qemu

1
/*
2
 * QEMU VMWARE PVSCSI paravirtual SCSI bus
3
 *
4
 * Copyright (c) 2012 Ravello Systems LTD (http://ravellosystems.com)
5
 *
6
 * Developed by Daynix Computing LTD (http://www.daynix.com)
7
 *
8
 * Based on implementation by Paolo Bonzini
9
 * http://lists.gnu.org/archive/html/qemu-devel/2011-08/msg00729.html
10
 *
11
 * Authors:
12
 * Paolo Bonzini <pbonzini@redhat.com>
13
 * Dmitry Fleytman <dmitry@daynix.com>
14
 * Yan Vugenfirer <yan@daynix.com>
15
 *
16
 * This work is licensed under the terms of the GNU GPL, version 2.
17
 * See the COPYING file in the top-level directory.
18
 *
19
 * NOTE about MSI-X:
20
 * MSI-X support has been removed for the moment because it leads Windows OS
21
 * to crash on startup. The crash happens because Windows driver requires
22
 * MSI-X shared memory to be part of the same BAR used for rings state
23
 * registers, etc. This is not supported by QEMU infrastructure so separate
24
 * BAR created from MSI-X purposes. Windows driver fails to deal with 2 BARs.
25
 *
26
 */
27

28
#include "qemu/osdep.h"
29
#include "qapi/error.h"
30
#include "qemu/main-loop.h"
31
#include "qemu/module.h"
32
#include "hw/scsi/scsi.h"
33
#include "migration/vmstate.h"
34
#include "scsi/constants.h"
35
#include "hw/pci/msi.h"
36
#include "hw/qdev-properties.h"
37
#include "vmw_pvscsi.h"
38
#include "trace.h"
39
#include "qom/object.h"
40

41

42
#define PVSCSI_USE_64BIT         (true)
43
#define PVSCSI_PER_VECTOR_MASK   (false)
44

45
#define PVSCSI_MAX_DEVS                   (64)
46
#define PVSCSI_MSIX_NUM_VECTORS           (1)
47

48
#define PVSCSI_MAX_SG_ELEM                2048
49

50
#define PVSCSI_MAX_CMD_DATA_WORDS \
51
    (sizeof(PVSCSICmdDescSetupRings)/sizeof(uint32_t))
52

53
#define RS_GET_FIELD(pval, m, field) \
54
    ldl_le_pci_dma(&container_of(m, PVSCSIState, rings)->parent_obj, \
55
                 (m)->rs_pa + offsetof(struct PVSCSIRingsState, field), \
56
                 pval, MEMTXATTRS_UNSPECIFIED)
57
#define RS_SET_FIELD(m, field, val) \
58
    (stl_le_pci_dma(&container_of(m, PVSCSIState, rings)->parent_obj, \
59
                 (m)->rs_pa + offsetof(struct PVSCSIRingsState, field), val, \
60
                 MEMTXATTRS_UNSPECIFIED))
61

62
struct PVSCSIClass {
63
    PCIDeviceClass parent_class;
64
    DeviceRealize parent_dc_realize;
65
};
66

67
#define TYPE_PVSCSI "pvscsi"
68
OBJECT_DECLARE_TYPE(PVSCSIState, PVSCSIClass, PVSCSI)
69

70

71
/* Compatibility flags for migration */
72
#define PVSCSI_COMPAT_OLD_PCI_CONFIGURATION_BIT 0
73
#define PVSCSI_COMPAT_OLD_PCI_CONFIGURATION \
74
    (1 << PVSCSI_COMPAT_OLD_PCI_CONFIGURATION_BIT)
75
#define PVSCSI_COMPAT_DISABLE_PCIE_BIT 1
76
#define PVSCSI_COMPAT_DISABLE_PCIE \
77
    (1 << PVSCSI_COMPAT_DISABLE_PCIE_BIT)
78

79
#define PVSCSI_USE_OLD_PCI_CONFIGURATION(s) \
80
    ((s)->compat_flags & PVSCSI_COMPAT_OLD_PCI_CONFIGURATION)
81
#define PVSCSI_MSI_OFFSET(s) \
82
    (PVSCSI_USE_OLD_PCI_CONFIGURATION(s) ? 0x50 : 0x7c)
83
#define PVSCSI_EXP_EP_OFFSET (0x40)
84

85
typedef struct PVSCSIRingInfo {
86
    uint64_t            rs_pa;
87
    uint32_t            txr_len_mask;
88
    uint32_t            rxr_len_mask;
89
    uint32_t            msg_len_mask;
90
    uint64_t            req_ring_pages_pa[PVSCSI_SETUP_RINGS_MAX_NUM_PAGES];
91
    uint64_t            cmp_ring_pages_pa[PVSCSI_SETUP_RINGS_MAX_NUM_PAGES];
92
    uint64_t            msg_ring_pages_pa[PVSCSI_SETUP_MSG_RING_MAX_NUM_PAGES];
93
    uint64_t            consumed_ptr;
94
    uint64_t            filled_cmp_ptr;
95
    uint64_t            filled_msg_ptr;
96
} PVSCSIRingInfo;
97

98
typedef struct PVSCSISGState {
99
    hwaddr elemAddr;
100
    hwaddr dataAddr;
101
    uint32_t resid;
102
} PVSCSISGState;
103

104
typedef QTAILQ_HEAD(, PVSCSIRequest) PVSCSIRequestList;
105

106
struct PVSCSIState {
107
    PCIDevice parent_obj;
108
    MemoryRegion io_space;
109
    SCSIBus bus;
110
    QEMUBH *completion_worker;
111
    PVSCSIRequestList pending_queue;
112
    PVSCSIRequestList completion_queue;
113

114
    uint64_t reg_interrupt_status;        /* Interrupt status register value */
115
    uint64_t reg_interrupt_enabled;       /* Interrupt mask register value   */
116
    uint64_t reg_command_status;          /* Command status register value   */
117

118
    /* Command data adoption mechanism */
119
    uint64_t curr_cmd;                   /* Last command arrived             */
120
    uint32_t curr_cmd_data_cntr;         /* Amount of data for last command  */
121

122
    /* Collector for current command data */
123
    uint32_t curr_cmd_data[PVSCSI_MAX_CMD_DATA_WORDS];
124

125
    uint8_t rings_info_valid;            /* Whether data rings initialized   */
126
    uint8_t msg_ring_info_valid;         /* Whether message ring initialized */
127
    uint8_t use_msg;                     /* Whether to use message ring      */
128

129
    uint8_t msi_used;                    /* For migration compatibility      */
130
    PVSCSIRingInfo rings;                /* Data transfer rings manager      */
131
    uint32_t resetting;                  /* Reset in progress                */
132

133
    uint32_t compat_flags;
134
};
135

136
typedef struct PVSCSIRequest {
137
    SCSIRequest *sreq;
138
    PVSCSIState *dev;
139
    uint8_t sense_key;
140
    uint8_t completed;
141
    int lun;
142
    QEMUSGList sgl;
143
    PVSCSISGState sg;
144
    struct PVSCSIRingReqDesc req;
145
    struct PVSCSIRingCmpDesc cmp;
146
    QTAILQ_ENTRY(PVSCSIRequest) next;
147
} PVSCSIRequest;
148

149
/* Integer binary logarithm */
150
static int
151
pvscsi_log2(uint32_t input)
152
{
153
    int log = 0;
154
    assert(input > 0);
155
    while (input >> ++log) {
156
    }
157
    return log;
158
}
159

160
static void
161
pvscsi_ring_init_data(PVSCSIRingInfo *m, PVSCSICmdDescSetupRings *ri)
162
{
163
    int i;
164
    uint32_t txr_len_log2, rxr_len_log2;
165
    uint32_t req_ring_size, cmp_ring_size;
166
    m->rs_pa = ri->ringsStatePPN << VMW_PAGE_SHIFT;
167

168
    req_ring_size = ri->reqRingNumPages * PVSCSI_MAX_NUM_REQ_ENTRIES_PER_PAGE;
169
    cmp_ring_size = ri->cmpRingNumPages * PVSCSI_MAX_NUM_CMP_ENTRIES_PER_PAGE;
170
    txr_len_log2 = pvscsi_log2(req_ring_size - 1);
171
    rxr_len_log2 = pvscsi_log2(cmp_ring_size - 1);
172

173
    m->txr_len_mask = MASK(txr_len_log2);
174
    m->rxr_len_mask = MASK(rxr_len_log2);
175

176
    m->consumed_ptr = 0;
177
    m->filled_cmp_ptr = 0;
178

179
    for (i = 0; i < ri->reqRingNumPages; i++) {
180
        m->req_ring_pages_pa[i] = ri->reqRingPPNs[i] << VMW_PAGE_SHIFT;
181
    }
182

183
    for (i = 0; i < ri->cmpRingNumPages; i++) {
184
        m->cmp_ring_pages_pa[i] = ri->cmpRingPPNs[i] << VMW_PAGE_SHIFT;
185
    }
186

187
    RS_SET_FIELD(m, reqProdIdx, 0);
188
    RS_SET_FIELD(m, reqConsIdx, 0);
189
    RS_SET_FIELD(m, reqNumEntriesLog2, txr_len_log2);
190

191
    RS_SET_FIELD(m, cmpProdIdx, 0);
192
    RS_SET_FIELD(m, cmpConsIdx, 0);
193
    RS_SET_FIELD(m, cmpNumEntriesLog2, rxr_len_log2);
194

195
    trace_pvscsi_ring_init_data(txr_len_log2, rxr_len_log2);
196

197
    /* Flush ring state page changes */
198
    smp_wmb();
199
}
200

201
static int
202
pvscsi_ring_init_msg(PVSCSIRingInfo *m, PVSCSICmdDescSetupMsgRing *ri)
203
{
204
    int i;
205
    uint32_t len_log2;
206
    uint32_t ring_size;
207

208
    if (!ri->numPages || ri->numPages > PVSCSI_SETUP_MSG_RING_MAX_NUM_PAGES) {
209
        return -1;
210
    }
211
    ring_size = ri->numPages * PVSCSI_MAX_NUM_MSG_ENTRIES_PER_PAGE;
212
    len_log2 = pvscsi_log2(ring_size - 1);
213

214
    m->msg_len_mask = MASK(len_log2);
215

216
    m->filled_msg_ptr = 0;
217

218
    for (i = 0; i < ri->numPages; i++) {
219
        m->msg_ring_pages_pa[i] = ri->ringPPNs[i] << VMW_PAGE_SHIFT;
220
    }
221

222
    RS_SET_FIELD(m, msgProdIdx, 0);
223
    RS_SET_FIELD(m, msgConsIdx, 0);
224
    RS_SET_FIELD(m, msgNumEntriesLog2, len_log2);
225

226
    trace_pvscsi_ring_init_msg(len_log2);
227

228
    /* Flush ring state page changes */
229
    smp_wmb();
230

231
    return 0;
232
}
233

234
static void
235
pvscsi_ring_cleanup(PVSCSIRingInfo *mgr)
236
{
237
    mgr->rs_pa = 0;
238
    mgr->txr_len_mask = 0;
239
    mgr->rxr_len_mask = 0;
240
    mgr->msg_len_mask = 0;
241
    mgr->consumed_ptr = 0;
242
    mgr->filled_cmp_ptr = 0;
243
    mgr->filled_msg_ptr = 0;
244
    memset(mgr->req_ring_pages_pa, 0, sizeof(mgr->req_ring_pages_pa));
245
    memset(mgr->cmp_ring_pages_pa, 0, sizeof(mgr->cmp_ring_pages_pa));
246
    memset(mgr->msg_ring_pages_pa, 0, sizeof(mgr->msg_ring_pages_pa));
247
}
248

249
static hwaddr
250
pvscsi_ring_pop_req_descr(PVSCSIRingInfo *mgr)
251
{
252
    uint32_t ready_ptr;
253
    uint32_t ring_size = PVSCSI_MAX_NUM_PAGES_REQ_RING
254
                            * PVSCSI_MAX_NUM_REQ_ENTRIES_PER_PAGE;
255

256
    RS_GET_FIELD(&ready_ptr, mgr, reqProdIdx);
257
    if (ready_ptr != mgr->consumed_ptr
258
        && ready_ptr - mgr->consumed_ptr < ring_size) {
259
        uint32_t next_ready_ptr =
260
            mgr->consumed_ptr++ & mgr->txr_len_mask;
261
        uint32_t next_ready_page =
262
            next_ready_ptr / PVSCSI_MAX_NUM_REQ_ENTRIES_PER_PAGE;
263
        uint32_t inpage_idx =
264
            next_ready_ptr % PVSCSI_MAX_NUM_REQ_ENTRIES_PER_PAGE;
265

266
        return mgr->req_ring_pages_pa[next_ready_page] +
267
               inpage_idx * sizeof(PVSCSIRingReqDesc);
268
    } else {
269
        return 0;
270
    }
271
}
272

273
static void
274
pvscsi_ring_flush_req(PVSCSIRingInfo *mgr)
275
{
276
    RS_SET_FIELD(mgr, reqConsIdx, mgr->consumed_ptr);
277
}
278

279
static hwaddr
280
pvscsi_ring_pop_cmp_descr(PVSCSIRingInfo *mgr)
281
{
282
    /*
283
     * According to Linux driver code it explicitly verifies that number
284
     * of requests being processed by device is less then the size of
285
     * completion queue, so device may omit completion queue overflow
286
     * conditions check. We assume that this is true for other (Windows)
287
     * drivers as well.
288
     */
289

290
    uint32_t free_cmp_ptr =
291
        mgr->filled_cmp_ptr++ & mgr->rxr_len_mask;
292
    uint32_t free_cmp_page =
293
        free_cmp_ptr / PVSCSI_MAX_NUM_CMP_ENTRIES_PER_PAGE;
294
    uint32_t inpage_idx =
295
        free_cmp_ptr % PVSCSI_MAX_NUM_CMP_ENTRIES_PER_PAGE;
296
    return mgr->cmp_ring_pages_pa[free_cmp_page] +
297
           inpage_idx * sizeof(PVSCSIRingCmpDesc);
298
}
299

300
static hwaddr
301
pvscsi_ring_pop_msg_descr(PVSCSIRingInfo *mgr)
302
{
303
    uint32_t free_msg_ptr =
304
        mgr->filled_msg_ptr++ & mgr->msg_len_mask;
305
    uint32_t free_msg_page =
306
        free_msg_ptr / PVSCSI_MAX_NUM_MSG_ENTRIES_PER_PAGE;
307
    uint32_t inpage_idx =
308
        free_msg_ptr % PVSCSI_MAX_NUM_MSG_ENTRIES_PER_PAGE;
309
    return mgr->msg_ring_pages_pa[free_msg_page] +
310
           inpage_idx * sizeof(PVSCSIRingMsgDesc);
311
}
312

313
static void
314
pvscsi_ring_flush_cmp(PVSCSIRingInfo *mgr)
315
{
316
    /* Flush descriptor changes */
317
    smp_wmb();
318

319
    trace_pvscsi_ring_flush_cmp(mgr->filled_cmp_ptr);
320

321
    RS_SET_FIELD(mgr, cmpProdIdx, mgr->filled_cmp_ptr);
322
}
323

324
static bool
325
pvscsi_ring_msg_has_room(PVSCSIRingInfo *mgr)
326
{
327
    uint32_t prodIdx;
328
    uint32_t consIdx;
329

330
    RS_GET_FIELD(&prodIdx, mgr, msgProdIdx);
331
    RS_GET_FIELD(&consIdx, mgr, msgConsIdx);
332

333
    return (prodIdx - consIdx) < (mgr->msg_len_mask + 1);
334
}
335

336
static void
337
pvscsi_ring_flush_msg(PVSCSIRingInfo *mgr)
338
{
339
    /* Flush descriptor changes */
340
    smp_wmb();
341

342
    trace_pvscsi_ring_flush_msg(mgr->filled_msg_ptr);
343

344
    RS_SET_FIELD(mgr, msgProdIdx, mgr->filled_msg_ptr);
345
}
346

347
static void
348
pvscsi_reset_state(PVSCSIState *s)
349
{
350
    s->curr_cmd = PVSCSI_CMD_FIRST;
351
    s->curr_cmd_data_cntr = 0;
352
    s->reg_command_status = PVSCSI_COMMAND_PROCESSING_SUCCEEDED;
353
    s->reg_interrupt_status = 0;
354
    pvscsi_ring_cleanup(&s->rings);
355
    s->rings_info_valid = FALSE;
356
    s->msg_ring_info_valid = FALSE;
357
    QTAILQ_INIT(&s->pending_queue);
358
    QTAILQ_INIT(&s->completion_queue);
359
}
360

361
static void
362
pvscsi_update_irq_status(PVSCSIState *s)
363
{
364
    PCIDevice *d = PCI_DEVICE(s);
365
    bool should_raise = s->reg_interrupt_enabled & s->reg_interrupt_status;
366

367
    trace_pvscsi_update_irq_level(should_raise, s->reg_interrupt_enabled,
368
                                  s->reg_interrupt_status);
369

370
    if (msi_enabled(d)) {
371
        if (should_raise) {
372
            trace_pvscsi_update_irq_msi();
373
            msi_notify(d, PVSCSI_VECTOR_COMPLETION);
374
        }
375
        return;
376
    }
377

378
    pci_set_irq(d, !!should_raise);
379
}
380

381
static void
382
pvscsi_raise_completion_interrupt(PVSCSIState *s)
383
{
384
    s->reg_interrupt_status |= PVSCSI_INTR_CMPL_0;
385

386
    /* Memory barrier to flush interrupt status register changes*/
387
    smp_wmb();
388

389
    pvscsi_update_irq_status(s);
390
}
391

392
static void
393
pvscsi_raise_message_interrupt(PVSCSIState *s)
394
{
395
    s->reg_interrupt_status |= PVSCSI_INTR_MSG_0;
396

397
    /* Memory barrier to flush interrupt status register changes*/
398
    smp_wmb();
399

400
    pvscsi_update_irq_status(s);
401
}
402

403
static void
404
pvscsi_cmp_ring_put(PVSCSIState *s, struct PVSCSIRingCmpDesc *cmp_desc)
405
{
406
    hwaddr cmp_descr_pa;
407

408
    cmp_descr_pa = pvscsi_ring_pop_cmp_descr(&s->rings);
409
    trace_pvscsi_cmp_ring_put(cmp_descr_pa);
410
    cpu_physical_memory_write(cmp_descr_pa, cmp_desc, sizeof(*cmp_desc));
411
}
412

413
static void
414
pvscsi_msg_ring_put(PVSCSIState *s, struct PVSCSIRingMsgDesc *msg_desc)
415
{
416
    hwaddr msg_descr_pa;
417

418
    msg_descr_pa = pvscsi_ring_pop_msg_descr(&s->rings);
419
    trace_pvscsi_msg_ring_put(msg_descr_pa);
420
    cpu_physical_memory_write(msg_descr_pa, msg_desc, sizeof(*msg_desc));
421
}
422

423
static void
424
pvscsi_process_completion_queue(void *opaque)
425
{
426
    PVSCSIState *s = opaque;
427
    PVSCSIRequest *pvscsi_req;
428
    bool has_completed = false;
429

430
    while (!QTAILQ_EMPTY(&s->completion_queue)) {
431
        pvscsi_req = QTAILQ_FIRST(&s->completion_queue);
432
        QTAILQ_REMOVE(&s->completion_queue, pvscsi_req, next);
433
        pvscsi_cmp_ring_put(s, &pvscsi_req->cmp);
434
        g_free(pvscsi_req);
435
        has_completed = true;
436
    }
437

438
    if (has_completed) {
439
        pvscsi_ring_flush_cmp(&s->rings);
440
        pvscsi_raise_completion_interrupt(s);
441
    }
442
}
443

444
static void
445
pvscsi_reset_adapter(PVSCSIState *s)
446
{
447
    s->resetting++;
448
    bus_cold_reset(BUS(&s->bus));
449
    s->resetting--;
450
    pvscsi_process_completion_queue(s);
451
    assert(QTAILQ_EMPTY(&s->pending_queue));
452
    pvscsi_reset_state(s);
453
}
454

455
static void
456
pvscsi_schedule_completion_processing(PVSCSIState *s)
457
{
458
    /* Try putting more complete requests on the ring. */
459
    if (!QTAILQ_EMPTY(&s->completion_queue)) {
460
        qemu_bh_schedule(s->completion_worker);
461
    }
462
}
463

464
static void
465
pvscsi_complete_request(PVSCSIState *s, PVSCSIRequest *r)
466
{
467
    assert(!r->completed);
468

469
    trace_pvscsi_complete_request(r->cmp.context, r->cmp.dataLen,
470
                                  r->sense_key);
471
    if (r->sreq != NULL) {
472
        scsi_req_unref(r->sreq);
473
        r->sreq = NULL;
474
    }
475
    r->completed = 1;
476
    QTAILQ_REMOVE(&s->pending_queue, r, next);
477
    QTAILQ_INSERT_TAIL(&s->completion_queue, r, next);
478
    pvscsi_schedule_completion_processing(s);
479
}
480

481
static QEMUSGList *pvscsi_get_sg_list(SCSIRequest *r)
482
{
483
    PVSCSIRequest *req = r->hba_private;
484

485
    trace_pvscsi_get_sg_list(req->sgl.nsg, req->sgl.size);
486

487
    return &req->sgl;
488
}
489

490
static void
491
pvscsi_get_next_sg_elem(PVSCSISGState *sg)
492
{
493
    struct PVSCSISGElement elem;
494

495
    cpu_physical_memory_read(sg->elemAddr, &elem, sizeof(elem));
496
    if ((elem.flags & ~PVSCSI_KNOWN_FLAGS) != 0) {
497
        /*
498
            * There is PVSCSI_SGE_FLAG_CHAIN_ELEMENT flag described in
499
            * header file but its value is unknown. This flag requires
500
            * additional processing, so we put warning here to catch it
501
            * some day and make proper implementation
502
            */
503
        trace_pvscsi_get_next_sg_elem(elem.flags);
504
    }
505

506
    sg->elemAddr += sizeof(elem);
507
    sg->dataAddr = elem.addr;
508
    sg->resid = elem.length;
509
}
510

511
static void
512
pvscsi_write_sense(PVSCSIRequest *r, uint8_t *sense, int len)
513
{
514
    r->cmp.senseLen = MIN(r->req.senseLen, len);
515
    r->sense_key = sense[(sense[0] & 2) ? 1 : 2];
516
    cpu_physical_memory_write(r->req.senseAddr, sense, r->cmp.senseLen);
517
}
518

519
static void
520
pvscsi_command_failed(SCSIRequest *req)
521
{
522
    PVSCSIRequest *pvscsi_req = req->hba_private;
523
    PVSCSIState *s;
524

525
    if (!pvscsi_req) {
526
        trace_pvscsi_command_complete_not_found(req->tag);
527
        return;
528
    }
529
    s = pvscsi_req->dev;
530

531
    switch (req->host_status) {
532
    case SCSI_HOST_NO_LUN:
533
        pvscsi_req->cmp.hostStatus = BTSTAT_LUNMISMATCH;
534
        break;
535
    case SCSI_HOST_BUSY:
536
        pvscsi_req->cmp.hostStatus = BTSTAT_ABORTQUEUE;
537
        break;
538
    case SCSI_HOST_TIME_OUT:
539
    case SCSI_HOST_ABORTED:
540
        pvscsi_req->cmp.hostStatus = BTSTAT_SENTRST;
541
        break;
542
    case SCSI_HOST_BAD_RESPONSE:
543
        pvscsi_req->cmp.hostStatus = BTSTAT_SELTIMEO;
544
        break;
545
    case SCSI_HOST_RESET:
546
        pvscsi_req->cmp.hostStatus = BTSTAT_BUSRESET;
547
        break;
548
    default:
549
        pvscsi_req->cmp.hostStatus = BTSTAT_HASOFTWARE;
550
        break;
551
    }
552
    pvscsi_req->cmp.scsiStatus = GOOD;
553
    qemu_sglist_destroy(&pvscsi_req->sgl);
554
    pvscsi_complete_request(s, pvscsi_req);
555
}
556

557
static void
558
pvscsi_command_complete(SCSIRequest *req, size_t resid)
559
{
560
    PVSCSIRequest *pvscsi_req = req->hba_private;
561
    PVSCSIState *s;
562

563
    if (!pvscsi_req) {
564
        trace_pvscsi_command_complete_not_found(req->tag);
565
        return;
566
    }
567
    s = pvscsi_req->dev;
568

569
    if (resid) {
570
        /* Short transfer.  */
571
        trace_pvscsi_command_complete_data_run();
572
        pvscsi_req->cmp.hostStatus = BTSTAT_DATARUN;
573
    }
574

575
    pvscsi_req->cmp.scsiStatus = req->status;
576
    if (pvscsi_req->cmp.scsiStatus == CHECK_CONDITION) {
577
        uint8_t sense[SCSI_SENSE_BUF_SIZE];
578
        int sense_len =
579
            scsi_req_get_sense(pvscsi_req->sreq, sense, sizeof(sense));
580

581
        trace_pvscsi_command_complete_sense_len(sense_len);
582
        pvscsi_write_sense(pvscsi_req, sense, sense_len);
583
    }
584
    qemu_sglist_destroy(&pvscsi_req->sgl);
585
    pvscsi_complete_request(s, pvscsi_req);
586
}
587

588
static void
589
pvscsi_send_msg(PVSCSIState *s, SCSIDevice *dev, uint32_t msg_type)
590
{
591
    if (s->msg_ring_info_valid && pvscsi_ring_msg_has_room(&s->rings)) {
592
        PVSCSIMsgDescDevStatusChanged msg = {0};
593

594
        msg.type = msg_type;
595
        msg.bus = dev->channel;
596
        msg.target = dev->id;
597
        msg.lun[1] = dev->lun;
598

599
        pvscsi_msg_ring_put(s, (PVSCSIRingMsgDesc *)&msg);
600
        pvscsi_ring_flush_msg(&s->rings);
601
        pvscsi_raise_message_interrupt(s);
602
    }
603
}
604

605
static void
606
pvscsi_hotplug(HotplugHandler *hotplug_dev, DeviceState *dev, Error **errp)
607
{
608
    PVSCSIState *s = PVSCSI(hotplug_dev);
609

610
    pvscsi_send_msg(s, SCSI_DEVICE(dev), PVSCSI_MSG_DEV_ADDED);
611
}
612

613
static void
614
pvscsi_hot_unplug(HotplugHandler *hotplug_dev, DeviceState *dev, Error **errp)
615
{
616
    PVSCSIState *s = PVSCSI(hotplug_dev);
617

618
    pvscsi_send_msg(s, SCSI_DEVICE(dev), PVSCSI_MSG_DEV_REMOVED);
619
    qdev_simple_device_unplug_cb(hotplug_dev, dev, errp);
620
}
621

622
static void
623
pvscsi_request_cancelled(SCSIRequest *req)
624
{
625
    PVSCSIRequest *pvscsi_req = req->hba_private;
626
    PVSCSIState *s = pvscsi_req->dev;
627

628
    if (pvscsi_req->completed) {
629
        return;
630
    }
631

632
   if (pvscsi_req->dev->resetting) {
633
       pvscsi_req->cmp.hostStatus = BTSTAT_BUSRESET;
634
    } else {
635
       pvscsi_req->cmp.hostStatus = BTSTAT_ABORTQUEUE;
636
    }
637

638
    pvscsi_complete_request(s, pvscsi_req);
639
}
640

641
static SCSIDevice*
642
pvscsi_device_find(PVSCSIState *s, int channel, int target,
643
                   uint8_t *requested_lun, uint8_t *target_lun)
644
{
645
    if (requested_lun[0] || requested_lun[2] || requested_lun[3] ||
646
        requested_lun[4] || requested_lun[5] || requested_lun[6] ||
647
        requested_lun[7] || (target > PVSCSI_MAX_DEVS)) {
648
        return NULL;
649
    } else {
650
        *target_lun = requested_lun[1];
651
        return scsi_device_find(&s->bus, channel, target, *target_lun);
652
    }
653
}
654

655
static PVSCSIRequest *
656
pvscsi_queue_pending_descriptor(PVSCSIState *s, SCSIDevice **d,
657
                                struct PVSCSIRingReqDesc *descr)
658
{
659
    PVSCSIRequest *pvscsi_req;
660
    uint8_t lun;
661

662
    pvscsi_req = g_malloc0(sizeof(*pvscsi_req));
663
    pvscsi_req->dev = s;
664
    pvscsi_req->req = *descr;
665
    pvscsi_req->cmp.context = pvscsi_req->req.context;
666
    QTAILQ_INSERT_TAIL(&s->pending_queue, pvscsi_req, next);
667

668
    *d = pvscsi_device_find(s, descr->bus, descr->target, descr->lun, &lun);
669
    if (*d) {
670
        pvscsi_req->lun = lun;
671
    }
672

673
    return pvscsi_req;
674
}
675

676
static void
677
pvscsi_convert_sglist(PVSCSIRequest *r)
678
{
679
    uint32_t chunk_size, elmcnt = 0;
680
    uint64_t data_length = r->req.dataLen;
681
    PVSCSISGState sg = r->sg;
682
    while (data_length && elmcnt < PVSCSI_MAX_SG_ELEM) {
683
        while (!sg.resid && elmcnt++ < PVSCSI_MAX_SG_ELEM) {
684
            pvscsi_get_next_sg_elem(&sg);
685
            trace_pvscsi_convert_sglist(r->req.context, r->sg.dataAddr,
686
                                        r->sg.resid);
687
        }
688
        chunk_size = MIN(data_length, sg.resid);
689
        if (chunk_size) {
690
            qemu_sglist_add(&r->sgl, sg.dataAddr, chunk_size);
691
        }
692

693
        sg.dataAddr += chunk_size;
694
        data_length -= chunk_size;
695
        sg.resid -= chunk_size;
696
    }
697
}
698

699
static void
700
pvscsi_build_sglist(PVSCSIState *s, PVSCSIRequest *r)
701
{
702
    PCIDevice *d = PCI_DEVICE(s);
703

704
    pci_dma_sglist_init(&r->sgl, d, 1);
705
    if (r->req.flags & PVSCSI_FLAG_CMD_WITH_SG_LIST) {
706
        pvscsi_convert_sglist(r);
707
    } else {
708
        qemu_sglist_add(&r->sgl, r->req.dataAddr, r->req.dataLen);
709
    }
710
}
711

712
static void
713
pvscsi_process_request_descriptor(PVSCSIState *s,
714
                                  struct PVSCSIRingReqDesc *descr)
715
{
716
    SCSIDevice *d;
717
    PVSCSIRequest *r = pvscsi_queue_pending_descriptor(s, &d, descr);
718
    int64_t n;
719

720
    trace_pvscsi_process_req_descr(descr->cdb[0], descr->context);
721

722
    if (!d) {
723
        r->cmp.hostStatus = BTSTAT_SELTIMEO;
724
        trace_pvscsi_process_req_descr_unknown_device();
725
        pvscsi_complete_request(s, r);
726
        return;
727
    }
728

729
    if (descr->flags & PVSCSI_FLAG_CMD_WITH_SG_LIST) {
730
        r->sg.elemAddr = descr->dataAddr;
731
    }
732

733
    r->sreq = scsi_req_new(d, descr->context, r->lun, descr->cdb, descr->cdbLen, r);
734
    if (r->sreq->cmd.mode == SCSI_XFER_FROM_DEV &&
735
        (descr->flags & PVSCSI_FLAG_CMD_DIR_TODEVICE)) {
736
        r->cmp.hostStatus = BTSTAT_BADMSG;
737
        trace_pvscsi_process_req_descr_invalid_dir();
738
        scsi_req_cancel(r->sreq);
739
        return;
740
    }
741
    if (r->sreq->cmd.mode == SCSI_XFER_TO_DEV &&
742
        (descr->flags & PVSCSI_FLAG_CMD_DIR_TOHOST)) {
743
        r->cmp.hostStatus = BTSTAT_BADMSG;
744
        trace_pvscsi_process_req_descr_invalid_dir();
745
        scsi_req_cancel(r->sreq);
746
        return;
747
    }
748

749
    pvscsi_build_sglist(s, r);
750
    n = scsi_req_enqueue(r->sreq);
751

752
    if (n) {
753
        scsi_req_continue(r->sreq);
754
    }
755
}
756

757
static void
758
pvscsi_process_io(PVSCSIState *s)
759
{
760
    PVSCSIRingReqDesc descr;
761
    hwaddr next_descr_pa;
762

763
    if (!s->rings_info_valid) {
764
        return;
765
    }
766

767
    while ((next_descr_pa = pvscsi_ring_pop_req_descr(&s->rings)) != 0) {
768

769
        /* Only read after production index verification */
770
        smp_rmb();
771

772
        trace_pvscsi_process_io(next_descr_pa);
773
        cpu_physical_memory_read(next_descr_pa, &descr, sizeof(descr));
774
        pvscsi_process_request_descriptor(s, &descr);
775
    }
776

777
    pvscsi_ring_flush_req(&s->rings);
778
}
779

780
static void
781
pvscsi_dbg_dump_tx_rings_config(PVSCSICmdDescSetupRings *rc)
782
{
783
    int i;
784
    trace_pvscsi_tx_rings_ppn("Rings State", rc->ringsStatePPN);
785

786
    trace_pvscsi_tx_rings_num_pages("Request Ring", rc->reqRingNumPages);
787
    for (i = 0; i < rc->reqRingNumPages; i++) {
788
        trace_pvscsi_tx_rings_ppn("Request Ring", rc->reqRingPPNs[i]);
789
    }
790

791
    trace_pvscsi_tx_rings_num_pages("Confirm Ring", rc->cmpRingNumPages);
792
    for (i = 0; i < rc->cmpRingNumPages; i++) {
793
        trace_pvscsi_tx_rings_ppn("Confirm Ring", rc->cmpRingPPNs[i]);
794
    }
795
}
796

797
static uint64_t
798
pvscsi_on_cmd_config(PVSCSIState *s)
799
{
800
    trace_pvscsi_on_cmd_noimpl("PVSCSI_CMD_CONFIG");
801
    return PVSCSI_COMMAND_PROCESSING_FAILED;
802
}
803

804
static uint64_t
805
pvscsi_on_cmd_unplug(PVSCSIState *s)
806
{
807
    trace_pvscsi_on_cmd_noimpl("PVSCSI_CMD_DEVICE_UNPLUG");
808
    return PVSCSI_COMMAND_PROCESSING_FAILED;
809
}
810

811
static uint64_t
812
pvscsi_on_issue_scsi(PVSCSIState *s)
813
{
814
    trace_pvscsi_on_cmd_noimpl("PVSCSI_CMD_ISSUE_SCSI");
815
    return PVSCSI_COMMAND_PROCESSING_FAILED;
816
}
817

818
static uint64_t
819
pvscsi_on_cmd_setup_rings(PVSCSIState *s)
820
{
821
    PVSCSICmdDescSetupRings *rc =
822
        (PVSCSICmdDescSetupRings *) s->curr_cmd_data;
823

824
    trace_pvscsi_on_cmd_arrived("PVSCSI_CMD_SETUP_RINGS");
825

826
    if (!rc->reqRingNumPages
827
        || rc->reqRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES
828
        || !rc->cmpRingNumPages
829
        || rc->cmpRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES) {
830
        return PVSCSI_COMMAND_PROCESSING_FAILED;
831
    }
832

833
    pvscsi_dbg_dump_tx_rings_config(rc);
834
    pvscsi_ring_init_data(&s->rings, rc);
835

836
    s->rings_info_valid = TRUE;
837
    return PVSCSI_COMMAND_PROCESSING_SUCCEEDED;
838
}
839

840
static uint64_t
841
pvscsi_on_cmd_abort(PVSCSIState *s)
842
{
843
    PVSCSICmdDescAbortCmd *cmd = (PVSCSICmdDescAbortCmd *) s->curr_cmd_data;
844
    PVSCSIRequest *r, *next;
845

846
    trace_pvscsi_on_cmd_abort(cmd->context, cmd->target);
847

848
    QTAILQ_FOREACH_SAFE(r, &s->pending_queue, next, next) {
849
        if (r->req.context == cmd->context) {
850
            break;
851
        }
852
    }
853
    if (r) {
854
        assert(!r->completed);
855
        r->cmp.hostStatus = BTSTAT_ABORTQUEUE;
856
        scsi_req_cancel(r->sreq);
857
    }
858

859
    return PVSCSI_COMMAND_PROCESSING_SUCCEEDED;
860
}
861

862
static uint64_t
863
pvscsi_on_cmd_unknown(PVSCSIState *s)
864
{
865
    trace_pvscsi_on_cmd_unknown_data(s->curr_cmd_data[0]);
866
    return PVSCSI_COMMAND_PROCESSING_FAILED;
867
}
868

869
static uint64_t
870
pvscsi_on_cmd_reset_device(PVSCSIState *s)
871
{
872
    uint8_t target_lun = 0;
873
    struct PVSCSICmdDescResetDevice *cmd =
874
        (struct PVSCSICmdDescResetDevice *) s->curr_cmd_data;
875
    SCSIDevice *sdev;
876

877
    sdev = pvscsi_device_find(s, 0, cmd->target, cmd->lun, &target_lun);
878

879
    trace_pvscsi_on_cmd_reset_dev(cmd->target, (int) target_lun, sdev);
880

881
    if (sdev != NULL) {
882
        s->resetting++;
883
        device_cold_reset(&sdev->qdev);
884
        s->resetting--;
885
        return PVSCSI_COMMAND_PROCESSING_SUCCEEDED;
886
    }
887

888
    return PVSCSI_COMMAND_PROCESSING_FAILED;
889
}
890

891
static uint64_t
892
pvscsi_on_cmd_reset_bus(PVSCSIState *s)
893
{
894
    trace_pvscsi_on_cmd_arrived("PVSCSI_CMD_RESET_BUS");
895

896
    s->resetting++;
897
    bus_cold_reset(BUS(&s->bus));
898
    s->resetting--;
899
    return PVSCSI_COMMAND_PROCESSING_SUCCEEDED;
900
}
901

902
static uint64_t
903
pvscsi_on_cmd_setup_msg_ring(PVSCSIState *s)
904
{
905
    PVSCSICmdDescSetupMsgRing *rc =
906
        (PVSCSICmdDescSetupMsgRing *) s->curr_cmd_data;
907

908
    trace_pvscsi_on_cmd_arrived("PVSCSI_CMD_SETUP_MSG_RING");
909

910
    if (!s->use_msg) {
911
        return PVSCSI_COMMAND_PROCESSING_FAILED;
912
    }
913

914
    if (s->rings_info_valid) {
915
        if (pvscsi_ring_init_msg(&s->rings, rc) < 0) {
916
            return PVSCSI_COMMAND_PROCESSING_FAILED;
917
        }
918
        s->msg_ring_info_valid = TRUE;
919
    }
920
    return sizeof(PVSCSICmdDescSetupMsgRing) / sizeof(uint32_t);
921
}
922

923
static uint64_t
924
pvscsi_on_cmd_adapter_reset(PVSCSIState *s)
925
{
926
    trace_pvscsi_on_cmd_arrived("PVSCSI_CMD_ADAPTER_RESET");
927

928
    pvscsi_reset_adapter(s);
929
    return PVSCSI_COMMAND_PROCESSING_SUCCEEDED;
930
}
931

932
static const struct {
933
    int       data_size;
934
    uint64_t  (*handler_fn)(PVSCSIState *s);
935
} pvscsi_commands[] = {
936
    [PVSCSI_CMD_FIRST] = {
937
        .data_size = 0,
938
        .handler_fn = pvscsi_on_cmd_unknown,
939
    },
940

941
    /* Not implemented, data size defined based on what arrives on windows */
942
    [PVSCSI_CMD_CONFIG] = {
943
        .data_size = 6 * sizeof(uint32_t),
944
        .handler_fn = pvscsi_on_cmd_config,
945
    },
946

947
    /* Command not implemented, data size is unknown */
948
    [PVSCSI_CMD_ISSUE_SCSI] = {
949
        .data_size = 0,
950
        .handler_fn = pvscsi_on_issue_scsi,
951
    },
952

953
    /* Command not implemented, data size is unknown */
954
    [PVSCSI_CMD_DEVICE_UNPLUG] = {
955
        .data_size = 0,
956
        .handler_fn = pvscsi_on_cmd_unplug,
957
    },
958

959
    [PVSCSI_CMD_SETUP_RINGS] = {
960
        .data_size = sizeof(PVSCSICmdDescSetupRings),
961
        .handler_fn = pvscsi_on_cmd_setup_rings,
962
    },
963

964
    [PVSCSI_CMD_RESET_DEVICE] = {
965
        .data_size = sizeof(struct PVSCSICmdDescResetDevice),
966
        .handler_fn = pvscsi_on_cmd_reset_device,
967
    },
968

969
    [PVSCSI_CMD_RESET_BUS] = {
970
        .data_size = 0,
971
        .handler_fn = pvscsi_on_cmd_reset_bus,
972
    },
973

974
    [PVSCSI_CMD_SETUP_MSG_RING] = {
975
        .data_size = sizeof(PVSCSICmdDescSetupMsgRing),
976
        .handler_fn = pvscsi_on_cmd_setup_msg_ring,
977
    },
978

979
    [PVSCSI_CMD_ADAPTER_RESET] = {
980
        .data_size = 0,
981
        .handler_fn = pvscsi_on_cmd_adapter_reset,
982
    },
983

984
    [PVSCSI_CMD_ABORT_CMD] = {
985
        .data_size = sizeof(struct PVSCSICmdDescAbortCmd),
986
        .handler_fn = pvscsi_on_cmd_abort,
987
    },
988
};
989

990
static void
991
pvscsi_do_command_processing(PVSCSIState *s)
992
{
993
    size_t bytes_arrived = s->curr_cmd_data_cntr * sizeof(uint32_t);
994

995
    assert(s->curr_cmd < PVSCSI_CMD_LAST);
996
    if (bytes_arrived >= pvscsi_commands[s->curr_cmd].data_size) {
997
        s->reg_command_status = pvscsi_commands[s->curr_cmd].handler_fn(s);
998
        s->curr_cmd = PVSCSI_CMD_FIRST;
999
        s->curr_cmd_data_cntr   = 0;
1000
    }
1001
}
1002

1003
static void
1004
pvscsi_on_command_data(PVSCSIState *s, uint32_t value)
1005
{
1006
    size_t bytes_arrived = s->curr_cmd_data_cntr * sizeof(uint32_t);
1007

1008
    assert(bytes_arrived < sizeof(s->curr_cmd_data));
1009
    s->curr_cmd_data[s->curr_cmd_data_cntr++] = value;
1010

1011
    pvscsi_do_command_processing(s);
1012
}
1013

1014
static void
1015
pvscsi_on_command(PVSCSIState *s, uint64_t cmd_id)
1016
{
1017
    if ((cmd_id > PVSCSI_CMD_FIRST) && (cmd_id < PVSCSI_CMD_LAST)) {
1018
        s->curr_cmd = cmd_id;
1019
    } else {
1020
        s->curr_cmd = PVSCSI_CMD_FIRST;
1021
        trace_pvscsi_on_cmd_unknown(cmd_id);
1022
    }
1023

1024
    s->curr_cmd_data_cntr = 0;
1025
    s->reg_command_status = PVSCSI_COMMAND_NOT_ENOUGH_DATA;
1026

1027
    pvscsi_do_command_processing(s);
1028
}
1029

1030
static void
1031
pvscsi_io_write(void *opaque, hwaddr addr,
1032
                uint64_t val, unsigned size)
1033
{
1034
    PVSCSIState *s = opaque;
1035

1036
    switch (addr) {
1037
    case PVSCSI_REG_OFFSET_COMMAND:
1038
        pvscsi_on_command(s, val);
1039
        break;
1040

1041
    case PVSCSI_REG_OFFSET_COMMAND_DATA:
1042
        pvscsi_on_command_data(s, (uint32_t) val);
1043
        break;
1044

1045
    case PVSCSI_REG_OFFSET_INTR_STATUS:
1046
        trace_pvscsi_io_write("PVSCSI_REG_OFFSET_INTR_STATUS", val);
1047
        s->reg_interrupt_status &= ~val;
1048
        pvscsi_update_irq_status(s);
1049
        pvscsi_schedule_completion_processing(s);
1050
        break;
1051

1052
    case PVSCSI_REG_OFFSET_INTR_MASK:
1053
        trace_pvscsi_io_write("PVSCSI_REG_OFFSET_INTR_MASK", val);
1054
        s->reg_interrupt_enabled = val;
1055
        pvscsi_update_irq_status(s);
1056
        break;
1057

1058
    case PVSCSI_REG_OFFSET_KICK_NON_RW_IO:
1059
        trace_pvscsi_io_write("PVSCSI_REG_OFFSET_KICK_NON_RW_IO", val);
1060
        pvscsi_process_io(s);
1061
        break;
1062

1063
    case PVSCSI_REG_OFFSET_KICK_RW_IO:
1064
        trace_pvscsi_io_write("PVSCSI_REG_OFFSET_KICK_RW_IO", val);
1065
        pvscsi_process_io(s);
1066
        break;
1067

1068
    case PVSCSI_REG_OFFSET_DEBUG:
1069
        trace_pvscsi_io_write("PVSCSI_REG_OFFSET_DEBUG", val);
1070
        break;
1071

1072
    default:
1073
        trace_pvscsi_io_write_unknown(addr, size, val);
1074
        break;
1075
    }
1076

1077
}
1078

1079
static uint64_t
1080
pvscsi_io_read(void *opaque, hwaddr addr, unsigned size)
1081
{
1082
    PVSCSIState *s = opaque;
1083

1084
    switch (addr) {
1085
    case PVSCSI_REG_OFFSET_INTR_STATUS:
1086
        trace_pvscsi_io_read("PVSCSI_REG_OFFSET_INTR_STATUS",
1087
                             s->reg_interrupt_status);
1088
        return s->reg_interrupt_status;
1089

1090
    case PVSCSI_REG_OFFSET_INTR_MASK:
1091
        trace_pvscsi_io_read("PVSCSI_REG_OFFSET_INTR_MASK",
1092
                             s->reg_interrupt_status);
1093
        return s->reg_interrupt_enabled;
1094

1095
    case PVSCSI_REG_OFFSET_COMMAND_STATUS:
1096
        trace_pvscsi_io_read("PVSCSI_REG_OFFSET_COMMAND_STATUS",
1097
                             s->reg_interrupt_status);
1098
        return s->reg_command_status;
1099

1100
    default:
1101
        trace_pvscsi_io_read_unknown(addr, size);
1102
        return 0;
1103
    }
1104
}
1105

1106

1107
static void
1108
pvscsi_init_msi(PVSCSIState *s)
1109
{
1110
    int res;
1111
    PCIDevice *d = PCI_DEVICE(s);
1112

1113
    res = msi_init(d, PVSCSI_MSI_OFFSET(s), PVSCSI_MSIX_NUM_VECTORS,
1114
                   PVSCSI_USE_64BIT, PVSCSI_PER_VECTOR_MASK, NULL);
1115
    if (res < 0) {
1116
        trace_pvscsi_init_msi_fail(res);
1117
        s->msi_used = false;
1118
    } else {
1119
        s->msi_used = true;
1120
    }
1121
}
1122

1123
static void
1124
pvscsi_cleanup_msi(PVSCSIState *s)
1125
{
1126
    PCIDevice *d = PCI_DEVICE(s);
1127

1128
    msi_uninit(d);
1129
}
1130

1131
static const MemoryRegionOps pvscsi_ops = {
1132
        .read = pvscsi_io_read,
1133
        .write = pvscsi_io_write,
1134
        .endianness = DEVICE_LITTLE_ENDIAN,
1135
        .impl = {
1136
                .min_access_size = 4,
1137
                .max_access_size = 4,
1138
        },
1139
};
1140

1141
static const struct SCSIBusInfo pvscsi_scsi_info = {
1142
        .tcq = true,
1143
        .max_target = PVSCSI_MAX_DEVS,
1144
        .max_channel = 0,
1145
        .max_lun = 0,
1146

1147
        .get_sg_list = pvscsi_get_sg_list,
1148
        .complete = pvscsi_command_complete,
1149
        .cancel = pvscsi_request_cancelled,
1150
        .fail = pvscsi_command_failed,
1151
};
1152

1153
static void
1154
pvscsi_realizefn(PCIDevice *pci_dev, Error **errp)
1155
{
1156
    PVSCSIState *s = PVSCSI(pci_dev);
1157

1158
    trace_pvscsi_state("init");
1159

1160
    /* PCI subsystem ID, subsystem vendor ID, revision */
1161
    if (PVSCSI_USE_OLD_PCI_CONFIGURATION(s)) {
1162
        pci_set_word(pci_dev->config + PCI_SUBSYSTEM_ID, 0x1000);
1163
    } else {
1164
        pci_set_word(pci_dev->config + PCI_SUBSYSTEM_VENDOR_ID,
1165
                     PCI_VENDOR_ID_VMWARE);
1166
        pci_set_word(pci_dev->config + PCI_SUBSYSTEM_ID,
1167
                     PCI_DEVICE_ID_VMWARE_PVSCSI);
1168
        pci_config_set_revision(pci_dev->config, 0x2);
1169
    }
1170

1171
    /* PCI latency timer = 255 */
1172
    pci_dev->config[PCI_LATENCY_TIMER] = 0xff;
1173

1174
    /* Interrupt pin A */
1175
    pci_config_set_interrupt_pin(pci_dev->config, 1);
1176

1177
    memory_region_init_io(&s->io_space, OBJECT(s), &pvscsi_ops, s,
1178
                          "pvscsi-io", PVSCSI_MEM_SPACE_SIZE);
1179
    pci_register_bar(pci_dev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->io_space);
1180

1181
    pvscsi_init_msi(s);
1182

1183
    if (pci_is_express(pci_dev) && pci_bus_is_express(pci_get_bus(pci_dev))) {
1184
        pcie_endpoint_cap_init(pci_dev, PVSCSI_EXP_EP_OFFSET);
1185
    }
1186

1187
    s->completion_worker = qemu_bh_new_guarded(pvscsi_process_completion_queue, s,
1188
                                               &DEVICE(pci_dev)->mem_reentrancy_guard);
1189

1190
    scsi_bus_init(&s->bus, sizeof(s->bus), DEVICE(pci_dev), &pvscsi_scsi_info);
1191
    /* override default SCSI bus hotplug-handler, with pvscsi's one */
1192
    qbus_set_hotplug_handler(BUS(&s->bus), OBJECT(s));
1193
    pvscsi_reset_state(s);
1194
}
1195

1196
static void
1197
pvscsi_uninit(PCIDevice *pci_dev)
1198
{
1199
    PVSCSIState *s = PVSCSI(pci_dev);
1200

1201
    trace_pvscsi_state("uninit");
1202
    qemu_bh_delete(s->completion_worker);
1203

1204
    pvscsi_cleanup_msi(s);
1205
}
1206

1207
static void
1208
pvscsi_reset(DeviceState *dev)
1209
{
1210
    PCIDevice *d = PCI_DEVICE(dev);
1211
    PVSCSIState *s = PVSCSI(d);
1212

1213
    trace_pvscsi_state("reset");
1214
    pvscsi_reset_adapter(s);
1215
}
1216

1217
static int
1218
pvscsi_pre_save(void *opaque)
1219
{
1220
    PVSCSIState *s = (PVSCSIState *) opaque;
1221

1222
    trace_pvscsi_state("presave");
1223

1224
    assert(QTAILQ_EMPTY(&s->pending_queue));
1225
    assert(QTAILQ_EMPTY(&s->completion_queue));
1226

1227
    return 0;
1228
}
1229

1230
static int
1231
pvscsi_post_load(void *opaque, int version_id)
1232
{
1233
    trace_pvscsi_state("postload");
1234
    return 0;
1235
}
1236

1237
static bool pvscsi_vmstate_need_pcie_device(void *opaque)
1238
{
1239
    PVSCSIState *s = PVSCSI(opaque);
1240

1241
    return !(s->compat_flags & PVSCSI_COMPAT_DISABLE_PCIE);
1242
}
1243

1244
static bool pvscsi_vmstate_test_pci_device(void *opaque, int version_id)
1245
{
1246
    return !pvscsi_vmstate_need_pcie_device(opaque);
1247
}
1248

1249
static const VMStateDescription vmstate_pvscsi_pcie_device = {
1250
    .name = "pvscsi/pcie",
1251
    .needed = pvscsi_vmstate_need_pcie_device,
1252
    .fields = (const VMStateField[]) {
1253
        VMSTATE_PCI_DEVICE(parent_obj, PVSCSIState),
1254
        VMSTATE_END_OF_LIST()
1255
    }
1256
};
1257

1258
static const VMStateDescription vmstate_pvscsi = {
1259
    .name = "pvscsi",
1260
    .version_id = 0,
1261
    .minimum_version_id = 0,
1262
    .pre_save = pvscsi_pre_save,
1263
    .post_load = pvscsi_post_load,
1264
    .fields = (const VMStateField[]) {
1265
        VMSTATE_STRUCT_TEST(parent_obj, PVSCSIState,
1266
                            pvscsi_vmstate_test_pci_device, 0,
1267
                            vmstate_pci_device, PCIDevice),
1268
        VMSTATE_UINT8(msi_used, PVSCSIState),
1269
        VMSTATE_UINT32(resetting, PVSCSIState),
1270
        VMSTATE_UINT64(reg_interrupt_status, PVSCSIState),
1271
        VMSTATE_UINT64(reg_interrupt_enabled, PVSCSIState),
1272
        VMSTATE_UINT64(reg_command_status, PVSCSIState),
1273
        VMSTATE_UINT64(curr_cmd, PVSCSIState),
1274
        VMSTATE_UINT32(curr_cmd_data_cntr, PVSCSIState),
1275
        VMSTATE_UINT32_ARRAY(curr_cmd_data, PVSCSIState,
1276
                             ARRAY_SIZE(((PVSCSIState *)NULL)->curr_cmd_data)),
1277
        VMSTATE_UINT8(rings_info_valid, PVSCSIState),
1278
        VMSTATE_UINT8(msg_ring_info_valid, PVSCSIState),
1279
        VMSTATE_UINT8(use_msg, PVSCSIState),
1280

1281
        VMSTATE_UINT64(rings.rs_pa, PVSCSIState),
1282
        VMSTATE_UINT32(rings.txr_len_mask, PVSCSIState),
1283
        VMSTATE_UINT32(rings.rxr_len_mask, PVSCSIState),
1284
        VMSTATE_UINT64_ARRAY(rings.req_ring_pages_pa, PVSCSIState,
1285
                             PVSCSI_SETUP_RINGS_MAX_NUM_PAGES),
1286
        VMSTATE_UINT64_ARRAY(rings.cmp_ring_pages_pa, PVSCSIState,
1287
                             PVSCSI_SETUP_RINGS_MAX_NUM_PAGES),
1288
        VMSTATE_UINT64(rings.consumed_ptr, PVSCSIState),
1289
        VMSTATE_UINT64(rings.filled_cmp_ptr, PVSCSIState),
1290

1291
        VMSTATE_END_OF_LIST()
1292
    },
1293
    .subsections = (const VMStateDescription * const []) {
1294
        &vmstate_pvscsi_pcie_device,
1295
        NULL
1296
    }
1297
};
1298

1299
static Property pvscsi_properties[] = {
1300
    DEFINE_PROP_UINT8("use_msg", PVSCSIState, use_msg, 1),
1301
    DEFINE_PROP_BIT("x-old-pci-configuration", PVSCSIState, compat_flags,
1302
                    PVSCSI_COMPAT_OLD_PCI_CONFIGURATION_BIT, false),
1303
    DEFINE_PROP_BIT("x-disable-pcie", PVSCSIState, compat_flags,
1304
                    PVSCSI_COMPAT_DISABLE_PCIE_BIT, false),
1305
    DEFINE_PROP_END_OF_LIST(),
1306
};
1307

1308
static void pvscsi_realize(DeviceState *qdev, Error **errp)
1309
{
1310
    PVSCSIClass *pvs_c = PVSCSI_GET_CLASS(qdev);
1311
    PCIDevice *pci_dev = PCI_DEVICE(qdev);
1312
    PVSCSIState *s = PVSCSI(qdev);
1313

1314
    if (!(s->compat_flags & PVSCSI_COMPAT_DISABLE_PCIE)) {
1315
        pci_dev->cap_present |= QEMU_PCI_CAP_EXPRESS;
1316
    }
1317

1318
    pvs_c->parent_dc_realize(qdev, errp);
1319
}
1320

1321
static void pvscsi_class_init(ObjectClass *klass, void *data)
1322
{
1323
    DeviceClass *dc = DEVICE_CLASS(klass);
1324
    PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
1325
    PVSCSIClass *pvs_k = PVSCSI_CLASS(klass);
1326
    HotplugHandlerClass *hc = HOTPLUG_HANDLER_CLASS(klass);
1327

1328
    k->realize = pvscsi_realizefn;
1329
    k->exit = pvscsi_uninit;
1330
    k->vendor_id = PCI_VENDOR_ID_VMWARE;
1331
    k->device_id = PCI_DEVICE_ID_VMWARE_PVSCSI;
1332
    k->class_id = PCI_CLASS_STORAGE_SCSI;
1333
    k->subsystem_id = 0x1000;
1334
    device_class_set_parent_realize(dc, pvscsi_realize,
1335
                                    &pvs_k->parent_dc_realize);
1336
    dc->reset = pvscsi_reset;
1337
    dc->vmsd = &vmstate_pvscsi;
1338
    device_class_set_props(dc, pvscsi_properties);
1339
    set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
1340
    hc->unplug = pvscsi_hot_unplug;
1341
    hc->plug = pvscsi_hotplug;
1342
}
1343

1344
static const TypeInfo pvscsi_info = {
1345
    .name          = TYPE_PVSCSI,
1346
    .parent        = TYPE_PCI_DEVICE,
1347
    .class_size    = sizeof(PVSCSIClass),
1348
    .instance_size = sizeof(PVSCSIState),
1349
    .class_init    = pvscsi_class_init,
1350
    .interfaces = (InterfaceInfo[]) {
1351
        { TYPE_HOTPLUG_HANDLER },
1352
        { INTERFACE_PCIE_DEVICE },
1353
        { INTERFACE_CONVENTIONAL_PCI_DEVICE },
1354
        { }
1355
    }
1356
};
1357

1358
static void
1359
pvscsi_register_types(void)
1360
{
1361
    type_register_static(&pvscsi_info);
1362
}
1363

1364
type_init(pvscsi_register_types);
1365