I am new to SCSI CDB programming . I have some piece of code written for write command using 6byte CDB
ccb = (Exec_IO_CCB *)(buffer + header_size);
ccb->ccb_length = sizeof(Exec_IO_CCB);
ccb->cam_opcode = 0x1;
ccb->connect_id = 0;
ccb->data_buf_ptr = (long)(header_size + ccb->ccb_length + MAX_SENSE_LEN);
ccb->data_xfer_length = (long)(XFER_BUFSIZE - ccb->data_buf_ptr);
ccb->sense_buf_ptr = (long)(header_size + ccb->ccb_length);
ccb->sense_buf_length = MAX_SENSE_LEN;
ccb->time_out = CAM_TIMEOUT;
ccb->cdb_length = 6;
ccb->cam_flags = DATA_OUT;
ccb->cdb[0] = 0xA; /* 0xA SCSI Opcode for write operation */
ccb->cdb[1] = 0;
ccb->cdb[2] = (ccb->data_xfer_length & 0xFF0000) >> 16;
ccb->cdb[3] = (ccb->data_xfer_length & 0xFF00) >> 8;
ccb->cdb[4] = (ccb->data_xfer_length & 0xFF);
ccb->cdb[5] = 0;
From the above code I did not understand how cdb[2] and cdb[3] are derived ?
On a similar line, I am trying to develope 10 Byte CDB for write command. How to fill in the data for cdb[2-5] which accounts for LBA?
ccb->cam_flags = DATA_OUT;
ccb->cdb[0] = 0x2A; /* 0x2A SCSI Opcode for write10 CDB */
ccb->cdb[1] = 0;
ccb->cdb[2] = ??
ccb->cdb[3] = ??
ccb->cdb[4] = ??
ccb->cdb[5] = ??
ccb->cdb[6] = 0;
ccb->cdb[7] = (ccb->data_xfer_length & 0xFF);
ccb->cdb[8] = (ccb->data_xfer_length & 0xFF);
ccb->cdb[9] = 0;
Have a look at the SCSI SBC standard. Here's SBC-3 in draft form, but WRITE (6) and (10) haven't changed in quite some time: http://www.t10.org/ftp/t10/document.05/05-344r0.pdf.
For WRITE (6), cdb[2] and cdb[3] are the lower 16 bits of the logical block address, not the transfer length. The transfer length is the number of blocks you're going to write. The address is the place on the device where you're going to start writing them. If it's at the very beginning of the disk, it's LBA 0. If the device has 512-byte blocks, and you want to start writing 1 MiB in, your address is LBA 2048.