mpt_cam.c revision 330897
1/*- 2 * FreeBSD/CAM specific routines for LSI '909 FC adapters. 3 * FreeBSD Version. 4 * 5 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD AND BSD-3-Clause 6 * 7 * Copyright (c) 2000, 2001 by Greg Ansley 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice immediately at the beginning of the file, without modification, 14 * this list of conditions, and the following disclaimer. 15 * 2. The name of the author may not be used to endorse or promote products 16 * derived from this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR 22 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 */ 30/*- 31 * Copyright (c) 2002, 2006 by Matthew Jacob 32 * All rights reserved. 33 * 34 * Redistribution and use in source and binary forms, with or without 35 * modification, are permitted provided that the following conditions are 36 * met: 37 * 1. Redistributions of source code must retain the above copyright 38 * notice, this list of conditions and the following disclaimer. 39 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 40 * substantially similar to the "NO WARRANTY" disclaimer below 41 * ("Disclaimer") and any redistribution must be conditioned upon including 42 * a substantially similar Disclaimer requirement for further binary 43 * redistribution. 44 * 3. Neither the names of the above listed copyright holders nor the names 45 * of any contributors may be used to endorse or promote products derived 46 * from this software without specific prior written permission. 47 * 48 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 49 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 52 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 53 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 54 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 55 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 56 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 57 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF THE COPYRIGHT 58 * OWNER OR CONTRIBUTOR IS ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 59 * 60 * Support from Chris Ellsworth in order to make SAS adapters work 61 * is gratefully acknowledged. 62 * 63 * Support from LSI-Logic has also gone a great deal toward making this a 64 * workable subsystem and is gratefully acknowledged. 65 */ 66/*- 67 * Copyright (c) 2004, Avid Technology, Inc. and its contributors. 68 * Copyright (c) 2005, WHEEL Sp. z o.o. 69 * Copyright (c) 2004, 2005 Justin T. Gibbs 70 * All rights reserved. 71 * 72 * Redistribution and use in source and binary forms, with or without 73 * modification, are permitted provided that the following conditions are 74 * met: 75 * 1. Redistributions of source code must retain the above copyright 76 * notice, this list of conditions and the following disclaimer. 77 * 2. Redistributions in binary form must reproduce at minimum a disclaimer 78 * substantially similar to the "NO WARRANTY" disclaimer below 79 * ("Disclaimer") and any redistribution must be conditioned upon including 80 * a substantially similar Disclaimer requirement for further binary 81 * redistribution. 82 * 3. Neither the names of the above listed copyright holders nor the names 83 * of any contributors may be used to endorse or promote products derived 84 * from this software without specific prior written permission. 85 * 86 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 87 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 88 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 89 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 90 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 91 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 92 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 93 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 94 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 95 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF THE COPYRIGHT 96 * OWNER OR CONTRIBUTOR IS ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 97 */ 98#include <sys/cdefs.h> 99__FBSDID("$FreeBSD: stable/11/sys/dev/mpt/mpt_cam.c 330897 2018-03-14 03:19:51Z eadler $"); 100 101#include <dev/mpt/mpt.h> 102#include <dev/mpt/mpt_cam.h> 103#include <dev/mpt/mpt_raid.h> 104 105#include "dev/mpt/mpilib/mpi_ioc.h" /* XXX Fix Event Handling!!! */ 106#include "dev/mpt/mpilib/mpi_init.h" 107#include "dev/mpt/mpilib/mpi_targ.h" 108#include "dev/mpt/mpilib/mpi_fc.h" 109#include "dev/mpt/mpilib/mpi_sas.h" 110 111#include <sys/callout.h> 112#include <sys/kthread.h> 113#include <sys/sysctl.h> 114 115static void mpt_poll(struct cam_sim *); 116static timeout_t mpt_timeout; 117static void mpt_action(struct cam_sim *, union ccb *); 118static int 119mpt_get_spi_settings(struct mpt_softc *, struct ccb_trans_settings *); 120static void mpt_setwidth(struct mpt_softc *, int, int); 121static void mpt_setsync(struct mpt_softc *, int, int, int); 122static int mpt_update_spi_config(struct mpt_softc *, int); 123 124static mpt_reply_handler_t mpt_scsi_reply_handler; 125static mpt_reply_handler_t mpt_scsi_tmf_reply_handler; 126static mpt_reply_handler_t mpt_fc_els_reply_handler; 127static int mpt_scsi_reply_frame_handler(struct mpt_softc *, request_t *, 128 MSG_DEFAULT_REPLY *); 129static int mpt_bus_reset(struct mpt_softc *, target_id_t, lun_id_t, int); 130static int mpt_fc_reset_link(struct mpt_softc *, int); 131 132static int mpt_spawn_recovery_thread(struct mpt_softc *mpt); 133static void mpt_terminate_recovery_thread(struct mpt_softc *mpt); 134static void mpt_recovery_thread(void *arg); 135static void mpt_recover_commands(struct mpt_softc *mpt); 136 137static int mpt_scsi_send_tmf(struct mpt_softc *, u_int, u_int, u_int, 138 target_id_t, lun_id_t, u_int, int); 139 140static void mpt_fc_post_els(struct mpt_softc *mpt, request_t *, int); 141static void mpt_post_target_command(struct mpt_softc *, request_t *, int); 142static int mpt_add_els_buffers(struct mpt_softc *mpt); 143static int mpt_add_target_commands(struct mpt_softc *mpt); 144static int mpt_enable_lun(struct mpt_softc *, target_id_t, lun_id_t); 145static int mpt_disable_lun(struct mpt_softc *, target_id_t, lun_id_t); 146static void mpt_target_start_io(struct mpt_softc *, union ccb *); 147static cam_status mpt_abort_target_ccb(struct mpt_softc *, union ccb *); 148static int mpt_abort_target_cmd(struct mpt_softc *, request_t *); 149static void mpt_scsi_tgt_status(struct mpt_softc *, union ccb *, request_t *, 150 uint8_t, uint8_t const *, u_int); 151static void 152mpt_scsi_tgt_tsk_mgmt(struct mpt_softc *, request_t *, mpt_task_mgmt_t, 153 tgt_resource_t *, int); 154static void mpt_tgt_dump_tgt_state(struct mpt_softc *, request_t *); 155static void mpt_tgt_dump_req_state(struct mpt_softc *, request_t *); 156static mpt_reply_handler_t mpt_scsi_tgt_reply_handler; 157static mpt_reply_handler_t mpt_sata_pass_reply_handler; 158 159static uint32_t scsi_io_handler_id = MPT_HANDLER_ID_NONE; 160static uint32_t scsi_tmf_handler_id = MPT_HANDLER_ID_NONE; 161static uint32_t fc_els_handler_id = MPT_HANDLER_ID_NONE; 162static uint32_t sata_pass_handler_id = MPT_HANDLER_ID_NONE; 163 164static mpt_probe_handler_t mpt_cam_probe; 165static mpt_attach_handler_t mpt_cam_attach; 166static mpt_enable_handler_t mpt_cam_enable; 167static mpt_ready_handler_t mpt_cam_ready; 168static mpt_event_handler_t mpt_cam_event; 169static mpt_reset_handler_t mpt_cam_ioc_reset; 170static mpt_detach_handler_t mpt_cam_detach; 171 172static struct mpt_personality mpt_cam_personality = 173{ 174 .name = "mpt_cam", 175 .probe = mpt_cam_probe, 176 .attach = mpt_cam_attach, 177 .enable = mpt_cam_enable, 178 .ready = mpt_cam_ready, 179 .event = mpt_cam_event, 180 .reset = mpt_cam_ioc_reset, 181 .detach = mpt_cam_detach, 182}; 183 184DECLARE_MPT_PERSONALITY(mpt_cam, SI_ORDER_SECOND); 185MODULE_DEPEND(mpt_cam, cam, 1, 1, 1); 186 187int mpt_enable_sata_wc = -1; 188TUNABLE_INT("hw.mpt.enable_sata_wc", &mpt_enable_sata_wc); 189 190static int 191mpt_cam_probe(struct mpt_softc *mpt) 192{ 193 int role; 194 195 /* 196 * Only attach to nodes that support the initiator or target role 197 * (or want to) or have RAID physical devices that need CAM pass-thru 198 * support. 199 */ 200 if (mpt->do_cfg_role) { 201 role = mpt->cfg_role; 202 } else { 203 role = mpt->role; 204 } 205 if ((role & (MPT_ROLE_TARGET|MPT_ROLE_INITIATOR)) != 0 || 206 (mpt->ioc_page2 != NULL && mpt->ioc_page2->MaxPhysDisks != 0)) { 207 return (0); 208 } 209 return (ENODEV); 210} 211 212static int 213mpt_cam_attach(struct mpt_softc *mpt) 214{ 215 struct cam_devq *devq; 216 mpt_handler_t handler; 217 int maxq; 218 int error; 219 220 MPT_LOCK(mpt); 221 TAILQ_INIT(&mpt->request_timeout_list); 222 maxq = (mpt->ioc_facts.GlobalCredits < MPT_MAX_REQUESTS(mpt))? 223 mpt->ioc_facts.GlobalCredits : MPT_MAX_REQUESTS(mpt); 224 225 handler.reply_handler = mpt_scsi_reply_handler; 226 error = mpt_register_handler(mpt, MPT_HANDLER_REPLY, handler, 227 &scsi_io_handler_id); 228 if (error != 0) { 229 MPT_UNLOCK(mpt); 230 goto cleanup; 231 } 232 233 handler.reply_handler = mpt_scsi_tmf_reply_handler; 234 error = mpt_register_handler(mpt, MPT_HANDLER_REPLY, handler, 235 &scsi_tmf_handler_id); 236 if (error != 0) { 237 MPT_UNLOCK(mpt); 238 goto cleanup; 239 } 240 241 /* 242 * If we're fibre channel and could support target mode, we register 243 * an ELS reply handler and give it resources. 244 */ 245 if (mpt->is_fc && (mpt->role & MPT_ROLE_TARGET) != 0) { 246 handler.reply_handler = mpt_fc_els_reply_handler; 247 error = mpt_register_handler(mpt, MPT_HANDLER_REPLY, handler, 248 &fc_els_handler_id); 249 if (error != 0) { 250 MPT_UNLOCK(mpt); 251 goto cleanup; 252 } 253 if (mpt_add_els_buffers(mpt) == FALSE) { 254 error = ENOMEM; 255 MPT_UNLOCK(mpt); 256 goto cleanup; 257 } 258 maxq -= mpt->els_cmds_allocated; 259 } 260 261 /* 262 * If we support target mode, we register a reply handler for it, 263 * but don't add command resources until we actually enable target 264 * mode. 265 */ 266 if (mpt->is_fc && (mpt->role & MPT_ROLE_TARGET) != 0) { 267 handler.reply_handler = mpt_scsi_tgt_reply_handler; 268 error = mpt_register_handler(mpt, MPT_HANDLER_REPLY, handler, 269 &mpt->scsi_tgt_handler_id); 270 if (error != 0) { 271 MPT_UNLOCK(mpt); 272 goto cleanup; 273 } 274 } 275 276 if (mpt->is_sas) { 277 handler.reply_handler = mpt_sata_pass_reply_handler; 278 error = mpt_register_handler(mpt, MPT_HANDLER_REPLY, handler, 279 &sata_pass_handler_id); 280 if (error != 0) { 281 MPT_UNLOCK(mpt); 282 goto cleanup; 283 } 284 } 285 286 /* 287 * We keep one request reserved for timeout TMF requests. 288 */ 289 mpt->tmf_req = mpt_get_request(mpt, FALSE); 290 if (mpt->tmf_req == NULL) { 291 mpt_prt(mpt, "Unable to allocate dedicated TMF request!\n"); 292 error = ENOMEM; 293 MPT_UNLOCK(mpt); 294 goto cleanup; 295 } 296 297 /* 298 * Mark the request as free even though not on the free list. 299 * There is only one TMF request allowed to be outstanding at 300 * a time and the TMF routines perform their own allocation 301 * tracking using the standard state flags. 302 */ 303 mpt->tmf_req->state = REQ_STATE_FREE; 304 maxq--; 305 306 /* 307 * The rest of this is CAM foo, for which we need to drop our lock 308 */ 309 MPT_UNLOCK(mpt); 310 311 if (mpt_spawn_recovery_thread(mpt) != 0) { 312 mpt_prt(mpt, "Unable to spawn recovery thread!\n"); 313 error = ENOMEM; 314 goto cleanup; 315 } 316 317 /* 318 * Create the device queue for our SIM(s). 319 */ 320 devq = cam_simq_alloc(maxq); 321 if (devq == NULL) { 322 mpt_prt(mpt, "Unable to allocate CAM SIMQ!\n"); 323 error = ENOMEM; 324 goto cleanup; 325 } 326 327 /* 328 * Construct our SIM entry. 329 */ 330 mpt->sim = 331 mpt_sim_alloc(mpt_action, mpt_poll, "mpt", mpt, 1, maxq, devq); 332 if (mpt->sim == NULL) { 333 mpt_prt(mpt, "Unable to allocate CAM SIM!\n"); 334 cam_simq_free(devq); 335 error = ENOMEM; 336 goto cleanup; 337 } 338 339 /* 340 * Register exactly this bus. 341 */ 342 MPT_LOCK(mpt); 343 if (xpt_bus_register(mpt->sim, mpt->dev, 0) != CAM_SUCCESS) { 344 mpt_prt(mpt, "Bus registration Failed!\n"); 345 error = ENOMEM; 346 MPT_UNLOCK(mpt); 347 goto cleanup; 348 } 349 350 if (xpt_create_path(&mpt->path, NULL, cam_sim_path(mpt->sim), 351 CAM_TARGET_WILDCARD, CAM_LUN_WILDCARD) != CAM_REQ_CMP) { 352 mpt_prt(mpt, "Unable to allocate Path!\n"); 353 error = ENOMEM; 354 MPT_UNLOCK(mpt); 355 goto cleanup; 356 } 357 MPT_UNLOCK(mpt); 358 359 /* 360 * Only register a second bus for RAID physical 361 * devices if the controller supports RAID. 362 */ 363 if (mpt->ioc_page2 == NULL || mpt->ioc_page2->MaxPhysDisks == 0) { 364 return (0); 365 } 366 367 /* 368 * Create a "bus" to export all hidden disks to CAM. 369 */ 370 mpt->phydisk_sim = 371 mpt_sim_alloc(mpt_action, mpt_poll, "mpt", mpt, 1, maxq, devq); 372 if (mpt->phydisk_sim == NULL) { 373 mpt_prt(mpt, "Unable to allocate Physical Disk CAM SIM!\n"); 374 error = ENOMEM; 375 goto cleanup; 376 } 377 378 /* 379 * Register this bus. 380 */ 381 MPT_LOCK(mpt); 382 if (xpt_bus_register(mpt->phydisk_sim, mpt->dev, 1) != 383 CAM_SUCCESS) { 384 mpt_prt(mpt, "Physical Disk Bus registration Failed!\n"); 385 error = ENOMEM; 386 MPT_UNLOCK(mpt); 387 goto cleanup; 388 } 389 390 if (xpt_create_path(&mpt->phydisk_path, NULL, 391 cam_sim_path(mpt->phydisk_sim), 392 CAM_TARGET_WILDCARD, CAM_LUN_WILDCARD) != CAM_REQ_CMP) { 393 mpt_prt(mpt, "Unable to allocate Physical Disk Path!\n"); 394 error = ENOMEM; 395 MPT_UNLOCK(mpt); 396 goto cleanup; 397 } 398 MPT_UNLOCK(mpt); 399 mpt_lprt(mpt, MPT_PRT_DEBUG, "attached cam\n"); 400 return (0); 401 402cleanup: 403 mpt_cam_detach(mpt); 404 return (error); 405} 406 407/* 408 * Read FC configuration information 409 */ 410static int 411mpt_read_config_info_fc(struct mpt_softc *mpt) 412{ 413 struct sysctl_ctx_list *ctx; 414 struct sysctl_oid *tree; 415 char *topology = NULL; 416 int rv; 417 418 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_FC_PORT, 0, 419 0, &mpt->mpt_fcport_page0.Header, FALSE, 5000); 420 if (rv) { 421 return (-1); 422 } 423 mpt_lprt(mpt, MPT_PRT_DEBUG, "FC Port Page 0 Header: %x %x %x %x\n", 424 mpt->mpt_fcport_page0.Header.PageVersion, 425 mpt->mpt_fcport_page0.Header.PageLength, 426 mpt->mpt_fcport_page0.Header.PageNumber, 427 mpt->mpt_fcport_page0.Header.PageType); 428 429 430 rv = mpt_read_cur_cfg_page(mpt, 0, &mpt->mpt_fcport_page0.Header, 431 sizeof(mpt->mpt_fcport_page0), FALSE, 5000); 432 if (rv) { 433 mpt_prt(mpt, "failed to read FC Port Page 0\n"); 434 return (-1); 435 } 436 mpt2host_config_page_fc_port_0(&mpt->mpt_fcport_page0); 437 438 switch (mpt->mpt_fcport_page0.CurrentSpeed) { 439 case MPI_FCPORTPAGE0_CURRENT_SPEED_1GBIT: 440 mpt->mpt_fcport_speed = 1; 441 break; 442 case MPI_FCPORTPAGE0_CURRENT_SPEED_2GBIT: 443 mpt->mpt_fcport_speed = 2; 444 break; 445 case MPI_FCPORTPAGE0_CURRENT_SPEED_10GBIT: 446 mpt->mpt_fcport_speed = 10; 447 break; 448 case MPI_FCPORTPAGE0_CURRENT_SPEED_4GBIT: 449 mpt->mpt_fcport_speed = 4; 450 break; 451 default: 452 mpt->mpt_fcport_speed = 0; 453 break; 454 } 455 456 switch (mpt->mpt_fcport_page0.Flags & 457 MPI_FCPORTPAGE0_FLAGS_ATTACH_TYPE_MASK) { 458 case MPI_FCPORTPAGE0_FLAGS_ATTACH_NO_INIT: 459 mpt->mpt_fcport_speed = 0; 460 topology = "<NO LOOP>"; 461 break; 462 case MPI_FCPORTPAGE0_FLAGS_ATTACH_POINT_TO_POINT: 463 topology = "N-Port"; 464 break; 465 case MPI_FCPORTPAGE0_FLAGS_ATTACH_PRIVATE_LOOP: 466 topology = "NL-Port"; 467 break; 468 case MPI_FCPORTPAGE0_FLAGS_ATTACH_FABRIC_DIRECT: 469 topology = "F-Port"; 470 break; 471 case MPI_FCPORTPAGE0_FLAGS_ATTACH_PUBLIC_LOOP: 472 topology = "FL-Port"; 473 break; 474 default: 475 mpt->mpt_fcport_speed = 0; 476 topology = "?"; 477 break; 478 } 479 480 mpt->scinfo.fc.wwnn = ((uint64_t)mpt->mpt_fcport_page0.WWNN.High << 32) 481 | mpt->mpt_fcport_page0.WWNN.Low; 482 mpt->scinfo.fc.wwpn = ((uint64_t)mpt->mpt_fcport_page0.WWPN.High << 32) 483 | mpt->mpt_fcport_page0.WWPN.Low; 484 mpt->scinfo.fc.portid = mpt->mpt_fcport_page0.PortIdentifier; 485 486 mpt_lprt(mpt, MPT_PRT_INFO, 487 "FC Port Page 0: Topology <%s> WWNN 0x%16jx WWPN 0x%16jx " 488 "Speed %u-Gbit\n", topology, 489 (uintmax_t)mpt->scinfo.fc.wwnn, (uintmax_t)mpt->scinfo.fc.wwpn, 490 mpt->mpt_fcport_speed); 491 MPT_UNLOCK(mpt); 492 ctx = device_get_sysctl_ctx(mpt->dev); 493 tree = device_get_sysctl_tree(mpt->dev); 494 495 SYSCTL_ADD_QUAD(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 496 "wwnn", CTLFLAG_RD, &mpt->scinfo.fc.wwnn, 497 "World Wide Node Name"); 498 499 SYSCTL_ADD_QUAD(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 500 "wwpn", CTLFLAG_RD, &mpt->scinfo.fc.wwpn, 501 "World Wide Port Name"); 502 503 MPT_LOCK(mpt); 504 return (0); 505} 506 507/* 508 * Set FC configuration information. 509 */ 510static int 511mpt_set_initial_config_fc(struct mpt_softc *mpt) 512{ 513 CONFIG_PAGE_FC_PORT_1 fc; 514 U32 fl; 515 int r, doit = 0; 516 int role; 517 518 r = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_FC_PORT, 1, 0, 519 &fc.Header, FALSE, 5000); 520 if (r) { 521 mpt_prt(mpt, "failed to read FC page 1 header\n"); 522 return (mpt_fc_reset_link(mpt, 1)); 523 } 524 525 r = mpt_read_cfg_page(mpt, MPI_CONFIG_ACTION_PAGE_READ_NVRAM, 0, 526 &fc.Header, sizeof (fc), FALSE, 5000); 527 if (r) { 528 mpt_prt(mpt, "failed to read FC page 1\n"); 529 return (mpt_fc_reset_link(mpt, 1)); 530 } 531 mpt2host_config_page_fc_port_1(&fc); 532 533 /* 534 * Check our flags to make sure we support the role we want. 535 */ 536 doit = 0; 537 role = 0; 538 fl = fc.Flags; 539 540 if (fl & MPI_FCPORTPAGE1_FLAGS_PROT_FCP_INIT) { 541 role |= MPT_ROLE_INITIATOR; 542 } 543 if (fl & MPI_FCPORTPAGE1_FLAGS_PROT_FCP_TARG) { 544 role |= MPT_ROLE_TARGET; 545 } 546 547 fl &= ~MPI_FCPORTPAGE1_FLAGS_PROT_MASK; 548 549 if (mpt->do_cfg_role == 0) { 550 role = mpt->cfg_role; 551 } else { 552 mpt->do_cfg_role = 0; 553 } 554 555 if (role != mpt->cfg_role) { 556 if (mpt->cfg_role & MPT_ROLE_INITIATOR) { 557 if ((role & MPT_ROLE_INITIATOR) == 0) { 558 mpt_prt(mpt, "adding initiator role\n"); 559 fl |= MPI_FCPORTPAGE1_FLAGS_PROT_FCP_INIT; 560 doit++; 561 } else { 562 mpt_prt(mpt, "keeping initiator role\n"); 563 } 564 } else if (role & MPT_ROLE_INITIATOR) { 565 mpt_prt(mpt, "removing initiator role\n"); 566 doit++; 567 } 568 if (mpt->cfg_role & MPT_ROLE_TARGET) { 569 if ((role & MPT_ROLE_TARGET) == 0) { 570 mpt_prt(mpt, "adding target role\n"); 571 fl |= MPI_FCPORTPAGE1_FLAGS_PROT_FCP_TARG; 572 doit++; 573 } else { 574 mpt_prt(mpt, "keeping target role\n"); 575 } 576 } else if (role & MPT_ROLE_TARGET) { 577 mpt_prt(mpt, "removing target role\n"); 578 doit++; 579 } 580 mpt->role = mpt->cfg_role; 581 } 582 583 if (fl & MPI_FCPORTPAGE1_FLAGS_PROT_FCP_TARG) { 584 if ((fl & MPI_FCPORTPAGE1_FLAGS_TARGET_MODE_OXID) == 0) { 585 mpt_prt(mpt, "adding OXID option\n"); 586 fl |= MPI_FCPORTPAGE1_FLAGS_TARGET_MODE_OXID; 587 doit++; 588 } 589 } 590 591 if (doit) { 592 fc.Flags = fl; 593 host2mpt_config_page_fc_port_1(&fc); 594 r = mpt_write_cfg_page(mpt, 595 MPI_CONFIG_ACTION_PAGE_WRITE_NVRAM, 0, &fc.Header, 596 sizeof(fc), FALSE, 5000); 597 if (r != 0) { 598 mpt_prt(mpt, "failed to update NVRAM with changes\n"); 599 return (0); 600 } 601 mpt_prt(mpt, "NOTE: NVRAM changes will not take " 602 "effect until next reboot or IOC reset\n"); 603 } 604 return (0); 605} 606 607static int 608mptsas_sas_io_unit_pg0(struct mpt_softc *mpt, struct mptsas_portinfo *portinfo) 609{ 610 ConfigExtendedPageHeader_t hdr; 611 struct mptsas_phyinfo *phyinfo; 612 SasIOUnitPage0_t *buffer; 613 int error, len, i; 614 615 error = mpt_read_extcfg_header(mpt, MPI_SASIOUNITPAGE0_PAGEVERSION, 616 0, 0, MPI_CONFIG_EXTPAGETYPE_SAS_IO_UNIT, 617 &hdr, 0, 10000); 618 if (error) 619 goto out; 620 if (hdr.ExtPageLength == 0) { 621 error = ENXIO; 622 goto out; 623 } 624 625 len = hdr.ExtPageLength * 4; 626 buffer = malloc(len, M_DEVBUF, M_NOWAIT|M_ZERO); 627 if (buffer == NULL) { 628 error = ENOMEM; 629 goto out; 630 } 631 632 error = mpt_read_extcfg_page(mpt, MPI_CONFIG_ACTION_PAGE_READ_CURRENT, 633 0, &hdr, buffer, len, 0, 10000); 634 if (error) { 635 free(buffer, M_DEVBUF); 636 goto out; 637 } 638 639 portinfo->num_phys = buffer->NumPhys; 640 portinfo->phy_info = malloc(sizeof(*portinfo->phy_info) * 641 portinfo->num_phys, M_DEVBUF, M_NOWAIT|M_ZERO); 642 if (portinfo->phy_info == NULL) { 643 free(buffer, M_DEVBUF); 644 error = ENOMEM; 645 goto out; 646 } 647 648 for (i = 0; i < portinfo->num_phys; i++) { 649 phyinfo = &portinfo->phy_info[i]; 650 phyinfo->phy_num = i; 651 phyinfo->port_id = buffer->PhyData[i].Port; 652 phyinfo->negotiated_link_rate = 653 buffer->PhyData[i].NegotiatedLinkRate; 654 phyinfo->handle = 655 le16toh(buffer->PhyData[i].ControllerDevHandle); 656 } 657 658 free(buffer, M_DEVBUF); 659out: 660 return (error); 661} 662 663static int 664mptsas_sas_phy_pg0(struct mpt_softc *mpt, struct mptsas_phyinfo *phy_info, 665 uint32_t form, uint32_t form_specific) 666{ 667 ConfigExtendedPageHeader_t hdr; 668 SasPhyPage0_t *buffer; 669 int error; 670 671 error = mpt_read_extcfg_header(mpt, MPI_SASPHY0_PAGEVERSION, 0, 0, 672 MPI_CONFIG_EXTPAGETYPE_SAS_PHY, &hdr, 673 0, 10000); 674 if (error) 675 goto out; 676 if (hdr.ExtPageLength == 0) { 677 error = ENXIO; 678 goto out; 679 } 680 681 buffer = malloc(sizeof(SasPhyPage0_t), M_DEVBUF, M_NOWAIT|M_ZERO); 682 if (buffer == NULL) { 683 error = ENOMEM; 684 goto out; 685 } 686 687 error = mpt_read_extcfg_page(mpt, MPI_CONFIG_ACTION_PAGE_READ_CURRENT, 688 form + form_specific, &hdr, buffer, 689 sizeof(SasPhyPage0_t), 0, 10000); 690 if (error) { 691 free(buffer, M_DEVBUF); 692 goto out; 693 } 694 695 phy_info->hw_link_rate = buffer->HwLinkRate; 696 phy_info->programmed_link_rate = buffer->ProgrammedLinkRate; 697 phy_info->identify.dev_handle = le16toh(buffer->OwnerDevHandle); 698 phy_info->attached.dev_handle = le16toh(buffer->AttachedDevHandle); 699 700 free(buffer, M_DEVBUF); 701out: 702 return (error); 703} 704 705static int 706mptsas_sas_device_pg0(struct mpt_softc *mpt, struct mptsas_devinfo *device_info, 707 uint32_t form, uint32_t form_specific) 708{ 709 ConfigExtendedPageHeader_t hdr; 710 SasDevicePage0_t *buffer; 711 uint64_t sas_address; 712 int error = 0; 713 714 bzero(device_info, sizeof(*device_info)); 715 error = mpt_read_extcfg_header(mpt, MPI_SASDEVICE0_PAGEVERSION, 0, 0, 716 MPI_CONFIG_EXTPAGETYPE_SAS_DEVICE, 717 &hdr, 0, 10000); 718 if (error) 719 goto out; 720 if (hdr.ExtPageLength == 0) { 721 error = ENXIO; 722 goto out; 723 } 724 725 buffer = malloc(sizeof(SasDevicePage0_t), M_DEVBUF, M_NOWAIT|M_ZERO); 726 if (buffer == NULL) { 727 error = ENOMEM; 728 goto out; 729 } 730 731 error = mpt_read_extcfg_page(mpt, MPI_CONFIG_ACTION_PAGE_READ_CURRENT, 732 form + form_specific, &hdr, buffer, 733 sizeof(SasDevicePage0_t), 0, 10000); 734 if (error) { 735 free(buffer, M_DEVBUF); 736 goto out; 737 } 738 739 device_info->dev_handle = le16toh(buffer->DevHandle); 740 device_info->parent_dev_handle = le16toh(buffer->ParentDevHandle); 741 device_info->enclosure_handle = le16toh(buffer->EnclosureHandle); 742 device_info->slot = le16toh(buffer->Slot); 743 device_info->phy_num = buffer->PhyNum; 744 device_info->physical_port = buffer->PhysicalPort; 745 device_info->target_id = buffer->TargetID; 746 device_info->bus = buffer->Bus; 747 bcopy(&buffer->SASAddress, &sas_address, sizeof(uint64_t)); 748 device_info->sas_address = le64toh(sas_address); 749 device_info->device_info = le32toh(buffer->DeviceInfo); 750 751 free(buffer, M_DEVBUF); 752out: 753 return (error); 754} 755 756/* 757 * Read SAS configuration information. Nothing to do yet. 758 */ 759static int 760mpt_read_config_info_sas(struct mpt_softc *mpt) 761{ 762 struct mptsas_portinfo *portinfo; 763 struct mptsas_phyinfo *phyinfo; 764 int error, i; 765 766 portinfo = malloc(sizeof(*portinfo), M_DEVBUF, M_NOWAIT|M_ZERO); 767 if (portinfo == NULL) 768 return (ENOMEM); 769 770 error = mptsas_sas_io_unit_pg0(mpt, portinfo); 771 if (error) { 772 free(portinfo, M_DEVBUF); 773 return (0); 774 } 775 776 for (i = 0; i < portinfo->num_phys; i++) { 777 phyinfo = &portinfo->phy_info[i]; 778 error = mptsas_sas_phy_pg0(mpt, phyinfo, 779 (MPI_SAS_PHY_PGAD_FORM_PHY_NUMBER << 780 MPI_SAS_PHY_PGAD_FORM_SHIFT), i); 781 if (error) 782 break; 783 error = mptsas_sas_device_pg0(mpt, &phyinfo->identify, 784 (MPI_SAS_DEVICE_PGAD_FORM_HANDLE << 785 MPI_SAS_DEVICE_PGAD_FORM_SHIFT), 786 phyinfo->handle); 787 if (error) 788 break; 789 phyinfo->identify.phy_num = phyinfo->phy_num = i; 790 if (phyinfo->attached.dev_handle) 791 error = mptsas_sas_device_pg0(mpt, 792 &phyinfo->attached, 793 (MPI_SAS_DEVICE_PGAD_FORM_HANDLE << 794 MPI_SAS_DEVICE_PGAD_FORM_SHIFT), 795 phyinfo->attached.dev_handle); 796 if (error) 797 break; 798 } 799 mpt->sas_portinfo = portinfo; 800 return (0); 801} 802 803static void 804mptsas_set_sata_wc(struct mpt_softc *mpt, struct mptsas_devinfo *devinfo, 805 int enabled) 806{ 807 SataPassthroughRequest_t *pass; 808 request_t *req; 809 int error, status; 810 811 req = mpt_get_request(mpt, 0); 812 if (req == NULL) 813 return; 814 815 pass = req->req_vbuf; 816 bzero(pass, sizeof(SataPassthroughRequest_t)); 817 pass->Function = MPI_FUNCTION_SATA_PASSTHROUGH; 818 pass->TargetID = devinfo->target_id; 819 pass->Bus = devinfo->bus; 820 pass->PassthroughFlags = 0; 821 pass->ConnectionRate = MPI_SATA_PT_REQ_CONNECT_RATE_NEGOTIATED; 822 pass->DataLength = 0; 823 pass->MsgContext = htole32(req->index | sata_pass_handler_id); 824 pass->CommandFIS[0] = 0x27; 825 pass->CommandFIS[1] = 0x80; 826 pass->CommandFIS[2] = 0xef; 827 pass->CommandFIS[3] = (enabled) ? 0x02 : 0x82; 828 pass->CommandFIS[7] = 0x40; 829 pass->CommandFIS[15] = 0x08; 830 831 mpt_check_doorbell(mpt); 832 mpt_send_cmd(mpt, req); 833 error = mpt_wait_req(mpt, req, REQ_STATE_DONE, REQ_STATE_DONE, 0, 834 10 * 1000); 835 if (error) { 836 mpt_free_request(mpt, req); 837 printf("error %d sending passthrough\n", error); 838 return; 839 } 840 841 status = le16toh(req->IOCStatus); 842 if (status != MPI_IOCSTATUS_SUCCESS) { 843 mpt_free_request(mpt, req); 844 printf("IOCSTATUS %d\n", status); 845 return; 846 } 847 848 mpt_free_request(mpt, req); 849} 850 851/* 852 * Set SAS configuration information. Nothing to do yet. 853 */ 854static int 855mpt_set_initial_config_sas(struct mpt_softc *mpt) 856{ 857 struct mptsas_phyinfo *phyinfo; 858 int i; 859 860 if ((mpt_enable_sata_wc != -1) && (mpt->sas_portinfo != NULL)) { 861 for (i = 0; i < mpt->sas_portinfo->num_phys; i++) { 862 phyinfo = &mpt->sas_portinfo->phy_info[i]; 863 if (phyinfo->attached.dev_handle == 0) 864 continue; 865 if ((phyinfo->attached.device_info & 866 MPI_SAS_DEVICE_INFO_SATA_DEVICE) == 0) 867 continue; 868 if (bootverbose) 869 device_printf(mpt->dev, 870 "%sabling SATA WC on phy %d\n", 871 (mpt_enable_sata_wc) ? "En" : "Dis", i); 872 mptsas_set_sata_wc(mpt, &phyinfo->attached, 873 mpt_enable_sata_wc); 874 } 875 } 876 877 return (0); 878} 879 880static int 881mpt_sata_pass_reply_handler(struct mpt_softc *mpt, request_t *req, 882 uint32_t reply_desc, MSG_DEFAULT_REPLY *reply_frame) 883{ 884 885 if (req != NULL) { 886 if (reply_frame != NULL) { 887 req->IOCStatus = le16toh(reply_frame->IOCStatus); 888 } 889 req->state &= ~REQ_STATE_QUEUED; 890 req->state |= REQ_STATE_DONE; 891 TAILQ_REMOVE(&mpt->request_pending_list, req, links); 892 if ((req->state & REQ_STATE_NEED_WAKEUP) != 0) { 893 wakeup(req); 894 } else if ((req->state & REQ_STATE_TIMEDOUT) != 0) { 895 /* 896 * Whew- we can free this request (late completion) 897 */ 898 mpt_free_request(mpt, req); 899 } 900 } 901 902 return (TRUE); 903} 904 905/* 906 * Read SCSI configuration information 907 */ 908static int 909mpt_read_config_info_spi(struct mpt_softc *mpt) 910{ 911 int rv, i; 912 913 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_SCSI_PORT, 0, 0, 914 &mpt->mpt_port_page0.Header, FALSE, 5000); 915 if (rv) { 916 return (-1); 917 } 918 mpt_lprt(mpt, MPT_PRT_DEBUG, "SPI Port Page 0 Header: %x %x %x %x\n", 919 mpt->mpt_port_page0.Header.PageVersion, 920 mpt->mpt_port_page0.Header.PageLength, 921 mpt->mpt_port_page0.Header.PageNumber, 922 mpt->mpt_port_page0.Header.PageType); 923 924 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_SCSI_PORT, 1, 0, 925 &mpt->mpt_port_page1.Header, FALSE, 5000); 926 if (rv) { 927 return (-1); 928 } 929 mpt_lprt(mpt, MPT_PRT_DEBUG, "SPI Port Page 1 Header: %x %x %x %x\n", 930 mpt->mpt_port_page1.Header.PageVersion, 931 mpt->mpt_port_page1.Header.PageLength, 932 mpt->mpt_port_page1.Header.PageNumber, 933 mpt->mpt_port_page1.Header.PageType); 934 935 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_SCSI_PORT, 2, 0, 936 &mpt->mpt_port_page2.Header, FALSE, 5000); 937 if (rv) { 938 return (-1); 939 } 940 mpt_lprt(mpt, MPT_PRT_DEBUG, "SPI Port Page 2 Header: %x %x %x %x\n", 941 mpt->mpt_port_page2.Header.PageVersion, 942 mpt->mpt_port_page2.Header.PageLength, 943 mpt->mpt_port_page2.Header.PageNumber, 944 mpt->mpt_port_page2.Header.PageType); 945 946 for (i = 0; i < 16; i++) { 947 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_SCSI_DEVICE, 948 0, i, &mpt->mpt_dev_page0[i].Header, FALSE, 5000); 949 if (rv) { 950 return (-1); 951 } 952 mpt_lprt(mpt, MPT_PRT_DEBUG, 953 "SPI Target %d Device Page 0 Header: %x %x %x %x\n", i, 954 mpt->mpt_dev_page0[i].Header.PageVersion, 955 mpt->mpt_dev_page0[i].Header.PageLength, 956 mpt->mpt_dev_page0[i].Header.PageNumber, 957 mpt->mpt_dev_page0[i].Header.PageType); 958 959 rv = mpt_read_cfg_header(mpt, MPI_CONFIG_PAGETYPE_SCSI_DEVICE, 960 1, i, &mpt->mpt_dev_page1[i].Header, FALSE, 5000); 961 if (rv) { 962 return (-1); 963 } 964 mpt_lprt(mpt, MPT_PRT_DEBUG, 965 "SPI Target %d Device Page 1 Header: %x %x %x %x\n", i, 966 mpt->mpt_dev_page1[i].Header.PageVersion, 967 mpt->mpt_dev_page1[i].Header.PageLength, 968 mpt->mpt_dev_page1[i].Header.PageNumber, 969 mpt->mpt_dev_page1[i].Header.PageType); 970 } 971 972 /* 973 * At this point, we don't *have* to fail. As long as we have 974 * valid config header information, we can (barely) lurch 975 * along. 976 */ 977 978 rv = mpt_read_cur_cfg_page(mpt, 0, &mpt->mpt_port_page0.Header, 979 sizeof(mpt->mpt_port_page0), FALSE, 5000); 980 if (rv) { 981 mpt_prt(mpt, "failed to read SPI Port Page 0\n"); 982 } else { 983 mpt2host_config_page_scsi_port_0(&mpt->mpt_port_page0); 984 mpt_lprt(mpt, MPT_PRT_NEGOTIATION, 985 "SPI Port Page 0: Capabilities %x PhysicalInterface %x\n", 986 mpt->mpt_port_page0.Capabilities, 987 mpt->mpt_port_page0.PhysicalInterface); 988 } 989 990 rv = mpt_read_cur_cfg_page(mpt, 0, &mpt->mpt_port_page1.Header, 991 sizeof(mpt->mpt_port_page1), FALSE, 5000); 992 if (rv) { 993 mpt_prt(mpt, "failed to read SPI Port Page 1\n"); 994 } else { 995 mpt2host_config_page_scsi_port_1(&mpt->mpt_port_page1); 996 mpt_lprt(mpt, MPT_PRT_DEBUG, 997 "SPI Port Page 1: Configuration %x OnBusTimerValue %x\n", 998 mpt->mpt_port_page1.Configuration, 999 mpt->mpt_port_page1.OnBusTimerValue); 1000 } 1001 1002 rv = mpt_read_cur_cfg_page(mpt, 0, &mpt->mpt_port_page2.Header, 1003 sizeof(mpt->mpt_port_page2), FALSE, 5000); 1004 if (rv) { 1005 mpt_prt(mpt, "failed to read SPI Port Page 2\n"); 1006 } else { 1007 mpt_lprt(mpt, MPT_PRT_NEGOTIATION, 1008 "Port Page 2: Flags %x Settings %x\n", 1009 mpt->mpt_port_page2.PortFlags, 1010 mpt->mpt_port_page2.PortSettings); 1011 mpt2host_config_page_scsi_port_2(&mpt->mpt_port_page2); 1012 for (i = 0; i < 16; i++) { 1013 mpt_lprt(mpt, MPT_PRT_NEGOTIATION, 1014 " Port Page 2 Tgt %d: timo %x SF %x Flags %x\n", 1015 i, mpt->mpt_port_page2.DeviceSettings[i].Timeout, 1016 mpt->mpt_port_page2.DeviceSettings[i].SyncFactor, 1017 mpt->mpt_port_page2.DeviceSettings[i].DeviceFlags); 1018 } 1019 } 1020 1021 for (i = 0; i < 16; i++) { 1022 rv = mpt_read_cur_cfg_page(mpt, i, 1023 &mpt->mpt_dev_page0[i].Header, sizeof(*mpt->mpt_dev_page0), 1024 FALSE, 5000); 1025 if (rv) { 1026 mpt_prt(mpt, 1027 "cannot read SPI Target %d Device Page 0\n", i); 1028 continue; 1029 } 1030 mpt2host_config_page_scsi_device_0(&mpt->mpt_dev_page0[i]); 1031 mpt_lprt(mpt, MPT_PRT_NEGOTIATION, 1032 "target %d page 0: Negotiated Params %x Information %x\n", 1033 i, mpt->mpt_dev_page0[i].NegotiatedParameters, 1034 mpt->mpt_dev_page0[i].Information); 1035 1036 rv = mpt_read_cur_cfg_page(mpt, i, 1037 &mpt->mpt_dev_page1[i].Header, sizeof(*mpt->mpt_dev_page1), 1038 FALSE, 5000); 1039 if (rv) { 1040 mpt_prt(mpt, 1041 "cannot read SPI Target %d Device Page 1\n", i); 1042 continue; 1043 } 1044 mpt2host_config_page_scsi_device_1(&mpt->mpt_dev_page1[i]); 1045 mpt_lprt(mpt, MPT_PRT_NEGOTIATION, 1046 "target %d page 1: Requested Params %x Configuration %x\n", 1047 i, mpt->mpt_dev_page1[i].RequestedParameters, 1048 mpt->mpt_dev_page1[i].Configuration); 1049 } 1050 return (0); 1051} 1052 1053/* 1054 * Validate SPI configuration information. 1055 * 1056 * In particular, validate SPI Port Page 1. 1057 */ 1058static int 1059mpt_set_initial_config_spi(struct mpt_softc *mpt) 1060{ 1061 int error, i, pp1val; 1062 1063 mpt->mpt_disc_enable = 0xff; 1064 mpt->mpt_tag_enable = 0; 1065 1066 pp1val = ((1 << mpt->mpt_ini_id) << 1067 MPI_SCSIPORTPAGE1_CFG_SHIFT_PORT_RESPONSE_ID) | mpt->mpt_ini_id; 1068 if (mpt->mpt_port_page1.Configuration != pp1val) { 1069 CONFIG_PAGE_SCSI_PORT_1 tmp; 1070 1071 mpt_prt(mpt, "SPI Port Page 1 Config value bad (%x)- should " 1072 "be %x\n", mpt->mpt_port_page1.Configuration, pp1val); 1073 tmp = mpt->mpt_port_page1; 1074 tmp.Configuration = pp1val; 1075 host2mpt_config_page_scsi_port_1(&tmp); 1076 error = mpt_write_cur_cfg_page(mpt, 0, 1077 &tmp.Header, sizeof(tmp), FALSE, 5000); 1078 if (error) { 1079 return (-1); 1080 } 1081 error = mpt_read_cur_cfg_page(mpt, 0, 1082 &tmp.Header, sizeof(tmp), FALSE, 5000); 1083 if (error) { 1084 return (-1); 1085 } 1086 mpt2host_config_page_scsi_port_1(&tmp); 1087 if (tmp.Configuration != pp1val) { 1088 mpt_prt(mpt, 1089 "failed to reset SPI Port Page 1 Config value\n"); 1090 return (-1); 1091 } 1092 mpt->mpt_port_page1 = tmp; 1093 } 1094 1095 /* 1096 * The purpose of this exercise is to get 1097 * all targets back to async/narrow. 1098 * 1099 * We skip this step if the BIOS has already negotiated 1100 * speeds with the targets. 1101 */ 1102 i = mpt->mpt_port_page2.PortSettings & 1103 MPI_SCSIPORTPAGE2_PORT_MASK_NEGO_MASTER_SETTINGS; 1104 if (i == MPI_SCSIPORTPAGE2_PORT_ALL_MASTER_SETTINGS) { 1105 mpt_lprt(mpt, MPT_PRT_NEGOTIATION, 1106 "honoring BIOS transfer negotiations\n"); 1107 } else { 1108 for (i = 0; i < 16; i++) { 1109 mpt->mpt_dev_page1[i].RequestedParameters = 0; 1110 mpt->mpt_dev_page1[i].Configuration = 0; 1111 (void) mpt_update_spi_config(mpt, i); 1112 } 1113 } 1114 return (0); 1115} 1116 1117static int 1118mpt_cam_enable(struct mpt_softc *mpt) 1119{ 1120 int error; 1121 1122 MPT_LOCK(mpt); 1123 1124 error = EIO; 1125 if (mpt->is_fc) { 1126 if (mpt_read_config_info_fc(mpt)) { 1127 goto out; 1128 } 1129 if (mpt_set_initial_config_fc(mpt)) { 1130 goto out; 1131 } 1132 } else if (mpt->is_sas) { 1133 if (mpt_read_config_info_sas(mpt)) { 1134 goto out; 1135 } 1136 if (mpt_set_initial_config_sas(mpt)) { 1137 goto out; 1138 } 1139 } else if (mpt->is_spi) { 1140 if (mpt_read_config_info_spi(mpt)) { 1141 goto out; 1142 } 1143 if (mpt_set_initial_config_spi(mpt)) { 1144 goto out; 1145 } 1146 } 1147 error = 0; 1148 1149out: 1150 MPT_UNLOCK(mpt); 1151 return (error); 1152} 1153 1154static void 1155mpt_cam_ready(struct mpt_softc *mpt) 1156{ 1157 1158 /* 1159 * If we're in target mode, hang out resources now 1160 * so we don't cause the world to hang talking to us. 1161 */ 1162 if (mpt->is_fc && (mpt->role & MPT_ROLE_TARGET)) { 1163 /* 1164 * Try to add some target command resources 1165 */ 1166 MPT_LOCK(mpt); 1167 if (mpt_add_target_commands(mpt) == FALSE) { 1168 mpt_prt(mpt, "failed to add target commands\n"); 1169 } 1170 MPT_UNLOCK(mpt); 1171 } 1172 mpt->ready = 1; 1173} 1174 1175static void 1176mpt_cam_detach(struct mpt_softc *mpt) 1177{ 1178 mpt_handler_t handler; 1179 1180 MPT_LOCK(mpt); 1181 mpt->ready = 0; 1182 mpt_terminate_recovery_thread(mpt); 1183 1184 handler.reply_handler = mpt_scsi_reply_handler; 1185 mpt_deregister_handler(mpt, MPT_HANDLER_REPLY, handler, 1186 scsi_io_handler_id); 1187 handler.reply_handler = mpt_scsi_tmf_reply_handler; 1188 mpt_deregister_handler(mpt, MPT_HANDLER_REPLY, handler, 1189 scsi_tmf_handler_id); 1190 handler.reply_handler = mpt_fc_els_reply_handler; 1191 mpt_deregister_handler(mpt, MPT_HANDLER_REPLY, handler, 1192 fc_els_handler_id); 1193 handler.reply_handler = mpt_scsi_tgt_reply_handler; 1194 mpt_deregister_handler(mpt, MPT_HANDLER_REPLY, handler, 1195 mpt->scsi_tgt_handler_id); 1196 handler.reply_handler = mpt_sata_pass_reply_handler; 1197 mpt_deregister_handler(mpt, MPT_HANDLER_REPLY, handler, 1198 sata_pass_handler_id); 1199 1200 if (mpt->tmf_req != NULL) { 1201 mpt->tmf_req->state = REQ_STATE_ALLOCATED; 1202 mpt_free_request(mpt, mpt->tmf_req); 1203 mpt->tmf_req = NULL; 1204 } 1205 if (mpt->sas_portinfo != NULL) { 1206 free(mpt->sas_portinfo, M_DEVBUF); 1207 mpt->sas_portinfo = NULL; 1208 } 1209 1210 if (mpt->sim != NULL) { 1211 xpt_free_path(mpt->path); 1212 xpt_bus_deregister(cam_sim_path(mpt->sim)); 1213 cam_sim_free(mpt->sim, TRUE); 1214 mpt->sim = NULL; 1215 } 1216 1217 if (mpt->phydisk_sim != NULL) { 1218 xpt_free_path(mpt->phydisk_path); 1219 xpt_bus_deregister(cam_sim_path(mpt->phydisk_sim)); 1220 cam_sim_free(mpt->phydisk_sim, TRUE); 1221 mpt->phydisk_sim = NULL; 1222 } 1223 MPT_UNLOCK(mpt); 1224} 1225 1226/* This routine is used after a system crash to dump core onto the swap device. 1227 */ 1228static void 1229mpt_poll(struct cam_sim *sim) 1230{ 1231 struct mpt_softc *mpt; 1232 1233 mpt = (struct mpt_softc *)cam_sim_softc(sim); 1234 mpt_intr(mpt); 1235} 1236 1237/* 1238 * Watchdog timeout routine for SCSI requests. 1239 */ 1240static void 1241mpt_timeout(void *arg) 1242{ 1243 union ccb *ccb; 1244 struct mpt_softc *mpt; 1245 request_t *req; 1246 1247 ccb = (union ccb *)arg; 1248 mpt = ccb->ccb_h.ccb_mpt_ptr; 1249 1250 MPT_LOCK_ASSERT(mpt); 1251 req = ccb->ccb_h.ccb_req_ptr; 1252 mpt_prt(mpt, "request %p:%u timed out for ccb %p (req->ccb %p)\n", req, 1253 req->serno, ccb, req->ccb); 1254/* XXX: WHAT ARE WE TRYING TO DO HERE? */ 1255 if ((req->state & REQ_STATE_QUEUED) == REQ_STATE_QUEUED) { 1256 TAILQ_REMOVE(&mpt->request_pending_list, req, links); 1257 TAILQ_INSERT_TAIL(&mpt->request_timeout_list, req, links); 1258 req->state |= REQ_STATE_TIMEDOUT; 1259 mpt_wakeup_recovery_thread(mpt); 1260 } 1261} 1262 1263/* 1264 * Callback routine from bus_dmamap_load_ccb(9) or, in simple cases, called 1265 * directly. 1266 * 1267 * Takes a list of physical segments and builds the SGL for SCSI IO command 1268 * and forwards the commard to the IOC after one last check that CAM has not 1269 * aborted the transaction. 1270 */ 1271static void 1272mpt_execute_req_a64(void *arg, bus_dma_segment_t *dm_segs, int nseg, int error) 1273{ 1274 request_t *req, *trq; 1275 char *mpt_off; 1276 union ccb *ccb; 1277 struct mpt_softc *mpt; 1278 bus_addr_t chain_list_addr; 1279 int first_lim, seg, this_seg_lim; 1280 uint32_t addr, cur_off, flags, nxt_off, tf; 1281 void *sglp = NULL; 1282 MSG_REQUEST_HEADER *hdrp; 1283 SGE_SIMPLE64 *se; 1284 SGE_CHAIN64 *ce; 1285 int istgt = 0; 1286 1287 req = (request_t *)arg; 1288 ccb = req->ccb; 1289 1290 mpt = ccb->ccb_h.ccb_mpt_ptr; 1291 req = ccb->ccb_h.ccb_req_ptr; 1292 1293 hdrp = req->req_vbuf; 1294 mpt_off = req->req_vbuf; 1295 1296 if (error == 0 && ((uint32_t)nseg) >= mpt->max_seg_cnt) { 1297 error = EFBIG; 1298 } 1299 1300 if (error == 0) { 1301 switch (hdrp->Function) { 1302 case MPI_FUNCTION_SCSI_IO_REQUEST: 1303 case MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH: 1304 istgt = 0; 1305 sglp = &((PTR_MSG_SCSI_IO_REQUEST)hdrp)->SGL; 1306 break; 1307 case MPI_FUNCTION_TARGET_ASSIST: 1308 istgt = 1; 1309 sglp = &((PTR_MSG_TARGET_ASSIST_REQUEST)hdrp)->SGL; 1310 break; 1311 default: 1312 mpt_prt(mpt, "bad fct 0x%x in mpt_execute_req_a64\n", 1313 hdrp->Function); 1314 error = EINVAL; 1315 break; 1316 } 1317 } 1318 1319 if (error == 0 && ((uint32_t)nseg) >= mpt->max_seg_cnt) { 1320 error = EFBIG; 1321 mpt_prt(mpt, "segment count %d too large (max %u)\n", 1322 nseg, mpt->max_seg_cnt); 1323 } 1324 1325bad: 1326 if (error != 0) { 1327 if (error != EFBIG && error != ENOMEM) { 1328 mpt_prt(mpt, "mpt_execute_req_a64: err %d\n", error); 1329 } 1330 if ((ccb->ccb_h.status & CAM_STATUS_MASK) == CAM_REQ_INPROG) { 1331 cam_status status; 1332 mpt_freeze_ccb(ccb); 1333 if (error == EFBIG) { 1334 status = CAM_REQ_TOO_BIG; 1335 } else if (error == ENOMEM) { 1336 if (mpt->outofbeer == 0) { 1337 mpt->outofbeer = 1; 1338 xpt_freeze_simq(mpt->sim, 1); 1339 mpt_lprt(mpt, MPT_PRT_DEBUG, 1340 "FREEZEQ\n"); 1341 } 1342 status = CAM_REQUEUE_REQ; 1343 } else { 1344 status = CAM_REQ_CMP_ERR; 1345 } 1346 mpt_set_ccb_status(ccb, status); 1347 } 1348 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) { 1349 request_t *cmd_req = 1350 MPT_TAG_2_REQ(mpt, ccb->csio.tag_id); 1351 MPT_TGT_STATE(mpt, cmd_req)->state = TGT_STATE_IN_CAM; 1352 MPT_TGT_STATE(mpt, cmd_req)->ccb = NULL; 1353 MPT_TGT_STATE(mpt, cmd_req)->req = NULL; 1354 } 1355 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 1356 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d", __LINE__)); 1357 xpt_done(ccb); 1358 mpt_free_request(mpt, req); 1359 return; 1360 } 1361 1362 /* 1363 * No data to transfer? 1364 * Just make a single simple SGL with zero length. 1365 */ 1366 1367 if (mpt->verbose >= MPT_PRT_DEBUG) { 1368 int tidx = ((char *)sglp) - mpt_off; 1369 memset(&mpt_off[tidx], 0xff, MPT_REQUEST_AREA - tidx); 1370 } 1371 1372 if (nseg == 0) { 1373 SGE_SIMPLE32 *se1 = (SGE_SIMPLE32 *) sglp; 1374 MPI_pSGE_SET_FLAGS(se1, 1375 (MPI_SGE_FLAGS_LAST_ELEMENT | MPI_SGE_FLAGS_END_OF_BUFFER | 1376 MPI_SGE_FLAGS_SIMPLE_ELEMENT | MPI_SGE_FLAGS_END_OF_LIST)); 1377 se1->FlagsLength = htole32(se1->FlagsLength); 1378 goto out; 1379 } 1380 1381 1382 flags = MPI_SGE_FLAGS_SIMPLE_ELEMENT | MPI_SGE_FLAGS_64_BIT_ADDRESSING; 1383 if (istgt == 0) { 1384 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_OUT) { 1385 flags |= MPI_SGE_FLAGS_HOST_TO_IOC; 1386 } 1387 } else { 1388 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) { 1389 flags |= MPI_SGE_FLAGS_HOST_TO_IOC; 1390 } 1391 } 1392 1393 if ((ccb->ccb_h.flags & CAM_DIR_MASK) != CAM_DIR_NONE) { 1394 bus_dmasync_op_t op; 1395 if (istgt == 0) { 1396 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) { 1397 op = BUS_DMASYNC_PREREAD; 1398 } else { 1399 op = BUS_DMASYNC_PREWRITE; 1400 } 1401 } else { 1402 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) { 1403 op = BUS_DMASYNC_PREWRITE; 1404 } else { 1405 op = BUS_DMASYNC_PREREAD; 1406 } 1407 } 1408 bus_dmamap_sync(mpt->buffer_dmat, req->dmap, op); 1409 } 1410 1411 /* 1412 * Okay, fill in what we can at the end of the command frame. 1413 * If we have up to MPT_NSGL_FIRST, we can fit them all into 1414 * the command frame. 1415 * 1416 * Otherwise, we fill up through MPT_NSGL_FIRST less one 1417 * SIMPLE64 pointers and start doing CHAIN64 entries after 1418 * that. 1419 */ 1420 1421 if (nseg < MPT_NSGL_FIRST(mpt)) { 1422 first_lim = nseg; 1423 } else { 1424 /* 1425 * Leave room for CHAIN element 1426 */ 1427 first_lim = MPT_NSGL_FIRST(mpt) - 1; 1428 } 1429 1430 se = (SGE_SIMPLE64 *) sglp; 1431 for (seg = 0; seg < first_lim; seg++, se++, dm_segs++) { 1432 tf = flags; 1433 memset(se, 0, sizeof (*se)); 1434 MPI_pSGE_SET_LENGTH(se, dm_segs->ds_len); 1435 se->Address.Low = htole32(dm_segs->ds_addr & 0xffffffff); 1436 if (sizeof(bus_addr_t) > 4) { 1437 addr = ((uint64_t)dm_segs->ds_addr) >> 32; 1438 /* SAS1078 36GB limitation WAR */ 1439 if (mpt->is_1078 && (((uint64_t)dm_segs->ds_addr + 1440 MPI_SGE_LENGTH(se->FlagsLength)) >> 32) == 9) { 1441 addr |= (1U << 31); 1442 tf |= MPI_SGE_FLAGS_LOCAL_ADDRESS; 1443 } 1444 se->Address.High = htole32(addr); 1445 } 1446 if (seg == first_lim - 1) { 1447 tf |= MPI_SGE_FLAGS_LAST_ELEMENT; 1448 } 1449 if (seg == nseg - 1) { 1450 tf |= MPI_SGE_FLAGS_END_OF_LIST | 1451 MPI_SGE_FLAGS_END_OF_BUFFER; 1452 } 1453 MPI_pSGE_SET_FLAGS(se, tf); 1454 se->FlagsLength = htole32(se->FlagsLength); 1455 } 1456 1457 if (seg == nseg) { 1458 goto out; 1459 } 1460 1461 /* 1462 * Tell the IOC where to find the first chain element. 1463 */ 1464 hdrp->ChainOffset = ((char *)se - (char *)hdrp) >> 2; 1465 nxt_off = MPT_RQSL(mpt); 1466 trq = req; 1467 1468 /* 1469 * Make up the rest of the data segments out of a chain element 1470 * (contained in the current request frame) which points to 1471 * SIMPLE64 elements in the next request frame, possibly ending 1472 * with *another* chain element (if there's more). 1473 */ 1474 while (seg < nseg) { 1475 /* 1476 * Point to the chain descriptor. Note that the chain 1477 * descriptor is at the end of the *previous* list (whether 1478 * chain or simple). 1479 */ 1480 ce = (SGE_CHAIN64 *) se; 1481 1482 /* 1483 * Before we change our current pointer, make sure we won't 1484 * overflow the request area with this frame. Note that we 1485 * test against 'greater than' here as it's okay in this case 1486 * to have next offset be just outside the request area. 1487 */ 1488 if ((nxt_off + MPT_RQSL(mpt)) > MPT_REQUEST_AREA) { 1489 nxt_off = MPT_REQUEST_AREA; 1490 goto next_chain; 1491 } 1492 1493 /* 1494 * Set our SGE element pointer to the beginning of the chain 1495 * list and update our next chain list offset. 1496 */ 1497 se = (SGE_SIMPLE64 *) &mpt_off[nxt_off]; 1498 cur_off = nxt_off; 1499 nxt_off += MPT_RQSL(mpt); 1500 1501 /* 1502 * Now initialize the chain descriptor. 1503 */ 1504 memset(ce, 0, sizeof (*ce)); 1505 1506 /* 1507 * Get the physical address of the chain list. 1508 */ 1509 chain_list_addr = trq->req_pbuf; 1510 chain_list_addr += cur_off; 1511 if (sizeof (bus_addr_t) > 4) { 1512 ce->Address.High = 1513 htole32(((uint64_t)chain_list_addr) >> 32); 1514 } 1515 ce->Address.Low = htole32(chain_list_addr & 0xffffffff); 1516 ce->Flags = MPI_SGE_FLAGS_CHAIN_ELEMENT | 1517 MPI_SGE_FLAGS_64_BIT_ADDRESSING; 1518 1519 /* 1520 * If we have more than a frame's worth of segments left, 1521 * set up the chain list to have the last element be another 1522 * chain descriptor. 1523 */ 1524 if ((nseg - seg) > MPT_NSGL(mpt)) { 1525 this_seg_lim = seg + MPT_NSGL(mpt) - 1; 1526 /* 1527 * The length of the chain is the length in bytes of the 1528 * number of segments plus the next chain element. 1529 * 1530 * The next chain descriptor offset is the length, 1531 * in words, of the number of segments. 1532 */ 1533 ce->Length = (this_seg_lim - seg) * 1534 sizeof (SGE_SIMPLE64); 1535 ce->NextChainOffset = ce->Length >> 2; 1536 ce->Length += sizeof (SGE_CHAIN64); 1537 } else { 1538 this_seg_lim = nseg; 1539 ce->Length = (this_seg_lim - seg) * 1540 sizeof (SGE_SIMPLE64); 1541 } 1542 ce->Length = htole16(ce->Length); 1543 1544 /* 1545 * Fill in the chain list SGE elements with our segment data. 1546 * 1547 * If we're the last element in this chain list, set the last 1548 * element flag. If we're the completely last element period, 1549 * set the end of list and end of buffer flags. 1550 */ 1551 while (seg < this_seg_lim) { 1552 tf = flags; 1553 memset(se, 0, sizeof (*se)); 1554 MPI_pSGE_SET_LENGTH(se, dm_segs->ds_len); 1555 se->Address.Low = htole32(dm_segs->ds_addr & 1556 0xffffffff); 1557 if (sizeof (bus_addr_t) > 4) { 1558 addr = ((uint64_t)dm_segs->ds_addr) >> 32; 1559 /* SAS1078 36GB limitation WAR */ 1560 if (mpt->is_1078 && 1561 (((uint64_t)dm_segs->ds_addr + 1562 MPI_SGE_LENGTH(se->FlagsLength)) >> 1563 32) == 9) { 1564 addr |= (1U << 31); 1565 tf |= MPI_SGE_FLAGS_LOCAL_ADDRESS; 1566 } 1567 se->Address.High = htole32(addr); 1568 } 1569 if (seg == this_seg_lim - 1) { 1570 tf |= MPI_SGE_FLAGS_LAST_ELEMENT; 1571 } 1572 if (seg == nseg - 1) { 1573 tf |= MPI_SGE_FLAGS_END_OF_LIST | 1574 MPI_SGE_FLAGS_END_OF_BUFFER; 1575 } 1576 MPI_pSGE_SET_FLAGS(se, tf); 1577 se->FlagsLength = htole32(se->FlagsLength); 1578 se++; 1579 seg++; 1580 dm_segs++; 1581 } 1582 1583 next_chain: 1584 /* 1585 * If we have more segments to do and we've used up all of 1586 * the space in a request area, go allocate another one 1587 * and chain to that. 1588 */ 1589 if (seg < nseg && nxt_off >= MPT_REQUEST_AREA) { 1590 request_t *nrq; 1591 1592 nrq = mpt_get_request(mpt, FALSE); 1593 1594 if (nrq == NULL) { 1595 error = ENOMEM; 1596 goto bad; 1597 } 1598 1599 /* 1600 * Append the new request area on the tail of our list. 1601 */ 1602 if ((trq = req->chain) == NULL) { 1603 req->chain = nrq; 1604 } else { 1605 while (trq->chain != NULL) { 1606 trq = trq->chain; 1607 } 1608 trq->chain = nrq; 1609 } 1610 trq = nrq; 1611 mpt_off = trq->req_vbuf; 1612 if (mpt->verbose >= MPT_PRT_DEBUG) { 1613 memset(mpt_off, 0xff, MPT_REQUEST_AREA); 1614 } 1615 nxt_off = 0; 1616 } 1617 } 1618out: 1619 1620 /* 1621 * Last time we need to check if this CCB needs to be aborted. 1622 */ 1623 if ((ccb->ccb_h.status & CAM_STATUS_MASK) != CAM_REQ_INPROG) { 1624 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) { 1625 request_t *cmd_req = 1626 MPT_TAG_2_REQ(mpt, ccb->csio.tag_id); 1627 MPT_TGT_STATE(mpt, cmd_req)->state = TGT_STATE_IN_CAM; 1628 MPT_TGT_STATE(mpt, cmd_req)->ccb = NULL; 1629 MPT_TGT_STATE(mpt, cmd_req)->req = NULL; 1630 } 1631 mpt_prt(mpt, 1632 "mpt_execute_req_a64: I/O cancelled (status 0x%x)\n", 1633 ccb->ccb_h.status & CAM_STATUS_MASK); 1634 if (nseg) { 1635 bus_dmamap_unload(mpt->buffer_dmat, req->dmap); 1636 } 1637 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 1638 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d", __LINE__)); 1639 xpt_done(ccb); 1640 mpt_free_request(mpt, req); 1641 return; 1642 } 1643 1644 ccb->ccb_h.status |= CAM_SIM_QUEUED; 1645 if (ccb->ccb_h.timeout != CAM_TIME_INFINITY) { 1646 mpt_req_timeout(req, SBT_1MS * ccb->ccb_h.timeout, 1647 mpt_timeout, ccb); 1648 } 1649 if (mpt->verbose > MPT_PRT_DEBUG) { 1650 int nc = 0; 1651 mpt_print_request(req->req_vbuf); 1652 for (trq = req->chain; trq; trq = trq->chain) { 1653 printf(" Additional Chain Area %d\n", nc++); 1654 mpt_dump_sgl(trq->req_vbuf, 0); 1655 } 1656 } 1657 1658 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) { 1659 request_t *cmd_req = MPT_TAG_2_REQ(mpt, ccb->csio.tag_id); 1660 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, cmd_req); 1661#ifdef WE_TRUST_AUTO_GOOD_STATUS 1662 if ((ccb->ccb_h.flags & CAM_SEND_STATUS) && 1663 csio->scsi_status == SCSI_STATUS_OK && tgt->resid == 0) { 1664 tgt->state = TGT_STATE_MOVING_DATA_AND_STATUS; 1665 } else { 1666 tgt->state = TGT_STATE_MOVING_DATA; 1667 } 1668#else 1669 tgt->state = TGT_STATE_MOVING_DATA; 1670#endif 1671 } 1672 mpt_send_cmd(mpt, req); 1673} 1674 1675static void 1676mpt_execute_req(void *arg, bus_dma_segment_t *dm_segs, int nseg, int error) 1677{ 1678 request_t *req, *trq; 1679 char *mpt_off; 1680 union ccb *ccb; 1681 struct mpt_softc *mpt; 1682 int seg, first_lim; 1683 uint32_t flags, nxt_off; 1684 void *sglp = NULL; 1685 MSG_REQUEST_HEADER *hdrp; 1686 SGE_SIMPLE32 *se; 1687 SGE_CHAIN32 *ce; 1688 int istgt = 0; 1689 1690 req = (request_t *)arg; 1691 ccb = req->ccb; 1692 1693 mpt = ccb->ccb_h.ccb_mpt_ptr; 1694 req = ccb->ccb_h.ccb_req_ptr; 1695 1696 hdrp = req->req_vbuf; 1697 mpt_off = req->req_vbuf; 1698 1699 if (error == 0 && ((uint32_t)nseg) >= mpt->max_seg_cnt) { 1700 error = EFBIG; 1701 } 1702 1703 if (error == 0) { 1704 switch (hdrp->Function) { 1705 case MPI_FUNCTION_SCSI_IO_REQUEST: 1706 case MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH: 1707 sglp = &((PTR_MSG_SCSI_IO_REQUEST)hdrp)->SGL; 1708 break; 1709 case MPI_FUNCTION_TARGET_ASSIST: 1710 istgt = 1; 1711 sglp = &((PTR_MSG_TARGET_ASSIST_REQUEST)hdrp)->SGL; 1712 break; 1713 default: 1714 mpt_prt(mpt, "bad fct 0x%x in mpt_execute_req\n", 1715 hdrp->Function); 1716 error = EINVAL; 1717 break; 1718 } 1719 } 1720 1721 if (error == 0 && ((uint32_t)nseg) >= mpt->max_seg_cnt) { 1722 error = EFBIG; 1723 mpt_prt(mpt, "segment count %d too large (max %u)\n", 1724 nseg, mpt->max_seg_cnt); 1725 } 1726 1727bad: 1728 if (error != 0) { 1729 if (error != EFBIG && error != ENOMEM) { 1730 mpt_prt(mpt, "mpt_execute_req: err %d\n", error); 1731 } 1732 if ((ccb->ccb_h.status & CAM_STATUS_MASK) == CAM_REQ_INPROG) { 1733 cam_status status; 1734 mpt_freeze_ccb(ccb); 1735 if (error == EFBIG) { 1736 status = CAM_REQ_TOO_BIG; 1737 } else if (error == ENOMEM) { 1738 if (mpt->outofbeer == 0) { 1739 mpt->outofbeer = 1; 1740 xpt_freeze_simq(mpt->sim, 1); 1741 mpt_lprt(mpt, MPT_PRT_DEBUG, 1742 "FREEZEQ\n"); 1743 } 1744 status = CAM_REQUEUE_REQ; 1745 } else { 1746 status = CAM_REQ_CMP_ERR; 1747 } 1748 mpt_set_ccb_status(ccb, status); 1749 } 1750 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) { 1751 request_t *cmd_req = 1752 MPT_TAG_2_REQ(mpt, ccb->csio.tag_id); 1753 MPT_TGT_STATE(mpt, cmd_req)->state = TGT_STATE_IN_CAM; 1754 MPT_TGT_STATE(mpt, cmd_req)->ccb = NULL; 1755 MPT_TGT_STATE(mpt, cmd_req)->req = NULL; 1756 } 1757 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 1758 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d", __LINE__)); 1759 xpt_done(ccb); 1760 mpt_free_request(mpt, req); 1761 return; 1762 } 1763 1764 /* 1765 * No data to transfer? 1766 * Just make a single simple SGL with zero length. 1767 */ 1768 1769 if (mpt->verbose >= MPT_PRT_DEBUG) { 1770 int tidx = ((char *)sglp) - mpt_off; 1771 memset(&mpt_off[tidx], 0xff, MPT_REQUEST_AREA - tidx); 1772 } 1773 1774 if (nseg == 0) { 1775 SGE_SIMPLE32 *se1 = (SGE_SIMPLE32 *) sglp; 1776 MPI_pSGE_SET_FLAGS(se1, 1777 (MPI_SGE_FLAGS_LAST_ELEMENT | MPI_SGE_FLAGS_END_OF_BUFFER | 1778 MPI_SGE_FLAGS_SIMPLE_ELEMENT | MPI_SGE_FLAGS_END_OF_LIST)); 1779 se1->FlagsLength = htole32(se1->FlagsLength); 1780 goto out; 1781 } 1782 1783 1784 flags = MPI_SGE_FLAGS_SIMPLE_ELEMENT; 1785 if (istgt == 0) { 1786 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_OUT) { 1787 flags |= MPI_SGE_FLAGS_HOST_TO_IOC; 1788 } 1789 } else { 1790 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) { 1791 flags |= MPI_SGE_FLAGS_HOST_TO_IOC; 1792 } 1793 } 1794 1795 if ((ccb->ccb_h.flags & CAM_DIR_MASK) != CAM_DIR_NONE) { 1796 bus_dmasync_op_t op; 1797 if (istgt) { 1798 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) { 1799 op = BUS_DMASYNC_PREREAD; 1800 } else { 1801 op = BUS_DMASYNC_PREWRITE; 1802 } 1803 } else { 1804 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) { 1805 op = BUS_DMASYNC_PREWRITE; 1806 } else { 1807 op = BUS_DMASYNC_PREREAD; 1808 } 1809 } 1810 bus_dmamap_sync(mpt->buffer_dmat, req->dmap, op); 1811 } 1812 1813 /* 1814 * Okay, fill in what we can at the end of the command frame. 1815 * If we have up to MPT_NSGL_FIRST, we can fit them all into 1816 * the command frame. 1817 * 1818 * Otherwise, we fill up through MPT_NSGL_FIRST less one 1819 * SIMPLE32 pointers and start doing CHAIN32 entries after 1820 * that. 1821 */ 1822 1823 if (nseg < MPT_NSGL_FIRST(mpt)) { 1824 first_lim = nseg; 1825 } else { 1826 /* 1827 * Leave room for CHAIN element 1828 */ 1829 first_lim = MPT_NSGL_FIRST(mpt) - 1; 1830 } 1831 1832 se = (SGE_SIMPLE32 *) sglp; 1833 for (seg = 0; seg < first_lim; seg++, se++, dm_segs++) { 1834 uint32_t tf; 1835 1836 memset(se, 0,sizeof (*se)); 1837 se->Address = htole32(dm_segs->ds_addr); 1838 1839 MPI_pSGE_SET_LENGTH(se, dm_segs->ds_len); 1840 tf = flags; 1841 if (seg == first_lim - 1) { 1842 tf |= MPI_SGE_FLAGS_LAST_ELEMENT; 1843 } 1844 if (seg == nseg - 1) { 1845 tf |= MPI_SGE_FLAGS_END_OF_LIST | 1846 MPI_SGE_FLAGS_END_OF_BUFFER; 1847 } 1848 MPI_pSGE_SET_FLAGS(se, tf); 1849 se->FlagsLength = htole32(se->FlagsLength); 1850 } 1851 1852 if (seg == nseg) { 1853 goto out; 1854 } 1855 1856 /* 1857 * Tell the IOC where to find the first chain element. 1858 */ 1859 hdrp->ChainOffset = ((char *)se - (char *)hdrp) >> 2; 1860 nxt_off = MPT_RQSL(mpt); 1861 trq = req; 1862 1863 /* 1864 * Make up the rest of the data segments out of a chain element 1865 * (contained in the current request frame) which points to 1866 * SIMPLE32 elements in the next request frame, possibly ending 1867 * with *another* chain element (if there's more). 1868 */ 1869 while (seg < nseg) { 1870 int this_seg_lim; 1871 uint32_t tf, cur_off; 1872 bus_addr_t chain_list_addr; 1873 1874 /* 1875 * Point to the chain descriptor. Note that the chain 1876 * descriptor is at the end of the *previous* list (whether 1877 * chain or simple). 1878 */ 1879 ce = (SGE_CHAIN32 *) se; 1880 1881 /* 1882 * Before we change our current pointer, make sure we won't 1883 * overflow the request area with this frame. Note that we 1884 * test against 'greater than' here as it's okay in this case 1885 * to have next offset be just outside the request area. 1886 */ 1887 if ((nxt_off + MPT_RQSL(mpt)) > MPT_REQUEST_AREA) { 1888 nxt_off = MPT_REQUEST_AREA; 1889 goto next_chain; 1890 } 1891 1892 /* 1893 * Set our SGE element pointer to the beginning of the chain 1894 * list and update our next chain list offset. 1895 */ 1896 se = (SGE_SIMPLE32 *) &mpt_off[nxt_off]; 1897 cur_off = nxt_off; 1898 nxt_off += MPT_RQSL(mpt); 1899 1900 /* 1901 * Now initialize the chain descriptor. 1902 */ 1903 memset(ce, 0, sizeof (*ce)); 1904 1905 /* 1906 * Get the physical address of the chain list. 1907 */ 1908 chain_list_addr = trq->req_pbuf; 1909 chain_list_addr += cur_off; 1910 1911 1912 1913 ce->Address = htole32(chain_list_addr); 1914 ce->Flags = MPI_SGE_FLAGS_CHAIN_ELEMENT; 1915 1916 1917 /* 1918 * If we have more than a frame's worth of segments left, 1919 * set up the chain list to have the last element be another 1920 * chain descriptor. 1921 */ 1922 if ((nseg - seg) > MPT_NSGL(mpt)) { 1923 this_seg_lim = seg + MPT_NSGL(mpt) - 1; 1924 /* 1925 * The length of the chain is the length in bytes of the 1926 * number of segments plus the next chain element. 1927 * 1928 * The next chain descriptor offset is the length, 1929 * in words, of the number of segments. 1930 */ 1931 ce->Length = (this_seg_lim - seg) * 1932 sizeof (SGE_SIMPLE32); 1933 ce->NextChainOffset = ce->Length >> 2; 1934 ce->Length += sizeof (SGE_CHAIN32); 1935 } else { 1936 this_seg_lim = nseg; 1937 ce->Length = (this_seg_lim - seg) * 1938 sizeof (SGE_SIMPLE32); 1939 } 1940 ce->Length = htole16(ce->Length); 1941 1942 /* 1943 * Fill in the chain list SGE elements with our segment data. 1944 * 1945 * If we're the last element in this chain list, set the last 1946 * element flag. If we're the completely last element period, 1947 * set the end of list and end of buffer flags. 1948 */ 1949 while (seg < this_seg_lim) { 1950 memset(se, 0, sizeof (*se)); 1951 se->Address = htole32(dm_segs->ds_addr); 1952 1953 MPI_pSGE_SET_LENGTH(se, dm_segs->ds_len); 1954 tf = flags; 1955 if (seg == this_seg_lim - 1) { 1956 tf |= MPI_SGE_FLAGS_LAST_ELEMENT; 1957 } 1958 if (seg == nseg - 1) { 1959 tf |= MPI_SGE_FLAGS_END_OF_LIST | 1960 MPI_SGE_FLAGS_END_OF_BUFFER; 1961 } 1962 MPI_pSGE_SET_FLAGS(se, tf); 1963 se->FlagsLength = htole32(se->FlagsLength); 1964 se++; 1965 seg++; 1966 dm_segs++; 1967 } 1968 1969 next_chain: 1970 /* 1971 * If we have more segments to do and we've used up all of 1972 * the space in a request area, go allocate another one 1973 * and chain to that. 1974 */ 1975 if (seg < nseg && nxt_off >= MPT_REQUEST_AREA) { 1976 request_t *nrq; 1977 1978 nrq = mpt_get_request(mpt, FALSE); 1979 1980 if (nrq == NULL) { 1981 error = ENOMEM; 1982 goto bad; 1983 } 1984 1985 /* 1986 * Append the new request area on the tail of our list. 1987 */ 1988 if ((trq = req->chain) == NULL) { 1989 req->chain = nrq; 1990 } else { 1991 while (trq->chain != NULL) { 1992 trq = trq->chain; 1993 } 1994 trq->chain = nrq; 1995 } 1996 trq = nrq; 1997 mpt_off = trq->req_vbuf; 1998 if (mpt->verbose >= MPT_PRT_DEBUG) { 1999 memset(mpt_off, 0xff, MPT_REQUEST_AREA); 2000 } 2001 nxt_off = 0; 2002 } 2003 } 2004out: 2005 2006 /* 2007 * Last time we need to check if this CCB needs to be aborted. 2008 */ 2009 if ((ccb->ccb_h.status & CAM_STATUS_MASK) != CAM_REQ_INPROG) { 2010 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) { 2011 request_t *cmd_req = 2012 MPT_TAG_2_REQ(mpt, ccb->csio.tag_id); 2013 MPT_TGT_STATE(mpt, cmd_req)->state = TGT_STATE_IN_CAM; 2014 MPT_TGT_STATE(mpt, cmd_req)->ccb = NULL; 2015 MPT_TGT_STATE(mpt, cmd_req)->req = NULL; 2016 } 2017 mpt_prt(mpt, 2018 "mpt_execute_req: I/O cancelled (status 0x%x)\n", 2019 ccb->ccb_h.status & CAM_STATUS_MASK); 2020 if (nseg) { 2021 bus_dmamap_unload(mpt->buffer_dmat, req->dmap); 2022 } 2023 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 2024 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d", __LINE__)); 2025 xpt_done(ccb); 2026 mpt_free_request(mpt, req); 2027 return; 2028 } 2029 2030 ccb->ccb_h.status |= CAM_SIM_QUEUED; 2031 if (ccb->ccb_h.timeout != CAM_TIME_INFINITY) { 2032 mpt_req_timeout(req, SBT_1MS * ccb->ccb_h.timeout, 2033 mpt_timeout, ccb); 2034 } 2035 if (mpt->verbose > MPT_PRT_DEBUG) { 2036 int nc = 0; 2037 mpt_print_request(req->req_vbuf); 2038 for (trq = req->chain; trq; trq = trq->chain) { 2039 printf(" Additional Chain Area %d\n", nc++); 2040 mpt_dump_sgl(trq->req_vbuf, 0); 2041 } 2042 } 2043 2044 if (hdrp->Function == MPI_FUNCTION_TARGET_ASSIST) { 2045 request_t *cmd_req = MPT_TAG_2_REQ(mpt, ccb->csio.tag_id); 2046 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, cmd_req); 2047#ifdef WE_TRUST_AUTO_GOOD_STATUS 2048 if ((ccb->ccb_h.flags & CAM_SEND_STATUS) && 2049 csio->scsi_status == SCSI_STATUS_OK && tgt->resid == 0) { 2050 tgt->state = TGT_STATE_MOVING_DATA_AND_STATUS; 2051 } else { 2052 tgt->state = TGT_STATE_MOVING_DATA; 2053 } 2054#else 2055 tgt->state = TGT_STATE_MOVING_DATA; 2056#endif 2057 } 2058 mpt_send_cmd(mpt, req); 2059} 2060 2061static void 2062mpt_start(struct cam_sim *sim, union ccb *ccb) 2063{ 2064 request_t *req; 2065 struct mpt_softc *mpt; 2066 MSG_SCSI_IO_REQUEST *mpt_req; 2067 struct ccb_scsiio *csio = &ccb->csio; 2068 struct ccb_hdr *ccbh = &ccb->ccb_h; 2069 bus_dmamap_callback_t *cb; 2070 target_id_t tgt; 2071 int raid_passthru; 2072 int error; 2073 2074 /* Get the pointer for the physical addapter */ 2075 mpt = ccb->ccb_h.ccb_mpt_ptr; 2076 raid_passthru = (sim == mpt->phydisk_sim); 2077 2078 if ((req = mpt_get_request(mpt, FALSE)) == NULL) { 2079 if (mpt->outofbeer == 0) { 2080 mpt->outofbeer = 1; 2081 xpt_freeze_simq(mpt->sim, 1); 2082 mpt_lprt(mpt, MPT_PRT_DEBUG, "FREEZEQ\n"); 2083 } 2084 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 2085 mpt_set_ccb_status(ccb, CAM_REQUEUE_REQ); 2086 xpt_done(ccb); 2087 return; 2088 } 2089#ifdef INVARIANTS 2090 mpt_req_not_spcl(mpt, req, "mpt_start", __LINE__); 2091#endif 2092 2093 if (sizeof (bus_addr_t) > 4) { 2094 cb = mpt_execute_req_a64; 2095 } else { 2096 cb = mpt_execute_req; 2097 } 2098 2099 /* 2100 * Link the ccb and the request structure so we can find 2101 * the other knowing either the request or the ccb 2102 */ 2103 req->ccb = ccb; 2104 ccb->ccb_h.ccb_req_ptr = req; 2105 2106 /* Now we build the command for the IOC */ 2107 mpt_req = req->req_vbuf; 2108 memset(mpt_req, 0, sizeof (MSG_SCSI_IO_REQUEST)); 2109 2110 mpt_req->Function = MPI_FUNCTION_SCSI_IO_REQUEST; 2111 if (raid_passthru) { 2112 mpt_req->Function = MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH; 2113 if (mpt_map_physdisk(mpt, ccb, &tgt) != 0) { 2114 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 2115 mpt_set_ccb_status(ccb, CAM_DEV_NOT_THERE); 2116 xpt_done(ccb); 2117 return; 2118 } 2119 mpt_req->Bus = 0; /* we never set bus here */ 2120 } else { 2121 tgt = ccb->ccb_h.target_id; 2122 mpt_req->Bus = 0; /* XXX */ 2123 2124 } 2125 mpt_req->SenseBufferLength = 2126 (csio->sense_len < MPT_SENSE_SIZE) ? 2127 csio->sense_len : MPT_SENSE_SIZE; 2128 2129 /* 2130 * We use the message context to find the request structure when we 2131 * Get the command completion interrupt from the IOC. 2132 */ 2133 mpt_req->MsgContext = htole32(req->index | scsi_io_handler_id); 2134 2135 /* Which physical device to do the I/O on */ 2136 mpt_req->TargetID = tgt; 2137 2138 be64enc(mpt_req->LUN, CAM_EXTLUN_BYTE_SWIZZLE(ccb->ccb_h.target_lun)); 2139 2140 /* Set the direction of the transfer */ 2141 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) { 2142 mpt_req->Control = MPI_SCSIIO_CONTROL_READ; 2143 } else if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_OUT) { 2144 mpt_req->Control = MPI_SCSIIO_CONTROL_WRITE; 2145 } else { 2146 mpt_req->Control = MPI_SCSIIO_CONTROL_NODATATRANSFER; 2147 } 2148 2149 if ((ccb->ccb_h.flags & CAM_TAG_ACTION_VALID) != 0) { 2150 switch(ccb->csio.tag_action) { 2151 case MSG_HEAD_OF_Q_TAG: 2152 mpt_req->Control |= MPI_SCSIIO_CONTROL_HEADOFQ; 2153 break; 2154 case MSG_ACA_TASK: 2155 mpt_req->Control |= MPI_SCSIIO_CONTROL_ACAQ; 2156 break; 2157 case MSG_ORDERED_Q_TAG: 2158 mpt_req->Control |= MPI_SCSIIO_CONTROL_ORDEREDQ; 2159 break; 2160 case MSG_SIMPLE_Q_TAG: 2161 default: 2162 mpt_req->Control |= MPI_SCSIIO_CONTROL_SIMPLEQ; 2163 break; 2164 } 2165 } else { 2166 if (mpt->is_fc || mpt->is_sas) { 2167 mpt_req->Control |= MPI_SCSIIO_CONTROL_SIMPLEQ; 2168 } else { 2169 /* XXX No such thing for a target doing packetized. */ 2170 mpt_req->Control |= MPI_SCSIIO_CONTROL_UNTAGGED; 2171 } 2172 } 2173 2174 if (mpt->is_spi) { 2175 if (ccb->ccb_h.flags & CAM_DIS_DISCONNECT) { 2176 mpt_req->Control |= MPI_SCSIIO_CONTROL_NO_DISCONNECT; 2177 } 2178 } 2179 mpt_req->Control = htole32(mpt_req->Control); 2180 2181 /* Copy the scsi command block into place */ 2182 if ((ccb->ccb_h.flags & CAM_CDB_POINTER) != 0) { 2183 bcopy(csio->cdb_io.cdb_ptr, mpt_req->CDB, csio->cdb_len); 2184 } else { 2185 bcopy(csio->cdb_io.cdb_bytes, mpt_req->CDB, csio->cdb_len); 2186 } 2187 2188 mpt_req->CDBLength = csio->cdb_len; 2189 mpt_req->DataLength = htole32(csio->dxfer_len); 2190 mpt_req->SenseBufferLowAddr = htole32(req->sense_pbuf); 2191 2192 /* 2193 * Do a *short* print here if we're set to MPT_PRT_DEBUG 2194 */ 2195 if (mpt->verbose == MPT_PRT_DEBUG) { 2196 U32 df; 2197 mpt_prt(mpt, "mpt_start: %s op 0x%x ", 2198 (mpt_req->Function == MPI_FUNCTION_SCSI_IO_REQUEST)? 2199 "SCSI_IO_REQUEST" : "SCSI_IO_PASSTHRU", mpt_req->CDB[0]); 2200 df = mpt_req->Control & MPI_SCSIIO_CONTROL_DATADIRECTION_MASK; 2201 if (df != MPI_SCSIIO_CONTROL_NODATATRANSFER) { 2202 mpt_prtc(mpt, "(%s %u byte%s ", 2203 (df == MPI_SCSIIO_CONTROL_READ)? 2204 "read" : "write", csio->dxfer_len, 2205 (csio->dxfer_len == 1)? ")" : "s)"); 2206 } 2207 mpt_prtc(mpt, "tgt %u lun %jx req %p:%u\n", tgt, 2208 (uintmax_t)ccb->ccb_h.target_lun, req, req->serno); 2209 } 2210 2211 error = bus_dmamap_load_ccb(mpt->buffer_dmat, req->dmap, ccb, cb, 2212 req, 0); 2213 if (error == EINPROGRESS) { 2214 /* 2215 * So as to maintain ordering, freeze the controller queue 2216 * until our mapping is returned. 2217 */ 2218 xpt_freeze_simq(mpt->sim, 1); 2219 ccbh->status |= CAM_RELEASE_SIMQ; 2220 } 2221} 2222 2223static int 2224mpt_bus_reset(struct mpt_softc *mpt, target_id_t tgt, lun_id_t lun, 2225 int sleep_ok) 2226{ 2227 int error; 2228 uint16_t status; 2229 uint8_t response; 2230 2231 error = mpt_scsi_send_tmf(mpt, 2232 (tgt != CAM_TARGET_WILDCARD || lun != CAM_LUN_WILDCARD) ? 2233 MPI_SCSITASKMGMT_TASKTYPE_TARGET_RESET : 2234 MPI_SCSITASKMGMT_TASKTYPE_RESET_BUS, 2235 mpt->is_fc ? MPI_SCSITASKMGMT_MSGFLAGS_LIP_RESET_OPTION : 0, 2236 0, /* XXX How do I get the channel ID? */ 2237 tgt != CAM_TARGET_WILDCARD ? tgt : 0, 2238 lun != CAM_LUN_WILDCARD ? lun : 0, 2239 0, sleep_ok); 2240 2241 if (error != 0) { 2242 /* 2243 * mpt_scsi_send_tmf hard resets on failure, so no 2244 * need to do so here. 2245 */ 2246 mpt_prt(mpt, 2247 "mpt_bus_reset: mpt_scsi_send_tmf returned %d\n", error); 2248 return (EIO); 2249 } 2250 2251 /* Wait for bus reset to be processed by the IOC. */ 2252 error = mpt_wait_req(mpt, mpt->tmf_req, REQ_STATE_DONE, 2253 REQ_STATE_DONE, sleep_ok, 5000); 2254 2255 status = le16toh(mpt->tmf_req->IOCStatus); 2256 response = mpt->tmf_req->ResponseCode; 2257 mpt->tmf_req->state = REQ_STATE_FREE; 2258 2259 if (error) { 2260 mpt_prt(mpt, "mpt_bus_reset: Reset timed-out. " 2261 "Resetting controller.\n"); 2262 mpt_reset(mpt, TRUE); 2263 return (ETIMEDOUT); 2264 } 2265 2266 if ((status & MPI_IOCSTATUS_MASK) != MPI_IOCSTATUS_SUCCESS) { 2267 mpt_prt(mpt, "mpt_bus_reset: TMF IOC Status 0x%x. " 2268 "Resetting controller.\n", status); 2269 mpt_reset(mpt, TRUE); 2270 return (EIO); 2271 } 2272 2273 if (response != MPI_SCSITASKMGMT_RSP_TM_SUCCEEDED && 2274 response != MPI_SCSITASKMGMT_RSP_TM_COMPLETE) { 2275 mpt_prt(mpt, "mpt_bus_reset: TMF Response 0x%x. " 2276 "Resetting controller.\n", response); 2277 mpt_reset(mpt, TRUE); 2278 return (EIO); 2279 } 2280 return (0); 2281} 2282 2283static int 2284mpt_fc_reset_link(struct mpt_softc *mpt, int dowait) 2285{ 2286 int r = 0; 2287 request_t *req; 2288 PTR_MSG_FC_PRIMITIVE_SEND_REQUEST fc; 2289 2290 req = mpt_get_request(mpt, FALSE); 2291 if (req == NULL) { 2292 return (ENOMEM); 2293 } 2294 fc = req->req_vbuf; 2295 memset(fc, 0, sizeof(*fc)); 2296 fc->SendFlags = MPI_FC_PRIM_SEND_FLAGS_RESET_LINK; 2297 fc->Function = MPI_FUNCTION_FC_PRIMITIVE_SEND; 2298 fc->MsgContext = htole32(req->index | fc_els_handler_id); 2299 mpt_send_cmd(mpt, req); 2300 if (dowait) { 2301 r = mpt_wait_req(mpt, req, REQ_STATE_DONE, 2302 REQ_STATE_DONE, FALSE, 60 * 1000); 2303 if (r == 0) { 2304 mpt_free_request(mpt, req); 2305 } 2306 } 2307 return (r); 2308} 2309 2310static int 2311mpt_cam_event(struct mpt_softc *mpt, request_t *req, 2312 MSG_EVENT_NOTIFY_REPLY *msg) 2313{ 2314 uint32_t data0, data1; 2315 2316 data0 = le32toh(msg->Data[0]); 2317 data1 = le32toh(msg->Data[1]); 2318 switch(msg->Event & 0xFF) { 2319 case MPI_EVENT_UNIT_ATTENTION: 2320 mpt_prt(mpt, "UNIT ATTENTION: Bus: 0x%02x TargetID: 0x%02x\n", 2321 (data0 >> 8) & 0xff, data0 & 0xff); 2322 break; 2323 2324 case MPI_EVENT_IOC_BUS_RESET: 2325 /* We generated a bus reset */ 2326 mpt_prt(mpt, "IOC Generated Bus Reset Port: %d\n", 2327 (data0 >> 8) & 0xff); 2328 xpt_async(AC_BUS_RESET, mpt->path, NULL); 2329 break; 2330 2331 case MPI_EVENT_EXT_BUS_RESET: 2332 /* Someone else generated a bus reset */ 2333 mpt_prt(mpt, "External Bus Reset Detected\n"); 2334 /* 2335 * These replies don't return EventData like the MPI 2336 * spec says they do 2337 */ 2338 xpt_async(AC_BUS_RESET, mpt->path, NULL); 2339 break; 2340 2341 case MPI_EVENT_RESCAN: 2342 { 2343 union ccb *ccb; 2344 uint32_t pathid; 2345 /* 2346 * In general this means a device has been added to the loop. 2347 */ 2348 mpt_prt(mpt, "Rescan Port: %d\n", (data0 >> 8) & 0xff); 2349 if (mpt->ready == 0) { 2350 break; 2351 } 2352 if (mpt->phydisk_sim) { 2353 pathid = cam_sim_path(mpt->phydisk_sim); 2354 } else { 2355 pathid = cam_sim_path(mpt->sim); 2356 } 2357 /* 2358 * Allocate a CCB, create a wildcard path for this bus, 2359 * and schedule a rescan. 2360 */ 2361 ccb = xpt_alloc_ccb_nowait(); 2362 if (ccb == NULL) { 2363 mpt_prt(mpt, "unable to alloc CCB for rescan\n"); 2364 break; 2365 } 2366 2367 if (xpt_create_path(&ccb->ccb_h.path, NULL, pathid, 2368 CAM_TARGET_WILDCARD, CAM_LUN_WILDCARD) != CAM_REQ_CMP) { 2369 mpt_prt(mpt, "unable to create path for rescan\n"); 2370 xpt_free_ccb(ccb); 2371 break; 2372 } 2373 xpt_rescan(ccb); 2374 break; 2375 } 2376 2377 case MPI_EVENT_LINK_STATUS_CHANGE: 2378 mpt_prt(mpt, "Port %d: LinkState: %s\n", 2379 (data1 >> 8) & 0xff, 2380 ((data0 & 0xff) == 0)? "Failed" : "Active"); 2381 break; 2382 2383 case MPI_EVENT_LOOP_STATE_CHANGE: 2384 switch ((data0 >> 16) & 0xff) { 2385 case 0x01: 2386 mpt_prt(mpt, 2387 "Port 0x%x: FC LinkEvent: LIP(%02x,%02x) " 2388 "(Loop Initialization)\n", 2389 (data1 >> 8) & 0xff, 2390 (data0 >> 8) & 0xff, 2391 (data0 ) & 0xff); 2392 switch ((data0 >> 8) & 0xff) { 2393 case 0xF7: 2394 if ((data0 & 0xff) == 0xF7) { 2395 mpt_prt(mpt, "Device needs AL_PA\n"); 2396 } else { 2397 mpt_prt(mpt, "Device %02x doesn't like " 2398 "FC performance\n", 2399 data0 & 0xFF); 2400 } 2401 break; 2402 case 0xF8: 2403 if ((data0 & 0xff) == 0xF7) { 2404 mpt_prt(mpt, "Device had loop failure " 2405 "at its receiver prior to acquiring" 2406 " AL_PA\n"); 2407 } else { 2408 mpt_prt(mpt, "Device %02x detected loop" 2409 " failure at its receiver\n", 2410 data0 & 0xFF); 2411 } 2412 break; 2413 default: 2414 mpt_prt(mpt, "Device %02x requests that device " 2415 "%02x reset itself\n", 2416 data0 & 0xFF, 2417 (data0 >> 8) & 0xFF); 2418 break; 2419 } 2420 break; 2421 case 0x02: 2422 mpt_prt(mpt, "Port 0x%x: FC LinkEvent: " 2423 "LPE(%02x,%02x) (Loop Port Enable)\n", 2424 (data1 >> 8) & 0xff, /* Port */ 2425 (data0 >> 8) & 0xff, /* Character 3 */ 2426 (data0 ) & 0xff /* Character 4 */); 2427 break; 2428 case 0x03: 2429 mpt_prt(mpt, "Port 0x%x: FC LinkEvent: " 2430 "LPB(%02x,%02x) (Loop Port Bypass)\n", 2431 (data1 >> 8) & 0xff, /* Port */ 2432 (data0 >> 8) & 0xff, /* Character 3 */ 2433 (data0 ) & 0xff /* Character 4 */); 2434 break; 2435 default: 2436 mpt_prt(mpt, "Port 0x%x: FC LinkEvent: Unknown " 2437 "FC event (%02x %02x %02x)\n", 2438 (data1 >> 8) & 0xff, /* Port */ 2439 (data0 >> 16) & 0xff, /* Event */ 2440 (data0 >> 8) & 0xff, /* Character 3 */ 2441 (data0 ) & 0xff /* Character 4 */); 2442 } 2443 break; 2444 2445 case MPI_EVENT_LOGOUT: 2446 mpt_prt(mpt, "FC Logout Port: %d N_PortID: %02x\n", 2447 (data1 >> 8) & 0xff, data0); 2448 break; 2449 case MPI_EVENT_QUEUE_FULL: 2450 { 2451 struct cam_sim *sim; 2452 struct cam_path *tmppath; 2453 struct ccb_relsim crs; 2454 PTR_EVENT_DATA_QUEUE_FULL pqf; 2455 lun_id_t lun_id; 2456 2457 pqf = (PTR_EVENT_DATA_QUEUE_FULL)msg->Data; 2458 pqf->CurrentDepth = le16toh(pqf->CurrentDepth); 2459 if (bootverbose) { 2460 mpt_prt(mpt, "QUEUE FULL EVENT: Bus 0x%02x Target 0x%02x " 2461 "Depth %d\n", 2462 pqf->Bus, pqf->TargetID, pqf->CurrentDepth); 2463 } 2464 if (mpt->phydisk_sim && mpt_is_raid_member(mpt, 2465 pqf->TargetID) != 0) { 2466 sim = mpt->phydisk_sim; 2467 } else { 2468 sim = mpt->sim; 2469 } 2470 for (lun_id = 0; lun_id < MPT_MAX_LUNS; lun_id++) { 2471 if (xpt_create_path(&tmppath, NULL, cam_sim_path(sim), 2472 pqf->TargetID, lun_id) != CAM_REQ_CMP) { 2473 mpt_prt(mpt, "unable to create a path to send " 2474 "XPT_REL_SIMQ"); 2475 break; 2476 } 2477 xpt_setup_ccb(&crs.ccb_h, tmppath, 5); 2478 crs.ccb_h.func_code = XPT_REL_SIMQ; 2479 crs.ccb_h.flags = CAM_DEV_QFREEZE; 2480 crs.release_flags = RELSIM_ADJUST_OPENINGS; 2481 crs.openings = pqf->CurrentDepth - 1; 2482 xpt_action((union ccb *)&crs); 2483 if (crs.ccb_h.status != CAM_REQ_CMP) { 2484 mpt_prt(mpt, "XPT_REL_SIMQ failed\n"); 2485 } 2486 xpt_free_path(tmppath); 2487 } 2488 break; 2489 } 2490 case MPI_EVENT_IR_RESYNC_UPDATE: 2491 mpt_prt(mpt, "IR resync update %d completed\n", 2492 (data0 >> 16) & 0xff); 2493 break; 2494 case MPI_EVENT_SAS_DEVICE_STATUS_CHANGE: 2495 { 2496 union ccb *ccb; 2497 struct cam_sim *sim; 2498 struct cam_path *tmppath; 2499 PTR_EVENT_DATA_SAS_DEVICE_STATUS_CHANGE psdsc; 2500 2501 psdsc = (PTR_EVENT_DATA_SAS_DEVICE_STATUS_CHANGE)msg->Data; 2502 if (mpt->phydisk_sim && mpt_is_raid_member(mpt, 2503 psdsc->TargetID) != 0) 2504 sim = mpt->phydisk_sim; 2505 else 2506 sim = mpt->sim; 2507 switch(psdsc->ReasonCode) { 2508 case MPI_EVENT_SAS_DEV_STAT_RC_ADDED: 2509 ccb = xpt_alloc_ccb_nowait(); 2510 if (ccb == NULL) { 2511 mpt_prt(mpt, 2512 "unable to alloc CCB for rescan\n"); 2513 break; 2514 } 2515 if (xpt_create_path(&ccb->ccb_h.path, NULL, 2516 cam_sim_path(sim), psdsc->TargetID, 2517 CAM_LUN_WILDCARD) != CAM_REQ_CMP) { 2518 mpt_prt(mpt, 2519 "unable to create path for rescan\n"); 2520 xpt_free_ccb(ccb); 2521 break; 2522 } 2523 xpt_rescan(ccb); 2524 break; 2525 case MPI_EVENT_SAS_DEV_STAT_RC_NOT_RESPONDING: 2526 if (xpt_create_path(&tmppath, NULL, cam_sim_path(sim), 2527 psdsc->TargetID, CAM_LUN_WILDCARD) != 2528 CAM_REQ_CMP) { 2529 mpt_prt(mpt, 2530 "unable to create path for async event"); 2531 break; 2532 } 2533 xpt_async(AC_LOST_DEVICE, tmppath, NULL); 2534 xpt_free_path(tmppath); 2535 break; 2536 case MPI_EVENT_SAS_DEV_STAT_RC_CMPL_INTERNAL_DEV_RESET: 2537 case MPI_EVENT_SAS_DEV_STAT_RC_CMPL_TASK_ABORT_INTERNAL: 2538 case MPI_EVENT_SAS_DEV_STAT_RC_INTERNAL_DEVICE_RESET: 2539 break; 2540 default: 2541 mpt_lprt(mpt, MPT_PRT_WARN, 2542 "SAS device status change: Bus: 0x%02x TargetID: " 2543 "0x%02x ReasonCode: 0x%02x\n", psdsc->Bus, 2544 psdsc->TargetID, psdsc->ReasonCode); 2545 break; 2546 } 2547 break; 2548 } 2549 case MPI_EVENT_SAS_DISCOVERY_ERROR: 2550 { 2551 PTR_EVENT_DATA_DISCOVERY_ERROR pde; 2552 2553 pde = (PTR_EVENT_DATA_DISCOVERY_ERROR)msg->Data; 2554 pde->DiscoveryStatus = le32toh(pde->DiscoveryStatus); 2555 mpt_lprt(mpt, MPT_PRT_WARN, 2556 "SAS discovery error: Port: 0x%02x Status: 0x%08x\n", 2557 pde->Port, pde->DiscoveryStatus); 2558 break; 2559 } 2560 case MPI_EVENT_EVENT_CHANGE: 2561 case MPI_EVENT_INTEGRATED_RAID: 2562 case MPI_EVENT_IR2: 2563 case MPI_EVENT_LOG_ENTRY_ADDED: 2564 case MPI_EVENT_SAS_DISCOVERY: 2565 case MPI_EVENT_SAS_PHY_LINK_STATUS: 2566 case MPI_EVENT_SAS_SES: 2567 break; 2568 default: 2569 mpt_lprt(mpt, MPT_PRT_WARN, "mpt_cam_event: 0x%x\n", 2570 msg->Event & 0xFF); 2571 return (0); 2572 } 2573 return (1); 2574} 2575 2576/* 2577 * Reply path for all SCSI I/O requests, called from our 2578 * interrupt handler by extracting our handler index from 2579 * the MsgContext field of the reply from the IOC. 2580 * 2581 * This routine is optimized for the common case of a 2582 * completion without error. All exception handling is 2583 * offloaded to non-inlined helper routines to minimize 2584 * cache footprint. 2585 */ 2586static int 2587mpt_scsi_reply_handler(struct mpt_softc *mpt, request_t *req, 2588 uint32_t reply_desc, MSG_DEFAULT_REPLY *reply_frame) 2589{ 2590 MSG_SCSI_IO_REQUEST *scsi_req; 2591 union ccb *ccb; 2592 2593 if (req->state == REQ_STATE_FREE) { 2594 mpt_prt(mpt, "mpt_scsi_reply_handler: req already free\n"); 2595 return (TRUE); 2596 } 2597 2598 scsi_req = (MSG_SCSI_IO_REQUEST *)req->req_vbuf; 2599 ccb = req->ccb; 2600 if (ccb == NULL) { 2601 mpt_prt(mpt, "mpt_scsi_reply_handler: req %p:%u with no ccb\n", 2602 req, req->serno); 2603 return (TRUE); 2604 } 2605 2606 mpt_req_untimeout(req, mpt_timeout, ccb); 2607 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 2608 2609 if ((ccb->ccb_h.flags & CAM_DIR_MASK) != CAM_DIR_NONE) { 2610 bus_dmasync_op_t op; 2611 2612 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) 2613 op = BUS_DMASYNC_POSTREAD; 2614 else 2615 op = BUS_DMASYNC_POSTWRITE; 2616 bus_dmamap_sync(mpt->buffer_dmat, req->dmap, op); 2617 bus_dmamap_unload(mpt->buffer_dmat, req->dmap); 2618 } 2619 2620 if (reply_frame == NULL) { 2621 /* 2622 * Context only reply, completion without error status. 2623 */ 2624 ccb->csio.resid = 0; 2625 mpt_set_ccb_status(ccb, CAM_REQ_CMP); 2626 ccb->csio.scsi_status = SCSI_STATUS_OK; 2627 } else { 2628 mpt_scsi_reply_frame_handler(mpt, req, reply_frame); 2629 } 2630 2631 if (mpt->outofbeer) { 2632 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 2633 mpt->outofbeer = 0; 2634 mpt_lprt(mpt, MPT_PRT_DEBUG, "THAWQ\n"); 2635 } 2636 if (scsi_req->CDB[0] == INQUIRY && (scsi_req->CDB[1] & SI_EVPD) == 0) { 2637 struct scsi_inquiry_data *iq = 2638 (struct scsi_inquiry_data *)ccb->csio.data_ptr; 2639 if (scsi_req->Function == 2640 MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH) { 2641 /* 2642 * Fake out the device type so that only the 2643 * pass-thru device will attach. 2644 */ 2645 iq->device &= ~0x1F; 2646 iq->device |= T_NODEVICE; 2647 } 2648 } 2649 if (mpt->verbose == MPT_PRT_DEBUG) { 2650 mpt_prt(mpt, "mpt_scsi_reply_handler: %p:%u complete\n", 2651 req, req->serno); 2652 } 2653 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d", __LINE__)); 2654 xpt_done(ccb); 2655 if ((req->state & REQ_STATE_TIMEDOUT) == 0) { 2656 TAILQ_REMOVE(&mpt->request_pending_list, req, links); 2657 } else { 2658 mpt_prt(mpt, "completing timedout/aborted req %p:%u\n", 2659 req, req->serno); 2660 TAILQ_REMOVE(&mpt->request_timeout_list, req, links); 2661 } 2662 KASSERT((req->state & REQ_STATE_NEED_WAKEUP) == 0, 2663 ("CCB req needed wakeup")); 2664#ifdef INVARIANTS 2665 mpt_req_not_spcl(mpt, req, "mpt_scsi_reply_handler", __LINE__); 2666#endif 2667 mpt_free_request(mpt, req); 2668 return (TRUE); 2669} 2670 2671static int 2672mpt_scsi_tmf_reply_handler(struct mpt_softc *mpt, request_t *req, 2673 uint32_t reply_desc, MSG_DEFAULT_REPLY *reply_frame) 2674{ 2675 MSG_SCSI_TASK_MGMT_REPLY *tmf_reply; 2676 2677 KASSERT(req == mpt->tmf_req, ("TMF Reply not using mpt->tmf_req")); 2678#ifdef INVARIANTS 2679 mpt_req_not_spcl(mpt, req, "mpt_scsi_tmf_reply_handler", __LINE__); 2680#endif 2681 tmf_reply = (MSG_SCSI_TASK_MGMT_REPLY *)reply_frame; 2682 /* Record IOC Status and Response Code of TMF for any waiters. */ 2683 req->IOCStatus = le16toh(tmf_reply->IOCStatus); 2684 req->ResponseCode = tmf_reply->ResponseCode; 2685 2686 mpt_lprt(mpt, MPT_PRT_DEBUG, "TMF complete: req %p:%u status 0x%x\n", 2687 req, req->serno, le16toh(tmf_reply->IOCStatus)); 2688 TAILQ_REMOVE(&mpt->request_pending_list, req, links); 2689 if ((req->state & REQ_STATE_NEED_WAKEUP) != 0) { 2690 req->state |= REQ_STATE_DONE; 2691 wakeup(req); 2692 } else { 2693 mpt->tmf_req->state = REQ_STATE_FREE; 2694 } 2695 return (TRUE); 2696} 2697 2698/* 2699 * XXX: Move to definitions file 2700 */ 2701#define ELS 0x22 2702#define FC4LS 0x32 2703#define ABTS 0x81 2704#define BA_ACC 0x84 2705 2706#define LS_RJT 0x01 2707#define LS_ACC 0x02 2708#define PLOGI 0x03 2709#define LOGO 0x05 2710#define SRR 0x14 2711#define PRLI 0x20 2712#define PRLO 0x21 2713#define ADISC 0x52 2714#define RSCN 0x61 2715 2716static void 2717mpt_fc_els_send_response(struct mpt_softc *mpt, request_t *req, 2718 PTR_MSG_LINK_SERVICE_BUFFER_POST_REPLY rp, U8 length) 2719{ 2720 uint32_t fl; 2721 MSG_LINK_SERVICE_RSP_REQUEST tmp; 2722 PTR_MSG_LINK_SERVICE_RSP_REQUEST rsp; 2723 2724 /* 2725 * We are going to reuse the ELS request to send this response back. 2726 */ 2727 rsp = &tmp; 2728 memset(rsp, 0, sizeof(*rsp)); 2729 2730#ifdef USE_IMMEDIATE_LINK_DATA 2731 /* 2732 * Apparently the IMMEDIATE stuff doesn't seem to work. 2733 */ 2734 rsp->RspFlags = LINK_SERVICE_RSP_FLAGS_IMMEDIATE; 2735#endif 2736 rsp->RspLength = length; 2737 rsp->Function = MPI_FUNCTION_FC_LINK_SRVC_RSP; 2738 rsp->MsgContext = htole32(req->index | fc_els_handler_id); 2739 2740 /* 2741 * Copy over information from the original reply frame to 2742 * it's correct place in the response. 2743 */ 2744 memcpy((U8 *)rsp + 0x0c, (U8 *)rp + 0x1c, 24); 2745 2746 /* 2747 * And now copy back the temporary area to the original frame. 2748 */ 2749 memcpy(req->req_vbuf, rsp, sizeof (MSG_LINK_SERVICE_RSP_REQUEST)); 2750 rsp = req->req_vbuf; 2751 2752#ifdef USE_IMMEDIATE_LINK_DATA 2753 memcpy((U8 *)&rsp->SGL, &((U8 *)req->req_vbuf)[MPT_RQSL(mpt)], length); 2754#else 2755{ 2756 PTR_SGE_SIMPLE32 se = (PTR_SGE_SIMPLE32) &rsp->SGL; 2757 bus_addr_t paddr = req->req_pbuf; 2758 paddr += MPT_RQSL(mpt); 2759 2760 fl = 2761 MPI_SGE_FLAGS_HOST_TO_IOC | 2762 MPI_SGE_FLAGS_SIMPLE_ELEMENT | 2763 MPI_SGE_FLAGS_LAST_ELEMENT | 2764 MPI_SGE_FLAGS_END_OF_LIST | 2765 MPI_SGE_FLAGS_END_OF_BUFFER; 2766 fl <<= MPI_SGE_FLAGS_SHIFT; 2767 fl |= (length); 2768 se->FlagsLength = htole32(fl); 2769 se->Address = htole32((uint32_t) paddr); 2770} 2771#endif 2772 2773 /* 2774 * Send it on... 2775 */ 2776 mpt_send_cmd(mpt, req); 2777} 2778 2779static int 2780mpt_fc_els_reply_handler(struct mpt_softc *mpt, request_t *req, 2781 uint32_t reply_desc, MSG_DEFAULT_REPLY *reply_frame) 2782{ 2783 PTR_MSG_LINK_SERVICE_BUFFER_POST_REPLY rp = 2784 (PTR_MSG_LINK_SERVICE_BUFFER_POST_REPLY) reply_frame; 2785 U8 rctl; 2786 U8 type; 2787 U8 cmd; 2788 U16 status = le16toh(reply_frame->IOCStatus); 2789 U32 *elsbuf; 2790 int ioindex; 2791 int do_refresh = TRUE; 2792 2793#ifdef INVARIANTS 2794 KASSERT(mpt_req_on_free_list(mpt, req) == 0, 2795 ("fc_els_reply_handler: req %p:%u for function %x on freelist!", 2796 req, req->serno, rp->Function)); 2797 if (rp->Function != MPI_FUNCTION_FC_PRIMITIVE_SEND) { 2798 mpt_req_spcl(mpt, req, "fc_els_reply_handler", __LINE__); 2799 } else { 2800 mpt_req_not_spcl(mpt, req, "fc_els_reply_handler", __LINE__); 2801 } 2802#endif 2803 mpt_lprt(mpt, MPT_PRT_DEBUG, 2804 "FC_ELS Complete: req %p:%u, reply %p function %x\n", 2805 req, req->serno, reply_frame, reply_frame->Function); 2806 2807 if (status != MPI_IOCSTATUS_SUCCESS) { 2808 mpt_prt(mpt, "ELS REPLY STATUS 0x%x for Function %x\n", 2809 status, reply_frame->Function); 2810 if (status == MPI_IOCSTATUS_INVALID_STATE) { 2811 /* 2812 * XXX: to get around shutdown issue 2813 */ 2814 mpt->disabled = 1; 2815 return (TRUE); 2816 } 2817 return (TRUE); 2818 } 2819 2820 /* 2821 * If the function of a link service response, we recycle the 2822 * response to be a refresh for a new link service request. 2823 * 2824 * The request pointer is bogus in this case and we have to fetch 2825 * it based upon the TransactionContext. 2826 */ 2827 if (rp->Function == MPI_FUNCTION_FC_LINK_SRVC_RSP) { 2828 /* Freddie Uncle Charlie Katie */ 2829 /* We don't get the IOINDEX as part of the Link Svc Rsp */ 2830 for (ioindex = 0; ioindex < mpt->els_cmds_allocated; ioindex++) 2831 if (mpt->els_cmd_ptrs[ioindex] == req) { 2832 break; 2833 } 2834 2835 KASSERT(ioindex < mpt->els_cmds_allocated, 2836 ("can't find my mommie!")); 2837 2838 /* remove from active list as we're going to re-post it */ 2839 TAILQ_REMOVE(&mpt->request_pending_list, req, links); 2840 req->state &= ~REQ_STATE_QUEUED; 2841 req->state |= REQ_STATE_DONE; 2842 mpt_fc_post_els(mpt, req, ioindex); 2843 return (TRUE); 2844 } 2845 2846 if (rp->Function == MPI_FUNCTION_FC_PRIMITIVE_SEND) { 2847 /* remove from active list as we're done */ 2848 TAILQ_REMOVE(&mpt->request_pending_list, req, links); 2849 req->state &= ~REQ_STATE_QUEUED; 2850 req->state |= REQ_STATE_DONE; 2851 if (req->state & REQ_STATE_TIMEDOUT) { 2852 mpt_lprt(mpt, MPT_PRT_DEBUG, 2853 "Sync Primitive Send Completed After Timeout\n"); 2854 mpt_free_request(mpt, req); 2855 } else if ((req->state & REQ_STATE_NEED_WAKEUP) == 0) { 2856 mpt_lprt(mpt, MPT_PRT_DEBUG, 2857 "Async Primitive Send Complete\n"); 2858 mpt_free_request(mpt, req); 2859 } else { 2860 mpt_lprt(mpt, MPT_PRT_DEBUG, 2861 "Sync Primitive Send Complete- Waking Waiter\n"); 2862 wakeup(req); 2863 } 2864 return (TRUE); 2865 } 2866 2867 if (rp->Function != MPI_FUNCTION_FC_LINK_SRVC_BUF_POST) { 2868 mpt_prt(mpt, "unexpected ELS_REPLY: Function 0x%x Flags %x " 2869 "Length %d Message Flags %x\n", rp->Function, rp->Flags, 2870 rp->MsgLength, rp->MsgFlags); 2871 return (TRUE); 2872 } 2873 2874 if (rp->MsgLength <= 5) { 2875 /* 2876 * This is just a ack of an original ELS buffer post 2877 */ 2878 mpt_lprt(mpt, MPT_PRT_DEBUG, 2879 "RECV'd ACK of FC_ELS buf post %p:%u\n", req, req->serno); 2880 return (TRUE); 2881 } 2882 2883 2884 rctl = (le32toh(rp->Rctl_Did) & MPI_FC_RCTL_MASK) >> MPI_FC_RCTL_SHIFT; 2885 type = (le32toh(rp->Type_Fctl) & MPI_FC_TYPE_MASK) >> MPI_FC_TYPE_SHIFT; 2886 2887 elsbuf = &((U32 *)req->req_vbuf)[MPT_RQSL(mpt)/sizeof (U32)]; 2888 cmd = be32toh(elsbuf[0]) >> 24; 2889 2890 if (rp->Flags & MPI_LS_BUF_POST_REPLY_FLAG_NO_RSP_NEEDED) { 2891 mpt_lprt(mpt, MPT_PRT_ALWAYS, "ELS_REPLY: response unneeded\n"); 2892 return (TRUE); 2893 } 2894 2895 ioindex = le32toh(rp->TransactionContext); 2896 req = mpt->els_cmd_ptrs[ioindex]; 2897 2898 if (rctl == ELS && type == 1) { 2899 switch (cmd) { 2900 case PRLI: 2901 /* 2902 * Send back a PRLI ACC 2903 */ 2904 mpt_prt(mpt, "PRLI from 0x%08x%08x\n", 2905 le32toh(rp->Wwn.PortNameHigh), 2906 le32toh(rp->Wwn.PortNameLow)); 2907 elsbuf[0] = htobe32(0x02100014); 2908 elsbuf[1] |= htobe32(0x00000100); 2909 elsbuf[4] = htobe32(0x00000002); 2910 if (mpt->role & MPT_ROLE_TARGET) 2911 elsbuf[4] |= htobe32(0x00000010); 2912 if (mpt->role & MPT_ROLE_INITIATOR) 2913 elsbuf[4] |= htobe32(0x00000020); 2914 /* remove from active list as we're done */ 2915 TAILQ_REMOVE(&mpt->request_pending_list, req, links); 2916 req->state &= ~REQ_STATE_QUEUED; 2917 req->state |= REQ_STATE_DONE; 2918 mpt_fc_els_send_response(mpt, req, rp, 20); 2919 do_refresh = FALSE; 2920 break; 2921 case PRLO: 2922 memset(elsbuf, 0, 5 * (sizeof (U32))); 2923 elsbuf[0] = htobe32(0x02100014); 2924 elsbuf[1] = htobe32(0x08000100); 2925 mpt_prt(mpt, "PRLO from 0x%08x%08x\n", 2926 le32toh(rp->Wwn.PortNameHigh), 2927 le32toh(rp->Wwn.PortNameLow)); 2928 /* remove from active list as we're done */ 2929 TAILQ_REMOVE(&mpt->request_pending_list, req, links); 2930 req->state &= ~REQ_STATE_QUEUED; 2931 req->state |= REQ_STATE_DONE; 2932 mpt_fc_els_send_response(mpt, req, rp, 20); 2933 do_refresh = FALSE; 2934 break; 2935 default: 2936 mpt_prt(mpt, "ELS TYPE 1 COMMAND: %x\n", cmd); 2937 break; 2938 } 2939 } else if (rctl == ABTS && type == 0) { 2940 uint16_t rx_id = le16toh(rp->Rxid); 2941 uint16_t ox_id = le16toh(rp->Oxid); 2942 mpt_tgt_state_t *tgt; 2943 request_t *tgt_req = NULL; 2944 union ccb *ccb; 2945 uint32_t ct_id; 2946 2947 mpt_prt(mpt, 2948 "ELS: ABTS OX_ID 0x%x RX_ID 0x%x from 0x%08x%08x\n", 2949 ox_id, rx_id, le32toh(rp->Wwn.PortNameHigh), 2950 le32toh(rp->Wwn.PortNameLow)); 2951 if (rx_id >= mpt->mpt_max_tgtcmds) { 2952 mpt_prt(mpt, "Bad RX_ID 0x%x\n", rx_id); 2953 } else if (mpt->tgt_cmd_ptrs == NULL) { 2954 mpt_prt(mpt, "No TGT CMD PTRS\n"); 2955 } else { 2956 tgt_req = mpt->tgt_cmd_ptrs[rx_id]; 2957 } 2958 if (tgt_req == NULL) { 2959 mpt_prt(mpt, "no back pointer for RX_ID 0x%x\n", rx_id); 2960 goto skip; 2961 } 2962 tgt = MPT_TGT_STATE(mpt, tgt_req); 2963 2964 /* Check to make sure we have the correct command. */ 2965 ct_id = GET_IO_INDEX(tgt->reply_desc); 2966 if (ct_id != rx_id) { 2967 mpt_lprt(mpt, MPT_PRT_ERROR, "ABORT Mismatch: " 2968 "RX_ID received=0x%x, in cmd=0x%x\n", rx_id, ct_id); 2969 goto skip; 2970 } 2971 if (tgt->itag != ox_id) { 2972 mpt_lprt(mpt, MPT_PRT_ERROR, "ABORT Mismatch: " 2973 "OX_ID received=0x%x, in cmd=0x%x\n", ox_id, tgt->itag); 2974 goto skip; 2975 } 2976 2977 if ((ccb = tgt->ccb) != NULL) { 2978 mpt_prt(mpt, "CCB (%p): lun %jx flags %x status %x\n", 2979 ccb, (uintmax_t)ccb->ccb_h.target_lun, 2980 ccb->ccb_h.flags, ccb->ccb_h.status); 2981 } 2982 mpt_prt(mpt, "target state 0x%x resid %u xfrd %u rpwrd " 2983 "%x nxfers %x\n", tgt->state, tgt->resid, 2984 tgt->bytes_xfered, tgt->reply_desc, tgt->nxfers); 2985 if (mpt_abort_target_cmd(mpt, tgt_req)) 2986 mpt_prt(mpt, "unable to start TargetAbort\n"); 2987 2988skip: 2989 memset(elsbuf, 0, 5 * (sizeof (U32))); 2990 elsbuf[0] = htobe32(0); 2991 elsbuf[1] = htobe32((ox_id << 16) | rx_id); 2992 elsbuf[2] = htobe32(0x000ffff); 2993 /* 2994 * Dork with the reply frame so that the response to it 2995 * will be correct. 2996 */ 2997 rp->Rctl_Did += ((BA_ACC - ABTS) << MPI_FC_RCTL_SHIFT); 2998 /* remove from active list as we're done */ 2999 TAILQ_REMOVE(&mpt->request_pending_list, req, links); 3000 req->state &= ~REQ_STATE_QUEUED; 3001 req->state |= REQ_STATE_DONE; 3002 mpt_fc_els_send_response(mpt, req, rp, 12); 3003 do_refresh = FALSE; 3004 } else { 3005 mpt_prt(mpt, "ELS: RCTL %x TYPE %x CMD %x\n", rctl, type, cmd); 3006 } 3007 if (do_refresh == TRUE) { 3008 /* remove from active list as we're done */ 3009 TAILQ_REMOVE(&mpt->request_pending_list, req, links); 3010 req->state &= ~REQ_STATE_QUEUED; 3011 req->state |= REQ_STATE_DONE; 3012 mpt_fc_post_els(mpt, req, ioindex); 3013 } 3014 return (TRUE); 3015} 3016 3017/* 3018 * Clean up all SCSI Initiator personality state in response 3019 * to a controller reset. 3020 */ 3021static void 3022mpt_cam_ioc_reset(struct mpt_softc *mpt, int type) 3023{ 3024 3025 /* 3026 * The pending list is already run down by 3027 * the generic handler. Perform the same 3028 * operation on the timed out request list. 3029 */ 3030 mpt_complete_request_chain(mpt, &mpt->request_timeout_list, 3031 MPI_IOCSTATUS_INVALID_STATE); 3032 3033 /* 3034 * XXX: We need to repost ELS and Target Command Buffers? 3035 */ 3036 3037 /* 3038 * Inform the XPT that a bus reset has occurred. 3039 */ 3040 xpt_async(AC_BUS_RESET, mpt->path, NULL); 3041} 3042 3043/* 3044 * Parse additional completion information in the reply 3045 * frame for SCSI I/O requests. 3046 */ 3047static int 3048mpt_scsi_reply_frame_handler(struct mpt_softc *mpt, request_t *req, 3049 MSG_DEFAULT_REPLY *reply_frame) 3050{ 3051 union ccb *ccb; 3052 MSG_SCSI_IO_REPLY *scsi_io_reply; 3053 u_int ioc_status; 3054 u_int sstate; 3055 3056 MPT_DUMP_REPLY_FRAME(mpt, reply_frame); 3057 KASSERT(reply_frame->Function == MPI_FUNCTION_SCSI_IO_REQUEST 3058 || reply_frame->Function == MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH, 3059 ("MPT SCSI I/O Handler called with incorrect reply type")); 3060 KASSERT((reply_frame->MsgFlags & MPI_MSGFLAGS_CONTINUATION_REPLY) == 0, 3061 ("MPT SCSI I/O Handler called with continuation reply")); 3062 3063 scsi_io_reply = (MSG_SCSI_IO_REPLY *)reply_frame; 3064 ioc_status = le16toh(scsi_io_reply->IOCStatus); 3065 ioc_status &= MPI_IOCSTATUS_MASK; 3066 sstate = scsi_io_reply->SCSIState; 3067 3068 ccb = req->ccb; 3069 ccb->csio.resid = 3070 ccb->csio.dxfer_len - le32toh(scsi_io_reply->TransferCount); 3071 3072 if ((sstate & MPI_SCSI_STATE_AUTOSENSE_VALID) != 0 3073 && (ccb->ccb_h.flags & (CAM_SENSE_PHYS | CAM_SENSE_PTR)) == 0) { 3074 uint32_t sense_returned; 3075 3076 ccb->ccb_h.status |= CAM_AUTOSNS_VALID; 3077 3078 sense_returned = le32toh(scsi_io_reply->SenseCount); 3079 if (sense_returned < ccb->csio.sense_len) 3080 ccb->csio.sense_resid = ccb->csio.sense_len - 3081 sense_returned; 3082 else 3083 ccb->csio.sense_resid = 0; 3084 3085 bzero(&ccb->csio.sense_data, sizeof(ccb->csio.sense_data)); 3086 bcopy(req->sense_vbuf, &ccb->csio.sense_data, 3087 min(ccb->csio.sense_len, sense_returned)); 3088 } 3089 3090 if ((sstate & MPI_SCSI_STATE_QUEUE_TAG_REJECTED) != 0) { 3091 /* 3092 * Tag messages rejected, but non-tagged retry 3093 * was successful. 3094XXXX 3095 mpt_set_tags(mpt, devinfo, MPT_QUEUE_NONE); 3096 */ 3097 } 3098 3099 switch(ioc_status) { 3100 case MPI_IOCSTATUS_SCSI_RESIDUAL_MISMATCH: 3101 /* 3102 * XXX 3103 * Linux driver indicates that a zero 3104 * transfer length with this error code 3105 * indicates a CRC error. 3106 * 3107 * No need to swap the bytes for checking 3108 * against zero. 3109 */ 3110 if (scsi_io_reply->TransferCount == 0) { 3111 mpt_set_ccb_status(ccb, CAM_UNCOR_PARITY); 3112 break; 3113 } 3114 /* FALLTHROUGH */ 3115 case MPI_IOCSTATUS_SCSI_DATA_UNDERRUN: 3116 case MPI_IOCSTATUS_SUCCESS: 3117 case MPI_IOCSTATUS_SCSI_RECOVERED_ERROR: 3118 if ((sstate & MPI_SCSI_STATE_NO_SCSI_STATUS) != 0) { 3119 /* 3120 * Status was never returned for this transaction. 3121 */ 3122 mpt_set_ccb_status(ccb, CAM_UNEXP_BUSFREE); 3123 } else if (scsi_io_reply->SCSIStatus != SCSI_STATUS_OK) { 3124 ccb->csio.scsi_status = scsi_io_reply->SCSIStatus; 3125 mpt_set_ccb_status(ccb, CAM_SCSI_STATUS_ERROR); 3126 if ((sstate & MPI_SCSI_STATE_AUTOSENSE_FAILED) != 0) 3127 mpt_set_ccb_status(ccb, CAM_AUTOSENSE_FAIL); 3128 } else if ((sstate & MPI_SCSI_STATE_RESPONSE_INFO_VALID) != 0) { 3129 3130 /* XXX Handle SPI-Packet and FCP-2 response info. */ 3131 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR); 3132 } else 3133 mpt_set_ccb_status(ccb, CAM_REQ_CMP); 3134 break; 3135 case MPI_IOCSTATUS_SCSI_DATA_OVERRUN: 3136 mpt_set_ccb_status(ccb, CAM_DATA_RUN_ERR); 3137 break; 3138 case MPI_IOCSTATUS_SCSI_IO_DATA_ERROR: 3139 mpt_set_ccb_status(ccb, CAM_UNCOR_PARITY); 3140 break; 3141 case MPI_IOCSTATUS_SCSI_DEVICE_NOT_THERE: 3142 /* 3143 * Since selection timeouts and "device really not 3144 * there" are grouped into this error code, report 3145 * selection timeout. Selection timeouts are 3146 * typically retried before giving up on the device 3147 * whereas "device not there" errors are considered 3148 * unretryable. 3149 */ 3150 mpt_set_ccb_status(ccb, CAM_SEL_TIMEOUT); 3151 break; 3152 case MPI_IOCSTATUS_SCSI_PROTOCOL_ERROR: 3153 mpt_set_ccb_status(ccb, CAM_SEQUENCE_FAIL); 3154 break; 3155 case MPI_IOCSTATUS_SCSI_INVALID_BUS: 3156 mpt_set_ccb_status(ccb, CAM_PATH_INVALID); 3157 break; 3158 case MPI_IOCSTATUS_SCSI_INVALID_TARGETID: 3159 mpt_set_ccb_status(ccb, CAM_TID_INVALID); 3160 break; 3161 case MPI_IOCSTATUS_SCSI_TASK_MGMT_FAILED: 3162 ccb->ccb_h.status = CAM_UA_TERMIO; 3163 break; 3164 case MPI_IOCSTATUS_INVALID_STATE: 3165 /* 3166 * The IOC has been reset. Emulate a bus reset. 3167 */ 3168 /* FALLTHROUGH */ 3169 case MPI_IOCSTATUS_SCSI_EXT_TERMINATED: 3170 ccb->ccb_h.status = CAM_SCSI_BUS_RESET; 3171 break; 3172 case MPI_IOCSTATUS_SCSI_TASK_TERMINATED: 3173 case MPI_IOCSTATUS_SCSI_IOC_TERMINATED: 3174 /* 3175 * Don't clobber any timeout status that has 3176 * already been set for this transaction. We 3177 * want the SCSI layer to be able to differentiate 3178 * between the command we aborted due to timeout 3179 * and any innocent bystanders. 3180 */ 3181 if ((ccb->ccb_h.status & CAM_STATUS_MASK) != CAM_REQ_INPROG) 3182 break; 3183 mpt_set_ccb_status(ccb, CAM_REQ_TERMIO); 3184 break; 3185 3186 case MPI_IOCSTATUS_INSUFFICIENT_RESOURCES: 3187 mpt_set_ccb_status(ccb, CAM_RESRC_UNAVAIL); 3188 break; 3189 case MPI_IOCSTATUS_BUSY: 3190 mpt_set_ccb_status(ccb, CAM_BUSY); 3191 break; 3192 case MPI_IOCSTATUS_INVALID_FUNCTION: 3193 case MPI_IOCSTATUS_INVALID_SGL: 3194 case MPI_IOCSTATUS_INTERNAL_ERROR: 3195 case MPI_IOCSTATUS_INVALID_FIELD: 3196 default: 3197 /* XXX 3198 * Some of the above may need to kick 3199 * of a recovery action!!!! 3200 */ 3201 ccb->ccb_h.status = CAM_UNREC_HBA_ERROR; 3202 break; 3203 } 3204 3205 if ((ccb->ccb_h.status & CAM_STATUS_MASK) != CAM_REQ_CMP) { 3206 mpt_freeze_ccb(ccb); 3207 } 3208 3209 return (TRUE); 3210} 3211 3212static void 3213mpt_action(struct cam_sim *sim, union ccb *ccb) 3214{ 3215 struct mpt_softc *mpt; 3216 struct ccb_trans_settings *cts; 3217 target_id_t tgt; 3218 lun_id_t lun; 3219 int raid_passthru; 3220 3221 CAM_DEBUG(ccb->ccb_h.path, CAM_DEBUG_TRACE, ("mpt_action\n")); 3222 3223 mpt = (struct mpt_softc *)cam_sim_softc(sim); 3224 raid_passthru = (sim == mpt->phydisk_sim); 3225 MPT_LOCK_ASSERT(mpt); 3226 3227 tgt = ccb->ccb_h.target_id; 3228 lun = ccb->ccb_h.target_lun; 3229 if (raid_passthru && 3230 ccb->ccb_h.func_code != XPT_PATH_INQ && 3231 ccb->ccb_h.func_code != XPT_RESET_BUS && 3232 ccb->ccb_h.func_code != XPT_RESET_DEV) { 3233 if (mpt_map_physdisk(mpt, ccb, &tgt) != 0) { 3234 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 3235 mpt_set_ccb_status(ccb, CAM_DEV_NOT_THERE); 3236 xpt_done(ccb); 3237 return; 3238 } 3239 } 3240 ccb->ccb_h.ccb_mpt_ptr = mpt; 3241 3242 switch (ccb->ccb_h.func_code) { 3243 case XPT_SCSI_IO: /* Execute the requested I/O operation */ 3244 /* 3245 * Do a couple of preliminary checks... 3246 */ 3247 if ((ccb->ccb_h.flags & CAM_CDB_POINTER) != 0) { 3248 if ((ccb->ccb_h.flags & CAM_CDB_PHYS) != 0) { 3249 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 3250 mpt_set_ccb_status(ccb, CAM_REQ_INVALID); 3251 break; 3252 } 3253 } 3254 /* Max supported CDB length is 16 bytes */ 3255 /* XXX Unless we implement the new 32byte message type */ 3256 if (ccb->csio.cdb_len > 3257 sizeof (((PTR_MSG_SCSI_IO_REQUEST)0)->CDB)) { 3258 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 3259 mpt_set_ccb_status(ccb, CAM_REQ_INVALID); 3260 break; 3261 } 3262#ifdef MPT_TEST_MULTIPATH 3263 if (mpt->failure_id == ccb->ccb_h.target_id) { 3264 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 3265 mpt_set_ccb_status(ccb, CAM_SEL_TIMEOUT); 3266 break; 3267 } 3268#endif 3269 ccb->csio.scsi_status = SCSI_STATUS_OK; 3270 mpt_start(sim, ccb); 3271 return; 3272 3273 case XPT_RESET_BUS: 3274 if (raid_passthru) { 3275 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 3276 mpt_set_ccb_status(ccb, CAM_REQ_CMP); 3277 break; 3278 } 3279 case XPT_RESET_DEV: 3280 if (ccb->ccb_h.func_code == XPT_RESET_BUS) { 3281 if (bootverbose) { 3282 xpt_print(ccb->ccb_h.path, "reset bus\n"); 3283 } 3284 } else { 3285 xpt_print(ccb->ccb_h.path, "reset device\n"); 3286 } 3287 (void) mpt_bus_reset(mpt, tgt, lun, FALSE); 3288 3289 /* 3290 * mpt_bus_reset is always successful in that it 3291 * will fall back to a hard reset should a bus 3292 * reset attempt fail. 3293 */ 3294 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 3295 mpt_set_ccb_status(ccb, CAM_REQ_CMP); 3296 break; 3297 3298 case XPT_ABORT: 3299 { 3300 union ccb *accb = ccb->cab.abort_ccb; 3301 switch (accb->ccb_h.func_code) { 3302 case XPT_ACCEPT_TARGET_IO: 3303 case XPT_IMMEDIATE_NOTIFY: 3304 ccb->ccb_h.status = mpt_abort_target_ccb(mpt, ccb); 3305 break; 3306 case XPT_CONT_TARGET_IO: 3307 mpt_prt(mpt, "cannot abort active CTIOs yet\n"); 3308 ccb->ccb_h.status = CAM_UA_ABORT; 3309 break; 3310 case XPT_SCSI_IO: 3311 ccb->ccb_h.status = CAM_UA_ABORT; 3312 break; 3313 default: 3314 ccb->ccb_h.status = CAM_REQ_INVALID; 3315 break; 3316 } 3317 break; 3318 } 3319 3320#define IS_CURRENT_SETTINGS(c) ((c)->type == CTS_TYPE_CURRENT_SETTINGS) 3321 3322#define DP_DISC_ENABLE 0x1 3323#define DP_DISC_DISABL 0x2 3324#define DP_DISC (DP_DISC_ENABLE|DP_DISC_DISABL) 3325 3326#define DP_TQING_ENABLE 0x4 3327#define DP_TQING_DISABL 0x8 3328#define DP_TQING (DP_TQING_ENABLE|DP_TQING_DISABL) 3329 3330#define DP_WIDE 0x10 3331#define DP_NARROW 0x20 3332#define DP_WIDTH (DP_WIDE|DP_NARROW) 3333 3334#define DP_SYNC 0x40 3335 3336 case XPT_SET_TRAN_SETTINGS: /* Nexus Settings */ 3337 { 3338 struct ccb_trans_settings_scsi *scsi; 3339 struct ccb_trans_settings_spi *spi; 3340 uint8_t dval; 3341 u_int period; 3342 u_int offset; 3343 int i, j; 3344 3345 cts = &ccb->cts; 3346 3347 if (mpt->is_fc || mpt->is_sas) { 3348 mpt_set_ccb_status(ccb, CAM_REQ_CMP); 3349 break; 3350 } 3351 3352 scsi = &cts->proto_specific.scsi; 3353 spi = &cts->xport_specific.spi; 3354 3355 /* 3356 * We can be called just to valid transport and proto versions 3357 */ 3358 if (scsi->valid == 0 && spi->valid == 0) { 3359 mpt_set_ccb_status(ccb, CAM_REQ_CMP); 3360 break; 3361 } 3362 3363 /* 3364 * Skip attempting settings on RAID volume disks. 3365 * Other devices on the bus get the normal treatment. 3366 */ 3367 if (mpt->phydisk_sim && raid_passthru == 0 && 3368 mpt_is_raid_volume(mpt, tgt) != 0) { 3369 mpt_lprt(mpt, MPT_PRT_NEGOTIATION, 3370 "no transfer settings for RAID vols\n"); 3371 mpt_set_ccb_status(ccb, CAM_REQ_CMP); 3372 break; 3373 } 3374 3375 i = mpt->mpt_port_page2.PortSettings & 3376 MPI_SCSIPORTPAGE2_PORT_MASK_NEGO_MASTER_SETTINGS; 3377 j = mpt->mpt_port_page2.PortFlags & 3378 MPI_SCSIPORTPAGE2_PORT_FLAGS_DV_MASK; 3379 if (i == MPI_SCSIPORTPAGE2_PORT_ALL_MASTER_SETTINGS && 3380 j == MPI_SCSIPORTPAGE2_PORT_FLAGS_OFF_DV) { 3381 mpt_lprt(mpt, MPT_PRT_ALWAYS, 3382 "honoring BIOS transfer negotiations\n"); 3383 mpt_set_ccb_status(ccb, CAM_REQ_CMP); 3384 break; 3385 } 3386 3387 dval = 0; 3388 period = 0; 3389 offset = 0; 3390 3391 if ((spi->valid & CTS_SPI_VALID_DISC) != 0) { 3392 dval |= ((spi->flags & CTS_SPI_FLAGS_DISC_ENB) != 0) ? 3393 DP_DISC_ENABLE : DP_DISC_DISABL; 3394 } 3395 3396 if ((scsi->valid & CTS_SCSI_VALID_TQ) != 0) { 3397 dval |= ((scsi->flags & CTS_SCSI_FLAGS_TAG_ENB) != 0) ? 3398 DP_TQING_ENABLE : DP_TQING_DISABL; 3399 } 3400 3401 if ((spi->valid & CTS_SPI_VALID_BUS_WIDTH) != 0) { 3402 dval |= (spi->bus_width == MSG_EXT_WDTR_BUS_16_BIT) ? 3403 DP_WIDE : DP_NARROW; 3404 } 3405 3406 if (spi->valid & CTS_SPI_VALID_SYNC_OFFSET) { 3407 dval |= DP_SYNC; 3408 offset = spi->sync_offset; 3409 } else { 3410 PTR_CONFIG_PAGE_SCSI_DEVICE_1 ptr = 3411 &mpt->mpt_dev_page1[tgt]; 3412 offset = ptr->RequestedParameters; 3413 offset &= MPI_SCSIDEVPAGE1_RP_MAX_SYNC_OFFSET_MASK; 3414 offset >>= MPI_SCSIDEVPAGE1_RP_SHIFT_MAX_SYNC_OFFSET; 3415 } 3416 if (spi->valid & CTS_SPI_VALID_SYNC_RATE) { 3417 dval |= DP_SYNC; 3418 period = spi->sync_period; 3419 } else { 3420 PTR_CONFIG_PAGE_SCSI_DEVICE_1 ptr = 3421 &mpt->mpt_dev_page1[tgt]; 3422 period = ptr->RequestedParameters; 3423 period &= MPI_SCSIDEVPAGE1_RP_MIN_SYNC_PERIOD_MASK; 3424 period >>= MPI_SCSIDEVPAGE1_RP_SHIFT_MIN_SYNC_PERIOD; 3425 } 3426 3427 if (dval & DP_DISC_ENABLE) { 3428 mpt->mpt_disc_enable |= (1 << tgt); 3429 } else if (dval & DP_DISC_DISABL) { 3430 mpt->mpt_disc_enable &= ~(1 << tgt); 3431 } 3432 if (dval & DP_TQING_ENABLE) { 3433 mpt->mpt_tag_enable |= (1 << tgt); 3434 } else if (dval & DP_TQING_DISABL) { 3435 mpt->mpt_tag_enable &= ~(1 << tgt); 3436 } 3437 if (dval & DP_WIDTH) { 3438 mpt_setwidth(mpt, tgt, 1); 3439 } 3440 if (dval & DP_SYNC) { 3441 mpt_setsync(mpt, tgt, period, offset); 3442 } 3443 if (dval == 0) { 3444 mpt_set_ccb_status(ccb, CAM_REQ_CMP); 3445 break; 3446 } 3447 mpt_lprt(mpt, MPT_PRT_NEGOTIATION, 3448 "set [%d]: 0x%x period 0x%x offset %d\n", 3449 tgt, dval, period, offset); 3450 if (mpt_update_spi_config(mpt, tgt)) { 3451 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR); 3452 } else { 3453 mpt_set_ccb_status(ccb, CAM_REQ_CMP); 3454 } 3455 break; 3456 } 3457 case XPT_GET_TRAN_SETTINGS: 3458 { 3459 struct ccb_trans_settings_scsi *scsi; 3460 cts = &ccb->cts; 3461 cts->protocol = PROTO_SCSI; 3462 if (mpt->is_fc) { 3463 struct ccb_trans_settings_fc *fc = 3464 &cts->xport_specific.fc; 3465 cts->protocol_version = SCSI_REV_SPC; 3466 cts->transport = XPORT_FC; 3467 cts->transport_version = 0; 3468 if (mpt->mpt_fcport_speed != 0) { 3469 fc->valid = CTS_FC_VALID_SPEED; 3470 fc->bitrate = 100000 * mpt->mpt_fcport_speed; 3471 } 3472 } else if (mpt->is_sas) { 3473 struct ccb_trans_settings_sas *sas = 3474 &cts->xport_specific.sas; 3475 cts->protocol_version = SCSI_REV_SPC2; 3476 cts->transport = XPORT_SAS; 3477 cts->transport_version = 0; 3478 sas->valid = CTS_SAS_VALID_SPEED; 3479 sas->bitrate = 300000; 3480 } else { 3481 cts->protocol_version = SCSI_REV_2; 3482 cts->transport = XPORT_SPI; 3483 cts->transport_version = 2; 3484 if (mpt_get_spi_settings(mpt, cts) != 0) { 3485 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR); 3486 break; 3487 } 3488 } 3489 scsi = &cts->proto_specific.scsi; 3490 scsi->valid = CTS_SCSI_VALID_TQ; 3491 scsi->flags = CTS_SCSI_FLAGS_TAG_ENB; 3492 mpt_set_ccb_status(ccb, CAM_REQ_CMP); 3493 break; 3494 } 3495 case XPT_CALC_GEOMETRY: 3496 { 3497 struct ccb_calc_geometry *ccg; 3498 3499 ccg = &ccb->ccg; 3500 if (ccg->block_size == 0) { 3501 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 3502 mpt_set_ccb_status(ccb, CAM_REQ_INVALID); 3503 break; 3504 } 3505 cam_calc_geometry(ccg, /* extended */ 1); 3506 KASSERT(ccb->ccb_h.status, ("zero ccb sts at %d", __LINE__)); 3507 break; 3508 } 3509 case XPT_GET_SIM_KNOB: 3510 { 3511 struct ccb_sim_knob *kp = &ccb->knob; 3512 3513 if (mpt->is_fc) { 3514 kp->xport_specific.fc.wwnn = mpt->scinfo.fc.wwnn; 3515 kp->xport_specific.fc.wwpn = mpt->scinfo.fc.wwpn; 3516 switch (mpt->role) { 3517 case MPT_ROLE_NONE: 3518 kp->xport_specific.fc.role = KNOB_ROLE_NONE; 3519 break; 3520 case MPT_ROLE_INITIATOR: 3521 kp->xport_specific.fc.role = KNOB_ROLE_INITIATOR; 3522 break; 3523 case MPT_ROLE_TARGET: 3524 kp->xport_specific.fc.role = KNOB_ROLE_TARGET; 3525 break; 3526 case MPT_ROLE_BOTH: 3527 kp->xport_specific.fc.role = KNOB_ROLE_BOTH; 3528 break; 3529 } 3530 kp->xport_specific.fc.valid = 3531 KNOB_VALID_ADDRESS | KNOB_VALID_ROLE; 3532 ccb->ccb_h.status = CAM_REQ_CMP; 3533 } else { 3534 ccb->ccb_h.status = CAM_REQ_INVALID; 3535 } 3536 xpt_done(ccb); 3537 break; 3538 } 3539 case XPT_PATH_INQ: /* Path routing inquiry */ 3540 { 3541 struct ccb_pathinq *cpi = &ccb->cpi; 3542 3543 cpi->version_num = 1; 3544 cpi->target_sprt = 0; 3545 cpi->hba_eng_cnt = 0; 3546 cpi->max_target = mpt->port_facts[0].MaxDevices - 1; 3547 cpi->maxio = (mpt->max_cam_seg_cnt - 1) * PAGE_SIZE; 3548 /* 3549 * FC cards report MAX_DEVICES of 512, but 3550 * the MSG_SCSI_IO_REQUEST target id field 3551 * is only 8 bits. Until we fix the driver 3552 * to support 'channels' for bus overflow, 3553 * just limit it. 3554 */ 3555 if (cpi->max_target > 255) { 3556 cpi->max_target = 255; 3557 } 3558 3559 /* 3560 * VMware ESX reports > 16 devices and then dies when we probe. 3561 */ 3562 if (mpt->is_spi && cpi->max_target > 15) { 3563 cpi->max_target = 15; 3564 } 3565 if (mpt->is_spi) 3566 cpi->max_lun = 7; 3567 else 3568 cpi->max_lun = MPT_MAX_LUNS; 3569 cpi->initiator_id = mpt->mpt_ini_id; 3570 cpi->bus_id = cam_sim_bus(sim); 3571 3572 /* 3573 * The base speed is the speed of the underlying connection. 3574 */ 3575 cpi->protocol = PROTO_SCSI; 3576 if (mpt->is_fc) { 3577 cpi->hba_misc = PIM_NOBUSRESET | PIM_UNMAPPED | 3578 PIM_EXTLUNS; 3579 cpi->base_transfer_speed = 100000; 3580 cpi->hba_inquiry = PI_TAG_ABLE; 3581 cpi->transport = XPORT_FC; 3582 cpi->transport_version = 0; 3583 cpi->protocol_version = SCSI_REV_SPC; 3584 cpi->xport_specific.fc.wwnn = mpt->scinfo.fc.wwnn; 3585 cpi->xport_specific.fc.wwpn = mpt->scinfo.fc.wwpn; 3586 cpi->xport_specific.fc.port = mpt->scinfo.fc.portid; 3587 cpi->xport_specific.fc.bitrate = 3588 100000 * mpt->mpt_fcport_speed; 3589 } else if (mpt->is_sas) { 3590 cpi->hba_misc = PIM_NOBUSRESET | PIM_UNMAPPED | 3591 PIM_EXTLUNS; 3592 cpi->base_transfer_speed = 300000; 3593 cpi->hba_inquiry = PI_TAG_ABLE; 3594 cpi->transport = XPORT_SAS; 3595 cpi->transport_version = 0; 3596 cpi->protocol_version = SCSI_REV_SPC2; 3597 } else { 3598 cpi->hba_misc = PIM_SEQSCAN | PIM_UNMAPPED | 3599 PIM_EXTLUNS; 3600 cpi->base_transfer_speed = 3300; 3601 cpi->hba_inquiry = PI_SDTR_ABLE|PI_TAG_ABLE|PI_WIDE_16; 3602 cpi->transport = XPORT_SPI; 3603 cpi->transport_version = 2; 3604 cpi->protocol_version = SCSI_REV_2; 3605 } 3606 3607 /* 3608 * We give our fake RAID passhtru bus a width that is MaxVolumes 3609 * wide and restrict it to one lun. 3610 */ 3611 if (raid_passthru) { 3612 cpi->max_target = mpt->ioc_page2->MaxPhysDisks - 1; 3613 cpi->initiator_id = cpi->max_target + 1; 3614 cpi->max_lun = 0; 3615 } 3616 3617 if ((mpt->role & MPT_ROLE_INITIATOR) == 0) { 3618 cpi->hba_misc |= PIM_NOINITIATOR; 3619 } 3620 if (mpt->is_fc && (mpt->role & MPT_ROLE_TARGET)) { 3621 cpi->target_sprt = 3622 PIT_PROCESSOR | PIT_DISCONNECT | PIT_TERM_IO; 3623 } else { 3624 cpi->target_sprt = 0; 3625 } 3626 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN); 3627 strlcpy(cpi->hba_vid, "LSI", HBA_IDLEN); 3628 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN); 3629 cpi->unit_number = cam_sim_unit(sim); 3630 cpi->ccb_h.status = CAM_REQ_CMP; 3631 break; 3632 } 3633 case XPT_EN_LUN: /* Enable LUN as a target */ 3634 { 3635 int result; 3636 3637 if (ccb->cel.enable) 3638 result = mpt_enable_lun(mpt, 3639 ccb->ccb_h.target_id, ccb->ccb_h.target_lun); 3640 else 3641 result = mpt_disable_lun(mpt, 3642 ccb->ccb_h.target_id, ccb->ccb_h.target_lun); 3643 if (result == 0) { 3644 mpt_set_ccb_status(ccb, CAM_REQ_CMP); 3645 } else { 3646 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR); 3647 } 3648 break; 3649 } 3650 case XPT_IMMEDIATE_NOTIFY: /* Add Immediate Notify Resource */ 3651 case XPT_ACCEPT_TARGET_IO: /* Add Accept Target IO Resource */ 3652 { 3653 tgt_resource_t *trtp; 3654 lun_id_t lun = ccb->ccb_h.target_lun; 3655 ccb->ccb_h.sim_priv.entries[0].field = 0; 3656 ccb->ccb_h.sim_priv.entries[1].ptr = mpt; 3657 3658 if (lun == CAM_LUN_WILDCARD) { 3659 if (ccb->ccb_h.target_id != CAM_TARGET_WILDCARD) { 3660 mpt_set_ccb_status(ccb, CAM_REQ_INVALID); 3661 break; 3662 } 3663 trtp = &mpt->trt_wildcard; 3664 } else if (lun >= MPT_MAX_LUNS) { 3665 mpt_set_ccb_status(ccb, CAM_REQ_INVALID); 3666 break; 3667 } else { 3668 trtp = &mpt->trt[lun]; 3669 } 3670 if (ccb->ccb_h.func_code == XPT_ACCEPT_TARGET_IO) { 3671 mpt_lprt(mpt, MPT_PRT_DEBUG1, 3672 "Put FREE ATIO %p lun %jx\n", ccb, (uintmax_t)lun); 3673 STAILQ_INSERT_TAIL(&trtp->atios, &ccb->ccb_h, 3674 sim_links.stqe); 3675 } else { 3676 mpt_lprt(mpt, MPT_PRT_DEBUG1, 3677 "Put FREE INOT lun %jx\n", (uintmax_t)lun); 3678 STAILQ_INSERT_TAIL(&trtp->inots, &ccb->ccb_h, 3679 sim_links.stqe); 3680 } 3681 mpt_set_ccb_status(ccb, CAM_REQ_INPROG); 3682 return; 3683 } 3684 case XPT_NOTIFY_ACKNOWLEDGE: /* Task management request done. */ 3685 { 3686 request_t *req = MPT_TAG_2_REQ(mpt, ccb->cna2.tag_id); 3687 3688 mpt_lprt(mpt, MPT_PRT_DEBUG, "Got Notify ACK\n"); 3689 mpt_scsi_tgt_status(mpt, NULL, req, 0, NULL, 0); 3690 mpt_set_ccb_status(ccb, CAM_REQ_CMP); 3691 break; 3692 } 3693 case XPT_CONT_TARGET_IO: 3694 mpt_target_start_io(mpt, ccb); 3695 return; 3696 3697 default: 3698 ccb->ccb_h.status = CAM_REQ_INVALID; 3699 break; 3700 } 3701 xpt_done(ccb); 3702} 3703 3704static int 3705mpt_get_spi_settings(struct mpt_softc *mpt, struct ccb_trans_settings *cts) 3706{ 3707 struct ccb_trans_settings_scsi *scsi = &cts->proto_specific.scsi; 3708 struct ccb_trans_settings_spi *spi = &cts->xport_specific.spi; 3709 target_id_t tgt; 3710 uint32_t dval, pval, oval; 3711 int rv; 3712 3713 if (IS_CURRENT_SETTINGS(cts) == 0) { 3714 tgt = cts->ccb_h.target_id; 3715 } else if (xpt_path_sim(cts->ccb_h.path) == mpt->phydisk_sim) { 3716 if (mpt_map_physdisk(mpt, (union ccb *)cts, &tgt)) { 3717 return (-1); 3718 } 3719 } else { 3720 tgt = cts->ccb_h.target_id; 3721 } 3722 3723 /* 3724 * We aren't looking at Port Page 2 BIOS settings here- 3725 * sometimes these have been known to be bogus XXX. 3726 * 3727 * For user settings, we pick the max from port page 0 3728 * 3729 * For current settings we read the current settings out from 3730 * device page 0 for that target. 3731 */ 3732 if (IS_CURRENT_SETTINGS(cts)) { 3733 CONFIG_PAGE_SCSI_DEVICE_0 tmp; 3734 dval = 0; 3735 3736 tmp = mpt->mpt_dev_page0[tgt]; 3737 rv = mpt_read_cur_cfg_page(mpt, tgt, &tmp.Header, 3738 sizeof(tmp), FALSE, 5000); 3739 if (rv) { 3740 mpt_prt(mpt, "can't get tgt %d config page 0\n", tgt); 3741 return (rv); 3742 } 3743 mpt2host_config_page_scsi_device_0(&tmp); 3744 3745 mpt_lprt(mpt, MPT_PRT_DEBUG, 3746 "mpt_get_spi_settings[%d]: current NP %x Info %x\n", tgt, 3747 tmp.NegotiatedParameters, tmp.Information); 3748 dval |= (tmp.NegotiatedParameters & MPI_SCSIDEVPAGE0_NP_WIDE) ? 3749 DP_WIDE : DP_NARROW; 3750 dval |= (mpt->mpt_disc_enable & (1 << tgt)) ? 3751 DP_DISC_ENABLE : DP_DISC_DISABL; 3752 dval |= (mpt->mpt_tag_enable & (1 << tgt)) ? 3753 DP_TQING_ENABLE : DP_TQING_DISABL; 3754 oval = tmp.NegotiatedParameters; 3755 oval &= MPI_SCSIDEVPAGE0_NP_NEG_SYNC_OFFSET_MASK; 3756 oval >>= MPI_SCSIDEVPAGE0_NP_SHIFT_SYNC_OFFSET; 3757 pval = tmp.NegotiatedParameters; 3758 pval &= MPI_SCSIDEVPAGE0_NP_NEG_SYNC_PERIOD_MASK; 3759 pval >>= MPI_SCSIDEVPAGE0_NP_SHIFT_SYNC_PERIOD; 3760 mpt->mpt_dev_page0[tgt] = tmp; 3761 } else { 3762 dval = DP_WIDE|DP_DISC_ENABLE|DP_TQING_ENABLE|DP_SYNC; 3763 oval = mpt->mpt_port_page0.Capabilities; 3764 oval = MPI_SCSIPORTPAGE0_CAP_GET_MAX_SYNC_OFFSET(oval); 3765 pval = mpt->mpt_port_page0.Capabilities; 3766 pval = MPI_SCSIPORTPAGE0_CAP_GET_MIN_SYNC_PERIOD(pval); 3767 } 3768 3769 spi->valid = 0; 3770 scsi->valid = 0; 3771 spi->flags = 0; 3772 scsi->flags = 0; 3773 spi->sync_offset = oval; 3774 spi->sync_period = pval; 3775 spi->valid |= CTS_SPI_VALID_SYNC_OFFSET; 3776 spi->valid |= CTS_SPI_VALID_SYNC_RATE; 3777 spi->valid |= CTS_SPI_VALID_BUS_WIDTH; 3778 if (dval & DP_WIDE) { 3779 spi->bus_width = MSG_EXT_WDTR_BUS_16_BIT; 3780 } else { 3781 spi->bus_width = MSG_EXT_WDTR_BUS_8_BIT; 3782 } 3783 if (cts->ccb_h.target_lun != CAM_LUN_WILDCARD) { 3784 scsi->valid = CTS_SCSI_VALID_TQ; 3785 if (dval & DP_TQING_ENABLE) { 3786 scsi->flags |= CTS_SCSI_FLAGS_TAG_ENB; 3787 } 3788 spi->valid |= CTS_SPI_VALID_DISC; 3789 if (dval & DP_DISC_ENABLE) { 3790 spi->flags |= CTS_SPI_FLAGS_DISC_ENB; 3791 } 3792 } 3793 3794 mpt_lprt(mpt, MPT_PRT_NEGOTIATION, 3795 "mpt_get_spi_settings[%d]: %s flags 0x%x per 0x%x off=%d\n", tgt, 3796 IS_CURRENT_SETTINGS(cts) ? "ACTIVE" : "NVRAM ", dval, pval, oval); 3797 return (0); 3798} 3799 3800static void 3801mpt_setwidth(struct mpt_softc *mpt, int tgt, int onoff) 3802{ 3803 PTR_CONFIG_PAGE_SCSI_DEVICE_1 ptr; 3804 3805 ptr = &mpt->mpt_dev_page1[tgt]; 3806 if (onoff) { 3807 ptr->RequestedParameters |= MPI_SCSIDEVPAGE1_RP_WIDE; 3808 } else { 3809 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_WIDE; 3810 } 3811} 3812 3813static void 3814mpt_setsync(struct mpt_softc *mpt, int tgt, int period, int offset) 3815{ 3816 PTR_CONFIG_PAGE_SCSI_DEVICE_1 ptr; 3817 3818 ptr = &mpt->mpt_dev_page1[tgt]; 3819 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_MIN_SYNC_PERIOD_MASK; 3820 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_MAX_SYNC_OFFSET_MASK; 3821 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_DT; 3822 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_QAS; 3823 ptr->RequestedParameters &= ~MPI_SCSIDEVPAGE1_RP_IU; 3824 if (period == 0) { 3825 return; 3826 } 3827 ptr->RequestedParameters |= 3828 period << MPI_SCSIDEVPAGE1_RP_SHIFT_MIN_SYNC_PERIOD; 3829 ptr->RequestedParameters |= 3830 offset << MPI_SCSIDEVPAGE1_RP_SHIFT_MAX_SYNC_OFFSET; 3831 if (period < 0xa) { 3832 ptr->RequestedParameters |= MPI_SCSIDEVPAGE1_RP_DT; 3833 } 3834 if (period < 0x9) { 3835 ptr->RequestedParameters |= MPI_SCSIDEVPAGE1_RP_QAS; 3836 ptr->RequestedParameters |= MPI_SCSIDEVPAGE1_RP_IU; 3837 } 3838} 3839 3840static int 3841mpt_update_spi_config(struct mpt_softc *mpt, int tgt) 3842{ 3843 CONFIG_PAGE_SCSI_DEVICE_1 tmp; 3844 int rv; 3845 3846 mpt_lprt(mpt, MPT_PRT_NEGOTIATION, 3847 "mpt_update_spi_config[%d].page1: Requested Params 0x%08x\n", 3848 tgt, mpt->mpt_dev_page1[tgt].RequestedParameters); 3849 tmp = mpt->mpt_dev_page1[tgt]; 3850 host2mpt_config_page_scsi_device_1(&tmp); 3851 rv = mpt_write_cur_cfg_page(mpt, tgt, 3852 &tmp.Header, sizeof(tmp), FALSE, 5000); 3853 if (rv) { 3854 mpt_prt(mpt, "mpt_update_spi_config: write cur page failed\n"); 3855 return (-1); 3856 } 3857 return (0); 3858} 3859 3860/****************************** Timeout Recovery ******************************/ 3861static int 3862mpt_spawn_recovery_thread(struct mpt_softc *mpt) 3863{ 3864 int error; 3865 3866 error = kproc_create(mpt_recovery_thread, mpt, 3867 &mpt->recovery_thread, /*flags*/0, 3868 /*altstack*/0, "mpt_recovery%d", mpt->unit); 3869 return (error); 3870} 3871 3872static void 3873mpt_terminate_recovery_thread(struct mpt_softc *mpt) 3874{ 3875 3876 if (mpt->recovery_thread == NULL) { 3877 return; 3878 } 3879 mpt->shutdwn_recovery = 1; 3880 wakeup(mpt); 3881 /* 3882 * Sleep on a slightly different location 3883 * for this interlock just for added safety. 3884 */ 3885 mpt_sleep(mpt, &mpt->recovery_thread, PUSER, "thtrm", 0); 3886} 3887 3888static void 3889mpt_recovery_thread(void *arg) 3890{ 3891 struct mpt_softc *mpt; 3892 3893 mpt = (struct mpt_softc *)arg; 3894 MPT_LOCK(mpt); 3895 for (;;) { 3896 if (TAILQ_EMPTY(&mpt->request_timeout_list) != 0) { 3897 if (mpt->shutdwn_recovery == 0) { 3898 mpt_sleep(mpt, mpt, PUSER, "idle", 0); 3899 } 3900 } 3901 if (mpt->shutdwn_recovery != 0) { 3902 break; 3903 } 3904 mpt_recover_commands(mpt); 3905 } 3906 mpt->recovery_thread = NULL; 3907 wakeup(&mpt->recovery_thread); 3908 MPT_UNLOCK(mpt); 3909 kproc_exit(0); 3910} 3911 3912static int 3913mpt_scsi_send_tmf(struct mpt_softc *mpt, u_int type, u_int flags, 3914 u_int channel, target_id_t target, lun_id_t lun, u_int abort_ctx, 3915 int sleep_ok) 3916{ 3917 MSG_SCSI_TASK_MGMT *tmf_req; 3918 int error; 3919 3920 /* 3921 * Wait for any current TMF request to complete. 3922 * We're only allowed to issue one TMF at a time. 3923 */ 3924 error = mpt_wait_req(mpt, mpt->tmf_req, REQ_STATE_FREE, REQ_STATE_FREE, 3925 sleep_ok, MPT_TMF_MAX_TIMEOUT); 3926 if (error != 0) { 3927 mpt_reset(mpt, TRUE); 3928 return (ETIMEDOUT); 3929 } 3930 3931 mpt_assign_serno(mpt, mpt->tmf_req); 3932 mpt->tmf_req->state = REQ_STATE_ALLOCATED|REQ_STATE_QUEUED; 3933 3934 tmf_req = (MSG_SCSI_TASK_MGMT *)mpt->tmf_req->req_vbuf; 3935 memset(tmf_req, 0, sizeof(*tmf_req)); 3936 tmf_req->TargetID = target; 3937 tmf_req->Bus = channel; 3938 tmf_req->Function = MPI_FUNCTION_SCSI_TASK_MGMT; 3939 tmf_req->TaskType = type; 3940 tmf_req->MsgFlags = flags; 3941 tmf_req->MsgContext = 3942 htole32(mpt->tmf_req->index | scsi_tmf_handler_id); 3943 be64enc(tmf_req->LUN, CAM_EXTLUN_BYTE_SWIZZLE(lun)); 3944 tmf_req->TaskMsgContext = abort_ctx; 3945 3946 mpt_lprt(mpt, MPT_PRT_DEBUG, 3947 "Issuing TMF %p:%u with MsgContext of 0x%x\n", mpt->tmf_req, 3948 mpt->tmf_req->serno, tmf_req->MsgContext); 3949 if (mpt->verbose > MPT_PRT_DEBUG) { 3950 mpt_print_request(tmf_req); 3951 } 3952 3953 KASSERT(mpt_req_on_pending_list(mpt, mpt->tmf_req) == 0, 3954 ("mpt_scsi_send_tmf: tmf_req already on pending list")); 3955 TAILQ_INSERT_HEAD(&mpt->request_pending_list, mpt->tmf_req, links); 3956 error = mpt_send_handshake_cmd(mpt, sizeof(*tmf_req), tmf_req); 3957 if (error != MPT_OK) { 3958 TAILQ_REMOVE(&mpt->request_pending_list, mpt->tmf_req, links); 3959 mpt->tmf_req->state = REQ_STATE_FREE; 3960 mpt_reset(mpt, TRUE); 3961 } 3962 return (error); 3963} 3964 3965/* 3966 * When a command times out, it is placed on the requeust_timeout_list 3967 * and we wake our recovery thread. The MPT-Fusion architecture supports 3968 * only a single TMF operation at a time, so we serially abort/bdr, etc, 3969 * the timedout transactions. The next TMF is issued either by the 3970 * completion handler of the current TMF waking our recovery thread, 3971 * or the TMF timeout handler causing a hard reset sequence. 3972 */ 3973static void 3974mpt_recover_commands(struct mpt_softc *mpt) 3975{ 3976 request_t *req; 3977 union ccb *ccb; 3978 int error; 3979 3980 if (TAILQ_EMPTY(&mpt->request_timeout_list) != 0) { 3981 /* 3982 * No work to do- leave. 3983 */ 3984 mpt_prt(mpt, "mpt_recover_commands: no requests.\n"); 3985 return; 3986 } 3987 3988 /* 3989 * Flush any commands whose completion coincides with their timeout. 3990 */ 3991 mpt_intr(mpt); 3992 3993 if (TAILQ_EMPTY(&mpt->request_timeout_list) != 0) { 3994 /* 3995 * The timedout commands have already 3996 * completed. This typically means 3997 * that either the timeout value was on 3998 * the hairy edge of what the device 3999 * requires or - more likely - interrupts 4000 * are not happening. 4001 */ 4002 mpt_prt(mpt, "Timedout requests already complete. " 4003 "Interrupts may not be functioning.\n"); 4004 mpt_enable_ints(mpt); 4005 return; 4006 } 4007 4008 /* 4009 * We have no visibility into the current state of the 4010 * controller, so attempt to abort the commands in the 4011 * order they timed-out. For initiator commands, we 4012 * depend on the reply handler pulling requests off 4013 * the timeout list. 4014 */ 4015 while ((req = TAILQ_FIRST(&mpt->request_timeout_list)) != NULL) { 4016 uint16_t status; 4017 uint8_t response; 4018 MSG_REQUEST_HEADER *hdrp = req->req_vbuf; 4019 4020 mpt_prt(mpt, "attempting to abort req %p:%u function %x\n", 4021 req, req->serno, hdrp->Function); 4022 ccb = req->ccb; 4023 if (ccb == NULL) { 4024 mpt_prt(mpt, "null ccb in timed out request. " 4025 "Resetting Controller.\n"); 4026 mpt_reset(mpt, TRUE); 4027 continue; 4028 } 4029 mpt_set_ccb_status(ccb, CAM_CMD_TIMEOUT); 4030 4031 /* 4032 * Check to see if this is not an initiator command and 4033 * deal with it differently if it is. 4034 */ 4035 switch (hdrp->Function) { 4036 case MPI_FUNCTION_SCSI_IO_REQUEST: 4037 case MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH: 4038 break; 4039 default: 4040 /* 4041 * XXX: FIX ME: need to abort target assists... 4042 */ 4043 mpt_prt(mpt, "just putting it back on the pend q\n"); 4044 TAILQ_REMOVE(&mpt->request_timeout_list, req, links); 4045 TAILQ_INSERT_HEAD(&mpt->request_pending_list, req, 4046 links); 4047 continue; 4048 } 4049 4050 error = mpt_scsi_send_tmf(mpt, 4051 MPI_SCSITASKMGMT_TASKTYPE_ABORT_TASK, 4052 0, 0, ccb->ccb_h.target_id, ccb->ccb_h.target_lun, 4053 htole32(req->index | scsi_io_handler_id), TRUE); 4054 4055 if (error != 0) { 4056 /* 4057 * mpt_scsi_send_tmf hard resets on failure, so no 4058 * need to do so here. Our queue should be emptied 4059 * by the hard reset. 4060 */ 4061 continue; 4062 } 4063 4064 error = mpt_wait_req(mpt, mpt->tmf_req, REQ_STATE_DONE, 4065 REQ_STATE_DONE, TRUE, 500); 4066 4067 status = le16toh(mpt->tmf_req->IOCStatus); 4068 response = mpt->tmf_req->ResponseCode; 4069 mpt->tmf_req->state = REQ_STATE_FREE; 4070 4071 if (error != 0) { 4072 /* 4073 * If we've errored out,, reset the controller. 4074 */ 4075 mpt_prt(mpt, "mpt_recover_commands: abort timed-out. " 4076 "Resetting controller\n"); 4077 mpt_reset(mpt, TRUE); 4078 continue; 4079 } 4080 4081 if ((status & MPI_IOCSTATUS_MASK) != MPI_IOCSTATUS_SUCCESS) { 4082 mpt_prt(mpt, "mpt_recover_commands: IOC Status 0x%x. " 4083 "Resetting controller.\n", status); 4084 mpt_reset(mpt, TRUE); 4085 continue; 4086 } 4087 4088 if (response != MPI_SCSITASKMGMT_RSP_TM_SUCCEEDED && 4089 response != MPI_SCSITASKMGMT_RSP_TM_COMPLETE) { 4090 mpt_prt(mpt, "mpt_recover_commands: TMF Response 0x%x. " 4091 "Resetting controller.\n", response); 4092 mpt_reset(mpt, TRUE); 4093 continue; 4094 } 4095 mpt_prt(mpt, "abort of req %p:%u completed\n", req, req->serno); 4096 } 4097} 4098 4099/************************ Target Mode Support ****************************/ 4100static void 4101mpt_fc_post_els(struct mpt_softc *mpt, request_t *req, int ioindex) 4102{ 4103 MSG_LINK_SERVICE_BUFFER_POST_REQUEST *fc; 4104 PTR_SGE_TRANSACTION32 tep; 4105 PTR_SGE_SIMPLE32 se; 4106 bus_addr_t paddr; 4107 uint32_t fl; 4108 4109 paddr = req->req_pbuf; 4110 paddr += MPT_RQSL(mpt); 4111 4112 fc = req->req_vbuf; 4113 memset(fc, 0, MPT_REQUEST_AREA); 4114 fc->BufferCount = 1; 4115 fc->Function = MPI_FUNCTION_FC_LINK_SRVC_BUF_POST; 4116 fc->MsgContext = htole32(req->index | fc_els_handler_id); 4117 4118 /* 4119 * Okay, set up ELS buffer pointers. ELS buffer pointers 4120 * consist of a TE SGL element (with details length of zero) 4121 * followed by a SIMPLE SGL element which holds the address 4122 * of the buffer. 4123 */ 4124 4125 tep = (PTR_SGE_TRANSACTION32) &fc->SGL; 4126 4127 tep->ContextSize = 4; 4128 tep->Flags = 0; 4129 tep->TransactionContext[0] = htole32(ioindex); 4130 4131 se = (PTR_SGE_SIMPLE32) &tep->TransactionDetails[0]; 4132 fl = 4133 MPI_SGE_FLAGS_HOST_TO_IOC | 4134 MPI_SGE_FLAGS_SIMPLE_ELEMENT | 4135 MPI_SGE_FLAGS_LAST_ELEMENT | 4136 MPI_SGE_FLAGS_END_OF_LIST | 4137 MPI_SGE_FLAGS_END_OF_BUFFER; 4138 fl <<= MPI_SGE_FLAGS_SHIFT; 4139 fl |= (MPT_NRFM(mpt) - MPT_RQSL(mpt)); 4140 se->FlagsLength = htole32(fl); 4141 se->Address = htole32((uint32_t) paddr); 4142 mpt_lprt(mpt, MPT_PRT_DEBUG, 4143 "add ELS index %d ioindex %d for %p:%u\n", 4144 req->index, ioindex, req, req->serno); 4145 KASSERT(((req->state & REQ_STATE_LOCKED) != 0), 4146 ("mpt_fc_post_els: request not locked")); 4147 mpt_send_cmd(mpt, req); 4148} 4149 4150static void 4151mpt_post_target_command(struct mpt_softc *mpt, request_t *req, int ioindex) 4152{ 4153 PTR_MSG_TARGET_CMD_BUFFER_POST_REQUEST fc; 4154 PTR_CMD_BUFFER_DESCRIPTOR cb; 4155 bus_addr_t paddr; 4156 4157 paddr = req->req_pbuf; 4158 paddr += MPT_RQSL(mpt); 4159 memset(req->req_vbuf, 0, MPT_REQUEST_AREA); 4160 MPT_TGT_STATE(mpt, req)->state = TGT_STATE_LOADING; 4161 4162 fc = req->req_vbuf; 4163 fc->BufferCount = 1; 4164 fc->Function = MPI_FUNCTION_TARGET_CMD_BUFFER_POST; 4165 fc->BufferLength = MIN(MPT_REQUEST_AREA - MPT_RQSL(mpt), UINT8_MAX); 4166 fc->MsgContext = htole32(req->index | mpt->scsi_tgt_handler_id); 4167 4168 cb = &fc->Buffer[0]; 4169 cb->IoIndex = htole16(ioindex); 4170 cb->u.PhysicalAddress32 = htole32((U32) paddr); 4171 4172 mpt_check_doorbell(mpt); 4173 mpt_send_cmd(mpt, req); 4174} 4175 4176static int 4177mpt_add_els_buffers(struct mpt_softc *mpt) 4178{ 4179 int i; 4180 4181 if (mpt->is_fc == 0) { 4182 return (TRUE); 4183 } 4184 4185 if (mpt->els_cmds_allocated) { 4186 return (TRUE); 4187 } 4188 4189 mpt->els_cmd_ptrs = malloc(MPT_MAX_ELS * sizeof (request_t *), 4190 M_DEVBUF, M_NOWAIT | M_ZERO); 4191 4192 if (mpt->els_cmd_ptrs == NULL) { 4193 return (FALSE); 4194 } 4195 4196 /* 4197 * Feed the chip some ELS buffer resources 4198 */ 4199 for (i = 0; i < MPT_MAX_ELS; i++) { 4200 request_t *req = mpt_get_request(mpt, FALSE); 4201 if (req == NULL) { 4202 break; 4203 } 4204 req->state |= REQ_STATE_LOCKED; 4205 mpt->els_cmd_ptrs[i] = req; 4206 mpt_fc_post_els(mpt, req, i); 4207 } 4208 4209 if (i == 0) { 4210 mpt_prt(mpt, "unable to add ELS buffer resources\n"); 4211 free(mpt->els_cmd_ptrs, M_DEVBUF); 4212 mpt->els_cmd_ptrs = NULL; 4213 return (FALSE); 4214 } 4215 if (i != MPT_MAX_ELS) { 4216 mpt_lprt(mpt, MPT_PRT_INFO, 4217 "only added %d of %d ELS buffers\n", i, MPT_MAX_ELS); 4218 } 4219 mpt->els_cmds_allocated = i; 4220 return(TRUE); 4221} 4222 4223static int 4224mpt_add_target_commands(struct mpt_softc *mpt) 4225{ 4226 int i, max; 4227 4228 if (mpt->tgt_cmd_ptrs) { 4229 return (TRUE); 4230 } 4231 4232 max = MPT_MAX_REQUESTS(mpt) >> 1; 4233 if (max > mpt->mpt_max_tgtcmds) { 4234 max = mpt->mpt_max_tgtcmds; 4235 } 4236 mpt->tgt_cmd_ptrs = 4237 malloc(max * sizeof (request_t *), M_DEVBUF, M_NOWAIT | M_ZERO); 4238 if (mpt->tgt_cmd_ptrs == NULL) { 4239 mpt_prt(mpt, 4240 "mpt_add_target_commands: could not allocate cmd ptrs\n"); 4241 return (FALSE); 4242 } 4243 4244 for (i = 0; i < max; i++) { 4245 request_t *req; 4246 4247 req = mpt_get_request(mpt, FALSE); 4248 if (req == NULL) { 4249 break; 4250 } 4251 req->state |= REQ_STATE_LOCKED; 4252 mpt->tgt_cmd_ptrs[i] = req; 4253 mpt_post_target_command(mpt, req, i); 4254 } 4255 4256 4257 if (i == 0) { 4258 mpt_lprt(mpt, MPT_PRT_ERROR, "could not add any target bufs\n"); 4259 free(mpt->tgt_cmd_ptrs, M_DEVBUF); 4260 mpt->tgt_cmd_ptrs = NULL; 4261 return (FALSE); 4262 } 4263 4264 mpt->tgt_cmds_allocated = i; 4265 4266 if (i < max) { 4267 mpt_lprt(mpt, MPT_PRT_INFO, 4268 "added %d of %d target bufs\n", i, max); 4269 } 4270 return (i); 4271} 4272 4273static int 4274mpt_enable_lun(struct mpt_softc *mpt, target_id_t tgt, lun_id_t lun) 4275{ 4276 4277 if (tgt == CAM_TARGET_WILDCARD && lun == CAM_LUN_WILDCARD) { 4278 mpt->twildcard = 1; 4279 } else if (lun >= MPT_MAX_LUNS) { 4280 return (EINVAL); 4281 } else if (tgt != CAM_TARGET_WILDCARD && tgt != 0) { 4282 return (EINVAL); 4283 } 4284 if (mpt->tenabled == 0) { 4285 if (mpt->is_fc) { 4286 (void) mpt_fc_reset_link(mpt, 0); 4287 } 4288 mpt->tenabled = 1; 4289 } 4290 if (lun == CAM_LUN_WILDCARD) { 4291 mpt->trt_wildcard.enabled = 1; 4292 } else { 4293 mpt->trt[lun].enabled = 1; 4294 } 4295 return (0); 4296} 4297 4298static int 4299mpt_disable_lun(struct mpt_softc *mpt, target_id_t tgt, lun_id_t lun) 4300{ 4301 int i; 4302 4303 if (tgt == CAM_TARGET_WILDCARD && lun == CAM_LUN_WILDCARD) { 4304 mpt->twildcard = 0; 4305 } else if (lun >= MPT_MAX_LUNS) { 4306 return (EINVAL); 4307 } else if (tgt != CAM_TARGET_WILDCARD && tgt != 0) { 4308 return (EINVAL); 4309 } 4310 if (lun == CAM_LUN_WILDCARD) { 4311 mpt->trt_wildcard.enabled = 0; 4312 } else { 4313 mpt->trt[lun].enabled = 0; 4314 } 4315 for (i = 0; i < MPT_MAX_LUNS; i++) { 4316 if (mpt->trt[i].enabled) { 4317 break; 4318 } 4319 } 4320 if (i == MPT_MAX_LUNS && mpt->twildcard == 0) { 4321 if (mpt->is_fc) { 4322 (void) mpt_fc_reset_link(mpt, 0); 4323 } 4324 mpt->tenabled = 0; 4325 } 4326 return (0); 4327} 4328 4329/* 4330 * Called with MPT lock held 4331 */ 4332static void 4333mpt_target_start_io(struct mpt_softc *mpt, union ccb *ccb) 4334{ 4335 struct ccb_scsiio *csio = &ccb->csio; 4336 request_t *cmd_req = MPT_TAG_2_REQ(mpt, csio->tag_id); 4337 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, cmd_req); 4338 4339 switch (tgt->state) { 4340 case TGT_STATE_IN_CAM: 4341 break; 4342 case TGT_STATE_MOVING_DATA: 4343 mpt_set_ccb_status(ccb, CAM_REQUEUE_REQ); 4344 xpt_freeze_simq(mpt->sim, 1); 4345 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 4346 tgt->ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 4347 xpt_done(ccb); 4348 return; 4349 default: 4350 mpt_prt(mpt, "ccb %p flags 0x%x tag 0x%08x had bad request " 4351 "starting I/O\n", ccb, csio->ccb_h.flags, csio->tag_id); 4352 mpt_tgt_dump_req_state(mpt, cmd_req); 4353 mpt_set_ccb_status(ccb, CAM_REQ_CMP_ERR); 4354 xpt_done(ccb); 4355 return; 4356 } 4357 4358 if (csio->dxfer_len) { 4359 bus_dmamap_callback_t *cb; 4360 PTR_MSG_TARGET_ASSIST_REQUEST ta; 4361 request_t *req; 4362 int error; 4363 4364 KASSERT((ccb->ccb_h.flags & CAM_DIR_MASK) != CAM_DIR_NONE, 4365 ("dxfer_len %u but direction is NONE", csio->dxfer_len)); 4366 4367 if ((req = mpt_get_request(mpt, FALSE)) == NULL) { 4368 if (mpt->outofbeer == 0) { 4369 mpt->outofbeer = 1; 4370 xpt_freeze_simq(mpt->sim, 1); 4371 mpt_lprt(mpt, MPT_PRT_DEBUG, "FREEZEQ\n"); 4372 } 4373 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 4374 mpt_set_ccb_status(ccb, CAM_REQUEUE_REQ); 4375 xpt_done(ccb); 4376 return; 4377 } 4378 ccb->ccb_h.status = CAM_SIM_QUEUED | CAM_REQ_INPROG; 4379 if (sizeof (bus_addr_t) > 4) { 4380 cb = mpt_execute_req_a64; 4381 } else { 4382 cb = mpt_execute_req; 4383 } 4384 4385 req->ccb = ccb; 4386 ccb->ccb_h.ccb_req_ptr = req; 4387 4388 /* 4389 * Record the currently active ccb and the 4390 * request for it in our target state area. 4391 */ 4392 tgt->ccb = ccb; 4393 tgt->req = req; 4394 4395 memset(req->req_vbuf, 0, MPT_RQSL(mpt)); 4396 ta = req->req_vbuf; 4397 4398 if (mpt->is_sas) { 4399 PTR_MPI_TARGET_SSP_CMD_BUFFER ssp = 4400 cmd_req->req_vbuf; 4401 ta->QueueTag = ssp->InitiatorTag; 4402 } else if (mpt->is_spi) { 4403 PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER sp = 4404 cmd_req->req_vbuf; 4405 ta->QueueTag = sp->Tag; 4406 } 4407 ta->Function = MPI_FUNCTION_TARGET_ASSIST; 4408 ta->MsgContext = htole32(req->index | mpt->scsi_tgt_handler_id); 4409 ta->ReplyWord = htole32(tgt->reply_desc); 4410 be64enc(ta->LUN, CAM_EXTLUN_BYTE_SWIZZLE(csio->ccb_h.target_lun)); 4411 4412 ta->RelativeOffset = tgt->bytes_xfered; 4413 ta->DataLength = ccb->csio.dxfer_len; 4414 if (ta->DataLength > tgt->resid) { 4415 ta->DataLength = tgt->resid; 4416 } 4417 4418 /* 4419 * XXX Should be done after data transfer completes? 4420 */ 4421 csio->resid = csio->dxfer_len - ta->DataLength; 4422 tgt->resid -= csio->dxfer_len; 4423 tgt->bytes_xfered += csio->dxfer_len; 4424 4425 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN) { 4426 ta->TargetAssistFlags |= 4427 TARGET_ASSIST_FLAGS_DATA_DIRECTION; 4428 } 4429 4430#ifdef WE_TRUST_AUTO_GOOD_STATUS 4431 if ((ccb->ccb_h.flags & CAM_SEND_STATUS) && 4432 csio->scsi_status == SCSI_STATUS_OK && tgt->resid == 0) { 4433 ta->TargetAssistFlags |= 4434 TARGET_ASSIST_FLAGS_AUTO_STATUS; 4435 } 4436#endif 4437 tgt->state = TGT_STATE_SETTING_UP_FOR_DATA; 4438 4439 mpt_lprt(mpt, MPT_PRT_DEBUG, 4440 "DATA_CCB %p tag %x %u bytes %u resid flg %x req %p:%u " 4441 "nxtstate=%d\n", csio, csio->tag_id, csio->dxfer_len, 4442 tgt->resid, ccb->ccb_h.flags, req, req->serno, tgt->state); 4443 4444 error = bus_dmamap_load_ccb(mpt->buffer_dmat, req->dmap, ccb, 4445 cb, req, 0); 4446 if (error == EINPROGRESS) { 4447 xpt_freeze_simq(mpt->sim, 1); 4448 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 4449 } 4450 } else { 4451 /* 4452 * XXX: I don't know why this seems to happen, but 4453 * XXX: completing the CCB seems to make things happy. 4454 * XXX: This seems to happen if the initiator requests 4455 * XXX: enough data that we have to do multiple CTIOs. 4456 */ 4457 if ((ccb->ccb_h.flags & CAM_SEND_STATUS) == 0) { 4458 mpt_lprt(mpt, MPT_PRT_DEBUG, 4459 "Meaningless STATUS CCB (%p): flags %x status %x " 4460 "resid %d bytes_xfered %u\n", ccb, ccb->ccb_h.flags, 4461 ccb->ccb_h.status, tgt->resid, tgt->bytes_xfered); 4462 mpt_set_ccb_status(ccb, CAM_REQ_CMP); 4463 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 4464 xpt_done(ccb); 4465 return; 4466 } 4467 mpt_scsi_tgt_status(mpt, ccb, cmd_req, csio->scsi_status, 4468 (void *)&csio->sense_data, 4469 (ccb->ccb_h.flags & CAM_SEND_SENSE) ? 4470 csio->sense_len : 0); 4471 } 4472} 4473 4474static void 4475mpt_scsi_tgt_local(struct mpt_softc *mpt, request_t *cmd_req, 4476 lun_id_t lun, int send, uint8_t *data, size_t length) 4477{ 4478 mpt_tgt_state_t *tgt; 4479 PTR_MSG_TARGET_ASSIST_REQUEST ta; 4480 SGE_SIMPLE32 *se; 4481 uint32_t flags; 4482 uint8_t *dptr; 4483 bus_addr_t pptr; 4484 request_t *req; 4485 4486 /* 4487 * We enter with resid set to the data load for the command. 4488 */ 4489 tgt = MPT_TGT_STATE(mpt, cmd_req); 4490 if (length == 0 || tgt->resid == 0) { 4491 tgt->resid = 0; 4492 mpt_scsi_tgt_status(mpt, NULL, cmd_req, 0, NULL, 0); 4493 return; 4494 } 4495 4496 if ((req = mpt_get_request(mpt, FALSE)) == NULL) { 4497 mpt_prt(mpt, "out of resources- dropping local response\n"); 4498 return; 4499 } 4500 tgt->is_local = 1; 4501 4502 4503 memset(req->req_vbuf, 0, MPT_RQSL(mpt)); 4504 ta = req->req_vbuf; 4505 4506 if (mpt->is_sas) { 4507 PTR_MPI_TARGET_SSP_CMD_BUFFER ssp = cmd_req->req_vbuf; 4508 ta->QueueTag = ssp->InitiatorTag; 4509 } else if (mpt->is_spi) { 4510 PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER sp = cmd_req->req_vbuf; 4511 ta->QueueTag = sp->Tag; 4512 } 4513 ta->Function = MPI_FUNCTION_TARGET_ASSIST; 4514 ta->MsgContext = htole32(req->index | mpt->scsi_tgt_handler_id); 4515 ta->ReplyWord = htole32(tgt->reply_desc); 4516 be64enc(ta->LUN, CAM_EXTLUN_BYTE_SWIZZLE(lun)); 4517 ta->RelativeOffset = 0; 4518 ta->DataLength = length; 4519 4520 dptr = req->req_vbuf; 4521 dptr += MPT_RQSL(mpt); 4522 pptr = req->req_pbuf; 4523 pptr += MPT_RQSL(mpt); 4524 memcpy(dptr, data, min(length, MPT_RQSL(mpt))); 4525 4526 se = (SGE_SIMPLE32 *) &ta->SGL[0]; 4527 memset(se, 0,sizeof (*se)); 4528 4529 flags = MPI_SGE_FLAGS_SIMPLE_ELEMENT; 4530 if (send) { 4531 ta->TargetAssistFlags |= TARGET_ASSIST_FLAGS_DATA_DIRECTION; 4532 flags |= MPI_SGE_FLAGS_HOST_TO_IOC; 4533 } 4534 se->Address = pptr; 4535 MPI_pSGE_SET_LENGTH(se, length); 4536 flags |= MPI_SGE_FLAGS_LAST_ELEMENT; 4537 flags |= MPI_SGE_FLAGS_END_OF_LIST | MPI_SGE_FLAGS_END_OF_BUFFER; 4538 MPI_pSGE_SET_FLAGS(se, flags); 4539 4540 tgt->ccb = NULL; 4541 tgt->req = req; 4542 tgt->resid -= length; 4543 tgt->bytes_xfered = length; 4544#ifdef WE_TRUST_AUTO_GOOD_STATUS 4545 tgt->state = TGT_STATE_MOVING_DATA_AND_STATUS; 4546#else 4547 tgt->state = TGT_STATE_MOVING_DATA; 4548#endif 4549 mpt_send_cmd(mpt, req); 4550} 4551 4552/* 4553 * Abort queued up CCBs 4554 */ 4555static cam_status 4556mpt_abort_target_ccb(struct mpt_softc *mpt, union ccb *ccb) 4557{ 4558 struct mpt_hdr_stailq *lp; 4559 struct ccb_hdr *srch; 4560 union ccb *accb = ccb->cab.abort_ccb; 4561 tgt_resource_t *trtp; 4562 mpt_tgt_state_t *tgt; 4563 request_t *req; 4564 uint32_t tag; 4565 4566 mpt_lprt(mpt, MPT_PRT_DEBUG, "aborting ccb %p\n", accb); 4567 if (ccb->ccb_h.target_lun == CAM_LUN_WILDCARD) 4568 trtp = &mpt->trt_wildcard; 4569 else 4570 trtp = &mpt->trt[ccb->ccb_h.target_lun]; 4571 if (accb->ccb_h.func_code == XPT_ACCEPT_TARGET_IO) { 4572 lp = &trtp->atios; 4573 tag = accb->atio.tag_id; 4574 } else { 4575 lp = &trtp->inots; 4576 tag = accb->cin1.tag_id; 4577 } 4578 4579 /* Search the CCB among queued. */ 4580 STAILQ_FOREACH(srch, lp, sim_links.stqe) { 4581 if (srch != &accb->ccb_h) 4582 continue; 4583 STAILQ_REMOVE(lp, srch, ccb_hdr, sim_links.stqe); 4584 accb->ccb_h.status = CAM_REQ_ABORTED; 4585 xpt_done(accb); 4586 return (CAM_REQ_CMP); 4587 } 4588 4589 /* Search the CCB among running. */ 4590 req = MPT_TAG_2_REQ(mpt, tag); 4591 tgt = MPT_TGT_STATE(mpt, req); 4592 if (tgt->tag_id == tag) { 4593 mpt_abort_target_cmd(mpt, req); 4594 return (CAM_REQ_CMP); 4595 } 4596 4597 return (CAM_UA_ABORT); 4598} 4599 4600/* 4601 * Ask the MPT to abort the current target command 4602 */ 4603static int 4604mpt_abort_target_cmd(struct mpt_softc *mpt, request_t *cmd_req) 4605{ 4606 int error; 4607 request_t *req; 4608 PTR_MSG_TARGET_MODE_ABORT abtp; 4609 4610 req = mpt_get_request(mpt, FALSE); 4611 if (req == NULL) { 4612 return (-1); 4613 } 4614 abtp = req->req_vbuf; 4615 memset(abtp, 0, sizeof (*abtp)); 4616 4617 abtp->MsgContext = htole32(req->index | mpt->scsi_tgt_handler_id); 4618 abtp->AbortType = TARGET_MODE_ABORT_TYPE_EXACT_IO; 4619 abtp->Function = MPI_FUNCTION_TARGET_MODE_ABORT; 4620 abtp->ReplyWord = htole32(MPT_TGT_STATE(mpt, cmd_req)->reply_desc); 4621 error = 0; 4622 if (mpt->is_fc || mpt->is_sas) { 4623 mpt_send_cmd(mpt, req); 4624 } else { 4625 error = mpt_send_handshake_cmd(mpt, sizeof(*req), req); 4626 } 4627 return (error); 4628} 4629 4630/* 4631 * WE_TRUST_AUTO_GOOD_STATUS- I've found that setting 4632 * TARGET_STATUS_SEND_FLAGS_AUTO_GOOD_STATUS leads the 4633 * FC929 to set bogus FC_RSP fields (nonzero residuals 4634 * but w/o RESID fields set). This causes QLogic initiators 4635 * to think maybe that a frame was lost. 4636 * 4637 * WE_CAN_USE_AUTO_REPOST- we can't use AUTO_REPOST because 4638 * we use allocated requests to do TARGET_ASSIST and we 4639 * need to know when to release them. 4640 */ 4641 4642static void 4643mpt_scsi_tgt_status(struct mpt_softc *mpt, union ccb *ccb, request_t *cmd_req, 4644 uint8_t status, uint8_t const *sense_data, u_int sense_len) 4645{ 4646 uint8_t *cmd_vbuf; 4647 mpt_tgt_state_t *tgt; 4648 PTR_MSG_TARGET_STATUS_SEND_REQUEST tp; 4649 request_t *req; 4650 bus_addr_t paddr; 4651 int resplen = 0; 4652 uint32_t fl; 4653 4654 cmd_vbuf = cmd_req->req_vbuf; 4655 cmd_vbuf += MPT_RQSL(mpt); 4656 tgt = MPT_TGT_STATE(mpt, cmd_req); 4657 4658 if ((req = mpt_get_request(mpt, FALSE)) == NULL) { 4659 if (mpt->outofbeer == 0) { 4660 mpt->outofbeer = 1; 4661 xpt_freeze_simq(mpt->sim, 1); 4662 mpt_lprt(mpt, MPT_PRT_DEBUG, "FREEZEQ\n"); 4663 } 4664 if (ccb) { 4665 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 4666 mpt_set_ccb_status(ccb, CAM_REQUEUE_REQ); 4667 xpt_done(ccb); 4668 } else { 4669 mpt_prt(mpt, 4670 "could not allocate status request- dropping\n"); 4671 } 4672 return; 4673 } 4674 req->ccb = ccb; 4675 if (ccb) { 4676 ccb->ccb_h.ccb_mpt_ptr = mpt; 4677 ccb->ccb_h.ccb_req_ptr = req; 4678 } 4679 4680 /* 4681 * Record the currently active ccb, if any, and the 4682 * request for it in our target state area. 4683 */ 4684 tgt->ccb = ccb; 4685 tgt->req = req; 4686 tgt->state = TGT_STATE_SENDING_STATUS; 4687 4688 tp = req->req_vbuf; 4689 paddr = req->req_pbuf; 4690 paddr += MPT_RQSL(mpt); 4691 4692 memset(tp, 0, sizeof (*tp)); 4693 tp->StatusCode = status; 4694 tp->Function = MPI_FUNCTION_TARGET_STATUS_SEND; 4695 if (mpt->is_fc) { 4696 PTR_MPI_TARGET_FCP_CMD_BUFFER fc = 4697 (PTR_MPI_TARGET_FCP_CMD_BUFFER) cmd_vbuf; 4698 uint8_t *sts_vbuf; 4699 uint32_t *rsp; 4700 4701 sts_vbuf = req->req_vbuf; 4702 sts_vbuf += MPT_RQSL(mpt); 4703 rsp = (uint32_t *) sts_vbuf; 4704 memcpy(tp->LUN, fc->FcpLun, sizeof (tp->LUN)); 4705 4706 /* 4707 * The MPI_TARGET_FCP_RSP_BUFFER define is unfortunate. 4708 * It has to be big-endian in memory and is organized 4709 * in 32 bit words, which are much easier to deal with 4710 * as words which are swizzled as needed. 4711 * 4712 * All we're filling here is the FC_RSP payload. 4713 * We may just have the chip synthesize it if 4714 * we have no residual and an OK status. 4715 * 4716 */ 4717 memset(rsp, 0, sizeof (MPI_TARGET_FCP_RSP_BUFFER)); 4718 4719 rsp[2] = htobe32(status); 4720#define MIN_FCP_RESPONSE_SIZE 24 4721#ifndef WE_TRUST_AUTO_GOOD_STATUS 4722 resplen = MIN_FCP_RESPONSE_SIZE; 4723#endif 4724 if (tgt->resid < 0) { 4725 rsp[2] |= htobe32(0x400); /* XXXX NEED MNEMONIC!!!! */ 4726 rsp[3] = htobe32(-tgt->resid); 4727 resplen = MIN_FCP_RESPONSE_SIZE; 4728 } else if (tgt->resid > 0) { 4729 rsp[2] |= htobe32(0x800); /* XXXX NEED MNEMONIC!!!! */ 4730 rsp[3] = htobe32(tgt->resid); 4731 resplen = MIN_FCP_RESPONSE_SIZE; 4732 } 4733 if (sense_len > 0) { 4734 rsp[2] |= htobe32(0x200); /* XXXX NEED MNEMONIC!!!! */ 4735 rsp[4] = htobe32(sense_len); 4736 memcpy(&rsp[6], sense_data, sense_len); 4737 resplen = MIN_FCP_RESPONSE_SIZE + sense_len; 4738 } 4739 } else if (mpt->is_sas) { 4740 PTR_MPI_TARGET_SSP_CMD_BUFFER ssp = 4741 (PTR_MPI_TARGET_SSP_CMD_BUFFER) cmd_vbuf; 4742 memcpy(tp->LUN, ssp->LogicalUnitNumber, sizeof (tp->LUN)); 4743 } else { 4744 PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER sp = 4745 (PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER) cmd_vbuf; 4746 tp->QueueTag = htole16(sp->Tag); 4747 memcpy(tp->LUN, sp->LogicalUnitNumber, sizeof (tp->LUN)); 4748 } 4749 4750 tp->ReplyWord = htole32(tgt->reply_desc); 4751 tp->MsgContext = htole32(req->index | mpt->scsi_tgt_handler_id); 4752 4753#ifdef WE_CAN_USE_AUTO_REPOST 4754 tp->MsgFlags = TARGET_STATUS_SEND_FLAGS_REPOST_CMD_BUFFER; 4755#endif 4756 if (status == SCSI_STATUS_OK && resplen == 0) { 4757 tp->MsgFlags |= TARGET_STATUS_SEND_FLAGS_AUTO_GOOD_STATUS; 4758 } else { 4759 tp->StatusDataSGE.u.Address32 = htole32((uint32_t) paddr); 4760 fl = MPI_SGE_FLAGS_HOST_TO_IOC | 4761 MPI_SGE_FLAGS_SIMPLE_ELEMENT | 4762 MPI_SGE_FLAGS_LAST_ELEMENT | 4763 MPI_SGE_FLAGS_END_OF_LIST | 4764 MPI_SGE_FLAGS_END_OF_BUFFER; 4765 fl <<= MPI_SGE_FLAGS_SHIFT; 4766 fl |= resplen; 4767 tp->StatusDataSGE.FlagsLength = htole32(fl); 4768 } 4769 4770 mpt_lprt(mpt, MPT_PRT_DEBUG, 4771 "STATUS_CCB %p (with%s sense) tag %x req %p:%u resid %u\n", 4772 ccb, sense_len > 0 ? "" : "out", tgt->tag_id, 4773 req, req->serno, tgt->resid); 4774 if (mpt->verbose > MPT_PRT_DEBUG) 4775 mpt_print_request(req->req_vbuf); 4776 if (ccb) { 4777 ccb->ccb_h.status = CAM_SIM_QUEUED | CAM_REQ_INPROG; 4778 mpt_req_timeout(req, SBT_1S * 60, mpt_timeout, ccb); 4779 } 4780 mpt_send_cmd(mpt, req); 4781} 4782 4783static void 4784mpt_scsi_tgt_tsk_mgmt(struct mpt_softc *mpt, request_t *req, mpt_task_mgmt_t fc, 4785 tgt_resource_t *trtp, int init_id) 4786{ 4787 struct ccb_immediate_notify *inot; 4788 mpt_tgt_state_t *tgt; 4789 4790 tgt = MPT_TGT_STATE(mpt, req); 4791 inot = (struct ccb_immediate_notify *) STAILQ_FIRST(&trtp->inots); 4792 if (inot == NULL) { 4793 mpt_lprt(mpt, MPT_PRT_WARN, "no INOTSs- sending back BSY\n"); 4794 mpt_scsi_tgt_status(mpt, NULL, req, SCSI_STATUS_BUSY, NULL, 0); 4795 return; 4796 } 4797 STAILQ_REMOVE_HEAD(&trtp->inots, sim_links.stqe); 4798 mpt_lprt(mpt, MPT_PRT_DEBUG1, 4799 "Get FREE INOT %p lun %jx\n", inot, 4800 (uintmax_t)inot->ccb_h.target_lun); 4801 4802 inot->initiator_id = init_id; /* XXX */ 4803 inot->tag_id = tgt->tag_id; 4804 inot->seq_id = 0; 4805 /* 4806 * This is a somewhat grotesque attempt to map from task management 4807 * to old style SCSI messages. God help us all. 4808 */ 4809 switch (fc) { 4810 case MPT_QUERY_TASK_SET: 4811 inot->arg = MSG_QUERY_TASK_SET; 4812 break; 4813 case MPT_ABORT_TASK_SET: 4814 inot->arg = MSG_ABORT_TASK_SET; 4815 break; 4816 case MPT_CLEAR_TASK_SET: 4817 inot->arg = MSG_CLEAR_TASK_SET; 4818 break; 4819 case MPT_QUERY_ASYNC_EVENT: 4820 inot->arg = MSG_QUERY_ASYNC_EVENT; 4821 break; 4822 case MPT_LOGICAL_UNIT_RESET: 4823 inot->arg = MSG_LOGICAL_UNIT_RESET; 4824 break; 4825 case MPT_TARGET_RESET: 4826 inot->arg = MSG_TARGET_RESET; 4827 break; 4828 case MPT_CLEAR_ACA: 4829 inot->arg = MSG_CLEAR_ACA; 4830 break; 4831 default: 4832 inot->arg = MSG_NOOP; 4833 break; 4834 } 4835 tgt->ccb = (union ccb *) inot; 4836 inot->ccb_h.status = CAM_MESSAGE_RECV; 4837 xpt_done((union ccb *)inot); 4838} 4839 4840static void 4841mpt_scsi_tgt_atio(struct mpt_softc *mpt, request_t *req, uint32_t reply_desc) 4842{ 4843 static uint8_t null_iqd[SHORT_INQUIRY_LENGTH] = { 4844 0x7f, 0x00, 0x02, 0x02, 0x20, 0x00, 0x00, 0x32, 4845 'F', 'R', 'E', 'E', 'B', 'S', 'D', ' ', 4846 'L', 'S', 'I', '-', 'L', 'O', 'G', 'I', 4847 'C', ' ', 'N', 'U', 'L', 'D', 'E', 'V', 4848 '0', '0', '0', '1' 4849 }; 4850 struct ccb_accept_tio *atiop; 4851 lun_id_t lun; 4852 int tag_action = 0; 4853 mpt_tgt_state_t *tgt; 4854 tgt_resource_t *trtp = NULL; 4855 U8 *lunptr; 4856 U8 *vbuf; 4857 U16 ioindex; 4858 mpt_task_mgmt_t fct = MPT_NIL_TMT_VALUE; 4859 uint8_t *cdbp; 4860 4861 /* 4862 * Stash info for the current command where we can get at it later. 4863 */ 4864 vbuf = req->req_vbuf; 4865 vbuf += MPT_RQSL(mpt); 4866 if (mpt->verbose >= MPT_PRT_DEBUG) { 4867 mpt_dump_data(mpt, "mpt_scsi_tgt_atio response", vbuf, 4868 max(sizeof (MPI_TARGET_FCP_CMD_BUFFER), 4869 max(sizeof (MPI_TARGET_SSP_CMD_BUFFER), 4870 sizeof (MPI_TARGET_SCSI_SPI_CMD_BUFFER)))); 4871 } 4872 4873 /* 4874 * Get our state pointer set up. 4875 */ 4876 tgt = MPT_TGT_STATE(mpt, req); 4877 if (tgt->state != TGT_STATE_LOADED) { 4878 mpt_tgt_dump_req_state(mpt, req); 4879 panic("bad target state in mpt_scsi_tgt_atio"); 4880 } 4881 memset(tgt, 0, sizeof (mpt_tgt_state_t)); 4882 tgt->state = TGT_STATE_IN_CAM; 4883 tgt->reply_desc = reply_desc; 4884 ioindex = GET_IO_INDEX(reply_desc); 4885 4886 /* 4887 * The tag we construct here allows us to find the 4888 * original request that the command came in with. 4889 * 4890 * This way we don't have to depend on anything but the 4891 * tag to find things when CCBs show back up from CAM. 4892 */ 4893 tgt->tag_id = MPT_MAKE_TAGID(mpt, req, ioindex); 4894 4895 if (mpt->is_fc) { 4896 PTR_MPI_TARGET_FCP_CMD_BUFFER fc; 4897 fc = (PTR_MPI_TARGET_FCP_CMD_BUFFER) vbuf; 4898 if (fc->FcpCntl[2]) { 4899 /* 4900 * Task Management Request 4901 */ 4902 switch (fc->FcpCntl[2]) { 4903 case 0x1: 4904 fct = MPT_QUERY_TASK_SET; 4905 break; 4906 case 0x2: 4907 fct = MPT_ABORT_TASK_SET; 4908 break; 4909 case 0x4: 4910 fct = MPT_CLEAR_TASK_SET; 4911 break; 4912 case 0x8: 4913 fct = MPT_QUERY_ASYNC_EVENT; 4914 break; 4915 case 0x10: 4916 fct = MPT_LOGICAL_UNIT_RESET; 4917 break; 4918 case 0x20: 4919 fct = MPT_TARGET_RESET; 4920 break; 4921 case 0x40: 4922 fct = MPT_CLEAR_ACA; 4923 break; 4924 default: 4925 mpt_prt(mpt, "CORRUPTED TASK MGMT BITS: 0x%x\n", 4926 fc->FcpCntl[2]); 4927 mpt_scsi_tgt_status(mpt, NULL, req, 4928 SCSI_STATUS_OK, NULL, 0); 4929 return; 4930 } 4931 } else { 4932 switch (fc->FcpCntl[1]) { 4933 case 0: 4934 tag_action = MSG_SIMPLE_Q_TAG; 4935 break; 4936 case 1: 4937 tag_action = MSG_HEAD_OF_Q_TAG; 4938 break; 4939 case 2: 4940 tag_action = MSG_ORDERED_Q_TAG; 4941 break; 4942 default: 4943 /* 4944 * Bah. Ignore Untagged Queing and ACA 4945 */ 4946 tag_action = MSG_SIMPLE_Q_TAG; 4947 break; 4948 } 4949 } 4950 tgt->resid = be32toh(fc->FcpDl); 4951 cdbp = fc->FcpCdb; 4952 lunptr = fc->FcpLun; 4953 tgt->itag = fc->OptionalOxid; 4954 } else if (mpt->is_sas) { 4955 PTR_MPI_TARGET_SSP_CMD_BUFFER ssp; 4956 ssp = (PTR_MPI_TARGET_SSP_CMD_BUFFER) vbuf; 4957 cdbp = ssp->CDB; 4958 lunptr = ssp->LogicalUnitNumber; 4959 tgt->itag = ssp->InitiatorTag; 4960 } else { 4961 PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER sp; 4962 sp = (PTR_MPI_TARGET_SCSI_SPI_CMD_BUFFER) vbuf; 4963 cdbp = sp->CDB; 4964 lunptr = sp->LogicalUnitNumber; 4965 tgt->itag = sp->Tag; 4966 } 4967 4968 lun = CAM_EXTLUN_BYTE_SWIZZLE(be64dec(lunptr)); 4969 4970 /* 4971 * Deal with non-enabled or bad luns here. 4972 */ 4973 if (lun >= MPT_MAX_LUNS || mpt->tenabled == 0 || 4974 mpt->trt[lun].enabled == 0) { 4975 if (mpt->twildcard) { 4976 trtp = &mpt->trt_wildcard; 4977 } else if (fct == MPT_NIL_TMT_VALUE) { 4978 /* 4979 * In this case, we haven't got an upstream listener 4980 * for either a specific lun or wildcard luns. We 4981 * have to make some sensible response. For regular 4982 * inquiry, just return some NOT HERE inquiry data. 4983 * For VPD inquiry, report illegal field in cdb. 4984 * For REQUEST SENSE, just return NO SENSE data. 4985 * REPORT LUNS gets illegal command. 4986 * All other commands get 'no such device'. 4987 */ 4988 uint8_t sense[MPT_SENSE_SIZE]; 4989 size_t len; 4990 4991 memset(sense, 0, sizeof(sense)); 4992 sense[0] = 0xf0; 4993 sense[2] = 0x5; 4994 sense[7] = 0x8; 4995 4996 switch (cdbp[0]) { 4997 case INQUIRY: 4998 { 4999 if (cdbp[1] != 0) { 5000 sense[12] = 0x26; 5001 sense[13] = 0x01; 5002 break; 5003 } 5004 len = min(tgt->resid, cdbp[4]); 5005 len = min(len, sizeof (null_iqd)); 5006 mpt_lprt(mpt, MPT_PRT_DEBUG, 5007 "local inquiry %ld bytes\n", (long) len); 5008 mpt_scsi_tgt_local(mpt, req, lun, 1, 5009 null_iqd, len); 5010 return; 5011 } 5012 case REQUEST_SENSE: 5013 { 5014 sense[2] = 0x0; 5015 len = min(tgt->resid, cdbp[4]); 5016 len = min(len, sizeof (sense)); 5017 mpt_lprt(mpt, MPT_PRT_DEBUG, 5018 "local reqsense %ld bytes\n", (long) len); 5019 mpt_scsi_tgt_local(mpt, req, lun, 1, 5020 sense, len); 5021 return; 5022 } 5023 case REPORT_LUNS: 5024 mpt_lprt(mpt, MPT_PRT_DEBUG, "REPORT LUNS\n"); 5025 sense[12] = 0x26; 5026 return; 5027 default: 5028 mpt_lprt(mpt, MPT_PRT_DEBUG, 5029 "CMD 0x%x to unmanaged lun %jx\n", 5030 cdbp[0], (uintmax_t)lun); 5031 sense[12] = 0x25; 5032 break; 5033 } 5034 mpt_scsi_tgt_status(mpt, NULL, req, 5035 SCSI_STATUS_CHECK_COND, sense, sizeof(sense)); 5036 return; 5037 } 5038 /* otherwise, leave trtp NULL */ 5039 } else { 5040 trtp = &mpt->trt[lun]; 5041 } 5042 5043 /* 5044 * Deal with any task management 5045 */ 5046 if (fct != MPT_NIL_TMT_VALUE) { 5047 if (trtp == NULL) { 5048 mpt_prt(mpt, "task mgmt function %x but no listener\n", 5049 fct); 5050 mpt_scsi_tgt_status(mpt, NULL, req, 5051 SCSI_STATUS_OK, NULL, 0); 5052 } else { 5053 mpt_scsi_tgt_tsk_mgmt(mpt, req, fct, trtp, 5054 GET_INITIATOR_INDEX(reply_desc)); 5055 } 5056 return; 5057 } 5058 5059 5060 atiop = (struct ccb_accept_tio *) STAILQ_FIRST(&trtp->atios); 5061 if (atiop == NULL) { 5062 mpt_lprt(mpt, MPT_PRT_WARN, 5063 "no ATIOs for lun %jx- sending back %s\n", (uintmax_t)lun, 5064 mpt->tenabled? "QUEUE FULL" : "BUSY"); 5065 mpt_scsi_tgt_status(mpt, NULL, req, 5066 mpt->tenabled? SCSI_STATUS_QUEUE_FULL : SCSI_STATUS_BUSY, 5067 NULL, 0); 5068 return; 5069 } 5070 STAILQ_REMOVE_HEAD(&trtp->atios, sim_links.stqe); 5071 mpt_lprt(mpt, MPT_PRT_DEBUG1, 5072 "Get FREE ATIO %p lun %jx\n", atiop, 5073 (uintmax_t)atiop->ccb_h.target_lun); 5074 atiop->ccb_h.ccb_mpt_ptr = mpt; 5075 atiop->ccb_h.status = CAM_CDB_RECVD; 5076 atiop->ccb_h.target_lun = lun; 5077 atiop->sense_len = 0; 5078 atiop->tag_id = tgt->tag_id; 5079 atiop->init_id = GET_INITIATOR_INDEX(reply_desc); 5080 atiop->cdb_len = 16; 5081 memcpy(atiop->cdb_io.cdb_bytes, cdbp, atiop->cdb_len); 5082 if (tag_action) { 5083 atiop->tag_action = tag_action; 5084 atiop->ccb_h.flags |= CAM_TAG_ACTION_VALID; 5085 } 5086 if (mpt->verbose >= MPT_PRT_DEBUG) { 5087 int i; 5088 mpt_prt(mpt, "START_CCB %p for lun %jx CDB=<", atiop, 5089 (uintmax_t)atiop->ccb_h.target_lun); 5090 for (i = 0; i < atiop->cdb_len; i++) { 5091 mpt_prtc(mpt, "%02x%c", cdbp[i] & 0xff, 5092 (i == (atiop->cdb_len - 1))? '>' : ' '); 5093 } 5094 mpt_prtc(mpt, " itag %x tag %x rdesc %x dl=%u\n", 5095 tgt->itag, tgt->tag_id, tgt->reply_desc, tgt->resid); 5096 } 5097 5098 xpt_done((union ccb *)atiop); 5099} 5100 5101static void 5102mpt_tgt_dump_tgt_state(struct mpt_softc *mpt, request_t *req) 5103{ 5104 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, req); 5105 5106 mpt_prt(mpt, "req %p:%u tgt:rdesc 0x%x resid %u xfrd %u ccb %p treq %p " 5107 "nx %d tag 0x%08x itag 0x%04x state=%d\n", req, req->serno, 5108 tgt->reply_desc, tgt->resid, tgt->bytes_xfered, tgt->ccb, 5109 tgt->req, tgt->nxfers, tgt->tag_id, tgt->itag, tgt->state); 5110} 5111 5112static void 5113mpt_tgt_dump_req_state(struct mpt_softc *mpt, request_t *req) 5114{ 5115 5116 mpt_prt(mpt, "req %p:%u index %u (%x) state %x\n", req, req->serno, 5117 req->index, req->index, req->state); 5118 mpt_tgt_dump_tgt_state(mpt, req); 5119} 5120 5121static int 5122mpt_scsi_tgt_reply_handler(struct mpt_softc *mpt, request_t *req, 5123 uint32_t reply_desc, MSG_DEFAULT_REPLY *reply_frame) 5124{ 5125 int dbg; 5126 union ccb *ccb; 5127 U16 status; 5128 5129 if (reply_frame == NULL) { 5130 /* 5131 * Figure out what the state of the command is. 5132 */ 5133 mpt_tgt_state_t *tgt = MPT_TGT_STATE(mpt, req); 5134 5135#ifdef INVARIANTS 5136 mpt_req_spcl(mpt, req, "turbo scsi_tgt_reply", __LINE__); 5137 if (tgt->req) { 5138 mpt_req_not_spcl(mpt, tgt->req, 5139 "turbo scsi_tgt_reply associated req", __LINE__); 5140 } 5141#endif 5142 switch(tgt->state) { 5143 case TGT_STATE_LOADED: 5144 /* 5145 * This is a new command starting. 5146 */ 5147 mpt_scsi_tgt_atio(mpt, req, reply_desc); 5148 break; 5149 case TGT_STATE_MOVING_DATA: 5150 { 5151 ccb = tgt->ccb; 5152 if (tgt->req == NULL) { 5153 panic("mpt: turbo target reply with null " 5154 "associated request moving data"); 5155 /* NOTREACHED */ 5156 } 5157 if (ccb == NULL) { 5158 if (tgt->is_local == 0) { 5159 panic("mpt: turbo target reply with " 5160 "null associated ccb moving data"); 5161 /* NOTREACHED */ 5162 } 5163 mpt_lprt(mpt, MPT_PRT_DEBUG, 5164 "TARGET_ASSIST local done\n"); 5165 TAILQ_REMOVE(&mpt->request_pending_list, 5166 tgt->req, links); 5167 mpt_free_request(mpt, tgt->req); 5168 tgt->req = NULL; 5169 mpt_scsi_tgt_status(mpt, NULL, req, 5170 0, NULL, 0); 5171 return (TRUE); 5172 } 5173 tgt->ccb = NULL; 5174 tgt->nxfers++; 5175 mpt_req_untimeout(tgt->req, mpt_timeout, ccb); 5176 mpt_lprt(mpt, MPT_PRT_DEBUG, 5177 "TARGET_ASSIST %p (req %p:%u) done tag 0x%x\n", 5178 ccb, tgt->req, tgt->req->serno, ccb->csio.tag_id); 5179 /* 5180 * Free the Target Assist Request 5181 */ 5182 KASSERT(tgt->req->ccb == ccb, 5183 ("tgt->req %p:%u tgt->req->ccb %p", tgt->req, 5184 tgt->req->serno, tgt->req->ccb)); 5185 TAILQ_REMOVE(&mpt->request_pending_list, 5186 tgt->req, links); 5187 mpt_free_request(mpt, tgt->req); 5188 tgt->req = NULL; 5189 5190 /* 5191 * Do we need to send status now? That is, are 5192 * we done with all our data transfers? 5193 */ 5194 if ((ccb->ccb_h.flags & CAM_SEND_STATUS) == 0) { 5195 mpt_set_ccb_status(ccb, CAM_REQ_CMP); 5196 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 5197 KASSERT(ccb->ccb_h.status, 5198 ("zero ccb sts at %d", __LINE__)); 5199 tgt->state = TGT_STATE_IN_CAM; 5200 if (mpt->outofbeer) { 5201 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 5202 mpt->outofbeer = 0; 5203 mpt_lprt(mpt, MPT_PRT_DEBUG, "THAWQ\n"); 5204 } 5205 xpt_done(ccb); 5206 break; 5207 } 5208 /* 5209 * Otherwise, send status (and sense) 5210 */ 5211 mpt_scsi_tgt_status(mpt, ccb, req, 5212 ccb->csio.scsi_status, 5213 (void *)&ccb->csio.sense_data, 5214 (ccb->ccb_h.flags & CAM_SEND_SENSE) ? 5215 ccb->csio.sense_len : 0); 5216 break; 5217 } 5218 case TGT_STATE_SENDING_STATUS: 5219 case TGT_STATE_MOVING_DATA_AND_STATUS: 5220 { 5221 int ioindex; 5222 ccb = tgt->ccb; 5223 5224 if (tgt->req == NULL) { 5225 panic("mpt: turbo target reply with null " 5226 "associated request sending status"); 5227 /* NOTREACHED */ 5228 } 5229 5230 if (ccb) { 5231 tgt->ccb = NULL; 5232 if (tgt->state == 5233 TGT_STATE_MOVING_DATA_AND_STATUS) { 5234 tgt->nxfers++; 5235 } 5236 mpt_req_untimeout(tgt->req, mpt_timeout, ccb); 5237 if (ccb->ccb_h.flags & CAM_SEND_SENSE) { 5238 ccb->ccb_h.status |= CAM_SENT_SENSE; 5239 } 5240 mpt_lprt(mpt, MPT_PRT_DEBUG, 5241 "TARGET_STATUS tag %x sts %x flgs %x req " 5242 "%p\n", ccb->csio.tag_id, ccb->ccb_h.status, 5243 ccb->ccb_h.flags, tgt->req); 5244 /* 5245 * Free the Target Send Status Request 5246 */ 5247 KASSERT(tgt->req->ccb == ccb, 5248 ("tgt->req %p:%u tgt->req->ccb %p", 5249 tgt->req, tgt->req->serno, tgt->req->ccb)); 5250 /* 5251 * Notify CAM that we're done 5252 */ 5253 mpt_set_ccb_status(ccb, CAM_REQ_CMP); 5254 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 5255 KASSERT(ccb->ccb_h.status, 5256 ("ZERO ccb sts at %d", __LINE__)); 5257 tgt->ccb = NULL; 5258 } else { 5259 mpt_lprt(mpt, MPT_PRT_DEBUG, 5260 "TARGET_STATUS non-CAM for req %p:%u\n", 5261 tgt->req, tgt->req->serno); 5262 } 5263 TAILQ_REMOVE(&mpt->request_pending_list, 5264 tgt->req, links); 5265 mpt_free_request(mpt, tgt->req); 5266 tgt->req = NULL; 5267 5268 /* 5269 * And re-post the Command Buffer. 5270 * This will reset the state. 5271 */ 5272 ioindex = GET_IO_INDEX(reply_desc); 5273 TAILQ_REMOVE(&mpt->request_pending_list, req, links); 5274 tgt->is_local = 0; 5275 mpt_post_target_command(mpt, req, ioindex); 5276 5277 /* 5278 * And post a done for anyone who cares 5279 */ 5280 if (ccb) { 5281 if (mpt->outofbeer) { 5282 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 5283 mpt->outofbeer = 0; 5284 mpt_lprt(mpt, MPT_PRT_DEBUG, "THAWQ\n"); 5285 } 5286 xpt_done(ccb); 5287 } 5288 break; 5289 } 5290 case TGT_STATE_NIL: /* XXX This Never Happens XXX */ 5291 tgt->state = TGT_STATE_LOADED; 5292 break; 5293 default: 5294 mpt_prt(mpt, "Unknown Target State 0x%x in Context " 5295 "Reply Function\n", tgt->state); 5296 } 5297 return (TRUE); 5298 } 5299 5300 status = le16toh(reply_frame->IOCStatus); 5301 if (status != MPI_IOCSTATUS_SUCCESS) { 5302 dbg = MPT_PRT_ERROR; 5303 } else { 5304 dbg = MPT_PRT_DEBUG1; 5305 } 5306 5307 mpt_lprt(mpt, dbg, 5308 "SCSI_TGT REPLY: req=%p:%u reply=%p func=%x IOCstatus 0x%x\n", 5309 req, req->serno, reply_frame, reply_frame->Function, status); 5310 5311 switch (reply_frame->Function) { 5312 case MPI_FUNCTION_TARGET_CMD_BUFFER_POST: 5313 { 5314 mpt_tgt_state_t *tgt; 5315#ifdef INVARIANTS 5316 mpt_req_spcl(mpt, req, "tgt reply BUFFER POST", __LINE__); 5317#endif 5318 if (status != MPI_IOCSTATUS_SUCCESS) { 5319 /* 5320 * XXX What to do? 5321 */ 5322 break; 5323 } 5324 tgt = MPT_TGT_STATE(mpt, req); 5325 KASSERT(tgt->state == TGT_STATE_LOADING, 5326 ("bad state 0x%x on reply to buffer post", tgt->state)); 5327 mpt_assign_serno(mpt, req); 5328 tgt->state = TGT_STATE_LOADED; 5329 break; 5330 } 5331 case MPI_FUNCTION_TARGET_ASSIST: 5332#ifdef INVARIANTS 5333 mpt_req_not_spcl(mpt, req, "tgt reply TARGET ASSIST", __LINE__); 5334#endif 5335 mpt_prt(mpt, "target assist completion\n"); 5336 TAILQ_REMOVE(&mpt->request_pending_list, req, links); 5337 mpt_free_request(mpt, req); 5338 break; 5339 case MPI_FUNCTION_TARGET_STATUS_SEND: 5340#ifdef INVARIANTS 5341 mpt_req_not_spcl(mpt, req, "tgt reply STATUS SEND", __LINE__); 5342#endif 5343 mpt_prt(mpt, "status send completion\n"); 5344 TAILQ_REMOVE(&mpt->request_pending_list, req, links); 5345 mpt_free_request(mpt, req); 5346 break; 5347 case MPI_FUNCTION_TARGET_MODE_ABORT: 5348 { 5349 PTR_MSG_TARGET_MODE_ABORT_REPLY abtrp = 5350 (PTR_MSG_TARGET_MODE_ABORT_REPLY) reply_frame; 5351 PTR_MSG_TARGET_MODE_ABORT abtp = 5352 (PTR_MSG_TARGET_MODE_ABORT) req->req_vbuf; 5353 uint32_t cc = GET_IO_INDEX(le32toh(abtp->ReplyWord)); 5354#ifdef INVARIANTS 5355 mpt_req_not_spcl(mpt, req, "tgt reply TMODE ABORT", __LINE__); 5356#endif 5357 mpt_prt(mpt, "ABORT RX_ID 0x%x Complete; status 0x%x cnt %u\n", 5358 cc, le16toh(abtrp->IOCStatus), le32toh(abtrp->AbortCount)); 5359 TAILQ_REMOVE(&mpt->request_pending_list, req, links); 5360 mpt_free_request(mpt, req); 5361 break; 5362 } 5363 default: 5364 mpt_prt(mpt, "Unknown Target Address Reply Function code: " 5365 "0x%x\n", reply_frame->Function); 5366 break; 5367 } 5368 return (TRUE); 5369} 5370