1/*- 2 * Copyright (c) 2009 Yahoo! Inc. 3 * Copyright (c) 2011-2015 LSI Corp. 4 * Copyright (c) 2013-2016 Avago Technologies 5 * Copyright 2000-2020 Broadcom Inc. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * Broadcom Inc. (LSI) MPT-Fusion Host Adapter FreeBSD 30 * 31 */ 32 33#include <sys/cdefs.h> 34/* Communications core for Avago Technologies (LSI) MPT3 */ 35 36/* TODO Move headers to mprvar */ 37#include <sys/types.h> 38#include <sys/param.h> 39#include <sys/systm.h> 40#include <sys/kernel.h> 41#include <sys/selinfo.h> 42#include <sys/module.h> 43#include <sys/bus.h> 44#include <sys/conf.h> 45#include <sys/bio.h> 46#include <sys/malloc.h> 47#include <sys/uio.h> 48#include <sys/sysctl.h> 49#include <sys/endian.h> 50#include <sys/queue.h> 51#include <sys/kthread.h> 52#include <sys/taskqueue.h> 53#include <sys/sbuf.h> 54 55#include <machine/bus.h> 56#include <machine/resource.h> 57#include <sys/rman.h> 58 59#include <machine/stdarg.h> 60 61#include <cam/cam.h> 62#include <cam/cam_ccb.h> 63#include <cam/cam_debug.h> 64#include <cam/cam_sim.h> 65#include <cam/cam_xpt_sim.h> 66#include <cam/cam_xpt_periph.h> 67#include <cam/cam_periph.h> 68#include <cam/scsi/scsi_all.h> 69#include <cam/scsi/scsi_message.h> 70#include <cam/scsi/smp_all.h> 71 72#include <dev/nvme/nvme.h> 73 74#include <dev/mpr/mpi/mpi2_type.h> 75#include <dev/mpr/mpi/mpi2.h> 76#include <dev/mpr/mpi/mpi2_ioc.h> 77#include <dev/mpr/mpi/mpi2_sas.h> 78#include <dev/mpr/mpi/mpi2_pci.h> 79#include <dev/mpr/mpi/mpi2_cnfg.h> 80#include <dev/mpr/mpi/mpi2_init.h> 81#include <dev/mpr/mpi/mpi2_tool.h> 82#include <dev/mpr/mpr_ioctl.h> 83#include <dev/mpr/mprvar.h> 84#include <dev/mpr/mpr_table.h> 85#include <dev/mpr/mpr_sas.h> 86 87#define MPRSAS_DISCOVERY_TIMEOUT 20 88#define MPRSAS_MAX_DISCOVERY_TIMEOUTS 10 /* 200 seconds */ 89 90/* 91 * static array to check SCSI OpCode for EEDP protection bits 92 */ 93#define PRO_R MPI2_SCSIIO_EEDPFLAGS_CHECK_REMOVE_OP 94#define PRO_W MPI2_SCSIIO_EEDPFLAGS_INSERT_OP 95#define PRO_V MPI2_SCSIIO_EEDPFLAGS_INSERT_OP 96static uint8_t op_code_prot[256] = { 97 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 98 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 99 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 100 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 101 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 102 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 103 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 104 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 105 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 106 0, 0, 0, PRO_W, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 107 0, 0, 0, 0, 0, 0, 0, 0, PRO_R, 0, PRO_W, 0, 0, 0, PRO_W, PRO_V, 108 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 109 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 110 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 111 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 112 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 113}; 114 115MALLOC_DEFINE(M_MPRSAS, "MPRSAS", "MPR SAS memory"); 116 117static void mprsas_remove_device(struct mpr_softc *, struct mpr_command *); 118static void mprsas_remove_complete(struct mpr_softc *, struct mpr_command *); 119static void mprsas_action(struct cam_sim *sim, union ccb *ccb); 120static void mprsas_poll(struct cam_sim *sim); 121static void mprsas_scsiio_timeout(void *data); 122static void mprsas_abort_complete(struct mpr_softc *sc, struct mpr_command *cm); 123static void mprsas_action_scsiio(struct mprsas_softc *, union ccb *); 124static void mprsas_scsiio_complete(struct mpr_softc *, struct mpr_command *); 125static void mprsas_action_resetdev(struct mprsas_softc *, union ccb *); 126static void mprsas_resetdev_complete(struct mpr_softc *, struct mpr_command *); 127static int mprsas_send_abort(struct mpr_softc *sc, struct mpr_command *tm, 128 struct mpr_command *cm); 129static void mprsas_async(void *callback_arg, uint32_t code, 130 struct cam_path *path, void *arg); 131static int mprsas_send_portenable(struct mpr_softc *sc); 132static void mprsas_portenable_complete(struct mpr_softc *sc, 133 struct mpr_command *cm); 134 135static void mprsas_smpio_complete(struct mpr_softc *sc, struct mpr_command *cm); 136static void mprsas_send_smpcmd(struct mprsas_softc *sassc, union ccb *ccb, 137 uint64_t sasaddr); 138static void mprsas_action_smpio(struct mprsas_softc *sassc, union ccb *ccb); 139 140struct mprsas_target * 141mprsas_find_target_by_handle(struct mprsas_softc *sassc, int start, 142 uint16_t handle) 143{ 144 struct mprsas_target *target; 145 int i; 146 147 for (i = start; i < sassc->maxtargets; i++) { 148 target = &sassc->targets[i]; 149 if (target->handle == handle) 150 return (target); 151 } 152 153 return (NULL); 154} 155 156/* we need to freeze the simq during attach and diag reset, to avoid failing 157 * commands before device handles have been found by discovery. Since 158 * discovery involves reading config pages and possibly sending commands, 159 * discovery actions may continue even after we receive the end of discovery 160 * event, so refcount discovery actions instead of assuming we can unfreeze 161 * the simq when we get the event. 162 */ 163void 164mprsas_startup_increment(struct mprsas_softc *sassc) 165{ 166 MPR_FUNCTRACE(sassc->sc); 167 168 if ((sassc->flags & MPRSAS_IN_STARTUP) != 0) { 169 if (sassc->startup_refcount++ == 0) { 170 /* just starting, freeze the simq */ 171 mpr_dprint(sassc->sc, MPR_INIT, 172 "%s freezing simq\n", __func__); 173 xpt_hold_boot(); 174 xpt_freeze_simq(sassc->sim, 1); 175 } 176 mpr_dprint(sassc->sc, MPR_INIT, "%s refcount %u\n", __func__, 177 sassc->startup_refcount); 178 } 179} 180 181void 182mprsas_release_simq_reinit(struct mprsas_softc *sassc) 183{ 184 if (sassc->flags & MPRSAS_QUEUE_FROZEN) { 185 sassc->flags &= ~MPRSAS_QUEUE_FROZEN; 186 xpt_release_simq(sassc->sim, 1); 187 mpr_dprint(sassc->sc, MPR_INFO, "Unfreezing SIM queue\n"); 188 } 189} 190 191void 192mprsas_startup_decrement(struct mprsas_softc *sassc) 193{ 194 MPR_FUNCTRACE(sassc->sc); 195 196 if ((sassc->flags & MPRSAS_IN_STARTUP) != 0) { 197 if (--sassc->startup_refcount == 0) { 198 /* finished all discovery-related actions, release 199 * the simq and rescan for the latest topology. 200 */ 201 mpr_dprint(sassc->sc, MPR_INIT, 202 "%s releasing simq\n", __func__); 203 sassc->flags &= ~MPRSAS_IN_STARTUP; 204 xpt_release_simq(sassc->sim, 1); 205 xpt_release_boot(); 206 } 207 mpr_dprint(sassc->sc, MPR_INIT, "%s refcount %u\n", __func__, 208 sassc->startup_refcount); 209 } 210} 211 212/* 213 * The firmware requires us to stop sending commands when we're doing task 214 * management. 215 * use. 216 * XXX The logic for serializing the device has been made lazy and moved to 217 * mprsas_prepare_for_tm(). 218 */ 219struct mpr_command * 220mprsas_alloc_tm(struct mpr_softc *sc) 221{ 222 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 223 struct mpr_command *tm; 224 225 MPR_FUNCTRACE(sc); 226 tm = mpr_alloc_high_priority_command(sc); 227 if (tm == NULL) 228 return (NULL); 229 230 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 231 req->Function = MPI2_FUNCTION_SCSI_TASK_MGMT; 232 return tm; 233} 234 235void 236mprsas_free_tm(struct mpr_softc *sc, struct mpr_command *tm) 237{ 238 239 MPR_FUNCTRACE(sc); 240 if (tm == NULL) 241 return; 242 243 /* 244 * For TM's the devq is frozen for the device. Unfreeze it here and 245 * free the resources used for freezing the devq. Must clear the 246 * INRESET flag as well or scsi I/O will not work. 247 */ 248 if (tm->cm_ccb) { 249 mpr_dprint(sc, MPR_XINFO | MPR_RECOVERY, 250 "Unfreezing devq for target ID %d\n", 251 tm->cm_targ->tid); 252 tm->cm_targ->flags &= ~MPRSAS_TARGET_INRESET; 253 xpt_release_devq(tm->cm_ccb->ccb_h.path, 1, TRUE); 254 xpt_free_path(tm->cm_ccb->ccb_h.path); 255 xpt_free_ccb(tm->cm_ccb); 256 } 257 258 mpr_free_high_priority_command(sc, tm); 259} 260 261void 262mprsas_rescan_target(struct mpr_softc *sc, struct mprsas_target *targ) 263{ 264 struct mprsas_softc *sassc = sc->sassc; 265 path_id_t pathid; 266 target_id_t targetid; 267 union ccb *ccb; 268 269 MPR_FUNCTRACE(sc); 270 pathid = cam_sim_path(sassc->sim); 271 if (targ == NULL) 272 targetid = CAM_TARGET_WILDCARD; 273 else 274 targetid = targ - sassc->targets; 275 276 /* 277 * Allocate a CCB and schedule a rescan. 278 */ 279 ccb = xpt_alloc_ccb_nowait(); 280 if (ccb == NULL) { 281 mpr_dprint(sc, MPR_ERROR, "unable to alloc CCB for rescan\n"); 282 return; 283 } 284 285 if (xpt_create_path(&ccb->ccb_h.path, NULL, pathid, targetid, 286 CAM_LUN_WILDCARD) != CAM_REQ_CMP) { 287 mpr_dprint(sc, MPR_ERROR, "unable to create path for rescan\n"); 288 xpt_free_ccb(ccb); 289 return; 290 } 291 292 if (targetid == CAM_TARGET_WILDCARD) 293 ccb->ccb_h.func_code = XPT_SCAN_BUS; 294 else 295 ccb->ccb_h.func_code = XPT_SCAN_TGT; 296 297 mpr_dprint(sc, MPR_TRACE, "%s targetid %u\n", __func__, targetid); 298 xpt_rescan(ccb); 299} 300 301static void 302mprsas_log_command(struct mpr_command *cm, u_int level, const char *fmt, ...) 303{ 304 struct sbuf sb; 305 va_list ap; 306 char str[224]; 307 308 if (cm == NULL) 309 return; 310 311 /* No need to be in here if debugging isn't enabled */ 312 if ((cm->cm_sc->mpr_debug & level) == 0) 313 return; 314 315 sbuf_new(&sb, str, sizeof(str), 0); 316 317 va_start(ap, fmt); 318 319 if (cm->cm_ccb != NULL) { 320 xpt_path_sbuf(cm->cm_ccb->csio.ccb_h.path, &sb); 321 if (cm->cm_ccb->ccb_h.func_code == XPT_SCSI_IO) { 322 scsi_command_string(&cm->cm_ccb->csio, &sb); 323 sbuf_printf(&sb, "length %d ", 324 cm->cm_ccb->csio.dxfer_len); 325 } 326 } else { 327 sbuf_printf(&sb, "(noperiph:%s%d:%u:%u:%u): ", 328 cam_sim_name(cm->cm_sc->sassc->sim), 329 cam_sim_unit(cm->cm_sc->sassc->sim), 330 cam_sim_bus(cm->cm_sc->sassc->sim), 331 cm->cm_targ ? cm->cm_targ->tid : 0xFFFFFFFF, 332 cm->cm_lun); 333 } 334 335 sbuf_printf(&sb, "SMID %u ", cm->cm_desc.Default.SMID); 336 sbuf_vprintf(&sb, fmt, ap); 337 sbuf_finish(&sb); 338 mpr_print_field(cm->cm_sc, "%s", sbuf_data(&sb)); 339 340 va_end(ap); 341} 342 343static void 344mprsas_remove_volume(struct mpr_softc *sc, struct mpr_command *tm) 345{ 346 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 347 struct mprsas_target *targ; 348 uint16_t handle; 349 350 MPR_FUNCTRACE(sc); 351 352 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 353 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 354 targ = tm->cm_targ; 355 356 if (reply == NULL) { 357 /* XXX retry the remove after the diag reset completes? */ 358 mpr_dprint(sc, MPR_FAULT, "%s NULL reply resetting device " 359 "0x%04x\n", __func__, handle); 360 mprsas_free_tm(sc, tm); 361 return; 362 } 363 364 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 365 MPI2_IOCSTATUS_SUCCESS) { 366 mpr_dprint(sc, MPR_ERROR, "IOCStatus = 0x%x while resetting " 367 "device 0x%x\n", le16toh(reply->IOCStatus), handle); 368 } 369 370 mpr_dprint(sc, MPR_XINFO, "Reset aborted %u commands\n", 371 le32toh(reply->TerminationCount)); 372 mpr_free_reply(sc, tm->cm_reply_data); 373 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */ 374 375 mpr_dprint(sc, MPR_XINFO, "clearing target %u handle 0x%04x\n", 376 targ->tid, handle); 377 378 /* 379 * Don't clear target if remove fails because things will get confusing. 380 * Leave the devname and sasaddr intact so that we know to avoid reusing 381 * this target id if possible, and so we can assign the same target id 382 * to this device if it comes back in the future. 383 */ 384 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) == 385 MPI2_IOCSTATUS_SUCCESS) { 386 targ = tm->cm_targ; 387 targ->handle = 0x0; 388 targ->encl_handle = 0x0; 389 targ->encl_level_valid = 0x0; 390 targ->encl_level = 0x0; 391 targ->connector_name[0] = ' '; 392 targ->connector_name[1] = ' '; 393 targ->connector_name[2] = ' '; 394 targ->connector_name[3] = ' '; 395 targ->encl_slot = 0x0; 396 targ->exp_dev_handle = 0x0; 397 targ->phy_num = 0x0; 398 targ->linkrate = 0x0; 399 targ->devinfo = 0x0; 400 targ->flags = 0x0; 401 targ->scsi_req_desc_type = 0; 402 } 403 404 mprsas_free_tm(sc, tm); 405} 406 407/* 408 * Retry mprsas_prepare_remove() if some previous attempt failed to allocate 409 * high priority command due to limit reached. 410 */ 411void 412mprsas_prepare_remove_retry(struct mprsas_softc *sassc) 413{ 414 struct mprsas_target *target; 415 int i; 416 417 if ((sassc->flags & MPRSAS_TOREMOVE) == 0) 418 return; 419 420 for (i = 0; i < sassc->maxtargets; i++) { 421 target = &sassc->targets[i]; 422 if ((target->flags & MPRSAS_TARGET_TOREMOVE) == 0) 423 continue; 424 if (TAILQ_EMPTY(&sassc->sc->high_priority_req_list)) 425 return; 426 target->flags &= ~MPRSAS_TARGET_TOREMOVE; 427 if (target->flags & MPR_TARGET_FLAGS_VOLUME) 428 mprsas_prepare_volume_remove(sassc, target->handle); 429 else 430 mprsas_prepare_remove(sassc, target->handle); 431 } 432 sassc->flags &= ~MPRSAS_TOREMOVE; 433} 434 435/* 436 * No Need to call "MPI2_SAS_OP_REMOVE_DEVICE" For Volume removal. 437 * Otherwise Volume Delete is same as Bare Drive Removal. 438 */ 439void 440mprsas_prepare_volume_remove(struct mprsas_softc *sassc, uint16_t handle) 441{ 442 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 443 struct mpr_softc *sc; 444 struct mpr_command *cm; 445 struct mprsas_target *targ = NULL; 446 447 MPR_FUNCTRACE(sassc->sc); 448 sc = sassc->sc; 449 450 targ = mprsas_find_target_by_handle(sassc, 0, handle); 451 if (targ == NULL) { 452 /* FIXME: what is the action? */ 453 /* We don't know about this device? */ 454 mpr_dprint(sc, MPR_ERROR, 455 "%s %d : invalid handle 0x%x \n", __func__,__LINE__, handle); 456 return; 457 } 458 459 targ->flags |= MPRSAS_TARGET_INREMOVAL; 460 461 cm = mprsas_alloc_tm(sc); 462 if (cm == NULL) { 463 targ->flags |= MPRSAS_TARGET_TOREMOVE; 464 sassc->flags |= MPRSAS_TOREMOVE; 465 return; 466 } 467 468 mprsas_rescan_target(sc, targ); 469 470 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)cm->cm_req; 471 req->DevHandle = targ->handle; 472 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 473 474 if (!targ->is_nvme || sc->custom_nvme_tm_handling) { 475 /* SAS Hard Link Reset / SATA Link Reset */ 476 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 477 } else { 478 /* PCIe Protocol Level Reset*/ 479 req->MsgFlags = 480 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE; 481 } 482 483 cm->cm_targ = targ; 484 cm->cm_data = NULL; 485 cm->cm_complete = mprsas_remove_volume; 486 cm->cm_complete_data = (void *)(uintptr_t)handle; 487 488 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n", 489 __func__, targ->tid); 490 mprsas_prepare_for_tm(sc, cm, targ, CAM_LUN_WILDCARD); 491 492 mpr_map_command(sc, cm); 493} 494 495/* 496 * The firmware performs debounce on the link to avoid transient link errors 497 * and false removals. When it does decide that link has been lost and a 498 * device needs to go away, it expects that the host will perform a target reset 499 * and then an op remove. The reset has the side-effect of aborting any 500 * outstanding requests for the device, which is required for the op-remove to 501 * succeed. It's not clear if the host should check for the device coming back 502 * alive after the reset. 503 */ 504void 505mprsas_prepare_remove(struct mprsas_softc *sassc, uint16_t handle) 506{ 507 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 508 struct mpr_softc *sc; 509 struct mpr_command *tm; 510 struct mprsas_target *targ = NULL; 511 512 MPR_FUNCTRACE(sassc->sc); 513 514 sc = sassc->sc; 515 516 targ = mprsas_find_target_by_handle(sassc, 0, handle); 517 if (targ == NULL) { 518 /* FIXME: what is the action? */ 519 /* We don't know about this device? */ 520 mpr_dprint(sc, MPR_ERROR, "%s : invalid handle 0x%x \n", 521 __func__, handle); 522 return; 523 } 524 525 targ->flags |= MPRSAS_TARGET_INREMOVAL; 526 527 tm = mprsas_alloc_tm(sc); 528 if (tm == NULL) { 529 targ->flags |= MPRSAS_TARGET_TOREMOVE; 530 sassc->flags |= MPRSAS_TOREMOVE; 531 return; 532 } 533 534 mprsas_rescan_target(sc, targ); 535 536 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 537 req->DevHandle = htole16(targ->handle); 538 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 539 540 /* SAS Hard Link Reset / SATA Link Reset */ 541 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 542 543 tm->cm_targ = targ; 544 tm->cm_data = NULL; 545 tm->cm_complete = mprsas_remove_device; 546 tm->cm_complete_data = (void *)(uintptr_t)handle; 547 548 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n", 549 __func__, targ->tid); 550 mprsas_prepare_for_tm(sc, tm, targ, CAM_LUN_WILDCARD); 551 552 mpr_map_command(sc, tm); 553} 554 555static void 556mprsas_remove_device(struct mpr_softc *sc, struct mpr_command *tm) 557{ 558 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 559 MPI2_SAS_IOUNIT_CONTROL_REQUEST *req; 560 struct mprsas_target *targ; 561 uint16_t handle; 562 563 MPR_FUNCTRACE(sc); 564 565 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 566 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 567 targ = tm->cm_targ; 568 569 /* 570 * Currently there should be no way we can hit this case. It only 571 * happens when we have a failure to allocate chain frames, and 572 * task management commands don't have S/G lists. 573 */ 574 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 575 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for remove of " 576 "handle %#04x! This should not happen!\n", __func__, 577 tm->cm_flags, handle); 578 } 579 580 if (reply == NULL) { 581 /* XXX retry the remove after the diag reset completes? */ 582 mpr_dprint(sc, MPR_FAULT, "%s NULL reply resetting device " 583 "0x%04x\n", __func__, handle); 584 mprsas_free_tm(sc, tm); 585 return; 586 } 587 588 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 589 MPI2_IOCSTATUS_SUCCESS) { 590 mpr_dprint(sc, MPR_ERROR, "IOCStatus = 0x%x while resetting " 591 "device 0x%x\n", le16toh(reply->IOCStatus), handle); 592 } 593 594 mpr_dprint(sc, MPR_XINFO, "Reset aborted %u commands\n", 595 le32toh(reply->TerminationCount)); 596 mpr_free_reply(sc, tm->cm_reply_data); 597 tm->cm_reply = NULL; /* Ensures the reply won't get re-freed */ 598 599 /* Reuse the existing command */ 600 req = (MPI2_SAS_IOUNIT_CONTROL_REQUEST *)tm->cm_req; 601 memset(req, 0, sizeof(*req)); 602 req->Function = MPI2_FUNCTION_SAS_IO_UNIT_CONTROL; 603 req->Operation = MPI2_SAS_OP_REMOVE_DEVICE; 604 req->DevHandle = htole16(handle); 605 tm->cm_data = NULL; 606 tm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 607 tm->cm_complete = mprsas_remove_complete; 608 tm->cm_complete_data = (void *)(uintptr_t)handle; 609 610 /* 611 * Wait to send the REMOVE_DEVICE until all the commands have cleared. 612 * They should be aborted or time out and we'll kick thus off there 613 * if so. 614 */ 615 if (TAILQ_FIRST(&targ->commands) == NULL) { 616 mpr_dprint(sc, MPR_INFO, 617 "No pending commands: starting remove_device for target %u handle 0x%04x\n", 618 targ->tid, handle); 619 mpr_map_command(sc, tm); 620 targ->pending_remove_tm = NULL; 621 } else { 622 targ->pending_remove_tm = tm; 623 } 624 625 mpr_dprint(sc, MPR_INFO, "clearing target %u handle 0x%04x\n", 626 targ->tid, handle); 627 if (targ->encl_level_valid) { 628 mpr_dprint(sc, MPR_INFO, "At enclosure level %d, slot %d, " 629 "connector name (%4s)\n", targ->encl_level, targ->encl_slot, 630 targ->connector_name); 631 } 632} 633 634static void 635mprsas_remove_complete(struct mpr_softc *sc, struct mpr_command *tm) 636{ 637 MPI2_SAS_IOUNIT_CONTROL_REPLY *reply; 638 uint16_t handle; 639 struct mprsas_target *targ; 640 struct mprsas_lun *lun; 641 642 MPR_FUNCTRACE(sc); 643 644 reply = (MPI2_SAS_IOUNIT_CONTROL_REPLY *)tm->cm_reply; 645 handle = (uint16_t)(uintptr_t)tm->cm_complete_data; 646 647 targ = tm->cm_targ; 648 649 /* 650 * At this point, we should have no pending commands for the target. 651 * The remove target has just completed. 652 */ 653 KASSERT(TAILQ_FIRST(&targ->commands) == NULL, 654 ("%s: no commands should be pending\n", __func__)); 655 656 /* 657 * Currently there should be no way we can hit this case. It only 658 * happens when we have a failure to allocate chain frames, and 659 * task management commands don't have S/G lists. 660 */ 661 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 662 mpr_dprint(sc, MPR_XINFO, "%s: cm_flags = %#x for remove of " 663 "handle %#04x! This should not happen!\n", __func__, 664 tm->cm_flags, handle); 665 mprsas_free_tm(sc, tm); 666 return; 667 } 668 669 if (reply == NULL) { 670 /* most likely a chip reset */ 671 mpr_dprint(sc, MPR_FAULT, "%s NULL reply removing device " 672 "0x%04x\n", __func__, handle); 673 mprsas_free_tm(sc, tm); 674 return; 675 } 676 677 mpr_dprint(sc, MPR_XINFO, "%s on handle 0x%04x, IOCStatus= 0x%x\n", 678 __func__, handle, le16toh(reply->IOCStatus)); 679 680 /* 681 * Don't clear target if remove fails because things will get confusing. 682 * Leave the devname and sasaddr intact so that we know to avoid reusing 683 * this target id if possible, and so we can assign the same target id 684 * to this device if it comes back in the future. 685 */ 686 if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) == 687 MPI2_IOCSTATUS_SUCCESS) { 688 targ->handle = 0x0; 689 targ->encl_handle = 0x0; 690 targ->encl_level_valid = 0x0; 691 targ->encl_level = 0x0; 692 targ->connector_name[0] = ' '; 693 targ->connector_name[1] = ' '; 694 targ->connector_name[2] = ' '; 695 targ->connector_name[3] = ' '; 696 targ->encl_slot = 0x0; 697 targ->exp_dev_handle = 0x0; 698 targ->phy_num = 0x0; 699 targ->linkrate = 0x0; 700 targ->devinfo = 0x0; 701 targ->flags = 0x0; 702 targ->scsi_req_desc_type = 0; 703 704 while (!SLIST_EMPTY(&targ->luns)) { 705 lun = SLIST_FIRST(&targ->luns); 706 SLIST_REMOVE_HEAD(&targ->luns, lun_link); 707 free(lun, M_MPR); 708 } 709 } 710 711 mprsas_free_tm(sc, tm); 712} 713 714static int 715mprsas_register_events(struct mpr_softc *sc) 716{ 717 uint8_t events[16]; 718 719 bzero(events, 16); 720 setbit(events, MPI2_EVENT_SAS_DEVICE_STATUS_CHANGE); 721 setbit(events, MPI2_EVENT_SAS_DISCOVERY); 722 setbit(events, MPI2_EVENT_SAS_BROADCAST_PRIMITIVE); 723 setbit(events, MPI2_EVENT_SAS_INIT_DEVICE_STATUS_CHANGE); 724 setbit(events, MPI2_EVENT_SAS_INIT_TABLE_OVERFLOW); 725 setbit(events, MPI2_EVENT_SAS_TOPOLOGY_CHANGE_LIST); 726 setbit(events, MPI2_EVENT_SAS_ENCL_DEVICE_STATUS_CHANGE); 727 setbit(events, MPI2_EVENT_IR_CONFIGURATION_CHANGE_LIST); 728 setbit(events, MPI2_EVENT_IR_VOLUME); 729 setbit(events, MPI2_EVENT_IR_PHYSICAL_DISK); 730 setbit(events, MPI2_EVENT_IR_OPERATION_STATUS); 731 setbit(events, MPI2_EVENT_TEMP_THRESHOLD); 732 setbit(events, MPI2_EVENT_SAS_DEVICE_DISCOVERY_ERROR); 733 if (sc->facts->MsgVersion >= MPI2_VERSION_02_06) { 734 setbit(events, MPI2_EVENT_ACTIVE_CABLE_EXCEPTION); 735 if (sc->mpr_flags & MPR_FLAGS_GEN35_IOC) { 736 setbit(events, MPI2_EVENT_PCIE_DEVICE_STATUS_CHANGE); 737 setbit(events, MPI2_EVENT_PCIE_ENUMERATION); 738 setbit(events, MPI2_EVENT_PCIE_TOPOLOGY_CHANGE_LIST); 739 } 740 } 741 742 mpr_register_events(sc, events, mprsas_evt_handler, NULL, 743 &sc->sassc->mprsas_eh); 744 745 return (0); 746} 747 748int 749mpr_attach_sas(struct mpr_softc *sc) 750{ 751 struct mprsas_softc *sassc; 752 cam_status status; 753 int unit, error = 0, reqs; 754 755 MPR_FUNCTRACE(sc); 756 mpr_dprint(sc, MPR_INIT, "%s entered\n", __func__); 757 758 sassc = malloc(sizeof(struct mprsas_softc), M_MPR, M_WAITOK|M_ZERO); 759 760 /* 761 * XXX MaxTargets could change during a reinit. Since we don't 762 * resize the targets[] array during such an event, cache the value 763 * of MaxTargets here so that we don't get into trouble later. This 764 * should move into the reinit logic. 765 */ 766 sassc->maxtargets = sc->facts->MaxTargets + sc->facts->MaxVolumes; 767 sassc->targets = malloc(sizeof(struct mprsas_target) * 768 sassc->maxtargets, M_MPR, M_WAITOK|M_ZERO); 769 sc->sassc = sassc; 770 sassc->sc = sc; 771 772 reqs = sc->num_reqs - sc->num_prireqs - 1; 773 if ((sassc->devq = cam_simq_alloc(reqs)) == NULL) { 774 mpr_dprint(sc, MPR_INIT|MPR_ERROR, "Cannot allocate SIMQ\n"); 775 error = ENOMEM; 776 goto out; 777 } 778 779 unit = device_get_unit(sc->mpr_dev); 780 sassc->sim = cam_sim_alloc(mprsas_action, mprsas_poll, "mpr", sassc, 781 unit, &sc->mpr_mtx, reqs, reqs, sassc->devq); 782 if (sassc->sim == NULL) { 783 mpr_dprint(sc, MPR_INIT|MPR_ERROR, "Cannot allocate SIM\n"); 784 error = EINVAL; 785 goto out; 786 } 787 788 TAILQ_INIT(&sassc->ev_queue); 789 790 /* Initialize taskqueue for Event Handling */ 791 TASK_INIT(&sassc->ev_task, 0, mprsas_firmware_event_work, sc); 792 sassc->ev_tq = taskqueue_create("mpr_taskq", M_NOWAIT | M_ZERO, 793 taskqueue_thread_enqueue, &sassc->ev_tq); 794 taskqueue_start_threads(&sassc->ev_tq, 1, PRIBIO, "%s taskq", 795 device_get_nameunit(sc->mpr_dev)); 796 797 mpr_lock(sc); 798 799 /* 800 * XXX There should be a bus for every port on the adapter, but since 801 * we're just going to fake the topology for now, we'll pretend that 802 * everything is just a target on a single bus. 803 */ 804 if ((error = xpt_bus_register(sassc->sim, sc->mpr_dev, 0)) != 0) { 805 mpr_dprint(sc, MPR_INIT|MPR_ERROR, 806 "Error %d registering SCSI bus\n", error); 807 mpr_unlock(sc); 808 goto out; 809 } 810 811 /* 812 * Assume that discovery events will start right away. 813 * 814 * Hold off boot until discovery is complete. 815 */ 816 sassc->flags |= MPRSAS_IN_STARTUP | MPRSAS_IN_DISCOVERY; 817 sc->sassc->startup_refcount = 0; 818 mprsas_startup_increment(sassc); 819 820 mpr_unlock(sc); 821 822 /* 823 * Register for async events so we can determine the EEDP 824 * capabilities of devices. 825 */ 826 status = xpt_create_path(&sassc->path, /*periph*/NULL, 827 cam_sim_path(sc->sassc->sim), CAM_TARGET_WILDCARD, 828 CAM_LUN_WILDCARD); 829 if (status != CAM_REQ_CMP) { 830 mpr_dprint(sc, MPR_INIT|MPR_ERROR, 831 "Error %#x creating sim path\n", status); 832 sassc->path = NULL; 833 } else { 834 int event; 835 836 event = AC_ADVINFO_CHANGED; 837 status = xpt_register_async(event, mprsas_async, sc, 838 sassc->path); 839 840 if (status != CAM_REQ_CMP) { 841 mpr_dprint(sc, MPR_ERROR, 842 "Error %#x registering async handler for " 843 "AC_ADVINFO_CHANGED events\n", status); 844 xpt_free_path(sassc->path); 845 sassc->path = NULL; 846 } 847 } 848 if (status != CAM_REQ_CMP) { 849 /* 850 * EEDP use is the exception, not the rule. 851 * Warn the user, but do not fail to attach. 852 */ 853 mpr_printf(sc, "EEDP capabilities disabled.\n"); 854 } 855 856 mprsas_register_events(sc); 857out: 858 if (error) 859 mpr_detach_sas(sc); 860 861 mpr_dprint(sc, MPR_INIT, "%s exit, error= %d\n", __func__, error); 862 return (error); 863} 864 865int 866mpr_detach_sas(struct mpr_softc *sc) 867{ 868 struct mprsas_softc *sassc; 869 struct mprsas_lun *lun, *lun_tmp; 870 struct mprsas_target *targ; 871 int i; 872 873 MPR_FUNCTRACE(sc); 874 875 if (sc->sassc == NULL) 876 return (0); 877 878 sassc = sc->sassc; 879 mpr_deregister_events(sc, sassc->mprsas_eh); 880 881 /* 882 * Drain and free the event handling taskqueue with the lock 883 * unheld so that any parallel processing tasks drain properly 884 * without deadlocking. 885 */ 886 if (sassc->ev_tq != NULL) 887 taskqueue_free(sassc->ev_tq); 888 889 /* Deregister our async handler */ 890 if (sassc->path != NULL) { 891 xpt_register_async(0, mprsas_async, sc, sassc->path); 892 xpt_free_path(sassc->path); 893 sassc->path = NULL; 894 } 895 896 /* Make sure CAM doesn't wedge if we had to bail out early. */ 897 mpr_lock(sc); 898 899 while (sassc->startup_refcount != 0) 900 mprsas_startup_decrement(sassc); 901 902 if (sassc->flags & MPRSAS_IN_STARTUP) 903 xpt_release_simq(sassc->sim, 1); 904 905 if (sassc->sim != NULL) { 906 xpt_bus_deregister(cam_sim_path(sassc->sim)); 907 cam_sim_free(sassc->sim, FALSE); 908 } 909 910 mpr_unlock(sc); 911 912 if (sassc->devq != NULL) 913 cam_simq_free(sassc->devq); 914 915 for (i = 0; i < sassc->maxtargets; i++) { 916 targ = &sassc->targets[i]; 917 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) { 918 free(lun, M_MPR); 919 } 920 } 921 free(sassc->targets, M_MPR); 922 free(sassc, M_MPR); 923 sc->sassc = NULL; 924 925 return (0); 926} 927 928void 929mprsas_discovery_end(struct mprsas_softc *sassc) 930{ 931 struct mpr_softc *sc = sassc->sc; 932 933 MPR_FUNCTRACE(sc); 934 935 /* 936 * After discovery has completed, check the mapping table for any 937 * missing devices and update their missing counts. Only do this once 938 * whenever the driver is initialized so that missing counts aren't 939 * updated unnecessarily. Note that just because discovery has 940 * completed doesn't mean that events have been processed yet. The 941 * check_devices function is a callout timer that checks if ALL devices 942 * are missing. If so, it will wait a little longer for events to 943 * complete and keep resetting itself until some device in the mapping 944 * table is not missing, meaning that event processing has started. 945 */ 946 if (sc->track_mapping_events) { 947 mpr_dprint(sc, MPR_XINFO | MPR_MAPPING, "Discovery has " 948 "completed. Check for missing devices in the mapping " 949 "table.\n"); 950 callout_reset(&sc->device_check_callout, 951 MPR_MISSING_CHECK_DELAY * hz, mpr_mapping_check_devices, 952 sc); 953 } 954} 955 956static void 957mprsas_action(struct cam_sim *sim, union ccb *ccb) 958{ 959 struct mprsas_softc *sassc; 960 961 sassc = cam_sim_softc(sim); 962 963 MPR_FUNCTRACE(sassc->sc); 964 mpr_dprint(sassc->sc, MPR_TRACE, "ccb func_code 0x%x\n", 965 ccb->ccb_h.func_code); 966 mtx_assert(&sassc->sc->mpr_mtx, MA_OWNED); 967 968 switch (ccb->ccb_h.func_code) { 969 case XPT_PATH_INQ: 970 { 971 struct ccb_pathinq *cpi = &ccb->cpi; 972 struct mpr_softc *sc = sassc->sc; 973 974 cpi->version_num = 1; 975 cpi->hba_inquiry = PI_SDTR_ABLE|PI_TAG_ABLE|PI_WIDE_16; 976 cpi->target_sprt = 0; 977 cpi->hba_misc = PIM_NOBUSRESET | PIM_UNMAPPED | PIM_NOSCAN; 978 cpi->hba_eng_cnt = 0; 979 cpi->max_target = sassc->maxtargets - 1; 980 cpi->max_lun = 255; 981 982 /* 983 * initiator_id is set here to an ID outside the set of valid 984 * target IDs (including volumes). 985 */ 986 cpi->initiator_id = sassc->maxtargets; 987 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN); 988 strlcpy(cpi->hba_vid, "Avago Tech", HBA_IDLEN); 989 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN); 990 cpi->unit_number = cam_sim_unit(sim); 991 cpi->bus_id = cam_sim_bus(sim); 992 /* 993 * XXXSLM-I think this needs to change based on config page or 994 * something instead of hardcoded to 150000. 995 */ 996 cpi->base_transfer_speed = 150000; 997 cpi->transport = XPORT_SAS; 998 cpi->transport_version = 0; 999 cpi->protocol = PROTO_SCSI; 1000 cpi->protocol_version = SCSI_REV_SPC; 1001 cpi->maxio = sc->maxio; 1002 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1003 break; 1004 } 1005 case XPT_GET_TRAN_SETTINGS: 1006 { 1007 struct ccb_trans_settings *cts; 1008 struct ccb_trans_settings_sas *sas; 1009 struct ccb_trans_settings_scsi *scsi; 1010 struct mprsas_target *targ; 1011 1012 cts = &ccb->cts; 1013 sas = &cts->xport_specific.sas; 1014 scsi = &cts->proto_specific.scsi; 1015 1016 KASSERT(cts->ccb_h.target_id < sassc->maxtargets, 1017 ("Target %d out of bounds in XPT_GET_TRAN_SETTINGS\n", 1018 cts->ccb_h.target_id)); 1019 targ = &sassc->targets[cts->ccb_h.target_id]; 1020 if (targ->handle == 0x0) { 1021 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1022 break; 1023 } 1024 1025 cts->protocol_version = SCSI_REV_SPC2; 1026 cts->transport = XPORT_SAS; 1027 cts->transport_version = 0; 1028 1029 sas->valid = CTS_SAS_VALID_SPEED; 1030 switch (targ->linkrate) { 1031 case 0x08: 1032 sas->bitrate = 150000; 1033 break; 1034 case 0x09: 1035 sas->bitrate = 300000; 1036 break; 1037 case 0x0a: 1038 sas->bitrate = 600000; 1039 break; 1040 case 0x0b: 1041 sas->bitrate = 1200000; 1042 break; 1043 default: 1044 sas->valid = 0; 1045 } 1046 1047 cts->protocol = PROTO_SCSI; 1048 scsi->valid = CTS_SCSI_VALID_TQ; 1049 scsi->flags = CTS_SCSI_FLAGS_TAG_ENB; 1050 1051 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1052 break; 1053 } 1054 case XPT_CALC_GEOMETRY: 1055 cam_calc_geometry(&ccb->ccg, /*extended*/1); 1056 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1057 break; 1058 case XPT_RESET_DEV: 1059 mpr_dprint(sassc->sc, MPR_XINFO, "mprsas_action " 1060 "XPT_RESET_DEV\n"); 1061 mprsas_action_resetdev(sassc, ccb); 1062 return; 1063 case XPT_RESET_BUS: 1064 case XPT_ABORT: 1065 case XPT_TERM_IO: 1066 mpr_dprint(sassc->sc, MPR_XINFO, "mprsas_action faking success " 1067 "for abort or reset\n"); 1068 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1069 break; 1070 case XPT_SCSI_IO: 1071 mprsas_action_scsiio(sassc, ccb); 1072 return; 1073 case XPT_SMP_IO: 1074 mprsas_action_smpio(sassc, ccb); 1075 return; 1076 default: 1077 mprsas_set_ccbstatus(ccb, CAM_FUNC_NOTAVAIL); 1078 break; 1079 } 1080 xpt_done(ccb); 1081 1082} 1083 1084static void 1085mprsas_announce_reset(struct mpr_softc *sc, uint32_t ac_code, 1086 target_id_t target_id, lun_id_t lun_id) 1087{ 1088 path_id_t path_id = cam_sim_path(sc->sassc->sim); 1089 struct cam_path *path; 1090 1091 mpr_dprint(sc, MPR_XINFO, "%s code %x target %d lun %jx\n", __func__, 1092 ac_code, target_id, (uintmax_t)lun_id); 1093 1094 if (xpt_create_path(&path, NULL, 1095 path_id, target_id, lun_id) != CAM_REQ_CMP) { 1096 mpr_dprint(sc, MPR_ERROR, "unable to create path for reset " 1097 "notification\n"); 1098 return; 1099 } 1100 1101 xpt_async(ac_code, path, NULL); 1102 xpt_free_path(path); 1103} 1104 1105static void 1106mprsas_complete_all_commands(struct mpr_softc *sc) 1107{ 1108 struct mpr_command *cm; 1109 int i; 1110 int completed; 1111 1112 MPR_FUNCTRACE(sc); 1113 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1114 1115 /* complete all commands with a NULL reply */ 1116 for (i = 1; i < sc->num_reqs; i++) { 1117 cm = &sc->commands[i]; 1118 if (cm->cm_state == MPR_CM_STATE_FREE) 1119 continue; 1120 1121 cm->cm_state = MPR_CM_STATE_BUSY; 1122 cm->cm_reply = NULL; 1123 completed = 0; 1124 1125 if (cm->cm_flags & MPR_CM_FLAGS_SATA_ID_TIMEOUT) { 1126 MPASS(cm->cm_data); 1127 free(cm->cm_data, M_MPR); 1128 cm->cm_data = NULL; 1129 } 1130 1131 if (cm->cm_flags & MPR_CM_FLAGS_POLLED) 1132 cm->cm_flags |= MPR_CM_FLAGS_COMPLETE; 1133 1134 if (cm->cm_complete != NULL) { 1135 mprsas_log_command(cm, MPR_RECOVERY, 1136 "completing cm %p state %x ccb %p for diag reset\n", 1137 cm, cm->cm_state, cm->cm_ccb); 1138 cm->cm_complete(sc, cm); 1139 completed = 1; 1140 } else if (cm->cm_flags & MPR_CM_FLAGS_WAKEUP) { 1141 mprsas_log_command(cm, MPR_RECOVERY, 1142 "waking up cm %p state %x ccb %p for diag reset\n", 1143 cm, cm->cm_state, cm->cm_ccb); 1144 wakeup(cm); 1145 completed = 1; 1146 } 1147 1148 if ((completed == 0) && (cm->cm_state != MPR_CM_STATE_FREE)) { 1149 /* this should never happen, but if it does, log */ 1150 mprsas_log_command(cm, MPR_RECOVERY, 1151 "cm %p state %x flags 0x%x ccb %p during diag " 1152 "reset\n", cm, cm->cm_state, cm->cm_flags, 1153 cm->cm_ccb); 1154 } 1155 } 1156 1157 sc->io_cmds_active = 0; 1158} 1159 1160void 1161mprsas_handle_reinit(struct mpr_softc *sc) 1162{ 1163 int i; 1164 1165 /* Go back into startup mode and freeze the simq, so that CAM 1166 * doesn't send any commands until after we've rediscovered all 1167 * targets and found the proper device handles for them. 1168 * 1169 * After the reset, portenable will trigger discovery, and after all 1170 * discovery-related activities have finished, the simq will be 1171 * released. 1172 */ 1173 mpr_dprint(sc, MPR_INIT, "%s startup\n", __func__); 1174 sc->sassc->flags |= MPRSAS_IN_STARTUP; 1175 sc->sassc->flags |= MPRSAS_IN_DISCOVERY; 1176 mprsas_startup_increment(sc->sassc); 1177 1178 /* notify CAM of a bus reset */ 1179 mprsas_announce_reset(sc, AC_BUS_RESET, CAM_TARGET_WILDCARD, 1180 CAM_LUN_WILDCARD); 1181 1182 /* complete and cleanup after all outstanding commands */ 1183 mprsas_complete_all_commands(sc); 1184 1185 mpr_dprint(sc, MPR_INIT, "%s startup %u after command completion\n", 1186 __func__, sc->sassc->startup_refcount); 1187 1188 /* zero all the target handles, since they may change after the 1189 * reset, and we have to rediscover all the targets and use the new 1190 * handles. 1191 */ 1192 for (i = 0; i < sc->sassc->maxtargets; i++) { 1193 if (sc->sassc->targets[i].outstanding != 0) 1194 mpr_dprint(sc, MPR_INIT, "target %u outstanding %u\n", 1195 i, sc->sassc->targets[i].outstanding); 1196 sc->sassc->targets[i].handle = 0x0; 1197 sc->sassc->targets[i].exp_dev_handle = 0x0; 1198 sc->sassc->targets[i].outstanding = 0; 1199 sc->sassc->targets[i].flags = MPRSAS_TARGET_INDIAGRESET; 1200 } 1201} 1202static void 1203mprsas_tm_timeout(void *data) 1204{ 1205 struct mpr_command *tm = data; 1206 struct mpr_softc *sc = tm->cm_sc; 1207 1208 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1209 1210 mprsas_log_command(tm, MPR_INFO|MPR_RECOVERY, "task mgmt %p timed " 1211 "out\n", tm); 1212 1213 KASSERT(tm->cm_state == MPR_CM_STATE_INQUEUE, 1214 ("command not inqueue, state = %u\n", tm->cm_state)); 1215 1216 tm->cm_state = MPR_CM_STATE_BUSY; 1217 mpr_reinit(sc); 1218} 1219 1220static void 1221mprsas_logical_unit_reset_complete(struct mpr_softc *sc, struct mpr_command *tm) 1222{ 1223 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1224 unsigned int cm_count = 0; 1225 struct mpr_command *cm; 1226 struct mprsas_target *targ; 1227 1228 callout_stop(&tm->cm_callout); 1229 1230 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1231 targ = tm->cm_targ; 1232 1233 /* 1234 * Currently there should be no way we can hit this case. It only 1235 * happens when we have a failure to allocate chain frames, and 1236 * task management commands don't have S/G lists. 1237 */ 1238 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 1239 mpr_dprint(sc, MPR_RECOVERY|MPR_ERROR, 1240 "%s: cm_flags = %#x for LUN reset! " 1241 "This should not happen!\n", __func__, tm->cm_flags); 1242 mprsas_free_tm(sc, tm); 1243 return; 1244 } 1245 1246 if (reply == NULL) { 1247 mpr_dprint(sc, MPR_RECOVERY, "NULL reset reply for tm %p\n", 1248 tm); 1249 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 1250 /* this completion was due to a reset, just cleanup */ 1251 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing " 1252 "reset, ignoring NULL LUN reset reply\n"); 1253 targ->tm = NULL; 1254 mprsas_free_tm(sc, tm); 1255 } 1256 else { 1257 /* we should have gotten a reply. */ 1258 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on " 1259 "LUN reset attempt, resetting controller\n"); 1260 mpr_reinit(sc); 1261 } 1262 return; 1263 } 1264 1265 mpr_dprint(sc, MPR_RECOVERY, 1266 "logical unit reset status 0x%x code 0x%x count %u\n", 1267 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1268 le32toh(reply->TerminationCount)); 1269 1270 /* 1271 * See if there are any outstanding commands for this LUN. 1272 * This could be made more efficient by using a per-LU data 1273 * structure of some sort. 1274 */ 1275 TAILQ_FOREACH(cm, &targ->commands, cm_link) { 1276 if (cm->cm_lun == tm->cm_lun) 1277 cm_count++; 1278 } 1279 1280 if (cm_count == 0) { 1281 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1282 "Finished recovery after LUN reset for target %u\n", 1283 targ->tid); 1284 1285 mprsas_announce_reset(sc, AC_SENT_BDR, targ->tid, 1286 tm->cm_lun); 1287 1288 /* 1289 * We've finished recovery for this logical unit. check and 1290 * see if some other logical unit has a timedout command 1291 * that needs to be processed. 1292 */ 1293 cm = TAILQ_FIRST(&targ->timedout_commands); 1294 if (cm) { 1295 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1296 "More commands to abort for target %u\n", targ->tid); 1297 mprsas_send_abort(sc, tm, cm); 1298 } else { 1299 targ->tm = NULL; 1300 mprsas_free_tm(sc, tm); 1301 } 1302 } else { 1303 /* if we still have commands for this LUN, the reset 1304 * effectively failed, regardless of the status reported. 1305 * Escalate to a target reset. 1306 */ 1307 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1308 "logical unit reset complete for target %u, but still " 1309 "have %u command(s), sending target reset\n", targ->tid, 1310 cm_count); 1311 if (!targ->is_nvme || sc->custom_nvme_tm_handling) 1312 mprsas_send_reset(sc, tm, 1313 MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET); 1314 else 1315 mpr_reinit(sc); 1316 } 1317} 1318 1319static void 1320mprsas_target_reset_complete(struct mpr_softc *sc, struct mpr_command *tm) 1321{ 1322 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1323 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1324 struct mprsas_target *targ; 1325 1326 callout_stop(&tm->cm_callout); 1327 1328 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1329 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1330 targ = tm->cm_targ; 1331 1332 /* 1333 * Currently there should be no way we can hit this case. It only 1334 * happens when we have a failure to allocate chain frames, and 1335 * task management commands don't have S/G lists. 1336 */ 1337 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 1338 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for target " 1339 "reset! This should not happen!\n", __func__, tm->cm_flags); 1340 mprsas_free_tm(sc, tm); 1341 return; 1342 } 1343 1344 if (reply == NULL) { 1345 mpr_dprint(sc, MPR_RECOVERY, 1346 "NULL target reset reply for tm %p TaskMID %u\n", 1347 tm, le16toh(req->TaskMID)); 1348 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 1349 /* this completion was due to a reset, just cleanup */ 1350 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing " 1351 "reset, ignoring NULL target reset reply\n"); 1352 targ->tm = NULL; 1353 mprsas_free_tm(sc, tm); 1354 } 1355 else { 1356 /* we should have gotten a reply. */ 1357 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on " 1358 "target reset attempt, resetting controller\n"); 1359 mpr_reinit(sc); 1360 } 1361 return; 1362 } 1363 1364 mpr_dprint(sc, MPR_RECOVERY, 1365 "target reset status 0x%x code 0x%x count %u\n", 1366 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1367 le32toh(reply->TerminationCount)); 1368 1369 if (targ->outstanding == 0) { 1370 /* 1371 * We've finished recovery for this target and all 1372 * of its logical units. 1373 */ 1374 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1375 "Finished reset recovery for target %u\n", targ->tid); 1376 1377 mprsas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid, 1378 CAM_LUN_WILDCARD); 1379 1380 targ->tm = NULL; 1381 mprsas_free_tm(sc, tm); 1382 } else { 1383 /* 1384 * After a target reset, if this target still has 1385 * outstanding commands, the reset effectively failed, 1386 * regardless of the status reported. escalate. 1387 */ 1388 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1389 "Target reset complete for target %u, but still have %u " 1390 "command(s), resetting controller\n", targ->tid, 1391 targ->outstanding); 1392 mpr_reinit(sc); 1393 } 1394} 1395 1396#define MPR_RESET_TIMEOUT 30 1397 1398int 1399mprsas_send_reset(struct mpr_softc *sc, struct mpr_command *tm, uint8_t type) 1400{ 1401 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1402 struct mprsas_target *target; 1403 int err, timeout; 1404 1405 target = tm->cm_targ; 1406 if (target->handle == 0) { 1407 mpr_dprint(sc, MPR_ERROR, "%s null devhandle for target_id " 1408 "%d\n", __func__, target->tid); 1409 return -1; 1410 } 1411 1412 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1413 req->DevHandle = htole16(target->handle); 1414 req->TaskType = type; 1415 1416 if (!target->is_nvme || sc->custom_nvme_tm_handling) { 1417 timeout = MPR_RESET_TIMEOUT; 1418 /* 1419 * Target reset method = 1420 * SAS Hard Link Reset / SATA Link Reset 1421 */ 1422 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 1423 } else { 1424 timeout = (target->controller_reset_timeout) ? ( 1425 target->controller_reset_timeout) : (MPR_RESET_TIMEOUT); 1426 /* PCIe Protocol Level Reset*/ 1427 req->MsgFlags = 1428 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE; 1429 } 1430 1431 if (type == MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET) { 1432 /* XXX Need to handle invalid LUNs */ 1433 MPR_SET_LUN(req->LUN, tm->cm_lun); 1434 tm->cm_targ->logical_unit_resets++; 1435 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1436 "Sending logical unit reset to target %u lun %d\n", 1437 target->tid, tm->cm_lun); 1438 tm->cm_complete = mprsas_logical_unit_reset_complete; 1439 mprsas_prepare_for_tm(sc, tm, target, tm->cm_lun); 1440 } else if (type == MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET) { 1441 tm->cm_targ->target_resets++; 1442 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1443 "Sending target reset to target %u\n", target->tid); 1444 tm->cm_complete = mprsas_target_reset_complete; 1445 mprsas_prepare_for_tm(sc, tm, target, CAM_LUN_WILDCARD); 1446 } 1447 else { 1448 mpr_dprint(sc, MPR_ERROR, "unexpected reset type 0x%x\n", type); 1449 return -1; 1450 } 1451 1452 if (target->encl_level_valid) { 1453 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1454 "At enclosure level %d, slot %d, connector name (%4s)\n", 1455 target->encl_level, target->encl_slot, 1456 target->connector_name); 1457 } 1458 1459 tm->cm_data = NULL; 1460 tm->cm_complete_data = (void *)tm; 1461 1462 callout_reset(&tm->cm_callout, timeout * hz, 1463 mprsas_tm_timeout, tm); 1464 1465 err = mpr_map_command(sc, tm); 1466 if (err) 1467 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1468 "error %d sending reset type %u\n", err, type); 1469 1470 return err; 1471} 1472 1473static void 1474mprsas_abort_complete(struct mpr_softc *sc, struct mpr_command *tm) 1475{ 1476 struct mpr_command *cm; 1477 MPI2_SCSI_TASK_MANAGE_REPLY *reply; 1478 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1479 struct mprsas_target *targ; 1480 1481 callout_stop(&tm->cm_callout); 1482 1483 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1484 reply = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 1485 targ = tm->cm_targ; 1486 1487 /* 1488 * Currently there should be no way we can hit this case. It only 1489 * happens when we have a failure to allocate chain frames, and 1490 * task management commands don't have S/G lists. 1491 */ 1492 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 1493 mpr_dprint(sc, MPR_RECOVERY|MPR_ERROR, 1494 "cm_flags = %#x for abort %p TaskMID %u!\n", 1495 tm->cm_flags, tm, le16toh(req->TaskMID)); 1496 mprsas_free_tm(sc, tm); 1497 return; 1498 } 1499 1500 if (reply == NULL) { 1501 mpr_dprint(sc, MPR_RECOVERY, 1502 "NULL abort reply for tm %p TaskMID %u\n", 1503 tm, le16toh(req->TaskMID)); 1504 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 1505 /* this completion was due to a reset, just cleanup */ 1506 mpr_dprint(sc, MPR_RECOVERY, "Hardware undergoing " 1507 "reset, ignoring NULL abort reply\n"); 1508 targ->tm = NULL; 1509 mprsas_free_tm(sc, tm); 1510 } else { 1511 /* we should have gotten a reply. */ 1512 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, "NULL reply on " 1513 "abort attempt, resetting controller\n"); 1514 mpr_reinit(sc); 1515 } 1516 return; 1517 } 1518 1519 mpr_dprint(sc, MPR_RECOVERY, 1520 "abort TaskMID %u status 0x%x code 0x%x count %u\n", 1521 le16toh(req->TaskMID), 1522 le16toh(reply->IOCStatus), le32toh(reply->ResponseCode), 1523 le32toh(reply->TerminationCount)); 1524 1525 cm = TAILQ_FIRST(&tm->cm_targ->timedout_commands); 1526 if (cm == NULL) { 1527 /* 1528 * if there are no more timedout commands, we're done with 1529 * error recovery for this target. 1530 */ 1531 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1532 "Finished abort recovery for target %u\n", targ->tid); 1533 targ->tm = NULL; 1534 mprsas_free_tm(sc, tm); 1535 } else if (le16toh(req->TaskMID) != cm->cm_desc.Default.SMID) { 1536 /* abort success, but we have more timedout commands to abort */ 1537 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1538 "Continuing abort recovery for target %u\n", targ->tid); 1539 mprsas_send_abort(sc, tm, cm); 1540 } else { 1541 /* 1542 * we didn't get a command completion, so the abort 1543 * failed as far as we're concerned. escalate. 1544 */ 1545 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1546 "Abort failed for target %u, sending logical unit reset\n", 1547 targ->tid); 1548 1549 mprsas_send_reset(sc, tm, 1550 MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET); 1551 } 1552} 1553 1554#define MPR_ABORT_TIMEOUT 5 1555 1556static int 1557mprsas_send_abort(struct mpr_softc *sc, struct mpr_command *tm, 1558 struct mpr_command *cm) 1559{ 1560 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 1561 struct mprsas_target *targ; 1562 int err, timeout; 1563 1564 targ = cm->cm_targ; 1565 if (targ->handle == 0) { 1566 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1567 "%s null devhandle for target_id %d\n", 1568 __func__, cm->cm_ccb->ccb_h.target_id); 1569 return -1; 1570 } 1571 1572 mprsas_log_command(cm, MPR_RECOVERY|MPR_INFO, 1573 "Aborting command %p\n", cm); 1574 1575 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 1576 req->DevHandle = htole16(targ->handle); 1577 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK; 1578 1579 /* XXX Need to handle invalid LUNs */ 1580 MPR_SET_LUN(req->LUN, cm->cm_ccb->ccb_h.target_lun); 1581 1582 req->TaskMID = htole16(cm->cm_desc.Default.SMID); 1583 1584 tm->cm_data = NULL; 1585 tm->cm_complete = mprsas_abort_complete; 1586 tm->cm_complete_data = (void *)tm; 1587 tm->cm_targ = cm->cm_targ; 1588 tm->cm_lun = cm->cm_lun; 1589 1590 if (!targ->is_nvme || sc->custom_nvme_tm_handling) 1591 timeout = MPR_ABORT_TIMEOUT; 1592 else 1593 timeout = sc->nvme_abort_timeout; 1594 1595 callout_reset(&tm->cm_callout, timeout * hz, 1596 mprsas_tm_timeout, tm); 1597 1598 targ->aborts++; 1599 1600 mprsas_prepare_for_tm(sc, tm, targ, tm->cm_lun); 1601 1602 err = mpr_map_command(sc, tm); 1603 if (err) 1604 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1605 "error %d sending abort for cm %p SMID %u\n", 1606 err, cm, req->TaskMID); 1607 return err; 1608} 1609 1610static void 1611mprsas_scsiio_timeout(void *data) 1612{ 1613 sbintime_t elapsed, now; 1614 union ccb *ccb; 1615 struct mpr_softc *sc; 1616 struct mpr_command *cm; 1617 struct mprsas_target *targ; 1618 1619 cm = (struct mpr_command *)data; 1620 sc = cm->cm_sc; 1621 ccb = cm->cm_ccb; 1622 now = sbinuptime(); 1623 1624 MPR_FUNCTRACE(sc); 1625 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1626 1627 mpr_dprint(sc, MPR_XINFO|MPR_RECOVERY, "Timeout checking cm %p\n", cm); 1628 1629 /* 1630 * Run the interrupt handler to make sure it's not pending. This 1631 * isn't perfect because the command could have already completed 1632 * and been re-used, though this is unlikely. 1633 */ 1634 mpr_intr_locked(sc); 1635 if (cm->cm_flags & MPR_CM_FLAGS_ON_RECOVERY) { 1636 mprsas_log_command(cm, MPR_XINFO, 1637 "SCSI command %p almost timed out\n", cm); 1638 return; 1639 } 1640 1641 if (cm->cm_ccb == NULL) { 1642 mpr_dprint(sc, MPR_ERROR, "command timeout with NULL ccb\n"); 1643 return; 1644 } 1645 1646 targ = cm->cm_targ; 1647 targ->timeouts++; 1648 1649 elapsed = now - ccb->ccb_h.qos.sim_data; 1650 mprsas_log_command(cm, MPR_INFO|MPR_RECOVERY, 1651 "Command timeout on target %u(0x%04x), %d set, %d.%d elapsed\n", 1652 targ->tid, targ->handle, ccb->ccb_h.timeout, 1653 sbintime_getsec(elapsed), elapsed & 0xffffffff); 1654 if (targ->encl_level_valid) { 1655 mpr_dprint(sc, MPR_INFO|MPR_RECOVERY, 1656 "At enclosure level %d, slot %d, connector name (%4s)\n", 1657 targ->encl_level, targ->encl_slot, targ->connector_name); 1658 } 1659 1660 /* XXX first, check the firmware state, to see if it's still 1661 * operational. if not, do a diag reset. 1662 */ 1663 mprsas_set_ccbstatus(cm->cm_ccb, CAM_CMD_TIMEOUT); 1664 cm->cm_flags |= MPR_CM_FLAGS_ON_RECOVERY | MPR_CM_FLAGS_TIMEDOUT; 1665 TAILQ_INSERT_TAIL(&targ->timedout_commands, cm, cm_recovery); 1666 1667 if (targ->tm != NULL) { 1668 /* target already in recovery, just queue up another 1669 * timedout command to be processed later. 1670 */ 1671 mpr_dprint(sc, MPR_RECOVERY, 1672 "queued timedout cm %p for processing by tm %p\n", 1673 cm, targ->tm); 1674 } else if ((targ->tm = mprsas_alloc_tm(sc)) != NULL) { 1675 mpr_dprint(sc, MPR_RECOVERY|MPR_INFO, 1676 "Sending abort to target %u for SMID %d\n", targ->tid, 1677 cm->cm_desc.Default.SMID); 1678 mpr_dprint(sc, MPR_RECOVERY, "timedout cm %p allocated tm %p\n", 1679 cm, targ->tm); 1680 1681 /* start recovery by aborting the first timedout command */ 1682 mprsas_send_abort(sc, targ->tm, cm); 1683 } else { 1684 /* XXX queue this target up for recovery once a TM becomes 1685 * available. The firmware only has a limited number of 1686 * HighPriority credits for the high priority requests used 1687 * for task management, and we ran out. 1688 * 1689 * Isilon: don't worry about this for now, since we have 1690 * more credits than disks in an enclosure, and limit 1691 * ourselves to one TM per target for recovery. 1692 */ 1693 mpr_dprint(sc, MPR_ERROR|MPR_RECOVERY, 1694 "timedout cm %p failed to allocate a tm\n", cm); 1695 } 1696} 1697 1698/** 1699 * mprsas_build_nvme_unmap - Build Native NVMe DSM command equivalent 1700 * to SCSI Unmap. 1701 * Return 0 - for success, 1702 * 1 - to immediately return back the command with success status to CAM 1703 * negative value - to fallback to firmware path i.e. issue scsi unmap 1704 * to FW without any translation. 1705 */ 1706static int 1707mprsas_build_nvme_unmap(struct mpr_softc *sc, struct mpr_command *cm, 1708 union ccb *ccb, struct mprsas_target *targ) 1709{ 1710 Mpi26NVMeEncapsulatedRequest_t *req = NULL; 1711 struct ccb_scsiio *csio; 1712 struct unmap_parm_list *plist; 1713 struct nvme_dsm_range *nvme_dsm_ranges = NULL; 1714 struct nvme_command *c; 1715 int i, res; 1716 uint16_t ndesc, list_len, data_length; 1717 struct mpr_prp_page *prp_page_info; 1718 uint64_t nvme_dsm_ranges_dma_handle; 1719 1720 csio = &ccb->csio; 1721 list_len = (scsiio_cdb_ptr(csio)[7] << 8 | scsiio_cdb_ptr(csio)[8]); 1722 if (!list_len) { 1723 mpr_dprint(sc, MPR_ERROR, "Parameter list length is Zero\n"); 1724 return -EINVAL; 1725 } 1726 1727 plist = malloc(csio->dxfer_len, M_MPR, M_ZERO|M_NOWAIT); 1728 if (!plist) { 1729 mpr_dprint(sc, MPR_ERROR, "Unable to allocate memory to " 1730 "save UNMAP data\n"); 1731 return -ENOMEM; 1732 } 1733 1734 /* Copy SCSI unmap data to a local buffer */ 1735 bcopy(csio->data_ptr, plist, csio->dxfer_len); 1736 1737 /* return back the unmap command to CAM with success status, 1738 * if number of descripts is zero. 1739 */ 1740 ndesc = be16toh(plist->unmap_blk_desc_data_len) >> 4; 1741 if (!ndesc) { 1742 mpr_dprint(sc, MPR_XINFO, "Number of descriptors in " 1743 "UNMAP cmd is Zero\n"); 1744 res = 1; 1745 goto out; 1746 } 1747 1748 data_length = ndesc * sizeof(struct nvme_dsm_range); 1749 if (data_length > targ->MDTS) { 1750 mpr_dprint(sc, MPR_ERROR, "data length: %d is greater than " 1751 "Device's MDTS: %d\n", data_length, targ->MDTS); 1752 res = -EINVAL; 1753 goto out; 1754 } 1755 1756 prp_page_info = mpr_alloc_prp_page(sc); 1757 KASSERT(prp_page_info != NULL, ("%s: There is no PRP Page for " 1758 "UNMAP command.\n", __func__)); 1759 1760 /* 1761 * Insert the allocated PRP page into the command's PRP page list. This 1762 * will be freed when the command is freed. 1763 */ 1764 TAILQ_INSERT_TAIL(&cm->cm_prp_page_list, prp_page_info, prp_page_link); 1765 1766 nvme_dsm_ranges = (struct nvme_dsm_range *)prp_page_info->prp_page; 1767 nvme_dsm_ranges_dma_handle = prp_page_info->prp_page_busaddr; 1768 1769 bzero(nvme_dsm_ranges, data_length); 1770 1771 /* Convert SCSI unmap's descriptor data to NVMe DSM specific Range data 1772 * for each descriptors contained in SCSI UNMAP data. 1773 */ 1774 for (i = 0; i < ndesc; i++) { 1775 nvme_dsm_ranges[i].length = 1776 htole32(be32toh(plist->desc[i].nlb)); 1777 nvme_dsm_ranges[i].starting_lba = 1778 htole64(be64toh(plist->desc[i].slba)); 1779 nvme_dsm_ranges[i].attributes = 0; 1780 } 1781 1782 /* Build MPI2.6's NVMe Encapsulated Request Message */ 1783 req = (Mpi26NVMeEncapsulatedRequest_t *)cm->cm_req; 1784 bzero(req, sizeof(*req)); 1785 req->DevHandle = htole16(targ->handle); 1786 req->Function = MPI2_FUNCTION_NVME_ENCAPSULATED; 1787 req->Flags = MPI26_NVME_FLAGS_WRITE; 1788 req->ErrorResponseBaseAddress.High = 1789 htole32((uint32_t)((uint64_t)cm->cm_sense_busaddr >> 32)); 1790 req->ErrorResponseBaseAddress.Low = 1791 htole32(cm->cm_sense_busaddr); 1792 req->ErrorResponseAllocationLength = 1793 htole16(sizeof(struct nvme_completion)); 1794 req->EncapsulatedCommandLength = 1795 htole16(sizeof(struct nvme_command)); 1796 req->DataLength = htole32(data_length); 1797 1798 /* Build NVMe DSM command */ 1799 c = (struct nvme_command *) req->NVMe_Command; 1800 c->opc = NVME_OPC_DATASET_MANAGEMENT; 1801 c->nsid = htole32(csio->ccb_h.target_lun + 1); 1802 c->cdw10 = htole32(ndesc - 1); 1803 c->cdw11 = htole32(NVME_DSM_ATTR_DEALLOCATE); 1804 1805 cm->cm_length = data_length; 1806 cm->cm_data = NULL; 1807 1808 cm->cm_complete = mprsas_scsiio_complete; 1809 cm->cm_complete_data = ccb; 1810 cm->cm_targ = targ; 1811 cm->cm_lun = csio->ccb_h.target_lun; 1812 cm->cm_ccb = ccb; 1813 1814 cm->cm_desc.Default.RequestFlags = 1815 MPI26_REQ_DESCRIPT_FLAGS_PCIE_ENCAPSULATED; 1816 1817 csio->ccb_h.qos.sim_data = sbinuptime(); 1818 callout_reset_sbt(&cm->cm_callout, SBT_1MS * ccb->ccb_h.timeout, 0, 1819 mprsas_scsiio_timeout, cm, 0); 1820 1821 targ->issued++; 1822 targ->outstanding++; 1823 TAILQ_INSERT_TAIL(&targ->commands, cm, cm_link); 1824 ccb->ccb_h.status |= CAM_SIM_QUEUED; 1825 1826 mprsas_log_command(cm, MPR_XINFO, "%s cm %p ccb %p outstanding %u\n", 1827 __func__, cm, ccb, targ->outstanding); 1828 1829 mpr_build_nvme_prp(sc, cm, req, 1830 (void *)(uintptr_t)nvme_dsm_ranges_dma_handle, 0, data_length); 1831 mpr_map_command(sc, cm); 1832 res = 0; 1833 1834out: 1835 free(plist, M_MPR); 1836 return (res); 1837} 1838 1839static void 1840mprsas_action_scsiio(struct mprsas_softc *sassc, union ccb *ccb) 1841{ 1842 MPI2_SCSI_IO_REQUEST *req; 1843 struct ccb_scsiio *csio; 1844 struct mpr_softc *sc; 1845 struct mprsas_target *targ; 1846 struct mprsas_lun *lun; 1847 struct mpr_command *cm; 1848 uint8_t i, lba_byte, *ref_tag_addr, scsi_opcode; 1849 uint16_t eedp_flags; 1850 uint32_t mpi_control; 1851 int rc; 1852 1853 sc = sassc->sc; 1854 MPR_FUNCTRACE(sc); 1855 mtx_assert(&sc->mpr_mtx, MA_OWNED); 1856 1857 csio = &ccb->csio; 1858 KASSERT(csio->ccb_h.target_id < sassc->maxtargets, 1859 ("Target %d out of bounds in XPT_SCSI_IO\n", 1860 csio->ccb_h.target_id)); 1861 targ = &sassc->targets[csio->ccb_h.target_id]; 1862 mpr_dprint(sc, MPR_TRACE, "ccb %p target flag %x\n", ccb, targ->flags); 1863 if (targ->handle == 0x0) { 1864 if (targ->flags & MPRSAS_TARGET_INDIAGRESET) { 1865 mpr_dprint(sc, MPR_ERROR, 1866 "%s NULL handle for target %u in diag reset freezing queue\n", 1867 __func__, csio->ccb_h.target_id); 1868 ccb->ccb_h.status = CAM_REQUEUE_REQ | CAM_DEV_QFRZN; 1869 xpt_freeze_devq(ccb->ccb_h.path, 1); 1870 xpt_done(ccb); 1871 return; 1872 } 1873 mpr_dprint(sc, MPR_ERROR, "%s NULL handle for target %u\n", 1874 __func__, csio->ccb_h.target_id); 1875 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1876 xpt_done(ccb); 1877 return; 1878 } 1879 if (targ->flags & MPR_TARGET_FLAGS_RAID_COMPONENT) { 1880 mpr_dprint(sc, MPR_ERROR, "%s Raid component no SCSI IO " 1881 "supported %u\n", __func__, csio->ccb_h.target_id); 1882 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1883 xpt_done(ccb); 1884 return; 1885 } 1886 /* 1887 * Sometimes, it is possible to get a command that is not "In 1888 * Progress" and was actually aborted by the upper layer. Check for 1889 * this here and complete the command without error. 1890 */ 1891 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_INPROG) { 1892 mpr_dprint(sc, MPR_TRACE, "%s Command is not in progress for " 1893 "target %u\n", __func__, csio->ccb_h.target_id); 1894 xpt_done(ccb); 1895 return; 1896 } 1897 /* 1898 * If devinfo is 0 this will be a volume. In that case don't tell CAM 1899 * that the volume has timed out. We want volumes to be enumerated 1900 * until they are deleted/removed, not just failed. In either event, 1901 * we're removing the target due to a firmware event telling us 1902 * the device is now gone (as opposed to some transient event). Since 1903 * we're opting to remove failed devices from the OS's view, we need 1904 * to propagate that status up the stack. 1905 */ 1906 if (targ->flags & MPRSAS_TARGET_INREMOVAL) { 1907 if (targ->devinfo == 0) 1908 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1909 else 1910 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1911 xpt_done(ccb); 1912 return; 1913 } 1914 1915 if ((sc->mpr_flags & MPR_FLAGS_SHUTDOWN) != 0) { 1916 mpr_dprint(sc, MPR_INFO, "%s shutting down\n", __func__); 1917 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 1918 xpt_done(ccb); 1919 return; 1920 } 1921 1922 /* 1923 * If target has a reset in progress, the devq should be frozen. 1924 * Geting here we likely hit a race, so just requeue. 1925 */ 1926 if (targ->flags & MPRSAS_TARGET_INRESET) { 1927 ccb->ccb_h.status = CAM_REQUEUE_REQ | CAM_DEV_QFRZN; 1928 mpr_dprint(sc, MPR_XINFO | MPR_RECOVERY, 1929 "%s: Freezing devq for target ID %d\n", 1930 __func__, targ->tid); 1931 xpt_freeze_devq(ccb->ccb_h.path, 1); 1932 xpt_done(ccb); 1933 return; 1934 } 1935 1936 cm = mpr_alloc_command(sc); 1937 if (cm == NULL || (sc->mpr_flags & MPR_FLAGS_DIAGRESET)) { 1938 if (cm != NULL) { 1939 mpr_free_command(sc, cm); 1940 } 1941 if ((sassc->flags & MPRSAS_QUEUE_FROZEN) == 0) { 1942 xpt_freeze_simq(sassc->sim, 1); 1943 sassc->flags |= MPRSAS_QUEUE_FROZEN; 1944 } 1945 ccb->ccb_h.status &= ~CAM_SIM_QUEUED; 1946 ccb->ccb_h.status |= CAM_REQUEUE_REQ; 1947 xpt_done(ccb); 1948 return; 1949 } 1950 1951 /* For NVME device's issue UNMAP command directly to NVME drives by 1952 * constructing equivalent native NVMe DataSetManagement command. 1953 */ 1954 scsi_opcode = scsiio_cdb_ptr(csio)[0]; 1955 if (scsi_opcode == UNMAP && 1956 targ->is_nvme && 1957 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) { 1958 rc = mprsas_build_nvme_unmap(sc, cm, ccb, targ); 1959 if (rc == 1) { /* return command to CAM with success status */ 1960 mpr_free_command(sc, cm); 1961 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 1962 xpt_done(ccb); 1963 return; 1964 } else if (!rc) /* Issued NVMe Encapsulated Request Message */ 1965 return; 1966 } 1967 1968 req = (MPI2_SCSI_IO_REQUEST *)cm->cm_req; 1969 bzero(req, sizeof(*req)); 1970 req->DevHandle = htole16(targ->handle); 1971 req->Function = MPI2_FUNCTION_SCSI_IO_REQUEST; 1972 req->MsgFlags = 0; 1973 req->SenseBufferLowAddress = htole32(cm->cm_sense_busaddr); 1974 req->SenseBufferLength = MPR_SENSE_LEN; 1975 req->SGLFlags = 0; 1976 req->ChainOffset = 0; 1977 req->SGLOffset0 = 24; /* 32bit word offset to the SGL */ 1978 req->SGLOffset1= 0; 1979 req->SGLOffset2= 0; 1980 req->SGLOffset3= 0; 1981 req->SkipCount = 0; 1982 req->DataLength = htole32(csio->dxfer_len); 1983 req->BidirectionalDataLength = 0; 1984 req->IoFlags = htole16(csio->cdb_len); 1985 req->EEDPFlags = 0; 1986 1987 /* Note: BiDirectional transfers are not supported */ 1988 switch (csio->ccb_h.flags & CAM_DIR_MASK) { 1989 case CAM_DIR_IN: 1990 mpi_control = MPI2_SCSIIO_CONTROL_READ; 1991 cm->cm_flags |= MPR_CM_FLAGS_DATAIN; 1992 break; 1993 case CAM_DIR_OUT: 1994 mpi_control = MPI2_SCSIIO_CONTROL_WRITE; 1995 cm->cm_flags |= MPR_CM_FLAGS_DATAOUT; 1996 break; 1997 case CAM_DIR_NONE: 1998 default: 1999 mpi_control = MPI2_SCSIIO_CONTROL_NODATATRANSFER; 2000 break; 2001 } 2002 2003 if (csio->cdb_len == 32) 2004 mpi_control |= 4 << MPI2_SCSIIO_CONTROL_ADDCDBLEN_SHIFT; 2005 /* 2006 * It looks like the hardware doesn't require an explicit tag 2007 * number for each transaction. SAM Task Management not supported 2008 * at the moment. 2009 */ 2010 switch (csio->tag_action) { 2011 case MSG_HEAD_OF_Q_TAG: 2012 mpi_control |= MPI2_SCSIIO_CONTROL_HEADOFQ; 2013 break; 2014 case MSG_ORDERED_Q_TAG: 2015 mpi_control |= MPI2_SCSIIO_CONTROL_ORDEREDQ; 2016 break; 2017 case MSG_ACA_TASK: 2018 mpi_control |= MPI2_SCSIIO_CONTROL_ACAQ; 2019 break; 2020 case CAM_TAG_ACTION_NONE: 2021 case MSG_SIMPLE_Q_TAG: 2022 default: 2023 mpi_control |= MPI2_SCSIIO_CONTROL_SIMPLEQ; 2024 break; 2025 } 2026 mpi_control |= (csio->priority << MPI2_SCSIIO_CONTROL_CMDPRI_SHIFT) & 2027 MPI2_SCSIIO_CONTROL_CMDPRI_MASK; 2028 mpi_control |= sc->mapping_table[csio->ccb_h.target_id].TLR_bits; 2029 req->Control = htole32(mpi_control); 2030 2031 if (MPR_SET_LUN(req->LUN, csio->ccb_h.target_lun) != 0) { 2032 mpr_free_command(sc, cm); 2033 mprsas_set_ccbstatus(ccb, CAM_LUN_INVALID); 2034 xpt_done(ccb); 2035 return; 2036 } 2037 2038 if (csio->ccb_h.flags & CAM_CDB_POINTER) 2039 bcopy(csio->cdb_io.cdb_ptr, &req->CDB.CDB32[0], csio->cdb_len); 2040 else { 2041 KASSERT(csio->cdb_len <= IOCDBLEN, 2042 ("cdb_len %d is greater than IOCDBLEN but CAM_CDB_POINTER " 2043 "is not set", csio->cdb_len)); 2044 bcopy(csio->cdb_io.cdb_bytes, &req->CDB.CDB32[0],csio->cdb_len); 2045 } 2046 req->IoFlags = htole16(csio->cdb_len); 2047 2048 /* 2049 * Check if EEDP is supported and enabled. If it is then check if the 2050 * SCSI opcode could be using EEDP. If so, make sure the LUN exists and 2051 * is formatted for EEDP support. If all of this is true, set CDB up 2052 * for EEDP transfer. 2053 */ 2054 eedp_flags = op_code_prot[req->CDB.CDB32[0]]; 2055 if (sc->eedp_enabled && eedp_flags) { 2056 SLIST_FOREACH(lun, &targ->luns, lun_link) { 2057 if (lun->lun_id == csio->ccb_h.target_lun) { 2058 break; 2059 } 2060 } 2061 2062 if ((lun != NULL) && (lun->eedp_formatted)) { 2063 req->EEDPBlockSize = htole32(lun->eedp_block_size); 2064 eedp_flags |= (MPI2_SCSIIO_EEDPFLAGS_INC_PRI_REFTAG | 2065 MPI2_SCSIIO_EEDPFLAGS_CHECK_REFTAG | 2066 MPI2_SCSIIO_EEDPFLAGS_CHECK_GUARD); 2067 if (sc->mpr_flags & MPR_FLAGS_GEN35_IOC) { 2068 eedp_flags |= 2069 MPI25_SCSIIO_EEDPFLAGS_APPTAG_DISABLE_MODE; 2070 } 2071 req->EEDPFlags = htole16(eedp_flags); 2072 2073 /* 2074 * If CDB less than 32, fill in Primary Ref Tag with 2075 * low 4 bytes of LBA. If CDB is 32, tag stuff is 2076 * already there. Also, set protection bit. FreeBSD 2077 * currently does not support CDBs bigger than 16, but 2078 * the code doesn't hurt, and will be here for the 2079 * future. 2080 */ 2081 if (csio->cdb_len != 32) { 2082 lba_byte = (csio->cdb_len == 16) ? 6 : 2; 2083 ref_tag_addr = (uint8_t *)&req->CDB.EEDP32. 2084 PrimaryReferenceTag; 2085 for (i = 0; i < 4; i++) { 2086 *ref_tag_addr = 2087 req->CDB.CDB32[lba_byte + i]; 2088 ref_tag_addr++; 2089 } 2090 req->CDB.EEDP32.PrimaryReferenceTag = 2091 htole32(req-> 2092 CDB.EEDP32.PrimaryReferenceTag); 2093 req->CDB.EEDP32.PrimaryApplicationTagMask = 2094 0xFFFF; 2095 req->CDB.CDB32[1] = 2096 (req->CDB.CDB32[1] & 0x1F) | 0x20; 2097 } else { 2098 eedp_flags |= 2099 MPI2_SCSIIO_EEDPFLAGS_INC_PRI_APPTAG; 2100 req->EEDPFlags = htole16(eedp_flags); 2101 req->CDB.CDB32[10] = (req->CDB.CDB32[10] & 2102 0x1F) | 0x20; 2103 } 2104 } 2105 } 2106 2107 cm->cm_length = csio->dxfer_len; 2108 if (cm->cm_length != 0) { 2109 cm->cm_data = ccb; 2110 cm->cm_flags |= MPR_CM_FLAGS_USE_CCB; 2111 } else { 2112 cm->cm_data = NULL; 2113 } 2114 cm->cm_sge = &req->SGL; 2115 cm->cm_sglsize = (32 - 24) * 4; 2116 cm->cm_complete = mprsas_scsiio_complete; 2117 cm->cm_complete_data = ccb; 2118 cm->cm_targ = targ; 2119 cm->cm_lun = csio->ccb_h.target_lun; 2120 cm->cm_ccb = ccb; 2121 /* 2122 * If using FP desc type, need to set a bit in IoFlags (SCSI IO is 0) 2123 * and set descriptor type. 2124 */ 2125 if (targ->scsi_req_desc_type == 2126 MPI25_REQ_DESCRIPT_FLAGS_FAST_PATH_SCSI_IO) { 2127 req->IoFlags |= MPI25_SCSIIO_IOFLAGS_FAST_PATH; 2128 cm->cm_desc.FastPathSCSIIO.RequestFlags = 2129 MPI25_REQ_DESCRIPT_FLAGS_FAST_PATH_SCSI_IO; 2130 if (!sc->atomic_desc_capable) { 2131 cm->cm_desc.FastPathSCSIIO.DevHandle = 2132 htole16(targ->handle); 2133 } 2134 } else { 2135 cm->cm_desc.SCSIIO.RequestFlags = 2136 MPI2_REQ_DESCRIPT_FLAGS_SCSI_IO; 2137 if (!sc->atomic_desc_capable) 2138 cm->cm_desc.SCSIIO.DevHandle = htole16(targ->handle); 2139 } 2140 2141 csio->ccb_h.qos.sim_data = sbinuptime(); 2142 callout_reset_sbt(&cm->cm_callout, SBT_1MS * ccb->ccb_h.timeout, 0, 2143 mprsas_scsiio_timeout, cm, 0); 2144 2145 targ->issued++; 2146 targ->outstanding++; 2147 TAILQ_INSERT_TAIL(&targ->commands, cm, cm_link); 2148 ccb->ccb_h.status |= CAM_SIM_QUEUED; 2149 2150 mprsas_log_command(cm, MPR_XINFO, "%s cm %p ccb %p outstanding %u\n", 2151 __func__, cm, ccb, targ->outstanding); 2152 2153 mpr_map_command(sc, cm); 2154 return; 2155} 2156 2157/** 2158 * mpr_sc_failed_io_info - translated non-succesfull SCSI_IO request 2159 */ 2160static void 2161mpr_sc_failed_io_info(struct mpr_softc *sc, struct ccb_scsiio *csio, 2162 Mpi2SCSIIOReply_t *mpi_reply, struct mprsas_target *targ) 2163{ 2164 u32 response_info; 2165 u8 *response_bytes; 2166 u16 ioc_status = le16toh(mpi_reply->IOCStatus) & 2167 MPI2_IOCSTATUS_MASK; 2168 u8 scsi_state = mpi_reply->SCSIState; 2169 u8 scsi_status = mpi_reply->SCSIStatus; 2170 char *desc_ioc_state = NULL; 2171 char *desc_scsi_status = NULL; 2172 u32 log_info = le32toh(mpi_reply->IOCLogInfo); 2173 2174 if (log_info == 0x31170000) 2175 return; 2176 2177 desc_ioc_state = mpr_describe_table(mpr_iocstatus_string, 2178 ioc_status); 2179 desc_scsi_status = mpr_describe_table(mpr_scsi_status_string, 2180 scsi_status); 2181 2182 mpr_dprint(sc, MPR_XINFO, "\thandle(0x%04x), ioc_status(%s)(0x%04x)\n", 2183 le16toh(mpi_reply->DevHandle), desc_ioc_state, ioc_status); 2184 if (targ->encl_level_valid) { 2185 mpr_dprint(sc, MPR_XINFO, "At enclosure level %d, slot %d, " 2186 "connector name (%4s)\n", targ->encl_level, targ->encl_slot, 2187 targ->connector_name); 2188 } 2189 2190 /* 2191 * We can add more detail about underflow data here 2192 * TO-DO 2193 */ 2194 mpr_dprint(sc, MPR_XINFO, "\tscsi_status(%s)(0x%02x), " 2195 "scsi_state %b\n", desc_scsi_status, scsi_status, 2196 scsi_state, "\20" "\1AutosenseValid" "\2AutosenseFailed" 2197 "\3NoScsiStatus" "\4Terminated" "\5Response InfoValid"); 2198 2199 if (sc->mpr_debug & MPR_XINFO && 2200 scsi_state & MPI2_SCSI_STATE_AUTOSENSE_VALID) { 2201 mpr_dprint(sc, MPR_XINFO, "-> Sense Buffer Data : Start :\n"); 2202 scsi_sense_print(csio); 2203 mpr_dprint(sc, MPR_XINFO, "-> Sense Buffer Data : End :\n"); 2204 } 2205 2206 if (scsi_state & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) { 2207 response_info = le32toh(mpi_reply->ResponseInfo); 2208 response_bytes = (u8 *)&response_info; 2209 mpr_dprint(sc, MPR_XINFO, "response code(0x%01x): %s\n", 2210 response_bytes[0], 2211 mpr_describe_table(mpr_scsi_taskmgmt_string, 2212 response_bytes[0])); 2213 } 2214} 2215 2216/** mprsas_nvme_trans_status_code 2217 * 2218 * Convert Native NVMe command error status to 2219 * equivalent SCSI error status. 2220 * 2221 * Returns appropriate scsi_status 2222 */ 2223static u8 2224mprsas_nvme_trans_status_code(uint16_t nvme_status, 2225 struct mpr_command *cm) 2226{ 2227 u8 status = MPI2_SCSI_STATUS_GOOD; 2228 int skey, asc, ascq; 2229 union ccb *ccb = cm->cm_complete_data; 2230 int returned_sense_len; 2231 uint8_t sct, sc; 2232 2233 sct = NVME_STATUS_GET_SCT(nvme_status); 2234 sc = NVME_STATUS_GET_SC(nvme_status); 2235 2236 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2237 skey = SSD_KEY_ILLEGAL_REQUEST; 2238 asc = SCSI_ASC_NO_SENSE; 2239 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2240 2241 switch (sct) { 2242 case NVME_SCT_GENERIC: 2243 switch (sc) { 2244 case NVME_SC_SUCCESS: 2245 status = MPI2_SCSI_STATUS_GOOD; 2246 skey = SSD_KEY_NO_SENSE; 2247 asc = SCSI_ASC_NO_SENSE; 2248 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2249 break; 2250 case NVME_SC_INVALID_OPCODE: 2251 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2252 skey = SSD_KEY_ILLEGAL_REQUEST; 2253 asc = SCSI_ASC_ILLEGAL_COMMAND; 2254 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2255 break; 2256 case NVME_SC_INVALID_FIELD: 2257 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2258 skey = SSD_KEY_ILLEGAL_REQUEST; 2259 asc = SCSI_ASC_INVALID_CDB; 2260 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2261 break; 2262 case NVME_SC_DATA_TRANSFER_ERROR: 2263 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2264 skey = SSD_KEY_MEDIUM_ERROR; 2265 asc = SCSI_ASC_NO_SENSE; 2266 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2267 break; 2268 case NVME_SC_ABORTED_POWER_LOSS: 2269 status = MPI2_SCSI_STATUS_TASK_ABORTED; 2270 skey = SSD_KEY_ABORTED_COMMAND; 2271 asc = SCSI_ASC_WARNING; 2272 ascq = SCSI_ASCQ_POWER_LOSS_EXPECTED; 2273 break; 2274 case NVME_SC_INTERNAL_DEVICE_ERROR: 2275 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2276 skey = SSD_KEY_HARDWARE_ERROR; 2277 asc = SCSI_ASC_INTERNAL_TARGET_FAILURE; 2278 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2279 break; 2280 case NVME_SC_ABORTED_BY_REQUEST: 2281 case NVME_SC_ABORTED_SQ_DELETION: 2282 case NVME_SC_ABORTED_FAILED_FUSED: 2283 case NVME_SC_ABORTED_MISSING_FUSED: 2284 status = MPI2_SCSI_STATUS_TASK_ABORTED; 2285 skey = SSD_KEY_ABORTED_COMMAND; 2286 asc = SCSI_ASC_NO_SENSE; 2287 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2288 break; 2289 case NVME_SC_INVALID_NAMESPACE_OR_FORMAT: 2290 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2291 skey = SSD_KEY_ILLEGAL_REQUEST; 2292 asc = SCSI_ASC_ACCESS_DENIED_INVALID_LUN_ID; 2293 ascq = SCSI_ASCQ_INVALID_LUN_ID; 2294 break; 2295 case NVME_SC_LBA_OUT_OF_RANGE: 2296 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2297 skey = SSD_KEY_ILLEGAL_REQUEST; 2298 asc = SCSI_ASC_ILLEGAL_BLOCK; 2299 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2300 break; 2301 case NVME_SC_CAPACITY_EXCEEDED: 2302 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2303 skey = SSD_KEY_MEDIUM_ERROR; 2304 asc = SCSI_ASC_NO_SENSE; 2305 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2306 break; 2307 case NVME_SC_NAMESPACE_NOT_READY: 2308 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2309 skey = SSD_KEY_NOT_READY; 2310 asc = SCSI_ASC_LUN_NOT_READY; 2311 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2312 break; 2313 } 2314 break; 2315 case NVME_SCT_COMMAND_SPECIFIC: 2316 switch (sc) { 2317 case NVME_SC_INVALID_FORMAT: 2318 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2319 skey = SSD_KEY_ILLEGAL_REQUEST; 2320 asc = SCSI_ASC_FORMAT_COMMAND_FAILED; 2321 ascq = SCSI_ASCQ_FORMAT_COMMAND_FAILED; 2322 break; 2323 case NVME_SC_CONFLICTING_ATTRIBUTES: 2324 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2325 skey = SSD_KEY_ILLEGAL_REQUEST; 2326 asc = SCSI_ASC_INVALID_CDB; 2327 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2328 break; 2329 } 2330 break; 2331 case NVME_SCT_MEDIA_ERROR: 2332 switch (sc) { 2333 case NVME_SC_WRITE_FAULTS: 2334 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2335 skey = SSD_KEY_MEDIUM_ERROR; 2336 asc = SCSI_ASC_PERIPHERAL_DEV_WRITE_FAULT; 2337 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2338 break; 2339 case NVME_SC_UNRECOVERED_READ_ERROR: 2340 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2341 skey = SSD_KEY_MEDIUM_ERROR; 2342 asc = SCSI_ASC_UNRECOVERED_READ_ERROR; 2343 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2344 break; 2345 case NVME_SC_GUARD_CHECK_ERROR: 2346 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2347 skey = SSD_KEY_MEDIUM_ERROR; 2348 asc = SCSI_ASC_LOG_BLOCK_GUARD_CHECK_FAILED; 2349 ascq = SCSI_ASCQ_LOG_BLOCK_GUARD_CHECK_FAILED; 2350 break; 2351 case NVME_SC_APPLICATION_TAG_CHECK_ERROR: 2352 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2353 skey = SSD_KEY_MEDIUM_ERROR; 2354 asc = SCSI_ASC_LOG_BLOCK_APPTAG_CHECK_FAILED; 2355 ascq = SCSI_ASCQ_LOG_BLOCK_APPTAG_CHECK_FAILED; 2356 break; 2357 case NVME_SC_REFERENCE_TAG_CHECK_ERROR: 2358 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2359 skey = SSD_KEY_MEDIUM_ERROR; 2360 asc = SCSI_ASC_LOG_BLOCK_REFTAG_CHECK_FAILED; 2361 ascq = SCSI_ASCQ_LOG_BLOCK_REFTAG_CHECK_FAILED; 2362 break; 2363 case NVME_SC_COMPARE_FAILURE: 2364 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2365 skey = SSD_KEY_MISCOMPARE; 2366 asc = SCSI_ASC_MISCOMPARE_DURING_VERIFY; 2367 ascq = SCSI_ASCQ_CAUSE_NOT_REPORTABLE; 2368 break; 2369 case NVME_SC_ACCESS_DENIED: 2370 status = MPI2_SCSI_STATUS_CHECK_CONDITION; 2371 skey = SSD_KEY_ILLEGAL_REQUEST; 2372 asc = SCSI_ASC_ACCESS_DENIED_INVALID_LUN_ID; 2373 ascq = SCSI_ASCQ_INVALID_LUN_ID; 2374 break; 2375 } 2376 break; 2377 } 2378 2379 returned_sense_len = sizeof(struct scsi_sense_data); 2380 if (returned_sense_len < ccb->csio.sense_len) 2381 ccb->csio.sense_resid = ccb->csio.sense_len - 2382 returned_sense_len; 2383 else 2384 ccb->csio.sense_resid = 0; 2385 2386 scsi_set_sense_data(&ccb->csio.sense_data, SSD_TYPE_FIXED, 2387 1, skey, asc, ascq, SSD_ELEM_NONE); 2388 ccb->ccb_h.status |= CAM_AUTOSNS_VALID; 2389 2390 return status; 2391} 2392 2393/** mprsas_complete_nvme_unmap 2394 * 2395 * Complete native NVMe command issued using NVMe Encapsulated 2396 * Request Message. 2397 */ 2398static u8 2399mprsas_complete_nvme_unmap(struct mpr_softc *sc, struct mpr_command *cm) 2400{ 2401 Mpi26NVMeEncapsulatedErrorReply_t *mpi_reply; 2402 struct nvme_completion *nvme_completion = NULL; 2403 u8 scsi_status = MPI2_SCSI_STATUS_GOOD; 2404 2405 mpi_reply =(Mpi26NVMeEncapsulatedErrorReply_t *)cm->cm_reply; 2406 if (le16toh(mpi_reply->ErrorResponseCount)){ 2407 nvme_completion = (struct nvme_completion *)cm->cm_sense; 2408 scsi_status = mprsas_nvme_trans_status_code( 2409 nvme_completion->status, cm); 2410 } 2411 return scsi_status; 2412} 2413 2414static void 2415mprsas_scsiio_complete(struct mpr_softc *sc, struct mpr_command *cm) 2416{ 2417 MPI2_SCSI_IO_REPLY *rep; 2418 union ccb *ccb; 2419 struct ccb_scsiio *csio; 2420 struct mprsas_softc *sassc; 2421 struct scsi_vpd_supported_page_list *vpd_list = NULL; 2422 u8 *TLR_bits, TLR_on, *scsi_cdb; 2423 int dir = 0, i; 2424 u16 alloc_len; 2425 struct mprsas_target *target; 2426 target_id_t target_id; 2427 2428 MPR_FUNCTRACE(sc); 2429 2430 callout_stop(&cm->cm_callout); 2431 mtx_assert(&sc->mpr_mtx, MA_OWNED); 2432 2433 sassc = sc->sassc; 2434 ccb = cm->cm_complete_data; 2435 csio = &ccb->csio; 2436 target_id = csio->ccb_h.target_id; 2437 rep = (MPI2_SCSI_IO_REPLY *)cm->cm_reply; 2438 mpr_dprint(sc, MPR_TRACE, 2439 "cm %p SMID %u ccb %p reply %p outstanding %u csio->scsi_status 0x%x," 2440 "csio->dxfer_len 0x%x, csio->msg_le 0x%xn\n", cm, 2441 cm->cm_desc.Default.SMID, cm->cm_ccb, cm->cm_reply, 2442 cm->cm_targ->outstanding, csio->scsi_status, 2443 csio->dxfer_len, csio->msg_len); 2444 /* 2445 * XXX KDM if the chain allocation fails, does it matter if we do 2446 * the sync and unload here? It is simpler to do it in every case, 2447 * assuming it doesn't cause problems. 2448 */ 2449 if (cm->cm_data != NULL) { 2450 if (cm->cm_flags & MPR_CM_FLAGS_DATAIN) 2451 dir = BUS_DMASYNC_POSTREAD; 2452 else if (cm->cm_flags & MPR_CM_FLAGS_DATAOUT) 2453 dir = BUS_DMASYNC_POSTWRITE; 2454 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, dir); 2455 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap); 2456 } 2457 2458 cm->cm_targ->completed++; 2459 cm->cm_targ->outstanding--; 2460 TAILQ_REMOVE(&cm->cm_targ->commands, cm, cm_link); 2461 ccb->ccb_h.status &= ~(CAM_STATUS_MASK | CAM_SIM_QUEUED); 2462 2463 if (cm->cm_flags & MPR_CM_FLAGS_ON_RECOVERY) { 2464 TAILQ_REMOVE(&cm->cm_targ->timedout_commands, cm, cm_recovery); 2465 KASSERT(cm->cm_state == MPR_CM_STATE_BUSY, 2466 ("Not busy for CM_FLAGS_TIMEDOUT: %u\n", cm->cm_state)); 2467 cm->cm_flags &= ~MPR_CM_FLAGS_ON_RECOVERY; 2468 if (cm->cm_reply != NULL) 2469 mprsas_log_command(cm, MPR_RECOVERY, 2470 "completed timedout cm %p ccb %p during recovery " 2471 "ioc %x scsi %x state %x xfer %u\n", cm, cm->cm_ccb, 2472 le16toh(rep->IOCStatus), rep->SCSIStatus, 2473 rep->SCSIState, le32toh(rep->TransferCount)); 2474 else 2475 mprsas_log_command(cm, MPR_RECOVERY, 2476 "completed timedout cm %p ccb %p during recovery\n", 2477 cm, cm->cm_ccb); 2478 } else if (cm->cm_targ->tm != NULL) { 2479 if (cm->cm_reply != NULL) 2480 mprsas_log_command(cm, MPR_RECOVERY, 2481 "completed cm %p ccb %p during recovery " 2482 "ioc %x scsi %x state %x xfer %u\n", 2483 cm, cm->cm_ccb, le16toh(rep->IOCStatus), 2484 rep->SCSIStatus, rep->SCSIState, 2485 le32toh(rep->TransferCount)); 2486 else 2487 mprsas_log_command(cm, MPR_RECOVERY, 2488 "completed cm %p ccb %p during recovery\n", 2489 cm, cm->cm_ccb); 2490 } else if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) { 2491 mprsas_log_command(cm, MPR_RECOVERY, 2492 "reset completed cm %p ccb %p\n", cm, cm->cm_ccb); 2493 } 2494 2495 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 2496 /* 2497 * We ran into an error after we tried to map the command, 2498 * so we're getting a callback without queueing the command 2499 * to the hardware. So we set the status here, and it will 2500 * be retained below. We'll go through the "fast path", 2501 * because there can be no reply when we haven't actually 2502 * gone out to the hardware. 2503 */ 2504 mprsas_set_ccbstatus(ccb, CAM_REQUEUE_REQ); 2505 2506 /* 2507 * Currently the only error included in the mask is 2508 * MPR_CM_FLAGS_CHAIN_FAILED, which means we're out of 2509 * chain frames. We need to freeze the queue until we get 2510 * a command that completed without this error, which will 2511 * hopefully have some chain frames attached that we can 2512 * use. If we wanted to get smarter about it, we would 2513 * only unfreeze the queue in this condition when we're 2514 * sure that we're getting some chain frames back. That's 2515 * probably unnecessary. 2516 */ 2517 if ((sassc->flags & MPRSAS_QUEUE_FROZEN) == 0) { 2518 xpt_freeze_simq(sassc->sim, 1); 2519 sassc->flags |= MPRSAS_QUEUE_FROZEN; 2520 mpr_dprint(sc, MPR_XINFO | MPR_RECOVERY, 2521 "Error sending command, freezing SIM queue\n"); 2522 } 2523 } 2524 2525 /* 2526 * Point to the SCSI CDB, which is dependent on the CAM_CDB_POINTER 2527 * flag, and use it in a few places in the rest of this function for 2528 * convenience. Use the macro if available. 2529 */ 2530 scsi_cdb = scsiio_cdb_ptr(csio); 2531 2532 /* 2533 * If this is a Start Stop Unit command and it was issued by the driver 2534 * during shutdown, decrement the refcount to account for all of the 2535 * commands that were sent. All SSU commands should be completed before 2536 * shutdown completes, meaning SSU_refcount will be 0 after SSU_started 2537 * is TRUE. 2538 */ 2539 if (sc->SSU_started && (scsi_cdb[0] == START_STOP_UNIT)) { 2540 mpr_dprint(sc, MPR_INFO, "Decrementing SSU count.\n"); 2541 sc->SSU_refcount--; 2542 } 2543 2544 /* Take the fast path to completion */ 2545 if (cm->cm_reply == NULL) { 2546 if (mprsas_get_ccbstatus(ccb) == CAM_REQ_INPROG) { 2547 if ((sc->mpr_flags & MPR_FLAGS_DIAGRESET) != 0) 2548 mprsas_set_ccbstatus(ccb, CAM_SCSI_BUS_RESET); 2549 else { 2550 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2551 csio->scsi_status = SCSI_STATUS_OK; 2552 } 2553 if (sassc->flags & MPRSAS_QUEUE_FROZEN) { 2554 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 2555 sassc->flags &= ~MPRSAS_QUEUE_FROZEN; 2556 mpr_dprint(sc, MPR_XINFO | MPR_RECOVERY, 2557 "Unfreezing SIM queue\n"); 2558 } 2559 } 2560 2561 /* 2562 * There are two scenarios where the status won't be 2563 * CAM_REQ_CMP. The first is if MPR_CM_FLAGS_ERROR_MASK is 2564 * set, the second is in the MPR_FLAGS_DIAGRESET above. 2565 */ 2566 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_CMP) { 2567 /* 2568 * Freeze the dev queue so that commands are 2569 * executed in the correct order after error 2570 * recovery. 2571 */ 2572 ccb->ccb_h.status |= CAM_DEV_QFRZN; 2573 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1); 2574 } 2575 mpr_free_command(sc, cm); 2576 xpt_done(ccb); 2577 return; 2578 } 2579 2580 target = &sassc->targets[target_id]; 2581 if (scsi_cdb[0] == UNMAP && 2582 target->is_nvme && 2583 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) { 2584 rep->SCSIStatus = mprsas_complete_nvme_unmap(sc, cm); 2585 csio->scsi_status = rep->SCSIStatus; 2586 } 2587 2588 mprsas_log_command(cm, MPR_XINFO, 2589 "ioc %x scsi %x state %x xfer %u\n", 2590 le16toh(rep->IOCStatus), rep->SCSIStatus, rep->SCSIState, 2591 le32toh(rep->TransferCount)); 2592 2593 switch (le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) { 2594 case MPI2_IOCSTATUS_SCSI_DATA_UNDERRUN: 2595 csio->resid = cm->cm_length - le32toh(rep->TransferCount); 2596 /* FALLTHROUGH */ 2597 case MPI2_IOCSTATUS_SUCCESS: 2598 case MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR: 2599 if ((le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK) == 2600 MPI2_IOCSTATUS_SCSI_RECOVERED_ERROR) 2601 mprsas_log_command(cm, MPR_XINFO, "recovered error\n"); 2602 2603 /* Completion failed at the transport level. */ 2604 if (rep->SCSIState & (MPI2_SCSI_STATE_NO_SCSI_STATUS | 2605 MPI2_SCSI_STATE_TERMINATED)) { 2606 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2607 break; 2608 } 2609 2610 /* In a modern packetized environment, an autosense failure 2611 * implies that there's not much else that can be done to 2612 * recover the command. 2613 */ 2614 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_FAILED) { 2615 mprsas_set_ccbstatus(ccb, CAM_AUTOSENSE_FAIL); 2616 break; 2617 } 2618 2619 /* 2620 * CAM doesn't care about SAS Response Info data, but if this is 2621 * the state check if TLR should be done. If not, clear the 2622 * TLR_bits for the target. 2623 */ 2624 if ((rep->SCSIState & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) && 2625 ((le32toh(rep->ResponseInfo) & MPI2_SCSI_RI_MASK_REASONCODE) 2626 == MPR_SCSI_RI_INVALID_FRAME)) { 2627 sc->mapping_table[target_id].TLR_bits = 2628 (u8)MPI2_SCSIIO_CONTROL_NO_TLR; 2629 } 2630 2631 /* 2632 * Intentionally override the normal SCSI status reporting 2633 * for these two cases. These are likely to happen in a 2634 * multi-initiator environment, and we want to make sure that 2635 * CAM retries these commands rather than fail them. 2636 */ 2637 if ((rep->SCSIStatus == MPI2_SCSI_STATUS_COMMAND_TERMINATED) || 2638 (rep->SCSIStatus == MPI2_SCSI_STATUS_TASK_ABORTED)) { 2639 mprsas_set_ccbstatus(ccb, CAM_REQ_ABORTED); 2640 break; 2641 } 2642 2643 /* Handle normal status and sense */ 2644 csio->scsi_status = rep->SCSIStatus; 2645 if (rep->SCSIStatus == MPI2_SCSI_STATUS_GOOD) 2646 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2647 else 2648 mprsas_set_ccbstatus(ccb, CAM_SCSI_STATUS_ERROR); 2649 2650 if (rep->SCSIState & MPI2_SCSI_STATE_AUTOSENSE_VALID) { 2651 int sense_len, returned_sense_len; 2652 2653 returned_sense_len = min(le32toh(rep->SenseCount), 2654 sizeof(struct scsi_sense_data)); 2655 if (returned_sense_len < csio->sense_len) 2656 csio->sense_resid = csio->sense_len - 2657 returned_sense_len; 2658 else 2659 csio->sense_resid = 0; 2660 2661 sense_len = min(returned_sense_len, 2662 csio->sense_len - csio->sense_resid); 2663 bzero(&csio->sense_data, sizeof(csio->sense_data)); 2664 bcopy(cm->cm_sense, &csio->sense_data, sense_len); 2665 ccb->ccb_h.status |= CAM_AUTOSNS_VALID; 2666 } 2667 2668 /* 2669 * Check if this is an INQUIRY command. If it's a VPD inquiry, 2670 * and it's page code 0 (Supported Page List), and there is 2671 * inquiry data, and this is for a sequential access device, and 2672 * the device is an SSP target, and TLR is supported by the 2673 * controller, turn the TLR_bits value ON if page 0x90 is 2674 * supported. 2675 */ 2676 if ((scsi_cdb[0] == INQUIRY) && 2677 (scsi_cdb[1] & SI_EVPD) && 2678 (scsi_cdb[2] == SVPD_SUPPORTED_PAGE_LIST) && 2679 ((csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) && 2680 (csio->data_ptr != NULL) && 2681 ((csio->data_ptr[0] & 0x1f) == T_SEQUENTIAL) && 2682 (sc->control_TLR) && 2683 (sc->mapping_table[target_id].device_info & 2684 MPI2_SAS_DEVICE_INFO_SSP_TARGET)) { 2685 vpd_list = (struct scsi_vpd_supported_page_list *) 2686 csio->data_ptr; 2687 TLR_bits = &sc->mapping_table[target_id].TLR_bits; 2688 *TLR_bits = (u8)MPI2_SCSIIO_CONTROL_NO_TLR; 2689 TLR_on = (u8)MPI2_SCSIIO_CONTROL_TLR_ON; 2690 alloc_len = ((u16)scsi_cdb[3] << 8) + scsi_cdb[4]; 2691 alloc_len -= csio->resid; 2692 for (i = 0; i < MIN(vpd_list->length, alloc_len); i++) { 2693 if (vpd_list->list[i] == 0x90) { 2694 *TLR_bits = TLR_on; 2695 break; 2696 } 2697 } 2698 } 2699 2700 /* 2701 * If this is a SATA direct-access end device, mark it so that 2702 * a SCSI StartStopUnit command will be sent to it when the 2703 * driver is being shutdown. 2704 */ 2705 if ((scsi_cdb[0] == INQUIRY) && 2706 (csio->data_ptr != NULL) && 2707 ((csio->data_ptr[0] & 0x1f) == T_DIRECT) && 2708 (sc->mapping_table[target_id].device_info & 2709 MPI2_SAS_DEVICE_INFO_SATA_DEVICE) && 2710 ((sc->mapping_table[target_id].device_info & 2711 MPI2_SAS_DEVICE_INFO_MASK_DEVICE_TYPE) == 2712 MPI2_SAS_DEVICE_INFO_END_DEVICE)) { 2713 target = &sassc->targets[target_id]; 2714 target->supports_SSU = TRUE; 2715 mpr_dprint(sc, MPR_XINFO, "Target %d supports SSU\n", 2716 target_id); 2717 } 2718 break; 2719 case MPI2_IOCSTATUS_SCSI_INVALID_DEVHANDLE: 2720 case MPI2_IOCSTATUS_SCSI_DEVICE_NOT_THERE: 2721 /* 2722 * If devinfo is 0 this will be a volume. In that case don't 2723 * tell CAM that the volume is not there. We want volumes to 2724 * be enumerated until they are deleted/removed, not just 2725 * failed. 2726 */ 2727 if (cm->cm_targ->devinfo == 0) 2728 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2729 else 2730 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2731 break; 2732 case MPI2_IOCSTATUS_INVALID_SGL: 2733 mpr_print_scsiio_cmd(sc, cm); 2734 mprsas_set_ccbstatus(ccb, CAM_UNREC_HBA_ERROR); 2735 break; 2736 case MPI2_IOCSTATUS_SCSI_TASK_TERMINATED: 2737 /* 2738 * This is one of the responses that comes back when an I/O 2739 * has been aborted. If it is because of a timeout that we 2740 * initiated, just set the status to CAM_CMD_TIMEOUT. 2741 * Otherwise set it to CAM_REQ_ABORTED. The effect on the 2742 * command is the same (it gets retried, subject to the 2743 * retry counter), the only difference is what gets printed 2744 * on the console. 2745 */ 2746 if (cm->cm_flags & MPR_CM_FLAGS_TIMEDOUT) 2747 mprsas_set_ccbstatus(ccb, CAM_CMD_TIMEOUT); 2748 else 2749 mprsas_set_ccbstatus(ccb, CAM_REQ_ABORTED); 2750 break; 2751 case MPI2_IOCSTATUS_SCSI_DATA_OVERRUN: 2752 /* resid is ignored for this condition */ 2753 csio->resid = 0; 2754 mprsas_set_ccbstatus(ccb, CAM_DATA_RUN_ERR); 2755 break; 2756 case MPI2_IOCSTATUS_SCSI_IOC_TERMINATED: 2757 case MPI2_IOCSTATUS_SCSI_EXT_TERMINATED: 2758 /* 2759 * These can sometimes be transient transport-related 2760 * errors, and sometimes persistent drive-related errors. 2761 * We used to retry these without decrementing the retry 2762 * count by returning CAM_REQUEUE_REQ. Unfortunately, if 2763 * we hit a persistent drive problem that returns one of 2764 * these error codes, we would retry indefinitely. So, 2765 * return CAM_REQ_CMP_ERR so that we decrement the retry 2766 * count and avoid infinite retries. We're taking the 2767 * potential risk of flagging false failures in the event 2768 * of a topology-related error (e.g. a SAS expander problem 2769 * causes a command addressed to a drive to fail), but 2770 * avoiding getting into an infinite retry loop. However, 2771 * if we get them while were removing a device, we should 2772 * fail the request as 'not there' because the device 2773 * is effectively gone. 2774 */ 2775 if (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) 2776 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 2777 else 2778 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2779 mpr_dprint(sc, MPR_INFO, 2780 "Controller reported %s tgt %u SMID %u loginfo %x%s\n", 2781 mpr_describe_table(mpr_iocstatus_string, 2782 le16toh(rep->IOCStatus) & MPI2_IOCSTATUS_MASK), 2783 target_id, cm->cm_desc.Default.SMID, 2784 le32toh(rep->IOCLogInfo), 2785 (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) ? " departing" : ""); 2786 mpr_dprint(sc, MPR_XINFO, 2787 "SCSIStatus %x SCSIState %x xfercount %u\n", 2788 rep->SCSIStatus, rep->SCSIState, 2789 le32toh(rep->TransferCount)); 2790 break; 2791 case MPI2_IOCSTATUS_INVALID_FUNCTION: 2792 case MPI2_IOCSTATUS_INTERNAL_ERROR: 2793 case MPI2_IOCSTATUS_INVALID_VPID: 2794 case MPI2_IOCSTATUS_INVALID_FIELD: 2795 case MPI2_IOCSTATUS_INVALID_STATE: 2796 case MPI2_IOCSTATUS_OP_STATE_NOT_SUPPORTED: 2797 case MPI2_IOCSTATUS_SCSI_IO_DATA_ERROR: 2798 case MPI2_IOCSTATUS_SCSI_PROTOCOL_ERROR: 2799 case MPI2_IOCSTATUS_SCSI_RESIDUAL_MISMATCH: 2800 case MPI2_IOCSTATUS_SCSI_TASK_MGMT_FAILED: 2801 default: 2802 mprsas_log_command(cm, MPR_XINFO, 2803 "completed ioc %x loginfo %x scsi %x state %x xfer %u\n", 2804 le16toh(rep->IOCStatus), le32toh(rep->IOCLogInfo), 2805 rep->SCSIStatus, rep->SCSIState, 2806 le32toh(rep->TransferCount)); 2807 csio->resid = cm->cm_length; 2808 2809 if (scsi_cdb[0] == UNMAP && 2810 target->is_nvme && 2811 (csio->ccb_h.flags & CAM_DATA_MASK) == CAM_DATA_VADDR) 2812 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2813 else 2814 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2815 2816 break; 2817 } 2818 2819 mpr_sc_failed_io_info(sc, csio, rep, cm->cm_targ); 2820 2821 if (sassc->flags & MPRSAS_QUEUE_FROZEN) { 2822 ccb->ccb_h.status |= CAM_RELEASE_SIMQ; 2823 sassc->flags &= ~MPRSAS_QUEUE_FROZEN; 2824 mpr_dprint(sc, MPR_INFO, "Command completed, unfreezing SIM " 2825 "queue\n"); 2826 } 2827 2828 if (mprsas_get_ccbstatus(ccb) != CAM_REQ_CMP) { 2829 ccb->ccb_h.status |= CAM_DEV_QFRZN; 2830 xpt_freeze_devq(ccb->ccb_h.path, /*count*/ 1); 2831 } 2832 2833 /* 2834 * Check to see if we're removing the device. If so, and this is the 2835 * last command on the queue, proceed with the deferred removal of the 2836 * device. Note, for removing a volume, this won't trigger because 2837 * pending_remove_tm will be NULL. 2838 */ 2839 if (cm->cm_targ->flags & MPRSAS_TARGET_INREMOVAL) { 2840 if (TAILQ_FIRST(&cm->cm_targ->commands) == NULL && 2841 cm->cm_targ->pending_remove_tm != NULL) { 2842 mpr_dprint(sc, MPR_INFO, 2843 "Last pending command complete: starting remove_device target %u handle 0x%04x\n", 2844 cm->cm_targ->tid, cm->cm_targ->handle); 2845 mpr_map_command(sc, cm->cm_targ->pending_remove_tm); 2846 cm->cm_targ->pending_remove_tm = NULL; 2847 } 2848 } 2849 2850 mpr_free_command(sc, cm); 2851 xpt_done(ccb); 2852} 2853 2854static void 2855mprsas_smpio_complete(struct mpr_softc *sc, struct mpr_command *cm) 2856{ 2857 MPI2_SMP_PASSTHROUGH_REPLY *rpl; 2858 MPI2_SMP_PASSTHROUGH_REQUEST *req; 2859 uint64_t sasaddr; 2860 union ccb *ccb; 2861 2862 ccb = cm->cm_complete_data; 2863 2864 /* 2865 * Currently there should be no way we can hit this case. It only 2866 * happens when we have a failure to allocate chain frames, and SMP 2867 * commands require two S/G elements only. That should be handled 2868 * in the standard request size. 2869 */ 2870 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 2871 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x on SMP " 2872 "request!\n", __func__, cm->cm_flags); 2873 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2874 goto bailout; 2875 } 2876 2877 rpl = (MPI2_SMP_PASSTHROUGH_REPLY *)cm->cm_reply; 2878 if (rpl == NULL) { 2879 mpr_dprint(sc, MPR_ERROR, "%s: NULL cm_reply!\n", __func__); 2880 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2881 goto bailout; 2882 } 2883 2884 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req; 2885 sasaddr = le32toh(req->SASAddress.Low); 2886 sasaddr |= ((uint64_t)(le32toh(req->SASAddress.High))) << 32; 2887 2888 if ((le16toh(rpl->IOCStatus) & MPI2_IOCSTATUS_MASK) != 2889 MPI2_IOCSTATUS_SUCCESS || 2890 rpl->SASStatus != MPI2_SASSTATUS_SUCCESS) { 2891 mpr_dprint(sc, MPR_XINFO, "%s: IOCStatus %04x SASStatus %02x\n", 2892 __func__, le16toh(rpl->IOCStatus), rpl->SASStatus); 2893 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 2894 goto bailout; 2895 } 2896 2897 mpr_dprint(sc, MPR_XINFO, "%s: SMP request to SAS address %#jx " 2898 "completed successfully\n", __func__, (uintmax_t)sasaddr); 2899 2900 if (ccb->smpio.smp_response[2] == SMP_FR_ACCEPTED) 2901 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 2902 else 2903 mprsas_set_ccbstatus(ccb, CAM_SMP_STATUS_ERROR); 2904 2905bailout: 2906 /* 2907 * We sync in both directions because we had DMAs in the S/G list 2908 * in both directions. 2909 */ 2910 bus_dmamap_sync(sc->buffer_dmat, cm->cm_dmamap, 2911 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 2912 bus_dmamap_unload(sc->buffer_dmat, cm->cm_dmamap); 2913 mpr_free_command(sc, cm); 2914 xpt_done(ccb); 2915} 2916 2917static void 2918mprsas_send_smpcmd(struct mprsas_softc *sassc, union ccb *ccb, uint64_t sasaddr) 2919{ 2920 struct mpr_command *cm; 2921 uint8_t *request, *response; 2922 MPI2_SMP_PASSTHROUGH_REQUEST *req; 2923 struct mpr_softc *sc; 2924 int error; 2925 2926 sc = sassc->sc; 2927 error = 0; 2928 2929 switch (ccb->ccb_h.flags & CAM_DATA_MASK) { 2930 case CAM_DATA_PADDR: 2931 case CAM_DATA_SG_PADDR: 2932 /* 2933 * XXX We don't yet support physical addresses here. 2934 */ 2935 mpr_dprint(sc, MPR_ERROR, "%s: physical addresses not " 2936 "supported\n", __func__); 2937 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2938 xpt_done(ccb); 2939 return; 2940 case CAM_DATA_SG: 2941 /* 2942 * The chip does not support more than one buffer for the 2943 * request or response. 2944 */ 2945 if ((ccb->smpio.smp_request_sglist_cnt > 1) 2946 || (ccb->smpio.smp_response_sglist_cnt > 1)) { 2947 mpr_dprint(sc, MPR_ERROR, "%s: multiple request or " 2948 "response buffer segments not supported for SMP\n", 2949 __func__); 2950 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2951 xpt_done(ccb); 2952 return; 2953 } 2954 2955 /* 2956 * The CAM_SCATTER_VALID flag was originally implemented 2957 * for the XPT_SCSI_IO CCB, which only has one data pointer. 2958 * We have two. So, just take that flag to mean that we 2959 * might have S/G lists, and look at the S/G segment count 2960 * to figure out whether that is the case for each individual 2961 * buffer. 2962 */ 2963 if (ccb->smpio.smp_request_sglist_cnt != 0) { 2964 bus_dma_segment_t *req_sg; 2965 2966 req_sg = (bus_dma_segment_t *)ccb->smpio.smp_request; 2967 request = (uint8_t *)(uintptr_t)req_sg[0].ds_addr; 2968 } else 2969 request = ccb->smpio.smp_request; 2970 2971 if (ccb->smpio.smp_response_sglist_cnt != 0) { 2972 bus_dma_segment_t *rsp_sg; 2973 2974 rsp_sg = (bus_dma_segment_t *)ccb->smpio.smp_response; 2975 response = (uint8_t *)(uintptr_t)rsp_sg[0].ds_addr; 2976 } else 2977 response = ccb->smpio.smp_response; 2978 break; 2979 case CAM_DATA_VADDR: 2980 request = ccb->smpio.smp_request; 2981 response = ccb->smpio.smp_response; 2982 break; 2983 default: 2984 mprsas_set_ccbstatus(ccb, CAM_REQ_INVALID); 2985 xpt_done(ccb); 2986 return; 2987 } 2988 2989 cm = mpr_alloc_command(sc); 2990 if (cm == NULL) { 2991 mpr_dprint(sc, MPR_ERROR, "%s: cannot allocate command\n", 2992 __func__); 2993 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 2994 xpt_done(ccb); 2995 return; 2996 } 2997 2998 req = (MPI2_SMP_PASSTHROUGH_REQUEST *)cm->cm_req; 2999 bzero(req, sizeof(*req)); 3000 req->Function = MPI2_FUNCTION_SMP_PASSTHROUGH; 3001 3002 /* Allow the chip to use any route to this SAS address. */ 3003 req->PhysicalPort = 0xff; 3004 3005 req->RequestDataLength = htole16(ccb->smpio.smp_request_len); 3006 req->SGLFlags = 3007 MPI2_SGLFLAGS_SYSTEM_ADDRESS_SPACE | MPI2_SGLFLAGS_SGL_TYPE_MPI; 3008 3009 mpr_dprint(sc, MPR_XINFO, "%s: sending SMP request to SAS address " 3010 "%#jx\n", __func__, (uintmax_t)sasaddr); 3011 3012 mpr_init_sge(cm, req, &req->SGL); 3013 3014 /* 3015 * Set up a uio to pass into mpr_map_command(). This allows us to 3016 * do one map command, and one busdma call in there. 3017 */ 3018 cm->cm_uio.uio_iov = cm->cm_iovec; 3019 cm->cm_uio.uio_iovcnt = 2; 3020 cm->cm_uio.uio_segflg = UIO_SYSSPACE; 3021 3022 /* 3023 * The read/write flag isn't used by busdma, but set it just in 3024 * case. This isn't exactly accurate, either, since we're going in 3025 * both directions. 3026 */ 3027 cm->cm_uio.uio_rw = UIO_WRITE; 3028 3029 cm->cm_iovec[0].iov_base = request; 3030 cm->cm_iovec[0].iov_len = le16toh(req->RequestDataLength); 3031 cm->cm_iovec[1].iov_base = response; 3032 cm->cm_iovec[1].iov_len = ccb->smpio.smp_response_len; 3033 3034 cm->cm_uio.uio_resid = cm->cm_iovec[0].iov_len + 3035 cm->cm_iovec[1].iov_len; 3036 3037 /* 3038 * Trigger a warning message in mpr_data_cb() for the user if we 3039 * wind up exceeding two S/G segments. The chip expects one 3040 * segment for the request and another for the response. 3041 */ 3042 cm->cm_max_segs = 2; 3043 3044 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 3045 cm->cm_complete = mprsas_smpio_complete; 3046 cm->cm_complete_data = ccb; 3047 3048 /* 3049 * Tell the mapping code that we're using a uio, and that this is 3050 * an SMP passthrough request. There is a little special-case 3051 * logic there (in mpr_data_cb()) to handle the bidirectional 3052 * transfer. 3053 */ 3054 cm->cm_flags |= MPR_CM_FLAGS_USE_UIO | MPR_CM_FLAGS_SMP_PASS | 3055 MPR_CM_FLAGS_DATAIN | MPR_CM_FLAGS_DATAOUT; 3056 3057 /* The chip data format is little endian. */ 3058 req->SASAddress.High = htole32(sasaddr >> 32); 3059 req->SASAddress.Low = htole32(sasaddr); 3060 3061 /* 3062 * XXX Note that we don't have a timeout/abort mechanism here. 3063 * From the manual, it looks like task management requests only 3064 * work for SCSI IO and SATA passthrough requests. We may need to 3065 * have a mechanism to retry requests in the event of a chip reset 3066 * at least. Hopefully the chip will insure that any errors short 3067 * of that are relayed back to the driver. 3068 */ 3069 error = mpr_map_command(sc, cm); 3070 if ((error != 0) && (error != EINPROGRESS)) { 3071 mpr_dprint(sc, MPR_ERROR, "%s: error %d returned from " 3072 "mpr_map_command()\n", __func__, error); 3073 goto bailout_error; 3074 } 3075 3076 return; 3077 3078bailout_error: 3079 mpr_free_command(sc, cm); 3080 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 3081 xpt_done(ccb); 3082 return; 3083} 3084 3085static void 3086mprsas_action_smpio(struct mprsas_softc *sassc, union ccb *ccb) 3087{ 3088 struct mpr_softc *sc; 3089 struct mprsas_target *targ; 3090 uint64_t sasaddr = 0; 3091 3092 sc = sassc->sc; 3093 3094 /* 3095 * Make sure the target exists. 3096 */ 3097 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets, 3098 ("Target %d out of bounds in XPT_SMP_IO\n", ccb->ccb_h.target_id)); 3099 targ = &sassc->targets[ccb->ccb_h.target_id]; 3100 if (targ->handle == 0x0) { 3101 mpr_dprint(sc, MPR_ERROR, "%s: target %d does not exist!\n", 3102 __func__, ccb->ccb_h.target_id); 3103 mprsas_set_ccbstatus(ccb, CAM_SEL_TIMEOUT); 3104 xpt_done(ccb); 3105 return; 3106 } 3107 3108 /* 3109 * If this device has an embedded SMP target, we'll talk to it 3110 * directly. 3111 * figure out what the expander's address is. 3112 */ 3113 if ((targ->devinfo & MPI2_SAS_DEVICE_INFO_SMP_TARGET) != 0) 3114 sasaddr = targ->sasaddr; 3115 3116 /* 3117 * If we don't have a SAS address for the expander yet, try 3118 * grabbing it from the page 0x83 information cached in the 3119 * transport layer for this target. LSI expanders report the 3120 * expander SAS address as the port-associated SAS address in 3121 * Inquiry VPD page 0x83. Maxim expanders don't report it in page 3122 * 0x83. 3123 * 3124 * XXX KDM disable this for now, but leave it commented out so that 3125 * it is obvious that this is another possible way to get the SAS 3126 * address. 3127 * 3128 * The parent handle method below is a little more reliable, and 3129 * the other benefit is that it works for devices other than SES 3130 * devices. So you can send a SMP request to a da(4) device and it 3131 * will get routed to the expander that device is attached to. 3132 * (Assuming the da(4) device doesn't contain an SMP target...) 3133 */ 3134#if 0 3135 if (sasaddr == 0) 3136 sasaddr = xpt_path_sas_addr(ccb->ccb_h.path); 3137#endif 3138 3139 /* 3140 * If we still don't have a SAS address for the expander, look for 3141 * the parent device of this device, which is probably the expander. 3142 */ 3143 if (sasaddr == 0) { 3144#ifdef OLD_MPR_PROBE 3145 struct mprsas_target *parent_target; 3146#endif 3147 3148 if (targ->parent_handle == 0x0) { 3149 mpr_dprint(sc, MPR_ERROR, "%s: handle %d does not have " 3150 "a valid parent handle!\n", __func__, targ->handle); 3151 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3152 goto bailout; 3153 } 3154#ifdef OLD_MPR_PROBE 3155 parent_target = mprsas_find_target_by_handle(sassc, 0, 3156 targ->parent_handle); 3157 3158 if (parent_target == NULL) { 3159 mpr_dprint(sc, MPR_ERROR, "%s: handle %d does not have " 3160 "a valid parent target!\n", __func__, targ->handle); 3161 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3162 goto bailout; 3163 } 3164 3165 if ((parent_target->devinfo & 3166 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) { 3167 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent %d " 3168 "does not have an SMP target!\n", __func__, 3169 targ->handle, parent_target->handle); 3170 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3171 goto bailout; 3172 } 3173 3174 sasaddr = parent_target->sasaddr; 3175#else /* OLD_MPR_PROBE */ 3176 if ((targ->parent_devinfo & 3177 MPI2_SAS_DEVICE_INFO_SMP_TARGET) == 0) { 3178 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent %d " 3179 "does not have an SMP target!\n", __func__, 3180 targ->handle, targ->parent_handle); 3181 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3182 goto bailout; 3183 } 3184 if (targ->parent_sasaddr == 0x0) { 3185 mpr_dprint(sc, MPR_ERROR, "%s: handle %d parent handle " 3186 "%d does not have a valid SAS address!\n", __func__, 3187 targ->handle, targ->parent_handle); 3188 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3189 goto bailout; 3190 } 3191 3192 sasaddr = targ->parent_sasaddr; 3193#endif /* OLD_MPR_PROBE */ 3194 } 3195 3196 if (sasaddr == 0) { 3197 mpr_dprint(sc, MPR_INFO, "%s: unable to find SAS address for " 3198 "handle %d\n", __func__, targ->handle); 3199 mprsas_set_ccbstatus(ccb, CAM_DEV_NOT_THERE); 3200 goto bailout; 3201 } 3202 mprsas_send_smpcmd(sassc, ccb, sasaddr); 3203 3204 return; 3205 3206bailout: 3207 xpt_done(ccb); 3208 3209} 3210 3211static void 3212mprsas_action_resetdev(struct mprsas_softc *sassc, union ccb *ccb) 3213{ 3214 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 3215 struct mpr_softc *sc; 3216 struct mpr_command *tm; 3217 struct mprsas_target *targ; 3218 3219 MPR_FUNCTRACE(sassc->sc); 3220 mtx_assert(&sassc->sc->mpr_mtx, MA_OWNED); 3221 3222 KASSERT(ccb->ccb_h.target_id < sassc->maxtargets, ("Target %d out of " 3223 "bounds in XPT_RESET_DEV\n", ccb->ccb_h.target_id)); 3224 sc = sassc->sc; 3225 tm = mprsas_alloc_tm(sc); 3226 if (tm == NULL) { 3227 mpr_dprint(sc, MPR_ERROR, "command alloc failure in " 3228 "mprsas_action_resetdev\n"); 3229 mprsas_set_ccbstatus(ccb, CAM_RESRC_UNAVAIL); 3230 xpt_done(ccb); 3231 return; 3232 } 3233 3234 targ = &sassc->targets[ccb->ccb_h.target_id]; 3235 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 3236 req->DevHandle = htole16(targ->handle); 3237 req->TaskType = MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET; 3238 3239 if (!targ->is_nvme || sc->custom_nvme_tm_handling) { 3240 /* SAS Hard Link Reset / SATA Link Reset */ 3241 req->MsgFlags = MPI2_SCSITASKMGMT_MSGFLAGS_LINK_RESET; 3242 } else { 3243 /* PCIe Protocol Level Reset*/ 3244 req->MsgFlags = 3245 MPI26_SCSITASKMGMT_MSGFLAGS_PROTOCOL_LVL_RST_PCIE; 3246 } 3247 3248 tm->cm_data = NULL; 3249 tm->cm_complete = mprsas_resetdev_complete; 3250 tm->cm_complete_data = ccb; 3251 3252 mpr_dprint(sc, MPR_INFO, "%s: Sending reset for target ID %d\n", 3253 __func__, targ->tid); 3254 tm->cm_targ = targ; 3255 3256 mprsas_prepare_for_tm(sc, tm, targ, CAM_LUN_WILDCARD); 3257 mpr_map_command(sc, tm); 3258} 3259 3260static void 3261mprsas_resetdev_complete(struct mpr_softc *sc, struct mpr_command *tm) 3262{ 3263 MPI2_SCSI_TASK_MANAGE_REPLY *resp; 3264 union ccb *ccb; 3265 3266 MPR_FUNCTRACE(sc); 3267 mtx_assert(&sc->mpr_mtx, MA_OWNED); 3268 3269 resp = (MPI2_SCSI_TASK_MANAGE_REPLY *)tm->cm_reply; 3270 ccb = tm->cm_complete_data; 3271 3272 /* 3273 * Currently there should be no way we can hit this case. It only 3274 * happens when we have a failure to allocate chain frames, and 3275 * task management commands don't have S/G lists. 3276 */ 3277 if ((tm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 3278 MPI2_SCSI_TASK_MANAGE_REQUEST *req; 3279 3280 req = (MPI2_SCSI_TASK_MANAGE_REQUEST *)tm->cm_req; 3281 3282 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for reset of " 3283 "handle %#04x! This should not happen!\n", __func__, 3284 tm->cm_flags, req->DevHandle); 3285 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 3286 goto bailout; 3287 } 3288 3289 mpr_dprint(sc, MPR_XINFO, "%s: IOCStatus = 0x%x ResponseCode = 0x%x\n", 3290 __func__, le16toh(resp->IOCStatus), le32toh(resp->ResponseCode)); 3291 3292 if (le32toh(resp->ResponseCode) == MPI2_SCSITASKMGMT_RSP_TM_COMPLETE) { 3293 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP); 3294 mprsas_announce_reset(sc, AC_SENT_BDR, tm->cm_targ->tid, 3295 CAM_LUN_WILDCARD); 3296 } 3297 else 3298 mprsas_set_ccbstatus(ccb, CAM_REQ_CMP_ERR); 3299 3300bailout: 3301 3302 mprsas_free_tm(sc, tm); 3303 xpt_done(ccb); 3304} 3305 3306static void 3307mprsas_poll(struct cam_sim *sim) 3308{ 3309 struct mprsas_softc *sassc; 3310 3311 sassc = cam_sim_softc(sim); 3312 3313 if (sassc->sc->mpr_debug & MPR_TRACE) { 3314 /* frequent debug messages during a panic just slow 3315 * everything down too much. 3316 */ 3317 mpr_dprint(sassc->sc, MPR_XINFO, "%s clearing MPR_TRACE\n", 3318 __func__); 3319 sassc->sc->mpr_debug &= ~MPR_TRACE; 3320 } 3321 3322 mpr_intr_locked(sassc->sc); 3323} 3324 3325static void 3326mprsas_async(void *callback_arg, uint32_t code, struct cam_path *path, 3327 void *arg) 3328{ 3329 struct mpr_softc *sc; 3330 3331 sc = (struct mpr_softc *)callback_arg; 3332 3333 mpr_lock(sc); 3334 switch (code) { 3335 case AC_ADVINFO_CHANGED: { 3336 struct mprsas_target *target; 3337 struct mprsas_softc *sassc; 3338 struct scsi_read_capacity_data_long rcap_buf; 3339 struct ccb_dev_advinfo cdai; 3340 struct mprsas_lun *lun; 3341 lun_id_t lunid; 3342 int found_lun; 3343 uintptr_t buftype; 3344 3345 buftype = (uintptr_t)arg; 3346 3347 found_lun = 0; 3348 sassc = sc->sassc; 3349 3350 /* 3351 * We're only interested in read capacity data changes. 3352 */ 3353 if (buftype != CDAI_TYPE_RCAPLONG) 3354 break; 3355 3356 /* 3357 * We should have a handle for this, but check to make sure. 3358 */ 3359 KASSERT(xpt_path_target_id(path) < sassc->maxtargets, 3360 ("Target %d out of bounds in mprsas_async\n", 3361 xpt_path_target_id(path))); 3362 target = &sassc->targets[xpt_path_target_id(path)]; 3363 if (target->handle == 0) 3364 break; 3365 3366 lunid = xpt_path_lun_id(path); 3367 3368 SLIST_FOREACH(lun, &target->luns, lun_link) { 3369 if (lun->lun_id == lunid) { 3370 found_lun = 1; 3371 break; 3372 } 3373 } 3374 3375 if (found_lun == 0) { 3376 lun = malloc(sizeof(struct mprsas_lun), M_MPR, 3377 M_NOWAIT | M_ZERO); 3378 if (lun == NULL) { 3379 mpr_dprint(sc, MPR_ERROR, "Unable to alloc " 3380 "LUN for EEDP support.\n"); 3381 break; 3382 } 3383 lun->lun_id = lunid; 3384 SLIST_INSERT_HEAD(&target->luns, lun, lun_link); 3385 } 3386 3387 bzero(&rcap_buf, sizeof(rcap_buf)); 3388 bzero(&cdai, sizeof(cdai)); 3389 xpt_setup_ccb(&cdai.ccb_h, path, CAM_PRIORITY_NORMAL); 3390 cdai.ccb_h.func_code = XPT_DEV_ADVINFO; 3391 cdai.ccb_h.flags = CAM_DIR_IN; 3392 cdai.buftype = CDAI_TYPE_RCAPLONG; 3393 cdai.flags = CDAI_FLAG_NONE; 3394 cdai.bufsiz = sizeof(rcap_buf); 3395 cdai.buf = (uint8_t *)&rcap_buf; 3396 xpt_action((union ccb *)&cdai); 3397 if ((cdai.ccb_h.status & CAM_DEV_QFRZN) != 0) 3398 cam_release_devq(cdai.ccb_h.path, 0, 0, 0, FALSE); 3399 3400 if ((mprsas_get_ccbstatus((union ccb *)&cdai) == CAM_REQ_CMP) 3401 && (rcap_buf.prot & SRC16_PROT_EN)) { 3402 switch (rcap_buf.prot & SRC16_P_TYPE) { 3403 case SRC16_PTYPE_1: 3404 case SRC16_PTYPE_3: 3405 lun->eedp_formatted = TRUE; 3406 lun->eedp_block_size = 3407 scsi_4btoul(rcap_buf.length); 3408 break; 3409 case SRC16_PTYPE_2: 3410 default: 3411 lun->eedp_formatted = FALSE; 3412 lun->eedp_block_size = 0; 3413 break; 3414 } 3415 } else { 3416 lun->eedp_formatted = FALSE; 3417 lun->eedp_block_size = 0; 3418 } 3419 break; 3420 } 3421 default: 3422 break; 3423 } 3424 mpr_unlock(sc); 3425} 3426 3427/* 3428 * Freeze the devq and set the INRESET flag so that no I/O will be sent to 3429 * the target until the reset has completed. The CCB holds the path which 3430 * is used to release the devq. The devq is released and the CCB is freed 3431 * when the TM completes. 3432 * We only need to do this when we're entering reset, not at each time we 3433 * need to send an abort (which will happen if multiple commands timeout 3434 * while we're sending the abort). We do not release the queue for each 3435 * command we complete (just at the end when we free the tm), so freezing 3436 * it each time doesn't make sense. 3437 */ 3438void 3439mprsas_prepare_for_tm(struct mpr_softc *sc, struct mpr_command *tm, 3440 struct mprsas_target *target, lun_id_t lun_id) 3441{ 3442 union ccb *ccb; 3443 path_id_t path_id; 3444 3445 ccb = xpt_alloc_ccb_nowait(); 3446 if (ccb) { 3447 path_id = cam_sim_path(sc->sassc->sim); 3448 if (xpt_create_path(&ccb->ccb_h.path, xpt_periph, path_id, 3449 target->tid, lun_id) != CAM_REQ_CMP) { 3450 xpt_free_ccb(ccb); 3451 } else { 3452 tm->cm_ccb = ccb; 3453 tm->cm_targ = target; 3454 if ((target->flags & MPRSAS_TARGET_INRESET) == 0) { 3455 mpr_dprint(sc, MPR_XINFO | MPR_RECOVERY, 3456 "%s: Freezing devq for target ID %d\n", 3457 __func__, target->tid); 3458 xpt_freeze_devq(ccb->ccb_h.path, 1); 3459 target->flags |= MPRSAS_TARGET_INRESET; 3460 } 3461 } 3462 } 3463} 3464 3465int 3466mprsas_startup(struct mpr_softc *sc) 3467{ 3468 /* 3469 * Send the port enable message and set the wait_for_port_enable flag. 3470 * This flag helps to keep the simq frozen until all discovery events 3471 * are processed. 3472 */ 3473 sc->wait_for_port_enable = 1; 3474 mprsas_send_portenable(sc); 3475 return (0); 3476} 3477 3478static int 3479mprsas_send_portenable(struct mpr_softc *sc) 3480{ 3481 MPI2_PORT_ENABLE_REQUEST *request; 3482 struct mpr_command *cm; 3483 3484 MPR_FUNCTRACE(sc); 3485 3486 if ((cm = mpr_alloc_command(sc)) == NULL) 3487 return (EBUSY); 3488 request = (MPI2_PORT_ENABLE_REQUEST *)cm->cm_req; 3489 request->Function = MPI2_FUNCTION_PORT_ENABLE; 3490 request->MsgFlags = 0; 3491 request->VP_ID = 0; 3492 cm->cm_desc.Default.RequestFlags = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE; 3493 cm->cm_complete = mprsas_portenable_complete; 3494 cm->cm_data = NULL; 3495 cm->cm_sge = NULL; 3496 3497 mpr_map_command(sc, cm); 3498 mpr_dprint(sc, MPR_XINFO, 3499 "mpr_send_portenable finished cm %p req %p complete %p\n", 3500 cm, cm->cm_req, cm->cm_complete); 3501 return (0); 3502} 3503 3504static void 3505mprsas_portenable_complete(struct mpr_softc *sc, struct mpr_command *cm) 3506{ 3507 MPI2_PORT_ENABLE_REPLY *reply; 3508 struct mprsas_softc *sassc; 3509 3510 MPR_FUNCTRACE(sc); 3511 sassc = sc->sassc; 3512 3513 /* 3514 * Currently there should be no way we can hit this case. It only 3515 * happens when we have a failure to allocate chain frames, and 3516 * port enable commands don't have S/G lists. 3517 */ 3518 if ((cm->cm_flags & MPR_CM_FLAGS_ERROR_MASK) != 0) { 3519 mpr_dprint(sc, MPR_ERROR, "%s: cm_flags = %#x for port enable! " 3520 "This should not happen!\n", __func__, cm->cm_flags); 3521 } 3522 3523 reply = (MPI2_PORT_ENABLE_REPLY *)cm->cm_reply; 3524 if (reply == NULL) 3525 mpr_dprint(sc, MPR_FAULT, "Portenable NULL reply\n"); 3526 else if ((le16toh(reply->IOCStatus) & MPI2_IOCSTATUS_MASK) != 3527 MPI2_IOCSTATUS_SUCCESS) 3528 mpr_dprint(sc, MPR_FAULT, "Portenable failed\n"); 3529 3530 mpr_free_command(sc, cm); 3531 /* 3532 * Done waiting for port enable to complete. Decrement the refcount. 3533 * If refcount is 0, discovery is complete and a rescan of the bus can 3534 * take place. 3535 */ 3536 sc->wait_for_port_enable = 0; 3537 sc->port_enable_complete = 1; 3538 wakeup(&sc->port_enable_complete); 3539 mprsas_startup_decrement(sassc); 3540} 3541 3542int 3543mprsas_check_id(struct mprsas_softc *sassc, int id) 3544{ 3545 struct mpr_softc *sc = sassc->sc; 3546 char *ids; 3547 char *name; 3548 3549 ids = &sc->exclude_ids[0]; 3550 while((name = strsep(&ids, ",")) != NULL) { 3551 if (name[0] == '\0') 3552 continue; 3553 if (strtol(name, NULL, 0) == (long)id) 3554 return (1); 3555 } 3556 3557 return (0); 3558} 3559 3560void 3561mprsas_realloc_targets(struct mpr_softc *sc, int maxtargets) 3562{ 3563 struct mprsas_softc *sassc; 3564 struct mprsas_lun *lun, *lun_tmp; 3565 struct mprsas_target *targ; 3566 int i; 3567 3568 sassc = sc->sassc; 3569 /* 3570 * The number of targets is based on IOC Facts, so free all of 3571 * the allocated LUNs for each target and then the target buffer 3572 * itself. 3573 */ 3574 for (i=0; i< maxtargets; i++) { 3575 targ = &sassc->targets[i]; 3576 SLIST_FOREACH_SAFE(lun, &targ->luns, lun_link, lun_tmp) { 3577 free(lun, M_MPR); 3578 } 3579 } 3580 free(sassc->targets, M_MPR); 3581 3582 sassc->targets = malloc(sizeof(struct mprsas_target) * maxtargets, 3583 M_MPR, M_WAITOK|M_ZERO); 3584} 3585