1/*- 2 * Copyright (c) 2003-2009 Silicon Graphics International Corp. 3 * Copyright (c) 2012 The FreeBSD Foundation 4 * Copyright (c) 2015 Alexander Motin <mav@FreeBSD.org> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer, 12 * without modification, immediately at the beginning of the file. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29#include <sys/cdefs.h> 30__FBSDID("$FreeBSD: stable/10/sys/cam/ctl/ctl_frontend_ioctl.c 313369 2017-02-07 01:56:26Z mav $"); 31 32#include <sys/param.h> 33#include <sys/systm.h> 34#include <sys/kernel.h> 35#include <sys/types.h> 36#include <sys/lock.h> 37#include <sys/module.h> 38#include <sys/mutex.h> 39#include <sys/condvar.h> 40#include <sys/malloc.h> 41#include <sys/conf.h> 42#include <sys/queue.h> 43#include <sys/sysctl.h> 44 45#include <cam/cam.h> 46#include <cam/scsi/scsi_all.h> 47#include <cam/scsi/scsi_da.h> 48#include <cam/ctl/ctl_io.h> 49#include <cam/ctl/ctl.h> 50#include <cam/ctl/ctl_frontend.h> 51#include <cam/ctl/ctl_util.h> 52#include <cam/ctl/ctl_backend.h> 53#include <cam/ctl/ctl_ioctl.h> 54#include <cam/ctl/ctl_ha.h> 55#include <cam/ctl/ctl_private.h> 56#include <cam/ctl/ctl_debug.h> 57#include <cam/ctl/ctl_error.h> 58 59typedef enum { 60 CTL_IOCTL_INPROG, 61 CTL_IOCTL_DATAMOVE, 62 CTL_IOCTL_DONE 63} ctl_fe_ioctl_state; 64 65struct ctl_fe_ioctl_params { 66 struct cv sem; 67 struct mtx ioctl_mtx; 68 ctl_fe_ioctl_state state; 69}; 70 71struct cfi_softc { 72 uint32_t cur_tag_num; 73 struct ctl_port port; 74}; 75 76static struct cfi_softc cfi_softc; 77 78static int cfi_init(void); 79static int cfi_shutdown(void); 80static void cfi_datamove(union ctl_io *io); 81static void cfi_done(union ctl_io *io); 82 83static struct ctl_frontend cfi_frontend = 84{ 85 .name = "ioctl", 86 .init = cfi_init, 87 .shutdown = cfi_shutdown, 88}; 89CTL_FRONTEND_DECLARE(ctlioctl, cfi_frontend); 90 91static int 92cfi_init(void) 93{ 94 struct cfi_softc *isoftc = &cfi_softc; 95 struct ctl_port *port; 96 int error = 0; 97 98 memset(isoftc, 0, sizeof(*isoftc)); 99 100 port = &isoftc->port; 101 port->frontend = &cfi_frontend; 102 port->port_type = CTL_PORT_IOCTL; 103 port->num_requested_ctl_io = 100; 104 port->port_name = "ioctl"; 105 port->fe_datamove = cfi_datamove; 106 port->fe_done = cfi_done; 107 port->max_targets = 1; 108 port->max_target_id = 0; 109 port->targ_port = -1; 110 port->max_initiators = 1; 111 112 if ((error = ctl_port_register(port)) != 0) { 113 printf("%s: ioctl port registration failed\n", __func__); 114 return (error); 115 } 116 ctl_port_online(port); 117 return (0); 118} 119 120static int 121cfi_shutdown(void) 122{ 123 struct cfi_softc *isoftc = &cfi_softc; 124 struct ctl_port *port = &isoftc->port; 125 int error = 0; 126 127 ctl_port_offline(port); 128 if ((error = ctl_port_deregister(port)) != 0) 129 printf("%s: ioctl port deregistration failed\n", __func__); 130 return (error); 131} 132 133/* 134 * Data movement routine for the CTL ioctl frontend port. 135 */ 136static int 137ctl_ioctl_do_datamove(struct ctl_scsiio *ctsio) 138{ 139 struct ctl_sg_entry *ext_sglist, *kern_sglist; 140 struct ctl_sg_entry ext_entry, kern_entry; 141 int ext_sglen, ext_sg_entries, kern_sg_entries; 142 int ext_sg_start, ext_offset; 143 int len_to_copy; 144 int kern_watermark, ext_watermark; 145 int ext_sglist_malloced; 146 int i, j; 147 148 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove\n")); 149 150 /* 151 * If this flag is set, fake the data transfer. 152 */ 153 if (ctsio->io_hdr.flags & CTL_FLAG_NO_DATAMOVE) { 154 ext_sglist_malloced = 0; 155 ctsio->ext_data_filled += ctsio->kern_data_len; 156 ctsio->kern_data_resid = 0; 157 goto bailout; 158 } 159 160 /* 161 * To simplify things here, if we have a single buffer, stick it in 162 * a S/G entry and just make it a single entry S/G list. 163 */ 164 if (ctsio->ext_sg_entries > 0) { 165 int len_seen; 166 167 ext_sglen = ctsio->ext_sg_entries * sizeof(*ext_sglist); 168 ext_sglist = (struct ctl_sg_entry *)malloc(ext_sglen, M_CTL, 169 M_WAITOK); 170 ext_sglist_malloced = 1; 171 if (copyin(ctsio->ext_data_ptr, ext_sglist, ext_sglen) != 0) { 172 ctsio->io_hdr.port_status = 31343; 173 goto bailout; 174 } 175 ext_sg_entries = ctsio->ext_sg_entries; 176 ext_sg_start = ext_sg_entries; 177 ext_offset = 0; 178 len_seen = 0; 179 for (i = 0; i < ext_sg_entries; i++) { 180 if ((len_seen + ext_sglist[i].len) >= 181 ctsio->ext_data_filled) { 182 ext_sg_start = i; 183 ext_offset = ctsio->ext_data_filled - len_seen; 184 break; 185 } 186 len_seen += ext_sglist[i].len; 187 } 188 } else { 189 ext_sglist = &ext_entry; 190 ext_sglist_malloced = 0; 191 ext_sglist->addr = ctsio->ext_data_ptr; 192 ext_sglist->len = ctsio->ext_data_len; 193 ext_sg_entries = 1; 194 ext_sg_start = 0; 195 ext_offset = ctsio->ext_data_filled; 196 } 197 198 if (ctsio->kern_sg_entries > 0) { 199 kern_sglist = (struct ctl_sg_entry *)ctsio->kern_data_ptr; 200 kern_sg_entries = ctsio->kern_sg_entries; 201 } else { 202 kern_sglist = &kern_entry; 203 kern_sglist->addr = ctsio->kern_data_ptr; 204 kern_sglist->len = ctsio->kern_data_len; 205 kern_sg_entries = 1; 206 } 207 208 kern_watermark = 0; 209 ext_watermark = ext_offset; 210 for (i = ext_sg_start, j = 0; 211 i < ext_sg_entries && j < kern_sg_entries;) { 212 uint8_t *ext_ptr, *kern_ptr; 213 214 len_to_copy = MIN(ext_sglist[i].len - ext_watermark, 215 kern_sglist[j].len - kern_watermark); 216 217 ext_ptr = (uint8_t *)ext_sglist[i].addr; 218 ext_ptr = ext_ptr + ext_watermark; 219 if (ctsio->io_hdr.flags & CTL_FLAG_BUS_ADDR) { 220 /* 221 * XXX KDM fix this! 222 */ 223 panic("need to implement bus address support"); 224#if 0 225 kern_ptr = bus_to_virt(kern_sglist[j].addr); 226#endif 227 } else 228 kern_ptr = (uint8_t *)kern_sglist[j].addr; 229 kern_ptr = kern_ptr + kern_watermark; 230 231 if ((ctsio->io_hdr.flags & CTL_FLAG_DATA_MASK) == 232 CTL_FLAG_DATA_IN) { 233 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: copying %d " 234 "bytes to user\n", len_to_copy)); 235 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: from %p " 236 "to %p\n", kern_ptr, ext_ptr)); 237 if (copyout(kern_ptr, ext_ptr, len_to_copy) != 0) { 238 ctsio->io_hdr.port_status = 31344; 239 goto bailout; 240 } 241 } else { 242 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: copying %d " 243 "bytes from user\n", len_to_copy)); 244 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: from %p " 245 "to %p\n", ext_ptr, kern_ptr)); 246 if (copyin(ext_ptr, kern_ptr, len_to_copy)!= 0){ 247 ctsio->io_hdr.port_status = 31345; 248 goto bailout; 249 } 250 } 251 252 ctsio->ext_data_filled += len_to_copy; 253 ctsio->kern_data_resid -= len_to_copy; 254 255 ext_watermark += len_to_copy; 256 if (ext_sglist[i].len == ext_watermark) { 257 i++; 258 ext_watermark = 0; 259 } 260 261 kern_watermark += len_to_copy; 262 if (kern_sglist[j].len == kern_watermark) { 263 j++; 264 kern_watermark = 0; 265 } 266 } 267 268 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: ext_sg_entries: %d, " 269 "kern_sg_entries: %d\n", ext_sg_entries, 270 kern_sg_entries)); 271 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: ext_data_len = %d, " 272 "kern_data_len = %d\n", ctsio->ext_data_len, 273 ctsio->kern_data_len)); 274 275bailout: 276 if (ext_sglist_malloced != 0) 277 free(ext_sglist, M_CTL); 278 279 return (CTL_RETVAL_COMPLETE); 280} 281 282static void 283cfi_datamove(union ctl_io *io) 284{ 285 struct ctl_fe_ioctl_params *params; 286 287 params = (struct ctl_fe_ioctl_params *) 288 io->io_hdr.ctl_private[CTL_PRIV_FRONTEND].ptr; 289 290 mtx_lock(¶ms->ioctl_mtx); 291 params->state = CTL_IOCTL_DATAMOVE; 292 cv_broadcast(¶ms->sem); 293 mtx_unlock(¶ms->ioctl_mtx); 294} 295 296static void 297cfi_done(union ctl_io *io) 298{ 299 struct ctl_fe_ioctl_params *params; 300 301 params = (struct ctl_fe_ioctl_params *) 302 io->io_hdr.ctl_private[CTL_PRIV_FRONTEND].ptr; 303 304 mtx_lock(¶ms->ioctl_mtx); 305 params->state = CTL_IOCTL_DONE; 306 cv_broadcast(¶ms->sem); 307 mtx_unlock(¶ms->ioctl_mtx); 308} 309 310static int 311cfi_submit_wait(union ctl_io *io) 312{ 313 struct ctl_fe_ioctl_params params; 314 ctl_fe_ioctl_state last_state; 315 int done, retval; 316 317 bzero(¶ms, sizeof(params)); 318 mtx_init(¶ms.ioctl_mtx, "ctliocmtx", NULL, MTX_DEF); 319 cv_init(¶ms.sem, "ctlioccv"); 320 params.state = CTL_IOCTL_INPROG; 321 last_state = params.state; 322 323 io->io_hdr.ctl_private[CTL_PRIV_FRONTEND].ptr = ¶ms; 324 325 CTL_DEBUG_PRINT(("cfi_submit_wait\n")); 326 327 /* This shouldn't happen */ 328 if ((retval = ctl_queue(io)) != CTL_RETVAL_COMPLETE) 329 return (retval); 330 331 done = 0; 332 333 do { 334 mtx_lock(¶ms.ioctl_mtx); 335 /* 336 * Check the state here, and don't sleep if the state has 337 * already changed (i.e. wakeup has already occurred, but we 338 * weren't waiting yet). 339 */ 340 if (params.state == last_state) { 341 /* XXX KDM cv_wait_sig instead? */ 342 cv_wait(¶ms.sem, ¶ms.ioctl_mtx); 343 } 344 last_state = params.state; 345 346 switch (params.state) { 347 case CTL_IOCTL_INPROG: 348 /* Why did we wake up? */ 349 /* XXX KDM error here? */ 350 mtx_unlock(¶ms.ioctl_mtx); 351 break; 352 case CTL_IOCTL_DATAMOVE: 353 CTL_DEBUG_PRINT(("got CTL_IOCTL_DATAMOVE\n")); 354 355 /* 356 * change last_state back to INPROG to avoid 357 * deadlock on subsequent data moves. 358 */ 359 params.state = last_state = CTL_IOCTL_INPROG; 360 361 mtx_unlock(¶ms.ioctl_mtx); 362 ctl_ioctl_do_datamove(&io->scsiio); 363 /* 364 * Note that in some cases, most notably writes, 365 * this will queue the I/O and call us back later. 366 * In other cases, generally reads, this routine 367 * will immediately call back and wake us up, 368 * probably using our own context. 369 */ 370 io->scsiio.be_move_done(io); 371 break; 372 case CTL_IOCTL_DONE: 373 mtx_unlock(¶ms.ioctl_mtx); 374 CTL_DEBUG_PRINT(("got CTL_IOCTL_DONE\n")); 375 done = 1; 376 break; 377 default: 378 mtx_unlock(¶ms.ioctl_mtx); 379 /* XXX KDM error here? */ 380 break; 381 } 382 } while (done == 0); 383 384 mtx_destroy(¶ms.ioctl_mtx); 385 cv_destroy(¶ms.sem); 386 387 return (CTL_RETVAL_COMPLETE); 388} 389 390int 391ctl_ioctl_io(struct cdev *dev, u_long cmd, caddr_t addr, int flag, 392 struct thread *td) 393{ 394 union ctl_io *io; 395 void *pool_tmp, *sc_tmp; 396 int retval = 0; 397 398 /* 399 * If we haven't been "enabled", don't allow any SCSI I/O 400 * to this FETD. 401 */ 402 if ((cfi_softc.port.status & CTL_PORT_STATUS_ONLINE) == 0) 403 return (EPERM); 404 405 io = ctl_alloc_io(cfi_softc.port.ctl_pool_ref); 406 407 /* 408 * Need to save the pool reference so it doesn't get 409 * spammed by the user's ctl_io. 410 */ 411 pool_tmp = io->io_hdr.pool; 412 sc_tmp = CTL_SOFTC(io); 413 memcpy(io, (void *)addr, sizeof(*io)); 414 io->io_hdr.pool = pool_tmp; 415 CTL_SOFTC(io) = sc_tmp; 416 417 /* 418 * No status yet, so make sure the status is set properly. 419 */ 420 io->io_hdr.status = CTL_STATUS_NONE; 421 422 /* 423 * The user sets the initiator ID, target and LUN IDs. 424 */ 425 io->io_hdr.nexus.targ_port = cfi_softc.port.targ_port; 426 io->io_hdr.flags |= CTL_FLAG_USER_REQ; 427 if ((io->io_hdr.io_type == CTL_IO_SCSI) && 428 (io->scsiio.tag_type != CTL_TAG_UNTAGGED)) 429 io->scsiio.tag_num = cfi_softc.cur_tag_num++; 430 431 retval = cfi_submit_wait(io); 432 if (retval == 0) 433 memcpy((void *)addr, io, sizeof(*io)); 434 ctl_free_io(io); 435 return (retval); 436} 437