ctl.c revision 268362
1/*- 2 * Copyright (c) 2003-2009 Silicon Graphics International Corp. 3 * Copyright (c) 2012 The FreeBSD Foundation 4 * All rights reserved. 5 * 6 * Portions of this software were developed by Edward Tomasz Napierala 7 * under sponsorship from the FreeBSD Foundation. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions, and the following disclaimer, 14 * without modification. 15 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 16 * substantially similar to the "NO WARRANTY" disclaimer below 17 * ("Disclaimer") and any redistribution must be conditioned upon 18 * including a substantially similar Disclaimer requirement for further 19 * binary redistribution. 20 * 21 * NO WARRANTY 22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 23 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR 25 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 26 * HOLDERS OR CONTRIBUTORS BE LIABLE FOR SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 30 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 31 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 32 * POSSIBILITY OF SUCH DAMAGES. 33 * 34 * $Id: //depot/users/kenm/FreeBSD-test2/sys/cam/ctl/ctl.c#8 $ 35 */ 36/* 37 * CAM Target Layer, a SCSI device emulation subsystem. 38 * 39 * Author: Ken Merry <ken@FreeBSD.org> 40 */ 41 42#define _CTL_C 43 44#include <sys/cdefs.h> 45__FBSDID("$FreeBSD: head/sys/cam/ctl/ctl.c 268362 2014-07-07 09:37:22Z mav $"); 46 47#include <sys/param.h> 48#include <sys/systm.h> 49#include <sys/kernel.h> 50#include <sys/types.h> 51#include <sys/kthread.h> 52#include <sys/bio.h> 53#include <sys/fcntl.h> 54#include <sys/lock.h> 55#include <sys/module.h> 56#include <sys/mutex.h> 57#include <sys/condvar.h> 58#include <sys/malloc.h> 59#include <sys/conf.h> 60#include <sys/ioccom.h> 61#include <sys/queue.h> 62#include <sys/sbuf.h> 63#include <sys/smp.h> 64#include <sys/endian.h> 65#include <sys/sysctl.h> 66 67#include <cam/cam.h> 68#include <cam/scsi/scsi_all.h> 69#include <cam/scsi/scsi_da.h> 70#include <cam/ctl/ctl_io.h> 71#include <cam/ctl/ctl.h> 72#include <cam/ctl/ctl_frontend.h> 73#include <cam/ctl/ctl_frontend_internal.h> 74#include <cam/ctl/ctl_util.h> 75#include <cam/ctl/ctl_backend.h> 76#include <cam/ctl/ctl_ioctl.h> 77#include <cam/ctl/ctl_ha.h> 78#include <cam/ctl/ctl_private.h> 79#include <cam/ctl/ctl_debug.h> 80#include <cam/ctl/ctl_scsi_all.h> 81#include <cam/ctl/ctl_error.h> 82 83struct ctl_softc *control_softc = NULL; 84 85/* 86 * Size and alignment macros needed for Copan-specific HA hardware. These 87 * can go away when the HA code is re-written, and uses busdma for any 88 * hardware. 89 */ 90#define CTL_ALIGN_8B(target, source, type) \ 91 if (((uint32_t)source & 0x7) != 0) \ 92 target = (type)(source + (0x8 - ((uint32_t)source & 0x7)));\ 93 else \ 94 target = (type)source; 95 96#define CTL_SIZE_8B(target, size) \ 97 if ((size & 0x7) != 0) \ 98 target = size + (0x8 - (size & 0x7)); \ 99 else \ 100 target = size; 101 102#define CTL_ALIGN_8B_MARGIN 16 103 104/* 105 * Template mode pages. 106 */ 107 108/* 109 * Note that these are default values only. The actual values will be 110 * filled in when the user does a mode sense. 111 */ 112static struct copan_power_subpage power_page_default = { 113 /*page_code*/ PWR_PAGE_CODE | SMPH_SPF, 114 /*subpage*/ PWR_SUBPAGE_CODE, 115 /*page_length*/ {(sizeof(struct copan_power_subpage) - 4) & 0xff00, 116 (sizeof(struct copan_power_subpage) - 4) & 0x00ff}, 117 /*page_version*/ PWR_VERSION, 118 /* total_luns */ 26, 119 /* max_active_luns*/ PWR_DFLT_MAX_LUNS, 120 /*reserved*/ {0, 0, 0, 0, 0, 0, 0, 0, 0, 121 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 122 0, 0, 0, 0, 0, 0} 123}; 124 125static struct copan_power_subpage power_page_changeable = { 126 /*page_code*/ PWR_PAGE_CODE | SMPH_SPF, 127 /*subpage*/ PWR_SUBPAGE_CODE, 128 /*page_length*/ {(sizeof(struct copan_power_subpage) - 4) & 0xff00, 129 (sizeof(struct copan_power_subpage) - 4) & 0x00ff}, 130 /*page_version*/ 0, 131 /* total_luns */ 0, 132 /* max_active_luns*/ 0, 133 /*reserved*/ {0, 0, 0, 0, 0, 0, 0, 0, 0, 134 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 135 0, 0, 0, 0, 0, 0} 136}; 137 138static struct copan_aps_subpage aps_page_default = { 139 APS_PAGE_CODE | SMPH_SPF, //page_code 140 APS_SUBPAGE_CODE, //subpage 141 {(sizeof(struct copan_aps_subpage) - 4) & 0xff00, 142 (sizeof(struct copan_aps_subpage) - 4) & 0x00ff}, //page_length 143 APS_VERSION, //page_version 144 0, //lock_active 145 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 146 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 147 0, 0, 0, 0, 0} //reserved 148}; 149 150static struct copan_aps_subpage aps_page_changeable = { 151 APS_PAGE_CODE | SMPH_SPF, //page_code 152 APS_SUBPAGE_CODE, //subpage 153 {(sizeof(struct copan_aps_subpage) - 4) & 0xff00, 154 (sizeof(struct copan_aps_subpage) - 4) & 0x00ff}, //page_length 155 0, //page_version 156 0, //lock_active 157 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 158 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 159 0, 0, 0, 0, 0} //reserved 160}; 161 162static struct copan_debugconf_subpage debugconf_page_default = { 163 DBGCNF_PAGE_CODE | SMPH_SPF, /* page_code */ 164 DBGCNF_SUBPAGE_CODE, /* subpage */ 165 {(sizeof(struct copan_debugconf_subpage) - 4) >> 8, 166 (sizeof(struct copan_debugconf_subpage) - 4) >> 0}, /* page_length */ 167 DBGCNF_VERSION, /* page_version */ 168 {CTL_TIME_IO_DEFAULT_SECS>>8, 169 CTL_TIME_IO_DEFAULT_SECS>>0}, /* ctl_time_io_secs */ 170}; 171 172static struct copan_debugconf_subpage debugconf_page_changeable = { 173 DBGCNF_PAGE_CODE | SMPH_SPF, /* page_code */ 174 DBGCNF_SUBPAGE_CODE, /* subpage */ 175 {(sizeof(struct copan_debugconf_subpage) - 4) >> 8, 176 (sizeof(struct copan_debugconf_subpage) - 4) >> 0}, /* page_length */ 177 0, /* page_version */ 178 {0xff,0xff}, /* ctl_time_io_secs */ 179}; 180 181static struct scsi_format_page format_page_default = { 182 /*page_code*/SMS_FORMAT_DEVICE_PAGE, 183 /*page_length*/sizeof(struct scsi_format_page) - 2, 184 /*tracks_per_zone*/ {0, 0}, 185 /*alt_sectors_per_zone*/ {0, 0}, 186 /*alt_tracks_per_zone*/ {0, 0}, 187 /*alt_tracks_per_lun*/ {0, 0}, 188 /*sectors_per_track*/ {(CTL_DEFAULT_SECTORS_PER_TRACK >> 8) & 0xff, 189 CTL_DEFAULT_SECTORS_PER_TRACK & 0xff}, 190 /*bytes_per_sector*/ {0, 0}, 191 /*interleave*/ {0, 0}, 192 /*track_skew*/ {0, 0}, 193 /*cylinder_skew*/ {0, 0}, 194 /*flags*/ SFP_HSEC, 195 /*reserved*/ {0, 0, 0} 196}; 197 198static struct scsi_format_page format_page_changeable = { 199 /*page_code*/SMS_FORMAT_DEVICE_PAGE, 200 /*page_length*/sizeof(struct scsi_format_page) - 2, 201 /*tracks_per_zone*/ {0, 0}, 202 /*alt_sectors_per_zone*/ {0, 0}, 203 /*alt_tracks_per_zone*/ {0, 0}, 204 /*alt_tracks_per_lun*/ {0, 0}, 205 /*sectors_per_track*/ {0, 0}, 206 /*bytes_per_sector*/ {0, 0}, 207 /*interleave*/ {0, 0}, 208 /*track_skew*/ {0, 0}, 209 /*cylinder_skew*/ {0, 0}, 210 /*flags*/ 0, 211 /*reserved*/ {0, 0, 0} 212}; 213 214static struct scsi_rigid_disk_page rigid_disk_page_default = { 215 /*page_code*/SMS_RIGID_DISK_PAGE, 216 /*page_length*/sizeof(struct scsi_rigid_disk_page) - 2, 217 /*cylinders*/ {0, 0, 0}, 218 /*heads*/ CTL_DEFAULT_HEADS, 219 /*start_write_precomp*/ {0, 0, 0}, 220 /*start_reduced_current*/ {0, 0, 0}, 221 /*step_rate*/ {0, 0}, 222 /*landing_zone_cylinder*/ {0, 0, 0}, 223 /*rpl*/ SRDP_RPL_DISABLED, 224 /*rotational_offset*/ 0, 225 /*reserved1*/ 0, 226 /*rotation_rate*/ {(CTL_DEFAULT_ROTATION_RATE >> 8) & 0xff, 227 CTL_DEFAULT_ROTATION_RATE & 0xff}, 228 /*reserved2*/ {0, 0} 229}; 230 231static struct scsi_rigid_disk_page rigid_disk_page_changeable = { 232 /*page_code*/SMS_RIGID_DISK_PAGE, 233 /*page_length*/sizeof(struct scsi_rigid_disk_page) - 2, 234 /*cylinders*/ {0, 0, 0}, 235 /*heads*/ 0, 236 /*start_write_precomp*/ {0, 0, 0}, 237 /*start_reduced_current*/ {0, 0, 0}, 238 /*step_rate*/ {0, 0}, 239 /*landing_zone_cylinder*/ {0, 0, 0}, 240 /*rpl*/ 0, 241 /*rotational_offset*/ 0, 242 /*reserved1*/ 0, 243 /*rotation_rate*/ {0, 0}, 244 /*reserved2*/ {0, 0} 245}; 246 247static struct scsi_caching_page caching_page_default = { 248 /*page_code*/SMS_CACHING_PAGE, 249 /*page_length*/sizeof(struct scsi_caching_page) - 2, 250 /*flags1*/ SCP_DISC | SCP_WCE, 251 /*ret_priority*/ 0, 252 /*disable_pf_transfer_len*/ {0xff, 0xff}, 253 /*min_prefetch*/ {0, 0}, 254 /*max_prefetch*/ {0xff, 0xff}, 255 /*max_pf_ceiling*/ {0xff, 0xff}, 256 /*flags2*/ 0, 257 /*cache_segments*/ 0, 258 /*cache_seg_size*/ {0, 0}, 259 /*reserved*/ 0, 260 /*non_cache_seg_size*/ {0, 0, 0} 261}; 262 263static struct scsi_caching_page caching_page_changeable = { 264 /*page_code*/SMS_CACHING_PAGE, 265 /*page_length*/sizeof(struct scsi_caching_page) - 2, 266 /*flags1*/ 0, 267 /*ret_priority*/ 0, 268 /*disable_pf_transfer_len*/ {0, 0}, 269 /*min_prefetch*/ {0, 0}, 270 /*max_prefetch*/ {0, 0}, 271 /*max_pf_ceiling*/ {0, 0}, 272 /*flags2*/ 0, 273 /*cache_segments*/ 0, 274 /*cache_seg_size*/ {0, 0}, 275 /*reserved*/ 0, 276 /*non_cache_seg_size*/ {0, 0, 0} 277}; 278 279static struct scsi_control_page control_page_default = { 280 /*page_code*/SMS_CONTROL_MODE_PAGE, 281 /*page_length*/sizeof(struct scsi_control_page) - 2, 282 /*rlec*/0, 283 /*queue_flags*/0, 284 /*eca_and_aen*/0, 285 /*reserved*/0, 286 /*aen_holdoff_period*/{0, 0} 287}; 288 289static struct scsi_control_page control_page_changeable = { 290 /*page_code*/SMS_CONTROL_MODE_PAGE, 291 /*page_length*/sizeof(struct scsi_control_page) - 2, 292 /*rlec*/SCP_DSENSE, 293 /*queue_flags*/0, 294 /*eca_and_aen*/0, 295 /*reserved*/0, 296 /*aen_holdoff_period*/{0, 0} 297}; 298 299 300/* 301 * XXX KDM move these into the softc. 302 */ 303static int rcv_sync_msg; 304static int persis_offset; 305static uint8_t ctl_pause_rtr; 306static int ctl_is_single = 1; 307static int index_to_aps_page; 308 309SYSCTL_NODE(_kern_cam, OID_AUTO, ctl, CTLFLAG_RD, 0, "CAM Target Layer"); 310static int worker_threads = -1; 311SYSCTL_INT(_kern_cam_ctl, OID_AUTO, worker_threads, CTLFLAG_RDTUN, 312 &worker_threads, 1, "Number of worker threads"); 313static int verbose = 0; 314SYSCTL_INT(_kern_cam_ctl, OID_AUTO, verbose, CTLFLAG_RWTUN, 315 &verbose, 0, "Show SCSI errors returned to initiator"); 316 317/* 318 * Supported pages (0x00), Serial number (0x80), Device ID (0x83), 319 * SCSI Ports (0x88), Block limits (0xB0) and 320 * Logical Block Provisioning (0xB2) 321 */ 322#define SCSI_EVPD_NUM_SUPPORTED_PAGES 6 323 324static void ctl_isc_event_handler(ctl_ha_channel chanel, ctl_ha_event event, 325 int param); 326static void ctl_copy_sense_data(union ctl_ha_msg *src, union ctl_io *dest); 327static int ctl_init(void); 328void ctl_shutdown(void); 329static int ctl_open(struct cdev *dev, int flags, int fmt, struct thread *td); 330static int ctl_close(struct cdev *dev, int flags, int fmt, struct thread *td); 331static void ctl_ioctl_online(void *arg); 332static void ctl_ioctl_offline(void *arg); 333static int ctl_ioctl_lun_enable(void *arg, struct ctl_id targ_id, int lun_id); 334static int ctl_ioctl_lun_disable(void *arg, struct ctl_id targ_id, int lun_id); 335static int ctl_ioctl_do_datamove(struct ctl_scsiio *ctsio); 336static int ctl_serialize_other_sc_cmd(struct ctl_scsiio *ctsio); 337static int ctl_ioctl_submit_wait(union ctl_io *io); 338static void ctl_ioctl_datamove(union ctl_io *io); 339static void ctl_ioctl_done(union ctl_io *io); 340static void ctl_ioctl_hard_startstop_callback(void *arg, 341 struct cfi_metatask *metatask); 342static void ctl_ioctl_bbrread_callback(void *arg,struct cfi_metatask *metatask); 343static int ctl_ioctl_fill_ooa(struct ctl_lun *lun, uint32_t *cur_fill_num, 344 struct ctl_ooa *ooa_hdr, 345 struct ctl_ooa_entry *kern_entries); 346static int ctl_ioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flag, 347 struct thread *td); 348uint32_t ctl_get_resindex(struct ctl_nexus *nexus); 349uint32_t ctl_port_idx(int port_num); 350static uint32_t ctl_map_lun(int port_num, uint32_t lun); 351static uint32_t ctl_map_lun_back(int port_num, uint32_t lun); 352#ifdef unused 353static union ctl_io *ctl_malloc_io(ctl_io_type io_type, uint32_t targ_port, 354 uint32_t targ_target, uint32_t targ_lun, 355 int can_wait); 356static void ctl_kfree_io(union ctl_io *io); 357#endif /* unused */ 358static int ctl_alloc_lun(struct ctl_softc *ctl_softc, struct ctl_lun *lun, 359 struct ctl_be_lun *be_lun, struct ctl_id target_id); 360static int ctl_free_lun(struct ctl_lun *lun); 361static void ctl_create_lun(struct ctl_be_lun *be_lun); 362/** 363static void ctl_failover_change_pages(struct ctl_softc *softc, 364 struct ctl_scsiio *ctsio, int master); 365**/ 366 367static int ctl_do_mode_select(union ctl_io *io); 368static int ctl_pro_preempt(struct ctl_softc *softc, struct ctl_lun *lun, 369 uint64_t res_key, uint64_t sa_res_key, 370 uint8_t type, uint32_t residx, 371 struct ctl_scsiio *ctsio, 372 struct scsi_per_res_out *cdb, 373 struct scsi_per_res_out_parms* param); 374static void ctl_pro_preempt_other(struct ctl_lun *lun, 375 union ctl_ha_msg *msg); 376static void ctl_hndl_per_res_out_on_other_sc(union ctl_ha_msg *msg); 377static int ctl_inquiry_evpd_supported(struct ctl_scsiio *ctsio, int alloc_len); 378static int ctl_inquiry_evpd_serial(struct ctl_scsiio *ctsio, int alloc_len); 379static int ctl_inquiry_evpd_devid(struct ctl_scsiio *ctsio, int alloc_len); 380static int ctl_inquiry_evpd_scsi_ports(struct ctl_scsiio *ctsio, 381 int alloc_len); 382static int ctl_inquiry_evpd_block_limits(struct ctl_scsiio *ctsio, 383 int alloc_len); 384static int ctl_inquiry_evpd_lbp(struct ctl_scsiio *ctsio, int alloc_len); 385static int ctl_inquiry_evpd(struct ctl_scsiio *ctsio); 386static int ctl_inquiry_std(struct ctl_scsiio *ctsio); 387static int ctl_get_lba_len(union ctl_io *io, uint64_t *lba, uint32_t *len); 388static ctl_action ctl_extent_check(union ctl_io *io1, union ctl_io *io2); 389static ctl_action ctl_check_for_blockage(union ctl_io *pending_io, 390 union ctl_io *ooa_io); 391static ctl_action ctl_check_ooa(struct ctl_lun *lun, union ctl_io *pending_io, 392 union ctl_io *starting_io); 393static int ctl_check_blocked(struct ctl_lun *lun); 394static int ctl_scsiio_lun_check(struct ctl_softc *ctl_softc, 395 struct ctl_lun *lun, 396 const struct ctl_cmd_entry *entry, 397 struct ctl_scsiio *ctsio); 398//static int ctl_check_rtr(union ctl_io *pending_io, struct ctl_softc *softc); 399static void ctl_failover(void); 400static int ctl_scsiio_precheck(struct ctl_softc *ctl_softc, 401 struct ctl_scsiio *ctsio); 402static int ctl_scsiio(struct ctl_scsiio *ctsio); 403 404static int ctl_bus_reset(struct ctl_softc *ctl_softc, union ctl_io *io); 405static int ctl_target_reset(struct ctl_softc *ctl_softc, union ctl_io *io, 406 ctl_ua_type ua_type); 407static int ctl_lun_reset(struct ctl_lun *lun, union ctl_io *io, 408 ctl_ua_type ua_type); 409static int ctl_abort_task(union ctl_io *io); 410static int ctl_abort_task_set(union ctl_io *io); 411static int ctl_i_t_nexus_reset(union ctl_io *io); 412static void ctl_run_task(union ctl_io *io); 413#ifdef CTL_IO_DELAY 414static void ctl_datamove_timer_wakeup(void *arg); 415static void ctl_done_timer_wakeup(void *arg); 416#endif /* CTL_IO_DELAY */ 417 418static void ctl_send_datamove_done(union ctl_io *io, int have_lock); 419static void ctl_datamove_remote_write_cb(struct ctl_ha_dt_req *rq); 420static int ctl_datamove_remote_dm_write_cb(union ctl_io *io); 421static void ctl_datamove_remote_write(union ctl_io *io); 422static int ctl_datamove_remote_dm_read_cb(union ctl_io *io); 423static void ctl_datamove_remote_read_cb(struct ctl_ha_dt_req *rq); 424static int ctl_datamove_remote_sgl_setup(union ctl_io *io); 425static int ctl_datamove_remote_xfer(union ctl_io *io, unsigned command, 426 ctl_ha_dt_cb callback); 427static void ctl_datamove_remote_read(union ctl_io *io); 428static void ctl_datamove_remote(union ctl_io *io); 429static int ctl_process_done(union ctl_io *io); 430static void ctl_lun_thread(void *arg); 431static void ctl_work_thread(void *arg); 432static void ctl_enqueue_incoming(union ctl_io *io); 433static void ctl_enqueue_rtr(union ctl_io *io); 434static void ctl_enqueue_done(union ctl_io *io); 435static void ctl_enqueue_isc(union ctl_io *io); 436static const struct ctl_cmd_entry * 437 ctl_get_cmd_entry(struct ctl_scsiio *ctsio); 438static const struct ctl_cmd_entry * 439 ctl_validate_command(struct ctl_scsiio *ctsio); 440static int ctl_cmd_applicable(uint8_t lun_type, 441 const struct ctl_cmd_entry *entry); 442 443/* 444 * Load the serialization table. This isn't very pretty, but is probably 445 * the easiest way to do it. 446 */ 447#include "ctl_ser_table.c" 448 449/* 450 * We only need to define open, close and ioctl routines for this driver. 451 */ 452static struct cdevsw ctl_cdevsw = { 453 .d_version = D_VERSION, 454 .d_flags = 0, 455 .d_open = ctl_open, 456 .d_close = ctl_close, 457 .d_ioctl = ctl_ioctl, 458 .d_name = "ctl", 459}; 460 461 462MALLOC_DEFINE(M_CTL, "ctlmem", "Memory used for CTL"); 463MALLOC_DEFINE(M_CTLIO, "ctlio", "Memory used for CTL requests"); 464 465static int ctl_module_event_handler(module_t, int /*modeventtype_t*/, void *); 466 467static moduledata_t ctl_moduledata = { 468 "ctl", 469 ctl_module_event_handler, 470 NULL 471}; 472 473DECLARE_MODULE(ctl, ctl_moduledata, SI_SUB_CONFIGURE, SI_ORDER_THIRD); 474MODULE_VERSION(ctl, 1); 475 476static struct ctl_frontend ioctl_frontend = 477{ 478 .name = "ioctl", 479}; 480 481static void 482ctl_isc_handler_finish_xfer(struct ctl_softc *ctl_softc, 483 union ctl_ha_msg *msg_info) 484{ 485 struct ctl_scsiio *ctsio; 486 487 if (msg_info->hdr.original_sc == NULL) { 488 printf("%s: original_sc == NULL!\n", __func__); 489 /* XXX KDM now what? */ 490 return; 491 } 492 493 ctsio = &msg_info->hdr.original_sc->scsiio; 494 ctsio->io_hdr.flags |= CTL_FLAG_IO_ACTIVE; 495 ctsio->io_hdr.msg_type = CTL_MSG_FINISH_IO; 496 ctsio->io_hdr.status = msg_info->hdr.status; 497 ctsio->scsi_status = msg_info->scsi.scsi_status; 498 ctsio->sense_len = msg_info->scsi.sense_len; 499 ctsio->sense_residual = msg_info->scsi.sense_residual; 500 ctsio->residual = msg_info->scsi.residual; 501 memcpy(&ctsio->sense_data, &msg_info->scsi.sense_data, 502 sizeof(ctsio->sense_data)); 503 memcpy(&ctsio->io_hdr.ctl_private[CTL_PRIV_LBA_LEN].bytes, 504 &msg_info->scsi.lbalen, sizeof(msg_info->scsi.lbalen)); 505 ctl_enqueue_isc((union ctl_io *)ctsio); 506} 507 508static void 509ctl_isc_handler_finish_ser_only(struct ctl_softc *ctl_softc, 510 union ctl_ha_msg *msg_info) 511{ 512 struct ctl_scsiio *ctsio; 513 514 if (msg_info->hdr.serializing_sc == NULL) { 515 printf("%s: serializing_sc == NULL!\n", __func__); 516 /* XXX KDM now what? */ 517 return; 518 } 519 520 ctsio = &msg_info->hdr.serializing_sc->scsiio; 521#if 0 522 /* 523 * Attempt to catch the situation where an I/O has 524 * been freed, and we're using it again. 525 */ 526 if (ctsio->io_hdr.io_type == 0xff) { 527 union ctl_io *tmp_io; 528 tmp_io = (union ctl_io *)ctsio; 529 printf("%s: %p use after free!\n", __func__, 530 ctsio); 531 printf("%s: type %d msg %d cdb %x iptl: " 532 "%d:%d:%d:%d tag 0x%04x " 533 "flag %#x status %x\n", 534 __func__, 535 tmp_io->io_hdr.io_type, 536 tmp_io->io_hdr.msg_type, 537 tmp_io->scsiio.cdb[0], 538 tmp_io->io_hdr.nexus.initid.id, 539 tmp_io->io_hdr.nexus.targ_port, 540 tmp_io->io_hdr.nexus.targ_target.id, 541 tmp_io->io_hdr.nexus.targ_lun, 542 (tmp_io->io_hdr.io_type == 543 CTL_IO_TASK) ? 544 tmp_io->taskio.tag_num : 545 tmp_io->scsiio.tag_num, 546 tmp_io->io_hdr.flags, 547 tmp_io->io_hdr.status); 548 } 549#endif 550 ctsio->io_hdr.msg_type = CTL_MSG_FINISH_IO; 551 ctl_enqueue_isc((union ctl_io *)ctsio); 552} 553 554/* 555 * ISC (Inter Shelf Communication) event handler. Events from the HA 556 * subsystem come in here. 557 */ 558static void 559ctl_isc_event_handler(ctl_ha_channel channel, ctl_ha_event event, int param) 560{ 561 struct ctl_softc *ctl_softc; 562 union ctl_io *io; 563 struct ctl_prio *presio; 564 ctl_ha_status isc_status; 565 566 ctl_softc = control_softc; 567 io = NULL; 568 569 570#if 0 571 printf("CTL: Isc Msg event %d\n", event); 572#endif 573 if (event == CTL_HA_EVT_MSG_RECV) { 574 union ctl_ha_msg msg_info; 575 576 isc_status = ctl_ha_msg_recv(CTL_HA_CHAN_CTL, &msg_info, 577 sizeof(msg_info), /*wait*/ 0); 578#if 0 579 printf("CTL: msg_type %d\n", msg_info.msg_type); 580#endif 581 if (isc_status != 0) { 582 printf("Error receiving message, status = %d\n", 583 isc_status); 584 return; 585 } 586 587 switch (msg_info.hdr.msg_type) { 588 case CTL_MSG_SERIALIZE: 589#if 0 590 printf("Serialize\n"); 591#endif 592 io = ctl_alloc_io((void *)ctl_softc->othersc_pool); 593 if (io == NULL) { 594 printf("ctl_isc_event_handler: can't allocate " 595 "ctl_io!\n"); 596 /* Bad Juju */ 597 /* Need to set busy and send msg back */ 598 msg_info.hdr.msg_type = CTL_MSG_BAD_JUJU; 599 msg_info.hdr.status = CTL_SCSI_ERROR; 600 msg_info.scsi.scsi_status = SCSI_STATUS_BUSY; 601 msg_info.scsi.sense_len = 0; 602 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg_info, 603 sizeof(msg_info), 0) > CTL_HA_STATUS_SUCCESS){ 604 } 605 goto bailout; 606 } 607 ctl_zero_io(io); 608 // populate ctsio from msg_info 609 io->io_hdr.io_type = CTL_IO_SCSI; 610 io->io_hdr.msg_type = CTL_MSG_SERIALIZE; 611 io->io_hdr.original_sc = msg_info.hdr.original_sc; 612#if 0 613 printf("pOrig %x\n", (int)msg_info.original_sc); 614#endif 615 io->io_hdr.flags |= CTL_FLAG_FROM_OTHER_SC | 616 CTL_FLAG_IO_ACTIVE; 617 /* 618 * If we're in serialization-only mode, we don't 619 * want to go through full done processing. Thus 620 * the COPY flag. 621 * 622 * XXX KDM add another flag that is more specific. 623 */ 624 if (ctl_softc->ha_mode == CTL_HA_MODE_SER_ONLY) 625 io->io_hdr.flags |= CTL_FLAG_INT_COPY; 626 io->io_hdr.nexus = msg_info.hdr.nexus; 627#if 0 628 printf("targ %d, port %d, iid %d, lun %d\n", 629 io->io_hdr.nexus.targ_target.id, 630 io->io_hdr.nexus.targ_port, 631 io->io_hdr.nexus.initid.id, 632 io->io_hdr.nexus.targ_lun); 633#endif 634 io->scsiio.tag_num = msg_info.scsi.tag_num; 635 io->scsiio.tag_type = msg_info.scsi.tag_type; 636 memcpy(io->scsiio.cdb, msg_info.scsi.cdb, 637 CTL_MAX_CDBLEN); 638 if (ctl_softc->ha_mode == CTL_HA_MODE_XFER) { 639 const struct ctl_cmd_entry *entry; 640 641 entry = ctl_get_cmd_entry(&io->scsiio); 642 io->io_hdr.flags &= ~CTL_FLAG_DATA_MASK; 643 io->io_hdr.flags |= 644 entry->flags & CTL_FLAG_DATA_MASK; 645 } 646 ctl_enqueue_isc(io); 647 break; 648 649 /* Performed on the Originating SC, XFER mode only */ 650 case CTL_MSG_DATAMOVE: { 651 struct ctl_sg_entry *sgl; 652 int i, j; 653 654 io = msg_info.hdr.original_sc; 655 if (io == NULL) { 656 printf("%s: original_sc == NULL!\n", __func__); 657 /* XXX KDM do something here */ 658 break; 659 } 660 io->io_hdr.msg_type = CTL_MSG_DATAMOVE; 661 io->io_hdr.flags |= CTL_FLAG_IO_ACTIVE; 662 /* 663 * Keep track of this, we need to send it back over 664 * when the datamove is complete. 665 */ 666 io->io_hdr.serializing_sc = msg_info.hdr.serializing_sc; 667 668 if (msg_info.dt.sg_sequence == 0) { 669 /* 670 * XXX KDM we use the preallocated S/G list 671 * here, but we'll need to change this to 672 * dynamic allocation if we need larger S/G 673 * lists. 674 */ 675 if (msg_info.dt.kern_sg_entries > 676 sizeof(io->io_hdr.remote_sglist) / 677 sizeof(io->io_hdr.remote_sglist[0])) { 678 printf("%s: number of S/G entries " 679 "needed %u > allocated num %zd\n", 680 __func__, 681 msg_info.dt.kern_sg_entries, 682 sizeof(io->io_hdr.remote_sglist)/ 683 sizeof(io->io_hdr.remote_sglist[0])); 684 685 /* 686 * XXX KDM send a message back to 687 * the other side to shut down the 688 * DMA. The error will come back 689 * through via the normal channel. 690 */ 691 break; 692 } 693 sgl = io->io_hdr.remote_sglist; 694 memset(sgl, 0, 695 sizeof(io->io_hdr.remote_sglist)); 696 697 io->scsiio.kern_data_ptr = (uint8_t *)sgl; 698 699 io->scsiio.kern_sg_entries = 700 msg_info.dt.kern_sg_entries; 701 io->scsiio.rem_sg_entries = 702 msg_info.dt.kern_sg_entries; 703 io->scsiio.kern_data_len = 704 msg_info.dt.kern_data_len; 705 io->scsiio.kern_total_len = 706 msg_info.dt.kern_total_len; 707 io->scsiio.kern_data_resid = 708 msg_info.dt.kern_data_resid; 709 io->scsiio.kern_rel_offset = 710 msg_info.dt.kern_rel_offset; 711 /* 712 * Clear out per-DMA flags. 713 */ 714 io->io_hdr.flags &= ~CTL_FLAG_RDMA_MASK; 715 /* 716 * Add per-DMA flags that are set for this 717 * particular DMA request. 718 */ 719 io->io_hdr.flags |= msg_info.dt.flags & 720 CTL_FLAG_RDMA_MASK; 721 } else 722 sgl = (struct ctl_sg_entry *) 723 io->scsiio.kern_data_ptr; 724 725 for (i = msg_info.dt.sent_sg_entries, j = 0; 726 i < (msg_info.dt.sent_sg_entries + 727 msg_info.dt.cur_sg_entries); i++, j++) { 728 sgl[i].addr = msg_info.dt.sg_list[j].addr; 729 sgl[i].len = msg_info.dt.sg_list[j].len; 730 731#if 0 732 printf("%s: L: %p,%d -> %p,%d j=%d, i=%d\n", 733 __func__, 734 msg_info.dt.sg_list[j].addr, 735 msg_info.dt.sg_list[j].len, 736 sgl[i].addr, sgl[i].len, j, i); 737#endif 738 } 739#if 0 740 memcpy(&sgl[msg_info.dt.sent_sg_entries], 741 msg_info.dt.sg_list, 742 sizeof(*sgl) * msg_info.dt.cur_sg_entries); 743#endif 744 745 /* 746 * If this is the last piece of the I/O, we've got 747 * the full S/G list. Queue processing in the thread. 748 * Otherwise wait for the next piece. 749 */ 750 if (msg_info.dt.sg_last != 0) 751 ctl_enqueue_isc(io); 752 break; 753 } 754 /* Performed on the Serializing (primary) SC, XFER mode only */ 755 case CTL_MSG_DATAMOVE_DONE: { 756 if (msg_info.hdr.serializing_sc == NULL) { 757 printf("%s: serializing_sc == NULL!\n", 758 __func__); 759 /* XXX KDM now what? */ 760 break; 761 } 762 /* 763 * We grab the sense information here in case 764 * there was a failure, so we can return status 765 * back to the initiator. 766 */ 767 io = msg_info.hdr.serializing_sc; 768 io->io_hdr.msg_type = CTL_MSG_DATAMOVE_DONE; 769 io->io_hdr.status = msg_info.hdr.status; 770 io->scsiio.scsi_status = msg_info.scsi.scsi_status; 771 io->scsiio.sense_len = msg_info.scsi.sense_len; 772 io->scsiio.sense_residual =msg_info.scsi.sense_residual; 773 io->io_hdr.port_status = msg_info.scsi.fetd_status; 774 io->scsiio.residual = msg_info.scsi.residual; 775 memcpy(&io->scsiio.sense_data,&msg_info.scsi.sense_data, 776 sizeof(io->scsiio.sense_data)); 777 ctl_enqueue_isc(io); 778 break; 779 } 780 781 /* Preformed on Originating SC, SER_ONLY mode */ 782 case CTL_MSG_R2R: 783 io = msg_info.hdr.original_sc; 784 if (io == NULL) { 785 printf("%s: Major Bummer\n", __func__); 786 return; 787 } else { 788#if 0 789 printf("pOrig %x\n",(int) ctsio); 790#endif 791 } 792 io->io_hdr.msg_type = CTL_MSG_R2R; 793 io->io_hdr.serializing_sc = msg_info.hdr.serializing_sc; 794 ctl_enqueue_isc(io); 795 break; 796 797 /* 798 * Performed on Serializing(i.e. primary SC) SC in SER_ONLY 799 * mode. 800 * Performed on the Originating (i.e. secondary) SC in XFER 801 * mode 802 */ 803 case CTL_MSG_FINISH_IO: 804 if (ctl_softc->ha_mode == CTL_HA_MODE_XFER) 805 ctl_isc_handler_finish_xfer(ctl_softc, 806 &msg_info); 807 else 808 ctl_isc_handler_finish_ser_only(ctl_softc, 809 &msg_info); 810 break; 811 812 /* Preformed on Originating SC */ 813 case CTL_MSG_BAD_JUJU: 814 io = msg_info.hdr.original_sc; 815 if (io == NULL) { 816 printf("%s: Bad JUJU!, original_sc is NULL!\n", 817 __func__); 818 break; 819 } 820 ctl_copy_sense_data(&msg_info, io); 821 /* 822 * IO should have already been cleaned up on other 823 * SC so clear this flag so we won't send a message 824 * back to finish the IO there. 825 */ 826 io->io_hdr.flags &= ~CTL_FLAG_SENT_2OTHER_SC; 827 io->io_hdr.flags |= CTL_FLAG_IO_ACTIVE; 828 829 /* io = msg_info.hdr.serializing_sc; */ 830 io->io_hdr.msg_type = CTL_MSG_BAD_JUJU; 831 ctl_enqueue_isc(io); 832 break; 833 834 /* Handle resets sent from the other side */ 835 case CTL_MSG_MANAGE_TASKS: { 836 struct ctl_taskio *taskio; 837 taskio = (struct ctl_taskio *)ctl_alloc_io( 838 (void *)ctl_softc->othersc_pool); 839 if (taskio == NULL) { 840 printf("ctl_isc_event_handler: can't allocate " 841 "ctl_io!\n"); 842 /* Bad Juju */ 843 /* should I just call the proper reset func 844 here??? */ 845 goto bailout; 846 } 847 ctl_zero_io((union ctl_io *)taskio); 848 taskio->io_hdr.io_type = CTL_IO_TASK; 849 taskio->io_hdr.flags |= CTL_FLAG_FROM_OTHER_SC; 850 taskio->io_hdr.nexus = msg_info.hdr.nexus; 851 taskio->task_action = msg_info.task.task_action; 852 taskio->tag_num = msg_info.task.tag_num; 853 taskio->tag_type = msg_info.task.tag_type; 854#ifdef CTL_TIME_IO 855 taskio->io_hdr.start_time = time_uptime; 856 getbintime(&taskio->io_hdr.start_bt); 857#if 0 858 cs_prof_gettime(&taskio->io_hdr.start_ticks); 859#endif 860#endif /* CTL_TIME_IO */ 861 ctl_run_task((union ctl_io *)taskio); 862 break; 863 } 864 /* Persistent Reserve action which needs attention */ 865 case CTL_MSG_PERS_ACTION: 866 presio = (struct ctl_prio *)ctl_alloc_io( 867 (void *)ctl_softc->othersc_pool); 868 if (presio == NULL) { 869 printf("ctl_isc_event_handler: can't allocate " 870 "ctl_io!\n"); 871 /* Bad Juju */ 872 /* Need to set busy and send msg back */ 873 goto bailout; 874 } 875 ctl_zero_io((union ctl_io *)presio); 876 presio->io_hdr.msg_type = CTL_MSG_PERS_ACTION; 877 presio->pr_msg = msg_info.pr; 878 ctl_enqueue_isc((union ctl_io *)presio); 879 break; 880 case CTL_MSG_SYNC_FE: 881 rcv_sync_msg = 1; 882 break; 883 case CTL_MSG_APS_LOCK: { 884 // It's quicker to execute this then to 885 // queue it. 886 struct ctl_lun *lun; 887 struct ctl_page_index *page_index; 888 struct copan_aps_subpage *current_sp; 889 uint32_t targ_lun; 890 891 targ_lun = msg_info.hdr.nexus.targ_mapped_lun; 892 lun = ctl_softc->ctl_luns[targ_lun]; 893 mtx_lock(&lun->lun_lock); 894 page_index = &lun->mode_pages.index[index_to_aps_page]; 895 current_sp = (struct copan_aps_subpage *) 896 (page_index->page_data + 897 (page_index->page_len * CTL_PAGE_CURRENT)); 898 899 current_sp->lock_active = msg_info.aps.lock_flag; 900 mtx_unlock(&lun->lun_lock); 901 break; 902 } 903 default: 904 printf("How did I get here?\n"); 905 } 906 } else if (event == CTL_HA_EVT_MSG_SENT) { 907 if (param != CTL_HA_STATUS_SUCCESS) { 908 printf("Bad status from ctl_ha_msg_send status %d\n", 909 param); 910 } 911 return; 912 } else if (event == CTL_HA_EVT_DISCONNECT) { 913 printf("CTL: Got a disconnect from Isc\n"); 914 return; 915 } else { 916 printf("ctl_isc_event_handler: Unknown event %d\n", event); 917 return; 918 } 919 920bailout: 921 return; 922} 923 924static void 925ctl_copy_sense_data(union ctl_ha_msg *src, union ctl_io *dest) 926{ 927 struct scsi_sense_data *sense; 928 929 sense = &dest->scsiio.sense_data; 930 bcopy(&src->scsi.sense_data, sense, sizeof(*sense)); 931 dest->scsiio.scsi_status = src->scsi.scsi_status; 932 dest->scsiio.sense_len = src->scsi.sense_len; 933 dest->io_hdr.status = src->hdr.status; 934} 935 936static int 937ctl_init(void) 938{ 939 struct ctl_softc *softc; 940 struct ctl_io_pool *internal_pool, *emergency_pool, *other_pool; 941 struct ctl_port *port; 942 uint8_t sc_id =0; 943 int i, error, retval; 944 //int isc_retval; 945 946 retval = 0; 947 ctl_pause_rtr = 0; 948 rcv_sync_msg = 0; 949 950 control_softc = malloc(sizeof(*control_softc), M_DEVBUF, 951 M_WAITOK | M_ZERO); 952 softc = control_softc; 953 954 softc->dev = make_dev(&ctl_cdevsw, 0, UID_ROOT, GID_OPERATOR, 0600, 955 "cam/ctl"); 956 957 softc->dev->si_drv1 = softc; 958 959 /* 960 * By default, return a "bad LUN" peripheral qualifier for unknown 961 * LUNs. The user can override this default using the tunable or 962 * sysctl. See the comment in ctl_inquiry_std() for more details. 963 */ 964 softc->inquiry_pq_no_lun = 1; 965 TUNABLE_INT_FETCH("kern.cam.ctl.inquiry_pq_no_lun", 966 &softc->inquiry_pq_no_lun); 967 sysctl_ctx_init(&softc->sysctl_ctx); 968 softc->sysctl_tree = SYSCTL_ADD_NODE(&softc->sysctl_ctx, 969 SYSCTL_STATIC_CHILDREN(_kern_cam), OID_AUTO, "ctl", 970 CTLFLAG_RD, 0, "CAM Target Layer"); 971 972 if (softc->sysctl_tree == NULL) { 973 printf("%s: unable to allocate sysctl tree\n", __func__); 974 destroy_dev(softc->dev); 975 free(control_softc, M_DEVBUF); 976 control_softc = NULL; 977 return (ENOMEM); 978 } 979 980 SYSCTL_ADD_INT(&softc->sysctl_ctx, 981 SYSCTL_CHILDREN(softc->sysctl_tree), OID_AUTO, 982 "inquiry_pq_no_lun", CTLFLAG_RW, 983 &softc->inquiry_pq_no_lun, 0, 984 "Report no lun possible for invalid LUNs"); 985 986 mtx_init(&softc->ctl_lock, "CTL mutex", NULL, MTX_DEF); 987 mtx_init(&softc->pool_lock, "CTL pool mutex", NULL, MTX_DEF); 988 softc->open_count = 0; 989 990 /* 991 * Default to actually sending a SYNCHRONIZE CACHE command down to 992 * the drive. 993 */ 994 softc->flags = CTL_FLAG_REAL_SYNC; 995 996 /* 997 * In Copan's HA scheme, the "master" and "slave" roles are 998 * figured out through the slot the controller is in. Although it 999 * is an active/active system, someone has to be in charge. 1000 */ 1001#ifdef NEEDTOPORT 1002 scmicro_rw(SCMICRO_GET_SHELF_ID, &sc_id); 1003#endif 1004 1005 if (sc_id == 0) { 1006 softc->flags |= CTL_FLAG_MASTER_SHELF; 1007 persis_offset = 0; 1008 } else 1009 persis_offset = CTL_MAX_INITIATORS; 1010 1011 /* 1012 * XXX KDM need to figure out where we want to get our target ID 1013 * and WWID. Is it different on each port? 1014 */ 1015 softc->target.id = 0; 1016 softc->target.wwid[0] = 0x12345678; 1017 softc->target.wwid[1] = 0x87654321; 1018 STAILQ_INIT(&softc->lun_list); 1019 STAILQ_INIT(&softc->pending_lun_queue); 1020 STAILQ_INIT(&softc->fe_list); 1021 STAILQ_INIT(&softc->port_list); 1022 STAILQ_INIT(&softc->be_list); 1023 STAILQ_INIT(&softc->io_pools); 1024 1025 if (ctl_pool_create(softc, CTL_POOL_INTERNAL, CTL_POOL_ENTRIES_INTERNAL, 1026 &internal_pool)!= 0){ 1027 printf("ctl: can't allocate %d entry internal pool, " 1028 "exiting\n", CTL_POOL_ENTRIES_INTERNAL); 1029 return (ENOMEM); 1030 } 1031 1032 if (ctl_pool_create(softc, CTL_POOL_EMERGENCY, 1033 CTL_POOL_ENTRIES_EMERGENCY, &emergency_pool) != 0) { 1034 printf("ctl: can't allocate %d entry emergency pool, " 1035 "exiting\n", CTL_POOL_ENTRIES_EMERGENCY); 1036 ctl_pool_free(internal_pool); 1037 return (ENOMEM); 1038 } 1039 1040 if (ctl_pool_create(softc, CTL_POOL_4OTHERSC, CTL_POOL_ENTRIES_OTHER_SC, 1041 &other_pool) != 0) 1042 { 1043 printf("ctl: can't allocate %d entry other SC pool, " 1044 "exiting\n", CTL_POOL_ENTRIES_OTHER_SC); 1045 ctl_pool_free(internal_pool); 1046 ctl_pool_free(emergency_pool); 1047 return (ENOMEM); 1048 } 1049 1050 softc->internal_pool = internal_pool; 1051 softc->emergency_pool = emergency_pool; 1052 softc->othersc_pool = other_pool; 1053 1054 if (worker_threads <= 0) 1055 worker_threads = max(1, mp_ncpus / 4); 1056 if (worker_threads > CTL_MAX_THREADS) 1057 worker_threads = CTL_MAX_THREADS; 1058 1059 for (i = 0; i < worker_threads; i++) { 1060 struct ctl_thread *thr = &softc->threads[i]; 1061 1062 mtx_init(&thr->queue_lock, "CTL queue mutex", NULL, MTX_DEF); 1063 thr->ctl_softc = softc; 1064 STAILQ_INIT(&thr->incoming_queue); 1065 STAILQ_INIT(&thr->rtr_queue); 1066 STAILQ_INIT(&thr->done_queue); 1067 STAILQ_INIT(&thr->isc_queue); 1068 1069 error = kproc_kthread_add(ctl_work_thread, thr, 1070 &softc->ctl_proc, &thr->thread, 0, 0, "ctl", "work%d", i); 1071 if (error != 0) { 1072 printf("error creating CTL work thread!\n"); 1073 ctl_pool_free(internal_pool); 1074 ctl_pool_free(emergency_pool); 1075 ctl_pool_free(other_pool); 1076 return (error); 1077 } 1078 } 1079 error = kproc_kthread_add(ctl_lun_thread, softc, 1080 &softc->ctl_proc, NULL, 0, 0, "ctl", "lun"); 1081 if (error != 0) { 1082 printf("error creating CTL lun thread!\n"); 1083 ctl_pool_free(internal_pool); 1084 ctl_pool_free(emergency_pool); 1085 ctl_pool_free(other_pool); 1086 return (error); 1087 } 1088 if (bootverbose) 1089 printf("ctl: CAM Target Layer loaded\n"); 1090 1091 /* 1092 * Initialize the ioctl front end. 1093 */ 1094 ctl_frontend_register(&ioctl_frontend); 1095 port = &softc->ioctl_info.port; 1096 port->frontend = &ioctl_frontend; 1097 sprintf(softc->ioctl_info.port_name, "ioctl"); 1098 port->port_type = CTL_PORT_IOCTL; 1099 port->num_requested_ctl_io = 100; 1100 port->port_name = softc->ioctl_info.port_name; 1101 port->port_online = ctl_ioctl_online; 1102 port->port_offline = ctl_ioctl_offline; 1103 port->onoff_arg = &softc->ioctl_info; 1104 port->lun_enable = ctl_ioctl_lun_enable; 1105 port->lun_disable = ctl_ioctl_lun_disable; 1106 port->targ_lun_arg = &softc->ioctl_info; 1107 port->fe_datamove = ctl_ioctl_datamove; 1108 port->fe_done = ctl_ioctl_done; 1109 port->max_targets = 15; 1110 port->max_target_id = 15; 1111 1112 if (ctl_port_register(&softc->ioctl_info.port, 1113 (softc->flags & CTL_FLAG_MASTER_SHELF)) != 0) { 1114 printf("ctl: ioctl front end registration failed, will " 1115 "continue anyway\n"); 1116 } 1117 1118#ifdef CTL_IO_DELAY 1119 if (sizeof(struct callout) > CTL_TIMER_BYTES) { 1120 printf("sizeof(struct callout) %zd > CTL_TIMER_BYTES %zd\n", 1121 sizeof(struct callout), CTL_TIMER_BYTES); 1122 return (EINVAL); 1123 } 1124#endif /* CTL_IO_DELAY */ 1125 1126 return (0); 1127} 1128 1129void 1130ctl_shutdown(void) 1131{ 1132 struct ctl_softc *softc; 1133 struct ctl_lun *lun, *next_lun; 1134 struct ctl_io_pool *pool; 1135 1136 softc = (struct ctl_softc *)control_softc; 1137 1138 if (ctl_port_deregister(&softc->ioctl_info.port) != 0) 1139 printf("ctl: ioctl front end deregistration failed\n"); 1140 1141 mtx_lock(&softc->ctl_lock); 1142 1143 /* 1144 * Free up each LUN. 1145 */ 1146 for (lun = STAILQ_FIRST(&softc->lun_list); lun != NULL; lun = next_lun){ 1147 next_lun = STAILQ_NEXT(lun, links); 1148 ctl_free_lun(lun); 1149 } 1150 1151 mtx_unlock(&softc->ctl_lock); 1152 1153 ctl_frontend_deregister(&ioctl_frontend); 1154 1155 /* 1156 * This will rip the rug out from under any FETDs or anyone else 1157 * that has a pool allocated. Since we increment our module 1158 * refcount any time someone outside the main CTL module allocates 1159 * a pool, we shouldn't have any problems here. The user won't be 1160 * able to unload the CTL module until client modules have 1161 * successfully unloaded. 1162 */ 1163 while ((pool = STAILQ_FIRST(&softc->io_pools)) != NULL) 1164 ctl_pool_free(pool); 1165 1166#if 0 1167 ctl_shutdown_thread(softc->work_thread); 1168 mtx_destroy(&softc->queue_lock); 1169#endif 1170 1171 mtx_destroy(&softc->pool_lock); 1172 mtx_destroy(&softc->ctl_lock); 1173 1174 destroy_dev(softc->dev); 1175 1176 sysctl_ctx_free(&softc->sysctl_ctx); 1177 1178 free(control_softc, M_DEVBUF); 1179 control_softc = NULL; 1180 1181 if (bootverbose) 1182 printf("ctl: CAM Target Layer unloaded\n"); 1183} 1184 1185static int 1186ctl_module_event_handler(module_t mod, int what, void *arg) 1187{ 1188 1189 switch (what) { 1190 case MOD_LOAD: 1191 return (ctl_init()); 1192 case MOD_UNLOAD: 1193 return (EBUSY); 1194 default: 1195 return (EOPNOTSUPP); 1196 } 1197} 1198 1199/* 1200 * XXX KDM should we do some access checks here? Bump a reference count to 1201 * prevent a CTL module from being unloaded while someone has it open? 1202 */ 1203static int 1204ctl_open(struct cdev *dev, int flags, int fmt, struct thread *td) 1205{ 1206 return (0); 1207} 1208 1209static int 1210ctl_close(struct cdev *dev, int flags, int fmt, struct thread *td) 1211{ 1212 return (0); 1213} 1214 1215int 1216ctl_port_enable(ctl_port_type port_type) 1217{ 1218 struct ctl_softc *softc; 1219 struct ctl_port *port; 1220 1221 if (ctl_is_single == 0) { 1222 union ctl_ha_msg msg_info; 1223 int isc_retval; 1224 1225#if 0 1226 printf("%s: HA mode, synchronizing frontend enable\n", 1227 __func__); 1228#endif 1229 msg_info.hdr.msg_type = CTL_MSG_SYNC_FE; 1230 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg_info, 1231 sizeof(msg_info), 1 )) > CTL_HA_STATUS_SUCCESS) { 1232 printf("Sync msg send error retval %d\n", isc_retval); 1233 } 1234 if (!rcv_sync_msg) { 1235 isc_retval=ctl_ha_msg_recv(CTL_HA_CHAN_CTL, &msg_info, 1236 sizeof(msg_info), 1); 1237 } 1238#if 0 1239 printf("CTL:Frontend Enable\n"); 1240 } else { 1241 printf("%s: single mode, skipping frontend synchronization\n", 1242 __func__); 1243#endif 1244 } 1245 1246 softc = control_softc; 1247 1248 STAILQ_FOREACH(port, &softc->port_list, links) { 1249 if (port_type & port->port_type) 1250 { 1251#if 0 1252 printf("port %d\n", port->targ_port); 1253#endif 1254 ctl_port_online(port); 1255 } 1256 } 1257 1258 return (0); 1259} 1260 1261int 1262ctl_port_disable(ctl_port_type port_type) 1263{ 1264 struct ctl_softc *softc; 1265 struct ctl_port *port; 1266 1267 softc = control_softc; 1268 1269 STAILQ_FOREACH(port, &softc->port_list, links) { 1270 if (port_type & port->port_type) 1271 ctl_port_offline(port); 1272 } 1273 1274 return (0); 1275} 1276 1277/* 1278 * Returns 0 for success, 1 for failure. 1279 * Currently the only failure mode is if there aren't enough entries 1280 * allocated. So, in case of a failure, look at num_entries_dropped, 1281 * reallocate and try again. 1282 */ 1283int 1284ctl_port_list(struct ctl_port_entry *entries, int num_entries_alloced, 1285 int *num_entries_filled, int *num_entries_dropped, 1286 ctl_port_type port_type, int no_virtual) 1287{ 1288 struct ctl_softc *softc; 1289 struct ctl_port *port; 1290 int entries_dropped, entries_filled; 1291 int retval; 1292 int i; 1293 1294 softc = control_softc; 1295 1296 retval = 0; 1297 entries_filled = 0; 1298 entries_dropped = 0; 1299 1300 i = 0; 1301 mtx_lock(&softc->ctl_lock); 1302 STAILQ_FOREACH(port, &softc->port_list, links) { 1303 struct ctl_port_entry *entry; 1304 1305 if ((port->port_type & port_type) == 0) 1306 continue; 1307 1308 if ((no_virtual != 0) 1309 && (port->virtual_port != 0)) 1310 continue; 1311 1312 if (entries_filled >= num_entries_alloced) { 1313 entries_dropped++; 1314 continue; 1315 } 1316 entry = &entries[i]; 1317 1318 entry->port_type = port->port_type; 1319 strlcpy(entry->port_name, port->port_name, 1320 sizeof(entry->port_name)); 1321 entry->physical_port = port->physical_port; 1322 entry->virtual_port = port->virtual_port; 1323 entry->wwnn = port->wwnn; 1324 entry->wwpn = port->wwpn; 1325 1326 i++; 1327 entries_filled++; 1328 } 1329 1330 mtx_unlock(&softc->ctl_lock); 1331 1332 if (entries_dropped > 0) 1333 retval = 1; 1334 1335 *num_entries_dropped = entries_dropped; 1336 *num_entries_filled = entries_filled; 1337 1338 return (retval); 1339} 1340 1341static void 1342ctl_ioctl_online(void *arg) 1343{ 1344 struct ctl_ioctl_info *ioctl_info; 1345 1346 ioctl_info = (struct ctl_ioctl_info *)arg; 1347 1348 ioctl_info->flags |= CTL_IOCTL_FLAG_ENABLED; 1349} 1350 1351static void 1352ctl_ioctl_offline(void *arg) 1353{ 1354 struct ctl_ioctl_info *ioctl_info; 1355 1356 ioctl_info = (struct ctl_ioctl_info *)arg; 1357 1358 ioctl_info->flags &= ~CTL_IOCTL_FLAG_ENABLED; 1359} 1360 1361/* 1362 * Remove an initiator by port number and initiator ID. 1363 * Returns 0 for success, -1 for failure. 1364 */ 1365int 1366ctl_remove_initiator(struct ctl_port *port, int iid) 1367{ 1368 struct ctl_softc *softc = control_softc; 1369 1370 mtx_assert(&softc->ctl_lock, MA_NOTOWNED); 1371 1372 if (iid > CTL_MAX_INIT_PER_PORT) { 1373 printf("%s: initiator ID %u > maximun %u!\n", 1374 __func__, iid, CTL_MAX_INIT_PER_PORT); 1375 return (-1); 1376 } 1377 1378 mtx_lock(&softc->ctl_lock); 1379 port->wwpn_iid[iid].in_use--; 1380 port->wwpn_iid[iid].last_use = time_uptime; 1381 mtx_unlock(&softc->ctl_lock); 1382 1383 return (0); 1384} 1385 1386/* 1387 * Add an initiator to the initiator map. 1388 * Returns iid for success, < 0 for failure. 1389 */ 1390int 1391ctl_add_initiator(struct ctl_port *port, int iid, uint64_t wwpn, char *name) 1392{ 1393 struct ctl_softc *softc = control_softc; 1394 time_t best_time; 1395 int i, best; 1396 1397 mtx_assert(&softc->ctl_lock, MA_NOTOWNED); 1398 1399 if (iid >= CTL_MAX_INIT_PER_PORT) { 1400 printf("%s: WWPN %#jx initiator ID %u > maximum %u!\n", 1401 __func__, wwpn, iid, CTL_MAX_INIT_PER_PORT); 1402 free(name, M_CTL); 1403 return (-1); 1404 } 1405 1406 mtx_lock(&softc->ctl_lock); 1407 1408 if (iid < 0 && (wwpn != 0 || name != NULL)) { 1409 for (i = 0; i < CTL_MAX_INIT_PER_PORT; i++) { 1410 if (wwpn != 0 && wwpn == port->wwpn_iid[i].wwpn) { 1411 iid = i; 1412 break; 1413 } 1414 if (name != NULL && port->wwpn_iid[i].name != NULL && 1415 strcmp(name, port->wwpn_iid[i].name) == 0) { 1416 iid = i; 1417 break; 1418 } 1419 } 1420 } 1421 1422 if (iid < 0) { 1423 for (i = 0; i < CTL_MAX_INIT_PER_PORT; i++) { 1424 if (port->wwpn_iid[i].in_use == 0 && 1425 port->wwpn_iid[i].wwpn == 0 && 1426 port->wwpn_iid[i].name == NULL) { 1427 iid = i; 1428 break; 1429 } 1430 } 1431 } 1432 1433 if (iid < 0) { 1434 best = -1; 1435 best_time = INT32_MAX; 1436 for (i = 0; i < CTL_MAX_INIT_PER_PORT; i++) { 1437 if (port->wwpn_iid[i].in_use == 0) { 1438 if (port->wwpn_iid[i].last_use < best_time) { 1439 best = i; 1440 best_time = port->wwpn_iid[i].last_use; 1441 } 1442 } 1443 } 1444 iid = best; 1445 } 1446 1447 if (iid < 0) { 1448 mtx_unlock(&softc->ctl_lock); 1449 free(name, M_CTL); 1450 return (-2); 1451 } 1452 1453 if (port->wwpn_iid[iid].in_use > 0 && (wwpn != 0 || name != NULL)) { 1454 /* 1455 * This is not an error yet. 1456 */ 1457 if (wwpn != 0 && wwpn == port->wwpn_iid[iid].wwpn) { 1458#if 0 1459 printf("%s: port %d iid %u WWPN %#jx arrived" 1460 " again\n", __func__, port->targ_port, 1461 iid, (uintmax_t)wwpn); 1462#endif 1463 goto take; 1464 } 1465 if (name != NULL && port->wwpn_iid[iid].name != NULL && 1466 strcmp(name, port->wwpn_iid[iid].name) == 0) { 1467#if 0 1468 printf("%s: port %d iid %u name '%s' arrived" 1469 " again\n", __func__, port->targ_port, 1470 iid, name); 1471#endif 1472 goto take; 1473 } 1474 1475 /* 1476 * This is an error, but what do we do about it? The 1477 * driver is telling us we have a new WWPN for this 1478 * initiator ID, so we pretty much need to use it. 1479 */ 1480 printf("%s: port %d iid %u WWPN %#jx '%s' arrived," 1481 " but WWPN %#jx '%s' is still at that address\n", 1482 __func__, port->targ_port, iid, wwpn, name, 1483 (uintmax_t)port->wwpn_iid[iid].wwpn, 1484 port->wwpn_iid[iid].name); 1485 1486 /* 1487 * XXX KDM clear have_ca and ua_pending on each LUN for 1488 * this initiator. 1489 */ 1490 } 1491take: 1492 free(port->wwpn_iid[iid].name, M_CTL); 1493 port->wwpn_iid[iid].name = name; 1494 port->wwpn_iid[iid].wwpn = wwpn; 1495 port->wwpn_iid[iid].in_use++; 1496 mtx_unlock(&softc->ctl_lock); 1497 1498 return (iid); 1499} 1500 1501static int 1502ctl_ioctl_lun_enable(void *arg, struct ctl_id targ_id, int lun_id) 1503{ 1504 return (0); 1505} 1506 1507static int 1508ctl_ioctl_lun_disable(void *arg, struct ctl_id targ_id, int lun_id) 1509{ 1510 return (0); 1511} 1512 1513/* 1514 * Data movement routine for the CTL ioctl frontend port. 1515 */ 1516static int 1517ctl_ioctl_do_datamove(struct ctl_scsiio *ctsio) 1518{ 1519 struct ctl_sg_entry *ext_sglist, *kern_sglist; 1520 struct ctl_sg_entry ext_entry, kern_entry; 1521 int ext_sglen, ext_sg_entries, kern_sg_entries; 1522 int ext_sg_start, ext_offset; 1523 int len_to_copy, len_copied; 1524 int kern_watermark, ext_watermark; 1525 int ext_sglist_malloced; 1526 int i, j; 1527 1528 ext_sglist_malloced = 0; 1529 ext_sg_start = 0; 1530 ext_offset = 0; 1531 1532 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove\n")); 1533 1534 /* 1535 * If this flag is set, fake the data transfer. 1536 */ 1537 if (ctsio->io_hdr.flags & CTL_FLAG_NO_DATAMOVE) { 1538 ctsio->ext_data_filled = ctsio->ext_data_len; 1539 goto bailout; 1540 } 1541 1542 /* 1543 * To simplify things here, if we have a single buffer, stick it in 1544 * a S/G entry and just make it a single entry S/G list. 1545 */ 1546 if (ctsio->io_hdr.flags & CTL_FLAG_EDPTR_SGLIST) { 1547 int len_seen; 1548 1549 ext_sglen = ctsio->ext_sg_entries * sizeof(*ext_sglist); 1550 1551 ext_sglist = (struct ctl_sg_entry *)malloc(ext_sglen, M_CTL, 1552 M_WAITOK); 1553 ext_sglist_malloced = 1; 1554 if (copyin(ctsio->ext_data_ptr, ext_sglist, 1555 ext_sglen) != 0) { 1556 ctl_set_internal_failure(ctsio, 1557 /*sks_valid*/ 0, 1558 /*retry_count*/ 0); 1559 goto bailout; 1560 } 1561 ext_sg_entries = ctsio->ext_sg_entries; 1562 len_seen = 0; 1563 for (i = 0; i < ext_sg_entries; i++) { 1564 if ((len_seen + ext_sglist[i].len) >= 1565 ctsio->ext_data_filled) { 1566 ext_sg_start = i; 1567 ext_offset = ctsio->ext_data_filled - len_seen; 1568 break; 1569 } 1570 len_seen += ext_sglist[i].len; 1571 } 1572 } else { 1573 ext_sglist = &ext_entry; 1574 ext_sglist->addr = ctsio->ext_data_ptr; 1575 ext_sglist->len = ctsio->ext_data_len; 1576 ext_sg_entries = 1; 1577 ext_sg_start = 0; 1578 ext_offset = ctsio->ext_data_filled; 1579 } 1580 1581 if (ctsio->kern_sg_entries > 0) { 1582 kern_sglist = (struct ctl_sg_entry *)ctsio->kern_data_ptr; 1583 kern_sg_entries = ctsio->kern_sg_entries; 1584 } else { 1585 kern_sglist = &kern_entry; 1586 kern_sglist->addr = ctsio->kern_data_ptr; 1587 kern_sglist->len = ctsio->kern_data_len; 1588 kern_sg_entries = 1; 1589 } 1590 1591 1592 kern_watermark = 0; 1593 ext_watermark = ext_offset; 1594 len_copied = 0; 1595 for (i = ext_sg_start, j = 0; 1596 i < ext_sg_entries && j < kern_sg_entries;) { 1597 uint8_t *ext_ptr, *kern_ptr; 1598 1599 len_to_copy = ctl_min(ext_sglist[i].len - ext_watermark, 1600 kern_sglist[j].len - kern_watermark); 1601 1602 ext_ptr = (uint8_t *)ext_sglist[i].addr; 1603 ext_ptr = ext_ptr + ext_watermark; 1604 if (ctsio->io_hdr.flags & CTL_FLAG_BUS_ADDR) { 1605 /* 1606 * XXX KDM fix this! 1607 */ 1608 panic("need to implement bus address support"); 1609#if 0 1610 kern_ptr = bus_to_virt(kern_sglist[j].addr); 1611#endif 1612 } else 1613 kern_ptr = (uint8_t *)kern_sglist[j].addr; 1614 kern_ptr = kern_ptr + kern_watermark; 1615 1616 kern_watermark += len_to_copy; 1617 ext_watermark += len_to_copy; 1618 1619 if ((ctsio->io_hdr.flags & CTL_FLAG_DATA_MASK) == 1620 CTL_FLAG_DATA_IN) { 1621 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: copying %d " 1622 "bytes to user\n", len_to_copy)); 1623 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: from %p " 1624 "to %p\n", kern_ptr, ext_ptr)); 1625 if (copyout(kern_ptr, ext_ptr, len_to_copy) != 0) { 1626 ctl_set_internal_failure(ctsio, 1627 /*sks_valid*/ 0, 1628 /*retry_count*/ 0); 1629 goto bailout; 1630 } 1631 } else { 1632 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: copying %d " 1633 "bytes from user\n", len_to_copy)); 1634 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: from %p " 1635 "to %p\n", ext_ptr, kern_ptr)); 1636 if (copyin(ext_ptr, kern_ptr, len_to_copy)!= 0){ 1637 ctl_set_internal_failure(ctsio, 1638 /*sks_valid*/ 0, 1639 /*retry_count*/0); 1640 goto bailout; 1641 } 1642 } 1643 1644 len_copied += len_to_copy; 1645 1646 if (ext_sglist[i].len == ext_watermark) { 1647 i++; 1648 ext_watermark = 0; 1649 } 1650 1651 if (kern_sglist[j].len == kern_watermark) { 1652 j++; 1653 kern_watermark = 0; 1654 } 1655 } 1656 1657 ctsio->ext_data_filled += len_copied; 1658 1659 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: ext_sg_entries: %d, " 1660 "kern_sg_entries: %d\n", ext_sg_entries, 1661 kern_sg_entries)); 1662 CTL_DEBUG_PRINT(("ctl_ioctl_do_datamove: ext_data_len = %d, " 1663 "kern_data_len = %d\n", ctsio->ext_data_len, 1664 ctsio->kern_data_len)); 1665 1666 1667 /* XXX KDM set residual?? */ 1668bailout: 1669 1670 if (ext_sglist_malloced != 0) 1671 free(ext_sglist, M_CTL); 1672 1673 return (CTL_RETVAL_COMPLETE); 1674} 1675 1676/* 1677 * Serialize a command that went down the "wrong" side, and so was sent to 1678 * this controller for execution. The logic is a little different than the 1679 * standard case in ctl_scsiio_precheck(). Errors in this case need to get 1680 * sent back to the other side, but in the success case, we execute the 1681 * command on this side (XFER mode) or tell the other side to execute it 1682 * (SER_ONLY mode). 1683 */ 1684static int 1685ctl_serialize_other_sc_cmd(struct ctl_scsiio *ctsio) 1686{ 1687 struct ctl_softc *ctl_softc; 1688 union ctl_ha_msg msg_info; 1689 struct ctl_lun *lun; 1690 int retval = 0; 1691 uint32_t targ_lun; 1692 1693 ctl_softc = control_softc; 1694 1695 targ_lun = ctsio->io_hdr.nexus.targ_mapped_lun; 1696 lun = ctl_softc->ctl_luns[targ_lun]; 1697 if (lun==NULL) 1698 { 1699 /* 1700 * Why isn't LUN defined? The other side wouldn't 1701 * send a cmd if the LUN is undefined. 1702 */ 1703 printf("%s: Bad JUJU!, LUN is NULL!\n", __func__); 1704 1705 /* "Logical unit not supported" */ 1706 ctl_set_sense_data(&msg_info.scsi.sense_data, 1707 lun, 1708 /*sense_format*/SSD_TYPE_NONE, 1709 /*current_error*/ 1, 1710 /*sense_key*/ SSD_KEY_ILLEGAL_REQUEST, 1711 /*asc*/ 0x25, 1712 /*ascq*/ 0x00, 1713 SSD_ELEM_NONE); 1714 1715 msg_info.scsi.sense_len = SSD_FULL_SIZE; 1716 msg_info.scsi.scsi_status = SCSI_STATUS_CHECK_COND; 1717 msg_info.hdr.status = CTL_SCSI_ERROR | CTL_AUTOSENSE; 1718 msg_info.hdr.original_sc = ctsio->io_hdr.original_sc; 1719 msg_info.hdr.serializing_sc = NULL; 1720 msg_info.hdr.msg_type = CTL_MSG_BAD_JUJU; 1721 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg_info, 1722 sizeof(msg_info), 0 ) > CTL_HA_STATUS_SUCCESS) { 1723 } 1724 return(1); 1725 1726 } 1727 1728 mtx_lock(&lun->lun_lock); 1729 TAILQ_INSERT_TAIL(&lun->ooa_queue, &ctsio->io_hdr, ooa_links); 1730 1731 switch (ctl_check_ooa(lun, (union ctl_io *)ctsio, 1732 (union ctl_io *)TAILQ_PREV(&ctsio->io_hdr, ctl_ooaq, 1733 ooa_links))) { 1734 case CTL_ACTION_BLOCK: 1735 ctsio->io_hdr.flags |= CTL_FLAG_BLOCKED; 1736 TAILQ_INSERT_TAIL(&lun->blocked_queue, &ctsio->io_hdr, 1737 blocked_links); 1738 break; 1739 case CTL_ACTION_PASS: 1740 case CTL_ACTION_SKIP: 1741 if (ctl_softc->ha_mode == CTL_HA_MODE_XFER) { 1742 ctsio->io_hdr.flags |= CTL_FLAG_IS_WAS_ON_RTR; 1743 ctl_enqueue_rtr((union ctl_io *)ctsio); 1744 } else { 1745 1746 /* send msg back to other side */ 1747 msg_info.hdr.original_sc = ctsio->io_hdr.original_sc; 1748 msg_info.hdr.serializing_sc = (union ctl_io *)ctsio; 1749 msg_info.hdr.msg_type = CTL_MSG_R2R; 1750#if 0 1751 printf("2. pOrig %x\n", (int)msg_info.hdr.original_sc); 1752#endif 1753 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg_info, 1754 sizeof(msg_info), 0 ) > CTL_HA_STATUS_SUCCESS) { 1755 } 1756 } 1757 break; 1758 case CTL_ACTION_OVERLAP: 1759 /* OVERLAPPED COMMANDS ATTEMPTED */ 1760 ctl_set_sense_data(&msg_info.scsi.sense_data, 1761 lun, 1762 /*sense_format*/SSD_TYPE_NONE, 1763 /*current_error*/ 1, 1764 /*sense_key*/ SSD_KEY_ILLEGAL_REQUEST, 1765 /*asc*/ 0x4E, 1766 /*ascq*/ 0x00, 1767 SSD_ELEM_NONE); 1768 1769 msg_info.scsi.sense_len = SSD_FULL_SIZE; 1770 msg_info.scsi.scsi_status = SCSI_STATUS_CHECK_COND; 1771 msg_info.hdr.status = CTL_SCSI_ERROR | CTL_AUTOSENSE; 1772 msg_info.hdr.original_sc = ctsio->io_hdr.original_sc; 1773 msg_info.hdr.serializing_sc = NULL; 1774 msg_info.hdr.msg_type = CTL_MSG_BAD_JUJU; 1775#if 0 1776 printf("BAD JUJU:Major Bummer Overlap\n"); 1777#endif 1778 TAILQ_REMOVE(&lun->ooa_queue, &ctsio->io_hdr, ooa_links); 1779 retval = 1; 1780 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg_info, 1781 sizeof(msg_info), 0 ) > CTL_HA_STATUS_SUCCESS) { 1782 } 1783 break; 1784 case CTL_ACTION_OVERLAP_TAG: 1785 /* TAGGED OVERLAPPED COMMANDS (NN = QUEUE TAG) */ 1786 ctl_set_sense_data(&msg_info.scsi.sense_data, 1787 lun, 1788 /*sense_format*/SSD_TYPE_NONE, 1789 /*current_error*/ 1, 1790 /*sense_key*/ SSD_KEY_ILLEGAL_REQUEST, 1791 /*asc*/ 0x4D, 1792 /*ascq*/ ctsio->tag_num & 0xff, 1793 SSD_ELEM_NONE); 1794 1795 msg_info.scsi.sense_len = SSD_FULL_SIZE; 1796 msg_info.scsi.scsi_status = SCSI_STATUS_CHECK_COND; 1797 msg_info.hdr.status = CTL_SCSI_ERROR | CTL_AUTOSENSE; 1798 msg_info.hdr.original_sc = ctsio->io_hdr.original_sc; 1799 msg_info.hdr.serializing_sc = NULL; 1800 msg_info.hdr.msg_type = CTL_MSG_BAD_JUJU; 1801#if 0 1802 printf("BAD JUJU:Major Bummer Overlap Tag\n"); 1803#endif 1804 TAILQ_REMOVE(&lun->ooa_queue, &ctsio->io_hdr, ooa_links); 1805 retval = 1; 1806 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg_info, 1807 sizeof(msg_info), 0 ) > CTL_HA_STATUS_SUCCESS) { 1808 } 1809 break; 1810 case CTL_ACTION_ERROR: 1811 default: 1812 /* "Internal target failure" */ 1813 ctl_set_sense_data(&msg_info.scsi.sense_data, 1814 lun, 1815 /*sense_format*/SSD_TYPE_NONE, 1816 /*current_error*/ 1, 1817 /*sense_key*/ SSD_KEY_HARDWARE_ERROR, 1818 /*asc*/ 0x44, 1819 /*ascq*/ 0x00, 1820 SSD_ELEM_NONE); 1821 1822 msg_info.scsi.sense_len = SSD_FULL_SIZE; 1823 msg_info.scsi.scsi_status = SCSI_STATUS_CHECK_COND; 1824 msg_info.hdr.status = CTL_SCSI_ERROR | CTL_AUTOSENSE; 1825 msg_info.hdr.original_sc = ctsio->io_hdr.original_sc; 1826 msg_info.hdr.serializing_sc = NULL; 1827 msg_info.hdr.msg_type = CTL_MSG_BAD_JUJU; 1828#if 0 1829 printf("BAD JUJU:Major Bummer HW Error\n"); 1830#endif 1831 TAILQ_REMOVE(&lun->ooa_queue, &ctsio->io_hdr, ooa_links); 1832 retval = 1; 1833 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg_info, 1834 sizeof(msg_info), 0 ) > CTL_HA_STATUS_SUCCESS) { 1835 } 1836 break; 1837 } 1838 mtx_unlock(&lun->lun_lock); 1839 return (retval); 1840} 1841 1842static int 1843ctl_ioctl_submit_wait(union ctl_io *io) 1844{ 1845 struct ctl_fe_ioctl_params params; 1846 ctl_fe_ioctl_state last_state; 1847 int done, retval; 1848 1849 retval = 0; 1850 1851 bzero(¶ms, sizeof(params)); 1852 1853 mtx_init(¶ms.ioctl_mtx, "ctliocmtx", NULL, MTX_DEF); 1854 cv_init(¶ms.sem, "ctlioccv"); 1855 params.state = CTL_IOCTL_INPROG; 1856 last_state = params.state; 1857 1858 io->io_hdr.ctl_private[CTL_PRIV_FRONTEND].ptr = ¶ms; 1859 1860 CTL_DEBUG_PRINT(("ctl_ioctl_submit_wait\n")); 1861 1862 /* This shouldn't happen */ 1863 if ((retval = ctl_queue(io)) != CTL_RETVAL_COMPLETE) 1864 return (retval); 1865 1866 done = 0; 1867 1868 do { 1869 mtx_lock(¶ms.ioctl_mtx); 1870 /* 1871 * Check the state here, and don't sleep if the state has 1872 * already changed (i.e. wakeup has already occured, but we 1873 * weren't waiting yet). 1874 */ 1875 if (params.state == last_state) { 1876 /* XXX KDM cv_wait_sig instead? */ 1877 cv_wait(¶ms.sem, ¶ms.ioctl_mtx); 1878 } 1879 last_state = params.state; 1880 1881 switch (params.state) { 1882 case CTL_IOCTL_INPROG: 1883 /* Why did we wake up? */ 1884 /* XXX KDM error here? */ 1885 mtx_unlock(¶ms.ioctl_mtx); 1886 break; 1887 case CTL_IOCTL_DATAMOVE: 1888 CTL_DEBUG_PRINT(("got CTL_IOCTL_DATAMOVE\n")); 1889 1890 /* 1891 * change last_state back to INPROG to avoid 1892 * deadlock on subsequent data moves. 1893 */ 1894 params.state = last_state = CTL_IOCTL_INPROG; 1895 1896 mtx_unlock(¶ms.ioctl_mtx); 1897 ctl_ioctl_do_datamove(&io->scsiio); 1898 /* 1899 * Note that in some cases, most notably writes, 1900 * this will queue the I/O and call us back later. 1901 * In other cases, generally reads, this routine 1902 * will immediately call back and wake us up, 1903 * probably using our own context. 1904 */ 1905 io->scsiio.be_move_done(io); 1906 break; 1907 case CTL_IOCTL_DONE: 1908 mtx_unlock(¶ms.ioctl_mtx); 1909 CTL_DEBUG_PRINT(("got CTL_IOCTL_DONE\n")); 1910 done = 1; 1911 break; 1912 default: 1913 mtx_unlock(¶ms.ioctl_mtx); 1914 /* XXX KDM error here? */ 1915 break; 1916 } 1917 } while (done == 0); 1918 1919 mtx_destroy(¶ms.ioctl_mtx); 1920 cv_destroy(¶ms.sem); 1921 1922 return (CTL_RETVAL_COMPLETE); 1923} 1924 1925static void 1926ctl_ioctl_datamove(union ctl_io *io) 1927{ 1928 struct ctl_fe_ioctl_params *params; 1929 1930 params = (struct ctl_fe_ioctl_params *) 1931 io->io_hdr.ctl_private[CTL_PRIV_FRONTEND].ptr; 1932 1933 mtx_lock(¶ms->ioctl_mtx); 1934 params->state = CTL_IOCTL_DATAMOVE; 1935 cv_broadcast(¶ms->sem); 1936 mtx_unlock(¶ms->ioctl_mtx); 1937} 1938 1939static void 1940ctl_ioctl_done(union ctl_io *io) 1941{ 1942 struct ctl_fe_ioctl_params *params; 1943 1944 params = (struct ctl_fe_ioctl_params *) 1945 io->io_hdr.ctl_private[CTL_PRIV_FRONTEND].ptr; 1946 1947 mtx_lock(¶ms->ioctl_mtx); 1948 params->state = CTL_IOCTL_DONE; 1949 cv_broadcast(¶ms->sem); 1950 mtx_unlock(¶ms->ioctl_mtx); 1951} 1952 1953static void 1954ctl_ioctl_hard_startstop_callback(void *arg, struct cfi_metatask *metatask) 1955{ 1956 struct ctl_fe_ioctl_startstop_info *sd_info; 1957 1958 sd_info = (struct ctl_fe_ioctl_startstop_info *)arg; 1959 1960 sd_info->hs_info.status = metatask->status; 1961 sd_info->hs_info.total_luns = metatask->taskinfo.startstop.total_luns; 1962 sd_info->hs_info.luns_complete = 1963 metatask->taskinfo.startstop.luns_complete; 1964 sd_info->hs_info.luns_failed = metatask->taskinfo.startstop.luns_failed; 1965 1966 cv_broadcast(&sd_info->sem); 1967} 1968 1969static void 1970ctl_ioctl_bbrread_callback(void *arg, struct cfi_metatask *metatask) 1971{ 1972 struct ctl_fe_ioctl_bbrread_info *fe_bbr_info; 1973 1974 fe_bbr_info = (struct ctl_fe_ioctl_bbrread_info *)arg; 1975 1976 mtx_lock(fe_bbr_info->lock); 1977 fe_bbr_info->bbr_info->status = metatask->status; 1978 fe_bbr_info->bbr_info->bbr_status = metatask->taskinfo.bbrread.status; 1979 fe_bbr_info->wakeup_done = 1; 1980 mtx_unlock(fe_bbr_info->lock); 1981 1982 cv_broadcast(&fe_bbr_info->sem); 1983} 1984 1985/* 1986 * Returns 0 for success, errno for failure. 1987 */ 1988static int 1989ctl_ioctl_fill_ooa(struct ctl_lun *lun, uint32_t *cur_fill_num, 1990 struct ctl_ooa *ooa_hdr, struct ctl_ooa_entry *kern_entries) 1991{ 1992 union ctl_io *io; 1993 int retval; 1994 1995 retval = 0; 1996 1997 mtx_lock(&lun->lun_lock); 1998 for (io = (union ctl_io *)TAILQ_FIRST(&lun->ooa_queue); (io != NULL); 1999 (*cur_fill_num)++, io = (union ctl_io *)TAILQ_NEXT(&io->io_hdr, 2000 ooa_links)) { 2001 struct ctl_ooa_entry *entry; 2002 2003 /* 2004 * If we've got more than we can fit, just count the 2005 * remaining entries. 2006 */ 2007 if (*cur_fill_num >= ooa_hdr->alloc_num) 2008 continue; 2009 2010 entry = &kern_entries[*cur_fill_num]; 2011 2012 entry->tag_num = io->scsiio.tag_num; 2013 entry->lun_num = lun->lun; 2014#ifdef CTL_TIME_IO 2015 entry->start_bt = io->io_hdr.start_bt; 2016#endif 2017 bcopy(io->scsiio.cdb, entry->cdb, io->scsiio.cdb_len); 2018 entry->cdb_len = io->scsiio.cdb_len; 2019 if (io->io_hdr.flags & CTL_FLAG_BLOCKED) 2020 entry->cmd_flags |= CTL_OOACMD_FLAG_BLOCKED; 2021 2022 if (io->io_hdr.flags & CTL_FLAG_DMA_INPROG) 2023 entry->cmd_flags |= CTL_OOACMD_FLAG_DMA; 2024 2025 if (io->io_hdr.flags & CTL_FLAG_ABORT) 2026 entry->cmd_flags |= CTL_OOACMD_FLAG_ABORT; 2027 2028 if (io->io_hdr.flags & CTL_FLAG_IS_WAS_ON_RTR) 2029 entry->cmd_flags |= CTL_OOACMD_FLAG_RTR; 2030 2031 if (io->io_hdr.flags & CTL_FLAG_DMA_QUEUED) 2032 entry->cmd_flags |= CTL_OOACMD_FLAG_DMA_QUEUED; 2033 } 2034 mtx_unlock(&lun->lun_lock); 2035 2036 return (retval); 2037} 2038 2039static void * 2040ctl_copyin_alloc(void *user_addr, int len, char *error_str, 2041 size_t error_str_len) 2042{ 2043 void *kptr; 2044 2045 kptr = malloc(len, M_CTL, M_WAITOK | M_ZERO); 2046 2047 if (copyin(user_addr, kptr, len) != 0) { 2048 snprintf(error_str, error_str_len, "Error copying %d bytes " 2049 "from user address %p to kernel address %p", len, 2050 user_addr, kptr); 2051 free(kptr, M_CTL); 2052 return (NULL); 2053 } 2054 2055 return (kptr); 2056} 2057 2058static void 2059ctl_free_args(int num_args, struct ctl_be_arg *args) 2060{ 2061 int i; 2062 2063 if (args == NULL) 2064 return; 2065 2066 for (i = 0; i < num_args; i++) { 2067 free(args[i].kname, M_CTL); 2068 free(args[i].kvalue, M_CTL); 2069 } 2070 2071 free(args, M_CTL); 2072} 2073 2074static struct ctl_be_arg * 2075ctl_copyin_args(int num_args, struct ctl_be_arg *uargs, 2076 char *error_str, size_t error_str_len) 2077{ 2078 struct ctl_be_arg *args; 2079 int i; 2080 2081 args = ctl_copyin_alloc(uargs, num_args * sizeof(*args), 2082 error_str, error_str_len); 2083 2084 if (args == NULL) 2085 goto bailout; 2086 2087 for (i = 0; i < num_args; i++) { 2088 args[i].kname = NULL; 2089 args[i].kvalue = NULL; 2090 } 2091 2092 for (i = 0; i < num_args; i++) { 2093 uint8_t *tmpptr; 2094 2095 args[i].kname = ctl_copyin_alloc(args[i].name, 2096 args[i].namelen, error_str, error_str_len); 2097 if (args[i].kname == NULL) 2098 goto bailout; 2099 2100 if (args[i].kname[args[i].namelen - 1] != '\0') { 2101 snprintf(error_str, error_str_len, "Argument %d " 2102 "name is not NUL-terminated", i); 2103 goto bailout; 2104 } 2105 2106 if (args[i].flags & CTL_BEARG_RD) { 2107 tmpptr = ctl_copyin_alloc(args[i].value, 2108 args[i].vallen, error_str, error_str_len); 2109 if (tmpptr == NULL) 2110 goto bailout; 2111 if ((args[i].flags & CTL_BEARG_ASCII) 2112 && (tmpptr[args[i].vallen - 1] != '\0')) { 2113 snprintf(error_str, error_str_len, "Argument " 2114 "%d value is not NUL-terminated", i); 2115 goto bailout; 2116 } 2117 args[i].kvalue = tmpptr; 2118 } else { 2119 args[i].kvalue = malloc(args[i].vallen, 2120 M_CTL, M_WAITOK | M_ZERO); 2121 } 2122 } 2123 2124 return (args); 2125bailout: 2126 2127 ctl_free_args(num_args, args); 2128 2129 return (NULL); 2130} 2131 2132static void 2133ctl_copyout_args(int num_args, struct ctl_be_arg *args) 2134{ 2135 int i; 2136 2137 for (i = 0; i < num_args; i++) { 2138 if (args[i].flags & CTL_BEARG_WR) 2139 copyout(args[i].kvalue, args[i].value, args[i].vallen); 2140 } 2141} 2142 2143/* 2144 * Escape characters that are illegal or not recommended in XML. 2145 */ 2146int 2147ctl_sbuf_printf_esc(struct sbuf *sb, char *str) 2148{ 2149 int retval; 2150 2151 retval = 0; 2152 2153 for (; *str; str++) { 2154 switch (*str) { 2155 case '&': 2156 retval = sbuf_printf(sb, "&"); 2157 break; 2158 case '>': 2159 retval = sbuf_printf(sb, ">"); 2160 break; 2161 case '<': 2162 retval = sbuf_printf(sb, "<"); 2163 break; 2164 default: 2165 retval = sbuf_putc(sb, *str); 2166 break; 2167 } 2168 2169 if (retval != 0) 2170 break; 2171 2172 } 2173 2174 return (retval); 2175} 2176 2177static int 2178ctl_ioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flag, 2179 struct thread *td) 2180{ 2181 struct ctl_softc *softc; 2182 int retval; 2183 2184 softc = control_softc; 2185 2186 retval = 0; 2187 2188 switch (cmd) { 2189 case CTL_IO: { 2190 union ctl_io *io; 2191 void *pool_tmp; 2192 2193 /* 2194 * If we haven't been "enabled", don't allow any SCSI I/O 2195 * to this FETD. 2196 */ 2197 if ((softc->ioctl_info.flags & CTL_IOCTL_FLAG_ENABLED) == 0) { 2198 retval = EPERM; 2199 break; 2200 } 2201 2202 io = ctl_alloc_io(softc->ioctl_info.port.ctl_pool_ref); 2203 if (io == NULL) { 2204 printf("ctl_ioctl: can't allocate ctl_io!\n"); 2205 retval = ENOSPC; 2206 break; 2207 } 2208 2209 /* 2210 * Need to save the pool reference so it doesn't get 2211 * spammed by the user's ctl_io. 2212 */ 2213 pool_tmp = io->io_hdr.pool; 2214 2215 memcpy(io, (void *)addr, sizeof(*io)); 2216 2217 io->io_hdr.pool = pool_tmp; 2218 /* 2219 * No status yet, so make sure the status is set properly. 2220 */ 2221 io->io_hdr.status = CTL_STATUS_NONE; 2222 2223 /* 2224 * The user sets the initiator ID, target and LUN IDs. 2225 */ 2226 io->io_hdr.nexus.targ_port = softc->ioctl_info.port.targ_port; 2227 io->io_hdr.flags |= CTL_FLAG_USER_REQ; 2228 if ((io->io_hdr.io_type == CTL_IO_SCSI) 2229 && (io->scsiio.tag_type != CTL_TAG_UNTAGGED)) 2230 io->scsiio.tag_num = softc->ioctl_info.cur_tag_num++; 2231 2232 retval = ctl_ioctl_submit_wait(io); 2233 2234 if (retval != 0) { 2235 ctl_free_io(io); 2236 break; 2237 } 2238 2239 memcpy((void *)addr, io, sizeof(*io)); 2240 2241 /* return this to our pool */ 2242 ctl_free_io(io); 2243 2244 break; 2245 } 2246 case CTL_ENABLE_PORT: 2247 case CTL_DISABLE_PORT: 2248 case CTL_SET_PORT_WWNS: { 2249 struct ctl_port *port; 2250 struct ctl_port_entry *entry; 2251 2252 entry = (struct ctl_port_entry *)addr; 2253 2254 mtx_lock(&softc->ctl_lock); 2255 STAILQ_FOREACH(port, &softc->port_list, links) { 2256 int action, done; 2257 2258 action = 0; 2259 done = 0; 2260 2261 if ((entry->port_type == CTL_PORT_NONE) 2262 && (entry->targ_port == port->targ_port)) { 2263 /* 2264 * If the user only wants to enable or 2265 * disable or set WWNs on a specific port, 2266 * do the operation and we're done. 2267 */ 2268 action = 1; 2269 done = 1; 2270 } else if (entry->port_type & port->port_type) { 2271 /* 2272 * Compare the user's type mask with the 2273 * particular frontend type to see if we 2274 * have a match. 2275 */ 2276 action = 1; 2277 done = 0; 2278 2279 /* 2280 * Make sure the user isn't trying to set 2281 * WWNs on multiple ports at the same time. 2282 */ 2283 if (cmd == CTL_SET_PORT_WWNS) { 2284 printf("%s: Can't set WWNs on " 2285 "multiple ports\n", __func__); 2286 retval = EINVAL; 2287 break; 2288 } 2289 } 2290 if (action != 0) { 2291 /* 2292 * XXX KDM we have to drop the lock here, 2293 * because the online/offline operations 2294 * can potentially block. We need to 2295 * reference count the frontends so they 2296 * can't go away, 2297 */ 2298 mtx_unlock(&softc->ctl_lock); 2299 2300 if (cmd == CTL_ENABLE_PORT) { 2301 struct ctl_lun *lun; 2302 2303 STAILQ_FOREACH(lun, &softc->lun_list, 2304 links) { 2305 port->lun_enable(port->targ_lun_arg, 2306 lun->target, 2307 lun->lun); 2308 } 2309 2310 ctl_port_online(port); 2311 } else if (cmd == CTL_DISABLE_PORT) { 2312 struct ctl_lun *lun; 2313 2314 ctl_port_offline(port); 2315 2316 STAILQ_FOREACH(lun, &softc->lun_list, 2317 links) { 2318 port->lun_disable( 2319 port->targ_lun_arg, 2320 lun->target, 2321 lun->lun); 2322 } 2323 } 2324 2325 mtx_lock(&softc->ctl_lock); 2326 2327 if (cmd == CTL_SET_PORT_WWNS) 2328 ctl_port_set_wwns(port, 2329 (entry->flags & CTL_PORT_WWNN_VALID) ? 2330 1 : 0, entry->wwnn, 2331 (entry->flags & CTL_PORT_WWPN_VALID) ? 2332 1 : 0, entry->wwpn); 2333 } 2334 if (done != 0) 2335 break; 2336 } 2337 mtx_unlock(&softc->ctl_lock); 2338 break; 2339 } 2340 case CTL_GET_PORT_LIST: { 2341 struct ctl_port *port; 2342 struct ctl_port_list *list; 2343 int i; 2344 2345 list = (struct ctl_port_list *)addr; 2346 2347 if (list->alloc_len != (list->alloc_num * 2348 sizeof(struct ctl_port_entry))) { 2349 printf("%s: CTL_GET_PORT_LIST: alloc_len %u != " 2350 "alloc_num %u * sizeof(struct ctl_port_entry) " 2351 "%zu\n", __func__, list->alloc_len, 2352 list->alloc_num, sizeof(struct ctl_port_entry)); 2353 retval = EINVAL; 2354 break; 2355 } 2356 list->fill_len = 0; 2357 list->fill_num = 0; 2358 list->dropped_num = 0; 2359 i = 0; 2360 mtx_lock(&softc->ctl_lock); 2361 STAILQ_FOREACH(port, &softc->port_list, links) { 2362 struct ctl_port_entry entry, *list_entry; 2363 2364 if (list->fill_num >= list->alloc_num) { 2365 list->dropped_num++; 2366 continue; 2367 } 2368 2369 entry.port_type = port->port_type; 2370 strlcpy(entry.port_name, port->port_name, 2371 sizeof(entry.port_name)); 2372 entry.targ_port = port->targ_port; 2373 entry.physical_port = port->physical_port; 2374 entry.virtual_port = port->virtual_port; 2375 entry.wwnn = port->wwnn; 2376 entry.wwpn = port->wwpn; 2377 if (port->status & CTL_PORT_STATUS_ONLINE) 2378 entry.online = 1; 2379 else 2380 entry.online = 0; 2381 2382 list_entry = &list->entries[i]; 2383 2384 retval = copyout(&entry, list_entry, sizeof(entry)); 2385 if (retval != 0) { 2386 printf("%s: CTL_GET_PORT_LIST: copyout " 2387 "returned %d\n", __func__, retval); 2388 break; 2389 } 2390 i++; 2391 list->fill_num++; 2392 list->fill_len += sizeof(entry); 2393 } 2394 mtx_unlock(&softc->ctl_lock); 2395 2396 /* 2397 * If this is non-zero, we had a copyout fault, so there's 2398 * probably no point in attempting to set the status inside 2399 * the structure. 2400 */ 2401 if (retval != 0) 2402 break; 2403 2404 if (list->dropped_num > 0) 2405 list->status = CTL_PORT_LIST_NEED_MORE_SPACE; 2406 else 2407 list->status = CTL_PORT_LIST_OK; 2408 break; 2409 } 2410 case CTL_DUMP_OOA: { 2411 struct ctl_lun *lun; 2412 union ctl_io *io; 2413 char printbuf[128]; 2414 struct sbuf sb; 2415 2416 mtx_lock(&softc->ctl_lock); 2417 printf("Dumping OOA queues:\n"); 2418 STAILQ_FOREACH(lun, &softc->lun_list, links) { 2419 mtx_lock(&lun->lun_lock); 2420 for (io = (union ctl_io *)TAILQ_FIRST( 2421 &lun->ooa_queue); io != NULL; 2422 io = (union ctl_io *)TAILQ_NEXT(&io->io_hdr, 2423 ooa_links)) { 2424 sbuf_new(&sb, printbuf, sizeof(printbuf), 2425 SBUF_FIXEDLEN); 2426 sbuf_printf(&sb, "LUN %jd tag 0x%04x%s%s%s%s: ", 2427 (intmax_t)lun->lun, 2428 io->scsiio.tag_num, 2429 (io->io_hdr.flags & 2430 CTL_FLAG_BLOCKED) ? "" : " BLOCKED", 2431 (io->io_hdr.flags & 2432 CTL_FLAG_DMA_INPROG) ? " DMA" : "", 2433 (io->io_hdr.flags & 2434 CTL_FLAG_ABORT) ? " ABORT" : "", 2435 (io->io_hdr.flags & 2436 CTL_FLAG_IS_WAS_ON_RTR) ? " RTR" : ""); 2437 ctl_scsi_command_string(&io->scsiio, NULL, &sb); 2438 sbuf_finish(&sb); 2439 printf("%s\n", sbuf_data(&sb)); 2440 } 2441 mtx_unlock(&lun->lun_lock); 2442 } 2443 printf("OOA queues dump done\n"); 2444 mtx_unlock(&softc->ctl_lock); 2445 break; 2446 } 2447 case CTL_GET_OOA: { 2448 struct ctl_lun *lun; 2449 struct ctl_ooa *ooa_hdr; 2450 struct ctl_ooa_entry *entries; 2451 uint32_t cur_fill_num; 2452 2453 ooa_hdr = (struct ctl_ooa *)addr; 2454 2455 if ((ooa_hdr->alloc_len == 0) 2456 || (ooa_hdr->alloc_num == 0)) { 2457 printf("%s: CTL_GET_OOA: alloc len %u and alloc num %u " 2458 "must be non-zero\n", __func__, 2459 ooa_hdr->alloc_len, ooa_hdr->alloc_num); 2460 retval = EINVAL; 2461 break; 2462 } 2463 2464 if (ooa_hdr->alloc_len != (ooa_hdr->alloc_num * 2465 sizeof(struct ctl_ooa_entry))) { 2466 printf("%s: CTL_GET_OOA: alloc len %u must be alloc " 2467 "num %d * sizeof(struct ctl_ooa_entry) %zd\n", 2468 __func__, ooa_hdr->alloc_len, 2469 ooa_hdr->alloc_num,sizeof(struct ctl_ooa_entry)); 2470 retval = EINVAL; 2471 break; 2472 } 2473 2474 entries = malloc(ooa_hdr->alloc_len, M_CTL, M_WAITOK | M_ZERO); 2475 if (entries == NULL) { 2476 printf("%s: could not allocate %d bytes for OOA " 2477 "dump\n", __func__, ooa_hdr->alloc_len); 2478 retval = ENOMEM; 2479 break; 2480 } 2481 2482 mtx_lock(&softc->ctl_lock); 2483 if (((ooa_hdr->flags & CTL_OOA_FLAG_ALL_LUNS) == 0) 2484 && ((ooa_hdr->lun_num > CTL_MAX_LUNS) 2485 || (softc->ctl_luns[ooa_hdr->lun_num] == NULL))) { 2486 mtx_unlock(&softc->ctl_lock); 2487 free(entries, M_CTL); 2488 printf("%s: CTL_GET_OOA: invalid LUN %ju\n", 2489 __func__, (uintmax_t)ooa_hdr->lun_num); 2490 retval = EINVAL; 2491 break; 2492 } 2493 2494 cur_fill_num = 0; 2495 2496 if (ooa_hdr->flags & CTL_OOA_FLAG_ALL_LUNS) { 2497 STAILQ_FOREACH(lun, &softc->lun_list, links) { 2498 retval = ctl_ioctl_fill_ooa(lun, &cur_fill_num, 2499 ooa_hdr, entries); 2500 if (retval != 0) 2501 break; 2502 } 2503 if (retval != 0) { 2504 mtx_unlock(&softc->ctl_lock); 2505 free(entries, M_CTL); 2506 break; 2507 } 2508 } else { 2509 lun = softc->ctl_luns[ooa_hdr->lun_num]; 2510 2511 retval = ctl_ioctl_fill_ooa(lun, &cur_fill_num,ooa_hdr, 2512 entries); 2513 } 2514 mtx_unlock(&softc->ctl_lock); 2515 2516 ooa_hdr->fill_num = min(cur_fill_num, ooa_hdr->alloc_num); 2517 ooa_hdr->fill_len = ooa_hdr->fill_num * 2518 sizeof(struct ctl_ooa_entry); 2519 retval = copyout(entries, ooa_hdr->entries, ooa_hdr->fill_len); 2520 if (retval != 0) { 2521 printf("%s: error copying out %d bytes for OOA dump\n", 2522 __func__, ooa_hdr->fill_len); 2523 } 2524 2525 getbintime(&ooa_hdr->cur_bt); 2526 2527 if (cur_fill_num > ooa_hdr->alloc_num) { 2528 ooa_hdr->dropped_num = cur_fill_num -ooa_hdr->alloc_num; 2529 ooa_hdr->status = CTL_OOA_NEED_MORE_SPACE; 2530 } else { 2531 ooa_hdr->dropped_num = 0; 2532 ooa_hdr->status = CTL_OOA_OK; 2533 } 2534 2535 free(entries, M_CTL); 2536 break; 2537 } 2538 case CTL_CHECK_OOA: { 2539 union ctl_io *io; 2540 struct ctl_lun *lun; 2541 struct ctl_ooa_info *ooa_info; 2542 2543 2544 ooa_info = (struct ctl_ooa_info *)addr; 2545 2546 if (ooa_info->lun_id >= CTL_MAX_LUNS) { 2547 ooa_info->status = CTL_OOA_INVALID_LUN; 2548 break; 2549 } 2550 mtx_lock(&softc->ctl_lock); 2551 lun = softc->ctl_luns[ooa_info->lun_id]; 2552 if (lun == NULL) { 2553 mtx_unlock(&softc->ctl_lock); 2554 ooa_info->status = CTL_OOA_INVALID_LUN; 2555 break; 2556 } 2557 mtx_lock(&lun->lun_lock); 2558 mtx_unlock(&softc->ctl_lock); 2559 ooa_info->num_entries = 0; 2560 for (io = (union ctl_io *)TAILQ_FIRST(&lun->ooa_queue); 2561 io != NULL; io = (union ctl_io *)TAILQ_NEXT( 2562 &io->io_hdr, ooa_links)) { 2563 ooa_info->num_entries++; 2564 } 2565 mtx_unlock(&lun->lun_lock); 2566 2567 ooa_info->status = CTL_OOA_SUCCESS; 2568 2569 break; 2570 } 2571 case CTL_HARD_START: 2572 case CTL_HARD_STOP: { 2573 struct ctl_fe_ioctl_startstop_info ss_info; 2574 struct cfi_metatask *metatask; 2575 struct mtx hs_mtx; 2576 2577 mtx_init(&hs_mtx, "HS Mutex", NULL, MTX_DEF); 2578 2579 cv_init(&ss_info.sem, "hard start/stop cv" ); 2580 2581 metatask = cfi_alloc_metatask(/*can_wait*/ 1); 2582 if (metatask == NULL) { 2583 retval = ENOMEM; 2584 mtx_destroy(&hs_mtx); 2585 break; 2586 } 2587 2588 if (cmd == CTL_HARD_START) 2589 metatask->tasktype = CFI_TASK_STARTUP; 2590 else 2591 metatask->tasktype = CFI_TASK_SHUTDOWN; 2592 2593 metatask->callback = ctl_ioctl_hard_startstop_callback; 2594 metatask->callback_arg = &ss_info; 2595 2596 cfi_action(metatask); 2597 2598 /* Wait for the callback */ 2599 mtx_lock(&hs_mtx); 2600 cv_wait_sig(&ss_info.sem, &hs_mtx); 2601 mtx_unlock(&hs_mtx); 2602 2603 /* 2604 * All information has been copied from the metatask by the 2605 * time cv_broadcast() is called, so we free the metatask here. 2606 */ 2607 cfi_free_metatask(metatask); 2608 2609 memcpy((void *)addr, &ss_info.hs_info, sizeof(ss_info.hs_info)); 2610 2611 mtx_destroy(&hs_mtx); 2612 break; 2613 } 2614 case CTL_BBRREAD: { 2615 struct ctl_bbrread_info *bbr_info; 2616 struct ctl_fe_ioctl_bbrread_info fe_bbr_info; 2617 struct mtx bbr_mtx; 2618 struct cfi_metatask *metatask; 2619 2620 bbr_info = (struct ctl_bbrread_info *)addr; 2621 2622 bzero(&fe_bbr_info, sizeof(fe_bbr_info)); 2623 2624 bzero(&bbr_mtx, sizeof(bbr_mtx)); 2625 mtx_init(&bbr_mtx, "BBR Mutex", NULL, MTX_DEF); 2626 2627 fe_bbr_info.bbr_info = bbr_info; 2628 fe_bbr_info.lock = &bbr_mtx; 2629 2630 cv_init(&fe_bbr_info.sem, "BBR read cv"); 2631 metatask = cfi_alloc_metatask(/*can_wait*/ 1); 2632 2633 if (metatask == NULL) { 2634 mtx_destroy(&bbr_mtx); 2635 cv_destroy(&fe_bbr_info.sem); 2636 retval = ENOMEM; 2637 break; 2638 } 2639 metatask->tasktype = CFI_TASK_BBRREAD; 2640 metatask->callback = ctl_ioctl_bbrread_callback; 2641 metatask->callback_arg = &fe_bbr_info; 2642 metatask->taskinfo.bbrread.lun_num = bbr_info->lun_num; 2643 metatask->taskinfo.bbrread.lba = bbr_info->lba; 2644 metatask->taskinfo.bbrread.len = bbr_info->len; 2645 2646 cfi_action(metatask); 2647 2648 mtx_lock(&bbr_mtx); 2649 while (fe_bbr_info.wakeup_done == 0) 2650 cv_wait_sig(&fe_bbr_info.sem, &bbr_mtx); 2651 mtx_unlock(&bbr_mtx); 2652 2653 bbr_info->status = metatask->status; 2654 bbr_info->bbr_status = metatask->taskinfo.bbrread.status; 2655 bbr_info->scsi_status = metatask->taskinfo.bbrread.scsi_status; 2656 memcpy(&bbr_info->sense_data, 2657 &metatask->taskinfo.bbrread.sense_data, 2658 ctl_min(sizeof(bbr_info->sense_data), 2659 sizeof(metatask->taskinfo.bbrread.sense_data))); 2660 2661 cfi_free_metatask(metatask); 2662 2663 mtx_destroy(&bbr_mtx); 2664 cv_destroy(&fe_bbr_info.sem); 2665 2666 break; 2667 } 2668 case CTL_DELAY_IO: { 2669 struct ctl_io_delay_info *delay_info; 2670#ifdef CTL_IO_DELAY 2671 struct ctl_lun *lun; 2672#endif /* CTL_IO_DELAY */ 2673 2674 delay_info = (struct ctl_io_delay_info *)addr; 2675 2676#ifdef CTL_IO_DELAY 2677 mtx_lock(&softc->ctl_lock); 2678 2679 if ((delay_info->lun_id > CTL_MAX_LUNS) 2680 || (softc->ctl_luns[delay_info->lun_id] == NULL)) { 2681 delay_info->status = CTL_DELAY_STATUS_INVALID_LUN; 2682 } else { 2683 lun = softc->ctl_luns[delay_info->lun_id]; 2684 mtx_lock(&lun->lun_lock); 2685 2686 delay_info->status = CTL_DELAY_STATUS_OK; 2687 2688 switch (delay_info->delay_type) { 2689 case CTL_DELAY_TYPE_CONT: 2690 break; 2691 case CTL_DELAY_TYPE_ONESHOT: 2692 break; 2693 default: 2694 delay_info->status = 2695 CTL_DELAY_STATUS_INVALID_TYPE; 2696 break; 2697 } 2698 2699 switch (delay_info->delay_loc) { 2700 case CTL_DELAY_LOC_DATAMOVE: 2701 lun->delay_info.datamove_type = 2702 delay_info->delay_type; 2703 lun->delay_info.datamove_delay = 2704 delay_info->delay_secs; 2705 break; 2706 case CTL_DELAY_LOC_DONE: 2707 lun->delay_info.done_type = 2708 delay_info->delay_type; 2709 lun->delay_info.done_delay = 2710 delay_info->delay_secs; 2711 break; 2712 default: 2713 delay_info->status = 2714 CTL_DELAY_STATUS_INVALID_LOC; 2715 break; 2716 } 2717 mtx_unlock(&lun->lun_lock); 2718 } 2719 2720 mtx_unlock(&softc->ctl_lock); 2721#else 2722 delay_info->status = CTL_DELAY_STATUS_NOT_IMPLEMENTED; 2723#endif /* CTL_IO_DELAY */ 2724 break; 2725 } 2726 case CTL_REALSYNC_SET: { 2727 int *syncstate; 2728 2729 syncstate = (int *)addr; 2730 2731 mtx_lock(&softc->ctl_lock); 2732 switch (*syncstate) { 2733 case 0: 2734 softc->flags &= ~CTL_FLAG_REAL_SYNC; 2735 break; 2736 case 1: 2737 softc->flags |= CTL_FLAG_REAL_SYNC; 2738 break; 2739 default: 2740 retval = EINVAL; 2741 break; 2742 } 2743 mtx_unlock(&softc->ctl_lock); 2744 break; 2745 } 2746 case CTL_REALSYNC_GET: { 2747 int *syncstate; 2748 2749 syncstate = (int*)addr; 2750 2751 mtx_lock(&softc->ctl_lock); 2752 if (softc->flags & CTL_FLAG_REAL_SYNC) 2753 *syncstate = 1; 2754 else 2755 *syncstate = 0; 2756 mtx_unlock(&softc->ctl_lock); 2757 2758 break; 2759 } 2760 case CTL_SETSYNC: 2761 case CTL_GETSYNC: { 2762 struct ctl_sync_info *sync_info; 2763 struct ctl_lun *lun; 2764 2765 sync_info = (struct ctl_sync_info *)addr; 2766 2767 mtx_lock(&softc->ctl_lock); 2768 lun = softc->ctl_luns[sync_info->lun_id]; 2769 if (lun == NULL) { 2770 mtx_unlock(&softc->ctl_lock); 2771 sync_info->status = CTL_GS_SYNC_NO_LUN; 2772 } 2773 /* 2774 * Get or set the sync interval. We're not bounds checking 2775 * in the set case, hopefully the user won't do something 2776 * silly. 2777 */ 2778 mtx_lock(&lun->lun_lock); 2779 mtx_unlock(&softc->ctl_lock); 2780 if (cmd == CTL_GETSYNC) 2781 sync_info->sync_interval = lun->sync_interval; 2782 else 2783 lun->sync_interval = sync_info->sync_interval; 2784 mtx_unlock(&lun->lun_lock); 2785 2786 sync_info->status = CTL_GS_SYNC_OK; 2787 2788 break; 2789 } 2790 case CTL_GETSTATS: { 2791 struct ctl_stats *stats; 2792 struct ctl_lun *lun; 2793 int i; 2794 2795 stats = (struct ctl_stats *)addr; 2796 2797 if ((sizeof(struct ctl_lun_io_stats) * softc->num_luns) > 2798 stats->alloc_len) { 2799 stats->status = CTL_SS_NEED_MORE_SPACE; 2800 stats->num_luns = softc->num_luns; 2801 break; 2802 } 2803 /* 2804 * XXX KDM no locking here. If the LUN list changes, 2805 * things can blow up. 2806 */ 2807 for (i = 0, lun = STAILQ_FIRST(&softc->lun_list); lun != NULL; 2808 i++, lun = STAILQ_NEXT(lun, links)) { 2809 retval = copyout(&lun->stats, &stats->lun_stats[i], 2810 sizeof(lun->stats)); 2811 if (retval != 0) 2812 break; 2813 } 2814 stats->num_luns = softc->num_luns; 2815 stats->fill_len = sizeof(struct ctl_lun_io_stats) * 2816 softc->num_luns; 2817 stats->status = CTL_SS_OK; 2818#ifdef CTL_TIME_IO 2819 stats->flags = CTL_STATS_FLAG_TIME_VALID; 2820#else 2821 stats->flags = CTL_STATS_FLAG_NONE; 2822#endif 2823 getnanouptime(&stats->timestamp); 2824 break; 2825 } 2826 case CTL_ERROR_INJECT: { 2827 struct ctl_error_desc *err_desc, *new_err_desc; 2828 struct ctl_lun *lun; 2829 2830 err_desc = (struct ctl_error_desc *)addr; 2831 2832 new_err_desc = malloc(sizeof(*new_err_desc), M_CTL, 2833 M_WAITOK | M_ZERO); 2834 bcopy(err_desc, new_err_desc, sizeof(*new_err_desc)); 2835 2836 mtx_lock(&softc->ctl_lock); 2837 lun = softc->ctl_luns[err_desc->lun_id]; 2838 if (lun == NULL) { 2839 mtx_unlock(&softc->ctl_lock); 2840 printf("%s: CTL_ERROR_INJECT: invalid LUN %ju\n", 2841 __func__, (uintmax_t)err_desc->lun_id); 2842 retval = EINVAL; 2843 break; 2844 } 2845 mtx_lock(&lun->lun_lock); 2846 mtx_unlock(&softc->ctl_lock); 2847 2848 /* 2849 * We could do some checking here to verify the validity 2850 * of the request, but given the complexity of error 2851 * injection requests, the checking logic would be fairly 2852 * complex. 2853 * 2854 * For now, if the request is invalid, it just won't get 2855 * executed and might get deleted. 2856 */ 2857 STAILQ_INSERT_TAIL(&lun->error_list, new_err_desc, links); 2858 2859 /* 2860 * XXX KDM check to make sure the serial number is unique, 2861 * in case we somehow manage to wrap. That shouldn't 2862 * happen for a very long time, but it's the right thing to 2863 * do. 2864 */ 2865 new_err_desc->serial = lun->error_serial; 2866 err_desc->serial = lun->error_serial; 2867 lun->error_serial++; 2868 2869 mtx_unlock(&lun->lun_lock); 2870 break; 2871 } 2872 case CTL_ERROR_INJECT_DELETE: { 2873 struct ctl_error_desc *delete_desc, *desc, *desc2; 2874 struct ctl_lun *lun; 2875 int delete_done; 2876 2877 delete_desc = (struct ctl_error_desc *)addr; 2878 delete_done = 0; 2879 2880 mtx_lock(&softc->ctl_lock); 2881 lun = softc->ctl_luns[delete_desc->lun_id]; 2882 if (lun == NULL) { 2883 mtx_unlock(&softc->ctl_lock); 2884 printf("%s: CTL_ERROR_INJECT_DELETE: invalid LUN %ju\n", 2885 __func__, (uintmax_t)delete_desc->lun_id); 2886 retval = EINVAL; 2887 break; 2888 } 2889 mtx_lock(&lun->lun_lock); 2890 mtx_unlock(&softc->ctl_lock); 2891 STAILQ_FOREACH_SAFE(desc, &lun->error_list, links, desc2) { 2892 if (desc->serial != delete_desc->serial) 2893 continue; 2894 2895 STAILQ_REMOVE(&lun->error_list, desc, ctl_error_desc, 2896 links); 2897 free(desc, M_CTL); 2898 delete_done = 1; 2899 } 2900 mtx_unlock(&lun->lun_lock); 2901 if (delete_done == 0) { 2902 printf("%s: CTL_ERROR_INJECT_DELETE: can't find " 2903 "error serial %ju on LUN %u\n", __func__, 2904 delete_desc->serial, delete_desc->lun_id); 2905 retval = EINVAL; 2906 break; 2907 } 2908 break; 2909 } 2910 case CTL_DUMP_STRUCTS: { 2911 int i, j, k, idx; 2912 struct ctl_port *port; 2913 struct ctl_frontend *fe; 2914 2915 mtx_lock(&softc->ctl_lock); 2916 printf("CTL Persistent Reservation information start:\n"); 2917 for (i = 0; i < CTL_MAX_LUNS; i++) { 2918 struct ctl_lun *lun; 2919 2920 lun = softc->ctl_luns[i]; 2921 2922 if ((lun == NULL) 2923 || ((lun->flags & CTL_LUN_DISABLED) != 0)) 2924 continue; 2925 2926 for (j = 0; j < (CTL_MAX_PORTS * 2); j++) { 2927 for (k = 0; k < CTL_MAX_INIT_PER_PORT; k++){ 2928 idx = j * CTL_MAX_INIT_PER_PORT + k; 2929 if (lun->per_res[idx].registered == 0) 2930 continue; 2931 printf(" LUN %d port %d iid %d key " 2932 "%#jx\n", i, j, k, 2933 (uintmax_t)scsi_8btou64( 2934 lun->per_res[idx].res_key.key)); 2935 } 2936 } 2937 } 2938 printf("CTL Persistent Reservation information end\n"); 2939 printf("CTL Ports:\n"); 2940 STAILQ_FOREACH(port, &softc->port_list, links) { 2941 printf(" Port %d '%s' Frontend '%s' Type %u pp %d vp %d WWNN " 2942 "%#jx WWPN %#jx\n", port->targ_port, port->port_name, 2943 port->frontend->name, port->port_type, 2944 port->physical_port, port->virtual_port, 2945 (uintmax_t)port->wwnn, (uintmax_t)port->wwpn); 2946 for (j = 0; j < CTL_MAX_INIT_PER_PORT; j++) { 2947 if (port->wwpn_iid[j].in_use == 0 && 2948 port->wwpn_iid[j].wwpn == 0 && 2949 port->wwpn_iid[j].name == NULL) 2950 continue; 2951 2952 printf(" iid %u use %d WWPN %#jx '%s'\n", 2953 j, port->wwpn_iid[j].in_use, 2954 (uintmax_t)port->wwpn_iid[j].wwpn, 2955 port->wwpn_iid[j].name); 2956 } 2957 } 2958 printf("CTL Port information end\n"); 2959 mtx_unlock(&softc->ctl_lock); 2960 /* 2961 * XXX KDM calling this without a lock. We'd likely want 2962 * to drop the lock before calling the frontend's dump 2963 * routine anyway. 2964 */ 2965 printf("CTL Frontends:\n"); 2966 STAILQ_FOREACH(fe, &softc->fe_list, links) { 2967 printf(" Frontend '%s'\n", fe->name); 2968 if (fe->fe_dump != NULL) 2969 fe->fe_dump(); 2970 } 2971 printf("CTL Frontend information end\n"); 2972 break; 2973 } 2974 case CTL_LUN_REQ: { 2975 struct ctl_lun_req *lun_req; 2976 struct ctl_backend_driver *backend; 2977 2978 lun_req = (struct ctl_lun_req *)addr; 2979 2980 backend = ctl_backend_find(lun_req->backend); 2981 if (backend == NULL) { 2982 lun_req->status = CTL_LUN_ERROR; 2983 snprintf(lun_req->error_str, 2984 sizeof(lun_req->error_str), 2985 "Backend \"%s\" not found.", 2986 lun_req->backend); 2987 break; 2988 } 2989 if (lun_req->num_be_args > 0) { 2990 lun_req->kern_be_args = ctl_copyin_args( 2991 lun_req->num_be_args, 2992 lun_req->be_args, 2993 lun_req->error_str, 2994 sizeof(lun_req->error_str)); 2995 if (lun_req->kern_be_args == NULL) { 2996 lun_req->status = CTL_LUN_ERROR; 2997 break; 2998 } 2999 } 3000 3001 retval = backend->ioctl(dev, cmd, addr, flag, td); 3002 3003 if (lun_req->num_be_args > 0) { 3004 ctl_copyout_args(lun_req->num_be_args, 3005 lun_req->kern_be_args); 3006 ctl_free_args(lun_req->num_be_args, 3007 lun_req->kern_be_args); 3008 } 3009 break; 3010 } 3011 case CTL_LUN_LIST: { 3012 struct sbuf *sb; 3013 struct ctl_lun *lun; 3014 struct ctl_lun_list *list; 3015 struct ctl_option *opt; 3016 3017 list = (struct ctl_lun_list *)addr; 3018 3019 /* 3020 * Allocate a fixed length sbuf here, based on the length 3021 * of the user's buffer. We could allocate an auto-extending 3022 * buffer, and then tell the user how much larger our 3023 * amount of data is than his buffer, but that presents 3024 * some problems: 3025 * 3026 * 1. The sbuf(9) routines use a blocking malloc, and so 3027 * we can't hold a lock while calling them with an 3028 * auto-extending buffer. 3029 * 3030 * 2. There is not currently a LUN reference counting 3031 * mechanism, outside of outstanding transactions on 3032 * the LUN's OOA queue. So a LUN could go away on us 3033 * while we're getting the LUN number, backend-specific 3034 * information, etc. Thus, given the way things 3035 * currently work, we need to hold the CTL lock while 3036 * grabbing LUN information. 3037 * 3038 * So, from the user's standpoint, the best thing to do is 3039 * allocate what he thinks is a reasonable buffer length, 3040 * and then if he gets a CTL_LUN_LIST_NEED_MORE_SPACE error, 3041 * double the buffer length and try again. (And repeat 3042 * that until he succeeds.) 3043 */ 3044 sb = sbuf_new(NULL, NULL, list->alloc_len, SBUF_FIXEDLEN); 3045 if (sb == NULL) { 3046 list->status = CTL_LUN_LIST_ERROR; 3047 snprintf(list->error_str, sizeof(list->error_str), 3048 "Unable to allocate %d bytes for LUN list", 3049 list->alloc_len); 3050 break; 3051 } 3052 3053 sbuf_printf(sb, "<ctllunlist>\n"); 3054 3055 mtx_lock(&softc->ctl_lock); 3056 STAILQ_FOREACH(lun, &softc->lun_list, links) { 3057 mtx_lock(&lun->lun_lock); 3058 retval = sbuf_printf(sb, "<lun id=\"%ju\">\n", 3059 (uintmax_t)lun->lun); 3060 3061 /* 3062 * Bail out as soon as we see that we've overfilled 3063 * the buffer. 3064 */ 3065 if (retval != 0) 3066 break; 3067 3068 retval = sbuf_printf(sb, "\t<backend_type>%s" 3069 "</backend_type>\n", 3070 (lun->backend == NULL) ? "none" : 3071 lun->backend->name); 3072 3073 if (retval != 0) 3074 break; 3075 3076 retval = sbuf_printf(sb, "\t<lun_type>%d</lun_type>\n", 3077 lun->be_lun->lun_type); 3078 3079 if (retval != 0) 3080 break; 3081 3082 if (lun->backend == NULL) { 3083 retval = sbuf_printf(sb, "</lun>\n"); 3084 if (retval != 0) 3085 break; 3086 continue; 3087 } 3088 3089 retval = sbuf_printf(sb, "\t<size>%ju</size>\n", 3090 (lun->be_lun->maxlba > 0) ? 3091 lun->be_lun->maxlba + 1 : 0); 3092 3093 if (retval != 0) 3094 break; 3095 3096 retval = sbuf_printf(sb, "\t<blocksize>%u</blocksize>\n", 3097 lun->be_lun->blocksize); 3098 3099 if (retval != 0) 3100 break; 3101 3102 retval = sbuf_printf(sb, "\t<serial_number>"); 3103 3104 if (retval != 0) 3105 break; 3106 3107 retval = ctl_sbuf_printf_esc(sb, 3108 lun->be_lun->serial_num); 3109 3110 if (retval != 0) 3111 break; 3112 3113 retval = sbuf_printf(sb, "</serial_number>\n"); 3114 3115 if (retval != 0) 3116 break; 3117 3118 retval = sbuf_printf(sb, "\t<device_id>"); 3119 3120 if (retval != 0) 3121 break; 3122 3123 retval = ctl_sbuf_printf_esc(sb,lun->be_lun->device_id); 3124 3125 if (retval != 0) 3126 break; 3127 3128 retval = sbuf_printf(sb, "</device_id>\n"); 3129 3130 if (retval != 0) 3131 break; 3132 3133 if (lun->backend->lun_info != NULL) { 3134 retval = lun->backend->lun_info(lun->be_lun->be_lun, sb); 3135 if (retval != 0) 3136 break; 3137 } 3138 STAILQ_FOREACH(opt, &lun->be_lun->options, links) { 3139 retval = sbuf_printf(sb, "\t<%s>%s</%s>\n", 3140 opt->name, opt->value, opt->name); 3141 if (retval != 0) 3142 break; 3143 } 3144 3145 retval = sbuf_printf(sb, "</lun>\n"); 3146 3147 if (retval != 0) 3148 break; 3149 mtx_unlock(&lun->lun_lock); 3150 } 3151 if (lun != NULL) 3152 mtx_unlock(&lun->lun_lock); 3153 mtx_unlock(&softc->ctl_lock); 3154 3155 if ((retval != 0) 3156 || ((retval = sbuf_printf(sb, "</ctllunlist>\n")) != 0)) { 3157 retval = 0; 3158 sbuf_delete(sb); 3159 list->status = CTL_LUN_LIST_NEED_MORE_SPACE; 3160 snprintf(list->error_str, sizeof(list->error_str), 3161 "Out of space, %d bytes is too small", 3162 list->alloc_len); 3163 break; 3164 } 3165 3166 sbuf_finish(sb); 3167 3168 retval = copyout(sbuf_data(sb), list->lun_xml, 3169 sbuf_len(sb) + 1); 3170 3171 list->fill_len = sbuf_len(sb) + 1; 3172 list->status = CTL_LUN_LIST_OK; 3173 sbuf_delete(sb); 3174 break; 3175 } 3176 case CTL_ISCSI: { 3177 struct ctl_iscsi *ci; 3178 struct ctl_frontend *fe; 3179 3180 ci = (struct ctl_iscsi *)addr; 3181 3182 fe = ctl_frontend_find("iscsi"); 3183 if (fe == NULL) { 3184 ci->status = CTL_ISCSI_ERROR; 3185 snprintf(ci->error_str, sizeof(ci->error_str), 3186 "Frontend \"iscsi\" not found."); 3187 break; 3188 } 3189 3190 retval = fe->ioctl(dev, cmd, addr, flag, td); 3191 break; 3192 } 3193 case CTL_PORT_REQ: { 3194 struct ctl_req *req; 3195 struct ctl_frontend *fe; 3196 3197 req = (struct ctl_req *)addr; 3198 3199 fe = ctl_frontend_find(req->driver); 3200 if (fe == NULL) { 3201 req->status = CTL_LUN_ERROR; 3202 snprintf(req->error_str, sizeof(req->error_str), 3203 "Frontend \"%s\" not found.", req->driver); 3204 break; 3205 } 3206 if (req->num_args > 0) { 3207 req->kern_args = ctl_copyin_args(req->num_args, 3208 req->args, req->error_str, sizeof(req->error_str)); 3209 if (req->kern_args == NULL) { 3210 req->status = CTL_LUN_ERROR; 3211 break; 3212 } 3213 } 3214 3215 retval = fe->ioctl(dev, cmd, addr, flag, td); 3216 3217 if (req->num_args > 0) { 3218 ctl_copyout_args(req->num_args, req->kern_args); 3219 ctl_free_args(req->num_args, req->kern_args); 3220 } 3221 break; 3222 } 3223 case CTL_PORT_LIST: { 3224 struct sbuf *sb; 3225 struct ctl_port *port; 3226 struct ctl_lun_list *list; 3227 struct ctl_option *opt; 3228 3229 list = (struct ctl_lun_list *)addr; 3230 3231 sb = sbuf_new(NULL, NULL, list->alloc_len, SBUF_FIXEDLEN); 3232 if (sb == NULL) { 3233 list->status = CTL_LUN_LIST_ERROR; 3234 snprintf(list->error_str, sizeof(list->error_str), 3235 "Unable to allocate %d bytes for LUN list", 3236 list->alloc_len); 3237 break; 3238 } 3239 3240 sbuf_printf(sb, "<ctlportlist>\n"); 3241 3242 mtx_lock(&softc->ctl_lock); 3243 STAILQ_FOREACH(port, &softc->port_list, links) { 3244 retval = sbuf_printf(sb, "<targ_port id=\"%ju\">\n", 3245 (uintmax_t)port->targ_port); 3246 3247 /* 3248 * Bail out as soon as we see that we've overfilled 3249 * the buffer. 3250 */ 3251 if (retval != 0) 3252 break; 3253 3254 retval = sbuf_printf(sb, "\t<frontend_type>%s" 3255 "</frontend_type>\n", port->frontend->name); 3256 if (retval != 0) 3257 break; 3258 3259 retval = sbuf_printf(sb, "\t<port_type>%d</port_type>\n", 3260 port->port_type); 3261 if (retval != 0) 3262 break; 3263 3264 retval = sbuf_printf(sb, "\t<online>%s</online>\n", 3265 (port->status & CTL_PORT_STATUS_ONLINE) ? "YES" : "NO"); 3266 if (retval != 0) 3267 break; 3268 3269 retval = sbuf_printf(sb, "\t<port_name>%s</port_name>\n", 3270 port->port_name); 3271 if (retval != 0) 3272 break; 3273 3274 retval = sbuf_printf(sb, "\t<physical_port>%d</physical_port>\n", 3275 port->physical_port); 3276 if (retval != 0) 3277 break; 3278 3279 retval = sbuf_printf(sb, "\t<virtual_port>%d</virtual_port>\n", 3280 port->virtual_port); 3281 if (retval != 0) 3282 break; 3283 3284 retval = sbuf_printf(sb, "\t<wwnn>%#jx</wwnn>\n", 3285 (uintmax_t)port->wwnn); 3286 if (retval != 0) 3287 break; 3288 3289 retval = sbuf_printf(sb, "\t<wwpn>%#jx</wwpn>\n", 3290 (uintmax_t)port->wwpn); 3291 if (retval != 0) 3292 break; 3293 3294 if (port->port_info != NULL) { 3295 retval = port->port_info(port->onoff_arg, sb); 3296 if (retval != 0) 3297 break; 3298 } 3299 STAILQ_FOREACH(opt, &port->options, links) { 3300 retval = sbuf_printf(sb, "\t<%s>%s</%s>\n", 3301 opt->name, opt->value, opt->name); 3302 if (retval != 0) 3303 break; 3304 } 3305 3306 retval = sbuf_printf(sb, "</targ_port>\n"); 3307 if (retval != 0) 3308 break; 3309 } 3310 mtx_unlock(&softc->ctl_lock); 3311 3312 if ((retval != 0) 3313 || ((retval = sbuf_printf(sb, "</ctlportlist>\n")) != 0)) { 3314 retval = 0; 3315 sbuf_delete(sb); 3316 list->status = CTL_LUN_LIST_NEED_MORE_SPACE; 3317 snprintf(list->error_str, sizeof(list->error_str), 3318 "Out of space, %d bytes is too small", 3319 list->alloc_len); 3320 break; 3321 } 3322 3323 sbuf_finish(sb); 3324 3325 retval = copyout(sbuf_data(sb), list->lun_xml, 3326 sbuf_len(sb) + 1); 3327 3328 list->fill_len = sbuf_len(sb) + 1; 3329 list->status = CTL_LUN_LIST_OK; 3330 sbuf_delete(sb); 3331 break; 3332 } 3333 default: { 3334 /* XXX KDM should we fix this? */ 3335#if 0 3336 struct ctl_backend_driver *backend; 3337 unsigned int type; 3338 int found; 3339 3340 found = 0; 3341 3342 /* 3343 * We encode the backend type as the ioctl type for backend 3344 * ioctls. So parse it out here, and then search for a 3345 * backend of this type. 3346 */ 3347 type = _IOC_TYPE(cmd); 3348 3349 STAILQ_FOREACH(backend, &softc->be_list, links) { 3350 if (backend->type == type) { 3351 found = 1; 3352 break; 3353 } 3354 } 3355 if (found == 0) { 3356 printf("ctl: unknown ioctl command %#lx or backend " 3357 "%d\n", cmd, type); 3358 retval = EINVAL; 3359 break; 3360 } 3361 retval = backend->ioctl(dev, cmd, addr, flag, td); 3362#endif 3363 retval = ENOTTY; 3364 break; 3365 } 3366 } 3367 return (retval); 3368} 3369 3370uint32_t 3371ctl_get_initindex(struct ctl_nexus *nexus) 3372{ 3373 if (nexus->targ_port < CTL_MAX_PORTS) 3374 return (nexus->initid.id + 3375 (nexus->targ_port * CTL_MAX_INIT_PER_PORT)); 3376 else 3377 return (nexus->initid.id + 3378 ((nexus->targ_port - CTL_MAX_PORTS) * 3379 CTL_MAX_INIT_PER_PORT)); 3380} 3381 3382uint32_t 3383ctl_get_resindex(struct ctl_nexus *nexus) 3384{ 3385 return (nexus->initid.id + (nexus->targ_port * CTL_MAX_INIT_PER_PORT)); 3386} 3387 3388uint32_t 3389ctl_port_idx(int port_num) 3390{ 3391 if (port_num < CTL_MAX_PORTS) 3392 return(port_num); 3393 else 3394 return(port_num - CTL_MAX_PORTS); 3395} 3396 3397static uint32_t 3398ctl_map_lun(int port_num, uint32_t lun_id) 3399{ 3400 struct ctl_port *port; 3401 3402 port = control_softc->ctl_ports[ctl_port_idx(port_num)]; 3403 if (port == NULL) 3404 return (UINT32_MAX); 3405 if (port->lun_map == NULL) 3406 return (lun_id); 3407 return (port->lun_map(port->targ_lun_arg, lun_id)); 3408} 3409 3410static uint32_t 3411ctl_map_lun_back(int port_num, uint32_t lun_id) 3412{ 3413 struct ctl_port *port; 3414 uint32_t i; 3415 3416 port = control_softc->ctl_ports[ctl_port_idx(port_num)]; 3417 if (port->lun_map == NULL) 3418 return (lun_id); 3419 for (i = 0; i < CTL_MAX_LUNS; i++) { 3420 if (port->lun_map(port->targ_lun_arg, i) == lun_id) 3421 return (i); 3422 } 3423 return (UINT32_MAX); 3424} 3425 3426/* 3427 * Note: This only works for bitmask sizes that are at least 32 bits, and 3428 * that are a power of 2. 3429 */ 3430int 3431ctl_ffz(uint32_t *mask, uint32_t size) 3432{ 3433 uint32_t num_chunks, num_pieces; 3434 int i, j; 3435 3436 num_chunks = (size >> 5); 3437 if (num_chunks == 0) 3438 num_chunks++; 3439 num_pieces = ctl_min((sizeof(uint32_t) * 8), size); 3440 3441 for (i = 0; i < num_chunks; i++) { 3442 for (j = 0; j < num_pieces; j++) { 3443 if ((mask[i] & (1 << j)) == 0) 3444 return ((i << 5) + j); 3445 } 3446 } 3447 3448 return (-1); 3449} 3450 3451int 3452ctl_set_mask(uint32_t *mask, uint32_t bit) 3453{ 3454 uint32_t chunk, piece; 3455 3456 chunk = bit >> 5; 3457 piece = bit % (sizeof(uint32_t) * 8); 3458 3459 if ((mask[chunk] & (1 << piece)) != 0) 3460 return (-1); 3461 else 3462 mask[chunk] |= (1 << piece); 3463 3464 return (0); 3465} 3466 3467int 3468ctl_clear_mask(uint32_t *mask, uint32_t bit) 3469{ 3470 uint32_t chunk, piece; 3471 3472 chunk = bit >> 5; 3473 piece = bit % (sizeof(uint32_t) * 8); 3474 3475 if ((mask[chunk] & (1 << piece)) == 0) 3476 return (-1); 3477 else 3478 mask[chunk] &= ~(1 << piece); 3479 3480 return (0); 3481} 3482 3483int 3484ctl_is_set(uint32_t *mask, uint32_t bit) 3485{ 3486 uint32_t chunk, piece; 3487 3488 chunk = bit >> 5; 3489 piece = bit % (sizeof(uint32_t) * 8); 3490 3491 if ((mask[chunk] & (1 << piece)) == 0) 3492 return (0); 3493 else 3494 return (1); 3495} 3496 3497#ifdef unused 3498/* 3499 * The bus, target and lun are optional, they can be filled in later. 3500 * can_wait is used to determine whether we can wait on the malloc or not. 3501 */ 3502union ctl_io* 3503ctl_malloc_io(ctl_io_type io_type, uint32_t targ_port, uint32_t targ_target, 3504 uint32_t targ_lun, int can_wait) 3505{ 3506 union ctl_io *io; 3507 3508 if (can_wait) 3509 io = (union ctl_io *)malloc(sizeof(*io), M_CTL, M_WAITOK); 3510 else 3511 io = (union ctl_io *)malloc(sizeof(*io), M_CTL, M_NOWAIT); 3512 3513 if (io != NULL) { 3514 io->io_hdr.io_type = io_type; 3515 io->io_hdr.targ_port = targ_port; 3516 /* 3517 * XXX KDM this needs to change/go away. We need to move 3518 * to a preallocated pool of ctl_scsiio structures. 3519 */ 3520 io->io_hdr.nexus.targ_target.id = targ_target; 3521 io->io_hdr.nexus.targ_lun = targ_lun; 3522 } 3523 3524 return (io); 3525} 3526 3527void 3528ctl_kfree_io(union ctl_io *io) 3529{ 3530 free(io, M_CTL); 3531} 3532#endif /* unused */ 3533 3534/* 3535 * ctl_softc, pool_type, total_ctl_io are passed in. 3536 * npool is passed out. 3537 */ 3538int 3539ctl_pool_create(struct ctl_softc *ctl_softc, ctl_pool_type pool_type, 3540 uint32_t total_ctl_io, struct ctl_io_pool **npool) 3541{ 3542 uint32_t i; 3543 union ctl_io *cur_io, *next_io; 3544 struct ctl_io_pool *pool; 3545 int retval; 3546 3547 retval = 0; 3548 3549 pool = (struct ctl_io_pool *)malloc(sizeof(*pool), M_CTL, 3550 M_NOWAIT | M_ZERO); 3551 if (pool == NULL) { 3552 retval = ENOMEM; 3553 goto bailout; 3554 } 3555 3556 pool->type = pool_type; 3557 pool->ctl_softc = ctl_softc; 3558 3559 mtx_lock(&ctl_softc->pool_lock); 3560 pool->id = ctl_softc->cur_pool_id++; 3561 mtx_unlock(&ctl_softc->pool_lock); 3562 3563 pool->flags = CTL_POOL_FLAG_NONE; 3564 pool->refcount = 1; /* Reference for validity. */ 3565 STAILQ_INIT(&pool->free_queue); 3566 3567 /* 3568 * XXX KDM other options here: 3569 * - allocate a page at a time 3570 * - allocate one big chunk of memory. 3571 * Page allocation might work well, but would take a little more 3572 * tracking. 3573 */ 3574 for (i = 0; i < total_ctl_io; i++) { 3575 cur_io = (union ctl_io *)malloc(sizeof(*cur_io), M_CTLIO, 3576 M_NOWAIT); 3577 if (cur_io == NULL) { 3578 retval = ENOMEM; 3579 break; 3580 } 3581 cur_io->io_hdr.pool = pool; 3582 STAILQ_INSERT_TAIL(&pool->free_queue, &cur_io->io_hdr, links); 3583 pool->total_ctl_io++; 3584 pool->free_ctl_io++; 3585 } 3586 3587 if (retval != 0) { 3588 for (cur_io = (union ctl_io *)STAILQ_FIRST(&pool->free_queue); 3589 cur_io != NULL; cur_io = next_io) { 3590 next_io = (union ctl_io *)STAILQ_NEXT(&cur_io->io_hdr, 3591 links); 3592 STAILQ_REMOVE(&pool->free_queue, &cur_io->io_hdr, 3593 ctl_io_hdr, links); 3594 free(cur_io, M_CTLIO); 3595 } 3596 3597 free(pool, M_CTL); 3598 goto bailout; 3599 } 3600 mtx_lock(&ctl_softc->pool_lock); 3601 ctl_softc->num_pools++; 3602 STAILQ_INSERT_TAIL(&ctl_softc->io_pools, pool, links); 3603 /* 3604 * Increment our usage count if this is an external consumer, so we 3605 * can't get unloaded until the external consumer (most likely a 3606 * FETD) unloads and frees his pool. 3607 * 3608 * XXX KDM will this increment the caller's module use count, or 3609 * mine? 3610 */ 3611#if 0 3612 if ((pool_type != CTL_POOL_EMERGENCY) 3613 && (pool_type != CTL_POOL_INTERNAL) 3614 && (pool_type != CTL_POOL_4OTHERSC)) 3615 MOD_INC_USE_COUNT; 3616#endif 3617 3618 mtx_unlock(&ctl_softc->pool_lock); 3619 3620 *npool = pool; 3621 3622bailout: 3623 3624 return (retval); 3625} 3626 3627static int 3628ctl_pool_acquire(struct ctl_io_pool *pool) 3629{ 3630 3631 mtx_assert(&pool->ctl_softc->pool_lock, MA_OWNED); 3632 3633 if (pool->flags & CTL_POOL_FLAG_INVALID) 3634 return (EINVAL); 3635 3636 pool->refcount++; 3637 3638 return (0); 3639} 3640 3641static void 3642ctl_pool_release(struct ctl_io_pool *pool) 3643{ 3644 struct ctl_softc *ctl_softc = pool->ctl_softc; 3645 union ctl_io *io; 3646 3647 mtx_assert(&ctl_softc->pool_lock, MA_OWNED); 3648 3649 if (--pool->refcount != 0) 3650 return; 3651 3652 while ((io = (union ctl_io *)STAILQ_FIRST(&pool->free_queue)) != NULL) { 3653 STAILQ_REMOVE(&pool->free_queue, &io->io_hdr, ctl_io_hdr, 3654 links); 3655 free(io, M_CTLIO); 3656 } 3657 3658 STAILQ_REMOVE(&ctl_softc->io_pools, pool, ctl_io_pool, links); 3659 ctl_softc->num_pools--; 3660 3661 /* 3662 * XXX KDM will this decrement the caller's usage count or mine? 3663 */ 3664#if 0 3665 if ((pool->type != CTL_POOL_EMERGENCY) 3666 && (pool->type != CTL_POOL_INTERNAL) 3667 && (pool->type != CTL_POOL_4OTHERSC)) 3668 MOD_DEC_USE_COUNT; 3669#endif 3670 3671 free(pool, M_CTL); 3672} 3673 3674void 3675ctl_pool_free(struct ctl_io_pool *pool) 3676{ 3677 struct ctl_softc *ctl_softc; 3678 3679 if (pool == NULL) 3680 return; 3681 3682 ctl_softc = pool->ctl_softc; 3683 mtx_lock(&ctl_softc->pool_lock); 3684 pool->flags |= CTL_POOL_FLAG_INVALID; 3685 ctl_pool_release(pool); 3686 mtx_unlock(&ctl_softc->pool_lock); 3687} 3688 3689/* 3690 * This routine does not block (except for spinlocks of course). 3691 * It tries to allocate a ctl_io union from the caller's pool as quickly as 3692 * possible. 3693 */ 3694union ctl_io * 3695ctl_alloc_io(void *pool_ref) 3696{ 3697 union ctl_io *io; 3698 struct ctl_softc *ctl_softc; 3699 struct ctl_io_pool *pool, *npool; 3700 struct ctl_io_pool *emergency_pool; 3701 3702 pool = (struct ctl_io_pool *)pool_ref; 3703 3704 if (pool == NULL) { 3705 printf("%s: pool is NULL\n", __func__); 3706 return (NULL); 3707 } 3708 3709 emergency_pool = NULL; 3710 3711 ctl_softc = pool->ctl_softc; 3712 3713 mtx_lock(&ctl_softc->pool_lock); 3714 /* 3715 * First, try to get the io structure from the user's pool. 3716 */ 3717 if (ctl_pool_acquire(pool) == 0) { 3718 io = (union ctl_io *)STAILQ_FIRST(&pool->free_queue); 3719 if (io != NULL) { 3720 STAILQ_REMOVE_HEAD(&pool->free_queue, links); 3721 pool->total_allocated++; 3722 pool->free_ctl_io--; 3723 mtx_unlock(&ctl_softc->pool_lock); 3724 return (io); 3725 } else 3726 ctl_pool_release(pool); 3727 } 3728 /* 3729 * If he doesn't have any io structures left, search for an 3730 * emergency pool and grab one from there. 3731 */ 3732 STAILQ_FOREACH(npool, &ctl_softc->io_pools, links) { 3733 if (npool->type != CTL_POOL_EMERGENCY) 3734 continue; 3735 3736 if (ctl_pool_acquire(npool) != 0) 3737 continue; 3738 3739 emergency_pool = npool; 3740 3741 io = (union ctl_io *)STAILQ_FIRST(&npool->free_queue); 3742 if (io != NULL) { 3743 STAILQ_REMOVE_HEAD(&npool->free_queue, links); 3744 npool->total_allocated++; 3745 npool->free_ctl_io--; 3746 mtx_unlock(&ctl_softc->pool_lock); 3747 return (io); 3748 } else 3749 ctl_pool_release(npool); 3750 } 3751 3752 /* Drop the spinlock before we malloc */ 3753 mtx_unlock(&ctl_softc->pool_lock); 3754 3755 /* 3756 * The emergency pool (if it exists) didn't have one, so try an 3757 * atomic (i.e. nonblocking) malloc and see if we get lucky. 3758 */ 3759 io = (union ctl_io *)malloc(sizeof(*io), M_CTLIO, M_NOWAIT); 3760 if (io != NULL) { 3761 /* 3762 * If the emergency pool exists but is empty, add this 3763 * ctl_io to its list when it gets freed. 3764 */ 3765 if (emergency_pool != NULL) { 3766 mtx_lock(&ctl_softc->pool_lock); 3767 if (ctl_pool_acquire(emergency_pool) == 0) { 3768 io->io_hdr.pool = emergency_pool; 3769 emergency_pool->total_ctl_io++; 3770 /* 3771 * Need to bump this, otherwise 3772 * total_allocated and total_freed won't 3773 * match when we no longer have anything 3774 * outstanding. 3775 */ 3776 emergency_pool->total_allocated++; 3777 } 3778 mtx_unlock(&ctl_softc->pool_lock); 3779 } else 3780 io->io_hdr.pool = NULL; 3781 } 3782 3783 return (io); 3784} 3785 3786void 3787ctl_free_io(union ctl_io *io) 3788{ 3789 if (io == NULL) 3790 return; 3791 3792 /* 3793 * If this ctl_io has a pool, return it to that pool. 3794 */ 3795 if (io->io_hdr.pool != NULL) { 3796 struct ctl_io_pool *pool; 3797 3798 pool = (struct ctl_io_pool *)io->io_hdr.pool; 3799 mtx_lock(&pool->ctl_softc->pool_lock); 3800 io->io_hdr.io_type = 0xff; 3801 STAILQ_INSERT_TAIL(&pool->free_queue, &io->io_hdr, links); 3802 pool->total_freed++; 3803 pool->free_ctl_io++; 3804 ctl_pool_release(pool); 3805 mtx_unlock(&pool->ctl_softc->pool_lock); 3806 } else { 3807 /* 3808 * Otherwise, just free it. We probably malloced it and 3809 * the emergency pool wasn't available. 3810 */ 3811 free(io, M_CTLIO); 3812 } 3813 3814} 3815 3816void 3817ctl_zero_io(union ctl_io *io) 3818{ 3819 void *pool_ref; 3820 3821 if (io == NULL) 3822 return; 3823 3824 /* 3825 * May need to preserve linked list pointers at some point too. 3826 */ 3827 pool_ref = io->io_hdr.pool; 3828 3829 memset(io, 0, sizeof(*io)); 3830 3831 io->io_hdr.pool = pool_ref; 3832} 3833 3834/* 3835 * This routine is currently used for internal copies of ctl_ios that need 3836 * to persist for some reason after we've already returned status to the 3837 * FETD. (Thus the flag set.) 3838 * 3839 * XXX XXX 3840 * Note that this makes a blind copy of all fields in the ctl_io, except 3841 * for the pool reference. This includes any memory that has been 3842 * allocated! That memory will no longer be valid after done has been 3843 * called, so this would be VERY DANGEROUS for command that actually does 3844 * any reads or writes. Right now (11/7/2005), this is only used for immediate 3845 * start and stop commands, which don't transfer any data, so this is not a 3846 * problem. If it is used for anything else, the caller would also need to 3847 * allocate data buffer space and this routine would need to be modified to 3848 * copy the data buffer(s) as well. 3849 */ 3850void 3851ctl_copy_io(union ctl_io *src, union ctl_io *dest) 3852{ 3853 void *pool_ref; 3854 3855 if ((src == NULL) 3856 || (dest == NULL)) 3857 return; 3858 3859 /* 3860 * May need to preserve linked list pointers at some point too. 3861 */ 3862 pool_ref = dest->io_hdr.pool; 3863 3864 memcpy(dest, src, ctl_min(sizeof(*src), sizeof(*dest))); 3865 3866 dest->io_hdr.pool = pool_ref; 3867 /* 3868 * We need to know that this is an internal copy, and doesn't need 3869 * to get passed back to the FETD that allocated it. 3870 */ 3871 dest->io_hdr.flags |= CTL_FLAG_INT_COPY; 3872} 3873 3874#ifdef NEEDTOPORT 3875static void 3876ctl_update_power_subpage(struct copan_power_subpage *page) 3877{ 3878 int num_luns, num_partitions, config_type; 3879 struct ctl_softc *softc; 3880 cs_BOOL_t aor_present, shelf_50pct_power; 3881 cs_raidset_personality_t rs_type; 3882 int max_active_luns; 3883 3884 softc = control_softc; 3885 3886 /* subtract out the processor LUN */ 3887 num_luns = softc->num_luns - 1; 3888 /* 3889 * Default to 7 LUNs active, which was the only number we allowed 3890 * in the past. 3891 */ 3892 max_active_luns = 7; 3893 3894 num_partitions = config_GetRsPartitionInfo(); 3895 config_type = config_GetConfigType(); 3896 shelf_50pct_power = config_GetShelfPowerMode(); 3897 aor_present = config_IsAorRsPresent(); 3898 3899 rs_type = ddb_GetRsRaidType(1); 3900 if ((rs_type != CS_RAIDSET_PERSONALITY_RAID5) 3901 && (rs_type != CS_RAIDSET_PERSONALITY_RAID1)) { 3902 EPRINT(0, "Unsupported RS type %d!", rs_type); 3903 } 3904 3905 3906 page->total_luns = num_luns; 3907 3908 switch (config_type) { 3909 case 40: 3910 /* 3911 * In a 40 drive configuration, it doesn't matter what DC 3912 * cards we have, whether we have AOR enabled or not, 3913 * partitioning or not, or what type of RAIDset we have. 3914 * In that scenario, we can power up every LUN we present 3915 * to the user. 3916 */ 3917 max_active_luns = num_luns; 3918 3919 break; 3920 case 64: 3921 if (shelf_50pct_power == CS_FALSE) { 3922 /* 25% power */ 3923 if (aor_present == CS_TRUE) { 3924 if (rs_type == 3925 CS_RAIDSET_PERSONALITY_RAID5) { 3926 max_active_luns = 7; 3927 } else if (rs_type == 3928 CS_RAIDSET_PERSONALITY_RAID1){ 3929 max_active_luns = 14; 3930 } else { 3931 /* XXX KDM now what?? */ 3932 } 3933 } else { 3934 if (rs_type == 3935 CS_RAIDSET_PERSONALITY_RAID5) { 3936 max_active_luns = 8; 3937 } else if (rs_type == 3938 CS_RAIDSET_PERSONALITY_RAID1){ 3939 max_active_luns = 16; 3940 } else { 3941 /* XXX KDM now what?? */ 3942 } 3943 } 3944 } else { 3945 /* 50% power */ 3946 /* 3947 * With 50% power in a 64 drive configuration, we 3948 * can power all LUNs we present. 3949 */ 3950 max_active_luns = num_luns; 3951 } 3952 break; 3953 case 112: 3954 if (shelf_50pct_power == CS_FALSE) { 3955 /* 25% power */ 3956 if (aor_present == CS_TRUE) { 3957 if (rs_type == 3958 CS_RAIDSET_PERSONALITY_RAID5) { 3959 max_active_luns = 7; 3960 } else if (rs_type == 3961 CS_RAIDSET_PERSONALITY_RAID1){ 3962 max_active_luns = 14; 3963 } else { 3964 /* XXX KDM now what?? */ 3965 } 3966 } else { 3967 if (rs_type == 3968 CS_RAIDSET_PERSONALITY_RAID5) { 3969 max_active_luns = 8; 3970 } else if (rs_type == 3971 CS_RAIDSET_PERSONALITY_RAID1){ 3972 max_active_luns = 16; 3973 } else { 3974 /* XXX KDM now what?? */ 3975 } 3976 } 3977 } else { 3978 /* 50% power */ 3979 if (aor_present == CS_TRUE) { 3980 if (rs_type == 3981 CS_RAIDSET_PERSONALITY_RAID5) { 3982 max_active_luns = 14; 3983 } else if (rs_type == 3984 CS_RAIDSET_PERSONALITY_RAID1){ 3985 /* 3986 * We're assuming here that disk 3987 * caching is enabled, and so we're 3988 * able to power up half of each 3989 * LUN, and cache all writes. 3990 */ 3991 max_active_luns = num_luns; 3992 } else { 3993 /* XXX KDM now what?? */ 3994 } 3995 } else { 3996 if (rs_type == 3997 CS_RAIDSET_PERSONALITY_RAID5) { 3998 max_active_luns = 15; 3999 } else if (rs_type == 4000 CS_RAIDSET_PERSONALITY_RAID1){ 4001 max_active_luns = 30; 4002 } else { 4003 /* XXX KDM now what?? */ 4004 } 4005 } 4006 } 4007 break; 4008 default: 4009 /* 4010 * In this case, we have an unknown configuration, so we 4011 * just use the default from above. 4012 */ 4013 break; 4014 } 4015 4016 page->max_active_luns = max_active_luns; 4017#if 0 4018 printk("%s: total_luns = %d, max_active_luns = %d\n", __func__, 4019 page->total_luns, page->max_active_luns); 4020#endif 4021} 4022#endif /* NEEDTOPORT */ 4023 4024/* 4025 * This routine could be used in the future to load default and/or saved 4026 * mode page parameters for a particuar lun. 4027 */ 4028static int 4029ctl_init_page_index(struct ctl_lun *lun) 4030{ 4031 int i; 4032 struct ctl_page_index *page_index; 4033 struct ctl_softc *softc; 4034 4035 memcpy(&lun->mode_pages.index, page_index_template, 4036 sizeof(page_index_template)); 4037 4038 softc = lun->ctl_softc; 4039 4040 for (i = 0; i < CTL_NUM_MODE_PAGES; i++) { 4041 4042 page_index = &lun->mode_pages.index[i]; 4043 /* 4044 * If this is a disk-only mode page, there's no point in 4045 * setting it up. For some pages, we have to have some 4046 * basic information about the disk in order to calculate the 4047 * mode page data. 4048 */ 4049 if ((lun->be_lun->lun_type != T_DIRECT) 4050 && (page_index->page_flags & CTL_PAGE_FLAG_DISK_ONLY)) 4051 continue; 4052 4053 switch (page_index->page_code & SMPH_PC_MASK) { 4054 case SMS_FORMAT_DEVICE_PAGE: { 4055 struct scsi_format_page *format_page; 4056 4057 if (page_index->subpage != SMS_SUBPAGE_PAGE_0) 4058 panic("subpage is incorrect!"); 4059 4060 /* 4061 * Sectors per track are set above. Bytes per 4062 * sector need to be set here on a per-LUN basis. 4063 */ 4064 memcpy(&lun->mode_pages.format_page[CTL_PAGE_CURRENT], 4065 &format_page_default, 4066 sizeof(format_page_default)); 4067 memcpy(&lun->mode_pages.format_page[ 4068 CTL_PAGE_CHANGEABLE], &format_page_changeable, 4069 sizeof(format_page_changeable)); 4070 memcpy(&lun->mode_pages.format_page[CTL_PAGE_DEFAULT], 4071 &format_page_default, 4072 sizeof(format_page_default)); 4073 memcpy(&lun->mode_pages.format_page[CTL_PAGE_SAVED], 4074 &format_page_default, 4075 sizeof(format_page_default)); 4076 4077 format_page = &lun->mode_pages.format_page[ 4078 CTL_PAGE_CURRENT]; 4079 scsi_ulto2b(lun->be_lun->blocksize, 4080 format_page->bytes_per_sector); 4081 4082 format_page = &lun->mode_pages.format_page[ 4083 CTL_PAGE_DEFAULT]; 4084 scsi_ulto2b(lun->be_lun->blocksize, 4085 format_page->bytes_per_sector); 4086 4087 format_page = &lun->mode_pages.format_page[ 4088 CTL_PAGE_SAVED]; 4089 scsi_ulto2b(lun->be_lun->blocksize, 4090 format_page->bytes_per_sector); 4091 4092 page_index->page_data = 4093 (uint8_t *)lun->mode_pages.format_page; 4094 break; 4095 } 4096 case SMS_RIGID_DISK_PAGE: { 4097 struct scsi_rigid_disk_page *rigid_disk_page; 4098 uint32_t sectors_per_cylinder; 4099 uint64_t cylinders; 4100#ifndef __XSCALE__ 4101 int shift; 4102#endif /* !__XSCALE__ */ 4103 4104 if (page_index->subpage != SMS_SUBPAGE_PAGE_0) 4105 panic("invalid subpage value %d", 4106 page_index->subpage); 4107 4108 /* 4109 * Rotation rate and sectors per track are set 4110 * above. We calculate the cylinders here based on 4111 * capacity. Due to the number of heads and 4112 * sectors per track we're using, smaller arrays 4113 * may turn out to have 0 cylinders. Linux and 4114 * FreeBSD don't pay attention to these mode pages 4115 * to figure out capacity, but Solaris does. It 4116 * seems to deal with 0 cylinders just fine, and 4117 * works out a fake geometry based on the capacity. 4118 */ 4119 memcpy(&lun->mode_pages.rigid_disk_page[ 4120 CTL_PAGE_CURRENT], &rigid_disk_page_default, 4121 sizeof(rigid_disk_page_default)); 4122 memcpy(&lun->mode_pages.rigid_disk_page[ 4123 CTL_PAGE_CHANGEABLE],&rigid_disk_page_changeable, 4124 sizeof(rigid_disk_page_changeable)); 4125 memcpy(&lun->mode_pages.rigid_disk_page[ 4126 CTL_PAGE_DEFAULT], &rigid_disk_page_default, 4127 sizeof(rigid_disk_page_default)); 4128 memcpy(&lun->mode_pages.rigid_disk_page[ 4129 CTL_PAGE_SAVED], &rigid_disk_page_default, 4130 sizeof(rigid_disk_page_default)); 4131 4132 sectors_per_cylinder = CTL_DEFAULT_SECTORS_PER_TRACK * 4133 CTL_DEFAULT_HEADS; 4134 4135 /* 4136 * The divide method here will be more accurate, 4137 * probably, but results in floating point being 4138 * used in the kernel on i386 (__udivdi3()). On the 4139 * XScale, though, __udivdi3() is implemented in 4140 * software. 4141 * 4142 * The shift method for cylinder calculation is 4143 * accurate if sectors_per_cylinder is a power of 4144 * 2. Otherwise it might be slightly off -- you 4145 * might have a bit of a truncation problem. 4146 */ 4147#ifdef __XSCALE__ 4148 cylinders = (lun->be_lun->maxlba + 1) / 4149 sectors_per_cylinder; 4150#else 4151 for (shift = 31; shift > 0; shift--) { 4152 if (sectors_per_cylinder & (1 << shift)) 4153 break; 4154 } 4155 cylinders = (lun->be_lun->maxlba + 1) >> shift; 4156#endif 4157 4158 /* 4159 * We've basically got 3 bytes, or 24 bits for the 4160 * cylinder size in the mode page. If we're over, 4161 * just round down to 2^24. 4162 */ 4163 if (cylinders > 0xffffff) 4164 cylinders = 0xffffff; 4165 4166 rigid_disk_page = &lun->mode_pages.rigid_disk_page[ 4167 CTL_PAGE_CURRENT]; 4168 scsi_ulto3b(cylinders, rigid_disk_page->cylinders); 4169 4170 rigid_disk_page = &lun->mode_pages.rigid_disk_page[ 4171 CTL_PAGE_DEFAULT]; 4172 scsi_ulto3b(cylinders, rigid_disk_page->cylinders); 4173 4174 rigid_disk_page = &lun->mode_pages.rigid_disk_page[ 4175 CTL_PAGE_SAVED]; 4176 scsi_ulto3b(cylinders, rigid_disk_page->cylinders); 4177 4178 page_index->page_data = 4179 (uint8_t *)lun->mode_pages.rigid_disk_page; 4180 break; 4181 } 4182 case SMS_CACHING_PAGE: { 4183 4184 if (page_index->subpage != SMS_SUBPAGE_PAGE_0) 4185 panic("invalid subpage value %d", 4186 page_index->subpage); 4187 /* 4188 * Defaults should be okay here, no calculations 4189 * needed. 4190 */ 4191 memcpy(&lun->mode_pages.caching_page[CTL_PAGE_CURRENT], 4192 &caching_page_default, 4193 sizeof(caching_page_default)); 4194 memcpy(&lun->mode_pages.caching_page[ 4195 CTL_PAGE_CHANGEABLE], &caching_page_changeable, 4196 sizeof(caching_page_changeable)); 4197 memcpy(&lun->mode_pages.caching_page[CTL_PAGE_DEFAULT], 4198 &caching_page_default, 4199 sizeof(caching_page_default)); 4200 memcpy(&lun->mode_pages.caching_page[CTL_PAGE_SAVED], 4201 &caching_page_default, 4202 sizeof(caching_page_default)); 4203 page_index->page_data = 4204 (uint8_t *)lun->mode_pages.caching_page; 4205 break; 4206 } 4207 case SMS_CONTROL_MODE_PAGE: { 4208 4209 if (page_index->subpage != SMS_SUBPAGE_PAGE_0) 4210 panic("invalid subpage value %d", 4211 page_index->subpage); 4212 4213 /* 4214 * Defaults should be okay here, no calculations 4215 * needed. 4216 */ 4217 memcpy(&lun->mode_pages.control_page[CTL_PAGE_CURRENT], 4218 &control_page_default, 4219 sizeof(control_page_default)); 4220 memcpy(&lun->mode_pages.control_page[ 4221 CTL_PAGE_CHANGEABLE], &control_page_changeable, 4222 sizeof(control_page_changeable)); 4223 memcpy(&lun->mode_pages.control_page[CTL_PAGE_DEFAULT], 4224 &control_page_default, 4225 sizeof(control_page_default)); 4226 memcpy(&lun->mode_pages.control_page[CTL_PAGE_SAVED], 4227 &control_page_default, 4228 sizeof(control_page_default)); 4229 page_index->page_data = 4230 (uint8_t *)lun->mode_pages.control_page; 4231 break; 4232 4233 } 4234 case SMS_VENDOR_SPECIFIC_PAGE:{ 4235 switch (page_index->subpage) { 4236 case PWR_SUBPAGE_CODE: { 4237 struct copan_power_subpage *current_page, 4238 *saved_page; 4239 4240 memcpy(&lun->mode_pages.power_subpage[ 4241 CTL_PAGE_CURRENT], 4242 &power_page_default, 4243 sizeof(power_page_default)); 4244 memcpy(&lun->mode_pages.power_subpage[ 4245 CTL_PAGE_CHANGEABLE], 4246 &power_page_changeable, 4247 sizeof(power_page_changeable)); 4248 memcpy(&lun->mode_pages.power_subpage[ 4249 CTL_PAGE_DEFAULT], 4250 &power_page_default, 4251 sizeof(power_page_default)); 4252 memcpy(&lun->mode_pages.power_subpage[ 4253 CTL_PAGE_SAVED], 4254 &power_page_default, 4255 sizeof(power_page_default)); 4256 page_index->page_data = 4257 (uint8_t *)lun->mode_pages.power_subpage; 4258 4259 current_page = (struct copan_power_subpage *) 4260 (page_index->page_data + 4261 (page_index->page_len * 4262 CTL_PAGE_CURRENT)); 4263 saved_page = (struct copan_power_subpage *) 4264 (page_index->page_data + 4265 (page_index->page_len * 4266 CTL_PAGE_SAVED)); 4267 break; 4268 } 4269 case APS_SUBPAGE_CODE: { 4270 struct copan_aps_subpage *current_page, 4271 *saved_page; 4272 4273 // This gets set multiple times but 4274 // it should always be the same. It's 4275 // only done during init so who cares. 4276 index_to_aps_page = i; 4277 4278 memcpy(&lun->mode_pages.aps_subpage[ 4279 CTL_PAGE_CURRENT], 4280 &aps_page_default, 4281 sizeof(aps_page_default)); 4282 memcpy(&lun->mode_pages.aps_subpage[ 4283 CTL_PAGE_CHANGEABLE], 4284 &aps_page_changeable, 4285 sizeof(aps_page_changeable)); 4286 memcpy(&lun->mode_pages.aps_subpage[ 4287 CTL_PAGE_DEFAULT], 4288 &aps_page_default, 4289 sizeof(aps_page_default)); 4290 memcpy(&lun->mode_pages.aps_subpage[ 4291 CTL_PAGE_SAVED], 4292 &aps_page_default, 4293 sizeof(aps_page_default)); 4294 page_index->page_data = 4295 (uint8_t *)lun->mode_pages.aps_subpage; 4296 4297 current_page = (struct copan_aps_subpage *) 4298 (page_index->page_data + 4299 (page_index->page_len * 4300 CTL_PAGE_CURRENT)); 4301 saved_page = (struct copan_aps_subpage *) 4302 (page_index->page_data + 4303 (page_index->page_len * 4304 CTL_PAGE_SAVED)); 4305 break; 4306 } 4307 case DBGCNF_SUBPAGE_CODE: { 4308 struct copan_debugconf_subpage *current_page, 4309 *saved_page; 4310 4311 memcpy(&lun->mode_pages.debugconf_subpage[ 4312 CTL_PAGE_CURRENT], 4313 &debugconf_page_default, 4314 sizeof(debugconf_page_default)); 4315 memcpy(&lun->mode_pages.debugconf_subpage[ 4316 CTL_PAGE_CHANGEABLE], 4317 &debugconf_page_changeable, 4318 sizeof(debugconf_page_changeable)); 4319 memcpy(&lun->mode_pages.debugconf_subpage[ 4320 CTL_PAGE_DEFAULT], 4321 &debugconf_page_default, 4322 sizeof(debugconf_page_default)); 4323 memcpy(&lun->mode_pages.debugconf_subpage[ 4324 CTL_PAGE_SAVED], 4325 &debugconf_page_default, 4326 sizeof(debugconf_page_default)); 4327 page_index->page_data = 4328 (uint8_t *)lun->mode_pages.debugconf_subpage; 4329 4330 current_page = (struct copan_debugconf_subpage *) 4331 (page_index->page_data + 4332 (page_index->page_len * 4333 CTL_PAGE_CURRENT)); 4334 saved_page = (struct copan_debugconf_subpage *) 4335 (page_index->page_data + 4336 (page_index->page_len * 4337 CTL_PAGE_SAVED)); 4338 break; 4339 } 4340 default: 4341 panic("invalid subpage value %d", 4342 page_index->subpage); 4343 break; 4344 } 4345 break; 4346 } 4347 default: 4348 panic("invalid page value %d", 4349 page_index->page_code & SMPH_PC_MASK); 4350 break; 4351 } 4352 } 4353 4354 return (CTL_RETVAL_COMPLETE); 4355} 4356 4357/* 4358 * LUN allocation. 4359 * 4360 * Requirements: 4361 * - caller allocates and zeros LUN storage, or passes in a NULL LUN if he 4362 * wants us to allocate the LUN and he can block. 4363 * - ctl_softc is always set 4364 * - be_lun is set if the LUN has a backend (needed for disk LUNs) 4365 * 4366 * Returns 0 for success, non-zero (errno) for failure. 4367 */ 4368static int 4369ctl_alloc_lun(struct ctl_softc *ctl_softc, struct ctl_lun *ctl_lun, 4370 struct ctl_be_lun *const be_lun, struct ctl_id target_id) 4371{ 4372 struct ctl_lun *nlun, *lun; 4373 struct ctl_port *port; 4374 struct scsi_vpd_id_descriptor *desc; 4375 struct scsi_vpd_id_t10 *t10id; 4376 const char *scsiname, *vendor; 4377 int lun_number, i, lun_malloced; 4378 int devidlen, idlen1, idlen2 = 0, len; 4379 4380 if (be_lun == NULL) 4381 return (EINVAL); 4382 4383 /* 4384 * We currently only support Direct Access or Processor LUN types. 4385 */ 4386 switch (be_lun->lun_type) { 4387 case T_DIRECT: 4388 break; 4389 case T_PROCESSOR: 4390 break; 4391 case T_SEQUENTIAL: 4392 case T_CHANGER: 4393 default: 4394 be_lun->lun_config_status(be_lun->be_lun, 4395 CTL_LUN_CONFIG_FAILURE); 4396 break; 4397 } 4398 if (ctl_lun == NULL) { 4399 lun = malloc(sizeof(*lun), M_CTL, M_WAITOK); 4400 lun_malloced = 1; 4401 } else { 4402 lun_malloced = 0; 4403 lun = ctl_lun; 4404 } 4405 4406 memset(lun, 0, sizeof(*lun)); 4407 if (lun_malloced) 4408 lun->flags = CTL_LUN_MALLOCED; 4409 4410 /* Generate LUN ID. */ 4411 devidlen = max(CTL_DEVID_MIN_LEN, 4412 strnlen(be_lun->device_id, CTL_DEVID_LEN)); 4413 idlen1 = sizeof(*t10id) + devidlen; 4414 len = sizeof(struct scsi_vpd_id_descriptor) + idlen1; 4415 scsiname = ctl_get_opt(&be_lun->options, "scsiname"); 4416 if (scsiname != NULL) { 4417 idlen2 = roundup2(strlen(scsiname) + 1, 4); 4418 len += sizeof(struct scsi_vpd_id_descriptor) + idlen2; 4419 } 4420 lun->lun_devid = malloc(sizeof(struct ctl_devid) + len, 4421 M_CTL, M_WAITOK | M_ZERO); 4422 lun->lun_devid->len = len; 4423 desc = (struct scsi_vpd_id_descriptor *)lun->lun_devid->data; 4424 desc->proto_codeset = SVPD_ID_CODESET_ASCII; 4425 desc->id_type = SVPD_ID_PIV | SVPD_ID_ASSOC_LUN | SVPD_ID_TYPE_T10; 4426 desc->length = idlen1; 4427 t10id = (struct scsi_vpd_id_t10 *)&desc->identifier[0]; 4428 memset(t10id->vendor, ' ', sizeof(t10id->vendor)); 4429 if ((vendor = ctl_get_opt(&be_lun->options, "vendor")) == NULL) { 4430 strncpy((char *)t10id->vendor, CTL_VENDOR, sizeof(t10id->vendor)); 4431 } else { 4432 strncpy(t10id->vendor, vendor, 4433 min(sizeof(t10id->vendor), strlen(vendor))); 4434 } 4435 strncpy((char *)t10id->vendor_spec_id, 4436 (char *)be_lun->device_id, devidlen); 4437 if (scsiname != NULL) { 4438 desc = (struct scsi_vpd_id_descriptor *)(&desc->identifier[0] + 4439 desc->length); 4440 desc->proto_codeset = SVPD_ID_CODESET_UTF8; 4441 desc->id_type = SVPD_ID_PIV | SVPD_ID_ASSOC_LUN | 4442 SVPD_ID_TYPE_SCSI_NAME; 4443 desc->length = idlen2; 4444 strlcpy(desc->identifier, scsiname, idlen2); 4445 } 4446 4447 mtx_lock(&ctl_softc->ctl_lock); 4448 /* 4449 * See if the caller requested a particular LUN number. If so, see 4450 * if it is available. Otherwise, allocate the first available LUN. 4451 */ 4452 if (be_lun->flags & CTL_LUN_FLAG_ID_REQ) { 4453 if ((be_lun->req_lun_id > (CTL_MAX_LUNS - 1)) 4454 || (ctl_is_set(ctl_softc->ctl_lun_mask, be_lun->req_lun_id))) { 4455 mtx_unlock(&ctl_softc->ctl_lock); 4456 if (be_lun->req_lun_id > (CTL_MAX_LUNS - 1)) { 4457 printf("ctl: requested LUN ID %d is higher " 4458 "than CTL_MAX_LUNS - 1 (%d)\n", 4459 be_lun->req_lun_id, CTL_MAX_LUNS - 1); 4460 } else { 4461 /* 4462 * XXX KDM return an error, or just assign 4463 * another LUN ID in this case?? 4464 */ 4465 printf("ctl: requested LUN ID %d is already " 4466 "in use\n", be_lun->req_lun_id); 4467 } 4468 if (lun->flags & CTL_LUN_MALLOCED) 4469 free(lun, M_CTL); 4470 be_lun->lun_config_status(be_lun->be_lun, 4471 CTL_LUN_CONFIG_FAILURE); 4472 return (ENOSPC); 4473 } 4474 lun_number = be_lun->req_lun_id; 4475 } else { 4476 lun_number = ctl_ffz(ctl_softc->ctl_lun_mask, CTL_MAX_LUNS); 4477 if (lun_number == -1) { 4478 mtx_unlock(&ctl_softc->ctl_lock); 4479 printf("ctl: can't allocate LUN on target %ju, out of " 4480 "LUNs\n", (uintmax_t)target_id.id); 4481 if (lun->flags & CTL_LUN_MALLOCED) 4482 free(lun, M_CTL); 4483 be_lun->lun_config_status(be_lun->be_lun, 4484 CTL_LUN_CONFIG_FAILURE); 4485 return (ENOSPC); 4486 } 4487 } 4488 ctl_set_mask(ctl_softc->ctl_lun_mask, lun_number); 4489 4490 mtx_init(&lun->lun_lock, "CTL LUN", NULL, MTX_DEF); 4491 lun->target = target_id; 4492 lun->lun = lun_number; 4493 lun->be_lun = be_lun; 4494 /* 4495 * The processor LUN is always enabled. Disk LUNs come on line 4496 * disabled, and must be enabled by the backend. 4497 */ 4498 lun->flags |= CTL_LUN_DISABLED; 4499 lun->backend = be_lun->be; 4500 be_lun->ctl_lun = lun; 4501 be_lun->lun_id = lun_number; 4502 atomic_add_int(&be_lun->be->num_luns, 1); 4503 if (be_lun->flags & CTL_LUN_FLAG_POWERED_OFF) 4504 lun->flags |= CTL_LUN_STOPPED; 4505 4506 if (be_lun->flags & CTL_LUN_FLAG_INOPERABLE) 4507 lun->flags |= CTL_LUN_INOPERABLE; 4508 4509 if (be_lun->flags & CTL_LUN_FLAG_PRIMARY) 4510 lun->flags |= CTL_LUN_PRIMARY_SC; 4511 4512 lun->ctl_softc = ctl_softc; 4513 TAILQ_INIT(&lun->ooa_queue); 4514 TAILQ_INIT(&lun->blocked_queue); 4515 STAILQ_INIT(&lun->error_list); 4516 4517 /* 4518 * Initialize the mode page index. 4519 */ 4520 ctl_init_page_index(lun); 4521 4522 /* 4523 * Set the poweron UA for all initiators on this LUN only. 4524 */ 4525 for (i = 0; i < CTL_MAX_INITIATORS; i++) 4526 lun->pending_sense[i].ua_pending = CTL_UA_POWERON; 4527 4528 /* 4529 * Now, before we insert this lun on the lun list, set the lun 4530 * inventory changed UA for all other luns. 4531 */ 4532 STAILQ_FOREACH(nlun, &ctl_softc->lun_list, links) { 4533 for (i = 0; i < CTL_MAX_INITIATORS; i++) { 4534 nlun->pending_sense[i].ua_pending |= CTL_UA_LUN_CHANGE; 4535 } 4536 } 4537 4538 STAILQ_INSERT_TAIL(&ctl_softc->lun_list, lun, links); 4539 4540 ctl_softc->ctl_luns[lun_number] = lun; 4541 4542 ctl_softc->num_luns++; 4543 4544 /* Setup statistics gathering */ 4545 lun->stats.device_type = be_lun->lun_type; 4546 lun->stats.lun_number = lun_number; 4547 if (lun->stats.device_type == T_DIRECT) 4548 lun->stats.blocksize = be_lun->blocksize; 4549 else 4550 lun->stats.flags = CTL_LUN_STATS_NO_BLOCKSIZE; 4551 for (i = 0;i < CTL_MAX_PORTS;i++) 4552 lun->stats.ports[i].targ_port = i; 4553 4554 mtx_unlock(&ctl_softc->ctl_lock); 4555 4556 lun->be_lun->lun_config_status(lun->be_lun->be_lun, CTL_LUN_CONFIG_OK); 4557 4558 /* 4559 * Run through each registered FETD and bring it online if it isn't 4560 * already. Enable the target ID if it hasn't been enabled, and 4561 * enable this particular LUN. 4562 */ 4563 STAILQ_FOREACH(port, &ctl_softc->port_list, links) { 4564 int retval; 4565 4566 retval = port->lun_enable(port->targ_lun_arg, target_id,lun_number); 4567 if (retval != 0) { 4568 printf("ctl_alloc_lun: FETD %s port %d returned error " 4569 "%d for lun_enable on target %ju lun %d\n", 4570 port->port_name, port->targ_port, retval, 4571 (uintmax_t)target_id.id, lun_number); 4572 } else 4573 port->status |= CTL_PORT_STATUS_LUN_ONLINE; 4574 } 4575 return (0); 4576} 4577 4578/* 4579 * Delete a LUN. 4580 * Assumptions: 4581 * - LUN has already been marked invalid and any pending I/O has been taken 4582 * care of. 4583 */ 4584static int 4585ctl_free_lun(struct ctl_lun *lun) 4586{ 4587 struct ctl_softc *softc; 4588#if 0 4589 struct ctl_port *port; 4590#endif 4591 struct ctl_lun *nlun; 4592 int i; 4593 4594 softc = lun->ctl_softc; 4595 4596 mtx_assert(&softc->ctl_lock, MA_OWNED); 4597 4598 STAILQ_REMOVE(&softc->lun_list, lun, ctl_lun, links); 4599 4600 ctl_clear_mask(softc->ctl_lun_mask, lun->lun); 4601 4602 softc->ctl_luns[lun->lun] = NULL; 4603 4604 if (!TAILQ_EMPTY(&lun->ooa_queue)) 4605 panic("Freeing a LUN %p with outstanding I/O!!\n", lun); 4606 4607 softc->num_luns--; 4608 4609 /* 4610 * XXX KDM this scheme only works for a single target/multiple LUN 4611 * setup. It needs to be revamped for a multiple target scheme. 4612 * 4613 * XXX KDM this results in port->lun_disable() getting called twice, 4614 * once when ctl_disable_lun() is called, and a second time here. 4615 * We really need to re-think the LUN disable semantics. There 4616 * should probably be several steps/levels to LUN removal: 4617 * - disable 4618 * - invalidate 4619 * - free 4620 * 4621 * Right now we only have a disable method when communicating to 4622 * the front end ports, at least for individual LUNs. 4623 */ 4624#if 0 4625 STAILQ_FOREACH(port, &softc->port_list, links) { 4626 int retval; 4627 4628 retval = port->lun_disable(port->targ_lun_arg, lun->target, 4629 lun->lun); 4630 if (retval != 0) { 4631 printf("ctl_free_lun: FETD %s port %d returned error " 4632 "%d for lun_disable on target %ju lun %jd\n", 4633 port->port_name, port->targ_port, retval, 4634 (uintmax_t)lun->target.id, (intmax_t)lun->lun); 4635 } 4636 4637 if (STAILQ_FIRST(&softc->lun_list) == NULL) { 4638 port->status &= ~CTL_PORT_STATUS_LUN_ONLINE; 4639 4640 retval = port->targ_disable(port->targ_lun_arg,lun->target); 4641 if (retval != 0) { 4642 printf("ctl_free_lun: FETD %s port %d " 4643 "returned error %d for targ_disable on " 4644 "target %ju\n", port->port_name, 4645 port->targ_port, retval, 4646 (uintmax_t)lun->target.id); 4647 } else 4648 port->status &= ~CTL_PORT_STATUS_TARG_ONLINE; 4649 4650 if ((port->status & CTL_PORT_STATUS_TARG_ONLINE) != 0) 4651 continue; 4652 4653#if 0 4654 port->port_offline(port->onoff_arg); 4655 port->status &= ~CTL_PORT_STATUS_ONLINE; 4656#endif 4657 } 4658 } 4659#endif 4660 4661 /* 4662 * Tell the backend to free resources, if this LUN has a backend. 4663 */ 4664 atomic_subtract_int(&lun->be_lun->be->num_luns, 1); 4665 lun->be_lun->lun_shutdown(lun->be_lun->be_lun); 4666 4667 mtx_destroy(&lun->lun_lock); 4668 free(lun->lun_devid, M_CTL); 4669 if (lun->flags & CTL_LUN_MALLOCED) 4670 free(lun, M_CTL); 4671 4672 STAILQ_FOREACH(nlun, &softc->lun_list, links) { 4673 for (i = 0; i < CTL_MAX_INITIATORS; i++) { 4674 nlun->pending_sense[i].ua_pending |= CTL_UA_LUN_CHANGE; 4675 } 4676 } 4677 4678 return (0); 4679} 4680 4681static void 4682ctl_create_lun(struct ctl_be_lun *be_lun) 4683{ 4684 struct ctl_softc *ctl_softc; 4685 4686 ctl_softc = control_softc; 4687 4688 /* 4689 * ctl_alloc_lun() should handle all potential failure cases. 4690 */ 4691 ctl_alloc_lun(ctl_softc, NULL, be_lun, ctl_softc->target); 4692} 4693 4694int 4695ctl_add_lun(struct ctl_be_lun *be_lun) 4696{ 4697 struct ctl_softc *ctl_softc = control_softc; 4698 4699 mtx_lock(&ctl_softc->ctl_lock); 4700 STAILQ_INSERT_TAIL(&ctl_softc->pending_lun_queue, be_lun, links); 4701 mtx_unlock(&ctl_softc->ctl_lock); 4702 wakeup(&ctl_softc->pending_lun_queue); 4703 4704 return (0); 4705} 4706 4707int 4708ctl_enable_lun(struct ctl_be_lun *be_lun) 4709{ 4710 struct ctl_softc *ctl_softc; 4711 struct ctl_port *port, *nport; 4712 struct ctl_lun *lun; 4713 int retval; 4714 4715 ctl_softc = control_softc; 4716 4717 lun = (struct ctl_lun *)be_lun->ctl_lun; 4718 4719 mtx_lock(&ctl_softc->ctl_lock); 4720 mtx_lock(&lun->lun_lock); 4721 if ((lun->flags & CTL_LUN_DISABLED) == 0) { 4722 /* 4723 * eh? Why did we get called if the LUN is already 4724 * enabled? 4725 */ 4726 mtx_unlock(&lun->lun_lock); 4727 mtx_unlock(&ctl_softc->ctl_lock); 4728 return (0); 4729 } 4730 lun->flags &= ~CTL_LUN_DISABLED; 4731 mtx_unlock(&lun->lun_lock); 4732 4733 for (port = STAILQ_FIRST(&ctl_softc->port_list); port != NULL; port = nport) { 4734 nport = STAILQ_NEXT(port, links); 4735 4736 /* 4737 * Drop the lock while we call the FETD's enable routine. 4738 * This can lead to a callback into CTL (at least in the 4739 * case of the internal initiator frontend. 4740 */ 4741 mtx_unlock(&ctl_softc->ctl_lock); 4742 retval = port->lun_enable(port->targ_lun_arg, lun->target,lun->lun); 4743 mtx_lock(&ctl_softc->ctl_lock); 4744 if (retval != 0) { 4745 printf("%s: FETD %s port %d returned error " 4746 "%d for lun_enable on target %ju lun %jd\n", 4747 __func__, port->port_name, port->targ_port, retval, 4748 (uintmax_t)lun->target.id, (intmax_t)lun->lun); 4749 } 4750#if 0 4751 else { 4752 /* NOTE: TODO: why does lun enable affect port status? */ 4753 port->status |= CTL_PORT_STATUS_LUN_ONLINE; 4754 } 4755#endif 4756 } 4757 4758 mtx_unlock(&ctl_softc->ctl_lock); 4759 4760 return (0); 4761} 4762 4763int 4764ctl_disable_lun(struct ctl_be_lun *be_lun) 4765{ 4766 struct ctl_softc *ctl_softc; 4767 struct ctl_port *port; 4768 struct ctl_lun *lun; 4769 int retval; 4770 4771 ctl_softc = control_softc; 4772 4773 lun = (struct ctl_lun *)be_lun->ctl_lun; 4774 4775 mtx_lock(&ctl_softc->ctl_lock); 4776 mtx_lock(&lun->lun_lock); 4777 if (lun->flags & CTL_LUN_DISABLED) { 4778 mtx_unlock(&lun->lun_lock); 4779 mtx_unlock(&ctl_softc->ctl_lock); 4780 return (0); 4781 } 4782 lun->flags |= CTL_LUN_DISABLED; 4783 mtx_unlock(&lun->lun_lock); 4784 4785 STAILQ_FOREACH(port, &ctl_softc->port_list, links) { 4786 mtx_unlock(&ctl_softc->ctl_lock); 4787 /* 4788 * Drop the lock before we call the frontend's disable 4789 * routine, to avoid lock order reversals. 4790 * 4791 * XXX KDM what happens if the frontend list changes while 4792 * we're traversing it? It's unlikely, but should be handled. 4793 */ 4794 retval = port->lun_disable(port->targ_lun_arg, lun->target, 4795 lun->lun); 4796 mtx_lock(&ctl_softc->ctl_lock); 4797 if (retval != 0) { 4798 printf("ctl_alloc_lun: FETD %s port %d returned error " 4799 "%d for lun_disable on target %ju lun %jd\n", 4800 port->port_name, port->targ_port, retval, 4801 (uintmax_t)lun->target.id, (intmax_t)lun->lun); 4802 } 4803 } 4804 4805 mtx_unlock(&ctl_softc->ctl_lock); 4806 4807 return (0); 4808} 4809 4810int 4811ctl_start_lun(struct ctl_be_lun *be_lun) 4812{ 4813 struct ctl_softc *ctl_softc; 4814 struct ctl_lun *lun; 4815 4816 ctl_softc = control_softc; 4817 4818 lun = (struct ctl_lun *)be_lun->ctl_lun; 4819 4820 mtx_lock(&lun->lun_lock); 4821 lun->flags &= ~CTL_LUN_STOPPED; 4822 mtx_unlock(&lun->lun_lock); 4823 4824 return (0); 4825} 4826 4827int 4828ctl_stop_lun(struct ctl_be_lun *be_lun) 4829{ 4830 struct ctl_softc *ctl_softc; 4831 struct ctl_lun *lun; 4832 4833 ctl_softc = control_softc; 4834 4835 lun = (struct ctl_lun *)be_lun->ctl_lun; 4836 4837 mtx_lock(&lun->lun_lock); 4838 lun->flags |= CTL_LUN_STOPPED; 4839 mtx_unlock(&lun->lun_lock); 4840 4841 return (0); 4842} 4843 4844int 4845ctl_lun_offline(struct ctl_be_lun *be_lun) 4846{ 4847 struct ctl_softc *ctl_softc; 4848 struct ctl_lun *lun; 4849 4850 ctl_softc = control_softc; 4851 4852 lun = (struct ctl_lun *)be_lun->ctl_lun; 4853 4854 mtx_lock(&lun->lun_lock); 4855 lun->flags |= CTL_LUN_OFFLINE; 4856 mtx_unlock(&lun->lun_lock); 4857 4858 return (0); 4859} 4860 4861int 4862ctl_lun_online(struct ctl_be_lun *be_lun) 4863{ 4864 struct ctl_softc *ctl_softc; 4865 struct ctl_lun *lun; 4866 4867 ctl_softc = control_softc; 4868 4869 lun = (struct ctl_lun *)be_lun->ctl_lun; 4870 4871 mtx_lock(&lun->lun_lock); 4872 lun->flags &= ~CTL_LUN_OFFLINE; 4873 mtx_unlock(&lun->lun_lock); 4874 4875 return (0); 4876} 4877 4878int 4879ctl_invalidate_lun(struct ctl_be_lun *be_lun) 4880{ 4881 struct ctl_softc *ctl_softc; 4882 struct ctl_lun *lun; 4883 4884 ctl_softc = control_softc; 4885 4886 lun = (struct ctl_lun *)be_lun->ctl_lun; 4887 4888 mtx_lock(&lun->lun_lock); 4889 4890 /* 4891 * The LUN needs to be disabled before it can be marked invalid. 4892 */ 4893 if ((lun->flags & CTL_LUN_DISABLED) == 0) { 4894 mtx_unlock(&lun->lun_lock); 4895 return (-1); 4896 } 4897 /* 4898 * Mark the LUN invalid. 4899 */ 4900 lun->flags |= CTL_LUN_INVALID; 4901 4902 /* 4903 * If there is nothing in the OOA queue, go ahead and free the LUN. 4904 * If we have something in the OOA queue, we'll free it when the 4905 * last I/O completes. 4906 */ 4907 if (TAILQ_EMPTY(&lun->ooa_queue)) { 4908 mtx_unlock(&lun->lun_lock); 4909 mtx_lock(&ctl_softc->ctl_lock); 4910 ctl_free_lun(lun); 4911 mtx_unlock(&ctl_softc->ctl_lock); 4912 } else 4913 mtx_unlock(&lun->lun_lock); 4914 4915 return (0); 4916} 4917 4918int 4919ctl_lun_inoperable(struct ctl_be_lun *be_lun) 4920{ 4921 struct ctl_softc *ctl_softc; 4922 struct ctl_lun *lun; 4923 4924 ctl_softc = control_softc; 4925 lun = (struct ctl_lun *)be_lun->ctl_lun; 4926 4927 mtx_lock(&lun->lun_lock); 4928 lun->flags |= CTL_LUN_INOPERABLE; 4929 mtx_unlock(&lun->lun_lock); 4930 4931 return (0); 4932} 4933 4934int 4935ctl_lun_operable(struct ctl_be_lun *be_lun) 4936{ 4937 struct ctl_softc *ctl_softc; 4938 struct ctl_lun *lun; 4939 4940 ctl_softc = control_softc; 4941 lun = (struct ctl_lun *)be_lun->ctl_lun; 4942 4943 mtx_lock(&lun->lun_lock); 4944 lun->flags &= ~CTL_LUN_INOPERABLE; 4945 mtx_unlock(&lun->lun_lock); 4946 4947 return (0); 4948} 4949 4950int 4951ctl_lun_power_lock(struct ctl_be_lun *be_lun, struct ctl_nexus *nexus, 4952 int lock) 4953{ 4954 struct ctl_softc *softc; 4955 struct ctl_lun *lun; 4956 struct copan_aps_subpage *current_sp; 4957 struct ctl_page_index *page_index; 4958 int i; 4959 4960 softc = control_softc; 4961 4962 mtx_lock(&softc->ctl_lock); 4963 4964 lun = (struct ctl_lun *)be_lun->ctl_lun; 4965 mtx_lock(&lun->lun_lock); 4966 4967 page_index = NULL; 4968 for (i = 0; i < CTL_NUM_MODE_PAGES; i++) { 4969 if ((lun->mode_pages.index[i].page_code & SMPH_PC_MASK) != 4970 APS_PAGE_CODE) 4971 continue; 4972 4973 if (lun->mode_pages.index[i].subpage != APS_SUBPAGE_CODE) 4974 continue; 4975 page_index = &lun->mode_pages.index[i]; 4976 } 4977 4978 if (page_index == NULL) { 4979 mtx_unlock(&lun->lun_lock); 4980 mtx_unlock(&softc->ctl_lock); 4981 printf("%s: APS subpage not found for lun %ju!\n", __func__, 4982 (uintmax_t)lun->lun); 4983 return (1); 4984 } 4985#if 0 4986 if ((softc->aps_locked_lun != 0) 4987 && (softc->aps_locked_lun != lun->lun)) { 4988 printf("%s: attempt to lock LUN %llu when %llu is already " 4989 "locked\n"); 4990 mtx_unlock(&lun->lun_lock); 4991 mtx_unlock(&softc->ctl_lock); 4992 return (1); 4993 } 4994#endif 4995 4996 current_sp = (struct copan_aps_subpage *)(page_index->page_data + 4997 (page_index->page_len * CTL_PAGE_CURRENT)); 4998 4999 if (lock != 0) { 5000 current_sp->lock_active = APS_LOCK_ACTIVE; 5001 softc->aps_locked_lun = lun->lun; 5002 } else { 5003 current_sp->lock_active = 0; 5004 softc->aps_locked_lun = 0; 5005 } 5006 5007 5008 /* 5009 * If we're in HA mode, try to send the lock message to the other 5010 * side. 5011 */ 5012 if (ctl_is_single == 0) { 5013 int isc_retval; 5014 union ctl_ha_msg lock_msg; 5015 5016 lock_msg.hdr.nexus = *nexus; 5017 lock_msg.hdr.msg_type = CTL_MSG_APS_LOCK; 5018 if (lock != 0) 5019 lock_msg.aps.lock_flag = 1; 5020 else 5021 lock_msg.aps.lock_flag = 0; 5022 isc_retval = ctl_ha_msg_send(CTL_HA_CHAN_CTL, &lock_msg, 5023 sizeof(lock_msg), 0); 5024 if (isc_retval > CTL_HA_STATUS_SUCCESS) { 5025 printf("%s: APS (lock=%d) error returned from " 5026 "ctl_ha_msg_send: %d\n", __func__, lock, isc_retval); 5027 mtx_unlock(&lun->lun_lock); 5028 mtx_unlock(&softc->ctl_lock); 5029 return (1); 5030 } 5031 } 5032 5033 mtx_unlock(&lun->lun_lock); 5034 mtx_unlock(&softc->ctl_lock); 5035 5036 return (0); 5037} 5038 5039void 5040ctl_lun_capacity_changed(struct ctl_be_lun *be_lun) 5041{ 5042 struct ctl_lun *lun; 5043 struct ctl_softc *softc; 5044 int i; 5045 5046 softc = control_softc; 5047 5048 lun = (struct ctl_lun *)be_lun->ctl_lun; 5049 5050 mtx_lock(&lun->lun_lock); 5051 5052 for (i = 0; i < CTL_MAX_INITIATORS; i++) 5053 lun->pending_sense[i].ua_pending |= CTL_UA_CAPACITY_CHANGED; 5054 5055 mtx_unlock(&lun->lun_lock); 5056} 5057 5058/* 5059 * Backend "memory move is complete" callback for requests that never 5060 * make it down to say RAIDCore's configuration code. 5061 */ 5062int 5063ctl_config_move_done(union ctl_io *io) 5064{ 5065 int retval; 5066 5067 retval = CTL_RETVAL_COMPLETE; 5068 5069 5070 CTL_DEBUG_PRINT(("ctl_config_move_done\n")); 5071 /* 5072 * XXX KDM this shouldn't happen, but what if it does? 5073 */ 5074 if (io->io_hdr.io_type != CTL_IO_SCSI) 5075 panic("I/O type isn't CTL_IO_SCSI!"); 5076 5077 if ((io->io_hdr.port_status == 0) 5078 && ((io->io_hdr.flags & CTL_FLAG_ABORT) == 0) 5079 && ((io->io_hdr.status & CTL_STATUS_MASK) == CTL_STATUS_NONE)) 5080 io->io_hdr.status = CTL_SUCCESS; 5081 else if ((io->io_hdr.port_status != 0) 5082 && ((io->io_hdr.flags & CTL_FLAG_ABORT) == 0) 5083 && ((io->io_hdr.status & CTL_STATUS_MASK) == CTL_STATUS_NONE)){ 5084 /* 5085 * For hardware error sense keys, the sense key 5086 * specific value is defined to be a retry count, 5087 * but we use it to pass back an internal FETD 5088 * error code. XXX KDM Hopefully the FETD is only 5089 * using 16 bits for an error code, since that's 5090 * all the space we have in the sks field. 5091 */ 5092 ctl_set_internal_failure(&io->scsiio, 5093 /*sks_valid*/ 1, 5094 /*retry_count*/ 5095 io->io_hdr.port_status); 5096 if (io->io_hdr.flags & CTL_FLAG_ALLOCATED) 5097 free(io->scsiio.kern_data_ptr, M_CTL); 5098 ctl_done(io); 5099 goto bailout; 5100 } 5101 5102 if (((io->io_hdr.flags & CTL_FLAG_DATA_MASK) == CTL_FLAG_DATA_IN) 5103 || ((io->io_hdr.status & CTL_STATUS_MASK) != CTL_SUCCESS) 5104 || ((io->io_hdr.flags & CTL_FLAG_ABORT) != 0)) { 5105 /* 5106 * XXX KDM just assuming a single pointer here, and not a 5107 * S/G list. If we start using S/G lists for config data, 5108 * we'll need to know how to clean them up here as well. 5109 */ 5110 if (io->io_hdr.flags & CTL_FLAG_ALLOCATED) 5111 free(io->scsiio.kern_data_ptr, M_CTL); 5112 /* Hopefully the user has already set the status... */ 5113 ctl_done(io); 5114 } else { 5115 /* 5116 * XXX KDM now we need to continue data movement. Some 5117 * options: 5118 * - call ctl_scsiio() again? We don't do this for data 5119 * writes, because for those at least we know ahead of 5120 * time where the write will go and how long it is. For 5121 * config writes, though, that information is largely 5122 * contained within the write itself, thus we need to 5123 * parse out the data again. 5124 * 5125 * - Call some other function once the data is in? 5126 */ 5127 5128 /* 5129 * XXX KDM call ctl_scsiio() again for now, and check flag 5130 * bits to see whether we're allocated or not. 5131 */ 5132 retval = ctl_scsiio(&io->scsiio); 5133 } 5134bailout: 5135 return (retval); 5136} 5137 5138/* 5139 * This gets called by a backend driver when it is done with a 5140 * data_submit method. 5141 */ 5142void 5143ctl_data_submit_done(union ctl_io *io) 5144{ 5145 /* 5146 * If the IO_CONT flag is set, we need to call the supplied 5147 * function to continue processing the I/O, instead of completing 5148 * the I/O just yet. 5149 * 5150 * If there is an error, though, we don't want to keep processing. 5151 * Instead, just send status back to the initiator. 5152 */ 5153 if ((io->io_hdr.flags & CTL_FLAG_IO_CONT) && 5154 (io->io_hdr.flags & CTL_FLAG_ABORT) == 0 && 5155 ((io->io_hdr.status & CTL_STATUS_MASK) == CTL_STATUS_NONE || 5156 (io->io_hdr.status & CTL_STATUS_MASK) == CTL_SUCCESS)) { 5157 io->scsiio.io_cont(io); 5158 return; 5159 } 5160 ctl_done(io); 5161} 5162 5163/* 5164 * This gets called by a backend driver when it is done with a 5165 * configuration write. 5166 */ 5167void 5168ctl_config_write_done(union ctl_io *io) 5169{ 5170 /* 5171 * If the IO_CONT flag is set, we need to call the supplied 5172 * function to continue processing the I/O, instead of completing 5173 * the I/O just yet. 5174 * 5175 * If there is an error, though, we don't want to keep processing. 5176 * Instead, just send status back to the initiator. 5177 */ 5178 if ((io->io_hdr.flags & CTL_FLAG_IO_CONT) 5179 && (((io->io_hdr.status & CTL_STATUS_MASK) == CTL_STATUS_NONE) 5180 || ((io->io_hdr.status & CTL_STATUS_MASK) == CTL_SUCCESS))) { 5181 io->scsiio.io_cont(io); 5182 return; 5183 } 5184 /* 5185 * Since a configuration write can be done for commands that actually 5186 * have data allocated, like write buffer, and commands that have 5187 * no data, like start/stop unit, we need to check here. 5188 */ 5189 if ((io->io_hdr.flags & CTL_FLAG_DATA_MASK) == CTL_FLAG_DATA_OUT) 5190 free(io->scsiio.kern_data_ptr, M_CTL); 5191 ctl_done(io); 5192} 5193 5194/* 5195 * SCSI release command. 5196 */ 5197int 5198ctl_scsi_release(struct ctl_scsiio *ctsio) 5199{ 5200 int length, longid, thirdparty_id, resv_id; 5201 struct ctl_softc *ctl_softc; 5202 struct ctl_lun *lun; 5203 5204 length = 0; 5205 resv_id = 0; 5206 5207 CTL_DEBUG_PRINT(("ctl_scsi_release\n")); 5208 5209 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 5210 ctl_softc = control_softc; 5211 5212 switch (ctsio->cdb[0]) { 5213 case RELEASE_10: { 5214 struct scsi_release_10 *cdb; 5215 5216 cdb = (struct scsi_release_10 *)ctsio->cdb; 5217 5218 if (cdb->byte2 & SR10_LONGID) 5219 longid = 1; 5220 else 5221 thirdparty_id = cdb->thirdparty_id; 5222 5223 resv_id = cdb->resv_id; 5224 length = scsi_2btoul(cdb->length); 5225 break; 5226 } 5227 } 5228 5229 5230 /* 5231 * XXX KDM right now, we only support LUN reservation. We don't 5232 * support 3rd party reservations, or extent reservations, which 5233 * might actually need the parameter list. If we've gotten this 5234 * far, we've got a LUN reservation. Anything else got kicked out 5235 * above. So, according to SPC, ignore the length. 5236 */ 5237 length = 0; 5238 5239 if (((ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) == 0) 5240 && (length > 0)) { 5241 ctsio->kern_data_ptr = malloc(length, M_CTL, M_WAITOK); 5242 ctsio->kern_data_len = length; 5243 ctsio->kern_total_len = length; 5244 ctsio->kern_data_resid = 0; 5245 ctsio->kern_rel_offset = 0; 5246 ctsio->kern_sg_entries = 0; 5247 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 5248 ctsio->be_move_done = ctl_config_move_done; 5249 ctl_datamove((union ctl_io *)ctsio); 5250 5251 return (CTL_RETVAL_COMPLETE); 5252 } 5253 5254 if (length > 0) 5255 thirdparty_id = scsi_8btou64(ctsio->kern_data_ptr); 5256 5257 mtx_lock(&lun->lun_lock); 5258 5259 /* 5260 * According to SPC, it is not an error for an intiator to attempt 5261 * to release a reservation on a LUN that isn't reserved, or that 5262 * is reserved by another initiator. The reservation can only be 5263 * released, though, by the initiator who made it or by one of 5264 * several reset type events. 5265 */ 5266 if (lun->flags & CTL_LUN_RESERVED) { 5267 if ((ctsio->io_hdr.nexus.initid.id == lun->rsv_nexus.initid.id) 5268 && (ctsio->io_hdr.nexus.targ_port == lun->rsv_nexus.targ_port) 5269 && (ctsio->io_hdr.nexus.targ_target.id == 5270 lun->rsv_nexus.targ_target.id)) { 5271 lun->flags &= ~CTL_LUN_RESERVED; 5272 } 5273 } 5274 5275 mtx_unlock(&lun->lun_lock); 5276 5277 ctsio->scsi_status = SCSI_STATUS_OK; 5278 ctsio->io_hdr.status = CTL_SUCCESS; 5279 5280 if (ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) { 5281 free(ctsio->kern_data_ptr, M_CTL); 5282 ctsio->io_hdr.flags &= ~CTL_FLAG_ALLOCATED; 5283 } 5284 5285 ctl_done((union ctl_io *)ctsio); 5286 return (CTL_RETVAL_COMPLETE); 5287} 5288 5289int 5290ctl_scsi_reserve(struct ctl_scsiio *ctsio) 5291{ 5292 int extent, thirdparty, longid; 5293 int resv_id, length; 5294 uint64_t thirdparty_id; 5295 struct ctl_softc *ctl_softc; 5296 struct ctl_lun *lun; 5297 5298 extent = 0; 5299 thirdparty = 0; 5300 longid = 0; 5301 resv_id = 0; 5302 length = 0; 5303 thirdparty_id = 0; 5304 5305 CTL_DEBUG_PRINT(("ctl_reserve\n")); 5306 5307 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 5308 ctl_softc = control_softc; 5309 5310 switch (ctsio->cdb[0]) { 5311 case RESERVE_10: { 5312 struct scsi_reserve_10 *cdb; 5313 5314 cdb = (struct scsi_reserve_10 *)ctsio->cdb; 5315 5316 if (cdb->byte2 & SR10_LONGID) 5317 longid = 1; 5318 else 5319 thirdparty_id = cdb->thirdparty_id; 5320 5321 resv_id = cdb->resv_id; 5322 length = scsi_2btoul(cdb->length); 5323 break; 5324 } 5325 } 5326 5327 /* 5328 * XXX KDM right now, we only support LUN reservation. We don't 5329 * support 3rd party reservations, or extent reservations, which 5330 * might actually need the parameter list. If we've gotten this 5331 * far, we've got a LUN reservation. Anything else got kicked out 5332 * above. So, according to SPC, ignore the length. 5333 */ 5334 length = 0; 5335 5336 if (((ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) == 0) 5337 && (length > 0)) { 5338 ctsio->kern_data_ptr = malloc(length, M_CTL, M_WAITOK); 5339 ctsio->kern_data_len = length; 5340 ctsio->kern_total_len = length; 5341 ctsio->kern_data_resid = 0; 5342 ctsio->kern_rel_offset = 0; 5343 ctsio->kern_sg_entries = 0; 5344 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 5345 ctsio->be_move_done = ctl_config_move_done; 5346 ctl_datamove((union ctl_io *)ctsio); 5347 5348 return (CTL_RETVAL_COMPLETE); 5349 } 5350 5351 if (length > 0) 5352 thirdparty_id = scsi_8btou64(ctsio->kern_data_ptr); 5353 5354 mtx_lock(&lun->lun_lock); 5355 if (lun->flags & CTL_LUN_RESERVED) { 5356 if ((ctsio->io_hdr.nexus.initid.id != lun->rsv_nexus.initid.id) 5357 || (ctsio->io_hdr.nexus.targ_port != lun->rsv_nexus.targ_port) 5358 || (ctsio->io_hdr.nexus.targ_target.id != 5359 lun->rsv_nexus.targ_target.id)) { 5360 ctsio->scsi_status = SCSI_STATUS_RESERV_CONFLICT; 5361 ctsio->io_hdr.status = CTL_SCSI_ERROR; 5362 goto bailout; 5363 } 5364 } 5365 5366 lun->flags |= CTL_LUN_RESERVED; 5367 lun->rsv_nexus = ctsio->io_hdr.nexus; 5368 5369 ctsio->scsi_status = SCSI_STATUS_OK; 5370 ctsio->io_hdr.status = CTL_SUCCESS; 5371 5372bailout: 5373 mtx_unlock(&lun->lun_lock); 5374 5375 if (ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) { 5376 free(ctsio->kern_data_ptr, M_CTL); 5377 ctsio->io_hdr.flags &= ~CTL_FLAG_ALLOCATED; 5378 } 5379 5380 ctl_done((union ctl_io *)ctsio); 5381 return (CTL_RETVAL_COMPLETE); 5382} 5383 5384int 5385ctl_start_stop(struct ctl_scsiio *ctsio) 5386{ 5387 struct scsi_start_stop_unit *cdb; 5388 struct ctl_lun *lun; 5389 struct ctl_softc *ctl_softc; 5390 int retval; 5391 5392 CTL_DEBUG_PRINT(("ctl_start_stop\n")); 5393 5394 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 5395 ctl_softc = control_softc; 5396 retval = 0; 5397 5398 cdb = (struct scsi_start_stop_unit *)ctsio->cdb; 5399 5400 /* 5401 * XXX KDM 5402 * We don't support the immediate bit on a stop unit. In order to 5403 * do that, we would need to code up a way to know that a stop is 5404 * pending, and hold off any new commands until it completes, one 5405 * way or another. Then we could accept or reject those commands 5406 * depending on its status. We would almost need to do the reverse 5407 * of what we do below for an immediate start -- return the copy of 5408 * the ctl_io to the FETD with status to send to the host (and to 5409 * free the copy!) and then free the original I/O once the stop 5410 * actually completes. That way, the OOA queue mechanism can work 5411 * to block commands that shouldn't proceed. Another alternative 5412 * would be to put the copy in the queue in place of the original, 5413 * and return the original back to the caller. That could be 5414 * slightly safer.. 5415 */ 5416 if ((cdb->byte2 & SSS_IMMED) 5417 && ((cdb->how & SSS_START) == 0)) { 5418 ctl_set_invalid_field(ctsio, 5419 /*sks_valid*/ 1, 5420 /*command*/ 1, 5421 /*field*/ 1, 5422 /*bit_valid*/ 1, 5423 /*bit*/ 0); 5424 ctl_done((union ctl_io *)ctsio); 5425 return (CTL_RETVAL_COMPLETE); 5426 } 5427 5428 if ((lun->flags & CTL_LUN_PR_RESERVED) 5429 && ((cdb->how & SSS_START)==0)) { 5430 uint32_t residx; 5431 5432 residx = ctl_get_resindex(&ctsio->io_hdr.nexus); 5433 if (!lun->per_res[residx].registered 5434 || (lun->pr_res_idx!=residx && lun->res_type < 4)) { 5435 5436 ctl_set_reservation_conflict(ctsio); 5437 ctl_done((union ctl_io *)ctsio); 5438 return (CTL_RETVAL_COMPLETE); 5439 } 5440 } 5441 5442 /* 5443 * If there is no backend on this device, we can't start or stop 5444 * it. In theory we shouldn't get any start/stop commands in the 5445 * first place at this level if the LUN doesn't have a backend. 5446 * That should get stopped by the command decode code. 5447 */ 5448 if (lun->backend == NULL) { 5449 ctl_set_invalid_opcode(ctsio); 5450 ctl_done((union ctl_io *)ctsio); 5451 return (CTL_RETVAL_COMPLETE); 5452 } 5453 5454 /* 5455 * XXX KDM Copan-specific offline behavior. 5456 * Figure out a reasonable way to port this? 5457 */ 5458#ifdef NEEDTOPORT 5459 mtx_lock(&lun->lun_lock); 5460 5461 if (((cdb->byte2 & SSS_ONOFFLINE) == 0) 5462 && (lun->flags & CTL_LUN_OFFLINE)) { 5463 /* 5464 * If the LUN is offline, and the on/offline bit isn't set, 5465 * reject the start or stop. Otherwise, let it through. 5466 */ 5467 mtx_unlock(&lun->lun_lock); 5468 ctl_set_lun_not_ready(ctsio); 5469 ctl_done((union ctl_io *)ctsio); 5470 } else { 5471 mtx_unlock(&lun->lun_lock); 5472#endif /* NEEDTOPORT */ 5473 /* 5474 * This could be a start or a stop when we're online, 5475 * or a stop/offline or start/online. A start or stop when 5476 * we're offline is covered in the case above. 5477 */ 5478 /* 5479 * In the non-immediate case, we send the request to 5480 * the backend and return status to the user when 5481 * it is done. 5482 * 5483 * In the immediate case, we allocate a new ctl_io 5484 * to hold a copy of the request, and send that to 5485 * the backend. We then set good status on the 5486 * user's request and return it immediately. 5487 */ 5488 if (cdb->byte2 & SSS_IMMED) { 5489 union ctl_io *new_io; 5490 5491 new_io = ctl_alloc_io(ctsio->io_hdr.pool); 5492 if (new_io == NULL) { 5493 ctl_set_busy(ctsio); 5494 ctl_done((union ctl_io *)ctsio); 5495 } else { 5496 ctl_copy_io((union ctl_io *)ctsio, 5497 new_io); 5498 retval = lun->backend->config_write(new_io); 5499 ctl_set_success(ctsio); 5500 ctl_done((union ctl_io *)ctsio); 5501 } 5502 } else { 5503 retval = lun->backend->config_write( 5504 (union ctl_io *)ctsio); 5505 } 5506#ifdef NEEDTOPORT 5507 } 5508#endif 5509 return (retval); 5510} 5511 5512/* 5513 * We support the SYNCHRONIZE CACHE command (10 and 16 byte versions), but 5514 * we don't really do anything with the LBA and length fields if the user 5515 * passes them in. Instead we'll just flush out the cache for the entire 5516 * LUN. 5517 */ 5518int 5519ctl_sync_cache(struct ctl_scsiio *ctsio) 5520{ 5521 struct ctl_lun *lun; 5522 struct ctl_softc *ctl_softc; 5523 uint64_t starting_lba; 5524 uint32_t block_count; 5525 int retval; 5526 5527 CTL_DEBUG_PRINT(("ctl_sync_cache\n")); 5528 5529 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 5530 ctl_softc = control_softc; 5531 retval = 0; 5532 5533 switch (ctsio->cdb[0]) { 5534 case SYNCHRONIZE_CACHE: { 5535 struct scsi_sync_cache *cdb; 5536 cdb = (struct scsi_sync_cache *)ctsio->cdb; 5537 5538 starting_lba = scsi_4btoul(cdb->begin_lba); 5539 block_count = scsi_2btoul(cdb->lb_count); 5540 break; 5541 } 5542 case SYNCHRONIZE_CACHE_16: { 5543 struct scsi_sync_cache_16 *cdb; 5544 cdb = (struct scsi_sync_cache_16 *)ctsio->cdb; 5545 5546 starting_lba = scsi_8btou64(cdb->begin_lba); 5547 block_count = scsi_4btoul(cdb->lb_count); 5548 break; 5549 } 5550 default: 5551 ctl_set_invalid_opcode(ctsio); 5552 ctl_done((union ctl_io *)ctsio); 5553 goto bailout; 5554 break; /* NOTREACHED */ 5555 } 5556 5557 /* 5558 * We check the LBA and length, but don't do anything with them. 5559 * A SYNCHRONIZE CACHE will cause the entire cache for this lun to 5560 * get flushed. This check will just help satisfy anyone who wants 5561 * to see an error for an out of range LBA. 5562 */ 5563 if ((starting_lba + block_count) > (lun->be_lun->maxlba + 1)) { 5564 ctl_set_lba_out_of_range(ctsio); 5565 ctl_done((union ctl_io *)ctsio); 5566 goto bailout; 5567 } 5568 5569 /* 5570 * If this LUN has no backend, we can't flush the cache anyway. 5571 */ 5572 if (lun->backend == NULL) { 5573 ctl_set_invalid_opcode(ctsio); 5574 ctl_done((union ctl_io *)ctsio); 5575 goto bailout; 5576 } 5577 5578 /* 5579 * Check to see whether we're configured to send the SYNCHRONIZE 5580 * CACHE command directly to the back end. 5581 */ 5582 mtx_lock(&lun->lun_lock); 5583 if ((ctl_softc->flags & CTL_FLAG_REAL_SYNC) 5584 && (++(lun->sync_count) >= lun->sync_interval)) { 5585 lun->sync_count = 0; 5586 mtx_unlock(&lun->lun_lock); 5587 retval = lun->backend->config_write((union ctl_io *)ctsio); 5588 } else { 5589 mtx_unlock(&lun->lun_lock); 5590 ctl_set_success(ctsio); 5591 ctl_done((union ctl_io *)ctsio); 5592 } 5593 5594bailout: 5595 5596 return (retval); 5597} 5598 5599int 5600ctl_format(struct ctl_scsiio *ctsio) 5601{ 5602 struct scsi_format *cdb; 5603 struct ctl_lun *lun; 5604 struct ctl_softc *ctl_softc; 5605 int length, defect_list_len; 5606 5607 CTL_DEBUG_PRINT(("ctl_format\n")); 5608 5609 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 5610 ctl_softc = control_softc; 5611 5612 cdb = (struct scsi_format *)ctsio->cdb; 5613 5614 length = 0; 5615 if (cdb->byte2 & SF_FMTDATA) { 5616 if (cdb->byte2 & SF_LONGLIST) 5617 length = sizeof(struct scsi_format_header_long); 5618 else 5619 length = sizeof(struct scsi_format_header_short); 5620 } 5621 5622 if (((ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) == 0) 5623 && (length > 0)) { 5624 ctsio->kern_data_ptr = malloc(length, M_CTL, M_WAITOK); 5625 ctsio->kern_data_len = length; 5626 ctsio->kern_total_len = length; 5627 ctsio->kern_data_resid = 0; 5628 ctsio->kern_rel_offset = 0; 5629 ctsio->kern_sg_entries = 0; 5630 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 5631 ctsio->be_move_done = ctl_config_move_done; 5632 ctl_datamove((union ctl_io *)ctsio); 5633 5634 return (CTL_RETVAL_COMPLETE); 5635 } 5636 5637 defect_list_len = 0; 5638 5639 if (cdb->byte2 & SF_FMTDATA) { 5640 if (cdb->byte2 & SF_LONGLIST) { 5641 struct scsi_format_header_long *header; 5642 5643 header = (struct scsi_format_header_long *) 5644 ctsio->kern_data_ptr; 5645 5646 defect_list_len = scsi_4btoul(header->defect_list_len); 5647 if (defect_list_len != 0) { 5648 ctl_set_invalid_field(ctsio, 5649 /*sks_valid*/ 1, 5650 /*command*/ 0, 5651 /*field*/ 2, 5652 /*bit_valid*/ 0, 5653 /*bit*/ 0); 5654 goto bailout; 5655 } 5656 } else { 5657 struct scsi_format_header_short *header; 5658 5659 header = (struct scsi_format_header_short *) 5660 ctsio->kern_data_ptr; 5661 5662 defect_list_len = scsi_2btoul(header->defect_list_len); 5663 if (defect_list_len != 0) { 5664 ctl_set_invalid_field(ctsio, 5665 /*sks_valid*/ 1, 5666 /*command*/ 0, 5667 /*field*/ 2, 5668 /*bit_valid*/ 0, 5669 /*bit*/ 0); 5670 goto bailout; 5671 } 5672 } 5673 } 5674 5675 /* 5676 * The format command will clear out the "Medium format corrupted" 5677 * status if set by the configuration code. That status is really 5678 * just a way to notify the host that we have lost the media, and 5679 * get them to issue a command that will basically make them think 5680 * they're blowing away the media. 5681 */ 5682 mtx_lock(&lun->lun_lock); 5683 lun->flags &= ~CTL_LUN_INOPERABLE; 5684 mtx_unlock(&lun->lun_lock); 5685 5686 ctsio->scsi_status = SCSI_STATUS_OK; 5687 ctsio->io_hdr.status = CTL_SUCCESS; 5688bailout: 5689 5690 if (ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) { 5691 free(ctsio->kern_data_ptr, M_CTL); 5692 ctsio->io_hdr.flags &= ~CTL_FLAG_ALLOCATED; 5693 } 5694 5695 ctl_done((union ctl_io *)ctsio); 5696 return (CTL_RETVAL_COMPLETE); 5697} 5698 5699int 5700ctl_read_buffer(struct ctl_scsiio *ctsio) 5701{ 5702 struct scsi_read_buffer *cdb; 5703 struct ctl_lun *lun; 5704 int buffer_offset, len; 5705 static uint8_t descr[4]; 5706 static uint8_t echo_descr[4] = { 0 }; 5707 5708 CTL_DEBUG_PRINT(("ctl_read_buffer\n")); 5709 5710 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 5711 cdb = (struct scsi_read_buffer *)ctsio->cdb; 5712 5713 if (lun->flags & CTL_LUN_PR_RESERVED) { 5714 uint32_t residx; 5715 5716 /* 5717 * XXX KDM need a lock here. 5718 */ 5719 residx = ctl_get_resindex(&ctsio->io_hdr.nexus); 5720 if ((lun->res_type == SPR_TYPE_EX_AC 5721 && residx != lun->pr_res_idx) 5722 || ((lun->res_type == SPR_TYPE_EX_AC_RO 5723 || lun->res_type == SPR_TYPE_EX_AC_AR) 5724 && !lun->per_res[residx].registered)) { 5725 ctl_set_reservation_conflict(ctsio); 5726 ctl_done((union ctl_io *)ctsio); 5727 return (CTL_RETVAL_COMPLETE); 5728 } 5729 } 5730 5731 if ((cdb->byte2 & RWB_MODE) != RWB_MODE_DATA && 5732 (cdb->byte2 & RWB_MODE) != RWB_MODE_ECHO_DESCR && 5733 (cdb->byte2 & RWB_MODE) != RWB_MODE_DESCR) { 5734 ctl_set_invalid_field(ctsio, 5735 /*sks_valid*/ 1, 5736 /*command*/ 1, 5737 /*field*/ 1, 5738 /*bit_valid*/ 1, 5739 /*bit*/ 4); 5740 ctl_done((union ctl_io *)ctsio); 5741 return (CTL_RETVAL_COMPLETE); 5742 } 5743 5744 len = scsi_3btoul(cdb->length); 5745 buffer_offset = scsi_3btoul(cdb->offset); 5746 5747 if (buffer_offset + len > sizeof(lun->write_buffer)) { 5748 ctl_set_invalid_field(ctsio, 5749 /*sks_valid*/ 1, 5750 /*command*/ 1, 5751 /*field*/ 6, 5752 /*bit_valid*/ 0, 5753 /*bit*/ 0); 5754 ctl_done((union ctl_io *)ctsio); 5755 return (CTL_RETVAL_COMPLETE); 5756 } 5757 5758 if ((cdb->byte2 & RWB_MODE) == RWB_MODE_DESCR) { 5759 descr[0] = 0; 5760 scsi_ulto3b(sizeof(lun->write_buffer), &descr[1]); 5761 ctsio->kern_data_ptr = descr; 5762 len = min(len, sizeof(descr)); 5763 } else if ((cdb->byte2 & RWB_MODE) == RWB_MODE_ECHO_DESCR) { 5764 ctsio->kern_data_ptr = echo_descr; 5765 len = min(len, sizeof(echo_descr)); 5766 } else 5767 ctsio->kern_data_ptr = lun->write_buffer + buffer_offset; 5768 ctsio->kern_data_len = len; 5769 ctsio->kern_total_len = len; 5770 ctsio->kern_data_resid = 0; 5771 ctsio->kern_rel_offset = 0; 5772 ctsio->kern_sg_entries = 0; 5773 ctsio->be_move_done = ctl_config_move_done; 5774 ctl_datamove((union ctl_io *)ctsio); 5775 5776 return (CTL_RETVAL_COMPLETE); 5777} 5778 5779int 5780ctl_write_buffer(struct ctl_scsiio *ctsio) 5781{ 5782 struct scsi_write_buffer *cdb; 5783 struct ctl_lun *lun; 5784 int buffer_offset, len; 5785 5786 CTL_DEBUG_PRINT(("ctl_write_buffer\n")); 5787 5788 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 5789 cdb = (struct scsi_write_buffer *)ctsio->cdb; 5790 5791 if ((cdb->byte2 & RWB_MODE) != RWB_MODE_DATA) { 5792 ctl_set_invalid_field(ctsio, 5793 /*sks_valid*/ 1, 5794 /*command*/ 1, 5795 /*field*/ 1, 5796 /*bit_valid*/ 1, 5797 /*bit*/ 4); 5798 ctl_done((union ctl_io *)ctsio); 5799 return (CTL_RETVAL_COMPLETE); 5800 } 5801 5802 len = scsi_3btoul(cdb->length); 5803 buffer_offset = scsi_3btoul(cdb->offset); 5804 5805 if (buffer_offset + len > sizeof(lun->write_buffer)) { 5806 ctl_set_invalid_field(ctsio, 5807 /*sks_valid*/ 1, 5808 /*command*/ 1, 5809 /*field*/ 6, 5810 /*bit_valid*/ 0, 5811 /*bit*/ 0); 5812 ctl_done((union ctl_io *)ctsio); 5813 return (CTL_RETVAL_COMPLETE); 5814 } 5815 5816 /* 5817 * If we've got a kernel request that hasn't been malloced yet, 5818 * malloc it and tell the caller the data buffer is here. 5819 */ 5820 if ((ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) == 0) { 5821 ctsio->kern_data_ptr = lun->write_buffer + buffer_offset; 5822 ctsio->kern_data_len = len; 5823 ctsio->kern_total_len = len; 5824 ctsio->kern_data_resid = 0; 5825 ctsio->kern_rel_offset = 0; 5826 ctsio->kern_sg_entries = 0; 5827 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 5828 ctsio->be_move_done = ctl_config_move_done; 5829 ctl_datamove((union ctl_io *)ctsio); 5830 5831 return (CTL_RETVAL_COMPLETE); 5832 } 5833 5834 ctl_done((union ctl_io *)ctsio); 5835 5836 return (CTL_RETVAL_COMPLETE); 5837} 5838 5839int 5840ctl_write_same(struct ctl_scsiio *ctsio) 5841{ 5842 struct ctl_lun *lun; 5843 struct ctl_lba_len_flags *lbalen; 5844 uint64_t lba; 5845 uint32_t num_blocks; 5846 int len, retval; 5847 uint8_t byte2; 5848 5849 retval = CTL_RETVAL_COMPLETE; 5850 5851 CTL_DEBUG_PRINT(("ctl_write_same\n")); 5852 5853 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 5854 5855 switch (ctsio->cdb[0]) { 5856 case WRITE_SAME_10: { 5857 struct scsi_write_same_10 *cdb; 5858 5859 cdb = (struct scsi_write_same_10 *)ctsio->cdb; 5860 5861 lba = scsi_4btoul(cdb->addr); 5862 num_blocks = scsi_2btoul(cdb->length); 5863 byte2 = cdb->byte2; 5864 break; 5865 } 5866 case WRITE_SAME_16: { 5867 struct scsi_write_same_16 *cdb; 5868 5869 cdb = (struct scsi_write_same_16 *)ctsio->cdb; 5870 5871 lba = scsi_8btou64(cdb->addr); 5872 num_blocks = scsi_4btoul(cdb->length); 5873 byte2 = cdb->byte2; 5874 break; 5875 } 5876 default: 5877 /* 5878 * We got a command we don't support. This shouldn't 5879 * happen, commands should be filtered out above us. 5880 */ 5881 ctl_set_invalid_opcode(ctsio); 5882 ctl_done((union ctl_io *)ctsio); 5883 5884 return (CTL_RETVAL_COMPLETE); 5885 break; /* NOTREACHED */ 5886 } 5887 5888 /* 5889 * The first check is to make sure we're in bounds, the second 5890 * check is to catch wrap-around problems. If the lba + num blocks 5891 * is less than the lba, then we've wrapped around and the block 5892 * range is invalid anyway. 5893 */ 5894 if (((lba + num_blocks) > (lun->be_lun->maxlba + 1)) 5895 || ((lba + num_blocks) < lba)) { 5896 ctl_set_lba_out_of_range(ctsio); 5897 ctl_done((union ctl_io *)ctsio); 5898 return (CTL_RETVAL_COMPLETE); 5899 } 5900 5901 /* Zero number of blocks means "to the last logical block" */ 5902 if (num_blocks == 0) { 5903 if ((lun->be_lun->maxlba + 1) - lba > UINT32_MAX) { 5904 ctl_set_invalid_field(ctsio, 5905 /*sks_valid*/ 0, 5906 /*command*/ 1, 5907 /*field*/ 0, 5908 /*bit_valid*/ 0, 5909 /*bit*/ 0); 5910 ctl_done((union ctl_io *)ctsio); 5911 return (CTL_RETVAL_COMPLETE); 5912 } 5913 num_blocks = (lun->be_lun->maxlba + 1) - lba; 5914 } 5915 5916 len = lun->be_lun->blocksize; 5917 5918 /* 5919 * If we've got a kernel request that hasn't been malloced yet, 5920 * malloc it and tell the caller the data buffer is here. 5921 */ 5922 if ((ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) == 0) { 5923 ctsio->kern_data_ptr = malloc(len, M_CTL, M_WAITOK);; 5924 ctsio->kern_data_len = len; 5925 ctsio->kern_total_len = len; 5926 ctsio->kern_data_resid = 0; 5927 ctsio->kern_rel_offset = 0; 5928 ctsio->kern_sg_entries = 0; 5929 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 5930 ctsio->be_move_done = ctl_config_move_done; 5931 ctl_datamove((union ctl_io *)ctsio); 5932 5933 return (CTL_RETVAL_COMPLETE); 5934 } 5935 5936 lbalen = (struct ctl_lba_len_flags *)&ctsio->io_hdr.ctl_private[CTL_PRIV_LBA_LEN]; 5937 lbalen->lba = lba; 5938 lbalen->len = num_blocks; 5939 lbalen->flags = byte2; 5940 retval = lun->backend->config_write((union ctl_io *)ctsio); 5941 5942 return (retval); 5943} 5944 5945int 5946ctl_unmap(struct ctl_scsiio *ctsio) 5947{ 5948 struct ctl_lun *lun; 5949 struct scsi_unmap *cdb; 5950 struct ctl_ptr_len_flags *ptrlen; 5951 struct scsi_unmap_header *hdr; 5952 struct scsi_unmap_desc *buf, *end; 5953 uint64_t lba; 5954 uint32_t num_blocks; 5955 int len, retval; 5956 uint8_t byte2; 5957 5958 retval = CTL_RETVAL_COMPLETE; 5959 5960 CTL_DEBUG_PRINT(("ctl_unmap\n")); 5961 5962 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 5963 cdb = (struct scsi_unmap *)ctsio->cdb; 5964 5965 len = scsi_2btoul(cdb->length); 5966 byte2 = cdb->byte2; 5967 5968 /* 5969 * If we've got a kernel request that hasn't been malloced yet, 5970 * malloc it and tell the caller the data buffer is here. 5971 */ 5972 if ((ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) == 0) { 5973 ctsio->kern_data_ptr = malloc(len, M_CTL, M_WAITOK);; 5974 ctsio->kern_data_len = len; 5975 ctsio->kern_total_len = len; 5976 ctsio->kern_data_resid = 0; 5977 ctsio->kern_rel_offset = 0; 5978 ctsio->kern_sg_entries = 0; 5979 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 5980 ctsio->be_move_done = ctl_config_move_done; 5981 ctl_datamove((union ctl_io *)ctsio); 5982 5983 return (CTL_RETVAL_COMPLETE); 5984 } 5985 5986 len = ctsio->kern_total_len - ctsio->kern_data_resid; 5987 hdr = (struct scsi_unmap_header *)ctsio->kern_data_ptr; 5988 if (len < sizeof (*hdr) || 5989 len < (scsi_2btoul(hdr->length) + sizeof(hdr->length)) || 5990 len < (scsi_2btoul(hdr->desc_length) + sizeof (*hdr)) || 5991 scsi_2btoul(hdr->desc_length) % sizeof(*buf) != 0) { 5992 ctl_set_invalid_field(ctsio, 5993 /*sks_valid*/ 0, 5994 /*command*/ 0, 5995 /*field*/ 0, 5996 /*bit_valid*/ 0, 5997 /*bit*/ 0); 5998 ctl_done((union ctl_io *)ctsio); 5999 return (CTL_RETVAL_COMPLETE); 6000 } 6001 len = scsi_2btoul(hdr->desc_length); 6002 buf = (struct scsi_unmap_desc *)(hdr + 1); 6003 end = buf + len / sizeof(*buf); 6004 6005 ptrlen = (struct ctl_ptr_len_flags *)&ctsio->io_hdr.ctl_private[CTL_PRIV_LBA_LEN]; 6006 ptrlen->ptr = (void *)buf; 6007 ptrlen->len = len; 6008 ptrlen->flags = byte2; 6009 6010 for (; buf < end; buf++) { 6011 lba = scsi_8btou64(buf->lba); 6012 num_blocks = scsi_4btoul(buf->length); 6013 if (((lba + num_blocks) > (lun->be_lun->maxlba + 1)) 6014 || ((lba + num_blocks) < lba)) { 6015 ctl_set_lba_out_of_range(ctsio); 6016 ctl_done((union ctl_io *)ctsio); 6017 return (CTL_RETVAL_COMPLETE); 6018 } 6019 } 6020 6021 retval = lun->backend->config_write((union ctl_io *)ctsio); 6022 6023 return (retval); 6024} 6025 6026/* 6027 * Note that this function currently doesn't actually do anything inside 6028 * CTL to enforce things if the DQue bit is turned on. 6029 * 6030 * Also note that this function can't be used in the default case, because 6031 * the DQue bit isn't set in the changeable mask for the control mode page 6032 * anyway. This is just here as an example for how to implement a page 6033 * handler, and a placeholder in case we want to allow the user to turn 6034 * tagged queueing on and off. 6035 * 6036 * The D_SENSE bit handling is functional, however, and will turn 6037 * descriptor sense on and off for a given LUN. 6038 */ 6039int 6040ctl_control_page_handler(struct ctl_scsiio *ctsio, 6041 struct ctl_page_index *page_index, uint8_t *page_ptr) 6042{ 6043 struct scsi_control_page *current_cp, *saved_cp, *user_cp; 6044 struct ctl_lun *lun; 6045 struct ctl_softc *softc; 6046 int set_ua; 6047 uint32_t initidx; 6048 6049 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 6050 initidx = ctl_get_initindex(&ctsio->io_hdr.nexus); 6051 set_ua = 0; 6052 6053 user_cp = (struct scsi_control_page *)page_ptr; 6054 current_cp = (struct scsi_control_page *) 6055 (page_index->page_data + (page_index->page_len * 6056 CTL_PAGE_CURRENT)); 6057 saved_cp = (struct scsi_control_page *) 6058 (page_index->page_data + (page_index->page_len * 6059 CTL_PAGE_SAVED)); 6060 6061 softc = control_softc; 6062 6063 mtx_lock(&lun->lun_lock); 6064 if (((current_cp->rlec & SCP_DSENSE) == 0) 6065 && ((user_cp->rlec & SCP_DSENSE) != 0)) { 6066 /* 6067 * Descriptor sense is currently turned off and the user 6068 * wants to turn it on. 6069 */ 6070 current_cp->rlec |= SCP_DSENSE; 6071 saved_cp->rlec |= SCP_DSENSE; 6072 lun->flags |= CTL_LUN_SENSE_DESC; 6073 set_ua = 1; 6074 } else if (((current_cp->rlec & SCP_DSENSE) != 0) 6075 && ((user_cp->rlec & SCP_DSENSE) == 0)) { 6076 /* 6077 * Descriptor sense is currently turned on, and the user 6078 * wants to turn it off. 6079 */ 6080 current_cp->rlec &= ~SCP_DSENSE; 6081 saved_cp->rlec &= ~SCP_DSENSE; 6082 lun->flags &= ~CTL_LUN_SENSE_DESC; 6083 set_ua = 1; 6084 } 6085 if (current_cp->queue_flags & SCP_QUEUE_DQUE) { 6086 if (user_cp->queue_flags & SCP_QUEUE_DQUE) { 6087#ifdef NEEDTOPORT 6088 csevent_log(CSC_CTL | CSC_SHELF_SW | 6089 CTL_UNTAG_TO_UNTAG, 6090 csevent_LogType_Trace, 6091 csevent_Severity_Information, 6092 csevent_AlertLevel_Green, 6093 csevent_FRU_Firmware, 6094 csevent_FRU_Unknown, 6095 "Received untagged to untagged transition"); 6096#endif /* NEEDTOPORT */ 6097 } else { 6098#ifdef NEEDTOPORT 6099 csevent_log(CSC_CTL | CSC_SHELF_SW | 6100 CTL_UNTAG_TO_TAG, 6101 csevent_LogType_ConfigChange, 6102 csevent_Severity_Information, 6103 csevent_AlertLevel_Green, 6104 csevent_FRU_Firmware, 6105 csevent_FRU_Unknown, 6106 "Received untagged to tagged " 6107 "queueing transition"); 6108#endif /* NEEDTOPORT */ 6109 6110 current_cp->queue_flags &= ~SCP_QUEUE_DQUE; 6111 saved_cp->queue_flags &= ~SCP_QUEUE_DQUE; 6112 set_ua = 1; 6113 } 6114 } else { 6115 if (user_cp->queue_flags & SCP_QUEUE_DQUE) { 6116#ifdef NEEDTOPORT 6117 csevent_log(CSC_CTL | CSC_SHELF_SW | 6118 CTL_TAG_TO_UNTAG, 6119 csevent_LogType_ConfigChange, 6120 csevent_Severity_Warning, 6121 csevent_AlertLevel_Yellow, 6122 csevent_FRU_Firmware, 6123 csevent_FRU_Unknown, 6124 "Received tagged queueing to untagged " 6125 "transition"); 6126#endif /* NEEDTOPORT */ 6127 6128 current_cp->queue_flags |= SCP_QUEUE_DQUE; 6129 saved_cp->queue_flags |= SCP_QUEUE_DQUE; 6130 set_ua = 1; 6131 } else { 6132#ifdef NEEDTOPORT 6133 csevent_log(CSC_CTL | CSC_SHELF_SW | 6134 CTL_TAG_TO_TAG, 6135 csevent_LogType_Trace, 6136 csevent_Severity_Information, 6137 csevent_AlertLevel_Green, 6138 csevent_FRU_Firmware, 6139 csevent_FRU_Unknown, 6140 "Received tagged queueing to tagged " 6141 "queueing transition"); 6142#endif /* NEEDTOPORT */ 6143 } 6144 } 6145 if (set_ua != 0) { 6146 int i; 6147 /* 6148 * Let other initiators know that the mode 6149 * parameters for this LUN have changed. 6150 */ 6151 for (i = 0; i < CTL_MAX_INITIATORS; i++) { 6152 if (i == initidx) 6153 continue; 6154 6155 lun->pending_sense[i].ua_pending |= 6156 CTL_UA_MODE_CHANGE; 6157 } 6158 } 6159 mtx_unlock(&lun->lun_lock); 6160 6161 return (0); 6162} 6163 6164int 6165ctl_power_sp_handler(struct ctl_scsiio *ctsio, 6166 struct ctl_page_index *page_index, uint8_t *page_ptr) 6167{ 6168 return (0); 6169} 6170 6171int 6172ctl_power_sp_sense_handler(struct ctl_scsiio *ctsio, 6173 struct ctl_page_index *page_index, int pc) 6174{ 6175 struct copan_power_subpage *page; 6176 6177 page = (struct copan_power_subpage *)page_index->page_data + 6178 (page_index->page_len * pc); 6179 6180 switch (pc) { 6181 case SMS_PAGE_CTRL_CHANGEABLE >> 6: 6182 /* 6183 * We don't update the changable bits for this page. 6184 */ 6185 break; 6186 case SMS_PAGE_CTRL_CURRENT >> 6: 6187 case SMS_PAGE_CTRL_DEFAULT >> 6: 6188 case SMS_PAGE_CTRL_SAVED >> 6: 6189#ifdef NEEDTOPORT 6190 ctl_update_power_subpage(page); 6191#endif 6192 break; 6193 default: 6194#ifdef NEEDTOPORT 6195 EPRINT(0, "Invalid PC %d!!", pc); 6196#endif 6197 break; 6198 } 6199 return (0); 6200} 6201 6202 6203int 6204ctl_aps_sp_handler(struct ctl_scsiio *ctsio, 6205 struct ctl_page_index *page_index, uint8_t *page_ptr) 6206{ 6207 struct copan_aps_subpage *user_sp; 6208 struct copan_aps_subpage *current_sp; 6209 union ctl_modepage_info *modepage_info; 6210 struct ctl_softc *softc; 6211 struct ctl_lun *lun; 6212 int retval; 6213 6214 retval = CTL_RETVAL_COMPLETE; 6215 current_sp = (struct copan_aps_subpage *)(page_index->page_data + 6216 (page_index->page_len * CTL_PAGE_CURRENT)); 6217 softc = control_softc; 6218 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 6219 6220 user_sp = (struct copan_aps_subpage *)page_ptr; 6221 6222 modepage_info = (union ctl_modepage_info *) 6223 ctsio->io_hdr.ctl_private[CTL_PRIV_MODEPAGE].bytes; 6224 6225 modepage_info->header.page_code = page_index->page_code & SMPH_PC_MASK; 6226 modepage_info->header.subpage = page_index->subpage; 6227 modepage_info->aps.lock_active = user_sp->lock_active; 6228 6229 mtx_lock(&softc->ctl_lock); 6230 6231 /* 6232 * If there is a request to lock the LUN and another LUN is locked 6233 * this is an error. If the requested LUN is already locked ignore 6234 * the request. If no LUN is locked attempt to lock it. 6235 * if there is a request to unlock the LUN and the LUN is currently 6236 * locked attempt to unlock it. Otherwise ignore the request. i.e. 6237 * if another LUN is locked or no LUN is locked. 6238 */ 6239 if (user_sp->lock_active & APS_LOCK_ACTIVE) { 6240 if (softc->aps_locked_lun == lun->lun) { 6241 /* 6242 * This LUN is already locked, so we're done. 6243 */ 6244 retval = CTL_RETVAL_COMPLETE; 6245 } else if (softc->aps_locked_lun == 0) { 6246 /* 6247 * No one has the lock, pass the request to the 6248 * backend. 6249 */ 6250 retval = lun->backend->config_write( 6251 (union ctl_io *)ctsio); 6252 } else { 6253 /* 6254 * Someone else has the lock, throw out the request. 6255 */ 6256 ctl_set_already_locked(ctsio); 6257 free(ctsio->kern_data_ptr, M_CTL); 6258 ctl_done((union ctl_io *)ctsio); 6259 6260 /* 6261 * Set the return value so that ctl_do_mode_select() 6262 * won't try to complete the command. We already 6263 * completed it here. 6264 */ 6265 retval = CTL_RETVAL_ERROR; 6266 } 6267 } else if (softc->aps_locked_lun == lun->lun) { 6268 /* 6269 * This LUN is locked, so pass the unlock request to the 6270 * backend. 6271 */ 6272 retval = lun->backend->config_write((union ctl_io *)ctsio); 6273 } 6274 mtx_unlock(&softc->ctl_lock); 6275 6276 return (retval); 6277} 6278 6279int 6280ctl_debugconf_sp_select_handler(struct ctl_scsiio *ctsio, 6281 struct ctl_page_index *page_index, 6282 uint8_t *page_ptr) 6283{ 6284 uint8_t *c; 6285 int i; 6286 6287 c = ((struct copan_debugconf_subpage *)page_ptr)->ctl_time_io_secs; 6288 ctl_time_io_secs = 6289 (c[0] << 8) | 6290 (c[1] << 0) | 6291 0; 6292 CTL_DEBUG_PRINT(("set ctl_time_io_secs to %d\n", ctl_time_io_secs)); 6293 printf("set ctl_time_io_secs to %d\n", ctl_time_io_secs); 6294 printf("page data:"); 6295 for (i=0; i<8; i++) 6296 printf(" %.2x",page_ptr[i]); 6297 printf("\n"); 6298 return (0); 6299} 6300 6301int 6302ctl_debugconf_sp_sense_handler(struct ctl_scsiio *ctsio, 6303 struct ctl_page_index *page_index, 6304 int pc) 6305{ 6306 struct copan_debugconf_subpage *page; 6307 6308 page = (struct copan_debugconf_subpage *)page_index->page_data + 6309 (page_index->page_len * pc); 6310 6311 switch (pc) { 6312 case SMS_PAGE_CTRL_CHANGEABLE >> 6: 6313 case SMS_PAGE_CTRL_DEFAULT >> 6: 6314 case SMS_PAGE_CTRL_SAVED >> 6: 6315 /* 6316 * We don't update the changable or default bits for this page. 6317 */ 6318 break; 6319 case SMS_PAGE_CTRL_CURRENT >> 6: 6320 page->ctl_time_io_secs[0] = ctl_time_io_secs >> 8; 6321 page->ctl_time_io_secs[1] = ctl_time_io_secs >> 0; 6322 break; 6323 default: 6324#ifdef NEEDTOPORT 6325 EPRINT(0, "Invalid PC %d!!", pc); 6326#endif /* NEEDTOPORT */ 6327 break; 6328 } 6329 return (0); 6330} 6331 6332 6333static int 6334ctl_do_mode_select(union ctl_io *io) 6335{ 6336 struct scsi_mode_page_header *page_header; 6337 struct ctl_page_index *page_index; 6338 struct ctl_scsiio *ctsio; 6339 int control_dev, page_len; 6340 int page_len_offset, page_len_size; 6341 union ctl_modepage_info *modepage_info; 6342 struct ctl_lun *lun; 6343 int *len_left, *len_used; 6344 int retval, i; 6345 6346 ctsio = &io->scsiio; 6347 page_index = NULL; 6348 page_len = 0; 6349 retval = CTL_RETVAL_COMPLETE; 6350 6351 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 6352 6353 if (lun->be_lun->lun_type != T_DIRECT) 6354 control_dev = 1; 6355 else 6356 control_dev = 0; 6357 6358 modepage_info = (union ctl_modepage_info *) 6359 ctsio->io_hdr.ctl_private[CTL_PRIV_MODEPAGE].bytes; 6360 len_left = &modepage_info->header.len_left; 6361 len_used = &modepage_info->header.len_used; 6362 6363do_next_page: 6364 6365 page_header = (struct scsi_mode_page_header *) 6366 (ctsio->kern_data_ptr + *len_used); 6367 6368 if (*len_left == 0) { 6369 free(ctsio->kern_data_ptr, M_CTL); 6370 ctl_set_success(ctsio); 6371 ctl_done((union ctl_io *)ctsio); 6372 return (CTL_RETVAL_COMPLETE); 6373 } else if (*len_left < sizeof(struct scsi_mode_page_header)) { 6374 6375 free(ctsio->kern_data_ptr, M_CTL); 6376 ctl_set_param_len_error(ctsio); 6377 ctl_done((union ctl_io *)ctsio); 6378 return (CTL_RETVAL_COMPLETE); 6379 6380 } else if ((page_header->page_code & SMPH_SPF) 6381 && (*len_left < sizeof(struct scsi_mode_page_header_sp))) { 6382 6383 free(ctsio->kern_data_ptr, M_CTL); 6384 ctl_set_param_len_error(ctsio); 6385 ctl_done((union ctl_io *)ctsio); 6386 return (CTL_RETVAL_COMPLETE); 6387 } 6388 6389 6390 /* 6391 * XXX KDM should we do something with the block descriptor? 6392 */ 6393 for (i = 0; i < CTL_NUM_MODE_PAGES; i++) { 6394 6395 if ((control_dev != 0) 6396 && (lun->mode_pages.index[i].page_flags & 6397 CTL_PAGE_FLAG_DISK_ONLY)) 6398 continue; 6399 6400 if ((lun->mode_pages.index[i].page_code & SMPH_PC_MASK) != 6401 (page_header->page_code & SMPH_PC_MASK)) 6402 continue; 6403 6404 /* 6405 * If neither page has a subpage code, then we've got a 6406 * match. 6407 */ 6408 if (((lun->mode_pages.index[i].page_code & SMPH_SPF) == 0) 6409 && ((page_header->page_code & SMPH_SPF) == 0)) { 6410 page_index = &lun->mode_pages.index[i]; 6411 page_len = page_header->page_length; 6412 break; 6413 } 6414 6415 /* 6416 * If both pages have subpages, then the subpage numbers 6417 * have to match. 6418 */ 6419 if ((lun->mode_pages.index[i].page_code & SMPH_SPF) 6420 && (page_header->page_code & SMPH_SPF)) { 6421 struct scsi_mode_page_header_sp *sph; 6422 6423 sph = (struct scsi_mode_page_header_sp *)page_header; 6424 6425 if (lun->mode_pages.index[i].subpage == 6426 sph->subpage) { 6427 page_index = &lun->mode_pages.index[i]; 6428 page_len = scsi_2btoul(sph->page_length); 6429 break; 6430 } 6431 } 6432 } 6433 6434 /* 6435 * If we couldn't find the page, or if we don't have a mode select 6436 * handler for it, send back an error to the user. 6437 */ 6438 if ((page_index == NULL) 6439 || (page_index->select_handler == NULL)) { 6440 ctl_set_invalid_field(ctsio, 6441 /*sks_valid*/ 1, 6442 /*command*/ 0, 6443 /*field*/ *len_used, 6444 /*bit_valid*/ 0, 6445 /*bit*/ 0); 6446 free(ctsio->kern_data_ptr, M_CTL); 6447 ctl_done((union ctl_io *)ctsio); 6448 return (CTL_RETVAL_COMPLETE); 6449 } 6450 6451 if (page_index->page_code & SMPH_SPF) { 6452 page_len_offset = 2; 6453 page_len_size = 2; 6454 } else { 6455 page_len_size = 1; 6456 page_len_offset = 1; 6457 } 6458 6459 /* 6460 * If the length the initiator gives us isn't the one we specify in 6461 * the mode page header, or if they didn't specify enough data in 6462 * the CDB to avoid truncating this page, kick out the request. 6463 */ 6464 if ((page_len != (page_index->page_len - page_len_offset - 6465 page_len_size)) 6466 || (*len_left < page_index->page_len)) { 6467 6468 6469 ctl_set_invalid_field(ctsio, 6470 /*sks_valid*/ 1, 6471 /*command*/ 0, 6472 /*field*/ *len_used + page_len_offset, 6473 /*bit_valid*/ 0, 6474 /*bit*/ 0); 6475 free(ctsio->kern_data_ptr, M_CTL); 6476 ctl_done((union ctl_io *)ctsio); 6477 return (CTL_RETVAL_COMPLETE); 6478 } 6479 6480 /* 6481 * Run through the mode page, checking to make sure that the bits 6482 * the user changed are actually legal for him to change. 6483 */ 6484 for (i = 0; i < page_index->page_len; i++) { 6485 uint8_t *user_byte, *change_mask, *current_byte; 6486 int bad_bit; 6487 int j; 6488 6489 user_byte = (uint8_t *)page_header + i; 6490 change_mask = page_index->page_data + 6491 (page_index->page_len * CTL_PAGE_CHANGEABLE) + i; 6492 current_byte = page_index->page_data + 6493 (page_index->page_len * CTL_PAGE_CURRENT) + i; 6494 6495 /* 6496 * Check to see whether the user set any bits in this byte 6497 * that he is not allowed to set. 6498 */ 6499 if ((*user_byte & ~(*change_mask)) == 6500 (*current_byte & ~(*change_mask))) 6501 continue; 6502 6503 /* 6504 * Go through bit by bit to determine which one is illegal. 6505 */ 6506 bad_bit = 0; 6507 for (j = 7; j >= 0; j--) { 6508 if ((((1 << i) & ~(*change_mask)) & *user_byte) != 6509 (((1 << i) & ~(*change_mask)) & *current_byte)) { 6510 bad_bit = i; 6511 break; 6512 } 6513 } 6514 ctl_set_invalid_field(ctsio, 6515 /*sks_valid*/ 1, 6516 /*command*/ 0, 6517 /*field*/ *len_used + i, 6518 /*bit_valid*/ 1, 6519 /*bit*/ bad_bit); 6520 free(ctsio->kern_data_ptr, M_CTL); 6521 ctl_done((union ctl_io *)ctsio); 6522 return (CTL_RETVAL_COMPLETE); 6523 } 6524 6525 /* 6526 * Decrement these before we call the page handler, since we may 6527 * end up getting called back one way or another before the handler 6528 * returns to this context. 6529 */ 6530 *len_left -= page_index->page_len; 6531 *len_used += page_index->page_len; 6532 6533 retval = page_index->select_handler(ctsio, page_index, 6534 (uint8_t *)page_header); 6535 6536 /* 6537 * If the page handler returns CTL_RETVAL_QUEUED, then we need to 6538 * wait until this queued command completes to finish processing 6539 * the mode page. If it returns anything other than 6540 * CTL_RETVAL_COMPLETE (e.g. CTL_RETVAL_ERROR), then it should have 6541 * already set the sense information, freed the data pointer, and 6542 * completed the io for us. 6543 */ 6544 if (retval != CTL_RETVAL_COMPLETE) 6545 goto bailout_no_done; 6546 6547 /* 6548 * If the initiator sent us more than one page, parse the next one. 6549 */ 6550 if (*len_left > 0) 6551 goto do_next_page; 6552 6553 ctl_set_success(ctsio); 6554 free(ctsio->kern_data_ptr, M_CTL); 6555 ctl_done((union ctl_io *)ctsio); 6556 6557bailout_no_done: 6558 6559 return (CTL_RETVAL_COMPLETE); 6560 6561} 6562 6563int 6564ctl_mode_select(struct ctl_scsiio *ctsio) 6565{ 6566 int param_len, pf, sp; 6567 int header_size, bd_len; 6568 int len_left, len_used; 6569 struct ctl_page_index *page_index; 6570 struct ctl_lun *lun; 6571 int control_dev, page_len; 6572 union ctl_modepage_info *modepage_info; 6573 int retval; 6574 6575 pf = 0; 6576 sp = 0; 6577 page_len = 0; 6578 len_used = 0; 6579 len_left = 0; 6580 retval = 0; 6581 bd_len = 0; 6582 page_index = NULL; 6583 6584 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 6585 6586 if (lun->be_lun->lun_type != T_DIRECT) 6587 control_dev = 1; 6588 else 6589 control_dev = 0; 6590 6591 switch (ctsio->cdb[0]) { 6592 case MODE_SELECT_6: { 6593 struct scsi_mode_select_6 *cdb; 6594 6595 cdb = (struct scsi_mode_select_6 *)ctsio->cdb; 6596 6597 pf = (cdb->byte2 & SMS_PF) ? 1 : 0; 6598 sp = (cdb->byte2 & SMS_SP) ? 1 : 0; 6599 6600 param_len = cdb->length; 6601 header_size = sizeof(struct scsi_mode_header_6); 6602 break; 6603 } 6604 case MODE_SELECT_10: { 6605 struct scsi_mode_select_10 *cdb; 6606 6607 cdb = (struct scsi_mode_select_10 *)ctsio->cdb; 6608 6609 pf = (cdb->byte2 & SMS_PF) ? 1 : 0; 6610 sp = (cdb->byte2 & SMS_SP) ? 1 : 0; 6611 6612 param_len = scsi_2btoul(cdb->length); 6613 header_size = sizeof(struct scsi_mode_header_10); 6614 break; 6615 } 6616 default: 6617 ctl_set_invalid_opcode(ctsio); 6618 ctl_done((union ctl_io *)ctsio); 6619 return (CTL_RETVAL_COMPLETE); 6620 break; /* NOTREACHED */ 6621 } 6622 6623 /* 6624 * From SPC-3: 6625 * "A parameter list length of zero indicates that the Data-Out Buffer 6626 * shall be empty. This condition shall not be considered as an error." 6627 */ 6628 if (param_len == 0) { 6629 ctl_set_success(ctsio); 6630 ctl_done((union ctl_io *)ctsio); 6631 return (CTL_RETVAL_COMPLETE); 6632 } 6633 6634 /* 6635 * Since we'll hit this the first time through, prior to 6636 * allocation, we don't need to free a data buffer here. 6637 */ 6638 if (param_len < header_size) { 6639 ctl_set_param_len_error(ctsio); 6640 ctl_done((union ctl_io *)ctsio); 6641 return (CTL_RETVAL_COMPLETE); 6642 } 6643 6644 /* 6645 * Allocate the data buffer and grab the user's data. In theory, 6646 * we shouldn't have to sanity check the parameter list length here 6647 * because the maximum size is 64K. We should be able to malloc 6648 * that much without too many problems. 6649 */ 6650 if ((ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) == 0) { 6651 ctsio->kern_data_ptr = malloc(param_len, M_CTL, M_WAITOK); 6652 ctsio->kern_data_len = param_len; 6653 ctsio->kern_total_len = param_len; 6654 ctsio->kern_data_resid = 0; 6655 ctsio->kern_rel_offset = 0; 6656 ctsio->kern_sg_entries = 0; 6657 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 6658 ctsio->be_move_done = ctl_config_move_done; 6659 ctl_datamove((union ctl_io *)ctsio); 6660 6661 return (CTL_RETVAL_COMPLETE); 6662 } 6663 6664 switch (ctsio->cdb[0]) { 6665 case MODE_SELECT_6: { 6666 struct scsi_mode_header_6 *mh6; 6667 6668 mh6 = (struct scsi_mode_header_6 *)ctsio->kern_data_ptr; 6669 bd_len = mh6->blk_desc_len; 6670 break; 6671 } 6672 case MODE_SELECT_10: { 6673 struct scsi_mode_header_10 *mh10; 6674 6675 mh10 = (struct scsi_mode_header_10 *)ctsio->kern_data_ptr; 6676 bd_len = scsi_2btoul(mh10->blk_desc_len); 6677 break; 6678 } 6679 default: 6680 panic("Invalid CDB type %#x", ctsio->cdb[0]); 6681 break; 6682 } 6683 6684 if (param_len < (header_size + bd_len)) { 6685 free(ctsio->kern_data_ptr, M_CTL); 6686 ctl_set_param_len_error(ctsio); 6687 ctl_done((union ctl_io *)ctsio); 6688 return (CTL_RETVAL_COMPLETE); 6689 } 6690 6691 /* 6692 * Set the IO_CONT flag, so that if this I/O gets passed to 6693 * ctl_config_write_done(), it'll get passed back to 6694 * ctl_do_mode_select() for further processing, or completion if 6695 * we're all done. 6696 */ 6697 ctsio->io_hdr.flags |= CTL_FLAG_IO_CONT; 6698 ctsio->io_cont = ctl_do_mode_select; 6699 6700 modepage_info = (union ctl_modepage_info *) 6701 ctsio->io_hdr.ctl_private[CTL_PRIV_MODEPAGE].bytes; 6702 6703 memset(modepage_info, 0, sizeof(*modepage_info)); 6704 6705 len_left = param_len - header_size - bd_len; 6706 len_used = header_size + bd_len; 6707 6708 modepage_info->header.len_left = len_left; 6709 modepage_info->header.len_used = len_used; 6710 6711 return (ctl_do_mode_select((union ctl_io *)ctsio)); 6712} 6713 6714int 6715ctl_mode_sense(struct ctl_scsiio *ctsio) 6716{ 6717 struct ctl_lun *lun; 6718 int pc, page_code, dbd, llba, subpage; 6719 int alloc_len, page_len, header_len, total_len; 6720 struct scsi_mode_block_descr *block_desc; 6721 struct ctl_page_index *page_index; 6722 int control_dev; 6723 6724 dbd = 0; 6725 llba = 0; 6726 block_desc = NULL; 6727 page_index = NULL; 6728 6729 CTL_DEBUG_PRINT(("ctl_mode_sense\n")); 6730 6731 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 6732 6733 if (lun->be_lun->lun_type != T_DIRECT) 6734 control_dev = 1; 6735 else 6736 control_dev = 0; 6737 6738 if (lun->flags & CTL_LUN_PR_RESERVED) { 6739 uint32_t residx; 6740 6741 /* 6742 * XXX KDM need a lock here. 6743 */ 6744 residx = ctl_get_resindex(&ctsio->io_hdr.nexus); 6745 if ((lun->res_type == SPR_TYPE_EX_AC 6746 && residx != lun->pr_res_idx) 6747 || ((lun->res_type == SPR_TYPE_EX_AC_RO 6748 || lun->res_type == SPR_TYPE_EX_AC_AR) 6749 && !lun->per_res[residx].registered)) { 6750 ctl_set_reservation_conflict(ctsio); 6751 ctl_done((union ctl_io *)ctsio); 6752 return (CTL_RETVAL_COMPLETE); 6753 } 6754 } 6755 6756 switch (ctsio->cdb[0]) { 6757 case MODE_SENSE_6: { 6758 struct scsi_mode_sense_6 *cdb; 6759 6760 cdb = (struct scsi_mode_sense_6 *)ctsio->cdb; 6761 6762 header_len = sizeof(struct scsi_mode_hdr_6); 6763 if (cdb->byte2 & SMS_DBD) 6764 dbd = 1; 6765 else 6766 header_len += sizeof(struct scsi_mode_block_descr); 6767 6768 pc = (cdb->page & SMS_PAGE_CTRL_MASK) >> 6; 6769 page_code = cdb->page & SMS_PAGE_CODE; 6770 subpage = cdb->subpage; 6771 alloc_len = cdb->length; 6772 break; 6773 } 6774 case MODE_SENSE_10: { 6775 struct scsi_mode_sense_10 *cdb; 6776 6777 cdb = (struct scsi_mode_sense_10 *)ctsio->cdb; 6778 6779 header_len = sizeof(struct scsi_mode_hdr_10); 6780 6781 if (cdb->byte2 & SMS_DBD) 6782 dbd = 1; 6783 else 6784 header_len += sizeof(struct scsi_mode_block_descr); 6785 if (cdb->byte2 & SMS10_LLBAA) 6786 llba = 1; 6787 pc = (cdb->page & SMS_PAGE_CTRL_MASK) >> 6; 6788 page_code = cdb->page & SMS_PAGE_CODE; 6789 subpage = cdb->subpage; 6790 alloc_len = scsi_2btoul(cdb->length); 6791 break; 6792 } 6793 default: 6794 ctl_set_invalid_opcode(ctsio); 6795 ctl_done((union ctl_io *)ctsio); 6796 return (CTL_RETVAL_COMPLETE); 6797 break; /* NOTREACHED */ 6798 } 6799 6800 /* 6801 * We have to make a first pass through to calculate the size of 6802 * the pages that match the user's query. Then we allocate enough 6803 * memory to hold it, and actually copy the data into the buffer. 6804 */ 6805 switch (page_code) { 6806 case SMS_ALL_PAGES_PAGE: { 6807 int i; 6808 6809 page_len = 0; 6810 6811 /* 6812 * At the moment, values other than 0 and 0xff here are 6813 * reserved according to SPC-3. 6814 */ 6815 if ((subpage != SMS_SUBPAGE_PAGE_0) 6816 && (subpage != SMS_SUBPAGE_ALL)) { 6817 ctl_set_invalid_field(ctsio, 6818 /*sks_valid*/ 1, 6819 /*command*/ 1, 6820 /*field*/ 3, 6821 /*bit_valid*/ 0, 6822 /*bit*/ 0); 6823 ctl_done((union ctl_io *)ctsio); 6824 return (CTL_RETVAL_COMPLETE); 6825 } 6826 6827 for (i = 0; i < CTL_NUM_MODE_PAGES; i++) { 6828 if ((control_dev != 0) 6829 && (lun->mode_pages.index[i].page_flags & 6830 CTL_PAGE_FLAG_DISK_ONLY)) 6831 continue; 6832 6833 /* 6834 * We don't use this subpage if the user didn't 6835 * request all subpages. 6836 */ 6837 if ((lun->mode_pages.index[i].subpage != 0) 6838 && (subpage == SMS_SUBPAGE_PAGE_0)) 6839 continue; 6840 6841#if 0 6842 printf("found page %#x len %d\n", 6843 lun->mode_pages.index[i].page_code & 6844 SMPH_PC_MASK, 6845 lun->mode_pages.index[i].page_len); 6846#endif 6847 page_len += lun->mode_pages.index[i].page_len; 6848 } 6849 break; 6850 } 6851 default: { 6852 int i; 6853 6854 page_len = 0; 6855 6856 for (i = 0; i < CTL_NUM_MODE_PAGES; i++) { 6857 /* Look for the right page code */ 6858 if ((lun->mode_pages.index[i].page_code & 6859 SMPH_PC_MASK) != page_code) 6860 continue; 6861 6862 /* Look for the right subpage or the subpage wildcard*/ 6863 if ((lun->mode_pages.index[i].subpage != subpage) 6864 && (subpage != SMS_SUBPAGE_ALL)) 6865 continue; 6866 6867 /* Make sure the page is supported for this dev type */ 6868 if ((control_dev != 0) 6869 && (lun->mode_pages.index[i].page_flags & 6870 CTL_PAGE_FLAG_DISK_ONLY)) 6871 continue; 6872 6873#if 0 6874 printf("found page %#x len %d\n", 6875 lun->mode_pages.index[i].page_code & 6876 SMPH_PC_MASK, 6877 lun->mode_pages.index[i].page_len); 6878#endif 6879 6880 page_len += lun->mode_pages.index[i].page_len; 6881 } 6882 6883 if (page_len == 0) { 6884 ctl_set_invalid_field(ctsio, 6885 /*sks_valid*/ 1, 6886 /*command*/ 1, 6887 /*field*/ 2, 6888 /*bit_valid*/ 1, 6889 /*bit*/ 5); 6890 ctl_done((union ctl_io *)ctsio); 6891 return (CTL_RETVAL_COMPLETE); 6892 } 6893 break; 6894 } 6895 } 6896 6897 total_len = header_len + page_len; 6898#if 0 6899 printf("header_len = %d, page_len = %d, total_len = %d\n", 6900 header_len, page_len, total_len); 6901#endif 6902 6903 ctsio->kern_data_ptr = malloc(total_len, M_CTL, M_WAITOK | M_ZERO); 6904 ctsio->kern_sg_entries = 0; 6905 ctsio->kern_data_resid = 0; 6906 ctsio->kern_rel_offset = 0; 6907 if (total_len < alloc_len) { 6908 ctsio->residual = alloc_len - total_len; 6909 ctsio->kern_data_len = total_len; 6910 ctsio->kern_total_len = total_len; 6911 } else { 6912 ctsio->residual = 0; 6913 ctsio->kern_data_len = alloc_len; 6914 ctsio->kern_total_len = alloc_len; 6915 } 6916 6917 switch (ctsio->cdb[0]) { 6918 case MODE_SENSE_6: { 6919 struct scsi_mode_hdr_6 *header; 6920 6921 header = (struct scsi_mode_hdr_6 *)ctsio->kern_data_ptr; 6922 6923 header->datalen = ctl_min(total_len - 1, 254); 6924 6925 if (dbd) 6926 header->block_descr_len = 0; 6927 else 6928 header->block_descr_len = 6929 sizeof(struct scsi_mode_block_descr); 6930 block_desc = (struct scsi_mode_block_descr *)&header[1]; 6931 break; 6932 } 6933 case MODE_SENSE_10: { 6934 struct scsi_mode_hdr_10 *header; 6935 int datalen; 6936 6937 header = (struct scsi_mode_hdr_10 *)ctsio->kern_data_ptr; 6938 6939 datalen = ctl_min(total_len - 2, 65533); 6940 scsi_ulto2b(datalen, header->datalen); 6941 if (dbd) 6942 scsi_ulto2b(0, header->block_descr_len); 6943 else 6944 scsi_ulto2b(sizeof(struct scsi_mode_block_descr), 6945 header->block_descr_len); 6946 block_desc = (struct scsi_mode_block_descr *)&header[1]; 6947 break; 6948 } 6949 default: 6950 panic("invalid CDB type %#x", ctsio->cdb[0]); 6951 break; /* NOTREACHED */ 6952 } 6953 6954 /* 6955 * If we've got a disk, use its blocksize in the block 6956 * descriptor. Otherwise, just set it to 0. 6957 */ 6958 if (dbd == 0) { 6959 if (control_dev != 0) 6960 scsi_ulto3b(lun->be_lun->blocksize, 6961 block_desc->block_len); 6962 else 6963 scsi_ulto3b(0, block_desc->block_len); 6964 } 6965 6966 switch (page_code) { 6967 case SMS_ALL_PAGES_PAGE: { 6968 int i, data_used; 6969 6970 data_used = header_len; 6971 for (i = 0; i < CTL_NUM_MODE_PAGES; i++) { 6972 struct ctl_page_index *page_index; 6973 6974 page_index = &lun->mode_pages.index[i]; 6975 6976 if ((control_dev != 0) 6977 && (page_index->page_flags & 6978 CTL_PAGE_FLAG_DISK_ONLY)) 6979 continue; 6980 6981 /* 6982 * We don't use this subpage if the user didn't 6983 * request all subpages. We already checked (above) 6984 * to make sure the user only specified a subpage 6985 * of 0 or 0xff in the SMS_ALL_PAGES_PAGE case. 6986 */ 6987 if ((page_index->subpage != 0) 6988 && (subpage == SMS_SUBPAGE_PAGE_0)) 6989 continue; 6990 6991 /* 6992 * Call the handler, if it exists, to update the 6993 * page to the latest values. 6994 */ 6995 if (page_index->sense_handler != NULL) 6996 page_index->sense_handler(ctsio, page_index,pc); 6997 6998 memcpy(ctsio->kern_data_ptr + data_used, 6999 page_index->page_data + 7000 (page_index->page_len * pc), 7001 page_index->page_len); 7002 data_used += page_index->page_len; 7003 } 7004 break; 7005 } 7006 default: { 7007 int i, data_used; 7008 7009 data_used = header_len; 7010 7011 for (i = 0; i < CTL_NUM_MODE_PAGES; i++) { 7012 struct ctl_page_index *page_index; 7013 7014 page_index = &lun->mode_pages.index[i]; 7015 7016 /* Look for the right page code */ 7017 if ((page_index->page_code & SMPH_PC_MASK) != page_code) 7018 continue; 7019 7020 /* Look for the right subpage or the subpage wildcard*/ 7021 if ((page_index->subpage != subpage) 7022 && (subpage != SMS_SUBPAGE_ALL)) 7023 continue; 7024 7025 /* Make sure the page is supported for this dev type */ 7026 if ((control_dev != 0) 7027 && (page_index->page_flags & 7028 CTL_PAGE_FLAG_DISK_ONLY)) 7029 continue; 7030 7031 /* 7032 * Call the handler, if it exists, to update the 7033 * page to the latest values. 7034 */ 7035 if (page_index->sense_handler != NULL) 7036 page_index->sense_handler(ctsio, page_index,pc); 7037 7038 memcpy(ctsio->kern_data_ptr + data_used, 7039 page_index->page_data + 7040 (page_index->page_len * pc), 7041 page_index->page_len); 7042 data_used += page_index->page_len; 7043 } 7044 break; 7045 } 7046 } 7047 7048 ctsio->scsi_status = SCSI_STATUS_OK; 7049 7050 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 7051 ctsio->be_move_done = ctl_config_move_done; 7052 ctl_datamove((union ctl_io *)ctsio); 7053 7054 return (CTL_RETVAL_COMPLETE); 7055} 7056 7057int 7058ctl_read_capacity(struct ctl_scsiio *ctsio) 7059{ 7060 struct scsi_read_capacity *cdb; 7061 struct scsi_read_capacity_data *data; 7062 struct ctl_lun *lun; 7063 uint32_t lba; 7064 7065 CTL_DEBUG_PRINT(("ctl_read_capacity\n")); 7066 7067 cdb = (struct scsi_read_capacity *)ctsio->cdb; 7068 7069 lba = scsi_4btoul(cdb->addr); 7070 if (((cdb->pmi & SRC_PMI) == 0) 7071 && (lba != 0)) { 7072 ctl_set_invalid_field(/*ctsio*/ ctsio, 7073 /*sks_valid*/ 1, 7074 /*command*/ 1, 7075 /*field*/ 2, 7076 /*bit_valid*/ 0, 7077 /*bit*/ 0); 7078 ctl_done((union ctl_io *)ctsio); 7079 return (CTL_RETVAL_COMPLETE); 7080 } 7081 7082 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 7083 7084 ctsio->kern_data_ptr = malloc(sizeof(*data), M_CTL, M_WAITOK | M_ZERO); 7085 data = (struct scsi_read_capacity_data *)ctsio->kern_data_ptr; 7086 ctsio->residual = 0; 7087 ctsio->kern_data_len = sizeof(*data); 7088 ctsio->kern_total_len = sizeof(*data); 7089 ctsio->kern_data_resid = 0; 7090 ctsio->kern_rel_offset = 0; 7091 ctsio->kern_sg_entries = 0; 7092 7093 /* 7094 * If the maximum LBA is greater than 0xfffffffe, the user must 7095 * issue a SERVICE ACTION IN (16) command, with the read capacity 7096 * serivce action set. 7097 */ 7098 if (lun->be_lun->maxlba > 0xfffffffe) 7099 scsi_ulto4b(0xffffffff, data->addr); 7100 else 7101 scsi_ulto4b(lun->be_lun->maxlba, data->addr); 7102 7103 /* 7104 * XXX KDM this may not be 512 bytes... 7105 */ 7106 scsi_ulto4b(lun->be_lun->blocksize, data->length); 7107 7108 ctsio->scsi_status = SCSI_STATUS_OK; 7109 7110 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 7111 ctsio->be_move_done = ctl_config_move_done; 7112 ctl_datamove((union ctl_io *)ctsio); 7113 7114 return (CTL_RETVAL_COMPLETE); 7115} 7116 7117int 7118ctl_read_capacity_16(struct ctl_scsiio *ctsio) 7119{ 7120 struct scsi_read_capacity_16 *cdb; 7121 struct scsi_read_capacity_data_long *data; 7122 struct ctl_lun *lun; 7123 uint64_t lba; 7124 uint32_t alloc_len; 7125 7126 CTL_DEBUG_PRINT(("ctl_read_capacity_16\n")); 7127 7128 cdb = (struct scsi_read_capacity_16 *)ctsio->cdb; 7129 7130 alloc_len = scsi_4btoul(cdb->alloc_len); 7131 lba = scsi_8btou64(cdb->addr); 7132 7133 if ((cdb->reladr & SRC16_PMI) 7134 && (lba != 0)) { 7135 ctl_set_invalid_field(/*ctsio*/ ctsio, 7136 /*sks_valid*/ 1, 7137 /*command*/ 1, 7138 /*field*/ 2, 7139 /*bit_valid*/ 0, 7140 /*bit*/ 0); 7141 ctl_done((union ctl_io *)ctsio); 7142 return (CTL_RETVAL_COMPLETE); 7143 } 7144 7145 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 7146 7147 ctsio->kern_data_ptr = malloc(sizeof(*data), M_CTL, M_WAITOK | M_ZERO); 7148 data = (struct scsi_read_capacity_data_long *)ctsio->kern_data_ptr; 7149 7150 if (sizeof(*data) < alloc_len) { 7151 ctsio->residual = alloc_len - sizeof(*data); 7152 ctsio->kern_data_len = sizeof(*data); 7153 ctsio->kern_total_len = sizeof(*data); 7154 } else { 7155 ctsio->residual = 0; 7156 ctsio->kern_data_len = alloc_len; 7157 ctsio->kern_total_len = alloc_len; 7158 } 7159 ctsio->kern_data_resid = 0; 7160 ctsio->kern_rel_offset = 0; 7161 ctsio->kern_sg_entries = 0; 7162 7163 scsi_u64to8b(lun->be_lun->maxlba, data->addr); 7164 /* XXX KDM this may not be 512 bytes... */ 7165 scsi_ulto4b(lun->be_lun->blocksize, data->length); 7166 data->prot_lbppbe = lun->be_lun->pblockexp & SRC16_LBPPBE; 7167 scsi_ulto2b(lun->be_lun->pblockoff & SRC16_LALBA_A, data->lalba_lbp); 7168 if (lun->be_lun->flags & CTL_LUN_FLAG_UNMAP) 7169 data->lalba_lbp[0] |= SRC16_LBPME; 7170 7171 ctsio->scsi_status = SCSI_STATUS_OK; 7172 7173 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 7174 ctsio->be_move_done = ctl_config_move_done; 7175 ctl_datamove((union ctl_io *)ctsio); 7176 7177 return (CTL_RETVAL_COMPLETE); 7178} 7179 7180int 7181ctl_report_tagret_port_groups(struct ctl_scsiio *ctsio) 7182{ 7183 struct scsi_maintenance_in *cdb; 7184 int retval; 7185 int alloc_len, ext, total_len = 0, g, p, pc, pg; 7186 int num_target_port_groups, num_target_ports, single; 7187 struct ctl_lun *lun; 7188 struct ctl_softc *softc; 7189 struct ctl_port *port; 7190 struct scsi_target_group_data *rtg_ptr; 7191 struct scsi_target_group_data_extended *rtg_ext_ptr; 7192 struct scsi_target_port_group_descriptor *tpg_desc; 7193 7194 CTL_DEBUG_PRINT(("ctl_report_tagret_port_groups\n")); 7195 7196 cdb = (struct scsi_maintenance_in *)ctsio->cdb; 7197 softc = control_softc; 7198 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 7199 7200 retval = CTL_RETVAL_COMPLETE; 7201 7202 switch (cdb->byte2 & STG_PDF_MASK) { 7203 case STG_PDF_LENGTH: 7204 ext = 0; 7205 break; 7206 case STG_PDF_EXTENDED: 7207 ext = 1; 7208 break; 7209 default: 7210 ctl_set_invalid_field(/*ctsio*/ ctsio, 7211 /*sks_valid*/ 1, 7212 /*command*/ 1, 7213 /*field*/ 2, 7214 /*bit_valid*/ 1, 7215 /*bit*/ 5); 7216 ctl_done((union ctl_io *)ctsio); 7217 return(retval); 7218 } 7219 7220 single = ctl_is_single; 7221 if (single) 7222 num_target_port_groups = 1; 7223 else 7224 num_target_port_groups = NUM_TARGET_PORT_GROUPS; 7225 num_target_ports = 0; 7226 mtx_lock(&softc->ctl_lock); 7227 STAILQ_FOREACH(port, &softc->port_list, links) { 7228 if ((port->status & CTL_PORT_STATUS_ONLINE) == 0) 7229 continue; 7230 if (ctl_map_lun_back(port->targ_port, lun->lun) >= CTL_MAX_LUNS) 7231 continue; 7232 num_target_ports++; 7233 } 7234 mtx_unlock(&softc->ctl_lock); 7235 7236 if (ext) 7237 total_len = sizeof(struct scsi_target_group_data_extended); 7238 else 7239 total_len = sizeof(struct scsi_target_group_data); 7240 total_len += sizeof(struct scsi_target_port_group_descriptor) * 7241 num_target_port_groups + 7242 sizeof(struct scsi_target_port_descriptor) * 7243 num_target_ports * num_target_port_groups; 7244 7245 alloc_len = scsi_4btoul(cdb->length); 7246 7247 ctsio->kern_data_ptr = malloc(total_len, M_CTL, M_WAITOK | M_ZERO); 7248 7249 ctsio->kern_sg_entries = 0; 7250 7251 if (total_len < alloc_len) { 7252 ctsio->residual = alloc_len - total_len; 7253 ctsio->kern_data_len = total_len; 7254 ctsio->kern_total_len = total_len; 7255 } else { 7256 ctsio->residual = 0; 7257 ctsio->kern_data_len = alloc_len; 7258 ctsio->kern_total_len = alloc_len; 7259 } 7260 ctsio->kern_data_resid = 0; 7261 ctsio->kern_rel_offset = 0; 7262 7263 if (ext) { 7264 rtg_ext_ptr = (struct scsi_target_group_data_extended *) 7265 ctsio->kern_data_ptr; 7266 scsi_ulto4b(total_len - 4, rtg_ext_ptr->length); 7267 rtg_ext_ptr->format_type = 0x10; 7268 rtg_ext_ptr->implicit_transition_time = 0; 7269 tpg_desc = &rtg_ext_ptr->groups[0]; 7270 } else { 7271 rtg_ptr = (struct scsi_target_group_data *) 7272 ctsio->kern_data_ptr; 7273 scsi_ulto4b(total_len - 4, rtg_ptr->length); 7274 tpg_desc = &rtg_ptr->groups[0]; 7275 } 7276 7277 pg = ctsio->io_hdr.nexus.targ_port / CTL_MAX_PORTS; 7278 mtx_lock(&softc->ctl_lock); 7279 for (g = 0; g < num_target_port_groups; g++) { 7280 if (g == pg) 7281 tpg_desc->pref_state = TPG_PRIMARY | 7282 TPG_ASYMMETRIC_ACCESS_OPTIMIZED; 7283 else 7284 tpg_desc->pref_state = 7285 TPG_ASYMMETRIC_ACCESS_NONOPTIMIZED; 7286 tpg_desc->support = TPG_AO_SUP; 7287 if (!single) 7288 tpg_desc->support |= TPG_AN_SUP; 7289 scsi_ulto2b(g + 1, tpg_desc->target_port_group); 7290 tpg_desc->status = TPG_IMPLICIT; 7291 pc = 0; 7292 STAILQ_FOREACH(port, &softc->port_list, links) { 7293 if ((port->status & CTL_PORT_STATUS_ONLINE) == 0) 7294 continue; 7295 if (ctl_map_lun_back(port->targ_port, lun->lun) >= 7296 CTL_MAX_LUNS) 7297 continue; 7298 p = port->targ_port % CTL_MAX_PORTS + g * CTL_MAX_PORTS; 7299 scsi_ulto2b(p, tpg_desc->descriptors[pc]. 7300 relative_target_port_identifier); 7301 pc++; 7302 } 7303 tpg_desc->target_port_count = pc; 7304 tpg_desc = (struct scsi_target_port_group_descriptor *) 7305 &tpg_desc->descriptors[pc]; 7306 } 7307 mtx_unlock(&softc->ctl_lock); 7308 7309 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 7310 ctsio->be_move_done = ctl_config_move_done; 7311 7312 CTL_DEBUG_PRINT(("buf = %x %x %x %x %x %x %x %x\n", 7313 ctsio->kern_data_ptr[0], ctsio->kern_data_ptr[1], 7314 ctsio->kern_data_ptr[2], ctsio->kern_data_ptr[3], 7315 ctsio->kern_data_ptr[4], ctsio->kern_data_ptr[5], 7316 ctsio->kern_data_ptr[6], ctsio->kern_data_ptr[7])); 7317 7318 ctl_datamove((union ctl_io *)ctsio); 7319 return(retval); 7320} 7321 7322int 7323ctl_report_supported_opcodes(struct ctl_scsiio *ctsio) 7324{ 7325 struct ctl_lun *lun; 7326 struct scsi_report_supported_opcodes *cdb; 7327 const struct ctl_cmd_entry *entry, *sentry; 7328 struct scsi_report_supported_opcodes_all *all; 7329 struct scsi_report_supported_opcodes_descr *descr; 7330 struct scsi_report_supported_opcodes_one *one; 7331 int retval; 7332 int alloc_len, total_len; 7333 int opcode, service_action, i, j, num; 7334 7335 CTL_DEBUG_PRINT(("ctl_report_supported_opcodes\n")); 7336 7337 cdb = (struct scsi_report_supported_opcodes *)ctsio->cdb; 7338 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 7339 7340 retval = CTL_RETVAL_COMPLETE; 7341 7342 opcode = cdb->requested_opcode; 7343 service_action = scsi_2btoul(cdb->requested_service_action); 7344 switch (cdb->options & RSO_OPTIONS_MASK) { 7345 case RSO_OPTIONS_ALL: 7346 num = 0; 7347 for (i = 0; i < 256; i++) { 7348 entry = &ctl_cmd_table[i]; 7349 if (entry->flags & CTL_CMD_FLAG_SA5) { 7350 for (j = 0; j < 32; j++) { 7351 sentry = &((const struct ctl_cmd_entry *) 7352 entry->execute)[j]; 7353 if (ctl_cmd_applicable( 7354 lun->be_lun->lun_type, sentry)) 7355 num++; 7356 } 7357 } else { 7358 if (ctl_cmd_applicable(lun->be_lun->lun_type, 7359 entry)) 7360 num++; 7361 } 7362 } 7363 total_len = sizeof(struct scsi_report_supported_opcodes_all) + 7364 num * sizeof(struct scsi_report_supported_opcodes_descr); 7365 break; 7366 case RSO_OPTIONS_OC: 7367 if (ctl_cmd_table[opcode].flags & CTL_CMD_FLAG_SA5) { 7368 ctl_set_invalid_field(/*ctsio*/ ctsio, 7369 /*sks_valid*/ 1, 7370 /*command*/ 1, 7371 /*field*/ 2, 7372 /*bit_valid*/ 1, 7373 /*bit*/ 2); 7374 ctl_done((union ctl_io *)ctsio); 7375 return (CTL_RETVAL_COMPLETE); 7376 } 7377 total_len = sizeof(struct scsi_report_supported_opcodes_one) + 32; 7378 break; 7379 case RSO_OPTIONS_OC_SA: 7380 if ((ctl_cmd_table[opcode].flags & CTL_CMD_FLAG_SA5) == 0 || 7381 service_action >= 32) { 7382 ctl_set_invalid_field(/*ctsio*/ ctsio, 7383 /*sks_valid*/ 1, 7384 /*command*/ 1, 7385 /*field*/ 2, 7386 /*bit_valid*/ 1, 7387 /*bit*/ 2); 7388 ctl_done((union ctl_io *)ctsio); 7389 return (CTL_RETVAL_COMPLETE); 7390 } 7391 total_len = sizeof(struct scsi_report_supported_opcodes_one) + 32; 7392 break; 7393 default: 7394 ctl_set_invalid_field(/*ctsio*/ ctsio, 7395 /*sks_valid*/ 1, 7396 /*command*/ 1, 7397 /*field*/ 2, 7398 /*bit_valid*/ 1, 7399 /*bit*/ 2); 7400 ctl_done((union ctl_io *)ctsio); 7401 return (CTL_RETVAL_COMPLETE); 7402 } 7403 7404 alloc_len = scsi_4btoul(cdb->length); 7405 7406 ctsio->kern_data_ptr = malloc(total_len, M_CTL, M_WAITOK | M_ZERO); 7407 7408 ctsio->kern_sg_entries = 0; 7409 7410 if (total_len < alloc_len) { 7411 ctsio->residual = alloc_len - total_len; 7412 ctsio->kern_data_len = total_len; 7413 ctsio->kern_total_len = total_len; 7414 } else { 7415 ctsio->residual = 0; 7416 ctsio->kern_data_len = alloc_len; 7417 ctsio->kern_total_len = alloc_len; 7418 } 7419 ctsio->kern_data_resid = 0; 7420 ctsio->kern_rel_offset = 0; 7421 7422 switch (cdb->options & RSO_OPTIONS_MASK) { 7423 case RSO_OPTIONS_ALL: 7424 all = (struct scsi_report_supported_opcodes_all *) 7425 ctsio->kern_data_ptr; 7426 num = 0; 7427 for (i = 0; i < 256; i++) { 7428 entry = &ctl_cmd_table[i]; 7429 if (entry->flags & CTL_CMD_FLAG_SA5) { 7430 for (j = 0; j < 32; j++) { 7431 sentry = &((const struct ctl_cmd_entry *) 7432 entry->execute)[j]; 7433 if (!ctl_cmd_applicable( 7434 lun->be_lun->lun_type, sentry)) 7435 continue; 7436 descr = &all->descr[num++]; 7437 descr->opcode = i; 7438 scsi_ulto2b(j, descr->service_action); 7439 descr->flags = RSO_SERVACTV; 7440 scsi_ulto2b(sentry->length, 7441 descr->cdb_length); 7442 } 7443 } else { 7444 if (!ctl_cmd_applicable(lun->be_lun->lun_type, 7445 entry)) 7446 continue; 7447 descr = &all->descr[num++]; 7448 descr->opcode = i; 7449 scsi_ulto2b(0, descr->service_action); 7450 descr->flags = 0; 7451 scsi_ulto2b(entry->length, descr->cdb_length); 7452 } 7453 } 7454 scsi_ulto4b( 7455 num * sizeof(struct scsi_report_supported_opcodes_descr), 7456 all->length); 7457 break; 7458 case RSO_OPTIONS_OC: 7459 one = (struct scsi_report_supported_opcodes_one *) 7460 ctsio->kern_data_ptr; 7461 entry = &ctl_cmd_table[opcode]; 7462 goto fill_one; 7463 case RSO_OPTIONS_OC_SA: 7464 one = (struct scsi_report_supported_opcodes_one *) 7465 ctsio->kern_data_ptr; 7466 entry = &ctl_cmd_table[opcode]; 7467 entry = &((const struct ctl_cmd_entry *) 7468 entry->execute)[service_action]; 7469fill_one: 7470 if (ctl_cmd_applicable(lun->be_lun->lun_type, entry)) { 7471 one->support = 3; 7472 scsi_ulto2b(entry->length, one->cdb_length); 7473 one->cdb_usage[0] = opcode; 7474 memcpy(&one->cdb_usage[1], entry->usage, 7475 entry->length - 1); 7476 } else 7477 one->support = 1; 7478 break; 7479 } 7480 7481 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 7482 ctsio->be_move_done = ctl_config_move_done; 7483 7484 ctl_datamove((union ctl_io *)ctsio); 7485 return(retval); 7486} 7487 7488int 7489ctl_report_supported_tmf(struct ctl_scsiio *ctsio) 7490{ 7491 struct ctl_lun *lun; 7492 struct scsi_report_supported_tmf *cdb; 7493 struct scsi_report_supported_tmf_data *data; 7494 int retval; 7495 int alloc_len, total_len; 7496 7497 CTL_DEBUG_PRINT(("ctl_report_supported_tmf\n")); 7498 7499 cdb = (struct scsi_report_supported_tmf *)ctsio->cdb; 7500 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 7501 7502 retval = CTL_RETVAL_COMPLETE; 7503 7504 total_len = sizeof(struct scsi_report_supported_tmf_data); 7505 alloc_len = scsi_4btoul(cdb->length); 7506 7507 ctsio->kern_data_ptr = malloc(total_len, M_CTL, M_WAITOK | M_ZERO); 7508 7509 ctsio->kern_sg_entries = 0; 7510 7511 if (total_len < alloc_len) { 7512 ctsio->residual = alloc_len - total_len; 7513 ctsio->kern_data_len = total_len; 7514 ctsio->kern_total_len = total_len; 7515 } else { 7516 ctsio->residual = 0; 7517 ctsio->kern_data_len = alloc_len; 7518 ctsio->kern_total_len = alloc_len; 7519 } 7520 ctsio->kern_data_resid = 0; 7521 ctsio->kern_rel_offset = 0; 7522 7523 data = (struct scsi_report_supported_tmf_data *)ctsio->kern_data_ptr; 7524 data->byte1 |= RST_ATS | RST_ATSS | RST_LURS | RST_TRS; 7525 data->byte2 |= RST_ITNRS; 7526 7527 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 7528 ctsio->be_move_done = ctl_config_move_done; 7529 7530 ctl_datamove((union ctl_io *)ctsio); 7531 return (retval); 7532} 7533 7534int 7535ctl_report_timestamp(struct ctl_scsiio *ctsio) 7536{ 7537 struct ctl_lun *lun; 7538 struct scsi_report_timestamp *cdb; 7539 struct scsi_report_timestamp_data *data; 7540 struct timeval tv; 7541 int64_t timestamp; 7542 int retval; 7543 int alloc_len, total_len; 7544 7545 CTL_DEBUG_PRINT(("ctl_report_timestamp\n")); 7546 7547 cdb = (struct scsi_report_timestamp *)ctsio->cdb; 7548 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 7549 7550 retval = CTL_RETVAL_COMPLETE; 7551 7552 total_len = sizeof(struct scsi_report_timestamp_data); 7553 alloc_len = scsi_4btoul(cdb->length); 7554 7555 ctsio->kern_data_ptr = malloc(total_len, M_CTL, M_WAITOK | M_ZERO); 7556 7557 ctsio->kern_sg_entries = 0; 7558 7559 if (total_len < alloc_len) { 7560 ctsio->residual = alloc_len - total_len; 7561 ctsio->kern_data_len = total_len; 7562 ctsio->kern_total_len = total_len; 7563 } else { 7564 ctsio->residual = 0; 7565 ctsio->kern_data_len = alloc_len; 7566 ctsio->kern_total_len = alloc_len; 7567 } 7568 ctsio->kern_data_resid = 0; 7569 ctsio->kern_rel_offset = 0; 7570 7571 data = (struct scsi_report_timestamp_data *)ctsio->kern_data_ptr; 7572 scsi_ulto2b(sizeof(*data) - 2, data->length); 7573 data->origin = RTS_ORIG_OUTSIDE; 7574 getmicrotime(&tv); 7575 timestamp = (int64_t)tv.tv_sec * 1000 + tv.tv_usec / 1000; 7576 scsi_ulto4b(timestamp >> 16, data->timestamp); 7577 scsi_ulto2b(timestamp & 0xffff, &data->timestamp[4]); 7578 7579 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 7580 ctsio->be_move_done = ctl_config_move_done; 7581 7582 ctl_datamove((union ctl_io *)ctsio); 7583 return (retval); 7584} 7585 7586int 7587ctl_persistent_reserve_in(struct ctl_scsiio *ctsio) 7588{ 7589 struct scsi_per_res_in *cdb; 7590 int alloc_len, total_len = 0; 7591 /* struct scsi_per_res_in_rsrv in_data; */ 7592 struct ctl_lun *lun; 7593 struct ctl_softc *softc; 7594 7595 CTL_DEBUG_PRINT(("ctl_persistent_reserve_in\n")); 7596 7597 softc = control_softc; 7598 7599 cdb = (struct scsi_per_res_in *)ctsio->cdb; 7600 7601 alloc_len = scsi_2btoul(cdb->length); 7602 7603 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 7604 7605retry: 7606 mtx_lock(&lun->lun_lock); 7607 switch (cdb->action) { 7608 case SPRI_RK: /* read keys */ 7609 total_len = sizeof(struct scsi_per_res_in_keys) + 7610 lun->pr_key_count * 7611 sizeof(struct scsi_per_res_key); 7612 break; 7613 case SPRI_RR: /* read reservation */ 7614 if (lun->flags & CTL_LUN_PR_RESERVED) 7615 total_len = sizeof(struct scsi_per_res_in_rsrv); 7616 else 7617 total_len = sizeof(struct scsi_per_res_in_header); 7618 break; 7619 case SPRI_RC: /* report capabilities */ 7620 total_len = sizeof(struct scsi_per_res_cap); 7621 break; 7622 default: 7623 panic("Invalid PR type %x", cdb->action); 7624 } 7625 mtx_unlock(&lun->lun_lock); 7626 7627 ctsio->kern_data_ptr = malloc(total_len, M_CTL, M_WAITOK | M_ZERO); 7628 7629 if (total_len < alloc_len) { 7630 ctsio->residual = alloc_len - total_len; 7631 ctsio->kern_data_len = total_len; 7632 ctsio->kern_total_len = total_len; 7633 } else { 7634 ctsio->residual = 0; 7635 ctsio->kern_data_len = alloc_len; 7636 ctsio->kern_total_len = alloc_len; 7637 } 7638 7639 ctsio->kern_data_resid = 0; 7640 ctsio->kern_rel_offset = 0; 7641 ctsio->kern_sg_entries = 0; 7642 7643 mtx_lock(&lun->lun_lock); 7644 switch (cdb->action) { 7645 case SPRI_RK: { // read keys 7646 struct scsi_per_res_in_keys *res_keys; 7647 int i, key_count; 7648 7649 res_keys = (struct scsi_per_res_in_keys*)ctsio->kern_data_ptr; 7650 7651 /* 7652 * We had to drop the lock to allocate our buffer, which 7653 * leaves time for someone to come in with another 7654 * persistent reservation. (That is unlikely, though, 7655 * since this should be the only persistent reservation 7656 * command active right now.) 7657 */ 7658 if (total_len != (sizeof(struct scsi_per_res_in_keys) + 7659 (lun->pr_key_count * 7660 sizeof(struct scsi_per_res_key)))){ 7661 mtx_unlock(&lun->lun_lock); 7662 free(ctsio->kern_data_ptr, M_CTL); 7663 printf("%s: reservation length changed, retrying\n", 7664 __func__); 7665 goto retry; 7666 } 7667 7668 scsi_ulto4b(lun->PRGeneration, res_keys->header.generation); 7669 7670 scsi_ulto4b(sizeof(struct scsi_per_res_key) * 7671 lun->pr_key_count, res_keys->header.length); 7672 7673 for (i = 0, key_count = 0; i < 2*CTL_MAX_INITIATORS; i++) { 7674 if (!lun->per_res[i].registered) 7675 continue; 7676 7677 /* 7678 * We used lun->pr_key_count to calculate the 7679 * size to allocate. If it turns out the number of 7680 * initiators with the registered flag set is 7681 * larger than that (i.e. they haven't been kept in 7682 * sync), we've got a problem. 7683 */ 7684 if (key_count >= lun->pr_key_count) { 7685#ifdef NEEDTOPORT 7686 csevent_log(CSC_CTL | CSC_SHELF_SW | 7687 CTL_PR_ERROR, 7688 csevent_LogType_Fault, 7689 csevent_AlertLevel_Yellow, 7690 csevent_FRU_ShelfController, 7691 csevent_FRU_Firmware, 7692 csevent_FRU_Unknown, 7693 "registered keys %d >= key " 7694 "count %d", key_count, 7695 lun->pr_key_count); 7696#endif 7697 key_count++; 7698 continue; 7699 } 7700 memcpy(res_keys->keys[key_count].key, 7701 lun->per_res[i].res_key.key, 7702 ctl_min(sizeof(res_keys->keys[key_count].key), 7703 sizeof(lun->per_res[i].res_key))); 7704 key_count++; 7705 } 7706 break; 7707 } 7708 case SPRI_RR: { // read reservation 7709 struct scsi_per_res_in_rsrv *res; 7710 int tmp_len, header_only; 7711 7712 res = (struct scsi_per_res_in_rsrv *)ctsio->kern_data_ptr; 7713 7714 scsi_ulto4b(lun->PRGeneration, res->header.generation); 7715 7716 if (lun->flags & CTL_LUN_PR_RESERVED) 7717 { 7718 tmp_len = sizeof(struct scsi_per_res_in_rsrv); 7719 scsi_ulto4b(sizeof(struct scsi_per_res_in_rsrv_data), 7720 res->header.length); 7721 header_only = 0; 7722 } else { 7723 tmp_len = sizeof(struct scsi_per_res_in_header); 7724 scsi_ulto4b(0, res->header.length); 7725 header_only = 1; 7726 } 7727 7728 /* 7729 * We had to drop the lock to allocate our buffer, which 7730 * leaves time for someone to come in with another 7731 * persistent reservation. (That is unlikely, though, 7732 * since this should be the only persistent reservation 7733 * command active right now.) 7734 */ 7735 if (tmp_len != total_len) { 7736 mtx_unlock(&lun->lun_lock); 7737 free(ctsio->kern_data_ptr, M_CTL); 7738 printf("%s: reservation status changed, retrying\n", 7739 __func__); 7740 goto retry; 7741 } 7742 7743 /* 7744 * No reservation held, so we're done. 7745 */ 7746 if (header_only != 0) 7747 break; 7748 7749 /* 7750 * If the registration is an All Registrants type, the key 7751 * is 0, since it doesn't really matter. 7752 */ 7753 if (lun->pr_res_idx != CTL_PR_ALL_REGISTRANTS) { 7754 memcpy(res->data.reservation, 7755 &lun->per_res[lun->pr_res_idx].res_key, 7756 sizeof(struct scsi_per_res_key)); 7757 } 7758 res->data.scopetype = lun->res_type; 7759 break; 7760 } 7761 case SPRI_RC: //report capabilities 7762 { 7763 struct scsi_per_res_cap *res_cap; 7764 uint16_t type_mask; 7765 7766 res_cap = (struct scsi_per_res_cap *)ctsio->kern_data_ptr; 7767 scsi_ulto2b(sizeof(*res_cap), res_cap->length); 7768 res_cap->flags2 |= SPRI_TMV | SPRI_ALLOW_3; 7769 type_mask = SPRI_TM_WR_EX_AR | 7770 SPRI_TM_EX_AC_RO | 7771 SPRI_TM_WR_EX_RO | 7772 SPRI_TM_EX_AC | 7773 SPRI_TM_WR_EX | 7774 SPRI_TM_EX_AC_AR; 7775 scsi_ulto2b(type_mask, res_cap->type_mask); 7776 break; 7777 } 7778 case SPRI_RS: //read full status 7779 default: 7780 /* 7781 * This is a bug, because we just checked for this above, 7782 * and should have returned an error. 7783 */ 7784 panic("Invalid PR type %x", cdb->action); 7785 break; /* NOTREACHED */ 7786 } 7787 mtx_unlock(&lun->lun_lock); 7788 7789 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 7790 ctsio->be_move_done = ctl_config_move_done; 7791 7792 CTL_DEBUG_PRINT(("buf = %x %x %x %x %x %x %x %x\n", 7793 ctsio->kern_data_ptr[0], ctsio->kern_data_ptr[1], 7794 ctsio->kern_data_ptr[2], ctsio->kern_data_ptr[3], 7795 ctsio->kern_data_ptr[4], ctsio->kern_data_ptr[5], 7796 ctsio->kern_data_ptr[6], ctsio->kern_data_ptr[7])); 7797 7798 ctl_datamove((union ctl_io *)ctsio); 7799 7800 return (CTL_RETVAL_COMPLETE); 7801} 7802 7803/* 7804 * Returns 0 if ctl_persistent_reserve_out() should continue, non-zero if 7805 * it should return. 7806 */ 7807static int 7808ctl_pro_preempt(struct ctl_softc *softc, struct ctl_lun *lun, uint64_t res_key, 7809 uint64_t sa_res_key, uint8_t type, uint32_t residx, 7810 struct ctl_scsiio *ctsio, struct scsi_per_res_out *cdb, 7811 struct scsi_per_res_out_parms* param) 7812{ 7813 union ctl_ha_msg persis_io; 7814 int retval, i; 7815 int isc_retval; 7816 7817 retval = 0; 7818 7819 mtx_lock(&lun->lun_lock); 7820 if (sa_res_key == 0) { 7821 if (lun->pr_res_idx == CTL_PR_ALL_REGISTRANTS) { 7822 /* validate scope and type */ 7823 if ((cdb->scope_type & SPR_SCOPE_MASK) != 7824 SPR_LU_SCOPE) { 7825 mtx_unlock(&lun->lun_lock); 7826 ctl_set_invalid_field(/*ctsio*/ ctsio, 7827 /*sks_valid*/ 1, 7828 /*command*/ 1, 7829 /*field*/ 2, 7830 /*bit_valid*/ 1, 7831 /*bit*/ 4); 7832 ctl_done((union ctl_io *)ctsio); 7833 return (1); 7834 } 7835 7836 if (type>8 || type==2 || type==4 || type==0) { 7837 mtx_unlock(&lun->lun_lock); 7838 ctl_set_invalid_field(/*ctsio*/ ctsio, 7839 /*sks_valid*/ 1, 7840 /*command*/ 1, 7841 /*field*/ 2, 7842 /*bit_valid*/ 1, 7843 /*bit*/ 0); 7844 ctl_done((union ctl_io *)ctsio); 7845 return (1); 7846 } 7847 7848 /* temporarily unregister this nexus */ 7849 lun->per_res[residx].registered = 0; 7850 7851 /* 7852 * Unregister everybody else and build UA for 7853 * them 7854 */ 7855 for(i=0; i < 2*CTL_MAX_INITIATORS; i++) { 7856 if (lun->per_res[i].registered == 0) 7857 continue; 7858 7859 if (!persis_offset 7860 && i <CTL_MAX_INITIATORS) 7861 lun->pending_sense[i].ua_pending |= 7862 CTL_UA_REG_PREEMPT; 7863 else if (persis_offset 7864 && i >= persis_offset) 7865 lun->pending_sense[i-persis_offset 7866 ].ua_pending |= 7867 CTL_UA_REG_PREEMPT; 7868 lun->per_res[i].registered = 0; 7869 memset(&lun->per_res[i].res_key, 0, 7870 sizeof(struct scsi_per_res_key)); 7871 } 7872 lun->per_res[residx].registered = 1; 7873 lun->pr_key_count = 1; 7874 lun->res_type = type; 7875 if (lun->res_type != SPR_TYPE_WR_EX_AR 7876 && lun->res_type != SPR_TYPE_EX_AC_AR) 7877 lun->pr_res_idx = residx; 7878 7879 /* send msg to other side */ 7880 persis_io.hdr.nexus = ctsio->io_hdr.nexus; 7881 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION; 7882 persis_io.pr.pr_info.action = CTL_PR_PREEMPT; 7883 persis_io.pr.pr_info.residx = lun->pr_res_idx; 7884 persis_io.pr.pr_info.res_type = type; 7885 memcpy(persis_io.pr.pr_info.sa_res_key, 7886 param->serv_act_res_key, 7887 sizeof(param->serv_act_res_key)); 7888 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL, 7889 &persis_io, sizeof(persis_io), 0)) > 7890 CTL_HA_STATUS_SUCCESS) { 7891 printf("CTL:Persis Out error returned " 7892 "from ctl_ha_msg_send %d\n", 7893 isc_retval); 7894 } 7895 } else { 7896 /* not all registrants */ 7897 mtx_unlock(&lun->lun_lock); 7898 free(ctsio->kern_data_ptr, M_CTL); 7899 ctl_set_invalid_field(ctsio, 7900 /*sks_valid*/ 1, 7901 /*command*/ 0, 7902 /*field*/ 8, 7903 /*bit_valid*/ 0, 7904 /*bit*/ 0); 7905 ctl_done((union ctl_io *)ctsio); 7906 return (1); 7907 } 7908 } else if (lun->pr_res_idx == CTL_PR_ALL_REGISTRANTS 7909 || !(lun->flags & CTL_LUN_PR_RESERVED)) { 7910 int found = 0; 7911 7912 if (res_key == sa_res_key) { 7913 /* special case */ 7914 /* 7915 * The spec implies this is not good but doesn't 7916 * say what to do. There are two choices either 7917 * generate a res conflict or check condition 7918 * with illegal field in parameter data. Since 7919 * that is what is done when the sa_res_key is 7920 * zero I'll take that approach since this has 7921 * to do with the sa_res_key. 7922 */ 7923 mtx_unlock(&lun->lun_lock); 7924 free(ctsio->kern_data_ptr, M_CTL); 7925 ctl_set_invalid_field(ctsio, 7926 /*sks_valid*/ 1, 7927 /*command*/ 0, 7928 /*field*/ 8, 7929 /*bit_valid*/ 0, 7930 /*bit*/ 0); 7931 ctl_done((union ctl_io *)ctsio); 7932 return (1); 7933 } 7934 7935 for (i=0; i < 2*CTL_MAX_INITIATORS; i++) { 7936 if (lun->per_res[i].registered 7937 && memcmp(param->serv_act_res_key, 7938 lun->per_res[i].res_key.key, 7939 sizeof(struct scsi_per_res_key)) != 0) 7940 continue; 7941 7942 found = 1; 7943 lun->per_res[i].registered = 0; 7944 memset(&lun->per_res[i].res_key, 0, 7945 sizeof(struct scsi_per_res_key)); 7946 lun->pr_key_count--; 7947 7948 if (!persis_offset 7949 && i < CTL_MAX_INITIATORS) 7950 lun->pending_sense[i].ua_pending |= 7951 CTL_UA_REG_PREEMPT; 7952 else if (persis_offset 7953 && i >= persis_offset) 7954 lun->pending_sense[i-persis_offset].ua_pending|= 7955 CTL_UA_REG_PREEMPT; 7956 } 7957 if (!found) { 7958 mtx_unlock(&lun->lun_lock); 7959 free(ctsio->kern_data_ptr, M_CTL); 7960 ctl_set_reservation_conflict(ctsio); 7961 ctl_done((union ctl_io *)ctsio); 7962 return (CTL_RETVAL_COMPLETE); 7963 } 7964 /* send msg to other side */ 7965 persis_io.hdr.nexus = ctsio->io_hdr.nexus; 7966 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION; 7967 persis_io.pr.pr_info.action = CTL_PR_PREEMPT; 7968 persis_io.pr.pr_info.residx = lun->pr_res_idx; 7969 persis_io.pr.pr_info.res_type = type; 7970 memcpy(persis_io.pr.pr_info.sa_res_key, 7971 param->serv_act_res_key, 7972 sizeof(param->serv_act_res_key)); 7973 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL, 7974 &persis_io, sizeof(persis_io), 0)) > 7975 CTL_HA_STATUS_SUCCESS) { 7976 printf("CTL:Persis Out error returned from " 7977 "ctl_ha_msg_send %d\n", isc_retval); 7978 } 7979 } else { 7980 /* Reserved but not all registrants */ 7981 /* sa_res_key is res holder */ 7982 if (memcmp(param->serv_act_res_key, 7983 lun->per_res[lun->pr_res_idx].res_key.key, 7984 sizeof(struct scsi_per_res_key)) == 0) { 7985 /* validate scope and type */ 7986 if ((cdb->scope_type & SPR_SCOPE_MASK) != 7987 SPR_LU_SCOPE) { 7988 mtx_unlock(&lun->lun_lock); 7989 ctl_set_invalid_field(/*ctsio*/ ctsio, 7990 /*sks_valid*/ 1, 7991 /*command*/ 1, 7992 /*field*/ 2, 7993 /*bit_valid*/ 1, 7994 /*bit*/ 4); 7995 ctl_done((union ctl_io *)ctsio); 7996 return (1); 7997 } 7998 7999 if (type>8 || type==2 || type==4 || type==0) { 8000 mtx_unlock(&lun->lun_lock); 8001 ctl_set_invalid_field(/*ctsio*/ ctsio, 8002 /*sks_valid*/ 1, 8003 /*command*/ 1, 8004 /*field*/ 2, 8005 /*bit_valid*/ 1, 8006 /*bit*/ 0); 8007 ctl_done((union ctl_io *)ctsio); 8008 return (1); 8009 } 8010 8011 /* 8012 * Do the following: 8013 * if sa_res_key != res_key remove all 8014 * registrants w/sa_res_key and generate UA 8015 * for these registrants(Registrations 8016 * Preempted) if it wasn't an exclusive 8017 * reservation generate UA(Reservations 8018 * Preempted) for all other registered nexuses 8019 * if the type has changed. Establish the new 8020 * reservation and holder. If res_key and 8021 * sa_res_key are the same do the above 8022 * except don't unregister the res holder. 8023 */ 8024 8025 /* 8026 * Temporarily unregister so it won't get 8027 * removed or UA generated 8028 */ 8029 lun->per_res[residx].registered = 0; 8030 for(i=0; i < 2*CTL_MAX_INITIATORS; i++) { 8031 if (lun->per_res[i].registered == 0) 8032 continue; 8033 8034 if (memcmp(param->serv_act_res_key, 8035 lun->per_res[i].res_key.key, 8036 sizeof(struct scsi_per_res_key)) == 0) { 8037 lun->per_res[i].registered = 0; 8038 memset(&lun->per_res[i].res_key, 8039 0, 8040 sizeof(struct scsi_per_res_key)); 8041 lun->pr_key_count--; 8042 8043 if (!persis_offset 8044 && i < CTL_MAX_INITIATORS) 8045 lun->pending_sense[i 8046 ].ua_pending |= 8047 CTL_UA_REG_PREEMPT; 8048 else if (persis_offset 8049 && i >= persis_offset) 8050 lun->pending_sense[ 8051 i-persis_offset].ua_pending |= 8052 CTL_UA_REG_PREEMPT; 8053 } else if (type != lun->res_type 8054 && (lun->res_type == SPR_TYPE_WR_EX_RO 8055 || lun->res_type ==SPR_TYPE_EX_AC_RO)){ 8056 if (!persis_offset 8057 && i < CTL_MAX_INITIATORS) 8058 lun->pending_sense[i 8059 ].ua_pending |= 8060 CTL_UA_RES_RELEASE; 8061 else if (persis_offset 8062 && i >= persis_offset) 8063 lun->pending_sense[ 8064 i-persis_offset 8065 ].ua_pending |= 8066 CTL_UA_RES_RELEASE; 8067 } 8068 } 8069 lun->per_res[residx].registered = 1; 8070 lun->res_type = type; 8071 if (lun->res_type != SPR_TYPE_WR_EX_AR 8072 && lun->res_type != SPR_TYPE_EX_AC_AR) 8073 lun->pr_res_idx = residx; 8074 else 8075 lun->pr_res_idx = 8076 CTL_PR_ALL_REGISTRANTS; 8077 8078 persis_io.hdr.nexus = ctsio->io_hdr.nexus; 8079 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION; 8080 persis_io.pr.pr_info.action = CTL_PR_PREEMPT; 8081 persis_io.pr.pr_info.residx = lun->pr_res_idx; 8082 persis_io.pr.pr_info.res_type = type; 8083 memcpy(persis_io.pr.pr_info.sa_res_key, 8084 param->serv_act_res_key, 8085 sizeof(param->serv_act_res_key)); 8086 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL, 8087 &persis_io, sizeof(persis_io), 0)) > 8088 CTL_HA_STATUS_SUCCESS) { 8089 printf("CTL:Persis Out error returned " 8090 "from ctl_ha_msg_send %d\n", 8091 isc_retval); 8092 } 8093 } else { 8094 /* 8095 * sa_res_key is not the res holder just 8096 * remove registrants 8097 */ 8098 int found=0; 8099 8100 for (i=0; i < 2*CTL_MAX_INITIATORS; i++) { 8101 if (memcmp(param->serv_act_res_key, 8102 lun->per_res[i].res_key.key, 8103 sizeof(struct scsi_per_res_key)) != 0) 8104 continue; 8105 8106 found = 1; 8107 lun->per_res[i].registered = 0; 8108 memset(&lun->per_res[i].res_key, 0, 8109 sizeof(struct scsi_per_res_key)); 8110 lun->pr_key_count--; 8111 8112 if (!persis_offset 8113 && i < CTL_MAX_INITIATORS) 8114 lun->pending_sense[i].ua_pending |= 8115 CTL_UA_REG_PREEMPT; 8116 else if (persis_offset 8117 && i >= persis_offset) 8118 lun->pending_sense[ 8119 i-persis_offset].ua_pending |= 8120 CTL_UA_REG_PREEMPT; 8121 } 8122 8123 if (!found) { 8124 mtx_unlock(&lun->lun_lock); 8125 free(ctsio->kern_data_ptr, M_CTL); 8126 ctl_set_reservation_conflict(ctsio); 8127 ctl_done((union ctl_io *)ctsio); 8128 return (1); 8129 } 8130 persis_io.hdr.nexus = ctsio->io_hdr.nexus; 8131 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION; 8132 persis_io.pr.pr_info.action = CTL_PR_PREEMPT; 8133 persis_io.pr.pr_info.residx = lun->pr_res_idx; 8134 persis_io.pr.pr_info.res_type = type; 8135 memcpy(persis_io.pr.pr_info.sa_res_key, 8136 param->serv_act_res_key, 8137 sizeof(param->serv_act_res_key)); 8138 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL, 8139 &persis_io, sizeof(persis_io), 0)) > 8140 CTL_HA_STATUS_SUCCESS) { 8141 printf("CTL:Persis Out error returned " 8142 "from ctl_ha_msg_send %d\n", 8143 isc_retval); 8144 } 8145 } 8146 } 8147 8148 lun->PRGeneration++; 8149 mtx_unlock(&lun->lun_lock); 8150 8151 return (retval); 8152} 8153 8154static void 8155ctl_pro_preempt_other(struct ctl_lun *lun, union ctl_ha_msg *msg) 8156{ 8157 int i; 8158 8159 if (lun->pr_res_idx == CTL_PR_ALL_REGISTRANTS 8160 || lun->pr_res_idx == CTL_PR_NO_RESERVATION 8161 || memcmp(&lun->per_res[lun->pr_res_idx].res_key, 8162 msg->pr.pr_info.sa_res_key, 8163 sizeof(struct scsi_per_res_key)) != 0) { 8164 uint64_t sa_res_key; 8165 sa_res_key = scsi_8btou64(msg->pr.pr_info.sa_res_key); 8166 8167 if (sa_res_key == 0) { 8168 /* temporarily unregister this nexus */ 8169 lun->per_res[msg->pr.pr_info.residx].registered = 0; 8170 8171 /* 8172 * Unregister everybody else and build UA for 8173 * them 8174 */ 8175 for(i=0; i < 2*CTL_MAX_INITIATORS; i++) { 8176 if (lun->per_res[i].registered == 0) 8177 continue; 8178 8179 if (!persis_offset 8180 && i < CTL_MAX_INITIATORS) 8181 lun->pending_sense[i].ua_pending |= 8182 CTL_UA_REG_PREEMPT; 8183 else if (persis_offset && i >= persis_offset) 8184 lun->pending_sense[i - 8185 persis_offset].ua_pending |= 8186 CTL_UA_REG_PREEMPT; 8187 lun->per_res[i].registered = 0; 8188 memset(&lun->per_res[i].res_key, 0, 8189 sizeof(struct scsi_per_res_key)); 8190 } 8191 8192 lun->per_res[msg->pr.pr_info.residx].registered = 1; 8193 lun->pr_key_count = 1; 8194 lun->res_type = msg->pr.pr_info.res_type; 8195 if (lun->res_type != SPR_TYPE_WR_EX_AR 8196 && lun->res_type != SPR_TYPE_EX_AC_AR) 8197 lun->pr_res_idx = msg->pr.pr_info.residx; 8198 } else { 8199 for (i=0; i < 2*CTL_MAX_INITIATORS; i++) { 8200 if (memcmp(msg->pr.pr_info.sa_res_key, 8201 lun->per_res[i].res_key.key, 8202 sizeof(struct scsi_per_res_key)) != 0) 8203 continue; 8204 8205 lun->per_res[i].registered = 0; 8206 memset(&lun->per_res[i].res_key, 0, 8207 sizeof(struct scsi_per_res_key)); 8208 lun->pr_key_count--; 8209 8210 if (!persis_offset 8211 && i < persis_offset) 8212 lun->pending_sense[i].ua_pending |= 8213 CTL_UA_REG_PREEMPT; 8214 else if (persis_offset 8215 && i >= persis_offset) 8216 lun->pending_sense[i - 8217 persis_offset].ua_pending |= 8218 CTL_UA_REG_PREEMPT; 8219 } 8220 } 8221 } else { 8222 /* 8223 * Temporarily unregister so it won't get removed 8224 * or UA generated 8225 */ 8226 lun->per_res[msg->pr.pr_info.residx].registered = 0; 8227 for (i=0; i < 2*CTL_MAX_INITIATORS; i++) { 8228 if (lun->per_res[i].registered == 0) 8229 continue; 8230 8231 if (memcmp(msg->pr.pr_info.sa_res_key, 8232 lun->per_res[i].res_key.key, 8233 sizeof(struct scsi_per_res_key)) == 0) { 8234 lun->per_res[i].registered = 0; 8235 memset(&lun->per_res[i].res_key, 0, 8236 sizeof(struct scsi_per_res_key)); 8237 lun->pr_key_count--; 8238 if (!persis_offset 8239 && i < CTL_MAX_INITIATORS) 8240 lun->pending_sense[i].ua_pending |= 8241 CTL_UA_REG_PREEMPT; 8242 else if (persis_offset 8243 && i >= persis_offset) 8244 lun->pending_sense[i - 8245 persis_offset].ua_pending |= 8246 CTL_UA_REG_PREEMPT; 8247 } else if (msg->pr.pr_info.res_type != lun->res_type 8248 && (lun->res_type == SPR_TYPE_WR_EX_RO 8249 || lun->res_type == SPR_TYPE_EX_AC_RO)) { 8250 if (!persis_offset 8251 && i < persis_offset) 8252 lun->pending_sense[i 8253 ].ua_pending |= 8254 CTL_UA_RES_RELEASE; 8255 else if (persis_offset 8256 && i >= persis_offset) 8257 lun->pending_sense[i - 8258 persis_offset].ua_pending |= 8259 CTL_UA_RES_RELEASE; 8260 } 8261 } 8262 lun->per_res[msg->pr.pr_info.residx].registered = 1; 8263 lun->res_type = msg->pr.pr_info.res_type; 8264 if (lun->res_type != SPR_TYPE_WR_EX_AR 8265 && lun->res_type != SPR_TYPE_EX_AC_AR) 8266 lun->pr_res_idx = msg->pr.pr_info.residx; 8267 else 8268 lun->pr_res_idx = CTL_PR_ALL_REGISTRANTS; 8269 } 8270 lun->PRGeneration++; 8271 8272} 8273 8274 8275int 8276ctl_persistent_reserve_out(struct ctl_scsiio *ctsio) 8277{ 8278 int retval; 8279 int isc_retval; 8280 u_int32_t param_len; 8281 struct scsi_per_res_out *cdb; 8282 struct ctl_lun *lun; 8283 struct scsi_per_res_out_parms* param; 8284 struct ctl_softc *softc; 8285 uint32_t residx; 8286 uint64_t res_key, sa_res_key; 8287 uint8_t type; 8288 union ctl_ha_msg persis_io; 8289 int i; 8290 8291 CTL_DEBUG_PRINT(("ctl_persistent_reserve_out\n")); 8292 8293 retval = CTL_RETVAL_COMPLETE; 8294 8295 softc = control_softc; 8296 8297 cdb = (struct scsi_per_res_out *)ctsio->cdb; 8298 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 8299 8300 /* 8301 * We only support whole-LUN scope. The scope & type are ignored for 8302 * register, register and ignore existing key and clear. 8303 * We sometimes ignore scope and type on preempts too!! 8304 * Verify reservation type here as well. 8305 */ 8306 type = cdb->scope_type & SPR_TYPE_MASK; 8307 if ((cdb->action == SPRO_RESERVE) 8308 || (cdb->action == SPRO_RELEASE)) { 8309 if ((cdb->scope_type & SPR_SCOPE_MASK) != SPR_LU_SCOPE) { 8310 ctl_set_invalid_field(/*ctsio*/ ctsio, 8311 /*sks_valid*/ 1, 8312 /*command*/ 1, 8313 /*field*/ 2, 8314 /*bit_valid*/ 1, 8315 /*bit*/ 4); 8316 ctl_done((union ctl_io *)ctsio); 8317 return (CTL_RETVAL_COMPLETE); 8318 } 8319 8320 if (type>8 || type==2 || type==4 || type==0) { 8321 ctl_set_invalid_field(/*ctsio*/ ctsio, 8322 /*sks_valid*/ 1, 8323 /*command*/ 1, 8324 /*field*/ 2, 8325 /*bit_valid*/ 1, 8326 /*bit*/ 0); 8327 ctl_done((union ctl_io *)ctsio); 8328 return (CTL_RETVAL_COMPLETE); 8329 } 8330 } 8331 8332 param_len = scsi_4btoul(cdb->length); 8333 8334 if ((ctsio->io_hdr.flags & CTL_FLAG_ALLOCATED) == 0) { 8335 ctsio->kern_data_ptr = malloc(param_len, M_CTL, M_WAITOK); 8336 ctsio->kern_data_len = param_len; 8337 ctsio->kern_total_len = param_len; 8338 ctsio->kern_data_resid = 0; 8339 ctsio->kern_rel_offset = 0; 8340 ctsio->kern_sg_entries = 0; 8341 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 8342 ctsio->be_move_done = ctl_config_move_done; 8343 ctl_datamove((union ctl_io *)ctsio); 8344 8345 return (CTL_RETVAL_COMPLETE); 8346 } 8347 8348 param = (struct scsi_per_res_out_parms *)ctsio->kern_data_ptr; 8349 8350 residx = ctl_get_resindex(&ctsio->io_hdr.nexus); 8351 res_key = scsi_8btou64(param->res_key.key); 8352 sa_res_key = scsi_8btou64(param->serv_act_res_key); 8353 8354 /* 8355 * Validate the reservation key here except for SPRO_REG_IGNO 8356 * This must be done for all other service actions 8357 */ 8358 if ((cdb->action & SPRO_ACTION_MASK) != SPRO_REG_IGNO) { 8359 mtx_lock(&lun->lun_lock); 8360 if (lun->per_res[residx].registered) { 8361 if (memcmp(param->res_key.key, 8362 lun->per_res[residx].res_key.key, 8363 ctl_min(sizeof(param->res_key), 8364 sizeof(lun->per_res[residx].res_key))) != 0) { 8365 /* 8366 * The current key passed in doesn't match 8367 * the one the initiator previously 8368 * registered. 8369 */ 8370 mtx_unlock(&lun->lun_lock); 8371 free(ctsio->kern_data_ptr, M_CTL); 8372 ctl_set_reservation_conflict(ctsio); 8373 ctl_done((union ctl_io *)ctsio); 8374 return (CTL_RETVAL_COMPLETE); 8375 } 8376 } else if ((cdb->action & SPRO_ACTION_MASK) != SPRO_REGISTER) { 8377 /* 8378 * We are not registered 8379 */ 8380 mtx_unlock(&lun->lun_lock); 8381 free(ctsio->kern_data_ptr, M_CTL); 8382 ctl_set_reservation_conflict(ctsio); 8383 ctl_done((union ctl_io *)ctsio); 8384 return (CTL_RETVAL_COMPLETE); 8385 } else if (res_key != 0) { 8386 /* 8387 * We are not registered and trying to register but 8388 * the register key isn't zero. 8389 */ 8390 mtx_unlock(&lun->lun_lock); 8391 free(ctsio->kern_data_ptr, M_CTL); 8392 ctl_set_reservation_conflict(ctsio); 8393 ctl_done((union ctl_io *)ctsio); 8394 return (CTL_RETVAL_COMPLETE); 8395 } 8396 mtx_unlock(&lun->lun_lock); 8397 } 8398 8399 switch (cdb->action & SPRO_ACTION_MASK) { 8400 case SPRO_REGISTER: 8401 case SPRO_REG_IGNO: { 8402 8403#if 0 8404 printf("Registration received\n"); 8405#endif 8406 8407 /* 8408 * We don't support any of these options, as we report in 8409 * the read capabilities request (see 8410 * ctl_persistent_reserve_in(), above). 8411 */ 8412 if ((param->flags & SPR_SPEC_I_PT) 8413 || (param->flags & SPR_ALL_TG_PT) 8414 || (param->flags & SPR_APTPL)) { 8415 int bit_ptr; 8416 8417 if (param->flags & SPR_APTPL) 8418 bit_ptr = 0; 8419 else if (param->flags & SPR_ALL_TG_PT) 8420 bit_ptr = 2; 8421 else /* SPR_SPEC_I_PT */ 8422 bit_ptr = 3; 8423 8424 free(ctsio->kern_data_ptr, M_CTL); 8425 ctl_set_invalid_field(ctsio, 8426 /*sks_valid*/ 1, 8427 /*command*/ 0, 8428 /*field*/ 20, 8429 /*bit_valid*/ 1, 8430 /*bit*/ bit_ptr); 8431 ctl_done((union ctl_io *)ctsio); 8432 return (CTL_RETVAL_COMPLETE); 8433 } 8434 8435 mtx_lock(&lun->lun_lock); 8436 8437 /* 8438 * The initiator wants to clear the 8439 * key/unregister. 8440 */ 8441 if (sa_res_key == 0) { 8442 if ((res_key == 0 8443 && (cdb->action & SPRO_ACTION_MASK) == SPRO_REGISTER) 8444 || ((cdb->action & SPRO_ACTION_MASK) == SPRO_REG_IGNO 8445 && !lun->per_res[residx].registered)) { 8446 mtx_unlock(&lun->lun_lock); 8447 goto done; 8448 } 8449 8450 lun->per_res[residx].registered = 0; 8451 memset(&lun->per_res[residx].res_key, 8452 0, sizeof(lun->per_res[residx].res_key)); 8453 lun->pr_key_count--; 8454 8455 if (residx == lun->pr_res_idx) { 8456 lun->flags &= ~CTL_LUN_PR_RESERVED; 8457 lun->pr_res_idx = CTL_PR_NO_RESERVATION; 8458 8459 if ((lun->res_type == SPR_TYPE_WR_EX_RO 8460 || lun->res_type == SPR_TYPE_EX_AC_RO) 8461 && lun->pr_key_count) { 8462 /* 8463 * If the reservation is a registrants 8464 * only type we need to generate a UA 8465 * for other registered inits. The 8466 * sense code should be RESERVATIONS 8467 * RELEASED 8468 */ 8469 8470 for (i = 0; i < CTL_MAX_INITIATORS;i++){ 8471 if (lun->per_res[ 8472 i+persis_offset].registered 8473 == 0) 8474 continue; 8475 lun->pending_sense[i 8476 ].ua_pending |= 8477 CTL_UA_RES_RELEASE; 8478 } 8479 } 8480 lun->res_type = 0; 8481 } else if (lun->pr_res_idx == CTL_PR_ALL_REGISTRANTS) { 8482 if (lun->pr_key_count==0) { 8483 lun->flags &= ~CTL_LUN_PR_RESERVED; 8484 lun->res_type = 0; 8485 lun->pr_res_idx = CTL_PR_NO_RESERVATION; 8486 } 8487 } 8488 persis_io.hdr.nexus = ctsio->io_hdr.nexus; 8489 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION; 8490 persis_io.pr.pr_info.action = CTL_PR_UNREG_KEY; 8491 persis_io.pr.pr_info.residx = residx; 8492 if ((isc_retval = ctl_ha_msg_send(CTL_HA_CHAN_CTL, 8493 &persis_io, sizeof(persis_io), 0 )) > 8494 CTL_HA_STATUS_SUCCESS) { 8495 printf("CTL:Persis Out error returned from " 8496 "ctl_ha_msg_send %d\n", isc_retval); 8497 } 8498 } else /* sa_res_key != 0 */ { 8499 8500 /* 8501 * If we aren't registered currently then increment 8502 * the key count and set the registered flag. 8503 */ 8504 if (!lun->per_res[residx].registered) { 8505 lun->pr_key_count++; 8506 lun->per_res[residx].registered = 1; 8507 } 8508 8509 memcpy(&lun->per_res[residx].res_key, 8510 param->serv_act_res_key, 8511 ctl_min(sizeof(param->serv_act_res_key), 8512 sizeof(lun->per_res[residx].res_key))); 8513 8514 persis_io.hdr.nexus = ctsio->io_hdr.nexus; 8515 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION; 8516 persis_io.pr.pr_info.action = CTL_PR_REG_KEY; 8517 persis_io.pr.pr_info.residx = residx; 8518 memcpy(persis_io.pr.pr_info.sa_res_key, 8519 param->serv_act_res_key, 8520 sizeof(param->serv_act_res_key)); 8521 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL, 8522 &persis_io, sizeof(persis_io), 0)) > 8523 CTL_HA_STATUS_SUCCESS) { 8524 printf("CTL:Persis Out error returned from " 8525 "ctl_ha_msg_send %d\n", isc_retval); 8526 } 8527 } 8528 lun->PRGeneration++; 8529 mtx_unlock(&lun->lun_lock); 8530 8531 break; 8532 } 8533 case SPRO_RESERVE: 8534#if 0 8535 printf("Reserve executed type %d\n", type); 8536#endif 8537 mtx_lock(&lun->lun_lock); 8538 if (lun->flags & CTL_LUN_PR_RESERVED) { 8539 /* 8540 * if this isn't the reservation holder and it's 8541 * not a "all registrants" type or if the type is 8542 * different then we have a conflict 8543 */ 8544 if ((lun->pr_res_idx != residx 8545 && lun->pr_res_idx != CTL_PR_ALL_REGISTRANTS) 8546 || lun->res_type != type) { 8547 mtx_unlock(&lun->lun_lock); 8548 free(ctsio->kern_data_ptr, M_CTL); 8549 ctl_set_reservation_conflict(ctsio); 8550 ctl_done((union ctl_io *)ctsio); 8551 return (CTL_RETVAL_COMPLETE); 8552 } 8553 mtx_unlock(&lun->lun_lock); 8554 } else /* create a reservation */ { 8555 /* 8556 * If it's not an "all registrants" type record 8557 * reservation holder 8558 */ 8559 if (type != SPR_TYPE_WR_EX_AR 8560 && type != SPR_TYPE_EX_AC_AR) 8561 lun->pr_res_idx = residx; /* Res holder */ 8562 else 8563 lun->pr_res_idx = CTL_PR_ALL_REGISTRANTS; 8564 8565 lun->flags |= CTL_LUN_PR_RESERVED; 8566 lun->res_type = type; 8567 8568 mtx_unlock(&lun->lun_lock); 8569 8570 /* send msg to other side */ 8571 persis_io.hdr.nexus = ctsio->io_hdr.nexus; 8572 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION; 8573 persis_io.pr.pr_info.action = CTL_PR_RESERVE; 8574 persis_io.pr.pr_info.residx = lun->pr_res_idx; 8575 persis_io.pr.pr_info.res_type = type; 8576 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL, 8577 &persis_io, sizeof(persis_io), 0)) > 8578 CTL_HA_STATUS_SUCCESS) { 8579 printf("CTL:Persis Out error returned from " 8580 "ctl_ha_msg_send %d\n", isc_retval); 8581 } 8582 } 8583 break; 8584 8585 case SPRO_RELEASE: 8586 mtx_lock(&lun->lun_lock); 8587 if ((lun->flags & CTL_LUN_PR_RESERVED) == 0) { 8588 /* No reservation exists return good status */ 8589 mtx_unlock(&lun->lun_lock); 8590 goto done; 8591 } 8592 /* 8593 * Is this nexus a reservation holder? 8594 */ 8595 if (lun->pr_res_idx != residx 8596 && lun->pr_res_idx != CTL_PR_ALL_REGISTRANTS) { 8597 /* 8598 * not a res holder return good status but 8599 * do nothing 8600 */ 8601 mtx_unlock(&lun->lun_lock); 8602 goto done; 8603 } 8604 8605 if (lun->res_type != type) { 8606 mtx_unlock(&lun->lun_lock); 8607 free(ctsio->kern_data_ptr, M_CTL); 8608 ctl_set_illegal_pr_release(ctsio); 8609 ctl_done((union ctl_io *)ctsio); 8610 return (CTL_RETVAL_COMPLETE); 8611 } 8612 8613 /* okay to release */ 8614 lun->flags &= ~CTL_LUN_PR_RESERVED; 8615 lun->pr_res_idx = CTL_PR_NO_RESERVATION; 8616 lun->res_type = 0; 8617 8618 /* 8619 * if this isn't an exclusive access 8620 * res generate UA for all other 8621 * registrants. 8622 */ 8623 if (type != SPR_TYPE_EX_AC 8624 && type != SPR_TYPE_WR_EX) { 8625 /* 8626 * temporarily unregister so we don't generate UA 8627 */ 8628 lun->per_res[residx].registered = 0; 8629 8630 for (i = 0; i < CTL_MAX_INITIATORS; i++) { 8631 if (lun->per_res[i+persis_offset].registered 8632 == 0) 8633 continue; 8634 lun->pending_sense[i].ua_pending |= 8635 CTL_UA_RES_RELEASE; 8636 } 8637 8638 lun->per_res[residx].registered = 1; 8639 } 8640 mtx_unlock(&lun->lun_lock); 8641 /* Send msg to other side */ 8642 persis_io.hdr.nexus = ctsio->io_hdr.nexus; 8643 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION; 8644 persis_io.pr.pr_info.action = CTL_PR_RELEASE; 8645 if ((isc_retval=ctl_ha_msg_send( CTL_HA_CHAN_CTL, &persis_io, 8646 sizeof(persis_io), 0)) > CTL_HA_STATUS_SUCCESS) { 8647 printf("CTL:Persis Out error returned from " 8648 "ctl_ha_msg_send %d\n", isc_retval); 8649 } 8650 break; 8651 8652 case SPRO_CLEAR: 8653 /* send msg to other side */ 8654 8655 mtx_lock(&lun->lun_lock); 8656 lun->flags &= ~CTL_LUN_PR_RESERVED; 8657 lun->res_type = 0; 8658 lun->pr_key_count = 0; 8659 lun->pr_res_idx = CTL_PR_NO_RESERVATION; 8660 8661 8662 memset(&lun->per_res[residx].res_key, 8663 0, sizeof(lun->per_res[residx].res_key)); 8664 lun->per_res[residx].registered = 0; 8665 8666 for (i=0; i < 2*CTL_MAX_INITIATORS; i++) 8667 if (lun->per_res[i].registered) { 8668 if (!persis_offset && i < CTL_MAX_INITIATORS) 8669 lun->pending_sense[i].ua_pending |= 8670 CTL_UA_RES_PREEMPT; 8671 else if (persis_offset && i >= persis_offset) 8672 lun->pending_sense[i-persis_offset 8673 ].ua_pending |= CTL_UA_RES_PREEMPT; 8674 8675 memset(&lun->per_res[i].res_key, 8676 0, sizeof(struct scsi_per_res_key)); 8677 lun->per_res[i].registered = 0; 8678 } 8679 lun->PRGeneration++; 8680 mtx_unlock(&lun->lun_lock); 8681 persis_io.hdr.nexus = ctsio->io_hdr.nexus; 8682 persis_io.hdr.msg_type = CTL_MSG_PERS_ACTION; 8683 persis_io.pr.pr_info.action = CTL_PR_CLEAR; 8684 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL, &persis_io, 8685 sizeof(persis_io), 0)) > CTL_HA_STATUS_SUCCESS) { 8686 printf("CTL:Persis Out error returned from " 8687 "ctl_ha_msg_send %d\n", isc_retval); 8688 } 8689 break; 8690 8691 case SPRO_PREEMPT: { 8692 int nretval; 8693 8694 nretval = ctl_pro_preempt(softc, lun, res_key, sa_res_key, type, 8695 residx, ctsio, cdb, param); 8696 if (nretval != 0) 8697 return (CTL_RETVAL_COMPLETE); 8698 break; 8699 } 8700 default: 8701 panic("Invalid PR type %x", cdb->action); 8702 } 8703 8704done: 8705 free(ctsio->kern_data_ptr, M_CTL); 8706 ctl_set_success(ctsio); 8707 ctl_done((union ctl_io *)ctsio); 8708 8709 return (retval); 8710} 8711 8712/* 8713 * This routine is for handling a message from the other SC pertaining to 8714 * persistent reserve out. All the error checking will have been done 8715 * so only perorming the action need be done here to keep the two 8716 * in sync. 8717 */ 8718static void 8719ctl_hndl_per_res_out_on_other_sc(union ctl_ha_msg *msg) 8720{ 8721 struct ctl_lun *lun; 8722 struct ctl_softc *softc; 8723 int i; 8724 uint32_t targ_lun; 8725 8726 softc = control_softc; 8727 8728 targ_lun = msg->hdr.nexus.targ_mapped_lun; 8729 lun = softc->ctl_luns[targ_lun]; 8730 mtx_lock(&lun->lun_lock); 8731 switch(msg->pr.pr_info.action) { 8732 case CTL_PR_REG_KEY: 8733 if (!lun->per_res[msg->pr.pr_info.residx].registered) { 8734 lun->per_res[msg->pr.pr_info.residx].registered = 1; 8735 lun->pr_key_count++; 8736 } 8737 lun->PRGeneration++; 8738 memcpy(&lun->per_res[msg->pr.pr_info.residx].res_key, 8739 msg->pr.pr_info.sa_res_key, 8740 sizeof(struct scsi_per_res_key)); 8741 break; 8742 8743 case CTL_PR_UNREG_KEY: 8744 lun->per_res[msg->pr.pr_info.residx].registered = 0; 8745 memset(&lun->per_res[msg->pr.pr_info.residx].res_key, 8746 0, sizeof(struct scsi_per_res_key)); 8747 lun->pr_key_count--; 8748 8749 /* XXX Need to see if the reservation has been released */ 8750 /* if so do we need to generate UA? */ 8751 if (msg->pr.pr_info.residx == lun->pr_res_idx) { 8752 lun->flags &= ~CTL_LUN_PR_RESERVED; 8753 lun->pr_res_idx = CTL_PR_NO_RESERVATION; 8754 8755 if ((lun->res_type == SPR_TYPE_WR_EX_RO 8756 || lun->res_type == SPR_TYPE_EX_AC_RO) 8757 && lun->pr_key_count) { 8758 /* 8759 * If the reservation is a registrants 8760 * only type we need to generate a UA 8761 * for other registered inits. The 8762 * sense code should be RESERVATIONS 8763 * RELEASED 8764 */ 8765 8766 for (i = 0; i < CTL_MAX_INITIATORS; i++) { 8767 if (lun->per_res[i+ 8768 persis_offset].registered == 0) 8769 continue; 8770 8771 lun->pending_sense[i 8772 ].ua_pending |= 8773 CTL_UA_RES_RELEASE; 8774 } 8775 } 8776 lun->res_type = 0; 8777 } else if (lun->pr_res_idx == CTL_PR_ALL_REGISTRANTS) { 8778 if (lun->pr_key_count==0) { 8779 lun->flags &= ~CTL_LUN_PR_RESERVED; 8780 lun->res_type = 0; 8781 lun->pr_res_idx = CTL_PR_NO_RESERVATION; 8782 } 8783 } 8784 lun->PRGeneration++; 8785 break; 8786 8787 case CTL_PR_RESERVE: 8788 lun->flags |= CTL_LUN_PR_RESERVED; 8789 lun->res_type = msg->pr.pr_info.res_type; 8790 lun->pr_res_idx = msg->pr.pr_info.residx; 8791 8792 break; 8793 8794 case CTL_PR_RELEASE: 8795 /* 8796 * if this isn't an exclusive access res generate UA for all 8797 * other registrants. 8798 */ 8799 if (lun->res_type != SPR_TYPE_EX_AC 8800 && lun->res_type != SPR_TYPE_WR_EX) { 8801 for (i = 0; i < CTL_MAX_INITIATORS; i++) 8802 if (lun->per_res[i+persis_offset].registered) 8803 lun->pending_sense[i].ua_pending |= 8804 CTL_UA_RES_RELEASE; 8805 } 8806 8807 lun->flags &= ~CTL_LUN_PR_RESERVED; 8808 lun->pr_res_idx = CTL_PR_NO_RESERVATION; 8809 lun->res_type = 0; 8810 break; 8811 8812 case CTL_PR_PREEMPT: 8813 ctl_pro_preempt_other(lun, msg); 8814 break; 8815 case CTL_PR_CLEAR: 8816 lun->flags &= ~CTL_LUN_PR_RESERVED; 8817 lun->res_type = 0; 8818 lun->pr_key_count = 0; 8819 lun->pr_res_idx = CTL_PR_NO_RESERVATION; 8820 8821 for (i=0; i < 2*CTL_MAX_INITIATORS; i++) { 8822 if (lun->per_res[i].registered == 0) 8823 continue; 8824 if (!persis_offset 8825 && i < CTL_MAX_INITIATORS) 8826 lun->pending_sense[i].ua_pending |= 8827 CTL_UA_RES_PREEMPT; 8828 else if (persis_offset 8829 && i >= persis_offset) 8830 lun->pending_sense[i-persis_offset].ua_pending|= 8831 CTL_UA_RES_PREEMPT; 8832 memset(&lun->per_res[i].res_key, 0, 8833 sizeof(struct scsi_per_res_key)); 8834 lun->per_res[i].registered = 0; 8835 } 8836 lun->PRGeneration++; 8837 break; 8838 } 8839 8840 mtx_unlock(&lun->lun_lock); 8841} 8842 8843int 8844ctl_read_write(struct ctl_scsiio *ctsio) 8845{ 8846 struct ctl_lun *lun; 8847 struct ctl_lba_len_flags *lbalen; 8848 uint64_t lba; 8849 uint32_t num_blocks; 8850 int fua, dpo; 8851 int retval; 8852 int isread; 8853 8854 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 8855 8856 CTL_DEBUG_PRINT(("ctl_read_write: command: %#x\n", ctsio->cdb[0])); 8857 8858 fua = 0; 8859 dpo = 0; 8860 8861 retval = CTL_RETVAL_COMPLETE; 8862 8863 isread = ctsio->cdb[0] == READ_6 || ctsio->cdb[0] == READ_10 8864 || ctsio->cdb[0] == READ_12 || ctsio->cdb[0] == READ_16; 8865 if (lun->flags & CTL_LUN_PR_RESERVED && isread) { 8866 uint32_t residx; 8867 8868 /* 8869 * XXX KDM need a lock here. 8870 */ 8871 residx = ctl_get_resindex(&ctsio->io_hdr.nexus); 8872 if ((lun->res_type == SPR_TYPE_EX_AC 8873 && residx != lun->pr_res_idx) 8874 || ((lun->res_type == SPR_TYPE_EX_AC_RO 8875 || lun->res_type == SPR_TYPE_EX_AC_AR) 8876 && !lun->per_res[residx].registered)) { 8877 ctl_set_reservation_conflict(ctsio); 8878 ctl_done((union ctl_io *)ctsio); 8879 return (CTL_RETVAL_COMPLETE); 8880 } 8881 } 8882 8883 switch (ctsio->cdb[0]) { 8884 case READ_6: 8885 case WRITE_6: { 8886 struct scsi_rw_6 *cdb; 8887 8888 cdb = (struct scsi_rw_6 *)ctsio->cdb; 8889 8890 lba = scsi_3btoul(cdb->addr); 8891 /* only 5 bits are valid in the most significant address byte */ 8892 lba &= 0x1fffff; 8893 num_blocks = cdb->length; 8894 /* 8895 * This is correct according to SBC-2. 8896 */ 8897 if (num_blocks == 0) 8898 num_blocks = 256; 8899 break; 8900 } 8901 case READ_10: 8902 case WRITE_10: { 8903 struct scsi_rw_10 *cdb; 8904 8905 cdb = (struct scsi_rw_10 *)ctsio->cdb; 8906 8907 if (cdb->byte2 & SRW10_FUA) 8908 fua = 1; 8909 if (cdb->byte2 & SRW10_DPO) 8910 dpo = 1; 8911 8912 lba = scsi_4btoul(cdb->addr); 8913 num_blocks = scsi_2btoul(cdb->length); 8914 break; 8915 } 8916 case WRITE_VERIFY_10: { 8917 struct scsi_write_verify_10 *cdb; 8918 8919 cdb = (struct scsi_write_verify_10 *)ctsio->cdb; 8920 8921 /* 8922 * XXX KDM we should do actual write verify support at some 8923 * point. This is obviously fake, we're just translating 8924 * things to a write. So we don't even bother checking the 8925 * BYTCHK field, since we don't do any verification. If 8926 * the user asks for it, we'll just pretend we did it. 8927 */ 8928 if (cdb->byte2 & SWV_DPO) 8929 dpo = 1; 8930 8931 lba = scsi_4btoul(cdb->addr); 8932 num_blocks = scsi_2btoul(cdb->length); 8933 break; 8934 } 8935 case READ_12: 8936 case WRITE_12: { 8937 struct scsi_rw_12 *cdb; 8938 8939 cdb = (struct scsi_rw_12 *)ctsio->cdb; 8940 8941 if (cdb->byte2 & SRW12_FUA) 8942 fua = 1; 8943 if (cdb->byte2 & SRW12_DPO) 8944 dpo = 1; 8945 lba = scsi_4btoul(cdb->addr); 8946 num_blocks = scsi_4btoul(cdb->length); 8947 break; 8948 } 8949 case WRITE_VERIFY_12: { 8950 struct scsi_write_verify_12 *cdb; 8951 8952 cdb = (struct scsi_write_verify_12 *)ctsio->cdb; 8953 8954 if (cdb->byte2 & SWV_DPO) 8955 dpo = 1; 8956 8957 lba = scsi_4btoul(cdb->addr); 8958 num_blocks = scsi_4btoul(cdb->length); 8959 8960 break; 8961 } 8962 case READ_16: 8963 case WRITE_16: { 8964 struct scsi_rw_16 *cdb; 8965 8966 cdb = (struct scsi_rw_16 *)ctsio->cdb; 8967 8968 if (cdb->byte2 & SRW12_FUA) 8969 fua = 1; 8970 if (cdb->byte2 & SRW12_DPO) 8971 dpo = 1; 8972 8973 lba = scsi_8btou64(cdb->addr); 8974 num_blocks = scsi_4btoul(cdb->length); 8975 break; 8976 } 8977 case WRITE_VERIFY_16: { 8978 struct scsi_write_verify_16 *cdb; 8979 8980 cdb = (struct scsi_write_verify_16 *)ctsio->cdb; 8981 8982 if (cdb->byte2 & SWV_DPO) 8983 dpo = 1; 8984 8985 lba = scsi_8btou64(cdb->addr); 8986 num_blocks = scsi_4btoul(cdb->length); 8987 break; 8988 } 8989 default: 8990 /* 8991 * We got a command we don't support. This shouldn't 8992 * happen, commands should be filtered out above us. 8993 */ 8994 ctl_set_invalid_opcode(ctsio); 8995 ctl_done((union ctl_io *)ctsio); 8996 8997 return (CTL_RETVAL_COMPLETE); 8998 break; /* NOTREACHED */ 8999 } 9000 9001 /* 9002 * XXX KDM what do we do with the DPO and FUA bits? FUA might be 9003 * interesting for us, but if RAIDCore is in write-back mode, 9004 * getting it to do write-through for a particular transaction may 9005 * not be possible. 9006 */ 9007 9008 /* 9009 * The first check is to make sure we're in bounds, the second 9010 * check is to catch wrap-around problems. If the lba + num blocks 9011 * is less than the lba, then we've wrapped around and the block 9012 * range is invalid anyway. 9013 */ 9014 if (((lba + num_blocks) > (lun->be_lun->maxlba + 1)) 9015 || ((lba + num_blocks) < lba)) { 9016 ctl_set_lba_out_of_range(ctsio); 9017 ctl_done((union ctl_io *)ctsio); 9018 return (CTL_RETVAL_COMPLETE); 9019 } 9020 9021 /* 9022 * According to SBC-3, a transfer length of 0 is not an error. 9023 * Note that this cannot happen with WRITE(6) or READ(6), since 0 9024 * translates to 256 blocks for those commands. 9025 */ 9026 if (num_blocks == 0) { 9027 ctl_set_success(ctsio); 9028 ctl_done((union ctl_io *)ctsio); 9029 return (CTL_RETVAL_COMPLETE); 9030 } 9031 9032 lbalen = (struct ctl_lba_len_flags *) 9033 &ctsio->io_hdr.ctl_private[CTL_PRIV_LBA_LEN]; 9034 lbalen->lba = lba; 9035 lbalen->len = num_blocks; 9036 lbalen->flags = isread ? CTL_LLF_READ : CTL_LLF_WRITE; 9037 9038 ctsio->kern_total_len = num_blocks * lun->be_lun->blocksize; 9039 ctsio->kern_rel_offset = 0; 9040 9041 CTL_DEBUG_PRINT(("ctl_read_write: calling data_submit()\n")); 9042 9043 retval = lun->backend->data_submit((union ctl_io *)ctsio); 9044 9045 return (retval); 9046} 9047 9048static int 9049ctl_cnw_cont(union ctl_io *io) 9050{ 9051 struct ctl_scsiio *ctsio; 9052 struct ctl_lun *lun; 9053 struct ctl_lba_len_flags *lbalen; 9054 int retval; 9055 9056 ctsio = &io->scsiio; 9057 ctsio->io_hdr.status = CTL_STATUS_NONE; 9058 ctsio->io_hdr.flags &= ~CTL_FLAG_IO_CONT; 9059 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 9060 lbalen = (struct ctl_lba_len_flags *) 9061 &ctsio->io_hdr.ctl_private[CTL_PRIV_LBA_LEN]; 9062 lbalen->flags = CTL_LLF_WRITE; 9063 9064 CTL_DEBUG_PRINT(("ctl_cnw_cont: calling data_submit()\n")); 9065 retval = lun->backend->data_submit((union ctl_io *)ctsio); 9066 return (retval); 9067} 9068 9069int 9070ctl_cnw(struct ctl_scsiio *ctsio) 9071{ 9072 struct ctl_lun *lun; 9073 struct ctl_lba_len_flags *lbalen; 9074 uint64_t lba; 9075 uint32_t num_blocks; 9076 int fua, dpo; 9077 int retval; 9078 9079 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 9080 9081 CTL_DEBUG_PRINT(("ctl_cnw: command: %#x\n", ctsio->cdb[0])); 9082 9083 fua = 0; 9084 dpo = 0; 9085 9086 retval = CTL_RETVAL_COMPLETE; 9087 9088 switch (ctsio->cdb[0]) { 9089 case COMPARE_AND_WRITE: { 9090 struct scsi_compare_and_write *cdb; 9091 9092 cdb = (struct scsi_compare_and_write *)ctsio->cdb; 9093 9094 if (cdb->byte2 & SRW10_FUA) 9095 fua = 1; 9096 if (cdb->byte2 & SRW10_DPO) 9097 dpo = 1; 9098 lba = scsi_8btou64(cdb->addr); 9099 num_blocks = cdb->length; 9100 break; 9101 } 9102 default: 9103 /* 9104 * We got a command we don't support. This shouldn't 9105 * happen, commands should be filtered out above us. 9106 */ 9107 ctl_set_invalid_opcode(ctsio); 9108 ctl_done((union ctl_io *)ctsio); 9109 9110 return (CTL_RETVAL_COMPLETE); 9111 break; /* NOTREACHED */ 9112 } 9113 9114 /* 9115 * XXX KDM what do we do with the DPO and FUA bits? FUA might be 9116 * interesting for us, but if RAIDCore is in write-back mode, 9117 * getting it to do write-through for a particular transaction may 9118 * not be possible. 9119 */ 9120 9121 /* 9122 * The first check is to make sure we're in bounds, the second 9123 * check is to catch wrap-around problems. If the lba + num blocks 9124 * is less than the lba, then we've wrapped around and the block 9125 * range is invalid anyway. 9126 */ 9127 if (((lba + num_blocks) > (lun->be_lun->maxlba + 1)) 9128 || ((lba + num_blocks) < lba)) { 9129 ctl_set_lba_out_of_range(ctsio); 9130 ctl_done((union ctl_io *)ctsio); 9131 return (CTL_RETVAL_COMPLETE); 9132 } 9133 9134 /* 9135 * According to SBC-3, a transfer length of 0 is not an error. 9136 */ 9137 if (num_blocks == 0) { 9138 ctl_set_success(ctsio); 9139 ctl_done((union ctl_io *)ctsio); 9140 return (CTL_RETVAL_COMPLETE); 9141 } 9142 9143 ctsio->kern_total_len = 2 * num_blocks * lun->be_lun->blocksize; 9144 ctsio->kern_rel_offset = 0; 9145 9146 /* 9147 * Set the IO_CONT flag, so that if this I/O gets passed to 9148 * ctl_data_submit_done(), it'll get passed back to 9149 * ctl_ctl_cnw_cont() for further processing. 9150 */ 9151 ctsio->io_hdr.flags |= CTL_FLAG_IO_CONT; 9152 ctsio->io_cont = ctl_cnw_cont; 9153 9154 lbalen = (struct ctl_lba_len_flags *) 9155 &ctsio->io_hdr.ctl_private[CTL_PRIV_LBA_LEN]; 9156 lbalen->lba = lba; 9157 lbalen->len = num_blocks; 9158 lbalen->flags = CTL_LLF_COMPARE; 9159 9160 CTL_DEBUG_PRINT(("ctl_cnw: calling data_submit()\n")); 9161 retval = lun->backend->data_submit((union ctl_io *)ctsio); 9162 return (retval); 9163} 9164 9165int 9166ctl_verify(struct ctl_scsiio *ctsio) 9167{ 9168 struct ctl_lun *lun; 9169 struct ctl_lba_len_flags *lbalen; 9170 uint64_t lba; 9171 uint32_t num_blocks; 9172 int bytchk, dpo; 9173 int retval; 9174 9175 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 9176 9177 CTL_DEBUG_PRINT(("ctl_verify: command: %#x\n", ctsio->cdb[0])); 9178 9179 bytchk = 0; 9180 dpo = 0; 9181 retval = CTL_RETVAL_COMPLETE; 9182 9183 switch (ctsio->cdb[0]) { 9184 case VERIFY_10: { 9185 struct scsi_verify_10 *cdb; 9186 9187 cdb = (struct scsi_verify_10 *)ctsio->cdb; 9188 if (cdb->byte2 & SVFY_BYTCHK) 9189 bytchk = 1; 9190 if (cdb->byte2 & SVFY_DPO) 9191 dpo = 1; 9192 lba = scsi_4btoul(cdb->addr); 9193 num_blocks = scsi_2btoul(cdb->length); 9194 break; 9195 } 9196 case VERIFY_12: { 9197 struct scsi_verify_12 *cdb; 9198 9199 cdb = (struct scsi_verify_12 *)ctsio->cdb; 9200 if (cdb->byte2 & SVFY_BYTCHK) 9201 bytchk = 1; 9202 if (cdb->byte2 & SVFY_DPO) 9203 dpo = 1; 9204 lba = scsi_4btoul(cdb->addr); 9205 num_blocks = scsi_4btoul(cdb->length); 9206 break; 9207 } 9208 case VERIFY_16: { 9209 struct scsi_rw_16 *cdb; 9210 9211 cdb = (struct scsi_rw_16 *)ctsio->cdb; 9212 if (cdb->byte2 & SVFY_BYTCHK) 9213 bytchk = 1; 9214 if (cdb->byte2 & SVFY_DPO) 9215 dpo = 1; 9216 lba = scsi_8btou64(cdb->addr); 9217 num_blocks = scsi_4btoul(cdb->length); 9218 break; 9219 } 9220 default: 9221 /* 9222 * We got a command we don't support. This shouldn't 9223 * happen, commands should be filtered out above us. 9224 */ 9225 ctl_set_invalid_opcode(ctsio); 9226 ctl_done((union ctl_io *)ctsio); 9227 return (CTL_RETVAL_COMPLETE); 9228 } 9229 9230 /* 9231 * The first check is to make sure we're in bounds, the second 9232 * check is to catch wrap-around problems. If the lba + num blocks 9233 * is less than the lba, then we've wrapped around and the block 9234 * range is invalid anyway. 9235 */ 9236 if (((lba + num_blocks) > (lun->be_lun->maxlba + 1)) 9237 || ((lba + num_blocks) < lba)) { 9238 ctl_set_lba_out_of_range(ctsio); 9239 ctl_done((union ctl_io *)ctsio); 9240 return (CTL_RETVAL_COMPLETE); 9241 } 9242 9243 /* 9244 * According to SBC-3, a transfer length of 0 is not an error. 9245 */ 9246 if (num_blocks == 0) { 9247 ctl_set_success(ctsio); 9248 ctl_done((union ctl_io *)ctsio); 9249 return (CTL_RETVAL_COMPLETE); 9250 } 9251 9252 lbalen = (struct ctl_lba_len_flags *) 9253 &ctsio->io_hdr.ctl_private[CTL_PRIV_LBA_LEN]; 9254 lbalen->lba = lba; 9255 lbalen->len = num_blocks; 9256 if (bytchk) { 9257 lbalen->flags = CTL_LLF_COMPARE; 9258 ctsio->kern_total_len = num_blocks * lun->be_lun->blocksize; 9259 } else { 9260 lbalen->flags = CTL_LLF_VERIFY; 9261 ctsio->kern_total_len = 0; 9262 } 9263 ctsio->kern_rel_offset = 0; 9264 9265 CTL_DEBUG_PRINT(("ctl_verify: calling data_submit()\n")); 9266 retval = lun->backend->data_submit((union ctl_io *)ctsio); 9267 return (retval); 9268} 9269 9270int 9271ctl_report_luns(struct ctl_scsiio *ctsio) 9272{ 9273 struct scsi_report_luns *cdb; 9274 struct scsi_report_luns_data *lun_data; 9275 struct ctl_lun *lun, *request_lun; 9276 int num_luns, retval; 9277 uint32_t alloc_len, lun_datalen; 9278 int num_filled, well_known; 9279 uint32_t initidx, targ_lun_id, lun_id; 9280 9281 retval = CTL_RETVAL_COMPLETE; 9282 well_known = 0; 9283 9284 cdb = (struct scsi_report_luns *)ctsio->cdb; 9285 9286 CTL_DEBUG_PRINT(("ctl_report_luns\n")); 9287 9288 mtx_lock(&control_softc->ctl_lock); 9289 num_luns = control_softc->num_luns; 9290 mtx_unlock(&control_softc->ctl_lock); 9291 9292 switch (cdb->select_report) { 9293 case RPL_REPORT_DEFAULT: 9294 case RPL_REPORT_ALL: 9295 break; 9296 case RPL_REPORT_WELLKNOWN: 9297 well_known = 1; 9298 num_luns = 0; 9299 break; 9300 default: 9301 ctl_set_invalid_field(ctsio, 9302 /*sks_valid*/ 1, 9303 /*command*/ 1, 9304 /*field*/ 2, 9305 /*bit_valid*/ 0, 9306 /*bit*/ 0); 9307 ctl_done((union ctl_io *)ctsio); 9308 return (retval); 9309 break; /* NOTREACHED */ 9310 } 9311 9312 alloc_len = scsi_4btoul(cdb->length); 9313 /* 9314 * The initiator has to allocate at least 16 bytes for this request, 9315 * so he can at least get the header and the first LUN. Otherwise 9316 * we reject the request (per SPC-3 rev 14, section 6.21). 9317 */ 9318 if (alloc_len < (sizeof(struct scsi_report_luns_data) + 9319 sizeof(struct scsi_report_luns_lundata))) { 9320 ctl_set_invalid_field(ctsio, 9321 /*sks_valid*/ 1, 9322 /*command*/ 1, 9323 /*field*/ 6, 9324 /*bit_valid*/ 0, 9325 /*bit*/ 0); 9326 ctl_done((union ctl_io *)ctsio); 9327 return (retval); 9328 } 9329 9330 request_lun = (struct ctl_lun *) 9331 ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 9332 9333 lun_datalen = sizeof(*lun_data) + 9334 (num_luns * sizeof(struct scsi_report_luns_lundata)); 9335 9336 ctsio->kern_data_ptr = malloc(lun_datalen, M_CTL, M_WAITOK | M_ZERO); 9337 lun_data = (struct scsi_report_luns_data *)ctsio->kern_data_ptr; 9338 ctsio->kern_sg_entries = 0; 9339 9340 initidx = ctl_get_initindex(&ctsio->io_hdr.nexus); 9341 9342 mtx_lock(&control_softc->ctl_lock); 9343 for (targ_lun_id = 0, num_filled = 0; targ_lun_id < CTL_MAX_LUNS && num_filled < num_luns; targ_lun_id++) { 9344 lun_id = ctl_map_lun(ctsio->io_hdr.nexus.targ_port, targ_lun_id); 9345 if (lun_id >= CTL_MAX_LUNS) 9346 continue; 9347 lun = control_softc->ctl_luns[lun_id]; 9348 if (lun == NULL) 9349 continue; 9350 9351 if (targ_lun_id <= 0xff) { 9352 /* 9353 * Peripheral addressing method, bus number 0. 9354 */ 9355 lun_data->luns[num_filled].lundata[0] = 9356 RPL_LUNDATA_ATYP_PERIPH; 9357 lun_data->luns[num_filled].lundata[1] = targ_lun_id; 9358 num_filled++; 9359 } else if (targ_lun_id <= 0x3fff) { 9360 /* 9361 * Flat addressing method. 9362 */ 9363 lun_data->luns[num_filled].lundata[0] = 9364 RPL_LUNDATA_ATYP_FLAT | 9365 (targ_lun_id & RPL_LUNDATA_FLAT_LUN_MASK); 9366#ifdef OLDCTLHEADERS 9367 (SRLD_ADDR_FLAT << SRLD_ADDR_SHIFT) | 9368 (targ_lun_id & SRLD_BUS_LUN_MASK); 9369#endif 9370 lun_data->luns[num_filled].lundata[1] = 9371#ifdef OLDCTLHEADERS 9372 targ_lun_id >> SRLD_BUS_LUN_BITS; 9373#endif 9374 targ_lun_id >> RPL_LUNDATA_FLAT_LUN_BITS; 9375 num_filled++; 9376 } else { 9377 printf("ctl_report_luns: bogus LUN number %jd, " 9378 "skipping\n", (intmax_t)targ_lun_id); 9379 } 9380 /* 9381 * According to SPC-3, rev 14 section 6.21: 9382 * 9383 * "The execution of a REPORT LUNS command to any valid and 9384 * installed logical unit shall clear the REPORTED LUNS DATA 9385 * HAS CHANGED unit attention condition for all logical 9386 * units of that target with respect to the requesting 9387 * initiator. A valid and installed logical unit is one 9388 * having a PERIPHERAL QUALIFIER of 000b in the standard 9389 * INQUIRY data (see 6.4.2)." 9390 * 9391 * If request_lun is NULL, the LUN this report luns command 9392 * was issued to is either disabled or doesn't exist. In that 9393 * case, we shouldn't clear any pending lun change unit 9394 * attention. 9395 */ 9396 if (request_lun != NULL) { 9397 mtx_lock(&lun->lun_lock); 9398 lun->pending_sense[initidx].ua_pending &= 9399 ~CTL_UA_LUN_CHANGE; 9400 mtx_unlock(&lun->lun_lock); 9401 } 9402 } 9403 mtx_unlock(&control_softc->ctl_lock); 9404 9405 /* 9406 * It's quite possible that we've returned fewer LUNs than we allocated 9407 * space for. Trim it. 9408 */ 9409 lun_datalen = sizeof(*lun_data) + 9410 (num_filled * sizeof(struct scsi_report_luns_lundata)); 9411 9412 if (lun_datalen < alloc_len) { 9413 ctsio->residual = alloc_len - lun_datalen; 9414 ctsio->kern_data_len = lun_datalen; 9415 ctsio->kern_total_len = lun_datalen; 9416 } else { 9417 ctsio->residual = 0; 9418 ctsio->kern_data_len = alloc_len; 9419 ctsio->kern_total_len = alloc_len; 9420 } 9421 ctsio->kern_data_resid = 0; 9422 ctsio->kern_rel_offset = 0; 9423 ctsio->kern_sg_entries = 0; 9424 9425 /* 9426 * We set this to the actual data length, regardless of how much 9427 * space we actually have to return results. If the user looks at 9428 * this value, he'll know whether or not he allocated enough space 9429 * and reissue the command if necessary. We don't support well 9430 * known logical units, so if the user asks for that, return none. 9431 */ 9432 scsi_ulto4b(lun_datalen - 8, lun_data->length); 9433 9434 /* 9435 * We can only return SCSI_STATUS_CHECK_COND when we can't satisfy 9436 * this request. 9437 */ 9438 ctsio->scsi_status = SCSI_STATUS_OK; 9439 9440 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 9441 ctsio->be_move_done = ctl_config_move_done; 9442 ctl_datamove((union ctl_io *)ctsio); 9443 9444 return (retval); 9445} 9446 9447int 9448ctl_request_sense(struct ctl_scsiio *ctsio) 9449{ 9450 struct scsi_request_sense *cdb; 9451 struct scsi_sense_data *sense_ptr; 9452 struct ctl_lun *lun; 9453 uint32_t initidx; 9454 int have_error; 9455 scsi_sense_data_type sense_format; 9456 9457 cdb = (struct scsi_request_sense *)ctsio->cdb; 9458 9459 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 9460 9461 CTL_DEBUG_PRINT(("ctl_request_sense\n")); 9462 9463 /* 9464 * Determine which sense format the user wants. 9465 */ 9466 if (cdb->byte2 & SRS_DESC) 9467 sense_format = SSD_TYPE_DESC; 9468 else 9469 sense_format = SSD_TYPE_FIXED; 9470 9471 ctsio->kern_data_ptr = malloc(sizeof(*sense_ptr), M_CTL, M_WAITOK); 9472 sense_ptr = (struct scsi_sense_data *)ctsio->kern_data_ptr; 9473 ctsio->kern_sg_entries = 0; 9474 9475 /* 9476 * struct scsi_sense_data, which is currently set to 256 bytes, is 9477 * larger than the largest allowed value for the length field in the 9478 * REQUEST SENSE CDB, which is 252 bytes as of SPC-4. 9479 */ 9480 ctsio->residual = 0; 9481 ctsio->kern_data_len = cdb->length; 9482 ctsio->kern_total_len = cdb->length; 9483 9484 ctsio->kern_data_resid = 0; 9485 ctsio->kern_rel_offset = 0; 9486 ctsio->kern_sg_entries = 0; 9487 9488 /* 9489 * If we don't have a LUN, we don't have any pending sense. 9490 */ 9491 if (lun == NULL) 9492 goto no_sense; 9493 9494 have_error = 0; 9495 initidx = ctl_get_initindex(&ctsio->io_hdr.nexus); 9496 /* 9497 * Check for pending sense, and then for pending unit attentions. 9498 * Pending sense gets returned first, then pending unit attentions. 9499 */ 9500 mtx_lock(&lun->lun_lock); 9501 if (ctl_is_set(lun->have_ca, initidx)) { 9502 scsi_sense_data_type stored_format; 9503 9504 /* 9505 * Check to see which sense format was used for the stored 9506 * sense data. 9507 */ 9508 stored_format = scsi_sense_type( 9509 &lun->pending_sense[initidx].sense); 9510 9511 /* 9512 * If the user requested a different sense format than the 9513 * one we stored, then we need to convert it to the other 9514 * format. If we're going from descriptor to fixed format 9515 * sense data, we may lose things in translation, depending 9516 * on what options were used. 9517 * 9518 * If the stored format is SSD_TYPE_NONE (i.e. invalid), 9519 * for some reason we'll just copy it out as-is. 9520 */ 9521 if ((stored_format == SSD_TYPE_FIXED) 9522 && (sense_format == SSD_TYPE_DESC)) 9523 ctl_sense_to_desc((struct scsi_sense_data_fixed *) 9524 &lun->pending_sense[initidx].sense, 9525 (struct scsi_sense_data_desc *)sense_ptr); 9526 else if ((stored_format == SSD_TYPE_DESC) 9527 && (sense_format == SSD_TYPE_FIXED)) 9528 ctl_sense_to_fixed((struct scsi_sense_data_desc *) 9529 &lun->pending_sense[initidx].sense, 9530 (struct scsi_sense_data_fixed *)sense_ptr); 9531 else 9532 memcpy(sense_ptr, &lun->pending_sense[initidx].sense, 9533 ctl_min(sizeof(*sense_ptr), 9534 sizeof(lun->pending_sense[initidx].sense))); 9535 9536 ctl_clear_mask(lun->have_ca, initidx); 9537 have_error = 1; 9538 } else if (lun->pending_sense[initidx].ua_pending != CTL_UA_NONE) { 9539 ctl_ua_type ua_type; 9540 9541 ua_type = ctl_build_ua(lun->pending_sense[initidx].ua_pending, 9542 sense_ptr, sense_format); 9543 if (ua_type != CTL_UA_NONE) { 9544 have_error = 1; 9545 /* We're reporting this UA, so clear it */ 9546 lun->pending_sense[initidx].ua_pending &= ~ua_type; 9547 } 9548 } 9549 mtx_unlock(&lun->lun_lock); 9550 9551 /* 9552 * We already have a pending error, return it. 9553 */ 9554 if (have_error != 0) { 9555 /* 9556 * We report the SCSI status as OK, since the status of the 9557 * request sense command itself is OK. 9558 */ 9559 ctsio->scsi_status = SCSI_STATUS_OK; 9560 9561 /* 9562 * We report 0 for the sense length, because we aren't doing 9563 * autosense in this case. We're reporting sense as 9564 * parameter data. 9565 */ 9566 ctsio->sense_len = 0; 9567 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 9568 ctsio->be_move_done = ctl_config_move_done; 9569 ctl_datamove((union ctl_io *)ctsio); 9570 9571 return (CTL_RETVAL_COMPLETE); 9572 } 9573 9574no_sense: 9575 9576 /* 9577 * No sense information to report, so we report that everything is 9578 * okay. 9579 */ 9580 ctl_set_sense_data(sense_ptr, 9581 lun, 9582 sense_format, 9583 /*current_error*/ 1, 9584 /*sense_key*/ SSD_KEY_NO_SENSE, 9585 /*asc*/ 0x00, 9586 /*ascq*/ 0x00, 9587 SSD_ELEM_NONE); 9588 9589 ctsio->scsi_status = SCSI_STATUS_OK; 9590 9591 /* 9592 * We report 0 for the sense length, because we aren't doing 9593 * autosense in this case. We're reporting sense as parameter data. 9594 */ 9595 ctsio->sense_len = 0; 9596 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 9597 ctsio->be_move_done = ctl_config_move_done; 9598 ctl_datamove((union ctl_io *)ctsio); 9599 9600 return (CTL_RETVAL_COMPLETE); 9601} 9602 9603int 9604ctl_tur(struct ctl_scsiio *ctsio) 9605{ 9606 struct ctl_lun *lun; 9607 9608 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 9609 9610 CTL_DEBUG_PRINT(("ctl_tur\n")); 9611 9612 if (lun == NULL) 9613 return (EINVAL); 9614 9615 ctsio->scsi_status = SCSI_STATUS_OK; 9616 ctsio->io_hdr.status = CTL_SUCCESS; 9617 9618 ctl_done((union ctl_io *)ctsio); 9619 9620 return (CTL_RETVAL_COMPLETE); 9621} 9622 9623#ifdef notyet 9624static int 9625ctl_cmddt_inquiry(struct ctl_scsiio *ctsio) 9626{ 9627 9628} 9629#endif 9630 9631static int 9632ctl_inquiry_evpd_supported(struct ctl_scsiio *ctsio, int alloc_len) 9633{ 9634 struct scsi_vpd_supported_pages *pages; 9635 int sup_page_size; 9636 struct ctl_lun *lun; 9637 9638 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 9639 9640 sup_page_size = sizeof(struct scsi_vpd_supported_pages) * 9641 SCSI_EVPD_NUM_SUPPORTED_PAGES; 9642 ctsio->kern_data_ptr = malloc(sup_page_size, M_CTL, M_WAITOK | M_ZERO); 9643 pages = (struct scsi_vpd_supported_pages *)ctsio->kern_data_ptr; 9644 ctsio->kern_sg_entries = 0; 9645 9646 if (sup_page_size < alloc_len) { 9647 ctsio->residual = alloc_len - sup_page_size; 9648 ctsio->kern_data_len = sup_page_size; 9649 ctsio->kern_total_len = sup_page_size; 9650 } else { 9651 ctsio->residual = 0; 9652 ctsio->kern_data_len = alloc_len; 9653 ctsio->kern_total_len = alloc_len; 9654 } 9655 ctsio->kern_data_resid = 0; 9656 ctsio->kern_rel_offset = 0; 9657 ctsio->kern_sg_entries = 0; 9658 9659 /* 9660 * The control device is always connected. The disk device, on the 9661 * other hand, may not be online all the time. Need to change this 9662 * to figure out whether the disk device is actually online or not. 9663 */ 9664 if (lun != NULL) 9665 pages->device = (SID_QUAL_LU_CONNECTED << 5) | 9666 lun->be_lun->lun_type; 9667 else 9668 pages->device = (SID_QUAL_LU_OFFLINE << 5) | T_DIRECT; 9669 9670 pages->length = SCSI_EVPD_NUM_SUPPORTED_PAGES; 9671 /* Supported VPD pages */ 9672 pages->page_list[0] = SVPD_SUPPORTED_PAGES; 9673 /* Serial Number */ 9674 pages->page_list[1] = SVPD_UNIT_SERIAL_NUMBER; 9675 /* Device Identification */ 9676 pages->page_list[2] = SVPD_DEVICE_ID; 9677 /* SCSI Ports */ 9678 pages->page_list[3] = SVPD_SCSI_PORTS; 9679 /* Block limits */ 9680 pages->page_list[4] = SVPD_BLOCK_LIMITS; 9681 /* Logical Block Provisioning */ 9682 pages->page_list[5] = SVPD_LBP; 9683 9684 ctsio->scsi_status = SCSI_STATUS_OK; 9685 9686 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 9687 ctsio->be_move_done = ctl_config_move_done; 9688 ctl_datamove((union ctl_io *)ctsio); 9689 9690 return (CTL_RETVAL_COMPLETE); 9691} 9692 9693static int 9694ctl_inquiry_evpd_serial(struct ctl_scsiio *ctsio, int alloc_len) 9695{ 9696 struct scsi_vpd_unit_serial_number *sn_ptr; 9697 struct ctl_lun *lun; 9698 9699 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 9700 9701 ctsio->kern_data_ptr = malloc(sizeof(*sn_ptr), M_CTL, M_WAITOK | M_ZERO); 9702 sn_ptr = (struct scsi_vpd_unit_serial_number *)ctsio->kern_data_ptr; 9703 ctsio->kern_sg_entries = 0; 9704 9705 if (sizeof(*sn_ptr) < alloc_len) { 9706 ctsio->residual = alloc_len - sizeof(*sn_ptr); 9707 ctsio->kern_data_len = sizeof(*sn_ptr); 9708 ctsio->kern_total_len = sizeof(*sn_ptr); 9709 } else { 9710 ctsio->residual = 0; 9711 ctsio->kern_data_len = alloc_len; 9712 ctsio->kern_total_len = alloc_len; 9713 } 9714 ctsio->kern_data_resid = 0; 9715 ctsio->kern_rel_offset = 0; 9716 ctsio->kern_sg_entries = 0; 9717 9718 /* 9719 * The control device is always connected. The disk device, on the 9720 * other hand, may not be online all the time. Need to change this 9721 * to figure out whether the disk device is actually online or not. 9722 */ 9723 if (lun != NULL) 9724 sn_ptr->device = (SID_QUAL_LU_CONNECTED << 5) | 9725 lun->be_lun->lun_type; 9726 else 9727 sn_ptr->device = (SID_QUAL_LU_OFFLINE << 5) | T_DIRECT; 9728 9729 sn_ptr->page_code = SVPD_UNIT_SERIAL_NUMBER; 9730 sn_ptr->length = ctl_min(sizeof(*sn_ptr) - 4, CTL_SN_LEN); 9731 /* 9732 * If we don't have a LUN, we just leave the serial number as 9733 * all spaces. 9734 */ 9735 memset(sn_ptr->serial_num, 0x20, sizeof(sn_ptr->serial_num)); 9736 if (lun != NULL) { 9737 strncpy((char *)sn_ptr->serial_num, 9738 (char *)lun->be_lun->serial_num, CTL_SN_LEN); 9739 } 9740 ctsio->scsi_status = SCSI_STATUS_OK; 9741 9742 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 9743 ctsio->be_move_done = ctl_config_move_done; 9744 ctl_datamove((union ctl_io *)ctsio); 9745 9746 return (CTL_RETVAL_COMPLETE); 9747} 9748 9749 9750static int 9751ctl_inquiry_evpd_devid(struct ctl_scsiio *ctsio, int alloc_len) 9752{ 9753 struct scsi_vpd_device_id *devid_ptr; 9754 struct scsi_vpd_id_descriptor *desc; 9755 struct ctl_softc *ctl_softc; 9756 struct ctl_lun *lun; 9757 struct ctl_port *port; 9758 int data_len; 9759 uint8_t proto; 9760 9761 ctl_softc = control_softc; 9762 9763 port = ctl_softc->ctl_ports[ctl_port_idx(ctsio->io_hdr.nexus.targ_port)]; 9764 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 9765 9766 data_len = sizeof(struct scsi_vpd_device_id) + 9767 sizeof(struct scsi_vpd_id_descriptor) + 9768 sizeof(struct scsi_vpd_id_rel_trgt_port_id) + 9769 sizeof(struct scsi_vpd_id_descriptor) + 9770 sizeof(struct scsi_vpd_id_trgt_port_grp_id); 9771 if (lun && lun->lun_devid) 9772 data_len += lun->lun_devid->len; 9773 if (port->port_devid) 9774 data_len += port->port_devid->len; 9775 if (port->target_devid) 9776 data_len += port->target_devid->len; 9777 9778 ctsio->kern_data_ptr = malloc(data_len, M_CTL, M_WAITOK | M_ZERO); 9779 devid_ptr = (struct scsi_vpd_device_id *)ctsio->kern_data_ptr; 9780 ctsio->kern_sg_entries = 0; 9781 9782 if (data_len < alloc_len) { 9783 ctsio->residual = alloc_len - data_len; 9784 ctsio->kern_data_len = data_len; 9785 ctsio->kern_total_len = data_len; 9786 } else { 9787 ctsio->residual = 0; 9788 ctsio->kern_data_len = alloc_len; 9789 ctsio->kern_total_len = alloc_len; 9790 } 9791 ctsio->kern_data_resid = 0; 9792 ctsio->kern_rel_offset = 0; 9793 ctsio->kern_sg_entries = 0; 9794 9795 /* 9796 * The control device is always connected. The disk device, on the 9797 * other hand, may not be online all the time. 9798 */ 9799 if (lun != NULL) 9800 devid_ptr->device = (SID_QUAL_LU_CONNECTED << 5) | 9801 lun->be_lun->lun_type; 9802 else 9803 devid_ptr->device = (SID_QUAL_LU_OFFLINE << 5) | T_DIRECT; 9804 devid_ptr->page_code = SVPD_DEVICE_ID; 9805 scsi_ulto2b(data_len - 4, devid_ptr->length); 9806 9807 if (port->port_type == CTL_PORT_FC) 9808 proto = SCSI_PROTO_FC << 4; 9809 else if (port->port_type == CTL_PORT_ISCSI) 9810 proto = SCSI_PROTO_ISCSI << 4; 9811 else 9812 proto = SCSI_PROTO_SPI << 4; 9813 desc = (struct scsi_vpd_id_descriptor *)devid_ptr->desc_list; 9814 9815 /* 9816 * We're using a LUN association here. i.e., this device ID is a 9817 * per-LUN identifier. 9818 */ 9819 if (lun && lun->lun_devid) { 9820 memcpy(desc, lun->lun_devid->data, lun->lun_devid->len); 9821 desc = (struct scsi_vpd_id_descriptor *)((uint8_t *)desc + 9822 lun->lun_devid->len); 9823 } 9824 9825 /* 9826 * This is for the WWPN which is a port association. 9827 */ 9828 if (port->port_devid) { 9829 memcpy(desc, port->port_devid->data, port->port_devid->len); 9830 desc = (struct scsi_vpd_id_descriptor *)((uint8_t *)desc + 9831 port->port_devid->len); 9832 } 9833 9834 /* 9835 * This is for the Relative Target Port(type 4h) identifier 9836 */ 9837 desc->proto_codeset = proto | SVPD_ID_CODESET_BINARY; 9838 desc->id_type = SVPD_ID_PIV | SVPD_ID_ASSOC_PORT | 9839 SVPD_ID_TYPE_RELTARG; 9840 desc->length = 4; 9841 scsi_ulto2b(ctsio->io_hdr.nexus.targ_port, &desc->identifier[2]); 9842 desc = (struct scsi_vpd_id_descriptor *)(&desc->identifier[0] + 9843 sizeof(struct scsi_vpd_id_rel_trgt_port_id)); 9844 9845 /* 9846 * This is for the Target Port Group(type 5h) identifier 9847 */ 9848 desc->proto_codeset = proto | SVPD_ID_CODESET_BINARY; 9849 desc->id_type = SVPD_ID_PIV | SVPD_ID_ASSOC_PORT | 9850 SVPD_ID_TYPE_TPORTGRP; 9851 desc->length = 4; 9852 scsi_ulto2b(ctsio->io_hdr.nexus.targ_port / CTL_MAX_PORTS + 1, 9853 &desc->identifier[2]); 9854 desc = (struct scsi_vpd_id_descriptor *)(&desc->identifier[0] + 9855 sizeof(struct scsi_vpd_id_trgt_port_grp_id)); 9856 9857 /* 9858 * This is for the Target identifier 9859 */ 9860 if (port->target_devid) { 9861 memcpy(desc, port->target_devid->data, port->target_devid->len); 9862 } 9863 9864 ctsio->scsi_status = SCSI_STATUS_OK; 9865 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 9866 ctsio->be_move_done = ctl_config_move_done; 9867 ctl_datamove((union ctl_io *)ctsio); 9868 9869 return (CTL_RETVAL_COMPLETE); 9870} 9871 9872static int 9873ctl_inquiry_evpd_scsi_ports(struct ctl_scsiio *ctsio, int alloc_len) 9874{ 9875 struct ctl_softc *softc = control_softc; 9876 struct scsi_vpd_scsi_ports *sp; 9877 struct scsi_vpd_port_designation *pd; 9878 struct scsi_vpd_port_designation_cont *pdc; 9879 struct ctl_lun *lun; 9880 struct ctl_port *port; 9881 int data_len, num_target_ports, id_len, g, pg, p; 9882 int num_target_port_groups, single; 9883 9884 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 9885 9886 single = ctl_is_single; 9887 if (single) 9888 num_target_port_groups = 1; 9889 else 9890 num_target_port_groups = NUM_TARGET_PORT_GROUPS; 9891 num_target_ports = 0; 9892 id_len = 0; 9893 mtx_lock(&softc->ctl_lock); 9894 STAILQ_FOREACH(port, &softc->port_list, links) { 9895 if ((port->status & CTL_PORT_STATUS_ONLINE) == 0) 9896 continue; 9897 if (ctl_map_lun_back(port->targ_port, lun->lun) >= 9898 CTL_MAX_LUNS) 9899 continue; 9900 num_target_ports++; 9901 if (port->port_devid) 9902 id_len += port->port_devid->len; 9903 } 9904 mtx_unlock(&softc->ctl_lock); 9905 9906 data_len = sizeof(struct scsi_vpd_scsi_ports) + num_target_port_groups * 9907 num_target_ports * (sizeof(struct scsi_vpd_port_designation) + 9908 sizeof(struct scsi_vpd_port_designation_cont)) + id_len; 9909 ctsio->kern_data_ptr = malloc(data_len, M_CTL, M_WAITOK | M_ZERO); 9910 sp = (struct scsi_vpd_scsi_ports *)ctsio->kern_data_ptr; 9911 ctsio->kern_sg_entries = 0; 9912 9913 if (data_len < alloc_len) { 9914 ctsio->residual = alloc_len - data_len; 9915 ctsio->kern_data_len = data_len; 9916 ctsio->kern_total_len = data_len; 9917 } else { 9918 ctsio->residual = 0; 9919 ctsio->kern_data_len = alloc_len; 9920 ctsio->kern_total_len = alloc_len; 9921 } 9922 ctsio->kern_data_resid = 0; 9923 ctsio->kern_rel_offset = 0; 9924 ctsio->kern_sg_entries = 0; 9925 9926 /* 9927 * The control device is always connected. The disk device, on the 9928 * other hand, may not be online all the time. Need to change this 9929 * to figure out whether the disk device is actually online or not. 9930 */ 9931 if (lun != NULL) 9932 sp->device = (SID_QUAL_LU_CONNECTED << 5) | 9933 lun->be_lun->lun_type; 9934 else 9935 sp->device = (SID_QUAL_LU_OFFLINE << 5) | T_DIRECT; 9936 9937 sp->page_code = SVPD_SCSI_PORTS; 9938 scsi_ulto2b(data_len - sizeof(struct scsi_vpd_scsi_ports), 9939 sp->page_length); 9940 pd = &sp->design[0]; 9941 9942 mtx_lock(&softc->ctl_lock); 9943 if (softc->flags & CTL_FLAG_MASTER_SHELF) 9944 pg = 0; 9945 else 9946 pg = 1; 9947 for (g = 0; g < num_target_port_groups; g++) { 9948 STAILQ_FOREACH(port, &softc->port_list, links) { 9949 if ((port->status & CTL_PORT_STATUS_ONLINE) == 0) 9950 continue; 9951 if (ctl_map_lun_back(port->targ_port, lun->lun) >= 9952 CTL_MAX_LUNS) 9953 continue; 9954 p = port->targ_port % CTL_MAX_PORTS + g * CTL_MAX_PORTS; 9955 scsi_ulto2b(p, pd->relative_port_id); 9956 scsi_ulto2b(0, pd->initiator_transportid_length); 9957 pdc = (struct scsi_vpd_port_designation_cont *) 9958 &pd->initiator_transportid[0]; 9959 if (port->port_devid && g == pg) { 9960 id_len = port->port_devid->len; 9961 scsi_ulto2b(port->port_devid->len, 9962 pdc->target_port_descriptors_length); 9963 memcpy(pdc->target_port_descriptors, 9964 port->port_devid->data, port->port_devid->len); 9965 } else { 9966 id_len = 0; 9967 scsi_ulto2b(0, pdc->target_port_descriptors_length); 9968 } 9969 pd = (struct scsi_vpd_port_designation *) 9970 ((uint8_t *)pdc->target_port_descriptors + id_len); 9971 } 9972 } 9973 mtx_unlock(&softc->ctl_lock); 9974 9975 ctsio->scsi_status = SCSI_STATUS_OK; 9976 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 9977 ctsio->be_move_done = ctl_config_move_done; 9978 ctl_datamove((union ctl_io *)ctsio); 9979 9980 return (CTL_RETVAL_COMPLETE); 9981} 9982 9983static int 9984ctl_inquiry_evpd_block_limits(struct ctl_scsiio *ctsio, int alloc_len) 9985{ 9986 struct scsi_vpd_block_limits *bl_ptr; 9987 struct ctl_lun *lun; 9988 int bs; 9989 9990 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 9991 bs = lun->be_lun->blocksize; 9992 9993 ctsio->kern_data_ptr = malloc(sizeof(*bl_ptr), M_CTL, M_WAITOK | M_ZERO); 9994 bl_ptr = (struct scsi_vpd_block_limits *)ctsio->kern_data_ptr; 9995 ctsio->kern_sg_entries = 0; 9996 9997 if (sizeof(*bl_ptr) < alloc_len) { 9998 ctsio->residual = alloc_len - sizeof(*bl_ptr); 9999 ctsio->kern_data_len = sizeof(*bl_ptr); 10000 ctsio->kern_total_len = sizeof(*bl_ptr); 10001 } else { 10002 ctsio->residual = 0; 10003 ctsio->kern_data_len = alloc_len; 10004 ctsio->kern_total_len = alloc_len; 10005 } 10006 ctsio->kern_data_resid = 0; 10007 ctsio->kern_rel_offset = 0; 10008 ctsio->kern_sg_entries = 0; 10009 10010 /* 10011 * The control device is always connected. The disk device, on the 10012 * other hand, may not be online all the time. Need to change this 10013 * to figure out whether the disk device is actually online or not. 10014 */ 10015 if (lun != NULL) 10016 bl_ptr->device = (SID_QUAL_LU_CONNECTED << 5) | 10017 lun->be_lun->lun_type; 10018 else 10019 bl_ptr->device = (SID_QUAL_LU_OFFLINE << 5) | T_DIRECT; 10020 10021 bl_ptr->page_code = SVPD_BLOCK_LIMITS; 10022 scsi_ulto2b(sizeof(*bl_ptr), bl_ptr->page_length); 10023 bl_ptr->max_cmp_write_len = 0xff; 10024 scsi_ulto4b(0xffffffff, bl_ptr->max_txfer_len); 10025 scsi_ulto4b(MAXPHYS / bs, bl_ptr->opt_txfer_len); 10026 if (lun->be_lun->flags & CTL_LUN_FLAG_UNMAP) { 10027 scsi_ulto4b(0xffffffff, bl_ptr->max_unmap_lba_cnt); 10028 scsi_ulto4b(0xffffffff, bl_ptr->max_unmap_blk_cnt); 10029 } 10030 scsi_u64to8b(UINT64_MAX, bl_ptr->max_write_same_length); 10031 10032 ctsio->scsi_status = SCSI_STATUS_OK; 10033 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 10034 ctsio->be_move_done = ctl_config_move_done; 10035 ctl_datamove((union ctl_io *)ctsio); 10036 10037 return (CTL_RETVAL_COMPLETE); 10038} 10039 10040static int 10041ctl_inquiry_evpd_lbp(struct ctl_scsiio *ctsio, int alloc_len) 10042{ 10043 struct scsi_vpd_logical_block_prov *lbp_ptr; 10044 struct ctl_lun *lun; 10045 int bs; 10046 10047 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 10048 bs = lun->be_lun->blocksize; 10049 10050 ctsio->kern_data_ptr = malloc(sizeof(*lbp_ptr), M_CTL, M_WAITOK | M_ZERO); 10051 lbp_ptr = (struct scsi_vpd_logical_block_prov *)ctsio->kern_data_ptr; 10052 ctsio->kern_sg_entries = 0; 10053 10054 if (sizeof(*lbp_ptr) < alloc_len) { 10055 ctsio->residual = alloc_len - sizeof(*lbp_ptr); 10056 ctsio->kern_data_len = sizeof(*lbp_ptr); 10057 ctsio->kern_total_len = sizeof(*lbp_ptr); 10058 } else { 10059 ctsio->residual = 0; 10060 ctsio->kern_data_len = alloc_len; 10061 ctsio->kern_total_len = alloc_len; 10062 } 10063 ctsio->kern_data_resid = 0; 10064 ctsio->kern_rel_offset = 0; 10065 ctsio->kern_sg_entries = 0; 10066 10067 /* 10068 * The control device is always connected. The disk device, on the 10069 * other hand, may not be online all the time. Need to change this 10070 * to figure out whether the disk device is actually online or not. 10071 */ 10072 if (lun != NULL) 10073 lbp_ptr->device = (SID_QUAL_LU_CONNECTED << 5) | 10074 lun->be_lun->lun_type; 10075 else 10076 lbp_ptr->device = (SID_QUAL_LU_OFFLINE << 5) | T_DIRECT; 10077 10078 lbp_ptr->page_code = SVPD_LBP; 10079 if (lun->be_lun->flags & CTL_LUN_FLAG_UNMAP) 10080 lbp_ptr->flags = SVPD_LBP_UNMAP | SVPD_LBP_WS16 | SVPD_LBP_WS10; 10081 10082 ctsio->scsi_status = SCSI_STATUS_OK; 10083 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 10084 ctsio->be_move_done = ctl_config_move_done; 10085 ctl_datamove((union ctl_io *)ctsio); 10086 10087 return (CTL_RETVAL_COMPLETE); 10088} 10089 10090static int 10091ctl_inquiry_evpd(struct ctl_scsiio *ctsio) 10092{ 10093 struct scsi_inquiry *cdb; 10094 struct ctl_lun *lun; 10095 int alloc_len, retval; 10096 10097 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 10098 cdb = (struct scsi_inquiry *)ctsio->cdb; 10099 10100 retval = CTL_RETVAL_COMPLETE; 10101 10102 alloc_len = scsi_2btoul(cdb->length); 10103 10104 switch (cdb->page_code) { 10105 case SVPD_SUPPORTED_PAGES: 10106 retval = ctl_inquiry_evpd_supported(ctsio, alloc_len); 10107 break; 10108 case SVPD_UNIT_SERIAL_NUMBER: 10109 retval = ctl_inquiry_evpd_serial(ctsio, alloc_len); 10110 break; 10111 case SVPD_DEVICE_ID: 10112 retval = ctl_inquiry_evpd_devid(ctsio, alloc_len); 10113 break; 10114 case SVPD_SCSI_PORTS: 10115 retval = ctl_inquiry_evpd_scsi_ports(ctsio, alloc_len); 10116 break; 10117 case SVPD_BLOCK_LIMITS: 10118 retval = ctl_inquiry_evpd_block_limits(ctsio, alloc_len); 10119 break; 10120 case SVPD_LBP: 10121 retval = ctl_inquiry_evpd_lbp(ctsio, alloc_len); 10122 break; 10123 default: 10124 ctl_set_invalid_field(ctsio, 10125 /*sks_valid*/ 1, 10126 /*command*/ 1, 10127 /*field*/ 2, 10128 /*bit_valid*/ 0, 10129 /*bit*/ 0); 10130 ctl_done((union ctl_io *)ctsio); 10131 retval = CTL_RETVAL_COMPLETE; 10132 break; 10133 } 10134 10135 return (retval); 10136} 10137 10138static int 10139ctl_inquiry_std(struct ctl_scsiio *ctsio) 10140{ 10141 struct scsi_inquiry_data *inq_ptr; 10142 struct scsi_inquiry *cdb; 10143 struct ctl_softc *ctl_softc; 10144 struct ctl_lun *lun; 10145 char *val; 10146 uint32_t alloc_len; 10147 int is_fc; 10148 10149 ctl_softc = control_softc; 10150 10151 /* 10152 * Figure out whether we're talking to a Fibre Channel port or not. 10153 * We treat the ioctl front end, and any SCSI adapters, as packetized 10154 * SCSI front ends. 10155 */ 10156 if (ctl_softc->ctl_ports[ctl_port_idx(ctsio->io_hdr.nexus.targ_port)]->port_type != 10157 CTL_PORT_FC) 10158 is_fc = 0; 10159 else 10160 is_fc = 1; 10161 10162 lun = ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 10163 cdb = (struct scsi_inquiry *)ctsio->cdb; 10164 alloc_len = scsi_2btoul(cdb->length); 10165 10166 /* 10167 * We malloc the full inquiry data size here and fill it 10168 * in. If the user only asks for less, we'll give him 10169 * that much. 10170 */ 10171 ctsio->kern_data_ptr = malloc(sizeof(*inq_ptr), M_CTL, M_WAITOK | M_ZERO); 10172 inq_ptr = (struct scsi_inquiry_data *)ctsio->kern_data_ptr; 10173 ctsio->kern_sg_entries = 0; 10174 ctsio->kern_data_resid = 0; 10175 ctsio->kern_rel_offset = 0; 10176 10177 if (sizeof(*inq_ptr) < alloc_len) { 10178 ctsio->residual = alloc_len - sizeof(*inq_ptr); 10179 ctsio->kern_data_len = sizeof(*inq_ptr); 10180 ctsio->kern_total_len = sizeof(*inq_ptr); 10181 } else { 10182 ctsio->residual = 0; 10183 ctsio->kern_data_len = alloc_len; 10184 ctsio->kern_total_len = alloc_len; 10185 } 10186 10187 /* 10188 * If we have a LUN configured, report it as connected. Otherwise, 10189 * report that it is offline or no device is supported, depending 10190 * on the value of inquiry_pq_no_lun. 10191 * 10192 * According to the spec (SPC-4 r34), the peripheral qualifier 10193 * SID_QUAL_LU_OFFLINE (001b) is used in the following scenario: 10194 * 10195 * "A peripheral device having the specified peripheral device type 10196 * is not connected to this logical unit. However, the device 10197 * server is capable of supporting the specified peripheral device 10198 * type on this logical unit." 10199 * 10200 * According to the same spec, the peripheral qualifier 10201 * SID_QUAL_BAD_LU (011b) is used in this scenario: 10202 * 10203 * "The device server is not capable of supporting a peripheral 10204 * device on this logical unit. For this peripheral qualifier the 10205 * peripheral device type shall be set to 1Fh. All other peripheral 10206 * device type values are reserved for this peripheral qualifier." 10207 * 10208 * Given the text, it would seem that we probably want to report that 10209 * the LUN is offline here. There is no LUN connected, but we can 10210 * support a LUN at the given LUN number. 10211 * 10212 * In the real world, though, it sounds like things are a little 10213 * different: 10214 * 10215 * - Linux, when presented with a LUN with the offline peripheral 10216 * qualifier, will create an sg driver instance for it. So when 10217 * you attach it to CTL, you wind up with a ton of sg driver 10218 * instances. (One for every LUN that Linux bothered to probe.) 10219 * Linux does this despite the fact that it issues a REPORT LUNs 10220 * to LUN 0 to get the inventory of supported LUNs. 10221 * 10222 * - There is other anecdotal evidence (from Emulex folks) about 10223 * arrays that use the offline peripheral qualifier for LUNs that 10224 * are on the "passive" path in an active/passive array. 10225 * 10226 * So the solution is provide a hopefully reasonable default 10227 * (return bad/no LUN) and allow the user to change the behavior 10228 * with a tunable/sysctl variable. 10229 */ 10230 if (lun != NULL) 10231 inq_ptr->device = (SID_QUAL_LU_CONNECTED << 5) | 10232 lun->be_lun->lun_type; 10233 else if (ctl_softc->inquiry_pq_no_lun == 0) 10234 inq_ptr->device = (SID_QUAL_LU_OFFLINE << 5) | T_DIRECT; 10235 else 10236 inq_ptr->device = (SID_QUAL_BAD_LU << 5) | T_NODEVICE; 10237 10238 /* RMB in byte 2 is 0 */ 10239 inq_ptr->version = SCSI_REV_SPC3; 10240 10241 /* 10242 * According to SAM-3, even if a device only supports a single 10243 * level of LUN addressing, it should still set the HISUP bit: 10244 * 10245 * 4.9.1 Logical unit numbers overview 10246 * 10247 * All logical unit number formats described in this standard are 10248 * hierarchical in structure even when only a single level in that 10249 * hierarchy is used. The HISUP bit shall be set to one in the 10250 * standard INQUIRY data (see SPC-2) when any logical unit number 10251 * format described in this standard is used. Non-hierarchical 10252 * formats are outside the scope of this standard. 10253 * 10254 * Therefore we set the HiSup bit here. 10255 * 10256 * The reponse format is 2, per SPC-3. 10257 */ 10258 inq_ptr->response_format = SID_HiSup | 2; 10259 10260 inq_ptr->additional_length = sizeof(*inq_ptr) - 4; 10261 CTL_DEBUG_PRINT(("additional_length = %d\n", 10262 inq_ptr->additional_length)); 10263 10264 inq_ptr->spc3_flags = SPC3_SID_TPGS_IMPLICIT; 10265 /* 16 bit addressing */ 10266 if (is_fc == 0) 10267 inq_ptr->spc2_flags = SPC2_SID_ADDR16; 10268 /* XXX set the SID_MultiP bit here if we're actually going to 10269 respond on multiple ports */ 10270 inq_ptr->spc2_flags |= SPC2_SID_MultiP; 10271 10272 /* 16 bit data bus, synchronous transfers */ 10273 /* XXX these flags don't apply for FC */ 10274 if (is_fc == 0) 10275 inq_ptr->flags = SID_WBus16 | SID_Sync; 10276 /* 10277 * XXX KDM do we want to support tagged queueing on the control 10278 * device at all? 10279 */ 10280 if ((lun == NULL) 10281 || (lun->be_lun->lun_type != T_PROCESSOR)) 10282 inq_ptr->flags |= SID_CmdQue; 10283 /* 10284 * Per SPC-3, unused bytes in ASCII strings are filled with spaces. 10285 * We have 8 bytes for the vendor name, and 16 bytes for the device 10286 * name and 4 bytes for the revision. 10287 */ 10288 if (lun == NULL || (val = ctl_get_opt(&lun->be_lun->options, 10289 "vendor")) == NULL) { 10290 strcpy(inq_ptr->vendor, CTL_VENDOR); 10291 } else { 10292 memset(inq_ptr->vendor, ' ', sizeof(inq_ptr->vendor)); 10293 strncpy(inq_ptr->vendor, val, 10294 min(sizeof(inq_ptr->vendor), strlen(val))); 10295 } 10296 if (lun == NULL) { 10297 strcpy(inq_ptr->product, CTL_DIRECT_PRODUCT); 10298 } else if ((val = ctl_get_opt(&lun->be_lun->options, "product")) == NULL) { 10299 switch (lun->be_lun->lun_type) { 10300 case T_DIRECT: 10301 strcpy(inq_ptr->product, CTL_DIRECT_PRODUCT); 10302 break; 10303 case T_PROCESSOR: 10304 strcpy(inq_ptr->product, CTL_PROCESSOR_PRODUCT); 10305 break; 10306 default: 10307 strcpy(inq_ptr->product, CTL_UNKNOWN_PRODUCT); 10308 break; 10309 } 10310 } else { 10311 memset(inq_ptr->product, ' ', sizeof(inq_ptr->product)); 10312 strncpy(inq_ptr->product, val, 10313 min(sizeof(inq_ptr->product), strlen(val))); 10314 } 10315 10316 /* 10317 * XXX make this a macro somewhere so it automatically gets 10318 * incremented when we make changes. 10319 */ 10320 if (lun == NULL || (val = ctl_get_opt(&lun->be_lun->options, 10321 "revision")) == NULL) { 10322 strncpy(inq_ptr->revision, "0001", sizeof(inq_ptr->revision)); 10323 } else { 10324 memset(inq_ptr->revision, ' ', sizeof(inq_ptr->revision)); 10325 strncpy(inq_ptr->revision, val, 10326 min(sizeof(inq_ptr->revision), strlen(val))); 10327 } 10328 10329 /* 10330 * For parallel SCSI, we support double transition and single 10331 * transition clocking. We also support QAS (Quick Arbitration 10332 * and Selection) and Information Unit transfers on both the 10333 * control and array devices. 10334 */ 10335 if (is_fc == 0) 10336 inq_ptr->spi3data = SID_SPI_CLOCK_DT_ST | SID_SPI_QAS | 10337 SID_SPI_IUS; 10338 10339 /* SAM-3 */ 10340 scsi_ulto2b(0x0060, inq_ptr->version1); 10341 /* SPC-3 (no version claimed) XXX should we claim a version? */ 10342 scsi_ulto2b(0x0300, inq_ptr->version2); 10343 if (is_fc) { 10344 /* FCP-2 ANSI INCITS.350:2003 */ 10345 scsi_ulto2b(0x0917, inq_ptr->version3); 10346 } else { 10347 /* SPI-4 ANSI INCITS.362:200x */ 10348 scsi_ulto2b(0x0B56, inq_ptr->version3); 10349 } 10350 10351 if (lun == NULL) { 10352 /* SBC-2 (no version claimed) XXX should we claim a version? */ 10353 scsi_ulto2b(0x0320, inq_ptr->version4); 10354 } else { 10355 switch (lun->be_lun->lun_type) { 10356 case T_DIRECT: 10357 /* 10358 * SBC-2 (no version claimed) XXX should we claim a 10359 * version? 10360 */ 10361 scsi_ulto2b(0x0320, inq_ptr->version4); 10362 break; 10363 case T_PROCESSOR: 10364 default: 10365 break; 10366 } 10367 } 10368 10369 ctsio->scsi_status = SCSI_STATUS_OK; 10370 if (ctsio->kern_data_len > 0) { 10371 ctsio->io_hdr.flags |= CTL_FLAG_ALLOCATED; 10372 ctsio->be_move_done = ctl_config_move_done; 10373 ctl_datamove((union ctl_io *)ctsio); 10374 } else { 10375 ctsio->io_hdr.status = CTL_SUCCESS; 10376 ctl_done((union ctl_io *)ctsio); 10377 } 10378 10379 return (CTL_RETVAL_COMPLETE); 10380} 10381 10382int 10383ctl_inquiry(struct ctl_scsiio *ctsio) 10384{ 10385 struct scsi_inquiry *cdb; 10386 int retval; 10387 10388 cdb = (struct scsi_inquiry *)ctsio->cdb; 10389 10390 retval = 0; 10391 10392 CTL_DEBUG_PRINT(("ctl_inquiry\n")); 10393 10394 /* 10395 * Right now, we don't support the CmdDt inquiry information. 10396 * This would be nice to support in the future. When we do 10397 * support it, we should change this test so that it checks to make 10398 * sure SI_EVPD and SI_CMDDT aren't both set at the same time. 10399 */ 10400#ifdef notyet 10401 if (((cdb->byte2 & SI_EVPD) 10402 && (cdb->byte2 & SI_CMDDT))) 10403#endif 10404 if (cdb->byte2 & SI_CMDDT) { 10405 /* 10406 * Point to the SI_CMDDT bit. We might change this 10407 * when we support SI_CMDDT, but since both bits would be 10408 * "wrong", this should probably just stay as-is then. 10409 */ 10410 ctl_set_invalid_field(ctsio, 10411 /*sks_valid*/ 1, 10412 /*command*/ 1, 10413 /*field*/ 1, 10414 /*bit_valid*/ 1, 10415 /*bit*/ 1); 10416 ctl_done((union ctl_io *)ctsio); 10417 return (CTL_RETVAL_COMPLETE); 10418 } 10419 if (cdb->byte2 & SI_EVPD) 10420 retval = ctl_inquiry_evpd(ctsio); 10421#ifdef notyet 10422 else if (cdb->byte2 & SI_CMDDT) 10423 retval = ctl_inquiry_cmddt(ctsio); 10424#endif 10425 else 10426 retval = ctl_inquiry_std(ctsio); 10427 10428 return (retval); 10429} 10430 10431/* 10432 * For known CDB types, parse the LBA and length. 10433 */ 10434static int 10435ctl_get_lba_len(union ctl_io *io, uint64_t *lba, uint32_t *len) 10436{ 10437 if (io->io_hdr.io_type != CTL_IO_SCSI) 10438 return (1); 10439 10440 switch (io->scsiio.cdb[0]) { 10441 case COMPARE_AND_WRITE: { 10442 struct scsi_compare_and_write *cdb; 10443 10444 cdb = (struct scsi_compare_and_write *)io->scsiio.cdb; 10445 10446 *lba = scsi_8btou64(cdb->addr); 10447 *len = cdb->length; 10448 break; 10449 } 10450 case READ_6: 10451 case WRITE_6: { 10452 struct scsi_rw_6 *cdb; 10453 10454 cdb = (struct scsi_rw_6 *)io->scsiio.cdb; 10455 10456 *lba = scsi_3btoul(cdb->addr); 10457 /* only 5 bits are valid in the most significant address byte */ 10458 *lba &= 0x1fffff; 10459 *len = cdb->length; 10460 break; 10461 } 10462 case READ_10: 10463 case WRITE_10: { 10464 struct scsi_rw_10 *cdb; 10465 10466 cdb = (struct scsi_rw_10 *)io->scsiio.cdb; 10467 10468 *lba = scsi_4btoul(cdb->addr); 10469 *len = scsi_2btoul(cdb->length); 10470 break; 10471 } 10472 case WRITE_VERIFY_10: { 10473 struct scsi_write_verify_10 *cdb; 10474 10475 cdb = (struct scsi_write_verify_10 *)io->scsiio.cdb; 10476 10477 *lba = scsi_4btoul(cdb->addr); 10478 *len = scsi_2btoul(cdb->length); 10479 break; 10480 } 10481 case READ_12: 10482 case WRITE_12: { 10483 struct scsi_rw_12 *cdb; 10484 10485 cdb = (struct scsi_rw_12 *)io->scsiio.cdb; 10486 10487 *lba = scsi_4btoul(cdb->addr); 10488 *len = scsi_4btoul(cdb->length); 10489 break; 10490 } 10491 case WRITE_VERIFY_12: { 10492 struct scsi_write_verify_12 *cdb; 10493 10494 cdb = (struct scsi_write_verify_12 *)io->scsiio.cdb; 10495 10496 *lba = scsi_4btoul(cdb->addr); 10497 *len = scsi_4btoul(cdb->length); 10498 break; 10499 } 10500 case READ_16: 10501 case WRITE_16: { 10502 struct scsi_rw_16 *cdb; 10503 10504 cdb = (struct scsi_rw_16 *)io->scsiio.cdb; 10505 10506 *lba = scsi_8btou64(cdb->addr); 10507 *len = scsi_4btoul(cdb->length); 10508 break; 10509 } 10510 case WRITE_VERIFY_16: { 10511 struct scsi_write_verify_16 *cdb; 10512 10513 cdb = (struct scsi_write_verify_16 *)io->scsiio.cdb; 10514 10515 10516 *lba = scsi_8btou64(cdb->addr); 10517 *len = scsi_4btoul(cdb->length); 10518 break; 10519 } 10520 case WRITE_SAME_10: { 10521 struct scsi_write_same_10 *cdb; 10522 10523 cdb = (struct scsi_write_same_10 *)io->scsiio.cdb; 10524 10525 *lba = scsi_4btoul(cdb->addr); 10526 *len = scsi_2btoul(cdb->length); 10527 break; 10528 } 10529 case WRITE_SAME_16: { 10530 struct scsi_write_same_16 *cdb; 10531 10532 cdb = (struct scsi_write_same_16 *)io->scsiio.cdb; 10533 10534 *lba = scsi_8btou64(cdb->addr); 10535 *len = scsi_4btoul(cdb->length); 10536 break; 10537 } 10538 case VERIFY_10: { 10539 struct scsi_verify_10 *cdb; 10540 10541 cdb = (struct scsi_verify_10 *)io->scsiio.cdb; 10542 10543 *lba = scsi_4btoul(cdb->addr); 10544 *len = scsi_2btoul(cdb->length); 10545 break; 10546 } 10547 case VERIFY_12: { 10548 struct scsi_verify_12 *cdb; 10549 10550 cdb = (struct scsi_verify_12 *)io->scsiio.cdb; 10551 10552 *lba = scsi_4btoul(cdb->addr); 10553 *len = scsi_4btoul(cdb->length); 10554 break; 10555 } 10556 case VERIFY_16: { 10557 struct scsi_verify_16 *cdb; 10558 10559 cdb = (struct scsi_verify_16 *)io->scsiio.cdb; 10560 10561 *lba = scsi_8btou64(cdb->addr); 10562 *len = scsi_4btoul(cdb->length); 10563 break; 10564 } 10565 default: 10566 return (1); 10567 break; /* NOTREACHED */ 10568 } 10569 10570 return (0); 10571} 10572 10573static ctl_action 10574ctl_extent_check_lba(uint64_t lba1, uint32_t len1, uint64_t lba2, uint32_t len2) 10575{ 10576 uint64_t endlba1, endlba2; 10577 10578 endlba1 = lba1 + len1 - 1; 10579 endlba2 = lba2 + len2 - 1; 10580 10581 if ((endlba1 < lba2) 10582 || (endlba2 < lba1)) 10583 return (CTL_ACTION_PASS); 10584 else 10585 return (CTL_ACTION_BLOCK); 10586} 10587 10588static ctl_action 10589ctl_extent_check(union ctl_io *io1, union ctl_io *io2) 10590{ 10591 uint64_t lba1, lba2; 10592 uint32_t len1, len2; 10593 int retval; 10594 10595 retval = ctl_get_lba_len(io1, &lba1, &len1); 10596 if (retval != 0) 10597 return (CTL_ACTION_ERROR); 10598 10599 retval = ctl_get_lba_len(io2, &lba2, &len2); 10600 if (retval != 0) 10601 return (CTL_ACTION_ERROR); 10602 10603 return (ctl_extent_check_lba(lba1, len1, lba2, len2)); 10604} 10605 10606static ctl_action 10607ctl_check_for_blockage(union ctl_io *pending_io, union ctl_io *ooa_io) 10608{ 10609 const struct ctl_cmd_entry *pending_entry, *ooa_entry; 10610 ctl_serialize_action *serialize_row; 10611 10612 /* 10613 * The initiator attempted multiple untagged commands at the same 10614 * time. Can't do that. 10615 */ 10616 if ((pending_io->scsiio.tag_type == CTL_TAG_UNTAGGED) 10617 && (ooa_io->scsiio.tag_type == CTL_TAG_UNTAGGED) 10618 && ((pending_io->io_hdr.nexus.targ_port == 10619 ooa_io->io_hdr.nexus.targ_port) 10620 && (pending_io->io_hdr.nexus.initid.id == 10621 ooa_io->io_hdr.nexus.initid.id)) 10622 && ((ooa_io->io_hdr.flags & CTL_FLAG_ABORT) == 0)) 10623 return (CTL_ACTION_OVERLAP); 10624 10625 /* 10626 * The initiator attempted to send multiple tagged commands with 10627 * the same ID. (It's fine if different initiators have the same 10628 * tag ID.) 10629 * 10630 * Even if all of those conditions are true, we don't kill the I/O 10631 * if the command ahead of us has been aborted. We won't end up 10632 * sending it to the FETD, and it's perfectly legal to resend a 10633 * command with the same tag number as long as the previous 10634 * instance of this tag number has been aborted somehow. 10635 */ 10636 if ((pending_io->scsiio.tag_type != CTL_TAG_UNTAGGED) 10637 && (ooa_io->scsiio.tag_type != CTL_TAG_UNTAGGED) 10638 && (pending_io->scsiio.tag_num == ooa_io->scsiio.tag_num) 10639 && ((pending_io->io_hdr.nexus.targ_port == 10640 ooa_io->io_hdr.nexus.targ_port) 10641 && (pending_io->io_hdr.nexus.initid.id == 10642 ooa_io->io_hdr.nexus.initid.id)) 10643 && ((ooa_io->io_hdr.flags & CTL_FLAG_ABORT) == 0)) 10644 return (CTL_ACTION_OVERLAP_TAG); 10645 10646 /* 10647 * If we get a head of queue tag, SAM-3 says that we should 10648 * immediately execute it. 10649 * 10650 * What happens if this command would normally block for some other 10651 * reason? e.g. a request sense with a head of queue tag 10652 * immediately after a write. Normally that would block, but this 10653 * will result in its getting executed immediately... 10654 * 10655 * We currently return "pass" instead of "skip", so we'll end up 10656 * going through the rest of the queue to check for overlapped tags. 10657 * 10658 * XXX KDM check for other types of blockage first?? 10659 */ 10660 if (pending_io->scsiio.tag_type == CTL_TAG_HEAD_OF_QUEUE) 10661 return (CTL_ACTION_PASS); 10662 10663 /* 10664 * Ordered tags have to block until all items ahead of them 10665 * have completed. If we get called with an ordered tag, we always 10666 * block, if something else is ahead of us in the queue. 10667 */ 10668 if (pending_io->scsiio.tag_type == CTL_TAG_ORDERED) 10669 return (CTL_ACTION_BLOCK); 10670 10671 /* 10672 * Simple tags get blocked until all head of queue and ordered tags 10673 * ahead of them have completed. I'm lumping untagged commands in 10674 * with simple tags here. XXX KDM is that the right thing to do? 10675 */ 10676 if (((pending_io->scsiio.tag_type == CTL_TAG_UNTAGGED) 10677 || (pending_io->scsiio.tag_type == CTL_TAG_SIMPLE)) 10678 && ((ooa_io->scsiio.tag_type == CTL_TAG_HEAD_OF_QUEUE) 10679 || (ooa_io->scsiio.tag_type == CTL_TAG_ORDERED))) 10680 return (CTL_ACTION_BLOCK); 10681 10682 pending_entry = ctl_get_cmd_entry(&pending_io->scsiio); 10683 ooa_entry = ctl_get_cmd_entry(&ooa_io->scsiio); 10684 10685 serialize_row = ctl_serialize_table[ooa_entry->seridx]; 10686 10687 switch (serialize_row[pending_entry->seridx]) { 10688 case CTL_SER_BLOCK: 10689 return (CTL_ACTION_BLOCK); 10690 break; /* NOTREACHED */ 10691 case CTL_SER_EXTENT: 10692 return (ctl_extent_check(pending_io, ooa_io)); 10693 break; /* NOTREACHED */ 10694 case CTL_SER_PASS: 10695 return (CTL_ACTION_PASS); 10696 break; /* NOTREACHED */ 10697 case CTL_SER_SKIP: 10698 return (CTL_ACTION_SKIP); 10699 break; 10700 default: 10701 panic("invalid serialization value %d", 10702 serialize_row[pending_entry->seridx]); 10703 break; /* NOTREACHED */ 10704 } 10705 10706 return (CTL_ACTION_ERROR); 10707} 10708 10709/* 10710 * Check for blockage or overlaps against the OOA (Order Of Arrival) queue. 10711 * Assumptions: 10712 * - pending_io is generally either incoming, or on the blocked queue 10713 * - starting I/O is the I/O we want to start the check with. 10714 */ 10715static ctl_action 10716ctl_check_ooa(struct ctl_lun *lun, union ctl_io *pending_io, 10717 union ctl_io *starting_io) 10718{ 10719 union ctl_io *ooa_io; 10720 ctl_action action; 10721 10722 mtx_assert(&lun->lun_lock, MA_OWNED); 10723 10724 /* 10725 * Run back along the OOA queue, starting with the current 10726 * blocked I/O and going through every I/O before it on the 10727 * queue. If starting_io is NULL, we'll just end up returning 10728 * CTL_ACTION_PASS. 10729 */ 10730 for (ooa_io = starting_io; ooa_io != NULL; 10731 ooa_io = (union ctl_io *)TAILQ_PREV(&ooa_io->io_hdr, ctl_ooaq, 10732 ooa_links)){ 10733 10734 /* 10735 * This routine just checks to see whether 10736 * cur_blocked is blocked by ooa_io, which is ahead 10737 * of it in the queue. It doesn't queue/dequeue 10738 * cur_blocked. 10739 */ 10740 action = ctl_check_for_blockage(pending_io, ooa_io); 10741 switch (action) { 10742 case CTL_ACTION_BLOCK: 10743 case CTL_ACTION_OVERLAP: 10744 case CTL_ACTION_OVERLAP_TAG: 10745 case CTL_ACTION_SKIP: 10746 case CTL_ACTION_ERROR: 10747 return (action); 10748 break; /* NOTREACHED */ 10749 case CTL_ACTION_PASS: 10750 break; 10751 default: 10752 panic("invalid action %d", action); 10753 break; /* NOTREACHED */ 10754 } 10755 } 10756 10757 return (CTL_ACTION_PASS); 10758} 10759 10760/* 10761 * Assumptions: 10762 * - An I/O has just completed, and has been removed from the per-LUN OOA 10763 * queue, so some items on the blocked queue may now be unblocked. 10764 */ 10765static int 10766ctl_check_blocked(struct ctl_lun *lun) 10767{ 10768 union ctl_io *cur_blocked, *next_blocked; 10769 10770 mtx_assert(&lun->lun_lock, MA_OWNED); 10771 10772 /* 10773 * Run forward from the head of the blocked queue, checking each 10774 * entry against the I/Os prior to it on the OOA queue to see if 10775 * there is still any blockage. 10776 * 10777 * We cannot use the TAILQ_FOREACH() macro, because it can't deal 10778 * with our removing a variable on it while it is traversing the 10779 * list. 10780 */ 10781 for (cur_blocked = (union ctl_io *)TAILQ_FIRST(&lun->blocked_queue); 10782 cur_blocked != NULL; cur_blocked = next_blocked) { 10783 union ctl_io *prev_ooa; 10784 ctl_action action; 10785 10786 next_blocked = (union ctl_io *)TAILQ_NEXT(&cur_blocked->io_hdr, 10787 blocked_links); 10788 10789 prev_ooa = (union ctl_io *)TAILQ_PREV(&cur_blocked->io_hdr, 10790 ctl_ooaq, ooa_links); 10791 10792 /* 10793 * If cur_blocked happens to be the first item in the OOA 10794 * queue now, prev_ooa will be NULL, and the action 10795 * returned will just be CTL_ACTION_PASS. 10796 */ 10797 action = ctl_check_ooa(lun, cur_blocked, prev_ooa); 10798 10799 switch (action) { 10800 case CTL_ACTION_BLOCK: 10801 /* Nothing to do here, still blocked */ 10802 break; 10803 case CTL_ACTION_OVERLAP: 10804 case CTL_ACTION_OVERLAP_TAG: 10805 /* 10806 * This shouldn't happen! In theory we've already 10807 * checked this command for overlap... 10808 */ 10809 break; 10810 case CTL_ACTION_PASS: 10811 case CTL_ACTION_SKIP: { 10812 struct ctl_softc *softc; 10813 const struct ctl_cmd_entry *entry; 10814 uint32_t initidx; 10815 int isc_retval; 10816 10817 /* 10818 * The skip case shouldn't happen, this transaction 10819 * should have never made it onto the blocked queue. 10820 */ 10821 /* 10822 * This I/O is no longer blocked, we can remove it 10823 * from the blocked queue. Since this is a TAILQ 10824 * (doubly linked list), we can do O(1) removals 10825 * from any place on the list. 10826 */ 10827 TAILQ_REMOVE(&lun->blocked_queue, &cur_blocked->io_hdr, 10828 blocked_links); 10829 cur_blocked->io_hdr.flags &= ~CTL_FLAG_BLOCKED; 10830 10831 if (cur_blocked->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC){ 10832 /* 10833 * Need to send IO back to original side to 10834 * run 10835 */ 10836 union ctl_ha_msg msg_info; 10837 10838 msg_info.hdr.original_sc = 10839 cur_blocked->io_hdr.original_sc; 10840 msg_info.hdr.serializing_sc = cur_blocked; 10841 msg_info.hdr.msg_type = CTL_MSG_R2R; 10842 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL, 10843 &msg_info, sizeof(msg_info), 0)) > 10844 CTL_HA_STATUS_SUCCESS) { 10845 printf("CTL:Check Blocked error from " 10846 "ctl_ha_msg_send %d\n", 10847 isc_retval); 10848 } 10849 break; 10850 } 10851 entry = ctl_get_cmd_entry(&cur_blocked->scsiio); 10852 softc = control_softc; 10853 10854 initidx = ctl_get_initindex(&cur_blocked->io_hdr.nexus); 10855 10856 /* 10857 * Check this I/O for LUN state changes that may 10858 * have happened while this command was blocked. 10859 * The LUN state may have been changed by a command 10860 * ahead of us in the queue, so we need to re-check 10861 * for any states that can be caused by SCSI 10862 * commands. 10863 */ 10864 if (ctl_scsiio_lun_check(softc, lun, entry, 10865 &cur_blocked->scsiio) == 0) { 10866 cur_blocked->io_hdr.flags |= 10867 CTL_FLAG_IS_WAS_ON_RTR; 10868 ctl_enqueue_rtr(cur_blocked); 10869 } else 10870 ctl_done(cur_blocked); 10871 break; 10872 } 10873 default: 10874 /* 10875 * This probably shouldn't happen -- we shouldn't 10876 * get CTL_ACTION_ERROR, or anything else. 10877 */ 10878 break; 10879 } 10880 } 10881 10882 return (CTL_RETVAL_COMPLETE); 10883} 10884 10885/* 10886 * This routine (with one exception) checks LUN flags that can be set by 10887 * commands ahead of us in the OOA queue. These flags have to be checked 10888 * when a command initially comes in, and when we pull a command off the 10889 * blocked queue and are preparing to execute it. The reason we have to 10890 * check these flags for commands on the blocked queue is that the LUN 10891 * state may have been changed by a command ahead of us while we're on the 10892 * blocked queue. 10893 * 10894 * Ordering is somewhat important with these checks, so please pay 10895 * careful attention to the placement of any new checks. 10896 */ 10897static int 10898ctl_scsiio_lun_check(struct ctl_softc *ctl_softc, struct ctl_lun *lun, 10899 const struct ctl_cmd_entry *entry, struct ctl_scsiio *ctsio) 10900{ 10901 int retval; 10902 10903 retval = 0; 10904 10905 mtx_assert(&lun->lun_lock, MA_OWNED); 10906 10907 /* 10908 * If this shelf is a secondary shelf controller, we have to reject 10909 * any media access commands. 10910 */ 10911#if 0 10912 /* No longer needed for HA */ 10913 if (((ctl_softc->flags & CTL_FLAG_MASTER_SHELF) == 0) 10914 && ((entry->flags & CTL_CMD_FLAG_OK_ON_SECONDARY) == 0)) { 10915 ctl_set_lun_standby(ctsio); 10916 retval = 1; 10917 goto bailout; 10918 } 10919#endif 10920 10921 /* 10922 * Check for a reservation conflict. If this command isn't allowed 10923 * even on reserved LUNs, and if this initiator isn't the one who 10924 * reserved us, reject the command with a reservation conflict. 10925 */ 10926 if ((lun->flags & CTL_LUN_RESERVED) 10927 && ((entry->flags & CTL_CMD_FLAG_ALLOW_ON_RESV) == 0)) { 10928 if ((ctsio->io_hdr.nexus.initid.id != lun->rsv_nexus.initid.id) 10929 || (ctsio->io_hdr.nexus.targ_port != lun->rsv_nexus.targ_port) 10930 || (ctsio->io_hdr.nexus.targ_target.id != 10931 lun->rsv_nexus.targ_target.id)) { 10932 ctsio->scsi_status = SCSI_STATUS_RESERV_CONFLICT; 10933 ctsio->io_hdr.status = CTL_SCSI_ERROR; 10934 retval = 1; 10935 goto bailout; 10936 } 10937 } 10938 10939 if ( (lun->flags & CTL_LUN_PR_RESERVED) 10940 && ((entry->flags & CTL_CMD_FLAG_ALLOW_ON_PR_RESV) == 0)) { 10941 uint32_t residx; 10942 10943 residx = ctl_get_resindex(&ctsio->io_hdr.nexus); 10944 /* 10945 * if we aren't registered or it's a res holder type 10946 * reservation and this isn't the res holder then set a 10947 * conflict. 10948 * NOTE: Commands which might be allowed on write exclusive 10949 * type reservations are checked in the particular command 10950 * for a conflict. Read and SSU are the only ones. 10951 */ 10952 if (!lun->per_res[residx].registered 10953 || (residx != lun->pr_res_idx && lun->res_type < 4)) { 10954 ctsio->scsi_status = SCSI_STATUS_RESERV_CONFLICT; 10955 ctsio->io_hdr.status = CTL_SCSI_ERROR; 10956 retval = 1; 10957 goto bailout; 10958 } 10959 10960 } 10961 10962 if ((lun->flags & CTL_LUN_OFFLINE) 10963 && ((entry->flags & CTL_CMD_FLAG_OK_ON_OFFLINE) == 0)) { 10964 ctl_set_lun_not_ready(ctsio); 10965 retval = 1; 10966 goto bailout; 10967 } 10968 10969 /* 10970 * If the LUN is stopped, see if this particular command is allowed 10971 * for a stopped lun. Otherwise, reject it with 0x04,0x02. 10972 */ 10973 if ((lun->flags & CTL_LUN_STOPPED) 10974 && ((entry->flags & CTL_CMD_FLAG_OK_ON_STOPPED) == 0)) { 10975 /* "Logical unit not ready, initializing cmd. required" */ 10976 ctl_set_lun_stopped(ctsio); 10977 retval = 1; 10978 goto bailout; 10979 } 10980 10981 if ((lun->flags & CTL_LUN_INOPERABLE) 10982 && ((entry->flags & CTL_CMD_FLAG_OK_ON_INOPERABLE) == 0)) { 10983 /* "Medium format corrupted" */ 10984 ctl_set_medium_format_corrupted(ctsio); 10985 retval = 1; 10986 goto bailout; 10987 } 10988 10989bailout: 10990 return (retval); 10991 10992} 10993 10994static void 10995ctl_failover_io(union ctl_io *io, int have_lock) 10996{ 10997 ctl_set_busy(&io->scsiio); 10998 ctl_done(io); 10999} 11000 11001static void 11002ctl_failover(void) 11003{ 11004 struct ctl_lun *lun; 11005 struct ctl_softc *ctl_softc; 11006 union ctl_io *next_io, *pending_io; 11007 union ctl_io *io; 11008 int lun_idx; 11009 int i; 11010 11011 ctl_softc = control_softc; 11012 11013 mtx_lock(&ctl_softc->ctl_lock); 11014 /* 11015 * Remove any cmds from the other SC from the rtr queue. These 11016 * will obviously only be for LUNs for which we're the primary. 11017 * We can't send status or get/send data for these commands. 11018 * Since they haven't been executed yet, we can just remove them. 11019 * We'll either abort them or delete them below, depending on 11020 * which HA mode we're in. 11021 */ 11022#ifdef notyet 11023 mtx_lock(&ctl_softc->queue_lock); 11024 for (io = (union ctl_io *)STAILQ_FIRST(&ctl_softc->rtr_queue); 11025 io != NULL; io = next_io) { 11026 next_io = (union ctl_io *)STAILQ_NEXT(&io->io_hdr, links); 11027 if (io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC) 11028 STAILQ_REMOVE(&ctl_softc->rtr_queue, &io->io_hdr, 11029 ctl_io_hdr, links); 11030 } 11031 mtx_unlock(&ctl_softc->queue_lock); 11032#endif 11033 11034 for (lun_idx=0; lun_idx < ctl_softc->num_luns; lun_idx++) { 11035 lun = ctl_softc->ctl_luns[lun_idx]; 11036 if (lun==NULL) 11037 continue; 11038 11039 /* 11040 * Processor LUNs are primary on both sides. 11041 * XXX will this always be true? 11042 */ 11043 if (lun->be_lun->lun_type == T_PROCESSOR) 11044 continue; 11045 11046 if ((lun->flags & CTL_LUN_PRIMARY_SC) 11047 && (ctl_softc->ha_mode == CTL_HA_MODE_SER_ONLY)) { 11048 printf("FAILOVER: primary lun %d\n", lun_idx); 11049 /* 11050 * Remove all commands from the other SC. First from the 11051 * blocked queue then from the ooa queue. Once we have 11052 * removed them. Call ctl_check_blocked to see if there 11053 * is anything that can run. 11054 */ 11055 for (io = (union ctl_io *)TAILQ_FIRST( 11056 &lun->blocked_queue); io != NULL; io = next_io) { 11057 11058 next_io = (union ctl_io *)TAILQ_NEXT( 11059 &io->io_hdr, blocked_links); 11060 11061 if (io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC) { 11062 TAILQ_REMOVE(&lun->blocked_queue, 11063 &io->io_hdr,blocked_links); 11064 io->io_hdr.flags &= ~CTL_FLAG_BLOCKED; 11065 TAILQ_REMOVE(&lun->ooa_queue, 11066 &io->io_hdr, ooa_links); 11067 11068 ctl_free_io(io); 11069 } 11070 } 11071 11072 for (io = (union ctl_io *)TAILQ_FIRST(&lun->ooa_queue); 11073 io != NULL; io = next_io) { 11074 11075 next_io = (union ctl_io *)TAILQ_NEXT( 11076 &io->io_hdr, ooa_links); 11077 11078 if (io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC) { 11079 11080 TAILQ_REMOVE(&lun->ooa_queue, 11081 &io->io_hdr, 11082 ooa_links); 11083 11084 ctl_free_io(io); 11085 } 11086 } 11087 ctl_check_blocked(lun); 11088 } else if ((lun->flags & CTL_LUN_PRIMARY_SC) 11089 && (ctl_softc->ha_mode == CTL_HA_MODE_XFER)) { 11090 11091 printf("FAILOVER: primary lun %d\n", lun_idx); 11092 /* 11093 * Abort all commands from the other SC. We can't 11094 * send status back for them now. These should get 11095 * cleaned up when they are completed or come out 11096 * for a datamove operation. 11097 */ 11098 for (io = (union ctl_io *)TAILQ_FIRST(&lun->ooa_queue); 11099 io != NULL; io = next_io) { 11100 next_io = (union ctl_io *)TAILQ_NEXT( 11101 &io->io_hdr, ooa_links); 11102 11103 if (io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC) 11104 io->io_hdr.flags |= CTL_FLAG_ABORT; 11105 } 11106 } else if (((lun->flags & CTL_LUN_PRIMARY_SC) == 0) 11107 && (ctl_softc->ha_mode == CTL_HA_MODE_XFER)) { 11108 11109 printf("FAILOVER: secondary lun %d\n", lun_idx); 11110 11111 lun->flags |= CTL_LUN_PRIMARY_SC; 11112 11113 /* 11114 * We send all I/O that was sent to this controller 11115 * and redirected to the other side back with 11116 * busy status, and have the initiator retry it. 11117 * Figuring out how much data has been transferred, 11118 * etc. and picking up where we left off would be 11119 * very tricky. 11120 * 11121 * XXX KDM need to remove I/O from the blocked 11122 * queue as well! 11123 */ 11124 for (pending_io = (union ctl_io *)TAILQ_FIRST( 11125 &lun->ooa_queue); pending_io != NULL; 11126 pending_io = next_io) { 11127 11128 next_io = (union ctl_io *)TAILQ_NEXT( 11129 &pending_io->io_hdr, ooa_links); 11130 11131 pending_io->io_hdr.flags &= 11132 ~CTL_FLAG_SENT_2OTHER_SC; 11133 11134 if (pending_io->io_hdr.flags & 11135 CTL_FLAG_IO_ACTIVE) { 11136 pending_io->io_hdr.flags |= 11137 CTL_FLAG_FAILOVER; 11138 } else { 11139 ctl_set_busy(&pending_io->scsiio); 11140 ctl_done(pending_io); 11141 } 11142 } 11143 11144 /* 11145 * Build Unit Attention 11146 */ 11147 for (i = 0; i < CTL_MAX_INITIATORS; i++) { 11148 lun->pending_sense[i].ua_pending |= 11149 CTL_UA_ASYM_ACC_CHANGE; 11150 } 11151 } else if (((lun->flags & CTL_LUN_PRIMARY_SC) == 0) 11152 && (ctl_softc->ha_mode == CTL_HA_MODE_SER_ONLY)) { 11153 printf("FAILOVER: secondary lun %d\n", lun_idx); 11154 /* 11155 * if the first io on the OOA is not on the RtR queue 11156 * add it. 11157 */ 11158 lun->flags |= CTL_LUN_PRIMARY_SC; 11159 11160 pending_io = (union ctl_io *)TAILQ_FIRST( 11161 &lun->ooa_queue); 11162 if (pending_io==NULL) { 11163 printf("Nothing on OOA queue\n"); 11164 continue; 11165 } 11166 11167 pending_io->io_hdr.flags &= ~CTL_FLAG_SENT_2OTHER_SC; 11168 if ((pending_io->io_hdr.flags & 11169 CTL_FLAG_IS_WAS_ON_RTR) == 0) { 11170 pending_io->io_hdr.flags |= 11171 CTL_FLAG_IS_WAS_ON_RTR; 11172 ctl_enqueue_rtr(pending_io); 11173 } 11174#if 0 11175 else 11176 { 11177 printf("Tag 0x%04x is running\n", 11178 pending_io->scsiio.tag_num); 11179 } 11180#endif 11181 11182 next_io = (union ctl_io *)TAILQ_NEXT( 11183 &pending_io->io_hdr, ooa_links); 11184 for (pending_io=next_io; pending_io != NULL; 11185 pending_io = next_io) { 11186 pending_io->io_hdr.flags &= 11187 ~CTL_FLAG_SENT_2OTHER_SC; 11188 next_io = (union ctl_io *)TAILQ_NEXT( 11189 &pending_io->io_hdr, ooa_links); 11190 if (pending_io->io_hdr.flags & 11191 CTL_FLAG_IS_WAS_ON_RTR) { 11192#if 0 11193 printf("Tag 0x%04x is running\n", 11194 pending_io->scsiio.tag_num); 11195#endif 11196 continue; 11197 } 11198 11199 switch (ctl_check_ooa(lun, pending_io, 11200 (union ctl_io *)TAILQ_PREV( 11201 &pending_io->io_hdr, ctl_ooaq, 11202 ooa_links))) { 11203 11204 case CTL_ACTION_BLOCK: 11205 TAILQ_INSERT_TAIL(&lun->blocked_queue, 11206 &pending_io->io_hdr, 11207 blocked_links); 11208 pending_io->io_hdr.flags |= 11209 CTL_FLAG_BLOCKED; 11210 break; 11211 case CTL_ACTION_PASS: 11212 case CTL_ACTION_SKIP: 11213 pending_io->io_hdr.flags |= 11214 CTL_FLAG_IS_WAS_ON_RTR; 11215 ctl_enqueue_rtr(pending_io); 11216 break; 11217 case CTL_ACTION_OVERLAP: 11218 ctl_set_overlapped_cmd( 11219 (struct ctl_scsiio *)pending_io); 11220 ctl_done(pending_io); 11221 break; 11222 case CTL_ACTION_OVERLAP_TAG: 11223 ctl_set_overlapped_tag( 11224 (struct ctl_scsiio *)pending_io, 11225 pending_io->scsiio.tag_num & 0xff); 11226 ctl_done(pending_io); 11227 break; 11228 case CTL_ACTION_ERROR: 11229 default: 11230 ctl_set_internal_failure( 11231 (struct ctl_scsiio *)pending_io, 11232 0, // sks_valid 11233 0); //retry count 11234 ctl_done(pending_io); 11235 break; 11236 } 11237 } 11238 11239 /* 11240 * Build Unit Attention 11241 */ 11242 for (i = 0; i < CTL_MAX_INITIATORS; i++) { 11243 lun->pending_sense[i].ua_pending |= 11244 CTL_UA_ASYM_ACC_CHANGE; 11245 } 11246 } else { 11247 panic("Unhandled HA mode failover, LUN flags = %#x, " 11248 "ha_mode = #%x", lun->flags, ctl_softc->ha_mode); 11249 } 11250 } 11251 ctl_pause_rtr = 0; 11252 mtx_unlock(&ctl_softc->ctl_lock); 11253} 11254 11255static int 11256ctl_scsiio_precheck(struct ctl_softc *ctl_softc, struct ctl_scsiio *ctsio) 11257{ 11258 struct ctl_lun *lun; 11259 const struct ctl_cmd_entry *entry; 11260 uint32_t initidx, targ_lun; 11261 int retval; 11262 11263 retval = 0; 11264 11265 lun = NULL; 11266 11267 targ_lun = ctsio->io_hdr.nexus.targ_mapped_lun; 11268 if ((targ_lun < CTL_MAX_LUNS) 11269 && (ctl_softc->ctl_luns[targ_lun] != NULL)) { 11270 lun = ctl_softc->ctl_luns[targ_lun]; 11271 /* 11272 * If the LUN is invalid, pretend that it doesn't exist. 11273 * It will go away as soon as all pending I/O has been 11274 * completed. 11275 */ 11276 if (lun->flags & CTL_LUN_DISABLED) { 11277 lun = NULL; 11278 } else { 11279 ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr = lun; 11280 ctsio->io_hdr.ctl_private[CTL_PRIV_BACKEND_LUN].ptr = 11281 lun->be_lun; 11282 if (lun->be_lun->lun_type == T_PROCESSOR) { 11283 ctsio->io_hdr.flags |= CTL_FLAG_CONTROL_DEV; 11284 } 11285 11286 /* 11287 * Every I/O goes into the OOA queue for a 11288 * particular LUN, and stays there until completion. 11289 */ 11290 mtx_lock(&lun->lun_lock); 11291 TAILQ_INSERT_TAIL(&lun->ooa_queue, &ctsio->io_hdr, 11292 ooa_links); 11293 } 11294 } else { 11295 ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr = NULL; 11296 ctsio->io_hdr.ctl_private[CTL_PRIV_BACKEND_LUN].ptr = NULL; 11297 } 11298 11299 /* Get command entry and return error if it is unsuppotyed. */ 11300 entry = ctl_validate_command(ctsio); 11301 if (entry == NULL) { 11302 if (lun) 11303 mtx_unlock(&lun->lun_lock); 11304 return (retval); 11305 } 11306 11307 ctsio->io_hdr.flags &= ~CTL_FLAG_DATA_MASK; 11308 ctsio->io_hdr.flags |= entry->flags & CTL_FLAG_DATA_MASK; 11309 11310 /* 11311 * Check to see whether we can send this command to LUNs that don't 11312 * exist. This should pretty much only be the case for inquiry 11313 * and request sense. Further checks, below, really require having 11314 * a LUN, so we can't really check the command anymore. Just put 11315 * it on the rtr queue. 11316 */ 11317 if (lun == NULL) { 11318 if (entry->flags & CTL_CMD_FLAG_OK_ON_ALL_LUNS) { 11319 ctsio->io_hdr.flags |= CTL_FLAG_IS_WAS_ON_RTR; 11320 ctl_enqueue_rtr((union ctl_io *)ctsio); 11321 return (retval); 11322 } 11323 11324 ctl_set_unsupported_lun(ctsio); 11325 ctl_done((union ctl_io *)ctsio); 11326 CTL_DEBUG_PRINT(("ctl_scsiio_precheck: bailing out due to invalid LUN\n")); 11327 return (retval); 11328 } else { 11329 /* 11330 * Make sure we support this particular command on this LUN. 11331 * e.g., we don't support writes to the control LUN. 11332 */ 11333 if (!ctl_cmd_applicable(lun->be_lun->lun_type, entry)) { 11334 mtx_unlock(&lun->lun_lock); 11335 ctl_set_invalid_opcode(ctsio); 11336 ctl_done((union ctl_io *)ctsio); 11337 return (retval); 11338 } 11339 } 11340 11341 initidx = ctl_get_initindex(&ctsio->io_hdr.nexus); 11342 11343 /* 11344 * If we've got a request sense, it'll clear the contingent 11345 * allegiance condition. Otherwise, if we have a CA condition for 11346 * this initiator, clear it, because it sent down a command other 11347 * than request sense. 11348 */ 11349 if ((ctsio->cdb[0] != REQUEST_SENSE) 11350 && (ctl_is_set(lun->have_ca, initidx))) 11351 ctl_clear_mask(lun->have_ca, initidx); 11352 11353 /* 11354 * If the command has this flag set, it handles its own unit 11355 * attention reporting, we shouldn't do anything. Otherwise we 11356 * check for any pending unit attentions, and send them back to the 11357 * initiator. We only do this when a command initially comes in, 11358 * not when we pull it off the blocked queue. 11359 * 11360 * According to SAM-3, section 5.3.2, the order that things get 11361 * presented back to the host is basically unit attentions caused 11362 * by some sort of reset event, busy status, reservation conflicts 11363 * or task set full, and finally any other status. 11364 * 11365 * One issue here is that some of the unit attentions we report 11366 * don't fall into the "reset" category (e.g. "reported luns data 11367 * has changed"). So reporting it here, before the reservation 11368 * check, may be technically wrong. I guess the only thing to do 11369 * would be to check for and report the reset events here, and then 11370 * check for the other unit attention types after we check for a 11371 * reservation conflict. 11372 * 11373 * XXX KDM need to fix this 11374 */ 11375 if ((entry->flags & CTL_CMD_FLAG_NO_SENSE) == 0) { 11376 ctl_ua_type ua_type; 11377 11378 ua_type = lun->pending_sense[initidx].ua_pending; 11379 if (ua_type != CTL_UA_NONE) { 11380 scsi_sense_data_type sense_format; 11381 11382 if (lun != NULL) 11383 sense_format = (lun->flags & 11384 CTL_LUN_SENSE_DESC) ? SSD_TYPE_DESC : 11385 SSD_TYPE_FIXED; 11386 else 11387 sense_format = SSD_TYPE_FIXED; 11388 11389 ua_type = ctl_build_ua(ua_type, &ctsio->sense_data, 11390 sense_format); 11391 if (ua_type != CTL_UA_NONE) { 11392 ctsio->scsi_status = SCSI_STATUS_CHECK_COND; 11393 ctsio->io_hdr.status = CTL_SCSI_ERROR | 11394 CTL_AUTOSENSE; 11395 ctsio->sense_len = SSD_FULL_SIZE; 11396 lun->pending_sense[initidx].ua_pending &= 11397 ~ua_type; 11398 mtx_unlock(&lun->lun_lock); 11399 ctl_done((union ctl_io *)ctsio); 11400 return (retval); 11401 } 11402 } 11403 } 11404 11405 11406 if (ctl_scsiio_lun_check(ctl_softc, lun, entry, ctsio) != 0) { 11407 mtx_unlock(&lun->lun_lock); 11408 ctl_done((union ctl_io *)ctsio); 11409 return (retval); 11410 } 11411 11412 /* 11413 * XXX CHD this is where we want to send IO to other side if 11414 * this LUN is secondary on this SC. We will need to make a copy 11415 * of the IO and flag the IO on this side as SENT_2OTHER and the flag 11416 * the copy we send as FROM_OTHER. 11417 * We also need to stuff the address of the original IO so we can 11418 * find it easily. Something similar will need be done on the other 11419 * side so when we are done we can find the copy. 11420 */ 11421 if ((lun->flags & CTL_LUN_PRIMARY_SC) == 0) { 11422 union ctl_ha_msg msg_info; 11423 int isc_retval; 11424 11425 ctsio->io_hdr.flags |= CTL_FLAG_SENT_2OTHER_SC; 11426 11427 msg_info.hdr.msg_type = CTL_MSG_SERIALIZE; 11428 msg_info.hdr.original_sc = (union ctl_io *)ctsio; 11429#if 0 11430 printf("1. ctsio %p\n", ctsio); 11431#endif 11432 msg_info.hdr.serializing_sc = NULL; 11433 msg_info.hdr.nexus = ctsio->io_hdr.nexus; 11434 msg_info.scsi.tag_num = ctsio->tag_num; 11435 msg_info.scsi.tag_type = ctsio->tag_type; 11436 memcpy(msg_info.scsi.cdb, ctsio->cdb, CTL_MAX_CDBLEN); 11437 11438 ctsio->io_hdr.flags &= ~CTL_FLAG_IO_ACTIVE; 11439 11440 if ((isc_retval=ctl_ha_msg_send(CTL_HA_CHAN_CTL, 11441 (void *)&msg_info, sizeof(msg_info), 0)) > 11442 CTL_HA_STATUS_SUCCESS) { 11443 printf("CTL:precheck, ctl_ha_msg_send returned %d\n", 11444 isc_retval); 11445 printf("CTL:opcode is %x\n", ctsio->cdb[0]); 11446 } else { 11447#if 0 11448 printf("CTL:Precheck sent msg, opcode is %x\n",opcode); 11449#endif 11450 } 11451 11452 /* 11453 * XXX KDM this I/O is off the incoming queue, but hasn't 11454 * been inserted on any other queue. We may need to come 11455 * up with a holding queue while we wait for serialization 11456 * so that we have an idea of what we're waiting for from 11457 * the other side. 11458 */ 11459 mtx_unlock(&lun->lun_lock); 11460 return (retval); 11461 } 11462 11463 switch (ctl_check_ooa(lun, (union ctl_io *)ctsio, 11464 (union ctl_io *)TAILQ_PREV(&ctsio->io_hdr, 11465 ctl_ooaq, ooa_links))) { 11466 case CTL_ACTION_BLOCK: 11467 ctsio->io_hdr.flags |= CTL_FLAG_BLOCKED; 11468 TAILQ_INSERT_TAIL(&lun->blocked_queue, &ctsio->io_hdr, 11469 blocked_links); 11470 mtx_unlock(&lun->lun_lock); 11471 return (retval); 11472 case CTL_ACTION_PASS: 11473 case CTL_ACTION_SKIP: 11474 ctsio->io_hdr.flags |= CTL_FLAG_IS_WAS_ON_RTR; 11475 mtx_unlock(&lun->lun_lock); 11476 ctl_enqueue_rtr((union ctl_io *)ctsio); 11477 break; 11478 case CTL_ACTION_OVERLAP: 11479 mtx_unlock(&lun->lun_lock); 11480 ctl_set_overlapped_cmd(ctsio); 11481 ctl_done((union ctl_io *)ctsio); 11482 break; 11483 case CTL_ACTION_OVERLAP_TAG: 11484 mtx_unlock(&lun->lun_lock); 11485 ctl_set_overlapped_tag(ctsio, ctsio->tag_num & 0xff); 11486 ctl_done((union ctl_io *)ctsio); 11487 break; 11488 case CTL_ACTION_ERROR: 11489 default: 11490 mtx_unlock(&lun->lun_lock); 11491 ctl_set_internal_failure(ctsio, 11492 /*sks_valid*/ 0, 11493 /*retry_count*/ 0); 11494 ctl_done((union ctl_io *)ctsio); 11495 break; 11496 } 11497 return (retval); 11498} 11499 11500const struct ctl_cmd_entry * 11501ctl_get_cmd_entry(struct ctl_scsiio *ctsio) 11502{ 11503 const struct ctl_cmd_entry *entry; 11504 int service_action; 11505 11506 entry = &ctl_cmd_table[ctsio->cdb[0]]; 11507 if (entry->flags & CTL_CMD_FLAG_SA5) { 11508 service_action = ctsio->cdb[1] & SERVICE_ACTION_MASK; 11509 entry = &((const struct ctl_cmd_entry *) 11510 entry->execute)[service_action]; 11511 } 11512 return (entry); 11513} 11514 11515const struct ctl_cmd_entry * 11516ctl_validate_command(struct ctl_scsiio *ctsio) 11517{ 11518 const struct ctl_cmd_entry *entry; 11519 int i; 11520 uint8_t diff; 11521 11522 entry = ctl_get_cmd_entry(ctsio); 11523 if (entry->execute == NULL) { 11524 ctl_set_invalid_opcode(ctsio); 11525 ctl_done((union ctl_io *)ctsio); 11526 return (NULL); 11527 } 11528 KASSERT(entry->length > 0, 11529 ("Not defined length for command 0x%02x/0x%02x", 11530 ctsio->cdb[0], ctsio->cdb[1])); 11531 for (i = 1; i < entry->length; i++) { 11532 diff = ctsio->cdb[i] & ~entry->usage[i - 1]; 11533 if (diff == 0) 11534 continue; 11535 ctl_set_invalid_field(ctsio, 11536 /*sks_valid*/ 1, 11537 /*command*/ 1, 11538 /*field*/ i, 11539 /*bit_valid*/ 1, 11540 /*bit*/ fls(diff) - 1); 11541 ctl_done((union ctl_io *)ctsio); 11542 return (NULL); 11543 } 11544 return (entry); 11545} 11546 11547static int 11548ctl_cmd_applicable(uint8_t lun_type, const struct ctl_cmd_entry *entry) 11549{ 11550 11551 switch (lun_type) { 11552 case T_PROCESSOR: 11553 if (((entry->flags & CTL_CMD_FLAG_OK_ON_PROC) == 0) && 11554 ((entry->flags & CTL_CMD_FLAG_OK_ON_ALL_LUNS) == 0)) 11555 return (0); 11556 break; 11557 case T_DIRECT: 11558 if (((entry->flags & CTL_CMD_FLAG_OK_ON_SLUN) == 0) && 11559 ((entry->flags & CTL_CMD_FLAG_OK_ON_ALL_LUNS) == 0)) 11560 return (0); 11561 break; 11562 default: 11563 return (0); 11564 } 11565 return (1); 11566} 11567 11568static int 11569ctl_scsiio(struct ctl_scsiio *ctsio) 11570{ 11571 int retval; 11572 const struct ctl_cmd_entry *entry; 11573 11574 retval = CTL_RETVAL_COMPLETE; 11575 11576 CTL_DEBUG_PRINT(("ctl_scsiio cdb[0]=%02X\n", ctsio->cdb[0])); 11577 11578 entry = ctl_get_cmd_entry(ctsio); 11579 11580 /* 11581 * If this I/O has been aborted, just send it straight to 11582 * ctl_done() without executing it. 11583 */ 11584 if (ctsio->io_hdr.flags & CTL_FLAG_ABORT) { 11585 ctl_done((union ctl_io *)ctsio); 11586 goto bailout; 11587 } 11588 11589 /* 11590 * All the checks should have been handled by ctl_scsiio_precheck(). 11591 * We should be clear now to just execute the I/O. 11592 */ 11593 retval = entry->execute(ctsio); 11594 11595bailout: 11596 return (retval); 11597} 11598 11599/* 11600 * Since we only implement one target right now, a bus reset simply resets 11601 * our single target. 11602 */ 11603static int 11604ctl_bus_reset(struct ctl_softc *ctl_softc, union ctl_io *io) 11605{ 11606 return(ctl_target_reset(ctl_softc, io, CTL_UA_BUS_RESET)); 11607} 11608 11609static int 11610ctl_target_reset(struct ctl_softc *ctl_softc, union ctl_io *io, 11611 ctl_ua_type ua_type) 11612{ 11613 struct ctl_lun *lun; 11614 int retval; 11615 11616 if (!(io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC)) { 11617 union ctl_ha_msg msg_info; 11618 11619 io->io_hdr.flags |= CTL_FLAG_SENT_2OTHER_SC; 11620 msg_info.hdr.nexus = io->io_hdr.nexus; 11621 if (ua_type==CTL_UA_TARG_RESET) 11622 msg_info.task.task_action = CTL_TASK_TARGET_RESET; 11623 else 11624 msg_info.task.task_action = CTL_TASK_BUS_RESET; 11625 msg_info.hdr.msg_type = CTL_MSG_MANAGE_TASKS; 11626 msg_info.hdr.original_sc = NULL; 11627 msg_info.hdr.serializing_sc = NULL; 11628 if (CTL_HA_STATUS_SUCCESS != ctl_ha_msg_send(CTL_HA_CHAN_CTL, 11629 (void *)&msg_info, sizeof(msg_info), 0)) { 11630 } 11631 } 11632 retval = 0; 11633 11634 mtx_lock(&ctl_softc->ctl_lock); 11635 STAILQ_FOREACH(lun, &ctl_softc->lun_list, links) 11636 retval += ctl_lun_reset(lun, io, ua_type); 11637 mtx_unlock(&ctl_softc->ctl_lock); 11638 11639 return (retval); 11640} 11641 11642/* 11643 * The LUN should always be set. The I/O is optional, and is used to 11644 * distinguish between I/Os sent by this initiator, and by other 11645 * initiators. We set unit attention for initiators other than this one. 11646 * SAM-3 is vague on this point. It does say that a unit attention should 11647 * be established for other initiators when a LUN is reset (see section 11648 * 5.7.3), but it doesn't specifically say that the unit attention should 11649 * be established for this particular initiator when a LUN is reset. Here 11650 * is the relevant text, from SAM-3 rev 8: 11651 * 11652 * 5.7.2 When a SCSI initiator port aborts its own tasks 11653 * 11654 * When a SCSI initiator port causes its own task(s) to be aborted, no 11655 * notification that the task(s) have been aborted shall be returned to 11656 * the SCSI initiator port other than the completion response for the 11657 * command or task management function action that caused the task(s) to 11658 * be aborted and notification(s) associated with related effects of the 11659 * action (e.g., a reset unit attention condition). 11660 * 11661 * XXX KDM for now, we're setting unit attention for all initiators. 11662 */ 11663static int 11664ctl_lun_reset(struct ctl_lun *lun, union ctl_io *io, ctl_ua_type ua_type) 11665{ 11666 union ctl_io *xio; 11667#if 0 11668 uint32_t initindex; 11669#endif 11670 int i; 11671 11672 mtx_lock(&lun->lun_lock); 11673 /* 11674 * Run through the OOA queue and abort each I/O. 11675 */ 11676#if 0 11677 TAILQ_FOREACH((struct ctl_io_hdr *)xio, &lun->ooa_queue, ooa_links) { 11678#endif 11679 for (xio = (union ctl_io *)TAILQ_FIRST(&lun->ooa_queue); xio != NULL; 11680 xio = (union ctl_io *)TAILQ_NEXT(&xio->io_hdr, ooa_links)) { 11681 xio->io_hdr.flags |= CTL_FLAG_ABORT; 11682 } 11683 11684 /* 11685 * This version sets unit attention for every 11686 */ 11687#if 0 11688 initindex = ctl_get_initindex(&io->io_hdr.nexus); 11689 for (i = 0; i < CTL_MAX_INITIATORS; i++) { 11690 if (initindex == i) 11691 continue; 11692 lun->pending_sense[i].ua_pending |= ua_type; 11693 } 11694#endif 11695 11696 /* 11697 * A reset (any kind, really) clears reservations established with 11698 * RESERVE/RELEASE. It does not clear reservations established 11699 * with PERSISTENT RESERVE OUT, but we don't support that at the 11700 * moment anyway. See SPC-2, section 5.6. SPC-3 doesn't address 11701 * reservations made with the RESERVE/RELEASE commands, because 11702 * those commands are obsolete in SPC-3. 11703 */ 11704 lun->flags &= ~CTL_LUN_RESERVED; 11705 11706 for (i = 0; i < CTL_MAX_INITIATORS; i++) { 11707 ctl_clear_mask(lun->have_ca, i); 11708 lun->pending_sense[i].ua_pending |= ua_type; 11709 } 11710 mtx_lock(&lun->lun_lock); 11711 11712 return (0); 11713} 11714 11715static int 11716ctl_abort_tasks_lun(struct ctl_lun *lun, uint32_t targ_port, uint32_t init_id, 11717 int other_sc) 11718{ 11719 union ctl_io *xio; 11720 int found; 11721 11722 mtx_assert(&lun->lun_lock, MA_OWNED); 11723 11724 /* 11725 * Run through the OOA queue and attempt to find the given I/O. 11726 * The target port, initiator ID, tag type and tag number have to 11727 * match the values that we got from the initiator. If we have an 11728 * untagged command to abort, simply abort the first untagged command 11729 * we come to. We only allow one untagged command at a time of course. 11730 */ 11731 for (xio = (union ctl_io *)TAILQ_FIRST(&lun->ooa_queue); xio != NULL; 11732 xio = (union ctl_io *)TAILQ_NEXT(&xio->io_hdr, ooa_links)) { 11733 11734 if ((targ_port == xio->io_hdr.nexus.targ_port) && 11735 (init_id == xio->io_hdr.nexus.initid.id)) { 11736 xio->io_hdr.flags |= CTL_FLAG_ABORT; 11737 found = 1; 11738 if (!other_sc && !(lun->flags & CTL_LUN_PRIMARY_SC)) { 11739 union ctl_ha_msg msg_info; 11740 11741 msg_info.hdr.nexus = xio->io_hdr.nexus; 11742 msg_info.task.task_action = CTL_TASK_ABORT_TASK; 11743 msg_info.task.tag_num = xio->scsiio.tag_num; 11744 msg_info.task.tag_type = xio->scsiio.tag_type; 11745 msg_info.hdr.msg_type = CTL_MSG_MANAGE_TASKS; 11746 msg_info.hdr.original_sc = NULL; 11747 msg_info.hdr.serializing_sc = NULL; 11748 ctl_ha_msg_send(CTL_HA_CHAN_CTL, 11749 (void *)&msg_info, sizeof(msg_info), 0); 11750 } 11751 } 11752 } 11753 return (found); 11754} 11755 11756static int 11757ctl_abort_task_set(union ctl_io *io) 11758{ 11759 struct ctl_softc *softc = control_softc; 11760 struct ctl_lun *lun; 11761 uint32_t targ_lun; 11762 11763 /* 11764 * Look up the LUN. 11765 */ 11766 targ_lun = io->io_hdr.nexus.targ_mapped_lun; 11767 mtx_lock(&softc->ctl_lock); 11768 if ((targ_lun < CTL_MAX_LUNS) && (softc->ctl_luns[targ_lun] != NULL)) 11769 lun = softc->ctl_luns[targ_lun]; 11770 else { 11771 mtx_unlock(&softc->ctl_lock); 11772 return (1); 11773 } 11774 11775 mtx_lock(&lun->lun_lock); 11776 mtx_unlock(&softc->ctl_lock); 11777 ctl_abort_tasks_lun(lun, io->io_hdr.nexus.targ_port, 11778 io->io_hdr.nexus.initid.id, 11779 (io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC) != 0); 11780 mtx_unlock(&lun->lun_lock); 11781 return (0); 11782} 11783 11784static int 11785ctl_i_t_nexus_reset(union ctl_io *io) 11786{ 11787 struct ctl_softc *softc = control_softc; 11788 struct ctl_lun *lun; 11789 uint32_t initindex; 11790 11791 initindex = ctl_get_initindex(&io->io_hdr.nexus); 11792 mtx_lock(&softc->ctl_lock); 11793 STAILQ_FOREACH(lun, &softc->lun_list, links) { 11794 mtx_lock(&lun->lun_lock); 11795 ctl_abort_tasks_lun(lun, io->io_hdr.nexus.targ_port, 11796 io->io_hdr.nexus.initid.id, 11797 (io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC) != 0); 11798 ctl_clear_mask(lun->have_ca, initindex); 11799 lun->pending_sense[initindex].ua_pending |= CTL_UA_I_T_NEXUS_LOSS; 11800 mtx_unlock(&lun->lun_lock); 11801 } 11802 mtx_unlock(&softc->ctl_lock); 11803 return (0); 11804} 11805 11806static int 11807ctl_abort_task(union ctl_io *io) 11808{ 11809 union ctl_io *xio; 11810 struct ctl_lun *lun; 11811 struct ctl_softc *ctl_softc; 11812#if 0 11813 struct sbuf sb; 11814 char printbuf[128]; 11815#endif 11816 int found; 11817 uint32_t targ_lun; 11818 11819 ctl_softc = control_softc; 11820 found = 0; 11821 11822 /* 11823 * Look up the LUN. 11824 */ 11825 targ_lun = io->io_hdr.nexus.targ_mapped_lun; 11826 mtx_lock(&ctl_softc->ctl_lock); 11827 if ((targ_lun < CTL_MAX_LUNS) 11828 && (ctl_softc->ctl_luns[targ_lun] != NULL)) 11829 lun = ctl_softc->ctl_luns[targ_lun]; 11830 else { 11831 mtx_unlock(&ctl_softc->ctl_lock); 11832 goto bailout; 11833 } 11834 11835#if 0 11836 printf("ctl_abort_task: called for lun %lld, tag %d type %d\n", 11837 lun->lun, io->taskio.tag_num, io->taskio.tag_type); 11838#endif 11839 11840 mtx_lock(&lun->lun_lock); 11841 mtx_unlock(&ctl_softc->ctl_lock); 11842 /* 11843 * Run through the OOA queue and attempt to find the given I/O. 11844 * The target port, initiator ID, tag type and tag number have to 11845 * match the values that we got from the initiator. If we have an 11846 * untagged command to abort, simply abort the first untagged command 11847 * we come to. We only allow one untagged command at a time of course. 11848 */ 11849#if 0 11850 TAILQ_FOREACH((struct ctl_io_hdr *)xio, &lun->ooa_queue, ooa_links) { 11851#endif 11852 for (xio = (union ctl_io *)TAILQ_FIRST(&lun->ooa_queue); xio != NULL; 11853 xio = (union ctl_io *)TAILQ_NEXT(&xio->io_hdr, ooa_links)) { 11854#if 0 11855 sbuf_new(&sb, printbuf, sizeof(printbuf), SBUF_FIXEDLEN); 11856 11857 sbuf_printf(&sb, "LUN %lld tag %d type %d%s%s%s%s: ", 11858 lun->lun, xio->scsiio.tag_num, 11859 xio->scsiio.tag_type, 11860 (xio->io_hdr.blocked_links.tqe_prev 11861 == NULL) ? "" : " BLOCKED", 11862 (xio->io_hdr.flags & 11863 CTL_FLAG_DMA_INPROG) ? " DMA" : "", 11864 (xio->io_hdr.flags & 11865 CTL_FLAG_ABORT) ? " ABORT" : "", 11866 (xio->io_hdr.flags & 11867 CTL_FLAG_IS_WAS_ON_RTR ? " RTR" : "")); 11868 ctl_scsi_command_string(&xio->scsiio, NULL, &sb); 11869 sbuf_finish(&sb); 11870 printf("%s\n", sbuf_data(&sb)); 11871#endif 11872 11873 if ((xio->io_hdr.nexus.targ_port == io->io_hdr.nexus.targ_port) 11874 && (xio->io_hdr.nexus.initid.id == 11875 io->io_hdr.nexus.initid.id)) { 11876 /* 11877 * If the abort says that the task is untagged, the 11878 * task in the queue must be untagged. Otherwise, 11879 * we just check to see whether the tag numbers 11880 * match. This is because the QLogic firmware 11881 * doesn't pass back the tag type in an abort 11882 * request. 11883 */ 11884#if 0 11885 if (((xio->scsiio.tag_type == CTL_TAG_UNTAGGED) 11886 && (io->taskio.tag_type == CTL_TAG_UNTAGGED)) 11887 || (xio->scsiio.tag_num == io->taskio.tag_num)) { 11888#endif 11889 /* 11890 * XXX KDM we've got problems with FC, because it 11891 * doesn't send down a tag type with aborts. So we 11892 * can only really go by the tag number... 11893 * This may cause problems with parallel SCSI. 11894 * Need to figure that out!! 11895 */ 11896 if (xio->scsiio.tag_num == io->taskio.tag_num) { 11897 xio->io_hdr.flags |= CTL_FLAG_ABORT; 11898 found = 1; 11899 if ((io->io_hdr.flags & 11900 CTL_FLAG_FROM_OTHER_SC) == 0 && 11901 !(lun->flags & CTL_LUN_PRIMARY_SC)) { 11902 union ctl_ha_msg msg_info; 11903 11904 io->io_hdr.flags |= 11905 CTL_FLAG_SENT_2OTHER_SC; 11906 msg_info.hdr.nexus = io->io_hdr.nexus; 11907 msg_info.task.task_action = 11908 CTL_TASK_ABORT_TASK; 11909 msg_info.task.tag_num = 11910 io->taskio.tag_num; 11911 msg_info.task.tag_type = 11912 io->taskio.tag_type; 11913 msg_info.hdr.msg_type = 11914 CTL_MSG_MANAGE_TASKS; 11915 msg_info.hdr.original_sc = NULL; 11916 msg_info.hdr.serializing_sc = NULL; 11917#if 0 11918 printf("Sent Abort to other side\n"); 11919#endif 11920 if (CTL_HA_STATUS_SUCCESS != 11921 ctl_ha_msg_send(CTL_HA_CHAN_CTL, 11922 (void *)&msg_info, 11923 sizeof(msg_info), 0)) { 11924 } 11925 } 11926#if 0 11927 printf("ctl_abort_task: found I/O to abort\n"); 11928#endif 11929 break; 11930 } 11931 } 11932 } 11933 mtx_unlock(&lun->lun_lock); 11934 11935bailout: 11936 11937 if (found == 0) { 11938 /* 11939 * This isn't really an error. It's entirely possible for 11940 * the abort and command completion to cross on the wire. 11941 * This is more of an informative/diagnostic error. 11942 */ 11943#if 0 11944 printf("ctl_abort_task: ABORT sent for nonexistent I/O: " 11945 "%d:%d:%d:%d tag %d type %d\n", 11946 io->io_hdr.nexus.initid.id, 11947 io->io_hdr.nexus.targ_port, 11948 io->io_hdr.nexus.targ_target.id, 11949 io->io_hdr.nexus.targ_lun, io->taskio.tag_num, 11950 io->taskio.tag_type); 11951#endif 11952 return (1); 11953 } else 11954 return (0); 11955} 11956 11957/* 11958 * This routine cannot block! It must be callable from an interrupt 11959 * handler as well as from the work thread. 11960 */ 11961static void 11962ctl_run_task(union ctl_io *io) 11963{ 11964 struct ctl_softc *ctl_softc; 11965 int retval; 11966 const char *task_desc; 11967 11968 CTL_DEBUG_PRINT(("ctl_run_task\n")); 11969 11970 ctl_softc = control_softc; 11971 retval = 0; 11972 11973 KASSERT(io->io_hdr.io_type == CTL_IO_TASK, 11974 ("ctl_run_task: Unextected io_type %d\n", 11975 io->io_hdr.io_type)); 11976 11977 task_desc = ctl_scsi_task_string(&io->taskio); 11978 if (task_desc != NULL) { 11979#ifdef NEEDTOPORT 11980 csevent_log(CSC_CTL | CSC_SHELF_SW | 11981 CTL_TASK_REPORT, 11982 csevent_LogType_Trace, 11983 csevent_Severity_Information, 11984 csevent_AlertLevel_Green, 11985 csevent_FRU_Firmware, 11986 csevent_FRU_Unknown, 11987 "CTL: received task: %s",task_desc); 11988#endif 11989 } else { 11990#ifdef NEEDTOPORT 11991 csevent_log(CSC_CTL | CSC_SHELF_SW | 11992 CTL_TASK_REPORT, 11993 csevent_LogType_Trace, 11994 csevent_Severity_Information, 11995 csevent_AlertLevel_Green, 11996 csevent_FRU_Firmware, 11997 csevent_FRU_Unknown, 11998 "CTL: received unknown task " 11999 "type: %d (%#x)", 12000 io->taskio.task_action, 12001 io->taskio.task_action); 12002#endif 12003 } 12004 switch (io->taskio.task_action) { 12005 case CTL_TASK_ABORT_TASK: 12006 retval = ctl_abort_task(io); 12007 break; 12008 case CTL_TASK_ABORT_TASK_SET: 12009 retval = ctl_abort_task_set(io); 12010 break; 12011 case CTL_TASK_CLEAR_ACA: 12012 break; 12013 case CTL_TASK_CLEAR_TASK_SET: 12014 break; 12015 case CTL_TASK_I_T_NEXUS_RESET: 12016 retval = ctl_i_t_nexus_reset(io); 12017 break; 12018 case CTL_TASK_LUN_RESET: { 12019 struct ctl_lun *lun; 12020 uint32_t targ_lun; 12021 int retval; 12022 12023 targ_lun = io->io_hdr.nexus.targ_mapped_lun; 12024 mtx_lock(&ctl_softc->ctl_lock); 12025 if ((targ_lun < CTL_MAX_LUNS) 12026 && (ctl_softc->ctl_luns[targ_lun] != NULL)) 12027 lun = ctl_softc->ctl_luns[targ_lun]; 12028 else { 12029 mtx_unlock(&ctl_softc->ctl_lock); 12030 retval = 1; 12031 break; 12032 } 12033 12034 if (!(io->io_hdr.flags & 12035 CTL_FLAG_FROM_OTHER_SC)) { 12036 union ctl_ha_msg msg_info; 12037 12038 io->io_hdr.flags |= 12039 CTL_FLAG_SENT_2OTHER_SC; 12040 msg_info.hdr.msg_type = 12041 CTL_MSG_MANAGE_TASKS; 12042 msg_info.hdr.nexus = io->io_hdr.nexus; 12043 msg_info.task.task_action = 12044 CTL_TASK_LUN_RESET; 12045 msg_info.hdr.original_sc = NULL; 12046 msg_info.hdr.serializing_sc = NULL; 12047 if (CTL_HA_STATUS_SUCCESS != 12048 ctl_ha_msg_send(CTL_HA_CHAN_CTL, 12049 (void *)&msg_info, 12050 sizeof(msg_info), 0)) { 12051 } 12052 } 12053 12054 retval = ctl_lun_reset(lun, io, 12055 CTL_UA_LUN_RESET); 12056 mtx_unlock(&ctl_softc->ctl_lock); 12057 break; 12058 } 12059 case CTL_TASK_TARGET_RESET: 12060 retval = ctl_target_reset(ctl_softc, io, CTL_UA_TARG_RESET); 12061 break; 12062 case CTL_TASK_BUS_RESET: 12063 retval = ctl_bus_reset(ctl_softc, io); 12064 break; 12065 case CTL_TASK_PORT_LOGIN: 12066 break; 12067 case CTL_TASK_PORT_LOGOUT: 12068 break; 12069 default: 12070 printf("ctl_run_task: got unknown task management event %d\n", 12071 io->taskio.task_action); 12072 break; 12073 } 12074 if (retval == 0) 12075 io->io_hdr.status = CTL_SUCCESS; 12076 else 12077 io->io_hdr.status = CTL_ERROR; 12078 12079 /* 12080 * This will queue this I/O to the done queue, but the 12081 * work thread won't be able to process it until we 12082 * return and the lock is released. 12083 */ 12084 ctl_done(io); 12085} 12086 12087/* 12088 * For HA operation. Handle commands that come in from the other 12089 * controller. 12090 */ 12091static void 12092ctl_handle_isc(union ctl_io *io) 12093{ 12094 int free_io; 12095 struct ctl_lun *lun; 12096 struct ctl_softc *ctl_softc; 12097 uint32_t targ_lun; 12098 12099 ctl_softc = control_softc; 12100 12101 targ_lun = io->io_hdr.nexus.targ_mapped_lun; 12102 lun = ctl_softc->ctl_luns[targ_lun]; 12103 12104 switch (io->io_hdr.msg_type) { 12105 case CTL_MSG_SERIALIZE: 12106 free_io = ctl_serialize_other_sc_cmd(&io->scsiio); 12107 break; 12108 case CTL_MSG_R2R: { 12109 const struct ctl_cmd_entry *entry; 12110 12111 /* 12112 * This is only used in SER_ONLY mode. 12113 */ 12114 free_io = 0; 12115 entry = ctl_get_cmd_entry(&io->scsiio); 12116 mtx_lock(&lun->lun_lock); 12117 if (ctl_scsiio_lun_check(ctl_softc, lun, 12118 entry, (struct ctl_scsiio *)io) != 0) { 12119 mtx_unlock(&lun->lun_lock); 12120 ctl_done(io); 12121 break; 12122 } 12123 io->io_hdr.flags |= CTL_FLAG_IS_WAS_ON_RTR; 12124 mtx_unlock(&lun->lun_lock); 12125 ctl_enqueue_rtr(io); 12126 break; 12127 } 12128 case CTL_MSG_FINISH_IO: 12129 if (ctl_softc->ha_mode == CTL_HA_MODE_XFER) { 12130 free_io = 0; 12131 ctl_done(io); 12132 } else { 12133 free_io = 1; 12134 mtx_lock(&lun->lun_lock); 12135 TAILQ_REMOVE(&lun->ooa_queue, &io->io_hdr, 12136 ooa_links); 12137 ctl_check_blocked(lun); 12138 mtx_unlock(&lun->lun_lock); 12139 } 12140 break; 12141 case CTL_MSG_PERS_ACTION: 12142 ctl_hndl_per_res_out_on_other_sc( 12143 (union ctl_ha_msg *)&io->presio.pr_msg); 12144 free_io = 1; 12145 break; 12146 case CTL_MSG_BAD_JUJU: 12147 free_io = 0; 12148 ctl_done(io); 12149 break; 12150 case CTL_MSG_DATAMOVE: 12151 /* Only used in XFER mode */ 12152 free_io = 0; 12153 ctl_datamove_remote(io); 12154 break; 12155 case CTL_MSG_DATAMOVE_DONE: 12156 /* Only used in XFER mode */ 12157 free_io = 0; 12158 io->scsiio.be_move_done(io); 12159 break; 12160 default: 12161 free_io = 1; 12162 printf("%s: Invalid message type %d\n", 12163 __func__, io->io_hdr.msg_type); 12164 break; 12165 } 12166 if (free_io) 12167 ctl_free_io(io); 12168 12169} 12170 12171 12172/* 12173 * Returns the match type in the case of a match, or CTL_LUN_PAT_NONE if 12174 * there is no match. 12175 */ 12176static ctl_lun_error_pattern 12177ctl_cmd_pattern_match(struct ctl_scsiio *ctsio, struct ctl_error_desc *desc) 12178{ 12179 const struct ctl_cmd_entry *entry; 12180 ctl_lun_error_pattern filtered_pattern, pattern; 12181 12182 pattern = desc->error_pattern; 12183 12184 /* 12185 * XXX KDM we need more data passed into this function to match a 12186 * custom pattern, and we actually need to implement custom pattern 12187 * matching. 12188 */ 12189 if (pattern & CTL_LUN_PAT_CMD) 12190 return (CTL_LUN_PAT_CMD); 12191 12192 if ((pattern & CTL_LUN_PAT_MASK) == CTL_LUN_PAT_ANY) 12193 return (CTL_LUN_PAT_ANY); 12194 12195 entry = ctl_get_cmd_entry(ctsio); 12196 12197 filtered_pattern = entry->pattern & pattern; 12198 12199 /* 12200 * If the user requested specific flags in the pattern (e.g. 12201 * CTL_LUN_PAT_RANGE), make sure the command supports all of those 12202 * flags. 12203 * 12204 * If the user did not specify any flags, it doesn't matter whether 12205 * or not the command supports the flags. 12206 */ 12207 if ((filtered_pattern & ~CTL_LUN_PAT_MASK) != 12208 (pattern & ~CTL_LUN_PAT_MASK)) 12209 return (CTL_LUN_PAT_NONE); 12210 12211 /* 12212 * If the user asked for a range check, see if the requested LBA 12213 * range overlaps with this command's LBA range. 12214 */ 12215 if (filtered_pattern & CTL_LUN_PAT_RANGE) { 12216 uint64_t lba1; 12217 uint32_t len1; 12218 ctl_action action; 12219 int retval; 12220 12221 retval = ctl_get_lba_len((union ctl_io *)ctsio, &lba1, &len1); 12222 if (retval != 0) 12223 return (CTL_LUN_PAT_NONE); 12224 12225 action = ctl_extent_check_lba(lba1, len1, desc->lba_range.lba, 12226 desc->lba_range.len); 12227 /* 12228 * A "pass" means that the LBA ranges don't overlap, so 12229 * this doesn't match the user's range criteria. 12230 */ 12231 if (action == CTL_ACTION_PASS) 12232 return (CTL_LUN_PAT_NONE); 12233 } 12234 12235 return (filtered_pattern); 12236} 12237 12238static void 12239ctl_inject_error(struct ctl_lun *lun, union ctl_io *io) 12240{ 12241 struct ctl_error_desc *desc, *desc2; 12242 12243 mtx_assert(&lun->lun_lock, MA_OWNED); 12244 12245 STAILQ_FOREACH_SAFE(desc, &lun->error_list, links, desc2) { 12246 ctl_lun_error_pattern pattern; 12247 /* 12248 * Check to see whether this particular command matches 12249 * the pattern in the descriptor. 12250 */ 12251 pattern = ctl_cmd_pattern_match(&io->scsiio, desc); 12252 if ((pattern & CTL_LUN_PAT_MASK) == CTL_LUN_PAT_NONE) 12253 continue; 12254 12255 switch (desc->lun_error & CTL_LUN_INJ_TYPE) { 12256 case CTL_LUN_INJ_ABORTED: 12257 ctl_set_aborted(&io->scsiio); 12258 break; 12259 case CTL_LUN_INJ_MEDIUM_ERR: 12260 ctl_set_medium_error(&io->scsiio); 12261 break; 12262 case CTL_LUN_INJ_UA: 12263 /* 29h/00h POWER ON, RESET, OR BUS DEVICE RESET 12264 * OCCURRED */ 12265 ctl_set_ua(&io->scsiio, 0x29, 0x00); 12266 break; 12267 case CTL_LUN_INJ_CUSTOM: 12268 /* 12269 * We're assuming the user knows what he is doing. 12270 * Just copy the sense information without doing 12271 * checks. 12272 */ 12273 bcopy(&desc->custom_sense, &io->scsiio.sense_data, 12274 ctl_min(sizeof(desc->custom_sense), 12275 sizeof(io->scsiio.sense_data))); 12276 io->scsiio.scsi_status = SCSI_STATUS_CHECK_COND; 12277 io->scsiio.sense_len = SSD_FULL_SIZE; 12278 io->io_hdr.status = CTL_SCSI_ERROR | CTL_AUTOSENSE; 12279 break; 12280 case CTL_LUN_INJ_NONE: 12281 default: 12282 /* 12283 * If this is an error injection type we don't know 12284 * about, clear the continuous flag (if it is set) 12285 * so it will get deleted below. 12286 */ 12287 desc->lun_error &= ~CTL_LUN_INJ_CONTINUOUS; 12288 break; 12289 } 12290 /* 12291 * By default, each error injection action is a one-shot 12292 */ 12293 if (desc->lun_error & CTL_LUN_INJ_CONTINUOUS) 12294 continue; 12295 12296 STAILQ_REMOVE(&lun->error_list, desc, ctl_error_desc, links); 12297 12298 free(desc, M_CTL); 12299 } 12300} 12301 12302#ifdef CTL_IO_DELAY 12303static void 12304ctl_datamove_timer_wakeup(void *arg) 12305{ 12306 union ctl_io *io; 12307 12308 io = (union ctl_io *)arg; 12309 12310 ctl_datamove(io); 12311} 12312#endif /* CTL_IO_DELAY */ 12313 12314void 12315ctl_datamove(union ctl_io *io) 12316{ 12317 void (*fe_datamove)(union ctl_io *io); 12318 12319 mtx_assert(&control_softc->ctl_lock, MA_NOTOWNED); 12320 12321 CTL_DEBUG_PRINT(("ctl_datamove\n")); 12322 12323#ifdef CTL_TIME_IO 12324 if ((time_uptime - io->io_hdr.start_time) > ctl_time_io_secs) { 12325 char str[256]; 12326 char path_str[64]; 12327 struct sbuf sb; 12328 12329 ctl_scsi_path_string(io, path_str, sizeof(path_str)); 12330 sbuf_new(&sb, str, sizeof(str), SBUF_FIXEDLEN); 12331 12332 sbuf_cat(&sb, path_str); 12333 switch (io->io_hdr.io_type) { 12334 case CTL_IO_SCSI: 12335 ctl_scsi_command_string(&io->scsiio, NULL, &sb); 12336 sbuf_printf(&sb, "\n"); 12337 sbuf_cat(&sb, path_str); 12338 sbuf_printf(&sb, "Tag: 0x%04x, type %d\n", 12339 io->scsiio.tag_num, io->scsiio.tag_type); 12340 break; 12341 case CTL_IO_TASK: 12342 sbuf_printf(&sb, "Task I/O type: %d, Tag: 0x%04x, " 12343 "Tag Type: %d\n", io->taskio.task_action, 12344 io->taskio.tag_num, io->taskio.tag_type); 12345 break; 12346 default: 12347 printf("Invalid CTL I/O type %d\n", io->io_hdr.io_type); 12348 panic("Invalid CTL I/O type %d\n", io->io_hdr.io_type); 12349 break; 12350 } 12351 sbuf_cat(&sb, path_str); 12352 sbuf_printf(&sb, "ctl_datamove: %jd seconds\n", 12353 (intmax_t)time_uptime - io->io_hdr.start_time); 12354 sbuf_finish(&sb); 12355 printf("%s", sbuf_data(&sb)); 12356 } 12357#endif /* CTL_TIME_IO */ 12358 12359#ifdef CTL_IO_DELAY 12360 if (io->io_hdr.flags & CTL_FLAG_DELAY_DONE) { 12361 struct ctl_lun *lun; 12362 12363 lun =(struct ctl_lun *)io->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 12364 12365 io->io_hdr.flags &= ~CTL_FLAG_DELAY_DONE; 12366 } else { 12367 struct ctl_lun *lun; 12368 12369 lun =(struct ctl_lun *)io->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 12370 if ((lun != NULL) 12371 && (lun->delay_info.datamove_delay > 0)) { 12372 struct callout *callout; 12373 12374 callout = (struct callout *)&io->io_hdr.timer_bytes; 12375 callout_init(callout, /*mpsafe*/ 1); 12376 io->io_hdr.flags |= CTL_FLAG_DELAY_DONE; 12377 callout_reset(callout, 12378 lun->delay_info.datamove_delay * hz, 12379 ctl_datamove_timer_wakeup, io); 12380 if (lun->delay_info.datamove_type == 12381 CTL_DELAY_TYPE_ONESHOT) 12382 lun->delay_info.datamove_delay = 0; 12383 return; 12384 } 12385 } 12386#endif 12387 12388 /* 12389 * This command has been aborted. Set the port status, so we fail 12390 * the data move. 12391 */ 12392 if (io->io_hdr.flags & CTL_FLAG_ABORT) { 12393 printf("ctl_datamove: tag 0x%04x on (%ju:%d:%ju:%d) aborted\n", 12394 io->scsiio.tag_num,(uintmax_t)io->io_hdr.nexus.initid.id, 12395 io->io_hdr.nexus.targ_port, 12396 (uintmax_t)io->io_hdr.nexus.targ_target.id, 12397 io->io_hdr.nexus.targ_lun); 12398 io->io_hdr.status = CTL_CMD_ABORTED; 12399 io->io_hdr.port_status = 31337; 12400 /* 12401 * Note that the backend, in this case, will get the 12402 * callback in its context. In other cases it may get 12403 * called in the frontend's interrupt thread context. 12404 */ 12405 io->scsiio.be_move_done(io); 12406 return; 12407 } 12408 12409 /* 12410 * If we're in XFER mode and this I/O is from the other shelf 12411 * controller, we need to send the DMA to the other side to 12412 * actually transfer the data to/from the host. In serialize only 12413 * mode the transfer happens below CTL and ctl_datamove() is only 12414 * called on the machine that originally received the I/O. 12415 */ 12416 if ((control_softc->ha_mode == CTL_HA_MODE_XFER) 12417 && (io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC)) { 12418 union ctl_ha_msg msg; 12419 uint32_t sg_entries_sent; 12420 int do_sg_copy; 12421 int i; 12422 12423 memset(&msg, 0, sizeof(msg)); 12424 msg.hdr.msg_type = CTL_MSG_DATAMOVE; 12425 msg.hdr.original_sc = io->io_hdr.original_sc; 12426 msg.hdr.serializing_sc = io; 12427 msg.hdr.nexus = io->io_hdr.nexus; 12428 msg.dt.flags = io->io_hdr.flags; 12429 /* 12430 * We convert everything into a S/G list here. We can't 12431 * pass by reference, only by value between controllers. 12432 * So we can't pass a pointer to the S/G list, only as many 12433 * S/G entries as we can fit in here. If it's possible for 12434 * us to get more than CTL_HA_MAX_SG_ENTRIES S/G entries, 12435 * then we need to break this up into multiple transfers. 12436 */ 12437 if (io->scsiio.kern_sg_entries == 0) { 12438 msg.dt.kern_sg_entries = 1; 12439 /* 12440 * If this is in cached memory, flush the cache 12441 * before we send the DMA request to the other 12442 * controller. We want to do this in either the 12443 * read or the write case. The read case is 12444 * straightforward. In the write case, we want to 12445 * make sure nothing is in the local cache that 12446 * could overwrite the DMAed data. 12447 */ 12448 if ((io->io_hdr.flags & CTL_FLAG_NO_DATASYNC) == 0) { 12449 /* 12450 * XXX KDM use bus_dmamap_sync() here. 12451 */ 12452 } 12453 12454 /* 12455 * Convert to a physical address if this is a 12456 * virtual address. 12457 */ 12458 if (io->io_hdr.flags & CTL_FLAG_BUS_ADDR) { 12459 msg.dt.sg_list[0].addr = 12460 io->scsiio.kern_data_ptr; 12461 } else { 12462 /* 12463 * XXX KDM use busdma here! 12464 */ 12465#if 0 12466 msg.dt.sg_list[0].addr = (void *) 12467 vtophys(io->scsiio.kern_data_ptr); 12468#endif 12469 } 12470 12471 msg.dt.sg_list[0].len = io->scsiio.kern_data_len; 12472 do_sg_copy = 0; 12473 } else { 12474 struct ctl_sg_entry *sgl; 12475 12476 do_sg_copy = 1; 12477 msg.dt.kern_sg_entries = io->scsiio.kern_sg_entries; 12478 sgl = (struct ctl_sg_entry *)io->scsiio.kern_data_ptr; 12479 if ((io->io_hdr.flags & CTL_FLAG_NO_DATASYNC) == 0) { 12480 /* 12481 * XXX KDM use bus_dmamap_sync() here. 12482 */ 12483 } 12484 } 12485 12486 msg.dt.kern_data_len = io->scsiio.kern_data_len; 12487 msg.dt.kern_total_len = io->scsiio.kern_total_len; 12488 msg.dt.kern_data_resid = io->scsiio.kern_data_resid; 12489 msg.dt.kern_rel_offset = io->scsiio.kern_rel_offset; 12490 msg.dt.sg_sequence = 0; 12491 12492 /* 12493 * Loop until we've sent all of the S/G entries. On the 12494 * other end, we'll recompose these S/G entries into one 12495 * contiguous list before passing it to the 12496 */ 12497 for (sg_entries_sent = 0; sg_entries_sent < 12498 msg.dt.kern_sg_entries; msg.dt.sg_sequence++) { 12499 msg.dt.cur_sg_entries = ctl_min((sizeof(msg.dt.sg_list)/ 12500 sizeof(msg.dt.sg_list[0])), 12501 msg.dt.kern_sg_entries - sg_entries_sent); 12502 12503 if (do_sg_copy != 0) { 12504 struct ctl_sg_entry *sgl; 12505 int j; 12506 12507 sgl = (struct ctl_sg_entry *) 12508 io->scsiio.kern_data_ptr; 12509 /* 12510 * If this is in cached memory, flush the cache 12511 * before we send the DMA request to the other 12512 * controller. We want to do this in either 12513 * the * read or the write case. The read 12514 * case is straightforward. In the write 12515 * case, we want to make sure nothing is 12516 * in the local cache that could overwrite 12517 * the DMAed data. 12518 */ 12519 12520 for (i = sg_entries_sent, j = 0; 12521 i < msg.dt.cur_sg_entries; i++, j++) { 12522 if ((io->io_hdr.flags & 12523 CTL_FLAG_NO_DATASYNC) == 0) { 12524 /* 12525 * XXX KDM use bus_dmamap_sync() 12526 */ 12527 } 12528 if ((io->io_hdr.flags & 12529 CTL_FLAG_BUS_ADDR) == 0) { 12530 /* 12531 * XXX KDM use busdma. 12532 */ 12533#if 0 12534 msg.dt.sg_list[j].addr =(void *) 12535 vtophys(sgl[i].addr); 12536#endif 12537 } else { 12538 msg.dt.sg_list[j].addr = 12539 sgl[i].addr; 12540 } 12541 msg.dt.sg_list[j].len = sgl[i].len; 12542 } 12543 } 12544 12545 sg_entries_sent += msg.dt.cur_sg_entries; 12546 if (sg_entries_sent >= msg.dt.kern_sg_entries) 12547 msg.dt.sg_last = 1; 12548 else 12549 msg.dt.sg_last = 0; 12550 12551 /* 12552 * XXX KDM drop and reacquire the lock here? 12553 */ 12554 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg, 12555 sizeof(msg), 0) > CTL_HA_STATUS_SUCCESS) { 12556 /* 12557 * XXX do something here. 12558 */ 12559 } 12560 12561 msg.dt.sent_sg_entries = sg_entries_sent; 12562 } 12563 io->io_hdr.flags &= ~CTL_FLAG_IO_ACTIVE; 12564 if (io->io_hdr.flags & CTL_FLAG_FAILOVER) 12565 ctl_failover_io(io, /*have_lock*/ 0); 12566 12567 } else { 12568 12569 /* 12570 * Lookup the fe_datamove() function for this particular 12571 * front end. 12572 */ 12573 fe_datamove = 12574 control_softc->ctl_ports[ctl_port_idx(io->io_hdr.nexus.targ_port)]->fe_datamove; 12575 12576 fe_datamove(io); 12577 } 12578} 12579 12580static void 12581ctl_send_datamove_done(union ctl_io *io, int have_lock) 12582{ 12583 union ctl_ha_msg msg; 12584 int isc_status; 12585 12586 memset(&msg, 0, sizeof(msg)); 12587 12588 msg.hdr.msg_type = CTL_MSG_DATAMOVE_DONE; 12589 msg.hdr.original_sc = io; 12590 msg.hdr.serializing_sc = io->io_hdr.serializing_sc; 12591 msg.hdr.nexus = io->io_hdr.nexus; 12592 msg.hdr.status = io->io_hdr.status; 12593 msg.scsi.tag_num = io->scsiio.tag_num; 12594 msg.scsi.tag_type = io->scsiio.tag_type; 12595 msg.scsi.scsi_status = io->scsiio.scsi_status; 12596 memcpy(&msg.scsi.sense_data, &io->scsiio.sense_data, 12597 sizeof(io->scsiio.sense_data)); 12598 msg.scsi.sense_len = io->scsiio.sense_len; 12599 msg.scsi.sense_residual = io->scsiio.sense_residual; 12600 msg.scsi.fetd_status = io->io_hdr.port_status; 12601 msg.scsi.residual = io->scsiio.residual; 12602 io->io_hdr.flags &= ~CTL_FLAG_IO_ACTIVE; 12603 12604 if (io->io_hdr.flags & CTL_FLAG_FAILOVER) { 12605 ctl_failover_io(io, /*have_lock*/ have_lock); 12606 return; 12607 } 12608 12609 isc_status = ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg, sizeof(msg), 0); 12610 if (isc_status > CTL_HA_STATUS_SUCCESS) { 12611 /* XXX do something if this fails */ 12612 } 12613 12614} 12615 12616/* 12617 * The DMA to the remote side is done, now we need to tell the other side 12618 * we're done so it can continue with its data movement. 12619 */ 12620static void 12621ctl_datamove_remote_write_cb(struct ctl_ha_dt_req *rq) 12622{ 12623 union ctl_io *io; 12624 12625 io = rq->context; 12626 12627 if (rq->ret != CTL_HA_STATUS_SUCCESS) { 12628 printf("%s: ISC DMA write failed with error %d", __func__, 12629 rq->ret); 12630 ctl_set_internal_failure(&io->scsiio, 12631 /*sks_valid*/ 1, 12632 /*retry_count*/ rq->ret); 12633 } 12634 12635 ctl_dt_req_free(rq); 12636 12637 /* 12638 * In this case, we had to malloc the memory locally. Free it. 12639 */ 12640 if ((io->io_hdr.flags & CTL_FLAG_AUTO_MIRROR) == 0) { 12641 int i; 12642 for (i = 0; i < io->scsiio.kern_sg_entries; i++) 12643 free(io->io_hdr.local_sglist[i].addr, M_CTL); 12644 } 12645 /* 12646 * The data is in local and remote memory, so now we need to send 12647 * status (good or back) back to the other side. 12648 */ 12649 ctl_send_datamove_done(io, /*have_lock*/ 0); 12650} 12651 12652/* 12653 * We've moved the data from the host/controller into local memory. Now we 12654 * need to push it over to the remote controller's memory. 12655 */ 12656static int 12657ctl_datamove_remote_dm_write_cb(union ctl_io *io) 12658{ 12659 int retval; 12660 12661 retval = 0; 12662 12663 retval = ctl_datamove_remote_xfer(io, CTL_HA_DT_CMD_WRITE, 12664 ctl_datamove_remote_write_cb); 12665 12666 return (retval); 12667} 12668 12669static void 12670ctl_datamove_remote_write(union ctl_io *io) 12671{ 12672 int retval; 12673 void (*fe_datamove)(union ctl_io *io); 12674 12675 /* 12676 * - Get the data from the host/HBA into local memory. 12677 * - DMA memory from the local controller to the remote controller. 12678 * - Send status back to the remote controller. 12679 */ 12680 12681 retval = ctl_datamove_remote_sgl_setup(io); 12682 if (retval != 0) 12683 return; 12684 12685 /* Switch the pointer over so the FETD knows what to do */ 12686 io->scsiio.kern_data_ptr = (uint8_t *)io->io_hdr.local_sglist; 12687 12688 /* 12689 * Use a custom move done callback, since we need to send completion 12690 * back to the other controller, not to the backend on this side. 12691 */ 12692 io->scsiio.be_move_done = ctl_datamove_remote_dm_write_cb; 12693 12694 fe_datamove = control_softc->ctl_ports[ctl_port_idx(io->io_hdr.nexus.targ_port)]->fe_datamove; 12695 12696 fe_datamove(io); 12697 12698 return; 12699 12700} 12701 12702static int 12703ctl_datamove_remote_dm_read_cb(union ctl_io *io) 12704{ 12705#if 0 12706 char str[256]; 12707 char path_str[64]; 12708 struct sbuf sb; 12709#endif 12710 12711 /* 12712 * In this case, we had to malloc the memory locally. Free it. 12713 */ 12714 if ((io->io_hdr.flags & CTL_FLAG_AUTO_MIRROR) == 0) { 12715 int i; 12716 for (i = 0; i < io->scsiio.kern_sg_entries; i++) 12717 free(io->io_hdr.local_sglist[i].addr, M_CTL); 12718 } 12719 12720#if 0 12721 scsi_path_string(io, path_str, sizeof(path_str)); 12722 sbuf_new(&sb, str, sizeof(str), SBUF_FIXEDLEN); 12723 sbuf_cat(&sb, path_str); 12724 scsi_command_string(&io->scsiio, NULL, &sb); 12725 sbuf_printf(&sb, "\n"); 12726 sbuf_cat(&sb, path_str); 12727 sbuf_printf(&sb, "Tag: 0x%04x, type %d\n", 12728 io->scsiio.tag_num, io->scsiio.tag_type); 12729 sbuf_cat(&sb, path_str); 12730 sbuf_printf(&sb, "%s: flags %#x, status %#x\n", __func__, 12731 io->io_hdr.flags, io->io_hdr.status); 12732 sbuf_finish(&sb); 12733 printk("%s", sbuf_data(&sb)); 12734#endif 12735 12736 12737 /* 12738 * The read is done, now we need to send status (good or bad) back 12739 * to the other side. 12740 */ 12741 ctl_send_datamove_done(io, /*have_lock*/ 0); 12742 12743 return (0); 12744} 12745 12746static void 12747ctl_datamove_remote_read_cb(struct ctl_ha_dt_req *rq) 12748{ 12749 union ctl_io *io; 12750 void (*fe_datamove)(union ctl_io *io); 12751 12752 io = rq->context; 12753 12754 if (rq->ret != CTL_HA_STATUS_SUCCESS) { 12755 printf("%s: ISC DMA read failed with error %d", __func__, 12756 rq->ret); 12757 ctl_set_internal_failure(&io->scsiio, 12758 /*sks_valid*/ 1, 12759 /*retry_count*/ rq->ret); 12760 } 12761 12762 ctl_dt_req_free(rq); 12763 12764 /* Switch the pointer over so the FETD knows what to do */ 12765 io->scsiio.kern_data_ptr = (uint8_t *)io->io_hdr.local_sglist; 12766 12767 /* 12768 * Use a custom move done callback, since we need to send completion 12769 * back to the other controller, not to the backend on this side. 12770 */ 12771 io->scsiio.be_move_done = ctl_datamove_remote_dm_read_cb; 12772 12773 /* XXX KDM add checks like the ones in ctl_datamove? */ 12774 12775 fe_datamove = control_softc->ctl_ports[ctl_port_idx(io->io_hdr.nexus.targ_port)]->fe_datamove; 12776 12777 fe_datamove(io); 12778} 12779 12780static int 12781ctl_datamove_remote_sgl_setup(union ctl_io *io) 12782{ 12783 struct ctl_sg_entry *local_sglist, *remote_sglist; 12784 struct ctl_sg_entry *local_dma_sglist, *remote_dma_sglist; 12785 struct ctl_softc *softc; 12786 int retval; 12787 int i; 12788 12789 retval = 0; 12790 softc = control_softc; 12791 12792 local_sglist = io->io_hdr.local_sglist; 12793 local_dma_sglist = io->io_hdr.local_dma_sglist; 12794 remote_sglist = io->io_hdr.remote_sglist; 12795 remote_dma_sglist = io->io_hdr.remote_dma_sglist; 12796 12797 if (io->io_hdr.flags & CTL_FLAG_AUTO_MIRROR) { 12798 for (i = 0; i < io->scsiio.kern_sg_entries; i++) { 12799 local_sglist[i].len = remote_sglist[i].len; 12800 12801 /* 12802 * XXX Detect the situation where the RS-level I/O 12803 * redirector on the other side has already read the 12804 * data off of the AOR RS on this side, and 12805 * transferred it to remote (mirror) memory on the 12806 * other side. Since we already have the data in 12807 * memory here, we just need to use it. 12808 * 12809 * XXX KDM this can probably be removed once we 12810 * get the cache device code in and take the 12811 * current AOR implementation out. 12812 */ 12813#ifdef NEEDTOPORT 12814 if ((remote_sglist[i].addr >= 12815 (void *)vtophys(softc->mirr->addr)) 12816 && (remote_sglist[i].addr < 12817 ((void *)vtophys(softc->mirr->addr) + 12818 CacheMirrorOffset))) { 12819 local_sglist[i].addr = remote_sglist[i].addr - 12820 CacheMirrorOffset; 12821 if ((io->io_hdr.flags & CTL_FLAG_DATA_MASK) == 12822 CTL_FLAG_DATA_IN) 12823 io->io_hdr.flags |= CTL_FLAG_REDIR_DONE; 12824 } else { 12825 local_sglist[i].addr = remote_sglist[i].addr + 12826 CacheMirrorOffset; 12827 } 12828#endif 12829#if 0 12830 printf("%s: local %p, remote %p, len %d\n", 12831 __func__, local_sglist[i].addr, 12832 remote_sglist[i].addr, local_sglist[i].len); 12833#endif 12834 } 12835 } else { 12836 uint32_t len_to_go; 12837 12838 /* 12839 * In this case, we don't have automatically allocated 12840 * memory for this I/O on this controller. This typically 12841 * happens with internal CTL I/O -- e.g. inquiry, mode 12842 * sense, etc. Anything coming from RAIDCore will have 12843 * a mirror area available. 12844 */ 12845 len_to_go = io->scsiio.kern_data_len; 12846 12847 /* 12848 * Clear the no datasync flag, we have to use malloced 12849 * buffers. 12850 */ 12851 io->io_hdr.flags &= ~CTL_FLAG_NO_DATASYNC; 12852 12853 /* 12854 * The difficult thing here is that the size of the various 12855 * S/G segments may be different than the size from the 12856 * remote controller. That'll make it harder when DMAing 12857 * the data back to the other side. 12858 */ 12859 for (i = 0; (i < sizeof(io->io_hdr.remote_sglist) / 12860 sizeof(io->io_hdr.remote_sglist[0])) && 12861 (len_to_go > 0); i++) { 12862 local_sglist[i].len = ctl_min(len_to_go, 131072); 12863 CTL_SIZE_8B(local_dma_sglist[i].len, 12864 local_sglist[i].len); 12865 local_sglist[i].addr = 12866 malloc(local_dma_sglist[i].len, M_CTL,M_WAITOK); 12867 12868 local_dma_sglist[i].addr = local_sglist[i].addr; 12869 12870 if (local_sglist[i].addr == NULL) { 12871 int j; 12872 12873 printf("malloc failed for %zd bytes!", 12874 local_dma_sglist[i].len); 12875 for (j = 0; j < i; j++) { 12876 free(local_sglist[j].addr, M_CTL); 12877 } 12878 ctl_set_internal_failure(&io->scsiio, 12879 /*sks_valid*/ 1, 12880 /*retry_count*/ 4857); 12881 retval = 1; 12882 goto bailout_error; 12883 12884 } 12885 /* XXX KDM do we need a sync here? */ 12886 12887 len_to_go -= local_sglist[i].len; 12888 } 12889 /* 12890 * Reset the number of S/G entries accordingly. The 12891 * original number of S/G entries is available in 12892 * rem_sg_entries. 12893 */ 12894 io->scsiio.kern_sg_entries = i; 12895 12896#if 0 12897 printf("%s: kern_sg_entries = %d\n", __func__, 12898 io->scsiio.kern_sg_entries); 12899 for (i = 0; i < io->scsiio.kern_sg_entries; i++) 12900 printf("%s: sg[%d] = %p, %d (DMA: %d)\n", __func__, i, 12901 local_sglist[i].addr, local_sglist[i].len, 12902 local_dma_sglist[i].len); 12903#endif 12904 } 12905 12906 12907 return (retval); 12908 12909bailout_error: 12910 12911 ctl_send_datamove_done(io, /*have_lock*/ 0); 12912 12913 return (retval); 12914} 12915 12916static int 12917ctl_datamove_remote_xfer(union ctl_io *io, unsigned command, 12918 ctl_ha_dt_cb callback) 12919{ 12920 struct ctl_ha_dt_req *rq; 12921 struct ctl_sg_entry *remote_sglist, *local_sglist; 12922 struct ctl_sg_entry *remote_dma_sglist, *local_dma_sglist; 12923 uint32_t local_used, remote_used, total_used; 12924 int retval; 12925 int i, j; 12926 12927 retval = 0; 12928 12929 rq = ctl_dt_req_alloc(); 12930 12931 /* 12932 * If we failed to allocate the request, and if the DMA didn't fail 12933 * anyway, set busy status. This is just a resource allocation 12934 * failure. 12935 */ 12936 if ((rq == NULL) 12937 && ((io->io_hdr.status & CTL_STATUS_MASK) != CTL_STATUS_NONE)) 12938 ctl_set_busy(&io->scsiio); 12939 12940 if ((io->io_hdr.status & CTL_STATUS_MASK) != CTL_STATUS_NONE) { 12941 12942 if (rq != NULL) 12943 ctl_dt_req_free(rq); 12944 12945 /* 12946 * The data move failed. We need to return status back 12947 * to the other controller. No point in trying to DMA 12948 * data to the remote controller. 12949 */ 12950 12951 ctl_send_datamove_done(io, /*have_lock*/ 0); 12952 12953 retval = 1; 12954 12955 goto bailout; 12956 } 12957 12958 local_sglist = io->io_hdr.local_sglist; 12959 local_dma_sglist = io->io_hdr.local_dma_sglist; 12960 remote_sglist = io->io_hdr.remote_sglist; 12961 remote_dma_sglist = io->io_hdr.remote_dma_sglist; 12962 local_used = 0; 12963 remote_used = 0; 12964 total_used = 0; 12965 12966 if (io->io_hdr.flags & CTL_FLAG_REDIR_DONE) { 12967 rq->ret = CTL_HA_STATUS_SUCCESS; 12968 rq->context = io; 12969 callback(rq); 12970 goto bailout; 12971 } 12972 12973 /* 12974 * Pull/push the data over the wire from/to the other controller. 12975 * This takes into account the possibility that the local and 12976 * remote sglists may not be identical in terms of the size of 12977 * the elements and the number of elements. 12978 * 12979 * One fundamental assumption here is that the length allocated for 12980 * both the local and remote sglists is identical. Otherwise, we've 12981 * essentially got a coding error of some sort. 12982 */ 12983 for (i = 0, j = 0; total_used < io->scsiio.kern_data_len; ) { 12984 int isc_ret; 12985 uint32_t cur_len, dma_length; 12986 uint8_t *tmp_ptr; 12987 12988 rq->id = CTL_HA_DATA_CTL; 12989 rq->command = command; 12990 rq->context = io; 12991 12992 /* 12993 * Both pointers should be aligned. But it is possible 12994 * that the allocation length is not. They should both 12995 * also have enough slack left over at the end, though, 12996 * to round up to the next 8 byte boundary. 12997 */ 12998 cur_len = ctl_min(local_sglist[i].len - local_used, 12999 remote_sglist[j].len - remote_used); 13000 13001 /* 13002 * In this case, we have a size issue and need to decrease 13003 * the size, except in the case where we actually have less 13004 * than 8 bytes left. In that case, we need to increase 13005 * the DMA length to get the last bit. 13006 */ 13007 if ((cur_len & 0x7) != 0) { 13008 if (cur_len > 0x7) { 13009 cur_len = cur_len - (cur_len & 0x7); 13010 dma_length = cur_len; 13011 } else { 13012 CTL_SIZE_8B(dma_length, cur_len); 13013 } 13014 13015 } else 13016 dma_length = cur_len; 13017 13018 /* 13019 * If we had to allocate memory for this I/O, instead of using 13020 * the non-cached mirror memory, we'll need to flush the cache 13021 * before trying to DMA to the other controller. 13022 * 13023 * We could end up doing this multiple times for the same 13024 * segment if we have a larger local segment than remote 13025 * segment. That shouldn't be an issue. 13026 */ 13027 if ((io->io_hdr.flags & CTL_FLAG_NO_DATASYNC) == 0) { 13028 /* 13029 * XXX KDM use bus_dmamap_sync() here. 13030 */ 13031 } 13032 13033 rq->size = dma_length; 13034 13035 tmp_ptr = (uint8_t *)local_sglist[i].addr; 13036 tmp_ptr += local_used; 13037 13038 /* Use physical addresses when talking to ISC hardware */ 13039 if ((io->io_hdr.flags & CTL_FLAG_BUS_ADDR) == 0) { 13040 /* XXX KDM use busdma */ 13041#if 0 13042 rq->local = vtophys(tmp_ptr); 13043#endif 13044 } else 13045 rq->local = tmp_ptr; 13046 13047 tmp_ptr = (uint8_t *)remote_sglist[j].addr; 13048 tmp_ptr += remote_used; 13049 rq->remote = tmp_ptr; 13050 13051 rq->callback = NULL; 13052 13053 local_used += cur_len; 13054 if (local_used >= local_sglist[i].len) { 13055 i++; 13056 local_used = 0; 13057 } 13058 13059 remote_used += cur_len; 13060 if (remote_used >= remote_sglist[j].len) { 13061 j++; 13062 remote_used = 0; 13063 } 13064 total_used += cur_len; 13065 13066 if (total_used >= io->scsiio.kern_data_len) 13067 rq->callback = callback; 13068 13069 if ((rq->size & 0x7) != 0) { 13070 printf("%s: warning: size %d is not on 8b boundary\n", 13071 __func__, rq->size); 13072 } 13073 if (((uintptr_t)rq->local & 0x7) != 0) { 13074 printf("%s: warning: local %p not on 8b boundary\n", 13075 __func__, rq->local); 13076 } 13077 if (((uintptr_t)rq->remote & 0x7) != 0) { 13078 printf("%s: warning: remote %p not on 8b boundary\n", 13079 __func__, rq->local); 13080 } 13081#if 0 13082 printf("%s: %s: local %#x remote %#x size %d\n", __func__, 13083 (command == CTL_HA_DT_CMD_WRITE) ? "WRITE" : "READ", 13084 rq->local, rq->remote, rq->size); 13085#endif 13086 13087 isc_ret = ctl_dt_single(rq); 13088 if (isc_ret == CTL_HA_STATUS_WAIT) 13089 continue; 13090 13091 if (isc_ret == CTL_HA_STATUS_DISCONNECT) { 13092 rq->ret = CTL_HA_STATUS_SUCCESS; 13093 } else { 13094 rq->ret = isc_ret; 13095 } 13096 callback(rq); 13097 goto bailout; 13098 } 13099 13100bailout: 13101 return (retval); 13102 13103} 13104 13105static void 13106ctl_datamove_remote_read(union ctl_io *io) 13107{ 13108 int retval; 13109 int i; 13110 13111 /* 13112 * This will send an error to the other controller in the case of a 13113 * failure. 13114 */ 13115 retval = ctl_datamove_remote_sgl_setup(io); 13116 if (retval != 0) 13117 return; 13118 13119 retval = ctl_datamove_remote_xfer(io, CTL_HA_DT_CMD_READ, 13120 ctl_datamove_remote_read_cb); 13121 if ((retval != 0) 13122 && ((io->io_hdr.flags & CTL_FLAG_AUTO_MIRROR) == 0)) { 13123 /* 13124 * Make sure we free memory if there was an error.. The 13125 * ctl_datamove_remote_xfer() function will send the 13126 * datamove done message, or call the callback with an 13127 * error if there is a problem. 13128 */ 13129 for (i = 0; i < io->scsiio.kern_sg_entries; i++) 13130 free(io->io_hdr.local_sglist[i].addr, M_CTL); 13131 } 13132 13133 return; 13134} 13135 13136/* 13137 * Process a datamove request from the other controller. This is used for 13138 * XFER mode only, not SER_ONLY mode. For writes, we DMA into local memory 13139 * first. Once that is complete, the data gets DMAed into the remote 13140 * controller's memory. For reads, we DMA from the remote controller's 13141 * memory into our memory first, and then move it out to the FETD. 13142 */ 13143static void 13144ctl_datamove_remote(union ctl_io *io) 13145{ 13146 struct ctl_softc *softc; 13147 13148 softc = control_softc; 13149 13150 mtx_assert(&softc->ctl_lock, MA_NOTOWNED); 13151 13152 /* 13153 * Note that we look for an aborted I/O here, but don't do some of 13154 * the other checks that ctl_datamove() normally does. We don't 13155 * need to run the task queue, because this I/O is on the ISC 13156 * queue, which is executed by the work thread after the task queue. 13157 * We don't need to run the datamove delay code, since that should 13158 * have been done if need be on the other controller. 13159 */ 13160 if (io->io_hdr.flags & CTL_FLAG_ABORT) { 13161 13162 printf("%s: tag 0x%04x on (%d:%d:%d:%d) aborted\n", __func__, 13163 io->scsiio.tag_num, io->io_hdr.nexus.initid.id, 13164 io->io_hdr.nexus.targ_port, 13165 io->io_hdr.nexus.targ_target.id, 13166 io->io_hdr.nexus.targ_lun); 13167 io->io_hdr.status = CTL_CMD_ABORTED; 13168 io->io_hdr.port_status = 31338; 13169 13170 ctl_send_datamove_done(io, /*have_lock*/ 0); 13171 13172 return; 13173 } 13174 13175 if ((io->io_hdr.flags & CTL_FLAG_DATA_MASK) == CTL_FLAG_DATA_OUT) { 13176 ctl_datamove_remote_write(io); 13177 } else if ((io->io_hdr.flags & CTL_FLAG_DATA_MASK) == CTL_FLAG_DATA_IN){ 13178 ctl_datamove_remote_read(io); 13179 } else { 13180 union ctl_ha_msg msg; 13181 struct scsi_sense_data *sense; 13182 uint8_t sks[3]; 13183 int retry_count; 13184 13185 memset(&msg, 0, sizeof(msg)); 13186 13187 msg.hdr.msg_type = CTL_MSG_BAD_JUJU; 13188 msg.hdr.status = CTL_SCSI_ERROR; 13189 msg.scsi.scsi_status = SCSI_STATUS_CHECK_COND; 13190 13191 retry_count = 4243; 13192 13193 sense = &msg.scsi.sense_data; 13194 sks[0] = SSD_SCS_VALID; 13195 sks[1] = (retry_count >> 8) & 0xff; 13196 sks[2] = retry_count & 0xff; 13197 13198 /* "Internal target failure" */ 13199 scsi_set_sense_data(sense, 13200 /*sense_format*/ SSD_TYPE_NONE, 13201 /*current_error*/ 1, 13202 /*sense_key*/ SSD_KEY_HARDWARE_ERROR, 13203 /*asc*/ 0x44, 13204 /*ascq*/ 0x00, 13205 /*type*/ SSD_ELEM_SKS, 13206 /*size*/ sizeof(sks), 13207 /*data*/ sks, 13208 SSD_ELEM_NONE); 13209 13210 io->io_hdr.flags &= ~CTL_FLAG_IO_ACTIVE; 13211 if (io->io_hdr.flags & CTL_FLAG_FAILOVER) { 13212 ctl_failover_io(io, /*have_lock*/ 1); 13213 return; 13214 } 13215 13216 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg, sizeof(msg), 0) > 13217 CTL_HA_STATUS_SUCCESS) { 13218 /* XXX KDM what to do if this fails? */ 13219 } 13220 return; 13221 } 13222 13223} 13224 13225static int 13226ctl_process_done(union ctl_io *io) 13227{ 13228 struct ctl_lun *lun; 13229 struct ctl_softc *ctl_softc; 13230 void (*fe_done)(union ctl_io *io); 13231 uint32_t targ_port = ctl_port_idx(io->io_hdr.nexus.targ_port); 13232 13233 CTL_DEBUG_PRINT(("ctl_process_done\n")); 13234 13235 fe_done = 13236 control_softc->ctl_ports[targ_port]->fe_done; 13237 13238#ifdef CTL_TIME_IO 13239 if ((time_uptime - io->io_hdr.start_time) > ctl_time_io_secs) { 13240 char str[256]; 13241 char path_str[64]; 13242 struct sbuf sb; 13243 13244 ctl_scsi_path_string(io, path_str, sizeof(path_str)); 13245 sbuf_new(&sb, str, sizeof(str), SBUF_FIXEDLEN); 13246 13247 sbuf_cat(&sb, path_str); 13248 switch (io->io_hdr.io_type) { 13249 case CTL_IO_SCSI: 13250 ctl_scsi_command_string(&io->scsiio, NULL, &sb); 13251 sbuf_printf(&sb, "\n"); 13252 sbuf_cat(&sb, path_str); 13253 sbuf_printf(&sb, "Tag: 0x%04x, type %d\n", 13254 io->scsiio.tag_num, io->scsiio.tag_type); 13255 break; 13256 case CTL_IO_TASK: 13257 sbuf_printf(&sb, "Task I/O type: %d, Tag: 0x%04x, " 13258 "Tag Type: %d\n", io->taskio.task_action, 13259 io->taskio.tag_num, io->taskio.tag_type); 13260 break; 13261 default: 13262 printf("Invalid CTL I/O type %d\n", io->io_hdr.io_type); 13263 panic("Invalid CTL I/O type %d\n", io->io_hdr.io_type); 13264 break; 13265 } 13266 sbuf_cat(&sb, path_str); 13267 sbuf_printf(&sb, "ctl_process_done: %jd seconds\n", 13268 (intmax_t)time_uptime - io->io_hdr.start_time); 13269 sbuf_finish(&sb); 13270 printf("%s", sbuf_data(&sb)); 13271 } 13272#endif /* CTL_TIME_IO */ 13273 13274 switch (io->io_hdr.io_type) { 13275 case CTL_IO_SCSI: 13276 break; 13277 case CTL_IO_TASK: 13278 if (bootverbose || verbose > 0) 13279 ctl_io_error_print(io, NULL); 13280 if (io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC) 13281 ctl_free_io(io); 13282 else 13283 fe_done(io); 13284 return (CTL_RETVAL_COMPLETE); 13285 break; 13286 default: 13287 printf("ctl_process_done: invalid io type %d\n", 13288 io->io_hdr.io_type); 13289 panic("ctl_process_done: invalid io type %d\n", 13290 io->io_hdr.io_type); 13291 break; /* NOTREACHED */ 13292 } 13293 13294 lun = (struct ctl_lun *)io->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 13295 if (lun == NULL) { 13296 CTL_DEBUG_PRINT(("NULL LUN for lun %d\n", 13297 io->io_hdr.nexus.targ_mapped_lun)); 13298 fe_done(io); 13299 goto bailout; 13300 } 13301 ctl_softc = lun->ctl_softc; 13302 13303 mtx_lock(&lun->lun_lock); 13304 13305 /* 13306 * Check to see if we have any errors to inject here. We only 13307 * inject errors for commands that don't already have errors set. 13308 */ 13309 if ((STAILQ_FIRST(&lun->error_list) != NULL) 13310 && ((io->io_hdr.status & CTL_STATUS_MASK) == CTL_SUCCESS)) 13311 ctl_inject_error(lun, io); 13312 13313 /* 13314 * XXX KDM how do we treat commands that aren't completed 13315 * successfully? 13316 * 13317 * XXX KDM should we also track I/O latency? 13318 */ 13319 if ((io->io_hdr.status & CTL_STATUS_MASK) == CTL_SUCCESS && 13320 io->io_hdr.io_type == CTL_IO_SCSI) { 13321#ifdef CTL_TIME_IO 13322 struct bintime cur_bt; 13323#endif 13324 int type; 13325 13326 if ((io->io_hdr.flags & CTL_FLAG_DATA_MASK) == 13327 CTL_FLAG_DATA_IN) 13328 type = CTL_STATS_READ; 13329 else if ((io->io_hdr.flags & CTL_FLAG_DATA_MASK) == 13330 CTL_FLAG_DATA_OUT) 13331 type = CTL_STATS_WRITE; 13332 else 13333 type = CTL_STATS_NO_IO; 13334 13335 lun->stats.ports[targ_port].bytes[type] += 13336 io->scsiio.kern_total_len; 13337 lun->stats.ports[targ_port].operations[type]++; 13338#ifdef CTL_TIME_IO 13339 bintime_add(&lun->stats.ports[targ_port].dma_time[type], 13340 &io->io_hdr.dma_bt); 13341 lun->stats.ports[targ_port].num_dmas[type] += 13342 io->io_hdr.num_dmas; 13343 getbintime(&cur_bt); 13344 bintime_sub(&cur_bt, &io->io_hdr.start_bt); 13345 bintime_add(&lun->stats.ports[targ_port].time[type], &cur_bt); 13346#endif 13347 } 13348 13349 /* 13350 * Remove this from the OOA queue. 13351 */ 13352 TAILQ_REMOVE(&lun->ooa_queue, &io->io_hdr, ooa_links); 13353 13354 /* 13355 * Run through the blocked queue on this LUN and see if anything 13356 * has become unblocked, now that this transaction is done. 13357 */ 13358 ctl_check_blocked(lun); 13359 13360 /* 13361 * If the LUN has been invalidated, free it if there is nothing 13362 * left on its OOA queue. 13363 */ 13364 if ((lun->flags & CTL_LUN_INVALID) 13365 && TAILQ_EMPTY(&lun->ooa_queue)) { 13366 mtx_unlock(&lun->lun_lock); 13367 mtx_lock(&ctl_softc->ctl_lock); 13368 ctl_free_lun(lun); 13369 mtx_unlock(&ctl_softc->ctl_lock); 13370 } else 13371 mtx_unlock(&lun->lun_lock); 13372 13373 /* 13374 * If this command has been aborted, make sure we set the status 13375 * properly. The FETD is responsible for freeing the I/O and doing 13376 * whatever it needs to do to clean up its state. 13377 */ 13378 if (io->io_hdr.flags & CTL_FLAG_ABORT) 13379 io->io_hdr.status = CTL_CMD_ABORTED; 13380 13381 /* 13382 * We print out status for every task management command. For SCSI 13383 * commands, we filter out any unit attention errors; they happen 13384 * on every boot, and would clutter up the log. Note: task 13385 * management commands aren't printed here, they are printed above, 13386 * since they should never even make it down here. 13387 */ 13388 switch (io->io_hdr.io_type) { 13389 case CTL_IO_SCSI: { 13390 int error_code, sense_key, asc, ascq; 13391 13392 sense_key = 0; 13393 13394 if (((io->io_hdr.status & CTL_STATUS_MASK) == CTL_SCSI_ERROR) 13395 && (io->scsiio.scsi_status == SCSI_STATUS_CHECK_COND)) { 13396 /* 13397 * Since this is just for printing, no need to 13398 * show errors here. 13399 */ 13400 scsi_extract_sense_len(&io->scsiio.sense_data, 13401 io->scsiio.sense_len, 13402 &error_code, 13403 &sense_key, 13404 &asc, 13405 &ascq, 13406 /*show_errors*/ 0); 13407 } 13408 13409 if (((io->io_hdr.status & CTL_STATUS_MASK) != CTL_SUCCESS) 13410 && (((io->io_hdr.status & CTL_STATUS_MASK) != CTL_SCSI_ERROR) 13411 || (io->scsiio.scsi_status != SCSI_STATUS_CHECK_COND) 13412 || (sense_key != SSD_KEY_UNIT_ATTENTION))) { 13413 13414 if ((time_uptime - ctl_softc->last_print_jiffies) <= 0){ 13415 ctl_softc->skipped_prints++; 13416 } else { 13417 uint32_t skipped_prints; 13418 13419 skipped_prints = ctl_softc->skipped_prints; 13420 13421 ctl_softc->skipped_prints = 0; 13422 ctl_softc->last_print_jiffies = time_uptime; 13423 13424 if (skipped_prints > 0) { 13425#ifdef NEEDTOPORT 13426 csevent_log(CSC_CTL | CSC_SHELF_SW | 13427 CTL_ERROR_REPORT, 13428 csevent_LogType_Trace, 13429 csevent_Severity_Information, 13430 csevent_AlertLevel_Green, 13431 csevent_FRU_Firmware, 13432 csevent_FRU_Unknown, 13433 "High CTL error volume, %d prints " 13434 "skipped", skipped_prints); 13435#endif 13436 } 13437 if (bootverbose || verbose > 0) 13438 ctl_io_error_print(io, NULL); 13439 } 13440 } 13441 break; 13442 } 13443 case CTL_IO_TASK: 13444 if (bootverbose || verbose > 0) 13445 ctl_io_error_print(io, NULL); 13446 break; 13447 default: 13448 break; 13449 } 13450 13451 /* 13452 * Tell the FETD or the other shelf controller we're done with this 13453 * command. Note that only SCSI commands get to this point. Task 13454 * management commands are completed above. 13455 * 13456 * We only send status to the other controller if we're in XFER 13457 * mode. In SER_ONLY mode, the I/O is done on the controller that 13458 * received the I/O (from CTL's perspective), and so the status is 13459 * generated there. 13460 * 13461 * XXX KDM if we hold the lock here, we could cause a deadlock 13462 * if the frontend comes back in in this context to queue 13463 * something. 13464 */ 13465 if ((ctl_softc->ha_mode == CTL_HA_MODE_XFER) 13466 && (io->io_hdr.flags & CTL_FLAG_FROM_OTHER_SC)) { 13467 union ctl_ha_msg msg; 13468 13469 memset(&msg, 0, sizeof(msg)); 13470 msg.hdr.msg_type = CTL_MSG_FINISH_IO; 13471 msg.hdr.original_sc = io->io_hdr.original_sc; 13472 msg.hdr.nexus = io->io_hdr.nexus; 13473 msg.hdr.status = io->io_hdr.status; 13474 msg.scsi.scsi_status = io->scsiio.scsi_status; 13475 msg.scsi.tag_num = io->scsiio.tag_num; 13476 msg.scsi.tag_type = io->scsiio.tag_type; 13477 msg.scsi.sense_len = io->scsiio.sense_len; 13478 msg.scsi.sense_residual = io->scsiio.sense_residual; 13479 msg.scsi.residual = io->scsiio.residual; 13480 memcpy(&msg.scsi.sense_data, &io->scsiio.sense_data, 13481 sizeof(io->scsiio.sense_data)); 13482 /* 13483 * We copy this whether or not this is an I/O-related 13484 * command. Otherwise, we'd have to go and check to see 13485 * whether it's a read/write command, and it really isn't 13486 * worth it. 13487 */ 13488 memcpy(&msg.scsi.lbalen, 13489 &io->io_hdr.ctl_private[CTL_PRIV_LBA_LEN].bytes, 13490 sizeof(msg.scsi.lbalen)); 13491 13492 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg, 13493 sizeof(msg), 0) > CTL_HA_STATUS_SUCCESS) { 13494 /* XXX do something here */ 13495 } 13496 13497 ctl_free_io(io); 13498 } else 13499 fe_done(io); 13500 13501bailout: 13502 13503 return (CTL_RETVAL_COMPLETE); 13504} 13505 13506/* 13507 * Front end should call this if it doesn't do autosense. When the request 13508 * sense comes back in from the initiator, we'll dequeue this and send it. 13509 */ 13510int 13511ctl_queue_sense(union ctl_io *io) 13512{ 13513 struct ctl_lun *lun; 13514 struct ctl_softc *ctl_softc; 13515 uint32_t initidx, targ_lun; 13516 13517 ctl_softc = control_softc; 13518 13519 CTL_DEBUG_PRINT(("ctl_queue_sense\n")); 13520 13521 /* 13522 * LUN lookup will likely move to the ctl_work_thread() once we 13523 * have our new queueing infrastructure (that doesn't put things on 13524 * a per-LUN queue initially). That is so that we can handle 13525 * things like an INQUIRY to a LUN that we don't have enabled. We 13526 * can't deal with that right now. 13527 */ 13528 mtx_lock(&ctl_softc->ctl_lock); 13529 13530 /* 13531 * If we don't have a LUN for this, just toss the sense 13532 * information. 13533 */ 13534 targ_lun = io->io_hdr.nexus.targ_lun; 13535 targ_lun = ctl_map_lun(io->io_hdr.nexus.targ_port, targ_lun); 13536 if ((targ_lun < CTL_MAX_LUNS) 13537 && (ctl_softc->ctl_luns[targ_lun] != NULL)) 13538 lun = ctl_softc->ctl_luns[targ_lun]; 13539 else 13540 goto bailout; 13541 13542 initidx = ctl_get_initindex(&io->io_hdr.nexus); 13543 13544 mtx_lock(&lun->lun_lock); 13545 /* 13546 * Already have CA set for this LUN...toss the sense information. 13547 */ 13548 if (ctl_is_set(lun->have_ca, initidx)) { 13549 mtx_unlock(&lun->lun_lock); 13550 goto bailout; 13551 } 13552 13553 memcpy(&lun->pending_sense[initidx].sense, &io->scsiio.sense_data, 13554 ctl_min(sizeof(lun->pending_sense[initidx].sense), 13555 sizeof(io->scsiio.sense_data))); 13556 ctl_set_mask(lun->have_ca, initidx); 13557 mtx_unlock(&lun->lun_lock); 13558 13559bailout: 13560 mtx_unlock(&ctl_softc->ctl_lock); 13561 13562 ctl_free_io(io); 13563 13564 return (CTL_RETVAL_COMPLETE); 13565} 13566 13567/* 13568 * Primary command inlet from frontend ports. All SCSI and task I/O 13569 * requests must go through this function. 13570 */ 13571int 13572ctl_queue(union ctl_io *io) 13573{ 13574 struct ctl_softc *ctl_softc; 13575 13576 CTL_DEBUG_PRINT(("ctl_queue cdb[0]=%02X\n", io->scsiio.cdb[0])); 13577 13578 ctl_softc = control_softc; 13579 13580#ifdef CTL_TIME_IO 13581 io->io_hdr.start_time = time_uptime; 13582 getbintime(&io->io_hdr.start_bt); 13583#endif /* CTL_TIME_IO */ 13584 13585 /* Map FE-specific LUN ID into global one. */ 13586 io->io_hdr.nexus.targ_mapped_lun = 13587 ctl_map_lun(io->io_hdr.nexus.targ_port, io->io_hdr.nexus.targ_lun); 13588 13589 switch (io->io_hdr.io_type) { 13590 case CTL_IO_SCSI: 13591 ctl_enqueue_incoming(io); 13592 break; 13593 case CTL_IO_TASK: 13594 ctl_run_task(io); 13595 break; 13596 default: 13597 printf("ctl_queue: unknown I/O type %d\n", io->io_hdr.io_type); 13598 return (EINVAL); 13599 } 13600 13601 return (CTL_RETVAL_COMPLETE); 13602} 13603 13604#ifdef CTL_IO_DELAY 13605static void 13606ctl_done_timer_wakeup(void *arg) 13607{ 13608 union ctl_io *io; 13609 13610 io = (union ctl_io *)arg; 13611 ctl_done(io); 13612} 13613#endif /* CTL_IO_DELAY */ 13614 13615void 13616ctl_done(union ctl_io *io) 13617{ 13618 struct ctl_softc *ctl_softc; 13619 13620 ctl_softc = control_softc; 13621 13622 /* 13623 * Enable this to catch duplicate completion issues. 13624 */ 13625#if 0 13626 if (io->io_hdr.flags & CTL_FLAG_ALREADY_DONE) { 13627 printf("%s: type %d msg %d cdb %x iptl: " 13628 "%d:%d:%d:%d tag 0x%04x " 13629 "flag %#x status %x\n", 13630 __func__, 13631 io->io_hdr.io_type, 13632 io->io_hdr.msg_type, 13633 io->scsiio.cdb[0], 13634 io->io_hdr.nexus.initid.id, 13635 io->io_hdr.nexus.targ_port, 13636 io->io_hdr.nexus.targ_target.id, 13637 io->io_hdr.nexus.targ_lun, 13638 (io->io_hdr.io_type == 13639 CTL_IO_TASK) ? 13640 io->taskio.tag_num : 13641 io->scsiio.tag_num, 13642 io->io_hdr.flags, 13643 io->io_hdr.status); 13644 } else 13645 io->io_hdr.flags |= CTL_FLAG_ALREADY_DONE; 13646#endif 13647 13648 /* 13649 * This is an internal copy of an I/O, and should not go through 13650 * the normal done processing logic. 13651 */ 13652 if (io->io_hdr.flags & CTL_FLAG_INT_COPY) 13653 return; 13654 13655 /* 13656 * We need to send a msg to the serializing shelf to finish the IO 13657 * as well. We don't send a finish message to the other shelf if 13658 * this is a task management command. Task management commands 13659 * aren't serialized in the OOA queue, but rather just executed on 13660 * both shelf controllers for commands that originated on that 13661 * controller. 13662 */ 13663 if ((io->io_hdr.flags & CTL_FLAG_SENT_2OTHER_SC) 13664 && (io->io_hdr.io_type != CTL_IO_TASK)) { 13665 union ctl_ha_msg msg_io; 13666 13667 msg_io.hdr.msg_type = CTL_MSG_FINISH_IO; 13668 msg_io.hdr.serializing_sc = io->io_hdr.serializing_sc; 13669 if (ctl_ha_msg_send(CTL_HA_CHAN_CTL, &msg_io, 13670 sizeof(msg_io), 0 ) != CTL_HA_STATUS_SUCCESS) { 13671 } 13672 /* continue on to finish IO */ 13673 } 13674#ifdef CTL_IO_DELAY 13675 if (io->io_hdr.flags & CTL_FLAG_DELAY_DONE) { 13676 struct ctl_lun *lun; 13677 13678 lun =(struct ctl_lun *)io->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 13679 13680 io->io_hdr.flags &= ~CTL_FLAG_DELAY_DONE; 13681 } else { 13682 struct ctl_lun *lun; 13683 13684 lun =(struct ctl_lun *)io->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 13685 13686 if ((lun != NULL) 13687 && (lun->delay_info.done_delay > 0)) { 13688 struct callout *callout; 13689 13690 callout = (struct callout *)&io->io_hdr.timer_bytes; 13691 callout_init(callout, /*mpsafe*/ 1); 13692 io->io_hdr.flags |= CTL_FLAG_DELAY_DONE; 13693 callout_reset(callout, 13694 lun->delay_info.done_delay * hz, 13695 ctl_done_timer_wakeup, io); 13696 if (lun->delay_info.done_type == CTL_DELAY_TYPE_ONESHOT) 13697 lun->delay_info.done_delay = 0; 13698 return; 13699 } 13700 } 13701#endif /* CTL_IO_DELAY */ 13702 13703 ctl_enqueue_done(io); 13704} 13705 13706int 13707ctl_isc(struct ctl_scsiio *ctsio) 13708{ 13709 struct ctl_lun *lun; 13710 int retval; 13711 13712 lun = (struct ctl_lun *)ctsio->io_hdr.ctl_private[CTL_PRIV_LUN].ptr; 13713 13714 CTL_DEBUG_PRINT(("ctl_isc: command: %02x\n", ctsio->cdb[0])); 13715 13716 CTL_DEBUG_PRINT(("ctl_isc: calling data_submit()\n")); 13717 13718 retval = lun->backend->data_submit((union ctl_io *)ctsio); 13719 13720 return (retval); 13721} 13722 13723 13724static void 13725ctl_work_thread(void *arg) 13726{ 13727 struct ctl_thread *thr = (struct ctl_thread *)arg; 13728 struct ctl_softc *softc = thr->ctl_softc; 13729 union ctl_io *io; 13730 int retval; 13731 13732 CTL_DEBUG_PRINT(("ctl_work_thread starting\n")); 13733 13734 for (;;) { 13735 retval = 0; 13736 13737 /* 13738 * We handle the queues in this order: 13739 * - ISC 13740 * - done queue (to free up resources, unblock other commands) 13741 * - RtR queue 13742 * - incoming queue 13743 * 13744 * If those queues are empty, we break out of the loop and 13745 * go to sleep. 13746 */ 13747 mtx_lock(&thr->queue_lock); 13748 io = (union ctl_io *)STAILQ_FIRST(&thr->isc_queue); 13749 if (io != NULL) { 13750 STAILQ_REMOVE_HEAD(&thr->isc_queue, links); 13751 mtx_unlock(&thr->queue_lock); 13752 ctl_handle_isc(io); 13753 continue; 13754 } 13755 io = (union ctl_io *)STAILQ_FIRST(&thr->done_queue); 13756 if (io != NULL) { 13757 STAILQ_REMOVE_HEAD(&thr->done_queue, links); 13758 /* clear any blocked commands, call fe_done */ 13759 mtx_unlock(&thr->queue_lock); 13760 retval = ctl_process_done(io); 13761 continue; 13762 } 13763 if (!ctl_pause_rtr) { 13764 io = (union ctl_io *)STAILQ_FIRST(&thr->rtr_queue); 13765 if (io != NULL) { 13766 STAILQ_REMOVE_HEAD(&thr->rtr_queue, links); 13767 mtx_unlock(&thr->queue_lock); 13768 retval = ctl_scsiio(&io->scsiio); 13769 if (retval != CTL_RETVAL_COMPLETE) 13770 CTL_DEBUG_PRINT(("ctl_scsiio failed\n")); 13771 continue; 13772 } 13773 } 13774 io = (union ctl_io *)STAILQ_FIRST(&thr->incoming_queue); 13775 if (io != NULL) { 13776 STAILQ_REMOVE_HEAD(&thr->incoming_queue, links); 13777 mtx_unlock(&thr->queue_lock); 13778 ctl_scsiio_precheck(softc, &io->scsiio); 13779 continue; 13780 } 13781 13782 /* Sleep until we have something to do. */ 13783 mtx_sleep(thr, &thr->queue_lock, PDROP | PRIBIO, "-", 0); 13784 } 13785} 13786 13787static void 13788ctl_lun_thread(void *arg) 13789{ 13790 struct ctl_softc *softc = (struct ctl_softc *)arg; 13791 struct ctl_be_lun *be_lun; 13792 int retval; 13793 13794 CTL_DEBUG_PRINT(("ctl_lun_thread starting\n")); 13795 13796 for (;;) { 13797 retval = 0; 13798 mtx_lock(&softc->ctl_lock); 13799 be_lun = STAILQ_FIRST(&softc->pending_lun_queue); 13800 if (be_lun != NULL) { 13801 STAILQ_REMOVE_HEAD(&softc->pending_lun_queue, links); 13802 mtx_unlock(&softc->ctl_lock); 13803 ctl_create_lun(be_lun); 13804 continue; 13805 } 13806 13807 /* Sleep until we have something to do. */ 13808 mtx_sleep(&softc->pending_lun_queue, &softc->ctl_lock, 13809 PDROP | PRIBIO, "-", 0); 13810 } 13811} 13812 13813static void 13814ctl_enqueue_incoming(union ctl_io *io) 13815{ 13816 struct ctl_softc *softc = control_softc; 13817 struct ctl_thread *thr; 13818 13819 thr = &softc->threads[io->io_hdr.nexus.targ_mapped_lun % worker_threads]; 13820 mtx_lock(&thr->queue_lock); 13821 STAILQ_INSERT_TAIL(&thr->incoming_queue, &io->io_hdr, links); 13822 mtx_unlock(&thr->queue_lock); 13823 wakeup(thr); 13824} 13825 13826static void 13827ctl_enqueue_rtr(union ctl_io *io) 13828{ 13829 struct ctl_softc *softc = control_softc; 13830 struct ctl_thread *thr; 13831 13832 thr = &softc->threads[io->io_hdr.nexus.targ_mapped_lun % worker_threads]; 13833 mtx_lock(&thr->queue_lock); 13834 STAILQ_INSERT_TAIL(&thr->rtr_queue, &io->io_hdr, links); 13835 mtx_unlock(&thr->queue_lock); 13836 wakeup(thr); 13837} 13838 13839static void 13840ctl_enqueue_done(union ctl_io *io) 13841{ 13842 struct ctl_softc *softc = control_softc; 13843 struct ctl_thread *thr; 13844 13845 thr = &softc->threads[io->io_hdr.nexus.targ_mapped_lun % worker_threads]; 13846 mtx_lock(&thr->queue_lock); 13847 STAILQ_INSERT_TAIL(&thr->done_queue, &io->io_hdr, links); 13848 mtx_unlock(&thr->queue_lock); 13849 wakeup(thr); 13850} 13851 13852static void 13853ctl_enqueue_isc(union ctl_io *io) 13854{ 13855 struct ctl_softc *softc = control_softc; 13856 struct ctl_thread *thr; 13857 13858 thr = &softc->threads[io->io_hdr.nexus.targ_mapped_lun % worker_threads]; 13859 mtx_lock(&thr->queue_lock); 13860 STAILQ_INSERT_TAIL(&thr->isc_queue, &io->io_hdr, links); 13861 mtx_unlock(&thr->queue_lock); 13862 wakeup(thr); 13863} 13864 13865/* Initialization and failover */ 13866 13867void 13868ctl_init_isc_msg(void) 13869{ 13870 printf("CTL: Still calling this thing\n"); 13871} 13872 13873/* 13874 * Init component 13875 * Initializes component into configuration defined by bootMode 13876 * (see hasc-sv.c) 13877 * returns hasc_Status: 13878 * OK 13879 * ERROR - fatal error 13880 */ 13881static ctl_ha_comp_status 13882ctl_isc_init(struct ctl_ha_component *c) 13883{ 13884 ctl_ha_comp_status ret = CTL_HA_COMP_STATUS_OK; 13885 13886 c->status = ret; 13887 return ret; 13888} 13889 13890/* Start component 13891 * Starts component in state requested. If component starts successfully, 13892 * it must set its own state to the requestrd state 13893 * When requested state is HASC_STATE_HA, the component may refine it 13894 * by adding _SLAVE or _MASTER flags. 13895 * Currently allowed state transitions are: 13896 * UNKNOWN->HA - initial startup 13897 * UNKNOWN->SINGLE - initial startup when no parter detected 13898 * HA->SINGLE - failover 13899 * returns ctl_ha_comp_status: 13900 * OK - component successfully started in requested state 13901 * FAILED - could not start the requested state, failover may 13902 * be possible 13903 * ERROR - fatal error detected, no future startup possible 13904 */ 13905static ctl_ha_comp_status 13906ctl_isc_start(struct ctl_ha_component *c, ctl_ha_state state) 13907{ 13908 ctl_ha_comp_status ret = CTL_HA_COMP_STATUS_OK; 13909 13910 printf("%s: go\n", __func__); 13911 13912 // UNKNOWN->HA or UNKNOWN->SINGLE (bootstrap) 13913 if (c->state == CTL_HA_STATE_UNKNOWN ) { 13914 ctl_is_single = 0; 13915 if (ctl_ha_msg_create(CTL_HA_CHAN_CTL, ctl_isc_event_handler) 13916 != CTL_HA_STATUS_SUCCESS) { 13917 printf("ctl_isc_start: ctl_ha_msg_create failed.\n"); 13918 ret = CTL_HA_COMP_STATUS_ERROR; 13919 } 13920 } else if (CTL_HA_STATE_IS_HA(c->state) 13921 && CTL_HA_STATE_IS_SINGLE(state)){ 13922 // HA->SINGLE transition 13923 ctl_failover(); 13924 ctl_is_single = 1; 13925 } else { 13926 printf("ctl_isc_start:Invalid state transition %X->%X\n", 13927 c->state, state); 13928 ret = CTL_HA_COMP_STATUS_ERROR; 13929 } 13930 if (CTL_HA_STATE_IS_SINGLE(state)) 13931 ctl_is_single = 1; 13932 13933 c->state = state; 13934 c->status = ret; 13935 return ret; 13936} 13937 13938/* 13939 * Quiesce component 13940 * The component must clear any error conditions (set status to OK) and 13941 * prepare itself to another Start call 13942 * returns ctl_ha_comp_status: 13943 * OK 13944 * ERROR 13945 */ 13946static ctl_ha_comp_status 13947ctl_isc_quiesce(struct ctl_ha_component *c) 13948{ 13949 int ret = CTL_HA_COMP_STATUS_OK; 13950 13951 ctl_pause_rtr = 1; 13952 c->status = ret; 13953 return ret; 13954} 13955 13956struct ctl_ha_component ctl_ha_component_ctlisc = 13957{ 13958 .name = "CTL ISC", 13959 .state = CTL_HA_STATE_UNKNOWN, 13960 .init = ctl_isc_init, 13961 .start = ctl_isc_start, 13962 .quiesce = ctl_isc_quiesce 13963}; 13964 13965/* 13966 * vim: ts=8 13967 */ 13968