From 968575c7d427c476522e8bfef0aeb3a0bc09fb4a Mon Sep 17 00:00:00 2001

From: David Gibson <dgibson@redhat.com>

Date: Mon, 25 Jun 2018 04:18:24 +0200

Subject: [PATCH 2/3] hw/scsi: support SCSI-2 passthrough without PI

RH-Author: David Gibson <dgibson@redhat.com>

Message-id: <20180625041824.5072-3-dgibson@redhat.com>

Patchwork-id: 81030

O-Subject: [RHEL-7.5.z qemu-kvm-ma PATCH 2/2] hw/scsi: support SCSI-2 passthrough without PI

Bugzilla: 1593193

RH-Acked-by: Laurent Vivier <lvivier@redhat.com>

RH-Acked-by: Paolo Bonzini <pbonzini@redhat.com>

RH-Acked-by: Laszlo Ersek <lersek@redhat.com>

From: Daniel Henrique Barboza <danielhb@linux.vnet.ibm.com>

QEMU SCSI code makes assumptions about how the PROTECT and BYTCHK

works in the protocol, denying support for PI (Protection

Information) in case the guest OS requests it. However, in SCSI versions 2

and older, there is no PI concept in the protocol.

This means that when dealing with such devices:

- there is no PROTECT bit in byte 5 of the standard INQUIRY response. The

whole byte is marked as "Reserved";

- there is no RDPROTECT in byte 2 of READ. We have 'Logical Unit Number'

in this field instead;

- there is no VRPROTECT in byte 2 of VERIFY. We have 'Logical Unit Number'

in this field instead. This also means that the BYTCHK bit in this case

is not related to PI.

Since QEMU does not consider these changes, a SCSI passthrough using

a SCSI-2 device will not work. It will mistake these fields with

PI information and return Illegal Request SCSI SENSE thinking

that the driver is asking for PI support.

This patch fixes it by adding a new attribute called 'scsi_version'

that is read from the standard INQUIRY response of passthrough

devices. This allows for a version verification before applying

conditions related to PI that doesn't apply for older versions.

Reported-by: Dac Nguyen <dacng@us.ibm.com>

Signed-off-by: Daniel Henrique Barboza <danielhb@linux.vnet.ibm.com>

Message-Id: <20180327211451.14647-1-danielhb@linux.vnet.ibm.com>

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

(cherry picked from commit 29e560f00e2bc1b5731c8276031aaf192de55d9d)

Signed-off-by: David Gibson <dgibson@redhat.com>

Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>

---

 hw/scsi/scsi-disk.c    |  2 +-

 hw/scsi/scsi-generic.c | 47 ++++++++++++++++++++++++++++++++++++-----------

 2 files changed, 37 insertions(+), 12 deletions(-)

diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c

index f906ffb..d89e4f0 100644

--- a/hw/scsi/scsi-disk.c

+++ b/hw/scsi/scsi-disk.c

@@ -3011,7 +3011,7 @@ static Property scsi_block_properties[] = {

     DEFINE_PROP_BOOL("share-rw", SCSIDiskState, qdev.conf.share_rw, false),

     DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),

     DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,

-                      5),

+                      -1),

     DEFINE_PROP_END_OF_LIST(),

 };

diff --git a/hw/scsi/scsi-generic.c b/hw/scsi/scsi-generic.c

index fe11efe..e38829a 100644

--- a/hw/scsi/scsi-generic.c

+++ b/hw/scsi/scsi-generic.c

@@ -194,17 +194,40 @@ static void scsi_read_complete(void * opaque, int ret)

             r->buf[3] |= 0x80;

         }

     }

-    if (s->type == TYPE_DISK &&

-        r->req.cmd.buf[0] == INQUIRY &&

-        r->req.cmd.buf[2] == 0xb0) {

-        uint32_t max_transfer =

-            blk_get_max_transfer(s->conf.blk) / s->blocksize;

-

-        assert(max_transfer);

-        stl_be_p(&r->buf[8], max_transfer);

-        /* Also take care of the opt xfer len. */

-        stl_be_p(&r->buf[12],

-                 MIN_NON_ZERO(max_transfer, ldl_be_p(&r->buf[12])));

+    if (r->req.cmd.buf[0] == INQUIRY) {

+        /*

+         *  EVPD set to zero returns the standard INQUIRY data.

+         *

+         *  Check if scsi_version is unset (-1) to avoid re-defining it

+         *  each time an INQUIRY with standard data is received.

+         *  scsi_version is initialized with -1 in scsi_generic_reset

+         *  and scsi_disk_reset, making sure that we'll set the

+         *  scsi_version after a reset. If the version field of the

+         *  INQUIRY response somehow changes after a guest reboot,

+         *  we'll be able to keep track of it.

+         *

+         *  On SCSI-2 and older, first 3 bits of byte 2 is the

+         *  ANSI-approved version, while on later versions the

+         *  whole byte 2 contains the version. Check if we're dealing

+         *  with a newer version and, in that case, assign the

+         *  whole byte.

+         */

+        if (s->scsi_version == -1 && !(r->req.cmd.buf[1] & 0x01)) {

+            s->scsi_version = r->buf[2] & 0x07;

+            if (s->scsi_version > 2) {

+                s->scsi_version = r->buf[2];

+            }

+        }

+        if (s->type == TYPE_DISK && r->req.cmd.buf[2] == 0xb0) {

+            uint32_t max_transfer =

+                blk_get_max_transfer(s->conf.blk) / s->blocksize;

+

+            assert(max_transfer);

+            stl_be_p(&r->buf[8], max_transfer);

+            /* Also take care of the opt xfer len. */

+            stl_be_p(&r->buf[12],

+                     MIN_NON_ZERO(max_transfer, ldl_be_p(&r->buf[12])));

+        }

     }

     scsi_req_data(&r->req, len);

     scsi_req_unref(&r->req);

@@ -552,6 +575,8 @@ static void scsi_generic_realize(SCSIDevice *s, Error **errp)

     DPRINTF("block size %d\n", s->blocksize);

+    /* Only used by scsi-block, but initialize it nevertheless to be clean.  */

+    s->default_scsi_version = -1;

     scsi_generic_read_device_identification(s);

 }

-- 

1.8.3.1