1 /* 2 * CXL Flash Device Driver 3 * 4 * Written by: Manoj N. Kumar <manoj@linux.vnet.ibm.com>, IBM Corporation 5 * Matthew R. Ochs <mrochs@linux.vnet.ibm.com>, IBM Corporation 6 * 7 * Copyright (C) 2015 IBM Corporation 8 * 9 * This program is free software; you can redistribute it and/or 10 * modify it under the terms of the GNU General Public License 11 * as published by the Free Software Foundation; either version 12 * 2 of the License, or (at your option) any later version. 13 */ 14 15 #include <linux/delay.h> 16 #include <linux/file.h> 17 #include <linux/syscalls.h> 18 #include <misc/cxl.h> 19 #include <asm/unaligned.h> 20 21 #include <scsi/scsi.h> 22 #include <scsi/scsi_host.h> 23 #include <scsi/scsi_cmnd.h> 24 #include <scsi/scsi_eh.h> 25 #include <uapi/scsi/cxlflash_ioctl.h> 26 27 #include "sislite.h" 28 #include "common.h" 29 #include "vlun.h" 30 #include "superpipe.h" 31 32 struct cxlflash_global global; 33 34 /** 35 * marshal_rele_to_resize() - translate release to resize structure 36 * @rele: Source structure from which to translate/copy. 37 * @resize: Destination structure for the translate/copy. 38 */ 39 static void marshal_rele_to_resize(struct dk_cxlflash_release *release, 40 struct dk_cxlflash_resize *resize) 41 { 42 resize->hdr = release->hdr; 43 resize->context_id = release->context_id; 44 resize->rsrc_handle = release->rsrc_handle; 45 } 46 47 /** 48 * marshal_det_to_rele() - translate detach to release structure 49 * @detach: Destination structure for the translate/copy. 50 * @rele: Source structure from which to translate/copy. 51 */ 52 static void marshal_det_to_rele(struct dk_cxlflash_detach *detach, 53 struct dk_cxlflash_release *release) 54 { 55 release->hdr = detach->hdr; 56 release->context_id = detach->context_id; 57 } 58 59 /** 60 * marshal_udir_to_rele() - translate udirect to release structure 61 * @udirect: Source structure from which to translate/copy. 62 * @release: Destination structure for the translate/copy. 63 */ 64 static void marshal_udir_to_rele(struct dk_cxlflash_udirect *udirect, 65 struct dk_cxlflash_release *release) 66 { 67 release->hdr = udirect->hdr; 68 release->context_id = udirect->context_id; 69 release->rsrc_handle = udirect->rsrc_handle; 70 } 71 72 /** 73 * cxlflash_free_errpage() - frees resources associated with global error page 74 */ 75 void cxlflash_free_errpage(void) 76 { 77 78 mutex_lock(&global.mutex); 79 if (global.err_page) { 80 __free_page(global.err_page); 81 global.err_page = NULL; 82 } 83 mutex_unlock(&global.mutex); 84 } 85 86 /** 87 * cxlflash_stop_term_user_contexts() - stops/terminates known user contexts 88 * @cfg: Internal structure associated with the host. 89 * 90 * When the host needs to go down, all users must be quiesced and their 91 * memory freed. This is accomplished by putting the contexts in error 92 * state which will notify the user and let them 'drive' the tear down. 93 * Meanwhile, this routine camps until all user contexts have been removed. 94 * 95 * Note that the main loop in this routine will always execute at least once 96 * to flush the reset_waitq. 97 */ 98 void cxlflash_stop_term_user_contexts(struct cxlflash_cfg *cfg) 99 { 100 struct device *dev = &cfg->dev->dev; 101 int i, found = true; 102 103 cxlflash_mark_contexts_error(cfg); 104 105 while (true) { 106 for (i = 0; i < MAX_CONTEXT; i++) 107 if (cfg->ctx_tbl[i]) { 108 found = true; 109 break; 110 } 111 112 if (!found && list_empty(&cfg->ctx_err_recovery)) 113 return; 114 115 dev_dbg(dev, "%s: Wait for user contexts to quiesce...\n", 116 __func__); 117 wake_up_all(&cfg->reset_waitq); 118 ssleep(1); 119 found = false; 120 } 121 } 122 123 /** 124 * find_error_context() - locates a context by cookie on the error recovery list 125 * @cfg: Internal structure associated with the host. 126 * @rctxid: Desired context by id. 127 * @file: Desired context by file. 128 * 129 * Return: Found context on success, NULL on failure 130 */ 131 static struct ctx_info *find_error_context(struct cxlflash_cfg *cfg, u64 rctxid, 132 struct file *file) 133 { 134 struct ctx_info *ctxi; 135 136 list_for_each_entry(ctxi, &cfg->ctx_err_recovery, list) 137 if ((ctxi->ctxid == rctxid) || (ctxi->file == file)) 138 return ctxi; 139 140 return NULL; 141 } 142 143 /** 144 * get_context() - obtains a validated and locked context reference 145 * @cfg: Internal structure associated with the host. 146 * @rctxid: Desired context (raw, un-decoded format). 147 * @arg: LUN information or file associated with request. 148 * @ctx_ctrl: Control information to 'steer' desired lookup. 149 * 150 * NOTE: despite the name pid, in linux, current->pid actually refers 151 * to the lightweight process id (tid) and can change if the process is 152 * multi threaded. The tgid remains constant for the process and only changes 153 * when the process of fork. For all intents and purposes, think of tgid 154 * as a pid in the traditional sense. 155 * 156 * Return: Validated context on success, NULL on failure 157 */ 158 struct ctx_info *get_context(struct cxlflash_cfg *cfg, u64 rctxid, 159 void *arg, enum ctx_ctrl ctx_ctrl) 160 { 161 struct device *dev = &cfg->dev->dev; 162 struct ctx_info *ctxi = NULL; 163 struct lun_access *lun_access = NULL; 164 struct file *file = NULL; 165 struct llun_info *lli = arg; 166 u64 ctxid = DECODE_CTXID(rctxid); 167 int rc; 168 pid_t pid = task_tgid_nr(current), ctxpid = 0; 169 170 if (ctx_ctrl & CTX_CTRL_FILE) { 171 lli = NULL; 172 file = (struct file *)arg; 173 } 174 175 if (ctx_ctrl & CTX_CTRL_CLONE) 176 pid = task_ppid_nr(current); 177 178 if (likely(ctxid < MAX_CONTEXT)) { 179 while (true) { 180 mutex_lock(&cfg->ctx_tbl_list_mutex); 181 ctxi = cfg->ctx_tbl[ctxid]; 182 if (ctxi) 183 if ((file && (ctxi->file != file)) || 184 (!file && (ctxi->ctxid != rctxid))) 185 ctxi = NULL; 186 187 if ((ctx_ctrl & CTX_CTRL_ERR) || 188 (!ctxi && (ctx_ctrl & CTX_CTRL_ERR_FALLBACK))) 189 ctxi = find_error_context(cfg, rctxid, file); 190 if (!ctxi) { 191 mutex_unlock(&cfg->ctx_tbl_list_mutex); 192 goto out; 193 } 194 195 /* 196 * Need to acquire ownership of the context while still 197 * under the table/list lock to serialize with a remove 198 * thread. Use the 'try' to avoid stalling the 199 * table/list lock for a single context. 200 * 201 * Note that the lock order is: 202 * 203 * cfg->ctx_tbl_list_mutex -> ctxi->mutex 204 * 205 * Therefore release ctx_tbl_list_mutex before retrying. 206 */ 207 rc = mutex_trylock(&ctxi->mutex); 208 mutex_unlock(&cfg->ctx_tbl_list_mutex); 209 if (rc) 210 break; /* got the context's lock! */ 211 } 212 213 if (ctxi->unavail) 214 goto denied; 215 216 ctxpid = ctxi->pid; 217 if (likely(!(ctx_ctrl & CTX_CTRL_NOPID))) 218 if (pid != ctxpid) 219 goto denied; 220 221 if (lli) { 222 list_for_each_entry(lun_access, &ctxi->luns, list) 223 if (lun_access->lli == lli) 224 goto out; 225 goto denied; 226 } 227 } 228 229 out: 230 dev_dbg(dev, "%s: rctxid=%016llx ctxinfo=%p ctxpid=%u pid=%u " 231 "ctx_ctrl=%u\n", __func__, rctxid, ctxi, ctxpid, pid, 232 ctx_ctrl); 233 234 return ctxi; 235 236 denied: 237 mutex_unlock(&ctxi->mutex); 238 ctxi = NULL; 239 goto out; 240 } 241 242 /** 243 * put_context() - release a context that was retrieved from get_context() 244 * @ctxi: Context to release. 245 * 246 * For now, releasing the context equates to unlocking it's mutex. 247 */ 248 void put_context(struct ctx_info *ctxi) 249 { 250 mutex_unlock(&ctxi->mutex); 251 } 252 253 /** 254 * afu_attach() - attach a context to the AFU 255 * @cfg: Internal structure associated with the host. 256 * @ctxi: Context to attach. 257 * 258 * Upon setting the context capabilities, they must be confirmed with 259 * a read back operation as the context might have been closed since 260 * the mailbox was unlocked. When this occurs, registration is failed. 261 * 262 * Return: 0 on success, -errno on failure 263 */ 264 static int afu_attach(struct cxlflash_cfg *cfg, struct ctx_info *ctxi) 265 { 266 struct device *dev = &cfg->dev->dev; 267 struct afu *afu = cfg->afu; 268 struct sisl_ctrl_map __iomem *ctrl_map = ctxi->ctrl_map; 269 int rc = 0; 270 struct hwq *hwq = get_hwq(afu, PRIMARY_HWQ); 271 u64 val; 272 273 /* Unlock cap and restrict user to read/write cmds in translated mode */ 274 readq_be(&ctrl_map->mbox_r); 275 val = (SISL_CTX_CAP_READ_CMD | SISL_CTX_CAP_WRITE_CMD); 276 writeq_be(val, &ctrl_map->ctx_cap); 277 val = readq_be(&ctrl_map->ctx_cap); 278 if (val != (SISL_CTX_CAP_READ_CMD | SISL_CTX_CAP_WRITE_CMD)) { 279 dev_err(dev, "%s: ctx may be closed val=%016llx\n", 280 __func__, val); 281 rc = -EAGAIN; 282 goto out; 283 } 284 285 /* Set up MMIO registers pointing to the RHT */ 286 writeq_be((u64)ctxi->rht_start, &ctrl_map->rht_start); 287 val = SISL_RHT_CNT_ID((u64)MAX_RHT_PER_CONTEXT, (u64)(hwq->ctx_hndl)); 288 writeq_be(val, &ctrl_map->rht_cnt_id); 289 out: 290 dev_dbg(dev, "%s: returning rc=%d\n", __func__, rc); 291 return rc; 292 } 293 294 /** 295 * read_cap16() - issues a SCSI READ_CAP16 command 296 * @sdev: SCSI device associated with LUN. 297 * @lli: LUN destined for capacity request. 298 * 299 * The READ_CAP16 can take quite a while to complete. Should an EEH occur while 300 * in scsi_execute(), the EEH handler will attempt to recover. As part of the 301 * recovery, the handler drains all currently running ioctls, waiting until they 302 * have completed before proceeding with a reset. As this routine is used on the 303 * ioctl path, this can create a condition where the EEH handler becomes stuck, 304 * infinitely waiting for this ioctl thread. To avoid this behavior, temporarily 305 * unmark this thread as an ioctl thread by releasing the ioctl read semaphore. 306 * This will allow the EEH handler to proceed with a recovery while this thread 307 * is still running. Once the scsi_execute() returns, reacquire the ioctl read 308 * semaphore and check the adapter state in case it changed while inside of 309 * scsi_execute(). The state check will wait if the adapter is still being 310 * recovered or return a failure if the recovery failed. In the event that the 311 * adapter reset failed, simply return the failure as the ioctl would be unable 312 * to continue. 313 * 314 * Note that the above puts a requirement on this routine to only be called on 315 * an ioctl thread. 316 * 317 * Return: 0 on success, -errno on failure 318 */ 319 static int read_cap16(struct scsi_device *sdev, struct llun_info *lli) 320 { 321 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 322 struct device *dev = &cfg->dev->dev; 323 struct glun_info *gli = lli->parent; 324 struct scsi_sense_hdr sshdr; 325 u8 *cmd_buf = NULL; 326 u8 *scsi_cmd = NULL; 327 u8 *sense_buf = NULL; 328 int rc = 0; 329 int result = 0; 330 int retry_cnt = 0; 331 u32 to = CMD_TIMEOUT * HZ; 332 333 retry: 334 cmd_buf = kzalloc(CMD_BUFSIZE, GFP_KERNEL); 335 scsi_cmd = kzalloc(MAX_COMMAND_SIZE, GFP_KERNEL); 336 sense_buf = kzalloc(SCSI_SENSE_BUFFERSIZE, GFP_KERNEL); 337 if (unlikely(!cmd_buf || !scsi_cmd || !sense_buf)) { 338 rc = -ENOMEM; 339 goto out; 340 } 341 342 scsi_cmd[0] = SERVICE_ACTION_IN_16; /* read cap(16) */ 343 scsi_cmd[1] = SAI_READ_CAPACITY_16; /* service action */ 344 put_unaligned_be32(CMD_BUFSIZE, &scsi_cmd[10]); 345 346 dev_dbg(dev, "%s: %ssending cmd(%02x)\n", __func__, 347 retry_cnt ? "re" : "", scsi_cmd[0]); 348 349 /* Drop the ioctl read semahpore across lengthy call */ 350 up_read(&cfg->ioctl_rwsem); 351 result = scsi_execute(sdev, scsi_cmd, DMA_FROM_DEVICE, cmd_buf, 352 CMD_BUFSIZE, sense_buf, &sshdr, to, CMD_RETRIES, 353 0, 0, NULL); 354 down_read(&cfg->ioctl_rwsem); 355 rc = check_state(cfg); 356 if (rc) { 357 dev_err(dev, "%s: Failed state result=%08x\n", 358 __func__, result); 359 rc = -ENODEV; 360 goto out; 361 } 362 363 if (driver_byte(result) == DRIVER_SENSE) { 364 result &= ~(0xFF<<24); /* DRIVER_SENSE is not an error */ 365 if (result & SAM_STAT_CHECK_CONDITION) { 366 switch (sshdr.sense_key) { 367 case NO_SENSE: 368 case RECOVERED_ERROR: 369 /* fall through */ 370 case NOT_READY: 371 result &= ~SAM_STAT_CHECK_CONDITION; 372 break; 373 case UNIT_ATTENTION: 374 switch (sshdr.asc) { 375 case 0x29: /* Power on Reset or Device Reset */ 376 /* fall through */ 377 case 0x2A: /* Device capacity changed */ 378 case 0x3F: /* Report LUNs changed */ 379 /* Retry the command once more */ 380 if (retry_cnt++ < 1) { 381 kfree(cmd_buf); 382 kfree(scsi_cmd); 383 kfree(sense_buf); 384 goto retry; 385 } 386 } 387 break; 388 default: 389 break; 390 } 391 } 392 } 393 394 if (result) { 395 dev_err(dev, "%s: command failed, result=%08x\n", 396 __func__, result); 397 rc = -EIO; 398 goto out; 399 } 400 401 /* 402 * Read cap was successful, grab values from the buffer; 403 * note that we don't need to worry about unaligned access 404 * as the buffer is allocated on an aligned boundary. 405 */ 406 mutex_lock(&gli->mutex); 407 gli->max_lba = be64_to_cpu(*((__be64 *)&cmd_buf[0])); 408 gli->blk_len = be32_to_cpu(*((__be32 *)&cmd_buf[8])); 409 mutex_unlock(&gli->mutex); 410 411 out: 412 kfree(cmd_buf); 413 kfree(scsi_cmd); 414 kfree(sense_buf); 415 416 dev_dbg(dev, "%s: maxlba=%lld blklen=%d rc=%d\n", 417 __func__, gli->max_lba, gli->blk_len, rc); 418 return rc; 419 } 420 421 /** 422 * get_rhte() - obtains validated resource handle table entry reference 423 * @ctxi: Context owning the resource handle. 424 * @rhndl: Resource handle associated with entry. 425 * @lli: LUN associated with request. 426 * 427 * Return: Validated RHTE on success, NULL on failure 428 */ 429 struct sisl_rht_entry *get_rhte(struct ctx_info *ctxi, res_hndl_t rhndl, 430 struct llun_info *lli) 431 { 432 struct cxlflash_cfg *cfg = ctxi->cfg; 433 struct device *dev = &cfg->dev->dev; 434 struct sisl_rht_entry *rhte = NULL; 435 436 if (unlikely(!ctxi->rht_start)) { 437 dev_dbg(dev, "%s: Context does not have allocated RHT\n", 438 __func__); 439 goto out; 440 } 441 442 if (unlikely(rhndl >= MAX_RHT_PER_CONTEXT)) { 443 dev_dbg(dev, "%s: Bad resource handle rhndl=%d\n", 444 __func__, rhndl); 445 goto out; 446 } 447 448 if (unlikely(ctxi->rht_lun[rhndl] != lli)) { 449 dev_dbg(dev, "%s: Bad resource handle LUN rhndl=%d\n", 450 __func__, rhndl); 451 goto out; 452 } 453 454 rhte = &ctxi->rht_start[rhndl]; 455 if (unlikely(rhte->nmask == 0)) { 456 dev_dbg(dev, "%s: Unopened resource handle rhndl=%d\n", 457 __func__, rhndl); 458 rhte = NULL; 459 goto out; 460 } 461 462 out: 463 return rhte; 464 } 465 466 /** 467 * rhte_checkout() - obtains free/empty resource handle table entry 468 * @ctxi: Context owning the resource handle. 469 * @lli: LUN associated with request. 470 * 471 * Return: Free RHTE on success, NULL on failure 472 */ 473 struct sisl_rht_entry *rhte_checkout(struct ctx_info *ctxi, 474 struct llun_info *lli) 475 { 476 struct cxlflash_cfg *cfg = ctxi->cfg; 477 struct device *dev = &cfg->dev->dev; 478 struct sisl_rht_entry *rhte = NULL; 479 int i; 480 481 /* Find a free RHT entry */ 482 for (i = 0; i < MAX_RHT_PER_CONTEXT; i++) 483 if (ctxi->rht_start[i].nmask == 0) { 484 rhte = &ctxi->rht_start[i]; 485 ctxi->rht_out++; 486 break; 487 } 488 489 if (likely(rhte)) 490 ctxi->rht_lun[i] = lli; 491 492 dev_dbg(dev, "%s: returning rhte=%p index=%d\n", __func__, rhte, i); 493 return rhte; 494 } 495 496 /** 497 * rhte_checkin() - releases a resource handle table entry 498 * @ctxi: Context owning the resource handle. 499 * @rhte: RHTE to release. 500 */ 501 void rhte_checkin(struct ctx_info *ctxi, 502 struct sisl_rht_entry *rhte) 503 { 504 u32 rsrc_handle = rhte - ctxi->rht_start; 505 506 rhte->nmask = 0; 507 rhte->fp = 0; 508 ctxi->rht_out--; 509 ctxi->rht_lun[rsrc_handle] = NULL; 510 ctxi->rht_needs_ws[rsrc_handle] = false; 511 } 512 513 /** 514 * rhte_format1() - populates a RHTE for format 1 515 * @rhte: RHTE to populate. 516 * @lun_id: LUN ID of LUN associated with RHTE. 517 * @perm: Desired permissions for RHTE. 518 * @port_sel: Port selection mask 519 */ 520 static void rht_format1(struct sisl_rht_entry *rhte, u64 lun_id, u32 perm, 521 u32 port_sel) 522 { 523 /* 524 * Populate the Format 1 RHT entry for direct access (physical 525 * LUN) using the synchronization sequence defined in the 526 * SISLite specification. 527 */ 528 struct sisl_rht_entry_f1 dummy = { 0 }; 529 struct sisl_rht_entry_f1 *rhte_f1 = (struct sisl_rht_entry_f1 *)rhte; 530 531 memset(rhte_f1, 0, sizeof(*rhte_f1)); 532 rhte_f1->fp = SISL_RHT_FP(1U, 0); 533 dma_wmb(); /* Make setting of format bit visible */ 534 535 rhte_f1->lun_id = lun_id; 536 dma_wmb(); /* Make setting of LUN id visible */ 537 538 /* 539 * Use a dummy RHT Format 1 entry to build the second dword 540 * of the entry that must be populated in a single write when 541 * enabled (valid bit set to TRUE). 542 */ 543 dummy.valid = 0x80; 544 dummy.fp = SISL_RHT_FP(1U, perm); 545 dummy.port_sel = port_sel; 546 rhte_f1->dw = dummy.dw; 547 548 dma_wmb(); /* Make remaining RHT entry fields visible */ 549 } 550 551 /** 552 * cxlflash_lun_attach() - attaches a user to a LUN and manages the LUN's mode 553 * @gli: LUN to attach. 554 * @mode: Desired mode of the LUN. 555 * @locked: Mutex status on current thread. 556 * 557 * Return: 0 on success, -errno on failure 558 */ 559 int cxlflash_lun_attach(struct glun_info *gli, enum lun_mode mode, bool locked) 560 { 561 int rc = 0; 562 563 if (!locked) 564 mutex_lock(&gli->mutex); 565 566 if (gli->mode == MODE_NONE) 567 gli->mode = mode; 568 else if (gli->mode != mode) { 569 pr_debug("%s: gli_mode=%d requested_mode=%d\n", 570 __func__, gli->mode, mode); 571 rc = -EINVAL; 572 goto out; 573 } 574 575 gli->users++; 576 WARN_ON(gli->users <= 0); 577 out: 578 pr_debug("%s: Returning rc=%d gli->mode=%u gli->users=%u\n", 579 __func__, rc, gli->mode, gli->users); 580 if (!locked) 581 mutex_unlock(&gli->mutex); 582 return rc; 583 } 584 585 /** 586 * cxlflash_lun_detach() - detaches a user from a LUN and resets the LUN's mode 587 * @gli: LUN to detach. 588 * 589 * When resetting the mode, terminate block allocation resources as they 590 * are no longer required (service is safe to call even when block allocation 591 * resources were not present - such as when transitioning from physical mode). 592 * These resources will be reallocated when needed (subsequent transition to 593 * virtual mode). 594 */ 595 void cxlflash_lun_detach(struct glun_info *gli) 596 { 597 mutex_lock(&gli->mutex); 598 WARN_ON(gli->mode == MODE_NONE); 599 if (--gli->users == 0) { 600 gli->mode = MODE_NONE; 601 cxlflash_ba_terminate(&gli->blka.ba_lun); 602 } 603 pr_debug("%s: gli->users=%u\n", __func__, gli->users); 604 WARN_ON(gli->users < 0); 605 mutex_unlock(&gli->mutex); 606 } 607 608 /** 609 * _cxlflash_disk_release() - releases the specified resource entry 610 * @sdev: SCSI device associated with LUN. 611 * @ctxi: Context owning resources. 612 * @release: Release ioctl data structure. 613 * 614 * For LUNs in virtual mode, the virtual LUN associated with the specified 615 * resource handle is resized to 0 prior to releasing the RHTE. Note that the 616 * AFU sync should _not_ be performed when the context is sitting on the error 617 * recovery list. A context on the error recovery list is not known to the AFU 618 * due to reset. When the context is recovered, it will be reattached and made 619 * known again to the AFU. 620 * 621 * Return: 0 on success, -errno on failure 622 */ 623 int _cxlflash_disk_release(struct scsi_device *sdev, 624 struct ctx_info *ctxi, 625 struct dk_cxlflash_release *release) 626 { 627 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 628 struct device *dev = &cfg->dev->dev; 629 struct llun_info *lli = sdev->hostdata; 630 struct glun_info *gli = lli->parent; 631 struct afu *afu = cfg->afu; 632 bool put_ctx = false; 633 634 struct dk_cxlflash_resize size; 635 res_hndl_t rhndl = release->rsrc_handle; 636 637 int rc = 0; 638 int rcr = 0; 639 u64 ctxid = DECODE_CTXID(release->context_id), 640 rctxid = release->context_id; 641 642 struct sisl_rht_entry *rhte; 643 struct sisl_rht_entry_f1 *rhte_f1; 644 645 dev_dbg(dev, "%s: ctxid=%llu rhndl=%llu gli->mode=%u gli->users=%u\n", 646 __func__, ctxid, release->rsrc_handle, gli->mode, gli->users); 647 648 if (!ctxi) { 649 ctxi = get_context(cfg, rctxid, lli, CTX_CTRL_ERR_FALLBACK); 650 if (unlikely(!ctxi)) { 651 dev_dbg(dev, "%s: Bad context ctxid=%llu\n", 652 __func__, ctxid); 653 rc = -EINVAL; 654 goto out; 655 } 656 657 put_ctx = true; 658 } 659 660 rhte = get_rhte(ctxi, rhndl, lli); 661 if (unlikely(!rhte)) { 662 dev_dbg(dev, "%s: Bad resource handle rhndl=%d\n", 663 __func__, rhndl); 664 rc = -EINVAL; 665 goto out; 666 } 667 668 /* 669 * Resize to 0 for virtual LUNS by setting the size 670 * to 0. This will clear LXT_START and LXT_CNT fields 671 * in the RHT entry and properly sync with the AFU. 672 * 673 * Afterwards we clear the remaining fields. 674 */ 675 switch (gli->mode) { 676 case MODE_VIRTUAL: 677 marshal_rele_to_resize(release, &size); 678 size.req_size = 0; 679 rc = _cxlflash_vlun_resize(sdev, ctxi, &size); 680 if (rc) { 681 dev_dbg(dev, "%s: resize failed rc %d\n", __func__, rc); 682 goto out; 683 } 684 685 break; 686 case MODE_PHYSICAL: 687 /* 688 * Clear the Format 1 RHT entry for direct access 689 * (physical LUN) using the synchronization sequence 690 * defined in the SISLite specification. 691 */ 692 rhte_f1 = (struct sisl_rht_entry_f1 *)rhte; 693 694 rhte_f1->valid = 0; 695 dma_wmb(); /* Make revocation of RHT entry visible */ 696 697 rhte_f1->lun_id = 0; 698 dma_wmb(); /* Make clearing of LUN id visible */ 699 700 rhte_f1->dw = 0; 701 dma_wmb(); /* Make RHT entry bottom-half clearing visible */ 702 703 if (!ctxi->err_recovery_active) { 704 rcr = cxlflash_afu_sync(afu, ctxid, rhndl, AFU_HW_SYNC); 705 if (unlikely(rcr)) 706 dev_dbg(dev, "%s: AFU sync failed rc=%d\n", 707 __func__, rcr); 708 } 709 break; 710 default: 711 WARN(1, "Unsupported LUN mode!"); 712 goto out; 713 } 714 715 rhte_checkin(ctxi, rhte); 716 cxlflash_lun_detach(gli); 717 718 out: 719 if (put_ctx) 720 put_context(ctxi); 721 dev_dbg(dev, "%s: returning rc=%d\n", __func__, rc); 722 return rc; 723 } 724 725 int cxlflash_disk_release(struct scsi_device *sdev, 726 struct dk_cxlflash_release *release) 727 { 728 return _cxlflash_disk_release(sdev, NULL, release); 729 } 730 731 /** 732 * destroy_context() - releases a context 733 * @cfg: Internal structure associated with the host. 734 * @ctxi: Context to release. 735 * 736 * This routine is safe to be called with a a non-initialized context. 737 * Also note that the routine conditionally checks for the existence 738 * of the context control map before clearing the RHT registers and 739 * context capabilities because it is possible to destroy a context 740 * while the context is in the error state (previous mapping was 741 * removed [so there is no need to worry about clearing] and context 742 * is waiting for a new mapping). 743 */ 744 static void destroy_context(struct cxlflash_cfg *cfg, 745 struct ctx_info *ctxi) 746 { 747 struct afu *afu = cfg->afu; 748 749 if (ctxi->initialized) { 750 WARN_ON(!list_empty(&ctxi->luns)); 751 752 /* Clear RHT registers and drop all capabilities for context */ 753 if (afu->afu_map && ctxi->ctrl_map) { 754 writeq_be(0, &ctxi->ctrl_map->rht_start); 755 writeq_be(0, &ctxi->ctrl_map->rht_cnt_id); 756 writeq_be(0, &ctxi->ctrl_map->ctx_cap); 757 } 758 } 759 760 /* Free memory associated with context */ 761 free_page((ulong)ctxi->rht_start); 762 kfree(ctxi->rht_needs_ws); 763 kfree(ctxi->rht_lun); 764 kfree(ctxi); 765 } 766 767 /** 768 * create_context() - allocates and initializes a context 769 * @cfg: Internal structure associated with the host. 770 * 771 * Return: Allocated context on success, NULL on failure 772 */ 773 static struct ctx_info *create_context(struct cxlflash_cfg *cfg) 774 { 775 struct device *dev = &cfg->dev->dev; 776 struct ctx_info *ctxi = NULL; 777 struct llun_info **lli = NULL; 778 u8 *ws = NULL; 779 struct sisl_rht_entry *rhte; 780 781 ctxi = kzalloc(sizeof(*ctxi), GFP_KERNEL); 782 lli = kzalloc((MAX_RHT_PER_CONTEXT * sizeof(*lli)), GFP_KERNEL); 783 ws = kzalloc((MAX_RHT_PER_CONTEXT * sizeof(*ws)), GFP_KERNEL); 784 if (unlikely(!ctxi || !lli || !ws)) { 785 dev_err(dev, "%s: Unable to allocate context\n", __func__); 786 goto err; 787 } 788 789 rhte = (struct sisl_rht_entry *)get_zeroed_page(GFP_KERNEL); 790 if (unlikely(!rhte)) { 791 dev_err(dev, "%s: Unable to allocate RHT\n", __func__); 792 goto err; 793 } 794 795 ctxi->rht_lun = lli; 796 ctxi->rht_needs_ws = ws; 797 ctxi->rht_start = rhte; 798 out: 799 return ctxi; 800 801 err: 802 kfree(ws); 803 kfree(lli); 804 kfree(ctxi); 805 ctxi = NULL; 806 goto out; 807 } 808 809 /** 810 * init_context() - initializes a previously allocated context 811 * @ctxi: Previously allocated context 812 * @cfg: Internal structure associated with the host. 813 * @ctx: Previously obtained CXL context reference. 814 * @ctxid: Previously obtained process element associated with CXL context. 815 * @file: Previously obtained file associated with CXL context. 816 * @perms: User-specified permissions. 817 */ 818 static void init_context(struct ctx_info *ctxi, struct cxlflash_cfg *cfg, 819 struct cxl_context *ctx, int ctxid, struct file *file, 820 u32 perms) 821 { 822 struct afu *afu = cfg->afu; 823 824 ctxi->rht_perms = perms; 825 ctxi->ctrl_map = &afu->afu_map->ctrls[ctxid].ctrl; 826 ctxi->ctxid = ENCODE_CTXID(ctxi, ctxid); 827 ctxi->pid = task_tgid_nr(current); /* tgid = pid */ 828 ctxi->ctx = ctx; 829 ctxi->cfg = cfg; 830 ctxi->file = file; 831 ctxi->initialized = true; 832 mutex_init(&ctxi->mutex); 833 kref_init(&ctxi->kref); 834 INIT_LIST_HEAD(&ctxi->luns); 835 INIT_LIST_HEAD(&ctxi->list); /* initialize for list_empty() */ 836 } 837 838 /** 839 * remove_context() - context kref release handler 840 * @kref: Kernel reference associated with context to be removed. 841 * 842 * When a context no longer has any references it can safely be removed 843 * from global access and destroyed. Note that it is assumed the thread 844 * relinquishing access to the context holds its mutex. 845 */ 846 static void remove_context(struct kref *kref) 847 { 848 struct ctx_info *ctxi = container_of(kref, struct ctx_info, kref); 849 struct cxlflash_cfg *cfg = ctxi->cfg; 850 u64 ctxid = DECODE_CTXID(ctxi->ctxid); 851 852 /* Remove context from table/error list */ 853 WARN_ON(!mutex_is_locked(&ctxi->mutex)); 854 ctxi->unavail = true; 855 mutex_unlock(&ctxi->mutex); 856 mutex_lock(&cfg->ctx_tbl_list_mutex); 857 mutex_lock(&ctxi->mutex); 858 859 if (!list_empty(&ctxi->list)) 860 list_del(&ctxi->list); 861 cfg->ctx_tbl[ctxid] = NULL; 862 mutex_unlock(&cfg->ctx_tbl_list_mutex); 863 mutex_unlock(&ctxi->mutex); 864 865 /* Context now completely uncoupled/unreachable */ 866 destroy_context(cfg, ctxi); 867 } 868 869 /** 870 * _cxlflash_disk_detach() - detaches a LUN from a context 871 * @sdev: SCSI device associated with LUN. 872 * @ctxi: Context owning resources. 873 * @detach: Detach ioctl data structure. 874 * 875 * As part of the detach, all per-context resources associated with the LUN 876 * are cleaned up. When detaching the last LUN for a context, the context 877 * itself is cleaned up and released. 878 * 879 * Return: 0 on success, -errno on failure 880 */ 881 static int _cxlflash_disk_detach(struct scsi_device *sdev, 882 struct ctx_info *ctxi, 883 struct dk_cxlflash_detach *detach) 884 { 885 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 886 struct device *dev = &cfg->dev->dev; 887 struct llun_info *lli = sdev->hostdata; 888 struct lun_access *lun_access, *t; 889 struct dk_cxlflash_release rel; 890 bool put_ctx = false; 891 892 int i; 893 int rc = 0; 894 u64 ctxid = DECODE_CTXID(detach->context_id), 895 rctxid = detach->context_id; 896 897 dev_dbg(dev, "%s: ctxid=%llu\n", __func__, ctxid); 898 899 if (!ctxi) { 900 ctxi = get_context(cfg, rctxid, lli, CTX_CTRL_ERR_FALLBACK); 901 if (unlikely(!ctxi)) { 902 dev_dbg(dev, "%s: Bad context ctxid=%llu\n", 903 __func__, ctxid); 904 rc = -EINVAL; 905 goto out; 906 } 907 908 put_ctx = true; 909 } 910 911 /* Cleanup outstanding resources tied to this LUN */ 912 if (ctxi->rht_out) { 913 marshal_det_to_rele(detach, &rel); 914 for (i = 0; i < MAX_RHT_PER_CONTEXT; i++) { 915 if (ctxi->rht_lun[i] == lli) { 916 rel.rsrc_handle = i; 917 _cxlflash_disk_release(sdev, ctxi, &rel); 918 } 919 920 /* No need to loop further if we're done */ 921 if (ctxi->rht_out == 0) 922 break; 923 } 924 } 925 926 /* Take our LUN out of context, free the node */ 927 list_for_each_entry_safe(lun_access, t, &ctxi->luns, list) 928 if (lun_access->lli == lli) { 929 list_del(&lun_access->list); 930 kfree(lun_access); 931 lun_access = NULL; 932 break; 933 } 934 935 /* 936 * Release the context reference and the sdev reference that 937 * bound this LUN to the context. 938 */ 939 if (kref_put(&ctxi->kref, remove_context)) 940 put_ctx = false; 941 scsi_device_put(sdev); 942 out: 943 if (put_ctx) 944 put_context(ctxi); 945 dev_dbg(dev, "%s: returning rc=%d\n", __func__, rc); 946 return rc; 947 } 948 949 static int cxlflash_disk_detach(struct scsi_device *sdev, 950 struct dk_cxlflash_detach *detach) 951 { 952 return _cxlflash_disk_detach(sdev, NULL, detach); 953 } 954 955 /** 956 * cxlflash_cxl_release() - release handler for adapter file descriptor 957 * @inode: File-system inode associated with fd. 958 * @file: File installed with adapter file descriptor. 959 * 960 * This routine is the release handler for the fops registered with 961 * the CXL services on an initial attach for a context. It is called 962 * when a close (explicity by the user or as part of a process tear 963 * down) is performed on the adapter file descriptor returned to the 964 * user. The user should be aware that explicitly performing a close 965 * considered catastrophic and subsequent usage of the superpipe API 966 * with previously saved off tokens will fail. 967 * 968 * This routine derives the context reference and calls detach for 969 * each LUN associated with the context.The final detach operation 970 * causes the context itself to be freed. With exception to when the 971 * CXL process element (context id) lookup fails (a case that should 972 * theoretically never occur), every call into this routine results 973 * in a complete freeing of a context. 974 * 975 * Return: 0 on success 976 */ 977 static int cxlflash_cxl_release(struct inode *inode, struct file *file) 978 { 979 struct cxl_context *ctx = cxl_fops_get_context(file); 980 struct cxlflash_cfg *cfg = container_of(file->f_op, struct cxlflash_cfg, 981 cxl_fops); 982 struct device *dev = &cfg->dev->dev; 983 struct ctx_info *ctxi = NULL; 984 struct dk_cxlflash_detach detach = { { 0 }, 0 }; 985 struct lun_access *lun_access, *t; 986 enum ctx_ctrl ctrl = CTX_CTRL_ERR_FALLBACK | CTX_CTRL_FILE; 987 int ctxid; 988 989 ctxid = cxl_process_element(ctx); 990 if (unlikely(ctxid < 0)) { 991 dev_err(dev, "%s: Context %p was closed ctxid=%d\n", 992 __func__, ctx, ctxid); 993 goto out; 994 } 995 996 ctxi = get_context(cfg, ctxid, file, ctrl); 997 if (unlikely(!ctxi)) { 998 ctxi = get_context(cfg, ctxid, file, ctrl | CTX_CTRL_CLONE); 999 if (!ctxi) { 1000 dev_dbg(dev, "%s: ctxid=%d already free\n", 1001 __func__, ctxid); 1002 goto out_release; 1003 } 1004 1005 dev_dbg(dev, "%s: Another process owns ctxid=%d\n", 1006 __func__, ctxid); 1007 put_context(ctxi); 1008 goto out; 1009 } 1010 1011 dev_dbg(dev, "%s: close for ctxid=%d\n", __func__, ctxid); 1012 1013 detach.context_id = ctxi->ctxid; 1014 list_for_each_entry_safe(lun_access, t, &ctxi->luns, list) 1015 _cxlflash_disk_detach(lun_access->sdev, ctxi, &detach); 1016 out_release: 1017 cxl_fd_release(inode, file); 1018 out: 1019 dev_dbg(dev, "%s: returning\n", __func__); 1020 return 0; 1021 } 1022 1023 /** 1024 * unmap_context() - clears a previously established mapping 1025 * @ctxi: Context owning the mapping. 1026 * 1027 * This routine is used to switch between the error notification page 1028 * (dummy page of all 1's) and the real mapping (established by the CXL 1029 * fault handler). 1030 */ 1031 static void unmap_context(struct ctx_info *ctxi) 1032 { 1033 unmap_mapping_range(ctxi->file->f_mapping, 0, 0, 1); 1034 } 1035 1036 /** 1037 * get_err_page() - obtains and allocates the error notification page 1038 * @cfg: Internal structure associated with the host. 1039 * 1040 * Return: error notification page on success, NULL on failure 1041 */ 1042 static struct page *get_err_page(struct cxlflash_cfg *cfg) 1043 { 1044 struct page *err_page = global.err_page; 1045 struct device *dev = &cfg->dev->dev; 1046 1047 if (unlikely(!err_page)) { 1048 err_page = alloc_page(GFP_KERNEL); 1049 if (unlikely(!err_page)) { 1050 dev_err(dev, "%s: Unable to allocate err_page\n", 1051 __func__); 1052 goto out; 1053 } 1054 1055 memset(page_address(err_page), -1, PAGE_SIZE); 1056 1057 /* Serialize update w/ other threads to avoid a leak */ 1058 mutex_lock(&global.mutex); 1059 if (likely(!global.err_page)) 1060 global.err_page = err_page; 1061 else { 1062 __free_page(err_page); 1063 err_page = global.err_page; 1064 } 1065 mutex_unlock(&global.mutex); 1066 } 1067 1068 out: 1069 dev_dbg(dev, "%s: returning err_page=%p\n", __func__, err_page); 1070 return err_page; 1071 } 1072 1073 /** 1074 * cxlflash_mmap_fault() - mmap fault handler for adapter file descriptor 1075 * @vmf: VM fault associated with current fault. 1076 * 1077 * To support error notification via MMIO, faults are 'caught' by this routine 1078 * that was inserted before passing back the adapter file descriptor on attach. 1079 * When a fault occurs, this routine evaluates if error recovery is active and 1080 * if so, installs the error page to 'notify' the user about the error state. 1081 * During normal operation, the fault is simply handled by the original fault 1082 * handler that was installed by CXL services as part of initializing the 1083 * adapter file descriptor. The VMA's page protection bits are toggled to 1084 * indicate cached/not-cached depending on the memory backing the fault. 1085 * 1086 * Return: 0 on success, VM_FAULT_SIGBUS on failure 1087 */ 1088 static int cxlflash_mmap_fault(struct vm_fault *vmf) 1089 { 1090 struct vm_area_struct *vma = vmf->vma; 1091 struct file *file = vma->vm_file; 1092 struct cxl_context *ctx = cxl_fops_get_context(file); 1093 struct cxlflash_cfg *cfg = container_of(file->f_op, struct cxlflash_cfg, 1094 cxl_fops); 1095 struct device *dev = &cfg->dev->dev; 1096 struct ctx_info *ctxi = NULL; 1097 struct page *err_page = NULL; 1098 enum ctx_ctrl ctrl = CTX_CTRL_ERR_FALLBACK | CTX_CTRL_FILE; 1099 int rc = 0; 1100 int ctxid; 1101 1102 ctxid = cxl_process_element(ctx); 1103 if (unlikely(ctxid < 0)) { 1104 dev_err(dev, "%s: Context %p was closed ctxid=%d\n", 1105 __func__, ctx, ctxid); 1106 goto err; 1107 } 1108 1109 ctxi = get_context(cfg, ctxid, file, ctrl); 1110 if (unlikely(!ctxi)) { 1111 dev_dbg(dev, "%s: Bad context ctxid=%d\n", __func__, ctxid); 1112 goto err; 1113 } 1114 1115 dev_dbg(dev, "%s: fault for context %d\n", __func__, ctxid); 1116 1117 if (likely(!ctxi->err_recovery_active)) { 1118 vma->vm_page_prot = pgprot_noncached(vma->vm_page_prot); 1119 rc = ctxi->cxl_mmap_vmops->fault(vmf); 1120 } else { 1121 dev_dbg(dev, "%s: err recovery active, use err_page\n", 1122 __func__); 1123 1124 err_page = get_err_page(cfg); 1125 if (unlikely(!err_page)) { 1126 dev_err(dev, "%s: Could not get err_page\n", __func__); 1127 rc = VM_FAULT_RETRY; 1128 goto out; 1129 } 1130 1131 get_page(err_page); 1132 vmf->page = err_page; 1133 vma->vm_page_prot = pgprot_cached(vma->vm_page_prot); 1134 } 1135 1136 out: 1137 if (likely(ctxi)) 1138 put_context(ctxi); 1139 dev_dbg(dev, "%s: returning rc=%d\n", __func__, rc); 1140 return rc; 1141 1142 err: 1143 rc = VM_FAULT_SIGBUS; 1144 goto out; 1145 } 1146 1147 /* 1148 * Local MMAP vmops to 'catch' faults 1149 */ 1150 static const struct vm_operations_struct cxlflash_mmap_vmops = { 1151 .fault = cxlflash_mmap_fault, 1152 }; 1153 1154 /** 1155 * cxlflash_cxl_mmap() - mmap handler for adapter file descriptor 1156 * @file: File installed with adapter file descriptor. 1157 * @vma: VM area associated with mapping. 1158 * 1159 * Installs local mmap vmops to 'catch' faults for error notification support. 1160 * 1161 * Return: 0 on success, -errno on failure 1162 */ 1163 static int cxlflash_cxl_mmap(struct file *file, struct vm_area_struct *vma) 1164 { 1165 struct cxl_context *ctx = cxl_fops_get_context(file); 1166 struct cxlflash_cfg *cfg = container_of(file->f_op, struct cxlflash_cfg, 1167 cxl_fops); 1168 struct device *dev = &cfg->dev->dev; 1169 struct ctx_info *ctxi = NULL; 1170 enum ctx_ctrl ctrl = CTX_CTRL_ERR_FALLBACK | CTX_CTRL_FILE; 1171 int ctxid; 1172 int rc = 0; 1173 1174 ctxid = cxl_process_element(ctx); 1175 if (unlikely(ctxid < 0)) { 1176 dev_err(dev, "%s: Context %p was closed ctxid=%d\n", 1177 __func__, ctx, ctxid); 1178 rc = -EIO; 1179 goto out; 1180 } 1181 1182 ctxi = get_context(cfg, ctxid, file, ctrl); 1183 if (unlikely(!ctxi)) { 1184 dev_dbg(dev, "%s: Bad context ctxid=%d\n", __func__, ctxid); 1185 rc = -EIO; 1186 goto out; 1187 } 1188 1189 dev_dbg(dev, "%s: mmap for context %d\n", __func__, ctxid); 1190 1191 rc = cxl_fd_mmap(file, vma); 1192 if (likely(!rc)) { 1193 /* Insert ourself in the mmap fault handler path */ 1194 ctxi->cxl_mmap_vmops = vma->vm_ops; 1195 vma->vm_ops = &cxlflash_mmap_vmops; 1196 } 1197 1198 out: 1199 if (likely(ctxi)) 1200 put_context(ctxi); 1201 return rc; 1202 } 1203 1204 const struct file_operations cxlflash_cxl_fops = { 1205 .owner = THIS_MODULE, 1206 .mmap = cxlflash_cxl_mmap, 1207 .release = cxlflash_cxl_release, 1208 }; 1209 1210 /** 1211 * cxlflash_mark_contexts_error() - move contexts to error state and list 1212 * @cfg: Internal structure associated with the host. 1213 * 1214 * A context is only moved over to the error list when there are no outstanding 1215 * references to it. This ensures that a running operation has completed. 1216 * 1217 * Return: 0 on success, -errno on failure 1218 */ 1219 int cxlflash_mark_contexts_error(struct cxlflash_cfg *cfg) 1220 { 1221 int i, rc = 0; 1222 struct ctx_info *ctxi = NULL; 1223 1224 mutex_lock(&cfg->ctx_tbl_list_mutex); 1225 1226 for (i = 0; i < MAX_CONTEXT; i++) { 1227 ctxi = cfg->ctx_tbl[i]; 1228 if (ctxi) { 1229 mutex_lock(&ctxi->mutex); 1230 cfg->ctx_tbl[i] = NULL; 1231 list_add(&ctxi->list, &cfg->ctx_err_recovery); 1232 ctxi->err_recovery_active = true; 1233 ctxi->ctrl_map = NULL; 1234 unmap_context(ctxi); 1235 mutex_unlock(&ctxi->mutex); 1236 } 1237 } 1238 1239 mutex_unlock(&cfg->ctx_tbl_list_mutex); 1240 return rc; 1241 } 1242 1243 /* 1244 * Dummy NULL fops 1245 */ 1246 static const struct file_operations null_fops = { 1247 .owner = THIS_MODULE, 1248 }; 1249 1250 /** 1251 * check_state() - checks and responds to the current adapter state 1252 * @cfg: Internal structure associated with the host. 1253 * 1254 * This routine can block and should only be used on process context. 1255 * It assumes that the caller is an ioctl thread and holding the ioctl 1256 * read semaphore. This is temporarily let up across the wait to allow 1257 * for draining actively running ioctls. Also note that when waking up 1258 * from waiting in reset, the state is unknown and must be checked again 1259 * before proceeding. 1260 * 1261 * Return: 0 on success, -errno on failure 1262 */ 1263 int check_state(struct cxlflash_cfg *cfg) 1264 { 1265 struct device *dev = &cfg->dev->dev; 1266 int rc = 0; 1267 1268 retry: 1269 switch (cfg->state) { 1270 case STATE_RESET: 1271 dev_dbg(dev, "%s: Reset state, going to wait...\n", __func__); 1272 up_read(&cfg->ioctl_rwsem); 1273 rc = wait_event_interruptible(cfg->reset_waitq, 1274 cfg->state != STATE_RESET); 1275 down_read(&cfg->ioctl_rwsem); 1276 if (unlikely(rc)) 1277 break; 1278 goto retry; 1279 case STATE_FAILTERM: 1280 dev_dbg(dev, "%s: Failed/Terminating\n", __func__); 1281 rc = -ENODEV; 1282 break; 1283 default: 1284 break; 1285 } 1286 1287 return rc; 1288 } 1289 1290 /** 1291 * cxlflash_disk_attach() - attach a LUN to a context 1292 * @sdev: SCSI device associated with LUN. 1293 * @attach: Attach ioctl data structure. 1294 * 1295 * Creates a context and attaches LUN to it. A LUN can only be attached 1296 * one time to a context (subsequent attaches for the same context/LUN pair 1297 * are not supported). Additional LUNs can be attached to a context by 1298 * specifying the 'reuse' flag defined in the cxlflash_ioctl.h header. 1299 * 1300 * Return: 0 on success, -errno on failure 1301 */ 1302 static int cxlflash_disk_attach(struct scsi_device *sdev, 1303 struct dk_cxlflash_attach *attach) 1304 { 1305 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 1306 struct device *dev = &cfg->dev->dev; 1307 struct afu *afu = cfg->afu; 1308 struct llun_info *lli = sdev->hostdata; 1309 struct glun_info *gli = lli->parent; 1310 struct cxl_ioctl_start_work *work; 1311 struct ctx_info *ctxi = NULL; 1312 struct lun_access *lun_access = NULL; 1313 int rc = 0; 1314 u32 perms; 1315 int ctxid = -1; 1316 u64 flags = 0UL; 1317 u64 rctxid = 0UL; 1318 struct file *file = NULL; 1319 1320 struct cxl_context *ctx = NULL; 1321 1322 int fd = -1; 1323 1324 if (attach->num_interrupts > 4) { 1325 dev_dbg(dev, "%s: Cannot support this many interrupts %llu\n", 1326 __func__, attach->num_interrupts); 1327 rc = -EINVAL; 1328 goto out; 1329 } 1330 1331 if (gli->max_lba == 0) { 1332 dev_dbg(dev, "%s: No capacity info for LUN=%016llx\n", 1333 __func__, lli->lun_id[sdev->channel]); 1334 rc = read_cap16(sdev, lli); 1335 if (rc) { 1336 dev_err(dev, "%s: Invalid device rc=%d\n", 1337 __func__, rc); 1338 rc = -ENODEV; 1339 goto out; 1340 } 1341 dev_dbg(dev, "%s: LBA = %016llx\n", __func__, gli->max_lba); 1342 dev_dbg(dev, "%s: BLK_LEN = %08x\n", __func__, gli->blk_len); 1343 } 1344 1345 if (attach->hdr.flags & DK_CXLFLASH_ATTACH_REUSE_CONTEXT) { 1346 rctxid = attach->context_id; 1347 ctxi = get_context(cfg, rctxid, NULL, 0); 1348 if (!ctxi) { 1349 dev_dbg(dev, "%s: Bad context rctxid=%016llx\n", 1350 __func__, rctxid); 1351 rc = -EINVAL; 1352 goto out; 1353 } 1354 1355 list_for_each_entry(lun_access, &ctxi->luns, list) 1356 if (lun_access->lli == lli) { 1357 dev_dbg(dev, "%s: Already attached\n", 1358 __func__); 1359 rc = -EINVAL; 1360 goto out; 1361 } 1362 } 1363 1364 rc = scsi_device_get(sdev); 1365 if (unlikely(rc)) { 1366 dev_err(dev, "%s: Unable to get sdev reference\n", __func__); 1367 goto out; 1368 } 1369 1370 lun_access = kzalloc(sizeof(*lun_access), GFP_KERNEL); 1371 if (unlikely(!lun_access)) { 1372 dev_err(dev, "%s: Unable to allocate lun_access\n", __func__); 1373 rc = -ENOMEM; 1374 goto err; 1375 } 1376 1377 lun_access->lli = lli; 1378 lun_access->sdev = sdev; 1379 1380 /* Non-NULL context indicates reuse (another context reference) */ 1381 if (ctxi) { 1382 dev_dbg(dev, "%s: Reusing context for LUN rctxid=%016llx\n", 1383 __func__, rctxid); 1384 kref_get(&ctxi->kref); 1385 list_add(&lun_access->list, &ctxi->luns); 1386 goto out_attach; 1387 } 1388 1389 ctxi = create_context(cfg); 1390 if (unlikely(!ctxi)) { 1391 dev_err(dev, "%s: Failed to create context ctxid=%d\n", 1392 __func__, ctxid); 1393 rc = -ENOMEM; 1394 goto err; 1395 } 1396 1397 ctx = cxl_dev_context_init(cfg->dev); 1398 if (IS_ERR_OR_NULL(ctx)) { 1399 dev_err(dev, "%s: Could not initialize context %p\n", 1400 __func__, ctx); 1401 rc = -ENODEV; 1402 goto err; 1403 } 1404 1405 work = &ctxi->work; 1406 work->num_interrupts = attach->num_interrupts; 1407 work->flags = CXL_START_WORK_NUM_IRQS; 1408 1409 rc = cxl_start_work(ctx, work); 1410 if (unlikely(rc)) { 1411 dev_dbg(dev, "%s: Could not start context rc=%d\n", 1412 __func__, rc); 1413 goto err; 1414 } 1415 1416 ctxid = cxl_process_element(ctx); 1417 if (unlikely((ctxid >= MAX_CONTEXT) || (ctxid < 0))) { 1418 dev_err(dev, "%s: ctxid=%d invalid\n", __func__, ctxid); 1419 rc = -EPERM; 1420 goto err; 1421 } 1422 1423 file = cxl_get_fd(ctx, &cfg->cxl_fops, &fd); 1424 if (unlikely(fd < 0)) { 1425 rc = -ENODEV; 1426 dev_err(dev, "%s: Could not get file descriptor\n", __func__); 1427 goto err; 1428 } 1429 1430 /* Translate read/write O_* flags from fcntl.h to AFU permission bits */ 1431 perms = SISL_RHT_PERM(attach->hdr.flags + 1); 1432 1433 /* Context mutex is locked upon return */ 1434 init_context(ctxi, cfg, ctx, ctxid, file, perms); 1435 1436 rc = afu_attach(cfg, ctxi); 1437 if (unlikely(rc)) { 1438 dev_err(dev, "%s: Could not attach AFU rc %d\n", __func__, rc); 1439 goto err; 1440 } 1441 1442 /* 1443 * No error paths after this point. Once the fd is installed it's 1444 * visible to user space and can't be undone safely on this thread. 1445 * There is no need to worry about a deadlock here because no one 1446 * knows about us yet; we can be the only one holding our mutex. 1447 */ 1448 list_add(&lun_access->list, &ctxi->luns); 1449 mutex_lock(&cfg->ctx_tbl_list_mutex); 1450 mutex_lock(&ctxi->mutex); 1451 cfg->ctx_tbl[ctxid] = ctxi; 1452 mutex_unlock(&cfg->ctx_tbl_list_mutex); 1453 fd_install(fd, file); 1454 1455 out_attach: 1456 if (fd != -1) 1457 flags |= DK_CXLFLASH_APP_CLOSE_ADAP_FD; 1458 if (afu_is_sq_cmd_mode(afu)) 1459 flags |= DK_CXLFLASH_CONTEXT_SQ_CMD_MODE; 1460 1461 attach->hdr.return_flags = flags; 1462 attach->context_id = ctxi->ctxid; 1463 attach->block_size = gli->blk_len; 1464 attach->mmio_size = sizeof(afu->afu_map->hosts[0].harea); 1465 attach->last_lba = gli->max_lba; 1466 attach->max_xfer = sdev->host->max_sectors * MAX_SECTOR_UNIT; 1467 attach->max_xfer /= gli->blk_len; 1468 1469 out: 1470 attach->adap_fd = fd; 1471 1472 if (ctxi) 1473 put_context(ctxi); 1474 1475 dev_dbg(dev, "%s: returning ctxid=%d fd=%d bs=%lld rc=%d llba=%lld\n", 1476 __func__, ctxid, fd, attach->block_size, rc, attach->last_lba); 1477 return rc; 1478 1479 err: 1480 /* Cleanup CXL context; okay to 'stop' even if it was not started */ 1481 if (!IS_ERR_OR_NULL(ctx)) { 1482 cxl_stop_context(ctx); 1483 cxl_release_context(ctx); 1484 ctx = NULL; 1485 } 1486 1487 /* 1488 * Here, we're overriding the fops with a dummy all-NULL fops because 1489 * fput() calls the release fop, which will cause us to mistakenly 1490 * call into the CXL code. Rather than try to add yet more complexity 1491 * to that routine (cxlflash_cxl_release) we should try to fix the 1492 * issue here. 1493 */ 1494 if (fd > 0) { 1495 file->f_op = &null_fops; 1496 fput(file); 1497 put_unused_fd(fd); 1498 fd = -1; 1499 file = NULL; 1500 } 1501 1502 /* Cleanup our context */ 1503 if (ctxi) { 1504 destroy_context(cfg, ctxi); 1505 ctxi = NULL; 1506 } 1507 1508 kfree(lun_access); 1509 scsi_device_put(sdev); 1510 goto out; 1511 } 1512 1513 /** 1514 * recover_context() - recovers a context in error 1515 * @cfg: Internal structure associated with the host. 1516 * @ctxi: Context to release. 1517 * @adap_fd: Adapter file descriptor associated with new/recovered context. 1518 * 1519 * Restablishes the state for a context-in-error. 1520 * 1521 * Return: 0 on success, -errno on failure 1522 */ 1523 static int recover_context(struct cxlflash_cfg *cfg, 1524 struct ctx_info *ctxi, 1525 int *adap_fd) 1526 { 1527 struct device *dev = &cfg->dev->dev; 1528 int rc = 0; 1529 int fd = -1; 1530 int ctxid = -1; 1531 struct file *file; 1532 struct cxl_context *ctx; 1533 struct afu *afu = cfg->afu; 1534 1535 ctx = cxl_dev_context_init(cfg->dev); 1536 if (IS_ERR_OR_NULL(ctx)) { 1537 dev_err(dev, "%s: Could not initialize context %p\n", 1538 __func__, ctx); 1539 rc = -ENODEV; 1540 goto out; 1541 } 1542 1543 rc = cxl_start_work(ctx, &ctxi->work); 1544 if (unlikely(rc)) { 1545 dev_dbg(dev, "%s: Could not start context rc=%d\n", 1546 __func__, rc); 1547 goto err1; 1548 } 1549 1550 ctxid = cxl_process_element(ctx); 1551 if (unlikely((ctxid >= MAX_CONTEXT) || (ctxid < 0))) { 1552 dev_err(dev, "%s: ctxid=%d invalid\n", __func__, ctxid); 1553 rc = -EPERM; 1554 goto err2; 1555 } 1556 1557 file = cxl_get_fd(ctx, &cfg->cxl_fops, &fd); 1558 if (unlikely(fd < 0)) { 1559 rc = -ENODEV; 1560 dev_err(dev, "%s: Could not get file descriptor\n", __func__); 1561 goto err2; 1562 } 1563 1564 /* Update with new MMIO area based on updated context id */ 1565 ctxi->ctrl_map = &afu->afu_map->ctrls[ctxid].ctrl; 1566 1567 rc = afu_attach(cfg, ctxi); 1568 if (rc) { 1569 dev_err(dev, "%s: Could not attach AFU rc %d\n", __func__, rc); 1570 goto err3; 1571 } 1572 1573 /* 1574 * No error paths after this point. Once the fd is installed it's 1575 * visible to user space and can't be undone safely on this thread. 1576 */ 1577 ctxi->ctxid = ENCODE_CTXID(ctxi, ctxid); 1578 ctxi->ctx = ctx; 1579 ctxi->file = file; 1580 1581 /* 1582 * Put context back in table (note the reinit of the context list); 1583 * we must first drop the context's mutex and then acquire it in 1584 * order with the table/list mutex to avoid a deadlock - safe to do 1585 * here because no one can find us at this moment in time. 1586 */ 1587 mutex_unlock(&ctxi->mutex); 1588 mutex_lock(&cfg->ctx_tbl_list_mutex); 1589 mutex_lock(&ctxi->mutex); 1590 list_del_init(&ctxi->list); 1591 cfg->ctx_tbl[ctxid] = ctxi; 1592 mutex_unlock(&cfg->ctx_tbl_list_mutex); 1593 fd_install(fd, file); 1594 *adap_fd = fd; 1595 out: 1596 dev_dbg(dev, "%s: returning ctxid=%d fd=%d rc=%d\n", 1597 __func__, ctxid, fd, rc); 1598 return rc; 1599 1600 err3: 1601 fput(file); 1602 put_unused_fd(fd); 1603 err2: 1604 cxl_stop_context(ctx); 1605 err1: 1606 cxl_release_context(ctx); 1607 goto out; 1608 } 1609 1610 /** 1611 * cxlflash_afu_recover() - initiates AFU recovery 1612 * @sdev: SCSI device associated with LUN. 1613 * @recover: Recover ioctl data structure. 1614 * 1615 * Only a single recovery is allowed at a time to avoid exhausting CXL 1616 * resources (leading to recovery failure) in the event that we're up 1617 * against the maximum number of contexts limit. For similar reasons, 1618 * a context recovery is retried if there are multiple recoveries taking 1619 * place at the same time and the failure was due to CXL services being 1620 * unable to keep up. 1621 * 1622 * As this routine is called on ioctl context, it holds the ioctl r/w 1623 * semaphore that is used to drain ioctls in recovery scenarios. The 1624 * implementation to achieve the pacing described above (a local mutex) 1625 * requires that the ioctl r/w semaphore be dropped and reacquired to 1626 * avoid a 3-way deadlock when multiple process recoveries operate in 1627 * parallel. 1628 * 1629 * Because a user can detect an error condition before the kernel, it is 1630 * quite possible for this routine to act as the kernel's EEH detection 1631 * source (MMIO read of mbox_r). Because of this, there is a window of 1632 * time where an EEH might have been detected but not yet 'serviced' 1633 * (callback invoked, causing the device to enter reset state). To avoid 1634 * looping in this routine during that window, a 1 second sleep is in place 1635 * between the time the MMIO failure is detected and the time a wait on the 1636 * reset wait queue is attempted via check_state(). 1637 * 1638 * Return: 0 on success, -errno on failure 1639 */ 1640 static int cxlflash_afu_recover(struct scsi_device *sdev, 1641 struct dk_cxlflash_recover_afu *recover) 1642 { 1643 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 1644 struct device *dev = &cfg->dev->dev; 1645 struct llun_info *lli = sdev->hostdata; 1646 struct afu *afu = cfg->afu; 1647 struct ctx_info *ctxi = NULL; 1648 struct mutex *mutex = &cfg->ctx_recovery_mutex; 1649 struct hwq *hwq = get_hwq(afu, PRIMARY_HWQ); 1650 u64 flags; 1651 u64 ctxid = DECODE_CTXID(recover->context_id), 1652 rctxid = recover->context_id; 1653 long reg; 1654 bool locked = true; 1655 int lretry = 20; /* up to 2 seconds */ 1656 int new_adap_fd = -1; 1657 int rc = 0; 1658 1659 atomic_inc(&cfg->recovery_threads); 1660 up_read(&cfg->ioctl_rwsem); 1661 rc = mutex_lock_interruptible(mutex); 1662 down_read(&cfg->ioctl_rwsem); 1663 if (rc) { 1664 locked = false; 1665 goto out; 1666 } 1667 1668 rc = check_state(cfg); 1669 if (rc) { 1670 dev_err(dev, "%s: Failed state rc=%d\n", __func__, rc); 1671 rc = -ENODEV; 1672 goto out; 1673 } 1674 1675 dev_dbg(dev, "%s: reason=%016llx rctxid=%016llx\n", 1676 __func__, recover->reason, rctxid); 1677 1678 retry: 1679 /* Ensure that this process is attached to the context */ 1680 ctxi = get_context(cfg, rctxid, lli, CTX_CTRL_ERR_FALLBACK); 1681 if (unlikely(!ctxi)) { 1682 dev_dbg(dev, "%s: Bad context ctxid=%llu\n", __func__, ctxid); 1683 rc = -EINVAL; 1684 goto out; 1685 } 1686 1687 if (ctxi->err_recovery_active) { 1688 retry_recover: 1689 rc = recover_context(cfg, ctxi, &new_adap_fd); 1690 if (unlikely(rc)) { 1691 dev_err(dev, "%s: Recovery failed ctxid=%llu rc=%d\n", 1692 __func__, ctxid, rc); 1693 if ((rc == -ENODEV) && 1694 ((atomic_read(&cfg->recovery_threads) > 1) || 1695 (lretry--))) { 1696 dev_dbg(dev, "%s: Going to try again\n", 1697 __func__); 1698 mutex_unlock(mutex); 1699 msleep(100); 1700 rc = mutex_lock_interruptible(mutex); 1701 if (rc) { 1702 locked = false; 1703 goto out; 1704 } 1705 goto retry_recover; 1706 } 1707 1708 goto out; 1709 } 1710 1711 ctxi->err_recovery_active = false; 1712 1713 flags = DK_CXLFLASH_APP_CLOSE_ADAP_FD | 1714 DK_CXLFLASH_RECOVER_AFU_CONTEXT_RESET; 1715 if (afu_is_sq_cmd_mode(afu)) 1716 flags |= DK_CXLFLASH_CONTEXT_SQ_CMD_MODE; 1717 1718 recover->hdr.return_flags = flags; 1719 recover->context_id = ctxi->ctxid; 1720 recover->adap_fd = new_adap_fd; 1721 recover->mmio_size = sizeof(afu->afu_map->hosts[0].harea); 1722 goto out; 1723 } 1724 1725 /* Test if in error state */ 1726 reg = readq_be(&hwq->ctrl_map->mbox_r); 1727 if (reg == -1) { 1728 dev_dbg(dev, "%s: MMIO fail, wait for recovery.\n", __func__); 1729 1730 /* 1731 * Before checking the state, put back the context obtained with 1732 * get_context() as it is no longer needed and sleep for a short 1733 * period of time (see prolog notes). 1734 */ 1735 put_context(ctxi); 1736 ctxi = NULL; 1737 ssleep(1); 1738 rc = check_state(cfg); 1739 if (unlikely(rc)) 1740 goto out; 1741 goto retry; 1742 } 1743 1744 dev_dbg(dev, "%s: MMIO working, no recovery required\n", __func__); 1745 out: 1746 if (likely(ctxi)) 1747 put_context(ctxi); 1748 if (locked) 1749 mutex_unlock(mutex); 1750 atomic_dec_if_positive(&cfg->recovery_threads); 1751 return rc; 1752 } 1753 1754 /** 1755 * process_sense() - evaluates and processes sense data 1756 * @sdev: SCSI device associated with LUN. 1757 * @verify: Verify ioctl data structure. 1758 * 1759 * Return: 0 on success, -errno on failure 1760 */ 1761 static int process_sense(struct scsi_device *sdev, 1762 struct dk_cxlflash_verify *verify) 1763 { 1764 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 1765 struct device *dev = &cfg->dev->dev; 1766 struct llun_info *lli = sdev->hostdata; 1767 struct glun_info *gli = lli->parent; 1768 u64 prev_lba = gli->max_lba; 1769 struct scsi_sense_hdr sshdr = { 0 }; 1770 int rc = 0; 1771 1772 rc = scsi_normalize_sense((const u8 *)&verify->sense_data, 1773 DK_CXLFLASH_VERIFY_SENSE_LEN, &sshdr); 1774 if (!rc) { 1775 dev_err(dev, "%s: Failed to normalize sense data\n", __func__); 1776 rc = -EINVAL; 1777 goto out; 1778 } 1779 1780 switch (sshdr.sense_key) { 1781 case NO_SENSE: 1782 case RECOVERED_ERROR: 1783 /* fall through */ 1784 case NOT_READY: 1785 break; 1786 case UNIT_ATTENTION: 1787 switch (sshdr.asc) { 1788 case 0x29: /* Power on Reset or Device Reset */ 1789 /* fall through */ 1790 case 0x2A: /* Device settings/capacity changed */ 1791 rc = read_cap16(sdev, lli); 1792 if (rc) { 1793 rc = -ENODEV; 1794 break; 1795 } 1796 if (prev_lba != gli->max_lba) 1797 dev_dbg(dev, "%s: Capacity changed old=%lld " 1798 "new=%lld\n", __func__, prev_lba, 1799 gli->max_lba); 1800 break; 1801 case 0x3F: /* Report LUNs changed, Rescan. */ 1802 scsi_scan_host(cfg->host); 1803 break; 1804 default: 1805 rc = -EIO; 1806 break; 1807 } 1808 break; 1809 default: 1810 rc = -EIO; 1811 break; 1812 } 1813 out: 1814 dev_dbg(dev, "%s: sense_key %x asc %x ascq %x rc %d\n", __func__, 1815 sshdr.sense_key, sshdr.asc, sshdr.ascq, rc); 1816 return rc; 1817 } 1818 1819 /** 1820 * cxlflash_disk_verify() - verifies a LUN is the same and handle size changes 1821 * @sdev: SCSI device associated with LUN. 1822 * @verify: Verify ioctl data structure. 1823 * 1824 * Return: 0 on success, -errno on failure 1825 */ 1826 static int cxlflash_disk_verify(struct scsi_device *sdev, 1827 struct dk_cxlflash_verify *verify) 1828 { 1829 int rc = 0; 1830 struct ctx_info *ctxi = NULL; 1831 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 1832 struct device *dev = &cfg->dev->dev; 1833 struct llun_info *lli = sdev->hostdata; 1834 struct glun_info *gli = lli->parent; 1835 struct sisl_rht_entry *rhte = NULL; 1836 res_hndl_t rhndl = verify->rsrc_handle; 1837 u64 ctxid = DECODE_CTXID(verify->context_id), 1838 rctxid = verify->context_id; 1839 u64 last_lba = 0; 1840 1841 dev_dbg(dev, "%s: ctxid=%llu rhndl=%016llx, hint=%016llx, " 1842 "flags=%016llx\n", __func__, ctxid, verify->rsrc_handle, 1843 verify->hint, verify->hdr.flags); 1844 1845 ctxi = get_context(cfg, rctxid, lli, 0); 1846 if (unlikely(!ctxi)) { 1847 dev_dbg(dev, "%s: Bad context ctxid=%llu\n", __func__, ctxid); 1848 rc = -EINVAL; 1849 goto out; 1850 } 1851 1852 rhte = get_rhte(ctxi, rhndl, lli); 1853 if (unlikely(!rhte)) { 1854 dev_dbg(dev, "%s: Bad resource handle rhndl=%d\n", 1855 __func__, rhndl); 1856 rc = -EINVAL; 1857 goto out; 1858 } 1859 1860 /* 1861 * Look at the hint/sense to see if it requires us to redrive 1862 * inquiry (i.e. the Unit attention is due to the WWN changing). 1863 */ 1864 if (verify->hint & DK_CXLFLASH_VERIFY_HINT_SENSE) { 1865 /* Can't hold mutex across process_sense/read_cap16, 1866 * since we could have an intervening EEH event. 1867 */ 1868 ctxi->unavail = true; 1869 mutex_unlock(&ctxi->mutex); 1870 rc = process_sense(sdev, verify); 1871 if (unlikely(rc)) { 1872 dev_err(dev, "%s: Failed to validate sense data (%d)\n", 1873 __func__, rc); 1874 mutex_lock(&ctxi->mutex); 1875 ctxi->unavail = false; 1876 goto out; 1877 } 1878 mutex_lock(&ctxi->mutex); 1879 ctxi->unavail = false; 1880 } 1881 1882 switch (gli->mode) { 1883 case MODE_PHYSICAL: 1884 last_lba = gli->max_lba; 1885 break; 1886 case MODE_VIRTUAL: 1887 /* Cast lxt_cnt to u64 for multiply to be treated as 64bit op */ 1888 last_lba = ((u64)rhte->lxt_cnt * MC_CHUNK_SIZE * gli->blk_len); 1889 last_lba /= CXLFLASH_BLOCK_SIZE; 1890 last_lba--; 1891 break; 1892 default: 1893 WARN(1, "Unsupported LUN mode!"); 1894 } 1895 1896 verify->last_lba = last_lba; 1897 1898 out: 1899 if (likely(ctxi)) 1900 put_context(ctxi); 1901 dev_dbg(dev, "%s: returning rc=%d llba=%llx\n", 1902 __func__, rc, verify->last_lba); 1903 return rc; 1904 } 1905 1906 /** 1907 * decode_ioctl() - translates an encoded ioctl to an easily identifiable string 1908 * @cmd: The ioctl command to decode. 1909 * 1910 * Return: A string identifying the decoded ioctl. 1911 */ 1912 static char *decode_ioctl(int cmd) 1913 { 1914 switch (cmd) { 1915 case DK_CXLFLASH_ATTACH: 1916 return __stringify_1(DK_CXLFLASH_ATTACH); 1917 case DK_CXLFLASH_USER_DIRECT: 1918 return __stringify_1(DK_CXLFLASH_USER_DIRECT); 1919 case DK_CXLFLASH_USER_VIRTUAL: 1920 return __stringify_1(DK_CXLFLASH_USER_VIRTUAL); 1921 case DK_CXLFLASH_VLUN_RESIZE: 1922 return __stringify_1(DK_CXLFLASH_VLUN_RESIZE); 1923 case DK_CXLFLASH_RELEASE: 1924 return __stringify_1(DK_CXLFLASH_RELEASE); 1925 case DK_CXLFLASH_DETACH: 1926 return __stringify_1(DK_CXLFLASH_DETACH); 1927 case DK_CXLFLASH_VERIFY: 1928 return __stringify_1(DK_CXLFLASH_VERIFY); 1929 case DK_CXLFLASH_VLUN_CLONE: 1930 return __stringify_1(DK_CXLFLASH_VLUN_CLONE); 1931 case DK_CXLFLASH_RECOVER_AFU: 1932 return __stringify_1(DK_CXLFLASH_RECOVER_AFU); 1933 case DK_CXLFLASH_MANAGE_LUN: 1934 return __stringify_1(DK_CXLFLASH_MANAGE_LUN); 1935 } 1936 1937 return "UNKNOWN"; 1938 } 1939 1940 /** 1941 * cxlflash_disk_direct_open() - opens a direct (physical) disk 1942 * @sdev: SCSI device associated with LUN. 1943 * @arg: UDirect ioctl data structure. 1944 * 1945 * On successful return, the user is informed of the resource handle 1946 * to be used to identify the direct lun and the size (in blocks) of 1947 * the direct lun in last LBA format. 1948 * 1949 * Return: 0 on success, -errno on failure 1950 */ 1951 static int cxlflash_disk_direct_open(struct scsi_device *sdev, void *arg) 1952 { 1953 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 1954 struct device *dev = &cfg->dev->dev; 1955 struct afu *afu = cfg->afu; 1956 struct llun_info *lli = sdev->hostdata; 1957 struct glun_info *gli = lli->parent; 1958 struct dk_cxlflash_release rel = { { 0 }, 0 }; 1959 1960 struct dk_cxlflash_udirect *pphys = (struct dk_cxlflash_udirect *)arg; 1961 1962 u64 ctxid = DECODE_CTXID(pphys->context_id), 1963 rctxid = pphys->context_id; 1964 u64 lun_size = 0; 1965 u64 last_lba = 0; 1966 u64 rsrc_handle = -1; 1967 u32 port = CHAN2PORTMASK(sdev->channel); 1968 1969 int rc = 0; 1970 1971 struct ctx_info *ctxi = NULL; 1972 struct sisl_rht_entry *rhte = NULL; 1973 1974 dev_dbg(dev, "%s: ctxid=%llu ls=%llu\n", __func__, ctxid, lun_size); 1975 1976 rc = cxlflash_lun_attach(gli, MODE_PHYSICAL, false); 1977 if (unlikely(rc)) { 1978 dev_dbg(dev, "%s: Failed attach to LUN (PHYSICAL)\n", __func__); 1979 goto out; 1980 } 1981 1982 ctxi = get_context(cfg, rctxid, lli, 0); 1983 if (unlikely(!ctxi)) { 1984 dev_dbg(dev, "%s: Bad context ctxid=%llu\n", __func__, ctxid); 1985 rc = -EINVAL; 1986 goto err1; 1987 } 1988 1989 rhte = rhte_checkout(ctxi, lli); 1990 if (unlikely(!rhte)) { 1991 dev_dbg(dev, "%s: Too many opens ctxid=%lld\n", 1992 __func__, ctxid); 1993 rc = -EMFILE; /* too many opens */ 1994 goto err1; 1995 } 1996 1997 rsrc_handle = (rhte - ctxi->rht_start); 1998 1999 rht_format1(rhte, lli->lun_id[sdev->channel], ctxi->rht_perms, port); 2000 2001 last_lba = gli->max_lba; 2002 pphys->hdr.return_flags = 0; 2003 pphys->last_lba = last_lba; 2004 pphys->rsrc_handle = rsrc_handle; 2005 2006 rc = cxlflash_afu_sync(afu, ctxid, rsrc_handle, AFU_LW_SYNC); 2007 if (unlikely(rc)) { 2008 dev_dbg(dev, "%s: AFU sync failed rc=%d\n", __func__, rc); 2009 goto err2; 2010 } 2011 2012 out: 2013 if (likely(ctxi)) 2014 put_context(ctxi); 2015 dev_dbg(dev, "%s: returning handle=%llu rc=%d llba=%llu\n", 2016 __func__, rsrc_handle, rc, last_lba); 2017 return rc; 2018 2019 err2: 2020 marshal_udir_to_rele(pphys, &rel); 2021 _cxlflash_disk_release(sdev, ctxi, &rel); 2022 goto out; 2023 err1: 2024 cxlflash_lun_detach(gli); 2025 goto out; 2026 } 2027 2028 /** 2029 * ioctl_common() - common IOCTL handler for driver 2030 * @sdev: SCSI device associated with LUN. 2031 * @cmd: IOCTL command. 2032 * 2033 * Handles common fencing operations that are valid for multiple ioctls. Always 2034 * allow through ioctls that are cleanup oriented in nature, even when operating 2035 * in a failed/terminating state. 2036 * 2037 * Return: 0 on success, -errno on failure 2038 */ 2039 static int ioctl_common(struct scsi_device *sdev, int cmd) 2040 { 2041 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 2042 struct device *dev = &cfg->dev->dev; 2043 struct llun_info *lli = sdev->hostdata; 2044 int rc = 0; 2045 2046 if (unlikely(!lli)) { 2047 dev_dbg(dev, "%s: Unknown LUN\n", __func__); 2048 rc = -EINVAL; 2049 goto out; 2050 } 2051 2052 rc = check_state(cfg); 2053 if (unlikely(rc) && (cfg->state == STATE_FAILTERM)) { 2054 switch (cmd) { 2055 case DK_CXLFLASH_VLUN_RESIZE: 2056 case DK_CXLFLASH_RELEASE: 2057 case DK_CXLFLASH_DETACH: 2058 dev_dbg(dev, "%s: Command override rc=%d\n", 2059 __func__, rc); 2060 rc = 0; 2061 break; 2062 } 2063 } 2064 out: 2065 return rc; 2066 } 2067 2068 /** 2069 * cxlflash_ioctl() - IOCTL handler for driver 2070 * @sdev: SCSI device associated with LUN. 2071 * @cmd: IOCTL command. 2072 * @arg: Userspace ioctl data structure. 2073 * 2074 * A read/write semaphore is used to implement a 'drain' of currently 2075 * running ioctls. The read semaphore is taken at the beginning of each 2076 * ioctl thread and released upon concluding execution. Additionally the 2077 * semaphore should be released and then reacquired in any ioctl execution 2078 * path which will wait for an event to occur that is outside the scope of 2079 * the ioctl (i.e. an adapter reset). To drain the ioctls currently running, 2080 * a thread simply needs to acquire the write semaphore. 2081 * 2082 * Return: 0 on success, -errno on failure 2083 */ 2084 int cxlflash_ioctl(struct scsi_device *sdev, int cmd, void __user *arg) 2085 { 2086 typedef int (*sioctl) (struct scsi_device *, void *); 2087 2088 struct cxlflash_cfg *cfg = shost_priv(sdev->host); 2089 struct device *dev = &cfg->dev->dev; 2090 struct afu *afu = cfg->afu; 2091 struct dk_cxlflash_hdr *hdr; 2092 char buf[sizeof(union cxlflash_ioctls)]; 2093 size_t size = 0; 2094 bool known_ioctl = false; 2095 int idx; 2096 int rc = 0; 2097 struct Scsi_Host *shost = sdev->host; 2098 sioctl do_ioctl = NULL; 2099 2100 static const struct { 2101 size_t size; 2102 sioctl ioctl; 2103 } ioctl_tbl[] = { /* NOTE: order matters here */ 2104 {sizeof(struct dk_cxlflash_attach), (sioctl)cxlflash_disk_attach}, 2105 {sizeof(struct dk_cxlflash_udirect), cxlflash_disk_direct_open}, 2106 {sizeof(struct dk_cxlflash_release), (sioctl)cxlflash_disk_release}, 2107 {sizeof(struct dk_cxlflash_detach), (sioctl)cxlflash_disk_detach}, 2108 {sizeof(struct dk_cxlflash_verify), (sioctl)cxlflash_disk_verify}, 2109 {sizeof(struct dk_cxlflash_recover_afu), (sioctl)cxlflash_afu_recover}, 2110 {sizeof(struct dk_cxlflash_manage_lun), (sioctl)cxlflash_manage_lun}, 2111 {sizeof(struct dk_cxlflash_uvirtual), cxlflash_disk_virtual_open}, 2112 {sizeof(struct dk_cxlflash_resize), (sioctl)cxlflash_vlun_resize}, 2113 {sizeof(struct dk_cxlflash_clone), (sioctl)cxlflash_disk_clone}, 2114 }; 2115 2116 /* Hold read semaphore so we can drain if needed */ 2117 down_read(&cfg->ioctl_rwsem); 2118 2119 /* Restrict command set to physical support only for internal LUN */ 2120 if (afu->internal_lun) 2121 switch (cmd) { 2122 case DK_CXLFLASH_RELEASE: 2123 case DK_CXLFLASH_USER_VIRTUAL: 2124 case DK_CXLFLASH_VLUN_RESIZE: 2125 case DK_CXLFLASH_VLUN_CLONE: 2126 dev_dbg(dev, "%s: %s not supported for lun_mode=%d\n", 2127 __func__, decode_ioctl(cmd), afu->internal_lun); 2128 rc = -EINVAL; 2129 goto cxlflash_ioctl_exit; 2130 } 2131 2132 switch (cmd) { 2133 case DK_CXLFLASH_ATTACH: 2134 case DK_CXLFLASH_USER_DIRECT: 2135 case DK_CXLFLASH_RELEASE: 2136 case DK_CXLFLASH_DETACH: 2137 case DK_CXLFLASH_VERIFY: 2138 case DK_CXLFLASH_RECOVER_AFU: 2139 case DK_CXLFLASH_USER_VIRTUAL: 2140 case DK_CXLFLASH_VLUN_RESIZE: 2141 case DK_CXLFLASH_VLUN_CLONE: 2142 dev_dbg(dev, "%s: %s (%08X) on dev(%d/%d/%d/%llu)\n", 2143 __func__, decode_ioctl(cmd), cmd, shost->host_no, 2144 sdev->channel, sdev->id, sdev->lun); 2145 rc = ioctl_common(sdev, cmd); 2146 if (unlikely(rc)) 2147 goto cxlflash_ioctl_exit; 2148 2149 /* fall through */ 2150 2151 case DK_CXLFLASH_MANAGE_LUN: 2152 known_ioctl = true; 2153 idx = _IOC_NR(cmd) - _IOC_NR(DK_CXLFLASH_ATTACH); 2154 size = ioctl_tbl[idx].size; 2155 do_ioctl = ioctl_tbl[idx].ioctl; 2156 2157 if (likely(do_ioctl)) 2158 break; 2159 2160 /* fall through */ 2161 default: 2162 rc = -EINVAL; 2163 goto cxlflash_ioctl_exit; 2164 } 2165 2166 if (unlikely(copy_from_user(&buf, arg, size))) { 2167 dev_err(dev, "%s: copy_from_user() fail " 2168 "size=%lu cmd=%d (%s) arg=%p\n", 2169 __func__, size, cmd, decode_ioctl(cmd), arg); 2170 rc = -EFAULT; 2171 goto cxlflash_ioctl_exit; 2172 } 2173 2174 hdr = (struct dk_cxlflash_hdr *)&buf; 2175 if (hdr->version != DK_CXLFLASH_VERSION_0) { 2176 dev_dbg(dev, "%s: Version %u not supported for %s\n", 2177 __func__, hdr->version, decode_ioctl(cmd)); 2178 rc = -EINVAL; 2179 goto cxlflash_ioctl_exit; 2180 } 2181 2182 if (hdr->rsvd[0] || hdr->rsvd[1] || hdr->rsvd[2] || hdr->return_flags) { 2183 dev_dbg(dev, "%s: Reserved/rflags populated\n", __func__); 2184 rc = -EINVAL; 2185 goto cxlflash_ioctl_exit; 2186 } 2187 2188 rc = do_ioctl(sdev, (void *)&buf); 2189 if (likely(!rc)) 2190 if (unlikely(copy_to_user(arg, &buf, size))) { 2191 dev_err(dev, "%s: copy_to_user() fail " 2192 "size=%lu cmd=%d (%s) arg=%p\n", 2193 __func__, size, cmd, decode_ioctl(cmd), arg); 2194 rc = -EFAULT; 2195 } 2196 2197 /* fall through to exit */ 2198 2199 cxlflash_ioctl_exit: 2200 up_read(&cfg->ioctl_rwsem); 2201 if (unlikely(rc && known_ioctl)) 2202 dev_err(dev, "%s: ioctl %s (%08X) on dev(%d/%d/%d/%llu) " 2203 "returned rc %d\n", __func__, 2204 decode_ioctl(cmd), cmd, shost->host_no, 2205 sdev->channel, sdev->id, sdev->lun, rc); 2206 else 2207 dev_dbg(dev, "%s: ioctl %s (%08X) on dev(%d/%d/%d/%llu) " 2208 "returned rc %d\n", __func__, decode_ioctl(cmd), 2209 cmd, shost->host_no, sdev->channel, sdev->id, 2210 sdev->lun, rc); 2211 return rc; 2212 } 2213