- 10 8月, 2012 1 次提交
-
-
由 Blue Swirl 提交于
LOAD_UNLOAD and START_STOP have same value, so the table entry is initialized twice. Spotted by Clang compiler. Remove LOAD_UNLOAD entry since START_STOP entry already represents both. Reviewed-by: NMarkus Armbruster <armbru@redhat.com> Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>
-
- 04 8月, 2012 1 次提交
-
-
由 Cong Meng 提交于
Correct the command names of opcode 0x85 and 0xa1, and calculate their xfer size from CDB. Signed-off-by: NCong Meng <mc@linux.vnet.ibm.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
- 03 8月, 2012 1 次提交
-
-
由 Ronnie Sahlberg 提交于
Change the sense codes for failures to eject a device that is locked by PREVENT_ALLOW_MEDIUM_REMOVAL from the generic MEDIA_LOAD_OR_EJECT_FAILED to the more specific MEDIUM_REMOVAL_PREVENTED. The second sense code is more accurate, and is also listed in MMC annex F for the recommended sense codes for MMC devices while the first sense code is not. Signed-off-by: NRonnie Sahlberg <ronniesahlberg@gmail.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
- 27 7月, 2012 5 次提交
-
-
由 Paolo Bonzini 提交于
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
Linux will not use these, but a very similar mechanism will be used to report the condition via virtio-scsi events. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
When a device is resized, we will report a unit attention condition for CAPACITY DATA HAS CHANGED. However, we should ensure that this condition does not override a more important unit attention condition. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Cong Meng 提交于
Add two interfaces hotplug() and hot_unplug() to scsi bus info. The scsi bus can implement these two interfaces to signal the HBA driver of guest kernel to add/remove the scsi device in question. Signed-off-by: NSen Wang <senwang@linux.vnet.ibm.com> Signed-off-by: NCong Meng <mc@linux.vnet.ibm.com> [ Fixed braces and indentation - Paolo ] Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
- 26 7月, 2012 2 次提交
-
-
由 Ronnie Sahlberg 提交于
Add sense code for DATA_PROTECT/WRITE_PROTECTED and return this error for any WRITE*/WRITE_VERIFY* calls if the device is readonly=on, i.e. write-protected Signed-off-by: NRonnie Sahlberg <ronniesahlberg@gmail.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
This adds the bulk of the parsing code for MODE SELECT, including breaking out changes to different mode pages, and checking that only changeable values are modified. In order to report errors correctly two passes are made through the parameters; the first only looks for errors, the second actually applies the changes to the mode page. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
- 10 7月, 2012 1 次提交
-
-
由 Paolo Bonzini 提交于
Most device models have a simple lifecycle for the hba_private field and they can free it when a request is completed or cancelled. However, in some cases it may be simpler to tie the lifetime of hba_private to that of the included SCSIRequest. This patch adds a free_request callback to SCSIBusInfo that lets an HBA device model do exactly that. Normally, device models use req->hba_private == NULL to flag requests that have been completed already. Device models that use free_request will still need to track this using a flag. This is the reason why "converting" existing HBAs to use free_request adds complexity and makes little sense. It is simply an additional convenience that is provided by the SCSI layer. USB-attached storage will be the first user. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com> Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
-
- 02 7月, 2012 5 次提交
-
-
由 Christian Hoff 提交于
The transfer length depends on the specific service action code, as defined in the SCSI stream commands spec section 7.7. Up to now only the extended form was supported. Signed-off-by: NChristian Hoff <christian.hoff@de.ibm.com> Signed-off-by: NChristian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Christian Hoff 提交于
This adds basic support for SCSI media changer commands. Not all commands are supported as of now, but enough to cover basic functionality. Signed-off-by: NChristian Hoff <christian.hoff@de.ibm.com> Signed-off-by: NChristian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
scsi-generic relies on those values to be correct, so it is important that those values are initialized properly for all device types. Reported-by: NChristian Hoff <christian.hoff@de.ibm.com> Reported-by: NChristian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Christian Hoff 提交于
Change operation code of LOAD_UNLOAD command to 0x1b as described in section 7.3 of the SCSI Stream Commands spec. Signed-off-by: NChristian Hoff <christian.hoff@de.ibm.com> Signed-off-by: NChristian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Christian Hoff 提交于
Fix the edge case where the sense data length is exactly the same as SCSI_SENSE_BUF_SIZE. This makes SCSI requests work that use all of the available 95 byte sense data. Signed-off-by: NChristian Hoff <christian.hoff@de.ibm.com> Signed-off-by: NChristian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
- 20 6月, 2012 1 次提交
-
-
由 Crístian Viana 提交于
QEMU exposes its version to the guest's hardware and in some cases that is wrong (e.g. Windows prints messages about driver updates when you switch the QEMU version). There is a new field now on the struct QEmuMachine, hw_version, which may contain the version that the specific machine should report. If that field is set, then that machine will report that version to the guest. Signed-off-by: NCrístian Viana <vianac@linux.vnet.ibm.com> Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
-
- 18 6月, 2012 7 次提交
-
-
由 Paolo Bonzini 提交于
Avoids duplicated error_set(). Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com> [AF: Also drop error_set() in object_property_del().] Signed-off-by: NAndreas Färber <afaerber@suse.de>
-
由 Paolo Bonzini 提交于
Can be replaced everywhere with object_property_find(). Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com> Signed-off-by: NAndreas Färber <afaerber@suse.de>
-
由 Anthony Liguori 提交于
Make qbus children show up as link<> properties. There is no stable addressing for qbus children so we use an unstable naming convention. This is okay in QOM though because the composition name is expected to be what's stable. Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com> Signed-off-by: NAndreas Färber <afaerber@suse.de>
-
由 Anthony Liguori 提交于
This is far less interesting than it sounds. We simply add an Object to each BusState and then register the types appropriately. Most of the interesting refactoring will follow in the next patches. Since we're changing fundamental type names (BusInfo -> BusClass), it all needs to convert at once. Fortunately, not a lot of code is affected. Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com> [AF: Made all new bus TypeInfos static const.] [AF: Made qbus_free() call object_delete(), required {qom,glib}_allocated] Signed-off-by: NAndreas Färber <afaerber@suse.de>
-
由 Anthony Liguori 提交于
This makes it easier to remove it from BusInfo. Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com> [AF: Drop now unnecessary NULL initialization in scsibus_get_dev_path()] Signed-off-by: NAndreas Färber <afaerber@suse.de>
-
由 Paolo Bonzini 提交于
In qdev, each bus in practice identified an abstract superclass, but this was mostly hidden. In QOM, instead, these abstract classes are explicit so we can move bus properties there. All bus property walks are removed, and all device property walks are changed to look along the class hierarchy instead. We would have duplicates if class A defines some properties and its subclass B does not define any, because class_b->props will be left equal to class_a->props. The solution here is to reintroduce the class_base_init TypeInfo callback, that was present in one of the early QOM versions but removed (on my request...) before committing. This breaks global bus properties, an obscure feature when used with the command-line which is actually useful and used when used by backwards-compatible machine types. So this patch also adjusts the global bus properties in hw/pc_piix.c to refer to the abstract class. Globals and other properties must be modified in the same patch to avoid complications related to initialization ordering. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com> Signed-off-by: NAndreas Färber <afaerber@suse.de>
-
由 Paolo Bonzini 提交于
Simple code movement in order to simplify future refactoring. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com> Signed-off-by: NAndreas Färber <afaerber@suse.de>
-
- 07 6月, 2012 1 次提交
-
-
由 Gerd Hoffmann 提交于
usb-storage can't handle requests in one go as the data transfer can be splitted into lots of usb packets. Because of that there can be normal in-flight requests at savevm time and we need to handle that. With other scsi hba's this happens only in case i/o is stopped due to errors and there are pending requests which need to be restarted (req->retry = true). So, first we need to save req->retry and then handle the req->retry = false case. Write requests are handled fine already. For read requests we have to save the buffer as we will not restart the request (and thus not refill the buffer) on the target host. Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: NGerd Hoffmann <kraxel@redhat.com>
-
- 25 5月, 2012 1 次提交
-
-
由 Jim Meyering 提交于
Signed-off-by: NJim Meyering <meyering@redhat.com>
-
- 07 5月, 2012 6 次提交
-
-
由 Stefan Weil 提交于
The QEMU emulation which is currently used with Raspberry PI images (qemu-system-arm -M versatilepb ...) accesses memory which was freed. Valgrind output (extract): ==17857== Invalid write of size 4 ==17857== at 0x24EB06: scsi_req_unref (scsi-bus.c:1273) ==17857== by 0x24FFAE: scsi_read_complete (scsi-disk.c:277) ==17857== by 0x152ACC: bdrv_co_em_bh (block.c:3363) ==17857== by 0x13D49C: qemu_bh_poll (async.c:71) ==17857== by 0x211A8C: main_loop_wait (main-loop.c:503) ==17857== by 0x207954: main_loop (vl.c:1555) ==17857== by 0x20E9C9: main (vl.c:3653) ==17857== Address 0x1c54383c is 12 bytes inside a block of size 260 free'd ==17857== at 0x4824B3A: free (vg_replace_malloc.c:366) ==17857== by 0x20ADFA: free_and_trace (vl.c:2250) ==17857== by 0x4899FC5: g_free (in /lib/libglib-2.0.so.0.2400.1) ==17857== by 0x24EB3B: scsi_req_unref (scsi-bus.c:1277) ==17857== by 0x24F003: scsi_req_complete (scsi-bus.c:1383) ==17857== by 0x25022A: scsi_read_data (scsi-disk.c:334) ==17857== by 0x24EB9F: scsi_req_continue (scsi-bus.c:1289) ==17857== by 0x1C7787: lsi_do_dma (lsi53c895a.c:575) ==17857== by 0x1C8CDA: lsi_execute_script (lsi53c895a.c:1147) ==17857== by 0x1C74EA: lsi_resume_script (lsi53c895a.c:510) ==17857== by 0x1C7ECD: lsi_transfer_data (lsi53c895a.c:746) ==17857== by 0x24EC90: scsi_req_data (scsi-bus.c:1307) (There are some more similar messages.) This patch adds an assertion which also detects those errors: Calling scsi_req_unref is not allowed when the previous call of that function has decremented refcount to 0, because in this case req was freed. Signed-off-by: NStefan Weil <sw@weilnetz.de> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
The INFORMATION field (bytes 3..6) is never set by QEMU, so the VALID bit must be 0. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
The requirements on the REQUEST SENSE buffer size are not in my copy of SPC (SPC-4 r27) and not observed by LIO. Rip them out. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
The requirements on the INQUIRY buffer size are not in my copy of SPC (SPC-4 r27) and not observed by LIO. Rip them out. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
The transfer length for these commands is different from the transfer length of the corresponding disk commands, so parse it specially. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
Interpreting cdb[4] == 0 as a request to transfer 256 blocks is only needed for READ_6 and WRITE_6. No other command in that range needs that special-casing, and the resulting overrun breaks scsi-testsuite's attempt to use command 2 as a known-invalid command. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
- 04 5月, 2012 3 次提交
-
-
由 Ronnie Sahlberg 提交于
scsi_cmd_xfer_mode() is used to specify the xfer direction for SCSI commands that come in from the guest. If the direction is set incorrectly this will eventually cause QEMU to kernel-panic the guest. Add UNMAP and ATAPASSTHROUGH as commands that send data to the device. Without this change, recent kernels will send both UNMAP as well as ATAPASSTHROUGH commands to any /dev/sg* device, which due to the incorrect xfer direction very quickly causes the guest kernel to crash. Example causing a crash without the patch applied: ./x86_64-softmmu/qemu-system-x86_64 -m 1024 -enable-kvm -cdrom linuxmint-12-gnome-dvd-64bit.iso -drive file=/dev/sg4,if=scsi,bus=0,unit=6 Signed-off-by: NRonnie Sahlberg <ronniesahlberg@gmail.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
Avoid sending more than 2GB of data, as that can cause overflows in int32_t variables. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
- 19 4月, 2012 2 次提交
-
-
由 Paolo Bonzini 提交于
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
scsibus_get_dev_path is leaking id if it is not NULL. Fix it. Reported-by: NLaszlo Ersek <lersek@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
- 19 3月, 2012 1 次提交
-
-
由 Paolo Bonzini 提交于
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
- 24 2月, 2012 2 次提交
-
-
由 Paolo Bonzini 提交于
The conditions for detecting no free target or LUN were wrong. The LUN loop was followed by an "if" condition that is never true, because the loop is exited as soon as lun becomes equal to bus->info->max_lun, and never becomes greater than it. The target loop had a wrong condition (<= instead of <). Once this is fixed, the loop would fail in the same way as the LUN loop. The fix is to see whether scsi_device_find returned the device with the last (channel, target, LUN) pair, and fail if so. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-