [Qemu-devel] [PATCH 09/15] scsi: Use 'SCSIRequest' directly Hannes Reinecke
@ 2010-11-24 11:16 ` Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 11/15] Remove 'bus' argument from SCSI command completion callbacks Hannes Reinecke
` (6 subsequent siblings)
16 siblings, 0 replies; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-24 11:16 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, nab, kraxel
scsi_req_parse() already provides for a data direction setting,
so we should be using it to check for correct direction.
And we should return the sense code 'INVALID FIELD IN CDB'
in these cases.
Signed-off-by: Hannes Reinecke <hare@suse.de>
---
hw/scsi-disk.c | 30 ++++++++++++++++++++++--------
1 files changed, 22 insertions(+), 8 deletions(-)
diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c
index 9a5cd8e..0ccb627 100644
--- a/hw/scsi-disk.c
+++ b/hw/scsi-disk.c
@@ -52,8 +52,6 @@ typedef struct SCSIDiskState SCSIDiskState;
typedef struct SCSIDiskReq {
SCSIRequest req;
- /* ??? We should probably keep track of whether the data transfer is
- a read or a write. Currently we rely on the host getting it right. */
/* Both sector and sector_count are in terms of qemu 512 byte blocks. */
uint64_t sector;
uint32_t sector_count;
@@ -172,6 +170,12 @@ static void scsi_read_data(SCSIRequest *req)
/* No data transfer may already be in progress */
assert(r->req.aiocb == NULL);
+ if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
+ DPRINTF("Data transfer direction invalid\n");
+ scsi_read_complete(r, -EINVAL);
+ return;
+ }
+
if (r->sector_count == (uint32_t)-1) {
DPRINTF("Read buf_len=%zd\n", r->iov[0].iov_len);
r->sector_count = 0;
@@ -227,12 +231,19 @@ static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type)
if (type == SCSI_REQ_STATUS_RETRY_READ) {
r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, &r->req, 0);
}
- if (error == EBADR) {
+ switch (error) {
+ case EBADR:
scsi_command_complete(r, CHECK_CONDITION,
SENSE_CODE(TARGET_FAILURE));
- } else {
+ break;
+ case EINVAL:
+ scsi_command_complete(r, CHECK_CONDITION,
+ SENSE_CODE(INVALID_FIELD));
+ break;
+ default:
scsi_command_complete(r, CHECK_CONDITION,
SENSE_CODE(IO_ERROR));
+ break;
}
bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
}
@@ -284,6 +295,12 @@ static int scsi_write_data(SCSIRequest *req)
/* No data transfer may already be in progress */
assert(r->req.aiocb == NULL);
+ if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
+ DPRINTF("Data transfer direction invalid\n");
+ scsi_write_complete(r, -EINVAL);
+ return 0;
+ }
+
n = iov_size(r->iov, r->iov_num) / 512;
if (n) {
qemu_iovec_init_external(&r->qiov, r->iov, r->iov_num);
@@ -970,11 +987,9 @@ static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf)
SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
ssize_t len = 0;
- int is_write;
uint8_t command;
command = buf[0];
- is_write = 0;
DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
if (scsi_req_parse(&r->req, buf) != 0) {
@@ -1057,7 +1072,6 @@ static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf)
goto illegal_lba;
}
r->sector = r->req.cmd.lba * s->cluster_size;
- is_write = 1;
break;
case MODE_SELECT:
DPRINTF("Mode Select(6) (len %lu)\n", (long)r->req.cmd.xfer);
@@ -1098,7 +1112,7 @@ static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf)
scsi_command_complete(r, GOOD, SENSE_CODE(NO_SENSE));
}
len += r->sector_count * 512;
- if (is_write) {
+ if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
return -len;
} else {
if (!r->sector_count)
--
1.6.0.2
^ permalink raw reply related [flat|nested] 38+ messages in thread
* [Qemu-devel] [PATCH 11/15] Remove 'bus' argument from SCSI command completion callbacks
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
` (9 preceding siblings ...)
2010-11-24 11:16 ` [Qemu-devel] [PATCH 10/15] scsi-disk: add data direction checking Hannes Reinecke
@ 2010-11-24 11:16 ` Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 12/15] scsi: Implement 'get_sense' callback Hannes Reinecke
` (5 subsequent siblings)
16 siblings, 0 replies; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-24 11:16 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, nab, kraxel
The 'bus' argument is now pointless, as we already pass the
request itself and the bus can be derived from it.
Signed-off-by: Hannes Reinecke <hare@suse.de>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
---
hw/esp.c | 5 ++---
hw/lsi53c895a.c | 5 ++---
hw/scsi-bus.c | 3 +--
hw/scsi-disk.c | 8 ++++----
hw/scsi-generic.c | 6 +++---
hw/scsi.h | 3 +--
hw/usb-msd.c | 5 ++---
7 files changed, 15 insertions(+), 20 deletions(-)
diff --git a/hw/esp.c b/hw/esp.c
index 2784bec..d55bb6d 100644
--- a/hw/esp.c
+++ b/hw/esp.c
@@ -390,10 +390,9 @@ static void esp_do_dma(ESPState *s)
}
}
-static void esp_command_complete(SCSIBus *bus, int reason, SCSIRequest *req,
- uint32_t arg)
+static void esp_command_complete(SCSIRequest *req, int reason, uint32_t arg)
{
- ESPState *s = DO_UPCAST(ESPState, busdev.qdev, bus->qbus.parent);
+ ESPState *s = DO_UPCAST(ESPState, busdev.qdev, req->bus->qbus.parent);
if (reason == SCSI_REASON_DONE) {
DPRINTF("SCSI Command complete\n");
diff --git a/hw/lsi53c895a.c b/hw/lsi53c895a.c
index 82a5d39..858c8f4 100644
--- a/hw/lsi53c895a.c
+++ b/hw/lsi53c895a.c
@@ -688,10 +688,9 @@ static int lsi_queue_tag(LSIState *s, uint32_t tag, uint32_t arg)
}
/* Callback to indicate that the SCSI layer has completed a transfer. */
-static void lsi_command_complete(SCSIBus *bus, int reason, SCSIRequest *req,
- uint32_t arg)
+static void lsi_command_complete(SCSIRequest *req, int reason, uint32_t arg)
{
- LSIState *s = DO_UPCAST(LSIState, dev.qdev, bus->qbus.parent);
+ LSIState *s = DO_UPCAST(LSIState, dev.qdev, req->bus->qbus.parent);
int out;
out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
diff --git a/hw/scsi-bus.c b/hw/scsi-bus.c
index bb88a56..0f8fd57 100644
--- a/hw/scsi-bus.c
+++ b/hw/scsi-bus.c
@@ -594,6 +594,5 @@ void scsi_req_complete(SCSIRequest *req)
{
assert(req->status != -1);
scsi_req_dequeue(req);
- req->bus->complete(req->bus, SCSI_REASON_DONE,
- req, req->status);
+ req->bus->complete(req, SCSI_REASON_DONE, req->status);
}
diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c
index 0ccb627..a4f387d 100644
--- a/hw/scsi-disk.c
+++ b/hw/scsi-disk.c
@@ -156,7 +156,7 @@ static void scsi_read_complete(void * opaque, int ret)
DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, iov_len);
- r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, &r->req, iov_len);
+ r->req.bus->complete(&r->req, SCSI_REASON_DATA, iov_len);
}
@@ -179,7 +179,7 @@ static void scsi_read_data(SCSIRequest *req)
if (r->sector_count == (uint32_t)-1) {
DPRINTF("Read buf_len=%zd\n", r->iov[0].iov_len);
r->sector_count = 0;
- r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, &r->req,
+ r->req.bus->complete(&r->req, SCSI_REASON_DATA,
r->iov[0].iov_len);
return;
}
@@ -229,7 +229,7 @@ static int scsi_handle_rw_error(SCSIDiskReq *r, int error, int type)
vm_stop(0);
} else {
if (type == SCSI_REQ_STATUS_RETRY_READ) {
- r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, &r->req, 0);
+ r->req.bus->complete(&r->req, SCSI_REASON_DATA, 0);
}
switch (error) {
case EBADR:
@@ -280,7 +280,7 @@ static void scsi_write_complete(void * opaque, int ret)
r->iov[0].iov_len = len;
}
DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, len);
- r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, &r->req, len);
+ r->req.bus->complete(&r->req, SCSI_REASON_DATA, len);
}
}
diff --git a/hw/scsi-generic.c b/hw/scsi-generic.c
index ed085a1..d4edc48 100644
--- a/hw/scsi-generic.c
+++ b/hw/scsi-generic.c
@@ -196,7 +196,7 @@ static void scsi_read_complete(void * opaque, int ret)
DPRINTF("Data ready tag=0x%x len=%d\n", r->req.tag, len);
r->len = -1;
- r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, &r->req, len);
+ r->req.bus->complete(&r->req, SCSI_REASON_DATA, len);
if (len == 0)
scsi_command_complete(r, 0);
}
@@ -226,7 +226,7 @@ static void scsi_read_data(SCSIRequest *req)
DPRINTF("Sense: %d %d %d %d %d %d %d %d\n",
r->buf[0], r->buf[1], r->buf[2], r->buf[3],
r->buf[4], r->buf[5], r->buf[6], r->buf[7]);
- r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, &r->req, s->senselen);
+ r->req.bus->complete(&r->req, SCSI_REASON_DATA, s->senselen);
/* Clear sensebuf after REQUEST_SENSE */
scsi_clear_sense(s);
return;
@@ -272,7 +272,7 @@ static int scsi_write_data(SCSIRequest *req)
if (r->len == 0) {
r->len = r->buflen;
- r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, &r->req, r->len);
+ r->req.bus->complete(&r->req, SCSI_REASON_DATA, r->len);
return 0;
}
diff --git a/hw/scsi.h b/hw/scsi.h
index 202d680..c2d3300 100644
--- a/hw/scsi.h
+++ b/hw/scsi.h
@@ -18,8 +18,7 @@ typedef struct SCSIBus SCSIBus;
typedef struct SCSIDevice SCSIDevice;
typedef struct SCSIDeviceInfo SCSIDeviceInfo;
typedef struct SCSIRequest SCSIRequest;
-typedef void (*scsi_completionfn)(SCSIBus *bus, int reason, SCSIRequest *req,
- uint32_t arg);
+typedef void (*scsi_completionfn)(SCSIRequest *req, int reason, uint32_t arg);
enum SCSIXferMode {
SCSI_XFER_NONE, /* TEST_UNIT_READY, ... */
diff --git a/hw/usb-msd.c b/hw/usb-msd.c
index b4540c4..ae4d2d4 100644
--- a/hw/usb-msd.c
+++ b/hw/usb-msd.c
@@ -174,10 +174,9 @@ static void usb_msd_send_status(MSDState *s)
memcpy(s->usb_buf, &csw, 13);
}
-static void usb_msd_command_complete(SCSIBus *bus, int reason, SCSIRequest *req,
- uint32_t arg)
+static void usb_msd_command_complete(SCSIRequest *req, int reason, uint32_t arg)
{
- MSDState *s = DO_UPCAST(MSDState, dev.qdev, bus->qbus.parent);
+ MSDState *s = DO_UPCAST(MSDState, dev.qdev, req->bus->qbus.parent);
USBPacket *p = s->packet;
if (req->tag != s->tag) {
--
1.6.0.2
^ permalink raw reply related [flat|nested] 38+ messages in thread
* [Qemu-devel] [PATCH 12/15] scsi: Implement 'get_sense' callback
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
` (10 preceding siblings ...)
2010-11-24 11:16 ` [Qemu-devel] [PATCH 11/15] Remove 'bus' argument from SCSI command completion callbacks Hannes Reinecke
@ 2010-11-24 11:16 ` Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 13/15] scsi: Implement alloc_req_iov callback Hannes Reinecke
` (4 subsequent siblings)
16 siblings, 0 replies; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-24 11:16 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, nab, kraxel
The get_sense callback copies existing sense information into
the provided buffer. This is required if sense information
should be transferred together with the command response.
Signed-off-by: Hannes Reinecke <hare@suse.de>
---
hw/scsi-disk.c | 9 +++++++++
hw/scsi-generic.c | 18 ++++++++++++++++++
hw/scsi.h | 1 +
3 files changed, 28 insertions(+), 0 deletions(-)
diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c
index a4f387d..68b8667 100644
--- a/hw/scsi-disk.c
+++ b/hw/scsi-disk.c
@@ -373,6 +373,14 @@ static uint8_t *scsi_get_buf(SCSIRequest *req)
return r->iov_buf;
}
+/* Copy sense information into the provided buffer */
+static int scsi_get_sense(SCSIRequest *req, uint8_t *outbuf, int len)
+{
+ SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
+
+ return scsi_build_sense(s->sense, outbuf, len, len > 14);
+}
+
static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
{
SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
@@ -1218,6 +1226,7 @@ static SCSIDeviceInfo scsi_disk_info = {
.write_data = scsi_write_data,
.cancel_io = scsi_cancel_io,
.get_buf = scsi_get_buf,
+ .get_sense = scsi_get_sense,
.qdev.props = (Property[]) {
DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf),
DEFINE_PROP_STRING("ver", SCSIDiskState, version),
diff --git a/hw/scsi-generic.c b/hw/scsi-generic.c
index d4edc48..949b4cc 100644
--- a/hw/scsi-generic.c
+++ b/hw/scsi-generic.c
@@ -83,6 +83,23 @@ static void scsi_clear_sense(SCSIGenericState *s)
s->driver_status = 0;
}
+static int scsi_get_sense(SCSIRequest *req, uint8_t *outbuf, int len)
+{
+ SCSIGenericState *s = DO_UPCAST(SCSIGenericState, qdev, req->dev);
+ int size = SCSI_SENSE_BUF_SIZE;
+
+ if (!(s->driver_status & SG_ERR_DRIVER_SENSE)) {
+ size = scsi_build_sense(SENSE_CODE(NO_SENSE), s->sensebuf,
+ SCSI_SENSE_BUF_SIZE, 0);
+ }
+ if (size > len) {
+ size = len;
+ }
+ memcpy(outbuf, s->sensebuf, size);
+
+ return size;
+}
+
static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun)
{
SCSIRequest *req;
@@ -550,6 +567,7 @@ static SCSIDeviceInfo scsi_generic_info = {
.write_data = scsi_write_data,
.cancel_io = scsi_cancel_io,
.get_buf = scsi_get_buf,
+ .get_sense = scsi_get_sense,
.qdev.props = (Property[]) {
DEFINE_BLOCK_PROPERTIES(SCSIGenericState, qdev.conf),
DEFINE_PROP_END_OF_LIST(),
diff --git a/hw/scsi.h b/hw/scsi.h
index c2d3300..cc96f85 100644
--- a/hw/scsi.h
+++ b/hw/scsi.h
@@ -78,6 +78,7 @@ struct SCSIDeviceInfo {
int (*write_data)(SCSIRequest *req);
void (*cancel_io)(SCSIRequest *req);
uint8_t *(*get_buf)(SCSIRequest *req);
+ int (*get_sense)(SCSIRequest *req, uint8_t *buf, int len);
};
typedef void (*SCSIAttachFn)(DeviceState *host, BlockDriverState *bdrv,
--
1.6.0.2
^ permalink raw reply related [flat|nested] 38+ messages in thread
* [Qemu-devel] [PATCH 13/15] scsi: Implement alloc_req_iov callback
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
` (11 preceding siblings ...)
2010-11-24 11:16 ` [Qemu-devel] [PATCH 12/15] scsi: Implement 'get_sense' callback Hannes Reinecke
@ 2010-11-24 11:16 ` Hannes Reinecke
2010-11-24 16:52 ` Christoph Hellwig
2010-11-24 11:16 ` [Qemu-devel] [PATCH 14/15] megasas: LSI Megaraid SAS emulation Hannes Reinecke
` (3 subsequent siblings)
16 siblings, 1 reply; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-24 11:16 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, nab, kraxel
Add callback to create a request with a predefined iovec.
This is required for drivers which can use the iovec
of a command directly.
Signed-off-by: Hannes Reinecke <hare@suse.de>
---
hw/scsi-disk.c | 25 +++++++++++++++++++++----
hw/scsi-generic.c | 44 +++++++++++++++++++++++++++++++++-----------
hw/scsi.h | 2 ++
3 files changed, 56 insertions(+), 15 deletions(-)
diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c
index 68b8667..67f93a5 100644
--- a/hw/scsi-disk.c
+++ b/hw/scsi-disk.c
@@ -96,14 +96,30 @@ static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag,
return req;
}
+static SCSIRequest *scsi_new_request_iovec(SCSIDevice *d, uint32_t tag,
+ uint32_t lun, struct iovec *iov, int iov_num)
+{
+ SCSIRequest *req;
+ SCSIDiskReq *r;
+
+ req = scsi_req_alloc(sizeof(SCSIDiskReq), d, tag, lun);
+ r = DO_UPCAST(SCSIDiskReq, req, req);
+ r->iov = iov;
+ r->iov_num = iov_num;
+ r->iov_buf = NULL;
+ return req;
+}
+
static void scsi_remove_request(SCSIRequest *req)
{
SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
- qemu_free(r->iov);
- r->iov = NULL;
- qemu_vfree(r->iov_buf);
- r->iov_buf = NULL;
+ if (r->iov_buf) {
+ qemu_free(r->iov);
+ r->iov = NULL;
+ qemu_vfree(r->iov_buf);
+ r->iov_buf = NULL;
+ }
scsi_req_free(&r->req);
}
@@ -1220,6 +1236,7 @@ static SCSIDeviceInfo scsi_disk_info = {
.init = scsi_disk_initfn,
.destroy = scsi_destroy,
.alloc_req = scsi_new_request,
+ .alloc_req_iov = scsi_new_request_iovec,
.free_req = scsi_remove_request,
.send_command = scsi_send_command,
.read_data = scsi_read_data,
diff --git a/hw/scsi-generic.c b/hw/scsi-generic.c
index 949b4cc..8c99e9e 100644
--- a/hw/scsi-generic.c
+++ b/hw/scsi-generic.c
@@ -108,6 +108,25 @@ static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun)
return req;
}
+static SCSIRequest *scsi_new_request_iovec(SCSIDevice *d, uint32_t tag,
+ uint32_t lun, struct iovec *iov, int iov_num)
+{
+ SCSIRequest *req;
+ SCSIGenericReq *r;
+ int i;
+
+ req = scsi_req_alloc(sizeof(SCSIGenericReq), d, tag, lun);
+ r = DO_UPCAST(SCSIGenericReq, req, req);
+ r->io_header.dxferp = iov;
+ r->io_header.iovec_count = iov_num;
+ r->io_header.dxfer_len = 0;
+ for (i = 0; i < iov_num; i++)
+ r->io_header.dxfer_len += iov[i].iov_len;
+ r->buf = NULL;
+ r->buflen = 0;
+ return req;
+}
+
static void scsi_remove_request(SCSIRequest *req)
{
SCSIGenericReq *r = DO_UPCAST(SCSIGenericReq, req, req);
@@ -180,8 +199,10 @@ static int execute_command(BlockDriverState *bdrv,
r->io_header.interface_id = 'S';
r->io_header.dxfer_direction = direction;
- r->io_header.dxferp = r->buf;
- r->io_header.dxfer_len = r->buflen;
+ if (r->buf) {
+ r->io_header.dxferp = r->buf;
+ r->io_header.dxfer_len = r->buflen;
+ }
r->io_header.cmdp = r->req.cmd.buf;
r->io_header.cmd_len = r->req.cmd.len;
r->io_header.mx_sb_len = sizeof(s->sensebuf);
@@ -287,7 +308,7 @@ static int scsi_write_data(SCSIRequest *req)
DPRINTF("scsi_write_data 0x%x\n", req->tag);
- if (r->len == 0) {
+ if (r->len == 0 && r->io_header.dxfer_len == 0) {
r->len = r->buflen;
r->req.bus->complete(&r->req, SCSI_REASON_DATA, r->len);
return 0;
@@ -369,8 +390,7 @@ static int32_t scsi_send_command(SCSIRequest *req, uint8_t *cmd)
#endif
if (r->req.cmd.xfer == 0) {
- if (r->buf != NULL)
- qemu_free(r->buf);
+ qemu_free(r->buf);
r->buflen = 0;
r->buf = NULL;
ret = execute_command(s->bs, r, SG_DXFER_NONE, scsi_command_complete);
@@ -381,14 +401,15 @@ static int32_t scsi_send_command(SCSIRequest *req, uint8_t *cmd)
return 0;
}
- if (r->buflen != r->req.cmd.xfer) {
- if (r->buf != NULL)
+ if (!r->io_header.iovec_count) {
+ if (r->buflen != r->req.cmd.xfer) {
qemu_free(r->buf);
- r->buf = qemu_malloc(r->req.cmd.xfer);
- r->buflen = r->req.cmd.xfer;
- }
+ r->buf = qemu_malloc(r->req.cmd.xfer);
+ r->buflen = r->req.cmd.xfer;
+ }
- memset(r->buf, 0, r->buflen);
+ memset(r->buf, 0, r->buflen);
+ }
r->len = r->req.cmd.xfer;
if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
r->len = 0;
@@ -561,6 +582,7 @@ static SCSIDeviceInfo scsi_generic_info = {
.init = scsi_generic_initfn,
.destroy = scsi_destroy,
.alloc_req = scsi_new_request,
+ .alloc_req_iov = scsi_new_request_iovec,
.free_req = scsi_remove_request,
.send_command = scsi_send_command,
.read_data = scsi_read_data,
diff --git a/hw/scsi.h b/hw/scsi.h
index cc96f85..063154d 100644
--- a/hw/scsi.h
+++ b/hw/scsi.h
@@ -72,6 +72,8 @@ struct SCSIDeviceInfo {
scsi_qdev_initfn init;
void (*destroy)(SCSIDevice *s);
SCSIRequest *(*alloc_req)(SCSIDevice *s, uint32_t tag, uint32_t lun);
+ SCSIRequest *(*alloc_req_iov)(SCSIDevice *s, uint32_t tag, uint32_t lun,
+ struct iovec *iov, int iov_num);
void (*free_req)(SCSIRequest *req);
int32_t (*send_command)(SCSIRequest *req, uint8_t *buf);
void (*read_data)(SCSIRequest *req);
--
1.6.0.2
^ permalink raw reply related [flat|nested] 38+ messages in thread
* [Qemu-devel] [PATCH 14/15] megasas: LSI Megaraid SAS emulation
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
` (12 preceding siblings ...)
2010-11-24 11:16 ` [Qemu-devel] [PATCH 13/15] scsi: Implement alloc_req_iov callback Hannes Reinecke
@ 2010-11-24 11:16 ` Hannes Reinecke
2010-11-25 14:36 ` [Qemu-devel] " Stefan Hajnoczi
2010-11-25 20:47 ` Sebastian Herbszt
2010-11-24 11:16 ` [Qemu-devel] [PATCH 15/15] Make SCSI HBA configurable Hannes Reinecke
` (2 subsequent siblings)
16 siblings, 2 replies; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-24 11:16 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, nab, kraxel
This patch adds an emulation for the LSI Megaraid SAS HBA.
Signed-off-by: Hannes Reinecke <hare@suse.de>
---
Makefile.objs | 2 +-
hw/megasas.c | 1828 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
hw/mfi.h | 1197 +++++++++++++++++++++++++++++++++++++
hw/pci_ids.h | 2 +
hw/scsi.h | 1 +
5 files changed, 3029 insertions(+), 1 deletions(-)
create mode 100644 hw/megasas.c
create mode 100644 hw/mfi.h
diff --git a/Makefile.objs b/Makefile.objs
index 23b17ce..89c8661 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -231,7 +231,7 @@ hw-obj-$(CONFIG_IDE_MACIO) += ide/macio.o
hw-obj-$(CONFIG_IDE_VIA) += ide/via.o
# SCSI layer
-hw-obj-y += lsi53c895a.o
+hw-obj-y += lsi53c895a.o megasas.o
hw-obj-$(CONFIG_ESP) += esp.o
hw-obj-y += dma-helpers.o sysbus.o isa-bus.o
diff --git a/hw/megasas.c b/hw/megasas.c
new file mode 100644
index 0000000..dde93e5
--- /dev/null
+++ b/hw/megasas.c
@@ -0,0 +1,1828 @@
+/*
+ * QEMU MegaRAID SAS 8708EM2 Host Bus Adapter emulation
+ *
+ * Copyright (c) 2009 Hannes Reinecke, SUSE Linux Products GmbH
+ *
+ * This code is licenced under the LGPL.
+ */
+
+#include <time.h>
+#include <assert.h>
+
+#include "hw.h"
+#include "pci.h"
+#include "dma.h"
+#include "scsi.h"
+#include "scsi-defs.h"
+#include "block_int.h"
+#ifdef __linux__
+# include <scsi/sg.h>
+#endif
+
+#include "mfi.h"
+
+#define DEBUG_MEGASAS
+#undef DEBUG_MEGASAS_REG
+#undef DEBUG_MEGASAS_QUEUE
+#undef DEBUG_MEGASAS_MFI
+#undef DEBUG_MEGASAS_IO
+#undef DEBUG_MEGASAS_DCMD
+
+#ifdef DEBUG_MEGASAS
+#define DPRINTF(fmt, ...) \
+do { printf("megasas: " fmt , ## __VA_ARGS__); } while (0)
+#define BADF(fmt, ...) \
+do { fprintf(stderr, "megasas: error: " fmt , ## __VA_ARGS__); exit(1);} while (0)
+#ifdef DEBUG_MEGASAS_REG
+#define DPRINTF_REG DPRINTF
+#else
+#define DPRINTF_REG(fmt, ...) do {} while(0)
+#endif
+#ifdef DEBUG_MEGASAS_QUEUE
+#define DPRINTF_QUEUE DPRINTF
+#else
+#define DPRINTF_QUEUE(fmt, ...) do {} while(0)
+#endif
+#ifdef DEBUG_MEGASAS_MFI
+#define DPRINTF_MFI DPRINTF
+#else
+#define DPRINTF_MFI(fmt, ...) do {} while(0)
+#endif
+#ifdef DEBUG_MEGASAS_IO
+#define DPRINTF_IO DPRINTF
+#else
+#define DPRINTF_IO(fmt, ...) do {} while(0)
+#endif
+#ifdef DEBUG_MEGASAS_DCMD
+#define DPRINTF_DCMD DPRINTF
+#else
+#define DPRINTF_DCMD(fmt, ...) do {} while(0)
+#endif
+#else
+#define DPRINTF(fmt, ...) do {} while(0)
+#define DPRINTF_REG DPRINTF
+#define DPRINTF_QUEUE DPRINTF
+#define DPRINTF_MFI DPRINTF
+#define DPRINTF_IO DPRINTF
+#define DPRINTF_DCMD DPRINTF
+#define BADF(fmt, ...) \
+do { fprintf(stderr, "megasas: error: " fmt , ## __VA_ARGS__);} while (0)
+#endif
+
+/* Static definitions */
+#define MEGASAS_VERSION "1.10"
+#define MEGASAS_MAX_FRAMES 2048 /* Firmware limit at 65535 */
+#define MEGASAS_DEFAULT_FRAMES 1000 /* Windows requires this */
+#define MEGASAS_MAX_SGE 256 /* Firmware limit */
+#define MEGASAS_DEFAULT_SGE 80
+#define MEGASAS_MAX_SECTORS 0xFFFF /* No real limit */
+#define MEGASAS_MAX_ARRAYS 128
+
+const char *mfi_frame_desc[] = {
+ "MFI init", "LD Read", "LD Write", "LD SCSI", "PD SCSI",
+ "MFI Doorbell", "MFI Abort", "MFI SMP", "MFI Stop"};
+
+struct megasas_cmd_t {
+ int index;
+ int context;
+ int count;
+
+ target_phys_addr_t pa;
+ target_phys_addr_t pa_size;
+ union mfi_frame *frame;
+ SCSIRequest *req;
+ struct iovec *iov;
+ void *iov_buf;
+ long iov_size;
+ SCSIDevice *sdev;
+ struct megasas_state_t *state;
+};
+
+typedef struct megasas_state_t {
+ PCIDevice dev;
+ int mmio_io_addr;
+ int io_addr;
+ int queue_addr;
+ uint32_t frame_hi;
+
+ int fw_state;
+ uint32_t fw_sge;
+ uint32_t fw_cmds;
+ int fw_luns;
+ int intr_mask;
+ int doorbell;
+ int busy;
+ char *raid_mode_str;
+ int is_jbod;
+
+ int event_count;
+ int shutdown_event;
+ int boot_event;
+
+ uint64_t reply_queue_pa;
+ void *reply_queue;
+ int reply_queue_len;
+ int reply_queue_index;
+ uint64_t consumer_pa;
+ uint64_t producer_pa;
+
+ struct megasas_cmd_t frames[MEGASAS_MAX_FRAMES];
+
+ SCSIBus bus;
+} MPTState;
+
+#define MEGASAS_INTR_DISABLED_MASK 0xFFFFFFFF
+
+#define MEGASAS_INTR_ENABLED(s) (((s)->intr_mask & MEGASAS_INTR_DISABLED_MASK ) != MEGASAS_INTR_DISABLED_MASK)
+
+#define megasas_frame_set_cmd_status(f,v) \
+ stb_phys((f) + offsetof(struct mfi_frame_header, cmd_status), v)
+
+#define megasas_frame_set_scsi_status(f,v) \
+ stb_phys((f) + offsetof(struct mfi_frame_header, scsi_status), v)
+
+#define megasas_frame_get_cmd(f) \
+ ldub_phys((f) + offsetof(struct mfi_frame_header, frame_cmd))
+
+#define megasas_frame_get_context(f) \
+ ldl_phys(frame_addr + offsetof(struct mfi_frame_header, context))
+
+static void megasas_soft_reset(MPTState *s);
+
+static int megasas_map_sgl(struct megasas_cmd_t *cmd, int pa_offset)
+{
+ int i;
+ uint16_t flags = le16_to_cpu(cmd->frame->header.flags);
+ int is_sgl64 = (flags & MFI_FRAME_SGL64) ? 1 : 0;
+ int is_write = (flags & MFI_FRAME_DIR_WRITE) ? 1 : 0;
+ int sgl_addr_size = is_sgl64 ? sizeof(uint64_t) : sizeof(uint32_t);
+ size_t iov_count = 0;
+
+ cmd->iov = qemu_malloc(sizeof(struct iovec) * (cmd->frame->header.sge_count + 1));
+ for (i = 0; i < cmd->frame->header.sge_count; i++) {
+ target_phys_addr_t pa, iov_pa, iov_size;
+
+ pa = cmd->pa + pa_offset;
+ if (is_sgl64)
+ iov_pa = ldq_phys(pa);
+ else
+ iov_pa = ldl_phys(pa);
+ iov_size = ldl_phys(pa + sgl_addr_size);
+ cmd->iov[i].iov_base = cpu_physical_memory_map(iov_pa, &iov_size, is_write);
+ cmd->iov[i].iov_len = iov_size;
+ pa_offset += sgl_addr_size + sizeof(uint32_t);
+ iov_count += iov_size;
+ }
+ cmd->iov[i].iov_base = NULL;
+ cmd->iov[i].iov_len = 0;
+ if (pa_offset > (cmd->count + 1) * MFI_FRAME_SIZE) {
+ DPRINTF_IO("frame %d: iov list overflow count %d sge %d offset %x\n",
+ cmd->context, cmd->count, cmd->frame->header.sge_count,
+ pa_offset);
+ }
+ if (iov_count > cmd->iov_size * cmd->sdev->blocksize) {
+ DPRINTF("iov list too long: is %ld should be %ld\n",
+ iov_count, cmd->iov_size * cmd->sdev->blocksize);
+ }
+ return cmd->frame->header.sge_count;
+}
+
+static void megasas_unmap_sgl(struct megasas_cmd_t *cmd)
+{
+ uint16_t flags = le16_to_cpu(cmd->frame->header.flags);
+ int i, is_write = (flags & MFI_FRAME_DIR_WRITE) ? 1 : 0;
+
+ for (i = 0; i < cmd->frame->header.sge_count; i++) {
+ cpu_physical_memory_unmap(cmd->iov[i].iov_base, cmd->iov[i].iov_len,
+ is_write, cmd->iov[i].iov_len);
+ }
+ qemu_free(cmd->iov);
+}
+
+/*
+ * passthrough sense and io sense are at the same offset
+ */
+static int megasas_build_sense(struct megasas_cmd_t *cmd, uint8_t *sense_ptr,
+ uint8_t sense_len)
+{
+ target_phys_addr_t pa, pa_hi = 0, pa_lo;
+ uint16_t flags = le16_to_cpu(cmd->frame->header.flags);
+ int is_sense64 = (flags & MFI_FRAME_SENSE64) ? 1 : 0;
+
+ if (sense_len > cmd->frame->header.sense_len)
+ sense_len = cmd->frame->header.sense_len;
+
+ pa_lo = le32_to_cpu(cmd->frame->pass.sense_addr_lo);
+ if (is_sense64)
+ pa_hi = le32_to_cpu(cmd->frame->pass.sense_addr_hi);
+ pa = ((uint64_t) pa_hi << 32) | pa_lo;
+ cpu_physical_memory_write(pa, sense_ptr, sense_len);
+ cmd->frame->header.sense_len = sense_len;
+ return sense_len;
+}
+
+static void megasas_write_sense(struct megasas_cmd_t *cmd, SCSISense sense)
+{
+ uint8_t *sense_ptr;
+ uint8_t sense_len;
+
+ sense_ptr = qemu_mallocz(cmd->frame->header.sense_len);
+ sense_len = scsi_build_sense(sense, sense_ptr,
+ cmd->frame->header.sense_len, 0);
+ megasas_build_sense(cmd, sense_ptr, sense_len);
+ qemu_free(sense_ptr);
+}
+
+static void megasas_copy_sense(struct megasas_cmd_t *cmd)
+{
+ uint8_t *sense_ptr;
+ uint8_t sense_len;
+
+ sense_ptr = qemu_mallocz(cmd->frame->header.sense_len);
+ sense_len = cmd->req->dev->info->get_sense(cmd->req, sense_ptr,
+ cmd->frame->header.sense_len);
+ megasas_build_sense(cmd, sense_ptr, sense_len);
+ qemu_free(sense_ptr);
+}
+
+/*
+ * Format an INQUIRY CDB
+ */
+static int megasas_setup_inquiry(uint8_t *cdb, int pg,
+ uint8_t *buf, int len)
+{
+ memset(cdb, 0, 6);
+ cdb[0] = INQUIRY;
+ if (pg > 0) {
+ cdb[1] = 0x1;
+ cdb[2] = pg;
+ }
+ cdb[3] = (len >> 8) & 0xff;
+ cdb[4] = (len & 0xff);
+ return len;
+}
+
+/*
+ * Encode lba and len into a READ_16/WRITE_16 CDB
+ */
+static void megasas_encode_lba(uint8_t *cdb, uint64_t lba,
+ uint32_t len, int is_write)
+{
+ memset(cdb, 0x0, 16);
+ if (is_write) {
+ cdb[0] = WRITE_16;
+ } else {
+ cdb[0] = READ_16;
+ }
+ cdb[2] = (lba >> 56) & 0xff;
+ cdb[3] = (lba >> 48) & 0xff;
+ cdb[4] = (lba >> 40) & 0xff;
+ cdb[5] = (lba >> 32) & 0xff;
+ cdb[6] = (lba >> 24) & 0xff;
+ cdb[7] = (lba >> 16) & 0xff;
+ cdb[8] = (lba >> 8) & 0xff;
+ cdb[9] = (lba) & 0xff;
+ cdb[10] = (len >> 24) & 0xff;
+ cdb[11] = (len >> 16) & 0xff;
+ cdb[12] = (len >> 8) & 0xff;
+ cdb[13] = (len) & 0xff;
+}
+
+/*
+ * Utility functions
+ */
+static uint64_t megasas_fw_time(void)
+{
+ const time_t now = time(NULL);
+ struct tm *curtime;
+ uint64_t bcd_time;
+
+ curtime = gmtime(&now);
+ bcd_time = ((uint64_t)curtime->tm_sec & 0xff) << 48 |
+ ((uint64_t)curtime->tm_min & 0xff) << 40 |
+ ((uint64_t)curtime->tm_hour & 0xff) << 32 |
+ ((uint64_t)curtime->tm_mday & 0xff) << 24 |
+ ((uint64_t)curtime->tm_mon & 0xff) << 16 |
+ ((uint64_t)(curtime->tm_year + 1900) & 0xffff);
+
+ return bcd_time;
+}
+
+static uint64_t megasas_gen_sas_addr(uint64_t id)
+{
+ uint64_t addr;
+
+ addr = 0x5001a4aULL << 36;
+ addr |= id & 0xfffffffff;
+
+ return addr;
+}
+
+/*
+ * Frame handling
+ */
+
+static void megasas_dump_frame(struct megasas_cmd_t *cmd)
+{
+ DPRINTF("Frame %x: count %d pa %p context %x\n"
+ "\t%016lx %016lx\n\t%016lx %016lx\n"
+ "\t%016lx %016lx\n\t%016lx %016lx\n",
+ cmd->index, cmd->count, cmd->frame, cmd->context,
+ be64_to_cpu(cmd->frame->raw[0]),
+ be64_to_cpu(cmd->frame->raw[1]),
+ be64_to_cpu(cmd->frame->raw[2]),
+ be64_to_cpu(cmd->frame->raw[3]),
+ be64_to_cpu(cmd->frame->raw[4]),
+ be64_to_cpu(cmd->frame->raw[5]),
+ be64_to_cpu(cmd->frame->raw[6]),
+ be64_to_cpu(cmd->frame->raw[7]));
+}
+
+static inline int megasas_next_index(MPTState *s, int index)
+{
+ index++;
+ if (index == s->fw_cmds)
+ index = 0;
+ return index;
+}
+
+static inline struct megasas_cmd_t *megasas_lookup_frame(MPTState *s,
+ target_phys_addr_t frame)
+{
+ struct megasas_cmd_t *cmd = NULL;
+ int num = 0, index;
+
+ index = s->reply_queue_index;
+
+ while (num < s->fw_cmds) {
+ if (s->frames[index].pa && s->frames[index].pa == frame) {
+ cmd = &s->frames[index];
+ break;
+ }
+ index = megasas_next_index(s, index);
+ num++;
+ }
+
+ return cmd;
+}
+
+static inline struct megasas_cmd_t *megasas_next_frame(MPTState *s,
+ target_phys_addr_t frame)
+{
+ struct megasas_cmd_t *cmd = NULL;
+ int num = 0, index;
+
+ cmd = megasas_lookup_frame(s, frame);
+ if (cmd) {
+ DPRINTF_QUEUE("Found mapped frame %x pa %lx\n", cmd->index, cmd->pa);
+ return cmd;
+ }
+ index = s->reply_queue_index;
+ num = 0;
+ while (num < s->fw_cmds) {
+ if (!s->frames[index].pa) {
+ cmd = &s->frames[index];
+ break;
+ }
+ index = megasas_next_index(s, index);
+ num++;
+ }
+ DPRINTF_QUEUE("Return new frame %x cmd %p\n", index, cmd);
+ return cmd;
+}
+
+static struct megasas_cmd_t *
+megasas_enqueue_frame(MPTState *s, target_phys_addr_t frame, int count)
+{
+ struct megasas_cmd_t *cmd = NULL;
+ uint8_t frame_size = MFI_FRAME_SIZE;
+ target_phys_addr_t frame_size_p = frame_size;
+
+ cmd = megasas_next_frame(s, frame);
+ /* All frames busy */
+ if (!cmd)
+ return NULL;
+ if (!cmd->pa) {
+ cmd->pa = frame;
+ cmd->frame = cpu_physical_memory_map(frame, &frame_size_p, 0);
+ if (frame_size_p != frame_size) {
+ DPRINTF("failed to map frame %lu\n", (unsigned long)frame);
+ if (cmd->frame) {
+ cpu_physical_memory_unmap(cmd->frame, frame_size_p, 0, 0);
+ cmd->frame = NULL;
+ cmd->pa = 0;
+ }
+ s->event_count++;
+ return NULL;
+ }
+ cmd->pa_size = frame_size_p;
+ cmd->context = le32_to_cpu(cmd->frame->header.context);
+ }
+ cmd->count = count;
+ s->busy++;
+
+ DPRINTF_QUEUE("Enqueue frame %x count %d context %x tail %x busy %d\n",
+ cmd->index, cmd->count, cmd->context,
+ s->reply_queue_index, s->busy);
+
+ return cmd;
+}
+
+static void megasas_dequeue_frame(MPTState *s, int context)
+{
+ int tail;
+
+ /* Decrement busy count */
+ s->busy--;
+
+ if (!MEGASAS_INTR_ENABLED(s)) {
+ DPRINTF_QUEUE("Complete frame context %x\n", context);
+ return;
+ }
+
+ /* Put command on the reply queue */
+ tail = s->reply_queue_index;
+ stl_phys(s->reply_queue_pa + tail * sizeof(uint32_t), context);
+
+ s->reply_queue_index = megasas_next_index(s, tail);
+ DPRINTF_QUEUE("Complete frame context %x tail %x busy %d doorbell %d\n",
+ context, tail, s->busy, s->doorbell);
+
+ /* Notify HBA */
+ s->doorbell++;
+ if (s->doorbell == 1) {
+ qemu_irq_raise(s->dev.irq[0]);
+ }
+}
+
+static void megasas_abort_command(struct megasas_cmd_t *cmd)
+{
+ if (cmd->req) {
+ cmd->req->dev->info->free_req(cmd->req);
+ cmd->req = NULL;
+ }
+}
+
+static int megasas_init_firmware(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ target_phys_addr_t iq_pa, pa_hi, pa_lo, iq_pl, initq_size;
+ struct mfi_init_qinfo *initq;
+
+ iq_pl = le32_to_cpu(cmd->frame->init.header.data_len);
+ pa_lo = le32_to_cpu(cmd->frame->init.qinfo_new_addr_lo);
+ pa_hi = le32_to_cpu(cmd->frame->init.qinfo_new_addr_hi);
+ iq_pa = (((uint64_t) pa_hi << 32) | pa_lo);
+ DPRINTF_MFI("MFI init firmware: xfer len %d pa %lx\n", (int)iq_pl,
+ (unsigned long)iq_pa);
+ initq_size = sizeof(*initq);
+ initq = cpu_physical_memory_map(iq_pa, &initq_size, 0);
+ if (initq_size != sizeof(*initq)) {
+ DPRINTF("MFI init firmware: failed to map queue mem\n");
+ if (initq)
+ cpu_physical_memory_unmap(initq, initq_size, 0, 0);
+ s->fw_state = MFI_FWSTATE_FAULT;
+ s->event_count++;
+ goto out;
+ }
+ s->reply_queue_len = le32_to_cpu(initq->rq_entries);
+ pa_lo = le32_to_cpu(initq->rq_addr_lo);
+ pa_hi = le32_to_cpu(initq->rq_addr_hi);
+ s->reply_queue_pa = ((uint64_t) pa_hi << 32) | pa_lo;
+ pa_lo = le32_to_cpu(initq->ci_addr_lo);
+ pa_hi = le32_to_cpu(initq->ci_addr_hi);
+ s->consumer_pa = ((uint64_t) pa_hi << 32) | pa_lo;
+ pa_lo = le32_to_cpu(initq->pi_addr_lo);
+ pa_hi = le32_to_cpu(initq->pi_addr_hi);
+ s->producer_pa = ((uint64_t) pa_hi << 32) | pa_lo;
+ DPRINTF_MFI("MFI init firmware: queue at %lx len %d head %lx tail %lx\n",
+ (unsigned long)s->reply_queue_pa, s->reply_queue_len,
+ (unsigned long)s->producer_pa, (unsigned long)s->consumer_pa);
+ s->reply_queue_index = ldl_phys(s->producer_pa);
+ s->fw_state = MFI_FWSTATE_OPERATIONAL;
+out:
+ cpu_physical_memory_unmap(initq, initq_size, 0, 0);
+ return 0;
+}
+
+static int megasas_map_dcmd(struct megasas_cmd_t *cmd)
+{
+ target_phys_addr_t iov_pa, iov_size_p;
+ uint32_t iov_size = 0;
+ uint16_t flags = le16_to_cpu(cmd->frame->header.flags);
+ int is_sgl64 = (flags & MFI_FRAME_SGL64) ? 1 : 0;
+
+ if (!cmd->frame->header.sge_count) {
+ DPRINTF_DCMD("Zero DCMD sge count\n");
+ cmd->iov_size = 0;
+ cmd->iov_buf = NULL;
+ return 0;
+ } else if (cmd->frame->header.sge_count > 1) {
+ DPRINTF("Invalid DCMD sge count %d\n",
+ cmd->frame->header.sge_count);
+ return -1;
+ }
+ if (is_sgl64) {
+ iov_pa = le64_to_cpu(cmd->frame->dcmd.sgl.sg64[0].addr);
+ iov_size = le32_to_cpu(cmd->frame->dcmd.sgl.sg64[0].len);
+ } else {
+ iov_pa = le32_to_cpu(cmd->frame->dcmd.sgl.sg32[0].addr);
+ iov_size = le32_to_cpu(cmd->frame->dcmd.sgl.sg32[0].len);
+ }
+ iov_size_p = iov_size;
+ cmd->iov_buf = cpu_physical_memory_map(iov_pa, &iov_size_p, 1);
+ if (iov_size_p != iov_size) {
+ DPRINTF("failed to map dcmd buffer\n");
+ if (cmd->iov_buf) {
+ cpu_physical_memory_unmap(cmd->iov_buf, iov_size, 1, 0);
+ cmd->iov_buf = NULL;
+ cmd->iov_size = 0;
+ }
+ return -1;
+ }
+ cmd->iov_size = iov_size;
+ return iov_size;
+}
+
+static int megasas_finish_dcmd(struct megasas_cmd_t *cmd, uint32_t size)
+{
+ uint16_t flags = le16_to_cpu(cmd->frame->header.flags);
+ int is_sgl64 = (flags & MFI_FRAME_SGL64) ? 1 : 0;
+ int sgl_addr_size = is_sgl64 ? sizeof(uint64_t) : sizeof(uint32_t);
+
+ if (size > cmd->iov_size) {
+ DPRINTF("DCMD buffer overflow %u/%ld\n",
+ size, cmd->iov_size);
+ size = cmd->iov_size;
+ }
+ if (!cmd->iov_buf) {
+ return 0;
+ }
+
+ cpu_physical_memory_unmap(cmd->iov_buf, cmd->iov_size, 1, size);
+ if (cmd->iov_size > size) {
+ stl_phys(cmd->pa + offsetof(struct mfi_dcmd_frame,sgl)
+ + sgl_addr_size, size);
+ }
+ return size;
+}
+
+static int megasas_ctrl_get_info(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ struct mfi_ctrl_info *info = cmd->iov_buf;
+ int n, num_ld_disks = 0;
+
+ for (n = 0; n < s->fw_luns; n++) {
+ if (s->bus.devs[n])
+ num_ld_disks++;
+ }
+
+ memset(cmd->iov_buf, 0x0, cmd->iov_size);
+ if (cmd->iov_size != sizeof(struct mfi_ctrl_info)) {
+ DPRINTF_DCMD("Ctrl Get Info: invalid xfer_len %ld\n",
+ cmd->iov_size);
+ return MFI_STAT_INVALID_PARAMETER;
+ }
+
+ DPRINTF_DCMD("MFI DCMD get controller info\n");
+ info->pci.vendor = PCI_VENDOR_ID_LSI_LOGIC;
+ info->pci.device = PCI_DEVICE_ID_LSI_SAS1078;
+ info->pci.subvendor = PCI_VENDOR_ID_LSI_LOGIC;
+ info->pci.subdevice = 0x1013;
+
+ info->host.type = MFI_INFO_HOST_PCIX;
+ info->device.type = MFI_INFO_DEV_SAS3G;
+ info->device.port_count = 2;
+ info->device.port_addr[0] = megasas_gen_sas_addr((unsigned long)s);
+
+ memcpy(info->product_name,"MegaRAID SAS 8708EM2", 20);
+ snprintf(info->serial_number, 32, "QEMU%08lx",(unsigned long)s & 0xFFFFFFFF);
+ snprintf(info->package_version, 0x60, "%s-QEMU", QEMU_VERSION);
+ memcpy(info->image_component[0].name, "APP", 8);
+ memcpy(info->image_component[0].version, MEGASAS_VERSION "-QEMU", 32);
+ memcpy(info->image_component[0].build_date, __DATE__, 16);
+ memcpy(info->image_component[0].build_time, __TIME__, 16);
+ info->image_component_count = 1;
+ info->current_fw_time = megasas_fw_time();
+ info->max_arms = 32;
+ info->max_spans = 8;
+ info->max_arrays = MEGASAS_MAX_ARRAYS;
+ info->max_lds = s->fw_luns;
+ info->max_cmds = s->fw_cmds;
+ info->max_sg_elements = s->fw_sge;
+ info->max_request_size = MEGASAS_MAX_SECTORS;
+ info->lds_present = num_ld_disks;
+ info->pd_present = num_ld_disks + 1;
+ info->pd_disks_present = num_ld_disks;
+ info->hw_present = MFI_INFO_HW_NVRAM | MFI_INFO_HW_MEM | MFI_INFO_HW_FLASH;
+ info->memory_size = 512;
+ info->nvram_size = 32;
+ info->flash_size = 16;
+ info->raid_levels = MFI_INFO_RAID_0;
+ info->adapter_ops = MFI_INFO_AOPS_RBLD_RATE |
+ MFI_INFO_AOPS_SELF_DIAGNOSTIC |
+ MFI_INFO_AOPS_MIXED_ARRAY;
+ info->ld_ops = MFI_INFO_LDOPS_DISK_CACHE_POLICY |
+ MFI_INFO_LDOPS_ACCESS_POLICY |
+ MFI_INFO_LDOPS_IO_POLICY |
+ MFI_INFO_LDOPS_WRITE_POLICY |
+ MFI_INFO_LDOPS_READ_POLICY;
+ info->max_strips_per_io = s->fw_sge;
+ info->stripe_sz_ops.min = 3;
+ info->stripe_sz_ops.max = ffs(MEGASAS_MAX_SECTORS + 1) - 1;
+ info->properties.pred_fail_poll_interval = 300;
+ info->properties.intr_throttle_cnt = 16;
+ info->properties.intr_throttle_timeout = 50;
+ info->properties.rebuild_rate = 30;
+ info->properties.patrol_read_rate = 30;
+ info->properties.bgi_rate = 30;
+ info->properties.cc_rate = 30;
+ info->properties.recon_rate = 30;
+ info->properties.cache_flush_interval = 4;
+ info->properties.spinup_drv_cnt = 2;
+ info->properties.spinup_delay = 6;
+ info->properties.ecc_bucket_size = 15;
+ info->properties.ecc_bucket_leak_rate = 1440;
+ info->properties.expose_encl_devices = 1;
+ info->pd_ops = MFI_INFO_PDOPS_FORCE_ONLINE | MFI_INFO_PDOPS_FORCE_OFFLINE;
+ info->pd_mix_support = MFI_INFO_PDMIX_SAS | MFI_INFO_PDMIX_SATA | MFI_INFO_PDMIX_LD;
+
+ return MFI_STAT_OK;
+}
+
+static int megasas_mfc_get_defaults(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ struct mfi_defaults *info = cmd->iov_buf;
+
+ memset(cmd->iov_buf, 0x0, cmd->iov_size);
+ if (cmd->iov_size != sizeof(struct mfi_defaults)) {
+ DPRINTF_DCMD("MFC Get defaults: invalid xfer_len %ld\n", cmd->iov_size);
+ return MFI_STAT_INVALID_PARAMETER;
+ }
+
+ info->stripe_size = 3;
+ info->flush_time = 4;
+ info->background_rate = 30;
+ info->allow_mix_in_enclosure = 1;
+ info->allow_mix_in_ld = 1;
+ info->direct_pd_mapping = 1;
+ info->bios_enumerate_lds = 1;
+ info->disable_ctrl_r = 1;
+ info->expose_enclosure_devices = 1;
+ info->disable_preboot_cli = 1;
+ info->cluster_disable = 1;
+
+ return MFI_STAT_OK;
+}
+
+static int megasas_dcmd_get_bios_info(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ struct mfi_bios_data *info = cmd->iov_buf;
+
+ memset(cmd->iov_buf, 0x0, cmd->iov_size);
+ if (cmd->iov_size != sizeof(struct mfi_bios_data)) {
+ DPRINTF_DCMD("Get BIOS info: invalid xfer_len %ld\n", cmd->iov_size);
+ return MFI_STAT_INVALID_PARAMETER;
+ }
+ info->continue_on_error = 1;
+
+ return MFI_STAT_OK;
+}
+
+static int megasas_dcmd_get_fw_time(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ uint64_t fw_time;
+
+ fw_time = megasas_fw_time();
+
+ memcpy(cmd->iov_buf, &fw_time, sizeof(fw_time));
+ return MFI_STAT_OK;
+}
+
+static int megasas_dcmd_set_fw_time(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ uint64_t fw_time;
+
+ memset(cmd->iov_buf, 0x0, cmd->iov_size);
+ memcpy(&fw_time, cmd->frame->dcmd.mbox, sizeof(fw_time));
+ DPRINTF("set fw time %lx\n", fw_time);
+ fw_time = megasas_fw_time();
+ memcpy(cmd->iov_buf, &fw_time, sizeof(fw_time));
+ return MFI_STAT_OK;
+}
+
+static int megasas_event_info(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ struct mfi_evt_log_state *info = cmd->iov_buf;
+
+ memset(info, 0, cmd->iov_size);
+ info->newest_seq_num = s->event_count;
+ info->shutdown_seq_num = s->shutdown_event;
+ info->boot_seq_num = s->boot_event;
+
+ return MFI_STAT_OK;
+}
+
+static int megasas_dcmd_pd_get_list(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ struct mfi_pd_list *info = cmd->iov_buf;
+ uint32_t offset, num_pd_disks = 0, max_luns;
+ uint16_t dev_id;
+
+ memset(cmd->iov_buf, 0, cmd->iov_size);
+ offset = 8;
+ if (cmd->iov_size < (offset + sizeof(struct mfi_pd_address))) {
+ DPRINTF_DCMD("PD get list: invalid xfer_len %ld\n", cmd->iov_size);
+ return MFI_STAT_INVALID_PARAMETER;
+ }
+
+ max_luns = (cmd->iov_size - offset) / sizeof(struct mfi_pd_address);
+ if (max_luns > s->fw_luns) {
+ max_luns = s->fw_luns;
+ }
+ DPRINTF_DCMD("PD get list: returning info for %d PDs\n", max_luns);
+
+ for (dev_id = 0; dev_id < max_luns; dev_id++) {
+ SCSIDevice *sdev;
+
+ sdev = s->bus.devs[dev_id];
+ if (sdev) {
+ info->addr[num_pd_disks].device_id = dev_id;
+ info->addr[num_pd_disks].encl_device_id = dev_id;
+ info->addr[num_pd_disks].sas_addr[0] = megasas_gen_sas_addr((unsigned long)sdev);
+ num_pd_disks ++;
+ offset += sizeof(struct mfi_pd_address);
+ }
+ }
+ DPRINTF_DCMD("PD get list: %d PDs, size %d\n", num_pd_disks, offset);
+
+ info->size = offset;
+ info->count = num_pd_disks;
+
+ return MFI_STAT_OK;
+}
+
+static int megasas_dcmd_pd_list_query(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ uint16_t flags;
+
+ /* mbox0 contains flags */
+ flags = le16_to_cpu(cmd->frame->dcmd.mbox[0]);
+
+ DPRINTF_DCMD("PD query list: flags %x\n", flags);
+
+ if (flags == MR_PD_QUERY_TYPE_ALL || s->is_jbod) {
+ return megasas_dcmd_pd_get_list(s, cmd);
+ }
+
+ return MFI_STAT_OK;
+}
+
+static int megasas_pd_get_info_submit(SCSIDevice * sdev, int lun,
+ struct megasas_cmd_t *cmd)
+{
+ struct mfi_pd_info * info = cmd->iov_buf;
+ uint8_t cmdbuf[6];
+ SCSIRequest *req;
+
+ if (info->inquiry_data[4] == 0) {
+ /* Additional length is zero, resubmit */
+ megasas_setup_inquiry(cmdbuf, 0, info->inquiry_data,
+ sizeof(info->inquiry_data));
+ req = sdev->info->alloc_req(sdev, (uint32_t) -1, lun);
+ if (!req) {
+ return MFI_STAT_FLASH_ALLOC_FAIL;
+ }
+ DPRINTF_DCMD("PD get info submit std inquiry to dev %d\n", lun);
+ req->hba_private = cmd;
+ if (cmd->sdev->info->send_command(req, cmdbuf) > 0)
+ cmd->sdev->info->read_data(req);
+ return MFI_STAT_INVALID_STATUS;
+ } else if (info->vpd_page83[3] == 0) {
+ /* Additional length is zero, resubmit */
+ megasas_setup_inquiry(cmdbuf, 0x83,(uint8_t *)info->vpd_page83,
+ sizeof(info->vpd_page83));
+ req = sdev->info->alloc_req(sdev, (uint32_t) -1, lun);
+ if (!req) {
+ return MFI_STAT_FLASH_ALLOC_FAIL;
+ }
+ DPRINTF_DCMD("PD get info submit vpd inquiry to dev %d\n", lun);
+ req->hba_private = cmd;
+ if (cmd->sdev->info->send_command(req, cmdbuf) > 0)
+ cmd->sdev->info->read_data(req);
+ return MFI_STAT_INVALID_STATUS;
+ }
+
+ /* Finished, set FW state */
+ if (cmd->state->is_jbod) {
+ info->fw_state = MFI_PD_STATE_SYSTEM;
+ } else {
+ info->fw_state = MFI_PD_STATE_ONLINE;
+ }
+ DPRINTF_DCMD("PD get info set state for dev %d to %x\n", lun, info->fw_state);
+ return MFI_STAT_OK;
+}
+
+static int megasas_dcmd_pd_get_info(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ struct mfi_pd_info *info = cmd->iov_buf;
+ uint64_t pd_size;
+ uint16_t pd_id;
+ SCSIDevice *sdev = NULL;
+ int retval = MFI_STAT_OK;
+
+ memset(cmd->iov_buf, 0, cmd->iov_size);
+ if (cmd->iov_size != sizeof(struct mfi_pd_info)) {
+ DPRINTF_DCMD("PD get info: invalid xfer_len %ld\n", cmd->iov_size);
+ return MFI_STAT_INVALID_PARAMETER;
+ }
+
+ /* mbox0 has the ID */
+ pd_id = le16_to_cpu(cmd->frame->dcmd.mbox[0]);
+
+ DPRINTF_DCMD("PD get info for dev %d\n", pd_id);
+
+ if (pd_id >= s->fw_luns)
+ return MFI_STAT_DEVICE_NOT_FOUND;
+
+ sdev = s->bus.devs[pd_id];
+ info->ref.v.device_id = pd_id;
+
+ if (sdev) {
+ BlockConf *conf = &sdev->conf;
+
+ info->state.ddf.v.pd_type.in_vd = 1;
+ info->state.ddf.v.pd_type.intf = 0x2;
+ bdrv_get_geometry(conf->bs, &pd_size);
+ info->raw_size = pd_size;
+ info->non_coerced_size = pd_size;
+ info->coerced_size = pd_size;
+ info->fw_state = MFI_PD_STATE_OFFLINE;
+ info->path_info.count = 1;
+ info->path_info.sas_addr[0] = megasas_gen_sas_addr((unsigned long)sdev);
+ /* Submit inquiry */
+ retval = megasas_pd_get_info_submit(cmd->sdev, pd_id, cmd);
+ }
+
+ return retval;
+}
+
+static int megasas_dcmd_ld_get_list(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ struct mfi_ld_list *info = cmd->iov_buf;
+ uint32_t num_ld_disks = 0, max_ld_disks = s->is_jbod ? 0 : s->fw_luns;
+ uint64_t ld_size;
+ uint8_t n;
+ int offset;
+
+ memset(cmd->iov_buf, 0, cmd->iov_size);
+ if (cmd->iov_size != sizeof(struct mfi_ld_list)) {
+ DPRINTF_DCMD("LD get list: invalid xfer_len %ld\n", cmd->iov_size);
+ return MFI_STAT_INVALID_PARAMETER;
+ }
+
+ DPRINTF_DCMD("LD get list: returning info for %d LDs\n", max_ld_disks);
+
+ for (n = 0; n < max_ld_disks; n++) {
+ SCSIDevice *sdev;
+
+ sdev = s->bus.devs[n];
+ if (sdev) {
+ BlockConf *conf = &sdev->conf;
+
+ bdrv_get_geometry(conf->bs, &ld_size);
+ ld_size *= 512;
+ info->ld_list[num_ld_disks].ld.v.target_id = n;
+ info->ld_list[num_ld_disks].state = MFI_LD_STATE_OPTIMAL;
+ info->ld_list[num_ld_disks].size = ld_size;
+ num_ld_disks ++;
+ offset += 18;
+ }
+ }
+ info->ld_count = num_ld_disks;
+ DPRINTF_DCMD("LD get list: found %d LDs\n", num_ld_disks);
+
+ return MFI_STAT_OK;
+}
+
+static int megasas_ld_get_info_submit(SCSIDevice * sdev, int lun,
+ struct megasas_cmd_t *cmd)
+{
+ struct mfi_ld_info * info = cmd->iov_buf;
+ uint8_t cdb[6];
+ SCSIRequest *req;
+
+ if (info->vpd_page83[3] == 0) {
+ megasas_setup_inquiry(cdb, 0x83,(uint8_t *)info->vpd_page83,
+ sizeof(info->vpd_page83));
+ req = sdev->info->alloc_req(sdev, (uint32_t) -1, lun);
+ if (!req) {
+ return MFI_STAT_FLASH_ALLOC_FAIL;
+ }
+ DPRINTF_DCMD("LD get info submit vpd inquiry to dev %d\n", lun);
+ req->hba_private = cmd;
+ if (cmd->sdev->info->send_command(req, cdb) > 0)
+ cmd->sdev->info->read_data(req);
+ return MFI_STAT_INVALID_STATUS;
+ }
+ info->ld_config.params.state = MFI_LD_STATE_OPTIMAL;
+ return MFI_STAT_OK;
+}
+
+static int megasas_dcmd_ld_get_info(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ struct mfi_ld_info *info = cmd->iov_buf;
+ uint64_t ld_size;
+ uint16_t ld_id;
+ uint32_t max_ld_disks = s->is_jbod ? 0 : s->fw_luns;
+ SCSIDevice *sdev = NULL;
+ int retval = MFI_STAT_OK;
+
+ memset(cmd->iov_buf, 0, cmd->iov_size);
+ if (cmd->iov_size != sizeof(struct mfi_ld_info)) {
+ DPRINTF_DCMD("LD get info: invalid xfer_len %ld\n", cmd->iov_size);
+ return MFI_STAT_INVALID_PARAMETER;
+ }
+
+ /* mbox0 has the ID */
+ ld_id = le16_to_cpu(cmd->frame->dcmd.mbox[0]);
+
+ DPRINTF_DCMD("LD get info for dev %d\n", ld_id);
+ if (ld_id >= max_ld_disks)
+ return MFI_STAT_DEVICE_NOT_FOUND;
+
+ sdev = s->bus.devs[ld_id];
+ info->ld_config.properties.ld.v.target_id = ld_id;
+
+ if (sdev) {
+ BlockConf *conf = &sdev->conf;
+ info->ld_config.params.stripe_size = 3;
+ info->ld_config.params.num_drives = 1;
+ info->ld_config.params.state = MFI_LD_STATE_OFFLINE;
+ info->ld_config.params.is_consistent = 1;
+ bdrv_get_geometry(conf->bs, &ld_size);
+ info->size = ld_size;
+ retval = megasas_ld_get_info_submit(cmd->sdev, ld_id, cmd);
+ }
+
+ return retval;
+}
+
+static int megasas_dcmd_get_properties(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ struct mfi_ctrl_props *info = cmd->iov_buf;
+
+ if (cmd->iov_size != sizeof(struct mfi_ctrl_props)) {
+ DPRINTF_DCMD("DCMD get properties: invalid xfer_len %ld\n", cmd->iov_size);
+ memset(cmd->iov_buf, 0, cmd->iov_size);
+ return MFI_STAT_INVALID_PARAMETER;
+ }
+
+ DPRINTF_DCMD("DCMD get properties\n");
+ info->pred_fail_poll_interval = 300;
+ info->intr_throttle_cnt = 16;
+ info->intr_throttle_timeout = 50;
+ info->rebuild_rate = 30;
+ info->patrol_read_rate = 30;
+ info->bgi_rate = 30;
+ info->cc_rate = 30;
+ info->recon_rate = 30;
+ info->cache_flush_interval = 4;
+ info->spinup_drv_cnt = 2;
+ info->spinup_delay = 6;
+ info->ecc_bucket_size = 15;
+ info->ecc_bucket_leak_rate = 1440;
+ info->expose_encl_devices = 1;
+
+ return MFI_STAT_OK;
+}
+
+static int megasas_cache_flush(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ DPRINTF_DCMD("MFI DCMD Cache flush\n");
+ qemu_aio_flush();
+ return MFI_STAT_OK;
+}
+
+static int megasas_ctrl_shutdown(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ DPRINTF_DCMD("MFI DCMD Controller shutdown\n");
+ s->fw_state = MFI_FWSTATE_READY;
+ return MFI_STAT_OK;
+}
+
+static int megasas_dcmd_set_properties(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ uint8_t *dummy;
+
+ DPRINTF_DCMD("DCMD set properties\n");
+ dummy = cmd->iov_buf;
+ DPRINTF_DCMD("Properties dump\n");
+ DPRINTF_DCMD("%02x %02x %02x %0x2 %02x %02x %02x %02x\n",
+ dummy[0x00], dummy[0x01], dummy[0x02], dummy[0x03],
+ dummy[0x04], dummy[0x05], dummy[0x06], dummy[0x07]);
+ DPRINTF_DCMD("%02x %02x %02x %0x2 %02x %02x %02x %02x\n",
+ dummy[0x08], dummy[0x09], dummy[0x0a], dummy[0x0b],
+ dummy[0x0c], dummy[0x0d], dummy[0x0e], dummy[0x0f]);
+ DPRINTF_DCMD("%02x %02x %02x %0x2 %02x %02x %02x %02x\n",
+ dummy[0x10], dummy[0x11], dummy[0x12], dummy[0x13],
+ dummy[0x14], dummy[0x15], dummy[0x16], dummy[0x17]);
+ DPRINTF_DCMD("%02x %02x %02x %0x2 %02x %02x %02x %02x\n",
+ dummy[0x18], dummy[0x19], dummy[0x1a], dummy[0x1b],
+ dummy[0x1c], dummy[0x1d], dummy[0x1e], dummy[0x1f]);
+ DPRINTF_DCMD("%02x %02x %02x %0x2 %02x %02x %02x %02x\n",
+ dummy[0x20], dummy[0x21], dummy[0x22], dummy[0x23],
+ dummy[0x24], dummy[0x25], dummy[0x26], dummy[0x27]);
+ DPRINTF_DCMD("%02x %02x %02x %0x2 %02x %02x %02x %02x\n",
+ dummy[0x28], dummy[0x29], dummy[0x2a], dummy[0x2b],
+ dummy[0x2c], dummy[0x2d], dummy[0x2e], dummy[0x2f]);
+ DPRINTF_DCMD("%02x %02x %02x %0x2 %02x %02x %02x %02x\n",
+ dummy[0x30], dummy[0x31], dummy[0x32], dummy[0x33],
+ dummy[0x34], dummy[0x35], dummy[0x36], dummy[0x37]);
+ DPRINTF_DCMD("%02x %02x %02x %0x2 %02x %02x %02x %02x\n",
+ dummy[0x38], dummy[0x39], dummy[0x3a], dummy[0x3b],
+ dummy[0x3c], dummy[0x3d], dummy[0x3e], dummy[0x3f]);
+ return MFI_STAT_OK;
+}
+
+static int megasas_dcmd_dummy(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ DPRINTF_DCMD("DCMD dummy: xfer_len %ld\n", cmd->iov_size);
+ memset(cmd->iov_buf, 0, cmd->iov_size);
+
+ return MFI_STAT_OK;
+}
+
+
+static const struct dcmd_cmd_tbl_t {
+ int opcode;
+ int (*func)(MPTState *s, struct megasas_cmd_t *cmd);
+} dcmd_cmd_tbl[] = {
+ {MFI_DCMD_CTRL_MFI_HOST_MEM_ALLOC, megasas_dcmd_dummy},
+ {MFI_DCMD_CTRL_GET_INFO, megasas_ctrl_get_info},
+ {MFI_DCMD_CTRL_GET_PROPERTIES, megasas_dcmd_get_properties},
+ {MFI_DCMD_CTRL_SET_PROPERTIES, megasas_dcmd_set_properties},
+ {MFI_DCMD_SPEAKER_GET, megasas_dcmd_dummy},
+ {MFI_DCMD_SPEAKER_ENABLE, megasas_dcmd_dummy},
+ {MFI_DCMD_SPEAKER_DISABLE, megasas_dcmd_dummy},
+ {MFI_DCMD_SPEAKER_SILENCE, megasas_dcmd_dummy},
+ {MFI_DCMD_SPEAKER_TEST, megasas_dcmd_dummy},
+ {MFI_DCMD_CTRL_EVENT_GETINFO, megasas_event_info},
+ {MFI_DCMD_CTRL_EVENT_GET, megasas_dcmd_dummy},
+ {MFI_DCMD_CTRL_EVENT_WAIT, megasas_dcmd_dummy},
+ {MFI_DCMD_CTRL_SHUTDOWN, megasas_ctrl_shutdown},
+ {MFI_DCMD_HIBERNATE_SHUTDOWN, megasas_dcmd_dummy},
+ {MFI_DCMD_CTRL_GET_TIME, megasas_dcmd_get_fw_time},
+ {MFI_DCMD_CTRL_SET_TIME, megasas_dcmd_set_fw_time},
+ {MFI_DCMD_CTRL_GET_BIOS_INFO, megasas_dcmd_get_bios_info},
+ {MFI_DCMD_CTRL_FACTORY_DEFAULTS, megasas_dcmd_dummy},
+ {MFI_DCMD_CTRL_MFC_DEFAULTS_GET, megasas_mfc_get_defaults},
+ {MFI_DCMD_CTRL_MFC_DEFAULTS_SET, megasas_dcmd_dummy},
+ {MFI_DCMD_CTRL_CACHE_FLUSH, megasas_cache_flush},
+ {MFI_DCMD_PD_GET_LIST, megasas_dcmd_pd_get_list},
+ {MFI_DCMD_PD_LIST_QUERY, megasas_dcmd_pd_list_query},
+ {MFI_DCMD_PD_GET_INFO, megasas_dcmd_pd_get_info},
+ {MFI_DCMD_PD_STATE_SET, megasas_dcmd_dummy},
+ {MFI_DCMD_PD_REBUILD, megasas_dcmd_dummy},
+ {MFI_DCMD_PD_BLINK, megasas_dcmd_dummy},
+ {MFI_DCMD_PD_UNBLINK, megasas_dcmd_dummy},
+ {MFI_DCMD_LD_GET_LIST, megasas_dcmd_ld_get_list},
+ {MFI_DCMD_LD_GET_INFO, megasas_dcmd_ld_get_info},
+ {MFI_DCMD_LD_GET_PROP, megasas_dcmd_dummy},
+ {MFI_DCMD_LD_SET_PROP, megasas_dcmd_dummy},
+ {MFI_DCMD_LD_DELETE, megasas_dcmd_dummy},
+ {MFI_DCMD_CFG_READ, megasas_dcmd_dummy},
+ {MFI_DCMD_CFG_ADD, megasas_dcmd_dummy},
+ {MFI_DCMD_CFG_CLEAR, megasas_dcmd_dummy},
+ {MFI_DCMD_CFG_FOREIGN_READ, megasas_dcmd_dummy},
+ {MFI_DCMD_CFG_FOREIGN_IMPORT, megasas_dcmd_dummy},
+ {MFI_DCMD_BBU_STATUS, megasas_dcmd_dummy},
+ {MFI_DCMD_BBU_CAPACITY_INFO, megasas_dcmd_dummy},
+ {MFI_DCMD_BBU_DESIGN_INFO, megasas_dcmd_dummy},
+ {MFI_DCMD_BBU_PROP_GET, megasas_dcmd_dummy},
+ {MFI_DCMD_CLUSTER, megasas_dcmd_dummy},
+ {MFI_DCMD_CLUSTER_RESET_ALL, megasas_dcmd_dummy},
+ {MFI_DCMD_CLUSTER_RESET_LD, megasas_dcmd_dummy},
+ {-1, NULL}
+};
+
+static int megasas_handle_dcmd(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ int opcode, size = 0, len;
+ int retval = 0;
+ const struct dcmd_cmd_tbl_t *cmdptr = dcmd_cmd_tbl;
+
+ opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
+ DPRINTF_DCMD("frame %d: MFI DCMD opcode %x\n", cmd->index, opcode);
+ len = megasas_map_dcmd(cmd);
+ if (len < 0) {
+ return MFI_STAT_MEMORY_NOT_AVAILABLE;
+ }
+ while (cmdptr->opcode != -1 && cmdptr->opcode != opcode) {
+ cmdptr++;
+ }
+ if (cmdptr->opcode == -1) {
+ DPRINTF("MFI DCMD %x unhandled (len %d)\n", opcode, len);
+ retval = megasas_dcmd_dummy(s, cmd);
+ } else {
+ retval = cmdptr->func(s, cmd);
+ }
+ if (retval != MFI_STAT_INVALID_STATUS) {
+ size = megasas_finish_dcmd(cmd, cmd->iov_size);
+ DPRINTF_DCMD("MFI DCMD wrote %d bytes\n", size);
+ }
+ return retval;
+}
+
+static int megasas_finish_internal_dcmd(struct megasas_cmd_t *cmd,
+ SCSIRequest *req)
+{
+ int opcode;
+ int retval = MFI_STAT_OK;
+ int lun = req->lun;
+
+ opcode = le32_to_cpu(cmd->frame->dcmd.opcode);
+ cmd->sdev->info->free_req(req);
+ DPRINTF_DCMD("DCMD finish internal cmd %x lun %d\n", opcode, lun);
+ switch (opcode) {
+ case MFI_DCMD_PD_GET_INFO:
+ DPRINTF_DCMD("Internal DCMD PD get info\n");
+ retval = megasas_pd_get_info_submit(cmd->sdev, lun, cmd);
+ break;
+ case MFI_DCMD_LD_GET_INFO:
+ DPRINTF_DCMD("Internal DCMD LD get info\n");
+ retval = megasas_ld_get_info_submit(cmd->sdev, lun, cmd);
+ break;
+ default:
+ DPRINTF_DCMD("Invalid internal DCMD\n");
+ retval = MFI_STAT_INVALID_DCMD;
+ break;
+ }
+ if (retval != MFI_STAT_INVALID_STATUS) {
+ megasas_finish_dcmd(cmd, cmd->iov_size);
+ }
+ return retval;
+}
+
+static int megasas_handle_scsi(MPTState *s, struct megasas_cmd_t *cmd, int is_logical)
+{
+ uint8_t *cdb;
+ int sglnum, len;
+
+ cdb = cmd->frame->pass.cdb;
+
+ if (cmd->frame->header.target_id < s->fw_luns) {
+ cmd->sdev = s->bus.devs[cmd->frame->header.target_id];
+ }
+ cmd->iov_size = le32_to_cpu(cmd->frame->header.data_len);
+ DPRINTF_IO("%s %s dev %x lun %x sdev %p xfer %lu\n",
+ mfi_frame_desc[cmd->frame->header.frame_cmd],
+ is_logical ? "logical" : "physical",
+ cmd->frame->header.target_id, cmd->frame->header.lun_id,
+ cmd->sdev, cmd->iov_size);
+
+ if (!cmd->sdev || (s->is_jbod && is_logical)) {
+ DPRINTF_IO("%s %s dev %x/%x target not present\n",
+ mfi_frame_desc[cmd->frame->header.frame_cmd],
+ is_logical ? "logical" : "physical",
+ cmd->frame->header.target_id,
+ cmd->frame->header.lun_id);
+ return MFI_STAT_DEVICE_NOT_FOUND;
+ }
+
+ if (cmd->frame->header.cdb_len > 16) {
+ DPRINTF("%s dev %x/%x invalid cdb len %d\n",
+ mfi_frame_desc[cmd->frame->header.frame_cmd],
+ cmd->frame->header.target_id, cmd->frame->header.lun_id,
+ cmd->frame->header.cdb_len);
+ megasas_write_sense(cmd, SENSE_CODE(INVALID_OPCODE));
+ cmd->frame->header.scsi_status = CHECK_CONDITION;
+ s->event_count++;
+ return MFI_STAT_SCSI_DONE_WITH_ERROR;
+ }
+
+ sglnum = megasas_map_sgl(cmd, offsetof(struct mfi_pass_frame, sgl));
+
+ cmd->req = cmd->sdev->info->alloc_req_iov(cmd->sdev, cmd->context,
+ cmd->frame->header.lun_id,
+ cmd->iov, sglnum);
+ cmd->req->hba_private = cmd;
+ len = cmd->sdev->info->send_command(cmd->req, cdb);
+ if (len > 0) {
+ DPRINTF_IO("%d bytes of data available for reading\n", len);
+ cmd->sdev->info->read_data(cmd->req);
+ } else if (len < 0) {
+ DPRINTF_IO("%d bytes of data available for writing\n", -len);
+ cmd->sdev->info->write_data(cmd->req);
+ } else {
+ DPRINTF_IO("No data to be transferred\n");
+ }
+ return MFI_STAT_INVALID_STATUS;
+}
+
+static int megasas_handle_io(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ uint32_t lba_count, lba_start_hi, lba_start_lo;
+ uint64_t lba_start;
+ int write = cmd->frame->header.frame_cmd == MFI_CMD_LD_WRITE ? 1 : 0;
+ uint8_t cdb[16];
+ int sglnum, len;
+
+ lba_count = le32_to_cpu(cmd->frame->io.header.data_len);
+ lba_start_lo = le32_to_cpu(cmd->frame->io.lba_lo);
+ lba_start_hi = le32_to_cpu(cmd->frame->io.lba_hi);
+ lba_start = ((uint64_t)lba_start_hi << 32) | lba_start_lo;
+
+ if (cmd->frame->header.target_id < s->fw_luns) {
+ cmd->sdev = s->bus.devs[cmd->frame->header.target_id];
+ }
+ cmd->iov_size = le32_to_cpu(cmd->frame->header.data_len) *
+ cmd->sdev->blocksize;
+
+ DPRINTF_IO("%s dev %x lun %x lba %lx count %lx\n",
+ mfi_frame_desc[cmd->frame->header.frame_cmd],
+ cmd->frame->header.target_id, cmd->frame->header.lun_id,
+ (unsigned long)lba_start, (unsigned long)lba_count);
+ if (!cmd->sdev) {
+ DPRINTF_IO("%s dev %x/%x LUN not present\n",
+ mfi_frame_desc[cmd->frame->header.frame_cmd],
+ cmd->frame->header.target_id, cmd->frame->header.lun_id);
+ return MFI_STAT_DEVICE_NOT_FOUND;
+ }
+
+ if (cmd->frame->header.cdb_len > 16) {
+ DPRINTF("%s dev %x/%x invalid cdb len %d\n",
+ mfi_frame_desc[cmd->frame->header.frame_cmd],
+ cmd->frame->header.target_id, cmd->frame->header.lun_id,
+ cmd->frame->header.cdb_len);
+ megasas_write_sense(cmd, SENSE_CODE(INVALID_OPCODE));
+ cmd->frame->header.scsi_status = CHECK_CONDITION;
+ s->event_count++;
+ return MFI_STAT_SCSI_DONE_WITH_ERROR;
+ }
+
+ sglnum = megasas_map_sgl(cmd, offsetof(struct mfi_io_frame, sgl));
+ cmd->req = cmd->sdev->info->alloc_req_iov(cmd->sdev, cmd->context,
+ cmd->frame->header.lun_id,
+ cmd->iov, sglnum);
+ cmd->req->hba_private = cmd;
+ megasas_encode_lba(cdb, lba_start, lba_count, write);
+ len = cmd->sdev->info->send_command(cmd->req, cdb);
+ if (len > 0)
+ cmd->sdev->info->read_data(cmd->req);
+ else if (len < 0) {
+ cmd->iov_size += len;
+ cmd->sdev->info->write_data(cmd->req);
+ }
+ return MFI_STAT_INVALID_STATUS;
+}
+
+static int megasas_finish_internal_command(struct megasas_cmd_t *cmd,
+ SCSIRequest *req)
+{
+ int retval = MFI_STAT_INVALID_CMD;
+
+ switch (cmd->frame->header.frame_cmd) {
+ case MFI_CMD_DCMD:
+ retval = megasas_finish_internal_dcmd(cmd, req);
+ break;
+ default:
+ break;
+ }
+ return retval;
+}
+
+static void megasas_command_complete(SCSIRequest *req, int reason, uint32_t arg)
+{
+ struct megasas_cmd_t *cmd;
+ uint8_t cmd_status = MFI_STAT_OK;
+
+ cmd = req->hba_private;
+ if (!cmd) {
+ /*
+ * Bad. A command has been completed but we couldn't find it.
+ * Only safe way out of here is to terminate everything and
+ * hope the HBA recovers.
+ */
+ DPRINTF("SCSI request tag %x not found", req->tag);
+ return;
+ }
+
+ DPRINTF_IO("%s req %p cmd %p lun %p command completed, arg %u\n",
+ mfi_frame_desc[cmd->frame->header.frame_cmd], req, cmd,
+ cmd->sdev, arg);
+
+ if (cmd->req != req) {
+ /*
+ * Internal command complete
+ */
+ cmd_status = megasas_finish_internal_command(cmd, req);
+ if (cmd_status == MFI_STAT_INVALID_STATUS) {
+ return;
+ }
+ } else if (reason == SCSI_REASON_DATA) {
+ uint16_t flags = le16_to_cpu(cmd->frame->header.flags);
+ int is_write = (flags & MFI_FRAME_DIR_WRITE) ? 1 : 0;
+
+ if (is_write) {
+ DPRINTF_IO("%s req %p cmd %p lun %p write finished, left %u\n",
+ mfi_frame_desc[cmd->frame->header.frame_cmd], req,
+ cmd, cmd->sdev, arg);
+ cmd->iov_size -= arg;
+ cmd->req->dev->info->write_data(cmd->req);
+ } else {
+ DPRINTF_IO("%s req %p cmd %p lun %p read finished, len %u\n",
+ mfi_frame_desc[cmd->frame->header.frame_cmd], req,
+ cmd, cmd->sdev, arg);
+ cmd->iov_size -= arg;
+ cmd->req->dev->info->read_data(cmd->req);
+ }
+ return;
+ } else if (reason == SCSI_REASON_DONE) {
+ req->status = arg;
+ DPRINTF_IO("%s req %p cmd %p lun %p finished with status %x len %u\n",
+ mfi_frame_desc[cmd->frame->header.frame_cmd], req, cmd,
+ cmd->sdev, req->status,
+ (unsigned)(req->cmd.xfer - cmd->iov_size));
+ if (req->status != GOOD) {
+ cmd_status = MFI_STAT_SCSI_DONE_WITH_ERROR;
+ }
+ if (req->status == CHECK_CONDITION) {
+ megasas_copy_sense(cmd);
+ }
+
+ megasas_unmap_sgl(cmd);
+ cmd->frame->header.scsi_status = req->status;
+ cmd->req->dev->info->free_req(cmd->req);
+ cmd->req = NULL;
+ }
+ cmd->frame->header.cmd_status = cmd_status;
+ megasas_dequeue_frame(cmd->state, cmd->context);
+}
+
+static int megasas_handle_abort(MPTState *s, struct megasas_cmd_t *cmd)
+{
+ uint32_t abort_ctx = le32_to_cpu(cmd->frame->abort.abort_context);
+ target_phys_addr_t abort_addr, addr_hi, addr_lo;
+ struct megasas_cmd_t *abort_cmd;
+
+ addr_hi = le32_to_cpu(cmd->frame->abort.abort_mfi_addr_hi);
+ addr_lo = le32_to_cpu(cmd->frame->abort.abort_mfi_addr_lo);
+ abort_addr = ((uint64_t)addr_hi << 32) | addr_lo;
+
+ abort_cmd = megasas_lookup_frame(s, abort_addr);
+ if (!abort_cmd) {
+ DPRINTF("No active command for frame context %x\n", abort_ctx);
+ s->event_count++;
+ return MFI_STAT_OK;
+ }
+ if (abort_cmd->context != abort_ctx) {
+ DPRINTF("abort frame %x: invalid context %x\n", abort_cmd->index,
+ abort_cmd->context);
+ s->event_count++;
+ return MFI_STAT_ABORT_NOT_POSSIBLE;
+ }
+ DPRINTF("aborting frame %x\n", abort_cmd->index);
+ megasas_dump_frame(abort_cmd);
+ megasas_abort_command(abort_cmd);
+ s->event_count++;
+ return MFI_STAT_OK;
+}
+
+static void megasas_handle_frame(MPTState *s, target_phys_addr_t frame_addr,
+ uint32_t frame_count)
+{
+ uint8_t frame_cmd;
+ uint8_t frame_status = MFI_STAT_INVALID_CMD;
+ uint32_t frame_context;
+ struct megasas_cmd_t *cmd;
+
+ frame_cmd = megasas_frame_get_cmd(frame_addr);
+ frame_context = megasas_frame_get_context(frame_addr);
+
+ DPRINTF_MFI("MFI cmd %x context %x count %d\n",
+ frame_cmd, frame_context, frame_count);
+
+ cmd = megasas_enqueue_frame(s, frame_addr, frame_count);
+ if (!cmd) {
+ /* reply queue full */
+ megasas_frame_set_scsi_status(frame_addr, BUSY);
+ megasas_frame_set_cmd_status(frame_addr, MFI_STAT_SCSI_DONE_WITH_ERROR);
+ megasas_dequeue_frame(s, frame_context);
+ s->event_count++;
+ return;
+ }
+ switch (cmd->frame->header.frame_cmd) {
+ case MFI_CMD_INIT:
+ megasas_init_firmware(s, cmd);
+ frame_status = MFI_STAT_OK;
+ break;
+ case MFI_CMD_DCMD:
+ frame_status = megasas_handle_dcmd(s, cmd);
+ break;
+ case MFI_CMD_ABORT:
+ frame_status = megasas_handle_abort(s, cmd);
+ break;
+ case MFI_CMD_PD_SCSI_IO:
+ frame_status = megasas_handle_scsi(s, cmd, 0);
+ break;
+ case MFI_CMD_LD_SCSI_IO:
+ frame_status = megasas_handle_scsi(s, cmd, 1);
+ break;
+ case MFI_CMD_LD_READ:
+ case MFI_CMD_LD_WRITE:
+ frame_status = megasas_handle_io(s, cmd);
+ break;
+ default:
+ DPRINTF("Unhandled MFI cmd %x\n", cmd->frame->header.frame_cmd);
+ s->event_count++;
+ break;
+ }
+ if (frame_status != MFI_STAT_INVALID_STATUS) {
+ cmd->frame->header.cmd_status = frame_status;
+ megasas_dequeue_frame(s, cmd->context);
+ }
+}
+
+static uint32_t megasas_mmio_readb(void *opaque, target_phys_addr_t addr)
+{
+ DPRINTF_REG("readb mmio 0x%lx\n", (unsigned long)addr);
+ return 0;
+}
+
+static uint32_t megasas_mmio_readw(void *opaque, target_phys_addr_t addr)
+{
+ DPRINTF_REG("readw mmio 0x%lx\n", (unsigned long)addr);
+ return 0;
+}
+
+static uint32_t megasas_mmio_readl(void *opaque, target_phys_addr_t addr)
+{
+ MPTState *s = opaque;
+
+ DPRINTF_REG("readl mmio 0x%lx\n", (unsigned long)addr);
+ switch (addr) {
+ case MFI_IDB:
+ return 0;
+ case MFI_OMSG0:
+ case MFI_OSP0:
+ return (s->fw_state & MFI_FWSTATE_MASK) | ((s->fw_sge & 0xff) << 16) | (s->fw_cmds & 0xFFFF);
+ case MFI_OSTS:
+ if (MEGASAS_INTR_ENABLED(s) && s->doorbell)
+ return MFI_1078_RM | s->doorbell;
+ break;
+ case MFI_OMSK:
+ return s->intr_mask;
+ case MFI_ODCR0:
+ return s->doorbell;
+ default:
+ BADF("readb 0x%lx\n", (unsigned long)addr);
+ break;
+ }
+ return 0;
+}
+
+static void megasas_mmio_writeb(void *opaque, target_phys_addr_t addr,
+ uint32_t val)
+{
+ DPRINTF_REG("writeb mmio %lx: %x\n", (unsigned long)addr, val);
+}
+
+static void megasas_mmio_writew(void *opaque, target_phys_addr_t addr,
+ uint32_t val)
+{
+ DPRINTF_REG("writew mmio %lx: %x\n", (unsigned long)addr, val);
+}
+
+static void megasas_mmio_writel(void *opaque, target_phys_addr_t addr,
+ uint32_t val)
+{
+ MPTState *s = opaque;
+ target_phys_addr_t frame_addr;
+ uint32_t frame_count;
+ int i;
+
+ DPRINTF_REG("writel mmio %lx: %x\n", (unsigned long)addr, val);
+
+ switch (addr) {
+ case MFI_IDB:
+ if (val & MFI_FWINIT_ABORT) {
+ /* Abort all pending cmds */
+ for (i = 0; i <= s->fw_cmds; i++)
+ megasas_abort_command(&s->frames[i]);
+ }
+ if (val & MFI_FWINIT_READY) {
+ /* move to FW READY */
+ megasas_soft_reset(s);
+ }
+ if (val & MFI_FWINIT_MFIMODE) {
+ /* discard MFIs */
+ }
+ break;
+ case MFI_OMSK:
+ s->intr_mask = val;
+ if (!MEGASAS_INTR_ENABLED(s)) {
+ qemu_irq_lower(s->dev.irq[0]);
+ }
+ break;
+ case MFI_ODCR0:
+ /* Update reply queue pointer */
+ DPRINTF_QUEUE("Update reply queue head %x busy %d\n",
+ s->reply_queue_index, s->busy);
+ stl_phys(s->producer_pa, s->reply_queue_index);
+ s->doorbell = 0;
+ qemu_irq_lower(s->dev.irq[0]);
+ break;
+ case MFI_IQPH:
+ s->frame_hi = val;
+ break;
+ case MFI_IQPL:
+ case MFI_IQP:
+ /* Received MFI frame address */
+ frame_addr = (val & ~0xFF);
+ /* Add possible 64 bit offset */
+ frame_addr |= (uint64_t)s->frame_hi;
+ s->frame_hi = 0;
+ frame_count = (val >> 1) & 0x7F;
+ DPRINTF_MFI("Received frame addr %lx count %d\n",
+ (unsigned long)frame_addr, frame_count);
+ megasas_handle_frame(s, frame_addr, frame_count);
+ break;
+ default:
+ BADF("writel 0x%lx: %x\n", (unsigned long)addr, val);
+ break;
+ }
+}
+
+static CPUReadMemoryFunc * const megasas_mmio_readfn[3] = {
+ megasas_mmio_readb,
+ megasas_mmio_readw,
+ megasas_mmio_readl,
+};
+
+static CPUWriteMemoryFunc * const megasas_mmio_writefn[3] = {
+ megasas_mmio_writeb,
+ megasas_mmio_writew,
+ megasas_mmio_writel,
+};
+
+static uint32_t megasas_io_readb(void *opaque, uint32_t addr)
+{
+ DPRINTF_REG("readb reg 0x%lx\n", (unsigned long)addr);
+ return 0;
+}
+
+static uint32_t megasas_io_readw(void *opaque, uint32_t addr)
+{
+ DPRINTF_REG("readw reg 0x%lx\n", (unsigned long)addr);
+ return 0;
+}
+
+static uint32_t megasas_io_readl(void *opaque, uint32_t addr)
+{
+ DPRINTF_REG("readl reg 0x%lx\n", (unsigned long)addr);
+ return megasas_mmio_readl(opaque, addr & 0xff);
+}
+
+static void megasas_io_writeb(void *opaque, uint32_t addr, uint32_t val)
+{
+ DPRINTF_REG("writeb reg 0x%lx: %x\n", (unsigned long)addr, val);
+}
+
+static void megasas_io_writew(void *opaque, uint32_t addr, uint32_t val)
+{
+ DPRINTF_REG("writew reg 0x%lx: %x\n", (unsigned long)addr, val);
+}
+
+static void megasas_io_writel(void *opaque, uint32_t addr, uint32_t val)
+{
+ DPRINTF_REG("writel reg 0x%lx: %x\n", (unsigned long)addr, val);
+ megasas_mmio_writel(opaque, addr & 0xff, val);
+}
+
+static CPUReadMemoryFunc * const megasas_io_readfn[3] = {
+ megasas_mmio_readb,
+ megasas_mmio_readw,
+ megasas_mmio_readl,
+};
+
+static CPUWriteMemoryFunc * const megasas_io_writefn[3] = {
+ megasas_mmio_writeb,
+ megasas_mmio_writew,
+ megasas_mmio_writel,
+};
+
+static uint32_t megasas_queue_readl(void *opaque, target_phys_addr_t addr)
+{
+ DPRINTF_REG("readl queue 0x%lx\n", (unsigned long)addr);
+ return 0;
+}
+
+static void megasas_queue_writel(void *opaque, target_phys_addr_t addr,
+ uint32_t val)
+{
+ DPRINTF_REG("writel queue %lx: %x\n", (unsigned long)addr, val);
+}
+
+static CPUReadMemoryFunc * const megasas_queue_readfn[3] = {
+ NULL,
+ NULL,
+ megasas_queue_readl,
+};
+
+static CPUWriteMemoryFunc * const megasas_queue_writefn[3] = {
+ NULL,
+ NULL,
+ megasas_queue_writel,
+};
+
+static void megasas_soft_reset(MPTState *s)
+{
+ int i;
+ struct megasas_cmd_t *cmd;
+
+ DPRINTF("Reset\n");
+ for (i = 0; i <= s->fw_cmds; i++) {
+ cmd = &s->frames[i];
+ megasas_abort_command(cmd);
+ if (cmd->frame) {
+ cpu_physical_memory_unmap(cmd->frame, cmd->pa_size, 0, 0);
+ cmd->frame = NULL;
+ cmd->pa = 0;
+ }
+ }
+ s->reply_queue_len = 0;
+ s->reply_queue_pa = 0;
+ s->consumer_pa = 0;
+ s->producer_pa = 0;
+ s->fw_state = MFI_FWSTATE_READY;
+ s->doorbell = 0;
+ s->intr_mask = MEGASAS_INTR_DISABLED_MASK;
+ s->frame_hi = 0;
+ s->event_count++;
+ s->boot_event = s->event_count;
+}
+
+static void megasas_mmio_mapfunc(PCIDevice *pci_dev, int region_num,
+ pcibus_t addr, pcibus_t size, int type)
+{
+ MPTState *s = DO_UPCAST(MPTState, dev, pci_dev);
+
+ DPRINTF_REG("Mapping MMIO region %d at %08lx\n", region_num, (unsigned long)addr);
+ cpu_register_physical_memory(addr, size, s->mmio_io_addr);
+ s->event_count++;
+}
+
+static void megasas_io_mapfunc(PCIDevice *pci_dev, int region_num,
+ pcibus_t addr, pcibus_t size, int type)
+{
+ MPTState *s = DO_UPCAST(MPTState, dev, pci_dev);
+
+ DPRINTF_REG("Mapping IO region %d at %08lx\n", region_num, (unsigned long)addr);
+ register_ioport_write(addr, size, 1, megasas_io_writeb, s);
+ register_ioport_write(addr, size, 2, megasas_io_writew, s);
+ register_ioport_write(addr, size, 4, megasas_io_writel, s);
+ register_ioport_read(addr, size, 1, megasas_io_readb, s);
+ register_ioport_read(addr, size, 2, megasas_io_readw, s);
+ register_ioport_read(addr, size, 4, megasas_io_readl, s);
+ s->event_count++;
+}
+
+static void megasas_queue_mapfunc(PCIDevice *pci_dev, int region_num,
+ pcibus_t addr, pcibus_t size, int type)
+{
+ MPTState *s = DO_UPCAST(MPTState, dev, pci_dev);
+
+ DPRINTF_REG("Mapping QUEUE region %d at %08lx\n", region_num, (unsigned long)addr);
+ cpu_register_physical_memory(addr, size, s->queue_addr);
+ s->event_count++;
+}
+
+static void megasas_scsi_reset(DeviceState *dev)
+{
+ MPTState *s = DO_UPCAST(MPTState, dev.qdev, dev);
+
+ megasas_soft_reset(s);
+}
+
+static const VMStateDescription vmstate_megasas = {
+ .name = "megasas",
+ .version_id = 0,
+ .minimum_version_id = 0,
+ .minimum_version_id_old = 0,
+ .fields = (VMStateField []) {
+ VMSTATE_PCI_DEVICE(dev, MPTState),
+
+ VMSTATE_INT32(fw_state, MPTState),
+ VMSTATE_INT32(intr_mask, MPTState),
+ VMSTATE_INT32(doorbell, MPTState),
+ VMSTATE_UINT64(reply_queue_pa, MPTState),
+ VMSTATE_UINT64(consumer_pa, MPTState),
+ VMSTATE_UINT64(producer_pa, MPTState),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static int megasas_scsi_uninit(PCIDevice *d)
+{
+ MPTState *s = DO_UPCAST(MPTState, dev, d);
+
+ cpu_unregister_io_memory(s->mmio_io_addr);
+ cpu_unregister_io_memory(s->io_addr);
+ cpu_unregister_io_memory(s->queue_addr);
+
+ return 0;
+}
+
+static int megasas_scsi_init(PCIDevice *dev)
+{
+ MPTState *s = DO_UPCAST(MPTState, dev, dev);
+ uint8_t *pci_conf;
+ int i;
+
+ pci_conf = s->dev.config;
+
+ /* PCI Vendor ID (word) */
+ pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_LSI_LOGIC);
+ /* PCI device ID (word) */
+ pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_LSI_SAS1078);
+ /* PCI subsystem ID */
+ pci_set_word(&pci_conf[PCI_SUBSYSTEM_VENDOR_ID], 0x1000);
+ pci_set_word(&pci_conf[PCI_SUBSYSTEM_ID], 0x1013);
+ /* PCI base class code */
+ pci_config_set_class(pci_conf, PCI_CLASS_STORAGE_RAID);
+
+ /* PCI latency timer = 0 */
+ pci_conf[0x0d] = 0;
+ /* Interrupt pin 1 */
+ pci_conf[0x3d] = 0x01;
+
+ s->mmio_io_addr = cpu_register_io_memory(megasas_mmio_readfn,
+ megasas_mmio_writefn, s);
+ s->io_addr = cpu_register_io_memory(megasas_io_readfn,
+ megasas_io_writefn, s);
+ s->queue_addr = cpu_register_io_memory(megasas_queue_readfn,
+ megasas_queue_writefn, s);
+ pci_register_bar((struct PCIDevice *)s, 0, 0x40000,
+ PCI_BASE_ADDRESS_SPACE_MEMORY, megasas_mmio_mapfunc);
+ pci_register_bar((struct PCIDevice *)s, 2, 256,
+ PCI_BASE_ADDRESS_SPACE_IO, megasas_io_mapfunc);
+ pci_register_bar((struct PCIDevice *)s, 3, 0x40000,
+ PCI_BASE_ADDRESS_SPACE_MEMORY, megasas_queue_mapfunc);
+ if (s->fw_sge >= MEGASAS_MAX_SGE - MFI_PASS_FRAME_SIZE) {
+ s->fw_sge = MEGASAS_MAX_SGE - MFI_PASS_FRAME_SIZE;
+ } else if (s->fw_sge >= 128 - MFI_PASS_FRAME_SIZE) {
+ s->fw_sge = 128 - MFI_PASS_FRAME_SIZE;
+ } else {
+ s->fw_sge = 64 - MFI_PASS_FRAME_SIZE;
+ }
+ if (s->fw_cmds > MEGASAS_MAX_FRAMES) {
+ s->fw_cmds = MEGASAS_MAX_FRAMES;
+ }
+ if (s->raid_mode_str) {
+ if (!strcmp(s->raid_mode_str, "jbod"))
+ s->is_jbod = 1;
+ else
+ s->is_jbod = 0;
+ }
+ DPRINTF("Using %d sges, %d cmds, %s mode\n",
+ s->fw_sge, s->fw_cmds, s->is_jbod ? "jbod" : "raid");
+ s->fw_luns = (MFI_MAX_LD > MAX_SCSI_DEVS) ?
+ MAX_SCSI_DEVS : MFI_MAX_LD;
+ s->producer_pa = 0;
+ s->consumer_pa = 0;
+ for (i = 0; i < s->fw_cmds; i++) {
+ s->frames[i].index = i;
+ s->frames[i].context = -1;
+ s->frames[i].pa = 0;
+ s->frames[i].state = s;
+ }
+
+ scsi_bus_new(&s->bus, &dev->qdev, 1, s->fw_luns, megasas_command_complete);
+ scsi_bus_legacy_handle_cmdline(&s->bus);
+ return 0;
+}
+
+static PCIDeviceInfo megasas_info = {
+ .qdev.name = "LSI MegaRAID SAS 1078",
+ .qdev.alias = "megasas",
+ .qdev.size = sizeof(MPTState),
+ .qdev.reset = megasas_scsi_reset,
+ .qdev.vmsd = &vmstate_megasas,
+ .init = megasas_scsi_init,
+ .exit = megasas_scsi_uninit,
+ .qdev.props = (Property[]) {
+ DEFINE_PROP_UINT32("max_sge", MPTState, fw_sge,
+ MEGASAS_DEFAULT_SGE),
+ DEFINE_PROP_UINT32("max_cmds", MPTState, fw_cmds,
+ MEGASAS_DEFAULT_FRAMES),
+ DEFINE_PROP_STRING("mode", MPTState, raid_mode_str),
+ DEFINE_PROP_END_OF_LIST(),
+ },
+};
+
+static void megaraid1078_register_devices(void)
+{
+ pci_qdev_register(&megasas_info);
+}
+
+device_init(megaraid1078_register_devices);
diff --git a/hw/mfi.h b/hw/mfi.h
new file mode 100644
index 0000000..cc71af3
--- /dev/null
+++ b/hw/mfi.h
@@ -0,0 +1,1197 @@
+/*-
+ * Copyright (c) 2006 IronPort Systems
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+/*-
+ * Copyright (c) 2007 LSI Corp.
+ * Copyright (c) 2007 Rajesh Prabhakaran.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifndef _MFI_H
+#define _MFI_H
+
+/*
+ * MegaRAID SAS MFI firmware definitions
+ *
+ * Calling this driver 'MegaRAID SAS' is a bit misleading. It's a completely
+ * new firmware interface from the old AMI MegaRAID one, and there is no
+ * reason why this interface should be limited to just SAS. In any case, LSI
+ * seems to also call this interface 'MFI', so that will be used here.
+ */
+
+/*
+ * Start with the register set. All registers are 32 bits wide.
+ * The usual Intel IOP style setup.
+ */
+#define MFI_IMSG0 0x10 /* Inbound message 0 */
+#define MFI_IMSG1 0x14 /* Inbound message 1 */
+#define MFI_OMSG0 0x18 /* Outbound message 0 */
+#define MFI_OMSG1 0x1c /* Outbound message 1 */
+#define MFI_IDB 0x20 /* Inbound doorbell */
+#define MFI_ISTS 0x24 /* Inbound interrupt status */
+#define MFI_IMSK 0x28 /* Inbound interrupt mask */
+#define MFI_ODB 0x2c /* Outbound doorbell */
+#define MFI_OSTS 0x30 /* Outbound interrupt status */
+#define MFI_OMSK 0x34 /* Outbound interrupt mask */
+#define MFI_IQP 0x40 /* Inbound queue port */
+#define MFI_OQP 0x44 /* Outbound queue port */
+
+/*
+ * 1078 specific related register
+ */
+#define MFI_ODR0 0x9c /* outbound doorbell register0 */
+#define MFI_ODCR0 0xa0 /* outbound doorbell clear register0 */
+#define MFI_OSP0 0xb0 /* outbound scratch pad0 */
+#define MFI_IQPL 0xc0 /* Inbound queue port (low bytes) */
+#define MFI_IQPH 0xc4 /* Inbound queue port (high bytes) */
+#define MFI_1078_EIM 0x80000004 /* 1078 enable intrrupt mask */
+#define MFI_RMI 0x2 /* reply message interrupt */
+#define MFI_1078_RM 0x80000000 /* reply 1078 message interrupt */
+#define MFI_ODC 0x4 /* outbound doorbell change interrupt */
+
+/*
+ * gen2 specific changes
+ */
+#define MFI_GEN2_EIM 0x00000005 /* gen2 enable interrupt mask */
+#define MFI_GEN2_RM 0x00000001 /* reply gen2 message interrupt */
+
+/*
+ * skinny specific changes
+ */
+#define MFI_SKINNY_IDB 0x00 /* Inbound doorbell is at 0x00 for skinny */
+#define MFI_SKINNY_RM 0x00000001 /* reply skinny message interrupt */
+
+/* Bits for MFI_OSTS */
+#define MFI_OSTS_INTR_VALID 0x00000002
+
+/*
+ * Firmware state values. Found in OMSG0 during initialization.
+ */
+#define MFI_FWSTATE_MASK 0xf0000000
+#define MFI_FWSTATE_UNDEFINED 0x00000000
+#define MFI_FWSTATE_BB_INIT 0x10000000
+#define MFI_FWSTATE_FW_INIT 0x40000000
+#define MFI_FWSTATE_WAIT_HANDSHAKE 0x60000000
+#define MFI_FWSTATE_FW_INIT_2 0x70000000
+#define MFI_FWSTATE_DEVICE_SCAN 0x80000000
+#define MFI_FWSTATE_BOOT_MSG_PENDING 0x90000000
+#define MFI_FWSTATE_FLUSH_CACHE 0xa0000000
+#define MFI_FWSTATE_READY 0xb0000000
+#define MFI_FWSTATE_OPERATIONAL 0xc0000000
+#define MFI_FWSTATE_FAULT 0xf0000000
+#define MFI_FWSTATE_MAXSGL_MASK 0x00ff0000
+#define MFI_FWSTATE_MAXCMD_MASK 0x0000ffff
+#define MFI_FWSTATE_HOSTMEMREQD_MASK 0x08000000
+
+/*
+ * Control bits to drive the card to ready state. These go into the IDB
+ * register.
+ */
+#define MFI_FWINIT_ABORT 0x00000001 /* Abort all pending commands */
+#define MFI_FWINIT_READY 0x00000002 /* Move from operational to ready */
+#define MFI_FWINIT_MFIMODE 0x00000004 /* unknown */
+#define MFI_FWINIT_CLEAR_HANDSHAKE 0x00000008 /* Respond to WAIT_HANDSHAKE */
+#define MFI_FWINIT_HOTPLUG 0x00000010
+#define MFI_FWINIT_STOP_ADP 0x00000020 /* Move to operational, stop */
+
+/* MFI Commands */
+typedef enum {
+ MFI_CMD_INIT = 0x00,
+ MFI_CMD_LD_READ,
+ MFI_CMD_LD_WRITE,
+ MFI_CMD_LD_SCSI_IO,
+ MFI_CMD_PD_SCSI_IO,
+ MFI_CMD_DCMD,
+ MFI_CMD_ABORT,
+ MFI_CMD_SMP,
+ MFI_CMD_STP
+} mfi_cmd_t;
+
+/* Direct commands */
+typedef enum {
+ MFI_DCMD_CTRL_MFI_HOST_MEM_ALLOC = 0x0100e100,
+ MFI_DCMD_CTRL_GET_INFO = 0x01010000,
+ MFI_DCMD_CTRL_GET_PROPERTIES = 0x01020100,
+ MFI_DCMD_CTRL_SET_PROPERTIES = 0x01020200,
+ MFI_DCMD_SPEAKER_GET = 0x01030100,
+ MFI_DCMD_SPEAKER_ENABLE = 0x01030200,
+ MFI_DCMD_SPEAKER_DISABLE = 0x01030300,
+ MFI_DCMD_SPEAKER_SILENCE = 0x01030400,
+ MFI_DCMD_SPEAKER_TEST = 0x01030500,
+ MFI_DCMD_CTRL_EVENT_GETINFO = 0x01040100,
+ MFI_DCMD_CTRL_EVENT_GET = 0x01040300,
+ MFI_DCMD_CTRL_EVENT_WAIT = 0x01040500,
+ MFI_DCMD_CTRL_SHUTDOWN = 0x01050000,
+ MFI_DCMD_HIBERNATE_SHUTDOWN = 0x01060000,
+ MFI_DCMD_CTRL_GET_TIME = 0x01080101,
+ MFI_DCMD_CTRL_SET_TIME = 0x01080102,
+ MFI_DCMD_CTRL_GET_BIOS_INFO = 0x010c0100,
+ MFI_DCMD_CTRL_FACTORY_DEFAULTS = 0x010d0000,
+ MFI_DCMD_CTRL_MFC_DEFAULTS_GET = 0x010e0201,
+ MFI_DCMD_CTRL_MFC_DEFAULTS_SET = 0x010e0202,
+ MFI_DCMD_CTRL_CACHE_FLUSH = 0x01101000,
+ MFI_DCMD_PD_GET_LIST = 0x02010000,
+ MFI_DCMD_PD_LIST_QUERY = 0x02010100,
+ MFI_DCMD_PD_GET_INFO = 0x02020000,
+ MFI_DCMD_PD_STATE_SET = 0x02030100,
+ MFI_DCMD_PD_REBUILD = 0x02040100,
+ MFI_DCMD_PD_BLINK = 0x02070100,
+ MFI_DCMD_PD_UNBLINK = 0x02070200,
+ MFI_DCMD_LD_GET_LIST = 0x03010000,
+ MFI_DCMD_LD_GET_INFO = 0x03020000,
+ MFI_DCMD_LD_GET_PROP = 0x03030000,
+ MFI_DCMD_LD_SET_PROP = 0x03040000,
+ MFI_DCMD_LD_DELETE = 0x03090000,
+ MFI_DCMD_CFG_READ = 0x04010000,
+ MFI_DCMD_CFG_ADD = 0x04020000,
+ MFI_DCMD_CFG_CLEAR = 0x04030000,
+ MFI_DCMD_CFG_FOREIGN_READ = 0x04060100,
+ MFI_DCMD_CFG_FOREIGN_IMPORT = 0x04060400,
+ MFI_DCMD_BBU_STATUS = 0x05010000,
+ MFI_DCMD_BBU_CAPACITY_INFO = 0x05020000,
+ MFI_DCMD_BBU_DESIGN_INFO = 0x05030000,
+ MFI_DCMD_BBU_PROP_GET = 0x05050100,
+ MFI_DCMD_CLUSTER = 0x08000000,
+ MFI_DCMD_CLUSTER_RESET_ALL = 0x08010100,
+ MFI_DCMD_CLUSTER_RESET_LD = 0x08010200
+} mfi_dcmd_t;
+
+/* Modifiers for MFI_DCMD_CTRL_FLUSHCACHE */
+#define MFI_FLUSHCACHE_CTRL 0x01
+#define MFI_FLUSHCACHE_DISK 0x02
+
+/* Modifiers for MFI_DCMD_CTRL_SHUTDOWN */
+#define MFI_SHUTDOWN_SPINDOWN 0x01
+
+/*
+ * MFI Frame flags
+ */
+typedef enum {
+ MFI_FRAME_DONT_POST_IN_REPLY_QUEUE = 0x0001,
+ MFI_FRAME_SGL64 = 0x0002,
+ MFI_FRAME_SENSE64 = 0x0004,
+ MFI_FRAME_DIR_WRITE = 0x0008,
+ MFI_FRAME_DIR_READ = 0x0010,
+ MFI_FRAME_IEEE_SGL = 0x0020,
+} mfi_frame_flags;
+
+/* MFI Status codes */
+typedef enum {
+ MFI_STAT_OK = 0x00,
+ MFI_STAT_INVALID_CMD,
+ MFI_STAT_INVALID_DCMD,
+ MFI_STAT_INVALID_PARAMETER,
+ MFI_STAT_INVALID_SEQUENCE_NUMBER,
+ MFI_STAT_ABORT_NOT_POSSIBLE,
+ MFI_STAT_APP_HOST_CODE_NOT_FOUND,
+ MFI_STAT_APP_IN_USE,
+ MFI_STAT_APP_NOT_INITIALIZED,
+ MFI_STAT_ARRAY_INDEX_INVALID,
+ MFI_STAT_ARRAY_ROW_NOT_EMPTY,
+ MFI_STAT_CONFIG_RESOURCE_CONFLICT,
+ MFI_STAT_DEVICE_NOT_FOUND,
+ MFI_STAT_DRIVE_TOO_SMALL,
+ MFI_STAT_FLASH_ALLOC_FAIL,
+ MFI_STAT_FLASH_BUSY,
+ MFI_STAT_FLASH_ERROR = 0x10,
+ MFI_STAT_FLASH_IMAGE_BAD,
+ MFI_STAT_FLASH_IMAGE_INCOMPLETE,
+ MFI_STAT_FLASH_NOT_OPEN,
+ MFI_STAT_FLASH_NOT_STARTED,
+ MFI_STAT_FLUSH_FAILED,
+ MFI_STAT_HOST_CODE_NOT_FOUNT,
+ MFI_STAT_LD_CC_IN_PROGRESS,
+ MFI_STAT_LD_INIT_IN_PROGRESS,
+ MFI_STAT_LD_LBA_OUT_OF_RANGE,
+ MFI_STAT_LD_MAX_CONFIGURED,
+ MFI_STAT_LD_NOT_OPTIMAL,
+ MFI_STAT_LD_RBLD_IN_PROGRESS,
+ MFI_STAT_LD_RECON_IN_PROGRESS,
+ MFI_STAT_LD_WRONG_RAID_LEVEL,
+ MFI_STAT_MAX_SPARES_EXCEEDED,
+ MFI_STAT_MEMORY_NOT_AVAILABLE = 0x20,
+ MFI_STAT_MFC_HW_ERROR,
+ MFI_STAT_NO_HW_PRESENT,
+ MFI_STAT_NOT_FOUND,
+ MFI_STAT_NOT_IN_ENCL,
+ MFI_STAT_PD_CLEAR_IN_PROGRESS,
+ MFI_STAT_PD_TYPE_WRONG,
+ MFI_STAT_PR_DISABLED,
+ MFI_STAT_ROW_INDEX_INVALID,
+ MFI_STAT_SAS_CONFIG_INVALID_ACTION,
+ MFI_STAT_SAS_CONFIG_INVALID_DATA,
+ MFI_STAT_SAS_CONFIG_INVALID_PAGE,
+ MFI_STAT_SAS_CONFIG_INVALID_TYPE,
+ MFI_STAT_SCSI_DONE_WITH_ERROR,
+ MFI_STAT_SCSI_IO_FAILED,
+ MFI_STAT_SCSI_RESERVATION_CONFLICT,
+ MFI_STAT_SHUTDOWN_FAILED = 0x30,
+ MFI_STAT_TIME_NOT_SET,
+ MFI_STAT_WRONG_STATE,
+ MFI_STAT_LD_OFFLINE,
+ MFI_STAT_PEER_NOTIFICATION_REJECTED,
+ MFI_STAT_PEER_NOTIFICATION_FAILED,
+ MFI_STAT_RESERVATION_IN_PROGRESS,
+ MFI_STAT_I2C_ERRORS_DETECTED,
+ MFI_STAT_PCI_ERRORS_DETECTED,
+ MFI_STAT_INVALID_STATUS = 0xFF
+} mfi_status_t;
+
+typedef enum {
+ MFI_EVT_CLASS_DEBUG = -2,
+ MFI_EVT_CLASS_PROGRESS = -1,
+ MFI_EVT_CLASS_INFO = 0,
+ MFI_EVT_CLASS_WARNING = 1,
+ MFI_EVT_CLASS_CRITICAL = 2,
+ MFI_EVT_CLASS_FATAL = 3,
+ MFI_EVT_CLASS_DEAD = 4
+} mfi_evt_class_t;
+
+typedef enum {
+ MFI_EVT_LOCALE_LD = 0x0001,
+ MFI_EVT_LOCALE_PD = 0x0002,
+ MFI_EVT_LOCALE_ENCL = 0x0004,
+ MFI_EVT_LOCALE_BBU = 0x0008,
+ MFI_EVT_LOCALE_SAS = 0x0010,
+ MFI_EVT_LOCALE_CTRL = 0x0020,
+ MFI_EVT_LOCALE_CONFIG = 0x0040,
+ MFI_EVT_LOCALE_CLUSTER = 0x0080,
+ MFI_EVT_LOCALE_ALL = 0xffff
+} mfi_evt_locale_t;
+
+typedef enum {
+ MR_EVT_ARGS_NONE = 0x00,
+ MR_EVT_ARGS_CDB_SENSE,
+ MR_EVT_ARGS_LD,
+ MR_EVT_ARGS_LD_COUNT,
+ MR_EVT_ARGS_LD_LBA,
+ MR_EVT_ARGS_LD_OWNER,
+ MR_EVT_ARGS_LD_LBA_PD_LBA,
+ MR_EVT_ARGS_LD_PROG,
+ MR_EVT_ARGS_LD_STATE,
+ MR_EVT_ARGS_LD_STRIP,
+ MR_EVT_ARGS_PD,
+ MR_EVT_ARGS_PD_ERR,
+ MR_EVT_ARGS_PD_LBA,
+ MR_EVT_ARGS_PD_LBA_LD,
+ MR_EVT_ARGS_PD_PROG,
+ MR_EVT_ARGS_PD_STATE,
+ MR_EVT_ARGS_PCI,
+ MR_EVT_ARGS_RATE,
+ MR_EVT_ARGS_STR,
+ MR_EVT_ARGS_TIME,
+ MR_EVT_ARGS_ECC
+} mfi_evt_args;
+
+typedef enum {
+ MR_LD_CACHE_WRITE_BACK = 0x01,
+ MR_LD_CACHE_WRITE_ADAPTIVE = 0x02,
+ MR_LD_CACHE_READ_AHEAD = 0x04,
+ MR_LD_CACHE_READ_ADAPTIVE = 0x08,
+ MR_LD_CACHE_WRITE_CACHE_BAD_BBU=0x10,
+ MR_LD_CACHE_ALLOW_WRITE_CACHE = 0x20,
+ MR_LD_CACHE_ALLOW_READ_CACHE = 0x40
+} mfi_ld_cache;
+
+typedef enum {
+ MR_PD_CACHE_UNCHANGED = 0,
+ MR_PD_CACHE_ENABLE = 1,
+ MR_PD_CACHE_DISABLE = 2
+} mfi_pd_cache;
+
+typedef enum {
+ MR_PD_QUERY_TYPE_ALL = 0,
+ MR_PD_QUERY_TYPE_STATE = 1,
+ MR_PD_QUERY_TYPE_POWER_STATE = 2,
+ MR_PD_QUERY_TYPE_MEDIA_TYPE = 3,
+ MR_PD_QUERY_TYPE_SPEED = 4,
+ MR_PD_QUERY_TYPE_EXPOSED_TO_HOST = 5, /*query for system drives */
+}mfi_pd_query_type;
+
+/*
+ * Other propertities and definitions
+ */
+#define MFI_MAX_PD_CHANNELS 2
+#define MFI_MAX_LD_CHANNELS 2
+#define MFI_MAX_CHANNELS (MFI_MAX_PD_CHANNELS + MFI_MAX_LD_CHANNELS)
+#define MFI_MAX_CHANNEL_DEVS 128
+#define MFI_DEFAULT_ID -1
+#define MFI_MAX_LUN 8
+#define MFI_MAX_LD 64
+
+#define MFI_FRAME_SIZE 64
+#define MFI_MBOX_SIZE 12
+
+/* Firmware flashing can take 40s */
+#define MFI_POLL_TIMEOUT_SECS 50
+
+/* Allow for speedier math calculations */
+#define MFI_SECTOR_LEN 512
+
+/* Scatter Gather elements */
+struct mfi_sg32 {
+ uint32_t addr;
+ uint32_t len;
+} __attribute__ ((packed));
+
+struct mfi_sg64 {
+ uint64_t addr;
+ uint32_t len;
+} __attribute__ ((packed));
+
+struct mfi_sg_skinny {
+ uint64_t addr;
+ uint32_t len;
+ uint32_t flag;
+} __attribute__ ((packed));
+
+union mfi_sgl {
+ struct mfi_sg32 sg32[1];
+ struct mfi_sg64 sg64[1];
+ struct mfi_sg_skinny sg_skinny[1];
+} __attribute__ ((packed));
+
+/* Message frames. All messages have a common header */
+struct mfi_frame_header {
+ uint8_t frame_cmd;
+ uint8_t sense_len;
+ uint8_t cmd_status;
+ uint8_t scsi_status;
+ uint8_t target_id;
+ uint8_t lun_id;
+ uint8_t cdb_len;
+ uint8_t sge_count;
+ uint32_t context;
+ /*
+ * pad0 is MSI Specific. Not used by Driver. Zero the value before
+ * sending the command to f/w
+ */
+ uint32_t pad0;
+ uint16_t flags;
+ uint16_t timeout;
+ uint32_t data_len;
+} __attribute__ ((packed));
+
+struct mfi_init_frame {
+ struct mfi_frame_header header;
+ uint32_t qinfo_new_addr_lo;
+ uint32_t qinfo_new_addr_hi;
+ uint32_t qinfo_old_addr_lo;
+ uint32_t qinfo_old_addr_hi;
+ uint32_t reserved[6];
+} __attribute__ ((packed));
+
+#define MFI_IO_FRAME_SIZE 40
+struct mfi_io_frame {
+ struct mfi_frame_header header;
+ uint32_t sense_addr_lo;
+ uint32_t sense_addr_hi;
+ uint32_t lba_lo;
+ uint32_t lba_hi;
+ union mfi_sgl sgl;
+} __attribute__ ((packed));
+
+#define MFI_PASS_FRAME_SIZE 48
+struct mfi_pass_frame {
+ struct mfi_frame_header header;
+ uint32_t sense_addr_lo;
+ uint32_t sense_addr_hi;
+ uint8_t cdb[16];
+ union mfi_sgl sgl;
+} __attribute__ ((packed));
+
+#define MFI_DCMD_FRAME_SIZE 40
+struct mfi_dcmd_frame {
+ struct mfi_frame_header header;
+ uint32_t opcode;
+ uint8_t mbox[MFI_MBOX_SIZE];
+ union mfi_sgl sgl;
+} __attribute__ ((packed));
+
+struct mfi_abort_frame {
+ struct mfi_frame_header header;
+ uint32_t abort_context;
+ /* pad is changed to reserved.*/
+ uint32_t reserved0;
+ uint32_t abort_mfi_addr_lo;
+ uint32_t abort_mfi_addr_hi;
+ uint32_t reserved1[6];
+} __attribute__ ((packed));
+
+struct mfi_smp_frame {
+ struct mfi_frame_header header;
+ uint64_t sas_addr;
+ union {
+ struct mfi_sg32 sg32[2];
+ struct mfi_sg64 sg64[2];
+ } sgl;
+} __attribute__ ((packed));
+
+struct mfi_stp_frame {
+ struct mfi_frame_header header;
+ uint16_t fis[10];
+ uint32_t stp_flags;
+ union {
+ struct mfi_sg32 sg32[2];
+ struct mfi_sg64 sg64[2];
+ } sgl;
+} __attribute__ ((packed));
+
+union mfi_frame {
+ struct mfi_frame_header header;
+ struct mfi_init_frame init;
+ struct mfi_io_frame io;
+ struct mfi_pass_frame pass;
+ struct mfi_dcmd_frame dcmd;
+ struct mfi_abort_frame abort;
+ struct mfi_smp_frame smp;
+ struct mfi_stp_frame stp;
+ uint64_t raw[8];
+ uint8_t bytes[MFI_FRAME_SIZE];
+};
+
+#define MFI_SENSE_LEN 128
+struct mfi_sense {
+ uint8_t data[MFI_SENSE_LEN];
+};
+
+/* The queue init structure that is passed with the init message */
+struct mfi_init_qinfo {
+ uint32_t flags;
+ uint32_t rq_entries;
+ uint32_t rq_addr_lo;
+ uint32_t rq_addr_hi;
+ uint32_t pi_addr_lo;
+ uint32_t pi_addr_hi;
+ uint32_t ci_addr_lo;
+ uint32_t ci_addr_hi;
+} __attribute__ ((packed));
+
+/* Controller properties */
+struct mfi_ctrl_props {
+ uint16_t seq_num;
+ uint16_t pred_fail_poll_interval;
+ uint16_t intr_throttle_cnt;
+ uint16_t intr_throttle_timeout;
+ uint8_t rebuild_rate;
+ uint8_t patrol_read_rate;
+ uint8_t bgi_rate;
+ uint8_t cc_rate;
+ uint8_t recon_rate;
+ uint8_t cache_flush_interval;
+ uint8_t spinup_drv_cnt;
+ uint8_t spinup_delay;
+ uint8_t cluster_enable;
+ uint8_t coercion_mode;
+ uint8_t alarm_enable;
+ uint8_t disable_auto_rebuild;
+ uint8_t disable_battery_warn;
+ uint8_t ecc_bucket_size;
+ uint16_t ecc_bucket_leak_rate;
+ uint8_t restore_hotspare_on_insertion;
+ uint8_t expose_encl_devices;
+ uint8_t maintainPdFailHistory;
+ uint8_t disallowHostRequestReordering;
+ uint8_t abortCCOnError;
+ uint8_t loadBalanceMode;
+ uint8_t disableAutoDetectBackplane;
+ uint8_t snapVDSpace;
+ struct {
+ uint32_t copyBackDisabled : 1; // set TRUE to disable copyBack (0=copback enabled)
+ uint32_t SMARTerEnabled : 1;
+ uint32_t prCorrectUnconfiguredAreas : 1;
+ uint32_t useFdeOnly : 1;
+ uint32_t disableNCQ : 1;
+ uint32_t SSDSMARTerEnabled : 1;
+ uint32_t SSDPatrolReadEnabled : 1;
+ uint32_t enableSpinDownUnconfigured : 1;
+ uint32_t autoEnhancedImport : 1;
+ uint32_t enableSecretKeyControl : 1;
+ uint32_t disableOnlineCtrlReset : 1;
+ uint32_t allowBootWithPinnedCache : 1;
+ uint32_t disableSpinDownHS : 1;
+ uint32_t enableJBOD : 1;
+ uint32_t reserved :18;
+ } OnOffProperties;
+ uint8_t autoSnapVDSpace; /* % of source LD to be
+ * reserved for auto snapshot
+ * in snapshot repository, for
+ * metadata and user data
+ * 1=5%, 2=10%, 3=15% and so on
+ */
+ uint8_t viewSpace; /* snapshot writeable VIEWs
+ * capacity as a % of source LD
+ * capacity. 0=READ only
+ * 1=5%, 2=10%, 3=15% and so on
+ */
+ uint16_t spinDownTime; /* # of idle minutes before device
+ * is spun down (0=use FW defaults)
+ */
+ uint8_t reserved[24];
+} __attribute__ ((packed));
+
+/* PCI information about the card. */
+struct mfi_info_pci {
+ uint16_t vendor;
+ uint16_t device;
+ uint16_t subvendor;
+ uint16_t subdevice;
+ uint8_t reserved[24];
+} __attribute__ ((packed));
+
+/* Host (front end) interface information */
+struct mfi_info_host {
+ uint8_t type;
+#define MFI_INFO_HOST_PCIX 0x01
+#define MFI_INFO_HOST_PCIE 0x02
+#define MFI_INFO_HOST_ISCSI 0x04
+#define MFI_INFO_HOST_SAS3G 0x08
+ uint8_t reserved[6];
+ uint8_t port_count;
+ uint64_t port_addr[8];
+} __attribute__ ((packed));
+
+/* Device (back end) interface information */
+struct mfi_info_device {
+ uint8_t type;
+#define MFI_INFO_DEV_SPI 0x01
+#define MFI_INFO_DEV_SAS3G 0x02
+#define MFI_INFO_DEV_SATA1 0x04
+#define MFI_INFO_DEV_SATA3G 0x08
+ uint8_t reserved[6];
+ uint8_t port_count;
+ uint64_t port_addr[8];
+} __attribute__ ((packed));
+
+/* Firmware component information */
+struct mfi_info_component {
+ char name[8];
+ char version[32];
+ char build_date[16];
+ char build_time[16];
+} __attribute__ ((packed));
+
+/* Controller default settings */
+struct mfi_defaults {
+ uint64_t sas_addr;
+ uint8_t phy_polarity;
+ uint8_t background_rate;
+ uint8_t stripe_size;
+ uint8_t flush_time;
+ uint8_t write_back;
+ uint8_t read_ahead;
+ uint8_t cache_when_bbu_bad;
+ uint8_t cached_io;
+ uint8_t smart_mode;
+ uint8_t alarm_disable;
+ uint8_t coercion;
+ uint8_t zrc_config;
+ uint8_t dirty_led_shows_drive_activity;
+ uint8_t bios_continue_on_error;
+ uint8_t spindown_mode;
+ uint8_t allowed_device_types;
+ uint8_t allow_mix_in_enclosure;
+ uint8_t allow_mix_in_ld;
+ uint8_t allow_sata_in_cluster;
+ uint8_t max_chained_enclosures;
+ uint8_t disable_ctrl_r;
+ uint8_t enable_web_bios;
+ uint8_t phy_polarity_split;
+ uint8_t direct_pd_mapping;
+ uint8_t bios_enumerate_lds;
+ uint8_t restored_hot_spare_on_insertion;
+ uint8_t expose_enclosure_devices;
+ uint8_t maintain_pd_fail_history;
+ uint8_t disable_puncture;
+ uint8_t zero_based_enumeration;
+ uint8_t disable_preboot_cli;
+ uint8_t show_drive_led_on_activity;
+ uint8_t cluster_disable;
+ uint8_t sas_disable;
+ uint8_t auto_detect_backplane;
+ uint8_t fde_only;
+ uint8_t delay_during_post;
+ uint8_t resv[19];
+} __attribute__ ((packed));
+
+/* Controller default settings */
+struct mfi_bios_data {
+ uint16_t boot_target_id;
+ uint8_t do_not_int_13;
+ uint8_t continue_on_error;
+ uint8_t verbose;
+ uint8_t geometry;
+ uint8_t expose_all_drives;
+ uint8_t reserved[56];
+ uint8_t check_sum;
+} __attribute__ ((packed));
+
+/* SAS (?) controller info, returned from MFI_DCMD_CTRL_GETINFO. */
+struct mfi_ctrl_info {
+ struct mfi_info_pci pci;
+ struct mfi_info_host host;
+ struct mfi_info_device device;
+
+ /* Firmware components that are present and active. */
+ uint32_t image_check_word;
+ uint32_t image_component_count;
+ struct mfi_info_component image_component[8];
+
+ /* Firmware components that have been flashed but are inactive */
+ uint32_t pending_image_component_count;
+ struct mfi_info_component pending_image_component[8];
+
+ uint8_t max_arms;
+ uint8_t max_spans;
+ uint8_t max_arrays;
+ uint8_t max_lds;
+ char product_name[80];
+ char serial_number[32];
+ uint32_t hw_present;
+#define MFI_INFO_HW_BBU 0x01
+#define MFI_INFO_HW_ALARM 0x02
+#define MFI_INFO_HW_NVRAM 0x04
+#define MFI_INFO_HW_UART 0x08
+#define MFI_INFO_HW_MEM 0x10
+#define MFI_INFO_HW_FLASH 0x20
+ uint32_t current_fw_time;
+ uint16_t max_cmds;
+ uint16_t max_sg_elements;
+ uint32_t max_request_size;
+ uint16_t lds_present;
+ uint16_t lds_degraded;
+ uint16_t lds_offline;
+ uint16_t pd_present;
+ uint16_t pd_disks_present;
+ uint16_t pd_disks_pred_failure;
+ uint16_t pd_disks_failed;
+ uint16_t nvram_size;
+ uint16_t memory_size;
+ uint16_t flash_size;
+ uint16_t ram_correctable_errors;
+ uint16_t ram_uncorrectable_errors;
+ uint8_t cluster_allowed;
+ uint8_t cluster_active;
+ uint16_t max_strips_per_io;
+
+ uint32_t raid_levels;
+#define MFI_INFO_RAID_0 0x01
+#define MFI_INFO_RAID_1 0x02
+#define MFI_INFO_RAID_5 0x04
+#define MFI_INFO_RAID_1E 0x08
+#define MFI_INFO_RAID_6 0x10
+
+ uint32_t adapter_ops;
+#define MFI_INFO_AOPS_RBLD_RATE 0x0001
+#define MFI_INFO_AOPS_CC_RATE 0x0002
+#define MFI_INFO_AOPS_BGI_RATE 0x0004
+#define MFI_INFO_AOPS_RECON_RATE 0x0008
+#define MFI_INFO_AOPS_PATROL_RATE 0x0010
+#define MFI_INFO_AOPS_ALARM_CONTROL 0x0020
+#define MFI_INFO_AOPS_CLUSTER_SUPPORTED 0x0040
+#define MFI_INFO_AOPS_BBU 0x0080
+#define MFI_INFO_AOPS_SPANNING_ALLOWED 0x0100
+#define MFI_INFO_AOPS_DEDICATED_SPARES 0x0200
+#define MFI_INFO_AOPS_REVERTIBLE_SPARES 0x0400
+#define MFI_INFO_AOPS_FOREIGN_IMPORT 0x0800
+#define MFI_INFO_AOPS_SELF_DIAGNOSTIC 0x1000
+#define MFI_INFO_AOPS_MIXED_ARRAY 0x2000
+#define MFI_INFO_AOPS_GLOBAL_SPARES 0x4000
+
+ uint32_t ld_ops;
+#define MFI_INFO_LDOPS_READ_POLICY 0x01
+#define MFI_INFO_LDOPS_WRITE_POLICY 0x02
+#define MFI_INFO_LDOPS_IO_POLICY 0x04
+#define MFI_INFO_LDOPS_ACCESS_POLICY 0x08
+#define MFI_INFO_LDOPS_DISK_CACHE_POLICY 0x10
+
+ struct {
+ uint8_t min;
+ uint8_t max;
+ uint8_t reserved[2];
+ } __attribute__ ((packed)) stripe_sz_ops;
+
+ uint32_t pd_ops;
+#define MFI_INFO_PDOPS_FORCE_ONLINE 0x01
+#define MFI_INFO_PDOPS_FORCE_OFFLINE 0x02
+#define MFI_INFO_PDOPS_FORCE_REBUILD 0x04
+
+ uint32_t pd_mix_support;
+#define MFI_INFO_PDMIX_SAS 0x01
+#define MFI_INFO_PDMIX_SATA 0x02
+#define MFI_INFO_PDMIX_ENCL 0x04
+#define MFI_INFO_PDMIX_LD 0x08
+#define MFI_INFO_PDMIX_SATA_CLUSTER 0x10
+
+ uint8_t ecc_bucket_count;
+ uint8_t reserved2[11];
+ struct mfi_ctrl_props properties;
+ char package_version[0x60];
+ uint8_t pad[0x800 - 0x6a0];
+} __attribute__ ((packed));
+
+/* keep track of an event. */
+union mfi_evt {
+ struct {
+ uint16_t locale;
+ uint8_t reserved;
+ int8_t class;
+ } members;
+ uint32_t word;
+} __attribute__ ((packed));
+
+/* event log state. */
+struct mfi_evt_log_state {
+ uint32_t newest_seq_num;
+ uint32_t oldest_seq_num;
+ uint32_t clear_seq_num;
+ uint32_t shutdown_seq_num;
+ uint32_t boot_seq_num;
+} __attribute__ ((packed));
+
+struct mfi_progress {
+ uint16_t progress;
+ uint16_t elapsed_seconds;
+} __attribute__ ((packed));
+
+struct mfi_evt_ld {
+ uint16_t target_id;
+ uint8_t ld_index;
+ uint8_t reserved;
+} __attribute__ ((packed));
+
+struct mfi_evt_pd {
+ uint16_t device_id;
+ uint8_t enclosure_index;
+ uint8_t slot_number;
+} __attribute__ ((packed));
+
+/* SAS (?) event detail, returned from MFI_DCMD_CTRL_EVENT_WAIT. */
+struct mfi_evt_detail {
+ uint32_t seq;
+ uint32_t time;
+ uint32_t code;
+ union mfi_evt class;
+ uint8_t arg_type;
+ uint8_t reserved1[15];
+
+ union {
+ struct {
+ struct mfi_evt_pd pd;
+ uint8_t cdb_len;
+ uint8_t sense_len;
+ uint8_t reserved[2];
+ uint8_t cdb[16];
+ uint8_t sense[64];
+ } cdb_sense;
+
+ struct mfi_evt_ld ld;
+
+ struct {
+ struct mfi_evt_ld ld;
+ uint64_t count;
+ } ld_count;
+
+ struct {
+ uint64_t lba;
+ struct mfi_evt_ld ld;
+ } ld_lba;
+
+ struct {
+ struct mfi_evt_ld ld;
+ uint32_t pre_owner;
+ uint32_t new_owner;
+ } ld_owner;
+
+ struct {
+ uint64_t ld_lba;
+ uint64_t pd_lba;
+ struct mfi_evt_ld ld;
+ struct mfi_evt_pd pd;
+ } ld_lba_pd_lba;
+
+ struct {
+ struct mfi_evt_ld ld;
+ struct mfi_progress prog;
+ } ld_prog;
+
+ struct {
+ struct mfi_evt_ld ld;
+ uint32_t prev_state;
+ uint32_t new_state;
+ } ld_state;
+
+ struct {
+ uint64_t strip;
+ struct mfi_evt_ld ld;
+ } ld_strip;
+
+ struct mfi_evt_pd pd;
+
+ struct {
+ struct mfi_evt_pd pd;
+ uint32_t err;
+ } pd_err;
+
+ struct {
+ uint64_t lba;
+ struct mfi_evt_pd pd;
+ } pd_lba;
+
+ struct {
+ uint64_t lba;
+ struct mfi_evt_pd pd;
+ struct mfi_evt_ld ld;
+ } pd_lba_ld;
+
+ struct {
+ struct mfi_evt_pd pd;
+ struct mfi_progress prog;
+ } pd_prog;
+
+ struct {
+ struct mfi_evt_pd ld;
+ uint32_t prev_state;
+ uint32_t new_state;
+ } pd_state;
+
+ struct {
+ uint16_t venderId;
+ uint16_t deviceId;
+ uint16_t subVenderId;
+ uint16_t subDeviceId;
+ } pci;
+
+ uint32_t rate;
+
+ char str[96];
+
+ struct {
+ uint32_t rtc;
+ uint16_t elapsedSeconds;
+ } time;
+
+ struct {
+ uint32_t ecar;
+ uint32_t elog;
+ char str[64];
+ } ecc;
+
+ uint8_t b[96];
+ uint16_t s[48];
+ uint32_t w[24];
+ uint64_t d[12];
+ } args;
+
+ char description[128];
+} __attribute__ ((packed));
+
+struct mfi_evt_list {
+ uint32_t count;
+ uint32_t reserved;
+ struct mfi_evt_detail event[1];
+} __attribute__ ((packed));
+
+union mfi_pd_ref {
+ struct {
+ uint16_t device_id;
+ uint16_t seq_num;
+ } v;
+ uint32_t ref;
+} __attribute__ ((packed));
+
+union mfi_pd_ddf_type {
+ struct {
+ union {
+ struct {
+ uint16_t forced_pd_guid : 1;
+ uint16_t in_vd : 1;
+ uint16_t is_global_spare : 1;
+ uint16_t is_spare : 1;
+ uint16_t is_foreign : 1;
+ uint16_t reserved : 7;
+ uint16_t intf : 4;
+ } pd_type;
+ uint16_t type;
+ } v;
+ uint16_t reserved;
+ } ddf;
+ struct {
+ uint32_t reserved;
+ } non_disk;
+ uint32_t type;
+} __attribute__ ((packed));
+
+struct mfi_pd_progress {
+ struct {
+ uint32_t rbld : 1;
+ uint32_t patrol : 1;
+ uint32_t clear : 1;
+ uint32_t reserved: 29;
+ } active;
+ struct mfi_progress rbld;
+ struct mfi_progress patrol;
+ struct mfi_progress clear;
+ struct mfi_progress reserved[4];
+} __attribute__ ((packed));
+
+struct mfi_pd_info {
+ union mfi_pd_ref ref;
+ uint8_t inquiry_data[96];
+ uint8_t vpd_page83[64];
+ uint8_t not_supported;
+ uint8_t scsi_dev_type;
+ uint8_t connected_port_bitmap;
+ uint8_t device_speed;
+ uint32_t media_err_count;
+ uint32_t other_err_count;
+ uint32_t pred_fail_count;
+ uint32_t last_pred_fail_event_seq_num;
+ uint16_t fw_state;
+ uint8_t disable_for_removal;
+ uint8_t link_speed;
+ union mfi_pd_ddf_type state;
+ struct {
+ uint8_t count;
+ uint8_t is_path_broken;
+ uint8_t reserved[6];
+ uint64_t sas_addr[4];
+ } path_info;
+ uint64_t raw_size;
+ uint64_t non_coerced_size;
+ uint64_t coerced_size;
+ uint16_t encl_device_id;
+ uint8_t encl_index;
+ uint8_t slot_number;
+ struct mfi_pd_progress prog_info;
+ uint8_t bad_block_table_full;
+ uint8_t unusable_in_current_config;
+ uint8_t vpd_page83_ext[64];
+ uint8_t reserved[512-358];
+} __attribute__ ((packed));
+
+struct mfi_pd_address {
+ uint16_t device_id;
+ uint16_t encl_device_id;
+ uint8_t encl_index;
+ uint8_t slot_number;
+ uint8_t scsi_dev_type;
+ uint8_t connect_port_bitmap;
+ uint64_t sas_addr[2];
+} __attribute__ ((packed));
+
+#define MAX_SYS_PDS 240
+struct mfi_pd_list {
+ uint32_t size;
+ uint32_t count;
+ struct mfi_pd_address addr[MAX_SYS_PDS];
+} __attribute__ ((packed));
+
+union mfi_ld_ref {
+ struct {
+ uint8_t target_id;
+ uint8_t reserved;
+ uint16_t seq;
+ } v;
+ uint32_t ref;
+} __attribute__ ((packed));
+
+struct mfi_ld_list {
+ uint32_t ld_count;
+ uint32_t reserved1;
+ struct {
+ union mfi_ld_ref ld;
+ uint8_t state;
+ uint8_t reserved2[3];
+ uint64_t size;
+ } ld_list[MFI_MAX_LD];
+} __attribute__ ((packed));
+
+enum mfi_ld_access {
+ MFI_LD_ACCESS_RW = 0,
+ MFI_LD_ACCSSS_RO = 2,
+ MFI_LD_ACCESS_BLOCKED = 3,
+};
+#define MFI_LD_ACCESS_MASK 3
+
+enum mfi_ld_state {
+ MFI_LD_STATE_OFFLINE = 0,
+ MFI_LD_STATE_PARTIALLY_DEGRADED = 1,
+ MFI_LD_STATE_DEGRADED = 2,
+ MFI_LD_STATE_OPTIMAL = 3
+};
+
+enum mfi_syspd_state {
+ MFI_PD_STATE_UNCONFIGURED_GOOD = 0x00,
+ MFI_PD_STATE_UNCONFIGURED_BAD = 0x01,
+ MFI_PD_STATE_OFFLINE = 0x10,
+ MFI_PD_STATE_FAILED = 0x11,
+ MFI_PD_STATE_ONLINE = 0x18,
+ MFI_PD_STATE_SYSTEM = 0x40
+};
+
+struct mfi_ld_props {
+ union mfi_ld_ref ld;
+ char name[16];
+ uint8_t default_cache_policy;
+ uint8_t access_policy;
+ uint8_t disk_cache_policy;
+ uint8_t current_cache_policy;
+ uint8_t no_bgi;
+ uint8_t reserved[7];
+} __attribute__ ((packed));
+
+struct mfi_ld_params {
+ uint8_t primary_raid_level;
+ uint8_t raid_level_qualifier;
+ uint8_t secondary_raid_level;
+ uint8_t stripe_size;
+ uint8_t num_drives;
+ uint8_t span_depth;
+ uint8_t state;
+ uint8_t init_state;
+ uint8_t is_consistent;
+ uint8_t reserved[23];
+} __attribute__ ((packed));
+
+struct mfi_ld_progress {
+ uint32_t active;
+#define MFI_LD_PROGRESS_CC (1<<0)
+#define MFI_LD_PROGRESS_BGI (1<<1)
+#define MFI_LD_PROGRESS_FGI (1<<2)
+#define MFI_LD_PORGRESS_RECON (1<<3)
+ struct mfi_progress cc;
+ struct mfi_progress bgi;
+ struct mfi_progress fgi;
+ struct mfi_progress recon;
+ struct mfi_progress reserved[4];
+} __attribute__ ((packed));
+
+struct mfi_span {
+ uint64_t start_block;
+ uint64_t num_blocks;
+ uint16_t array_ref;
+ uint8_t reserved[6];
+} __attribute__ ((packed));
+
+#define MFI_MAX_SPAN_DEPTH 8
+struct mfi_ld_config {
+ struct mfi_ld_props properties;
+ struct mfi_ld_params params;
+ struct mfi_span span[MFI_MAX_SPAN_DEPTH];
+} __attribute__ ((packed));
+
+struct mfi_ld_info {
+ struct mfi_ld_config ld_config;
+ uint64_t size;
+ struct mfi_ld_progress progress;
+ uint16_t cluster_owner;
+ uint8_t reconstruct_active;
+ uint8_t reserved1[1];
+ uint8_t vpd_page83[64];
+ uint8_t reserved2[16];
+} __attribute__ ((packed));
+
+union mfi_spare_type {
+ struct {
+ uint8_t is_dedicate :1;
+ uint8_t is_revertable :1;
+ uint8_t is_encl_affinity :1;
+ uint8_t reserved :5;
+ } v;
+ uint8_t type;
+} __attribute__ ((packed));
+
+#define MAX_ARRAYS 16
+struct mfi_spare {
+ union mfi_pd_ref ref;
+ union mfi_spare_type spare_type;
+ uint8_t reserved[2];
+ uint8_t array_count;
+ uint16_t array_refd[MAX_ARRAYS];
+} __attribute__ ((packed));
+
+#define MAX_ROW_SIZE 32
+struct mfi_array {
+ uint64_t size;
+ uint8_t num_drives;
+ uint8_t reserved;
+ uint16_t array_ref;
+ uint8_t pad[20];
+ struct {
+ union mfi_pd_ref ref;
+ uint16_t fw_state;
+ struct {
+ uint8_t pd;
+ uint8_t slot;
+ } encl;
+ } pd[MAX_ROW_SIZE];
+} __attribute__ ((packed));
+
+struct mfi_config_data {
+ uint32_t size;
+ uint16_t array_count;
+ uint16_t array_size;
+ uint16_t log_drv_count;
+ uint16_t log_drv_size;
+ uint16_t spares_count;
+ uint16_t spares_size;
+ uint8_t reserved[16];
+ uint8_t data;
+ /*
+ struct mfi_array array[];
+ struct mfi_ld_config ld[];
+ struct mfi_spare spare[];
+ */
+} __attribute__ ((packed));
+
+#define MFI_SCSI_MAX_TARGETS 128
+#define MFI_SCSI_MAX_LUNS 8
+#define MFI_SCSI_INITIATOR_ID 255
+#define MFI_SCSI_MAX_CMDS 8
+#define MFI_SCSI_MAX_CDB_LEN 16
+
+#endif /* _MFI_H */
diff --git a/hw/pci_ids.h b/hw/pci_ids.h
index 82cba7e..6b9b54e 100644
--- a/hw/pci_ids.h
+++ b/hw/pci_ids.h
@@ -15,6 +15,7 @@
#define PCI_CLASS_STORAGE_SCSI 0x0100
#define PCI_CLASS_STORAGE_IDE 0x0101
+#define PCI_CLASS_STORAGE_RAID 0x0104
#define PCI_CLASS_STORAGE_OTHER 0x0180
#define PCI_CLASS_NETWORK_ETHERNET 0x0200
@@ -46,6 +47,7 @@
#define PCI_VENDOR_ID_LSI_LOGIC 0x1000
#define PCI_DEVICE_ID_LSI_53C895A 0x0012
+#define PCI_DEVICE_ID_LSI_SAS1078 0x0060
#define PCI_VENDOR_ID_DEC 0x1011
#define PCI_DEVICE_ID_DEC_21154 0x0026
diff --git a/hw/scsi.h b/hw/scsi.h
index 063154d..d970256 100644
--- a/hw/scsi.h
+++ b/hw/scsi.h
@@ -47,6 +47,7 @@ struct SCSIRequest {
} cmd;
BlockDriverAIOCB *aiocb;
bool enqueued;
+ void *hba_private;
QTAILQ_ENTRY(SCSIRequest) next;
};
--
1.6.0.2
^ permalink raw reply related [flat|nested] 38+ messages in thread
* [Qemu-devel] [PATCH 15/15] Make SCSI HBA configurable
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
` (13 preceding siblings ...)
2010-11-24 11:16 ` [Qemu-devel] [PATCH 14/15] megasas: LSI Megaraid SAS emulation Hannes Reinecke
@ 2010-11-24 11:16 ` Hannes Reinecke
2010-11-24 16:50 ` [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Christoph Hellwig
2010-12-20 14:59 ` [Qemu-devel] " Christoph Hellwig
16 siblings, 0 replies; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-24 11:16 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, nab, kraxel
This patch introduces configuration variables
CONFIG_SCSI_LSI
CONFIG_SCSI_MEGASAS
and renames the existing CONFIG_ESP to CONFIG_SCSI_ESP.
With this the available SCSI HBAs can be configured for each
target configuration instead of compiling it in for everyone.
Signed-off-by: Hannes Reinecke <hare@suse.de>
Acked-By: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: Jes Sorensen <Jes.Sorensen@redhat.com>
---
Makefile.objs | 5 +++--
default-configs/i386-softmmu.mak | 2 ++
default-configs/mips-softmmu.mak | 2 +-
default-configs/mips64-softmmu.mak | 2 +-
default-configs/mips64el-softmmu.mak | 2 +-
default-configs/mipsel-softmmu.mak | 2 +-
default-configs/ppc-softmmu.mak | 2 ++
default-configs/ppc64-softmmu.mak | 2 ++
default-configs/ppcemb-softmmu.mak | 2 ++
default-configs/sparc-softmmu.mak | 2 +-
default-configs/sparc64-softmmu.mak | 2 ++
default-configs/x86_64-softmmu.mak | 2 ++
12 files changed, 20 insertions(+), 7 deletions(-)
diff --git a/Makefile.objs b/Makefile.objs
index 89c8661..3b040cd 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -231,8 +231,9 @@ hw-obj-$(CONFIG_IDE_MACIO) += ide/macio.o
hw-obj-$(CONFIG_IDE_VIA) += ide/via.o
# SCSI layer
-hw-obj-y += lsi53c895a.o megasas.o
-hw-obj-$(CONFIG_ESP) += esp.o
+hw-obj-$(CONFIG_SCSI_LSI) += lsi53c895a.o
+hw-obj-$(CONFIG_SCSI_MEGASAS) += megasas.o
+hw-obj-$(CONFIG_SCSI_ESP) += esp.o
hw-obj-y += dma-helpers.o sysbus.o isa-bus.o
hw-obj-y += qdev-addr.o
diff --git a/default-configs/i386-softmmu.mak b/default-configs/i386-softmmu.mak
index ed00471..130c157 100644
--- a/default-configs/i386-softmmu.mak
+++ b/default-configs/i386-softmmu.mak
@@ -19,6 +19,8 @@ CONFIG_IDE_QDEV=y
CONFIG_IDE_PCI=y
CONFIG_IDE_ISA=y
CONFIG_IDE_PIIX=y
+CONFIG_SCSI_LSI=y
+CONFIG_SCSI_MEGASAS=y
CONFIG_NE2000_ISA=y
CONFIG_PIIX_PCI=y
CONFIG_SOUND=y
diff --git a/default-configs/mips-softmmu.mak b/default-configs/mips-softmmu.mak
index 3d0af83..7e840a4 100644
--- a/default-configs/mips-softmmu.mak
+++ b/default-configs/mips-softmmu.mak
@@ -1,7 +1,7 @@
# Default configuration for mips-softmmu
CONFIG_ISA_MMIO=y
-CONFIG_ESP=y
+CONFIG_SCSI_ESP=y
CONFIG_VGA_PCI=y
CONFIG_VGA_ISA=y
CONFIG_VGA_ISA_MM=y
diff --git a/default-configs/mips64-softmmu.mak b/default-configs/mips64-softmmu.mak
index 0030de4..3816be3 100644
--- a/default-configs/mips64-softmmu.mak
+++ b/default-configs/mips64-softmmu.mak
@@ -1,7 +1,7 @@
# Default configuration for mips64-softmmu
CONFIG_ISA_MMIO=y
-CONFIG_ESP=y
+CONFIG_SCSI_ESP=y
CONFIG_VGA_PCI=y
CONFIG_VGA_ISA=y
CONFIG_VGA_ISA_MM=y
diff --git a/default-configs/mips64el-softmmu.mak b/default-configs/mips64el-softmmu.mak
index fa2a3ff..21c59e0 100644
--- a/default-configs/mips64el-softmmu.mak
+++ b/default-configs/mips64el-softmmu.mak
@@ -1,7 +1,7 @@
# Default configuration for mips64el-softmmu
CONFIG_ISA_MMIO=y
-CONFIG_ESP=y
+CONFIG_SCSI_ESP=y
CONFIG_VGA_PCI=y
CONFIG_VGA_ISA=y
CONFIG_VGA_ISA_MM=y
diff --git a/default-configs/mipsel-softmmu.mak b/default-configs/mipsel-softmmu.mak
index 238b73a..3cf853a 100644
--- a/default-configs/mipsel-softmmu.mak
+++ b/default-configs/mipsel-softmmu.mak
@@ -1,7 +1,7 @@
# Default configuration for mipsel-softmmu
CONFIG_ISA_MMIO=y
-CONFIG_ESP=y
+CONFIG_SCSI_ESP=y
CONFIG_VGA_PCI=y
CONFIG_VGA_ISA=y
CONFIG_VGA_ISA_MM=y
diff --git a/default-configs/ppc-softmmu.mak b/default-configs/ppc-softmmu.mak
index 940f4bf..0cc5914 100644
--- a/default-configs/ppc-softmmu.mak
+++ b/default-configs/ppc-softmmu.mak
@@ -29,6 +29,8 @@ CONFIG_IDE_PCI=y
CONFIG_IDE_ISA=y
CONFIG_IDE_CMD646=y
CONFIG_IDE_MACIO=y
+CONFIG_SCSI_LSI=y
+CONFIG_SCSI_MEGASAS=y
CONFIG_NE2000_ISA=y
CONFIG_SOUND=y
CONFIG_VIRTIO_PCI=y
diff --git a/default-configs/ppc64-softmmu.mak b/default-configs/ppc64-softmmu.mak
index e1bc6b8..ce83254 100644
--- a/default-configs/ppc64-softmmu.mak
+++ b/default-configs/ppc64-softmmu.mak
@@ -29,6 +29,8 @@ CONFIG_IDE_PCI=y
CONFIG_IDE_ISA=y
CONFIG_IDE_CMD646=y
CONFIG_IDE_MACIO=y
+CONFIG_SCSI_LSI=y
+CONFIG_SCSI_MEGASAS=y
CONFIG_NE2000_ISA=y
CONFIG_SOUND=y
CONFIG_VIRTIO_PCI=y
diff --git a/default-configs/ppcemb-softmmu.mak b/default-configs/ppcemb-softmmu.mak
index 8f1cc09..44111c3 100644
--- a/default-configs/ppcemb-softmmu.mak
+++ b/default-configs/ppcemb-softmmu.mak
@@ -29,6 +29,8 @@ CONFIG_IDE_PCI=y
CONFIG_IDE_ISA=y
CONFIG_IDE_CMD646=y
CONFIG_IDE_MACIO=y
+CONFIG_SCSI_LSI=y
+CONFIG_SCSI_MEGASAS=y
CONFIG_NE2000_ISA=y
CONFIG_SOUND=y
CONFIG_VIRTIO_PCI=y
diff --git a/default-configs/sparc-softmmu.mak b/default-configs/sparc-softmmu.mak
index becf880..872929d 100644
--- a/default-configs/sparc-softmmu.mak
+++ b/default-configs/sparc-softmmu.mak
@@ -1,7 +1,7 @@
# Default configuration for sparc-softmmu
CONFIG_ECC=y
-CONFIG_ESP=y
+CONFIG_SCSI_ESP=y
CONFIG_ESCC=y
CONFIG_M48T59=y
CONFIG_PTIMER=y
diff --git a/default-configs/sparc64-softmmu.mak b/default-configs/sparc64-softmmu.mak
index 1cc3f13..b4a3c27 100644
--- a/default-configs/sparc64-softmmu.mak
+++ b/default-configs/sparc64-softmmu.mak
@@ -13,4 +13,6 @@ CONFIG_IDE_QDEV=y
CONFIG_IDE_PCI=y
CONFIG_IDE_ISA=y
CONFIG_IDE_CMD646=y
+CONFIG_SCSI_LSI=y
+CONFIG_SCSI_MEGASAS=y
CONFIG_VIRTIO_PCI=y
diff --git a/default-configs/x86_64-softmmu.mak b/default-configs/x86_64-softmmu.mak
index 5183203..f28b66d 100644
--- a/default-configs/x86_64-softmmu.mak
+++ b/default-configs/x86_64-softmmu.mak
@@ -19,6 +19,8 @@ CONFIG_IDE_QDEV=y
CONFIG_IDE_PCI=y
CONFIG_IDE_ISA=y
CONFIG_IDE_PIIX=y
+CONFIG_SCSI_LSI=y
+CONFIG_SCSI_MEGASAS=y
CONFIG_NE2000_ISA=y
CONFIG_PIIX_PCI=y
CONFIG_SOUND=y
--
1.6.0.2
^ permalink raw reply related [flat|nested] 38+ messages in thread
* Re: [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
` (14 preceding siblings ...)
2010-11-24 11:16 ` [Qemu-devel] [PATCH 15/15] Make SCSI HBA configurable Hannes Reinecke
@ 2010-11-24 16:50 ` Christoph Hellwig
2010-12-10 22:14 ` [Qemu-devel] " Paolo Bonzini
2010-12-20 14:59 ` [Qemu-devel] " Christoph Hellwig
16 siblings, 1 reply; 38+ messages in thread
From: Christoph Hellwig @ 2010-11-24 16:50 UTC (permalink / raw)
To: Hannes Reinecke; +Cc: stefanha, qemu-devel, nab, kraxel
Btw, it might make sense to split this series into two.
Patches 1 to 11 are genuine improvements to the SCSI code, which I'd
like to see merged ASAP. The rest is the actual megasas driver, which
I still want to see, but haven't even gotten to review yet.
^ permalink raw reply [flat|nested] 38+ messages in thread
* Re: [Qemu-devel] [PATCH 02/15] scsi: Return SAM status codes
2010-11-24 11:15 ` [Qemu-devel] [PATCH 02/15] scsi: Return SAM status codes Hannes Reinecke
@ 2010-11-24 16:51 ` Christoph Hellwig
0 siblings, 0 replies; 38+ messages in thread
From: Christoph Hellwig @ 2010-11-24 16:51 UTC (permalink / raw)
To: Hannes Reinecke; +Cc: stefanha, qemu-devel, nab, kraxel
On Wed, Nov 24, 2010 at 12:15:57PM +0100, Hannes Reinecke wrote:
> Traditionally, the linux stack is using SCSI status codes
> which are shifted by one as compared to those defined in SAM.
> A SCSI emulation should naturally return the SAM defined codes,
> not the linux ones.
> So to avoid any confusion this patch modifies the existing
> definitions to match those found in SAM and removes any
> (now obsolete) byte-shift from the returned status codes.
Looks good.
^ permalink raw reply [flat|nested] 38+ messages in thread
* Re: [Qemu-devel] [PATCH 13/15] scsi: Implement alloc_req_iov callback
2010-11-24 11:16 ` [Qemu-devel] [PATCH 13/15] scsi: Implement alloc_req_iov callback Hannes Reinecke
@ 2010-11-24 16:52 ` Christoph Hellwig
2010-11-25 8:53 ` Hannes Reinecke
0 siblings, 1 reply; 38+ messages in thread
From: Christoph Hellwig @ 2010-11-24 16:52 UTC (permalink / raw)
To: Hannes Reinecke; +Cc: stefanha, qemu-devel, nab, kraxel
On Wed, Nov 24, 2010 at 12:16:08PM +0100, Hannes Reinecke wrote:
> Add callback to create a request with a predefined iovec.
> This is required for drivers which can use the iovec
> of a command directly.
What happend to my comment that the iov and non-iov case should share
code? Also what happened to the other comment about not naming the
method implementation different from the method name.
^ permalink raw reply [flat|nested] 38+ messages in thread
* Re: [Qemu-devel] [PATCH 13/15] scsi: Implement alloc_req_iov callback
2010-11-24 16:52 ` Christoph Hellwig
@ 2010-11-25 8:53 ` Hannes Reinecke
2010-11-25 15:29 ` Christoph Hellwig
0 siblings, 1 reply; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-25 8:53 UTC (permalink / raw)
To: Christoph Hellwig; +Cc: stefanha, qemu-devel, nab, kraxel
On 11/24/2010 05:52 PM, Christoph Hellwig wrote:
> On Wed, Nov 24, 2010 at 12:16:08PM +0100, Hannes Reinecke wrote:
>> Add callback to create a request with a predefined iovec.
>> This is required for drivers which can use the iovec
>> of a command directly.
>
> What happend to my comment that the iov and non-iov case should share
> code? Also what happened to the other comment about not naming the
> method implementation different from the method name.
>
Looked into it.
Sure I could be doing it for scsi-disk; for scsi-generic it won't
work, though. And it's not much of a code-share to have from it;
you'll end up with something like:
static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag,
uint32_t lun)
{
struct iovec *iov;
uint8_t *buf;
SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
SCSIRequest *req;
SCSIDiskReq *r;
buf = qemu_blockalign(s->bs, SCSI_DMA_BUF_SIZE);
iov = qemu_mallocz(sizeof(struct iovec));
iov[0].iov_base = buf;
req = scsi_new_request_iovec(d, tag, lun, iov, 1);
r = DO_UPCAST(SCSIDiskReq, req, req);
r->iov_buf = buf;
return req;
}
which doesn't look better than the original:
static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag,
uint32_t lun)
{
SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
SCSIRequest *req;
SCSIDiskReq *r;
req = scsi_req_alloc(sizeof(SCSIDiskReq), d, tag, lun);
r = DO_UPCAST(SCSIDiskReq, req, req);
r->iov_buf = qemu_blockalign(s->bs, SCSI_DMA_BUF_SIZE);
r->iov = qemu_mallocz(sizeof(struct iovec));
r->iov[0].iov_base = r->iov_buf;
r->iov_num = 1;
return req;
}
But I'm open to suggestions.
And for the naming:
The SCSI stack is using 'req' for every function accepting
SCSIRequest as an argument:
hw/scsi.h:
SCSIRequest *scsi_req_alloc(size_t size, SCSIDevice *d,
uint32_t tag, uint32_t lun);
void scsi_req_free(SCSIRequest *req);
int scsi_req_parse(SCSIRequest *req, uint8_t *buf);
void scsi_req_print(SCSIRequest *req);
void scsi_req_complete(SCSIRequest *req);
So using 'alloc_req' and 'free_req' is in line with this naming
scheme. Using 'alloc_request' and 'free_request' really looked odd
in the light of the general usage.
Hence I didn't do it.
But again, I'm open to suggestions here.
Cheers,
Hannes
--
Dr. Hannes Reinecke zSeries & Storage
hare@suse.de +49 911 74053 688
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: Markus Rex, HRB 16746 (AG Nürnberg)
^ permalink raw reply [flat|nested] 38+ messages in thread
* Re: [Qemu-devel] [PATCH 06/15] scsi: Update sense code handling
2010-11-24 11:16 ` [Qemu-devel] [PATCH 06/15] scsi: Update sense code handling Hannes Reinecke
@ 2010-11-25 14:33 ` Kevin Wolf
2010-12-21 11:56 ` Hannes Reinecke
0 siblings, 1 reply; 38+ messages in thread
From: Kevin Wolf @ 2010-11-25 14:33 UTC (permalink / raw)
To: Hannes Reinecke; +Cc: stefanha, qemu-devel, nab, kraxel
Am 24.11.2010 12:16, schrieb Hannes Reinecke:
> The SCSI spec has a quite detailed list of sense codes available.
> It even mandates the use of specific ones for some failure cases.
> The current implementation just has one type of 'generic' error
> which is actually a violation of the spec in certain cases.
> This patch introduces various predefined sense codes to have the
> sense code reporting more in line with the spec.
>
> Signed-off-by: Hannes Reinecke <hare@suse.de>
> Acked-by: Christoph Hellwig <hch@lst.de>
> ---
> hw/scsi-bus.c | 92 ++++++++++++++++++++++++++++++++++++++++++++
> hw/scsi-disk.c | 109 +++++++++++++++++++++++++++--------------------------
> hw/scsi-generic.c | 76 ++++++++++++++++++++++++++-----------
> hw/scsi.h | 38 ++++++++++++++++++
> 4 files changed, 239 insertions(+), 76 deletions(-)
>
> diff --git a/hw/scsi-bus.c b/hw/scsi-bus.c
> index 93f0e9a..afdf0ad 100644
> --- a/hw/scsi-bus.c
> +++ b/hw/scsi-bus.c
> @@ -388,6 +388,98 @@ int scsi_req_parse(SCSIRequest *req, uint8_t *buf)
> return 0;
> }
>
> +/*
> + * Predefined sense codes
> + */
> +
> +/* No sense data available */
> +const struct SCSISense sense_code_NO_SENSE = {
> + .key = NO_SENSE , .asc = 0x00 , .ascq = 0x00
> +};
> +
> +/* LUN not ready, Manual intervention required */
> +const struct SCSISense sense_code_LUN_NOT_READY = {
> + .key = NOT_READY, .asc = 0x04, .ascq = 0x03
> +};
> +
> +/* LUN not ready, Medium not present */
> +const struct SCSISense sense_code_NO_MEDIUM = {
> + .key = NOT_READY, .asc = 0x3a, .ascq = 0x00
> +};
> +
> +/* Hardware error, internal target failure */
> +const struct SCSISense sense_code_TARGET_FAILURE = {
> + .key = HARDWARE_ERROR, .asc = 0x44, .ascq = 0x00
> +};
> +
> +/* Illegal request, invalid command operation code */
> +const struct SCSISense sense_code_INVALID_OPCODE = {
> + .key = ILLEGAL_REQUEST, .asc = 0x20, .ascq = 0x00
> +};
> +
> +/* Illegal request, LBA out of range */
> +const struct SCSISense sense_code_LBA_OUT_OF_RANGE = {
> + .key = ILLEGAL_REQUEST, .asc = 0x21, .ascq = 0x00
> +};
> +
> +/* Illegal request, Invalid field in CDB */
> +const struct SCSISense sense_code_INVALID_FIELD = {
> + .key = ILLEGAL_REQUEST, .asc = 0x24, .ascq = 0x00
> +};
> +
> +/* Illegal request, LUN not supported */
> +const struct SCSISense sense_code_LUN_NOT_SUPPORTED = {
> + .key = ILLEGAL_REQUEST, .asc = 0x25, .ascq = 0x00
> +};
> +
> +/* Command aborted, I/O process terminated */
> +const struct SCSISense sense_code_IO_ERROR = {
> + .key = ABORTED_COMMAND, .asc = 0x00, .ascq = 0x06
> +};
> +
> +/* Command aborted, I_T Nexus loss occurred */
> +const struct SCSISense sense_code_I_T_NEXUS_LOSS = {
> + .key = ABORTED_COMMAND, .asc = 0x29, .ascq = 0x07
> +};
> +
> +/* Command aborted, Logical Unit failure */
> +const struct SCSISense sense_code_LUN_FAILURE = {
> + .key = ABORTED_COMMAND, .asc = 0x3e, .ascq = 0x01
> +};
> +
> +/*
> + * scsi_build_sense
> + *
> + * Build a sense buffer
> + */
> +int scsi_build_sense(SCSISense sense, uint8_t *buf, int len, int fixed)
> +{
> + if (len < 8)
> + return 0;
> + if (fixed && len < 14)
> + return 0;
> +
> + memset(buf, 0, len);
> + if (fixed) {
> + /* Return fixed format sense buffer */
> + buf[0] = 0xf0;
> + buf[2] = sense.key;
> + buf[7] = 7;
> + buf[12] = sense.asc;
> + buf[13] = sense.ascq;
> + len = 14;
My spec says: "Device servers shall return at least 18 bytes of
parameter data in response to a REQUEST SENSE command if the allocation
length is 18 or greater and the DESC bit is set to zero."
So should this be MIN(len, 18) instead?
Kevin
^ permalink raw reply [flat|nested] 38+ messages in thread
* [Qemu-devel] Re: [PATCH 14/15] megasas: LSI Megaraid SAS emulation
2010-11-24 11:16 ` [Qemu-devel] [PATCH 14/15] megasas: LSI Megaraid SAS emulation Hannes Reinecke
@ 2010-11-25 14:36 ` Stefan Hajnoczi
2010-11-25 14:50 ` Hannes Reinecke
2010-11-25 20:47 ` Sebastian Herbszt
1 sibling, 1 reply; 38+ messages in thread
From: Stefan Hajnoczi @ 2010-11-25 14:36 UTC (permalink / raw)
To: Hannes Reinecke; +Cc: nab, qemu-devel, kraxel
On Wed, Nov 24, 2010 at 11:16 AM, Hannes Reinecke <hare@suse.de> wrote:
> +static int megasas_pd_get_info_submit(SCSIDevice * sdev, int lun,
> + struct megasas_cmd_t *cmd)
> +{
> + struct mfi_pd_info * info = cmd->iov_buf;
> + uint8_t cmdbuf[6];
> + SCSIRequest *req;
> +
> + if (info->inquiry_data[4] == 0) {
> + /* Additional length is zero, resubmit */
> + megasas_setup_inquiry(cmdbuf, 0, info->inquiry_data,
> + sizeof(info->inquiry_data));
> + req = sdev->info->alloc_req(sdev, (uint32_t) -1, lun);
> + if (!req) {
> + return MFI_STAT_FLASH_ALLOC_FAIL;
> + }
> + DPRINTF_DCMD("PD get info submit std inquiry to dev %d\n", lun);
> + req->hba_private = cmd;
> + if (cmd->sdev->info->send_command(req, cmdbuf) > 0)
> + cmd->sdev->info->read_data(req);
> + return MFI_STAT_INVALID_STATUS;
Here...
> + } else if (info->vpd_page83[3] == 0) {
> + /* Additional length is zero, resubmit */
> + megasas_setup_inquiry(cmdbuf, 0x83,(uint8_t *)info->vpd_page83,
> + sizeof(info->vpd_page83));
> + req = sdev->info->alloc_req(sdev, (uint32_t) -1, lun);
> + if (!req) {
> + return MFI_STAT_FLASH_ALLOC_FAIL;
> + }
> + DPRINTF_DCMD("PD get info submit vpd inquiry to dev %d\n", lun);
> + req->hba_private = cmd;
> + if (cmd->sdev->info->send_command(req, cmdbuf) > 0)
> + cmd->sdev->info->read_data(req);
> + return MFI_STAT_INVALID_STATUS;
...and here I can't tell for sure if an error status is returned
intentionally or whether this is an if statement without {}-related
bug.
On one hand it looks like it could be intentional. On the other hand
we went through the trouble of sending an inquiry command that may
have succeeded but we're still returning an error status.
Stefan
^ permalink raw reply [flat|nested] 38+ messages in thread
* [Qemu-devel] Re: [PATCH 14/15] megasas: LSI Megaraid SAS emulation
2010-11-25 14:36 ` [Qemu-devel] " Stefan Hajnoczi
@ 2010-11-25 14:50 ` Hannes Reinecke
2010-11-25 14:52 ` Stefan Hajnoczi
0 siblings, 1 reply; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-25 14:50 UTC (permalink / raw)
To: Stefan Hajnoczi; +Cc: nab, qemu-devel, kraxel
On 11/25/2010 03:36 PM, Stefan Hajnoczi wrote:
> On Wed, Nov 24, 2010 at 11:16 AM, Hannes Reinecke <hare@suse.de> wrote:
>> +static int megasas_pd_get_info_submit(SCSIDevice * sdev, int lun,
>> + struct megasas_cmd_t *cmd)
>> +{
>> + struct mfi_pd_info * info = cmd->iov_buf;
>> + uint8_t cmdbuf[6];
>> + SCSIRequest *req;
>> +
>> + if (info->inquiry_data[4] == 0) {
>> + /* Additional length is zero, resubmit */
>> + megasas_setup_inquiry(cmdbuf, 0, info->inquiry_data,
>> + sizeof(info->inquiry_data));
>> + req = sdev->info->alloc_req(sdev, (uint32_t) -1, lun);
>> + if (!req) {
>> + return MFI_STAT_FLASH_ALLOC_FAIL;
>> + }
>> + DPRINTF_DCMD("PD get info submit std inquiry to dev %d\n", lun);
>> + req->hba_private = cmd;
>> + if (cmd->sdev->info->send_command(req, cmdbuf) > 0)
>> + cmd->sdev->info->read_data(req);
>> + return MFI_STAT_INVALID_STATUS;
>
> Here...
>
>> + } else if (info->vpd_page83[3] == 0) {
>> + /* Additional length is zero, resubmit */
>> + megasas_setup_inquiry(cmdbuf, 0x83,(uint8_t *)info->vpd_page83,
>> + sizeof(info->vpd_page83));
>> + req = sdev->info->alloc_req(sdev, (uint32_t) -1, lun);
>> + if (!req) {
>> + return MFI_STAT_FLASH_ALLOC_FAIL;
>> + }
>> + DPRINTF_DCMD("PD get info submit vpd inquiry to dev %d\n", lun);
>> + req->hba_private = cmd;
>> + if (cmd->sdev->info->send_command(req, cmdbuf) > 0)
>> + cmd->sdev->info->read_data(req);
>> + return MFI_STAT_INVALID_STATUS;
>
> ...and here I can't tell for sure if an error status is returned
> intentionally or whether this is an if statement without {}-related
> bug.
>
> On one hand it looks like it could be intentional. On the other hand
> we went through the trouble of sending an inquiry command that may
> have succeeded but we're still returning an error status.
>
MFI_STAT_INVALID_STATUS is _not_ an error status. It's used
internally to signal that a command is still being processed.
->read_data() itself doesn't have a meaningful return code;
we need to wait for the ->complete callback to get results.
So we're returning MFI_STAT_INVALID_STATUS to signal this condition.
So that's ok.
Cheers,
Hannes
--
Dr. Hannes Reinecke zSeries & Storage
hare@suse.de +49 911 74053 688
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: Markus Rex, HRB 16746 (AG Nürnberg)
^ permalink raw reply [flat|nested] 38+ messages in thread
* [Qemu-devel] Re: [PATCH 14/15] megasas: LSI Megaraid SAS emulation
2010-11-25 14:50 ` Hannes Reinecke
@ 2010-11-25 14:52 ` Stefan Hajnoczi
0 siblings, 0 replies; 38+ messages in thread
From: Stefan Hajnoczi @ 2010-11-25 14:52 UTC (permalink / raw)
To: Hannes Reinecke; +Cc: nab, qemu-devel, kraxel
On Thu, Nov 25, 2010 at 2:50 PM, Hannes Reinecke <hare@suse.de> wrote:
> On 11/25/2010 03:36 PM, Stefan Hajnoczi wrote:
>> On Wed, Nov 24, 2010 at 11:16 AM, Hannes Reinecke <hare@suse.de> wrote:
>>> +static int megasas_pd_get_info_submit(SCSIDevice * sdev, int lun,
>>> + struct megasas_cmd_t *cmd)
>>> +{
>>> + struct mfi_pd_info * info = cmd->iov_buf;
>>> + uint8_t cmdbuf[6];
>>> + SCSIRequest *req;
>>> +
>>> + if (info->inquiry_data[4] == 0) {
>>> + /* Additional length is zero, resubmit */
>>> + megasas_setup_inquiry(cmdbuf, 0, info->inquiry_data,
>>> + sizeof(info->inquiry_data));
>>> + req = sdev->info->alloc_req(sdev, (uint32_t) -1, lun);
>>> + if (!req) {
>>> + return MFI_STAT_FLASH_ALLOC_FAIL;
>>> + }
>>> + DPRINTF_DCMD("PD get info submit std inquiry to dev %d\n", lun);
>>> + req->hba_private = cmd;
>>> + if (cmd->sdev->info->send_command(req, cmdbuf) > 0)
>>> + cmd->sdev->info->read_data(req);
>>> + return MFI_STAT_INVALID_STATUS;
>>
>> Here...
>>
>>> + } else if (info->vpd_page83[3] == 0) {
>>> + /* Additional length is zero, resubmit */
>>> + megasas_setup_inquiry(cmdbuf, 0x83,(uint8_t *)info->vpd_page83,
>>> + sizeof(info->vpd_page83));
>>> + req = sdev->info->alloc_req(sdev, (uint32_t) -1, lun);
>>> + if (!req) {
>>> + return MFI_STAT_FLASH_ALLOC_FAIL;
>>> + }
>>> + DPRINTF_DCMD("PD get info submit vpd inquiry to dev %d\n", lun);
>>> + req->hba_private = cmd;
>>> + if (cmd->sdev->info->send_command(req, cmdbuf) > 0)
>>> + cmd->sdev->info->read_data(req);
>>> + return MFI_STAT_INVALID_STATUS;
>>
>> ...and here I can't tell for sure if an error status is returned
>> intentionally or whether this is an if statement without {}-related
>> bug.
>>
>> On one hand it looks like it could be intentional. On the other hand
>> we went through the trouble of sending an inquiry command that may
>> have succeeded but we're still returning an error status.
>>
>
> MFI_STAT_INVALID_STATUS is _not_ an error status. It's used
> internally to signal that a command is still being processed.
> ->read_data() itself doesn't have a meaningful return code;
> we need to wait for the ->complete callback to get results.
> So we're returning MFI_STAT_INVALID_STATUS to signal this condition.
>
> So that's ok.
Okay, thanks for explaining.
Stefan
^ permalink raw reply [flat|nested] 38+ messages in thread
* Re: [Qemu-devel] [PATCH 13/15] scsi: Implement alloc_req_iov callback
2010-11-25 8:53 ` Hannes Reinecke
@ 2010-11-25 15:29 ` Christoph Hellwig
2010-11-25 16:21 ` Hannes Reinecke
0 siblings, 1 reply; 38+ messages in thread
From: Christoph Hellwig @ 2010-11-25 15:29 UTC (permalink / raw)
To: Hannes Reinecke; +Cc: stefanha, kraxel, Christoph Hellwig, nab, qemu-devel
On Thu, Nov 25, 2010 at 09:53:25AM +0100, Hannes Reinecke wrote:
> Looked into it.
> Sure I could be doing it for scsi-disk; for scsi-generic it won't
> work, though. And it's not much of a code-share to have from it;
> you'll end up with something like:
Yes, and that is a good start to completely get rid of the non-iovec
version. Keeping two parallel APIs around that have slighly mismatching
semantics is a bad idea. And for scsi-generic in the version in your
the difference is even worse and more subtile.
I think the only way to get this interface future proof is to unify
it. That is always pass an iovec from the HBA driver, and make the
length chunking an explicitly flag passed to ->alloc_req instead of
an implicit one when using the old interface. Then refactor the code
currently resetting.
Talking about scsi-generic, how is the auto request-sense in
scsi_read_data and the mode select snooping in scsi_write_complete
supposed to for for the iovec interface?
> And for the naming:
> The SCSI stack is using 'req' for every function accepting
> SCSIRequest as an argument:
>
> hw/scsi.h:
> SCSIRequest *scsi_req_alloc(size_t size, SCSIDevice *d,
> uint32_t tag, uint32_t lun);
> void scsi_req_free(SCSIRequest *req);
>
> int scsi_req_parse(SCSIRequest *req, uint8_t *buf);
> void scsi_req_print(SCSIRequest *req);
> void scsi_req_complete(SCSIRequest *req);
>
> So using 'alloc_req' and 'free_req' is in line with this naming
> scheme. Using 'alloc_request' and 'free_request' really looked odd
> in the light of the general usage.
Keeping the method names is fine, but please name the implementations
matching it, e.g.
scsi_alloc_req and co.
And yes, using the scsi_ prefix is a bit confusing with the generic
code also using it, eventually the disk driver should use scsi_disk
and the generic driver scsi_generic prefixes.
And in general it would be nice if you could simplify answer to reviews.
If something that the reviewer requests doesn't make sense state so in
reply instead of silently ignoring it.
^ permalink raw reply [flat|nested] 38+ messages in thread
* Re: [Qemu-devel] [PATCH 13/15] scsi: Implement alloc_req_iov callback
2010-11-25 15:29 ` Christoph Hellwig
@ 2010-11-25 16:21 ` Hannes Reinecke
2010-11-26 0:06 ` Paul Brook
0 siblings, 1 reply; 38+ messages in thread
From: Hannes Reinecke @ 2010-11-25 16:21 UTC (permalink / raw)
To: Christoph Hellwig; +Cc: stefanha, qemu-devel, nab, kraxel
On 11/25/2010 04:29 PM, Christoph Hellwig wrote:
> On Thu, Nov 25, 2010 at 09:53:25AM +0100, Hannes Reinecke wrote:
>> Looked into it.
>> Sure I could be doing it for scsi-disk; for scsi-generic it won't
>> work, though. And it's not much of a code-share to have from it;
>> you'll end up with something like:
>
> Yes, and that is a good start to completely get rid of the non-iovec
> version. Keeping two parallel APIs around that have slighly mismatching
> semantics is a bad idea. And for scsi-generic in the version in your
> the difference is even worse and more subtile.
>
> I think the only way to get this interface future proof is to unify
> it. That is always pass an iovec from the HBA driver, and make the
> length chunking an explicitly flag passed to ->alloc_req instead of
> an implicit one when using the old interface. Then refactor the code
> currently resetting.
>
I don't think that'll work. It's only in send_command() when the CDB
is parsed, and only then we do know how much data we should be
expecting.
If you have a iovec passed in this doesn't matter as you can't
really enlarge it. But in the other case you really need the size if
you want to allocate a buffer large enough to hold the data.
I must say I'd like to get rid of the chunking transfer in scsi-disk.
To have it for scsi-disk only is really pointless, as you can
potentially send exactly the same commands via scsi-generic.
So for scsi-generic to work properly qemu need to be able to
allocate the _entire_ data buffer. And hence qemu _must_ be able to
allocate the same buffer for the scsi-disk emulation.
So any malloc space arguments don't really work out here.
By the same reasoning we could remove the chunking altogether;
any HBA _must_ be capable of issuing the entire data (if issued via
scsi-generic) even today. So I don't really buy the argument of
chunking being required for large I/Os.
But then, I've been down that road already.
With no large success.
> Talking about scsi-generic, how is the auto request-sense in
> scsi_read_data and the mode select snooping in scsi_write_complete
> supposed to for for the iovec interface?
>
The sense code is actually a property of the device, no the command.
And a REQUEST_SENSE command will just return the status of the last
command. So the sense buffer is always stored with the device
in SCSIGenericState and can be retrieved at will.
But you are correct, the MODE SELECT snooping needs to be modified.
No big deal, though.
>> And for the naming:
>> The SCSI stack is using 'req' for every function accepting
>> SCSIRequest as an argument:
>>
>> hw/scsi.h:
>> SCSIRequest *scsi_req_alloc(size_t size, SCSIDevice *d,
>> uint32_t tag, uint32_t lun);
>> void scsi_req_free(SCSIRequest *req);
>>
>> int scsi_req_parse(SCSIRequest *req, uint8_t *buf);
>> void scsi_req_print(SCSIRequest *req);
>> void scsi_req_complete(SCSIRequest *req);
>>
>> So using 'alloc_req' and 'free_req' is in line with this naming
>> scheme. Using 'alloc_request' and 'free_request' really looked odd
>> in the light of the general usage.
>
> Keeping the method names is fine, but please name the implementations
> matching it, e.g.
>
> scsi_alloc_req and co.
>
> And yes, using the scsi_ prefix is a bit confusing with the generic
> code also using it, eventually the disk driver should use scsi_disk
> and the generic driver scsi_generic prefixes.
>
Ah, now I think I see what you mean.
You were think along these lines:
static SCSIDeviceInfo scsi_generic_info = {
.qdev.name = "scsi-generic",
.qdev.desc = "pass through generic scsi device (/dev/sg*)",
.qdev.size = sizeof(SCSIGenericState),
.qdev.reset = scsi_generic_reset,
.init = scsi_generic_initfn,
.destroy = scsi_destroy,
.alloc_req = scsi_generic_alloc_req,
.alloc_req_iov = scsi_generic_alloc_req_iovec,
.free_req = scsi_generic_free_req,
.send_command = scsi_send_command,
.read_data = scsi_read_data,
correct?
Yeah, that's easy to do.
> And in general it would be nice if you could simplify answer to reviews.
> If something that the reviewer requests doesn't make sense state so in
> reply instead of silently ignoring it.
Will do in the future.
Cheers,
Hannes
--
Dr. Hannes Reinecke zSeries & Storage
hare@suse.de +49 911 74053 688
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: Markus Rex, HRB 16746 (AG Nürnberg)
^ permalink raw reply [flat|nested] 38+ messages in thread
* [Qemu-devel] Re: [PATCH 14/15] megasas: LSI Megaraid SAS emulation
2010-11-24 11:16 ` [Qemu-devel] [PATCH 14/15] megasas: LSI Megaraid SAS emulation Hannes Reinecke
2010-11-25 14:36 ` [Qemu-devel] " Stefan Hajnoczi
@ 2010-11-25 20:47 ` Sebastian Herbszt
2010-12-21 12:06 ` Hannes Reinecke
1 sibling, 1 reply; 38+ messages in thread
From: Sebastian Herbszt @ 2010-11-25 20:47 UTC (permalink / raw)
To: Hannes Reinecke, qemu-devel; +Cc: stefanha, kraxel, nab
Hannes Reinecke wrote:
> +static int megasas_scsi_init(PCIDevice *dev)
> +{
> + MPTState *s = DO_UPCAST(MPTState, dev, dev);
> + uint8_t *pci_conf;
> + int i;
> +
> + pci_conf = s->dev.config;
> +
> + /* PCI Vendor ID (word) */
> + pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_LSI_LOGIC);
> + /* PCI device ID (word) */
> + pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_LSI_SAS1078);
> + /* PCI subsystem ID */
> + pci_set_word(&pci_conf[PCI_SUBSYSTEM_VENDOR_ID], 0x1000);
PCI_VENDOR_ID_LSI_LOGIC
> + pci_set_word(&pci_conf[PCI_SUBSYSTEM_ID], 0x1013);
What is 0x1013?
> + /* PCI base class code */
> + pci_config_set_class(pci_conf, PCI_CLASS_STORAGE_RAID);
> +
> + /* PCI latency timer = 0 */
> + pci_conf[0x0d] = 0;
PCI_LATENCY_TIMER
> + /* Interrupt pin 1 */
> + pci_conf[0x3d] = 0x01;
pci_config_set_interrupt_pin()
Sebastian
^ permalink raw reply [flat|nested] 38+ messages in thread
* Re: [Qemu-devel] [PATCH 13/15] scsi: Implement alloc_req_iov callback
2010-11-25 16:21 ` Hannes Reinecke
@ 2010-11-26 0:06 ` Paul Brook
0 siblings, 0 replies; 38+ messages in thread
From: Paul Brook @ 2010-11-26 0:06 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, kraxel, Hannes Reinecke, nab, Christoph Hellwig
> I must say I'd like to get rid of the chunking transfer in scsi-disk.
> To have it for scsi-disk only is really pointless, as you can
> potentially send exactly the same commands via scsi-generic.
> So for scsi-generic to work properly qemu need to be able to
> allocate the _entire_ data buffer. And hence qemu _must_ be able to
> allocate the same buffer for the scsi-disk emulation.
> So any malloc space arguments don't really work out here.
>
> By the same reasoning we could remove the chunking altogether;
> any HBA _must_ be capable of issuing the entire data (if issued via
> scsi-generic) even today. So I don't really buy the argument of
> chunking being required for large I/Os.
We've been over this before. Your logic is fundamentally flawed.
In many cases The HBA simply doesn't know where the data is going to go until
after the command has been issued. Issuing the command (which may fail) and
setting up the buffer to receive the data are separate operations, and there
may be guest visible state in between. Even if you assume the initial command
is accepted successfully, the DMA buffer may be submitted in several parts. If
the device response does not full all these parts then we should not be
accessing the unused ones. And this is assuming your HBA is DMA capable to
start with - a USB mass storage device almost certainly isn't.
Even if you do know the full DMA buffer ahead of time, there's no guarantee
that you'll actually be able to map it all at once. You have to assume that
bounce buffers are required, and only a small chunk of the ram can be mapped
at any point.
Combine this with the fact that the guest may submit arbitrarily large
requests and you need some form of chunking. IIRC the passthrough support
ignores the linux interface already restricts you to relatively small
requests.
Paul
^ permalink raw reply [flat|nested] 38+ messages in thread
* [Qemu-devel] Re: [PATCH 00/15] Megasas HBA emulation and SCSI update v.3
2010-11-24 16:50 ` [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Christoph Hellwig
@ 2010-12-10 22:14 ` Paolo Bonzini
2010-12-13 7:32 ` Hannes Reinecke
0 siblings, 1 reply; 38+ messages in thread
From: Paolo Bonzini @ 2010-12-10 22:14 UTC (permalink / raw)
To: Christoph Hellwig
Cc: stefanha, Hannes Reinecke, qemu-devel, nab, Paul Brook, kraxel
On 11/24/2010 05:50 PM, Christoph Hellwig wrote:
> Btw, it might make sense to split this series into two.
>
> Patches 1 to 11 are genuine improvements to the SCSI code, which I'd
> like to see merged ASAP. The rest is the actual megasas driver, which
> I still want to see, but haven't even gotten to review yet.
Ping for patches 1 to 11?
Paolo
^ permalink raw reply [flat|nested] 38+ messages in thread
* [Qemu-devel] Re: [PATCH 00/15] Megasas HBA emulation and SCSI update v.3
2010-12-10 22:14 ` [Qemu-devel] " Paolo Bonzini
@ 2010-12-13 7:32 ` Hannes Reinecke
2010-12-16 1:45 ` Benjamin Herrenschmidt
0 siblings, 1 reply; 38+ messages in thread
From: Hannes Reinecke @ 2010-12-13 7:32 UTC (permalink / raw)
To: Paolo Bonzini
Cc: stefanha, qemu-devel, nab, Paul Brook, Christoph Hellwig, kraxel
On 12/10/2010 11:14 PM, Paolo Bonzini wrote:
> On 11/24/2010 05:50 PM, Christoph Hellwig wrote:
>> Btw, it might make sense to split this series into two.
>>
>> Patches 1 to 11 are genuine improvements to the SCSI code, which I'd
>> like to see merged ASAP. The rest is the actual megasas driver, which
>> I still want to see, but haven't even gotten to review yet.
>
> Ping for patches 1 to 11?
>
> Paolo
The first few already have been merged by Kevin Wolf; I'll see to
prepare an updated patchset.
Cheers,
Hannes
--
Dr. Hannes Reinecke zSeries & Storage
hare@suse.de +49 911 74053 688
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: Markus Rex, HRB 16746 (AG Nürnberg)
^ permalink raw reply [flat|nested] 38+ messages in thread
* Re: [Qemu-devel] Re: [PATCH 00/15] Megasas HBA emulation and SCSI update v.3
2010-12-13 7:32 ` Hannes Reinecke
@ 2010-12-16 1:45 ` Benjamin Herrenschmidt
2010-12-16 1:48 ` Benjamin Herrenschmidt
` (2 more replies)
0 siblings, 3 replies; 38+ messages in thread
From: Benjamin Herrenschmidt @ 2010-12-16 1:45 UTC (permalink / raw)
To: Hannes Reinecke
Cc: stefanha, qemu-devel, nab, Paul Brook, Paolo Bonzini,
Christoph Hellwig, kraxel
On Mon, 2010-12-13 at 08:32 +0100, Hannes Reinecke wrote:
> On 12/10/2010 11:14 PM, Paolo Bonzini wrote:
> > On 11/24/2010 05:50 PM, Christoph Hellwig wrote:
> >> Btw, it might make sense to split this series into two.
> >>
> >> Patches 1 to 11 are genuine improvements to the SCSI code, which I'd
> >> like to see merged ASAP. The rest is the actual megasas driver, which
> >> I still want to see, but haven't even gotten to review yet.
> >
> > Ping for patches 1 to 11?
> >
> > Paolo
>
> The first few already have been merged by Kevin Wolf; I'll see to
> prepare an updated patchset.
Actually, I was about to ask as I'd like to base some new work of mine
on top of these. I don't see any recent commit from Kevin in the qemu
master branch (nor in any other branch on
http://git.savannah.gnu.org/cgit/qemu.git/log/).
Does Kevin maintain a separate staging tree ?
Cheers,
Ben.
^ permalink raw reply [flat|nested] 38+ messages in thread
* Re: [Qemu-devel] Re: [PATCH 00/15] Megasas HBA emulation and SCSI update v.3
2010-12-16 1:45 ` Benjamin Herrenschmidt
@ 2010-12-16 1:48 ` Benjamin Herrenschmidt
2010-12-16 8:34 ` Stefan Hajnoczi
2010-12-16 14:58 ` Kevin Wolf
2 siblings, 0 replies; 38+ messages in thread
From: Benjamin Herrenschmidt @ 2010-12-16 1:48 UTC (permalink / raw)
To: Hannes Reinecke
Cc: stefanha, qemu-devel, nab, Paul Brook, Paolo Bonzini,
Christoph Hellwig, kraxel
On Thu, 2010-12-16 at 12:45 +1100, Benjamin Herrenschmidt wrote:
> On Mon, 2010-12-13 at 08:32 +0100, Hannes Reinecke wrote:
> > On 12/10/2010 11:14 PM, Paolo Bonzini wrote:
> > > On 11/24/2010 05:50 PM, Christoph Hellwig wrote:
> > >> Btw, it might make sense to split this series into two.
> > >>
> > >> Patches 1 to 11 are genuine improvements to the SCSI code, which I'd
> > >> like to see merged ASAP. The rest is the actual megasas driver, which
> > >> I still want to see, but haven't even gotten to review yet.
> > >
> > > Ping for patches 1 to 11?
> > >
> > > Paolo
> >
> > The first few already have been merged by Kevin Wolf; I'll see to
> > prepare an updated patchset.
>
> Actually, I was about to ask as I'd like to base some new work of mine
> on top of these. I don't see any recent commit from Kevin in the qemu
> master branch (nor in any other branch on
> http://git.savannah.gnu.org/cgit/qemu.git/log/).
>
> Does Kevin maintain a separate staging tree ?
BTW. I could use patch 12 too (get_sense() callback :-) Would save me
from manufacturing REQUEST_SENSE etc... I can carry it locally for the
time being but it would be nice to have it upstream.
Cheers,
Ben.
^ permalink raw reply [flat|nested] 38+ messages in thread
* Re: [Qemu-devel] Re: [PATCH 00/15] Megasas HBA emulation and SCSI update v.3
2010-12-16 1:45 ` Benjamin Herrenschmidt
2010-12-16 1:48 ` Benjamin Herrenschmidt
@ 2010-12-16 8:34 ` Stefan Hajnoczi
2010-12-16 14:58 ` Kevin Wolf
2 siblings, 0 replies; 38+ messages in thread
From: Stefan Hajnoczi @ 2010-12-16 8:34 UTC (permalink / raw)
To: Benjamin Herrenschmidt
Cc: kraxel, qemu-devel, nab, Paul Brook, Paolo Bonzini,
Christoph Hellwig, Hannes Reinecke
On Thu, Dec 16, 2010 at 1:45 AM, Benjamin Herrenschmidt
<benh@kernel.crashing.org> wrote:
> On Mon, 2010-12-13 at 08:32 +0100, Hannes Reinecke wrote:
>> On 12/10/2010 11:14 PM, Paolo Bonzini wrote:
>> > On 11/24/2010 05:50 PM, Christoph Hellwig wrote:
>> >> Btw, it might make sense to split this series into two.
>> >>
>> >> Patches 1 to 11 are genuine improvements to the SCSI code, which I'd
>> >> like to see merged ASAP. The rest is the actual megasas driver, which
>> >> I still want to see, but haven't even gotten to review yet.
>> >
>> > Ping for patches 1 to 11?
>> >
>> > Paolo
>>
>> The first few already have been merged by Kevin Wolf; I'll see to
>> prepare an updated patchset.
>
> Actually, I was about to ask as I'd like to base some new work of mine
> on top of these. I don't see any recent commit from Kevin in the qemu
> master branch (nor in any other branch on
> http://git.savannah.gnu.org/cgit/qemu.git/log/).
>
> Does Kevin maintain a separate staging tree ?
http://repo.or.cz/w/qemu/kevin.git/shortlog/refs/heads/block
Stefan
^ permalink raw reply [flat|nested] 38+ messages in thread
* Re: [Qemu-devel] Re: [PATCH 00/15] Megasas HBA emulation and SCSI update v.3
2010-12-16 1:45 ` Benjamin Herrenschmidt
2010-12-16 1:48 ` Benjamin Herrenschmidt
2010-12-16 8:34 ` Stefan Hajnoczi
@ 2010-12-16 14:58 ` Kevin Wolf
2 siblings, 0 replies; 38+ messages in thread
From: Kevin Wolf @ 2010-12-16 14:58 UTC (permalink / raw)
To: Benjamin Herrenschmidt
Cc: kraxel, stefanha, qemu-devel, nab, Paul Brook, Paolo Bonzini,
Christoph Hellwig, Hannes Reinecke
Am 16.12.2010 02:45, schrieb Benjamin Herrenschmidt:
> On Mon, 2010-12-13 at 08:32 +0100, Hannes Reinecke wrote:
>> On 12/10/2010 11:14 PM, Paolo Bonzini wrote:
>>> On 11/24/2010 05:50 PM, Christoph Hellwig wrote:
>>>> Btw, it might make sense to split this series into two.
>>>>
>>>> Patches 1 to 11 are genuine improvements to the SCSI code, which I'd
>>>> like to see merged ASAP. The rest is the actual megasas driver, which
>>>> I still want to see, but haven't even gotten to review yet.
>>>
>>> Ping for patches 1 to 11?
>>>
>>> Paolo
>>
>> The first few already have been merged by Kevin Wolf; I'll see to
>> prepare an updated patchset.
>
> Actually, I was about to ask as I'd like to base some new work of mine
> on top of these. I don't see any recent commit from Kevin in the qemu
> master branch (nor in any other branch on
> http://git.savannah.gnu.org/cgit/qemu.git/log/).
Patches 1 to 5 are already in master, for the rest I'm waiting for the
next update. If you need them earlier for basing your own work on them I
can take this version of the patches into my block branch, even though
some of the need an update before they can be merged into master.
> Does Kevin maintain a separate staging tree ?
It's at git://repo.or.cz/qemu/kevin.git block
Kevin
^ permalink raw reply [flat|nested] 38+ messages in thread
* Re: [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
` (15 preceding siblings ...)
2010-11-24 16:50 ` [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Christoph Hellwig
@ 2010-12-20 14:59 ` Christoph Hellwig
2010-12-20 15:25 ` Hannes Reinecke
16 siblings, 1 reply; 38+ messages in thread
From: Christoph Hellwig @ 2010-12-20 14:59 UTC (permalink / raw)
To: Hannes Reinecke; +Cc: stefanha, qemu-devel, nab, kraxel
Any chance you could resubmit the remaining patches after addressing the
outstanding comments? We'll really need the scsi changes to move
forward without introducing conflicts.
^ permalink raw reply [flat|nested] 38+ messages in thread
* Re: [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3
2010-12-20 14:59 ` [Qemu-devel] " Christoph Hellwig
@ 2010-12-20 15:25 ` Hannes Reinecke
0 siblings, 0 replies; 38+ messages in thread
From: Hannes Reinecke @ 2010-12-20 15:25 UTC (permalink / raw)
To: Christoph Hellwig; +Cc: stefanha, qemu-devel, nab, kraxel
On 12/20/2010 03:59 PM, Christoph Hellwig wrote:
> Any chance you could resubmit the remaining patches after addressing the
> outstanding comments? We'll really need the scsi changes to move
> forward without introducing conflicts.
>
Yes, I'm currently rebasing my patchset relative to Kevin's git tree.
Hopefully I'll be finished sometime this week.
Cheers,
Hannes
--
Dr. Hannes Reinecke zSeries & Storage
hare@suse.de +49 911 74053 688
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: Markus Rex, HRB 16746 (AG Nürnberg)
^ permalink raw reply [flat|nested] 38+ messages in thread
* Re: [Qemu-devel] [PATCH 06/15] scsi: Update sense code handling
2010-11-25 14:33 ` Kevin Wolf
@ 2010-12-21 11:56 ` Hannes Reinecke
0 siblings, 0 replies; 38+ messages in thread
From: Hannes Reinecke @ 2010-12-21 11:56 UTC (permalink / raw)
To: Kevin Wolf; +Cc: stefanha, qemu-devel, nab, kraxel
On 11/25/2010 03:33 PM, Kevin Wolf wrote:
> Am 24.11.2010 12:16, schrieb Hannes Reinecke:
>> The SCSI spec has a quite detailed list of sense codes available.
>> It even mandates the use of specific ones for some failure cases.
>> The current implementation just has one type of 'generic' error
>> which is actually a violation of the spec in certain cases.
>> This patch introduces various predefined sense codes to have the
>> sense code reporting more in line with the spec.
>>
>> Signed-off-by: Hannes Reinecke <hare@suse.de>
>> Acked-by: Christoph Hellwig <hch@lst.de>
>> ---
>> hw/scsi-bus.c | 92 ++++++++++++++++++++++++++++++++++++++++++++
>> hw/scsi-disk.c | 109 +++++++++++++++++++++++++++--------------------------
>> hw/scsi-generic.c | 76 ++++++++++++++++++++++++++-----------
>> hw/scsi.h | 38 ++++++++++++++++++
>> 4 files changed, 239 insertions(+), 76 deletions(-)
>>
>> diff --git a/hw/scsi-bus.c b/hw/scsi-bus.c
>> index 93f0e9a..afdf0ad 100644
>> --- a/hw/scsi-bus.c
>> +++ b/hw/scsi-bus.c
>> @@ -388,6 +388,98 @@ int scsi_req_parse(SCSIRequest *req, uint8_t *buf)
>> return 0;
>> }
>>
>> +/*
>> + * Predefined sense codes
>> + */
>> +
>> +/* No sense data available */
>> +const struct SCSISense sense_code_NO_SENSE = {
>> + .key = NO_SENSE , .asc = 0x00 , .ascq = 0x00
>> +};
>> +
>> +/* LUN not ready, Manual intervention required */
>> +const struct SCSISense sense_code_LUN_NOT_READY = {
>> + .key = NOT_READY, .asc = 0x04, .ascq = 0x03
>> +};
>> +
>> +/* LUN not ready, Medium not present */
>> +const struct SCSISense sense_code_NO_MEDIUM = {
>> + .key = NOT_READY, .asc = 0x3a, .ascq = 0x00
>> +};
>> +
>> +/* Hardware error, internal target failure */
>> +const struct SCSISense sense_code_TARGET_FAILURE = {
>> + .key = HARDWARE_ERROR, .asc = 0x44, .ascq = 0x00
>> +};
>> +
>> +/* Illegal request, invalid command operation code */
>> +const struct SCSISense sense_code_INVALID_OPCODE = {
>> + .key = ILLEGAL_REQUEST, .asc = 0x20, .ascq = 0x00
>> +};
>> +
>> +/* Illegal request, LBA out of range */
>> +const struct SCSISense sense_code_LBA_OUT_OF_RANGE = {
>> + .key = ILLEGAL_REQUEST, .asc = 0x21, .ascq = 0x00
>> +};
>> +
>> +/* Illegal request, Invalid field in CDB */
>> +const struct SCSISense sense_code_INVALID_FIELD = {
>> + .key = ILLEGAL_REQUEST, .asc = 0x24, .ascq = 0x00
>> +};
>> +
>> +/* Illegal request, LUN not supported */
>> +const struct SCSISense sense_code_LUN_NOT_SUPPORTED = {
>> + .key = ILLEGAL_REQUEST, .asc = 0x25, .ascq = 0x00
>> +};
>> +
>> +/* Command aborted, I/O process terminated */
>> +const struct SCSISense sense_code_IO_ERROR = {
>> + .key = ABORTED_COMMAND, .asc = 0x00, .ascq = 0x06
>> +};
>> +
>> +/* Command aborted, I_T Nexus loss occurred */
>> +const struct SCSISense sense_code_I_T_NEXUS_LOSS = {
>> + .key = ABORTED_COMMAND, .asc = 0x29, .ascq = 0x07
>> +};
>> +
>> +/* Command aborted, Logical Unit failure */
>> +const struct SCSISense sense_code_LUN_FAILURE = {
>> + .key = ABORTED_COMMAND, .asc = 0x3e, .ascq = 0x01
>> +};
>> +
>> +/*
>> + * scsi_build_sense
>> + *
>> + * Build a sense buffer
>> + */
>> +int scsi_build_sense(SCSISense sense, uint8_t *buf, int len, int fixed)
>> +{
>> + if (len < 8)
>> + return 0;
>> + if (fixed && len < 14)
>> + return 0;
>> +
>> + memset(buf, 0, len);
>> + if (fixed) {
>> + /* Return fixed format sense buffer */
>> + buf[0] = 0xf0;
>> + buf[2] = sense.key;
>> + buf[7] = 7;
>> + buf[12] = sense.asc;
>> + buf[13] = sense.ascq;
>> + len = 14;
>
> My spec says: "Device servers shall return at least 18 bytes of
> parameter data in response to a REQUEST SENSE command if the allocation
> length is 18 or greater and the DESC bit is set to zero."
>
> So should this be MIN(len, 18) instead?
>
Yes, you are correct.
And we should actually always return sense data, even if the length
is smaller than the minimum.
Fixed in my megasas git tree; will be included in the next round of
patches.
Cheers,
Hannes
--
Dr. Hannes Reinecke zSeries & Storage
hare@suse.de +49 911 74053 688
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: Markus Rex, HRB 16746 (AG Nürnberg)
^ permalink raw reply [flat|nested] 38+ messages in thread
* Re: [Qemu-devel] Re: [PATCH 14/15] megasas: LSI Megaraid SAS emulation
2010-11-25 20:47 ` Sebastian Herbszt
@ 2010-12-21 12:06 ` Hannes Reinecke
0 siblings, 0 replies; 38+ messages in thread
From: Hannes Reinecke @ 2010-12-21 12:06 UTC (permalink / raw)
To: Sebastian Herbszt; +Cc: stefanha, qemu-devel, nab, kraxel
On 11/25/2010 09:47 PM, Sebastian Herbszt wrote:
> Hannes Reinecke wrote:
>> +static int megasas_scsi_init(PCIDevice *dev)
>> +{
>> + MPTState *s = DO_UPCAST(MPTState, dev, dev);
>> + uint8_t *pci_conf;
>> + int i;
>> +
>> + pci_conf = s->dev.config;
>> +
>> + /* PCI Vendor ID (word) */
>> + pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_LSI_LOGIC);
>> + /* PCI device ID (word) */
>> + pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_LSI_SAS1078);
>> + /* PCI subsystem ID */
>> + pci_set_word(&pci_conf[PCI_SUBSYSTEM_VENDOR_ID], 0x1000);
>
> PCI_VENDOR_ID_LSI_LOGIC
>
Ok.
>> + pci_set_word(&pci_conf[PCI_SUBSYSTEM_ID], 0x1013);
>
> What is 0x1013?
>
That's the device ID for Megaraid SAS 8708EM2.
I'll be adding a #define for it.
>> + /* PCI base class code */
>> + pci_config_set_class(pci_conf, PCI_CLASS_STORAGE_RAID);
>> +
>> + /* PCI latency timer = 0 */
>> + pci_conf[0x0d] = 0;
>
> PCI_LATENCY_TIMER
>
Ok.
>> + /* Interrupt pin 1 */
>> + pci_conf[0x3d] = 0x01;
>
> pci_config_set_interrupt_pin()
>
Ok.
Fixed in my megasas git tree. Will be included in the next
round of patches.
Cheers,
Hannes
--
Dr. Hannes Reinecke zSeries & Storage
hare@suse.de +49 911 74053 688
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: Markus Rex, HRB 16746 (AG Nürnberg)
^ permalink raw reply [flat|nested] 38+ messages in thread
end of thread, other threads:[~2010-12-21 12:01 UTC | newest]
Thread overview: 38+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-11-24 11:15 [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Hannes Reinecke
2010-11-24 11:15 ` [Qemu-devel] [PATCH 01/15] scsi: Increase the number of possible devices Hannes Reinecke
2010-11-24 11:15 ` [Qemu-devel] [PATCH 02/15] scsi: Return SAM status codes Hannes Reinecke
2010-11-24 16:51 ` Christoph Hellwig
2010-11-24 11:15 ` [Qemu-devel] [PATCH 03/15] scsi: INQUIRY VPD fixes Hannes Reinecke
2010-11-24 11:15 ` [Qemu-devel] [PATCH 04/15] scsi: Move sense handling into the driver Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 05/15] scsi-disk: Remove duplicate cdb parsing Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 06/15] scsi: Update sense code handling Hannes Reinecke
2010-11-25 14:33 ` Kevin Wolf
2010-12-21 11:56 ` Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 07/15] lsi53c895a: Rename 'sense' to 'status' Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 08/15] scsi-disk: Allocate iovec dynamically Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 09/15] scsi: Use 'SCSIRequest' directly Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 10/15] scsi-disk: add data direction checking Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 11/15] Remove 'bus' argument from SCSI command completion callbacks Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 12/15] scsi: Implement 'get_sense' callback Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 13/15] scsi: Implement alloc_req_iov callback Hannes Reinecke
2010-11-24 16:52 ` Christoph Hellwig
2010-11-25 8:53 ` Hannes Reinecke
2010-11-25 15:29 ` Christoph Hellwig
2010-11-25 16:21 ` Hannes Reinecke
2010-11-26 0:06 ` Paul Brook
2010-11-24 11:16 ` [Qemu-devel] [PATCH 14/15] megasas: LSI Megaraid SAS emulation Hannes Reinecke
2010-11-25 14:36 ` [Qemu-devel] " Stefan Hajnoczi
2010-11-25 14:50 ` Hannes Reinecke
2010-11-25 14:52 ` Stefan Hajnoczi
2010-11-25 20:47 ` Sebastian Herbszt
2010-12-21 12:06 ` Hannes Reinecke
2010-11-24 11:16 ` [Qemu-devel] [PATCH 15/15] Make SCSI HBA configurable Hannes Reinecke
2010-11-24 16:50 ` [Qemu-devel] [PATCH 00/15] Megasas HBA emulation and SCSI update v.3 Christoph Hellwig
2010-12-10 22:14 ` [Qemu-devel] " Paolo Bonzini
2010-12-13 7:32 ` Hannes Reinecke
2010-12-16 1:45 ` Benjamin Herrenschmidt
2010-12-16 1:48 ` Benjamin Herrenschmidt
2010-12-16 8:34 ` Stefan Hajnoczi
2010-12-16 14:58 ` Kevin Wolf
2010-12-20 14:59 ` [Qemu-devel] " Christoph Hellwig
2010-12-20 15:25 ` Hannes Reinecke
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).